workos 5.12.0 → 5.13.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/lib/workos/session.rb +1 -0
  4. data/lib/workos/version.rb +1 -1
  5. data/spec/lib/workos/session_spec.rb +46 -18
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6852c01440a63d103cd39a4c0aee2eeb5d1215d79a3e8eb2a3053b5aa3f3376e
4
- data.tar.gz: 71c5c53d1f8fc5219903cfcfc23cbeb657da1db2c64980fa9d8914bd6ae92b1d
3
+ metadata.gz: a70c9c63f286f0ec63436cc9d4d04d20f0cab14cffc5946bfb3e9725db014f7a
4
+ data.tar.gz: b3ed8ecca83aad20d9a91674c27066ecb2a8019b4cd43173cfad01c10195653a
5
5
  SHA512:
6
- metadata.gz: eb001da89bc0cf2866dcfd4d4c5207ddc7c960538ab413c45fcd5d5f80e4c97e205cc0e3fb51bdaaf8af984e9e30ad5c317c30e453c8e6579c1914350dfe3f2c
7
- data.tar.gz: 5fe92a1ad40c3bced46b0597430b02ea36b20c82f109614df332695aa7d9f613a025e0f30d3afcaab978c5b3de6882a3a67886e55343de513fb508950664a5d3
6
+ metadata.gz: 55692378591903208dd90c471d38eca8a0597adecac109329a277688ad92275e573e9d7110f3a8e58e06c0d78c3134e52e0924ca42e036bef01d337ef00bdde3
7
+ data.tar.gz: edc0f7070cb311f43d7d77e6ae29e1afeb6695a04a85b9c6ac50cdd733fb0ae4dbc317ca88d2f468ef0f434e8551904a558ad70fad1857ab3bbb7c0362ea9fe3
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- workos (5.12.0)
4
+ workos (5.13.0)
5
5
  encryptor (~> 3.0)
6
6
  jwt (~> 2.8)
7
7
 
data/lib/workos/session.rb CHANGED
@@ -50,6 +50,7 @@ module WorkOS
50
50
  organization_id: decoded['org_id'],
51
51
  role: decoded['role'],
52
52
  permissions: decoded['permissions'],
53
+ entitlements: decoded['entitlements'],
53
54
  user: session[:user],
54
55
  impersonator: session[:impersonator],
55
56
  reason: nil,
data/lib/workos/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module WorkOS
4
- VERSION = '5.12.0'
4
+ VERSION = '5.13.0'
5
5
  end
data/spec/lib/workos/session_spec.rb CHANGED
@@ -103,24 +103,23 @@ describe WorkOS::Session do
103
103
 
104
104
  describe '.authenticate' do
105
105
  let(:user_management) { instance_double('UserManagement') }
106
- let(:valid_access_token) do
107
- payload = {
106
+ let(:payload) do
107
+ {
108
108
  sid: 'session_id',
109
109
  org_id: 'org_id',
110
110
  role: 'role',
111
111
  permissions: ['read'],
112
112
  exp: Time.now.to_i + 3600,
113
113
  }
114
- headers = { kid: jwk[:kid] }
115
- JWT.encode(payload, jwk.signing_key, jwk[:alg], headers)
116
114
  end
115
+ let(:valid_access_token) { JWT.encode(payload, jwk.signing_key, jwk[:alg], { kid: jwk[:kid] }) }
117
116
  let(:session_data) do
118
- WorkOS::Session.seal_data({
119
- access_token: valid_access_token,
120
- user: 'user',
121
- impersonator: 'impersonator',
122
- }, cookie_password,)
123
- end
117
+ WorkOS::Session.seal_data({
118
+ access_token: valid_access_token,
119
+ user: 'user',
120
+ impersonator: 'impersonator',
121
+ }, cookie_password,)
122
+ end
124
123
 
125
124
  before do
126
125
  allow(user_management).to receive(:get_jwks_url).with(client_id).and_return(jwks_url)
@@ -167,14 +166,7 @@ end
167
166
  session_data: session_data,
168
167
  cookie_password: cookie_password,
169
168
  )
170
- allow(session).to receive(:is_valid_jwt).and_return(true)
171
- allow(JWT).to receive(:decode).and_return([{
172
- 'sid' => 'session_id',
173
- 'org_id' => 'org_id',
174
- 'role' => 'role',
175
- 'permissions' => ['read'],
176
- }])
177
-
169
+ allow_any_instance_of(JWT::Decode).to receive(:verify_signature).and_return(true)
178
170
  result = session.authenticate
179
171
  expect(result).to eq({
180
172
  authenticated: true,
@@ -182,11 +174,47 @@ end
182
174
  organization_id: 'org_id',
183
175
  role: 'role',
184
176
  permissions: ['read'],
177
+ entitlements: nil,
185
178
  user: 'user',
186
179
  impersonator: 'impersonator',
187
180
  reason: nil,
188
181
  })
189
182
  end
183
+
184
+ describe 'with entitlements' do
185
+ let(:payload) do
186
+ {
187
+ sid: 'session_id',
188
+ org_id: 'org_id',
189
+ role: 'role',
190
+ permissions: ['read'],
191
+ entitlements: ['billing'],
192
+ exp: Time.now.to_i + 3600,
193
+ }
194
+ end
195
+
196
+ it 'includes entitlements in the result' do
197
+ session = WorkOS::Session.new(
198
+ user_management: user_management,
199
+ client_id: client_id,
200
+ session_data: session_data,
201
+ cookie_password: cookie_password,
202
+ )
203
+ allow_any_instance_of(JWT::Decode).to receive(:verify_signature).and_return(true)
204
+ result = session.authenticate
205
+ expect(result).to eq({
206
+ authenticated: true,
207
+ session_id: 'session_id',
208
+ organization_id: 'org_id',
209
+ role: 'role',
210
+ permissions: ['read'],
211
+ entitlements: ['billing'],
212
+ user: 'user',
213
+ impersonator: 'impersonator',
214
+ reason: nil,
215
+ })
216
+ end
217
+ end
190
218
  end
191
219
 
192
220
  describe '.refresh' do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: workos
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.12.0
4
+ version: 5.13.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - WorkOS
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2025-01-23 00:00:00.000000000 Z
11
+ date: 2025-01-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: encryptor