workos 2.4.0 → 2.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3b8ce6f7bddb9f3bbee9713d7ec1674c487f1c9f963e7e57ee8e6b99b26e183a
-  data.tar.gz: de86e65fad32c780bc23ba9a2e2e7e611af89c2025f768d96ca51a59b5c23218
+  metadata.gz: 014f85386dcfba661f0a74ae427127257b953a2791b4667c72d9b1961237a93b
+  data.tar.gz: 7290ad0b22df3751f1183f5465d35f56828c4fd1b0e519c29c208138b67db3fe
 SHA512:
-  metadata.gz: 82b37f71d2b099ccfde1f6d47f5a43392f275e093d130156796079be0f2ada5f8e787143991aa9b2d65878c5cd4ab052b5c81f60fe43e46e59619714c17b08c4
-  data.tar.gz: f02fbd38fedce2ac51834fb10196b6c79a1ed29013afb7f681ec9329df0e571035330f2a6f52bdb0c963bb0be5ade92b389962609f2d87cba8fd83bbca471a60
+  metadata.gz: 766ef6dfba39dc072dab56a7fbfbcaa4484e39bbd444dc3c9148894e791b232689e7210a13f178442e595a67ac3c74aed64ee377ddad342f6105b2103513bbec
+  data.tar.gz: 759b73ee9afe91742acb8ee818d03bc397a6760d44f88dbfa3989439e4e396cacc2b71dd866ab90495bb7c1e2b430709987f09335a20b4a08b123aedfa1003d8

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    workos (2.4.0)
+    workos (2.5.0)
       sorbet-runtime (~> 0.5)
 
 GEM
@@ -60,7 +60,7 @@ GEM
     simplecov_json_formatter (0.1.2)
     sorbet (0.5.6388)
       sorbet-static (= 0.5.6388)
-    sorbet-runtime (0.5.10090)
+    sorbet-runtime (0.5.10207)
     sorbet-static (0.5.6388-universal-darwin-14)
     sorbet-static (0.5.6388-universal-darwin-15)
     sorbet-static (0.5.6388-universal-darwin-16)

data/README.md

@@ -35,7 +35,10 @@ Or, you may set the key yourself, such as in an initializer in your application
 ```ruby
 # /config/initializers/workos.rb
 
-WorkOS.key = '[your api key]'
+WorkOS.configure do |config|
+  config.key = '[your api key]'
+  config.timeout = 120
+end
 ```
 
 ## SDK Versioning

data/lib/workos/audit_trail.rb

@@ -12,7 +12,6 @@ module WorkOS
   module AuditTrail
     class << self
       extend T::Sig
-      include Base
       include Client
 
       # Create an Audit Trail event.

data/lib/workos/client.rb

@@ -11,6 +11,9 @@ module WorkOS
     def client
       Net::HTTP.new(WorkOS::API_HOSTNAME, 443).tap do |http_client|
         http_client.use_ssl = true
+        http_client.open_timeout = WorkOS.config.timeout
+        http_client.read_timeout = WorkOS.config.timeout
+        http_client.write_timeout = WorkOS.config.timeout
       end
     end
 
@@ -20,7 +23,13 @@ module WorkOS
       ).returns(::T.untyped)
     end
     def execute_request(request:)
-      response = client.request(request)
+      begin
+        response = client.request(request)
+      rescue Net::OpenTimeout, Net::ReadTimeout, Net::WriteTimeout
+        raise TimeoutError.new(
+          message: 'API Timeout Error',
+        )
+      end
 
       http_status = response.code.to_i
       handle_error_response(response: response) if http_status >= 400
@@ -45,7 +54,7 @@ module WorkOS
         'Content-Type' => 'application/json',
       )
 
-      request['Authorization'] = "Bearer #{access_token || WorkOS.key!}" if auth
+      request['Authorization'] = "Bearer #{access_token || WorkOS.config.key!}" if auth
       request['User-Agent'] = user_agent
       request
     end
@@ -61,7 +70,7 @@ module WorkOS
     def post_request(path:, auth: false, idempotency_key: nil, body: nil)
       request = Net::HTTP::Post.new(path, 'Content-Type' => 'application/json')
       request.body = body.to_json if body
-      request['Authorization'] = "Bearer #{WorkOS.key!}" if auth
+      request['Authorization'] = "Bearer #{WorkOS.config.key!}" if auth
       request['Idempotency-Key'] = idempotency_key if idempotency_key
       request['User-Agent'] = user_agent
       request
@@ -83,7 +92,7 @@ module WorkOS
         'Content-Type' => 'application/json',
       )
 
-      request['Authorization'] = "Bearer #{WorkOS.key!}" if auth
+      request['Authorization'] = "Bearer #{WorkOS.config.key!}" if auth
       request['User-Agent'] = user_agent
       request
     end
@@ -99,7 +108,7 @@ module WorkOS
     def put_request(path:, auth: false, idempotency_key: nil, body: nil)
       request = Net::HTTP::Put.new(path, 'Content-Type' => 'application/json')
       request.body = body.to_json if body
-      request['Authorization'] = "Bearer #{WorkOS.key!}" if auth
+      request['Authorization'] = "Bearer #{WorkOS.config.key!}" if auth
       request['Idempotency-Key'] = idempotency_key if idempotency_key
       request['User-Agent'] = user_agent
       request

data/lib/workos/configuration.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+# typed: true
+
+module WorkOS
+  # Configuration class sets config initializer
+  class Configuration
+    attr_accessor :timeout, :key
+
+    def initialize
+      @timeout = 60
+    end
+
+    def key!
+      key or raise '`WorkOS.config.key` not set'
+    end
+  end
+end

data/lib/workos/directory_sync.rb

@@ -12,7 +12,6 @@ module WorkOS
   module DirectorySync
     class << self
       extend T::Sig
-      include Base
       include Client
 
       # Retrieve directories.

data/lib/workos/errors.rb

@@ -61,4 +61,7 @@ module WorkOS
   # SignatureVerificationError is raised when the signature verification for a
   # webhook fails
   class SignatureVerificationError < WorkOSError; end
+
+  # TimeoutError is raised when the HTTP request to the API times out
+  class TimeoutError < WorkOSError; end
 end

data/lib/workos/mfa.rb

@@ -11,7 +11,6 @@ module WorkOS
   module MFA
     class << self
       extend T::Sig
-      include Base
       include Client
       sig { params(id: String).returns(T::Boolean) }
       def delete_factor(id:)
@@ -122,9 +121,8 @@ module WorkOS
           auth: true,
           body: {
             sms_template: sms_template,
-            authentication_factor_id: authentication_factor_id,
           },
-          path: '/auth/factors/challenge',
+          path: "/auth/factors/#{authentication_factor_id}/challenge",
         )
 
         response = execute_request(request: request)
@@ -135,30 +133,47 @@ module WorkOS
         params(
           authentication_challenge_id: T.nilable(String),
           code: T.nilable(String),
-        ).returns(WorkOS::VerifyFactor)
+        ).returns(WorkOS::VerifyChallenge)
       end
       def verify_factor(
         authentication_challenge_id: nil,
         code: nil
       )
+        warn '[DEPRECATION] `verify_factor` is deprecated. Please use `verify_challenge` instead.'
+
+        verify_challenge(
+          authentication_challenge_id: authentication_challenge_id,
+          code: code,
+        )
+      end
+
+      sig do
+        params(
+          authentication_challenge_id: T.nilable(String),
+          code: T.nilable(String),
+        ).returns(WorkOS::VerifyChallenge)
+      end
+      def verify_challenge(
+        authentication_challenge_id: nil,
+        code: nil
+      )
 
         if authentication_challenge_id.nil? || code.nil?
           raise ArgumentError, "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments"
         end
 
         options = {
-          "authentication_challenge_id": authentication_challenge_id,
           "code": code,
         }
 
         response = execute_request(
           request: post_request(
-            path: '/auth/factors/verify',
+            path: "/auth/challenges/#{authentication_challenge_id}/verify",
             auth: true,
             body: options,
           ),
         )
-        WorkOS::VerifyFactor.new(response.body)
+        WorkOS::VerifyChallenge.new(response.body)
       end
     end
   end

data/lib/workos/organizations.rb

@@ -8,7 +8,6 @@ module WorkOS
   module Organizations
     class << self
       extend T::Sig
-      include Base
       include Client
 
       # Retrieve a list of organizations that have connections configured

data/lib/workos/passwordless.rb

@@ -12,7 +12,6 @@ module WorkOS
   module Passwordless
     class << self
       extend T::Sig
-      include Base
       include Client
 
       # Create a Passwordless Session.

data/lib/workos/portal.rb

@@ -9,7 +9,6 @@ module WorkOS
   module Portal
     class << self
       extend T::Sig
-      include Base
       include Client
 
       GENERATE_LINK_INTENTS = WorkOS::Types::Intent.values.map(&:serialize).

data/lib/workos/sso.rb

@@ -13,7 +13,6 @@ module WorkOS
   module SSO
     class << self
       extend T::Sig
-      include Base
       include Client
 
       PROVIDERS = WorkOS::Types::Provider.values.map(&:serialize).freeze
@@ -142,7 +141,7 @@ module WorkOS
       def profile_and_token(code:, client_id: nil)
         body = {
           client_id: client_id,
-          client_secret: WorkOS.key!,
+          client_secret: WorkOS.config.key!,
           grant_type: 'authorization_code',
           code: code,
         }

data/lib/workos/types/{verify_factor_struct.rb → verify_challenge_struct.rb}

@@ -3,9 +3,9 @@
 
 module WorkOS
   module Types
-    # This VerifyFactorStruct acts as a typed interface
-    # for the Factor class
-    class VerifyFactorStruct < T::Struct
+    # This VerifyChallengeStruct acts as a typed interface
+    # for the VerifyChallenge class
+    class VerifyChallengeStruct < T::Struct
       const :challenge, T.nilable(T::Hash[Symbol, Object])
       const :valid, T::Boolean
     end

data/lib/workos/types.rb

@@ -18,6 +18,6 @@ module WorkOS
     require_relative 'types/webhook_struct'
     require_relative 'types/factor_struct'
     require_relative 'types/challenge_struct'
-    require_relative 'types/verify_factor_struct'
+    require_relative 'types/verify_challenge_struct'
   end
 end

data/lib/workos/{verify_factor.rb → verify_challenge.rb}

@@ -2,10 +2,9 @@
 # typed: false
 
 module WorkOS
-  # The VerifyFactor class provides a lightweight wrapper around
-  # a WorkOS DirectoryUser resource. This class is not meant to be instantiated
-  # in DirectoryUser space, and is instantiated internally but exposed.
-  class VerifyFactor
+  # The VerifyChallenge class provides a lightweight wrapper around
+  # a WorkOS Authentication Challenge resource.
+  class VerifyChallenge
     include HashProvider
     extend T::Sig
 
@@ -27,11 +26,11 @@ module WorkOS
 
     private
 
-    sig { params(json_string: String).returns(WorkOS::Types::VerifyFactorStruct) }
+    sig { params(json_string: String).returns(WorkOS::Types::VerifyChallengeStruct) }
     def parse_json(json_string)
       hash = JSON.parse(json_string, symbolize_names: true)
 
-      WorkOS::Types::VerifyFactorStruct.new(
+      WorkOS::Types::VerifyChallengeStruct.new(
         challenge: hash[:challenge],
         valid: hash[:valid],
       )

data/lib/workos/version.rb

@@ -2,5 +2,5 @@
 # typed: strong
 
 module WorkOS
-  VERSION = '2.4.0'
+  VERSION = '2.5.0'
 end

data/lib/workos.rb

@@ -5,6 +5,7 @@ require 'workos/version'
 require 'sorbet-runtime'
 require 'json'
 require 'workos/hash_provider'
+require 'workos/configuration'
 
 # Use the WorkOS module to authenticate your
 # requests to the WorkOS API. The gem will read
@@ -16,20 +17,28 @@ module WorkOS
   API_HOSTNAME = ENV['WORKOS_API_HOSTNAME'] || 'api.workos.com'
 
   def self.key=(value)
-    Base.key = value
+    warn '`WorkOS.key=` is deprecated. Use `WorkOS.configure` instead.'
+
+    config.key = value
   end
 
   def self.key
-    Base.key
+    warn '`WorkOS.key` is deprecated. Use `WorkOS.configure` instead.'
+
+    config.key
+  end
+
+  def self.config
+    @config ||= Configuration.new
   end
 
-  def self.key!
-    key || raise('WorkOS.key not set')
+  def self.configure
+    yield(config)
   end
 
   autoload :Types, 'workos/types'
-  autoload :Base, 'workos/base'
   autoload :Client, 'workos/client'
+  autoload :Configuration, 'workos/configuration'
   autoload :AuditTrail, 'workos/audit_trail'
   autoload :Connection, 'workos/connection'
   autoload :DirectorySync, 'workos/directory_sync'
@@ -48,7 +57,7 @@ module WorkOS
   autoload :MFA, 'workos/mfa'
   autoload :Factor, 'workos/factor'
   autoload :Challenge, 'workos/challenge'
-  autoload :VerifyFactor, 'workos/verify_factor'
+  autoload :VerifyChallenge, 'workos/verify_challenge'
   autoload :DeprecatedHashWrapper, 'workos/deprecated_hash_wrapper'
 
 
@@ -57,9 +66,10 @@ module WorkOS
   autoload :AuthenticationError, 'workos/errors'
   autoload :InvalidRequestError, 'workos/errors'
   autoload :SignatureVerificationError, 'workos/errors'
+  autoload :TimeoutError, 'workos/errors'
 
   # Remove WORKOS_KEY at some point in the future. Keeping it here now for
   # backwards compatibility.
   key = ENV['WORKOS_API_KEY'] || ENV['WORKOS_KEY']
-  WorkOS.key = key unless key.nil?
+  config.key = key unless key.nil?
 end

data/spec/lib/workos/configuration_spec.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+# typed: false
+
+describe WorkOS do
+  describe '.configure' do
+    context 'with key and no timeout' do
+      before do
+        WorkOS.configure do |config|
+          config.key = 'example_api_key'
+        end
+      end
+
+      it 'sets the key and default timeout configuration' do
+        expect(WorkOS.config.key).to eq('example_api_key')
+        expect(WorkOS.config.timeout).to eq(60)
+      end
+    end
+
+    context 'with key and timeout' do
+      before do
+        WorkOS.configure do |config|
+          config.key = 'example_api_key'
+          config.timeout = 120
+        end
+      end
+
+      it 'sets the key and timeout configuration' do
+        expect(WorkOS.config.key).to eq('example_api_key')
+        expect(WorkOS.config.timeout).to eq(120)
+      end
+    end
+  end
+end
+
+describe WorkOS::Configuration do
+  describe '.key!' do
+    context 'with key set' do
+      before do
+        WorkOS.config.key = 'example_api_key'
+      end
+
+      it 'returns the key' do
+        expect(WorkOS.config.key!).to eq('example_api_key')
+      end
+    end
+
+    context 'with key not set' do
+      before do
+        WorkOS.config.key = nil
+      end
+
+      it 'throws an error' do
+        expect do
+          WorkOS.config.key!
+        end.to raise_error(
+          '`WorkOS.config.key` not set',
+        )
+      end
+    end
+  end
+end

data/spec/lib/workos/mfa_spec.rb

@@ -4,8 +4,8 @@
 describe WorkOS::MFA do
   it_behaves_like 'client'
 
-  describe 'enroll_factor valid requests' do
-    context 'enroll factor using valid generic argument' do
+  describe '.enroll_factor' do
+    context 'with valid generic argument' do
       it 'returns a valid factor object' do
         VCR.use_cassette 'mfa/enroll_factor_generic_valid' do
           factor = described_class.enroll_factor(
@@ -16,7 +16,7 @@ describe WorkOS::MFA do
       end
     end
 
-    context 'enroll factor using valid totp arguments' do
+    context 'with valid totp arguments' do
       it 'returns a valid factor object' do
         VCR.use_cassette 'mfa/enroll_factor_totp_valid' do
           factor = described_class.enroll_factor(
@@ -29,7 +29,7 @@ describe WorkOS::MFA do
       end
     end
 
-    context 'enroll factor using valid sms arguments' do
+    context 'with valid sms arguments' do
       it 'returns a valid factor object' do
         VCR.use_cassette 'mfa/enroll_factor_sms_valid' do
           factor = described_class.enroll_factor(
@@ -40,10 +40,8 @@ describe WorkOS::MFA do
         end
       end
     end
-  end
 
-  describe 'enroll_factor invalid responses' do
-    context 'enroll factor throws error if type is not sms or totp' do
+    context 'when type is not sms or totp' do
       it 'returns an error' do
         expect do
           described_class.enroll_factor(
@@ -57,7 +55,7 @@ describe WorkOS::MFA do
       end
     end
 
-    context 'enroll factor throws error if type is not sms or totp' do
+    context 'when type is totp but missing arguments' do
       it 'returns an error' do
         expect do
           described_class.enroll_factor(
@@ -70,7 +68,7 @@ describe WorkOS::MFA do
         )
       end
     end
-    context 'enroll factor throws error if type sms and phone number is nil' do
+    context 'when type is sms and phone number is nil' do
       it 'returns an error' do
         expect do
           described_class.enroll_factor(
@@ -84,7 +82,7 @@ describe WorkOS::MFA do
     end
   end
 
-  describe 'challenge factor with valid request arguments' do
+  describe '.challenge_factor' do
     context 'challenge with totp' do
       it 'returns challenge factor object for totp' do
         VCR.use_cassette 'mfa/challenge_factor_totp_valid' do
@@ -118,9 +116,7 @@ describe WorkOS::MFA do
         end
       end
     end
-  end
 
-  describe 'challenge factor with invalid arguments' do
     context 'challenge with totp mssing authentication_factor_id' do
       it 'returns argument error' do
         expect do
@@ -133,48 +129,58 @@ describe WorkOS::MFA do
     end
   end
 
-  describe 'challenge factor with valid requests' do
-    context 'verify generic otp' do
-      it 'returns a true boolean if the challenge has not been verifed yet' do
-        VCR.use_cassette 'mfa/verify_factor_generic_valid' do
-          verify_factor = described_class.verify_factor(
+  describe '.verify_factor' do
+    it 'throws a warning' do
+      expect do
+        VCR.use_cassette 'mfa/verify_challenge_generic_valid' do
+          described_class.verify_factor(
             authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
             code: '897792',
           )
-          expect(verify_factor.valid == 'true')
         end
-      end
+      end.to output("[DEPRECATION] `verify_factor` is deprecated. Please use `verify_challenge` instead.\n").to_stderr
     end
 
-    context 'verify generic otp invalid response' do
-      it 'returns a true boolean if the challenge has not been verifed yet' do
-        VCR.use_cassette 'mfa/verify_factor_generic_valid_is_false' do
-          verify_factor = described_class.verify_factor(
-            authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
-            code: '897792',
-          )
-          expect(verify_factor.valid == 'false')
-        end
+    it 'calls verify_challenge' do
+      VCR.use_cassette 'mfa/verify_challenge_generic_valid' do
+        verify_factor = described_class.verify_factor(
+          authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
+          code: '897792',
+        )
+        expect(verify_factor.valid == 'true')
       end
     end
+  end
 
-    context 'verify generic otp' do
-      it 'returns error that the challenge has already been verfied' do
-        VCR.use_cassette 'mfa/verify_factor_generic_invalid' do
-          expect do
-            described_class.verify_factor(
+  describe '.verify_challenge' do
+    context 'with generic otp' do
+      context 'and the challenge has not been verified' do
+        it 'returns true if the code is correct' do
+          VCR.use_cassette 'mfa/verify_challenge_generic_valid' do
+            verify_challenge = described_class.verify_challenge(
               authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
               code: '897792',
             )
-          end.to raise_error(WorkOS::InvalidRequestError)
+            expect(verify_challenge.valid == 'true')
+          end
+        end
+
+        it 'returns false if the code is incorrect' do
+          VCR.use_cassette 'mfa/verify_challenge_generic_valid_is_false' do
+            verify_challenge = described_class.verify_challenge(
+              authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
+              code: '897792',
+            )
+            expect(verify_challenge.valid == 'false')
+          end
         end
       end
 
-      context 'verify generic otp' do
-        it 'returns error that the challenge has expired' do
-          VCR.use_cassette 'mfa/verify_factor_generic_expired' do
+      context 'and the challenge has already been verified' do
+        it 'returns an error' do
+          VCR.use_cassette 'mfa/verify_challenge_generic_invalid' do
             expect do
-              described_class.verify_factor(
+              described_class.verify_challenge(
                 authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
                 code: '897792',
               )
@@ -182,51 +188,62 @@ describe WorkOS::MFA do
           end
         end
       end
-    end
-  end
 
-  describe 'verify_factor with invalid argument' do
-    context 'missing code argument' do
-      it 'returns argument error' do
-        expect do
-          described_class.verify_factor(
-            authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
+      context 'and the challenge has expired' do
+        it 'returns an error' do
+          VCR.use_cassette 'mfa/verify_challenge_generic_expired' do
+            expect do
+              described_class.verify_challenge(
+                authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
+                code: '897792',
+              )
+            end.to raise_error(WorkOS::InvalidRequestError)
+          end
+        end
+      end
+
+      context 'with missing code argument' do
+        it 'returns an argument error' do
+          expect do
+            described_class.verify_challenge(
+              authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
+            )
+          end.to raise_error(
+            ArgumentError,
+            "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
           )
-        end.to raise_error(
-          ArgumentError,
-          "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
-        )
+        end
       end
-    end
 
-    context 'missing authentication_challenge_id argument' do
-      it 'returns and error' do
-        expect do
-          described_class.verify_factor(
-            code: '897792',
+      context 'with missing authentication_challenge_id argument' do
+        it 'returns an error' do
+          expect do
+            described_class.verify_challenge(
+              code: '897792',
+            )
+          end.to raise_error(
+            ArgumentError,
+            "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
           )
-        end.to raise_error(
-          ArgumentError,
-          "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
-        )
+        end
       end
-    end
 
-    context 'missing code and authentication_challenge_id arguments' do
-      it 'returns argument error' do
-        expect do
-          described_class.verify_factor
-        end.to raise_error(
-          ArgumentError,
-          "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
-        )
+      context 'with missing code and authentication_challenge_id arguments' do
+        it 'returns an argument error' do
+          expect do
+            described_class.verify_challenge
+          end.to raise_error(
+            ArgumentError,
+            "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
+          )
+        end
       end
     end
   end
 
-  describe 'tests returning and deleting a factor' do
-    context 'returns a factor' do
-      it 'uses get_factor to return  factor' do
+  describe '.get_factor' do
+    context 'with a valid id' do
+      it 'returns a factor' do
         VCR.use_cassette 'mfa/get_factor_valid' do
           factor = described_class.get_factor(
             id: 'auth_factor_01FZ4WMXXA09XF6NK1XMKNWB3M',
@@ -236,8 +253,8 @@ describe WorkOS::MFA do
       end
     end
 
-    context 'invalid factor request' do
-      it 'uses get_factor and throws error if id is wrong' do
+    context 'with an invalid id' do
+      it 'returns an error' do
         VCR.use_cassette 'mfa/get_factor_invalid' do
           expect do
             described_class.get_factor(
@@ -247,7 +264,9 @@ describe WorkOS::MFA do
         end
       end
     end
+  end
 
+  describe '.delete_factor' do
     context 'deletes facotr' do
       it 'uses delete_factor to delete factor' do
         VCR.use_cassette 'mfa/delete_factor' do

data/spec/lib/workos/sso_spec.rb

@@ -330,7 +330,7 @@ describe WorkOS::SSO do
     let(:request_body) do
       {
         client_id: args[:client_id],
-        client_secret: WorkOS.key,
+        client_secret: WorkOS.config.key,
         code: args[:code],
         grant_type: 'authorization_code',
       }

data/spec/spec_helper.rb

@@ -25,7 +25,7 @@ SPEC_ROOT = File.dirname __FILE__
 
 VCR.configure do |config|
   config.cassette_library_dir = 'spec/support/fixtures/vcr_cassettes'
-  config.filter_sensitive_data('<API_KEY>') { WorkOS.key }
+  config.filter_sensitive_data('<API_KEY>') { WorkOS.config.key }
   config.hook_into :webmock
 end
 
@@ -51,6 +51,6 @@ RSpec.configure do |config|
     end
   end)
 
-  config.before(:all) { WorkOS.key ||= '' }
+  config.before(:all) { WorkOS.config.key ||= '' }
   config.before(:each) { VCR.turn_on! }
 end

data/spec/support/fixtures/vcr_cassettes/mfa/challenge_factor_generic_valid.yml

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/challenge
+    uri: https://api.workos.com/auth/factors/auth_factor_01FZ4WMXXA09XF6NK1XMKNWB3M/challenge
     body:
       encoding: UTF-8
-      string: '{"sms_template":null,"authentication_factor_id":"auth_factor_01FZ4WMXXA09XF6NK1XMKNWB3M"}'
+      string: '{"sms_template":null}'
     headers:
       Content-Type:
       - application/json

data/spec/support/fixtures/vcr_cassettes/mfa/challenge_factor_sms_valid.yml

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/challenge
+    uri: https://api.workos.com/auth/factors/auth_factor_01FZ4TS14D1PHFNZ9GF6YD8M1F/challenge
     body:
       encoding: UTF-8
-      string: '{"sms_template":"Your code is {{code}}","authentication_factor_id":"auth_factor_01FZ4TS14D1PHFNZ9GF6YD8M1F"}'
+      string: '{"sms_template":"Your code is {{code}}"}'
     headers:
       Content-Type:
       - application/json

data/spec/support/fixtures/vcr_cassettes/mfa/challenge_factor_totp_valid.yml

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/challenge
+    uri: https://api.workos.com/auth/factors/auth_factor_01FZ4TS0MWPZR7GATS7KCXANQZ/challenge
     body:
       encoding: UTF-8
-      string: '{"sms_template":null,"authentication_factor_id":"auth_factor_01FZ4TS0MWPZR7GATS7KCXANQZ"}'
+      string: '{"sms_template":null}'
     headers:
       Content-Type:
       - application/json

data/spec/support/fixtures/vcr_cassettes/mfa/{verify_factor_generic_expired.yml → verify_challenge_generic_expired.yml}

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/verify
+    uri: https://api.workos.com/auth/challenges/auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J/verify
     body:
       encoding: UTF-8
-      string: '{"authentication_challenge_id":"auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J","code":"897792"}'
+      string: '{"code":"897792"}'
     headers:
       Content-Type:
       - application/json

data/spec/support/fixtures/vcr_cassettes/mfa/{verify_factor_generic_invalid.yml → verify_challenge_generic_invalid.yml}

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/verify
+    uri: https://api.workos.com/auth/challenges/auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J/verify
     body:
       encoding: UTF-8
-      string: '{"authentication_challenge_id":"auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J","code":"897792"}'
+      string: '{"code":"897792"}'
     headers:
       Content-Type:
       - application/json

data/spec/support/fixtures/vcr_cassettes/mfa/{verify_factor_generic_valid.yml → verify_challenge_generic_valid.yml}

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/verify
+    uri: https://api.workos.com/auth/challenges/auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J/verify
     body:
       encoding: UTF-8
-      string: '{"authentication_challenge_id":"auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J","code":"897792"}'
+      string: '{"code":"897792"}'
     headers:
       Content-Type:
       - application/json

data/spec/support/fixtures/vcr_cassettes/mfa/{verify_factor_generic_valid_is_false.yml → verify_challenge_generic_valid_is_false.yml}

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/verify
+    uri: https://api.workos.com/auth/challenges/auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J/verify
     body:
       encoding: UTF-8
-      string: '{"authentication_challenge_id":"auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J","code":"897792"}'
+      string: '{"code":"897792"}'
     headers:
       Content-Type:
       - application/json

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: workos
 version: !ruby/object:Gem::Version
-  version: 2.4.0
+  version: 2.5.0
 platform: ruby
 authors:
 - WorkOS
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-07-14 00:00:00.000000000 Z
+date: 2022-07-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sorbet-runtime
@@ -208,9 +208,9 @@ files:
 - docs/top-level-namespace.html
 - lib/workos.rb
 - lib/workos/audit_trail.rb
-- lib/workos/base.rb
 - lib/workos/challenge.rb
 - lib/workos/client.rb
+- lib/workos/configuration.rb
 - lib/workos/connection.rb
 - lib/workos/deprecated_hash_wrapper.rb
 - lib/workos/directory.rb
@@ -241,9 +241,9 @@ files:
 - lib/workos/types/passwordless_session_struct.rb
 - lib/workos/types/profile_struct.rb
 - lib/workos/types/provider_enum.rb
-- lib/workos/types/verify_factor_struct.rb
+- lib/workos/types/verify_challenge_struct.rb
 - lib/workos/types/webhook_struct.rb
-- lib/workos/verify_factor.rb
+- lib/workos/verify_challenge.rb
 - lib/workos/version.rb
 - lib/workos/webhook.rb
 - lib/workos/webhooks.rb
@@ -282,7 +282,7 @@ files:
 - sorbet/rbi/sorbet-typed/lib/yard/all/yard.rbi
 - sorbet/rbi/todo.rbi
 - spec/lib/workos/audit_trail_spec.rb
-- spec/lib/workos/base_spec.rb
+- spec/lib/workos/configuration_spec.rb
 - spec/lib/workos/directory_sync_spec.rb
 - spec/lib/workos/directory_user_spec.rb
 - spec/lib/workos/mfa_spec.rb
@@ -333,10 +333,10 @@ files:
 - spec/support/fixtures/vcr_cassettes/mfa/enroll_factor_totp_valid.yml
 - spec/support/fixtures/vcr_cassettes/mfa/get_factor_invalid.yml
 - spec/support/fixtures/vcr_cassettes/mfa/get_factor_valid.yml
-- spec/support/fixtures/vcr_cassettes/mfa/verify_factor_generic_expired.yml
-- spec/support/fixtures/vcr_cassettes/mfa/verify_factor_generic_invalid.yml
-- spec/support/fixtures/vcr_cassettes/mfa/verify_factor_generic_valid.yml
-- spec/support/fixtures/vcr_cassettes/mfa/verify_factor_generic_valid_is_false.yml
+- spec/support/fixtures/vcr_cassettes/mfa/verify_challenge_generic_expired.yml
+- spec/support/fixtures/vcr_cassettes/mfa/verify_challenge_generic_invalid.yml
+- spec/support/fixtures/vcr_cassettes/mfa/verify_challenge_generic_valid.yml
+- spec/support/fixtures/vcr_cassettes/mfa/verify_challenge_generic_valid_is_false.yml
 - spec/support/fixtures/vcr_cassettes/organization/create.yml
 - spec/support/fixtures/vcr_cassettes/organization/create_invalid.yml
 - spec/support/fixtures/vcr_cassettes/organization/delete.yml
@@ -394,7 +394,7 @@ specification_version: 4
 summary: API client for WorkOS
 test_files:
 - spec/lib/workos/audit_trail_spec.rb
-- spec/lib/workos/base_spec.rb
+- spec/lib/workos/configuration_spec.rb
 - spec/lib/workos/directory_sync_spec.rb
 - spec/lib/workos/directory_user_spec.rb
 - spec/lib/workos/mfa_spec.rb
@@ -445,10 +445,10 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/mfa/enroll_factor_totp_valid.yml
 - spec/support/fixtures/vcr_cassettes/mfa/get_factor_invalid.yml
 - spec/support/fixtures/vcr_cassettes/mfa/get_factor_valid.yml
-- spec/support/fixtures/vcr_cassettes/mfa/verify_factor_generic_expired.yml
-- spec/support/fixtures/vcr_cassettes/mfa/verify_factor_generic_invalid.yml
-- spec/support/fixtures/vcr_cassettes/mfa/verify_factor_generic_valid.yml
-- spec/support/fixtures/vcr_cassettes/mfa/verify_factor_generic_valid_is_false.yml
+- spec/support/fixtures/vcr_cassettes/mfa/verify_challenge_generic_expired.yml
+- spec/support/fixtures/vcr_cassettes/mfa/verify_challenge_generic_invalid.yml
+- spec/support/fixtures/vcr_cassettes/mfa/verify_challenge_generic_valid.yml
+- spec/support/fixtures/vcr_cassettes/mfa/verify_challenge_generic_valid_is_false.yml
 - spec/support/fixtures/vcr_cassettes/organization/create.yml
 - spec/support/fixtures/vcr_cassettes/organization/create_invalid.yml
 - spec/support/fixtures/vcr_cassettes/organization/delete.yml

data/lib/workos/base.rb

@@ -1,18 +0,0 @@
-# frozen_string_literal: true
-# typed: true
-
-
-module WorkOS
-  ## The Base class handles setting and reading the WorkOS
-  ## API Key for authentication
-  module Base
-    attr_accessor :key
-
-    class << self
-      extend T::Sig
-
-      attr_writer :key
-      attr_reader :key
-    end
-  end
-end

data/spec/lib/workos/base_spec.rb

@@ -1,30 +0,0 @@
-# frozen_string_literal: true
-# typed: false
-
-module WorkOS
-  module Test
-    class << self
-      include Base
-      include Client
-
-      def request
-        execute_request(request: post_request(path: '/events', body: {}))
-      end
-    end
-  end
-end
-
-describe WorkOS::Base do
-  describe '.execute_request' do
-    context 'when unauthenticated' do
-      it 'raises an error' do
-        VCR.use_cassette('base/execute_request_unauthenticated') do
-          expect { WorkOS::Test.request }.to raise_error(
-            WorkOS::AuthenticationError,
-            /Status 401, Unauthorized/,
-          )
-        end
-      end
-    end
-  end
-end