workos 2.0.0 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 739e4734f5caa4b4c8180e125a206106242fea489c1dccc19f1bc45ad514bc7e
-  data.tar.gz: '029c0a8ef19f9b9b933a73eec53a9770851ea2a338a81060c040b72a06e39189'
+  metadata.gz: 0500b789496692e53bc6d47d80a21a0b8b802325e1e0f876fe0b94a775aa4f05
+  data.tar.gz: a7e8e350e7fb1336496e9a09ee7543a120e1b6ed62cc60dffbe1b4ccd2dd4712
 SHA512:
-  metadata.gz: 18631e0e0cdc5033b7df32d3ff95e2eeadcd7babd6c3b11063e174006ed3e8abd7769bfe4b0c828967e79b724ce0d8a79243960b5f2922eeb242051b56395b41
-  data.tar.gz: 2a2b2d48b1410ad0fc86943a168d584234fd5c01ca5ee3e3b4b3117f9924ddc4199d55d10d338b1f07daa193edc0144312ec6271a68c65b89ec8fa2243064aa0
+  metadata.gz: 549c9210c2d765b2d6f264e62f285f7b96c9225e53724798216eb08167be5451825a729f36273fbda7fb713b9a1db49025b3cc6a308a98b969ca0a3631c8ffd9
+  data.tar.gz: 4a3fdf8d50681db812a0de37c56d93b03c6bb194a892280cfc9d287612ba7494a1bd777f92b28538b12d978b0a1dc354ca7c82e12fd1707c440643c7215685cb

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    workos (2.0.0)
+    workos (2.1.0)
       sorbet-runtime (~> 0.5)
 
 GEM
@@ -93,4 +93,4 @@ DEPENDENCIES
   yard
 
 BUNDLED WITH
-   2.2.22
+   2.2.33

data/lib/workos/sso.rb

@@ -21,23 +21,27 @@ module WorkOS
       # Generate an Oauth2 authorization URL where your users will
       # authenticate using the configured SSO Identity Provider.
       #
+      # @param [String] redirect_uri The URI where users are directed
+      #  after completing the authentication step. Must match a
+      #  configured redirect URI on your WorkOS dashboard.
+      # @param [String] client_id The WorkOS client ID for the environment
+      #  where you've configured your SSO connection.
       # @param [String] domain The domain for the relevant SSO Connection
-      #  configured on your WorkOS dashboard. One of provider or domain is
-      #  required
+      #  configured on your WorkOS dashboard. One of provider, domain,
+      #  connection, or organization is required.
+      #  The domain is deprecated.
       # @param [String] provider A provider name for an Identity Provider
-      #  configured on your WorkOS dashboard. Only 'Google' is supported.
+      #  configured on your WorkOS dashboard. Only 'GoogleOAuth' and
+      #  'MicrosoftOAuth' are supported.
       # @param [String] connection The ID for a Connection configured on
       #  WorkOS.
-      # @param [String] client_id The WorkOS client ID for the environment
-      #  where you've configured your SSO connection.
-      # @param [String] redirect_uri The URI where users are directed
-      #  after completing the authentication step. Must match a
-      #  configured redirect URI on your WorkOS dashboard.
-      # @param [String] state An aribtrary state object
+      # @param [String] organization The ID for an Organization configured
+      #  on WorkOS.
+      # @param [String] state An arbitrary state object
       #  that is preserved and available to the client in the response.
       # @example
       #   WorkOS::SSO.authorization_url(
-      #     domain: 'acme.com',
+      #     connection: 'conn_123',
       #     client_id: 'project_01DG5TGK363GRVXP3ZS40WNGEZ',
       #     redirect_uri: 'https://workos.com/callback',
       #     state: {
@@ -45,19 +49,23 @@ module WorkOS
       #     }.to_s
       #   )
       #
-      #   => "https://api.workos.com/sso/authorize?domain=acme.com" \
+      #   => "https://api.workos.com/sso/authorize?connection=conn_123" \
       #      "&client_id=project_01DG5TGK363GRVXP3ZS40WNGEZ" \
       #      "&redirect_uri=https%3A%2F%2Fworkos.com%2Fcallback&" \
       #      "response_type=code&state=%7B%3Anext_page%3D%3E%22%2Fdocs%22%7D"
       #
       # @return [String]
+      # rubocop:disable Metrics/MethodLength, Metrics/ParameterLists
       sig do
         params(
           redirect_uri: String,
           client_id: T.nilable(String),
           domain: T.nilable(String),
+          domain_hint: T.nilable(String),
+          login_hint: T.nilable(String),
           provider: T.nilable(String),
           connection: T.nilable(String),
+          organization: T.nilable(String),
           state: T.nilable(String),
         ).returns(String)
       end
@@ -65,14 +73,23 @@ module WorkOS
         redirect_uri:,
         client_id: nil,
         domain: nil,
+        domain_hint: nil,
+        login_hint: nil,
         provider: nil,
         connection: nil,
+        organization: nil,
         state: ''
       )
+        if domain
+          warn '[DEPRECATION] `domain` is deprecated.
+          Please use `organization` instead.'
+        end
+
         validate_authorization_url_arguments(
           provider: provider,
           domain: domain,
           connection: connection,
+          organization: organization,
         )
 
         query = URI.encode_www_form({
@@ -81,12 +98,16 @@ module WorkOS
           response_type: 'code',
           state: state,
           domain: domain,
+          domain_hint: domain_hint,
+          login_hint: login_hint,
           provider: provider,
           connection: connection,
+          organization: organization,
         }.compact)
 
         "https://#{WorkOS::API_HOSTNAME}/sso/authorize?#{query}"
       end
+      # rubocop:enable Metrics/MethodLength, Metrics/ParameterLists
 
       sig do
         params(
@@ -229,16 +250,18 @@ module WorkOS
           domain: T.nilable(String),
           provider: T.nilable(String),
           connection: T.nilable(String),
+          organization: T.nilable(String),
         ).void
       end
       def validate_authorization_url_arguments(
         domain:,
         provider:,
-        connection:
+        connection:,
+        organization:
       )
-        if [domain, provider, connection].all?(&:nil?)
-          raise ArgumentError, 'Either connection, domain, or ' \
-            'provider is required.'
+        if [domain, provider, connection, organization].all?(&:nil?)
+          raise ArgumentError, 'Either connection, domain, ' \
+            'provider, or organization is required.'
         end
 
         return unless provider && !PROVIDERS.include?(provider)

data/lib/workos/version.rb

@@ -2,5 +2,5 @@
 # typed: strong
 
 module WorkOS
-  VERSION = '2.0.0'
+  VERSION = '2.1.0'
 end

data/spec/lib/workos/sso_spec.rb

@@ -109,7 +109,145 @@ describe WorkOS::SSO do
       end
     end
 
-    context 'with neither connection, domain, or provider' do
+    context 'with a domain' do
+      let(:args) do
+        {
+          domain: 'foo.com',
+          client_id: 'workos-proj-123',
+          redirect_uri: 'foo.com/auth/callback',
+          state: {
+            next_page: '/dashboard/edit',
+          }.to_s,
+        }
+      end
+      it 'returns a valid URL' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url)).to be_a URI
+      end
+
+      it 'returns the expected hostname' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).host).to eq(WorkOS::API_HOSTNAME)
+      end
+
+      it 'returns the expected query string' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).query).to eq(
+          'client_id=workos-proj-123&redirect_uri=foo.com%2Fauth%2Fcallback' \
+          '&response_type=code&state=%7B%3Anext_page%3D%3E%22%2Fdashboard%2F' \
+          'edit%22%7D&domain=foo.com',
+        )
+      end
+    end
+
+    context 'with a domain_hint' do
+      let(:args) do
+        {
+          connection: 'connection_123',
+          domain_hint: 'foo.com',
+          client_id: 'workos-proj-123',
+          redirect_uri: 'foo.com/auth/callback',
+          state: {
+            next_page: '/dashboard/edit',
+          }.to_s,
+        }
+      end
+      it 'returns a valid URL' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url)).to be_a URI
+      end
+
+      it 'returns the expected hostname' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).host).to eq(WorkOS::API_HOSTNAME)
+      end
+
+      it 'returns the expected query string' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).query).to eq(
+          'client_id=workos-proj-123&redirect_uri=foo.com%2Fauth%2Fcallback' \
+          '&response_type=code&state=%7B%3Anext_page%3D%3E%22%2Fdashboard%2' \
+          'Fedit%22%7D&domain_hint=foo.com&connection=connection_123',
+        )
+      end
+    end
+
+    context 'with a login_hint' do
+      let(:args) do
+        {
+          connection: 'connection_123',
+          login_hint: 'foo@workos.com',
+          client_id: 'workos-proj-123',
+          redirect_uri: 'foo.com/auth/callback',
+          state: {
+            next_page: '/dashboard/edit',
+          }.to_s,
+        }
+      end
+      it 'returns a valid URL' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url)).to be_a URI
+      end
+
+      it 'returns the expected hostname' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).host).to eq(WorkOS::API_HOSTNAME)
+      end
+
+      it 'returns the expected query string' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).query).to eq(
+          'client_id=workos-proj-123&redirect_uri=foo.com%2Fauth%2Fcallback' \
+          '&response_type=code&state=%7B%3Anext_page%3D%3E%22%2Fdashboard%2' \
+          'Fedit%22%7D&login_hint=foo%40workos.com&connection=connection_123',
+        )
+      end
+    end
+
+    context 'with an organization' do
+      let(:args) do
+        {
+          organization: 'org_123',
+          client_id: 'workos-proj-123',
+          redirect_uri: 'foo.com/auth/callback',
+          state: {
+            next_page: '/dashboard/edit',
+          }.to_s,
+        }
+      end
+      it 'returns a valid URL' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url)).to be_a URI
+      end
+
+      it 'returns the expected hostname' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).host).to eq(WorkOS::API_HOSTNAME)
+      end
+
+      it 'returns the expected query string' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).query).to eq(
+          'client_id=workos-proj-123&redirect_uri=foo.com%2Fauth%2Fcallback' \
+          '&response_type=code&state=%7B%3Anext_page%3D%3E%22%2Fdashboard%2F' \
+          'edit%22%7D&organization=org_123',
+        )
+      end
+    end
+
+    context 'with neither connection, domain, provider, or organization' do
       let(:args) do
         {
           client_id: 'workos-proj-123',
@@ -124,7 +262,7 @@ describe WorkOS::SSO do
           described_class.authorization_url(**args)
         end.to raise_error(
           ArgumentError,
-          'Either connection, domain, or provider is required.',
+          'Either connection, domain, provider, or organization is required.',
         )
       end
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: workos
 version: !ruby/object:Gem::Version
-  version: 2.0.0
+  version: 2.1.0
 platform: ruby
 authors:
 - WorkOS
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-11-12 00:00:00.000000000 Z
+date: 2021-12-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sorbet-runtime
@@ -364,7 +364,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.31
+rubygems_version: 3.2.33
 signing_key:
 specification_version: 4
 summary: API client for WorkOS