@workos-inc/node 2.1.0 → 2.4.0

package/lib/directory-sync/interfaces/group.interface.d.ts

@@ -1,5 +1,6 @@
 export interface Group {
     id: string;
+    directory_id: string;
     name: string;
     raw_attributes: any;
 }

package/lib/directory-sync/interfaces/user.interface.d.ts

@@ -2,6 +2,7 @@ import { Group } from './group.interface';
 export declare type DefaultCustomAttributes = Record<string, unknown>;
 export interface User<TCustomAttributes extends object = DefaultCustomAttributes> {
     id: string;
+    directory_id: string;
     raw_attributes: any;
     custom_attributes: TCustomAttributes;
     idp_id: string;

package/lib/sso/interfaces/authorization-url-options.interface.d.ts

@@ -1,7 +1,13 @@
 export interface AuthorizationURLOptions {
     clientID: string;
     connection?: string;
+    organization?: string;
+    /**
+     * @deprecated Please use `organization` instead.
+     */
     domain?: string;
+    domainHint?: string;
+    loginHint?: string;
     provider?: string;
     redirectURI: string;
     state?: string;

package/lib/sso/sso.d.ts

@@ -11,7 +11,7 @@ export declare class SSO {
     private readonly workos;
     constructor(workos: WorkOS);
     deleteConnection(id: string): Promise<void>;
-    getAuthorizationURL({ connection, clientID, domain, provider, redirectURI, state, }: AuthorizationURLOptions): string;
+    getAuthorizationURL({ connection, clientID, domain, domainHint, loginHint, organization, provider, redirectURI, state, }: AuthorizationURLOptions): string;
     getConnection(id: string): Promise<Connection>;
     getProfileAndToken({ code, clientID, }: GetProfileAndTokenOptions): Promise<ProfileAndToken>;
     getProfile({ accessToken }: GetProfileOptions): Promise<Profile>;

package/lib/sso/sso.js

@@ -23,13 +23,19 @@ class SSO {
             yield this.workos.delete(`/connections/${id}`);
         });
     }
-    getAuthorizationURL({ connection, clientID, domain, provider, redirectURI, state, }) {
-        if (!domain && !provider && !connection) {
-            throw new Error(`Incomplete arguments. Need to specify either a 'connection', 'domain', or 'provider'.`);
+    getAuthorizationURL({ connection, clientID, domain, domainHint, loginHint, organization, provider, redirectURI, state, }) {
+        if (!domain && !provider && !connection && !organization) {
+            throw new Error(`Incomplete arguments. Need to specify either a 'connection', 'organization', 'domain', or 'provider'.`);
+        }
+        if (domain) {
+            this.workos.emitWarning('The `domain` parameter for `getAuthorizationURL` is deprecated. Please use `organization` instead.');
         }
         const query = query_string_1.default.stringify({
             connection,
+            organization,
             domain,
+            domain_hint: domainHint,
+            login_hint: loginHint,
             provider,
             client_id: clientID,
             redirect_uri: redirectURI,

package/lib/sso/sso.spec.js

@@ -65,6 +65,19 @@ describe('SSO', () => {
                     expect(url).toMatchSnapshot();
                 });
             });
+            describe('with an `organization`', () => {
+                it('generates an authorization URL with the organization', () => {
+                    const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
+                        apiHostname: 'api.workos.dev',
+                    });
+                    const url = workos.sso.getAuthorizationURL({
+                        organization: 'organization_123',
+                        clientID: 'proj_123',
+                        redirectURI: 'example.com/sso/workos/callback',
+                    });
+                    expect(url).toMatchSnapshot();
+                });
+            });
             describe('with a custom api hostname', () => {
                 it('generates an authorize url with the custom api hostname', () => {
                     const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
@@ -90,6 +103,32 @@ describe('SSO', () => {
                     expect(url).toMatchSnapshot();
                 });
             });
+            describe('with domainHint', () => {
+                it('generates an authorize url with the provided domain hint', () => {
+                    const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
+                    const url = workos.sso.getAuthorizationURL({
+                        domainHint: 'lyft.com',
+                        connection: 'connection_123',
+                        clientID: 'proj_123',
+                        redirectURI: 'example.com/sso/workos/callback',
+                        state: 'custom state',
+                    });
+                    expect(url).toMatchInlineSnapshot(`"https://api.workos.com/sso/authorize?client_id=proj_123&connection=connection_123&domain_hint=lyft.com&redirect_uri=example.com%2Fsso%2Fworkos%2Fcallback&response_type=code&state=custom%20state"`);
+                });
+            });
+            describe('with loginHint', () => {
+                it('generates an authorize url with the provided login hint', () => {
+                    const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
+                    const url = workos.sso.getAuthorizationURL({
+                        loginHint: 'foo@workos.com',
+                        connection: 'connection_123',
+                        clientID: 'proj_123',
+                        redirectURI: 'example.com/sso/workos/callback',
+                        state: 'custom state',
+                    });
+                    expect(url).toMatchInlineSnapshot(`"https://api.workos.com/sso/authorize?client_id=proj_123&connection=connection_123&login_hint=foo%40workos.com&redirect_uri=example.com%2Fsso%2Fworkos%2Fcallback&response_type=code&state=custom%20state"`);
+                });
+            });
         });
         describe('getProfileAndToken', () => {
             describe('with all information provided', () => {

package/lib/webhooks/interfaces/webhook.interface.d.ts

@@ -30,21 +30,15 @@ export interface DsyncDeletedWebhook extends WebhookBase {
 }
 export interface DsyncGroupCreatedWebhook extends WebhookBase {
     event: 'dsync.group.created';
-    data: Group & {
-        directory_id: string;
-    };
+    data: Group;
 }
 export interface DsyncGroupDeletedWebhook extends WebhookBase {
     event: 'dsync.group.deleted';
-    data: Group & {
-        directory_id: string;
-    };
+    data: Group;
 }
 export interface DsyncGroupUpdatedWebhook extends WebhookBase {
     event: 'dsync.group.updated';
-    data: Group & {
-        directory_id: string;
-    };
+    data: Group;
 }
 export interface DsyncGroupUserAddedWebhook extends WebhookBase {
     event: 'dsync.group.user_added';

package/lib/webhooks/webhooks.js

@@ -7,13 +7,13 @@ exports.Webhooks = void 0;
 const crypto_1 = __importDefault(require("crypto"));
 const exceptions_1 = require("../common/exceptions");
 class Webhooks {
-    constructEvent({ payload, sigHeader, secret, tolerance = 180, }) {
+    constructEvent({ payload, sigHeader, secret, tolerance = 180000, }) {
         const options = { payload, sigHeader, secret, tolerance };
         this.verifyHeader(options);
         const webhookPayload = payload;
         return webhookPayload;
     }
-    verifyHeader({ payload, sigHeader, secret, tolerance = 180, }) {
+    verifyHeader({ payload, sigHeader, secret, tolerance = 180000, }) {
         const [timestamp, signatureHash] = this.getTimestampAndSignatureHash(sigHeader);
         if (!signatureHash || Object.keys(signatureHash).length === 0) {
             throw new exceptions_1.SignatureVerificationException('No signature hash found with expected scheme v1');
@@ -38,6 +38,7 @@ class Webhooks {
         return [timestamp, signatureHash];
     }
     computeSignature(timestamp, payload, secret) {
+        payload = JSON.stringify(payload);
         const signedPayload = `${timestamp}.${payload}`;
         const expectedSignature = crypto_1.default
             .createHmac('sha256', secret)

package/lib/webhooks/webhooks.spec.js

@@ -19,7 +19,7 @@ describe('Webhooks', () => {
         payload = webhook_json_1.default;
         secret = 'secret';
         timestamp = Date.now() * 1000;
-        unhashedString = `${timestamp}.${payload}`;
+        unhashedString = `${timestamp}.${JSON.stringify(payload)}`;
         signatureHash = crypto_1.default
             .createHmac('sha256', secret)
             .update(unhashedString)

package/lib/workos.js

@@ -22,7 +22,7 @@ const passwordless_1 = require("./passwordless/passwordless");
 const portal_1 = require("./portal/portal");
 const sso_1 = require("./sso/sso");
 const webhooks_1 = require("./webhooks/webhooks");
-const VERSION = '2.1.0';
+const VERSION = '2.4.0';
 const DEFAULT_HOSTNAME = 'api.workos.com';
 class WorkOS {
     constructor(key, options = {}) {

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "2.1.0",
+  "version": "2.4.0",
   "name": "@workos-inc/node",
   "author": "WorkOS",
   "description": "A Node wrapper for the WorkOS API",
@@ -9,7 +9,7 @@
     "workos"
   ],
   "volta": {
-    "node": "14.18.1",
+    "node": "14.18.2",
     "yarn": "1.22.17"
   },
   "main": "lib/index.js",
@@ -39,15 +39,15 @@
     "query-string": "7.0.1"
   },
   "devDependencies": {
-    "@types/jest": "27.0.2",
-    "@types/node": "14.17.32",
+    "@types/jest": "27.0.3",
+    "@types/node": "14.18.0",
     "@types/pluralize": "0.0.29",
     "axios-mock-adapter": "1.20.0",
-    "jest": "27.3.1",
-    "prettier": "2.4.1",
+    "jest": "27.4.5",
+    "prettier": "2.5.1",
     "supertest": "6.1.6",
-    "ts-jest": "27.0.7",
+    "ts-jest": "27.1.1",
     "tslint": "6.1.3",
-    "typescript": "4.4.4"
+    "typescript": "4.5.4"
   }
 }