@workos-inc/node 7.21.0 → 7.22.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/index.d.ts +1 -0
- package/lib/index.js +1 -0
- package/lib/user-management/interfaces/authenticate-with-session-cookie.interface.d.ts +4 -0
- package/lib/user-management/interfaces/refresh-and-seal-session-data.interface.d.ts +5 -0
- package/lib/user-management/interfaces/refresh-and-seal-session-data.interface.js +5 -0
- package/lib/user-management/interfaces/session-handler-options.interface.d.ts +1 -0
- package/lib/user-management/user-management.d.ts +3 -3
- package/lib/user-management/user-management.js +5 -2
- package/lib/workos.js +1 -1
- package/package.json +6 -2
package/lib/index.d.ts
CHANGED
|
@@ -10,6 +10,7 @@ export * from './common/utils/pagination';
|
|
|
10
10
|
export * from './directory-sync/interfaces';
|
|
11
11
|
export * from './directory-sync/utils/get-primary-email';
|
|
12
12
|
export * from './events/interfaces';
|
|
13
|
+
export * from './fga/interfaces';
|
|
13
14
|
export * from './organizations/interfaces';
|
|
14
15
|
export * from './passwordless/interfaces';
|
|
15
16
|
export * from './portal/interfaces';
|
package/lib/index.js
CHANGED
|
@@ -29,6 +29,7 @@ __exportStar(require("./common/utils/pagination"), exports);
|
|
|
29
29
|
__exportStar(require("./directory-sync/interfaces"), exports);
|
|
30
30
|
__exportStar(require("./directory-sync/utils/get-primary-email"), exports);
|
|
31
31
|
__exportStar(require("./events/interfaces"), exports);
|
|
32
|
+
__exportStar(require("./fga/interfaces"), exports);
|
|
32
33
|
__exportStar(require("./organizations/interfaces"), exports);
|
|
33
34
|
__exportStar(require("./passwordless/interfaces"), exports);
|
|
34
35
|
__exportStar(require("./portal/interfaces"), exports);
|
|
@@ -6,6 +6,11 @@ export declare enum RefreshAndSealSessionDataFailureReason {
|
|
|
6
6
|
INVALID_SESSION_COOKIE = "invalid_session_cookie",
|
|
7
7
|
NO_SESSION_COOKIE_PROVIDED = "no_session_cookie_provided",
|
|
8
8
|
INVALID_GRANT = "invalid_grant",
|
|
9
|
+
MFA_ENROLLMENT = "mfa_enrollment",
|
|
10
|
+
SSO_REQUIRED = "sso_required",
|
|
11
|
+
/**
|
|
12
|
+
* @deprecated To be removed in a future major version.
|
|
13
|
+
*/
|
|
9
14
|
ORGANIZATION_NOT_AUTHORIZED = "organization_not_authorized"
|
|
10
15
|
}
|
|
11
16
|
type RefreshAndSealSessionDataFailedResponse = {
|
|
@@ -11,5 +11,10 @@ var RefreshAndSealSessionDataFailureReason;
|
|
|
11
11
|
RefreshAndSealSessionDataFailureReason["NO_SESSION_COOKIE_PROVIDED"] = "no_session_cookie_provided";
|
|
12
12
|
// API OauthErrors for refresh tokens
|
|
13
13
|
RefreshAndSealSessionDataFailureReason["INVALID_GRANT"] = "invalid_grant";
|
|
14
|
+
RefreshAndSealSessionDataFailureReason["MFA_ENROLLMENT"] = "mfa_enrollment";
|
|
15
|
+
RefreshAndSealSessionDataFailureReason["SSO_REQUIRED"] = "sso_required";
|
|
16
|
+
/**
|
|
17
|
+
* @deprecated To be removed in a future major version.
|
|
18
|
+
*/
|
|
14
19
|
RefreshAndSealSessionDataFailureReason["ORGANIZATION_NOT_AUTHORIZED"] = "organization_not_authorized";
|
|
15
20
|
})(RefreshAndSealSessionDataFailureReason || (exports.RefreshAndSealSessionDataFailureReason = RefreshAndSealSessionDataFailureReason = {}));
|
|
@@ -4,7 +4,7 @@ import { WorkOS } from '../workos';
|
|
|
4
4
|
import { AuthenticateWithCodeOptions, AuthenticateWithMagicAuthOptions, AuthenticateWithPasswordOptions, AuthenticateWithRefreshTokenOptions, AuthenticateWithTotpOptions, AuthenticationResponse, CreateMagicAuthOptions, CreatePasswordResetOptions, CreateUserOptions, EmailVerification, EnrollAuthFactorOptions, ListAuthFactorsOptions, ListUsersOptions, MagicAuth, PasswordReset, ResetPasswordOptions, SendMagicAuthCodeOptions, SendPasswordResetEmailOptions, SendVerificationEmailOptions, UpdateUserOptions, User, VerifyEmailOptions } from './interfaces';
|
|
5
5
|
import { AuthenticateWithEmailVerificationOptions } from './interfaces/authenticate-with-email-verification-options.interface';
|
|
6
6
|
import { AuthenticateWithOrganizationSelectionOptions } from './interfaces/authenticate-with-organization-selection.interface';
|
|
7
|
-
import { AuthenticateWithSessionCookieFailedResponse, AuthenticateWithSessionCookieSuccessResponse, SessionCookieData } from './interfaces/authenticate-with-session-cookie.interface';
|
|
7
|
+
import { AuthenticateWithSessionCookieFailedResponse, AuthenticateWithSessionCookieOptions, AuthenticateWithSessionCookieSuccessResponse, SessionCookieData } from './interfaces/authenticate-with-session-cookie.interface';
|
|
8
8
|
import { AuthorizationURLOptions } from './interfaces/authorization-url-options.interface';
|
|
9
9
|
import { CreateOrganizationMembershipOptions } from './interfaces/create-organization-membership-options.interface';
|
|
10
10
|
import { Factor, FactorWithSecrets } from './interfaces/factor.interface';
|
|
@@ -34,9 +34,9 @@ export declare class UserManagement {
|
|
|
34
34
|
authenticateWithTotp(payload: AuthenticateWithTotpOptions): Promise<AuthenticationResponse>;
|
|
35
35
|
authenticateWithEmailVerification(payload: AuthenticateWithEmailVerificationOptions): Promise<AuthenticationResponse>;
|
|
36
36
|
authenticateWithOrganizationSelection(payload: AuthenticateWithOrganizationSelectionOptions): Promise<AuthenticationResponse>;
|
|
37
|
-
authenticateWithSessionCookie({ sessionData, cookiePassword, }:
|
|
37
|
+
authenticateWithSessionCookie({ sessionData, cookiePassword, }: AuthenticateWithSessionCookieOptions): Promise<AuthenticateWithSessionCookieSuccessResponse | AuthenticateWithSessionCookieFailedResponse>;
|
|
38
38
|
private isValidJwt;
|
|
39
|
-
refreshAndSealSessionData({ sessionData, cookiePassword, }: SessionHandlerOptions): Promise<RefreshAndSealSessionDataResponse>;
|
|
39
|
+
refreshAndSealSessionData({ sessionData, organizationId, cookiePassword, }: SessionHandlerOptions): Promise<RefreshAndSealSessionDataResponse>;
|
|
40
40
|
private prepareAuthenticationResponse;
|
|
41
41
|
private sealSessionDataFromAuthenticationResponse;
|
|
42
42
|
getSessionFromCookie({ sessionData, cookiePassword, }: SessionHandlerOptions): Promise<SessionCookieData | undefined>;
|
|
@@ -203,7 +203,7 @@ class UserManagement {
|
|
|
203
203
|
}
|
|
204
204
|
});
|
|
205
205
|
}
|
|
206
|
-
refreshAndSealSessionData({ sessionData, cookiePassword = process.env.WORKOS_COOKIE_PASSWORD, }) {
|
|
206
|
+
refreshAndSealSessionData({ sessionData, organizationId, cookiePassword = process.env.WORKOS_COOKIE_PASSWORD, }) {
|
|
207
207
|
return __awaiter(this, void 0, void 0, function* () {
|
|
208
208
|
if (!cookiePassword) {
|
|
209
209
|
throw new Error('Cookie password is required');
|
|
@@ -223,10 +223,12 @@ class UserManagement {
|
|
|
223
223
|
reason: refresh_and_seal_session_data_interface_1.RefreshAndSealSessionDataFailureReason.INVALID_SESSION_COOKIE,
|
|
224
224
|
};
|
|
225
225
|
}
|
|
226
|
+
const { org_id: organizationIdFromAccessToken } = (0, jose_1.decodeJwt)(session.accessToken);
|
|
226
227
|
try {
|
|
227
228
|
const { sealedSession } = yield this.authenticateWithRefreshToken({
|
|
228
229
|
clientId: this.workos.clientId,
|
|
229
230
|
refreshToken: session.refreshToken,
|
|
231
|
+
organizationId: organizationId !== null && organizationId !== void 0 ? organizationId : organizationIdFromAccessToken,
|
|
230
232
|
session: { sealSession: true, cookiePassword },
|
|
231
233
|
});
|
|
232
234
|
if (!sealedSession) {
|
|
@@ -242,7 +244,8 @@ class UserManagement {
|
|
|
242
244
|
// TODO: Add additional known errors and remove re-throw
|
|
243
245
|
(error.error === refresh_and_seal_session_data_interface_1.RefreshAndSealSessionDataFailureReason.INVALID_GRANT ||
|
|
244
246
|
error.error ===
|
|
245
|
-
refresh_and_seal_session_data_interface_1.RefreshAndSealSessionDataFailureReason.
|
|
247
|
+
refresh_and_seal_session_data_interface_1.RefreshAndSealSessionDataFailureReason.MFA_ENROLLMENT ||
|
|
248
|
+
error.error === refresh_and_seal_session_data_interface_1.RefreshAndSealSessionDataFailureReason.SSO_REQUIRED)) {
|
|
246
249
|
return {
|
|
247
250
|
authenticated: false,
|
|
248
251
|
reason: error.error,
|
package/lib/workos.js
CHANGED
|
@@ -27,7 +27,7 @@ const bad_request_exception_1 = require("./common/exceptions/bad-request.excepti
|
|
|
27
27
|
const http_client_1 = require("./common/net/http-client");
|
|
28
28
|
const subtle_crypto_provider_1 = require("./common/crypto/subtle-crypto-provider");
|
|
29
29
|
const fetch_client_1 = require("./common/net/fetch-client");
|
|
30
|
-
const VERSION = '7.
|
|
30
|
+
const VERSION = '7.22.1';
|
|
31
31
|
const DEFAULT_HOSTNAME = 'api.workos.com';
|
|
32
32
|
const HEADER_AUTHORIZATION = 'Authorization';
|
|
33
33
|
const HEADER_IDEMPOTENCY_KEY = 'Idempotency-Key';
|
package/package.json
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
{
|
|
2
|
-
"version": "7.
|
|
2
|
+
"version": "7.22.1",
|
|
3
3
|
"name": "@workos-inc/node",
|
|
4
4
|
"author": "WorkOS",
|
|
5
5
|
"description": "A Node wrapper for the WorkOS API",
|
|
@@ -58,7 +58,11 @@
|
|
|
58
58
|
},
|
|
59
59
|
"exports": {
|
|
60
60
|
"types": "./lib/index.d.ts",
|
|
61
|
-
"
|
|
61
|
+
"workerd": {
|
|
62
|
+
"import": "./lib/index.worker.js",
|
|
63
|
+
"default": "./lib/index.worker.js"
|
|
64
|
+
},
|
|
65
|
+
"edge-light": {
|
|
62
66
|
"import": "./lib/index.worker.js",
|
|
63
67
|
"default": "./lib/index.worker.js"
|
|
64
68
|
},
|