workos 4.7.0 → 5.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3a8eee76f744e675549099b150414fde6c8fb299bd40efd35f4765f4491a7896
-  data.tar.gz: de96239fdd72faf0e772146a7532b1e9a948f001c43e217d8af7636a75c2aa43
+  metadata.gz: 7d59f479bcadc439580843b8c8a608b41e4c0183d657241955ed3cfbc0f75a38
+  data.tar.gz: 48209d43a10edf6d5afa7b4ed5d92c69ee400afb660d23152706b46970602dcc
 SHA512:
-  metadata.gz: abc6d1b314105f5fb113e178015376d3ea607970ebb7d28cd1cdea8b914d558803504bdc420148aae0649fbcf997ee6cecf3602732b76fe356447e87fa5121a8
-  data.tar.gz: 36d55ffc100b13b92a172002fc921ffd980399c395b2f7bffea9d266eb9c9f01db4439b16dbb10371bb08f6d23b4e6f101c5b92559754be29b03bbc16e2b2f93
+  metadata.gz: 4457fcc8b132f5c7229d8ac5a480b0a3b86de5c1f5a8f28b688cca1e228a1d745fb906495708cf1466cc3a97aaead69fcb970f5fbffd457cdb8cf474ae72eda9
+  data.tar.gz: 778cebe2ed866d97858822ec755de7ebe105203450e1cc1de8858b863c1af21788582c74d86f249ea2c5561d5c330c669540d970e2769fadbed8f997e223daba

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    workos (4.7.0)
+    workos (5.0.0)
 
 GEM
   remote: https://rubygems.org/

data/lib/workos/client.rb

@@ -86,7 +86,7 @@ module WorkOS
       ].join('; ')
     end
 
-    # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
+    # rubocop:disable Metrics/MethodLength, Metrics/AbcSize, Metrics/CyclomaticComplexity:
     def handle_error_response(response:)
       http_status = response.code.to_i
       json = JSON.parse(response.body)
@@ -99,6 +99,9 @@ module WorkOS
           request_id: response['x-request-id'],
           code: json['code'],
           errors: json['errors'],
+          error: json['error'],
+          error_description: json['error_description'],
+          data: json,
         )
       when 401
         raise AuthenticationError.new(
@@ -107,7 +110,7 @@ module WorkOS
           request_id: response['x-request-id'],
         )
       when 404
-        raise APIError.new(
+        raise NotFoundError.new(
           message: json['message'],
           http_status: http_status,
           request_id: response['x-request-id'],
@@ -118,12 +121,21 @@ module WorkOS
         errors = extract_error(json['errors']) if json['errors']
         message += " (#{errors})" if errors
 
-        raise InvalidRequestError.new(
+        raise UnprocessableEntityError.new(
           message: message,
           http_status: http_status,
           request_id: response['x-request-id'],
+          error: json['error'],
+          errors: errors,
           code: code,
         )
+      when 429
+        raise RateLimitExceededError.new(
+          message: json['message'],
+          http_status: http_status,
+          request_id: response['x-request-id'],
+          retry_after: response['Retry-After'],
+        )
       else
         raise APIError.new(
           message: json['message'],
@@ -132,7 +144,7 @@ module WorkOS
         )
       end
     end
-    # rubocop:enable Metrics/MethodLength, Metrics/AbcSize
+    # rubocop:enable Metrics/MethodLength, Metrics/AbcSize, Metrics/CyclomaticComplexity:
 
     private
 

data/lib/workos/directory_sync.rb

@@ -15,8 +15,6 @@ module WorkOS
       # Retrieve directories.
       #
       # @param [Hash] options An options hash
-      # @option options [String] domain The domain of the directory to be
-      #  retrieved.
       # @option options [String] search A search term for direcory names.
       # @option options [String] limit Maximum number of records to return.
       # @option options [String] order The order in which to paginate records

data/lib/workos/errors.rb

@@ -7,6 +7,10 @@ module WorkOS
     attr_reader :request_id
     attr_reader :code
     attr_reader :errors
+    attr_reader :error
+    attr_reader :error_description
+    attr_reader :data
+    attr_reader :retry_after
 
     # rubocop:disable Metrics/ParameterLists
     def initialize(
@@ -16,7 +20,9 @@ module WorkOS
       http_status: nil,
       request_id: nil,
       code: nil,
-      errors: nil
+      errors: nil,
+      data: nil,
+      retry_after: nil
     )
       @message = message
       @error = error
@@ -25,6 +31,8 @@ module WorkOS
       @request_id = request_id
       @code = code
       @errors = errors
+      @data = data
+      @retry_after = retry_after
     end
     # rubocop:enable Metrics/ParameterLists
 
@@ -62,4 +70,13 @@ module WorkOS
 
   # TimeoutError is raised when the HTTP request to the API times out
   class TimeoutError < WorkOSError; end
+
+  # RateLimitExceededError is raised when the rate limit for the API has been hit
+  class RateLimitExceededError < WorkOSError; end
+
+  # NotFoundError is raised when a resource is not found
+  class NotFoundError < WorkOSError; end
+
+  # UnprocessableEntityError is raised when a request is made that cannot be processed
+  class UnprocessableEntityError < WorkOSError; end
 end

data/lib/workos/events.rb

@@ -22,6 +22,8 @@ module WorkOS
       #
       # @return [Hash]
       def list_events(options = {})
+        raise ArgumentError, 'Events parameter is required.' if options[:events].nil?
+
         response = execute_request(
           request: get_request(
             path: '/events',

data/lib/workos/user_management.rb

@@ -603,9 +603,11 @@ module WorkOS
       # @param [String] totp_issuer For totp factors. Typically your application
       #  or company name, this helps users distinguish between factors in authenticator apps.
       # @param [String] totp_user For totp factors. Used as the account name in authenticator apps.
+      # @param [String] totp_secret For totp factors.  The Base32 encdoded secret key for the
+      # factor. Generated if not provided. (Optional)
       #
       # @return WorkOS::AuthenticationFactorAndChallenge
-      def enroll_auth_factor(user_id:, type:, totp_issuer: nil, totp_user: nil)
+      def enroll_auth_factor(user_id:, type:, totp_issuer: nil, totp_user: nil, totp_secret: nil)
         validate_auth_factor_type(
           type: type,
         )
@@ -617,6 +619,7 @@ module WorkOS
               type: type,
               totp_issuer: totp_issuer,
               totp_user: totp_user,
+              totp_secret: totp_secret,
             },
             auth: true,
           ),
@@ -919,6 +922,22 @@ module WorkOS
         WorkOS::Invitation.new(response.body)
       end
 
+      # Finds an Invitation by Token
+      #
+      # @param [String] token The token of the Invitation.
+      #
+      # @return WorkOS::Invitation
+      def find_invitation_by_token(token:)
+        response = execute_request(
+          request: get_request(
+            path: "/user_management/invitations/by_token/#{token}",
+            auth: true,
+          ),
+        )
+
+        WorkOS::Invitation.new(response.body)
+      end
+
       # Retrieve a list of invitations.
       #
       # @param [Hash] options

data/lib/workos/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module WorkOS
-  VERSION = '4.7.0'
+  VERSION = '5.0.0'
 end

data/lib/workos.rb

@@ -87,4 +87,7 @@ module WorkOS
   autoload :InvalidRequestError, 'workos/errors'
   autoload :SignatureVerificationError, 'workos/errors'
   autoload :TimeoutError, 'workos/errors'
+  autoload :NotFoundError, 'workos/errors'
+  autoload :UnprocessableEntityError, 'workos/errors'
+  autoload :RateLimitExceededError, 'workos/errors'
 end

data/spec/lib/workos/client.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+# rubocop:disable Style/MultilineBlockChain
+describe WorkOS::Client do
+  describe '.client' do
+    it 'returns a 400 error with appropriate fields' do
+      VCR.use_cassette('user_management/authenticate_with_code/invalid') do
+        expect do
+          WorkOS::UserManagement.authenticate_with_code(
+            code: 'invalid',
+            client_id: 'client_123',
+            ip_address: '200.240.210.16',
+            user_agent: 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/108.0.0.0 Safari/537.36',
+          )
+        end.to raise_error do |error|
+          expect(error).to be_a(WorkOS::InvalidRequestError)
+          expect(error.error).not_to be_nil
+          expect(error.error_description).not_to be_nil
+          expect(error.data).not_to be_nil
+        end
+      end
+    end
+
+    it 'returns a 401 error with appropriate fields' do
+      VCR.use_cassette('base/execute_request_unauthenticated') do
+        expect do
+          WorkOS::AuditLogs.create_event(
+            organization: 'org_123',
+            event: {},
+          )
+        end.to raise_error do |error|
+          expect(error).to be_a(WorkOS::AuthenticationError)
+          expect(error.message).not_to be_nil
+        end
+      end
+    end
+
+    it 'returns a 404 error with appropriate fields' do
+      VCR.use_cassette('user_management/get_email_verification/invalid') do
+        expect do
+          WorkOS::UserManagement.get_email_verification(
+            id: 'invalid',
+          )
+        end.to raise_error do |error|
+          expect(error).to be_a(WorkOS::NotFoundError)
+          expect(error.message).not_to be_nil
+        end
+      end
+    end
+
+    it 'returns a 422 error with appropriate fields' do
+      VCR.use_cassette('user_management/create_user_invalid') do
+        expect do
+          WorkOS::UserManagement.create_user(
+            email: 'invalid',
+          )
+        end.to raise_error do |error|
+          expect(error).to be_a(WorkOS::UnprocessableEntityError)
+          expect(error.message).not_to be_nil
+          expect(error.errors).not_to be_nil
+          expect(error.code).not_to be_nil
+        end
+      end
+    end
+  end
+end
+# rubocop:enable Style/MultilineBlockChain

data/spec/lib/workos/directory_sync_spec.rb

@@ -20,29 +20,6 @@ describe WorkOS::DirectorySync do
       end
     end
 
-    context 'with domain option' do
-      it 'forms the proper request to the API' do
-        request_args = [
-          '/directories?domain=foo-corp.com&'\
-          'order=desc',
-          'Content-Type' => 'application/json'
-        ]
-
-        expected_request = Net::HTTP::Get.new(*request_args)
-
-        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
-          and_return(expected_request)
-
-        VCR.use_cassette 'directory_sync/list_directories/with_domain' do
-          directories = described_class.list_directories(
-            domain: 'foo-corp.com',
-          )
-
-          expect(directories.data.size).to eq(1)
-        end
-      end
-    end
-
     context 'with search option' do
       it 'forms the proper request to the API' do
         request_args = [
@@ -171,7 +148,7 @@ describe WorkOS::DirectorySync do
           expect do
             WorkOS::DirectorySync.get_directory(id: 'invalid')
           end.to raise_error(
-            WorkOS::APIError,
+            WorkOS::NotFoundError,
             "Status 404, Directory not found: 'invalid'. - request ID: ",
           )
         end
@@ -185,7 +162,7 @@ describe WorkOS::DirectorySync do
         VCR.use_cassette('directory_sync/list_groups/with_no_options') do
           expect do
             WorkOS::DirectorySync.list_groups
-          end.to raise_error(WorkOS::InvalidRequestError)
+          end.to raise_error(WorkOS::UnprocessableEntityError)
         end
       end
     end
@@ -319,7 +296,7 @@ describe WorkOS::DirectorySync do
         VCR.use_cassette('directory_sync/list_users/with_no_options') do
           expect do
             WorkOS::DirectorySync.list_users
-          end.to raise_error(WorkOS::InvalidRequestError)
+          end.to raise_error(WorkOS::UnprocessableEntityError)
         end
       end
     end
@@ -471,7 +448,7 @@ describe WorkOS::DirectorySync do
         VCR.use_cassette('directory_sync/get_group_with_invalid_id') do
           expect do
             WorkOS::DirectorySync.get_group('invalid')
-          end.to raise_error(WorkOS::APIError)
+          end.to raise_error(WorkOS:: NotFoundError)
         end
       end
     end
@@ -498,7 +475,7 @@ describe WorkOS::DirectorySync do
         VCR.use_cassette('directory_sync/get_user_with_invalid_id') do
           expect do
             WorkOS::DirectorySync.get_user('invalid')
-          end.to raise_error(WorkOS::APIError)
+          end.to raise_error(WorkOS::NotFoundError)
         end
       end
     end

data/spec/lib/workos/event_spec.rb

@@ -5,16 +5,11 @@ describe WorkOS::Events do
 
   describe '.list_events' do
     context 'with no options' do
-      it 'returns events and metadata' do
-        expected_metadata = {
-          'after' => nil,
-        }
-
+      it 'raises ArgumentError' do
         VCR.use_cassette 'events/list_events_with_no_options' do
-          events = described_class.list_events
-
-          expect(events.data.size).to eq(1)
-          expect(events.list_metadata).to eq(expected_metadata)
+          expect do
+            described_class.list_events
+          end.to raise_error(ArgumentError)
         end
       end
     end
@@ -44,7 +39,7 @@ describe WorkOS::Events do
     context 'with the after option' do
       it 'forms the proper request to the API' do
         request_args = [
-          '/events?after=event_01FGCPNV312FHFRCX0BYWHVSE1',
+          '/events?after=event_01FGCPNV312FHFRCX0BYWHVSE1&events=dsync.user.created',
           'Content-Type' => 'application/json'
         ]
 
@@ -54,7 +49,10 @@ describe WorkOS::Events do
           and_return(expected_request)
 
         VCR.use_cassette 'events/list_events_with_after' do
-          events = described_class.list_events(after: 'event_01FGCPNV312FHFRCX0BYWHVSE1')
+          events = described_class.list_events(
+            after: 'event_01FGCPNV312FHFRCX0BYWHVSE1',
+            events: ['dsync.user.created'],
+          )
 
           expect(events.data.size).to eq(1)
         end
@@ -64,7 +62,7 @@ describe WorkOS::Events do
     context 'with the range_start and range_end options' do
       it 'forms the proper request to the API' do
         request_args = [
-          '/events?range_start=2023-01-01T00%3A00%3A00Z&range_end=2023-01-03T00%3A00%3A00Z',
+          '/events?events=dsync.user.created&range_start=2023-01-01T00%3A00%3A00Z&range_end=2023-01-03T00%3A00%3A00Z',
           'Content-Type' => 'application/json'
         ]
 
@@ -75,6 +73,7 @@ describe WorkOS::Events do
 
         VCR.use_cassette 'events/list_events_with_range' do
           events = described_class.list_events(
+            events: ['dsync.user.created'],
             range_start: '2023-01-01T00:00:00Z',
             range_end: '2023-01-03T00:00:00Z',
           )
@@ -87,7 +86,7 @@ describe WorkOS::Events do
     context 'with the organization_id option' do
       it 'forms the proper request to the API' do
         request_args = [
-          '/events?organization_id=org_1234',
+          '/events?events=dsync.user.created&organization_id=org_1234',
           'Content-Type' => 'application/json'
         ]
 
@@ -98,6 +97,7 @@ describe WorkOS::Events do
 
         VCR.use_cassette 'events/list_events_with_organization_id' do
           events = described_class.list_events(
+            events: ['dsync.user.created'],
             organization_id: 'org_1234',
           )
 

data/spec/lib/workos/mfa_spec.rb

@@ -188,7 +188,7 @@ describe WorkOS::MFA do
                 authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
                 code: '897792',
               )
-            end.to raise_error(WorkOS::InvalidRequestError)
+            end.to raise_error(WorkOS::UnprocessableEntityError)
           end
         end
       end
@@ -201,7 +201,7 @@ describe WorkOS::MFA do
                 authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
                 code: '897792',
               )
-            end.to raise_error(WorkOS::InvalidRequestError)
+            end.to raise_error(WorkOS::UnprocessableEntityError)
           end
         end
       end
@@ -264,7 +264,7 @@ describe WorkOS::MFA do
             described_class.get_factor(
               id: 'auth_factor_invalid',
             )
-          end.to raise_error(WorkOS::APIError)
+          end.to raise_error(WorkOS::NotFoundError)
         end
       end
     end

data/spec/lib/workos/organizations_spec.rb

@@ -257,7 +257,7 @@ describe WorkOS::Organizations do
           expect do
             described_class.get_organization(id: 'invalid')
           end.to raise_error(
-            WorkOS::APIError,
+            WorkOS::NotFoundError,
             'Status 404, Not Found - request ID: ',
           )
         end
@@ -302,7 +302,7 @@ describe WorkOS::Organizations do
           expect do
             described_class.delete_organization(id: 'invalid')
           end.to raise_error(
-            WorkOS::APIError,
+            WorkOS::NotFoundError,
             'Status 404, Not Found - request ID: ',
           )
         end

data/spec/lib/workos/passwordless_spec.rb

@@ -32,7 +32,7 @@ describe WorkOS::Passwordless do
           expect do
             described_class.create_session(invalid_options)
           end.to raise_error(
-            WorkOS::InvalidRequestError,
+            WorkOS::UnprocessableEntityError,
             /Status 422, Validation failed \(email: email must be a string; type: type must be a valid enum value\)/,
           )
         end
@@ -66,7 +66,7 @@ describe WorkOS::Passwordless do
           expect do
             described_class.send_session('session_123')
           end.to raise_error(
-            WorkOS::InvalidRequestError,
+            WorkOS::UnprocessableEntityError,
             /Status 422, The passwordless session 'session_123' has expired or is invalid./,
           )
         end

data/spec/lib/workos/sso_spec.rb

@@ -618,7 +618,7 @@ describe WorkOS::SSO do
           expect do
             WorkOS::SSO.get_connection(id: 'invalid')
           end.to raise_error(
-            WorkOS::APIError,
+            WorkOS::NotFoundError,
             'Status 404, Not Found - request ID: ',
           )
         end
@@ -645,7 +645,7 @@ describe WorkOS::SSO do
           expect do
             WorkOS::SSO.delete_connection(id: 'invalid')
           end.to raise_error(
-            WorkOS::APIError,
+            WorkOS::NotFoundError,
             'Status 404, Not Found - request ID: ',
           )
         end

data/spec/lib/workos/user_management_spec.rb

@@ -312,7 +312,7 @@ describe WorkOS::UserManagement do
             expect do
               described_class.create_user(email: '')
             end.to raise_error(
-              WorkOS::InvalidRequestError,
+              WorkOS::UnprocessableEntityError,
               /email_string_required/,
             )
           end
@@ -342,7 +342,7 @@ describe WorkOS::UserManagement do
           VCR.use_cassette 'user_management/update_user/invalid' do
             expect do
               described_class.update_user(id: 'invalid')
-            end.to raise_error(WorkOS::APIError, /User not found/)
+            end.to raise_error(WorkOS::NotFoundError, /User not found/)
           end
         end
       end
@@ -367,7 +367,7 @@ describe WorkOS::UserManagement do
         VCR.use_cassette('user_management/delete_user/invalid') do
           expect do
             WorkOS::UserManagement.delete_user(id: 'invalid')
-          end.to raise_error(WorkOS::APIError, /User not found/)
+          end.to raise_error(WorkOS::NotFoundError, /User not found/)
         end
       end
     end
@@ -400,7 +400,7 @@ describe WorkOS::UserManagement do
               ip_address: '200.240.210.16',
               user_agent: 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/108.0.0.0 Safari/537.36',
             )
-          end.to raise_error(WorkOS::APIError, /User not found/)
+          end.to raise_error(WorkOS::NotFoundError, /User not found/)
         end
       end
     end
@@ -512,7 +512,7 @@ describe WorkOS::UserManagement do
               client_id: 'client_123',
               email: 'test@workos.com',
             )
-          end.to raise_error(WorkOS::APIError, /User not found/)
+          end.to raise_error(WorkOS::NotFoundError, /User not found/)
         end
       end
     end
@@ -637,7 +637,7 @@ describe WorkOS::UserManagement do
         VCR.use_cassette('user_management/get_magic_auth/invalid') do
           expect do
             WorkOS::UserManagement.get_magic_auth(id: 'invalid')
-          end.to raise_error(WorkOS::APIError, /MagicAuth not found/)
+          end.to raise_error(WorkOS::NotFoundError, /MagicAuth not found/)
         end
       end
     end
@@ -677,6 +677,7 @@ describe WorkOS::UserManagement do
           authentication_response = WorkOS::UserManagement.enroll_auth_factor(
             user_id: 'user_01H7TVSKS45SDHN5V9XPSM6H44',
             type: 'totp',
+            totp_secret: 'secret-test',
           )
 
           expect(authentication_response.authentication_factor.id).to eq('auth_factor_01H96FETXENNY99ARX0GRC804C')
@@ -755,7 +756,7 @@ describe WorkOS::UserManagement do
         VCR.use_cassette('user_management/get_email_verification/invalid') do
           expect do
             WorkOS::UserManagement.get_email_verification(id: 'invalid')
-          end.to raise_error(WorkOS::APIError, /Email Verification not found/)
+          end.to raise_error(WorkOS::NotFoundError, /Email Verification not found/)
         end
       end
     end
@@ -780,7 +781,7 @@ describe WorkOS::UserManagement do
             described_class.send_verification_email(
               user_id: 'bad_id',
             )
-          end.to raise_error(WorkOS::APIError, /User not found/)
+          end.to raise_error(WorkOS::NotFoundError, /User not found/)
         end
       end
     end
@@ -809,7 +810,7 @@ describe WorkOS::UserManagement do
                 code: '659770',
                 user_id: 'bad_id',
               )
-            end.to raise_error(WorkOS::APIError, /User not found/)
+            end.to raise_error(WorkOS::NotFoundError, /User not found/)
           end
         end
       end
@@ -848,7 +849,7 @@ describe WorkOS::UserManagement do
         VCR.use_cassette('user_management/get_password_reset/invalid') do
           expect do
             WorkOS::UserManagement.get_password_reset(id: 'invalid')
-          end.to raise_error(WorkOS::APIError, /Password Reset not found/)
+          end.to raise_error(WorkOS::NotFoundError, /Password Reset not found/)
         end
       end
     end
@@ -892,7 +893,7 @@ describe WorkOS::UserManagement do
               password_reset_url: '',
             )
           end.to raise_error(
-            WorkOS::InvalidRequestError,
+            WorkOS::UnprocessableEntityError,
             /password_reset_url_string_required/,
           )
         end
@@ -923,7 +924,7 @@ describe WorkOS::UserManagement do
               new_password: 'new_password',
             )
           end.to raise_error(
-            WorkOS::APIError,
+            WorkOS::NotFoundError,
             /Could not locate user with provided token/,
           )
         end
@@ -1047,7 +1048,7 @@ describe WorkOS::UserManagement do
             expect do
               described_class.create_organization_membership(user_id: '', organization_id: '')
             end.to raise_error(
-              WorkOS::InvalidRequestError,
+              WorkOS::UnprocessableEntityError,
               /user_id_string_required/,
             )
           end
@@ -1074,7 +1075,7 @@ describe WorkOS::UserManagement do
         VCR.use_cassette('user_management/delete_organization_membership/invalid') do
           expect do
             WorkOS::UserManagement.delete_organization_membership(id: 'invalid')
-          end.to raise_error(WorkOS::APIError, /Organization Membership not found/)
+          end.to raise_error(WorkOS::NotFoundError, /Organization Membership not found/)
         end
       end
     end
@@ -1149,7 +1150,32 @@ describe WorkOS::UserManagement do
         VCR.use_cassette('user_management/get_invitation/invalid') do
           expect do
             WorkOS::UserManagement.get_invitation(id: 'invalid')
-          end.to raise_error(WorkOS::APIError, /Invitation not found/)
+          end.to raise_error(WorkOS::NotFoundError, /Invitation not found/)
+        end
+      end
+    end
+  end
+
+  describe '.find_invitation_by_token' do
+    context 'with a valid id' do
+      it 'returns an invitation' do
+        VCR.use_cassette 'user_management/find_invitation_by_token/valid' do
+          invitation = described_class.find_invitation_by_token(
+            token: 'iUV3XbYajpJlbpw1Qt3ZKlaKx',
+          )
+
+          expect(invitation.id.instance_of?(String))
+          expect(invitation.instance_of?(WorkOS::Invitation))
+        end
+      end
+    end
+
+    context 'with an invalid id' do
+      it 'raises an error' do
+        VCR.use_cassette('user_management/find_invitation_by_token/invalid') do
+          expect do
+            WorkOS::UserManagement.find_invitation_by_token(token: 'invalid')
+          end.to raise_error(WorkOS::NotFoundError, /Invitation not found/)
         end
       end
     end
@@ -1320,7 +1346,7 @@ describe WorkOS::UserManagement do
               id: 'invalid_id',
             )
           end.to raise_error(
-            WorkOS::APIError,
+            WorkOS::NotFoundError,
             /Invitation not found/,
           )
         end
@@ -1349,7 +1375,7 @@ describe WorkOS::UserManagement do
               session_id: 'session_01H5JQDV7R7ATEYZDEG0W5PRYS',
             )
           end.to raise_error(
-            WorkOS::APIError,
+            WorkOS::NotFoundError,
             /Session not found/,
           )
         end

data/spec/support/fixtures/vcr_cassettes/base/execute_request_unauthenticated.yml

@@ -1,66 +1,66 @@
 ---
 http_interactions:
-- request:
-    method: post
-    uri: https://api.workos.com/events
-    body:
-      encoding: UTF-8
-      string: "{}"
-    headers:
-      Content-Type:
-      - application/json
-      Accept-Encoding:
-      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
-      Accept:
-      - "*/*"
-      User-Agent:
-      - WorkOS; ruby/2.6.5; x86_64-darwin19; v0.1.0
-      Authorization:
-      - 'Bearer '
-  response:
-    status:
-      code: 401
-      message: Unauthorized
-    headers:
-      Server:
-      - Cowboy
-      Connection:
-      - keep-alive
-      Access-Control-Allow-Origin:
-      - https://dashboard.workos-test.com
-      Vary:
-      - Origin, Accept-Encoding
-      Access-Control-Allow-Credentials:
-      - 'true'
-      X-Dns-Prefetch-Control:
-      - 'off'
-      X-Frame-Options:
-      - SAMEORIGIN
-      Strict-Transport-Security:
-      - max-age=15552000; includeSubDomains
-      X-Download-Options:
-      - noopen
-      X-Content-Type-Options:
-      - nosniff
-      X-Xss-Protection:
-      - 1; mode=block
-      X-Request-Id:
-      - 32a67a24-bfaf-4463-bf47-c407d54955d3
-      Request-Id:
-      - 32a67a24-bfaf-4463-bf47-c407d54955d3
-      Content-Type:
-      - application/json; charset=utf-8
-      Content-Length:
-      - '26'
-      Etag:
-      - W/"1a-pljHtlo127JYJR4E/RYOPb6ucbw"
-      Date:
-      - Sat, 11 Jan 2020 03:50:27 GMT
-      Via:
-      - 1.1 vegur
-    body:
-      encoding: UTF-8
-      string: '{"message":"Unauthorized"}'
-    http_version: 
-  recorded_at: Sat, 11 Jan 2020 03:50:27 GMT
+  - request:
+      method: post
+      uri: https://api.workos.com/audit_logs/events
+      body:
+        encoding: UTF-8
+        string: '{}'
+      headers:
+        Content-Type:
+          - application/json
+        Accept-Encoding:
+          - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+        Accept:
+          - '*/*'
+        User-Agent:
+          - WorkOS; ruby/2.6.5; x86_64-darwin19; v0.1.0
+        Authorization:
+          - 'Bearer '
+    response:
+      status:
+        code: 401
+        message: Unauthorized
+      headers:
+        Server:
+          - Cowboy
+        Connection:
+          - keep-alive
+        Access-Control-Allow-Origin:
+          - https://dashboard.workos-test.com
+        Vary:
+          - Origin, Accept-Encoding
+        Access-Control-Allow-Credentials:
+          - 'true'
+        X-Dns-Prefetch-Control:
+          - 'off'
+        X-Frame-Options:
+          - SAMEORIGIN
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        X-Download-Options:
+          - noopen
+        X-Content-Type-Options:
+          - nosniff
+        X-Xss-Protection:
+          - 1; mode=block
+        X-Request-Id:
+          - 32a67a24-bfaf-4463-bf47-c407d54955d3
+        Request-Id:
+          - 32a67a24-bfaf-4463-bf47-c407d54955d3
+        Content-Type:
+          - application/json; charset=utf-8
+        Content-Length:
+          - '26'
+        Etag:
+          - W/"1a-pljHtlo127JYJR4E/RYOPb6ucbw"
+        Date:
+          - Sat, 11 Jan 2020 03:50:27 GMT
+        Via:
+          - 1.1 vegur
+      body:
+        encoding: UTF-8
+        string: '{"message":"Unauthorized"}'
+      http_version:
+    recorded_at: Sat, 11 Jan 2020 03:50:27 GMT
 recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/events/list_events_with_after.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: get
-    uri: https://api.workos.com/events?after=event_01FGCPNV312FHFRCX0BYWHVSE1
+    uri: https://api.workos.com/events?after=event_01FGCPNV312FHFRCX0BYWHVSE1&events=dsync.user.created
     body:
       encoding: US-ASCII
       string: ''

data/spec/support/fixtures/vcr_cassettes/events/list_events_with_no_options.yml

@@ -14,40 +14,42 @@ http_interactions:
       Accept:
       - "*/*"
       User-Agent:
-      - WorkOS; ruby/2.7.2; arm64-darwin21; v2.3.0
+      - WorkOS; ruby/3.3.0; arm64-darwin23; v4.1.0
       Authorization:
       - Bearer <API_KEY>
   response:
     status:
-      code: 200
-      message: OK
+      code: 400
+      message: Bad Request
     headers:
       Date:
-      - Thu, 14 Jul 2022 16:46:23 GMT
+      - Thu, 11 Apr 2024 15:44:49 GMT
       Content-Type:
       - application/json; charset=utf-8
       Content-Length:
-      - '616'
+      - '140'
       Connection:
       - keep-alive
+      Cf-Ray:
+      - 872c19a65dcb3af9-IAD
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"8c-3NPoweNh0oXUDzElVKxg5PG7PWk"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
       Access-Control-Allow-Credentials:
       - 'true'
       Content-Security-Policy:
       - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
         https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
         ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
-      Etag:
-      - W/"680-NPvBik348v8xg6EE7iZMYwD5UXw"
       Expect-Ct:
       - max-age=0
       Referrer-Policy:
       - no-referrer
-      Strict-Transport-Security:
-      - max-age=15552000; includeSubDomains
-      Vary:
-      - Origin, Accept-Encoding
-      Via:
-      - 1.1 spaces-router (b642bf20b975)
       X-Content-Type-Options:
       - nosniff
       X-Dns-Prefetch-Control:
@@ -59,22 +61,21 @@ http_interactions:
       X-Permitted-Cross-Domain-Policies:
       - none
       X-Request-Id:
-      - 51a82273-b413-cead-b968-c07ba4d6fd08
+      - 660c0035-b70d-4939-a0d3-2b0917535e7f
       X-Xss-Protection:
       - '0'
-      Cf-Cache-Status:
-      - DYNAMIC
-      Report-To:
-      - '{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OS7ELJ3A8tkzMafvaIThD%2B5JlYmul1puZlAXTxEKYBLlq%2B6DCtqDqAi4dtr4yRP3khNmg6MwPiuLqtdOXRmPOtag9Ti%2FGK8ra%2BJOlpwkFjD965CNBfzao4EJtExDkbS3"}],"group":"cf-nel","max_age":604800}'
-      Nel:
-      - '{"success_fraction":0,"report_to":"cf-nel","max_age":604800}'
+      Set-Cookie:
+      - __cf_bm=UpBr7jsatrWLaunHA8NhaflwkUco6FBxeXhgwz2bAoM-1712850289-1.0.1.1-KJCKaoohiG088DieTdV2V91AtW1fbs7ec.x7gsal9xsVzA2OPf67b0R__57KFvEsEZ97obgydtH.VEwyYhpGTw;
+        path=/; expires=Thu, 11-Apr-24 16:14:49 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=bbad8ba60df9a023f0ba77749b5c0b92162e6ed3-1712850289; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
       Server:
       - cloudflare
-      Cf-Ray:
-      - 72abbbf2b93e8ca5-EWR
     body:
-      encoding: ASCII-8BIT
-      string: '{"object":"list","data":[{"object":"event","id":"event_01FK3HFFGMC2WF32RR8SKWC8KA","event":"dsync.user.created","created_at":"2021-10-28T13:29:54.451Z","data":{"email":"foo@foocorp.com"}}], "list_metadata":{"after":null}}'
+      encoding: UTF-8
+      string: '{"message":"One or more event names (e.g. dsync.user.created) must
+        be provided using the events parameter.","code":"invalid_events_request"}'
     http_version:
-  recorded_at: Thu, 14 Jul 2022 16:46:23 GMT
+  recorded_at: Thu, 11 Apr 2024 15:44:49 GMT
 recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/events/list_events_with_organization_id.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: get
-    uri: https://api.workos.com/events?organization_id=org_1234
+    uri: https://api.workos.com/events?events=dsync.user.created&organization_id=org_1234
     body:
       encoding: US-ASCII
       string: ''

data/spec/support/fixtures/vcr_cassettes/events/list_events_with_range.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: get
-    uri: https://api.workos.com/events?range_end=2023-01-03T00:00:00Z&range_start=2023-01-01T00:00:00Z
+    uri: https://api.workos.com/events?events=dsync.user.created&range_end=2023-01-03T00:00:00Z&range_start=2023-01-01T00:00:00Z
     body:
       encoding: US-ASCII
       string: ''

data/spec/support/fixtures/vcr_cassettes/user_management/find_invitation_by_token/invalid.yml

@@ -0,0 +1,80 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://api.workos.com/user_management/invitations/by_token/invalid
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; x86_64-darwin19; v4.7.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 404
+      message: Not Found
+    headers:
+      Date:
+      - Mon, 03 Jun 2024 20:16:37 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 88e25cab2e0c520c-DEN
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"5a-PPX6d4bMxLfMyXe/1aUqFNwW/Dc"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 7066479f-3c65-4eb0-a5ab-fa371e8747e5
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=V3RT_KMrnFyoIbj_1OgapyAtReNBXvdzeYmNZWQQt6Y-1717445797-1.0.1.1-XWQk50226uaRo4S1BTn3wou4.mFaLOC20eA_MhrSil._j0XoCx6I2Q0gmgtBp1j9.dHqkmf4ZwOw1j6RmBLSnQ;
+        path=/; expires=Mon, 03-Jun-24 20:46:37 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=cb54bc416259840c8c11ad58469ec2c5d9f88ff3-1717445797; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"message":"Invitation not found: ''invalid''.","code":"entity_not_found","entity_id":"invalid"}'
+    http_version:
+  recorded_at: Mon, 03 Jun 2024 20:16:37 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/find_invitation_by_token/valid.yml

@@ -0,0 +1,80 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://api.workos.com/user_management/invitations/by_token/iUV3XbYajpJlbpw1Qt3ZKlaKx
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; x86_64-darwin19; v4.7.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Mon, 03 Jun 2024 20:16:37 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 88e25ca97a127b32-DEN
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"1e5-ZUKH6e1N8G9JBxE8/nulDIEawKk"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 1359e287-00bc-4081-a3d9-6bfcded70273
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=WToCUplL1o5i0KSz5l81mSZ5SqsRh0MGwXHPwM7C.Sg-1717445797-1.0.1.1-KXhOU0BqmCe7ZDWcpEJ7V3gLLZpioBrWPxtyB5m2sOmYxj3GWOfjhqRz5d1L0cTOpGoT9OfeqzGa5qfmD0ELZw;
+        path=/; expires=Mon, 03-Jun-24 20:46:37 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=cb54bc416259840c8c11ad58469ec2c5d9f88ff3-1717445797; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"object":"invitation","id":"invitation_01HZFVRAJ7EV7935K7H8NX2MRH","email":"blairlunceford@gmail.com","state":"pending","accepted_at":null,"revoked_at":null,"expires_at":"2024-06-10T20:13:21.862Z","organization_id":null,"inviter_user_id":null,"token":"iUV3XbYajpJlbpw1Qt3ZKlaKx","accept_invitation_url":"https://manageable-child-63-staging.authkit.app/invite/?invitation_token=iUV3XbYajpJlbpw1Qt3ZKlaKx","created_at":"2024-06-03T20:13:21.820Z","updated_at":"2024-06-03T20:13:21.820Z"}'
+    http_version:
+  recorded_at: Mon, 03 Jun 2024 20:16:37 GMT
+recorded_with: VCR 5.0.0

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: workos
 version: !ruby/object:Gem::Version
-  version: 4.7.0
+  version: 5.0.0
 platform: ruby
 authors:
 - WorkOS
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-05-24 00:00:00.000000000 Z
+date: 2024-06-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -152,6 +152,7 @@ files:
 - lib/workos/webhook.rb
 - lib/workos/webhooks.rb
 - spec/lib/workos/audit_logs_spec.rb
+- spec/lib/workos/client.rb
 - spec/lib/workos/configuration_spec.rb
 - spec/lib/workos/directory_sync_spec.rb
 - spec/lib/workos/directory_user_spec.rb
@@ -284,6 +285,8 @@ files:
 - spec/support/fixtures/vcr_cassettes/user_management/delete_user/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/enroll_auth_factor/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/enroll_auth_factor/valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/find_invitation_by_token/invalid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/find_invitation_by_token/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_email_verification/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_email_verification/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_invitation/invalid.yml
@@ -357,6 +360,7 @@ specification_version: 4
 summary: API client for WorkOS
 test_files:
 - spec/lib/workos/audit_logs_spec.rb
+- spec/lib/workos/client.rb
 - spec/lib/workos/configuration_spec.rb
 - spec/lib/workos/directory_sync_spec.rb
 - spec/lib/workos/directory_user_spec.rb
@@ -489,6 +493,8 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/user_management/delete_user/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/enroll_auth_factor/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/enroll_auth_factor/valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/find_invitation_by_token/invalid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/find_invitation_by_token/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_email_verification/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_email_verification/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/get_invitation/invalid.yml