RubyGems - workosv2 - Versions diffs - 2.15.0 - Mend

workosv2 2.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (242) hide show

checksums.yaml +7 -0
data/.github/CODEOWNERS +5 -0
data/.github/pull_request_template.md +11 -0
data/.github/renovate.json +5 -0
data/.gitignore +49 -0
data/.rspec +1 -0
data/.rubocop.yml +24 -0
data/.ruby-version +1 -0
data/.semaphore/rubygems.yml +24 -0
data/.semaphore/semaphore.yml +51 -0
data/Gemfile +5 -0
data/Gemfile.lock +126 -0
data/Gemfile.lock.old +127 -0
data/LICENSE +21 -0
data/README.md +53 -0
data/bin/build +3 -0
data/bin/console +3 -0
data/bin/docs +5 -0
data/bin/publish +3 -0
data/bin/tapioca +29 -0
data/codecov.yml +12 -0
data/docs/WorkOS/APIError.html +160 -0
data/docs/WorkOS/AuditLog.html +235 -0
data/docs/WorkOS/AuditTrail.html +235 -0
data/docs/WorkOS/AuthenticationError.html +160 -0
data/docs/WorkOS/Base.html +287 -0
data/docs/WorkOS/Client.html +504 -0
data/docs/WorkOS/InvalidRequestError.html +160 -0
data/docs/WorkOS/Profile.html +788 -0
data/docs/WorkOS/RequestError.html +135 -0
data/docs/WorkOS/SSO.html +691 -0
data/docs/WorkOS/Types/ProfileStruct.html +135 -0
data/docs/WorkOS/Types/Provider.html +135 -0
data/docs/WorkOS/Types.html +128 -0
data/docs/WorkOS/WorkOSError.html +447 -0
data/docs/WorkOS.html +324 -0
data/docs/class_list.html +51 -0
data/docs/css/common.css +1 -0
data/docs/css/full_list.css +58 -0
data/docs/css/style.css +496 -0
data/docs/file.README.html +252 -0
data/docs/file_list.html +56 -0
data/docs/frames.html +17 -0
data/docs/index.html +250 -0
data/docs/js/app.js +314 -0
data/docs/js/full_list.js +216 -0
data/docs/js/jquery.js +4 -0
data/docs/method_list.html +267 -0
data/docs/top-level-namespace.html +110 -0
data/lib/workosv2/audit_log_export.rb +55 -0
data/lib/workosv2/audit_logs.rb +114 -0
data/lib/workosv2/audit_trail.rb +111 -0
data/lib/workosv2/challenge.rb +55 -0
data/lib/workosv2/client.rb +186 -0
data/lib/workosv2/configuration.rb +17 -0
data/lib/workosv2/connection.rb +66 -0
data/lib/workosv2/deprecated_hash_wrapper.rb +76 -0
data/lib/workosv2/directory.rb +65 -0
data/lib/workosv2/directory_group.rb +68 -0
data/lib/workosv2/directory_sync.rb +218 -0
data/lib/workosv2/directory_user.rb +97 -0
data/lib/workosv2/errors.rb +81 -0
data/lib/workosv2/event.rb +51 -0
data/lib/workosv2/events.rb +52 -0
data/lib/workosv2/factor.rb +54 -0
data/lib/workosv2/hash_provider.rb +19 -0
data/lib/workosv2/mfa.rb +178 -0
data/lib/workosv2/organization.rb +57 -0
data/lib/workosv2/organizations.rb +188 -0
data/lib/workosv2/passwordless.rb +85 -0
data/lib/workosv2/portal.rb +66 -0
data/lib/workosv2/profile.rb +76 -0
data/lib/workosv2/profile_and_token.rb +29 -0
data/lib/workosv2/sso.rb +297 -0
data/lib/workosv2/types/audit_log_export_struct.rb +17 -0
data/lib/workosv2/types/challenge_struct.rb +18 -0
data/lib/workosv2/types/connection_struct.rb +20 -0
data/lib/workosv2/types/directory_group_struct.rb +19 -0
data/lib/workosv2/types/directory_struct.rb +19 -0
data/lib/workosv2/types/directory_user_struct.rb +26 -0
data/lib/workosv2/types/event_struct.rb +15 -0
data/lib/workosv2/types/factor_struct.rb +18 -0
data/lib/workosv2/types/intent_enum.rb +17 -0
data/lib/workosv2/types/list_struct.rb +13 -0
data/lib/workosv2/types/organization_struct.rb +17 -0
data/lib/workosv2/types/passwordless_session_struct.rb +17 -0
data/lib/workosv2/types/profile_struct.rb +21 -0
data/lib/workosv2/types/provider_enum.rb +15 -0
data/lib/workosv2/types/verify_challenge_struct.rb +13 -0
data/lib/workosv2/types/webhook_struct.rb +15 -0
data/lib/workosv2/types.rb +25 -0
data/lib/workosv2/verify_challenge.rb +39 -0
data/lib/workosv2/version.rb +6 -0
data/lib/workosv2/webhook.rb +51 -0
data/lib/workosv2/webhooks.rb +217 -0
data/lib/workosv2.rb +79 -0
data/sorbet/config +2 -0
data/sorbet/rbi/gems/addressable@2.8.0.rbi +290 -0
data/sorbet/rbi/gems/ast@2.4.2.rbi +54 -0
data/sorbet/rbi/gems/codecov@0.2.12.rbi +55 -0
data/sorbet/rbi/gems/coderay@1.1.3.rbi +8 -0
data/sorbet/rbi/gems/crack@0.4.5.rbi +57 -0
data/sorbet/rbi/gems/diff-lcs@1.4.4.rbi +185 -0
data/sorbet/rbi/gems/docile@1.3.5.rbi +54 -0
data/sorbet/rbi/gems/hashdiff@1.0.1.rbi +82 -0
data/sorbet/rbi/gems/json@2.5.1.rbi +109 -0
data/sorbet/rbi/gems/method_source@1.0.0.rbi +8 -0
data/sorbet/rbi/gems/parallel@1.20.1.rbi +113 -0
data/sorbet/rbi/gems/parser@3.0.1.0.rbi +1187 -0
data/sorbet/rbi/gems/pry@0.14.2.rbi +8 -0
data/sorbet/rbi/gems/public_suffix@4.0.6.rbi +146 -0
data/sorbet/rbi/gems/rainbow@3.0.0.rbi +153 -0
data/sorbet/rbi/gems/rake@13.0.3.rbi +807 -0
data/sorbet/rbi/gems/rbi@0.0.16.rbi +2118 -0
data/sorbet/rbi/gems/regexp_parser@2.1.1.rbi +1117 -0
data/sorbet/rbi/gems/rexml@3.2.5.rbi +709 -0
data/sorbet/rbi/gems/rspec-core@3.9.3.rbi +2467 -0
data/sorbet/rbi/gems/rspec-expectations@3.9.4.rbi +1569 -0
data/sorbet/rbi/gems/rspec-mocks@3.9.1.rbi +1493 -0
data/sorbet/rbi/gems/rspec-support@3.9.4.rbi +511 -0
data/sorbet/rbi/gems/rspec@3.9.0.rbi +38 -0
data/sorbet/rbi/gems/rubocop-ast@1.4.1.rbi +1881 -0
data/sorbet/rbi/gems/rubocop@0.93.1.rbi +11497 -0
data/sorbet/rbi/gems/ruby-progressbar@1.11.0.rbi +405 -0
data/sorbet/rbi/gems/simplecov-html@0.12.3.rbi +89 -0
data/sorbet/rbi/gems/simplecov@0.21.2.rbi +577 -0
data/sorbet/rbi/gems/simplecov_json_formatter@0.1.2.rbi +8 -0
data/sorbet/rbi/gems/spoom@1.1.15.rbi +1549 -0
data/sorbet/rbi/gems/tapioca@0.7.3.rbi +1718 -0
data/sorbet/rbi/gems/thor@1.2.1.rbi +844 -0
data/sorbet/rbi/gems/unicode-display_width@1.7.0.rbi +22 -0
data/sorbet/rbi/gems/unparser@0.6.2.rbi +8 -0
data/sorbet/rbi/gems/vcr@5.0.0.rbi +699 -0
data/sorbet/rbi/gems/webmock@3.12.2.rbi +662 -0
data/sorbet/rbi/gems/yard-sorbet@0.8.0.rbi +268 -0
data/sorbet/rbi/gems/yard@0.9.26.rbi +4048 -0
data/sorbet/tapioca/config.yml +13 -0
data/sorbet/tapioca/require.rb +4 -0
data/spec/lib/workos/audit_logs_spec.rb +151 -0
data/spec/lib/workos/audit_trail_spec.rb +146 -0
data/spec/lib/workos/configuration_spec.rb +61 -0
data/spec/lib/workos/directory_sync_spec.rb +492 -0
data/spec/lib/workos/directory_user_spec.rb +36 -0
data/spec/lib/workos/event_spec.rb +88 -0
data/spec/lib/workos/mfa_spec.rb +281 -0
data/spec/lib/workos/organizations_spec.rb +257 -0
data/spec/lib/workos/passwordless_spec.rb +77 -0
data/spec/lib/workos/portal_spec.rb +87 -0
data/spec/lib/workos/sso_spec.rb +650 -0
data/spec/lib/workos/webhooks_spec.rb +236 -0
data/spec/spec_helper.rb +56 -0
data/spec/support/fixtures/vcr_cassettes/audit_logs/create_event.yml +59 -0
data/spec/support/fixtures/vcr_cassettes/audit_logs/create_event_custom_idempotency_key.yml +60 -0
data/spec/support/fixtures/vcr_cassettes/audit_logs/create_event_invalid.yml +59 -0
data/spec/support/fixtures/vcr_cassettes/audit_logs/create_export.yml +76 -0
data/spec/support/fixtures/vcr_cassettes/audit_logs/create_export_with_filters.yml +77 -0
data/spec/support/fixtures/vcr_cassettes/audit_logs/get_export.yml +73 -0
data/spec/support/fixtures/vcr_cassettes/audit_trail/create_event.yml +65 -0
data/spec/support/fixtures/vcr_cassettes/audit_trail/create_event_custom_idempotency_key.yml +67 -0
data/spec/support/fixtures/vcr_cassettes/audit_trail/create_event_invalid.yml +68 -0
data/spec/support/fixtures/vcr_cassettes/audit_trail/create_events_duplicate_idempotency_key_and_payload.yml +131 -0
data/spec/support/fixtures/vcr_cassettes/audit_trail/create_events_duplicate_idempotency_key_different_payload.yml +134 -0
data/spec/support/fixtures/vcr_cassettes/audit_trail/get_events.yml +61 -0
data/spec/support/fixtures/vcr_cassettes/base/execute_request_unauthenticated.yml +66 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/delete_directory.yml +72 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/get_directory_with_invalid_id.yml +83 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/get_directory_with_valid_id.yml +84 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/get_group.yml +80 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/get_group_with_invalid_id.yml +62 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/get_user.yml +83 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/get_user_with_invalid_id.yml +62 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_directories/with_after.yml +87 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_directories/with_before.yml +89 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_directories/with_domain.yml +84 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_directories/with_limit.yml +85 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_directories/with_no_options.yml +93 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_directories/with_search.yml +85 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_groups/with_after.yml +90 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_groups/with_before.yml +90 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_groups/with_directory.yml +90 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_groups/with_limit.yml +84 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_groups/with_no_options.yml +84 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_groups/with_user.yml +82 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_users/with_after.yml +186 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_users/with_before.yml +88 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_users/with_directory.yml +194 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_users/with_group.yml +186 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_users/with_limit.yml +189 -0
data/spec/support/fixtures/vcr_cassettes/directory_sync/list_users/with_no_options.yml +74 -0
data/spec/support/fixtures/vcr_cassettes/events/list_events_with_after.yml +80 -0
data/spec/support/fixtures/vcr_cassettes/events/list_events_with_event.yml +80 -0
data/spec/support/fixtures/vcr_cassettes/events/list_events_with_no_options.yml +80 -0
data/spec/support/fixtures/vcr_cassettes/events/list_events_with_range.yml +80 -0
data/spec/support/fixtures/vcr_cassettes/mfa/challenge_factor_generic_valid.yml +82 -0
data/spec/support/fixtures/vcr_cassettes/mfa/challenge_factor_sms_valid.yml +82 -0
data/spec/support/fixtures/vcr_cassettes/mfa/challenge_factor_totp_valid.yml +82 -0
data/spec/support/fixtures/vcr_cassettes/mfa/delete_factor.yml +80 -0
data/spec/support/fixtures/vcr_cassettes/mfa/enroll_factor_generic_valid.yml +82 -0
data/spec/support/fixtures/vcr_cassettes/mfa/enroll_factor_sms_valid.yml +82 -0
data/spec/support/fixtures/vcr_cassettes/mfa/enroll_factor_totp_valid.yml +82 -0
data/spec/support/fixtures/vcr_cassettes/mfa/get_factor_invalid.yml +82 -0
data/spec/support/fixtures/vcr_cassettes/mfa/get_factor_valid.yml +82 -0
data/spec/support/fixtures/vcr_cassettes/mfa/verify_challenge_generic_expired.yml +84 -0
data/spec/support/fixtures/vcr_cassettes/mfa/verify_challenge_generic_invalid.yml +84 -0
data/spec/support/fixtures/vcr_cassettes/mfa/verify_challenge_generic_valid.yml +82 -0
data/spec/support/fixtures/vcr_cassettes/mfa/verify_challenge_generic_valid_is_false.yml +82 -0
data/spec/support/fixtures/vcr_cassettes/organization/create.yml +84 -0
data/spec/support/fixtures/vcr_cassettes/organization/create_invalid.yml +72 -0
data/spec/support/fixtures/vcr_cassettes/organization/create_with_duplicate_idempotency_key_and_different_payload.yml +155 -0
data/spec/support/fixtures/vcr_cassettes/organization/create_with_duplicate_idempotency_key_and_payload.yml +154 -0
data/spec/support/fixtures/vcr_cassettes/organization/create_with_idempotency_key.yml +79 -0
data/spec/support/fixtures/vcr_cassettes/organization/delete.yml +72 -0
data/spec/support/fixtures/vcr_cassettes/organization/delete_invalid.yml +72 -0
data/spec/support/fixtures/vcr_cassettes/organization/get.yml +84 -0
data/spec/support/fixtures/vcr_cassettes/organization/get_invalid.yml +72 -0
data/spec/support/fixtures/vcr_cassettes/organization/list.yml +87 -0
data/spec/support/fixtures/vcr_cassettes/organization/update.yml +84 -0
data/spec/support/fixtures/vcr_cassettes/passwordless/create_session.yml +72 -0
data/spec/support/fixtures/vcr_cassettes/passwordless/create_session_invalid.yml +73 -0
data/spec/support/fixtures/vcr_cassettes/passwordless/send_session.yml +72 -0
data/spec/support/fixtures/vcr_cassettes/passwordless/send_session_invalid.yml +73 -0
data/spec/support/fixtures/vcr_cassettes/portal/generate_link_audit_logs.yml +72 -0
data/spec/support/fixtures/vcr_cassettes/portal/generate_link_dsync.yml +72 -0
data/spec/support/fixtures/vcr_cassettes/portal/generate_link_invalid.yml +72 -0
data/spec/support/fixtures/vcr_cassettes/portal/generate_link_sso.yml +72 -0
data/spec/support/fixtures/vcr_cassettes/sso/delete_connection_with_invalid_id.yml +72 -0
data/spec/support/fixtures/vcr_cassettes/sso/delete_connection_with_valid_id.yml +70 -0
data/spec/support/fixtures/vcr_cassettes/sso/get_connection_with_invalid_id.yml +72 -0
data/spec/support/fixtures/vcr_cassettes/sso/get_connection_with_valid_id.yml +86 -0
data/spec/support/fixtures/vcr_cassettes/sso/list_connections/with_after.yml +83 -0
data/spec/support/fixtures/vcr_cassettes/sso/list_connections/with_before.yml +86 -0
data/spec/support/fixtures/vcr_cassettes/sso/list_connections/with_connection_type.yml +90 -0
data/spec/support/fixtures/vcr_cassettes/sso/list_connections/with_domain.yml +86 -0
data/spec/support/fixtures/vcr_cassettes/sso/list_connections/with_limit.yml +83 -0
data/spec/support/fixtures/vcr_cassettes/sso/list_connections/with_no_options.yml +89 -0
data/spec/support/fixtures/vcr_cassettes/sso/list_connections/with_organization_id.yml +86 -0
data/spec/support/fixtures/vcr_cassettes/sso/profile.yml +74 -0
data/spec/support/profile.txt +1 -0
data/spec/support/shared_examples/client_spec.rb +30 -0
data/spec/support/webhook_payload.txt +1 -0
data/workosv2.gemspec +38 -0
metadata +531 -0

data/spec/lib/workos/webhooks_spec.rb ADDED Viewed

@@ -0,0 +1,236 @@
+# frozen_string_literal: true
+# typed: false
+require 'json'
+require 'openssl'
+describe WorkOSV2::Webhooks do
+  before(:each) do
+    @payload = File.read("#{SPEC_ROOT}/support/webhook_payload.txt")
+    @secret = 'secret'
+    @timestamp = Time.at(Time.now.to_i * 1000)
+    unhashed_string = "#{@timestamp.to_i}.#{@payload}"
+    digest = OpenSSL::Digest.new('sha256')
+    @signature_hash = OpenSSL::HMAC.hexdigest(digest, @secret, unhashed_string)
+    @expectation = {
+      id: 'directory_user_01FAEAJCR3ZBZ30D8BD1924TVG',
+      state: 'active',
+      emails: [{
+        type: 'work',
+        value: 'blair@foo-corp.com',
+        primary: true,
+      }],
+      idp_id: '00u1e8mutl6wlH3lL4x7',
+      object: 'directory_user',
+      username: 'blair@foo-corp.com',
+      last_name: 'Lunchford',
+      first_name: 'Blair',
+      directory_id: 'directory_01F9M7F68PZP8QXP8G7X5QRHS7',
+      raw_attributes: {
+        name: {
+          givenName: 'Blair',
+          familyName: 'Lunchford',
+          middleName: 'Elizabeth',
+          honorificPrefix: 'Ms.',
+        },
+        title: 'Developer Success Engineer',
+        active: true,
+        emails: [{
+          type: 'work',
+          value: 'blair@foo-corp.com',
+          primary: true,
+        }],
+        groups: [],
+        locale: 'en-US',
+        schemas: [
+          'urn:ietf:params:scim:schemas:core:2.0:User',
+          'urn:ietf:params:scim:schemas:extension:enterprise:2.0:User'
+        ],
+        userName: 'blair@foo-corp.com',
+        addresses: [{
+          region: 'CA',
+          primary: true,
+          locality: 'San Francisco',
+          postalCode: '94016',
+        }],
+        externalId: '00u1e8mutl6wlH3lL4x7',
+        displayName: 'Blair Lunchford',
+        "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
+          manager: {
+            value: '2',
+            displayName: 'Kate Chapman',
+          },
+          division: 'Engineering',
+          department: 'Customer Success',
+        },
+      },
+    }
+  end
+  # rubocop:disable Metrics/BlockLength
+  shared_examples 'WorkOSV2-Signature header failures' do
+    context 'with an empty header' do
+      it 'raises an error' do
+        expect do
+          described_class.construct_event(
+            payload: @payload,
+            sig_header: '',
+            secret: @secret,
+          )
+        end.to raise_error(
+          WorkOSV2::SignatureVerificationError,
+          'Unable to extract timestamp and signature hash from header',
+        )
+      end
+    end
+    context 'with an empty signature hash' do
+      it 'raises an error' do
+        expect do
+          described_class.construct_event(
+            payload: @payload,
+            sig_header: "t=#{@timestamp.to_i}, v1=",
+            secret: @secret,
+          )
+        end.to raise_error(
+          WorkOSV2::SignatureVerificationError,
+          'No signature hash found with expected scheme v1',
+        )
+      end
+    end
+    context 'with an incorrect signature hash' do
+      it 'raises an error' do
+        expect do
+          described_class.construct_event(
+            payload: @payload,
+            sig_header: "t=#{@timestamp.to_i}, v1=99999",
+            secret: @secret,
+          )
+        end.to raise_error(
+          WorkOSV2::SignatureVerificationError,
+          'Signature hash does not match the expected signature hash for payload',
+        )
+      end
+    end
+    context 'with an incorrect payload' do
+      it 'raises an error' do
+        expect do
+          described_class.construct_event(
+            payload: 'invalid',
+            sig_header: "t=#{@timestamp.to_i}, v1=#{@signature_hash}",
+            secret: @secret,
+          )
+        end.to raise_error(
+          WorkOSV2::SignatureVerificationError,
+          'Signature hash does not match the expected signature hash for payload',
+        )
+      end
+    end
+    context 'with an incorrect webhook secret' do
+      it 'raises an error' do
+        expect do
+          described_class.construct_event(
+            payload: @payload,
+            sig_header: "t=#{@timestamp.to_i}, v1=#{@signature_hash}",
+            secret: 'invalid',
+          )
+        end.to raise_error(
+          WorkOSV2::SignatureVerificationError,
+          'Signature hash does not match the expected signature hash for payload',
+        )
+      end
+    end
+    context 'with a timestamp outside tolerance' do
+      it 'raises an error' do
+        expect do
+          described_class.construct_event(
+            payload: @payload,
+            sig_header: "t=#{@timestamp.to_i - (200 * 1000)}, v1=#{@signature_hash}",
+            secret: @secret,
+          )
+        end.to raise_error(
+          WorkOSV2::SignatureVerificationError,
+          'Timestamp outside the tolerance zone',
+        )
+      end
+    end
+  end
+  # rubocop:enable Metrics/BlockLength
+  describe '.construct_event' do
+    it_behaves_like 'WorkOSV2-Signature header failures'
+    context 'with the correct payload, sig_header, and secret' do
+      it 'returns a webhook event' do
+        webhook = described_class.construct_event(
+          payload: @payload,
+          sig_header: "t=#{@timestamp.to_i}, v1=#{@signature_hash}",
+          secret: @secret,
+        )
+        expect(webhook.data).to eq(@expectation)
+        expect(webhook.event).to eq('dsync.user.created')
+        expect(webhook.id).to eq('wh_123')
+      end
+    end
+    context 'with the correct payload, sig_header, secret, and tolerance' do
+      it 'returns a webhook event' do
+        webhook = described_class.construct_event(
+          payload: @payload,
+          sig_header: "t=#{@timestamp.to_i}, v1=#{@signature_hash}",
+          secret: @secret,
+          tolerance: 300,
+        )
+        expect(webhook.data).to eq(@expectation)
+        expect(webhook.event).to eq('dsync.user.created')
+        expect(webhook.id).to eq('wh_123')
+      end
+    end
+  end
+  describe '.verify_header' do
+    it_behaves_like 'WorkOSV2-Signature header failures'
+    it 'returns true when the signature is valid' do
+      described_class.verify_header(
+        payload: @payload,
+        sig_header: "t=#{@timestamp.to_i}, v1=#{@signature_hash}",
+        secret: @secret,
+      )
+    end
+  end
+  describe '.get_timestamp_and_signature_hash' do
+    it_behaves_like 'WorkOSV2-Signature header failures'
+    it 'returns the timestamp and signature when the signature is valid' do
+      timestamp_int = @timestamp.to_i
+      timestamp_and_signature = described_class.get_timestamp_and_signature_hash(
+        sig_header: "t=#{timestamp_int}, v1=#{@signature_hash}",
+      )
+      expect(timestamp_and_signature).to eq([timestamp_int.to_s, @signature_hash])
+    end
+  end
+  describe '.compute_signature' do
+    it_behaves_like 'WorkOSV2-Signature header failures'
+    it 'returns the computed signature' do
+      timestamp_int = @timestamp.to_i
+      signature = described_class.compute_signature(
+        timestamp: timestamp_int.to_s,
+        payload: @payload,
+        secret: @secret,
+      )
+      expect(signature).to eq(@signature_hash)
+    end
+  end
+end

data/spec/spec_helper.rb ADDED Viewed

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+# typed: false
+require 'simplecov'
+SimpleCov.start
+if ENV['CI'] == 'true'
+  require 'codecov'
+  SimpleCov.formatter = SimpleCov::Formatter::Codecov
+end
+$LOAD_PATH << File.join(File.dirname(__FILE__), '..', 'lib')
+$LOAD_PATH << File.join(File.dirname(__FILE__))
+require 'rubygems'
+require 'rspec'
+require 'webmock/rspec'
+require 'workosv2'
+require 'vcr'
+# Support
+Dir['./spec/support/**/*.rb'].sort.each { |f| require f }
+SPEC_ROOT = File.dirname __FILE__
+VCR.configure do |config|
+  config.cassette_library_dir = 'spec/support/fixtures/vcr_cassettes'
+  config.filter_sensitive_data('<API_KEY>') { WorkOSV2.config.key }
+  config.hook_into :webmock
+end
+RSpec.configure do |config|
+  config.expect_with :rspec do |expectations|
+    expectations.include_chain_clauses_in_custom_matcher_descriptions = true
+  end
+  config.mock_with :rspec do |mocks|
+    mocks.verify_partial_doubles = true
+  end
+  config.shared_context_metadata_behavior = :apply_to_host_groups
+  WebMock::API.prepend(Module.new do
+    extend self
+    # Disable VCR when a WebMock stub is created
+    # for clearer spec failure messaging
+    def stub_request(*args)
+      VCR.turn_off!
+      super
+    end
+  end)
+  config.before(:all) { WorkOSV2.config.key ||= '' }
+  config.before(:each) { VCR.turn_on! }
+end

data/spec/support/fixtures/vcr_cassettes/audit_logs/create_event.yml ADDED Viewed

@@ -0,0 +1,59 @@
+---
+http_interactions:
+  - request:
+      method: post
+      uri: https://api.workos.com/audit_logs/events
+      body:
+        encoding: UTF-8
+        string: '{"organization_id":"org_123","event":{"action":"user.signed_in","occurred_at":"2022-08-22T15:04:19.704Z","actor":{"id":"user_123","type":"user","name":"User","metadata":{"foo":"bar"}},"targets":[{"id":"team_123","type":"team","name":"Team","metadata":{"foo":"bar"}}],"context":{"location":"1.1.1.1","user_agent":"Mozilla"}}}'
+      headers:
+        Content-Type: "application/json"
+        Accept-Encoding: "gzip;q=1.0,deflate;q=0.6,identity;q=0.3"
+        Accept: "*/*"
+        User-Agent: "WorkOSV2; ruby/3.0.2; x86_64-darwin21; v2.5.1"
+        Authorization: "Bearer example_api_key"
+    response:
+      status:
+        code: 201
+        message: Created
+      headers:
+        Server:
+          - Cowboy
+        Connection:
+          - keep-alive
+        Access-Control-Allow-Origin:
+          - https://dashboard.workos.com
+        Vary:
+          - Origin, Accept-Encoding
+        Access-Control-Allow-Credentials:
+          - "true"
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Frame-Options:
+          - SAMEORIGIN
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        X-Download-Options:
+          - noopen
+        X-Content-Type-Options:
+          - nosniff
+        X-Xss-Protection:
+          - 1; mode=block
+        X-Request-Id:
+          - 1cf9b8e7-5910-4a6d-a333-46bcf841422e
+        Content-Type:
+          - application/json; charset=utf-8
+        Content-Length:
+          - "16"
+        Etag:
+          - W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
+        Date:
+          - Sat, 11 Jan 2020 04:22:48 GMT
+        Via:
+          - 1.1 vegur
+      body:
+        encoding: UTF-8
+        string: '{"success":true}'
+      http_version:
+    recorded_at: Sat, 11 Jan 2020 04:22:48 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/audit_logs/create_event_custom_idempotency_key.yml ADDED Viewed

@@ -0,0 +1,60 @@
+---
+http_interactions:
+  - request:
+      method: post
+      uri: https://api.workos.com/audit_logs/events
+      body:
+        encoding: UTF-8
+        string: '{"organization_id":"org_123","event":{"action":"user.signed_in","occurred_at":"2022-08-22T15:04:19.704Z","actor":{"id":"user_123","type":"user","name":"User","metadata":{"foo":"bar"}},"targets":[{"id":"team_123","type":"team","name":"Team","metadata":{"foo":"bar"}}],"context":{"location":"1.1.1.1","user_agent":"Mozilla"}}}'
+      headers:
+        Content-Type: "application/json"
+        Accept-Encoding: "gzip;q=1.0,deflate;q=0.6,identity;q=0.3"
+        Accept: "*/*"
+        User-Agent: "WorkOSV2; ruby/3.0.2; x86_64-darwin21; v2.5.1"
+        Authorization: "Bearer example_api_key"
+        Idempotency-Key: "idempotency_key"
+    response:
+      status:
+        code: 201
+        message: Created
+      headers:
+        Server:
+          - Cowboy
+        Connection:
+          - keep-alive
+        Access-Control-Allow-Origin:
+          - https://dashboard.workos.com
+        Vary:
+          - Origin, Accept-Encoding
+        Access-Control-Allow-Credentials:
+          - "true"
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Frame-Options:
+          - SAMEORIGIN
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        X-Download-Options:
+          - noopen
+        X-Content-Type-Options:
+          - nosniff
+        X-Xss-Protection:
+          - 1; mode=block
+        X-Request-Id:
+          - 1cf9b8e7-5910-4a6d-a333-46bcf841422e
+        Content-Type:
+          - application/json; charset=utf-8
+        Content-Length:
+          - "16"
+        Etag:
+          - W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
+        Date:
+          - Sat, 11 Jan 2020 04:22:48 GMT
+        Via:
+          - 1.1 vegur
+      body:
+        encoding: UTF-8
+        string: '{"success":true}'
+      http_version:
+    recorded_at: Sat, 11 Jan 2020 04:22:48 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/audit_logs/create_event_invalid.yml ADDED Viewed

@@ -0,0 +1,59 @@
+---
+http_interactions:
+  - request:
+      method: post
+      uri: https://api.workos.com/audit_logs/events
+      body:
+        encoding: UTF-8
+        string: '{"organization_id":"org_123","event":{"action":"user.signed_in","occurred_at":"2022-08-22T15:04:19.704Z","actor":{"id":"user_123","type":"user","name":"User","metadata":{"foo":"bar"}},"targets":[{"id":"team_123","type":"team","name":"Team","metadata":{"foo":"bar"}}],"context":{"location":"1.1.1.1","user_agent":"Mozilla"}}}'
+      headers:
+        Content-Type: "application/json"
+        Accept-Encoding: "gzip;q=1.0,deflate;q=0.6,identity;q=0.3"
+        Accept: "*/*"
+        User-Agent: "WorkOSV2; ruby/3.0.2; x86_64-darwin21; v2.5.1"
+        Authorization: "Bearer example_api_key"
+    response:
+      status:
+        code: 400
+        message: Bad Request
+      headers:
+        Server:
+          - Cowboy
+        Connection:
+          - keep-alive
+        Access-Control-Allow-Origin:
+          - https://dashboard.workos.com
+        Vary:
+          - Origin, Accept-Encoding
+        Access-Control-Allow-Credentials:
+          - "true"
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Frame-Options:
+          - SAMEORIGIN
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        X-Download-Options:
+          - noopen
+        X-Content-Type-Options:
+          - nosniff
+        X-Xss-Protection:
+          - 1; mode=block
+        X-Request-Id:
+          - 1cf9b8e7-5910-4a6d-a333-46bcf841422e
+        Content-Type:
+          - application/json; charset=utf-8
+        Content-Length:
+          - "16"
+        Etag:
+          - W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
+        Date:
+          - Sat, 11 Jan 2020 04:22:48 GMT
+        Via:
+          - 1.1 vegur
+      body:
+        encoding: UTF-8
+        string: '{"code":"invalid_audit_log","message":"Invalid Audit Log event","errors":[{"instancePath":"/targets/0/type","schemaPath":"#/properties/targets/allOf/0/contains/properties/type/const","keyword":"const","params":{"allowValues":["team"]},"message":"must be equal to constant","schema":"team","parentSchema":{"enum":["team"],"type":"string"},"data":"user"}]}'
+      http_version:
+    recorded_at: Sat, 11 Jan 2020 04:22:48 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/audit_logs/create_export.yml ADDED Viewed

@@ -0,0 +1,76 @@
+---
+http_interactions:
+  - request:
+      method: post
+      uri: https://api.workos.com/audit_logs/exports
+      body:
+        encoding: UTF-8
+        string: '{"organization_id":"org_123","range_start":"2022-06-22T15:04:19.704Z","range_end":"2022-08-22T15:04:19.704Z"}'
+      headers:
+        Content-Type:
+          - application/json
+        Accept-Encoding:
+          - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+        Accept:
+          - "*/*"
+        User-Agent:
+          - WorkOSV2; ruby/3.0.2; x86_64-darwin21; v2.5.1
+        Authorization:
+          - "Bearer example_api_key"
+    response:
+      status:
+        code: 201
+        message: Created
+      headers:
+        Date:
+          - Mon, 22 Aug 2022 17:47:49 GMT
+        Content-Type:
+          - application/json; charset=utf-8
+        Content-Length:
+          - "26"
+        Connection:
+          - keep-alive
+        Cf-Ray:
+          - 73ed6f92c9161847-ATL
+        Etag:
+          - W/"1a-pljHtlo127JYJR4E/RYOPb6ucbw"
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        Vary:
+          - Origin, Accept-Encoding
+        Via:
+          - 1.1 spaces-router (a302eeabfffb)
+        Cf-Cache-Status:
+          - DYNAMIC
+        Access-Control-Allow-Credentials:
+          - "true"
+        Content-Security-Policy:
+          - "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self'
+            https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src
+            'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+        Expect-Ct:
+          - max-age=0
+        Referrer-Policy:
+          - no-referrer
+        X-Content-Type-Options:
+          - nosniff
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Download-Options:
+          - noopen
+        X-Frame-Options:
+          - SAMEORIGIN
+        X-Permitted-Cross-Domain-Policies:
+          - none
+        X-Request-Id:
+          - eb09b349-08f4-b79b-ccb2-87fa4609c1ee
+        X-Xss-Protection:
+          - "0"
+        Server:
+          - cloudflare
+      body:
+        encoding: UTF-8
+        string: '{"object":"audit_log_export","id":"audit_log_export_123","state":"pending","created_at":"2022-08-22T15:04:19.704Z","updated_at":"2022-08-22T15:04:19.704Z"}'
+      http_version:
+    recorded_at: Mon, 22 Aug 2022 17:47:49 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/audit_logs/create_export_with_filters.yml ADDED Viewed

@@ -0,0 +1,77 @@
+---
+http_interactions:
+  - request:
+      method: post
+      uri: https://api.workos.com/audit_logs/exports
+      body:
+        encoding: UTF-8
+        string:
+          '{"organization_id":"org_123","range_start":"2022-06-22T15:04:19.704Z","range_end":"2022-08-22T15:04:19.704Z","actions":["user.signed_in"],"actors":["Jon Smith"],"actor_names":["Jon Smith"],"actor_ids":["user_123"],"targets":["user","team"]}'
+      headers:
+        Content-Type:
+          - application/json
+        Accept-Encoding:
+          - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+        Accept:
+          - "*/*"
+        User-Agent:
+          - WorkOSV2; ruby/3.0.2; x86_64-darwin21; v2.5.1
+        Authorization:
+          - "Bearer example_api_key"
+    response:
+      status:
+        code: 201
+        message: Created
+      headers:
+        Date:
+          - Mon, 22 Aug 2022 17:47:49 GMT
+        Content-Type:
+          - application/json; charset=utf-8
+        Content-Length:
+          - "26"
+        Connection:
+          - keep-alive
+        Cf-Ray:
+          - 73ed6f92c9161847-ATL
+        Etag:
+          - W/"1a-pljHtlo127JYJR4E/RYOPb6ucbw"
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        Vary:
+          - Origin, Accept-Encoding
+        Via:
+          - 1.1 spaces-router (a302eeabfffb)
+        Cf-Cache-Status:
+          - DYNAMIC
+        Access-Control-Allow-Credentials:
+          - "true"
+        Content-Security-Policy:
+          - "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self'
+            https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src
+            'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+        Expect-Ct:
+          - max-age=0
+        Referrer-Policy:
+          - no-referrer
+        X-Content-Type-Options:
+          - nosniff
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Download-Options:
+          - noopen
+        X-Frame-Options:
+          - SAMEORIGIN
+        X-Permitted-Cross-Domain-Policies:
+          - none
+        X-Request-Id:
+          - eb09b349-08f4-b79b-ccb2-87fa4609c1ee
+        X-Xss-Protection:
+          - "0"
+        Server:
+          - cloudflare
+      body:
+        encoding: UTF-8
+        string: '{"object":"audit_log_export","id":"audit_log_export_123","state":"pending","created_at":"2022-08-22T15:04:19.704Z","updated_at":"2022-08-22T15:04:19.704Z"}'
+      http_version:
+    recorded_at: Mon, 22 Aug 2022 17:47:49 GMT
+recorded_with: VCR 5.0.0