@workos-inc/node 2.20.0 → 3.0.0-user-management.1

package/lib/audit-logs/audit-logs.spec.js

@@ -56,6 +56,7 @@ describe('AuditLogs', () => {
     describe('createEvent', () => {
         describe('with an idempotency key', () => {
             it('includes an idempotency key with request', () => __awaiter(void 0, void 0, void 0, function* () {
+                var _a;
                 mock
                     .onPost('/audit_logs/events', {
                     event: serializeEventOptions(event),
@@ -66,7 +67,7 @@ describe('AuditLogs', () => {
                 yield expect(workos.auditLogs.createEvent('org_123', event, {
                     idempotencyKey: 'the-idempotency-key',
                 })).resolves.toBeUndefined();
-                expect(mock.history.post[0].headers['Idempotency-Key']).toEqual('the-idempotency-key');
+                expect((_a = mock.history.post[0].headers) === null || _a === void 0 ? void 0 : _a['Idempotency-Key']).toEqual('the-idempotency-key');
             }));
         });
         describe('when the api responds with a 200', () => {

package/lib/audit-trail/audit-trail.spec.js

@@ -34,6 +34,7 @@ describe('AuditTrail', () => {
         describe('when the api responds with a 201 CREATED', () => {
             describe('with an idempotency key', () => {
                 it('includes an idempotency key with request', () => __awaiter(void 0, void 0, void 0, function* () {
+                    var _a;
                     mock
                         .onPost('/events', serializeEventOptions(event))
                         .replyOnce(201, { success: true });
@@ -41,7 +42,7 @@ describe('AuditTrail', () => {
                     yield expect(workos.auditTrail.createEvent(event, {
                         idempotencyKey: 'the-idempotency-key',
                     })).resolves.toBeUndefined();
-                    expect(mock.history.post[0].headers['Idempotency-Key']).toEqual('the-idempotency-key');
+                    expect((_a = mock.history.post[0].headers) === null || _a === void 0 ? void 0 : _a['Idempotency-Key']).toEqual('the-idempotency-key');
                 }));
             });
             it('posts Event successfully', () => __awaiter(void 0, void 0, void 0, function* () {

package/lib/common/interfaces/index.d.ts

@@ -3,3 +3,4 @@ export * from './post-options.interface';
 export * from './put-options.interface';
 export * from './unprocessable-entity-error.interface';
 export * from './workos-options.interface';
+export * from './workos-response-error.interface';

package/lib/common/interfaces/index.js

@@ -19,3 +19,4 @@ __exportStar(require("./post-options.interface"), exports);
 __exportStar(require("./put-options.interface"), exports);
 __exportStar(require("./unprocessable-entity-error.interface"), exports);
 __exportStar(require("./workos-options.interface"), exports);
+__exportStar(require("./workos-response-error.interface"), exports);

package/lib/common/interfaces/workos-response-error.interface.d.ts

@@ -0,0 +1,8 @@
+import { UnprocessableEntityError } from './unprocessable-entity-error.interface';
+export interface WorkOSResponseError {
+    code?: string;
+    error_description?: string;
+    error?: string;
+    errors?: UnprocessableEntityError[];
+    message: string;
+}

package/lib/common/interfaces/workos-response-error.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/mfa/mfa.spec.js

@@ -23,7 +23,7 @@ describe('MFA', () => {
             mock.onGet().reply(200, {});
             const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
             const factor = yield workos.mfa.getFactor('test_123');
-            expect(factor).toMatchInlineSnapshot(`Object {}`);
+            expect(factor).toMatchInlineSnapshot(`{}`);
         }));
     });
     describe('deleteFactor', () => {
@@ -53,7 +53,7 @@ describe('MFA', () => {
                     type: 'generic_otp',
                 });
                 expect(enrollResponse).toMatchInlineSnapshot(`
-          Object {
+          {
             "created_at": "2022-03-15T20:39:19.892Z",
             "id": "auth_factor_1234",
             "object": "authentication_factor",
@@ -89,11 +89,11 @@ describe('MFA', () => {
                     user: 'some_user',
                 });
                 expect(enrollResponse).toMatchInlineSnapshot(`
-          Object {
+          {
             "created_at": "2022-03-15T20:39:19.892Z",
             "id": "auth_factor_1234",
             "object": "authentication_factor",
-            "totp": Object {
+            "totp": {
               "issuer": "WorkOS",
               "qr_code": "qr-code-test",
               "secret": "secret-test",
@@ -127,11 +127,11 @@ describe('MFA', () => {
                     phoneNumber: '+1555555555',
                 });
                 expect(enrollResponse).toMatchInlineSnapshot(`
-          Object {
+          {
             "created_at": "2022-03-15T20:39:19.892Z",
             "id": "auth_factor_1234",
             "object": "authentication_factor",
-            "sms": Object {
+            "sms": {
               "phone_number": "+15555555555",
             },
             "type": "sms",
@@ -179,7 +179,7 @@ describe('MFA', () => {
                     authenticationFactorId: 'auth_factor_1234',
                 });
                 expect(challengeResponse).toMatchInlineSnapshot(`
-          Object {
+          {
             "authentication_factor_id": "auth_factor_1234",
             "code": "12345",
             "created_at": "2022-03-15T20:39:19.892Z",
@@ -215,7 +215,7 @@ describe('MFA', () => {
                     smsTemplate: 'This is your code: 12345',
                 });
                 expect(challengeResponse).toMatchInlineSnapshot(`
-          Object {
+          {
             "authentication_factor_id": "auth_factor_1234",
             "code": "12345",
             "created_at": "2022-03-15T20:39:19.892Z",
@@ -256,8 +256,8 @@ describe('MFA', () => {
                     code: '12345',
                 });
                 expect(verifyResponse).toMatchInlineSnapshot(`
-          Object {
-            "challenge": Object {
+          {
+            "challenge": {
               "authentication_factor_id": "auth_factor_1234",
               "code": "12345",
               "created_at": "2022-03-15T20:39:19.892Z",

package/lib/organizations/organizations.spec.js

@@ -110,6 +110,7 @@ describe('Organizations', () => {
     describe('createOrganization', () => {
         describe('with an idempotency key', () => {
             it('includes an idempotency key with request', () => __awaiter(void 0, void 0, void 0, function* () {
+                var _a;
                 mock
                     .onPost('/organizations', {
                     domains: ['example.com'],
@@ -122,7 +123,7 @@ describe('Organizations', () => {
                 }, {
                     idempotencyKey: 'the-idempotency-key',
                 });
-                expect(mock.history.post[0].headers['Idempotency-Key']).toEqual('the-idempotency-key');
+                expect((_a = mock.history.post[0].headers) === null || _a === void 0 ? void 0 : _a['Idempotency-Key']).toEqual('the-idempotency-key');
             }));
         });
         describe('with a valid payload', () => {

package/lib/portal/interfaces/generate-portal-link-intent.interface.js

@@ -7,4 +7,4 @@ var GeneratePortalLinkIntent;
     GeneratePortalLinkIntent["DSync"] = "dsync";
     GeneratePortalLinkIntent["LogStreams"] = "log_streams";
     GeneratePortalLinkIntent["SSO"] = "sso";
-})(GeneratePortalLinkIntent = exports.GeneratePortalLinkIntent || (exports.GeneratePortalLinkIntent = {}));
+})(GeneratePortalLinkIntent || (exports.GeneratePortalLinkIntent = GeneratePortalLinkIntent = {}));

package/lib/sso/interfaces/connection-type.enum.d.ts

@@ -15,6 +15,7 @@ export declare enum ConnectionType {
     JumpCloudSAML = "JumpCloudSAML",
     KeycloakSAML = "KeycloakSAML",
     LastPassSAML = "LastPassSAML",
+    LoginGovOidc = "LoginGovOidc",
     MagicLink = "MagicLink",
     MicrosoftOAuth = "MicrosoftOAuth",
     MiniOrangeSAML = "MiniOrangeSAML",

package/lib/sso/interfaces/connection-type.enum.js

@@ -19,6 +19,7 @@ var ConnectionType;
     ConnectionType["JumpCloudSAML"] = "JumpCloudSAML";
     ConnectionType["KeycloakSAML"] = "KeycloakSAML";
     ConnectionType["LastPassSAML"] = "LastPassSAML";
+    ConnectionType["LoginGovOidc"] = "LoginGovOidc";
     ConnectionType["MagicLink"] = "MagicLink";
     ConnectionType["MicrosoftOAuth"] = "MicrosoftOAuth";
     ConnectionType["MiniOrangeSAML"] = "MiniOrangeSAML";
@@ -34,4 +35,4 @@ var ConnectionType;
     ConnectionType["ShibbolethSAML"] = "ShibbolethSAML";
     ConnectionType["SimpleSamlPhpSAML"] = "SimpleSamlPhpSAML";
     ConnectionType["VMwareSAML"] = "VMwareSAML";
-})(ConnectionType = exports.ConnectionType || (exports.ConnectionType = {}));
+})(ConnectionType || (exports.ConnectionType = ConnectionType = {}));

package/lib/sso/interfaces/connection.interface.d.ts

@@ -10,7 +10,7 @@ export interface Connection {
     organization_id?: string;
     name: string;
     connection_type: ConnectionType;
-    state: 'draft' | 'active' | 'inactive';
+    state: 'draft' | 'active' | 'inactive' | 'validating';
     /**
      * @deprecated The status parameter has been deprecated. Please use state.
      */

package/lib/sso/sso.js

@@ -8,12 +8,19 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.SSO = void 0;
-const query_string_1 = __importDefault(require("query-string"));
+const toQueryString = (options) => {
+    const searchParams = new URLSearchParams();
+    const keys = Object.keys(options).sort();
+    for (const key of keys) {
+        const value = options[key];
+        if (value) {
+            searchParams.append(key, value);
+        }
+    }
+    return searchParams.toString();
+};
 class SSO {
     constructor(workos) {
         this.workos = workos;
@@ -30,7 +37,7 @@ class SSO {
         if (domain) {
             this.workos.emitWarning('The `domain` parameter for `getAuthorizationURL` is deprecated. Please use `organization` instead.');
         }
-        const query = query_string_1.default.stringify({
+        const query = toQueryString({
             connection,
             organization,
             domain,

package/lib/sso/sso.spec.js

@@ -113,7 +113,7 @@ describe('SSO', () => {
                         redirectURI: 'example.com/sso/workos/callback',
                         state: 'custom state',
                     });
-                    expect(url).toMatchInlineSnapshot(`"https://api.workos.com/sso/authorize?client_id=proj_123&connection=connection_123&domain_hint=lyft.com&redirect_uri=example.com%2Fsso%2Fworkos%2Fcallback&response_type=code&state=custom%20state"`);
+                    expect(url).toMatchInlineSnapshot(`"https://api.workos.com/sso/authorize?client_id=proj_123&connection=connection_123&domain_hint=lyft.com&redirect_uri=example.com%2Fsso%2Fworkos%2Fcallback&response_type=code&state=custom+state"`);
                 });
             });
             describe('with loginHint', () => {
@@ -126,7 +126,7 @@ describe('SSO', () => {
                         redirectURI: 'example.com/sso/workos/callback',
                         state: 'custom state',
                     });
-                    expect(url).toMatchInlineSnapshot(`"https://api.workos.com/sso/authorize?client_id=proj_123&connection=connection_123&login_hint=foo%40workos.com&redirect_uri=example.com%2Fsso%2Fworkos%2Fcallback&response_type=code&state=custom%20state"`);
+                    expect(url).toMatchInlineSnapshot(`"https://api.workos.com/sso/authorize?client_id=proj_123&connection=connection_123&login_hint=foo%40workos.com&redirect_uri=example.com%2Fsso%2Fworkos%2Fcallback&response_type=code&state=custom+state"`);
                 });
             });
         });
@@ -266,7 +266,7 @@ describe('SSO', () => {
                 });
                 expect(mock.history.get.length).toBe(1);
                 const { headers } = mock.history.get[0];
-                expect(headers.Authorization).toBe(`Bearer access_token`);
+                expect(headers === null || headers === void 0 ? void 0 : headers.Authorization).toBe(`Bearer access_token`);
                 expect(profile.id).toBe('prof_123');
             }));
         });

package/lib/users/fixtures/list-users.json

@@ -0,0 +1,21 @@
+{
+    "object": "list",
+    "data": [
+        {
+            "object": "user",
+            "id": "user_01H5JQDV7R7ATEYZDEG0W5PRYS",
+            "email": "test01@example.com",
+            "first_name": "Test 01",
+            "last_name": "User",
+            "organization_memberships": [],
+            "created_at": "2023-07-18T02:07:19.911Z",
+            "updated_at": "2023-07-18T02:07:19.911Z",
+            "user_type": "unmanaged",
+            "email_verified_at": "2023-07-17T20:07:20.055Z"
+        }
+    ],
+    "list_metadata": {
+        "before": null,
+        "after": null
+    }
+}

package/lib/users/fixtures/session.json

@@ -0,0 +1,6 @@
+{
+    "id": "session_01H5K05VP5CPCXJA5Z7G191GS4",
+    "created_at": "2023-07-18T04:40:14.954Z",
+    "expires_at": "2023-07-18T22:40:15.555Z",
+    "token": "really-long-token"
+}

package/lib/users/fixtures/user.json

@@ -0,0 +1,12 @@
+{
+    "object": "user",
+    "id": "user_01H5JQDV7R7ATEYZDEG0W5PRYS",
+    "email": "test01@example.com",
+    "first_name": "Test 01",
+    "last_name": "User",
+    "organization_memberships": [],
+    "created_at": "2023-07-18T02:07:19.911Z",
+    "updated_at": "2023-07-18T02:07:19.911Z",
+    "user_type": "unmanaged",
+    "email_verified_at": "2023-07-17T20:07:20.055Z"
+}

package/lib/users/interfaces/add-user-to-organization-options.interface.d.ts

@@ -0,0 +1,4 @@
+export interface AddUserToOrganizationOptions {
+    user_id: string;
+    organization_id: string;
+}

package/lib/users/interfaces/add-user-to-organization-options.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/interfaces/authenticate-user-with-password-options.interface.d.ts

@@ -0,0 +1,8 @@
+export interface AuthenticateUserWithPasswordOptions {
+    email: string;
+    password: string;
+    ip_address?: string;
+    user_agent?: string;
+    start_session?: boolean;
+    expires_in?: number;
+}

package/lib/users/interfaces/authenticate-user-with-password-options.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/interfaces/authenticate-user-with-token-options.interface.d.ts

@@ -0,0 +1,6 @@
+export interface AuthenticateUserWithTokenOptions {
+    client_id: string;
+    code: string;
+    start_session?: boolean;
+    expires_in?: number;
+}

package/lib/users/interfaces/authenticate-user-with-token-options.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/interfaces/authentication-response.interface.d.ts

@@ -0,0 +1,6 @@
+import { User } from './user.interface';
+import { Session } from './session.interface';
+export interface AuthenticationResponse {
+    session?: Session;
+    user: User;
+}

package/lib/users/interfaces/authentication-response.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/interfaces/complete-password-reset-options.interface.d.ts

@@ -0,0 +1,4 @@
+export interface CompletePasswordResetOptions {
+    token: string;
+    new_password: string;
+}

package/lib/users/interfaces/complete-password-reset-options.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/interfaces/create-email-verification-challenge-options.interface.d.ts

@@ -0,0 +1,9 @@
+import { User } from './user.interface';
+export interface CreateEmailVerificationChallengeOptions {
+    user_id: string;
+    verification_url: string;
+}
+export interface CreateEmailVerificationChallengeResponse {
+    token: string;
+    user: User;
+}

package/lib/users/interfaces/create-email-verification-challenge-options.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/interfaces/create-password-reset-challenge-options.interface.d.ts

@@ -0,0 +1,9 @@
+import { User } from './user.interface';
+export interface CreatePasswordResetChallengeOptions {
+    email: string;
+    password_reset_url: string;
+}
+export interface CreatePasswordResetChallengeResponse {
+    token: string;
+    user: User;
+}

package/lib/users/interfaces/create-password-reset-challenge-options.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/interfaces/create-user-options.interface.d.ts

@@ -0,0 +1,7 @@
+export interface CreateUserOptions {
+    email: string;
+    password: string;
+    first_name?: string;
+    last_name?: string;
+    email_verified?: boolean;
+}

package/lib/users/interfaces/create-user-options.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/interfaces/index.d.ts

@@ -0,0 +1,13 @@
+export * from './add-user-to-organization-options.interface';
+export * from './authenticate-user-with-password-options.interface';
+export * from './authenticate-user-with-token-options.interface';
+export * from './authentication-response.interface';
+export * from './complete-password-reset-options.interface';
+export * from './create-email-verification-challenge-options.interface';
+export * from './create-password-reset-challenge-options.interface';
+export * from './create-user-options.interface';
+export * from './list-users-options.interface';
+export * from './remove-user-from-organization-options.interface';
+export * from './revoke-session-options.interface';
+export * from './user.interface';
+export * from './verify-session.interface';

package/lib/users/interfaces/index.js

@@ -0,0 +1,29 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./add-user-to-organization-options.interface"), exports);
+__exportStar(require("./authenticate-user-with-password-options.interface"), exports);
+__exportStar(require("./authenticate-user-with-token-options.interface"), exports);
+__exportStar(require("./authentication-response.interface"), exports);
+__exportStar(require("./complete-password-reset-options.interface"), exports);
+__exportStar(require("./create-email-verification-challenge-options.interface"), exports);
+__exportStar(require("./create-password-reset-challenge-options.interface"), exports);
+__exportStar(require("./create-user-options.interface"), exports);
+__exportStar(require("./list-users-options.interface"), exports);
+__exportStar(require("./remove-user-from-organization-options.interface"), exports);
+__exportStar(require("./revoke-session-options.interface"), exports);
+__exportStar(require("./user.interface"), exports);
+__exportStar(require("./verify-session.interface"), exports);

package/lib/users/interfaces/list-users-options.interface.d.ts

@@ -0,0 +1,6 @@
+import { PaginationOptions } from '../../common/interfaces/pagination-options.interface';
+export interface ListUsersOptions extends PaginationOptions {
+    type?: 'managed' | 'unmanaged';
+    email?: string;
+    organization?: string;
+}

package/lib/users/interfaces/list-users-options.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/interfaces/remove-user-from-organization-options.interface.d.ts

@@ -0,0 +1,4 @@
+export interface RemoveUserFromOrganizationOptions {
+    user_id: string;
+    organization_id: string;
+}

package/lib/users/interfaces/remove-user-from-organization-options.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/interfaces/revoke-session-options.interface.d.ts

@@ -0,0 +1,8 @@
+export type RevokeSessionOptions = SessionId | SessionToken;
+interface SessionId {
+    session_id: string;
+}
+interface SessionToken {
+    session_token: string;
+}
+export {};

package/lib/users/interfaces/revoke-session-options.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/interfaces/session.interface.d.ts

@@ -0,0 +1,6 @@
+export interface Session {
+    id: string;
+    created_at: string;
+    expires_at: string;
+    token: string;
+}

package/lib/users/interfaces/session.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/interfaces/user.interface.d.ts

@@ -0,0 +1,31 @@
+export type User = ManagedUser | UnmanangedUser;
+interface ManagedUser extends BaseUser {
+    user_type: 'managed';
+    organization_memberships: [OrganizationMembership];
+    sso_profile_id: string;
+}
+interface UnmanangedUser extends BaseUser {
+    user_type: 'unmanaged';
+    organization_memberships: OrganizationMembership[];
+    email_verified_at?: string;
+    google_oauth_profile_id?: string;
+}
+interface BaseUser {
+    object: 'user';
+    id: string;
+    email: string;
+    first_name?: string;
+    last_name?: string;
+    created_at: string;
+    updated_at: string;
+}
+interface OrganizationMembership {
+    organization: OrganizationSummary;
+    created_at: string;
+    updated_at: string;
+}
+interface OrganizationSummary {
+    id: string;
+    name: string;
+}
+export {};

package/lib/users/interfaces/user.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/interfaces/verify-session.interface.d.ts

@@ -0,0 +1,10 @@
+import { User } from './user.interface';
+import { Session } from './session.interface';
+export interface VerifySessionOptions {
+    token: string;
+    client_id: string;
+}
+export interface VerifySessionResponse {
+    session: Session;
+    user: User;
+}

package/lib/users/interfaces/verify-session.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/users/users.d.ts

@@ -0,0 +1,21 @@
+import { WorkOS } from '../workos';
+import { AddUserToOrganizationOptions, AuthenticateUserWithPasswordOptions, AuthenticateUserWithTokenOptions, AuthenticationResponse, CompletePasswordResetOptions, CreateEmailVerificationChallengeOptions, CreateEmailVerificationChallengeResponse, CreatePasswordResetChallengeOptions, CreatePasswordResetChallengeResponse, CreateUserOptions, ListUsersOptions, RemoveUserFromOrganizationOptions, RevokeSessionOptions, User, VerifySessionOptions, VerifySessionResponse } from './interfaces';
+import { List } from '../common/interfaces/list.interface';
+export declare class Users {
+    private readonly workos;
+    constructor(workos: WorkOS);
+    getUser(userId: string): Promise<User>;
+    listUsers(options?: ListUsersOptions): Promise<List<User>>;
+    createUser(payload: CreateUserOptions): Promise<User>;
+    authenticateUserWithPassword(payload: AuthenticateUserWithPasswordOptions): Promise<AuthenticationResponse>;
+    authenticateUserWithToken(payload: AuthenticateUserWithTokenOptions): Promise<AuthenticationResponse>;
+    verifySession(payload: VerifySessionOptions): Promise<VerifySessionResponse>;
+    revokeSession(payload: RevokeSessionOptions): Promise<boolean>;
+    revokeAllSessionsForUser(userId: string): Promise<boolean>;
+    createEmailVerificationChallenge({ user_id, verification_url, }: CreateEmailVerificationChallengeOptions): Promise<CreateEmailVerificationChallengeResponse>;
+    completeEmailVerification(token: string): Promise<User>;
+    createPasswordResetChallenge(payload: CreatePasswordResetChallengeOptions): Promise<CreatePasswordResetChallengeResponse>;
+    completePasswordReset(payload: CompletePasswordResetOptions): Promise<User>;
+    addUserToOrganization({ user_id, organization_id, }: AddUserToOrganizationOptions): Promise<User>;
+    removeUserFromOrganization({ user_id, organization_id, }: RemoveUserFromOrganizationOptions): Promise<User>;
+}

package/lib/users/users.js

@@ -0,0 +1,110 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Users = void 0;
+class Users {
+    constructor(workos) {
+        this.workos = workos;
+    }
+    getUser(userId) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.get(`/users/${userId}`);
+            return data;
+        });
+    }
+    listUsers(options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.get('/users', {
+                query: options,
+            });
+            return data;
+        });
+    }
+    createUser(payload) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post('/users', payload);
+            return data;
+        });
+    }
+    authenticateUserWithPassword(payload) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post('/users/authentications', payload);
+            return data;
+        });
+    }
+    authenticateUserWithToken(payload) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post('/users/sessions/token', Object.assign(Object.assign({}, payload), { client_secret: this.workos.key, grant_type: 'authorization_code' }));
+            return data;
+        });
+    }
+    verifySession(payload) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post('/users/sessions/verify', payload);
+            return data;
+        });
+    }
+    revokeSession(payload) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post('/users/sessions/revocations', payload);
+            return data;
+        });
+    }
+    revokeAllSessionsForUser(userId) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.delete(`/users/${userId}/sessions`);
+            return data;
+        });
+    }
+    createEmailVerificationChallenge({ user_id, verification_url, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post(`/users/${user_id}/email_verification_challenge`, {
+                verification_url,
+            });
+            return data;
+        });
+    }
+    completeEmailVerification(token) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post('/users/email_verification', {
+                token,
+            });
+            return data;
+        });
+    }
+    createPasswordResetChallenge(payload) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post('/users/password_reset_challenge', payload);
+            return data;
+        });
+    }
+    completePasswordReset(payload) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post('/users/password_reset', payload);
+            return data;
+        });
+    }
+    addUserToOrganization({ user_id, organization_id, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post(`/users/${user_id}/organizations`, {
+                organization_id,
+            });
+            return data;
+        });
+    }
+    removeUserFromOrganization({ user_id, organization_id, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.delete(`/users/${user_id}/organizations/${organization_id}`);
+            return data;
+        });
+    }
+}
+exports.Users = Users;

package/lib/users/users.spec.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/users/users.spec.js

@@ -0,0 +1,294 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const axios_1 = __importDefault(require("axios"));
+const axios_mock_adapter_1 = __importDefault(require("axios-mock-adapter"));
+const workos_1 = require("../workos");
+const user_json_1 = __importDefault(require("./fixtures/user.json"));
+const list_users_json_1 = __importDefault(require("./fixtures/list-users.json"));
+const session_json_1 = __importDefault(require("./fixtures/session.json"));
+const mock = new axios_mock_adapter_1.default(axios_1.default);
+const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
+const userId = 'user_01H5JQDV7R7ATEYZDEG0W5PRYS';
+describe('UserManagement', () => {
+    afterEach(() => mock.resetHistory());
+    describe('getUser', () => {
+        it('sends a Get User request', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock.onGet(`/users/${userId}`).reply(200, user_json_1.default);
+            const user = yield workos.users.getUser(userId);
+            expect(mock.history.get[0].url).toEqual(`/users/${userId}`);
+            expect(user).toMatchObject({
+                object: 'user',
+                id: 'user_01H5JQDV7R7ATEYZDEG0W5PRYS',
+                email: 'test01@example.com',
+                first_name: 'Test 01',
+                last_name: 'User',
+                organization_memberships: [],
+                user_type: 'unmanaged',
+                email_verified_at: '2023-07-17T20:07:20.055Z',
+            });
+        }));
+    });
+    describe('listUsers', () => {
+        it('lists users', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock.onGet('/users').reply(200, list_users_json_1.default);
+            const userList = yield workos.users.listUsers();
+            expect(mock.history.get[0].url).toEqual('/users');
+            expect(userList).toMatchObject({
+                object: 'list',
+                data: [
+                    {
+                        object: 'user',
+                        email: 'test01@example.com',
+                    },
+                ],
+                list_metadata: {
+                    before: null,
+                    after: null,
+                },
+            });
+        }));
+        it('sends the correct params when filtering', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock.onGet('/users').reply(200, list_users_json_1.default);
+            yield workos.users.listUsers({
+                email: 'foo@example.com',
+                organization: 'org_someorg',
+                type: 'managed',
+                after: 'user_01H5JQDV7R7ATEYZDEG0W5PRYS',
+                limit: 10,
+            });
+            expect(mock.history.get[0].params).toEqual({
+                email: 'foo@example.com',
+                organization: 'org_someorg',
+                type: 'managed',
+                after: 'user_01H5JQDV7R7ATEYZDEG0W5PRYS',
+                limit: 10,
+            });
+        }));
+    });
+    describe('createUser', () => {
+        it('sends a Create User request', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock.onPost('/users').reply(200, user_json_1.default);
+            const user = yield workos.users.createUser({
+                email: 'test01@example.com',
+                password: 'extra-secure',
+                first_name: 'Test 01',
+                last_name: 'User',
+                email_verified: true,
+            });
+            expect(mock.history.post[0].url).toEqual('/users');
+            expect(user).toMatchObject(user_json_1.default);
+        }));
+    });
+    describe('authenticateUserWithPassword', () => {
+        it('sends an password authentication request', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock.onPost('/users/authentications').reply(200, {
+                user: user_json_1.default,
+                session: session_json_1.default,
+            });
+            const resp = yield workos.users.authenticateUserWithPassword({
+                email: 'test01@example.com',
+                password: 'extra-secure',
+            });
+            expect(mock.history.post[0].url).toEqual('/users/authentications');
+            expect(resp).toMatchObject({
+                user: {
+                    email: 'test01@example.com',
+                },
+                session: {
+                    id: 'session_01H5K05VP5CPCXJA5Z7G191GS4',
+                    token: 'really-long-token',
+                },
+            });
+        }));
+    });
+    describe('authenticateUserWithToken', () => {
+        it('sends a token authentication request', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock
+                .onPost('/users/sessions/token')
+                .reply(200, { user: user_json_1.default, session: session_json_1.default });
+            const resp = yield workos.users.authenticateUserWithToken({
+                client_id: 'proj_whatever',
+                code: 'or this',
+                expires_in: 15,
+            });
+            expect(mock.history.post[0].url).toEqual('/users/sessions/token');
+            expect(JSON.parse(mock.history.post[0].data)).toMatchObject({
+                client_secret: 'sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU',
+                grant_type: 'authorization_code',
+            });
+            expect(resp).toMatchObject({
+                user: {
+                    email: 'test01@example.com',
+                },
+                session: {
+                    id: 'session_01H5K05VP5CPCXJA5Z7G191GS4',
+                    token: 'really-long-token',
+                },
+            });
+        }));
+    });
+    describe('verifySession', () => {
+        it('sends a request to verify the session', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock.onPost('/users/sessions/verify').reply(200, {
+                user: user_json_1.default,
+                session: session_json_1.default,
+            });
+            const resp = yield workos.users.verifySession({
+                client_id: 'proj_something',
+                token: 'really-long-token',
+            });
+            expect(mock.history.post[0].url).toEqual('/users/sessions/verify');
+            expect(resp).toMatchObject({
+                user: {
+                    email: 'test01@example.com',
+                },
+                session: {
+                    id: 'session_01H5K05VP5CPCXJA5Z7G191GS4',
+                    token: 'really-long-token',
+                },
+            });
+        }));
+    });
+    describe('revokeSession', () => {
+        it('can revoke with the session_id', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock.onPost('/users/sessions/revocations').reply(200, true);
+            const revoked = yield workos.users.revokeSession({
+                session_id: 'session_01H5K05VP5CPCXJA5Z7G191GS4',
+            });
+            expect(mock.history.post[0].url).toEqual('/users/sessions/revocations');
+            expect(revoked).toEqual(true);
+        }));
+        it('can revoke with the session_token', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock.onPost('/users/sessions/revocations').reply(200, true);
+            const revoked = yield workos.users.revokeSession({
+                session_token: 'really-long-token',
+            });
+            expect(mock.history.post[0].url).toEqual('/users/sessions/revocations');
+            expect(revoked).toEqual(true);
+        }));
+    });
+    describe('revokeAllSessionsForUser', () => {
+        it('sends a revokeAllSessionsForUser request', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock.onDelete(`/users/${userId}/sessions`).reply(200, true);
+            const revoked = yield workos.users.revokeAllSessionsForUser(userId);
+            expect(mock.history.delete[0].url).toEqual(`/users/${userId}/sessions`);
+            expect(revoked).toEqual(true);
+        }));
+    });
+    describe('createEmailVerificationChallenge', () => {
+        it('sends a Create Email Verification Challenge request', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock.onPost(`/users/${userId}/email_verification_challenge`).reply(200, {
+                token: 'email-verification-challenge',
+                user: user_json_1.default,
+            });
+            const resp = yield workos.users.createEmailVerificationChallenge({
+                user_id: userId,
+                verification_url: 'https://example.com/verify-email',
+            });
+            expect(mock.history.post[0].url).toEqual(`/users/${userId}/email_verification_challenge`);
+            expect(resp).toMatchObject({
+                token: 'email-verification-challenge',
+                user: {
+                    email: 'test01@example.com',
+                },
+            });
+        }));
+        describe('completeEmailVerification', () => {
+            it('sends a Complete Email Verification request', () => __awaiter(void 0, void 0, void 0, function* () {
+                mock
+                    .onPost(`/users/email_verification`)
+                    .reply(200, { user: user_json_1.default });
+                const resp = yield workos.users.completeEmailVerification('email-verification-token');
+                expect(mock.history.post[0].url).toEqual(`/users/email_verification`);
+                expect(resp).toMatchObject({
+                    user: {
+                        email: 'test01@example.com',
+                    },
+                });
+            }));
+        });
+    });
+    describe('createPasswordResetChallenge', () => {
+        it('sends a Create Password Reset Challenge request', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock.onPost(`/users/password_reset_challenge`).reply(200, {
+                token: 'password-reset-token',
+                user: user_json_1.default,
+            });
+            const resp = yield workos.users.createPasswordResetChallenge({
+                email: 'test01@example.com',
+                password_reset_url: 'https://example.com/forgot-password',
+            });
+            expect(mock.history.post[0].url).toEqual(`/users/password_reset_challenge`);
+            expect(resp).toMatchObject({
+                token: 'password-reset-token',
+                user: {
+                    email: 'test01@example.com',
+                },
+            });
+        }));
+    });
+    describe('completePasswordReset', () => {
+        it('sends a completePasswordReset request', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock.onPost(`/users/password_reset`).reply(200, {
+                user: user_json_1.default,
+            });
+            const resp = yield workos.users.completePasswordReset({
+                token: '',
+                new_password: 'correct horse battery staple',
+            });
+            expect(mock.history.post[0].url).toEqual(`/users/password_reset`);
+            expect(resp).toMatchObject({
+                user: {
+                    email: 'test01@example.com',
+                },
+            });
+        }));
+    });
+    describe('addUserToOrganization', () => {
+        it('sends a addUserToOrganization request', () => __awaiter(void 0, void 0, void 0, function* () {
+            mock.onPost(`/users/${userId}/organizations`).reply(200, {
+                user: user_json_1.default,
+            });
+            const resp = yield workos.users.addUserToOrganization({
+                user_id: userId,
+                organization_id: 'org_coolorg',
+            });
+            expect(mock.history.post[0].url).toEqual(`/users/${userId}/organizations`);
+            expect(resp).toMatchObject({
+                user: {
+                    email: 'test01@example.com',
+                },
+            });
+        }));
+    });
+    describe('removeUserFromOrganization', () => {
+        it('sends a removeUserFromOrganization request', () => __awaiter(void 0, void 0, void 0, function* () {
+            const orgId = 'org_coolorg';
+            mock.onDelete(`/users/${userId}/organizations/${orgId}`).reply(200, {
+                user: user_json_1.default,
+            });
+            const resp = yield workos.users.removeUserFromOrganization({
+                user_id: userId,
+                organization_id: orgId,
+            });
+            expect(mock.history.delete[0].url).toEqual(`/users/${userId}/organizations/${orgId}`);
+            expect(resp).toMatchObject({
+                user: {
+                    email: 'test01@example.com',
+                },
+            });
+        }));
+    });
+});

package/lib/webhooks/fixtures/webhook.json

@@ -1 +1 @@
-{ "id": "wh_123", "data": { "id": "directory_user_01FAEAJCR3ZBZ30D8BD1924TVG", "state": "active", "emails": [{ "type": "work", "value": "blair@foo-corp.com", "primary": true }], "idp_id": "00u1e8mutl6wlH3lL4x7", "object": "directory_user", "username": "blair@foo-corp.com", "last_name": "Lunchford", "first_name": "Blair", "job_title": "Software Engineer", "directory_id": "directory_01F9M7F68PZP8QXP8G7X5QRHS7", "raw_attributes": { "name": { "givenName": "Blair", "familyName": "Lunchford", "middleName": "Elizabeth", "honorificPrefix": "Ms." }, "title": "Software Engineer", "active": true, "emails": [{ "type": "work", "value": "blair@foo-corp.com", "primary": true }], "groups": [], "locale": "en-US", "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"], "userName": "blair@foo-corp.com", "addresses": [{ "region": "CA", "primary": true, "locality": "San Francisco", "postalCode": "94016" }], "externalId": "00u1e8mutl6wlH3lL4x7", "displayName": "Blair Lunchford", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { "manager": { "value": "2", "displayName": "Kate Chapman" }, "division": "Engineering", "department": "Customer Success" } } }, "event": "dsync.user.created" }
+{ "id": "wh_123", "data": { "id": "directory_user_01FAEAJCR3ZBZ30D8BD1924TVG", "state": "active", "emails": [{ "type": "work", "value": "blair@foo-corp.com", "primary": true }], "idp_id": "00u1e8mutl6wlH3lL4x7", "object": "directory_user", "username": "blair@foo-corp.com", "last_name": "Lunchford", "first_name": "Blair", "job_title": "Software Engineer", "directory_id": "directory_01F9M7F68PZP8QXP8G7X5QRHS7", "raw_attributes": { "name": { "givenName": "Blair", "familyName": "Lunchford", "middleName": "Elizabeth", "honorificPrefix": "Ms." }, "title": "Software Engineer", "active": true, "emails": [{ "type": "work", "value": "blair@foo-corp.com", "primary": true }], "groups": [], "locale": "en-US", "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"], "userName": "blair@foo-corp.com", "addresses": [{ "region": "CA", "primary": true, "locality": "San Francisco", "postalCode": "94016" }], "externalId": "00u1e8mutl6wlH3lL4x7", "displayName": "Blair Lunchford", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { "manager": { "value": "2", "displayName": "Kate Chapman" }, "division": "Engineering", "department": "Customer Success" } } }, "event": "dsync.user.created", "created_at": "2021-06-25T19:07:33.155Z" }

package/lib/webhooks/interfaces/webhook.interface.d.ts

@@ -4,6 +4,7 @@ import { WebhookDirectoryUser as User } from './webhook-directory-user.interface
 import { WebhookDirectory as Directory } from './webhook-directory.interface';
 interface WebhookBase {
     id: string;
+    created_at: string;
 }
 export interface ConnectionActivatedWebhook extends WebhookBase {
     event: 'connection.activated';

package/lib/workos.d.ts

@@ -10,6 +10,7 @@ import { SSO } from './sso/sso';
 import { Webhooks } from './webhooks/webhooks';
 import { Mfa } from './mfa/mfa';
 import { AuditLogs } from './audit-logs/audit-logs';
+import { Users } from './users/users';
 export declare class WorkOS {
     readonly key?: string | undefined;
     readonly options: WorkOSOptions;
@@ -25,6 +26,7 @@ export declare class WorkOS {
     readonly webhooks: Webhooks;
     readonly mfa: Mfa;
     readonly events: Events;
+    readonly users: Users;
     constructor(key?: string | undefined, options?: WorkOSOptions);
     post(path: string, entity: any, options?: PostOptions): Promise<AxiosResponse>;
     get(path: string, options?: GetOptions): Promise<AxiosResponse>;

package/lib/workos.js

@@ -25,8 +25,9 @@ const sso_1 = require("./sso/sso");
 const webhooks_1 = require("./webhooks/webhooks");
 const mfa_1 = require("./mfa/mfa");
 const audit_logs_1 = require("./audit-logs/audit-logs");
+const users_1 = require("./users/users");
 const bad_request_exception_1 = require("./common/exceptions/bad-request.exception");
-const VERSION = '2.20.0';
+const VERSION = '2.17.0';
 const DEFAULT_HOSTNAME = 'api.workos.com';
 class WorkOS {
     constructor(key, options = {}) {
@@ -43,6 +44,7 @@ class WorkOS {
         this.webhooks = new webhooks_1.Webhooks();
         this.mfa = new mfa_1.Mfa(this);
         this.events = new events_1.Events(this);
+        this.users = new users_1.Users(this);
         if (!key) {
             this.key = process.env.WORKOS_API_KEY;
             if (!this.key) {

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "2.20.0",
+  "version": "3.0.0-user-management.1",
   "name": "@workos-inc/node",
   "author": "WorkOS",
   "description": "A Node wrapper for the WorkOS API",
@@ -9,7 +9,7 @@
     "workos"
   ],
   "volta": {
-    "node": "14.21.2",
+    "node": "14.21.3",
     "yarn": "1.22.19"
   },
   "main": "lib/index.js",
@@ -34,20 +34,19 @@
     "prepublishOnly": "yarn run build"
   },
   "dependencies": {
-    "axios": "0.21.4",
-    "pluralize": "8.0.0",
-    "query-string": "7.1.3"
+    "axios": "1.4.0",
+    "pluralize": "8.0.0"
   },
   "devDependencies": {
-    "@types/jest": "27.5.2",
-    "@types/node": "14.18.36",
-    "@types/pluralize": "0.0.29",
-    "axios-mock-adapter": "1.21.2",
-    "jest": "27.5.1",
-    "prettier": "2.8.3",
-    "supertest": "6.2.3",
-    "ts-jest": "27.1.5",
+    "@types/jest": "29.5.3",
+    "@types/node": "14.18.53",
+    "@types/pluralize": "0.0.30",
+    "axios-mock-adapter": "1.21.5",
+    "jest": "29.6.1",
+    "prettier": "2.8.8",
+    "supertest": "6.3.3",
+    "ts-jest": "29.1.1",
     "tslint": "6.1.3",
-    "typescript": "4.9.5"
+    "typescript": "5.1.6"
   }
 }