@workos-inc/node 7.31.0-beta.actions1 → 7.31.0

package/lib/index.d.ts

@@ -1,5 +1,4 @@
 import { HttpClient } from './common/net/http-client';
-import { Actions } from './actions/actions';
 import { Webhooks } from './webhooks/webhooks';
 import { WorkOS } from './workos';
 import { WorkOSOptions } from './common/interfaces';
@@ -24,8 +23,6 @@ declare class WorkOSNode extends WorkOS {
     /** @override */
     createWebhookClient(): Webhooks;
     /** @override */
-    createActionsClient(): Actions;
-    /** @override */
     createIronSessionProvider(): IronSessionProvider;
     /** @override */
     emitWarning(warning: string): void;

package/lib/index.js

@@ -19,7 +19,6 @@ const node_crypto_provider_1 = require("./common/crypto/node-crypto-provider");
 const subtle_crypto_provider_1 = require("./common/crypto/subtle-crypto-provider");
 const fetch_client_1 = require("./common/net/fetch-client");
 const node_client_1 = require("./common/net/node-client");
-const actions_1 = require("./actions/actions");
 const webhooks_1 = require("./webhooks/webhooks");
 const workos_1 = require("./workos");
 const web_iron_session_provider_1 = require("./common/iron-session/web-iron-session-provider");
@@ -62,17 +61,6 @@ class WorkOSNode extends workos_1.WorkOS {
         return new webhooks_1.Webhooks(cryptoProvider);
     }
     /** @override */
-    createActionsClient() {
-        let cryptoProvider;
-        if (typeof crypto !== 'undefined' && typeof crypto.subtle !== 'undefined') {
-            cryptoProvider = new subtle_crypto_provider_1.SubtleCryptoProvider();
-        }
-        else {
-            cryptoProvider = new node_crypto_provider_1.NodeCryptoProvider();
-        }
-        return new actions_1.Actions(cryptoProvider);
-    }
-    /** @override */
     createIronSessionProvider() {
         return new web_iron_session_provider_1.WebIronSessionProvider();
     }

package/lib/index.worker.d.ts

@@ -1,4 +1,3 @@
-import { Actions } from './actions/actions';
 import { IronSessionProvider } from './common/iron-session/iron-session-provider';
 import { HttpClient } from './common/net/http-client';
 import { WorkOSOptions } from './index.worker';
@@ -22,8 +21,6 @@ declare class WorkOSWorker extends WorkOS {
     /** @override */
     createWebhookClient(): Webhooks;
     /** @override */
-    createActionsClient(): Actions;
-    /** @override */
     createIronSessionProvider(): IronSessionProvider;
     /** @override */
     emitWarning(warning: string): void;

package/lib/index.worker.js

@@ -15,7 +15,6 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.WorkOS = void 0;
-const actions_1 = require("./actions/actions");
 const subtle_crypto_provider_1 = require("./common/crypto/subtle-crypto-provider");
 const edge_iron_session_provider_1 = require("./common/iron-session/edge-iron-session-provider");
 const fetch_client_1 = require("./common/net/fetch-client");
@@ -45,11 +44,6 @@ class WorkOSWorker extends workos_1.WorkOS {
         return new webhooks_1.Webhooks(cryptoProvider);
     }
     /** @override */
-    createActionsClient() {
-        const cryptoProvider = new subtle_crypto_provider_1.SubtleCryptoProvider();
-        return new actions_1.Actions(cryptoProvider);
-    }
-    /** @override */
     createIronSessionProvider() {
         return new edge_iron_session_provider_1.EdgeIronSessionProvider();
     }

package/lib/user-management/interfaces/authentication-response.interface.d.ts

@@ -1,4 +1,5 @@
 import { Impersonator, ImpersonatorResponse } from './impersonator.interface';
+import { OauthTokens, OauthTokensResponse } from './oauth-tokens.interface';
 import { User, UserResponse } from './user.interface';
 type AuthenticationMethod = 'SSO' | 'Password' | 'AppleOAuth' | 'GitHubOAuth' | 'GoogleOAuth' | 'MicrosoftOAuth' | 'MagicAuth' | 'Impersonation';
 export interface AuthenticationResponse {
@@ -9,6 +10,7 @@ export interface AuthenticationResponse {
     impersonator?: Impersonator;
     authenticationMethod?: AuthenticationMethod;
     sealedSession?: string;
+    oauthTokens?: OauthTokens;
 }
 export interface AuthenticationResponseResponse {
     user: UserResponse;
@@ -17,5 +19,6 @@ export interface AuthenticationResponseResponse {
     refresh_token: string;
     impersonator?: ImpersonatorResponse;
     authentication_method?: AuthenticationMethod;
+    oauth_tokens?: OauthTokensResponse;
 }
 export {};

package/lib/user-management/interfaces/index.d.ts

@@ -1,6 +1,3 @@
-export * from './authentication-event.interface';
-export * from './authenticate-with-magic-auth-options.interface';
-export * from './authenticate-with-password-options.interface';
 export * from './authenticate-with-code-options.interface';
 export * from './authenticate-with-email-verification-options.interface';
 export * from './authenticate-with-magic-auth-options.interface';
@@ -10,6 +7,7 @@ export * from './authenticate-with-password-options.interface';
 export * from './authenticate-with-refresh-token-options.interface';
 export * from './authenticate-with-session-cookie.interface';
 export * from './authenticate-with-totp-options.interface';
+export * from './authentication-event.interface';
 export * from './authentication-response.interface';
 export * from './create-magic-auth-options.interface';
 export * from './create-organization-membership-options.interface';
@@ -25,6 +23,7 @@ export * from './list-invitations-options.interface';
 export * from './list-organization-memberships-options.interface';
 export * from './list-users-options.interface';
 export * from './magic-auth.interface';
+export * from './oauth-tokens.interface';
 export * from './organization-membership.interface';
 export * from './password-reset.interface';
 export * from './refresh-and-seal-session-data.interface';

package/lib/user-management/interfaces/index.js

@@ -14,9 +14,6 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./authentication-event.interface"), exports);
-__exportStar(require("./authenticate-with-magic-auth-options.interface"), exports);
-__exportStar(require("./authenticate-with-password-options.interface"), exports);
 __exportStar(require("./authenticate-with-code-options.interface"), exports);
 __exportStar(require("./authenticate-with-email-verification-options.interface"), exports);
 __exportStar(require("./authenticate-with-magic-auth-options.interface"), exports);
@@ -26,6 +23,7 @@ __exportStar(require("./authenticate-with-password-options.interface"), exports)
 __exportStar(require("./authenticate-with-refresh-token-options.interface"), exports);
 __exportStar(require("./authenticate-with-session-cookie.interface"), exports);
 __exportStar(require("./authenticate-with-totp-options.interface"), exports);
+__exportStar(require("./authentication-event.interface"), exports);
 __exportStar(require("./authentication-response.interface"), exports);
 __exportStar(require("./create-magic-auth-options.interface"), exports);
 __exportStar(require("./create-organization-membership-options.interface"), exports);
@@ -41,6 +39,7 @@ __exportStar(require("./list-invitations-options.interface"), exports);
 __exportStar(require("./list-organization-memberships-options.interface"), exports);
 __exportStar(require("./list-users-options.interface"), exports);
 __exportStar(require("./magic-auth.interface"), exports);
+__exportStar(require("./oauth-tokens.interface"), exports);
 __exportStar(require("./organization-membership.interface"), exports);
 __exportStar(require("./password-reset.interface"), exports);
 __exportStar(require("./refresh-and-seal-session-data.interface"), exports);

package/lib/user-management/interfaces/oauth-tokens.interface.d.ts

@@ -0,0 +1,12 @@
+export interface OauthTokens {
+    accessToken: string;
+    refreshToken: string;
+    expiresAt: number;
+    scopes: string[];
+}
+export interface OauthTokensResponse {
+    access_token: string;
+    refresh_token: string;
+    expires_at: number;
+    scopes: string[];
+}

package/lib/user-management/serializers/authentication-response.serializer.js

@@ -12,9 +12,10 @@ var __rest = (this && this.__rest) || function (s, e) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.deserializeAuthenticationResponse = void 0;
+const oauth_tokens_serializer_1 = require("./oauth-tokens.serializer");
 const user_serializer_1 = require("./user.serializer");
 const deserializeAuthenticationResponse = (authenticationResponse) => {
-    const { user, organization_id, access_token, refresh_token, authentication_method, impersonator } = authenticationResponse, rest = __rest(authenticationResponse, ["user", "organization_id", "access_token", "refresh_token", "authentication_method", "impersonator"]);
-    return Object.assign({ user: (0, user_serializer_1.deserializeUser)(user), organizationId: organization_id, accessToken: access_token, refreshToken: refresh_token, impersonator, authenticationMethod: authentication_method }, rest);
+    const { user, organization_id, access_token, refresh_token, authentication_method, impersonator, oauth_tokens } = authenticationResponse, rest = __rest(authenticationResponse, ["user", "organization_id", "access_token", "refresh_token", "authentication_method", "impersonator", "oauth_tokens"]);
+    return Object.assign({ user: (0, user_serializer_1.deserializeUser)(user), organizationId: organization_id, accessToken: access_token, refreshToken: refresh_token, impersonator, authenticationMethod: authentication_method, oauthTokens: (0, oauth_tokens_serializer_1.deserializeOauthTokens)(oauth_tokens) }, rest);
 };
 exports.deserializeAuthenticationResponse = deserializeAuthenticationResponse;

package/lib/user-management/serializers/oauth-tokens.serializer.d.ts

@@ -0,0 +1,2 @@
+import { OauthTokensResponse, OauthTokens } from '../interfaces';
+export declare const deserializeOauthTokens: (oauthTokens?: OauthTokensResponse) => OauthTokens | undefined;

package/lib/user-management/serializers/oauth-tokens.serializer.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.deserializeOauthTokens = void 0;
+const deserializeOauthTokens = (oauthTokens) => oauthTokens
+    ? {
+        accessToken: oauthTokens.access_token,
+        refreshToken: oauthTokens.refresh_token,
+        expiresAt: oauthTokens.expires_at,
+        scopes: oauthTokens.scopes,
+    }
+    : undefined;
+exports.deserializeOauthTokens = deserializeOauthTokens;

package/lib/user-management/user-management.spec.js

@@ -374,6 +374,34 @@ describe('UserManagement', () => {
                 }));
             });
         });
+        describe('when oauth_tokens is present', () => {
+            it('deserializes oauth_tokens', () => __awaiter(void 0, void 0, void 0, function* () {
+                (0, test_utils_1.fetchOnce)({
+                    user: user_json_1.default,
+                    oauth_tokens: {
+                        access_token: 'access_token',
+                        refresh_token: 'refresh',
+                        expires_at: 123,
+                        scopes: ['read:users'],
+                    },
+                });
+                const resp = yield workos.userManagement.authenticateWithCode({
+                    clientId: 'proj_whatever',
+                    code: 'or this',
+                });
+                expect(resp).toMatchObject({
+                    user: {
+                        email: 'test01@example.com',
+                    },
+                    oauthTokens: {
+                        accessToken: 'access_token',
+                        refreshToken: 'refresh',
+                        expiresAt: 123,
+                        scopes: ['read:users'],
+                    },
+                });
+            }));
+        });
     });
     describe('authenticateWithRefreshToken', () => {
         it('sends a refresh_token authentication request', () => __awaiter(void 0, void 0, void 0, function* () {

package/lib/webhooks/webhooks.d.ts

@@ -1,20 +1,20 @@
 import { Event } from '../common/interfaces';
 import { CryptoProvider } from '../common/crypto/crypto-provider';
 export declare class Webhooks {
-    private signatureProvider;
+    private cryptoProvider;
     constructor(cryptoProvider: CryptoProvider);
-    get verifyHeader(): ({ payload, sigHeader, secret, tolerance, }: {
-        payload: any;
-        sigHeader: string;
-        secret: string;
-        tolerance?: number | undefined;
-    }) => Promise<boolean>;
-    get computeSignature(): (timestamp: any, payload: any, secret: string) => Promise<string>;
-    get getTimestampAndSignatureHash(): (sigHeader: string) => [string, string];
     constructEvent({ payload, sigHeader, secret, tolerance, }: {
         payload: unknown;
         sigHeader: string;
         secret: string;
         tolerance?: number;
     }): Promise<Event>;
+    verifyHeader({ payload, sigHeader, secret, tolerance, }: {
+        payload: any;
+        sigHeader: string;
+        secret: string;
+        tolerance?: number;
+    }): Promise<boolean>;
+    getTimestampAndSignatureHash(sigHeader: string): [string, string];
+    computeSignature(timestamp: any, payload: any, secret: string): Promise<string>;
 }

package/lib/webhooks/webhooks.js

@@ -10,20 +10,11 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Webhooks = void 0;
+const exceptions_1 = require("../common/exceptions");
 const serializers_1 = require("../common/serializers");
-const SignatureProvider_1 = require("../common/crypto/SignatureProvider");
 class Webhooks {
     constructor(cryptoProvider) {
-        this.signatureProvider = new SignatureProvider_1.SignatureProvider(cryptoProvider);
-    }
-    get verifyHeader() {
-        return this.signatureProvider.verifyHeader.bind(this.signatureProvider);
-    }
-    get computeSignature() {
-        return this.signatureProvider.computeSignature.bind(this.signatureProvider);
-    }
-    get getTimestampAndSignatureHash() {
-        return this.signatureProvider.getTimestampAndSignatureHash.bind(this.signatureProvider);
+        this.cryptoProvider = cryptoProvider;
     }
     constructEvent({ payload, sigHeader, secret, tolerance = 180000, }) {
         return __awaiter(this, void 0, void 0, function* () {
@@ -33,5 +24,39 @@ class Webhooks {
             return (0, serializers_1.deserializeEvent)(webhookPayload);
         });
     }
+    verifyHeader({ payload, sigHeader, secret, tolerance = 180000, }) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const [timestamp, signatureHash] = this.getTimestampAndSignatureHash(sigHeader);
+            if (!signatureHash || Object.keys(signatureHash).length === 0) {
+                throw new exceptions_1.SignatureVerificationException('No signature hash found with expected scheme v1');
+            }
+            if (parseInt(timestamp, 10) < Date.now() - tolerance) {
+                throw new exceptions_1.SignatureVerificationException('Timestamp outside the tolerance zone');
+            }
+            const expectedSig = yield this.computeSignature(timestamp, payload, secret);
+            if ((yield this.cryptoProvider.secureCompare(expectedSig, signatureHash)) ===
+                false) {
+                throw new exceptions_1.SignatureVerificationException('Signature hash does not match the expected signature hash for payload');
+            }
+            return true;
+        });
+    }
+    getTimestampAndSignatureHash(sigHeader) {
+        const signature = sigHeader;
+        const [t, v1] = signature.split(',');
+        if (typeof t === 'undefined' || typeof v1 === 'undefined') {
+            throw new exceptions_1.SignatureVerificationException('Signature or timestamp missing');
+        }
+        const { 1: timestamp } = t.split('=');
+        const { 1: signatureHash } = v1.split('=');
+        return [timestamp, signatureHash];
+    }
+    computeSignature(timestamp, payload, secret) {
+        return __awaiter(this, void 0, void 0, function* () {
+            payload = JSON.stringify(payload);
+            const signedPayload = `${timestamp}.${payload}`;
+            return yield this.cryptoProvider.computeHMACSignatureAsync(signedPayload, secret);
+        });
+    }
 }
 exports.Webhooks = Webhooks;

package/lib/webhooks/webhooks.spec.js

@@ -17,6 +17,8 @@ const workos_1 = require("../workos");
 const webhook_json_1 = __importDefault(require("./fixtures/webhook.json"));
 const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
 const exceptions_1 = require("../common/exceptions");
+const node_crypto_provider_1 = require("../common/crypto/node-crypto-provider");
+const subtle_crypto_provider_1 = require("../common/crypto/subtle-crypto-provider");
 describe('Webhooks', () => {
     let payload;
     let secret;
@@ -164,34 +166,55 @@ describe('Webhooks', () => {
         });
     });
     describe('verifyHeader', () => {
-        it('aliases to the signature provider', () => __awaiter(void 0, void 0, void 0, function* () {
-            const spy = jest.spyOn(
-            // tslint:disable-next-line
-            workos.webhooks['signatureProvider'], 'verifyHeader');
-            yield workos.webhooks.verifyHeader({
-                payload,
-                sigHeader: `t=${timestamp}, v1=${signatureHash}`,
-                secret,
-            });
-            expect(spy).toHaveBeenCalled();
+        it('returns true when the signature is valid', () => __awaiter(void 0, void 0, void 0, function* () {
+            const sigHeader = `t=${timestamp}, v1=${signatureHash}`;
+            const options = { payload, sigHeader, secret };
+            const result = yield workos.webhooks.verifyHeader(options);
+            expect(result).toBeTruthy();
         }));
     });
+    describe('getTimestampAndSignatureHash', () => {
+        it('returns the timestamp and signature when the signature is valid', () => {
+            const sigHeader = `t=${timestamp}, v1=${signatureHash}`;
+            const timestampAndSignature = workos.webhooks.getTimestampAndSignatureHash(sigHeader);
+            expect(timestampAndSignature).toEqual([
+                timestamp.toString(),
+                signatureHash,
+            ]);
+        });
+    });
     describe('computeSignature', () => {
-        it('aliases to the signature provider', () => __awaiter(void 0, void 0, void 0, function* () {
-            const spy = jest.spyOn(
-            // tslint:disable-next-line
-            workos.webhooks['signatureProvider'], 'computeSignature');
-            yield workos.webhooks.computeSignature(timestamp, payload, secret);
-            expect(spy).toHaveBeenCalled();
+        it('returns the computed signature', () => __awaiter(void 0, void 0, void 0, function* () {
+            const signature = yield workos.webhooks.computeSignature(timestamp, payload, secret);
+            expect(signature).toEqual(signatureHash);
         }));
     });
-    describe('getTimestampAndSignatureHash', () => {
-        it('aliases to the signature provider', () => __awaiter(void 0, void 0, void 0, function* () {
-            const spy = jest.spyOn(
+    describe('when in an environment that supports SubtleCrypto', () => {
+        it('automatically uses the subtle crypto library', () => {
             // tslint:disable-next-line
-            workos.webhooks['signatureProvider'], 'getTimestampAndSignatureHash');
-            workos.webhooks.getTimestampAndSignatureHash(`t=${timestamp}, v1=${signatureHash}`);
-            expect(spy).toHaveBeenCalled();
-        }));
+            expect(workos.webhooks['cryptoProvider']).toBeInstanceOf(subtle_crypto_provider_1.SubtleCryptoProvider);
+        });
+    });
+    describe('CryptoProvider', () => {
+        describe('when computing HMAC signature', () => {
+            it('returns the same for the Node crypto and Web Crypto versions', () => __awaiter(void 0, void 0, void 0, function* () {
+                const nodeCryptoProvider = new node_crypto_provider_1.NodeCryptoProvider();
+                const subtleCryptoProvider = new subtle_crypto_provider_1.SubtleCryptoProvider();
+                const stringifiedPayload = JSON.stringify(payload);
+                const payloadHMAC = `${timestamp}.${stringifiedPayload}`;
+                const nodeCompare = yield nodeCryptoProvider.computeHMACSignatureAsync(payloadHMAC, secret);
+                const subtleCompare = yield subtleCryptoProvider.computeHMACSignatureAsync(payloadHMAC, secret);
+                expect(nodeCompare).toEqual(subtleCompare);
+            }));
+        });
+        describe('when securely comparing', () => {
+            it('returns the same for the Node crypto and Web Crypto versions', () => __awaiter(void 0, void 0, void 0, function* () {
+                const nodeCryptoProvider = new node_crypto_provider_1.NodeCryptoProvider();
+                const subtleCryptoProvider = new subtle_crypto_provider_1.SubtleCryptoProvider();
+                const signature = yield workos.webhooks.computeSignature(timestamp, payload, secret);
+                expect(nodeCryptoProvider.secureCompare(signature, signatureHash)).toEqual(subtleCryptoProvider.secureCompare(signature, signatureHash));
+                expect(nodeCryptoProvider.secureCompare(signature, 'foo')).toEqual(subtleCryptoProvider.secureCompare(signature, 'foo'));
+            }));
+        });
     });
 });

package/lib/workos.d.ts

@@ -14,14 +14,12 @@ import { FGA } from './fga/fga';
 import { HttpClient } from './common/net/http-client';
 import { IronSessionProvider } from './common/iron-session/iron-session-provider';
 import { Widgets } from './widgets/widgets';
-import { Actions } from './actions/actions';
 export declare class WorkOS {
     readonly key?: string | undefined;
     readonly options: WorkOSOptions;
     readonly baseURL: string;
     readonly client: HttpClient;
     readonly clientId?: string;
-    readonly actions: Actions;
     readonly auditLogs: AuditLogs;
     readonly directorySync: DirectorySync;
     readonly organizations: Organizations;
@@ -37,7 +35,6 @@ export declare class WorkOS {
     readonly widgets: Widgets;
     constructor(key?: string | undefined, options?: WorkOSOptions);
     createWebhookClient(): Webhooks;
-    createActionsClient(): Actions;
     createHttpClient(options: WorkOSOptions, userAgent: string): HttpClient;
     createIronSessionProvider(): IronSessionProvider;
     get version(): string;

package/lib/workos.js

@@ -28,8 +28,7 @@ const http_client_1 = require("./common/net/http-client");
 const subtle_crypto_provider_1 = require("./common/crypto/subtle-crypto-provider");
 const fetch_client_1 = require("./common/net/fetch-client");
 const widgets_1 = require("./widgets/widgets");
-const actions_1 = require("./actions/actions");
-const VERSION = '7.30.1';
+const VERSION = '7.31.0';
 const DEFAULT_HOSTNAME = 'api.workos.com';
 const HEADER_AUTHORIZATION = 'Authorization';
 const HEADER_IDEMPOTENCY_KEY = 'Idempotency-Key';
@@ -79,7 +78,6 @@ class WorkOS {
             userAgent += ` ${name}: ${version}`;
         }
         this.webhooks = this.createWebhookClient();
-        this.actions = this.createActionsClient();
         // Must initialize UserManagement after baseURL is configured
         this.userManagement = new user_management_1.UserManagement(this, this.createIronSessionProvider());
         this.client = this.createHttpClient(options, userAgent);
@@ -87,9 +85,6 @@ class WorkOS {
     createWebhookClient() {
         return new webhooks_1.Webhooks(new subtle_crypto_provider_1.SubtleCryptoProvider());
     }
-    createActionsClient() {
-        return new actions_1.Actions(new subtle_crypto_provider_1.SubtleCryptoProvider());
-    }
     createHttpClient(options, userAgent) {
         var _a;
         return new fetch_client_1.FetchHttpClient(this.baseURL, Object.assign(Object.assign({}, options.config), { headers: Object.assign(Object.assign({}, (_a = options.config) === null || _a === void 0 ? void 0 : _a.headers), { Authorization: `Bearer ${this.key}`, 'User-Agent': userAgent }) }));

package/lib/workos.spec.js

@@ -246,12 +246,8 @@ describe('WorkOS', () => {
             const workos = new index_worker_1.WorkOS('sk_test_key');
             // tslint:disable-next-line
             expect(workos['client']).toBeInstanceOf(fetch_client_1.FetchHttpClient);
-            expect(
             // tslint:disable-next-line
-            workos.webhooks['signatureProvider']['cryptoProvider']).toBeInstanceOf(subtle_crypto_provider_1.SubtleCryptoProvider);
-            expect(
-            // tslint:disable-next-line
-            workos.actions['signatureProvider']['cryptoProvider']).toBeInstanceOf(subtle_crypto_provider_1.SubtleCryptoProvider);
+            expect(workos.webhooks['cryptoProvider']).toBeInstanceOf(subtle_crypto_provider_1.SubtleCryptoProvider);
         });
         it('uses console.warn to emit warnings', () => {
             const workos = new index_worker_1.WorkOS('sk_test_key');

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "7.31.0-beta.actions1",
+  "version": "7.31.0",
   "name": "@workos-inc/node",
   "author": "WorkOS",
   "description": "A Node wrapper for the WorkOS API",

package/lib/actions/actions.d.ts

@@ -1,19 +0,0 @@
-import { CryptoProvider } from '../common/crypto/crypto-provider';
-import { AuthenticationActionResponseData, ResponsePayload, UserRegistrationActionResponseData } from './interfaces/response-payload';
-export declare class Actions {
-    private signatureProvider;
-    constructor(cryptoProvider: CryptoProvider);
-    private get computeSignature();
-    get verifyHeader(): ({ payload, sigHeader, secret, tolerance, }: {
-        payload: any;
-        sigHeader: string;
-        secret: string;
-        tolerance?: number | undefined;
-    }) => Promise<boolean>;
-    serializeType(type: AuthenticationActionResponseData['type'] | UserRegistrationActionResponseData['type']): "authentication_action_response" | "user_registration_action_response";
-    signResponse(data: AuthenticationActionResponseData | UserRegistrationActionResponseData, secret: string): Promise<{
-        object: string;
-        payload: ResponsePayload;
-        signature: string;
-    }>;
-}

package/lib/actions/actions.js

@@ -1,53 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.Actions = void 0;
-const crypto_1 = require("../common/crypto");
-const unreachable_1 = require("../common/utils/unreachable");
-class Actions {
-    constructor(cryptoProvider) {
-        this.signatureProvider = new crypto_1.SignatureProvider(cryptoProvider);
-    }
-    get computeSignature() {
-        return this.signatureProvider.computeSignature.bind(this.signatureProvider);
-    }
-    get verifyHeader() {
-        return this.signatureProvider.verifyHeader.bind(this.signatureProvider);
-    }
-    serializeType(type) {
-        switch (type) {
-            case 'authentication':
-                return 'authentication_action_response';
-            case 'user_registration':
-                return 'user_registration_action_response';
-            default:
-                return (0, unreachable_1.unreachable)(type);
-        }
-    }
-    signResponse(data, secret) {
-        return __awaiter(this, void 0, void 0, function* () {
-            let errorMessage;
-            const { verdict, type } = data;
-            if (verdict === 'Deny' && data.errorMessage) {
-                errorMessage = data.errorMessage;
-            }
-            const responsePayload = Object.assign({ timestamp: Date.now(), verdict }, (verdict === 'Deny' &&
-                data.errorMessage && { error_message: errorMessage }));
-            const response = {
-                object: this.serializeType(type),
-                payload: responsePayload,
-                signature: yield this.computeSignature(responsePayload.timestamp, responsePayload, secret),
-            };
-            return response;
-        });
-    }
-}
-exports.Actions = Actions;

package/lib/actions/actions.spec.d.ts

@@ -1 +0,0 @@
-export {};

package/lib/actions/actions.spec.js

@@ -1,78 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const crypto_1 = __importDefault(require("crypto"));
-const workos_1 = require("../workos");
-const action_context_json_1 = __importDefault(require("./fixtures/action-context.json"));
-const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
-const crypto_2 = require("../common/crypto");
-describe('Actions', () => {
-    let secret;
-    beforeEach(() => {
-        secret = 'secret';
-    });
-    describe('signResponse', () => {
-        describe('type: authentication', () => {
-            it('returns a signed response', () => __awaiter(void 0, void 0, void 0, function* () {
-                const nodeCryptoProvider = new crypto_2.NodeCryptoProvider();
-                const response = yield workos.actions.signResponse({
-                    type: 'authentication',
-                    verdict: 'Allow',
-                }, secret);
-                const signedPayload = `${response.payload.timestamp}.${JSON.stringify(response.payload)}`;
-                const expectedSig = yield nodeCryptoProvider.computeHMACSignatureAsync(signedPayload, secret);
-                expect(response.object).toEqual('authentication_action_response');
-                expect(response.payload.verdict).toEqual('Allow');
-                expect(response.payload.timestamp).toBeGreaterThan(0);
-                expect(response.signature).toEqual(expectedSig);
-            }));
-        });
-        describe('type: user_registration', () => {
-            it('returns a signed response', () => __awaiter(void 0, void 0, void 0, function* () {
-                const nodeCryptoProvider = new crypto_2.NodeCryptoProvider();
-                const response = yield workos.actions.signResponse({
-                    type: 'user_registration',
-                    verdict: 'Deny',
-                    errorMessage: 'User already exists',
-                }, secret);
-                const signedPayload = `${response.payload.timestamp}.${JSON.stringify(response.payload)}`;
-                const expectedSig = yield nodeCryptoProvider.computeHMACSignatureAsync(signedPayload, secret);
-                expect(response.object).toEqual('user_registration_action_response');
-                expect(response.payload.verdict).toEqual('Deny');
-                expect(response.payload.timestamp).toBeGreaterThan(0);
-                expect(response.signature).toEqual(expectedSig);
-            }));
-        });
-    });
-    describe('verifyHeader', () => {
-        it('aliases to the signature provider', () => __awaiter(void 0, void 0, void 0, function* () {
-            const spy = jest.spyOn(
-            // tslint:disable-next-line
-            workos.actions['signatureProvider'], 'verifyHeader');
-            const timestamp = Date.now() * 1000;
-            const unhashedString = `${timestamp}.${JSON.stringify(action_context_json_1.default)}`;
-            const signatureHash = crypto_1.default
-                .createHmac('sha256', secret)
-                .update(unhashedString)
-                .digest()
-                .toString('hex');
-            yield workos.actions.verifyHeader({
-                payload: action_context_json_1.default,
-                sigHeader: `t=${timestamp}, v1=${signatureHash}`,
-                secret,
-            });
-            expect(spy).toHaveBeenCalled();
-        }));
-    });
-});