@workos-inc/node 7.68.0 → 7.69.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/lib/sso/interfaces/authorization-url-options.interface.d.ts +1 -0
  2. package/lib/sso/interfaces/profile-and-token.interface.d.ts +3 -0
  3. package/lib/sso/serializers/profile-and-token.serializer.js +2 -0
  4. package/lib/sso/sso.d.ts +1 -1
  5. package/lib/sso/sso.js +2 -1
  6. package/lib/sso/sso.spec.js +105 -0
  7. package/lib/workos.js +1 -1
  8. package/package.json +1 -1
package/lib/sso/interfaces/authorization-url-options.interface.d.ts CHANGED
@@ -9,6 +9,7 @@ export interface SSOAuthorizationURLOptions {
9
9
  domainHint?: string;
10
10
  loginHint?: string;
11
11
  provider?: string;
12
+ providerScopes?: string[];
12
13
  redirectUri: string;
13
14
  state?: string;
14
15
  }
package/lib/sso/interfaces/profile-and-token.interface.d.ts CHANGED
@@ -1,10 +1,13 @@
1
1
  import { UnknownRecord } from '../../common/interfaces/unknown-record.interface';
2
+ import { OauthTokens, OauthTokensResponse } from '../../user-management/interfaces/oauth-tokens.interface';
2
3
  import { Profile, ProfileResponse } from './profile.interface';
3
4
  export interface ProfileAndToken<CustomAttributesType extends UnknownRecord> {
4
5
  accessToken: string;
5
6
  profile: Profile<CustomAttributesType>;
7
+ oauthTokens?: OauthTokens;
6
8
  }
7
9
  export interface ProfileAndTokenResponse<CustomAttributesType extends UnknownRecord> {
8
10
  access_token: string;
9
11
  profile: ProfileResponse<CustomAttributesType>;
12
+ oauth_tokens?: OauthTokensResponse;
10
13
  }
package/lib/sso/serializers/profile-and-token.serializer.js CHANGED
@@ -1,9 +1,11 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.deserializeProfileAndToken = void 0;
4
+ const oauth_tokens_serializer_1 = require("../../user-management/serializers/oauth-tokens.serializer");
4
5
  const profile_serializer_1 = require("./profile.serializer");
5
6
  const deserializeProfileAndToken = (profileAndToken) => ({
6
7
  accessToken: profileAndToken.access_token,
7
8
  profile: (0, profile_serializer_1.deserializeProfile)(profileAndToken.profile),
9
+ oauthTokens: (0, oauth_tokens_serializer_1.deserializeOauthTokens)(profileAndToken.oauth_tokens),
8
10
  });
9
11
  exports.deserializeProfileAndToken = deserializeProfileAndToken;
package/lib/sso/sso.d.ts CHANGED
@@ -7,7 +7,7 @@ export declare class SSO {
7
7
  constructor(workos: WorkOS);
8
8
  listConnections(options?: ListConnectionsOptions): Promise<AutoPaginatable<Connection>>;
9
9
  deleteConnection(id: string): Promise<void>;
10
- getAuthorizationUrl({ connection, clientId, domain, domainHint, loginHint, organization, provider, redirectUri, state, }: SSOAuthorizationURLOptions): string;
10
+ getAuthorizationUrl({ connection, clientId, domain, domainHint, loginHint, organization, provider, providerScopes, redirectUri, state, }: SSOAuthorizationURLOptions): string;
11
11
  getConnection(id: string): Promise<Connection>;
12
12
  getProfileAndToken<CustomAttributesType extends UnknownRecord = UnknownRecord>({ code, clientId, }: GetProfileAndTokenOptions): Promise<ProfileAndToken<CustomAttributesType>>;
13
13
  getProfile<CustomAttributesType extends UnknownRecord = UnknownRecord>({ accessToken, }: GetProfileOptions): Promise<Profile<CustomAttributesType>>;
package/lib/sso/sso.js CHANGED
@@ -38,7 +38,7 @@ class SSO {
38
38
  yield this.workos.delete(`/connections/${id}`);
39
39
  });
40
40
  }
41
- getAuthorizationUrl({ connection, clientId, domain, domainHint, loginHint, organization, provider, redirectUri, state, }) {
41
+ getAuthorizationUrl({ connection, clientId, domain, domainHint, loginHint, organization, provider, providerScopes, redirectUri, state, }) {
42
42
  if (!domain && !provider && !connection && !organization) {
43
43
  throw new Error(`Incomplete arguments. Need to specify either a 'connection', 'organization', 'domain', or 'provider'.`);
44
44
  }
@@ -52,6 +52,7 @@ class SSO {
52
52
  domain_hint: domainHint,
53
53
  login_hint: loginHint,
54
54
  provider,
55
+ provider_scopes: providerScopes === null || providerScopes === void 0 ? void 0 : providerScopes.join(' '),
55
56
  client_id: clientId,
56
57
  redirect_uri: redirectUri,
57
58
  response_type: 'code',
package/lib/sso/sso.spec.js CHANGED
@@ -161,6 +161,28 @@ describe('SSO', () => {
161
161
  expect(url).toMatchInlineSnapshot(`"https://api.workos.com/sso/authorize?client_id=proj_123&connection=connection_123&login_hint=foo%40workos.com&redirect_uri=example.com%2Fsso%2Fworkos%2Fcallback&response_type=code&state=custom+state"`);
162
162
  });
163
163
  });
164
+ describe('with providerScopes', () => {
165
+ it('generates an authorize url with the provided provider scopes', () => {
166
+ const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
167
+ const url = workos.sso.getAuthorizationUrl({
168
+ provider: 'Google',
169
+ providerScopes: ['profile', 'email', 'calendar'],
170
+ clientId: 'proj_123',
171
+ redirectUri: 'example.com/sso/workos/callback',
172
+ });
173
+ expect(url).toMatchInlineSnapshot(`"https://api.workos.com/sso/authorize?client_id=proj_123&provider=Google&provider_scopes=profile+email+calendar&redirect_uri=example.com%2Fsso%2Fworkos%2Fcallback&response_type=code"`);
174
+ });
175
+ it('handles empty provider scopes array', () => {
176
+ const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
177
+ const url = workos.sso.getAuthorizationUrl({
178
+ provider: 'Google',
179
+ providerScopes: [],
180
+ clientId: 'proj_123',
181
+ redirectUri: 'example.com/sso/workos/callback',
182
+ });
183
+ expect(url).toMatchInlineSnapshot(`"https://api.workos.com/sso/authorize?client_id=proj_123&provider=Google&redirect_uri=example.com%2Fsso%2Fworkos%2Fcallback&response_type=code"`);
184
+ });
185
+ });
164
186
  });
165
187
  describe('getProfileAndToken', () => {
166
188
  describe('with all information provided', () => {
@@ -240,6 +262,89 @@ describe('SSO', () => {
240
262
  expect(profile).toMatchSnapshot();
241
263
  }));
242
264
  });
265
+ describe('with oauth tokens in the response', () => {
266
+ it('returns the oauth tokens from the profile and token response', () => __awaiter(void 0, void 0, void 0, function* () {
267
+ (0, test_utils_1.fetchOnce)({
268
+ access_token: '01DMEK0J53CVMC32CK5SE0KZ8Q',
269
+ profile: {
270
+ id: 'prof_123',
271
+ idp_id: '123',
272
+ organization_id: 'org_123',
273
+ connection_id: 'conn_123',
274
+ connection_type: 'OktaSAML',
275
+ email: 'foo@test.com',
276
+ first_name: 'foo',
277
+ last_name: 'bar',
278
+ role: {
279
+ slug: 'admin',
280
+ },
281
+ groups: ['Admins', 'Developers'],
282
+ raw_attributes: {
283
+ email: 'foo@test.com',
284
+ first_name: 'foo',
285
+ last_name: 'bar',
286
+ groups: ['Admins', 'Developers'],
287
+ },
288
+ custom_attributes: {},
289
+ },
290
+ oauth_tokens: {
291
+ access_token: 'oauth_access_token',
292
+ refresh_token: 'oauth_refresh_token',
293
+ expires_at: 1640995200,
294
+ scopes: ['profile', 'email'],
295
+ },
296
+ });
297
+ const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
298
+ const { accessToken, profile, oauthTokens } = yield workos.sso.getProfileAndToken({
299
+ code: 'authorization_code',
300
+ clientId: 'proj_123',
301
+ });
302
+ expect(jest_fetch_mock_1.default.mock.calls.length).toEqual(1);
303
+ expect(accessToken).toBe('01DMEK0J53CVMC32CK5SE0KZ8Q');
304
+ expect(profile).toBeDefined();
305
+ expect(oauthTokens).toEqual({
306
+ accessToken: 'oauth_access_token',
307
+ refreshToken: 'oauth_refresh_token',
308
+ expiresAt: 1640995200,
309
+ scopes: ['profile', 'email'],
310
+ });
311
+ }));
312
+ });
313
+ describe('without oauth tokens in the response', () => {
314
+ it('returns undefined for oauth tokens when not present in response', () => __awaiter(void 0, void 0, void 0, function* () {
315
+ (0, test_utils_1.fetchOnce)({
316
+ access_token: '01DMEK0J53CVMC32CK5SE0KZ8Q',
317
+ profile: {
318
+ id: 'prof_123',
319
+ idp_id: '123',
320
+ organization_id: 'org_123',
321
+ connection_id: 'conn_123',
322
+ connection_type: 'OktaSAML',
323
+ email: 'foo@test.com',
324
+ first_name: 'foo',
325
+ last_name: 'bar',
326
+ role: {
327
+ slug: 'admin',
328
+ },
329
+ raw_attributes: {
330
+ email: 'foo@test.com',
331
+ first_name: 'foo',
332
+ last_name: 'bar',
333
+ },
334
+ custom_attributes: {},
335
+ },
336
+ });
337
+ const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
338
+ const { accessToken, profile, oauthTokens } = yield workos.sso.getProfileAndToken({
339
+ code: 'authorization_code',
340
+ clientId: 'proj_123',
341
+ });
342
+ expect(jest_fetch_mock_1.default.mock.calls.length).toEqual(1);
343
+ expect(accessToken).toBe('01DMEK0J53CVMC32CK5SE0KZ8Q');
344
+ expect(profile).toBeDefined();
345
+ expect(oauthTokens).toBeUndefined();
346
+ }));
347
+ });
243
348
  });
244
349
  describe('getProfile', () => {
245
350
  it('calls the `/sso/profile` endpoint with the provided access token', () => __awaiter(void 0, void 0, void 0, function* () {
package/lib/workos.js CHANGED
@@ -32,7 +32,7 @@ const actions_1 = require("./actions/actions");
32
32
  const vault_1 = require("./vault/vault");
33
33
  const conflict_exception_1 = require("./common/exceptions/conflict.exception");
34
34
  const parse_error_1 = require("./common/exceptions/parse-error");
35
- const VERSION = '7.68.0';
35
+ const VERSION = '7.69.0';
36
36
  const DEFAULT_HOSTNAME = 'api.workos.com';
37
37
  const HEADER_AUTHORIZATION = 'Authorization';
38
38
  const HEADER_IDEMPOTENCY_KEY = 'Idempotency-Key';
package/package.json CHANGED
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "7.68.0",
2
+ "version": "7.69.0",
3
3
  "name": "@workos-inc/node",
4
4
  "author": "WorkOS",
5
5
  "description": "A Node wrapper for the WorkOS API",