@workos-inc/node 10.1.0 → 10.2.1

package/lib/{factory-SnCyjvy0.cjs → factory-BzpScK-h.cjs}

@@ -349,8 +349,20 @@ var FetchHttpClientResponse = class FetchHttpClientResponse extends HttpClientRe
 	getRawResponse() {
 		return this._res;
 	}
-	toJSON() {
-		return this._res.headers.get("content-type")?.includes("application/json") ? this._res.json() : null;
+	async toJSON() {
+		if (!this._res.headers.get("content-type")?.includes("application/json")) return null;
+		const rawBody = await this._res.text();
+		try {
+			return JSON.parse(rawBody);
+		} catch (error) {
+			if (error instanceof SyntaxError) throw new ParseError({
+				message: error.message,
+				rawBody,
+				rawStatus: this._res.status,
+				requestID: this._res.headers.get("X-Request-ID") ?? ""
+			});
+			throw error;
+		}
 	}
 	static _transformHeadersToObject(headers) {
 		const headersObj = {};
@@ -411,6 +423,8 @@ const AUTHENTICATION_ERROR_CODES = new Set([
 	"mfa_enrollment",
 	"mfa_challenge",
 	"mfa_verification",
+	"radar_email_challenge",
+	"radar_sms_challenge",
 	"sso_required"
 ]);
 function parseAuthenticationErrorCode(value) {
@@ -429,12 +443,14 @@ var AuthenticationException = class extends GenericServerException {
 	name = "AuthenticationException";
 	code;
 	pendingAuthenticationToken;
+	radarChallengeId;
 	constructor(status, rawData, requestID) {
 		const code = getAuthenticationErrorCode(rawData);
 		super(status, rawData.message ?? rawData.error_description, rawData, requestID);
 		this.rawData = rawData;
 		this.code = code;
 		this.pendingAuthenticationToken = rawData.pending_authentication_token;
+		this.radarChallengeId = rawData.radar_challenge_id;
 	}
 };
 //#endregion
@@ -671,6 +687,31 @@ const serializeAuthenticateWithMagicAuthOptions = (options) => ({
 	radar_auth_attempt_id: options.radarAuthAttemptId
 });
 //#endregion
+//#region src/user-management/serializers/authenticate-with-radar-email-challenge-options.serializer.ts
+const serializeAuthenticateWithRadarEmailChallengeOptions = (options) => ({
+	grant_type: "urn:workos:oauth:grant-type:radar-email-challenge:code",
+	client_id: options.clientId,
+	client_secret: options.clientSecret,
+	code: options.code,
+	radar_challenge_id: options.radarChallengeId,
+	pending_authentication_token: options.pendingAuthenticationToken,
+	ip_address: options.ipAddress,
+	user_agent: options.userAgent
+});
+//#endregion
+//#region src/user-management/serializers/authenticate-with-radar-sms-challenge-options.serializer.ts
+const serializeAuthenticateWithRadarSmsChallengeOptions = (options) => ({
+	grant_type: "urn:workos:oauth:grant-type:radar-sms-challenge:code",
+	client_id: options.clientId,
+	client_secret: options.clientSecret,
+	code: options.code,
+	verification_id: options.verificationId,
+	phone_number: options.phoneNumber,
+	pending_authentication_token: options.pendingAuthenticationToken,
+	ip_address: options.ipAddress,
+	user_agent: options.userAgent
+});
+//#endregion
 //#region src/user-management/serializers/authenticate-with-password-options.serializer.ts
 const serializeAuthenticateWithPasswordOptions = (options) => ({
 	grant_type: "password",
@@ -970,6 +1011,15 @@ const serializeCreateUserOptions = (options) => ({
 	user_agent: options.userAgent
 });
 //#endregion
+//#region src/user-management/serializers/send-radar-sms-challenge-options.serializer.ts
+const serializeSendRadarSmsChallengeOptions = (options) => ({
+	user_id: options.userId,
+	pending_authentication_token: options.pendingAuthenticationToken,
+	phone_number: options.phoneNumber,
+	ip_address: options.ipAddress,
+	user_agent: options.userAgent
+});
+//#endregion
 //#region src/user-management/serializers/update-user-options.serializer.ts
 const serializeUpdateUserOptions = (options) => ({
 	email: options.email,
@@ -3550,7 +3600,7 @@ function isJson(val) {
 	}
 	return !0;
 }
-const enc = /* @__PURE__ */ new TextEncoder(), dec = /* @__PURE__ */ new TextDecoder(), jsBase64Enabled = typeof Uint8Array.fromBase64 == "function" && typeof Uint8Array.prototype.toBase64 == "function" && typeof Uint8Array.prototype.toHex == "function";
+const enc = /* @__PURE__ */ new TextEncoder(), dec = /* @__PURE__ */ new TextDecoder(), jsBase64Enabled = /* @__PURE__ */ (() => typeof Uint8Array.fromBase64 == "function" && typeof Uint8Array.prototype.toBase64 == "function" && typeof Uint8Array.prototype.toHex == "function")();
 function b64ToU8(str) {
 	return jsBase64Enabled ? Uint8Array.fromBase64(str, { alphabet: "base64url" }) : base64ToUint8Array$1(str);
 }
@@ -3595,7 +3645,7 @@ const defaults = /* @__PURE__ */ Object.freeze({
 		ivBits: void 0,
 		name: "SHA-256"
 	})
-}), macPrefix = "Fe26.2";
+});
 function randomBits(bits) {
 	return crypto.getRandomValues(new Uint8Array(bits / 8));
 }
@@ -3689,7 +3739,7 @@ function normalizePassword(password) {
 async function seal(object, password, options) {
 	let now = Date.now() + (options.localtimeOffsetMsec || 0), { id = "", encryption, integrity } = normalizePassword(password);
 	if (id && !/^\w+$/.test(id)) throw Error("Invalid password id");
-	let { encrypted, key } = await encrypt(encryption, options.encryption, (options.encode || losslessJsonStringify)(object)), expiration = options.ttl ? now + options.ttl : "", macBaseString = macPrefix + "*" + id + "*" + key.salt + "*" + u8ToB64(key.iv) + "*" + u8ToB64(encrypted) + "*" + expiration, mac = await hmacWithPassword(integrity, options.integrity, macBaseString);
+	let { encrypted, key } = await encrypt(encryption, options.encryption, (options.encode || losslessJsonStringify)(object)), expiration = options.ttl ? now + options.ttl : "", macBaseString = "Fe26.2*" + id + "*" + key.salt + "*" + u8ToB64(key.iv) + "*" + u8ToB64(encrypted) + "*" + expiration, mac = await hmacWithPassword(integrity, options.integrity, macBaseString);
 	return macBaseString + "*" + mac.salt + "*" + mac.digest;
 }
 async function unseal(sealed, password, options) {
@@ -3937,7 +3987,7 @@ let _josePromise;
 * @returns Promise that resolves to the jose module
 */
 function getJose() {
-	return _josePromise ??= Promise.resolve().then(() => require("./webapi-lTzmUixq.cjs"));
+	return _josePromise ??= Promise.resolve().then(() => require("./webapi-CVu-Hjaz.cjs"));
 }
 //#endregion
 //#region src/user-management/session.ts
@@ -4307,6 +4357,42 @@ var UserManagement = class {
 			session
 		});
 	}
+	/** Send a Radar SMS challenge. */
+	async sendRadarSmsChallenge(payload) {
+		const { data } = await this.workos.post("/user_management/radar_challenges", serializeSendRadarSmsChallengeOptions(payload));
+		return {
+			verificationId: data.verification_id,
+			phoneNumber: data.phone_number
+		};
+	}
+	/** Authenticate with Radar SMS challenge. */
+	async authenticateWithRadarSmsChallenge(payload) {
+		const { session, clientId, ...remainingPayload } = payload;
+		const resolvedClientId = this.resolveClientId(clientId);
+		const { data } = await this.workos.post("/user_management/authenticate", serializeAuthenticateWithRadarSmsChallengeOptions({
+			...remainingPayload,
+			clientId: resolvedClientId,
+			clientSecret: this.workos.key
+		}));
+		return this.prepareAuthenticationResponse({
+			authenticationResponse: deserializeAuthenticationResponse(data),
+			session
+		});
+	}
+	/** Authenticate with Radar email challenge. */
+	async authenticateWithRadarEmailChallenge(payload) {
+		const { session, clientId, ...remainingPayload } = payload;
+		const resolvedClientId = this.resolveClientId(clientId);
+		const { data } = await this.workos.post("/user_management/authenticate", serializeAuthenticateWithRadarEmailChallengeOptions({
+			...remainingPayload,
+			clientId: resolvedClientId,
+			clientSecret: this.workos.key
+		}));
+		return this.prepareAuthenticationResponse({
+			authenticationResponse: deserializeAuthenticationResponse(data),
+			session
+		});
+	}
 	async authenticateWithSessionCookie({ sessionData, cookiePassword = getEnv("WORKOS_COOKIE_PASSWORD") }) {
 		if (!cookiePassword) throw new Error("Cookie password is required");
 		if (!await this.getJWKS()) throw new Error("Must provide clientId to initialize JWKS");
@@ -5364,13 +5450,15 @@ var Groups = class {
 	}
 };
 //#endregion
-//#region src/widgets/interfaces/get-token.ts
-const serializeGetTokenOptions = (options) => ({
-	organization_id: options.organizationId,
-	user_id: options.userId,
-	scopes: options.scopes
+//#region src/widgets/serializers/widget-session-token-response.serializer.ts
+const deserializeWidgetSessionTokenResponse = (response) => ({ token: response.token });
+//#endregion
+//#region src/widgets/serializers/widget-session-token.serializer.ts
+const serializeGetTokenOptions = (model) => ({
+	organization_id: model.organizationId,
+	user_id: model.userId,
+	scopes: model.scopes
 });
-const deserializeGetTokenResponse = (data) => ({ token: data.token });
 //#endregion
 //#region src/widgets/widgets.ts
 var Widgets = class {
@@ -5382,15 +5470,16 @@ var Widgets = class {
 	* Generate a widget token
 	*
 	* Generate a widget token scoped to an organization and user with the specified scopes.
-	* @param payload - Object containing organizationId.
-	* @returns {Promise<GetTokenResponse>}
+	* @param options - The request options.
+	* @returns {Promise<WidgetSessionTokenResponse>}
 	* @throws {BadRequestException} 400
 	* @throws {NotFoundException} 404
 	* @throws {UnprocessableEntityException} 422
 	*/
-	async createToken(payload) {
+	async createToken(options) {
+		const payload = options;
 		const { data } = await this.workos.post("/widgets/token", serializeGetTokenOptions(payload));
-		return deserializeGetTokenResponse(data);
+		return deserializeWidgetSessionTokenResponse(data);
 	}
 };
 //#endregion
@@ -6828,7 +6917,7 @@ var Vault = class {
 };
 //#endregion
 //#region package.json
-var version = "10.1.0";
+var version = "10.2.1";
 //#endregion
 //#region src/workos.ts
 const DEFAULT_HOSTNAME = "api.workos.com";
@@ -6961,12 +7050,7 @@ var WorkOS = class {
 			});
 			throw error;
 		}
-		try {
-			return { data: await res.toJSON() };
-		} catch (error) {
-			await this.handleParseError(error, res);
-			throw error;
-		}
+		return { data: await res.toJSON() };
 	}
 	async get(path, options = {}) {
 		if (!options.skipApiKeyCheck) this.requireApiKey(path);
@@ -6986,12 +7070,7 @@ var WorkOS = class {
 			});
 			throw error;
 		}
-		try {
-			return { data: await res.toJSON() };
-		} catch (error) {
-			await this.handleParseError(error, res);
-			throw error;
-		}
+		return { data: await res.toJSON() };
 	}
 	async put(path, entity, options = {}) {
 		if (!options.skipApiKeyCheck) this.requireApiKey(path);
@@ -7010,12 +7089,7 @@ var WorkOS = class {
 			});
 			throw error;
 		}
-		try {
-			return { data: await res.toJSON() };
-		} catch (error) {
-			await this.handleParseError(error, res);
-			throw error;
-		}
+		return { data: await res.toJSON() };
 	}
 	async patch(path, entity, options = {}) {
 		if (!options.skipApiKeyCheck) this.requireApiKey(path);
@@ -7034,12 +7108,7 @@ var WorkOS = class {
 			});
 			throw error;
 		}
-		try {
-			return { data: await res.toJSON() };
-		} catch (error) {
-			await this.handleParseError(error, res);
-			throw error;
-		}
+		return { data: await res.toJSON() };
 	}
 	async delete(path, query) {
 		this.requireApiKey(path);
@@ -7068,20 +7137,6 @@ var WorkOS = class {
 	emitWarning(warning) {
 		console.warn(`WorkOS: ${warning}`);
 	}
-	async handleParseError(error, res) {
-		if (error instanceof SyntaxError) {
-			const rawResponse = res.getRawResponse();
-			const requestID = rawResponse.headers.get("X-Request-ID") ?? "";
-			const rawStatus = rawResponse.status;
-			const rawBody = await rawResponse.text();
-			throw new ParseError({
-				message: error.message,
-				rawBody,
-				rawStatus,
-				requestID
-			});
-		}
-	}
 	handleHttpError({ path, error }) {
 		if (!(error instanceof HttpClientError)) throw new Error(`Unexpected error: ${error}`, { cause: error });
 		const { response } = error;
@@ -7380,24 +7435,12 @@ Object.defineProperty(exports, "createWorkOS", {
 		return createWorkOS;
 	}
 });
-Object.defineProperty(exports, "deserializeGetTokenResponse", {
-	enumerable: true,
-	get: function() {
-		return deserializeGetTokenResponse;
-	}
-});
 Object.defineProperty(exports, "isAuthenticationErrorData", {
 	enumerable: true,
 	get: function() {
 		return isAuthenticationErrorData;
 	}
 });
-Object.defineProperty(exports, "serializeGetTokenOptions", {
-	enumerable: true,
-	get: function() {
-		return serializeGetTokenOptions;
-	}
-});
 Object.defineProperty(exports, "serializeRevokeSessionOptions", {
 	enumerable: true,
 	get: function() {
@@ -7405,4 +7448,4 @@ Object.defineProperty(exports, "serializeRevokeSessionOptions", {
 	}
 });
 
-//# sourceMappingURL=factory-SnCyjvy0.cjs.map
+//# sourceMappingURL=factory-BzpScK-h.cjs.map