@workos-inc/node 7.75.1 → 7.77.0

package/lib/directory-sync/directory-sync.spec.js

@@ -120,7 +120,7 @@ describe('DirectorySync', () => {
         created_at: '2021-10-27 15:21:50.640959',
         updated_at: '2021-12-13 12:15:45.531847',
     };
-    const userWithRole = {
+    const userWithRoles = {
         object: 'directory_user',
         id: 'directory_user_456',
         customAttributes: {
@@ -145,6 +145,7 @@ describe('DirectorySync', () => {
         state: 'active',
         username: 'jonsnow',
         role: { slug: 'super_admin' },
+        roles: [{ slug: 'super_admin' }],
         createdAt: '2021-10-27 15:21:50.640959',
         updatedAt: '2021-12-13 12:15:45.531847',
     };
@@ -173,6 +174,7 @@ describe('DirectorySync', () => {
         state: 'active',
         username: 'jonsnow',
         role: { slug: 'super_admin' },
+        roles: [{ slug: 'super_admin' }],
         created_at: '2021-10-27 15:21:50.640959',
         updated_at: '2021-12-13 12:15:45.531847',
     };
@@ -409,11 +411,11 @@ describe('DirectorySync', () => {
             const subject = yield workos.directorySync.getUser('dir_usr_123');
             expect(subject).toEqual(userWithGroup);
         }));
-        describe('with a Role', () => {
+        describe('with roles', () => {
             it(`requests a Directory User`, () => __awaiter(void 0, void 0, void 0, function* () {
                 (0, test_utils_1.fetchOnce)(userWithRoleResponse);
                 const subject = yield workos.directorySync.getUser('directory_user_456');
-                expect(subject).toEqual(userWithRole);
+                expect(subject).toEqual(userWithRoles);
             }));
         });
     });

package/lib/directory-sync/interfaces/directory-user.interface.d.ts

@@ -33,6 +33,7 @@ export interface DirectoryUser<TCustomAttributes extends object = DefaultCustomA
     jobTitle: string | null;
     state: 'active' | 'inactive';
     role?: RoleResponse;
+    roles?: RoleResponse[];
     createdAt: string;
     updatedAt: string;
 }
@@ -68,6 +69,7 @@ export interface DirectoryUserResponse<TCustomAttributes extends object = Defaul
     job_title: string | null;
     state: 'active' | 'inactive';
     role?: RoleResponse;
+    roles?: RoleResponse[];
     created_at: string;
     updated_at: string;
 }

package/lib/directory-sync/serializers/directory-user.serializer.js

@@ -18,6 +18,7 @@ const deserializeDirectoryUser = (directoryUser) => ({
     jobTitle: directoryUser.job_title,
     state: directoryUser.state,
     role: directoryUser.role,
+    roles: directoryUser.roles,
     createdAt: directoryUser.created_at,
     updatedAt: directoryUser.updated_at,
 });
@@ -40,6 +41,7 @@ const deserializeUpdatedEventDirectoryUser = (directoryUser) => ({
     jobTitle: directoryUser.job_title,
     state: directoryUser.state,
     role: directoryUser.role,
+    roles: directoryUser.roles,
     createdAt: directoryUser.created_at,
     updatedAt: directoryUser.updated_at,
     previousAttributes: directoryUser.previous_attributes,

package/lib/pipes/fixtures/get-access-token-needs-reauth.json

@@ -0,0 +1,4 @@
+{
+    "active": false,
+    "error": "needs_reauthorization"
+}

package/lib/pipes/fixtures/get-access-token-no-expiry.json

@@ -0,0 +1,10 @@
+{
+    "active": true,
+    "access_token": {
+        "object": "access_token",
+        "access_token": "test_access_token_456",
+        "expires_at": null,
+        "scopes": ["read:data"],
+        "missing_scopes": ["write:data"]
+    }
+}

package/lib/pipes/fixtures/get-access-token-not-installed.json

@@ -0,0 +1,4 @@
+{
+    "active": false,
+    "error": "not_installed"
+}

package/lib/pipes/fixtures/get-access-token-success.json

@@ -0,0 +1,10 @@
+{
+    "active": true,
+    "access_token": {
+        "object": "access_token",
+        "access_token": "test_access_token_123",
+        "expires_at": "2025-10-18T12:00:00.000Z",
+        "scopes": ["read:users", "write:users"],
+        "missing_scopes": []
+    }
+}

package/lib/pipes/interfaces/access-token.interface.d.ts

@@ -0,0 +1,14 @@
+export interface AccessToken {
+    object: 'access_token';
+    accessToken: string;
+    expiresAt: Date | null;
+    scopes: string[];
+    missingScopes: string[];
+}
+export interface SerializedAccessToken {
+    object: 'access_token';
+    access_token: string;
+    expires_at: string | null;
+    scopes: string[];
+    missing_scopes: string[];
+}

package/lib/pipes/interfaces/access-token.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/pipes/interfaces/get-access-token.interface.d.ts

@@ -0,0 +1,27 @@
+import { AccessToken, SerializedAccessToken } from './access-token.interface';
+export interface GetAccessTokenOptions {
+    userId: string;
+    organizationId?: string | null;
+}
+export interface SerializedGetAccessTokenOptions {
+    user_id: string;
+    organization_id?: string | null;
+}
+export interface GetAccessTokenSuccessResponse {
+    active: true;
+    accessToken: AccessToken;
+}
+export interface GetAccessTokenFailureResponse {
+    active: false;
+    error: 'not_installed' | 'needs_reauthorization';
+}
+export type GetAccessTokenResponse = GetAccessTokenSuccessResponse | GetAccessTokenFailureResponse;
+export interface SerializedGetAccessTokenSuccessResponse {
+    active: true;
+    access_token: SerializedAccessToken;
+}
+export interface SerializedGetAccessTokenFailureResponse {
+    active: false;
+    error: 'not_installed' | 'needs_reauthorization';
+}
+export type SerializedGetAccessTokenResponse = SerializedGetAccessTokenSuccessResponse | SerializedGetAccessTokenFailureResponse;

package/lib/pipes/interfaces/get-access-token.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/pipes/pipes.d.ts

@@ -0,0 +1,9 @@
+import type { WorkOS } from '../workos';
+import { GetAccessTokenOptions, GetAccessTokenResponse } from './interfaces/get-access-token.interface';
+export declare class Pipes {
+    private readonly workos;
+    constructor(workos: WorkOS);
+    getAccessToken({ provider, ...options }: GetAccessTokenOptions & {
+        provider: string;
+    }): Promise<GetAccessTokenResponse>;
+}

package/lib/pipes/pipes.js

@@ -0,0 +1,37 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __rest = (this && this.__rest) || function (s, e) {
+    var t = {};
+    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
+        t[p] = s[p];
+    if (s != null && typeof Object.getOwnPropertySymbols === "function")
+        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
+            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
+                t[p[i]] = s[p[i]];
+        }
+    return t;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Pipes = void 0;
+const get_access_token_serializer_1 = require("./serializers/get-access-token.serializer");
+class Pipes {
+    constructor(workos) {
+        this.workos = workos;
+    }
+    getAccessToken(_a) {
+        var { provider } = _a, options = __rest(_a, ["provider"]);
+        return __awaiter(this, void 0, void 0, function* () {
+            const { data } = yield this.workos.post(`data-integrations/${provider}/token`, (0, get_access_token_serializer_1.serializeGetAccessTokenOptions)(options));
+            return (0, get_access_token_serializer_1.deserializeGetAccessTokenResponse)(data);
+        });
+    }
+}
+exports.Pipes = Pipes;

package/lib/pipes/pipes.spec.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/pipes/pipes.spec.js

@@ -0,0 +1,109 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const jest_fetch_mock_1 = __importDefault(require("jest-fetch-mock"));
+const test_utils_1 = require("../common/utils/test-utils");
+const workos_1 = require("../workos");
+const get_access_token_success_json_1 = __importDefault(require("./fixtures/get-access-token-success.json"));
+const get_access_token_no_expiry_json_1 = __importDefault(require("./fixtures/get-access-token-no-expiry.json"));
+const get_access_token_not_installed_json_1 = __importDefault(require("./fixtures/get-access-token-not-installed.json"));
+const get_access_token_needs_reauth_json_1 = __importDefault(require("./fixtures/get-access-token-needs-reauth.json"));
+describe('Pipes', () => {
+    let workos;
+    beforeAll(() => {
+        workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
+            apiHostname: 'api.workos.test',
+            clientId: 'proj_123',
+        });
+    });
+    beforeEach(() => jest_fetch_mock_1.default.resetMocks());
+    describe('getAccessToken', () => {
+        it('returns access token with expiry date', () => __awaiter(void 0, void 0, void 0, function* () {
+            (0, test_utils_1.fetchOnce)(get_access_token_success_json_1.default);
+            const response = yield workos.pipes.getAccessToken({
+                provider: 'test-provider',
+                userId: 'user_123',
+                organizationId: 'org_456',
+            });
+            expect((0, test_utils_1.fetchURL)()).toContain('/data-integrations/test-provider/token');
+            expect((0, test_utils_1.fetchBody)()).toEqual({
+                user_id: 'user_123',
+                organization_id: 'org_456',
+            });
+            expect(response).toEqual({
+                active: true,
+                accessToken: {
+                    object: 'access_token',
+                    accessToken: 'test_access_token_123',
+                    expiresAt: new Date('2025-10-18T12:00:00.000Z'),
+                    scopes: ['read:users', 'write:users'],
+                    missingScopes: [],
+                },
+            });
+        }));
+        it('returns access token without expiry date', () => __awaiter(void 0, void 0, void 0, function* () {
+            (0, test_utils_1.fetchOnce)(get_access_token_no_expiry_json_1.default);
+            const response = yield workos.pipes.getAccessToken({
+                provider: 'test-provider',
+                userId: 'user_789',
+            });
+            expect((0, test_utils_1.fetchURL)()).toContain('/data-integrations/test-provider/token');
+            expect((0, test_utils_1.fetchBody)()).toEqual({
+                user_id: 'user_789',
+                organization_id: undefined,
+            });
+            expect(response).toEqual({
+                active: true,
+                accessToken: {
+                    object: 'access_token',
+                    accessToken: 'test_access_token_456',
+                    expiresAt: null,
+                    scopes: ['read:data'],
+                    missingScopes: ['write:data'],
+                },
+            });
+        }));
+        it('returns not_installed failure when integration is not installed', () => __awaiter(void 0, void 0, void 0, function* () {
+            (0, test_utils_1.fetchOnce)(get_access_token_not_installed_json_1.default);
+            const response = yield workos.pipes.getAccessToken({
+                provider: 'test-provider',
+                userId: 'user_123',
+            });
+            expect((0, test_utils_1.fetchURL)()).toContain('/data-integrations/test-provider/token');
+            expect(response).toEqual({
+                active: false,
+                error: 'not_installed',
+            });
+        }));
+        it('returns needs_reauthorization failure when token needs refresh', () => __awaiter(void 0, void 0, void 0, function* () {
+            (0, test_utils_1.fetchOnce)(get_access_token_needs_reauth_json_1.default);
+            const response = yield workos.pipes.getAccessToken({
+                provider: 'test-provider',
+                userId: 'user_123',
+            });
+            expect((0, test_utils_1.fetchURL)()).toContain('/data-integrations/test-provider/token');
+            expect(response).toEqual({
+                active: false,
+                error: 'needs_reauthorization',
+            });
+        }));
+        it('throws error for server errors', () => __awaiter(void 0, void 0, void 0, function* () {
+            (0, test_utils_1.fetchOnce)({ message: 'Internal Server Error' }, { status: 500 });
+            yield expect(workos.pipes.getAccessToken({
+                provider: 'test-provider',
+                userId: 'user_123',
+            })).rejects.toThrow();
+        }));
+    });
+});

package/lib/pipes/serializers/access-token.serializer.d.ts

@@ -0,0 +1,2 @@
+import { AccessToken, SerializedAccessToken } from '../interfaces/access-token.interface';
+export declare function deserializeAccessToken(serialized: SerializedAccessToken): AccessToken;

package/lib/pipes/serializers/access-token.serializer.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.deserializeAccessToken = void 0;
+function deserializeAccessToken(serialized) {
+    return {
+        object: 'access_token',
+        accessToken: serialized.access_token,
+        expiresAt: serialized.expires_at
+            ? new Date(Date.parse(serialized.expires_at))
+            : null,
+        scopes: serialized.scopes,
+        missingScopes: serialized.missing_scopes,
+    };
+}
+exports.deserializeAccessToken = deserializeAccessToken;

package/lib/pipes/serializers/get-access-token.serializer.d.ts

@@ -0,0 +1,3 @@
+import { GetAccessTokenOptions, GetAccessTokenResponse, SerializedGetAccessTokenOptions, SerializedGetAccessTokenResponse } from '../interfaces/get-access-token.interface';
+export declare function serializeGetAccessTokenOptions(options: GetAccessTokenOptions): SerializedGetAccessTokenOptions;
+export declare function deserializeGetAccessTokenResponse(response: SerializedGetAccessTokenResponse): GetAccessTokenResponse;

package/lib/pipes/serializers/get-access-token.serializer.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.deserializeGetAccessTokenResponse = exports.serializeGetAccessTokenOptions = void 0;
+const access_token_serializer_1 = require("./access-token.serializer");
+function serializeGetAccessTokenOptions(options) {
+    return {
+        user_id: options.userId,
+        organization_id: options.organizationId,
+    };
+}
+exports.serializeGetAccessTokenOptions = serializeGetAccessTokenOptions;
+function deserializeGetAccessTokenResponse(response) {
+    if (response.active) {
+        return {
+            active: true,
+            accessToken: (0, access_token_serializer_1.deserializeAccessToken)(response.access_token),
+        };
+    }
+    return {
+        active: false,
+        error: response.error,
+    };
+}
+exports.deserializeGetAccessTokenResponse = deserializeGetAccessTokenResponse;

package/lib/sso/interfaces/profile.interface.d.ts

@@ -11,6 +11,7 @@ export interface Profile<CustomAttributesType extends UnknownRecord> {
     firstName?: string;
     lastName?: string;
     role?: RoleResponse;
+    roles?: RoleResponse[];
     groups?: string[];
     customAttributes?: CustomAttributesType;
     rawAttributes?: {
@@ -27,6 +28,7 @@ export interface ProfileResponse<CustomAttributesType extends UnknownRecord> {
     first_name?: string;
     last_name?: string;
     role?: RoleResponse;
+    roles?: RoleResponse[];
     groups?: string[];
     custom_attributes?: CustomAttributesType;
     raw_attributes?: {

package/lib/sso/serializers/profile.serializer.js

@@ -11,6 +11,7 @@ const deserializeProfile = (profile) => ({
     firstName: profile.first_name,
     lastName: profile.last_name,
     role: profile.role,
+    roles: profile.roles,
     groups: profile.groups,
     customAttributes: profile.custom_attributes,
     rawAttributes: profile.raw_attributes,

package/lib/sso/sso.spec.js

@@ -227,6 +227,7 @@ describe('SSO', () => {
                             role: {
                                 slug: 'admin',
                             },
+                            roles: [{ slug: 'admin' }],
                             groups: ['Admins', 'Developers'],
                             raw_attributes: {
                                 email: 'foo@test.com',
@@ -268,6 +269,7 @@ describe('SSO', () => {
                             role: {
                                 slug: 'admin',
                             },
+                            roles: [{ slug: 'admin' }],
                             raw_attributes: {
                                 email: 'foo@test.com',
                                 first_name: 'foo',
@@ -304,6 +306,7 @@ describe('SSO', () => {
                             role: {
                                 slug: 'admin',
                             },
+                            roles: [{ slug: 'admin' }],
                             groups: ['Admins', 'Developers'],
                             raw_attributes: {
                                 email: 'foo@test.com',
@@ -352,6 +355,7 @@ describe('SSO', () => {
                             role: {
                                 slug: 'admin',
                             },
+                            roles: [{ slug: 'admin' }],
                             raw_attributes: {
                                 email: 'foo@test.com',
                                 first_name: 'foo',
@@ -386,6 +390,7 @@ describe('SSO', () => {
                     role: {
                         slug: 'admin',
                     },
+                    roles: [{ slug: 'admin' }],
                     groups: ['Admins', 'Developers'],
                     raw_attributes: {
                         email: 'foo@test.com',

package/lib/workos.d.ts

@@ -5,6 +5,7 @@ import { Events } from './events/events';
 import { Organizations } from './organizations/organizations';
 import { OrganizationDomains } from './organization-domains/organization-domains';
 import { Passwordless } from './passwordless/passwordless';
+import { Pipes } from './pipes/pipes';
 import { Portal } from './portal/portal';
 import { SSO } from './sso/sso';
 import { Webhooks } from './webhooks/webhooks';
@@ -31,6 +32,7 @@ export declare class WorkOS {
     readonly organizations: Organizations;
     readonly organizationDomains: OrganizationDomains;
     readonly passwordless: Passwordless;
+    readonly pipes: Pipes;
     readonly portal: Portal;
     readonly sso: SSO;
     readonly webhooks: Webhooks;

package/lib/workos.js

@@ -17,6 +17,7 @@ const events_1 = require("./events/events");
 const organizations_1 = require("./organizations/organizations");
 const organization_domains_1 = require("./organization-domains/organization-domains");
 const passwordless_1 = require("./passwordless/passwordless");
+const pipes_1 = require("./pipes/pipes");
 const portal_1 = require("./portal/portal");
 const sso_1 = require("./sso/sso");
 const webhooks_1 = require("./webhooks/webhooks");
@@ -33,7 +34,7 @@ const actions_1 = require("./actions/actions");
 const vault_1 = require("./vault/vault");
 const conflict_exception_1 = require("./common/exceptions/conflict.exception");
 const parse_error_1 = require("./common/exceptions/parse-error");
-const VERSION = '7.75.1';
+const VERSION = '7.77.0';
 const DEFAULT_HOSTNAME = 'api.workos.com';
 const HEADER_AUTHORIZATION = 'Authorization';
 const HEADER_IDEMPOTENCY_KEY = 'Idempotency-Key';
@@ -48,6 +49,7 @@ class WorkOS {
         this.organizations = new organizations_1.Organizations(this);
         this.organizationDomains = new organization_domains_1.OrganizationDomains(this);
         this.passwordless = new passwordless_1.Passwordless(this);
+        this.pipes = new pipes_1.Pipes(this);
         this.portal = new portal_1.Portal(this);
         this.sso = new sso_1.SSO(this);
         this.mfa = new mfa_1.Mfa(this);

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "7.75.1",
+  "version": "7.77.0",
   "name": "@workos-inc/node",
   "author": "WorkOS",
   "description": "A Node wrapper for the WorkOS API",