RubyGems - workos - Versions diffs - 2.5.1 → 2.7.0 - Mend

workos 2.5.1 → 2.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

checksums.yaml +4 -4
data/Gemfile.lock +13 -11
data/lib/workos/audit_log_export.rb +55 -0
data/lib/workos/audit_logs.rb +107 -0
data/lib/workos/client.rb +2 -0
data/lib/workos/errors.rb +15 -1
data/lib/workos/organizations.rb +4 -1
data/lib/workos/types/audit_log_export_struct.rb +17 -0
data/lib/workos/types/intent_enum.rb +1 -0
data/lib/workos/types.rb +1 -0
data/lib/workos/version.rb +1 -1
data/lib/workos/webhooks.rb +49 -2
data/lib/workos.rb +2 -0
data/sorbet/rbi/sorbet-typed/lib/rainbow/all/rainbow.rbi +5 -5
data/spec/lib/workos/audit_logs_spec.rb +149 -0
data/spec/lib/workos/organizations_spec.rb +73 -9
data/spec/lib/workos/portal_spec.rb +15 -0
data/spec/lib/workos/webhooks_spec.rb +130 -84
data/spec/support/fixtures/vcr_cassettes/audit_logs/create_event.yml +59 -0
data/spec/support/fixtures/vcr_cassettes/audit_logs/create_event_custom_idempotency_key.yml +60 -0
data/spec/support/fixtures/vcr_cassettes/audit_logs/create_event_invalid.yml +59 -0
data/spec/support/fixtures/vcr_cassettes/audit_logs/create_export.yml +76 -0
data/spec/support/fixtures/vcr_cassettes/audit_logs/create_export_with_filters.yml +78 -0
data/spec/support/fixtures/vcr_cassettes/audit_logs/get_export.yml +73 -0
data/spec/support/fixtures/vcr_cassettes/organization/create_with_duplicate_idempotency_key_and_different_payload.yml +155 -0
data/spec/support/fixtures/vcr_cassettes/organization/create_with_duplicate_idempotency_key_and_payload.yml +154 -0
data/spec/support/fixtures/vcr_cassettes/organization/create_with_idempotency_key.yml +79 -0
data/spec/support/fixtures/vcr_cassettes/portal/generate_link_audit_logs.yml +72 -0
data/spec/support/webhook_payload.txt +1 -1
metadata +28 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: efe8fb9e00262c08d11cebcc39e65ad5728771bb1f132ea88302c78205134a3b
-  data.tar.gz: 1532164858cc02a9e46d9cb8ac0c10b0e5401812da204840cd3760342462bfb7
+  metadata.gz: f9c1d1a239604c91126acc4b7c4482abaf306abf129eb9c4260cd2af6eb832a8
+  data.tar.gz: e614d8659cac83f4f1d4aca7ac930b6f1a89aa14f09bb4905b44797b77ee41cc
 SHA512:
-  metadata.gz: bd4c7ada118af7b5ee60d28db25844264bda9a8249b0b3d0a33c11696c77f57d020cfe6e7410d4661bb7c3832e0ec83af2acc0468b4dc4b21e633a5af12bec16
-  data.tar.gz: 8ecebf2811768a093ae87518124b4e1ff8bb3caefbc3ed1ff36ea0a81243030968bf204d535c63422e43718d811f13c682ad058c33e132977b283509457e30f3
+  metadata.gz: c7ac7ebb757400aa6f4195776662347cc0763aab1170d5a3678fa96324d6fcd5f59a80e75cd3df2082d710beff957f97cb0de6c287a9ea1ebf7631dcdf41ad3c
+  data.tar.gz: c655246d047fd79f7ab963b44ab5ab37912c5b8e4a7663cb9597c505cdc99903c308dd74fa024968d45dd4aff624e8b379be3a162b5c7082d9aa99fbc0749ee6

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    workos (2.5.1)
+    workos (2.7.0)
       sorbet-runtime (~> 0.5)
 GEM
@@ -58,17 +58,19 @@ GEM
       simplecov_json_formatter (~> 0.1)
     simplecov-html (0.12.3)
     simplecov_json_formatter (0.1.2)
-    sorbet (0.5.6388)
-      sorbet-static (= 0.5.6388)
+    sorbet (0.5.10346)
+      sorbet-static (= 0.5.10346)
     sorbet-runtime (0.5.10323)
-    sorbet-static (0.5.6388-universal-darwin-14)
-    sorbet-static (0.5.6388-universal-darwin-15)
-    sorbet-static (0.5.6388-universal-darwin-16)
-    sorbet-static (0.5.6388-universal-darwin-17)
-    sorbet-static (0.5.6388-universal-darwin-18)
-    sorbet-static (0.5.6388-universal-darwin-19)
-    sorbet-static (0.5.6388-universal-darwin-20)
-    sorbet-static (0.5.6388-x86_64-linux)
+    sorbet-static (0.5.10346-universal-darwin-14)
+    sorbet-static (0.5.10346-universal-darwin-15)
+    sorbet-static (0.5.10346-universal-darwin-16)
+    sorbet-static (0.5.10346-universal-darwin-17)
+    sorbet-static (0.5.10346-universal-darwin-18)
+    sorbet-static (0.5.10346-universal-darwin-19)
+    sorbet-static (0.5.10346-universal-darwin-20)
+    sorbet-static (0.5.10346-universal-darwin-21)
+    sorbet-static (0.5.10346-universal-darwin-22)
+    sorbet-static (0.5.10346-x86_64-linux)
     unicode-display_width (1.7.0)
     vcr (5.0.0)
     webmock (3.12.2)

data/lib/workos/audit_log_export.rb ADDED Viewed

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+# typed: true
+module WorkOS
+  # The AuditLogExport class represents the WorkOS entity created when exporting Audit Log Events.
+  class AuditLogExport
+    include HashProvider
+    extend T::Sig
+    attr_accessor :object, :id, :state, :url, :created_at, :updated_at
+    sig { params(json: String).void }
+    def initialize(json)
+      raw = parse_json(json)
+      @object = T.let(raw.object, String)
+      @id = T.let(raw.id, String)
+      @state = T.let(raw.state, String)
+      @url = raw.url
+      @created_at = T.let(raw.created_at, String)
+      @updated_at = T.let(raw.updated_at, String)
+    end
+    def to_json(*)
+      {
+        object: object,
+        id: id,
+        state: state,
+        url: url,
+        created_at: created_at,
+        updated_at: updated_at,
+      }
+    end
+    private
+    sig do
+      params(
+        json_string: String,
+      ).returns(WorkOS::Types::AuditLogExportStruct)
+    end
+    def parse_json(json_string)
+      hash = JSON.parse(json_string, symbolize_names: true)
+      WorkOS::Types::AuditLogExportStruct.new(
+        object: hash[:object],
+        id: hash[:id],
+        state: hash[:state],
+        url: hash[:url],
+        created_at: hash[:created_at],
+        updated_at: hash[:updated_at],
+      )
+    end
+  end
+end

data/lib/workos/audit_logs.rb ADDED Viewed

@@ -0,0 +1,107 @@
+# frozen_string_literal: true
+# typed: true
+require 'net/http'
+require 'uri'
+module WorkOS
+  # The Audit Logs module provides convenience methods for working with the
+  # WorkOS Audit Logs platform. You'll need a valid API key.
+  module AuditLogs
+    class << self
+      extend T::Sig
+      include Client
+      # Create an Audit Log Event.
+      #
+      # @param [String] organization An Organization ID
+      # @param [Hash] event An Audit Log Event
+      # @param [String] idempotency_key An idempotency key
+      #
+      # @return [nil]
+      sig do
+        params(
+          organization: String,
+          event: Hash,
+          idempotency_key: T.nilable(String),
+        ).void
+      end
+      def create_event(organization:, event:, idempotency_key: nil)
+        request = post_request(
+          path: '/audit_logs/events',
+          auth: true,
+          idempotency_key: idempotency_key,
+          body: {
+            organization_id: organization,
+            event: event,
+          },
+        )
+        execute_request(request: request)
+      end
+      # Create an Export of Audit Log Events.
+      #
+      # @param [String] organization An Organization ID
+      # @param [String] range_start ISO-8601 datetime
+      # @param [String] range_end ISO-8601 datetime
+      # @param [Array<String>] actions A list of actions to filter by
+      # @param [Array<String>] actors A list of actor names to filter by
+      # @param [Array<String>] targets A list of target types to filter by
+      #
+      # @return [WorkOS::AuditLogExport]
+      sig do
+        params(
+          organization: String,
+          range_start: String,
+          range_end: String,
+          actions: T.nilable(T::Array[String]),
+          actors: T.nilable(T::Array[String]),
+          targets: T.nilable(T::Array[String]),
+        ).returns(WorkOS::AuditLogExport)
+      end
+      def create_export(organization:, range_start:, range_end:, actions: nil, actors: nil, targets: nil)
+        body = {
+          organization_id: organization,
+          range_start: range_start,
+          range_end: range_end,
+        }
+        body['actions'] = actions unless actions.nil?
+        body['actors'] = actors unless actors.nil?
+        body['targets'] = targets unless targets.nil?
+        request = post_request(
+          path: '/audit_logs/exports',
+          auth: true,
+          body: body,
+        )
+        response = execute_request(request: request)
+        WorkOS::AuditLogExport.new(response.body)
+      end
+      # Retrieves an Export of Audit Log Events
+      #
+      # @param [String] id An Audit Log Export ID
+      #
+      # @return [WorkOS::AuditLogExport]
+      sig do
+        params(
+          id: String,
+        ).returns(WorkOS::AuditLogExport)
+      end
+      def get_export(id:)
+        request = get_request(
+          auth: true,
+          path: "/audit_logs/exports/#{id}",
+        )
+        response = execute_request(request: request)
+        WorkOS::AuditLogExport.new(response.body)
+      end
+    end
+  end
+end

data/lib/workos/client.rb CHANGED Viewed

@@ -138,6 +138,8 @@ module WorkOS
           message: json['message'],
           http_status: http_status,
           request_id: response['x-request-id'],
+          code: json['code'],
+          errors: json['errors'],
         )
       when 401
         raise AuthenticationError.new(

data/lib/workos/errors.rb CHANGED Viewed

@@ -9,7 +9,10 @@ module WorkOS
     attr_reader :http_status
     attr_reader :request_id
+    attr_reader :code
+    attr_reader :errors
+    # rubocop:disable Metrics/ParameterLists
     sig do
       params(
         message: T.nilable(String),
@@ -18,16 +21,27 @@ module WorkOS
         http_status: T.nilable(Integer),
         request_id: T.nilable(String),
         code: T.nilable(String),
+        errors: T.nilable(T::Array[T::Hash[T.untyped, T.untyped]]),
       ).void
     end
-    def initialize(message: nil, error: nil, error_description: nil, http_status: nil, request_id: nil, code: nil)
+    def initialize(
+      message: nil,
+      error: nil,
+      error_description: nil,
+      http_status: nil,
+      request_id: nil,
+      code: nil,
+      errors: nil
+    )
       @message = message
       @error = error
       @error_description = error_description
       @http_status = http_status
       @request_id = request_id
       @code = code
+      @errors = errors
     end
+    # rubocop:enable Metrics/ParameterLists
     sig { returns(String) }
     def to_s

data/lib/workos/organizations.rb CHANGED Viewed

@@ -82,14 +82,16 @@ module WorkOS
       # @param [String] name A unique, descriptive name for the organization
       # @param [Boolean, nil] allow_profiles_outside_organization Whether Connections
       #  within the Organization allow profiles that are outside of the Organization's configured User Email Domains.
+      # @param [String] idempotency_key An idempotency key
       sig do
         params(
           domains: T::Array[String],
           name: String,
           allow_profiles_outside_organization: T.nilable(T::Boolean),
+          idempotency_key: T.nilable(String),
         ).returns(WorkOS::Organization)
       end
-      def create_organization(domains:, name:, allow_profiles_outside_organization: nil)
+      def create_organization(domains:, name:, allow_profiles_outside_organization: nil, idempotency_key: nil)
         request = post_request(
           auth: true,
           body: {
@@ -98,6 +100,7 @@ module WorkOS
             allow_profiles_outside_organization: allow_profiles_outside_organization,
           },
           path: '/organizations',
+          idempotency_key: idempotency_key,
         )
         response = execute_request(request: request)

data/lib/workos/types/audit_log_export_struct.rb ADDED Viewed

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+# typed: strict
+module WorkOS
+  module Types
+    # This AuditLogExportStruct acts as a typed interface
+    # for the AuditLogExport class
+    class AuditLogExportStruct < T::Struct
+      const :object, String
+      const :id, String
+      const :state, String
+      const :url, T.nilable(String)
+      const :created_at, String
+      const :updated_at, String
+    end
+  end
+end

data/lib/workos/types/intent_enum.rb CHANGED Viewed

@@ -9,6 +9,7 @@ module WorkOS
       enums do
         SSO = new('sso')
         DSYNC = new('dsync')
+        AUDIT_LOGS = new('audit_logs')
       end
     end
   end

data/lib/workos/types.rb CHANGED Viewed

@@ -5,6 +5,7 @@ module WorkOS
   # WorkOS believes strongly in typed languages,
   # so we're using Sorbet throughout this Ruby gem.
   module Types
+    require_relative 'types/audit_log_export_struct'
     require_relative 'types/connection_struct'
     require_relative 'types/directory_struct'
     require_relative 'types/directory_group_struct'

data/lib/workos/version.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 # typed: strong
 module WorkOS
-  VERSION = '2.5.1'
+  VERSION = '2.7.0'
 end

data/lib/workos/webhooks.rb CHANGED Viewed

@@ -55,8 +55,25 @@ module WorkOS
         WorkOS::Webhook.new(payload)
       end
-      private
+      # Verifies WorkOS-Signature header from request
+      # rubocop:disable Layout/LineLength
+      #
+      # @param [String] payload The payload from the webhook sent by WorkOS. This is the RAW_POST_DATA of the request.
+      # @param [String] sig_header The signature from the webhook sent by WorkOS.
+      # @param [String] secret The webhook secret from the WorkOS dashboard.
+      # @param [Integer] tolerance The time tolerance in seconds for the webhook.
+      #
+      # @example
+      #   WorkOS::Webhooks.verify_header(
+      #     payload: "{"id": "wh_123","data":{"id":"directory_user_01FAEAJCR3ZBZ30D8BD1924TVG","state":"active","emails":[{"type":"work","value":"blair@foo-corp.com","primary":true}],"idp_id":"00u1e8mutl6wlH3lL4x7","object":"directory_user","username":"blair@foo-corp.com","last_name":"Lunchford","first_name":"Blair","directory_id":"directory_01F9M7F68PZP8QXP8G7X5QRHS7","raw_attributes":{"name":{"givenName":"Blair","familyName":"Lunchford","middleName":"Elizabeth","honorificPrefix":"Ms."},"title":"Developer Success Engineer","active":true,"emails":[{"type":"work","value":"blair@foo-corp.com","primary":true}],"groups":[],"locale":"en-US","schemas":["urn:ietf:params:scim:schemas:core:2.0:User","urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"],"userName":"blair@foo-corp.com","addresses":[{"region":"CA","primary":true,"locality":"San Francisco","postalCode":"94016"}],"externalId":"00u1e8mutl6wlH3lL4x7","displayName":"Blair Lunchford","urn:ietf:params:scim:schemas:extension:enterprise:2.0:User":{"manager":{"value":"2","displayName":"Kate Chapman"},"division":"Engineering","department":"Customer Success"}}},"event":"dsync.user.created"}",
+      #     sig_header: 't=1626125972272, v1=80f7ab7efadc306eb5797c588cee9410da9be4416782b497bf1e1bf4175fb928',
+      #     secret: 'LJlTiC19GmCKWs8AE0IaOQcos',
+      #   )
+      #
+      #   => true
+      #
+      # @return Boolean
+      # rubocop:enable Layout/LineLength
       sig do
         params(
           payload: String,
@@ -105,6 +122,18 @@ module WorkOS
       end
       # rubocop:enable Metrics/MethodLength, Metrics/AbcSize
+      # Extracts timestamp and signature hash from WorkOS-Signature header
+      #
+      # @param [String] sig_header The signature from the webhook sent by WorkOS.
+      #
+      # @example
+      #   WorkOS::Webhooks.get_timestamp_and_signature_hash(
+      #     sig_header: 't=1626125972272, v1=80f7ab7efadc306eb5797c588cee9410da9be4416782b497bf1e1bf4175fb928',
+      #   )
+      #
+      #   => ['1626125972272', '80f7ab7efadc306eb5797c588cee9410da9be4416782b497bf1e1bf4175fb928']
+      #
+      # @return Array
       sig do
         params(
           sig_header: String,
@@ -127,6 +156,24 @@ module WorkOS
         [timestamp, signature_hash]
       end
+      # Computes expected signature
+      # rubocop:disable Layout/LineLength
+      #
+      # @param [String] timestamp The timestamp from the webhook signature.
+      # @param [String] payload The payload from the webhook sent by WorkOS. This is the RAW_POST_DATA of the request.
+      # @param [String] secret The webhook secret from the WorkOS dashboard.
+      #
+      # @example
+      #   WorkOS::Webhooks.compute_signature(
+      #     timestamp: '1626125972272',
+      #     payload: "{"id": "wh_123","data":{"id":"directory_user_01FAEAJCR3ZBZ30D8BD1924TVG","state":"active","emails":[{"type":"work","value":"blair@foo-corp.com","primary":true}],"idp_id":"00u1e8mutl6wlH3lL4x7","object":"directory_user","username":"blair@foo-corp.com","last_name":"Lunchford","first_name":"Blair","directory_id":"directory_01F9M7F68PZP8QXP8G7X5QRHS7","raw_attributes":{"name":{"givenName":"Blair","familyName":"Lunchford","middleName":"Elizabeth","honorificPrefix":"Ms."},"title":"Developer Success Engineer","active":true,"emails":[{"type":"work","value":"blair@foo-corp.com","primary":true}],"groups":[],"locale":"en-US","schemas":["urn:ietf:params:scim:schemas:core:2.0:User","urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"],"userName":"blair@foo-corp.com","addresses":[{"region":"CA","primary":true,"locality":"San Francisco","postalCode":"94016"}],"externalId":"00u1e8mutl6wlH3lL4x7","displayName":"Blair Lunchford","urn:ietf:params:scim:schemas:extension:enterprise:2.0:User":{"manager":{"value":"2","displayName":"Kate Chapman"},"division":"Engineering","department":"Customer Success"}}},"event":"dsync.user.created"}",
+      #     secret: 'LJlTiC19GmCKWs8AE0IaOQcos',
+      #   )
+      #
+      #   => '80f7ab7efadc306eb5797c588cee9410da9be4416782b497bf1e1bf4175fb928'
+      #
+      # @return String
+      # rubocop:enable Layout/LineLength
       sig do
         params(
           timestamp: String,

data/lib/workos.rb CHANGED Viewed

@@ -39,6 +39,8 @@ module WorkOS
   autoload :Types, 'workos/types'
   autoload :Client, 'workos/client'
   autoload :Configuration, 'workos/configuration'
+  autoload :AuditLogExport, 'workos/audit_log_export'
+  autoload :AuditLogs, 'workos/audit_logs'
   autoload :AuditTrail, 'workos/audit_trail'
   autoload :Connection, 'workos/connection'
   autoload :DirectorySync, 'workos/directory_sync'

data/sorbet/rbi/sorbet-typed/lib/rainbow/all/rainbow.rbi CHANGED Viewed

@@ -30,7 +30,7 @@ module Rainbow
       sig { returns(Integer) }
       attr_reader :num
-      sig { params(ground: Symbol, num: Integer).returns(Indexed) }
+      sig { params(ground: Symbol, num: Integer).void }
       def initialize(ground, num); end
       sig { returns(T::Array[Integer]) }
@@ -46,7 +46,7 @@ module Rainbow
       sig { returns(String) }
       def self.valid_names; end
-      sig { params(ground: Symbol, name: Symbol).returns(Named) }
+      sig { params(ground: Symbol, name: Symbol).void }
       def initialize(ground, name); end
     end
@@ -57,7 +57,7 @@ module Rainbow
       sig { params(value: Numeric).returns(Integer) }
       def to_ansi_domain(value); end
-      sig { params(ground: Symbol, values: Integer).returns(RGB) }
+      sig { params(ground: Symbol, values: Integer).void }
       def initialize(ground, *values); end
       sig { returns(T::Array[Integer]) }
@@ -73,7 +73,7 @@ module Rainbow
       sig { returns(String) }
       def self.valid_names; end
-      sig { params(ground: Symbol, name: Symbol).returns(X11Named) }
+      sig { params(ground: Symbol, name: Symbol).void }
       def initialize(ground, name); end
     end
   end
@@ -260,7 +260,7 @@ module Rainbow
     sig { returns(T::Boolean) }
     attr_accessor :enabled
-    sig { params(enabled: T::Boolean).returns(Wrapper) }
+    sig { params(enabled: T::Boolean).void }
     def initialize(enabled = true); end
     sig { params(string: String).returns(T.any(Rainbow::Presenter, Rainbow::NullPresenter)) }

data/spec/lib/workos/audit_logs_spec.rb ADDED Viewed

@@ -0,0 +1,149 @@
+# frozen_string_literal: true
+# typed: false
+describe WorkOS::AuditLogs do
+  it_behaves_like 'client'
+  before do
+    WorkOS.configure do |config|
+      config.key = 'example_api_key'
+    end
+  end
+  describe '.create_event' do
+    context 'with valid event payload' do
+      let(:valid_event) do
+        {
+          action: 'user.signed_in',
+          occurred_at: '2022-08-22T15:04:19.704Z',
+          actor: {
+            id: 'user_123',
+            type: 'user',
+            name: 'User',
+            metadata: {
+              foo: 'bar',
+            },
+          },
+          targets: [{
+            id: 'team_123',
+            type: 'team',
+            name: 'Team',
+            metadata: {
+              foo: 'bar',
+            },
+          }],
+          context: {
+            location: '1.1.1.1',
+            user_agent: 'Mozilla',
+          },
+        }
+      end
+      context 'with idempotency key' do
+        it 'creates an event' do
+          VCR.use_cassette 'audit_logs/create_event_custom_idempotency_key', match_requests_on: %i[path body] do
+            response = described_class.create_event(
+              organization: 'org_123',
+              event: valid_event,
+              idempotency_key: 'idempotency_key',
+            )
+            expect(response).to eq T::Private::Types::Void::VOID
+          end
+        end
+      end
+      context 'without idempotency key' do
+        it 'creates an event' do
+          VCR.use_cassette 'audit_logs/create_event', match_requests_on: %i[path body] do
+            response = described_class.create_event(
+              organization: 'org_123',
+              event: valid_event,
+            )
+            expect(response).to eq T::Private::Types::Void::VOID
+          end
+        end
+      end
+      context 'with invalid event' do
+        it 'returns error' do
+          VCR.use_cassette 'audit_logs/create_event_invalid', match_requests_on: %i[path body] do
+            described_class.create_event(
+              organization: 'org_123',
+              event: valid_event,
+            )
+          rescue WorkOS::InvalidRequestError => e
+            expect(
+              e.message,
+            ).to eq 'Status 400, Invalid Audit Log event - request ID: 1cf9b8e7-5910-4a6d-a333-46bcf841422e'
+            expect(e.code).to eq 'invalid_audit_log'
+            expect(e.errors.count).to eq 1
+          end
+        end
+      end
+    end
+  end
+  describe '.create_export' do
+    context 'without filters applied' do
+      it 'creates an event' do
+        VCR.use_cassette 'audit_logs/create_export', match_requests_on: %i[path body] do
+          audit_log_export = described_class.create_export(
+            organization: 'org_123',
+            range_start: '2022-06-22T15:04:19.704Z',
+            range_end: '2022-08-22T15:04:19.704Z',
+          )
+          expect(audit_log_export).to have_attributes(
+            object: 'audit_log_export',
+            id: 'audit_log_export_123',
+            state: 'pending',
+            url: nil,
+            created_at: '2022-08-22T15:04:19.704Z',
+            updated_at: '2022-08-22T15:04:19.704Z',
+          )
+        end
+      end
+    end
+    context 'with filters applied' do
+      it 'creates an export' do
+        VCR.use_cassette 'audit_logs/create_export_with_filters', match_requests_on: %i[path body] do
+          audit_log_export = described_class.create_export(
+            organization: 'org_123',
+            range_start: '2022-06-22T15:04:19.704Z',
+            range_end: '2022-08-22T15:04:19.704Z',
+            actions: ['user.signed_in'],
+            actors: ['Jon Smith'],
+            targets: %w[user team],
+          )
+          expect(audit_log_export.object).to eq 'audit_log_export'
+          expect(audit_log_export.id).to eq 'audit_log_export_123'
+          expect(audit_log_export.state).to eq 'pending'
+          expect(audit_log_export.url).to eq nil
+          expect(audit_log_export.created_at).to eq '2022-08-22T15:04:19.704Z'
+          expect(audit_log_export.updated_at).to eq '2022-08-22T15:04:19.704Z'
+        end
+      end
+    end
+  end
+  describe '.get_export' do
+    it 'returns an export' do
+      VCR.use_cassette 'audit_logs/get_export', match_requests_on: %i[path] do
+        audit_log_export = described_class.get_export(
+          id: 'audit_log_export_123',
+        )
+        expect(audit_log_export.object).to eq 'audit_log_export'
+        expect(audit_log_export.id).to eq 'audit_log_export_123'
+        expect(audit_log_export.state).to eq 'ready'
+        expect(audit_log_export.url).to eq 'https://audit-logs.com/download.csv'
+        expect(audit_log_export.created_at).to eq '2022-08-22T15:04:19.704Z'
+        expect(audit_log_export.updated_at).to eq '2022-08-22T15:04:19.704Z'
+      end
+    end
+  end
+end