workos 5.12.0 → 5.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/lib/workos/session.rb +1 -0
  4. data/lib/workos/version.rb +1 -1
  5. data/spec/lib/workos/session_spec.rb +46 -18
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6852c01440a63d103cd39a4c0aee2eeb5d1215d79a3e8eb2a3053b5aa3f3376e
4
- data.tar.gz: 71c5c53d1f8fc5219903cfcfc23cbeb657da1db2c64980fa9d8914bd6ae92b1d
3
+ metadata.gz: a70c9c63f286f0ec63436cc9d4d04d20f0cab14cffc5946bfb3e9725db014f7a
4
+ data.tar.gz: b3ed8ecca83aad20d9a91674c27066ecb2a8019b4cd43173cfad01c10195653a
5
5
  SHA512:
6
- metadata.gz: eb001da89bc0cf2866dcfd4d4c5207ddc7c960538ab413c45fcd5d5f80e4c97e205cc0e3fb51bdaaf8af984e9e30ad5c317c30e453c8e6579c1914350dfe3f2c
7
- data.tar.gz: 5fe92a1ad40c3bced46b0597430b02ea36b20c82f109614df332695aa7d9f613a025e0f30d3afcaab978c5b3de6882a3a67886e55343de513fb508950664a5d3
6
+ metadata.gz: 55692378591903208dd90c471d38eca8a0597adecac109329a277688ad92275e573e9d7110f3a8e58e06c0d78c3134e52e0924ca42e036bef01d337ef00bdde3
7
+ data.tar.gz: edc0f7070cb311f43d7d77e6ae29e1afeb6695a04a85b9c6ac50cdd733fb0ae4dbc317ca88d2f468ef0f434e8551904a558ad70fad1857ab3bbb7c0362ea9fe3
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- workos (5.12.0)
4
+ workos (5.13.0)
5
5
  encryptor (~> 3.0)
6
6
  jwt (~> 2.8)
7
7
 
data/lib/workos/session.rb CHANGED
@@ -50,6 +50,7 @@ module WorkOS
50
50
  organization_id: decoded['org_id'],
51
51
  role: decoded['role'],
52
52
  permissions: decoded['permissions'],
53
+ entitlements: decoded['entitlements'],
53
54
  user: session[:user],
54
55
  impersonator: session[:impersonator],
55
56
  reason: nil,
data/lib/workos/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module WorkOS
4
- VERSION = '5.12.0'
4
+ VERSION = '5.13.0'
5
5
  end
data/spec/lib/workos/session_spec.rb CHANGED
@@ -103,24 +103,23 @@ describe WorkOS::Session do
103
103
 
104
104
  describe '.authenticate' do
105
105
  let(:user_management) { instance_double('UserManagement') }
106
- let(:valid_access_token) do
107
- payload = {
106
+ let(:payload) do
107
+ {
108
108
  sid: 'session_id',
109
109
  org_id: 'org_id',
110
110
  role: 'role',
111
111
  permissions: ['read'],
112
112
  exp: Time.now.to_i + 3600,
113
113
  }
114
- headers = { kid: jwk[:kid] }
115
- JWT.encode(payload, jwk.signing_key, jwk[:alg], headers)
116
114
  end
115
+ let(:valid_access_token) { JWT.encode(payload, jwk.signing_key, jwk[:alg], { kid: jwk[:kid] }) }
117
116
  let(:session_data) do
118
- WorkOS::Session.seal_data({
119
- access_token: valid_access_token,
120
- user: 'user',
121
- impersonator: 'impersonator',
122
- }, cookie_password,)
123
- end
117
+ WorkOS::Session.seal_data({
118
+ access_token: valid_access_token,
119
+ user: 'user',
120
+ impersonator: 'impersonator',
121
+ }, cookie_password,)
122
+ end
124
123
 
125
124
  before do
126
125
  allow(user_management).to receive(:get_jwks_url).with(client_id).and_return(jwks_url)
@@ -167,14 +166,7 @@ end
167
166
  session_data: session_data,
168
167
  cookie_password: cookie_password,
169
168
  )
170
- allow(session).to receive(:is_valid_jwt).and_return(true)
171
- allow(JWT).to receive(:decode).and_return([{
172
- 'sid' => 'session_id',
173
- 'org_id' => 'org_id',
174
- 'role' => 'role',
175
- 'permissions' => ['read'],
176
- }])
177
-
169
+ allow_any_instance_of(JWT::Decode).to receive(:verify_signature).and_return(true)
178
170
  result = session.authenticate
179
171
  expect(result).to eq({
180
172
  authenticated: true,
@@ -182,11 +174,47 @@ end
182
174
  organization_id: 'org_id',
183
175
  role: 'role',
184
176
  permissions: ['read'],
177
+ entitlements: nil,
185
178
  user: 'user',
186
179
  impersonator: 'impersonator',
187
180
  reason: nil,
188
181
  })
189
182
  end
183
+
184
+ describe 'with entitlements' do
185
+ let(:payload) do
186
+ {
187
+ sid: 'session_id',
188
+ org_id: 'org_id',
189
+ role: 'role',
190
+ permissions: ['read'],
191
+ entitlements: ['billing'],
192
+ exp: Time.now.to_i + 3600,
193
+ }
194
+ end
195
+
196
+ it 'includes entitlements in the result' do
197
+ session = WorkOS::Session.new(
198
+ user_management: user_management,
199
+ client_id: client_id,
200
+ session_data: session_data,
201
+ cookie_password: cookie_password,
202
+ )
203
+ allow_any_instance_of(JWT::Decode).to receive(:verify_signature).and_return(true)
204
+ result = session.authenticate
205
+ expect(result).to eq({
206
+ authenticated: true,
207
+ session_id: 'session_id',
208
+ organization_id: 'org_id',
209
+ role: 'role',
210
+ permissions: ['read'],
211
+ entitlements: ['billing'],
212
+ user: 'user',
213
+ impersonator: 'impersonator',
214
+ reason: nil,
215
+ })
216
+ end
217
+ end
190
218
  end
191
219
 
192
220
  describe '.refresh' do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: workos
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.12.0
4
+ version: 5.13.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - WorkOS
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2025-01-23 00:00:00.000000000 Z
11
+ date: 2025-01-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: encryptor