@workos-inc/node 7.52.0 → 7.54.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/sso/interfaces/authorization-url-options.interface.d.ts +6 -1
- package/lib/sso/sso.d.ts +3 -3
- package/lib/sso/sso.js +1 -1
- package/lib/user-management/interfaces/authorization-url-options.interface.d.ts +2 -1
- package/lib/user-management/interfaces/index.d.ts +3 -1
- package/lib/user-management/interfaces/index.js +3 -1
- package/lib/user-management/user-management.d.ts +3 -3
- package/lib/user-management/user-management.js +8 -2
- package/lib/user-management/user-management.spec.js +29 -2
- package/lib/workos.js +1 -1
- package/package.json +1 -1
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export interface
|
|
1
|
+
export interface SSOAuthorizationURLOptions {
|
|
2
2
|
clientId: string;
|
|
3
3
|
connection?: string;
|
|
4
4
|
organization?: string;
|
|
@@ -12,3 +12,8 @@ export interface AuthorizationURLOptions {
|
|
|
12
12
|
redirectUri: string;
|
|
13
13
|
state?: string;
|
|
14
14
|
}
|
|
15
|
+
/**
|
|
16
|
+
* @deprecated Use SSOAuthorizationURLOptions instead
|
|
17
|
+
*/
|
|
18
|
+
export interface AuthorizationURLOptions extends SSOAuthorizationURLOptions {
|
|
19
|
+
}
|
package/lib/sso/sso.d.ts
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
|
+
import { UnknownRecord } from '../common/interfaces/unknown-record.interface';
|
|
1
2
|
import { AutoPaginatable } from '../common/utils/pagination';
|
|
2
3
|
import { WorkOS } from '../workos';
|
|
3
|
-
import {
|
|
4
|
-
import { UnknownRecord } from '../common/interfaces/unknown-record.interface';
|
|
4
|
+
import { Connection, GetProfileAndTokenOptions, GetProfileOptions, ListConnectionsOptions, Profile, ProfileAndToken, SSOAuthorizationURLOptions } from './interfaces';
|
|
5
5
|
export declare class SSO {
|
|
6
6
|
private readonly workos;
|
|
7
7
|
constructor(workos: WorkOS);
|
|
8
8
|
listConnections(options?: ListConnectionsOptions): Promise<AutoPaginatable<Connection>>;
|
|
9
9
|
deleteConnection(id: string): Promise<void>;
|
|
10
|
-
getAuthorizationUrl({ connection, clientId, domain, domainHint, loginHint, organization, provider, redirectUri, state, }:
|
|
10
|
+
getAuthorizationUrl({ connection, clientId, domain, domainHint, loginHint, organization, provider, redirectUri, state, }: SSOAuthorizationURLOptions): string;
|
|
11
11
|
getConnection(id: string): Promise<Connection>;
|
|
12
12
|
getProfileAndToken<CustomAttributesType extends UnknownRecord = UnknownRecord>({ code, clientId, }: GetProfileAndTokenOptions): Promise<ProfileAndToken<CustomAttributesType>>;
|
|
13
13
|
getProfile<CustomAttributesType extends UnknownRecord = UnknownRecord>({ accessToken, }: GetProfileOptions): Promise<Profile<CustomAttributesType>>;
|
package/lib/sso/sso.js
CHANGED
|
@@ -10,9 +10,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
12
|
exports.SSO = void 0;
|
|
13
|
+
const fetch_and_deserialize_1 = require("../common/utils/fetch-and-deserialize");
|
|
13
14
|
const pagination_1 = require("../common/utils/pagination");
|
|
14
15
|
const serializers_1 = require("./serializers");
|
|
15
|
-
const fetch_and_deserialize_1 = require("../common/utils/fetch-and-deserialize");
|
|
16
16
|
const toQueryString = (options) => {
|
|
17
17
|
const searchParams = new URLSearchParams();
|
|
18
18
|
const keys = Object.keys(options).sort();
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export interface
|
|
1
|
+
export interface UserManagementAuthorizationURLOptions {
|
|
2
2
|
clientId: string;
|
|
3
3
|
codeChallenge?: string;
|
|
4
4
|
codeChallengeMethod?: 'S256';
|
|
@@ -12,6 +12,7 @@ export interface AuthorizationURLOptions {
|
|
|
12
12
|
domainHint?: string;
|
|
13
13
|
loginHint?: string;
|
|
14
14
|
provider?: string;
|
|
15
|
+
providerScopes?: string[];
|
|
15
16
|
redirectUri: string;
|
|
16
17
|
state?: string;
|
|
17
18
|
screenHint?: 'sign-up' | 'sign-in';
|
|
@@ -8,8 +8,9 @@ export * from './authenticate-with-refresh-token-options.interface';
|
|
|
8
8
|
export * from './authenticate-with-session-cookie.interface';
|
|
9
9
|
export * from './authenticate-with-totp-options.interface';
|
|
10
10
|
export * from './authentication-event.interface';
|
|
11
|
-
export * from './authentication-response.interface';
|
|
12
11
|
export * from './authentication-radar-risk-detected-event.interface';
|
|
12
|
+
export * from './authentication-response.interface';
|
|
13
|
+
export * from './authorization-url-options.interface';
|
|
13
14
|
export * from './create-magic-auth-options.interface';
|
|
14
15
|
export * from './create-organization-membership-options.interface';
|
|
15
16
|
export * from './create-password-reset-options.interface';
|
|
@@ -17,6 +18,7 @@ export * from './create-user-options.interface';
|
|
|
17
18
|
export * from './email-verification.interface';
|
|
18
19
|
export * from './enroll-auth-factor.interface';
|
|
19
20
|
export * from './factor.interface';
|
|
21
|
+
export * from './identity.interface';
|
|
20
22
|
export * from './impersonator.interface';
|
|
21
23
|
export * from './invitation.interface';
|
|
22
24
|
export * from './list-auth-factors-options.interface';
|
|
@@ -24,8 +24,9 @@ __exportStar(require("./authenticate-with-refresh-token-options.interface"), exp
|
|
|
24
24
|
__exportStar(require("./authenticate-with-session-cookie.interface"), exports);
|
|
25
25
|
__exportStar(require("./authenticate-with-totp-options.interface"), exports);
|
|
26
26
|
__exportStar(require("./authentication-event.interface"), exports);
|
|
27
|
-
__exportStar(require("./authentication-response.interface"), exports);
|
|
28
27
|
__exportStar(require("./authentication-radar-risk-detected-event.interface"), exports);
|
|
28
|
+
__exportStar(require("./authentication-response.interface"), exports);
|
|
29
|
+
__exportStar(require("./authorization-url-options.interface"), exports);
|
|
29
30
|
__exportStar(require("./create-magic-auth-options.interface"), exports);
|
|
30
31
|
__exportStar(require("./create-organization-membership-options.interface"), exports);
|
|
31
32
|
__exportStar(require("./create-password-reset-options.interface"), exports);
|
|
@@ -33,6 +34,7 @@ __exportStar(require("./create-user-options.interface"), exports);
|
|
|
33
34
|
__exportStar(require("./email-verification.interface"), exports);
|
|
34
35
|
__exportStar(require("./enroll-auth-factor.interface"), exports);
|
|
35
36
|
__exportStar(require("./factor.interface"), exports);
|
|
37
|
+
__exportStar(require("./identity.interface"), exports);
|
|
36
38
|
__exportStar(require("./impersonator.interface"), exports);
|
|
37
39
|
__exportStar(require("./invitation.interface"), exports);
|
|
38
40
|
__exportStar(require("./list-auth-factors-options.interface"), exports);
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { createRemoteJWKSet } from 'jose';
|
|
2
|
+
import { IronSessionProvider } from '../common/iron-session/iron-session-provider';
|
|
2
3
|
import { AutoPaginatable } from '../common/utils/pagination';
|
|
3
4
|
import { Challenge } from '../mfa/interfaces';
|
|
4
5
|
import { WorkOS } from '../workos';
|
|
@@ -6,7 +7,7 @@ import { AuthenticateWithCodeOptions, AuthenticateWithMagicAuthOptions, Authenti
|
|
|
6
7
|
import { AuthenticateWithEmailVerificationOptions } from './interfaces/authenticate-with-email-verification-options.interface';
|
|
7
8
|
import { AuthenticateWithOrganizationSelectionOptions } from './interfaces/authenticate-with-organization-selection.interface';
|
|
8
9
|
import { AuthenticateWithSessionCookieFailedResponse, AuthenticateWithSessionCookieOptions, AuthenticateWithSessionCookieSuccessResponse, SessionCookieData } from './interfaces/authenticate-with-session-cookie.interface';
|
|
9
|
-
import {
|
|
10
|
+
import { UserManagementAuthorizationURLOptions } from './interfaces/authorization-url-options.interface';
|
|
10
11
|
import { CreateOrganizationMembershipOptions } from './interfaces/create-organization-membership-options.interface';
|
|
11
12
|
import { Factor, FactorWithSecrets } from './interfaces/factor.interface';
|
|
12
13
|
import { Identity } from './interfaces/identity.interface';
|
|
@@ -19,7 +20,6 @@ import { RevokeSessionOptions } from './interfaces/revoke-session-options.interf
|
|
|
19
20
|
import { SendInvitationOptions } from './interfaces/send-invitation-options.interface';
|
|
20
21
|
import { SessionHandlerOptions } from './interfaces/session-handler-options.interface';
|
|
21
22
|
import { UpdateOrganizationMembershipOptions } from './interfaces/update-organization-membership-options.interface';
|
|
22
|
-
import { IronSessionProvider } from '../common/iron-session/iron-session-provider';
|
|
23
23
|
import { Session } from './session';
|
|
24
24
|
export declare class UserManagement {
|
|
25
25
|
private readonly workos;
|
|
@@ -106,7 +106,7 @@ export declare class UserManagement {
|
|
|
106
106
|
acceptInvitation(invitationId: string): Promise<Invitation>;
|
|
107
107
|
revokeInvitation(invitationId: string): Promise<Invitation>;
|
|
108
108
|
revokeSession(payload: RevokeSessionOptions): Promise<void>;
|
|
109
|
-
getAuthorizationUrl({ connectionId, codeChallenge, codeChallengeMethod, context, clientId, domainHint, loginHint, organizationId, provider, redirectUri, state, screenHint, }:
|
|
109
|
+
getAuthorizationUrl({ connectionId, codeChallenge, codeChallengeMethod, context, clientId, domainHint, loginHint, organizationId, provider, providerScopes, redirectUri, state, screenHint, }: UserManagementAuthorizationURLOptions): string;
|
|
110
110
|
getLogoutUrl({ sessionId, returnTo, }: {
|
|
111
111
|
sessionId: string;
|
|
112
112
|
returnTo?: string;
|
|
@@ -48,7 +48,12 @@ const toQueryString = (options) => {
|
|
|
48
48
|
const keys = Object.keys(options).sort();
|
|
49
49
|
for (const key of keys) {
|
|
50
50
|
const value = options[key];
|
|
51
|
-
if (value) {
|
|
51
|
+
if (Array.isArray(value)) {
|
|
52
|
+
value.forEach((item) => {
|
|
53
|
+
searchParams.append(key, item);
|
|
54
|
+
});
|
|
55
|
+
}
|
|
56
|
+
if (typeof value === 'string') {
|
|
52
57
|
searchParams.append(key, value);
|
|
53
58
|
}
|
|
54
59
|
}
|
|
@@ -519,7 +524,7 @@ class UserManagement {
|
|
|
519
524
|
yield this.workos.post('/user_management/sessions/revoke', (0, revoke_session_options_interface_1.serializeRevokeSessionOptions)(payload));
|
|
520
525
|
});
|
|
521
526
|
}
|
|
522
|
-
getAuthorizationUrl({ connectionId, codeChallenge, codeChallengeMethod, context, clientId, domainHint, loginHint, organizationId, provider, redirectUri, state, screenHint, }) {
|
|
527
|
+
getAuthorizationUrl({ connectionId, codeChallenge, codeChallengeMethod, context, clientId, domainHint, loginHint, organizationId, provider, providerScopes, redirectUri, state, screenHint, }) {
|
|
523
528
|
if (!provider && !connectionId && !organizationId) {
|
|
524
529
|
throw new TypeError(`Incomplete arguments. Need to specify either a 'connectionId', 'organizationId', or 'provider'.`);
|
|
525
530
|
}
|
|
@@ -539,6 +544,7 @@ class UserManagement {
|
|
|
539
544
|
domain_hint: domainHint,
|
|
540
545
|
login_hint: loginHint,
|
|
541
546
|
provider,
|
|
547
|
+
provider_scopes: providerScopes,
|
|
542
548
|
client_id: clientId,
|
|
543
549
|
redirect_uri: redirectUri,
|
|
544
550
|
response_type: 'code',
|
|
@@ -1545,7 +1545,7 @@ describe('UserManagement', () => {
|
|
|
1545
1545
|
it('generates an authorize url with the default api hostname', () => {
|
|
1546
1546
|
const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
|
|
1547
1547
|
const url = workos.userManagement.getAuthorizationUrl({
|
|
1548
|
-
provider: '
|
|
1548
|
+
provider: 'GoogleOAuth',
|
|
1549
1549
|
clientId: 'proj_123',
|
|
1550
1550
|
redirectUri: 'example.com/auth/workos/callback',
|
|
1551
1551
|
});
|
|
@@ -1566,12 +1566,27 @@ describe('UserManagement', () => {
|
|
|
1566
1566
|
it('generates an authorize url with the provider', () => {
|
|
1567
1567
|
const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
|
|
1568
1568
|
const url = workos.userManagement.getAuthorizationUrl({
|
|
1569
|
-
provider: '
|
|
1569
|
+
provider: 'GoogleOAuth',
|
|
1570
1570
|
clientId: 'proj_123',
|
|
1571
1571
|
redirectUri: 'example.com/auth/workos/callback',
|
|
1572
1572
|
});
|
|
1573
1573
|
expect(url).toMatchSnapshot();
|
|
1574
1574
|
});
|
|
1575
|
+
describe('with providerScopes', () => {
|
|
1576
|
+
it('generates an authorize url that includes the specified scopes', () => {
|
|
1577
|
+
const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
|
|
1578
|
+
const url = workos.userManagement.getAuthorizationUrl({
|
|
1579
|
+
provider: 'GoogleOAuth',
|
|
1580
|
+
providerScopes: [
|
|
1581
|
+
'https://www.googleapis.com/auth/calendar',
|
|
1582
|
+
'https://www.googleapis.com/auth/admin.directory.group',
|
|
1583
|
+
],
|
|
1584
|
+
clientId: 'proj_123',
|
|
1585
|
+
redirectUri: 'example.com/auth/workos/callback',
|
|
1586
|
+
});
|
|
1587
|
+
expect(url).toMatchSnapshot();
|
|
1588
|
+
});
|
|
1589
|
+
});
|
|
1575
1590
|
});
|
|
1576
1591
|
describe('with a connectionId', () => {
|
|
1577
1592
|
it('generates an authorize url with the connection', () => {
|
|
@@ -1583,6 +1598,18 @@ describe('UserManagement', () => {
|
|
|
1583
1598
|
});
|
|
1584
1599
|
expect(url).toMatchSnapshot();
|
|
1585
1600
|
});
|
|
1601
|
+
describe('with providerScopes', () => {
|
|
1602
|
+
it('generates an authorize url that includes the specified scopes', () => {
|
|
1603
|
+
const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
|
|
1604
|
+
const url = workos.userManagement.getAuthorizationUrl({
|
|
1605
|
+
connectionId: 'connection_123',
|
|
1606
|
+
providerScopes: ['read_api', 'read_repository'],
|
|
1607
|
+
clientId: 'proj_123',
|
|
1608
|
+
redirectUri: 'example.com/auth/workos/callback',
|
|
1609
|
+
});
|
|
1610
|
+
expect(url).toMatchSnapshot();
|
|
1611
|
+
});
|
|
1612
|
+
});
|
|
1586
1613
|
});
|
|
1587
1614
|
describe('with an organizationId', () => {
|
|
1588
1615
|
it('generates an authorization URL with the organization', () => {
|
package/lib/workos.js
CHANGED
|
@@ -31,7 +31,7 @@ const widgets_1 = require("./widgets/widgets");
|
|
|
31
31
|
const actions_1 = require("./actions/actions");
|
|
32
32
|
const vault_1 = require("./vault/vault");
|
|
33
33
|
const conflict_exception_1 = require("./common/exceptions/conflict.exception");
|
|
34
|
-
const VERSION = '7.
|
|
34
|
+
const VERSION = '7.54.0';
|
|
35
35
|
const DEFAULT_HOSTNAME = 'api.workos.com';
|
|
36
36
|
const HEADER_AUTHORIZATION = 'Authorization';
|
|
37
37
|
const HEADER_IDEMPOTENCY_KEY = 'Idempotency-Key';
|
package/package.json
CHANGED