workos 4.5.0 → 4.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 49c966155f5c153170aeeb3ef517c42e6967a297e875ebea314ffc155fdea5f3
-  data.tar.gz: 96a7dc5083766f28f6b23f533ffc064e4d1708d19063787ecf8f94f1d5ff09ae
+  metadata.gz: 3a8eee76f744e675549099b150414fde6c8fb299bd40efd35f4765f4491a7896
+  data.tar.gz: de96239fdd72faf0e772146a7532b1e9a948f001c43e217d8af7636a75c2aa43
 SHA512:
-  metadata.gz: 3e0029ae78436134df06312c02a02490e75f9bc62c23a83e70e647bc0ef5384d7fc7ced8351760291743b2aba3f799171eb242c3c3cad8f8d2940bc95881c288
-  data.tar.gz: 0ad84d7083020a2d3b8a356064fd4ecc5edc4c9a6aad91ff9b73c28ffcbfa74e6e4a1f0d8131005b87ec658fed0dcb4267ef95539432d4195829e744a9269464
+  metadata.gz: abc6d1b314105f5fb113e178015376d3ea607970ebb7d28cd1cdea8b914d558803504bdc420148aae0649fbcf997ee6cecf3602732b76fe356447e87fa5121a8
+  data.tar.gz: 36d55ffc100b13b92a172002fc921ffd980399c395b2f7bffea9d266eb9c9f01db4439b16dbb10371bb08f6d23b4e6f101c5b92559754be29b03bbc16e2b2f93

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    workos (4.5.0)
+    workos (4.7.0)
 
 GEM
   remote: https://rubygems.org/

data/lib/workos/email_verification.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module WorkOS
+  # The EmailVerification class provides a lightweight wrapper around a WorkOS email
+  # verification resource. This class is not meant to be instantiated in a user space,
+  # and is instantiated internally but exposed.
+  class EmailVerification
+    include HashProvider
+
+    attr_accessor :id, :user_id, :email,
+                  :expires_at, :code, :created_at, :updated_at
+
+    def initialize(json)
+      hash = JSON.parse(json, symbolize_names: true)
+
+      @id = hash[:id]
+      @user_id = hash[:user_id]
+      @email = hash[:email]
+      @code = hash[:code]
+      @expires_at = hash[:expires_at]
+      @created_at = hash[:created_at]
+      @updated_at = hash[:updated_at]
+    end
+
+    def to_json(*)
+      {
+        id: id,
+        user_id: user_id,
+        email: email,
+        code: code,
+        expires_at: expires_at,
+        created_at: created_at,
+        updated_at: updated_at,
+      }
+    end
+  end
+end

data/lib/workos/invitation.rb

@@ -8,8 +8,9 @@ module WorkOS
     include HashProvider
 
     attr_accessor :id, :email, :state, :accepted_at, :revoked_at, :accept_invitation_url,
-                  :expires_at, :token, :organization_id, :created_at, :updated_at
+                  :expires_at, :token, :organization_id, :inviter_user_id, :created_at, :updated_at
 
+    # rubocop:disable Metrics/AbcSize
     def initialize(json)
       hash = JSON.parse(json, symbolize_names: true)
 
@@ -19,12 +20,14 @@ module WorkOS
       @token = hash[:token]
       @accept_invitation_url = hash[:accept_invitation_url]
       @organization_id = hash[:organization_id]
+      @inviter_user_id = hash[:inviter_user_id]
       @accepted_at = hash[:accepted_at]
       @revoked_at = hash[:revoked_at]
       @expires_at = hash[:expires_at]
       @created_at = hash[:created_at]
       @updated_at = hash[:updated_at]
     end
+    # rubocop:enable Metrics/AbcSize
 
     def to_json(*)
       {
@@ -34,6 +37,7 @@ module WorkOS
         token: token,
         accept_invitation_url: accept_invitation_url,
         organization_id: organization_id,
+        inviter_user_id: inviter_user_id,
         accepted_at: accepted_at,
         revoked_at: revoked_at,
         expires_at: expires_at,

data/lib/workos/password_reset.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module WorkOS
+  # The PasswordReset class provides a lightweight wrapper around a WorkOS password
+  # reset resource. This class is not meant to be instantiated in a user space,
+  # and is instantiated internally but exposed.
+  class PasswordReset
+    include HashProvider
+
+    attr_accessor :id, :user_id, :email, :password_reset_token,
+                  :password_reset_url, :expires_at, :created_at
+
+    def initialize(json)
+      hash = JSON.parse(json, symbolize_names: true)
+
+      @id = hash[:id]
+      @user_id = hash[:user_id]
+      @email = hash[:email]
+      @password_reset_token = hash[:password_reset_token]
+      @password_reset_url = hash[:password_reset_url]
+      @expires_at = hash[:expires_at]
+      @created_at = hash[:created_at]
+    end
+
+    def to_json(*)
+      {
+        id: id,
+        user_id: user_id,
+        email: email,
+        password_reset_token: password_reset_token,
+        password_reset_url: password_reset_url,
+        expires_at: expires_at,
+        created_at: created_at,
+      }
+    end
+  end
+end

data/lib/workos/user_management.rb

@@ -650,6 +650,22 @@ module WorkOS
         )
       end
 
+      # Gets an email verification object
+      #
+      # @param [String] id The unique ID of the EmailVerification object.
+      #
+      # @return WorkOS::EmailVerification
+      def get_email_verification(id:)
+        response = execute_request(
+          request: get_request(
+            path: "/user_management/email_verification/#{id}",
+            auth: true,
+          ),
+        )
+
+        WorkOS::EmailVerification.new(response.body)
+      end
+
       # Sends a verification email to the provided user.
       #
       # @param [String] user_id The unique ID of the User whose email address will be verified.
@@ -686,6 +702,41 @@ module WorkOS
         WorkOS::UserResponse.new(response.body)
       end
 
+      # Gets a password reset object
+      #
+      # @param [String] id The unique ID of the PasswordReset object.
+      #
+      # @return WorkOS::PasswordReset
+      def get_password_reset(id:)
+        response = execute_request(
+          request: get_request(
+            path: "/user_management/password_reset/#{id}",
+            auth: true,
+          ),
+        )
+
+        WorkOS::PasswordReset.new(response.body)
+      end
+
+      # Creates a password reset token
+      #
+      # @param [String] email The email address of the user.
+      #
+      # @return WorkOS::PasswordReset
+      def create_password_reset(email:)
+        response = execute_request(
+          request: post_request(
+            path: '/user_management/password_reset',
+            body: {
+              email: email,
+            },
+            auth: true,
+          ),
+        )
+
+        WorkOS::PasswordReset.new(response.body)
+      end
+
       # Create a password reset challenge and emails a password reset link to a user.
       #
       # @param [String] email The email of the user that wishes to reset their password.
@@ -693,6 +744,9 @@ module WorkOS
       #
       # @return [Bool] - returns `true` if successful
       def send_password_reset_email(email:, password_reset_url:)
+        warn_deprecation '`send_password_reset_email` is deprecated.
+        Please use `create_password_reset` instead. This method will be removed in a future major version.'
+
         request = post_request(
           path: '/user_management/password_reset/send',
           body: {
@@ -748,7 +802,8 @@ module WorkOS
       #
       # @param [Hash] options
       # @option options [String] user_id The ID of the User.
-      # @option options [String] organization_id Filter Users by the organization they are members of.
+      # @option options [String] organization_id Filter memberships by the organization they are members of.
+      # @option options [Array<String>] statuses Filter memberships by status.
       # @option options [String] limit Maximum number of records to return.
       # @option options [String] order The order in which to paginate records
       # @option options [String] before Pagination cursor to receive records
@@ -816,6 +871,38 @@ module WorkOS
         response.is_a? Net::HTTPSuccess
       end
 
+      # Deactivate an Organization Membership
+      #
+      # @param [String] id The unique ID of the Organization Membership.
+      #
+      # @return WorkOS::OrganizationMembership
+      def deactivate_organization_membership(id:)
+        response = execute_request(
+          request: put_request(
+            path: "/user_management/organization_memberships/#{id}/deactivate",
+            auth: true,
+          ),
+        )
+
+        WorkOS::OrganizationMembership.new(response.body)
+      end
+
+      # Reactivate an Organization Membership
+      #
+      # @param [String] id The unique ID of the Organization Membership.
+      #
+      # @return WorkOS::OrganizationMembership
+      def reactivate_organization_membership(id:)
+        response = execute_request(
+          request: put_request(
+            path: "/user_management/organization_memberships/#{id}/reactivate",
+            auth: true,
+          ),
+        )
+
+        WorkOS::OrganizationMembership.new(response.body)
+      end
+
       # Gets an Invitation
       #
       # @param [String] id The unique ID of the Invitation.

data/lib/workos/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module WorkOS
-  VERSION = '4.5.0'
+  VERSION = '4.7.0'
 end

data/lib/workos.rb

@@ -54,6 +54,7 @@ module WorkOS
   autoload :DirectoryGroup, 'workos/directory_group'
   autoload :DirectorySync, 'workos/directory_sync'
   autoload :DirectoryUser, 'workos/directory_user'
+  autoload :EmailVerification, 'workos/email_verification'
   autoload :Event, 'workos/event'
   autoload :Events, 'workos/events'
   autoload :Factor, 'workos/factor'
@@ -65,6 +66,7 @@ module WorkOS
   autoload :Organizations, 'workos/organizations'
   autoload :OrganizationMembership, 'workos/organization_membership'
   autoload :Passwordless, 'workos/passwordless'
+  autoload :PasswordReset, 'workos/password_reset'
   autoload :Portal, 'workos/portal'
   autoload :Profile, 'workos/profile'
   autoload :ProfileAndToken, 'workos/profile_and_token'

data/spec/lib/workos/user_management_spec.rb

@@ -736,6 +736,31 @@ describe WorkOS::UserManagement do
     end
   end
 
+  describe '.get_email_verification' do
+    context 'with a valid id' do
+      it 'returns an email_verification object' do
+        VCR.use_cassette 'user_management/get_email_verification/valid' do
+          email_verification = described_class.get_email_verification(
+            id: 'email_verification_01HYK9VKNJQ0MJDXEXQP0DA1VK',
+          )
+
+          expect(email_verification.id.instance_of?(String))
+          expect(email_verification.instance_of?(WorkOS::EmailVerification))
+        end
+      end
+    end
+
+    context 'with an invalid id' do
+      it 'raises an error' do
+        VCR.use_cassette('user_management/get_email_verification/invalid') do
+          expect do
+            WorkOS::UserManagement.get_email_verification(id: 'invalid')
+          end.to raise_error(WorkOS::APIError, /Email Verification not found/)
+        end
+      end
+    end
+  end
+
   describe '.send_verification_email' do
     context 'with valid parameters' do
       it 'sends an email to that user and the magic auth challenge' do
@@ -804,6 +829,46 @@ describe WorkOS::UserManagement do
     end
   end
 
+  describe '.get_password_reset' do
+    context 'with a valid id' do
+      it 'returns a password_reset object' do
+        VCR.use_cassette 'user_management/get_password_reset/valid' do
+          password_reset = described_class.get_password_reset(
+            id: 'password_reset_01HYKA8DTF8TW5YD30MF0ZXZKT',
+          )
+
+          expect(password_reset.id.instance_of?(String))
+          expect(password_reset.instance_of?(WorkOS::PasswordReset))
+        end
+      end
+    end
+
+    context 'with an invalid id' do
+      it 'raises an error' do
+        VCR.use_cassette('user_management/get_password_reset/invalid') do
+          expect do
+            WorkOS::UserManagement.get_password_reset(id: 'invalid')
+          end.to raise_error(WorkOS::APIError, /Password Reset not found/)
+        end
+      end
+    end
+  end
+
+  describe '.create_password_reset' do
+    context 'with valid payload' do
+      it 'creates a password_reset object' do
+        VCR.use_cassette 'user_management/create_password_reset/valid' do
+          password_reset = described_class.create_password_reset(
+            email: 'test@workos.com',
+          )
+
+          expect(password_reset.id).to eq('password_reset_01HYKA8DTF8TW5YD30MF0ZXZKT')
+          expect(password_reset.email).to eq('test@workos.com')
+        end
+      end
+    end
+  end
+
   describe '.send_password_reset_email' do
     context 'with a valid payload' do
       it 'sends a password reset email' do
@@ -933,6 +998,33 @@ describe WorkOS::UserManagement do
         end
       end
     end
+
+    context 'with statuses option' do
+      it 'returns a list of matching users' do
+        request_args = [
+          '/user_management/organization_memberships?user_id=user_01HXYSZBKQE2N3NHBKZHDP1X5X&'\
+          'statuses=active&statuses=inactive&order=desc&limit=5',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'user_management/list_organization_memberships/with_statuses_option' do
+          organization_memberships = described_class.list_organization_memberships(
+            user_id: 'user_01HXYSZBKQE2N3NHBKZHDP1X5X',
+            statuses: %w[active inactive],
+            order: 'desc',
+            limit: '5',
+          )
+
+          expect(organization_memberships.data.size).to eq(1)
+          expect(organization_memberships.data[0].user_id).to eq('user_01HXYSZBKQE2N3NHBKZHDP1X5X')
+        end
+      end
+    end
   end
 
   describe '.create_organization_membership' do
@@ -988,6 +1080,56 @@ describe WorkOS::UserManagement do
     end
   end
 
+  describe '.deactivate_organization_membership' do
+    context 'with a valid id' do
+      it 'returns a organization membership' do
+        VCR.use_cassette 'user_management/deactivate_organization_membership' do
+          organization_membership = described_class.deactivate_organization_membership(
+            id: 'om_01HXYT0G3H5QG9YTSHSHFZQE6D',
+          )
+
+          expect(organization_membership.id.instance_of?(String))
+          expect(organization_membership.instance_of?(WorkOS::OrganizationMembership))
+        end
+      end
+    end
+
+    context 'with an invalid id' do
+      it 'returns an error' do
+        expect do
+          described_class.deactivate_organization_membership(
+            id: 'invalid_organization_membership_id',
+          ).to raise_error(WorkOS::APIError)
+        end
+      end
+    end
+  end
+
+  describe '.reactivate_organization_membership' do
+    context 'with a valid id' do
+      it 'returns a organization membership' do
+        VCR.use_cassette 'user_management/reactivate_organization_membership' do
+          organization_membership = described_class.reactivate_organization_membership(
+            id: 'om_01HXYT0G3H5QG9YTSHSHFZQE6D',
+          )
+
+          expect(organization_membership.id.instance_of?(String))
+          expect(organization_membership.instance_of?(WorkOS::OrganizationMembership))
+        end
+      end
+    end
+
+    context 'with an invalid id' do
+      it 'returns an error' do
+        expect do
+          described_class.reactivate_organization_membership(
+            id: 'invalid_organization_membership_id',
+          ).to raise_error(WorkOS::APIError)
+        end
+      end
+    end
+  end
+
   describe '.get_invitation' do
     context 'with a valid id' do
       it 'returns an invitation' do

data/spec/support/fixtures/vcr_cassettes/user_management/create_password_reset/valid.yml

@@ -0,0 +1,80 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/user_management/password_reset
+    body:
+      encoding: UTF-8
+      string: '{"email":"blair@workos.com"}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; x86_64-darwin19; v4.6.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 201
+      message: Created
+    headers:
+      Date:
+      - Thu, 23 May 2024 18:08:51 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '397'
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 8886fe5e1c317b24-DEN
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"18d-Z6VC8jkvZuXmNL0BcJcqkF7M0BQ"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - db59df36-fce8-4174-a031-bd259bca32f8
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=d6moUiiUczj82CNolGPFWxb99g4YP_C.ZlaH9W7xnF8-1716487731-1.0.1.1-pRG1tKVpL4EV8NrdL78THPAhMdBiKwY_tOlgnuanVHgNFvw6MeMv2wJG0Nkp4oLwXdW629gkH1OwSaLIv9EuYQ;
+        path=/; expires=Thu, 23-May-24 18:38:51 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=bd64ac4e2572b6fc609d5cc06577eed03bc1bbcb-1716487731; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: UTF-8
+      string: '{"object":"password_reset","id":"password_reset_01HYKA8DTF8TW5YD30MF0ZXZKT","user_id":"user_01HH5GTVSP6PEXV0SRB9ANFE9G","email":"test@workos.com","password_reset_token":"DmNQt1ZWOz7k5hulOoGDN0TZd","password_reset_url":"https://my-app.com/reset-password/?token=DmNQt1ZWOz7k5hulOoGDN0TZd","expires_at":"2024-05-23T18:23:51.024Z","created_at":"2024-05-23T18:08:51.024Z"}'
+    http_version:
+  recorded_at: Thu, 23 May 2024 18:08:50 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/deactivate_organization_membership.yml

@@ -0,0 +1,64 @@
+---
+http_interactions:
+  - request:
+      method: put
+      uri: https://api.workos.com/user_management/organization_memberships/om_01HXYT0G3H5QG9YTSHSHFZQE6D/deactivate
+      body:
+        encoding: UTF-8
+        string: ""
+      headers:
+        Content-Type:
+          - application/json
+        Accept-Encoding:
+          - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+        Accept:
+          - "*/*"
+        User-Agent:
+          - WorkOS; ruby/3.3.0; arm64-darwin23; v4.5.0
+        Authorization:
+          - Bearer <API_KEY>
+    response:
+      status:
+        code: 200
+        message: OK
+      headers:
+        Date:
+          - Wed, 15 May 2024 19:13:06 GMT
+        Content-Type:
+          - application/json; charset=utf-8
+        Transfer-Encoding:
+          - chunked
+        Connection:
+          - keep-alive
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        Vary:
+          - Origin, Accept-Encoding
+        Access-Control-Allow-Credentials:
+          - "true"
+        Content-Security-Policy:
+          - "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self'
+            https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src
+            'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+        Expect-Ct:
+          - max-age=0
+        Referrer-Policy:
+          - no-referrer
+        X-Content-Type-Options:
+          - nosniff
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Download-Options:
+          - noopen
+        X-Frame-Options:
+          - SAMEORIGIN
+        X-Permitted-Cross-Domain-Policies:
+          - none
+        X-Xss-Protection:
+          - "0"
+      body:
+        encoding: ASCII-8BIT
+        string: '{"object":"organization_membership","id":"om_01HXYT0G3H5QG9YTSHSHFZQE6D","organization_id":"org_01HRCVHACPY05V2FP0KEBQZYD3","user_id":"user_01HXYSZBKQE2N3NHBKZHDP1X5X","status":"inactive","role":{"slug":"member"},"created_at":"2024-05-15T19:00:05.359Z","updated_at":"2024-05-15T19:13:06.259Z"}'
+      http_version:
+    recorded_at: Wed, 15 May 2024 19:13:06 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/get_email_verification/invalid.yml

@@ -0,0 +1,80 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://api.workos.com/user_management/email_verification/invalid
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; x86_64-darwin19; v4.6.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 404
+      message: Not Found
+    headers:
+      Date:
+      - Thu, 23 May 2024 18:04:34 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 8886f81a5d7e7b18-DEN
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"66-ESd/ROLsUvsCu/wiWkoaXfmv1gY"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 777e6230-9045-4858-9925-efb5c5783aa7
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=jfT91VpwVMXi901oaS57bdvcPNjXwzgT0NN.TADMkSA-1716487474-1.0.1.1-D3FZIQ5VQOMnMl3UudReuAR600DpJh8NzCxffFA.bRKl_H6zziPQu7Kk3_.wsy8_ESDjlcUQ3suhVmUb5Iwbhg;
+        path=/; expires=Thu, 23-May-24 18:34:34 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=387f8a46c39c44e43af2f39cd9fd8aea810da563-1716487474; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"message":"Email Verification not found: ''invalid''.","code":"entity_not_found","entity_id":"invalid"}'
+    http_version:
+  recorded_at: Thu, 23 May 2024 18:04:34 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/get_email_verification/valid.yml

@@ -0,0 +1,80 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://api.workos.com/user_management/email_verification/email_verification_01HYK9VKNJQ0MJDXEXQP0DA1VK
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; x86_64-darwin19; v4.6.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Thu, 23 May 2024 18:20:20 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 88870f32dcd07c2e-DEN
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"12b-ekjr8XAvfdiqyjIkVD8WtynlLBo"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 52bf7914-d672-454b-bd61-353e397fdad5
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=huBpGvZo0rq1TOrNY2F0wBwT69_y.Paz9joecCAWK2Y-1716488420-1.0.1.1-YY9yAQE6aOIbVg6Vf8Rxc8ScBPueEKTcUGUXIQmi_AYXfCtcQUa3MzjWeeC0.vmO0AetYPSX3FmmWUf26GH2Fw;
+        path=/; expires=Thu, 23-May-24 18:50:20 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=823df799452104e182687db9c4f57d862b59f78e-1716488420; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"object":"email_verification","id":"email_verification_01HYK9VKNJQ0MJDXEXQP0DA1VK","user_id":"user_01HYK9VAAW34TPP0KSYXCX44SB","email":"blairlunceford@gmail.com","code":"561814","expires_at":"2024-05-23T18:11:51.024Z","created_at":"2024-05-23T18:01:50.997Z","updated_at":"2024-05-23T18:01:50.997Z"}'
+    http_version:
+  recorded_at: Thu, 23 May 2024 18:20:20 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/get_password_reset/invalid.yml

@@ -0,0 +1,80 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://api.workos.com/user_management/password_reset/invalid
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; x86_64-darwin19; v4.6.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 404
+      message: Not Found
+    headers:
+      Date:
+      - Thu, 23 May 2024 18:04:34 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 8886f81cb89c7b00-DEN
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"62-MwEIS86+oNNsmjVX0JyWZTcjZ9s"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 5b33aeae-7a47-4893-8fef-f014e6692866
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=nkAinUzRPwshxLJMd18TIu20ff0fkGCILsc2NGkWLcs-1716487474-1.0.1.1-Ci9e5PwUuKRRSCrdjfPf3hLETEBr8qGDcVdllyCDW39my5OtwL58BZDu0vB0kuC_6vsPe4UrLSzfoz6XMyjmmw;
+        path=/; expires=Thu, 23-May-24 18:34:34 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=387f8a46c39c44e43af2f39cd9fd8aea810da563-1716487474; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"message":"Password Reset not found: ''invalid''.","code":"entity_not_found","entity_id":"invalid"}'
+    http_version:
+  recorded_at: Thu, 23 May 2024 18:04:34 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/get_password_reset/valid.yml

@@ -0,0 +1,80 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://api.workos.com/user_management/password_reset/password_reset_01HYKA8DTF8TW5YD30MF0ZXZKT
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; x86_64-darwin19; v4.6.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Thu, 23 May 2024 18:10:20 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 8887008eb83c51eb-DEN
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"18d-Z6VC8jkvZuXmNL0BcJcqkF7M0BQ"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - bd5403d4-e651-4b63-acde-50287326e0d7
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=YhPLb6u6gDZZcI3AVyfPTCitp9JKWpSMhZ236D6EPJI-1716487820-1.0.1.1-F0GOL.FAH1ROxtTJumLoe_YGWkO6uoozp7qv4oFniAc0aX20kqay7JvCfszxpxRsEbvj5mPTJcqVyvDm7qedeA;
+        path=/; expires=Thu, 23-May-24 18:40:20 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=cdbb09208777e3b5b5ee0ae80b61e07279d590c0-1716487820; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"object":"password_reset","id":"password_reset_01HYKA8DTF8TW5YD30MF0ZXZKT","user_id":"user_01HH5GTVSP6PEXV0SRB9ANFE9G","email":"blair@workos.com","password_reset_token":"DmNQt1ZWOz7k5hulOoGDN0TZd","password_reset_url":"https://manageable-child-63-staging.authkit.app/reset-password/?token=DmNQt1ZWOz7k5hulOoGDN0TZd","expires_at":"2024-05-23T18:23:51.024Z","created_at":"2024-05-23T18:08:51.024Z"}'
+    http_version:
+  recorded_at: Thu, 23 May 2024 18:10:20 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/list_organization_memberships/with_statuses_option.yml

@@ -0,0 +1,64 @@
+---
+http_interactions:
+  - request:
+      method: get
+      uri: https://api.workos.com/user_management/organization_memberships?limit=5&order=desc&statuses=inactive&user_id=user_01HXYSZBKQE2N3NHBKZHDP1X5X
+      body:
+        encoding: US-ASCII
+        string: ""
+      headers:
+        Content-Type:
+          - application/json
+        Accept-Encoding:
+          - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+        Accept:
+          - "*/*"
+        User-Agent:
+          - WorkOS; ruby/3.3.0; arm64-darwin23; v4.5.0
+        Authorization:
+          - Bearer <API_KEY>
+    response:
+      status:
+        code: 200
+        message: OK
+      headers:
+        Date:
+          - Wed, 15 May 2024 19:14:44 GMT
+        Content-Type:
+          - application/json; charset=utf-8
+        Transfer-Encoding:
+          - chunked
+        Connection:
+          - keep-alive
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        Vary:
+          - Origin, Accept-Encoding
+        Access-Control-Allow-Credentials:
+          - "true"
+        Content-Security-Policy:
+          - "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self'
+            https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src
+            'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+        Expect-Ct:
+          - max-age=0
+        Referrer-Policy:
+          - no-referrer
+        X-Content-Type-Options:
+          - nosniff
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Download-Options:
+          - noopen
+        X-Frame-Options:
+          - SAMEORIGIN
+        X-Permitted-Cross-Domain-Policies:
+          - none
+        X-Xss-Protection:
+          - "0"
+      body:
+        encoding: ASCII-8BIT
+        string: '{"object":"list","data":[{"object":"organization_membership","id":"om_01HXYT0G3H5QG9YTSHSHFZQE6D","organization_id":"org_01HRCVHACPY05V2FP0KEBQZYD3","user_id":"user_01HXYSZBKQE2N3NHBKZHDP1X5X","status":"active","role":{"slug":"member"},"created_at":"2024-05-15T19:00:05.359Z","updated_at":"2024-05-15T19:13:06.427Z"}],"list_metadata":{"before":null,"after":null}}'
+      http_version:
+    recorded_at: Wed, 15 May 2024 19:14:44 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/reactivate_organization_membership.yml

@@ -0,0 +1,64 @@
+---
+http_interactions:
+  - request:
+      method: put
+      uri: https://api.workos.com/user_management/organization_memberships/om_01HXYT0G3H5QG9YTSHSHFZQE6D/reactivate
+      body:
+        encoding: UTF-8
+        string: ""
+      headers:
+        Content-Type:
+          - application/json
+        Accept-Encoding:
+          - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+        Accept:
+          - "*/*"
+        User-Agent:
+          - WorkOS; ruby/3.3.0; arm64-darwin23; v4.5.0
+        Authorization:
+          - Bearer <API_KEY>
+    response:
+      status:
+        code: 200
+        message: OK
+      headers:
+        Date:
+          - Wed, 15 May 2024 19:13:06 GMT
+        Content-Type:
+          - application/json; charset=utf-8
+        Transfer-Encoding:
+          - chunked
+        Connection:
+          - keep-alive
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        Vary:
+          - Origin, Accept-Encoding
+        Access-Control-Allow-Credentials:
+          - "true"
+        Content-Security-Policy:
+          - "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self'
+            https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src
+            'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+        Expect-Ct:
+          - max-age=0
+        Referrer-Policy:
+          - no-referrer
+        X-Content-Type-Options:
+          - nosniff
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Download-Options:
+          - noopen
+        X-Frame-Options:
+          - SAMEORIGIN
+        X-Permitted-Cross-Domain-Policies:
+          - none
+        X-Xss-Protection:
+          - "0"
+      body:
+        encoding: ASCII-8BIT
+        string: '{"object":"organization_membership","id":"om_01HXYT0G3H5QG9YTSHSHFZQE6D","organization_id":"org_01HRCVHACPY05V2FP0KEBQZYD3","user_id":"user_01HXYSZBKQE2N3NHBKZHDP1X5X","status":"active","role":{"slug":"member"},"created_at":"2024-05-15T19:00:05.359Z","updated_at":"2024-05-15T19:13:06.427Z"}'
+      http_version:
+    recorded_at: Wed, 15 May 2024 19:13:06 GMT
+recorded_with: VCR 5.0.0

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: workos
 version: !ruby/object:Gem::Version
-  version: 4.5.0
+  version: 4.7.0
 platform: ruby
 authors:
 - WorkOS
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-05-03 00:00:00.000000000 Z
+date: 2024-05-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -118,6 +118,7 @@ files:
 - lib/workos/directory_group.rb
 - lib/workos/directory_sync.rb
 - lib/workos/directory_user.rb
+- lib/workos/email_verification.rb
 - lib/workos/errors.rb
 - lib/workos/event.rb
 - lib/workos/events.rb
@@ -130,6 +131,7 @@ files:
 - lib/workos/organization.rb
 - lib/workos/organization_membership.rb
 - lib/workos/organizations.rb
+- lib/workos/password_reset.rb
 - lib/workos/passwordless.rb
 - lib/workos/portal.rb
 - lib/workos/profile.rb
@@ -272,19 +274,25 @@ files:
 - spec/support/fixtures/vcr_cassettes/user_management/create_magic_auth/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_organization_membership/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_organization_membership/valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/create_password_reset/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_user_invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_user_valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/deactivate_organization_membership.yml
 - spec/support/fixtures/vcr_cassettes/user_management/delete_organization_membership/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/delete_organization_membership/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/delete_user/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/delete_user/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/enroll_auth_factor/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/enroll_auth_factor/valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/get_email_verification/invalid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/get_email_verification/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_invitation/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_invitation/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_magic_auth/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_magic_auth/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_organization_membership.yml
+- spec/support/fixtures/vcr_cassettes/user_management/get_password_reset/invalid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/get_password_reset/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_user.yml
 - spec/support/fixtures/vcr_cassettes/user_management/list_auth_factors/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/list_auth_factors/valid.yml
@@ -295,8 +303,10 @@ files:
 - spec/support/fixtures/vcr_cassettes/user_management/list_invitations/with_organization_id.yml
 - spec/support/fixtures/vcr_cassettes/user_management/list_organization_memberships/no_options.yml
 - spec/support/fixtures/vcr_cassettes/user_management/list_organization_memberships/with_options.yml
+- spec/support/fixtures/vcr_cassettes/user_management/list_organization_memberships/with_statuses_option.yml
 - spec/support/fixtures/vcr_cassettes/user_management/list_users/no_options.yml
 - spec/support/fixtures/vcr_cassettes/user_management/list_users/with_options.yml
+- spec/support/fixtures/vcr_cassettes/user_management/reactivate_organization_membership.yml
 - spec/support/fixtures/vcr_cassettes/user_management/reset_password/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/reset_password/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/revoke_invitation/invalid.yml
@@ -469,19 +479,25 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/user_management/create_magic_auth/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_organization_membership/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_organization_membership/valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/create_password_reset/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_user_invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_user_valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/deactivate_organization_membership.yml
 - spec/support/fixtures/vcr_cassettes/user_management/delete_organization_membership/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/delete_organization_membership/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/delete_user/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/delete_user/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/enroll_auth_factor/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/enroll_auth_factor/valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/get_email_verification/invalid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/get_email_verification/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_invitation/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_invitation/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_magic_auth/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_magic_auth/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_organization_membership.yml
+- spec/support/fixtures/vcr_cassettes/user_management/get_password_reset/invalid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/get_password_reset/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_user.yml
 - spec/support/fixtures/vcr_cassettes/user_management/list_auth_factors/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/list_auth_factors/valid.yml
@@ -492,8 +508,10 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/user_management/list_invitations/with_organization_id.yml
 - spec/support/fixtures/vcr_cassettes/user_management/list_organization_memberships/no_options.yml
 - spec/support/fixtures/vcr_cassettes/user_management/list_organization_memberships/with_options.yml
+- spec/support/fixtures/vcr_cassettes/user_management/list_organization_memberships/with_statuses_option.yml
 - spec/support/fixtures/vcr_cassettes/user_management/list_users/no_options.yml
 - spec/support/fixtures/vcr_cassettes/user_management/list_users/with_options.yml
+- spec/support/fixtures/vcr_cassettes/user_management/reactivate_organization_membership.yml
 - spec/support/fixtures/vcr_cassettes/user_management/reset_password/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/reset_password/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/revoke_invitation/invalid.yml