@workos-inc/node 7.33.1 → 7.35.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. package/lib/actions/actions.d.ts +8 -1
  2. package/lib/actions/actions.js +8 -0
  3. package/lib/actions/actions.spec.js +103 -16
  4. package/lib/actions/fixtures/{action-context.json → authentication-action-context.json} +1 -0
  5. package/lib/actions/fixtures/user-registration-action-context.json +24 -0
  6. package/lib/actions/interfaces/action.interface.d.ts +53 -0
  7. package/lib/actions/interfaces/response-payload.interface.js +2 -0
  8. package/lib/actions/serializers/action.serializer.d.ts +2 -0
  9. package/lib/actions/serializers/action.serializer.js +45 -0
  10. package/lib/user-management/interfaces/authenticate-with-session-cookie.interface.d.ts +1 -0
  11. package/lib/user-management/interfaces/invitation.interface.d.ts +4 -0
  12. package/lib/user-management/serializers/invitation.serializer.js +2 -0
  13. package/lib/user-management/session.js +3 -1
  14. package/lib/user-management/session.spec.js +3 -1
  15. package/lib/user-management/user-management.d.ts +1 -0
  16. package/lib/user-management/user-management.js +7 -0
  17. package/lib/user-management/user-management.spec.js +17 -1
  18. package/lib/workos.js +1 -1
  19. package/package.json +1 -1
  20. /package/lib/actions/interfaces/{response-payload.js → action.interface.js} +0 -0
  21. /package/lib/actions/interfaces/{response-payload.d.ts → response-payload.interface.d.ts} +0 -0
package/lib/actions/actions.d.ts CHANGED
@@ -1,5 +1,6 @@
1
1
  import { CryptoProvider } from '../common/crypto/crypto-provider';
2
- import { AuthenticationActionResponseData, ResponsePayload, UserRegistrationActionResponseData } from './interfaces/response-payload';
2
+ import { ActionContext } from './interfaces/action.interface';
3
+ import { AuthenticationActionResponseData, ResponsePayload, UserRegistrationActionResponseData } from './interfaces/response-payload.interface';
3
4
  export declare class Actions {
4
5
  private signatureProvider;
5
6
  constructor(cryptoProvider: CryptoProvider);
@@ -16,4 +17,10 @@ export declare class Actions {
16
17
  payload: ResponsePayload;
17
18
  signature: string;
18
19
  }>;
20
+ constructAction({ payload, sigHeader, secret, tolerance, }: {
21
+ payload: unknown;
22
+ sigHeader: string;
23
+ secret: string;
24
+ tolerance?: number;
25
+ }): Promise<ActionContext>;
19
26
  }
package/lib/actions/actions.js CHANGED
@@ -12,6 +12,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
12
12
  exports.Actions = void 0;
13
13
  const crypto_1 = require("../common/crypto");
14
14
  const unreachable_1 = require("../common/utils/unreachable");
15
+ const action_serializer_1 = require("./serializers/action.serializer");
15
16
  class Actions {
16
17
  constructor(cryptoProvider) {
17
18
  this.signatureProvider = new crypto_1.SignatureProvider(cryptoProvider);
@@ -49,5 +50,12 @@ class Actions {
49
50
  return response;
50
51
  });
51
52
  }
53
+ constructAction({ payload, sigHeader, secret, tolerance = 300, }) {
54
+ return __awaiter(this, void 0, void 0, function* () {
55
+ const options = { payload, sigHeader, secret, tolerance };
56
+ yield this.verifyHeader(options);
57
+ return (0, action_serializer_1.deserializeAction)(payload);
58
+ });
59
+ }
52
60
  }
53
61
  exports.Actions = Actions;
package/lib/actions/actions.spec.js CHANGED
@@ -14,7 +14,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
14
14
  Object.defineProperty(exports, "__esModule", { value: true });
15
15
  const crypto_1 = __importDefault(require("crypto"));
16
16
  const workos_1 = require("../workos");
17
- const action_context_json_1 = __importDefault(require("./fixtures/action-context.json"));
17
+ const authentication_action_context_json_1 = __importDefault(require("./fixtures/authentication-action-context.json"));
18
+ const user_registration_action_context_json_1 = __importDefault(require("./fixtures/user-registration-action-context.json"));
18
19
  const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
19
20
  const crypto_2 = require("../common/crypto");
20
21
  describe('Actions', () => {
@@ -22,6 +23,16 @@ describe('Actions', () => {
22
23
  beforeEach(() => {
23
24
  secret = 'secret';
24
25
  });
26
+ const makeSigHeader = (payload, secret) => {
27
+ const timestamp = Date.now() * 1000;
28
+ const unhashedString = `${timestamp}.${JSON.stringify(payload)}`;
29
+ const signatureHash = crypto_1.default
30
+ .createHmac('sha256', secret)
31
+ .update(unhashedString)
32
+ .digest()
33
+ .toString('hex');
34
+ return `t=${timestamp}, v1=${signatureHash}`;
35
+ };
25
36
  describe('signResponse', () => {
26
37
  describe('type: authentication', () => {
27
38
  it('returns a signed response', () => __awaiter(void 0, void 0, void 0, function* () {
@@ -56,23 +67,99 @@ describe('Actions', () => {
56
67
  });
57
68
  });
58
69
  describe('verifyHeader', () => {
59
- it('aliases to the signature provider', () => __awaiter(void 0, void 0, void 0, function* () {
60
- const spy = jest.spyOn(
61
- // tslint:disable-next-line
62
- workos.actions['signatureProvider'], 'verifyHeader');
63
- const timestamp = Date.now() * 1000;
64
- const unhashedString = `${timestamp}.${JSON.stringify(action_context_json_1.default)}`;
65
- const signatureHash = crypto_1.default
66
- .createHmac('sha256', secret)
67
- .update(unhashedString)
68
- .digest()
69
- .toString('hex');
70
- yield workos.actions.verifyHeader({
71
- payload: action_context_json_1.default,
72
- sigHeader: `t=${timestamp}, v1=${signatureHash}`,
70
+ it('verifies the header', () => __awaiter(void 0, void 0, void 0, function* () {
71
+ yield expect(workos.actions.verifyHeader({
72
+ payload: authentication_action_context_json_1.default,
73
+ sigHeader: makeSigHeader(authentication_action_context_json_1.default, secret),
73
74
  secret,
75
+ })).resolves.not.toThrow();
76
+ }));
77
+ it('throws when the header is invalid', () => __awaiter(void 0, void 0, void 0, function* () {
78
+ yield expect(workos.actions.verifyHeader({
79
+ payload: authentication_action_context_json_1.default,
80
+ sigHeader: 't=123, v1=123',
81
+ secret,
82
+ })).rejects.toThrow();
83
+ }));
84
+ });
85
+ describe('constructAction', () => {
86
+ it('returns an authentication action', () => __awaiter(void 0, void 0, void 0, function* () {
87
+ const payload = authentication_action_context_json_1.default;
88
+ const sigHeader = makeSigHeader(payload, secret);
89
+ const action = yield workos.actions.constructAction({
90
+ payload,
91
+ sigHeader,
92
+ secret,
93
+ });
94
+ expect(action).toEqual({
95
+ id: '01JATCMZJY26PQ59XT9BNT0FNN',
96
+ user: {
97
+ object: 'user',
98
+ id: '01JATCHZVEC5EPANDPEZVM68Y9',
99
+ email: 'jane@foocorp.com',
100
+ firstName: 'Jane',
101
+ lastName: 'Doe',
102
+ emailVerified: true,
103
+ profilePictureUrl: 'https://example.com/jane.jpg',
104
+ createdAt: '2024-10-22T17:12:50.746Z',
105
+ updatedAt: '2024-10-22T17:12:50.746Z',
106
+ },
107
+ ipAddress: '50.141.123.10',
108
+ userAgent: 'Mozilla/5.0',
109
+ issuer: 'test',
110
+ object: 'authentication_action_context',
111
+ organization: {
112
+ object: 'organization',
113
+ id: '01JATCMZJY26PQ59XT9BNT0FNN',
114
+ name: 'Foo Corp',
115
+ allowProfilesOutsideOrganization: false,
116
+ domains: [],
117
+ createdAt: '2024-10-22T17:12:50.746Z',
118
+ updatedAt: '2024-10-22T17:12:50.746Z',
119
+ },
120
+ organizationMembership: {
121
+ object: 'organization_membership',
122
+ id: '01JATCNVYCHT1SZGENR4QTXKRK',
123
+ userId: '01JATCHZVEC5EPANDPEZVM68Y9',
124
+ organizationId: '01JATCMZJY26PQ59XT9BNT0FNN',
125
+ role: {
126
+ slug: 'member',
127
+ },
128
+ status: 'active',
129
+ createdAt: '2024-10-22T17:12:50.746Z',
130
+ updatedAt: '2024-10-22T17:12:50.746Z',
131
+ },
132
+ });
133
+ }));
134
+ it('returns a user registration action', () => __awaiter(void 0, void 0, void 0, function* () {
135
+ const payload = user_registration_action_context_json_1.default;
136
+ const sigHeader = makeSigHeader(payload, secret);
137
+ const action = yield workos.actions.constructAction({
138
+ payload,
139
+ sigHeader,
140
+ secret,
141
+ });
142
+ expect(action).toEqual({
143
+ id: '01JATCMZJY26PQ59XT9BNT0FNN',
144
+ object: 'user_registration_action_context',
145
+ userData: {
146
+ object: 'user_data',
147
+ email: 'jane@foocorp.com',
148
+ firstName: 'Jane',
149
+ lastName: 'Doe',
150
+ },
151
+ ipAddress: '50.141.123.10',
152
+ userAgent: 'Mozilla/5.0',
153
+ invitation: expect.objectContaining({
154
+ object: 'invitation',
155
+ id: '01JBVZWH8HJ855YZ5BWHG1WNZN',
156
+ email: 'jane@foocorp.com',
157
+ expiresAt: '2024-10-22T17:12:50.746Z',
158
+ createdAt: '2024-10-21T17:12:50.746Z',
159
+ updatedAt: '2024-10-21T17:12:50.746Z',
160
+ acceptedAt: '2024-10-22T17:13:50.746Z',
161
+ }),
74
162
  });
75
- expect(spy).toHaveBeenCalled();
76
163
  }));
77
164
  });
78
165
  });
package/lib/actions/fixtures/{action-context.json → authentication-action-context.json} RENAMED
@@ -1,4 +1,5 @@
1
1
  {
2
+ "id": "01JATCMZJY26PQ59XT9BNT0FNN",
2
3
  "user": {
3
4
  "object": "user",
4
5
  "id": "01JATCHZVEC5EPANDPEZVM68Y9",
package/lib/actions/fixtures/user-registration-action-context.json ADDED
@@ -0,0 +1,24 @@
1
+ {
2
+ "id": "01JATCMZJY26PQ59XT9BNT0FNN",
3
+ "user_data": {
4
+ "object": "user_data",
5
+ "email": "jane@foocorp.com",
6
+ "first_name": "Jane",
7
+ "last_name": "Doe"
8
+ },
9
+ "ip_address": "50.141.123.10",
10
+ "user_agent": "Mozilla/5.0",
11
+ "object": "user_registration_action_context",
12
+ "invitation": {
13
+ "object": "invitation",
14
+ "id": "01JBVZWH8HJ855YZ5BWHG1WNZN",
15
+ "email": "jane@foocorp.com",
16
+ "expires_at": "2024-10-22T17:12:50.746Z",
17
+ "created_at": "2024-10-21T17:12:50.746Z",
18
+ "updated_at": "2024-10-21T17:12:50.746Z",
19
+ "accepted_at": "2024-10-22T17:13:50.746Z",
20
+ "revoked_at": null,
21
+ "organization_id": "01JBW46BTKAA98WZN8826XQ2YP",
22
+ "inviter_user_id": "01JBVZWAEPWAE3YYKBVT0AF81F"
23
+ }
24
+ }
package/lib/actions/interfaces/action.interface.d.ts ADDED
@@ -0,0 +1,53 @@
1
+ import { Organization, OrganizationResponse } from '../../organizations/interfaces';
2
+ import { Invitation, InvitationResponse, OrganizationMembership, OrganizationMembershipResponse, User, UserResponse } from '../../user-management/interfaces';
3
+ interface AuthenticationActionContext {
4
+ id: string;
5
+ object: 'authentication_action_context';
6
+ user: User;
7
+ organization?: Organization;
8
+ organizationMembership?: OrganizationMembership;
9
+ ipAddress?: string;
10
+ userAgent?: string;
11
+ issuer?: string;
12
+ }
13
+ export interface UserData {
14
+ object: 'user_data';
15
+ email: string;
16
+ firstName: string;
17
+ lastName: string;
18
+ }
19
+ interface UserRegistrationActionContext {
20
+ id: string;
21
+ object: 'user_registration_action_context';
22
+ userData: UserData;
23
+ invitation?: Invitation;
24
+ ipAddress?: string;
25
+ userAgent?: string;
26
+ }
27
+ export type ActionContext = AuthenticationActionContext | UserRegistrationActionContext;
28
+ interface AuthenticationActionPayload {
29
+ id: string;
30
+ object: 'authentication_action_context';
31
+ user: UserResponse;
32
+ organization?: OrganizationResponse;
33
+ organization_membership?: OrganizationMembershipResponse;
34
+ ip_address?: string;
35
+ user_agent?: string;
36
+ issuer?: string;
37
+ }
38
+ export interface UserDataPayload {
39
+ object: 'user_data';
40
+ email: string;
41
+ first_name: string;
42
+ last_name: string;
43
+ }
44
+ export interface UserRegistrationActionPayload {
45
+ id: string;
46
+ object: 'user_registration_action_context';
47
+ user_data: UserDataPayload;
48
+ invitation?: InvitationResponse;
49
+ ip_address?: string;
50
+ user_agent?: string;
51
+ }
52
+ export type ActionPayload = AuthenticationActionPayload | UserRegistrationActionPayload;
53
+ export {};
package/lib/actions/interfaces/response-payload.interface.js ADDED
@@ -0,0 +1,2 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
package/lib/actions/serializers/action.serializer.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import { ActionContext, ActionPayload } from '../interfaces/action.interface';
2
+ export declare const deserializeAction: (actionPayload: ActionPayload) => ActionContext;
package/lib/actions/serializers/action.serializer.js ADDED
@@ -0,0 +1,45 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.deserializeAction = void 0;
4
+ const organization_serializer_1 = require("../../organizations/serializers/organization.serializer");
5
+ const serializers_1 = require("../../user-management/serializers");
6
+ const organization_membership_serializer_1 = require("../../user-management/serializers/organization-membership.serializer");
7
+ const deserializeUserData = (userData) => {
8
+ return {
9
+ object: userData.object,
10
+ email: userData.email,
11
+ firstName: userData.first_name,
12
+ lastName: userData.last_name,
13
+ };
14
+ };
15
+ const deserializeAction = (actionPayload) => {
16
+ switch (actionPayload.object) {
17
+ case 'user_registration_action_context':
18
+ return {
19
+ id: actionPayload.id,
20
+ object: actionPayload.object,
21
+ userData: deserializeUserData(actionPayload.user_data),
22
+ invitation: actionPayload.invitation
23
+ ? (0, serializers_1.deserializeInvitation)(actionPayload.invitation)
24
+ : undefined,
25
+ ipAddress: actionPayload.ip_address,
26
+ userAgent: actionPayload.user_agent,
27
+ };
28
+ case 'authentication_action_context':
29
+ return {
30
+ id: actionPayload.id,
31
+ object: actionPayload.object,
32
+ user: (0, serializers_1.deserializeUser)(actionPayload.user),
33
+ organization: actionPayload.organization
34
+ ? (0, organization_serializer_1.deserializeOrganization)(actionPayload.organization)
35
+ : undefined,
36
+ organizationMembership: actionPayload.organization_membership
37
+ ? (0, organization_membership_serializer_1.deserializeOrganizationMembership)(actionPayload.organization_membership)
38
+ : undefined,
39
+ ipAddress: actionPayload.ip_address,
40
+ userAgent: actionPayload.user_agent,
41
+ issuer: actionPayload.issuer,
42
+ };
43
+ }
44
+ };
45
+ exports.deserializeAction = deserializeAction;
package/lib/user-management/interfaces/authenticate-with-session-cookie.interface.d.ts CHANGED
@@ -31,4 +31,5 @@ export type AuthenticateWithSessionCookieSuccessResponse = {
31
31
  entitlements?: string[];
32
32
  user: User;
33
33
  impersonator?: Impersonator;
34
+ accessToken: string;
34
35
  };
package/lib/user-management/interfaces/invitation.interface.d.ts CHANGED
@@ -8,6 +8,7 @@ export interface Invitation {
8
8
  expiresAt: string;
9
9
  organizationId: string | null;
10
10
  inviterUserId: string | null;
11
+ acceptedUserId: string | null;
11
12
  token: string;
12
13
  acceptInvitationUrl: string;
13
14
  createdAt: string;
@@ -23,6 +24,7 @@ export interface InvitationEvent {
23
24
  expiresAt: string;
24
25
  organizationId: string | null;
25
26
  inviterUserId: string | null;
27
+ acceptedUserId: string | null;
26
28
  createdAt: string;
27
29
  updatedAt: string;
28
30
  }
@@ -36,6 +38,7 @@ export interface InvitationResponse {
36
38
  expires_at: string;
37
39
  organization_id: string | null;
38
40
  inviter_user_id: string | null;
41
+ accepted_user_id: string | null;
39
42
  token: string;
40
43
  accept_invitation_url: string;
41
44
  created_at: string;
@@ -51,6 +54,7 @@ export interface InvitationEventResponse {
51
54
  expires_at: string;
52
55
  organization_id: string | null;
53
56
  inviter_user_id: string | null;
57
+ accepted_user_id: string | null;
54
58
  created_at: string;
55
59
  updated_at: string;
56
60
  }
package/lib/user-management/serializers/invitation.serializer.js CHANGED
@@ -11,6 +11,7 @@ const deserializeInvitation = (invitation) => ({
11
11
  expiresAt: invitation.expires_at,
12
12
  organizationId: invitation.organization_id,
13
13
  inviterUserId: invitation.inviter_user_id,
14
+ acceptedUserId: invitation.accepted_user_id,
14
15
  token: invitation.token,
15
16
  acceptInvitationUrl: invitation.accept_invitation_url,
16
17
  createdAt: invitation.created_at,
@@ -27,6 +28,7 @@ const deserializeInvitationEvent = (invitation) => ({
27
28
  expiresAt: invitation.expires_at,
28
29
  organizationId: invitation.organization_id,
29
30
  inviterUserId: invitation.inviter_user_id,
31
+ acceptedUserId: invitation.accepted_user_id,
30
32
  createdAt: invitation.created_at,
31
33
  updatedAt: invitation.updated_at,
32
34
  });
package/lib/user-management/session.js CHANGED
@@ -74,6 +74,7 @@ class Session {
74
74
  entitlements,
75
75
  user: session.user,
76
76
  impersonator: session.impersonator,
77
+ accessToken: session.accessToken,
77
78
  };
78
79
  });
79
80
  }
@@ -97,12 +98,13 @@ class Session {
97
98
  reason: interfaces_1.RefreshAndSealSessionDataFailureReason.INVALID_SESSION_COOKIE,
98
99
  };
99
100
  }
101
+ const { org_id: organizationIdFromAccessToken } = (0, jose_1.decodeJwt)(session.accessToken);
100
102
  try {
101
103
  const cookiePassword = (_a = options.cookiePassword) !== null && _a !== void 0 ? _a : this.cookiePassword;
102
104
  const authenticationResponse = yield this.userManagement.authenticateWithRefreshToken({
103
105
  clientId: this.userManagement.clientId,
104
106
  refreshToken: session.refreshToken,
105
- organizationId: (_b = options.organizationId) !== null && _b !== void 0 ? _b : undefined,
107
+ organizationId: (_b = options.organizationId) !== null && _b !== void 0 ? _b : organizationIdFromAccessToken,
106
108
  session: {
107
109
  // We want to store the new sealed session in this class instance, so this always needs to be true
108
110
  sealSession: true,
package/lib/user-management/session.spec.js CHANGED
@@ -119,8 +119,9 @@ describe('Session', () => {
119
119
  .spyOn(jose, 'jwtVerify')
120
120
  .mockResolvedValue({});
121
121
  const cookiePassword = 'alongcookiesecretmadefortestingsessions';
122
+ const accessToken = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhdXRoZW50aWNhdGVkIjp0cnVlLCJpbXBlcnNvbmF0b3IiOnsiZW1haWwiOiJhZG1pbkBleGFtcGxlLmNvbSIsInJlYXNvbiI6InRlc3QifSwic2lkIjoic2Vzc2lvbl8xMjMiLCJvcmdfaWQiOiJvcmdfMTIzIiwicm9sZSI6Im1lbWJlciIsInBlcm1pc3Npb25zIjpbInBvc3RzOmNyZWF0ZSIsInBvc3RzOmRlbGV0ZSJdLCJlbnRpdGxlbWVudHMiOlsiYXVkaXQtbG9ncyJdLCJ1c2VyIjp7Im9iamVjdCI6InVzZXIiLCJpZCI6InVzZXJfMDFINUpRRFY3UjdBVEVZWkRFRzBXNVBSWVMiLCJlbWFpbCI6InRlc3RAZXhhbXBsZS5jb20ifX0.A8mDST4wtq_0vId6ALg7k2Ukr7FXrszZtdJ_6dfXeAc';
122
123
  const sessionData = yield (0, iron_session_1.sealData)({
123
- accessToken: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhdXRoZW50aWNhdGVkIjp0cnVlLCJpbXBlcnNvbmF0b3IiOnsiZW1haWwiOiJhZG1pbkBleGFtcGxlLmNvbSIsInJlYXNvbiI6InRlc3QifSwic2lkIjoic2Vzc2lvbl8xMjMiLCJvcmdfaWQiOiJvcmdfMTIzIiwicm9sZSI6Im1lbWJlciIsInBlcm1pc3Npb25zIjpbInBvc3RzOmNyZWF0ZSIsInBvc3RzOmRlbGV0ZSJdLCJlbnRpdGxlbWVudHMiOlsiYXVkaXQtbG9ncyJdLCJ1c2VyIjp7Im9iamVjdCI6InVzZXIiLCJpZCI6InVzZXJfMDFINUpRRFY3UjdBVEVZWkRFRzBXNVBSWVMiLCJlbWFpbCI6InRlc3RAZXhhbXBsZS5jb20ifX0.A8mDST4wtq_0vId6ALg7k2Ukr7FXrszZtdJ_6dfXeAc',
124
+ accessToken,
124
125
  refreshToken: 'def456',
125
126
  impersonator: {
126
127
  email: 'admin@example.com',
@@ -152,6 +153,7 @@ describe('Session', () => {
152
153
  id: 'user_01H5JQDV7R7ATEYZDEG0W5PRYS',
153
154
  email: 'test@example.com',
154
155
  },
156
+ accessToken,
155
157
  });
156
158
  }));
157
159
  });
package/lib/user-management/user-management.d.ts CHANGED
@@ -100,6 +100,7 @@ export declare class UserManagement {
100
100
  findInvitationByToken(invitationToken: string): Promise<Invitation>;
101
101
  listInvitations(options: ListInvitationsOptions): Promise<AutoPaginatable<Invitation>>;
102
102
  sendInvitation(payload: SendInvitationOptions): Promise<Invitation>;
103
+ acceptInvitation(invitationId: string): Promise<Invitation>;
103
104
  revokeInvitation(invitationId: string): Promise<Invitation>;
104
105
  revokeSession(payload: RevokeSessionOptions): Promise<void>;
105
106
  getAuthorizationUrl({ connectionId, codeChallenge, codeChallengeMethod, context, clientId, domainHint, loginHint, organizationId, provider, redirectUri, state, screenHint, }: AuthorizationURLOptions): string;
package/lib/user-management/user-management.js CHANGED
@@ -201,6 +201,7 @@ class UserManagement {
201
201
  user: session.user,
202
202
  permissions,
203
203
  entitlements,
204
+ accessToken: session.accessToken,
204
205
  };
205
206
  });
206
207
  }
@@ -488,6 +489,12 @@ class UserManagement {
488
489
  return (0, invitation_serializer_1.deserializeInvitation)(data);
489
490
  });
490
491
  }
492
+ acceptInvitation(invitationId) {
493
+ return __awaiter(this, void 0, void 0, function* () {
494
+ const { data } = yield this.workos.post(`/user_management/invitations/${invitationId}/accept`, null);
495
+ return (0, invitation_serializer_1.deserializeInvitation)(data);
496
+ });
497
+ }
491
498
  revokeInvitation(invitationId) {
492
499
  return __awaiter(this, void 0, void 0, function* () {
493
500
  const { data } = yield this.workos.post(`/user_management/invitations/${invitationId}/revoke`, null);
package/lib/user-management/user-management.spec.js CHANGED
@@ -747,8 +747,9 @@ describe('UserManagement', () => {
747
747
  .spyOn(jose, 'jwtVerify')
748
748
  .mockResolvedValue({});
749
749
  const cookiePassword = 'alongcookiesecretmadefortestingsessions';
750
+ const accessToken = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhdXRoZW50aWNhdGVkIjp0cnVlLCJpbXBlcnNvbmF0b3IiOnsiZW1haWwiOiJhZG1pbkBleGFtcGxlLmNvbSIsInJlYXNvbiI6InRlc3QifSwic2lkIjoic2Vzc2lvbl8xMjMiLCJvcmdfaWQiOiJvcmdfMTIzIiwicm9sZSI6Im1lbWJlciIsInBlcm1pc3Npb25zIjpbInBvc3RzOmNyZWF0ZSIsInBvc3RzOmRlbGV0ZSJdLCJlbnRpdGxlbWVudHMiOlsiYXVkaXQtbG9ncyJdLCJ1c2VyIjp7Im9iamVjdCI6InVzZXIiLCJpZCI6InVzZXJfMDFINUpRRFY3UjdBVEVZWkRFRzBXNVBSWVMiLCJlbWFpbCI6InRlc3RAZXhhbXBsZS5jb20ifX0.A8mDST4wtq_0vId6ALg7k2Ukr7FXrszZtdJ_6dfXeAc';
750
751
  const sessionData = yield (0, iron_session_1.sealData)({
751
- accessToken: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhdXRoZW50aWNhdGVkIjp0cnVlLCJpbXBlcnNvbmF0b3IiOnsiZW1haWwiOiJhZG1pbkBleGFtcGxlLmNvbSIsInJlYXNvbiI6InRlc3QifSwic2lkIjoic2Vzc2lvbl8xMjMiLCJvcmdfaWQiOiJvcmdfMTIzIiwicm9sZSI6Im1lbWJlciIsInBlcm1pc3Npb25zIjpbInBvc3RzOmNyZWF0ZSIsInBvc3RzOmRlbGV0ZSJdLCJlbnRpdGxlbWVudHMiOlsiYXVkaXQtbG9ncyJdLCJ1c2VyIjp7Im9iamVjdCI6InVzZXIiLCJpZCI6InVzZXJfMDFINUpRRFY3UjdBVEVZWkRFRzBXNVBSWVMiLCJlbWFpbCI6InRlc3RAZXhhbXBsZS5jb20ifX0.A8mDST4wtq_0vId6ALg7k2Ukr7FXrszZtdJ_6dfXeAc',
752
+ accessToken,
752
753
  refreshToken: 'def456',
753
754
  user: {
754
755
  object: 'user',
@@ -769,6 +770,7 @@ describe('UserManagement', () => {
769
770
  user: expect.objectContaining({
770
771
  email: 'test@example.com',
771
772
  }),
773
+ accessToken,
772
774
  });
773
775
  }));
774
776
  });
@@ -1423,6 +1425,20 @@ describe('UserManagement', () => {
1423
1425
  });
1424
1426
  }));
1425
1427
  });
1428
+ describe('acceptInvitation', () => {
1429
+ it('sends an Accept Invitation request', () => __awaiter(void 0, void 0, void 0, function* () {
1430
+ const invitationId = 'invitation_01H5JQDV7R7ATEYZDEG0W5PRYS';
1431
+ (0, test_utils_1.fetchOnce)(Object.assign(Object.assign({}, invitation_json_1.default), { state: 'accepted', accepted_user_id: 'user_01HGK4K4PXNSG85RNNV0GXYP5W' }));
1432
+ const response = yield workos.userManagement.acceptInvitation(invitationId);
1433
+ expect((0, test_utils_1.fetchURL)()).toContain(`/user_management/invitations/${invitationId}/accept`);
1434
+ expect(response).toMatchObject({
1435
+ object: 'invitation',
1436
+ email: 'dane@workos.com',
1437
+ state: 'accepted',
1438
+ acceptedUserId: 'user_01HGK4K4PXNSG85RNNV0GXYP5W',
1439
+ });
1440
+ }));
1441
+ });
1426
1442
  describe('revokeInvitation', () => {
1427
1443
  it('send a Revoke Invitation request', () => __awaiter(void 0, void 0, void 0, function* () {
1428
1444
  const invitationId = 'invitation_01H5JQDV7R7ATEYZDEG0W5PRYS';
package/lib/workos.js CHANGED
@@ -29,7 +29,7 @@ const subtle_crypto_provider_1 = require("./common/crypto/subtle-crypto-provider
29
29
  const fetch_client_1 = require("./common/net/fetch-client");
30
30
  const widgets_1 = require("./widgets/widgets");
31
31
  const actions_1 = require("./actions/actions");
32
- const VERSION = '7.33.1';
32
+ const VERSION = '7.35.0';
33
33
  const DEFAULT_HOSTNAME = 'api.workos.com';
34
34
  const HEADER_AUTHORIZATION = 'Authorization';
35
35
  const HEADER_IDEMPOTENCY_KEY = 'Idempotency-Key';
package/package.json CHANGED
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "7.33.1",
2
+ "version": "7.35.0",
3
3
  "name": "@workos-inc/node",
4
4
  "author": "WorkOS",
5
5
  "description": "A Node wrapper for the WorkOS API",