@workos-inc/node 7.9.0 → 7.10.0

package/README.md

@@ -9,6 +9,10 @@ The WorkOS library for Node.js provides convenient access to the WorkOS API from
 
 See the [API Reference](https://workos.com/docs/reference/client-libraries) for Node.js usage examples.
 
+## Requirements
+
+Node 16 or higher.
+
 ## Installation
 
 Install the package with:

package/lib/common/crypto/CryptoProvider.d.ts

@@ -0,0 +1,32 @@
+/**
+ * Interface encapsulating the various crypto computations used by the library,
+ * allowing pluggable underlying crypto implementations.
+ */
+export declare abstract class CryptoProvider {
+    encoder: TextEncoder;
+    /**
+     * Computes a SHA-256 HMAC given a secret and a payload (encoded in UTF-8).
+     * The output HMAC should be encoded in hexadecimal.
+     *
+     * Sample values for implementations:
+     * - computeHMACSignature('', 'test_secret') => 'f7f9bd47fb987337b5796fdc1fdb9ba221d0d5396814bfcaf9521f43fd8927fd'
+     * - computeHMACSignature('\ud83d\ude00', 'test_secret') => '837da296d05c4fe31f61d5d7ead035099d9585a5bcde87de952012a78f0b0c43
+     */
+    abstract computeHMACSignature(payload: string, secret: string): string;
+    /**
+     * Asynchronous version of `computeHMACSignature`. Some implementations may
+     * only allow support async signature computation.
+     *
+     * Computes a SHA-256 HMAC given a secret and a payload (encoded in UTF-8).
+     * The output HMAC should be encoded in hexadecimal.
+     *
+     * Sample values for implementations:
+     * - computeHMACSignature('', 'test_secret') => 'f7f9bd47fb987337b5796fdc1fdb9ba221d0d5396814bfcaf9521f43fd8927fd'
+     * - computeHMACSignature('\ud83d\ude00', 'test_secret') => '837da296d05c4fe31f61d5d7ead035099d9585a5bcde87de952012a78f0b0c43
+     */
+    abstract computeHMACSignatureAsync(payload: string, secret: string): Promise<string>;
+    /**
+     * Cryptographically determine whether two signatures are equal
+     */
+    abstract secureCompare(stringA: string, stringB: string): Promise<boolean>;
+}

package/lib/common/crypto/CryptoProvider.js

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CryptoProvider = void 0;
+/**
+ * Interface encapsulating the various crypto computations used by the library,
+ * allowing pluggable underlying crypto implementations.
+ */
+class CryptoProvider {
+    constructor() {
+        this.encoder = new TextEncoder();
+    }
+}
+exports.CryptoProvider = CryptoProvider;

package/lib/common/crypto/NodeCryptoProvider.d.ts

@@ -0,0 +1,12 @@
+import { CryptoProvider } from './CryptoProvider';
+/**
+ * `CryptoProvider which uses the Node `crypto` package for its computations.
+ */
+export declare class NodeCryptoProvider extends CryptoProvider {
+    /** @override */
+    computeHMACSignature(payload: string, secret: string): string;
+    /** @override */
+    computeHMACSignatureAsync(payload: string, secret: string): Promise<string>;
+    /** @override */
+    secureCompare(stringA: string, stringB: string): Promise<boolean>;
+}

package/lib/common/crypto/NodeCryptoProvider.js

@@ -0,0 +1,73 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NodeCryptoProvider = void 0;
+const crypto = __importStar(require("crypto"));
+const CryptoProvider_1 = require("./CryptoProvider");
+/**
+ * `CryptoProvider which uses the Node `crypto` package for its computations.
+ */
+class NodeCryptoProvider extends CryptoProvider_1.CryptoProvider {
+    /** @override */
+    computeHMACSignature(payload, secret) {
+        return crypto
+            .createHmac('sha256', secret)
+            .update(payload, 'utf8')
+            .digest('hex');
+    }
+    /** @override */
+    computeHMACSignatureAsync(payload, secret) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const signature = yield this.computeHMACSignature(payload, secret);
+            return signature;
+        });
+    }
+    /** @override */
+    secureCompare(stringA, stringB) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const bufferA = this.encoder.encode(stringA);
+            const bufferB = this.encoder.encode(stringB);
+            if (bufferA.length !== bufferB.length) {
+                return false;
+            }
+            // Generate a random key for HMAC
+            const key = crypto.randomBytes(32); // Generates a 256-bit key
+            const hmacA = crypto.createHmac('sha256', key).update(bufferA).digest();
+            const hmacB = crypto.createHmac('sha256', key).update(bufferB).digest();
+            // Perform a constant time comparison
+            return crypto.timingSafeEqual(hmacA, hmacB);
+        });
+    }
+}
+exports.NodeCryptoProvider = NodeCryptoProvider;

package/lib/common/crypto/SubtleCryptoProvider.d.ts

@@ -0,0 +1,15 @@
+import { CryptoProvider } from './CryptoProvider';
+/**
+ * `CryptoProvider which uses the SubtleCrypto interface of the Web Crypto API.
+ *
+ * This only supports asynchronous operations.
+ */
+export declare class SubtleCryptoProvider extends CryptoProvider {
+    subtleCrypto: SubtleCrypto;
+    constructor(subtleCrypto?: SubtleCrypto);
+    computeHMACSignature(_payload: string, _secret: string): string;
+    /** @override */
+    computeHMACSignatureAsync(payload: string, secret: string): Promise<string>;
+    /** @override */
+    secureCompare(stringA: string, stringB: string): Promise<boolean>;
+}

package/lib/common/crypto/SubtleCryptoProvider.js

@@ -0,0 +1,75 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SubtleCryptoProvider = void 0;
+const CryptoProvider_1 = require("./CryptoProvider");
+/**
+ * `CryptoProvider which uses the SubtleCrypto interface of the Web Crypto API.
+ *
+ * This only supports asynchronous operations.
+ */
+class SubtleCryptoProvider extends CryptoProvider_1.CryptoProvider {
+    constructor(subtleCrypto) {
+        super();
+        // If no subtle crypto is interface, default to the global namespace. This
+        // is to allow custom interfaces (eg. using the Node webcrypto interface in
+        // tests).
+        this.subtleCrypto = subtleCrypto || crypto.subtle;
+    }
+    computeHMACSignature(_payload, _secret) {
+        throw new Error('SubleCryptoProvider cannot be used in a synchronous context.');
+    }
+    /** @override */
+    computeHMACSignatureAsync(payload, secret) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const encoder = new TextEncoder();
+            const key = yield this.subtleCrypto.importKey('raw', encoder.encode(secret), {
+                name: 'HMAC',
+                hash: { name: 'SHA-256' },
+            }, false, ['sign']);
+            const signatureBuffer = yield this.subtleCrypto.sign('hmac', key, encoder.encode(payload));
+            // crypto.subtle returns the signature in base64 format. This must be
+            // encoded in hex to match the CryptoProvider contract. We map each byte in
+            // the buffer to its corresponding hex octet and then combine into a string.
+            const signatureBytes = new Uint8Array(signatureBuffer);
+            const signatureHexCodes = new Array(signatureBytes.length);
+            for (let i = 0; i < signatureBytes.length; i++) {
+                signatureHexCodes[i] = byteHexMapping[signatureBytes[i]];
+            }
+            return signatureHexCodes.join('');
+        });
+    }
+    /** @override */
+    secureCompare(stringA, stringB) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const bufferA = this.encoder.encode(stringA);
+            const bufferB = this.encoder.encode(stringB);
+            if (bufferA.length !== bufferB.length) {
+                return false;
+            }
+            const algorithm = { name: 'HMAC', hash: 'SHA-256' };
+            const key = (yield crypto.subtle.generateKey(algorithm, false, [
+                'sign',
+                'verify',
+            ]));
+            const hmac = yield crypto.subtle.sign(algorithm, key, bufferA);
+            const equal = yield crypto.subtle.verify(algorithm, key, hmac, bufferB);
+            return equal;
+        });
+    }
+}
+exports.SubtleCryptoProvider = SubtleCryptoProvider;
+// Cached mapping of byte to hex representation. We do this once to avoid re-
+// computing every time we need to convert the result of a signature to hex.
+const byteHexMapping = new Array(256);
+for (let i = 0; i < byteHexMapping.length; i++) {
+    byteHexMapping[i] = i.toString(16).padStart(2, '0');
+}

package/lib/common/crypto/index.d.ts

@@ -0,0 +1,3 @@
+export * from './NodeCryptoProvider';
+export * from './SubtleCryptoProvider';
+export * from './CryptoProvider';

package/lib/common/crypto/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./NodeCryptoProvider"), exports);
+__exportStar(require("./SubtleCryptoProvider"), exports);
+__exportStar(require("./CryptoProvider"), exports);

package/lib/common/interfaces/http-client.interface.d.ts

@@ -0,0 +1,20 @@
+export type RequestHeaders = Record<string, string | number | string[]>;
+export type RequestOptions = {
+    params?: Record<string, any>;
+    headers?: RequestHeaders;
+};
+export type ResponseHeaderValue = string | string[];
+export type ResponseHeaders = Record<string, ResponseHeaderValue>;
+export interface HttpClientInterface {
+    getClientName: () => string;
+    get(path: string, options: RequestOptions): any;
+    post<Entity = any>(path: string, entity: Entity, options: RequestOptions): any;
+    put<Entity = any>(path: string, entity: Entity, options: RequestOptions): any;
+    delete(path: string, options: RequestOptions): any;
+}
+export interface HttpClientResponseInterface {
+    getStatusCode: () => number;
+    getHeaders: () => ResponseHeaders;
+    getRawResponse: () => unknown;
+    toJSON: () => Promise<any> | null;
+}

package/lib/common/interfaces/http-client.interface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/common/interfaces/index.d.ts

@@ -7,3 +7,4 @@ export * from './unprocessable-entity-error.interface';
 export * from './workos-options.interface';
 export * from './workos-response-error.interface';
 export * from './pagination-options.interface';
+export * from './http-client.interface';

package/lib/common/interfaces/index.js

@@ -23,3 +23,4 @@ __exportStar(require("./unprocessable-entity-error.interface"), exports);
 __exportStar(require("./workos-options.interface"), exports);
 __exportStar(require("./workos-response-error.interface"), exports);
 __exportStar(require("./pagination-options.interface"), exports);
+__exportStar(require("./http-client.interface"), exports);

package/lib/common/interfaces/workos-options.interface.d.ts

@@ -5,4 +5,5 @@ export interface WorkOSOptions {
     port?: number;
     config?: RequestInit;
     appInfo?: AppInfo;
+    fetchFn?: typeof fetch;
 }

package/lib/common/net/fetch-client.d.ts

@@ -0,0 +1,22 @@
+import { HttpClientInterface, HttpClientResponseInterface, RequestOptions, ResponseHeaders } from '../interfaces/http-client.interface';
+import { HttpClient, HttpClientResponse } from './http-client';
+export declare class FetchHttpClient extends HttpClient implements HttpClientInterface {
+    readonly baseURL: string;
+    readonly options?: RequestInit | undefined;
+    private readonly _fetchFn;
+    constructor(baseURL: string, options?: RequestInit | undefined, fetchFn?: typeof fetch);
+    /** @override */
+    getClientName(): string;
+    get(path: string, options: RequestOptions): Promise<HttpClientResponseInterface>;
+    post<Entity = any>(path: string, entity: Entity, options: RequestOptions): Promise<HttpClientResponseInterface>;
+    put<Entity = any>(path: string, entity: Entity, options: RequestOptions): Promise<HttpClientResponseInterface>;
+    delete(path: string, options: RequestOptions): Promise<HttpClientResponseInterface>;
+    private fetchRequest;
+}
+export declare class FetchHttpClientResponse extends HttpClientResponse implements HttpClientResponseInterface {
+    _res: Response;
+    constructor(res: Response);
+    getRawResponse(): Response;
+    toJSON(): Promise<any> | null;
+    static _transformHeadersToObject(headers: Headers): ResponseHeaders;
+}

package/lib/common/net/fetch-client.js

@@ -0,0 +1,112 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FetchHttpClientResponse = exports.FetchHttpClient = void 0;
+const http_client_1 = require("./http-client");
+class FetchHttpClient extends http_client_1.HttpClient {
+    constructor(baseURL, options, fetchFn) {
+        super(baseURL, options);
+        this.baseURL = baseURL;
+        this.options = options;
+        // Default to global fetch if available
+        if (!fetchFn) {
+            if (!globalThis.fetch) {
+                throw new Error('Fetch function not defined in the global scope and no replacement was provided.');
+            }
+            fetchFn = globalThis.fetch;
+        }
+        this._fetchFn = fetchFn;
+    }
+    /** @override */
+    getClientName() {
+        return 'fetch';
+    }
+    get(path, options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const resourceURL = http_client_1.HttpClient.getResourceURL(this.baseURL, path, options.params);
+            return yield this.fetchRequest(resourceURL, 'GET', null, options.headers);
+        });
+    }
+    post(path, entity, options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const resourceURL = http_client_1.HttpClient.getResourceURL(this.baseURL, path, options.params);
+            return yield this.fetchRequest(resourceURL, 'POST', http_client_1.HttpClient.getBody(entity), Object.assign(Object.assign({}, http_client_1.HttpClient.getContentTypeHeader(entity)), options.headers));
+        });
+    }
+    put(path, entity, options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const resourceURL = http_client_1.HttpClient.getResourceURL(this.baseURL, path, options.params);
+            return yield this.fetchRequest(resourceURL, 'PUT', http_client_1.HttpClient.getBody(entity), Object.assign(Object.assign({}, http_client_1.HttpClient.getContentTypeHeader(entity)), options.headers));
+        });
+    }
+    delete(path, options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const resourceURL = http_client_1.HttpClient.getResourceURL(this.baseURL, path, options.params);
+            return yield this.fetchRequest(resourceURL, 'DELETE', null, options.headers);
+        });
+    }
+    fetchRequest(url, method, body, headers) {
+        var _a, _b;
+        return __awaiter(this, void 0, void 0, function* () {
+            // For methods which expect payloads, we should always pass a body value
+            // even when it is empty. Without this, some JS runtimes (eg. Deno) will
+            // inject a second Content-Length header.
+            const methodHasPayload = method === 'POST' || method === 'PUT' || method === 'PATCH';
+            const requestBody = body || (methodHasPayload ? '' : undefined);
+            const { 'User-Agent': userAgent } = (_a = this.options) === null || _a === void 0 ? void 0 : _a.headers;
+            const res = yield this._fetchFn(url, {
+                method,
+                headers: Object.assign(Object.assign(Object.assign({ Accept: 'application/json, text/plain, */*', 'Content-Type': 'application/json' }, (_b = this.options) === null || _b === void 0 ? void 0 : _b.headers), headers), { 'User-Agent': this.addClientToUserAgent(userAgent.toString()) }),
+                body: requestBody,
+            });
+            if (!res.ok) {
+                throw new http_client_1.HttpClientError({
+                    message: res.statusText,
+                    response: {
+                        status: res.status,
+                        headers: res.headers,
+                        data: yield res.json(),
+                    },
+                });
+            }
+            return new FetchHttpClientResponse(res);
+        });
+    }
+}
+exports.FetchHttpClient = FetchHttpClient;
+// tslint:disable-next-line
+class FetchHttpClientResponse extends http_client_1.HttpClientResponse {
+    constructor(res) {
+        super(res.status, FetchHttpClientResponse._transformHeadersToObject(res.headers));
+        this._res = res;
+    }
+    getRawResponse() {
+        return this._res;
+    }
+    toJSON() {
+        const contentType = this._res.headers.get('content-type');
+        const isJsonResponse = contentType === null || contentType === void 0 ? void 0 : contentType.includes('application/json');
+        return isJsonResponse ? this._res.json() : null;
+    }
+    static _transformHeadersToObject(headers) {
+        // Fetch uses a Headers instance so this must be converted to a barebones
+        // JS object to meet the HttpClient interface.
+        const headersObj = {};
+        for (const entry of Object.entries(headers)) {
+            if (!Array.isArray(entry) || entry.length !== 2) {
+                throw new Error('Response objects produced by the fetch function given to FetchHttpClient do not have an iterable headers map. Response#headers should be an iterable object.');
+            }
+            headersObj[entry[0]] = entry[1];
+        }
+        return headersObj;
+    }
+}
+exports.FetchHttpClientResponse = FetchHttpClientResponse;

package/lib/common/net/http-client.d.ts

@@ -0,0 +1,39 @@
+import { HttpClientInterface, HttpClientResponseInterface, RequestHeaders, RequestOptions, ResponseHeaders } from '../interfaces/http-client.interface';
+export declare abstract class HttpClient implements HttpClientInterface {
+    readonly baseURL: string;
+    readonly options?: RequestInit | undefined;
+    constructor(baseURL: string, options?: RequestInit | undefined);
+    /** The HTTP client name used for diagnotics */
+    getClientName(): string;
+    abstract get(path: string, options: RequestOptions): Promise<HttpClientResponseInterface>;
+    abstract post<Entity = any>(path: string, entity: Entity, options: RequestOptions): Promise<HttpClientResponseInterface>;
+    abstract put<Entity = any>(path: string, entity: Entity, options: RequestOptions): Promise<HttpClientResponseInterface>;
+    abstract delete(path: string, options: RequestOptions): Promise<HttpClientResponseInterface>;
+    addClientToUserAgent(userAgent: string): string;
+    static getResourceURL(baseURL: string, path: string, params?: Record<string, any>): string;
+    static getQueryString(queryObj?: Record<string, any>): string | undefined;
+    static getContentTypeHeader(entity: any): RequestHeaders | undefined;
+    static getBody(entity: any): BodyInit | null | undefined;
+}
+export declare abstract class HttpClientResponse implements HttpClientResponseInterface {
+    _statusCode: number;
+    _headers: ResponseHeaders;
+    constructor(statusCode: number, headers: ResponseHeaders);
+    getStatusCode(): number;
+    getHeaders(): ResponseHeaders;
+    abstract getRawResponse(): unknown;
+    abstract toJSON(): any | null;
+}
+export declare class HttpClientError<T> extends Error {
+    readonly name: string;
+    readonly message: string;
+    readonly response: {
+        status: number;
+        headers: any;
+        data: T;
+    };
+    constructor({ message, response, }: {
+        message: string;
+        readonly response: HttpClientError<T>['response'];
+    });
+}

package/lib/common/net/http-client.js

@@ -0,0 +1,76 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HttpClientError = exports.HttpClientResponse = exports.HttpClient = void 0;
+class HttpClient {
+    constructor(baseURL, options) {
+        this.baseURL = baseURL;
+        this.options = options;
+    }
+    /** The HTTP client name used for diagnotics */
+    getClientName() {
+        throw new Error('getClientName not implemented');
+    }
+    addClientToUserAgent(userAgent) {
+        if (userAgent.indexOf(' ') > -1) {
+            return userAgent.replace(/\b\s/, `/${this.getClientName()} `);
+        }
+        else {
+            return (userAgent += `/${this.getClientName()}`);
+        }
+    }
+    static getResourceURL(baseURL, path, params) {
+        const queryString = HttpClient.getQueryString(params);
+        const url = new URL([path, queryString].filter(Boolean).join('?'), baseURL);
+        return url.toString();
+    }
+    static getQueryString(queryObj) {
+        if (!queryObj)
+            return undefined;
+        const sanitizedQueryObj = {};
+        Object.entries(queryObj).forEach(([param, value]) => {
+            if (value !== '' && value !== undefined)
+                sanitizedQueryObj[param] = value;
+        });
+        return new URLSearchParams(sanitizedQueryObj).toString();
+    }
+    static getContentTypeHeader(entity) {
+        if (entity instanceof URLSearchParams) {
+            return {
+                'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8',
+            };
+        }
+        return undefined;
+    }
+    static getBody(entity) {
+        if (entity === null || entity instanceof URLSearchParams) {
+            return entity;
+        }
+        return JSON.stringify(entity);
+    }
+}
+exports.HttpClient = HttpClient;
+// tslint:disable-next-line
+class HttpClientResponse {
+    constructor(statusCode, headers) {
+        this._statusCode = statusCode;
+        this._headers = headers;
+    }
+    getStatusCode() {
+        return this._statusCode;
+    }
+    getHeaders() {
+        return this._headers;
+    }
+}
+exports.HttpClientResponse = HttpClientResponse;
+// tslint:disable-next-line
+class HttpClientError extends Error {
+    constructor({ message, response, }) {
+        super(message);
+        this.name = 'HttpClientError';
+        this.message = 'The request could not be completed.';
+        this.message = message;
+        this.response = response;
+    }
+}
+exports.HttpClientError = HttpClientError;

package/lib/common/net/index.d.ts

@@ -0,0 +1,5 @@
+import { HttpClient } from './http-client';
+export declare function createHttpClient(baseURL: string, options: RequestInit, fetchFn?: typeof fetch): HttpClient;
+export * from './fetch-client';
+export * from './node-client';
+export * from './http-client';

package/lib/common/net/index.js

@@ -0,0 +1,31 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createHttpClient = void 0;
+const fetch_client_1 = require("./fetch-client");
+const node_client_1 = require("./node-client");
+function createHttpClient(baseURL, options, fetchFn) {
+    if (typeof fetch !== 'undefined' || typeof fetchFn !== 'undefined') {
+        return new fetch_client_1.FetchHttpClient(baseURL, options, fetchFn);
+    }
+    else {
+        return new node_client_1.NodeHttpClient(baseURL, options);
+    }
+}
+exports.createHttpClient = createHttpClient;
+__exportStar(require("./fetch-client"), exports);
+__exportStar(require("./node-client"), exports);
+__exportStar(require("./http-client"), exports);

package/lib/common/net/node-client.d.ts

@@ -0,0 +1,23 @@
+/// <reference types="node" />
+import { HttpClient, HttpClientResponse } from './http-client';
+import { HttpClientInterface, HttpClientResponseInterface, RequestOptions } from '../interfaces/http-client.interface';
+import * as http_ from 'http';
+export declare class NodeHttpClient extends HttpClient implements HttpClientInterface {
+    readonly baseURL: string;
+    readonly options?: RequestInit | undefined;
+    private httpAgent;
+    private httpsAgent;
+    constructor(baseURL: string, options?: RequestInit | undefined);
+    getClientName(): string;
+    get(path: string, options: RequestOptions): Promise<HttpClientResponseInterface>;
+    post<Entity = any>(path: string, entity: Entity, options: RequestOptions): Promise<HttpClientResponseInterface>;
+    put<Entity = any>(path: string, entity: Entity, options: RequestOptions): Promise<HttpClientResponseInterface>;
+    delete(path: string, options: RequestOptions): Promise<HttpClientResponseInterface>;
+    private nodeRequest;
+}
+export declare class NodeHttpClientResponse extends HttpClientResponse implements HttpClientResponseInterface {
+    _res: http_.IncomingMessage;
+    constructor(res: http_.IncomingMessage);
+    getRawResponse(): http_.IncomingMessage;
+    toJSON(): Promise<any> | any;
+}

package/lib/common/net/node-client.js

@@ -0,0 +1,155 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NodeHttpClientResponse = exports.NodeHttpClient = void 0;
+const http_client_1 = require("./http-client");
+const http_ = __importStar(require("http"));
+const https_ = __importStar(require("https"));
+// `import * as http_ from 'http'` creates a "Module Namespace Exotic Object"
+// which is immune to monkey-patching, whereas http_.default (in an ES Module context)
+// will resolve to the same thing as require('http'), which is
+// monkey-patchable. We care about this because users in their test
+// suites might be using a library like "nock" which relies on the ability
+// to monkey-patch and intercept calls to http.request.
+const http = http_.default || http_;
+const https = https_.default || https_;
+class NodeHttpClient extends http_client_1.HttpClient {
+    constructor(baseURL, options) {
+        super(baseURL, options);
+        this.baseURL = baseURL;
+        this.options = options;
+        this.httpAgent = new http.Agent({ keepAlive: true });
+        this.httpsAgent = new https.Agent({ keepAlive: true });
+    }
+    getClientName() {
+        return 'node';
+    }
+    get(path, options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const resourceURL = http_client_1.HttpClient.getResourceURL(this.baseURL, path, options.params);
+            return yield this.nodeRequest(resourceURL, 'GET', null, options.headers);
+        });
+    }
+    post(path, entity, options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const resourceURL = http_client_1.HttpClient.getResourceURL(this.baseURL, path, options.params);
+            return yield this.nodeRequest(resourceURL, 'POST', http_client_1.HttpClient.getBody(entity), Object.assign(Object.assign({}, http_client_1.HttpClient.getContentTypeHeader(entity)), options.headers));
+        });
+    }
+    put(path, entity, options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const resourceURL = http_client_1.HttpClient.getResourceURL(this.baseURL, path, options.params);
+            return yield this.nodeRequest(resourceURL, 'PUT', http_client_1.HttpClient.getBody(entity), Object.assign(Object.assign({}, http_client_1.HttpClient.getContentTypeHeader(entity)), options.headers));
+        });
+    }
+    delete(path, options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const resourceURL = http_client_1.HttpClient.getResourceURL(this.baseURL, path, options.params);
+            return yield this.nodeRequest(resourceURL, 'DELETE', null, options.headers);
+        });
+    }
+    nodeRequest(url, method, body, headers) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return new Promise((resolve, reject) => {
+                var _a, _b;
+                const isSecureConnection = url.startsWith('https');
+                const agent = isSecureConnection ? this.httpsAgent : this.httpAgent;
+                const lib = isSecureConnection ? https : http;
+                const { 'User-Agent': userAgent } = (_a = this.options) === null || _a === void 0 ? void 0 : _a.headers;
+                const options = {
+                    method,
+                    headers: Object.assign(Object.assign(Object.assign({ Accept: 'application/json, text/plain, */*', 'Content-Type': 'application/json' }, (_b = this.options) === null || _b === void 0 ? void 0 : _b.headers), headers), { 'User-Agent': this.addClientToUserAgent(userAgent.toString()) }),
+                    agent,
+                };
+                const req = lib.request(url, options, (res) => __awaiter(this, void 0, void 0, function* () {
+                    const clientResponse = new NodeHttpClientResponse(res);
+                    if (res.statusCode && (res.statusCode < 200 || res.statusCode > 299)) {
+                        reject(new http_client_1.HttpClientError({
+                            message: res.statusMessage,
+                            response: {
+                                status: res.statusCode,
+                                headers: res.headers,
+                                data: yield clientResponse.toJSON(),
+                            },
+                        }));
+                    }
+                    resolve(clientResponse);
+                }));
+                req.on('error', (err) => {
+                    reject(new Error(err.message));
+                });
+                if (body) {
+                    req.setHeader('Content-Length', Buffer.byteLength(body));
+                    req.write(body);
+                }
+                req.end();
+            });
+        });
+    }
+}
+exports.NodeHttpClient = NodeHttpClient;
+// tslint:disable-next-line
+class NodeHttpClientResponse extends http_client_1.HttpClientResponse {
+    constructor(res) {
+        // @ts-ignore
+        super(res.statusCode, res.headers || {});
+        this._res = res;
+    }
+    getRawResponse() {
+        return this._res;
+    }
+    toJSON() {
+        return new Promise((resolve, reject) => {
+            const contentType = this._res.headers['content-type'];
+            const isJsonResponse = contentType === null || contentType === void 0 ? void 0 : contentType.includes('application/json');
+            if (!isJsonResponse) {
+                resolve(null);
+            }
+            let response = '';
+            this._res.setEncoding('utf8');
+            this._res.on('data', (chunk) => {
+                response += chunk;
+            });
+            this._res.once('end', () => {
+                try {
+                    resolve(JSON.parse(response));
+                }
+                catch (e) {
+                    reject(e);
+                }
+            });
+        });
+    }
+}
+exports.NodeHttpClientResponse = NodeHttpClientResponse;

package/lib/webhooks/webhooks.d.ts

@@ -1,6 +1,7 @@
 import { Event } from '../common/interfaces';
 export declare class Webhooks {
-    private encoder;
+    private cryptoProvider;
+    constructor(subtleCrypto?: typeof crypto.subtle);
     constructEvent({ payload, sigHeader, secret, tolerance, }: {
         payload: unknown;
         sigHeader: string;
@@ -15,5 +16,4 @@ export declare class Webhooks {
     }): Promise<boolean>;
     getTimestampAndSignatureHash(sigHeader: string): [string, string];
     computeSignature(timestamp: any, payload: any, secret: string): Promise<string>;
-    secureCompare(stringA: string, stringB: string): Promise<boolean>;
 }

package/lib/webhooks/webhooks.js

@@ -12,9 +12,15 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.Webhooks = void 0;
 const exceptions_1 = require("../common/exceptions");
 const serializers_1 = require("../common/serializers");
+const crypto_1 = require("../common/crypto");
 class Webhooks {
-    constructor() {
-        this.encoder = new TextEncoder();
+    constructor(subtleCrypto) {
+        if (typeof crypto !== 'undefined' && typeof crypto.subtle !== 'undefined') {
+            this.cryptoProvider = new crypto_1.SubtleCryptoProvider(subtleCrypto);
+        }
+        else {
+            this.cryptoProvider = new crypto_1.NodeCryptoProvider();
+        }
     }
     constructEvent({ payload, sigHeader, secret, tolerance = 180000, }) {
         return __awaiter(this, void 0, void 0, function* () {
@@ -34,7 +40,8 @@ class Webhooks {
                 throw new exceptions_1.SignatureVerificationException('Timestamp outside the tolerance zone');
             }
             const expectedSig = yield this.computeSignature(timestamp, payload, secret);
-            if ((yield this.secureCompare(expectedSig, signatureHash)) === false) {
+            if ((yield this.cryptoProvider.secureCompare(expectedSig, signatureHash)) ===
+                false) {
                 throw new exceptions_1.SignatureVerificationException('Signature hash does not match the expected signature hash for payload');
             }
             return true;
@@ -54,41 +61,8 @@ class Webhooks {
         return __awaiter(this, void 0, void 0, function* () {
             payload = JSON.stringify(payload);
             const signedPayload = `${timestamp}.${payload}`;
-            const key = yield crypto.subtle.importKey('raw', this.encoder.encode(secret), { name: 'HMAC', hash: 'SHA-256' }, false, ['sign']);
-            const signatureBuffer = yield crypto.subtle.sign('HMAC', key, this.encoder.encode(signedPayload));
-            // crypto.subtle returns the signature in base64 format. This must be
-            // encoded in hex to match the CryptoProvider contract. We map each byte in
-            // the buffer to its corresponding hex octet and then combine into a string.
-            const signatureBytes = new Uint8Array(signatureBuffer);
-            const signatureHexCodes = new Array(signatureBytes.length);
-            for (let i = 0; i < signatureBytes.length; i++) {
-                signatureHexCodes[i] = byteHexMapping[signatureBytes[i]];
-            }
-            return signatureHexCodes.join('');
-        });
-    }
-    secureCompare(stringA, stringB) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const bufferA = this.encoder.encode(stringA);
-            const bufferB = this.encoder.encode(stringB);
-            if (bufferA.length !== bufferB.length) {
-                return false;
-            }
-            const algorithm = { name: 'HMAC', hash: 'SHA-256' };
-            const key = (yield crypto.subtle.generateKey(algorithm, false, [
-                'sign',
-                'verify',
-            ]));
-            const hmac = yield crypto.subtle.sign(algorithm, key, bufferA);
-            const equal = yield crypto.subtle.verify(algorithm, key, hmac, bufferB);
-            return equal;
+            return yield this.cryptoProvider.computeHMACSignatureAsync(signedPayload, secret);
         });
     }
 }
 exports.Webhooks = Webhooks;
-// Cached mapping of byte to hex representation. We do this once to avoid re-
-// computing every time we need to convert the result of a signature to hex.
-const byteHexMapping = new Array(256);
-for (let i = 0; i < byteHexMapping.length; i++) {
-    byteHexMapping[i] = i.toString(16).padStart(2, '0');
-}

package/lib/webhooks/webhooks.spec.js

@@ -17,6 +17,7 @@ const workos_1 = require("../workos");
 const webhook_json_1 = __importDefault(require("./fixtures/webhook.json"));
 const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
 const exceptions_1 = require("../common/exceptions");
+const crypto_2 = require("../common/crypto");
 describe('Webhooks', () => {
     let payload;
     let secret;
@@ -187,4 +188,32 @@ describe('Webhooks', () => {
             expect(signature).toEqual(signatureHash);
         }));
     });
+    describe('when in an environment that supports SubtleCrypto', () => {
+        it('automatically uses the subtle crypto library', () => {
+            // tslint:disable-next-line
+            expect(workos.webhooks['cryptoProvider']).toBeInstanceOf(crypto_2.SubtleCryptoProvider);
+        });
+    });
+    describe('CryptoProvider', () => {
+        describe('when computing HMAC signature', () => {
+            it('returns the same for the Node crypto and Web Crypto versions', () => __awaiter(void 0, void 0, void 0, function* () {
+                const nodeCryptoProvider = new crypto_2.NodeCryptoProvider();
+                const subtleCryptoProvider = new crypto_2.SubtleCryptoProvider();
+                const stringifiedPayload = JSON.stringify(payload);
+                const payloadHMAC = `${timestamp}.${stringifiedPayload}`;
+                const nodeCompare = yield nodeCryptoProvider.computeHMACSignatureAsync(payloadHMAC, secret);
+                const subtleCompare = yield subtleCryptoProvider.computeHMACSignatureAsync(payloadHMAC, secret);
+                expect(nodeCompare).toEqual(subtleCompare);
+            }));
+        });
+        describe('when securely comparing', () => {
+            it('returns the same for the Node crypto and Web Crypto versions', () => __awaiter(void 0, void 0, void 0, function* () {
+                const nodeCryptoProvider = new crypto_2.NodeCryptoProvider();
+                const subtleCryptoProvider = new crypto_2.SubtleCryptoProvider();
+                const signature = yield workos.webhooks.computeSignature(timestamp, payload, secret);
+                expect(nodeCryptoProvider.secureCompare(signature, signatureHash)).toEqual(subtleCryptoProvider.secureCompare(signature, signatureHash));
+                expect(nodeCryptoProvider.secureCompare(signature, 'foo')).toEqual(subtleCryptoProvider.secureCompare(signature, 'foo'));
+            }));
+        });
+    });
 });

package/lib/workos.d.ts

@@ -39,5 +39,5 @@ export declare class WorkOS {
     }>;
     delete(path: string, query?: any): Promise<void>;
     emitWarning(warning: string): void;
-    private handleFetchError;
+    private handleHttpError;
 }

package/lib/workos.js

@@ -23,8 +23,8 @@ const mfa_1 = require("./mfa/mfa");
 const audit_logs_1 = require("./audit-logs/audit-logs");
 const user_management_1 = require("./user-management/user-management");
 const bad_request_exception_1 = require("./common/exceptions/bad-request.exception");
-const fetch_client_1 = require("./common/utils/fetch-client");
-const VERSION = '7.9.0';
+const net_1 = require("./common/net");
+const VERSION = '7.10.0';
 const DEFAULT_HOSTNAME = 'api.workos.com';
 class WorkOS {
     constructor(key, options = {}) {
@@ -64,7 +64,7 @@ class WorkOS {
             const { name, version } = options.appInfo;
             userAgent += ` ${name}: ${version}`;
         }
-        this.client = new fetch_client_1.FetchClient(this.baseURL, Object.assign(Object.assign({}, options.config), { headers: Object.assign(Object.assign({}, (_a = options.config) === null || _a === void 0 ? void 0 : _a.headers), { Authorization: `Bearer ${this.key}`, 'User-Agent': userAgent }) }));
+        this.client = (0, net_1.createHttpClient)(this.baseURL, Object.assign(Object.assign({}, options.config), { headers: Object.assign(Object.assign({}, (_a = options.config) === null || _a === void 0 ? void 0 : _a.headers), { Authorization: `Bearer ${this.key}`, 'User-Agent': userAgent }) }), options.fetchFn);
     }
     get version() {
         return VERSION;
@@ -76,13 +76,14 @@ class WorkOS {
                 requestHeaders['Idempotency-Key'] = options.idempotencyKey;
             }
             try {
-                return yield this.client.post(path, entity, {
+                const res = yield this.client.post(path, entity, {
                     params: options.query,
                     headers: requestHeaders,
                 });
+                return { data: yield res.toJSON() };
             }
             catch (error) {
-                this.handleFetchError({ path, error });
+                this.handleHttpError({ path, error });
                 throw error;
             }
         });
@@ -91,15 +92,16 @@ class WorkOS {
         return __awaiter(this, void 0, void 0, function* () {
             try {
                 const { accessToken } = options;
-                return yield this.client.get(path, {
+                const res = yield this.client.get(path, {
                     params: options.query,
                     headers: accessToken
                         ? { Authorization: `Bearer ${accessToken}` }
                         : undefined,
                 });
+                return { data: yield res.toJSON() };
             }
             catch (error) {
-                this.handleFetchError({ path, error });
+                this.handleHttpError({ path, error });
                 throw error;
             }
         });
@@ -111,13 +113,14 @@ class WorkOS {
                 requestHeaders['Idempotency-Key'] = options.idempotencyKey;
             }
             try {
-                return yield this.client.put(path, entity, {
+                const res = yield this.client.put(path, entity, {
                     params: options.query,
                     headers: requestHeaders,
                 });
+                return { data: yield res.toJSON() };
             }
             catch (error) {
-                this.handleFetchError({ path, error });
+                this.handleHttpError({ path, error });
                 throw error;
             }
         });
@@ -130,7 +133,7 @@ class WorkOS {
                 });
             }
             catch (error) {
-                this.handleFetchError({ path, error });
+                this.handleHttpError({ path, error });
                 throw error;
             }
         });
@@ -143,12 +146,15 @@ class WorkOS {
         }
         return process.emitWarning(warning, 'WorkOS');
     }
-    handleFetchError({ path, error }) {
+    handleHttpError({ path, error }) {
         var _a;
+        if (!(error instanceof net_1.HttpClientError)) {
+            throw new Error(`Unexpected error: ${error}`);
+        }
         const { response } = error;
         if (response) {
             const { status, data, headers } = response;
-            const requestID = (_a = headers.get('X-Request-ID')) !== null && _a !== void 0 ? _a : '';
+            const requestID = (_a = headers['X-Request-ID']) !== null && _a !== void 0 ? _a : '';
             const { code, error_description: errorDescription, error, errors, message, } = data;
             switch (status) {
                 case 401: {

package/lib/workos.spec.js

@@ -18,6 +18,7 @@ const promises_1 = __importDefault(require("fs/promises"));
 const exceptions_1 = require("./common/exceptions");
 const workos_1 = require("./workos");
 const rate_limit_exceeded_exception_1 = require("./common/exceptions/rate-limit-exceeded.exception");
+const net_1 = require("./common/net");
 describe('WorkOS', () => {
     beforeEach(() => jest_fetch_mock_1.default.resetMocks());
     describe('constructor', () => {
@@ -95,10 +96,40 @@ describe('WorkOS', () => {
                 });
                 yield workos.post('/somewhere', {});
                 expect((0, test_utils_1.fetchHeaders)()).toMatchObject({
-                    'User-Agent': `workos-node/${packageJson.version} fooApp: 1.0.0`,
+                    'User-Agent': `workos-node/${packageJson.version}/fetch fooApp: 1.0.0`,
                 });
             }));
         });
+        describe('when no `appInfo` option is provided', () => {
+            it('adds the HTTP client name to the user-agent', () => __awaiter(void 0, void 0, void 0, function* () {
+                (0, test_utils_1.fetchOnce)('{}');
+                const packageJson = JSON.parse(yield promises_1.default.readFile('package.json', 'utf8'));
+                const workos = new workos_1.WorkOS('sk_test');
+                yield workos.post('/somewhere', {});
+                expect((0, test_utils_1.fetchHeaders)()).toMatchObject({
+                    'User-Agent': `workos-node/${packageJson.version}/fetch`,
+                });
+            }));
+        });
+        describe('when no `appInfo` option is provided', () => {
+            it('adds the HTTP client name to the user-agent', () => __awaiter(void 0, void 0, void 0, function* () {
+                (0, test_utils_1.fetchOnce)('{}');
+                const packageJson = JSON.parse(yield promises_1.default.readFile('package.json', 'utf8'));
+                const workos = new workos_1.WorkOS('sk_test');
+                yield workos.post('/somewhere', {});
+                expect((0, test_utils_1.fetchHeaders)()).toMatchObject({
+                    'User-Agent': `workos-node/${packageJson.version}/fetch`,
+                });
+            }));
+        });
+        describe('when using an environment that supports fetch', () => {
+            it('automatically uses the fetch HTTP client', () => {
+                const workos = new workos_1.WorkOS('sk_test');
+                // Bracket notation gets past private visibility
+                // tslint:disable-next-line
+                expect(workos['client']).toBeInstanceOf(net_1.FetchHttpClient);
+            });
+        });
     });
     describe('version', () => {
         it('matches the version in `package.json`', () => __awaiter(void 0, void 0, void 0, function* () {
@@ -177,12 +208,34 @@ describe('WorkOS', () => {
             }));
         });
         describe('when the entity is null', () => {
-            it('sends a null body', () => __awaiter(void 0, void 0, void 0, function* () {
+            it('sends an empty string body', () => __awaiter(void 0, void 0, void 0, function* () {
                 (0, test_utils_1.fetchOnce)();
                 const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
                 yield workos.post('/somewhere', null);
-                expect((0, test_utils_1.fetchBody)({ raw: true })).toBeNull();
+                expect((0, test_utils_1.fetchBody)({ raw: true })).toBe('');
             }));
         });
     });
+    describe('when in an environment that does not support fetch', () => {
+        const fetchFn = globalThis.fetch;
+        beforeEach(() => {
+            // @ts-ignore
+            delete globalThis.fetch;
+        });
+        afterEach(() => {
+            globalThis.fetch = fetchFn;
+        });
+        it('automatically uses the node HTTP client', () => {
+            const workos = new workos_1.WorkOS('sk_test_key');
+            // tslint:disable-next-line
+            expect(workos['client']).toBeInstanceOf(net_1.NodeHttpClient);
+        });
+        it('uses a fetch function if provided', () => {
+            const workos = new workos_1.WorkOS('sk_test_key', {
+                fetchFn,
+            });
+            // tslint:disable-next-line
+            expect(workos['client']).toBeInstanceOf(net_1.FetchHttpClient);
+        });
+    });
 });

package/package.json

@@ -1,5 +1,5 @@
 {
-  "version": "7.9.0",
+  "version": "7.10.0",
   "name": "@workos-inc/node",
   "author": "WorkOS",
   "description": "A Node wrapper for the WorkOS API",
@@ -13,9 +13,8 @@
     "yarn": "1.22.19"
   },
   "engines": {
-    "node": ">=19"
+    "node": ">=16"
   },
-  "engineStrict": true,
   "main": "lib/index.js",
   "typings": "lib/index.d.ts",
   "files": [

package/lib/common/utils/fetch-client.d.ts

@@ -1,31 +0,0 @@
-export declare class FetchClient {
-    readonly baseURL: string;
-    readonly options?: RequestInit | undefined;
-    constructor(baseURL: string, options?: RequestInit | undefined);
-    get(path: string, options: {
-        params?: Record<string, any>;
-        headers?: HeadersInit;
-    }): Promise<{
-        data: any;
-    }>;
-    post<Entity = any>(path: string, entity: Entity, options: {
-        params?: Record<string, any>;
-        headers?: HeadersInit;
-    }): Promise<{
-        data: any;
-    }>;
-    put<Entity = any>(path: string, entity: Entity, options: {
-        params?: Record<string, any>;
-        headers?: HeadersInit;
-    }): Promise<{
-        data: any;
-    }>;
-    delete(path: string, options: {
-        params?: Record<string, any>;
-        headers?: HeadersInit;
-    }): Promise<{
-        data: any;
-    }>;
-    private getResourceURL;
-    private fetch;
-}

package/lib/common/utils/fetch-client.js

@@ -1,108 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.FetchClient = void 0;
-const fetch_error_1 = require("./fetch-error");
-class FetchClient {
-    constructor(baseURL, options) {
-        this.baseURL = baseURL;
-        this.options = options;
-    }
-    get(path, options) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const resourceURL = this.getResourceURL(path, options.params);
-            return yield this.fetch(resourceURL, {
-                headers: options.headers,
-            });
-        });
-    }
-    post(path, entity, options) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const resourceURL = this.getResourceURL(path, options.params);
-            return yield this.fetch(resourceURL, {
-                method: 'POST',
-                headers: Object.assign(Object.assign({}, getContentTypeHeader(entity)), options.headers),
-                body: getBody(entity),
-            });
-        });
-    }
-    put(path, entity, options) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const resourceURL = this.getResourceURL(path, options.params);
-            return yield this.fetch(resourceURL, {
-                method: 'PUT',
-                headers: Object.assign(Object.assign({}, getContentTypeHeader(entity)), options.headers),
-                body: getBody(entity),
-            });
-        });
-    }
-    delete(path, options) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const resourceURL = this.getResourceURL(path, options.params);
-            return yield this.fetch(resourceURL, {
-                method: 'DELETE',
-                headers: options.headers,
-            });
-        });
-    }
-    getResourceURL(path, params) {
-        const queryString = getQueryString(params);
-        const url = new URL([path, queryString].filter(Boolean).join('?'), this.baseURL);
-        return url.toString();
-    }
-    fetch(url, options) {
-        var _a;
-        return __awaiter(this, void 0, void 0, function* () {
-            const response = yield fetch(url, Object.assign(Object.assign(Object.assign({}, this.options), options), { headers: Object.assign(Object.assign({ Accept: 'application/json, text/plain, */*', 'Content-Type': 'application/json' }, (_a = this.options) === null || _a === void 0 ? void 0 : _a.headers), options === null || options === void 0 ? void 0 : options.headers) }));
-            if (!response.ok) {
-                throw new fetch_error_1.FetchError({
-                    message: response.statusText,
-                    response: {
-                        status: response.status,
-                        headers: response.headers,
-                        data: yield response.json(),
-                    },
-                });
-            }
-            const contentType = response.headers.get('content-type');
-            const isJsonResponse = contentType === null || contentType === void 0 ? void 0 : contentType.includes('application/json');
-            if (isJsonResponse) {
-                return { data: yield response.json() };
-            }
-            return { data: null };
-        });
-    }
-}
-exports.FetchClient = FetchClient;
-function getQueryString(queryObj) {
-    if (!queryObj)
-        return undefined;
-    const sanitizedQueryObj = {};
-    Object.entries(queryObj).forEach(([param, value]) => {
-        if (value !== '' && value !== undefined)
-            sanitizedQueryObj[param] = value;
-    });
-    return new URLSearchParams(sanitizedQueryObj).toString();
-}
-function getContentTypeHeader(entity) {
-    if (entity instanceof URLSearchParams) {
-        return {
-            'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8',
-        };
-    }
-    return undefined;
-}
-function getBody(entity) {
-    if (entity === null || entity instanceof URLSearchParams) {
-        return entity;
-    }
-    return JSON.stringify(entity);
-}