@workos-inc/node 2.2.0 → 2.5.0-alpha.1

package/lib/common/exceptions/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/lib/common/interfaces/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/lib/directory-sync/interfaces/list-directories-options.interface.d.ts

@@ -1,5 +1,6 @@
 import { PaginationOptions } from '../../common/interfaces/pagination-options.interface';
 export interface ListDirectoriesOptions extends PaginationOptions {
     domain?: string;
+    organization_id?: string;
     search?: string;
 }

package/lib/index.d.ts

@@ -3,6 +3,7 @@ export * from './audit-trail/interfaces';
 export * from './common/exceptions';
 export * from './common/interfaces';
 export * from './directory-sync/interfaces';
+export * from './organizations/interfaces';
 export * from './passwordless/interfaces';
 export * from './portal/interfaces';
 export * from './sso/interfaces';

package/lib/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -17,6 +21,7 @@ __exportStar(require("./audit-trail/interfaces"), exports);
 __exportStar(require("./common/exceptions"), exports);
 __exportStar(require("./common/interfaces"), exports);
 __exportStar(require("./directory-sync/interfaces"), exports);
+__exportStar(require("./organizations/interfaces"), exports);
 __exportStar(require("./passwordless/interfaces"), exports);
 __exportStar(require("./portal/interfaces"), exports);
 __exportStar(require("./sso/interfaces"), exports);

package/lib/mfa/interfaces/challenge-factor-options.d.ts

@@ -0,0 +1,6 @@
+export declare type ChallengeFactorOptions = {
+    authentication_factor_id: string;
+} | {
+    authentication_factor_id: string;
+    sms_template: string;
+};

package/lib/mfa/interfaces/challenge-factor-options.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/mfa/interfaces/challenge.interface.d.ts

@@ -0,0 +1,9 @@
+export interface Challenge {
+    object: 'authentication_challenge';
+    id: string;
+    created_at: string;
+    updated_at: string;
+    expires_at: string;
+    code: string;
+    authentication_factor_id: string;
+}

package/lib/mfa/interfaces/challenge.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/mfa/interfaces/enroll-factor-options.d.ts

@@ -0,0 +1,10 @@
+export declare type EnrollFactorOptions = {
+    type: 'sms';
+    phoneNumber: string;
+} | {
+    type: 'totp';
+    issuer: string;
+    user: string;
+} | {
+    type: 'generic_otp';
+};

package/lib/mfa/interfaces/enroll-factor-options.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/mfa/interfaces/factor.interface.d.ts

@@ -0,0 +1,12 @@
+import { Sms } from './sms.interface';
+import { Totp } from './totp.interface';
+export interface Factor {
+    object: 'authentication_factor';
+    id: string;
+    created_at: string;
+    updated_at: string;
+    type: string;
+    environment_id: string;
+    sms: Sms;
+    totp: Totp;
+}

package/lib/mfa/interfaces/factor.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/mfa/interfaces/sms.interface.d.ts

@@ -0,0 +1,3 @@
+export interface Sms {
+    phone_number: string;
+}

package/lib/mfa/interfaces/sms.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/mfa/interfaces/totp.interface.d.ts

@@ -0,0 +1,4 @@
+export interface Totp {
+    qr_code: string;
+    secret: string;
+}

package/lib/mfa/interfaces/totp.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/mfa/interfaces/verify-factor-options.d.ts

@@ -0,0 +1,4 @@
+export declare type VerifyFactorOptions = {
+    authentication_challenge_id: string;
+    code: string;
+};

package/lib/mfa/interfaces/verify-factor-options.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/mfa/interfaces/verify-factor-response.d.ts

@@ -0,0 +1,10 @@
+import { Challenge } from './challenge.interface';
+export interface VerifyResponseSuccess {
+    challenge: Challenge;
+    valid: boolean;
+}
+export interface VerifyResponseError {
+    code: string;
+    message: string;
+}
+export declare type VerifyResponse = VerifyResponseSuccess | VerifyResponseError;

package/lib/mfa/interfaces/verify-factor-response.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/mfa/mfa.d.ts

@@ -0,0 +1,16 @@
+import { WorkOS } from '../workos';
+import { ChallengeFactorOptions } from './interfaces/challenge-factor-options';
+import { Challenge } from './interfaces/challenge.interface';
+import { EnrollFactorOptions } from './interfaces/enroll-factor-options';
+import { Factor } from './interfaces/factor.interface';
+import { VerifyFactorOptions } from './interfaces/verify-factor-options';
+import { VerifyResponse } from './interfaces/verify-factor-response';
+export declare class Mfa {
+    private readonly workos;
+    constructor(workos: WorkOS);
+    deleteFactor(id: string): Promise<void>;
+    getFactor(id: string): Promise<any>;
+    enrollFactor(options: EnrollFactorOptions): Promise<Factor>;
+    challengeFactor(options: ChallengeFactorOptions): Promise<Challenge>;
+    verifyFactor(options: VerifyFactorOptions): Promise<VerifyResponse>;
+}

package/lib/mfa/mfa.js

@@ -0,0 +1,47 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Mfa = void 0;
+class Mfa {
+    constructor(workos) {
+        this.workos = workos;
+    }
+    deleteFactor(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            yield this.workos.delete(`/auth/factors/${id}`);
+        });
+    }
+    getFactor(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.get(`/auth/factors/${id}`);
+            return data;
+        });
+    }
+    enrollFactor(options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post('/auth/factors/enroll', options);
+            return data;
+        });
+    }
+    challengeFactor(options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post('/auth/factors/challenge', options);
+            return data;
+        });
+    }
+    verifyFactor(options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post('/auth/factors/verify', options);
+            return data;
+        });
+    }
+}
+exports.Mfa = Mfa;

package/lib/mfa/mfa.spec.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/mfa/mfa.spec.js

@@ -0,0 +1,248 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const axios_1 = __importDefault(require("axios"));
+const axios_mock_adapter_1 = __importDefault(require("axios-mock-adapter"));
+const workos_1 = require("../workos");
+describe('MFA', () => {
+    describe('getFactor', () => {
+        it('throws an error for incomplete arguments', () => __awaiter(void 0, void 0, void 0, function* () {
+            const mock = new axios_mock_adapter_1.default(axios_1.default);
+            mock.onGet().reply(200, {});
+            const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
+            const factor = yield workos.mfa.getFactor('test_123');
+            expect(factor).toMatchInlineSnapshot(`Object {}`);
+        }));
+    });
+    describe('deleteFactor', () => {
+        it('sends request to delete a Factor', () => __awaiter(void 0, void 0, void 0, function* () {
+            const mock = new axios_mock_adapter_1.default(axios_1.default);
+            mock.onDelete().reply(200, {});
+            const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
+            yield workos.mfa.deleteFactor('conn_123');
+            expect(mock.history.delete[0].url).toEqual('/auth/factors/conn_123');
+        }));
+    });
+    describe('enrollFactor', () => {
+        describe('with generic', () => {
+            it('enrolls a factor with generic type', () => __awaiter(void 0, void 0, void 0, function* () {
+                const mock = new axios_mock_adapter_1.default(axios_1.default);
+                mock.onPost('/auth/factors/enroll').reply(200, {
+                    object: 'authentication_factor',
+                    id: 'auth_factor_1234',
+                    created_at: '2022-03-15T20:39:19.892Z',
+                    updated_at: '2022-03-15T20:39:19.892Z',
+                    type: 'generic_otp',
+                    environment_id: 'environment_1234',
+                });
+                const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
+                    apiHostname: 'api.workos.dev',
+                });
+                const enrollResponse = yield workos.mfa.enrollFactor({
+                    type: 'generic_otp',
+                });
+                expect(enrollResponse).toMatchInlineSnapshot(`
+          Object {
+            "created_at": "2022-03-15T20:39:19.892Z",
+            "environment_id": "environment_1234",
+            "id": "auth_factor_1234",
+            "object": "authentication_factor",
+            "type": "generic_otp",
+            "updated_at": "2022-03-15T20:39:19.892Z",
+          }
+        `);
+            }));
+        });
+        describe('with totp', () => {
+            it('enrolls a factor with totp type', () => __awaiter(void 0, void 0, void 0, function* () {
+                const mock = new axios_mock_adapter_1.default(axios_1.default);
+                mock.onPost('/auth/factors/enroll').reply(200, {
+                    object: 'authentication_factor',
+                    id: 'auth_factor_1234',
+                    created_at: '2022-03-15T20:39:19.892Z',
+                    updated_at: '2022-03-15T20:39:19.892Z',
+                    type: 'totp',
+                    environment_id: 'environment_1234',
+                    totp: {
+                        qr_code: 'qr-code-test',
+                        secret: 'secret-test',
+                    },
+                });
+                const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
+                    apiHostname: 'api.workos.dev',
+                });
+                const enrollResponse = yield workos.mfa.enrollFactor({
+                    type: 'totp',
+                    issuer: 'WorkOS',
+                    user: 'some_user',
+                });
+                expect(enrollResponse).toMatchInlineSnapshot(`
+          Object {
+            "created_at": "2022-03-15T20:39:19.892Z",
+            "environment_id": "environment_1234",
+            "id": "auth_factor_1234",
+            "object": "authentication_factor",
+            "totp": Object {
+              "qr_code": "qr-code-test",
+              "secret": "secret-test",
+            },
+            "type": "totp",
+            "updated_at": "2022-03-15T20:39:19.892Z",
+          }
+        `);
+            }));
+        });
+        describe('with sms', () => {
+            it('enrolls a factor with sms type', () => __awaiter(void 0, void 0, void 0, function* () {
+                const mock = new axios_mock_adapter_1.default(axios_1.default);
+                mock.onPost('/auth/factors/enroll').reply(200, {
+                    object: 'authentication_factor',
+                    id: 'auth_factor_1234',
+                    created_at: '2022-03-15T20:39:19.892Z',
+                    updated_at: '2022-03-15T20:39:19.892Z',
+                    type: 'sms',
+                    environment_id: 'environment_1234',
+                    sms: {
+                        phone_number: '+15555555555',
+                    },
+                });
+                const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
+                    apiHostname: 'api.workos.dev',
+                });
+                const enrollResponse = yield workos.mfa.enrollFactor({
+                    type: 'sms',
+                    phoneNumber: '+1555555555',
+                });
+                expect(enrollResponse).toMatchInlineSnapshot(`
+          Object {
+            "created_at": "2022-03-15T20:39:19.892Z",
+            "environment_id": "environment_1234",
+            "id": "auth_factor_1234",
+            "object": "authentication_factor",
+            "sms": Object {
+              "phone_number": "+15555555555",
+            },
+            "type": "sms",
+            "updated_at": "2022-03-15T20:39:19.892Z",
+          }
+        `);
+            }));
+        });
+    });
+    describe('challengeFactor', () => {
+        describe('with no sms template', () => {
+            it('challenge a factor with no sms template', () => __awaiter(void 0, void 0, void 0, function* () {
+                const mock = new axios_mock_adapter_1.default(axios_1.default);
+                mock.onPost('/auth/factors/challenge').reply(200, {
+                    object: 'authentication_challenge',
+                    id: 'auth_challenge_1234',
+                    created_at: '2022-03-15T20:39:19.892Z',
+                    updated_at: '2022-03-15T20:39:19.892Z',
+                    expires_at: '2022-03-15T21:39:19.892Z',
+                    code: '12345',
+                    authentication_factor_id: 'auth_factor_1234',
+                });
+                const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
+                    apiHostname: 'api.workos.dev',
+                });
+                const challengeResponse = yield workos.mfa.challengeFactor({
+                    authentication_factor_id: 'auth_factor_1234',
+                });
+                expect(challengeResponse).toMatchInlineSnapshot(`
+          Object {
+            "authentication_factor_id": "auth_factor_1234",
+            "code": "12345",
+            "created_at": "2022-03-15T20:39:19.892Z",
+            "expires_at": "2022-03-15T21:39:19.892Z",
+            "id": "auth_challenge_1234",
+            "object": "authentication_challenge",
+            "updated_at": "2022-03-15T20:39:19.892Z",
+          }
+        `);
+            }));
+        });
+        describe('with totp', () => {
+            it('challenge a factor with sms template', () => __awaiter(void 0, void 0, void 0, function* () {
+                const mock = new axios_mock_adapter_1.default(axios_1.default);
+                mock.onPost('/auth/factors/challenge').reply(200, {
+                    object: 'authentication_challenge',
+                    id: 'auth_challenge_1234',
+                    created_at: '2022-03-15T20:39:19.892Z',
+                    updated_at: '2022-03-15T20:39:19.892Z',
+                    expires_at: '2022-03-15T21:39:19.892Z',
+                    code: '12345',
+                    authentication_factor_id: 'auth_factor_1234',
+                });
+                const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
+                    apiHostname: 'api.workos.dev',
+                });
+                const challengeResponse = yield workos.mfa.challengeFactor({
+                    authentication_factor_id: 'auth_factor_1234',
+                    sms_template: 'This is your code: 12345',
+                });
+                expect(challengeResponse).toMatchInlineSnapshot(`
+          Object {
+            "authentication_factor_id": "auth_factor_1234",
+            "code": "12345",
+            "created_at": "2022-03-15T20:39:19.892Z",
+            "expires_at": "2022-03-15T21:39:19.892Z",
+            "id": "auth_challenge_1234",
+            "object": "authentication_challenge",
+            "updated_at": "2022-03-15T20:39:19.892Z",
+          }
+        `);
+            }));
+        });
+    });
+    describe('verifyFactor', () => {
+        describe('verify with successful response', () => {
+            it('verifies a successful factor', () => __awaiter(void 0, void 0, void 0, function* () {
+                const mock = new axios_mock_adapter_1.default(axios_1.default);
+                mock.onPost('/auth/factors/verify').reply(200, {
+                    challenge: {
+                        object: 'authentication_challenge',
+                        id: 'auth_challenge_1234',
+                        created_at: '2022-03-15T20:39:19.892Z',
+                        updated_at: '2022-03-15T20:39:19.892Z',
+                        expires_at: '2022-03-15T21:39:19.892Z',
+                        code: '12345',
+                        authentication_factor_id: 'auth_factor_1234',
+                    },
+                    valid: true,
+                });
+                const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
+                    apiHostname: 'api.workos.dev',
+                });
+                const verifyResponse = yield workos.mfa.verifyFactor({
+                    authentication_challenge_id: 'auth_challenge_1234',
+                    code: '12345',
+                });
+                expect(verifyResponse).toMatchInlineSnapshot(`
+          Object {
+            "challenge": Object {
+              "authentication_factor_id": "auth_factor_1234",
+              "code": "12345",
+              "created_at": "2022-03-15T20:39:19.892Z",
+              "expires_at": "2022-03-15T21:39:19.892Z",
+              "id": "auth_challenge_1234",
+              "object": "authentication_challenge",
+              "updated_at": "2022-03-15T20:39:19.892Z",
+            },
+            "valid": true,
+          }
+        `);
+            }));
+        });
+    });
+});

package/lib/organizations/interfaces/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/lib/sso/interfaces/authorization-url-options.interface.d.ts

@@ -1,7 +1,13 @@
 export interface AuthorizationURLOptions {
     clientID: string;
     connection?: string;
+    organization?: string;
+    /**
+     * @deprecated Please use `organization` instead.
+     */
     domain?: string;
+    domainHint?: string;
+    loginHint?: string;
     provider?: string;
     redirectURI: string;
     state?: string;

package/lib/sso/interfaces/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/lib/sso/sso.d.ts

@@ -11,7 +11,7 @@ export declare class SSO {
     private readonly workos;
     constructor(workos: WorkOS);
     deleteConnection(id: string): Promise<void>;
-    getAuthorizationURL({ connection, clientID, domain, provider, redirectURI, state, }: AuthorizationURLOptions): string;
+    getAuthorizationURL({ connection, clientID, domain, domainHint, loginHint, organization, provider, redirectURI, state, }: AuthorizationURLOptions): string;
     getConnection(id: string): Promise<Connection>;
     getProfileAndToken({ code, clientID, }: GetProfileAndTokenOptions): Promise<ProfileAndToken>;
     getProfile({ accessToken }: GetProfileOptions): Promise<Profile>;

package/lib/sso/sso.js

@@ -23,13 +23,19 @@ class SSO {
             yield this.workos.delete(`/connections/${id}`);
         });
     }
-    getAuthorizationURL({ connection, clientID, domain, provider, redirectURI, state, }) {
-        if (!domain && !provider && !connection) {
-            throw new Error(`Incomplete arguments. Need to specify either a 'connection', 'domain', or 'provider'.`);
+    getAuthorizationURL({ connection, clientID, domain, domainHint, loginHint, organization, provider, redirectURI, state, }) {
+        if (!domain && !provider && !connection && !organization) {
+            throw new Error(`Incomplete arguments. Need to specify either a 'connection', 'organization', 'domain', or 'provider'.`);
+        }
+        if (domain) {
+            this.workos.emitWarning('The `domain` parameter for `getAuthorizationURL` is deprecated. Please use `organization` instead.');
         }
         const query = query_string_1.default.stringify({
             connection,
+            organization,
             domain,
+            domain_hint: domainHint,
+            login_hint: loginHint,
             provider,
             client_id: clientID,
             redirect_uri: redirectURI,

package/lib/sso/sso.spec.js

@@ -65,6 +65,19 @@ describe('SSO', () => {
                     expect(url).toMatchSnapshot();
                 });
             });
+            describe('with an `organization`', () => {
+                it('generates an authorization URL with the organization', () => {
+                    const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
+                        apiHostname: 'api.workos.dev',
+                    });
+                    const url = workos.sso.getAuthorizationURL({
+                        organization: 'organization_123',
+                        clientID: 'proj_123',
+                        redirectURI: 'example.com/sso/workos/callback',
+                    });
+                    expect(url).toMatchSnapshot();
+                });
+            });
             describe('with a custom api hostname', () => {
                 it('generates an authorize url with the custom api hostname', () => {
                     const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
@@ -90,6 +103,32 @@ describe('SSO', () => {
                     expect(url).toMatchSnapshot();
                 });
             });
+            describe('with domainHint', () => {
+                it('generates an authorize url with the provided domain hint', () => {
+                    const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
+                    const url = workos.sso.getAuthorizationURL({
+                        domainHint: 'lyft.com',
+                        connection: 'connection_123',
+                        clientID: 'proj_123',
+                        redirectURI: 'example.com/sso/workos/callback',
+                        state: 'custom state',
+                    });
+                    expect(url).toMatchInlineSnapshot(`"https://api.workos.com/sso/authorize?client_id=proj_123&connection=connection_123&domain_hint=lyft.com&redirect_uri=example.com%2Fsso%2Fworkos%2Fcallback&response_type=code&state=custom%20state"`);
+                });
+            });
+            describe('with loginHint', () => {
+                it('generates an authorize url with the provided login hint', () => {
+                    const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
+                    const url = workos.sso.getAuthorizationURL({
+                        loginHint: 'foo@workos.com',
+                        connection: 'connection_123',
+                        clientID: 'proj_123',
+                        redirectURI: 'example.com/sso/workos/callback',
+                        state: 'custom state',
+                    });
+                    expect(url).toMatchInlineSnapshot(`"https://api.workos.com/sso/authorize?client_id=proj_123&connection=connection_123&login_hint=foo%40workos.com&redirect_uri=example.com%2Fsso%2Fworkos%2Fcallback&response_type=code&state=custom%20state"`);
+                });
+            });
         });
         describe('getProfileAndToken', () => {
             describe('with all information provided', () => {

package/lib/webhooks/interfaces/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/lib/webhooks/webhooks.js

@@ -7,13 +7,13 @@ exports.Webhooks = void 0;
 const crypto_1 = __importDefault(require("crypto"));
 const exceptions_1 = require("../common/exceptions");
 class Webhooks {
-    constructEvent({ payload, sigHeader, secret, tolerance = 180, }) {
+    constructEvent({ payload, sigHeader, secret, tolerance = 180000, }) {
         const options = { payload, sigHeader, secret, tolerance };
         this.verifyHeader(options);
         const webhookPayload = payload;
         return webhookPayload;
     }
-    verifyHeader({ payload, sigHeader, secret, tolerance = 180, }) {
+    verifyHeader({ payload, sigHeader, secret, tolerance = 180000, }) {
         const [timestamp, signatureHash] = this.getTimestampAndSignatureHash(sigHeader);
         if (!signatureHash || Object.keys(signatureHash).length === 0) {
             throw new exceptions_1.SignatureVerificationException('No signature hash found with expected scheme v1');

package/lib/workos.d.ts

@@ -7,6 +7,7 @@ import { Passwordless } from './passwordless/passwordless';
 import { Portal } from './portal/portal';
 import { SSO } from './sso/sso';
 import { Webhooks } from './webhooks/webhooks';
+import { Mfa } from './mfa/mfa';
 export declare class WorkOS {
     readonly key?: string | undefined;
     readonly options: WorkOSOptions;
@@ -19,6 +20,7 @@ export declare class WorkOS {
     readonly portal: Portal;
     readonly sso: SSO;
     readonly webhooks: Webhooks;
+    readonly mfa: Mfa;
     constructor(key?: string | undefined, options?: WorkOSOptions);
     post(path: string, entity: any, options?: PostOptions): Promise<AxiosResponse>;
     get(path: string, options?: GetOptions): Promise<AxiosResponse>;

package/lib/workos.js

@@ -22,7 +22,8 @@ const passwordless_1 = require("./passwordless/passwordless");
 const portal_1 = require("./portal/portal");
 const sso_1 = require("./sso/sso");
 const webhooks_1 = require("./webhooks/webhooks");
-const VERSION = '2.2.0';
+const mfa_1 = require("./mfa/mfa");
+const VERSION = '2.5.0-alpha.1';
 const DEFAULT_HOSTNAME = 'api.workos.com';
 class WorkOS {
     constructor(key, options = {}) {
@@ -35,6 +36,7 @@ class WorkOS {
         this.portal = new portal_1.Portal(this);
         this.sso = new sso_1.SSO(this);
         this.webhooks = new webhooks_1.Webhooks();
+        this.mfa = new mfa_1.Mfa(this);
         if (!key) {
             this.key = process.env.WORKOS_API_KEY;
             if (!this.key) {

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "2.2.0",
+  "version": "2.5.0-alpha.1",
   "name": "@workos-inc/node",
   "author": "WorkOS",
   "description": "A Node wrapper for the WorkOS API",
@@ -9,7 +9,7 @@
     "workos"
   ],
   "volta": {
-    "node": "14.18.1",
+    "node": "14.19.0",
     "yarn": "1.22.17"
   },
   "main": "lib/index.js",
@@ -36,18 +36,18 @@
   "dependencies": {
     "axios": "0.21.4",
     "pluralize": "8.0.0",
-    "query-string": "7.0.1"
+    "query-string": "7.1.1"
   },
   "devDependencies": {
-    "@types/jest": "27.0.2",
-    "@types/node": "14.17.33",
+    "@types/jest": "27.4.1",
+    "@types/node": "14.18.12",
     "@types/pluralize": "0.0.29",
     "axios-mock-adapter": "1.20.0",
-    "jest": "27.3.1",
-    "prettier": "2.4.1",
-    "supertest": "6.1.6",
-    "ts-jest": "27.0.7",
+    "jest": "27.5.1",
+    "prettier": "2.6.0",
+    "supertest": "6.2.2",
+    "ts-jest": "27.1.3",
     "tslint": "6.1.3",
-    "typescript": "4.4.4"
+    "typescript": "4.6.2"
   }
 }