@workos-inc/node 8.0.0-beta.3 → 8.0.0-beta.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (246) hide show
  1. package/lib/cjs/audit-logs/audit-logs.d.cts +3 -2
  2. package/lib/cjs/client/index.cjs +42 -0
  3. package/lib/cjs/client/index.cjs.map +1 -0
  4. package/lib/cjs/client/index.d.cts +3 -0
  5. package/lib/cjs/client/sso.cjs +65 -0
  6. package/lib/cjs/client/sso.cjs.map +1 -0
  7. package/lib/cjs/client/sso.d.cts +2 -0
  8. package/lib/cjs/client/user-management.cjs +110 -0
  9. package/lib/cjs/client/user-management.cjs.map +1 -0
  10. package/lib/cjs/client/user-management.d.cts +1 -0
  11. package/lib/cjs/client/utils.cjs +49 -0
  12. package/lib/cjs/client/utils.cjs.map +1 -0
  13. package/lib/cjs/client/utils.d.cts +7 -0
  14. package/lib/cjs/common/decorators/public-method.cjs +48 -0
  15. package/lib/cjs/common/decorators/public-method.cjs.map +1 -0
  16. package/lib/cjs/common/decorators/public-method.d.cts +12 -0
  17. package/lib/cjs/common/interfaces/event.interface.cjs.map +1 -1
  18. package/lib/cjs/common/interfaces/event.interface.d.cts +19 -3
  19. package/lib/cjs/common/interfaces/index.d.cts +1 -1
  20. package/lib/cjs/common/interfaces/workos-options.interface.cjs.map +1 -1
  21. package/lib/cjs/common/interfaces/workos-options.interface.d.cts +1 -0
  22. package/lib/cjs/common/net/fetch-client.cjs +67 -36
  23. package/lib/cjs/common/net/fetch-client.cjs.map +1 -1
  24. package/lib/cjs/common/net/fetch-client.d.cts +5 -2
  25. package/lib/cjs/common/serializers/event.serializer.cjs +2 -0
  26. package/lib/cjs/common/serializers/event.serializer.cjs.map +1 -1
  27. package/lib/cjs/common/utils/fetch-and-deserialize.d.cts +3 -2
  28. package/lib/cjs/common/utils/pagination.cjs +2 -4
  29. package/lib/cjs/common/utils/pagination.cjs.map +1 -1
  30. package/lib/cjs/common/utils/runtime-info.cjs +73 -0
  31. package/lib/cjs/common/utils/runtime-info.cjs.map +1 -0
  32. package/lib/cjs/common/utils/runtime-info.d.cts +22 -0
  33. package/lib/cjs/directory-sync/directory-sync.d.cts +4 -3
  34. package/lib/cjs/events/events.d.cts +3 -2
  35. package/lib/cjs/fga/fga.d.cts +4 -3
  36. package/lib/cjs/fga/utils/fetch-and-deserialize-list.d.cts +3 -2
  37. package/lib/cjs/index.cjs +2 -0
  38. package/lib/cjs/index.cjs.map +1 -1
  39. package/lib/cjs/index.client.cjs +42 -0
  40. package/lib/cjs/index.client.cjs.map +1 -0
  41. package/lib/cjs/index.client.d.cts +3 -0
  42. package/lib/cjs/index.d.cts +3 -2
  43. package/lib/cjs/index.public.cjs +52 -0
  44. package/lib/cjs/index.public.cjs.map +1 -0
  45. package/lib/cjs/index.public.d.cts +36 -0
  46. package/lib/cjs/index.worker.d.cts +3 -2
  47. package/lib/cjs/mfa/mfa.d.cts +3 -2
  48. package/lib/cjs/organization-domains/organization-domains.d.cts +3 -2
  49. package/lib/cjs/organizations/interfaces/list-organization-feature-flags-options.interface.cjs.map +1 -1
  50. package/lib/cjs/organizations/interfaces/list-organization-feature-flags-options.interface.d.cts +3 -1
  51. package/lib/cjs/organizations/organizations.cjs +15 -5
  52. package/lib/cjs/organizations/organizations.cjs.map +1 -1
  53. package/lib/cjs/organizations/organizations.d.cts +4 -3
  54. package/lib/cjs/passwordless/passwordless.d.cts +3 -2
  55. package/lib/cjs/portal/portal.d.cts +3 -2
  56. package/lib/cjs/public/index.cjs +42 -0
  57. package/lib/cjs/public/index.cjs.map +1 -0
  58. package/lib/cjs/public/index.d.cts +2 -0
  59. package/lib/cjs/public/sso.cjs +65 -0
  60. package/lib/cjs/public/sso.cjs.map +1 -0
  61. package/lib/cjs/public/sso.d.cts +1 -0
  62. package/lib/cjs/public/user-management.cjs +110 -0
  63. package/lib/cjs/public/user-management.cjs.map +1 -0
  64. package/lib/cjs/public/user-management.d.cts +1 -0
  65. package/lib/cjs/public/utils.cjs +49 -0
  66. package/lib/cjs/public/utils.cjs.map +1 -0
  67. package/lib/cjs/public/utils.d.cts +7 -0
  68. package/lib/cjs/sso/interfaces/authorization-url-options.interface.cjs.map +1 -1
  69. package/lib/cjs/sso/interfaces/authorization-url-options.interface.d.cts +19 -4
  70. package/lib/cjs/sso/interfaces/connection-type.enum.cjs +1 -0
  71. package/lib/cjs/sso/interfaces/connection-type.enum.cjs.map +1 -1
  72. package/lib/cjs/sso/interfaces/connection-type.enum.d.cts +1 -0
  73. package/lib/cjs/sso/interfaces/index.d.cts +1 -0
  74. package/lib/cjs/sso/interfaces/profile-and-token.interface.cjs.map +1 -1
  75. package/lib/cjs/sso/interfaces/profile-and-token.interface.d.cts +3 -0
  76. package/lib/cjs/sso/serializers/index.d.cts +1 -0
  77. package/lib/cjs/sso/serializers/profile-and-token.serializer.cjs +3 -1
  78. package/lib/cjs/sso/serializers/profile-and-token.serializer.cjs.map +1 -1
  79. package/lib/cjs/sso/serializers/profile-and-token.serializer.d.cts +1 -0
  80. package/lib/cjs/sso/sso.cjs +15 -37
  81. package/lib/cjs/sso/sso.cjs.map +1 -1
  82. package/lib/cjs/sso/sso.d.cts +2 -1
  83. package/lib/cjs/sso-BkBnkcTC.d.cts +22 -0
  84. package/lib/cjs/sso-Cdnhezcz.d.cts +31 -0
  85. package/lib/cjs/sso-DwRz-nPM.d.cts +31 -0
  86. package/lib/cjs/user-management/interfaces/authenticate-with-session-cookie.interface.cjs.map +1 -1
  87. package/lib/cjs/user-management/interfaces/authenticate-with-session-cookie.interface.d.cts +2 -0
  88. package/lib/cjs/user-management/interfaces/authentication-response.interface.cjs.map +1 -1
  89. package/lib/cjs/user-management/interfaces/authentication-response.interface.d.cts +1 -1
  90. package/lib/cjs/user-management/interfaces/create-organization-membership-options.interface.cjs.map +1 -1
  91. package/lib/cjs/user-management/interfaces/create-organization-membership-options.interface.d.cts +2 -0
  92. package/lib/cjs/user-management/interfaces/identity.interface.cjs.map +1 -1
  93. package/lib/cjs/user-management/interfaces/identity.interface.d.cts +2 -2
  94. package/lib/cjs/user-management/interfaces/list-sessions-options.interface.cjs.map +1 -1
  95. package/lib/cjs/user-management/interfaces/organization-membership.interface.cjs.map +1 -1
  96. package/lib/cjs/user-management/interfaces/organization-membership.interface.d.cts +2 -0
  97. package/lib/cjs/user-management/interfaces/update-organization-membership-options.interface.cjs.map +1 -1
  98. package/lib/cjs/user-management/interfaces/update-organization-membership-options.interface.d.cts +2 -0
  99. package/lib/cjs/user-management/serializers/create-organization-membership-options.serializer.cjs +2 -1
  100. package/lib/cjs/user-management/serializers/create-organization-membership-options.serializer.cjs.map +1 -1
  101. package/lib/cjs/user-management/serializers/organization-membership.serializer.cjs +2 -1
  102. package/lib/cjs/user-management/serializers/organization-membership.serializer.cjs.map +1 -1
  103. package/lib/cjs/user-management/serializers/update-organization-membership-options.serializer.cjs +2 -1
  104. package/lib/cjs/user-management/serializers/update-organization-membership-options.serializer.cjs.map +1 -1
  105. package/lib/cjs/user-management/session.cjs +4 -0
  106. package/lib/cjs/user-management/session.cjs.map +1 -1
  107. package/lib/cjs/user-management/session.d.cts +2 -1
  108. package/lib/cjs/user-management/user-management.cjs +13 -81
  109. package/lib/cjs/user-management/user-management.cjs.map +1 -1
  110. package/lib/cjs/user-management/user-management.d.cts +3 -2
  111. package/lib/cjs/user-management-B-71OTAR.d.cts +401 -0
  112. package/lib/cjs/user-management-B38wNrIN.d.cts +68 -0
  113. package/lib/cjs/user-management-Dh73wyCr.d.cts +68 -0
  114. package/lib/cjs/vault/vault.d.cts +3 -2
  115. package/lib/cjs/widgets/interfaces/get-token.cjs.map +1 -1
  116. package/lib/cjs/widgets/interfaces/get-token.d.cts +5 -5
  117. package/lib/cjs/widgets/widgets.d.cts +3 -2
  118. package/lib/cjs/workos-BEHZtxw8.d.cts +401 -0
  119. package/lib/cjs/workos-Bt8QqzZV.d.cts +395 -0
  120. package/lib/cjs/workos-C6IZ2mAH.d.cts +402 -0
  121. package/lib/cjs/workos-C7eLbzyK.d.cts +398 -0
  122. package/lib/cjs/workos-C9Z7mAdD.d.cts +399 -0
  123. package/lib/cjs/workos-CUh2oD_o.d.cts +396 -0
  124. package/lib/cjs/workos-Cuegztvg.d.cts +397 -0
  125. package/lib/cjs/workos-DiEirbod.d.cts +397 -0
  126. package/lib/cjs/workos-jsQjZHfV.d.cts +395 -0
  127. package/lib/cjs/workos.cjs +2 -1
  128. package/lib/cjs/workos.cjs.map +1 -1
  129. package/lib/cjs/workos.d.cts +3 -2
  130. package/lib/common/interfaces/event.interface.d.ts +18 -2
  131. package/lib/common/interfaces/workos-options.interface.d.ts +1 -0
  132. package/lib/common/net/fetch-client.d.ts +6 -2
  133. package/lib/common/net/fetch-client.js +67 -31
  134. package/lib/common/net/fetch-client.spec.js +71 -0
  135. package/lib/common/serializers/event.serializer.js +2 -0
  136. package/lib/common/utils/pagination.js +1 -1
  137. package/lib/esm/audit-logs/audit-logs.d.ts +3 -2
  138. package/lib/esm/client/index.d.ts +3 -0
  139. package/lib/esm/client/index.js +7 -0
  140. package/lib/esm/client/index.js.map +1 -0
  141. package/lib/esm/client/sso.d.ts +2 -0
  142. package/lib/esm/client/sso.js +42 -0
  143. package/lib/esm/client/sso.js.map +1 -0
  144. package/lib/esm/client/user-management.d.ts +1 -0
  145. package/lib/esm/client/user-management.js +85 -0
  146. package/lib/esm/client/user-management.js.map +1 -0
  147. package/lib/esm/client/utils.d.ts +7 -0
  148. package/lib/esm/client/utils.js +16 -0
  149. package/lib/esm/client/utils.js.map +1 -0
  150. package/lib/esm/common/interfaces/event.interface.d.ts +19 -3
  151. package/lib/esm/common/interfaces/index.d.ts +1 -1
  152. package/lib/esm/common/interfaces/workos-options.interface.d.ts +1 -0
  153. package/lib/esm/common/net/fetch-client.d.ts +5 -2
  154. package/lib/esm/common/net/fetch-client.js +67 -36
  155. package/lib/esm/common/net/fetch-client.js.map +1 -1
  156. package/lib/esm/common/serializers/event.serializer.js +2 -0
  157. package/lib/esm/common/serializers/event.serializer.js.map +1 -1
  158. package/lib/esm/common/utils/fetch-and-deserialize.d.ts +3 -2
  159. package/lib/esm/common/utils/pagination.js +2 -4
  160. package/lib/esm/common/utils/pagination.js.map +1 -1
  161. package/lib/esm/directory-sync/directory-sync.d.ts +4 -3
  162. package/lib/esm/events/events.d.ts +3 -2
  163. package/lib/esm/fga/fga.d.ts +4 -3
  164. package/lib/esm/fga/utils/fetch-and-deserialize-list.d.ts +3 -2
  165. package/lib/esm/index.client.d.ts +3 -0
  166. package/lib/esm/index.client.js +7 -0
  167. package/lib/esm/index.client.js.map +1 -0
  168. package/lib/esm/index.d.ts +3 -2
  169. package/lib/esm/index.js +2 -0
  170. package/lib/esm/index.js.map +1 -1
  171. package/lib/esm/index.worker.d.ts +3 -2
  172. package/lib/esm/mfa/mfa.d.ts +3 -2
  173. package/lib/esm/organization-domains/organization-domains.d.ts +3 -2
  174. package/lib/esm/organizations/interfaces/list-organization-feature-flags-options.interface.d.ts +3 -1
  175. package/lib/esm/organizations/organizations.d.ts +4 -3
  176. package/lib/esm/organizations/organizations.js +15 -5
  177. package/lib/esm/organizations/organizations.js.map +1 -1
  178. package/lib/esm/passwordless/passwordless.d.ts +3 -2
  179. package/lib/esm/portal/portal.d.ts +3 -2
  180. package/lib/esm/sso/interfaces/authorization-url-options.interface.d.ts +19 -4
  181. package/lib/esm/sso/interfaces/connection-type.enum.d.ts +1 -0
  182. package/lib/esm/sso/interfaces/connection-type.enum.js +1 -0
  183. package/lib/esm/sso/interfaces/connection-type.enum.js.map +1 -1
  184. package/lib/esm/sso/interfaces/index.d.ts +1 -0
  185. package/lib/esm/sso/interfaces/profile-and-token.interface.d.ts +3 -0
  186. package/lib/esm/sso/serializers/index.d.ts +1 -0
  187. package/lib/esm/sso/serializers/profile-and-token.serializer.d.ts +1 -0
  188. package/lib/esm/sso/serializers/profile-and-token.serializer.js +3 -1
  189. package/lib/esm/sso/serializers/profile-and-token.serializer.js.map +1 -1
  190. package/lib/esm/sso/sso.d.ts +2 -1
  191. package/lib/esm/sso/sso.js +5 -37
  192. package/lib/esm/sso/sso.js.map +1 -1
  193. package/lib/esm/sso-nFEQz_Js.d.ts +22 -0
  194. package/lib/esm/user-management/interfaces/authenticate-with-session-cookie.interface.d.ts +2 -0
  195. package/lib/esm/user-management/interfaces/authenticate-with-session-cookie.interface.js.map +1 -1
  196. package/lib/esm/user-management/interfaces/authentication-response.interface.d.ts +1 -1
  197. package/lib/esm/user-management/interfaces/create-organization-membership-options.interface.d.ts +2 -0
  198. package/lib/esm/user-management/interfaces/identity.interface.d.ts +2 -2
  199. package/lib/esm/user-management/interfaces/organization-membership.interface.d.ts +2 -0
  200. package/lib/esm/user-management/interfaces/update-organization-membership-options.interface.d.ts +2 -0
  201. package/lib/esm/user-management/serializers/create-organization-membership-options.serializer.js +2 -1
  202. package/lib/esm/user-management/serializers/create-organization-membership-options.serializer.js.map +1 -1
  203. package/lib/esm/user-management/serializers/organization-membership.serializer.js +2 -1
  204. package/lib/esm/user-management/serializers/organization-membership.serializer.js.map +1 -1
  205. package/lib/esm/user-management/serializers/update-organization-membership-options.serializer.js +2 -1
  206. package/lib/esm/user-management/serializers/update-organization-membership-options.serializer.js.map +1 -1
  207. package/lib/esm/user-management/session.d.ts +2 -1
  208. package/lib/esm/user-management/session.js +4 -0
  209. package/lib/esm/user-management/session.js.map +1 -1
  210. package/lib/esm/user-management/user-management.d.ts +3 -2
  211. package/lib/esm/user-management/user-management.js +13 -81
  212. package/lib/esm/user-management/user-management.js.map +1 -1
  213. package/lib/esm/user-management-B38wNrIN.d.ts +68 -0
  214. package/lib/esm/vault/vault.d.ts +3 -2
  215. package/lib/esm/widgets/interfaces/get-token.d.ts +5 -5
  216. package/lib/esm/widgets/interfaces/get-token.js.map +1 -1
  217. package/lib/esm/widgets/widgets.d.ts +3 -2
  218. package/lib/esm/{workos-DGRMJ65Z.d.ts → workos-EX3jNkYH.d.ts} +5 -7
  219. package/lib/esm/workos.d.ts +3 -2
  220. package/lib/esm/workos.js +2 -1
  221. package/lib/esm/workos.js.map +1 -1
  222. package/lib/index.js +1 -1
  223. package/lib/organizations/interfaces/list-organization-feature-flags-options.interface.d.ts +2 -1
  224. package/lib/organizations/organizations.d.ts +1 -2
  225. package/lib/organizations/organizations.js +2 -4
  226. package/lib/organizations/organizations.spec.js +46 -1
  227. package/lib/sso/interfaces/authorization-url-options.interface.d.ts +2 -0
  228. package/lib/sso/interfaces/profile-and-token.interface.d.ts +3 -0
  229. package/lib/sso/serializers/profile-and-token.serializer.js +2 -0
  230. package/lib/sso/sso.d.ts +1 -1
  231. package/lib/sso/sso.js +14 -10
  232. package/lib/sso/sso.spec.js +131 -0
  233. package/lib/user-management/interfaces/authenticate-with-session-cookie.interface.d.ts +2 -0
  234. package/lib/user-management/interfaces/create-organization-membership-options.interface.d.ts +2 -0
  235. package/lib/user-management/interfaces/organization-membership.interface.d.ts +2 -0
  236. package/lib/user-management/interfaces/update-organization-membership-options.interface.d.ts +2 -0
  237. package/lib/user-management/serializers/create-organization-membership-options.serializer.js +1 -0
  238. package/lib/user-management/serializers/organization-membership.serializer.js +1 -11
  239. package/lib/user-management/serializers/update-organization-membership-options.serializer.js +1 -0
  240. package/lib/user-management/session.js +4 -2
  241. package/lib/user-management/session.spec.js +4 -2
  242. package/lib/user-management/user-management.js +2 -1
  243. package/lib/user-management/user-management.spec.js +33 -0
  244. package/lib/widgets/interfaces/get-token.d.ts +5 -5
  245. package/lib/workos.js +2 -2
  246. package/package.json +10 -5
package/lib/cjs/user-management/interfaces/identity.interface.d.cts CHANGED
@@ -1,12 +1,12 @@
1
1
  interface Identity {
2
2
  idpId: string;
3
3
  type: 'OAuth';
4
- provider: 'AppleOAuth' | 'GoogleOAuth' | 'GitHubOAuth' | 'MicrosoftOAuth';
4
+ provider: 'AppleOAuth' | 'GoogleOAuth' | 'GitHubOAuth' | 'MicrosoftOAuth' | 'SalesforceOAuth';
5
5
  }
6
6
  interface IdentityResponse {
7
7
  idp_id: string;
8
8
  type: 'OAuth';
9
- provider: 'AppleOAuth' | 'GoogleOAuth' | 'GitHubOAuth' | 'MicrosoftOAuth';
9
+ provider: 'AppleOAuth' | 'GoogleOAuth' | 'GitHubOAuth' | 'MicrosoftOAuth' | 'SalesforceOAuth';
10
10
  }
11
11
 
12
12
  export type { Identity, IdentityResponse };
package/lib/cjs/user-management/interfaces/list-sessions-options.interface.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../src/user-management/interfaces/list-sessions-options.interface.ts"],"sourcesContent":["import { PaginationOptions } from '../../common/interfaces/pagination-options.interface';\n\n// tslint:disable-next-line:no-empty-interface\nexport interface ListSessionsOptions extends PaginationOptions {}\n\n// tslint:disable-next-line:no-empty-interface\nexport interface SerializedListSessionsOptions extends PaginationOptions {}\n"],"mappings":";;;;;;;;;;;;;;AAAA;AAAA;","names":[]}
1
+ {"version":3,"sources":["../../../../src/user-management/interfaces/list-sessions-options.interface.ts"],"sourcesContent":["import { PaginationOptions } from '../../common/interfaces/pagination-options.interface';\n\n// eslint-disable-next-line @typescript-eslint/no-empty-object-type\nexport interface ListSessionsOptions extends PaginationOptions {}\n\n// eslint-disable-next-line @typescript-eslint/no-empty-object-type\nexport interface SerializedListSessionsOptions extends PaginationOptions {}\n"],"mappings":";;;;;;;;;;;;;;AAAA;AAAA;","names":[]}
package/lib/cjs/user-management/interfaces/organization-membership.interface.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../src/user-management/interfaces/organization-membership.interface.ts"],"sourcesContent":["import { RoleResponse } from '../../roles/interfaces/';\n\nexport type OrganizationMembershipStatus = 'active' | 'inactive' | 'pending';\n\nexport interface OrganizationMembership {\n object: 'organization_membership';\n id: string;\n organizationId: string;\n organizationName: string;\n status: OrganizationMembershipStatus;\n userId: string;\n createdAt: string;\n updatedAt: string;\n role: RoleResponse;\n}\n\nexport interface OrganizationMembershipResponse {\n object: 'organization_membership';\n id: string;\n organization_id: string;\n organization_name: string;\n status: OrganizationMembershipStatus;\n user_id: string;\n created_at: string;\n updated_at: string;\n role: RoleResponse;\n}\n"],"mappings":";;;;;;;;;;;;;;AAAA;AAAA;","names":[]}
1
+ {"version":3,"sources":["../../../../src/user-management/interfaces/organization-membership.interface.ts"],"sourcesContent":["import { RoleResponse } from '../../roles/interfaces/';\n\nexport type OrganizationMembershipStatus = 'active' | 'inactive' | 'pending';\n\nexport interface OrganizationMembership {\n object: 'organization_membership';\n id: string;\n organizationId: string;\n organizationName: string;\n status: OrganizationMembershipStatus;\n userId: string;\n createdAt: string;\n updatedAt: string;\n role: RoleResponse;\n roles?: RoleResponse[];\n}\n\nexport interface OrganizationMembershipResponse {\n object: 'organization_membership';\n id: string;\n organization_id: string;\n organization_name: string;\n status: OrganizationMembershipStatus;\n user_id: string;\n created_at: string;\n updated_at: string;\n role: RoleResponse;\n roles?: RoleResponse[];\n}\n"],"mappings":";;;;;;;;;;;;;;AAAA;AAAA;","names":[]}
package/lib/cjs/user-management/interfaces/organization-membership.interface.d.cts CHANGED
@@ -11,6 +11,7 @@ interface OrganizationMembership {
11
11
  createdAt: string;
12
12
  updatedAt: string;
13
13
  role: RoleResponse;
14
+ roles?: RoleResponse[];
14
15
  }
15
16
  interface OrganizationMembershipResponse {
16
17
  object: 'organization_membership';
@@ -22,6 +23,7 @@ interface OrganizationMembershipResponse {
22
23
  created_at: string;
23
24
  updated_at: string;
24
25
  role: RoleResponse;
26
+ roles?: RoleResponse[];
25
27
  }
26
28
 
27
29
  export type { OrganizationMembership, OrganizationMembershipResponse, OrganizationMembershipStatus };
package/lib/cjs/user-management/interfaces/update-organization-membership-options.interface.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../src/user-management/interfaces/update-organization-membership-options.interface.ts"],"sourcesContent":["export interface UpdateOrganizationMembershipOptions {\n roleSlug?: string;\n}\n\nexport interface SerializedUpdateOrganizationMembershipOptions {\n role_slug?: string;\n}\n"],"mappings":";;;;;;;;;;;;;;AAAA;AAAA;","names":[]}
1
+ {"version":3,"sources":["../../../../src/user-management/interfaces/update-organization-membership-options.interface.ts"],"sourcesContent":["export interface UpdateOrganizationMembershipOptions {\n roleSlug?: string;\n roleSlugs?: string[];\n}\n\nexport interface SerializedUpdateOrganizationMembershipOptions {\n role_slug?: string;\n role_slugs?: string[];\n}\n"],"mappings":";;;;;;;;;;;;;;AAAA;AAAA;","names":[]}
package/lib/cjs/user-management/interfaces/update-organization-membership-options.interface.d.cts CHANGED
@@ -1,8 +1,10 @@
1
1
  interface UpdateOrganizationMembershipOptions {
2
2
  roleSlug?: string;
3
+ roleSlugs?: string[];
3
4
  }
4
5
  interface SerializedUpdateOrganizationMembershipOptions {
5
6
  role_slug?: string;
7
+ role_slugs?: string[];
6
8
  }
7
9
 
8
10
  export type { SerializedUpdateOrganizationMembershipOptions, UpdateOrganizationMembershipOptions };
package/lib/cjs/user-management/serializers/create-organization-membership-options.serializer.cjs CHANGED
@@ -25,7 +25,8 @@ module.exports = __toCommonJS(create_organization_membership_options_serializer_
25
25
  const serializeCreateOrganizationMembershipOptions = /* @__PURE__ */ __name((options) => ({
26
26
  organization_id: options.organizationId,
27
27
  user_id: options.userId,
28
- role_slug: options.roleSlug
28
+ role_slug: options.roleSlug,
29
+ role_slugs: options.roleSlugs
29
30
  }), "serializeCreateOrganizationMembershipOptions");
30
31
  // Annotate the CommonJS export names for ESM import in node:
31
32
  0 && (module.exports = {
package/lib/cjs/user-management/serializers/create-organization-membership-options.serializer.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../src/user-management/serializers/create-organization-membership-options.serializer.ts"],"sourcesContent":["import {\n CreateOrganizationMembershipOptions,\n SerializedCreateOrganizationMembershipOptions,\n} from '../interfaces/create-organization-membership-options.interface';\n\nexport const serializeCreateOrganizationMembershipOptions = (\n options: CreateOrganizationMembershipOptions,\n): SerializedCreateOrganizationMembershipOptions => ({\n organization_id: options.organizationId,\n user_id: options.userId,\n role_slug: options.roleSlug,\n});\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAKO,MAAM,+CAA+C,wBAC1D,aACmD;AAAA,EACnD,iBAAiB,QAAQ;AAAA,EACzB,SAAS,QAAQ;AAAA,EACjB,WAAW,QAAQ;AACrB,IAN4D;","names":[]}
1
+ {"version":3,"sources":["../../../../src/user-management/serializers/create-organization-membership-options.serializer.ts"],"sourcesContent":["import {\n CreateOrganizationMembershipOptions,\n SerializedCreateOrganizationMembershipOptions,\n} from '../interfaces/create-organization-membership-options.interface';\n\nexport const serializeCreateOrganizationMembershipOptions = (\n options: CreateOrganizationMembershipOptions,\n): SerializedCreateOrganizationMembershipOptions => ({\n organization_id: options.organizationId,\n user_id: options.userId,\n role_slug: options.roleSlug,\n role_slugs: options.roleSlugs,\n});\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAKO,MAAM,+CAA+C,wBAC1D,aACmD;AAAA,EACnD,iBAAiB,QAAQ;AAAA,EACzB,SAAS,QAAQ;AAAA,EACjB,WAAW,QAAQ;AAAA,EACnB,YAAY,QAAQ;AACtB,IAP4D;","names":[]}
package/lib/cjs/user-management/serializers/organization-membership.serializer.cjs CHANGED
@@ -31,7 +31,8 @@ const deserializeOrganizationMembership = /* @__PURE__ */ __name((organizationMe
31
31
  status: organizationMembership.status,
32
32
  createdAt: organizationMembership.created_at,
33
33
  updatedAt: organizationMembership.updated_at,
34
- role: organizationMembership.role
34
+ role: organizationMembership.role,
35
+ ...organizationMembership.roles && { roles: organizationMembership.roles }
35
36
  }), "deserializeOrganizationMembership");
36
37
  // Annotate the CommonJS export names for ESM import in node:
37
38
  0 && (module.exports = {
package/lib/cjs/user-management/serializers/organization-membership.serializer.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../src/user-management/serializers/organization-membership.serializer.ts"],"sourcesContent":["import {\n OrganizationMembership,\n OrganizationMembershipResponse,\n} from '../interfaces/organization-membership.interface';\n\nexport const deserializeOrganizationMembership = (\n organizationMembership: OrganizationMembershipResponse,\n): OrganizationMembership => ({\n object: organizationMembership.object,\n id: organizationMembership.id,\n userId: organizationMembership.user_id,\n organizationId: organizationMembership.organization_id,\n organizationName: organizationMembership.organization_name,\n status: organizationMembership.status,\n createdAt: organizationMembership.created_at,\n updatedAt: organizationMembership.updated_at,\n role: organizationMembership.role,\n});\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAKO,MAAM,oCAAoC,wBAC/C,4BAC4B;AAAA,EAC5B,QAAQ,uBAAuB;AAAA,EAC/B,IAAI,uBAAuB;AAAA,EAC3B,QAAQ,uBAAuB;AAAA,EAC/B,gBAAgB,uBAAuB;AAAA,EACvC,kBAAkB,uBAAuB;AAAA,EACzC,QAAQ,uBAAuB;AAAA,EAC/B,WAAW,uBAAuB;AAAA,EAClC,WAAW,uBAAuB;AAAA,EAClC,MAAM,uBAAuB;AAC/B,IAZiD;","names":[]}
1
+ {"version":3,"sources":["../../../../src/user-management/serializers/organization-membership.serializer.ts"],"sourcesContent":["import {\n OrganizationMembership,\n OrganizationMembershipResponse,\n} from '../interfaces/organization-membership.interface';\n\nexport const deserializeOrganizationMembership = (\n organizationMembership: OrganizationMembershipResponse,\n): OrganizationMembership => ({\n object: organizationMembership.object,\n id: organizationMembership.id,\n userId: organizationMembership.user_id,\n organizationId: organizationMembership.organization_id,\n organizationName: organizationMembership.organization_name,\n status: organizationMembership.status,\n createdAt: organizationMembership.created_at,\n updatedAt: organizationMembership.updated_at,\n role: organizationMembership.role,\n ...(organizationMembership.roles && { roles: organizationMembership.roles }),\n});\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAKO,MAAM,oCAAoC,wBAC/C,4BAC4B;AAAA,EAC5B,QAAQ,uBAAuB;AAAA,EAC/B,IAAI,uBAAuB;AAAA,EAC3B,QAAQ,uBAAuB;AAAA,EAC/B,gBAAgB,uBAAuB;AAAA,EACvC,kBAAkB,uBAAuB;AAAA,EACzC,QAAQ,uBAAuB;AAAA,EAC/B,WAAW,uBAAuB;AAAA,EAClC,WAAW,uBAAuB;AAAA,EAClC,MAAM,uBAAuB;AAAA,EAC7B,GAAI,uBAAuB,SAAS,EAAE,OAAO,uBAAuB,MAAM;AAC5E,IAbiD;","names":[]}
package/lib/cjs/user-management/serializers/update-organization-membership-options.serializer.cjs CHANGED
@@ -23,7 +23,8 @@ __export(update_organization_membership_options_serializer_exports, {
23
23
  });
24
24
  module.exports = __toCommonJS(update_organization_membership_options_serializer_exports);
25
25
  const serializeUpdateOrganizationMembershipOptions = /* @__PURE__ */ __name((options) => ({
26
- role_slug: options.roleSlug
26
+ role_slug: options.roleSlug,
27
+ role_slugs: options.roleSlugs
27
28
  }), "serializeUpdateOrganizationMembershipOptions");
28
29
  // Annotate the CommonJS export names for ESM import in node:
29
30
  0 && (module.exports = {
package/lib/cjs/user-management/serializers/update-organization-membership-options.serializer.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../src/user-management/serializers/update-organization-membership-options.serializer.ts"],"sourcesContent":["import {\n UpdateOrganizationMembershipOptions,\n SerializedUpdateOrganizationMembershipOptions,\n} from '../interfaces/update-organization-membership-options.interface';\n\nexport const serializeUpdateOrganizationMembershipOptions = (\n options: UpdateOrganizationMembershipOptions,\n): SerializedUpdateOrganizationMembershipOptions => ({\n role_slug: options.roleSlug,\n});\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAKO,MAAM,+CAA+C,wBAC1D,aACmD;AAAA,EACnD,WAAW,QAAQ;AACrB,IAJ4D;","names":[]}
1
+ {"version":3,"sources":["../../../../src/user-management/serializers/update-organization-membership-options.serializer.ts"],"sourcesContent":["import {\n UpdateOrganizationMembershipOptions,\n SerializedUpdateOrganizationMembershipOptions,\n} from '../interfaces/update-organization-membership-options.interface';\n\nexport const serializeUpdateOrganizationMembershipOptions = (\n options: UpdateOrganizationMembershipOptions,\n): SerializedUpdateOrganizationMembershipOptions => ({\n role_slug: options.roleSlug,\n role_slugs: options.roleSlugs,\n});\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAKO,MAAM,+CAA+C,wBAC1D,aACmD;AAAA,EACnD,WAAW,QAAQ;AAAA,EACnB,YAAY,QAAQ;AACtB,IAL4D;","names":[]}
package/lib/cjs/user-management/session.cjs CHANGED
@@ -82,6 +82,7 @@ class CookieSession {
82
82
  sid: sessionId,
83
83
  org_id: organizationId,
84
84
  role,
85
+ roles,
85
86
  permissions,
86
87
  entitlements,
87
88
  feature_flags: featureFlags
@@ -91,6 +92,7 @@ class CookieSession {
91
92
  sessionId,
92
93
  organizationId,
93
94
  role,
95
+ roles,
94
96
  permissions,
95
97
  entitlements,
96
98
  featureFlags,
@@ -140,6 +142,7 @@ class CookieSession {
140
142
  sid: sessionId,
141
143
  org_id: organizationId,
142
144
  role,
145
+ roles,
143
146
  permissions,
144
147
  entitlements,
145
148
  feature_flags: featureFlags
@@ -151,6 +154,7 @@ class CookieSession {
151
154
  sessionId,
152
155
  organizationId,
153
156
  role,
157
+ roles,
154
158
  permissions,
155
159
  entitlements,
156
160
  featureFlags,
package/lib/cjs/user-management/session.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/user-management/session.ts"],"sourcesContent":["import { createRemoteJWKSet, decodeJwt, jwtVerify } from 'jose';\nimport { OauthException } from '../common/exceptions/oauth.exception';\nimport {\n AccessToken,\n AuthenticateWithSessionCookieFailedResponse,\n AuthenticateWithSessionCookieFailureReason,\n AuthenticateWithSessionCookieSuccessResponse,\n AuthenticationResponse,\n RefreshSessionFailureReason,\n RefreshSessionResponse,\n SessionCookieData,\n} from './interfaces';\nimport { UserManagement } from './user-management';\nimport { unsealData } from 'iron-session';\n\ntype RefreshOptions = {\n cookiePassword?: string;\n organizationId?: string;\n};\n\nexport class CookieSession {\n private jwks: ReturnType<typeof createRemoteJWKSet> | undefined;\n private userManagement: UserManagement;\n private cookiePassword: string;\n private sessionData: string;\n\n constructor(\n userManagement: UserManagement,\n sessionData: string,\n cookiePassword: string,\n ) {\n if (!cookiePassword) {\n throw new Error('cookiePassword is required');\n }\n\n this.userManagement = userManagement;\n this.cookiePassword = cookiePassword;\n this.sessionData = sessionData;\n\n this.jwks = this.userManagement.jwks;\n }\n\n /**\n * Authenticates a user with a session cookie.\n *\n * @returns An object indicating whether the authentication was successful or not. If successful, it will include the user's session data.\n */\n async authenticate(): Promise<\n | AuthenticateWithSessionCookieSuccessResponse\n | AuthenticateWithSessionCookieFailedResponse\n > {\n if (!this.sessionData) {\n return {\n authenticated: false,\n reason:\n AuthenticateWithSessionCookieFailureReason.NO_SESSION_COOKIE_PROVIDED,\n };\n }\n\n let session: SessionCookieData;\n\n try {\n session = await unsealData<SessionCookieData>(this.sessionData, {\n password: this.cookiePassword,\n });\n } catch (e) {\n return {\n authenticated: false,\n reason:\n AuthenticateWithSessionCookieFailureReason.INVALID_SESSION_COOKIE,\n };\n }\n\n if (!session.accessToken) {\n return {\n authenticated: false,\n reason:\n AuthenticateWithSessionCookieFailureReason.INVALID_SESSION_COOKIE,\n };\n }\n\n if (!(await this.isValidJwt(session.accessToken))) {\n return {\n authenticated: false,\n reason: AuthenticateWithSessionCookieFailureReason.INVALID_JWT,\n };\n }\n\n const {\n sid: sessionId,\n org_id: organizationId,\n role,\n permissions,\n entitlements,\n feature_flags: featureFlags,\n } = decodeJwt<AccessToken>(session.accessToken);\n\n return {\n authenticated: true,\n sessionId,\n organizationId,\n role,\n permissions,\n entitlements,\n featureFlags,\n user: session.user,\n impersonator: session.impersonator,\n accessToken: session.accessToken,\n };\n }\n\n /**\n * Refreshes the user's session.\n *\n * @param options - Optional options for refreshing the session.\n * @param options.cookiePassword - The password to use for the new session cookie.\n * @param options.organizationId - The organization ID to use for the new session cookie.\n * @returns An object indicating whether the refresh was successful or not. If successful, it will include the new sealed session data.\n */\n async refresh(options: RefreshOptions = {}): Promise<RefreshSessionResponse> {\n const session = await unsealData<SessionCookieData>(this.sessionData, {\n password: this.cookiePassword,\n });\n\n if (!session.refreshToken || !session.user) {\n return {\n authenticated: false,\n reason: RefreshSessionFailureReason.INVALID_SESSION_COOKIE,\n };\n }\n\n const { org_id: organizationIdFromAccessToken } = decodeJwt<AccessToken>(\n session.accessToken,\n );\n\n try {\n const cookiePassword = options.cookiePassword ?? this.cookiePassword;\n\n const authenticationResponse =\n await this.userManagement.authenticateWithRefreshToken({\n clientId: this.userManagement.clientId as string,\n refreshToken: session.refreshToken,\n organizationId:\n options.organizationId ?? organizationIdFromAccessToken,\n session: {\n // We want to store the new sealed session in this class instance, so this always needs to be true\n sealSession: true,\n cookiePassword,\n },\n });\n\n // Update the password if a new one was provided\n if (options.cookiePassword) {\n this.cookiePassword = options.cookiePassword;\n }\n\n this.sessionData = authenticationResponse.sealedSession as string;\n\n const {\n sid: sessionId,\n org_id: organizationId,\n role,\n permissions,\n entitlements,\n feature_flags: featureFlags,\n } = decodeJwt<AccessToken>(authenticationResponse.accessToken);\n\n // TODO: Returning `session` here means there's some duplicated data.\n // Slim down the return type in a future major version.\n return {\n authenticated: true,\n sealedSession: authenticationResponse.sealedSession,\n session: authenticationResponse as AuthenticationResponse,\n sessionId,\n organizationId,\n role,\n permissions,\n entitlements,\n featureFlags,\n user: session.user,\n impersonator: session.impersonator,\n };\n } catch (error) {\n if (\n error instanceof OauthException &&\n // TODO: Add additional known errors and remove re-throw\n (error.error === RefreshSessionFailureReason.INVALID_GRANT ||\n error.error === RefreshSessionFailureReason.MFA_ENROLLMENT ||\n error.error === RefreshSessionFailureReason.SSO_REQUIRED)\n ) {\n return {\n authenticated: false,\n reason: error.error,\n };\n }\n\n throw error;\n }\n }\n\n /**\n * Gets the URL to redirect the user to for logging out.\n *\n * @returns The URL to redirect the user to for logging out.\n */\n async getLogoutUrl({\n returnTo,\n }: { returnTo?: string } = {}): Promise<string> {\n const authenticationResponse = await this.authenticate();\n\n if (!authenticationResponse.authenticated) {\n const { reason } = authenticationResponse;\n throw new Error(`Failed to extract session ID for logout URL: ${reason}`);\n }\n\n return this.userManagement.getLogoutUrl({\n sessionId: authenticationResponse.sessionId,\n returnTo,\n });\n }\n\n private async isValidJwt(accessToken: string): Promise<boolean> {\n if (!this.jwks) {\n throw new Error(\n 'Missing client ID. Did you provide it when initializing WorkOS?',\n );\n }\n\n try {\n await jwtVerify(accessToken, this.jwks);\n return true;\n } catch (e) {\n return false;\n }\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,kBAAyD;AACzD,mBAA+B;AAC/B,wBASO;AAEP,0BAA2B;AAOpB,MAAM,cAAc;AAAA,EApB3B,OAoB2B;AAAA;AAAA;AAAA,EACjB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAER,YACE,gBACA,aACA,gBACA;AACA,QAAI,CAAC,gBAAgB;AACnB,YAAM,IAAI,MAAM,4BAA4B;AAAA,IAC9C;AAEA,SAAK,iBAAiB;AACtB,SAAK,iBAAiB;AACtB,SAAK,cAAc;AAEnB,SAAK,OAAO,KAAK,eAAe;AAAA,EAClC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,eAGJ;AACA,QAAI,CAAC,KAAK,aAAa;AACrB,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QACE,6DAA2C;AAAA,MAC/C;AAAA,IACF;AAEA,QAAI;AAEJ,QAAI;AACF,gBAAU,UAAM,gCAA8B,KAAK,aAAa;AAAA,QAC9D,UAAU,KAAK;AAAA,MACjB,CAAC;AAAA,IACH,SAAS,GAAG;AACV,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QACE,6DAA2C;AAAA,MAC/C;AAAA,IACF;AAEA,QAAI,CAAC,QAAQ,aAAa;AACxB,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QACE,6DAA2C;AAAA,MAC/C;AAAA,IACF;AAEA,QAAI,CAAE,MAAM,KAAK,WAAW,QAAQ,WAAW,GAAI;AACjD,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QAAQ,6DAA2C;AAAA,MACrD;AAAA,IACF;AAEA,UAAM;AAAA,MACJ,KAAK;AAAA,MACL,QAAQ;AAAA,MACR;AAAA,MACA;AAAA,MACA;AAAA,MACA,eAAe;AAAA,IACjB,QAAI,uBAAuB,QAAQ,WAAW;AAE9C,WAAO;AAAA,MACL,eAAe;AAAA,MACf;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,MAAM,QAAQ;AAAA,MACd,cAAc,QAAQ;AAAA,MACtB,aAAa,QAAQ;AAAA,IACvB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,QAAQ,UAA0B,CAAC,GAAoC;AAC3E,UAAM,UAAU,UAAM,gCAA8B,KAAK,aAAa;AAAA,MACpE,UAAU,KAAK;AAAA,IACjB,CAAC;AAED,QAAI,CAAC,QAAQ,gBAAgB,CAAC,QAAQ,MAAM;AAC1C,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QAAQ,8CAA4B;AAAA,MACtC;AAAA,IACF;AAEA,UAAM,EAAE,QAAQ,8BAA8B,QAAI;AAAA,MAChD,QAAQ;AAAA,IACV;AAEA,QAAI;AACF,YAAM,iBAAiB,QAAQ,kBAAkB,KAAK;AAEtD,YAAM,yBACJ,MAAM,KAAK,eAAe,6BAA6B;AAAA,QACrD,UAAU,KAAK,eAAe;AAAA,QAC9B,cAAc,QAAQ;AAAA,QACtB,gBACE,QAAQ,kBAAkB;AAAA,QAC5B,SAAS;AAAA;AAAA,UAEP,aAAa;AAAA,UACb;AAAA,QACF;AAAA,MACF,CAAC;AAGH,UAAI,QAAQ,gBAAgB;AAC1B,aAAK,iBAAiB,QAAQ;AAAA,MAChC;AAEA,WAAK,cAAc,uBAAuB;AAE1C,YAAM;AAAA,QACJ,KAAK;AAAA,QACL,QAAQ;AAAA,QACR;AAAA,QACA;AAAA,QACA;AAAA,QACA,eAAe;AAAA,MACjB,QAAI,uBAAuB,uBAAuB,WAAW;AAI7D,aAAO;AAAA,QACL,eAAe;AAAA,QACf,eAAe,uBAAuB;AAAA,QACtC,SAAS;AAAA,QACT;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM,QAAQ;AAAA,QACd,cAAc,QAAQ;AAAA,MACxB;AAAA,IACF,SAAS,OAAO;AACd,UACE,iBAAiB;AAAA,OAEhB,MAAM,UAAU,8CAA4B,iBAC3C,MAAM,UAAU,8CAA4B,kBAC5C,MAAM,UAAU,8CAA4B,eAC9C;AACA,eAAO;AAAA,UACL,eAAe;AAAA,UACf,QAAQ,MAAM;AAAA,QAChB;AAAA,MACF;AAEA,YAAM;AAAA,IACR;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,aAAa;AAAA,IACjB;AAAA,EACF,IAA2B,CAAC,GAAoB;AAC9C,UAAM,yBAAyB,MAAM,KAAK,aAAa;AAEvD,QAAI,CAAC,uBAAuB,eAAe;AACzC,YAAM,EAAE,OAAO,IAAI;AACnB,YAAM,IAAI,MAAM,gDAAgD,MAAM,EAAE;AAAA,IAC1E;AAEA,WAAO,KAAK,eAAe,aAAa;AAAA,MACtC,WAAW,uBAAuB;AAAA,MAClC;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAc,WAAW,aAAuC;AAC9D,QAAI,CAAC,KAAK,MAAM;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,QAAI;AACF,gBAAM,uBAAU,aAAa,KAAK,IAAI;AACtC,aAAO;AAAA,IACT,SAAS,GAAG;AACV,aAAO;AAAA,IACT;AAAA,EACF;AACF;","names":[]}
1
+ {"version":3,"sources":["../../../src/user-management/session.ts"],"sourcesContent":["import { createRemoteJWKSet, decodeJwt, jwtVerify } from 'jose';\nimport { OauthException } from '../common/exceptions/oauth.exception';\nimport {\n AccessToken,\n AuthenticateWithSessionCookieFailedResponse,\n AuthenticateWithSessionCookieFailureReason,\n AuthenticateWithSessionCookieSuccessResponse,\n AuthenticationResponse,\n RefreshSessionFailureReason,\n RefreshSessionResponse,\n SessionCookieData,\n} from './interfaces';\nimport { UserManagement } from './user-management';\nimport { unsealData } from 'iron-session';\n\ntype RefreshOptions = {\n cookiePassword?: string;\n organizationId?: string;\n};\n\nexport class CookieSession {\n private jwks: ReturnType<typeof createRemoteJWKSet> | undefined;\n private userManagement: UserManagement;\n private cookiePassword: string;\n private sessionData: string;\n\n constructor(\n userManagement: UserManagement,\n sessionData: string,\n cookiePassword: string,\n ) {\n if (!cookiePassword) {\n throw new Error('cookiePassword is required');\n }\n\n this.userManagement = userManagement;\n this.cookiePassword = cookiePassword;\n this.sessionData = sessionData;\n\n this.jwks = this.userManagement.jwks;\n }\n\n /**\n * Authenticates a user with a session cookie.\n *\n * @returns An object indicating whether the authentication was successful or not. If successful, it will include the user's session data.\n */\n async authenticate(): Promise<\n | AuthenticateWithSessionCookieSuccessResponse\n | AuthenticateWithSessionCookieFailedResponse\n > {\n if (!this.sessionData) {\n return {\n authenticated: false,\n reason:\n AuthenticateWithSessionCookieFailureReason.NO_SESSION_COOKIE_PROVIDED,\n };\n }\n\n let session: SessionCookieData;\n\n try {\n session = await unsealData<SessionCookieData>(this.sessionData, {\n password: this.cookiePassword,\n });\n } catch (e) {\n return {\n authenticated: false,\n reason:\n AuthenticateWithSessionCookieFailureReason.INVALID_SESSION_COOKIE,\n };\n }\n\n if (!session.accessToken) {\n return {\n authenticated: false,\n reason:\n AuthenticateWithSessionCookieFailureReason.INVALID_SESSION_COOKIE,\n };\n }\n\n if (!(await this.isValidJwt(session.accessToken))) {\n return {\n authenticated: false,\n reason: AuthenticateWithSessionCookieFailureReason.INVALID_JWT,\n };\n }\n\n const {\n sid: sessionId,\n org_id: organizationId,\n role,\n roles,\n permissions,\n entitlements,\n feature_flags: featureFlags,\n } = decodeJwt<AccessToken>(session.accessToken);\n\n return {\n authenticated: true,\n sessionId,\n organizationId,\n role,\n roles,\n permissions,\n entitlements,\n featureFlags,\n user: session.user,\n impersonator: session.impersonator,\n accessToken: session.accessToken,\n };\n }\n\n /**\n * Refreshes the user's session.\n *\n * @param options - Optional options for refreshing the session.\n * @param options.cookiePassword - The password to use for the new session cookie.\n * @param options.organizationId - The organization ID to use for the new session cookie.\n * @returns An object indicating whether the refresh was successful or not. If successful, it will include the new sealed session data.\n */\n async refresh(options: RefreshOptions = {}): Promise<RefreshSessionResponse> {\n const session = await unsealData<SessionCookieData>(this.sessionData, {\n password: this.cookiePassword,\n });\n\n if (!session.refreshToken || !session.user) {\n return {\n authenticated: false,\n reason: RefreshSessionFailureReason.INVALID_SESSION_COOKIE,\n };\n }\n\n const { org_id: organizationIdFromAccessToken } = decodeJwt<AccessToken>(\n session.accessToken,\n );\n\n try {\n const cookiePassword = options.cookiePassword ?? this.cookiePassword;\n\n const authenticationResponse =\n await this.userManagement.authenticateWithRefreshToken({\n clientId: this.userManagement.clientId as string,\n refreshToken: session.refreshToken,\n organizationId:\n options.organizationId ?? organizationIdFromAccessToken,\n session: {\n // We want to store the new sealed session in this class instance, so this always needs to be true\n sealSession: true,\n cookiePassword,\n },\n });\n\n // Update the password if a new one was provided\n if (options.cookiePassword) {\n this.cookiePassword = options.cookiePassword;\n }\n\n this.sessionData = authenticationResponse.sealedSession as string;\n\n const {\n sid: sessionId,\n org_id: organizationId,\n role,\n roles,\n permissions,\n entitlements,\n feature_flags: featureFlags,\n } = decodeJwt<AccessToken>(authenticationResponse.accessToken);\n\n // TODO: Returning `session` here means there's some duplicated data.\n // Slim down the return type in a future major version.\n return {\n authenticated: true,\n sealedSession: authenticationResponse.sealedSession,\n session: authenticationResponse as AuthenticationResponse,\n sessionId,\n organizationId,\n role,\n roles,\n permissions,\n entitlements,\n featureFlags,\n user: session.user,\n impersonator: session.impersonator,\n };\n } catch (error) {\n if (\n error instanceof OauthException &&\n // TODO: Add additional known errors and remove re-throw\n (error.error === RefreshSessionFailureReason.INVALID_GRANT ||\n error.error === RefreshSessionFailureReason.MFA_ENROLLMENT ||\n error.error === RefreshSessionFailureReason.SSO_REQUIRED)\n ) {\n return {\n authenticated: false,\n reason: error.error,\n };\n }\n\n throw error;\n }\n }\n\n /**\n * Gets the URL to redirect the user to for logging out.\n *\n * @returns The URL to redirect the user to for logging out.\n */\n async getLogoutUrl({\n returnTo,\n }: { returnTo?: string } = {}): Promise<string> {\n const authenticationResponse = await this.authenticate();\n\n if (!authenticationResponse.authenticated) {\n const { reason } = authenticationResponse;\n throw new Error(`Failed to extract session ID for logout URL: ${reason}`);\n }\n\n return this.userManagement.getLogoutUrl({\n sessionId: authenticationResponse.sessionId,\n returnTo,\n });\n }\n\n private async isValidJwt(accessToken: string): Promise<boolean> {\n if (!this.jwks) {\n throw new Error(\n 'Missing client ID. Did you provide it when initializing WorkOS?',\n );\n }\n\n try {\n await jwtVerify(accessToken, this.jwks);\n return true;\n } catch (e) {\n return false;\n }\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,kBAAyD;AACzD,mBAA+B;AAC/B,wBASO;AAEP,0BAA2B;AAOpB,MAAM,cAAc;AAAA,EApB3B,OAoB2B;AAAA;AAAA;AAAA,EACjB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAER,YACE,gBACA,aACA,gBACA;AACA,QAAI,CAAC,gBAAgB;AACnB,YAAM,IAAI,MAAM,4BAA4B;AAAA,IAC9C;AAEA,SAAK,iBAAiB;AACtB,SAAK,iBAAiB;AACtB,SAAK,cAAc;AAEnB,SAAK,OAAO,KAAK,eAAe;AAAA,EAClC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,eAGJ;AACA,QAAI,CAAC,KAAK,aAAa;AACrB,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QACE,6DAA2C;AAAA,MAC/C;AAAA,IACF;AAEA,QAAI;AAEJ,QAAI;AACF,gBAAU,UAAM,gCAA8B,KAAK,aAAa;AAAA,QAC9D,UAAU,KAAK;AAAA,MACjB,CAAC;AAAA,IACH,SAAS,GAAG;AACV,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QACE,6DAA2C;AAAA,MAC/C;AAAA,IACF;AAEA,QAAI,CAAC,QAAQ,aAAa;AACxB,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QACE,6DAA2C;AAAA,MAC/C;AAAA,IACF;AAEA,QAAI,CAAE,MAAM,KAAK,WAAW,QAAQ,WAAW,GAAI;AACjD,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QAAQ,6DAA2C;AAAA,MACrD;AAAA,IACF;AAEA,UAAM;AAAA,MACJ,KAAK;AAAA,MACL,QAAQ;AAAA,MACR;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,eAAe;AAAA,IACjB,QAAI,uBAAuB,QAAQ,WAAW;AAE9C,WAAO;AAAA,MACL,eAAe;AAAA,MACf;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,MAAM,QAAQ;AAAA,MACd,cAAc,QAAQ;AAAA,MACtB,aAAa,QAAQ;AAAA,IACvB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,QAAQ,UAA0B,CAAC,GAAoC;AAC3E,UAAM,UAAU,UAAM,gCAA8B,KAAK,aAAa;AAAA,MACpE,UAAU,KAAK;AAAA,IACjB,CAAC;AAED,QAAI,CAAC,QAAQ,gBAAgB,CAAC,QAAQ,MAAM;AAC1C,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QAAQ,8CAA4B;AAAA,MACtC;AAAA,IACF;AAEA,UAAM,EAAE,QAAQ,8BAA8B,QAAI;AAAA,MAChD,QAAQ;AAAA,IACV;AAEA,QAAI;AACF,YAAM,iBAAiB,QAAQ,kBAAkB,KAAK;AAEtD,YAAM,yBACJ,MAAM,KAAK,eAAe,6BAA6B;AAAA,QACrD,UAAU,KAAK,eAAe;AAAA,QAC9B,cAAc,QAAQ;AAAA,QACtB,gBACE,QAAQ,kBAAkB;AAAA,QAC5B,SAAS;AAAA;AAAA,UAEP,aAAa;AAAA,UACb;AAAA,QACF;AAAA,MACF,CAAC;AAGH,UAAI,QAAQ,gBAAgB;AAC1B,aAAK,iBAAiB,QAAQ;AAAA,MAChC;AAEA,WAAK,cAAc,uBAAuB;AAE1C,YAAM;AAAA,QACJ,KAAK;AAAA,QACL,QAAQ;AAAA,QACR;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,eAAe;AAAA,MACjB,QAAI,uBAAuB,uBAAuB,WAAW;AAI7D,aAAO;AAAA,QACL,eAAe;AAAA,QACf,eAAe,uBAAuB;AAAA,QACtC,SAAS;AAAA,QACT;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM,QAAQ;AAAA,QACd,cAAc,QAAQ;AAAA,MACxB;AAAA,IACF,SAAS,OAAO;AACd,UACE,iBAAiB;AAAA,OAEhB,MAAM,UAAU,8CAA4B,iBAC3C,MAAM,UAAU,8CAA4B,kBAC5C,MAAM,UAAU,8CAA4B,eAC9C;AACA,eAAO;AAAA,UACL,eAAe;AAAA,UACf,QAAQ,MAAM;AAAA,QAChB;AAAA,MACF;AAEA,YAAM;AAAA,IACR;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,aAAa;AAAA,IACjB;AAAA,EACF,IAA2B,CAAC,GAAoB;AAC9C,UAAM,yBAAyB,MAAM,KAAK,aAAa;AAEvD,QAAI,CAAC,uBAAuB,eAAe;AACzC,YAAM,EAAE,OAAO,IAAI;AACnB,YAAM,IAAI,MAAM,gDAAgD,MAAM,EAAE;AAAA,IAC1E;AAEA,WAAO,KAAK,eAAe,aAAa;AAAA,MACtC,WAAW,uBAAuB;AAAA,MAClC;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAc,WAAW,aAAuC;AAC9D,QAAI,CAAC,KAAK,MAAM;AACd,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,QAAI;AACF,gBAAM,uBAAU,aAAa,KAAK,IAAI;AACtC,aAAO;AAAA,IACT,SAAS,GAAG;AACV,aAAO;AAAA,IACT;AAAA,EACF;AACF;","names":[]}
package/lib/cjs/user-management/session.d.cts CHANGED
@@ -1,6 +1,6 @@
1
1
  import './interfaces/authenticate-with-session-cookie.interface.cjs';
2
2
  import './interfaces/refresh-and-seal-session-data.interface.cjs';
3
- export { C as CookieSession } from '../workos-Da6gE2T5.cjs';
3
+ export { C as CookieSession } from '../workos-Bt8QqzZV.cjs';
4
4
  import './interfaces/authentication-response.interface.cjs';
5
5
  import './interfaces/impersonator.interface.cjs';
6
6
  import './interfaces/oauth-tokens.interface.cjs';
@@ -65,6 +65,7 @@ import '../audit-logs/interfaces/audit-log-export.interface.cjs';
65
65
  import '../audit-logs/interfaces/create-audit-log-event-options.interface.cjs';
66
66
  import '../audit-logs/interfaces/create-audit-log-schema-options.interface.cjs';
67
67
  import 'jose';
68
+ import '../user-management-B38wNrIN.cjs';
68
69
  import './interfaces/authenticate-with-code-options.interface.cjs';
69
70
  import './interfaces/authenticate-with-options-base.interface.cjs';
70
71
  import './interfaces/authenticate-with-code-and-verifier-options.interface.cjs';
package/lib/cjs/user-management/user-management.cjs CHANGED
@@ -34,7 +34,7 @@ __export(user_management_exports, {
34
34
  module.exports = __toCommonJS(user_management_exports);
35
35
  var import_iron_session = require("iron-session");
36
36
  var import_jose = require("jose");
37
- var import_qs = __toESM(require("qs"), 1);
37
+ var clientUserManagement = __toESM(require('../client/user-management.cjs'), 1);
38
38
  var import_fetch_and_deserialize = require('../common/utils/fetch-and-deserialize.cjs');
39
39
  var import_pagination = require('../common/utils/pagination.cjs');
40
40
  var import_env = require('../common/utils/env.cjs');
@@ -55,15 +55,6 @@ var import_organization_membership2 = require('./serializers/organization-member
55
55
  var import_send_invitation_options2 = require('./serializers/send-invitation-options.serializer.cjs');
56
56
  var import_update_organization_membership_options2 = require('./serializers/update-organization-membership-options.serializer.cjs');
57
57
  var import_session = require('./session.cjs');
58
- const toQueryString = /* @__PURE__ */ __name((options) => {
59
- return import_qs.default.stringify(options, {
60
- arrayFormat: "repeat",
61
- // sorts the keys alphabetically to maintain backwards compatibility
62
- sort: /* @__PURE__ */ __name((a, b) => a.localeCompare(b), "sort"),
63
- // encodes space as + instead of %20 to maintain backwards compatibility
64
- format: "RFC1738"
65
- });
66
- }, "toQueryString");
67
58
  class UserManagement {
68
59
  constructor(workos) {
69
60
  this.workos = workos;
@@ -272,6 +263,7 @@ class UserManagement {
272
263
  sid: sessionId,
273
264
  org_id: organizationId,
274
265
  role,
266
+ roles,
275
267
  permissions,
276
268
  entitlements,
277
269
  feature_flags: featureFlags
@@ -281,6 +273,7 @@ class UserManagement {
281
273
  sessionId,
282
274
  organizationId,
283
275
  role,
276
+ roles,
284
277
  user: session.user,
285
278
  permissions,
286
279
  entitlements,
@@ -593,81 +586,20 @@ class UserManagement {
593
586
  (0, import_revoke_session_options.serializeRevokeSessionOptions)(payload)
594
587
  );
595
588
  }
596
- getAuthorizationUrl({
597
- connectionId,
598
- codeChallenge,
599
- codeChallengeMethod,
600
- context,
601
- clientId,
602
- domainHint,
603
- loginHint,
604
- organizationId,
605
- provider,
606
- providerQueryParams,
607
- providerScopes,
608
- prompt,
609
- redirectUri,
610
- state,
611
- screenHint
612
- }) {
613
- if (!provider && !connectionId && !organizationId) {
614
- throw new TypeError(
615
- `Incomplete arguments. Need to specify either a 'connectionId', 'organizationId', or 'provider'.`
616
- );
617
- }
618
- if (provider !== "authkit" && screenHint) {
619
- throw new TypeError(
620
- `'screenHint' is only supported for 'authkit' provider`
621
- );
622
- }
623
- if (context) {
624
- this.workos.emitWarning(
625
- `\`context\` is deprecated. We previously required initiate login endpoints to return the
626
- \`context\` query parameter when getting the authorization URL. This is no longer necessary.`
627
- );
628
- }
629
- const query = toQueryString({
630
- connection_id: connectionId,
631
- code_challenge: codeChallenge,
632
- code_challenge_method: codeChallengeMethod,
633
- context,
634
- organization_id: organizationId,
635
- domain_hint: domainHint,
636
- login_hint: loginHint,
637
- provider,
638
- provider_query_params: providerQueryParams,
639
- provider_scopes: providerScopes,
640
- prompt,
641
- client_id: clientId,
642
- redirect_uri: redirectUri,
643
- response_type: "code",
644
- state,
645
- screen_hint: screenHint
589
+ getAuthorizationUrl(options) {
590
+ return clientUserManagement.getAuthorizationUrl({
591
+ ...options,
592
+ baseURL: this.workos.baseURL
646
593
  });
647
- return `${this.workos.baseURL}/user_management/authorize?${query}`;
648
594
  }
649
- getLogoutUrl({
650
- sessionId,
651
- returnTo
652
- }) {
653
- if (!sessionId) {
654
- throw new TypeError(`Incomplete arguments. Need to specify 'sessionId'.`);
655
- }
656
- const url = new URL(
657
- "/user_management/sessions/logout",
658
- this.workos.baseURL
659
- );
660
- url.searchParams.set("session_id", sessionId);
661
- if (returnTo) {
662
- url.searchParams.set("return_to", returnTo);
663
- }
664
- return url.toString();
595
+ getLogoutUrl(options) {
596
+ return clientUserManagement.getLogoutUrl({
597
+ ...options,
598
+ baseURL: this.workos.baseURL
599
+ });
665
600
  }
666
601
  getJwksUrl(clientId) {
667
- if (!clientId) {
668
- throw TypeError("clientId must be a valid clientId");
669
- }
670
- return `${this.workos.baseURL}/sso/jwks/${clientId}`;
602
+ return clientUserManagement.getJwksUrl(clientId, this.workos.baseURL);
671
603
  }
672
604
  }
673
605
  // Annotate the CommonJS export names for ESM import in node:
package/lib/cjs/user-management/user-management.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/user-management/user-management.ts"],"sourcesContent":["import { sealData, unsealData } from 'iron-session';\nimport { createRemoteJWKSet, decodeJwt, jwtVerify } from 'jose';\nimport qs from 'qs';\nimport { PaginationOptions } from '../common/interfaces/pagination-options.interface';\nimport { fetchAndDeserialize } from '../common/utils/fetch-and-deserialize';\nimport { AutoPaginatable } from '../common/utils/pagination';\nimport { getEnv } from '../common/utils/env';\nimport { Challenge, ChallengeResponse } from '../mfa/interfaces';\nimport { deserializeChallenge } from '../mfa/serializers';\nimport { WorkOS } from '../workos';\nimport {\n AuthenticateWithCodeAndVerifierOptions,\n AuthenticateWithCodeOptions,\n AuthenticateWithMagicAuthOptions,\n AuthenticateWithPasswordOptions,\n AuthenticateWithRefreshTokenOptions,\n AuthenticateWithSessionOptions,\n AuthenticateWithTotpOptions,\n AuthenticationResponse,\n AuthenticationResponseResponse,\n CreateMagicAuthOptions,\n CreatePasswordResetOptions,\n CreateUserOptions,\n EmailVerification,\n EmailVerificationResponse,\n EnrollAuthFactorOptions,\n ListAuthFactorsOptions,\n ListSessionsOptions,\n ListUsersOptions,\n MagicAuth,\n MagicAuthResponse,\n PasswordReset,\n PasswordResetResponse,\n ResetPasswordOptions,\n SendVerificationEmailOptions,\n SerializedAuthenticateWithCodeAndVerifierOptions,\n SerializedAuthenticateWithCodeOptions,\n SerializedAuthenticateWithMagicAuthOptions,\n SerializedAuthenticateWithPasswordOptions,\n SerializedAuthenticateWithRefreshTokenOptions,\n SerializedAuthenticateWithTotpOptions,\n SerializedCreateMagicAuthOptions,\n SerializedCreatePasswordResetOptions,\n SerializedCreateUserOptions,\n SerializedListSessionsOptions,\n SerializedListUsersOptions,\n SerializedResetPasswordOptions,\n SerializedVerifyEmailOptions,\n Session,\n SessionResponse,\n UpdateUserOptions,\n User,\n UserResponse,\n VerifyEmailOptions,\n} from './interfaces';\nimport {\n AuthenticateWithEmailVerificationOptions,\n SerializedAuthenticateWithEmailVerificationOptions,\n} from './interfaces/authenticate-with-email-verification-options.interface';\nimport {\n AuthenticateWithOrganizationSelectionOptions,\n SerializedAuthenticateWithOrganizationSelectionOptions,\n} from './interfaces/authenticate-with-organization-selection.interface';\nimport {\n AccessToken,\n AuthenticateWithSessionCookieFailedResponse,\n AuthenticateWithSessionCookieFailureReason,\n AuthenticateWithSessionCookieOptions,\n AuthenticateWithSessionCookieSuccessResponse,\n SessionCookieData,\n} from './interfaces/authenticate-with-session-cookie.interface';\nimport { UserManagementAuthorizationURLOptions } from './interfaces/authorization-url-options.interface';\nimport {\n CreateOrganizationMembershipOptions,\n SerializedCreateOrganizationMembershipOptions,\n} from './interfaces/create-organization-membership-options.interface';\nimport {\n Factor,\n FactorResponse,\n FactorWithSecrets,\n FactorWithSecretsResponse,\n} from './interfaces/factor.interface';\nimport { Identity, IdentityResponse } from './interfaces/identity.interface';\nimport {\n Invitation,\n InvitationResponse,\n} from './interfaces/invitation.interface';\nimport {\n ListInvitationsOptions,\n SerializedListInvitationsOptions,\n} from './interfaces/list-invitations-options.interface';\nimport {\n ListOrganizationMembershipsOptions,\n SerializedListOrganizationMembershipsOptions,\n} from './interfaces/list-organization-memberships-options.interface';\nimport {\n OrganizationMembership,\n OrganizationMembershipResponse,\n} from './interfaces/organization-membership.interface';\nimport {\n RevokeSessionOptions,\n SerializedRevokeSessionOptions,\n serializeRevokeSessionOptions,\n} from './interfaces/revoke-session-options.interface';\nimport {\n SendInvitationOptions,\n SerializedSendInvitationOptions,\n} from './interfaces/send-invitation-options.interface';\nimport { SessionHandlerOptions } from './interfaces/session-handler-options.interface';\nimport {\n SerializedUpdateOrganizationMembershipOptions,\n UpdateOrganizationMembershipOptions,\n} from './interfaces/update-organization-membership-options.interface';\nimport {\n deserializeAuthenticationResponse,\n deserializeEmailVerification,\n deserializeFactorWithSecrets,\n deserializeMagicAuth,\n deserializePasswordReset,\n deserializeSession,\n deserializeUser,\n serializeAuthenticateWithCodeAndVerifierOptions,\n serializeAuthenticateWithCodeOptions,\n serializeAuthenticateWithMagicAuthOptions,\n serializeAuthenticateWithPasswordOptions,\n serializeAuthenticateWithRefreshTokenOptions,\n serializeAuthenticateWithTotpOptions,\n serializeCreateMagicAuthOptions,\n serializeCreatePasswordResetOptions,\n serializeCreateUserOptions,\n serializeEnrollAuthFactorOptions,\n serializeListSessionsOptions,\n serializeResetPasswordOptions,\n serializeUpdateUserOptions,\n} from './serializers';\nimport { serializeAuthenticateWithEmailVerificationOptions } from './serializers/authenticate-with-email-verification.serializer';\nimport { serializeAuthenticateWithOrganizationSelectionOptions } from './serializers/authenticate-with-organization-selection-options.serializer';\nimport { serializeCreateOrganizationMembershipOptions } from './serializers/create-organization-membership-options.serializer';\nimport { deserializeFactor } from './serializers/factor.serializer';\nimport { deserializeIdentities } from './serializers/identity.serializer';\nimport { deserializeInvitation } from './serializers/invitation.serializer';\nimport { serializeListInvitationsOptions } from './serializers/list-invitations-options.serializer';\nimport { serializeListOrganizationMembershipsOptions } from './serializers/list-organization-memberships-options.serializer';\nimport { serializeListUsersOptions } from './serializers/list-users-options.serializer';\nimport { deserializeOrganizationMembership } from './serializers/organization-membership.serializer';\nimport { serializeSendInvitationOptions } from './serializers/send-invitation-options.serializer';\nimport { serializeUpdateOrganizationMembershipOptions } from './serializers/update-organization-membership-options.serializer';\nimport { CookieSession } from './session';\n\nconst toQueryString = (\n options: Record<\n string,\n string | string[] | Record<string, string | boolean | number> | undefined\n >,\n): string => {\n return qs.stringify(options, {\n arrayFormat: 'repeat',\n // sorts the keys alphabetically to maintain backwards compatibility\n sort: (a, b) => a.localeCompare(b),\n // encodes space as + instead of %20 to maintain backwards compatibility\n format: 'RFC1738',\n });\n};\n\nexport class UserManagement {\n private _jwks: ReturnType<typeof createRemoteJWKSet> | undefined;\n public clientId: string | undefined;\n\n constructor(private readonly workos: WorkOS) {\n const { clientId } = workos.options;\n\n this.clientId = clientId;\n }\n\n get jwks(): ReturnType<typeof createRemoteJWKSet> | undefined {\n if (!this.clientId) {\n return;\n }\n\n // Set the JWKS URL. This is used to verify if the JWT is still valid\n this._jwks ??= createRemoteJWKSet(new URL(this.getJwksUrl(this.clientId)), {\n cooldownDuration: 1000 * 60 * 5,\n });\n\n return this._jwks;\n }\n\n /**\n * Loads a sealed session using the provided session data and cookie password.\n *\n * @param options - The options for loading the sealed session.\n * @param options.sessionData - The sealed session data.\n * @param options.cookiePassword - The password used to encrypt the session data.\n * @returns The session class.\n */\n loadSealedSession(options: {\n sessionData: string;\n cookiePassword: string;\n }): CookieSession {\n return new CookieSession(this, options.sessionData, options.cookiePassword);\n }\n\n async getUser(userId: string): Promise<User> {\n const { data } = await this.workos.get<UserResponse>(\n `/user_management/users/${userId}`,\n );\n\n return deserializeUser(data);\n }\n\n async getUserByExternalId(externalId: string): Promise<User> {\n const { data } = await this.workos.get<UserResponse>(\n `/user_management/users/external_id/${externalId}`,\n );\n\n return deserializeUser(data);\n }\n\n async listUsers(\n options?: ListUsersOptions,\n ): Promise<AutoPaginatable<User, SerializedListUsersOptions>> {\n return new AutoPaginatable(\n await fetchAndDeserialize<UserResponse, User>(\n this.workos,\n '/user_management/users',\n deserializeUser,\n options ? serializeListUsersOptions(options) : undefined,\n ),\n (params) =>\n fetchAndDeserialize<UserResponse, User>(\n this.workos,\n '/user_management/users',\n deserializeUser,\n params,\n ),\n options ? serializeListUsersOptions(options) : undefined,\n );\n }\n\n async createUser(payload: CreateUserOptions): Promise<User> {\n const { data } = await this.workos.post<\n UserResponse,\n SerializedCreateUserOptions\n >('/user_management/users', serializeCreateUserOptions(payload));\n\n return deserializeUser(data);\n }\n\n async authenticateWithMagicAuth(\n payload: AuthenticateWithMagicAuthOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithMagicAuthOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithMagicAuthOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithPassword(\n payload: AuthenticateWithPasswordOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithPasswordOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithPasswordOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithCode(\n payload: AuthenticateWithCodeOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithCodeOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithCodeOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithCodeAndVerifier(\n payload: AuthenticateWithCodeAndVerifierOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithCodeAndVerifierOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithCodeAndVerifierOptions(remainingPayload),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithRefreshToken(\n payload: AuthenticateWithRefreshTokenOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithRefreshTokenOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithRefreshTokenOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithTotp(\n payload: AuthenticateWithTotpOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithTotpOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithTotpOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithEmailVerification(\n payload: AuthenticateWithEmailVerificationOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithEmailVerificationOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithEmailVerificationOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithOrganizationSelection(\n payload: AuthenticateWithOrganizationSelectionOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithOrganizationSelectionOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithOrganizationSelectionOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithSessionCookie({\n sessionData,\n cookiePassword = getEnv('WORKOS_COOKIE_PASSWORD'),\n }: AuthenticateWithSessionCookieOptions): Promise<\n | AuthenticateWithSessionCookieSuccessResponse\n | AuthenticateWithSessionCookieFailedResponse\n > {\n if (!cookiePassword) {\n throw new Error('Cookie password is required');\n }\n\n if (!this.jwks) {\n throw new Error('Must provide clientId to initialize JWKS');\n }\n\n if (!sessionData) {\n return {\n authenticated: false,\n reason:\n AuthenticateWithSessionCookieFailureReason.NO_SESSION_COOKIE_PROVIDED,\n };\n }\n\n const session = await unsealData<SessionCookieData>(sessionData, {\n password: cookiePassword,\n });\n\n if (!session.accessToken) {\n return {\n authenticated: false,\n reason:\n AuthenticateWithSessionCookieFailureReason.INVALID_SESSION_COOKIE,\n };\n }\n\n if (!(await this.isValidJwt(session.accessToken))) {\n return {\n authenticated: false,\n reason: AuthenticateWithSessionCookieFailureReason.INVALID_JWT,\n };\n }\n\n const {\n sid: sessionId,\n org_id: organizationId,\n role,\n permissions,\n entitlements,\n feature_flags: featureFlags,\n } = decodeJwt<AccessToken>(session.accessToken);\n\n return {\n authenticated: true,\n sessionId,\n organizationId,\n role,\n user: session.user,\n permissions,\n entitlements,\n featureFlags,\n accessToken: session.accessToken,\n };\n }\n\n private async isValidJwt(accessToken: string): Promise<boolean> {\n if (!this.jwks) {\n throw new Error('Must provide clientId to initialize JWKS');\n }\n\n try {\n await jwtVerify(accessToken, this.jwks);\n return true;\n } catch (e) {\n return false;\n }\n }\n\n private async prepareAuthenticationResponse({\n authenticationResponse,\n session,\n }: {\n authenticationResponse: AuthenticationResponse;\n session?: AuthenticateWithSessionOptions;\n }): Promise<AuthenticationResponse> {\n if (session?.sealSession) {\n return {\n ...authenticationResponse,\n sealedSession: await this.sealSessionDataFromAuthenticationResponse({\n authenticationResponse,\n cookiePassword: session.cookiePassword,\n }),\n };\n }\n\n return authenticationResponse;\n }\n\n private async sealSessionDataFromAuthenticationResponse({\n authenticationResponse,\n cookiePassword,\n }: {\n authenticationResponse: AuthenticationResponse;\n cookiePassword?: string;\n }): Promise<string> {\n if (!cookiePassword) {\n throw new Error('Cookie password is required');\n }\n\n const { org_id: organizationIdFromAccessToken } = decodeJwt<AccessToken>(\n authenticationResponse.accessToken,\n );\n\n const sessionData: SessionCookieData = {\n organizationId: organizationIdFromAccessToken,\n user: authenticationResponse.user,\n accessToken: authenticationResponse.accessToken,\n refreshToken: authenticationResponse.refreshToken,\n impersonator: authenticationResponse.impersonator,\n };\n\n return sealData(sessionData, {\n password: cookiePassword,\n });\n }\n\n async getSessionFromCookie({\n sessionData,\n cookiePassword = getEnv('WORKOS_COOKIE_PASSWORD'),\n }: SessionHandlerOptions): Promise<SessionCookieData | undefined> {\n if (!cookiePassword) {\n throw new Error('Cookie password is required');\n }\n\n if (sessionData) {\n return unsealData<SessionCookieData>(sessionData, {\n password: cookiePassword,\n });\n }\n\n return undefined;\n }\n\n async getEmailVerification(\n emailVerificationId: string,\n ): Promise<EmailVerification> {\n const { data } = await this.workos.get<EmailVerificationResponse>(\n `/user_management/email_verification/${emailVerificationId}`,\n );\n\n return deserializeEmailVerification(data);\n }\n\n async sendVerificationEmail({\n userId,\n }: SendVerificationEmailOptions): Promise<{ user: User }> {\n const { data } = await this.workos.post<{ user: UserResponse }>(\n `/user_management/users/${userId}/email_verification/send`,\n {},\n );\n\n return { user: deserializeUser(data.user) };\n }\n\n async getMagicAuth(magicAuthId: string): Promise<MagicAuth> {\n const { data } = await this.workos.get<MagicAuthResponse>(\n `/user_management/magic_auth/${magicAuthId}`,\n );\n\n return deserializeMagicAuth(data);\n }\n\n async createMagicAuth(options: CreateMagicAuthOptions): Promise<MagicAuth> {\n const { data } = await this.workos.post<\n MagicAuthResponse,\n SerializedCreateMagicAuthOptions\n >(\n '/user_management/magic_auth',\n serializeCreateMagicAuthOptions({\n ...options,\n }),\n );\n\n return deserializeMagicAuth(data);\n }\n\n async verifyEmail({\n code,\n userId,\n }: VerifyEmailOptions): Promise<{ user: User }> {\n const { data } = await this.workos.post<\n { user: UserResponse },\n SerializedVerifyEmailOptions\n >(`/user_management/users/${userId}/email_verification/confirm`, {\n code,\n });\n\n return { user: deserializeUser(data.user) };\n }\n\n async getPasswordReset(passwordResetId: string): Promise<PasswordReset> {\n const { data } = await this.workos.get<PasswordResetResponse>(\n `/user_management/password_reset/${passwordResetId}`,\n );\n\n return deserializePasswordReset(data);\n }\n\n async createPasswordReset(\n options: CreatePasswordResetOptions,\n ): Promise<PasswordReset> {\n const { data } = await this.workos.post<\n PasswordResetResponse,\n SerializedCreatePasswordResetOptions\n >(\n '/user_management/password_reset',\n serializeCreatePasswordResetOptions({\n ...options,\n }),\n );\n\n return deserializePasswordReset(data);\n }\n\n async resetPassword(payload: ResetPasswordOptions): Promise<{ user: User }> {\n const { data } = await this.workos.post<\n { user: UserResponse },\n SerializedResetPasswordOptions\n >(\n '/user_management/password_reset/confirm',\n serializeResetPasswordOptions(payload),\n );\n\n return { user: deserializeUser(data.user) };\n }\n\n async updateUser(payload: UpdateUserOptions): Promise<User> {\n const { data } = await this.workos.put<UserResponse>(\n `/user_management/users/${payload.userId}`,\n serializeUpdateUserOptions(payload),\n );\n\n return deserializeUser(data);\n }\n\n async enrollAuthFactor(payload: EnrollAuthFactorOptions): Promise<{\n authenticationFactor: FactorWithSecrets;\n authenticationChallenge: Challenge;\n }> {\n const { data } = await this.workos.post<{\n authentication_factor: FactorWithSecretsResponse;\n authentication_challenge: ChallengeResponse;\n }>(\n `/user_management/users/${payload.userId}/auth_factors`,\n serializeEnrollAuthFactorOptions(payload),\n );\n\n return {\n authenticationFactor: deserializeFactorWithSecrets(\n data.authentication_factor,\n ),\n authenticationChallenge: deserializeChallenge(\n data.authentication_challenge,\n ),\n };\n }\n\n async listAuthFactors(\n options: ListAuthFactorsOptions,\n ): Promise<AutoPaginatable<Factor, PaginationOptions>> {\n const { userId, ...restOfOptions } = options;\n return new AutoPaginatable(\n await fetchAndDeserialize<FactorResponse, Factor>(\n this.workos,\n `/user_management/users/${userId}/auth_factors`,\n deserializeFactor,\n restOfOptions,\n ),\n (params) =>\n fetchAndDeserialize<FactorResponse, Factor>(\n this.workos,\n `/user_management/users/${userId}/auth_factors`,\n deserializeFactor,\n params,\n ),\n restOfOptions,\n );\n }\n\n async listSessions(\n userId: string,\n options?: ListSessionsOptions,\n ): Promise<AutoPaginatable<Session, SerializedListSessionsOptions>> {\n return new AutoPaginatable(\n await fetchAndDeserialize<SessionResponse, Session>(\n this.workos,\n `/user_management/users/${userId}/sessions`,\n deserializeSession,\n options ? serializeListSessionsOptions(options) : undefined,\n ),\n (params) =>\n fetchAndDeserialize<SessionResponse, Session>(\n this.workos,\n `/user_management/users/${userId}/sessions`,\n deserializeSession,\n params,\n ),\n options ? serializeListSessionsOptions(options) : undefined,\n );\n }\n\n async deleteUser(userId: string) {\n await this.workos.delete(`/user_management/users/${userId}`);\n }\n\n async getUserIdentities(userId: string): Promise<Identity[]> {\n if (!userId) {\n throw new TypeError(`Incomplete arguments. Need to specify 'userId'.`);\n }\n\n const { data } = await this.workos.get<IdentityResponse[]>(\n `/user_management/users/${userId}/identities`,\n );\n\n return deserializeIdentities(data);\n }\n\n async getOrganizationMembership(\n organizationMembershipId: string,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.get<OrganizationMembershipResponse>(\n `/user_management/organization_memberships/${organizationMembershipId}`,\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async listOrganizationMemberships(\n options: ListOrganizationMembershipsOptions,\n ): Promise<\n AutoPaginatable<\n OrganizationMembership,\n SerializedListOrganizationMembershipsOptions\n >\n > {\n const serializedOptions =\n serializeListOrganizationMembershipsOptions(options);\n\n return new AutoPaginatable(\n await fetchAndDeserialize<\n OrganizationMembershipResponse,\n OrganizationMembership\n >(\n this.workos,\n '/user_management/organization_memberships',\n deserializeOrganizationMembership,\n serializedOptions,\n ),\n (params) =>\n fetchAndDeserialize<\n OrganizationMembershipResponse,\n OrganizationMembership\n >(\n this.workos,\n '/user_management/organization_memberships',\n deserializeOrganizationMembership,\n params,\n ),\n serializedOptions,\n );\n }\n\n async createOrganizationMembership(\n options: CreateOrganizationMembershipOptions,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.post<\n OrganizationMembershipResponse,\n SerializedCreateOrganizationMembershipOptions\n >(\n '/user_management/organization_memberships',\n serializeCreateOrganizationMembershipOptions(options),\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async updateOrganizationMembership(\n organizationMembershipId: string,\n options: UpdateOrganizationMembershipOptions,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.put<\n OrganizationMembershipResponse,\n SerializedUpdateOrganizationMembershipOptions\n >(\n `/user_management/organization_memberships/${organizationMembershipId}`,\n serializeUpdateOrganizationMembershipOptions(options),\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async deleteOrganizationMembership(\n organizationMembershipId: string,\n ): Promise<void> {\n await this.workos.delete(\n `/user_management/organization_memberships/${organizationMembershipId}`,\n );\n }\n\n async deactivateOrganizationMembership(\n organizationMembershipId: string,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.put<OrganizationMembershipResponse>(\n `/user_management/organization_memberships/${organizationMembershipId}/deactivate`,\n {},\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async reactivateOrganizationMembership(\n organizationMembershipId: string,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.put<OrganizationMembershipResponse>(\n `/user_management/organization_memberships/${organizationMembershipId}/reactivate`,\n {},\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async getInvitation(invitationId: string): Promise<Invitation> {\n const { data } = await this.workos.get<InvitationResponse>(\n `/user_management/invitations/${invitationId}`,\n );\n\n return deserializeInvitation(data);\n }\n\n async findInvitationByToken(invitationToken: string): Promise<Invitation> {\n const { data } = await this.workos.get<InvitationResponse>(\n `/user_management/invitations/by_token/${invitationToken}`,\n );\n\n return deserializeInvitation(data);\n }\n\n async listInvitations(\n options: ListInvitationsOptions,\n ): Promise<AutoPaginatable<Invitation, SerializedListInvitationsOptions>> {\n return new AutoPaginatable(\n await fetchAndDeserialize<InvitationResponse, Invitation>(\n this.workos,\n '/user_management/invitations',\n deserializeInvitation,\n options ? serializeListInvitationsOptions(options) : undefined,\n ),\n (params) =>\n fetchAndDeserialize<InvitationResponse, Invitation>(\n this.workos,\n '/user_management/invitations',\n deserializeInvitation,\n params,\n ),\n options ? serializeListInvitationsOptions(options) : undefined,\n );\n }\n\n async sendInvitation(payload: SendInvitationOptions): Promise<Invitation> {\n const { data } = await this.workos.post<\n InvitationResponse,\n SerializedSendInvitationOptions\n >(\n '/user_management/invitations',\n serializeSendInvitationOptions({\n ...payload,\n }),\n );\n\n return deserializeInvitation(data);\n }\n\n async acceptInvitation(invitationId: string): Promise<Invitation> {\n const { data } = await this.workos.post<InvitationResponse, any>(\n `/user_management/invitations/${invitationId}/accept`,\n null,\n );\n\n return deserializeInvitation(data);\n }\n\n async revokeInvitation(invitationId: string): Promise<Invitation> {\n const { data } = await this.workos.post<InvitationResponse, any>(\n `/user_management/invitations/${invitationId}/revoke`,\n null,\n );\n\n return deserializeInvitation(data);\n }\n\n async revokeSession(payload: RevokeSessionOptions): Promise<void> {\n await this.workos.post<void, SerializedRevokeSessionOptions>(\n '/user_management/sessions/revoke',\n serializeRevokeSessionOptions(payload),\n );\n }\n\n getAuthorizationUrl({\n connectionId,\n codeChallenge,\n codeChallengeMethod,\n context,\n clientId,\n domainHint,\n loginHint,\n organizationId,\n provider,\n providerQueryParams,\n providerScopes,\n prompt,\n redirectUri,\n state,\n screenHint,\n }: UserManagementAuthorizationURLOptions): string {\n if (!provider && !connectionId && !organizationId) {\n throw new TypeError(\n `Incomplete arguments. Need to specify either a 'connectionId', 'organizationId', or 'provider'.`,\n );\n }\n\n if (provider !== 'authkit' && screenHint) {\n throw new TypeError(\n `'screenHint' is only supported for 'authkit' provider`,\n );\n }\n\n if (context) {\n this.workos.emitWarning(\n `\\`context\\` is deprecated. We previously required initiate login endpoints to return the\n\\`context\\` query parameter when getting the authorization URL. This is no longer necessary.`,\n );\n }\n\n const query = toQueryString({\n connection_id: connectionId,\n code_challenge: codeChallenge,\n code_challenge_method: codeChallengeMethod,\n context,\n organization_id: organizationId,\n domain_hint: domainHint,\n login_hint: loginHint,\n provider,\n provider_query_params: providerQueryParams,\n provider_scopes: providerScopes,\n prompt,\n client_id: clientId,\n redirect_uri: redirectUri,\n response_type: 'code',\n state,\n screen_hint: screenHint,\n });\n\n return `${this.workos.baseURL}/user_management/authorize?${query}`;\n }\n\n getLogoutUrl({\n sessionId,\n returnTo,\n }: {\n sessionId: string;\n returnTo?: string;\n }): string {\n if (!sessionId) {\n throw new TypeError(`Incomplete arguments. Need to specify 'sessionId'.`);\n }\n\n const url = new URL(\n '/user_management/sessions/logout',\n this.workos.baseURL,\n );\n\n url.searchParams.set('session_id', sessionId);\n if (returnTo) {\n url.searchParams.set('return_to', returnTo);\n }\n\n return url.toString();\n }\n\n getJwksUrl(clientId: string): string {\n if (!clientId) {\n throw TypeError('clientId must be a valid clientId');\n }\n\n return `${this.workos.baseURL}/sso/jwks/${clientId}`;\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,0BAAqC;AACrC,kBAAyD;AACzD,gBAAe;AAEf,mCAAoC;AACpC,wBAAgC;AAChC,iBAAuB;AAEvB,yBAAqC;AAuDrC,8CAOO;AA6BP,oCAIO;AAUP,IAAAA,sBAqBO;AACP,kDAAkE;AAClE,8DAAsE;AACtE,IAAAC,iDAA6D;AAC7D,IAAAC,iBAAkC;AAClC,IAAAC,mBAAsC;AACtC,IAAAC,qBAAsC;AACtC,IAAAC,mCAAgD;AAChD,IAAAC,gDAA4D;AAC5D,gCAA0C;AAC1C,IAAAC,kCAAkD;AAClD,IAAAC,kCAA+C;AAC/C,IAAAC,iDAA6D;AAC7D,qBAA8B;AAE9B,MAAM,gBAAgB,wBACpB,YAIW;AACX,SAAO,UAAAC,QAAG,UAAU,SAAS;AAAA,IAC3B,aAAa;AAAA;AAAA,IAEb,MAAM,wBAAC,GAAG,MAAM,EAAE,cAAc,CAAC,GAA3B;AAAA;AAAA,IAEN,QAAQ;AAAA,EACV,CAAC;AACH,GAbsB;AAef,MAAM,eAAe;AAAA,EAI1B,YAA6B,QAAgB;AAAhB;AAC3B,UAAM,EAAE,SAAS,IAAI,OAAO;AAE5B,SAAK,WAAW;AAAA,EAClB;AAAA,EA5KF,OAoK4B;AAAA;AAAA;AAAA,EAClB;AAAA,EACD;AAAA,EAQP,IAAI,OAA0D;AAC5D,QAAI,CAAC,KAAK,UAAU;AAClB;AAAA,IACF;AAGA,SAAK,cAAU,gCAAmB,IAAI,IAAI,KAAK,WAAW,KAAK,QAAQ,CAAC,GAAG;AAAA,MACzE,kBAAkB,MAAO,KAAK;AAAA,IAChC,CAAC;AAED,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,kBAAkB,SAGA;AAChB,WAAO,IAAI,6BAAc,MAAM,QAAQ,aAAa,QAAQ,cAAc;AAAA,EAC5E;AAAA,EAEA,MAAM,QAAQ,QAA+B;AAC3C,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,0BAA0B,MAAM;AAAA,IAClC;AAEA,eAAO,qCAAgB,IAAI;AAAA,EAC7B;AAAA,EAEA,MAAM,oBAAoB,YAAmC;AAC3D,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,sCAAsC,UAAU;AAAA,IAClD;AAEA,eAAO,qCAAgB,IAAI;AAAA,EAC7B;AAAA,EAEA,MAAM,UACJ,SAC4D;AAC5D,WAAO,IAAI;AAAA,MACT,UAAM;AAAA,QACJ,KAAK;AAAA,QACL;AAAA,QACA;AAAA,QACA,cAAU,qDAA0B,OAAO,IAAI;AAAA,MACjD;AAAA,MACA,CAAC,eACC;AAAA,QACE,KAAK;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,MACF,cAAU,qDAA0B,OAAO,IAAI;AAAA,IACjD;AAAA,EACF;AAAA,EAEA,MAAM,WAAW,SAA2C;AAC1D,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO,KAGjC,8BAA0B,gDAA2B,OAAO,CAAC;AAE/D,eAAO,qCAAgB,IAAI;AAAA,EAC7B;AAAA,EAEA,MAAM,0BACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,+DAA0C;AAAA,QACxC,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,yBACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,8DAAyC;AAAA,QACvC,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,qBACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,0DAAqC;AAAA,QACnC,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,gCACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,qEAAgD,gBAAgB;AAAA,IAClE;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,6BACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,kEAA6C;AAAA,QAC3C,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,qBACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,0DAAqC;AAAA,QACnC,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,kCACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,+FAAkD;AAAA,QAChD,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,sCACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,+GAAsD;AAAA,QACpD,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,8BAA8B;AAAA,IAClC;AAAA,IACA,qBAAiB,mBAAO,wBAAwB;AAAA,EAClD,GAGE;AACA,QAAI,CAAC,gBAAgB;AACnB,YAAM,IAAI,MAAM,6BAA6B;AAAA,IAC/C;AAEA,QAAI,CAAC,KAAK,MAAM;AACd,YAAM,IAAI,MAAM,0CAA0C;AAAA,IAC5D;AAEA,QAAI,CAAC,aAAa;AAChB,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QACE,mFAA2C;AAAA,MAC/C;AAAA,IACF;AAEA,UAAM,UAAU,UAAM,gCAA8B,aAAa;AAAA,MAC/D,UAAU;AAAA,IACZ,CAAC;AAED,QAAI,CAAC,QAAQ,aAAa;AACxB,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QACE,mFAA2C;AAAA,MAC/C;AAAA,IACF;AAEA,QAAI,CAAE,MAAM,KAAK,WAAW,QAAQ,WAAW,GAAI;AACjD,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QAAQ,mFAA2C;AAAA,MACrD;AAAA,IACF;AAEA,UAAM;AAAA,MACJ,KAAK;AAAA,MACL,QAAQ;AAAA,MACR;AAAA,MACA;AAAA,MACA;AAAA,MACA,eAAe;AAAA,IACjB,QAAI,uBAAuB,QAAQ,WAAW;AAE9C,WAAO;AAAA,MACL,eAAe;AAAA,MACf;AAAA,MACA;AAAA,MACA;AAAA,MACA,MAAM,QAAQ;AAAA,MACd;AAAA,MACA;AAAA,MACA;AAAA,MACA,aAAa,QAAQ;AAAA,IACvB;AAAA,EACF;AAAA,EAEA,MAAc,WAAW,aAAuC;AAC9D,QAAI,CAAC,KAAK,MAAM;AACd,YAAM,IAAI,MAAM,0CAA0C;AAAA,IAC5D;AAEA,QAAI;AACF,gBAAM,uBAAU,aAAa,KAAK,IAAI;AACtC,aAAO;AAAA,IACT,SAAS,GAAG;AACV,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAc,8BAA8B;AAAA,IAC1C;AAAA,IACA;AAAA,EACF,GAGoC;AAClC,QAAI,SAAS,aAAa;AACxB,aAAO;AAAA,QACL,GAAG;AAAA,QACH,eAAe,MAAM,KAAK,0CAA0C;AAAA,UAClE;AAAA,UACA,gBAAgB,QAAQ;AAAA,QAC1B,CAAC;AAAA,MACH;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,0CAA0C;AAAA,IACtD;AAAA,IACA;AAAA,EACF,GAGoB;AAClB,QAAI,CAAC,gBAAgB;AACnB,YAAM,IAAI,MAAM,6BAA6B;AAAA,IAC/C;AAEA,UAAM,EAAE,QAAQ,8BAA8B,QAAI;AAAA,MAChD,uBAAuB;AAAA,IACzB;AAEA,UAAM,cAAiC;AAAA,MACrC,gBAAgB;AAAA,MAChB,MAAM,uBAAuB;AAAA,MAC7B,aAAa,uBAAuB;AAAA,MACpC,cAAc,uBAAuB;AAAA,MACrC,cAAc,uBAAuB;AAAA,IACvC;AAEA,eAAO,8BAAS,aAAa;AAAA,MAC3B,UAAU;AAAA,IACZ,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,qBAAqB;AAAA,IACzB;AAAA,IACA,qBAAiB,mBAAO,wBAAwB;AAAA,EAClD,GAAkE;AAChE,QAAI,CAAC,gBAAgB;AACnB,YAAM,IAAI,MAAM,6BAA6B;AAAA,IAC/C;AAEA,QAAI,aAAa;AACf,iBAAO,gCAA8B,aAAa;AAAA,QAChD,UAAU;AAAA,MACZ,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,qBACJ,qBAC4B;AAC5B,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,uCAAuC,mBAAmB;AAAA,IAC5D;AAEA,eAAO,kDAA6B,IAAI;AAAA,EAC1C;AAAA,EAEA,MAAM,sBAAsB;AAAA,IAC1B;AAAA,EACF,GAA0D;AACxD,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,0BAA0B,MAAM;AAAA,MAChC,CAAC;AAAA,IACH;AAEA,WAAO,EAAE,UAAM,qCAAgB,KAAK,IAAI,EAAE;AAAA,EAC5C;AAAA,EAEA,MAAM,aAAa,aAAyC;AAC1D,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,+BAA+B,WAAW;AAAA,IAC5C;AAEA,eAAO,0CAAqB,IAAI;AAAA,EAClC;AAAA,EAEA,MAAM,gBAAgB,SAAqD;AACzE,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,qDAAgC;AAAA,QAC9B,GAAG;AAAA,MACL,CAAC;AAAA,IACH;AAEA,eAAO,0CAAqB,IAAI;AAAA,EAClC;AAAA,EAEA,MAAM,YAAY;AAAA,IAChB;AAAA,IACA;AAAA,EACF,GAAgD;AAC9C,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO,KAGjC,0BAA0B,MAAM,+BAA+B;AAAA,MAC/D;AAAA,IACF,CAAC;AAED,WAAO,EAAE,UAAM,qCAAgB,KAAK,IAAI,EAAE;AAAA,EAC5C;AAAA,EAEA,MAAM,iBAAiB,iBAAiD;AACtE,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,mCAAmC,eAAe;AAAA,IACpD;AAEA,eAAO,8CAAyB,IAAI;AAAA,EACtC;AAAA,EAEA,MAAM,oBACJ,SACwB;AACxB,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,yDAAoC;AAAA,QAClC,GAAG;AAAA,MACL,CAAC;AAAA,IACH;AAEA,eAAO,8CAAyB,IAAI;AAAA,EACtC;AAAA,EAEA,MAAM,cAAc,SAAwD;AAC1E,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,mDAA8B,OAAO;AAAA,IACvC;AAEA,WAAO,EAAE,UAAM,qCAAgB,KAAK,IAAI,EAAE;AAAA,EAC5C;AAAA,EAEA,MAAM,WAAW,SAA2C;AAC1D,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,0BAA0B,QAAQ,MAAM;AAAA,UACxC,gDAA2B,OAAO;AAAA,IACpC;AAEA,eAAO,qCAAgB,IAAI;AAAA,EAC7B;AAAA,EAEA,MAAM,iBAAiB,SAGpB;AACD,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC,0BAA0B,QAAQ,MAAM;AAAA,UACxC,sDAAiC,OAAO;AAAA,IAC1C;AAEA,WAAO;AAAA,MACL,0BAAsB;AAAA,QACpB,KAAK;AAAA,MACP;AAAA,MACA,6BAAyB;AAAA,QACvB,KAAK;AAAA,MACP;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,gBACJ,SACqD;AACrD,UAAM,EAAE,QAAQ,GAAG,cAAc,IAAI;AACrC,WAAO,IAAI;AAAA,MACT,UAAM;AAAA,QACJ,KAAK;AAAA,QACL,0BAA0B,MAAM;AAAA,QAChC;AAAA,QACA;AAAA,MACF;AAAA,MACA,CAAC,eACC;AAAA,QACE,KAAK;AAAA,QACL,0BAA0B,MAAM;AAAA,QAChC;AAAA,QACA;AAAA,MACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,aACJ,QACA,SACkE;AAClE,WAAO,IAAI;AAAA,MACT,UAAM;AAAA,QACJ,KAAK;AAAA,QACL,0BAA0B,MAAM;AAAA,QAChC;AAAA,QACA,cAAU,kDAA6B,OAAO,IAAI;AAAA,MACpD;AAAA,MACA,CAAC,eACC;AAAA,QACE,KAAK;AAAA,QACL,0BAA0B,MAAM;AAAA,QAChC;AAAA,QACA;AAAA,MACF;AAAA,MACF,cAAU,kDAA6B,OAAO,IAAI;AAAA,IACpD;AAAA,EACF;AAAA,EAEA,MAAM,WAAW,QAAgB;AAC/B,UAAM,KAAK,OAAO,OAAO,0BAA0B,MAAM,EAAE;AAAA,EAC7D;AAAA,EAEA,MAAM,kBAAkB,QAAqC;AAC3D,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI,UAAU,iDAAiD;AAAA,IACvE;AAEA,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,0BAA0B,MAAM;AAAA,IAClC;AAEA,eAAO,wCAAsB,IAAI;AAAA,EACnC;AAAA,EAEA,MAAM,0BACJ,0BACiC;AACjC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,6CAA6C,wBAAwB;AAAA,IACvE;AAEA,eAAO,mEAAkC,IAAI;AAAA,EAC/C;AAAA,EAEA,MAAM,4BACJ,SAMA;AACA,UAAM,wBACJ,2FAA4C,OAAO;AAErD,WAAO,IAAI;AAAA,MACT,UAAM;AAAA,QAIJ,KAAK;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,MACA,CAAC,eACC;AAAA,QAIE,KAAK;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,6BACJ,SACiC;AACjC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,6FAA6C,OAAO;AAAA,IACtD;AAEA,eAAO,mEAAkC,IAAI;AAAA,EAC/C;AAAA,EAEA,MAAM,6BACJ,0BACA,SACiC;AACjC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC,6CAA6C,wBAAwB;AAAA,UACrE,6FAA6C,OAAO;AAAA,IACtD;AAEA,eAAO,mEAAkC,IAAI;AAAA,EAC/C;AAAA,EAEA,MAAM,6BACJ,0BACe;AACf,UAAM,KAAK,OAAO;AAAA,MAChB,6CAA6C,wBAAwB;AAAA,IACvE;AAAA,EACF;AAAA,EAEA,MAAM,iCACJ,0BACiC;AACjC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,6CAA6C,wBAAwB;AAAA,MACrE,CAAC;AAAA,IACH;AAEA,eAAO,mEAAkC,IAAI;AAAA,EAC/C;AAAA,EAEA,MAAM,iCACJ,0BACiC;AACjC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,6CAA6C,wBAAwB;AAAA,MACrE,CAAC;AAAA,IACH;AAEA,eAAO,mEAAkC,IAAI;AAAA,EAC/C;AAAA,EAEA,MAAM,cAAc,cAA2C;AAC7D,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,gCAAgC,YAAY;AAAA,IAC9C;AAEA,eAAO,0CAAsB,IAAI;AAAA,EACnC;AAAA,EAEA,MAAM,sBAAsB,iBAA8C;AACxE,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,yCAAyC,eAAe;AAAA,IAC1D;AAEA,eAAO,0CAAsB,IAAI;AAAA,EACnC;AAAA,EAEA,MAAM,gBACJ,SACwE;AACxE,WAAO,IAAI;AAAA,MACT,UAAM;AAAA,QACJ,KAAK;AAAA,QACL;AAAA,QACA;AAAA,QACA,cAAU,kEAAgC,OAAO,IAAI;AAAA,MACvD;AAAA,MACA,CAAC,eACC;AAAA,QACE,KAAK;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,MACF,cAAU,kEAAgC,OAAO,IAAI;AAAA,IACvD;AAAA,EACF;AAAA,EAEA,MAAM,eAAe,SAAqD;AACxE,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,gEAA+B;AAAA,QAC7B,GAAG;AAAA,MACL,CAAC;AAAA,IACH;AAEA,eAAO,0CAAsB,IAAI;AAAA,EACnC;AAAA,EAEA,MAAM,iBAAiB,cAA2C;AAChE,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,gCAAgC,YAAY;AAAA,MAC5C;AAAA,IACF;AAEA,eAAO,0CAAsB,IAAI;AAAA,EACnC;AAAA,EAEA,MAAM,iBAAiB,cAA2C;AAChE,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,gCAAgC,YAAY;AAAA,MAC5C;AAAA,IACF;AAEA,eAAO,0CAAsB,IAAI;AAAA,EACnC;AAAA,EAEA,MAAM,cAAc,SAA8C;AAChE,UAAM,KAAK,OAAO;AAAA,MAChB;AAAA,UACA,6DAA8B,OAAO;AAAA,IACvC;AAAA,EACF;AAAA,EAEA,oBAAoB;AAAA,IAClB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAAkD;AAChD,QAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,gBAAgB;AACjD,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,QAAI,aAAa,aAAa,YAAY;AACxC,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,QAAI,SAAS;AACX,WAAK,OAAO;AAAA,QACV;AAAA;AAAA,MAEF;AAAA,IACF;AAEA,UAAM,QAAQ,cAAc;AAAA,MAC1B,eAAe;AAAA,MACf,gBAAgB;AAAA,MAChB,uBAAuB;AAAA,MACvB;AAAA,MACA,iBAAiB;AAAA,MACjB,aAAa;AAAA,MACb,YAAY;AAAA,MACZ;AAAA,MACA,uBAAuB;AAAA,MACvB,iBAAiB;AAAA,MACjB;AAAA,MACA,WAAW;AAAA,MACX,cAAc;AAAA,MACd,eAAe;AAAA,MACf;AAAA,MACA,aAAa;AAAA,IACf,CAAC;AAED,WAAO,GAAG,KAAK,OAAO,OAAO,8BAA8B,KAAK;AAAA,EAClE;AAAA,EAEA,aAAa;AAAA,IACX;AAAA,IACA;AAAA,EACF,GAGW;AACT,QAAI,CAAC,WAAW;AACd,YAAM,IAAI,UAAU,oDAAoD;AAAA,IAC1E;AAEA,UAAM,MAAM,IAAI;AAAA,MACd;AAAA,MACA,KAAK,OAAO;AAAA,IACd;AAEA,QAAI,aAAa,IAAI,cAAc,SAAS;AAC5C,QAAI,UAAU;AACZ,UAAI,aAAa,IAAI,aAAa,QAAQ;AAAA,IAC5C;AAEA,WAAO,IAAI,SAAS;AAAA,EACtB;AAAA,EAEA,WAAW,UAA0B;AACnC,QAAI,CAAC,UAAU;AACb,YAAM,UAAU,mCAAmC;AAAA,IACrD;AAEA,WAAO,GAAG,KAAK,OAAO,OAAO,aAAa,QAAQ;AAAA,EACpD;AACF;","names":["import_serializers","import_create_organization_membership_options","import_factor","import_identity","import_invitation","import_list_invitations_options","import_list_organization_memberships_options","import_organization_membership","import_send_invitation_options","import_update_organization_membership_options","qs"]}
1
+ {"version":3,"sources":["../../../src/user-management/user-management.ts"],"sourcesContent":["import { sealData, unsealData } from 'iron-session';\nimport { createRemoteJWKSet, decodeJwt, jwtVerify } from 'jose';\nimport * as clientUserManagement from '../client/user-management';\nimport { PaginationOptions } from '../common/interfaces/pagination-options.interface';\nimport { fetchAndDeserialize } from '../common/utils/fetch-and-deserialize';\nimport { AutoPaginatable } from '../common/utils/pagination';\nimport { getEnv } from '../common/utils/env';\nimport { Challenge, ChallengeResponse } from '../mfa/interfaces';\nimport { deserializeChallenge } from '../mfa/serializers';\nimport { WorkOS } from '../workos';\nimport {\n AuthenticateWithCodeAndVerifierOptions,\n AuthenticateWithCodeOptions,\n AuthenticateWithMagicAuthOptions,\n AuthenticateWithPasswordOptions,\n AuthenticateWithRefreshTokenOptions,\n AuthenticateWithSessionOptions,\n AuthenticateWithTotpOptions,\n AuthenticationResponse,\n AuthenticationResponseResponse,\n CreateMagicAuthOptions,\n CreatePasswordResetOptions,\n CreateUserOptions,\n EmailVerification,\n EmailVerificationResponse,\n EnrollAuthFactorOptions,\n ListAuthFactorsOptions,\n ListSessionsOptions,\n ListUsersOptions,\n MagicAuth,\n MagicAuthResponse,\n PasswordReset,\n PasswordResetResponse,\n ResetPasswordOptions,\n SendVerificationEmailOptions,\n SerializedAuthenticateWithCodeAndVerifierOptions,\n SerializedAuthenticateWithCodeOptions,\n SerializedAuthenticateWithMagicAuthOptions,\n SerializedAuthenticateWithPasswordOptions,\n SerializedAuthenticateWithRefreshTokenOptions,\n SerializedAuthenticateWithTotpOptions,\n SerializedCreateMagicAuthOptions,\n SerializedCreatePasswordResetOptions,\n SerializedCreateUserOptions,\n SerializedListSessionsOptions,\n SerializedListUsersOptions,\n SerializedResetPasswordOptions,\n SerializedVerifyEmailOptions,\n Session,\n SessionResponse,\n UpdateUserOptions,\n User,\n UserResponse,\n VerifyEmailOptions,\n} from './interfaces';\nimport {\n AuthenticateWithEmailVerificationOptions,\n SerializedAuthenticateWithEmailVerificationOptions,\n} from './interfaces/authenticate-with-email-verification-options.interface';\nimport {\n AuthenticateWithOrganizationSelectionOptions,\n SerializedAuthenticateWithOrganizationSelectionOptions,\n} from './interfaces/authenticate-with-organization-selection.interface';\nimport {\n AccessToken,\n AuthenticateWithSessionCookieFailedResponse,\n AuthenticateWithSessionCookieFailureReason,\n AuthenticateWithSessionCookieOptions,\n AuthenticateWithSessionCookieSuccessResponse,\n SessionCookieData,\n} from './interfaces/authenticate-with-session-cookie.interface';\nimport { UserManagementAuthorizationURLOptions } from './interfaces/authorization-url-options.interface';\nimport {\n CreateOrganizationMembershipOptions,\n SerializedCreateOrganizationMembershipOptions,\n} from './interfaces/create-organization-membership-options.interface';\nimport {\n Factor,\n FactorResponse,\n FactorWithSecrets,\n FactorWithSecretsResponse,\n} from './interfaces/factor.interface';\nimport { Identity, IdentityResponse } from './interfaces/identity.interface';\nimport {\n Invitation,\n InvitationResponse,\n} from './interfaces/invitation.interface';\nimport {\n ListInvitationsOptions,\n SerializedListInvitationsOptions,\n} from './interfaces/list-invitations-options.interface';\nimport {\n ListOrganizationMembershipsOptions,\n SerializedListOrganizationMembershipsOptions,\n} from './interfaces/list-organization-memberships-options.interface';\nimport {\n OrganizationMembership,\n OrganizationMembershipResponse,\n} from './interfaces/organization-membership.interface';\nimport {\n RevokeSessionOptions,\n SerializedRevokeSessionOptions,\n serializeRevokeSessionOptions,\n} from './interfaces/revoke-session-options.interface';\nimport {\n SendInvitationOptions,\n SerializedSendInvitationOptions,\n} from './interfaces/send-invitation-options.interface';\nimport { SessionHandlerOptions } from './interfaces/session-handler-options.interface';\nimport {\n SerializedUpdateOrganizationMembershipOptions,\n UpdateOrganizationMembershipOptions,\n} from './interfaces/update-organization-membership-options.interface';\nimport {\n deserializeAuthenticationResponse,\n deserializeEmailVerification,\n deserializeFactorWithSecrets,\n deserializeMagicAuth,\n deserializePasswordReset,\n deserializeSession,\n deserializeUser,\n serializeAuthenticateWithCodeAndVerifierOptions,\n serializeAuthenticateWithCodeOptions,\n serializeAuthenticateWithMagicAuthOptions,\n serializeAuthenticateWithPasswordOptions,\n serializeAuthenticateWithRefreshTokenOptions,\n serializeAuthenticateWithTotpOptions,\n serializeCreateMagicAuthOptions,\n serializeCreatePasswordResetOptions,\n serializeCreateUserOptions,\n serializeEnrollAuthFactorOptions,\n serializeListSessionsOptions,\n serializeResetPasswordOptions,\n serializeUpdateUserOptions,\n} from './serializers';\nimport { serializeAuthenticateWithEmailVerificationOptions } from './serializers/authenticate-with-email-verification.serializer';\nimport { serializeAuthenticateWithOrganizationSelectionOptions } from './serializers/authenticate-with-organization-selection-options.serializer';\nimport { serializeCreateOrganizationMembershipOptions } from './serializers/create-organization-membership-options.serializer';\nimport { deserializeFactor } from './serializers/factor.serializer';\nimport { deserializeIdentities } from './serializers/identity.serializer';\nimport { deserializeInvitation } from './serializers/invitation.serializer';\nimport { serializeListInvitationsOptions } from './serializers/list-invitations-options.serializer';\nimport { serializeListOrganizationMembershipsOptions } from './serializers/list-organization-memberships-options.serializer';\nimport { serializeListUsersOptions } from './serializers/list-users-options.serializer';\nimport { deserializeOrganizationMembership } from './serializers/organization-membership.serializer';\nimport { serializeSendInvitationOptions } from './serializers/send-invitation-options.serializer';\nimport { serializeUpdateOrganizationMembershipOptions } from './serializers/update-organization-membership-options.serializer';\nimport { CookieSession } from './session';\n\nexport class UserManagement {\n private _jwks: ReturnType<typeof createRemoteJWKSet> | undefined;\n public clientId: string | undefined;\n\n constructor(private readonly workos: WorkOS) {\n const { clientId } = workos.options;\n\n this.clientId = clientId;\n }\n\n get jwks(): ReturnType<typeof createRemoteJWKSet> | undefined {\n if (!this.clientId) {\n return;\n }\n\n // Set the JWKS URL. This is used to verify if the JWT is still valid\n this._jwks ??= createRemoteJWKSet(new URL(this.getJwksUrl(this.clientId)), {\n cooldownDuration: 1000 * 60 * 5,\n });\n\n return this._jwks;\n }\n\n /**\n * Loads a sealed session using the provided session data and cookie password.\n *\n * @param options - The options for loading the sealed session.\n * @param options.sessionData - The sealed session data.\n * @param options.cookiePassword - The password used to encrypt the session data.\n * @returns The session class.\n */\n loadSealedSession(options: {\n sessionData: string;\n cookiePassword: string;\n }): CookieSession {\n return new CookieSession(this, options.sessionData, options.cookiePassword);\n }\n\n async getUser(userId: string): Promise<User> {\n const { data } = await this.workos.get<UserResponse>(\n `/user_management/users/${userId}`,\n );\n\n return deserializeUser(data);\n }\n\n async getUserByExternalId(externalId: string): Promise<User> {\n const { data } = await this.workos.get<UserResponse>(\n `/user_management/users/external_id/${externalId}`,\n );\n\n return deserializeUser(data);\n }\n\n async listUsers(\n options?: ListUsersOptions,\n ): Promise<AutoPaginatable<User, SerializedListUsersOptions>> {\n return new AutoPaginatable(\n await fetchAndDeserialize<UserResponse, User>(\n this.workos,\n '/user_management/users',\n deserializeUser,\n options ? serializeListUsersOptions(options) : undefined,\n ),\n (params) =>\n fetchAndDeserialize<UserResponse, User>(\n this.workos,\n '/user_management/users',\n deserializeUser,\n params,\n ),\n options ? serializeListUsersOptions(options) : undefined,\n );\n }\n\n async createUser(payload: CreateUserOptions): Promise<User> {\n const { data } = await this.workos.post<\n UserResponse,\n SerializedCreateUserOptions\n >('/user_management/users', serializeCreateUserOptions(payload));\n\n return deserializeUser(data);\n }\n\n async authenticateWithMagicAuth(\n payload: AuthenticateWithMagicAuthOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithMagicAuthOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithMagicAuthOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithPassword(\n payload: AuthenticateWithPasswordOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithPasswordOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithPasswordOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithCode(\n payload: AuthenticateWithCodeOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithCodeOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithCodeOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithCodeAndVerifier(\n payload: AuthenticateWithCodeAndVerifierOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithCodeAndVerifierOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithCodeAndVerifierOptions(remainingPayload),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithRefreshToken(\n payload: AuthenticateWithRefreshTokenOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithRefreshTokenOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithRefreshTokenOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithTotp(\n payload: AuthenticateWithTotpOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithTotpOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithTotpOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithEmailVerification(\n payload: AuthenticateWithEmailVerificationOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithEmailVerificationOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithEmailVerificationOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithOrganizationSelection(\n payload: AuthenticateWithOrganizationSelectionOptions,\n ): Promise<AuthenticationResponse> {\n const { session, ...remainingPayload } = payload;\n\n const { data } = await this.workos.post<\n AuthenticationResponseResponse,\n SerializedAuthenticateWithOrganizationSelectionOptions\n >(\n '/user_management/authenticate',\n serializeAuthenticateWithOrganizationSelectionOptions({\n ...remainingPayload,\n clientSecret: this.workos.key,\n }),\n );\n\n return this.prepareAuthenticationResponse({\n authenticationResponse: deserializeAuthenticationResponse(data),\n session,\n });\n }\n\n async authenticateWithSessionCookie({\n sessionData,\n cookiePassword = getEnv('WORKOS_COOKIE_PASSWORD'),\n }: AuthenticateWithSessionCookieOptions): Promise<\n | AuthenticateWithSessionCookieSuccessResponse\n | AuthenticateWithSessionCookieFailedResponse\n > {\n if (!cookiePassword) {\n throw new Error('Cookie password is required');\n }\n\n if (!this.jwks) {\n throw new Error('Must provide clientId to initialize JWKS');\n }\n\n if (!sessionData) {\n return {\n authenticated: false,\n reason:\n AuthenticateWithSessionCookieFailureReason.NO_SESSION_COOKIE_PROVIDED,\n };\n }\n\n const session = await unsealData<SessionCookieData>(sessionData, {\n password: cookiePassword,\n });\n\n if (!session.accessToken) {\n return {\n authenticated: false,\n reason:\n AuthenticateWithSessionCookieFailureReason.INVALID_SESSION_COOKIE,\n };\n }\n\n if (!(await this.isValidJwt(session.accessToken))) {\n return {\n authenticated: false,\n reason: AuthenticateWithSessionCookieFailureReason.INVALID_JWT,\n };\n }\n\n const {\n sid: sessionId,\n org_id: organizationId,\n role,\n roles,\n permissions,\n entitlements,\n feature_flags: featureFlags,\n } = decodeJwt<AccessToken>(session.accessToken);\n\n return {\n authenticated: true,\n sessionId,\n organizationId,\n role,\n roles,\n user: session.user,\n permissions,\n entitlements,\n featureFlags,\n accessToken: session.accessToken,\n };\n }\n\n private async isValidJwt(accessToken: string): Promise<boolean> {\n if (!this.jwks) {\n throw new Error('Must provide clientId to initialize JWKS');\n }\n\n try {\n await jwtVerify(accessToken, this.jwks);\n return true;\n } catch (e) {\n return false;\n }\n }\n\n private async prepareAuthenticationResponse({\n authenticationResponse,\n session,\n }: {\n authenticationResponse: AuthenticationResponse;\n session?: AuthenticateWithSessionOptions;\n }): Promise<AuthenticationResponse> {\n if (session?.sealSession) {\n return {\n ...authenticationResponse,\n sealedSession: await this.sealSessionDataFromAuthenticationResponse({\n authenticationResponse,\n cookiePassword: session.cookiePassword,\n }),\n };\n }\n\n return authenticationResponse;\n }\n\n private async sealSessionDataFromAuthenticationResponse({\n authenticationResponse,\n cookiePassword,\n }: {\n authenticationResponse: AuthenticationResponse;\n cookiePassword?: string;\n }): Promise<string> {\n if (!cookiePassword) {\n throw new Error('Cookie password is required');\n }\n\n const { org_id: organizationIdFromAccessToken } = decodeJwt<AccessToken>(\n authenticationResponse.accessToken,\n );\n\n const sessionData: SessionCookieData = {\n organizationId: organizationIdFromAccessToken,\n user: authenticationResponse.user,\n accessToken: authenticationResponse.accessToken,\n refreshToken: authenticationResponse.refreshToken,\n impersonator: authenticationResponse.impersonator,\n };\n\n return sealData(sessionData, {\n password: cookiePassword,\n });\n }\n\n async getSessionFromCookie({\n sessionData,\n cookiePassword = getEnv('WORKOS_COOKIE_PASSWORD'),\n }: SessionHandlerOptions): Promise<SessionCookieData | undefined> {\n if (!cookiePassword) {\n throw new Error('Cookie password is required');\n }\n\n if (sessionData) {\n return unsealData<SessionCookieData>(sessionData, {\n password: cookiePassword,\n });\n }\n\n return undefined;\n }\n\n async getEmailVerification(\n emailVerificationId: string,\n ): Promise<EmailVerification> {\n const { data } = await this.workos.get<EmailVerificationResponse>(\n `/user_management/email_verification/${emailVerificationId}`,\n );\n\n return deserializeEmailVerification(data);\n }\n\n async sendVerificationEmail({\n userId,\n }: SendVerificationEmailOptions): Promise<{ user: User }> {\n const { data } = await this.workos.post<{ user: UserResponse }>(\n `/user_management/users/${userId}/email_verification/send`,\n {},\n );\n\n return { user: deserializeUser(data.user) };\n }\n\n async getMagicAuth(magicAuthId: string): Promise<MagicAuth> {\n const { data } = await this.workos.get<MagicAuthResponse>(\n `/user_management/magic_auth/${magicAuthId}`,\n );\n\n return deserializeMagicAuth(data);\n }\n\n async createMagicAuth(options: CreateMagicAuthOptions): Promise<MagicAuth> {\n const { data } = await this.workos.post<\n MagicAuthResponse,\n SerializedCreateMagicAuthOptions\n >(\n '/user_management/magic_auth',\n serializeCreateMagicAuthOptions({\n ...options,\n }),\n );\n\n return deserializeMagicAuth(data);\n }\n\n async verifyEmail({\n code,\n userId,\n }: VerifyEmailOptions): Promise<{ user: User }> {\n const { data } = await this.workos.post<\n { user: UserResponse },\n SerializedVerifyEmailOptions\n >(`/user_management/users/${userId}/email_verification/confirm`, {\n code,\n });\n\n return { user: deserializeUser(data.user) };\n }\n\n async getPasswordReset(passwordResetId: string): Promise<PasswordReset> {\n const { data } = await this.workos.get<PasswordResetResponse>(\n `/user_management/password_reset/${passwordResetId}`,\n );\n\n return deserializePasswordReset(data);\n }\n\n async createPasswordReset(\n options: CreatePasswordResetOptions,\n ): Promise<PasswordReset> {\n const { data } = await this.workos.post<\n PasswordResetResponse,\n SerializedCreatePasswordResetOptions\n >(\n '/user_management/password_reset',\n serializeCreatePasswordResetOptions({\n ...options,\n }),\n );\n\n return deserializePasswordReset(data);\n }\n\n async resetPassword(payload: ResetPasswordOptions): Promise<{ user: User }> {\n const { data } = await this.workos.post<\n { user: UserResponse },\n SerializedResetPasswordOptions\n >(\n '/user_management/password_reset/confirm',\n serializeResetPasswordOptions(payload),\n );\n\n return { user: deserializeUser(data.user) };\n }\n\n async updateUser(payload: UpdateUserOptions): Promise<User> {\n const { data } = await this.workos.put<UserResponse>(\n `/user_management/users/${payload.userId}`,\n serializeUpdateUserOptions(payload),\n );\n\n return deserializeUser(data);\n }\n\n async enrollAuthFactor(payload: EnrollAuthFactorOptions): Promise<{\n authenticationFactor: FactorWithSecrets;\n authenticationChallenge: Challenge;\n }> {\n const { data } = await this.workos.post<{\n authentication_factor: FactorWithSecretsResponse;\n authentication_challenge: ChallengeResponse;\n }>(\n `/user_management/users/${payload.userId}/auth_factors`,\n serializeEnrollAuthFactorOptions(payload),\n );\n\n return {\n authenticationFactor: deserializeFactorWithSecrets(\n data.authentication_factor,\n ),\n authenticationChallenge: deserializeChallenge(\n data.authentication_challenge,\n ),\n };\n }\n\n async listAuthFactors(\n options: ListAuthFactorsOptions,\n ): Promise<AutoPaginatable<Factor, PaginationOptions>> {\n const { userId, ...restOfOptions } = options;\n return new AutoPaginatable(\n await fetchAndDeserialize<FactorResponse, Factor>(\n this.workos,\n `/user_management/users/${userId}/auth_factors`,\n deserializeFactor,\n restOfOptions,\n ),\n (params) =>\n fetchAndDeserialize<FactorResponse, Factor>(\n this.workos,\n `/user_management/users/${userId}/auth_factors`,\n deserializeFactor,\n params,\n ),\n restOfOptions,\n );\n }\n\n async listSessions(\n userId: string,\n options?: ListSessionsOptions,\n ): Promise<AutoPaginatable<Session, SerializedListSessionsOptions>> {\n return new AutoPaginatable(\n await fetchAndDeserialize<SessionResponse, Session>(\n this.workos,\n `/user_management/users/${userId}/sessions`,\n deserializeSession,\n options ? serializeListSessionsOptions(options) : undefined,\n ),\n (params) =>\n fetchAndDeserialize<SessionResponse, Session>(\n this.workos,\n `/user_management/users/${userId}/sessions`,\n deserializeSession,\n params,\n ),\n options ? serializeListSessionsOptions(options) : undefined,\n );\n }\n\n async deleteUser(userId: string) {\n await this.workos.delete(`/user_management/users/${userId}`);\n }\n\n async getUserIdentities(userId: string): Promise<Identity[]> {\n if (!userId) {\n throw new TypeError(`Incomplete arguments. Need to specify 'userId'.`);\n }\n\n const { data } = await this.workos.get<IdentityResponse[]>(\n `/user_management/users/${userId}/identities`,\n );\n\n return deserializeIdentities(data);\n }\n\n async getOrganizationMembership(\n organizationMembershipId: string,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.get<OrganizationMembershipResponse>(\n `/user_management/organization_memberships/${organizationMembershipId}`,\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async listOrganizationMemberships(\n options: ListOrganizationMembershipsOptions,\n ): Promise<\n AutoPaginatable<\n OrganizationMembership,\n SerializedListOrganizationMembershipsOptions\n >\n > {\n const serializedOptions =\n serializeListOrganizationMembershipsOptions(options);\n\n return new AutoPaginatable(\n await fetchAndDeserialize<\n OrganizationMembershipResponse,\n OrganizationMembership\n >(\n this.workos,\n '/user_management/organization_memberships',\n deserializeOrganizationMembership,\n serializedOptions,\n ),\n (params) =>\n fetchAndDeserialize<\n OrganizationMembershipResponse,\n OrganizationMembership\n >(\n this.workos,\n '/user_management/organization_memberships',\n deserializeOrganizationMembership,\n params,\n ),\n serializedOptions,\n );\n }\n\n async createOrganizationMembership(\n options: CreateOrganizationMembershipOptions,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.post<\n OrganizationMembershipResponse,\n SerializedCreateOrganizationMembershipOptions\n >(\n '/user_management/organization_memberships',\n serializeCreateOrganizationMembershipOptions(options),\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async updateOrganizationMembership(\n organizationMembershipId: string,\n options: UpdateOrganizationMembershipOptions,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.put<\n OrganizationMembershipResponse,\n SerializedUpdateOrganizationMembershipOptions\n >(\n `/user_management/organization_memberships/${organizationMembershipId}`,\n serializeUpdateOrganizationMembershipOptions(options),\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async deleteOrganizationMembership(\n organizationMembershipId: string,\n ): Promise<void> {\n await this.workos.delete(\n `/user_management/organization_memberships/${organizationMembershipId}`,\n );\n }\n\n async deactivateOrganizationMembership(\n organizationMembershipId: string,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.put<OrganizationMembershipResponse>(\n `/user_management/organization_memberships/${organizationMembershipId}/deactivate`,\n {},\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async reactivateOrganizationMembership(\n organizationMembershipId: string,\n ): Promise<OrganizationMembership> {\n const { data } = await this.workos.put<OrganizationMembershipResponse>(\n `/user_management/organization_memberships/${organizationMembershipId}/reactivate`,\n {},\n );\n\n return deserializeOrganizationMembership(data);\n }\n\n async getInvitation(invitationId: string): Promise<Invitation> {\n const { data } = await this.workos.get<InvitationResponse>(\n `/user_management/invitations/${invitationId}`,\n );\n\n return deserializeInvitation(data);\n }\n\n async findInvitationByToken(invitationToken: string): Promise<Invitation> {\n const { data } = await this.workos.get<InvitationResponse>(\n `/user_management/invitations/by_token/${invitationToken}`,\n );\n\n return deserializeInvitation(data);\n }\n\n async listInvitations(\n options: ListInvitationsOptions,\n ): Promise<AutoPaginatable<Invitation, SerializedListInvitationsOptions>> {\n return new AutoPaginatable(\n await fetchAndDeserialize<InvitationResponse, Invitation>(\n this.workos,\n '/user_management/invitations',\n deserializeInvitation,\n options ? serializeListInvitationsOptions(options) : undefined,\n ),\n (params) =>\n fetchAndDeserialize<InvitationResponse, Invitation>(\n this.workos,\n '/user_management/invitations',\n deserializeInvitation,\n params,\n ),\n options ? serializeListInvitationsOptions(options) : undefined,\n );\n }\n\n async sendInvitation(payload: SendInvitationOptions): Promise<Invitation> {\n const { data } = await this.workos.post<\n InvitationResponse,\n SerializedSendInvitationOptions\n >(\n '/user_management/invitations',\n serializeSendInvitationOptions({\n ...payload,\n }),\n );\n\n return deserializeInvitation(data);\n }\n\n async acceptInvitation(invitationId: string): Promise<Invitation> {\n const { data } = await this.workos.post<InvitationResponse, any>(\n `/user_management/invitations/${invitationId}/accept`,\n null,\n );\n\n return deserializeInvitation(data);\n }\n\n async revokeInvitation(invitationId: string): Promise<Invitation> {\n const { data } = await this.workos.post<InvitationResponse, any>(\n `/user_management/invitations/${invitationId}/revoke`,\n null,\n );\n\n return deserializeInvitation(data);\n }\n\n async revokeSession(payload: RevokeSessionOptions): Promise<void> {\n await this.workos.post<void, SerializedRevokeSessionOptions>(\n '/user_management/sessions/revoke',\n serializeRevokeSessionOptions(payload),\n );\n }\n\n getAuthorizationUrl(options: UserManagementAuthorizationURLOptions): string {\n // Delegate to client implementation\n return clientUserManagement.getAuthorizationUrl({\n ...options,\n baseURL: this.workos.baseURL,\n });\n }\n\n getLogoutUrl(options: clientUserManagement.LogoutURLOptions): string {\n // Delegate to client implementation\n return clientUserManagement.getLogoutUrl({\n ...options,\n baseURL: this.workos.baseURL,\n });\n }\n\n getJwksUrl(clientId: string): string {\n // Delegate to client implementation\n return clientUserManagement.getJwksUrl(clientId, this.workos.baseURL);\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,0BAAqC;AACrC,kBAAyD;AACzD,2BAAsC;AAEtC,mCAAoC;AACpC,wBAAgC;AAChC,iBAAuB;AAEvB,yBAAqC;AAuDrC,8CAOO;AA6BP,oCAIO;AAUP,IAAAA,sBAqBO;AACP,kDAAkE;AAClE,8DAAsE;AACtE,IAAAC,iDAA6D;AAC7D,IAAAC,iBAAkC;AAClC,IAAAC,mBAAsC;AACtC,IAAAC,qBAAsC;AACtC,IAAAC,mCAAgD;AAChD,IAAAC,gDAA4D;AAC5D,gCAA0C;AAC1C,IAAAC,kCAAkD;AAClD,IAAAC,kCAA+C;AAC/C,IAAAC,iDAA6D;AAC7D,qBAA8B;AAEvB,MAAM,eAAe;AAAA,EAI1B,YAA6B,QAAgB;AAAhB;AAC3B,UAAM,EAAE,SAAS,IAAI,OAAO;AAE5B,SAAK,WAAW;AAAA,EAClB;AAAA,EA7JF,OAqJ4B;AAAA;AAAA;AAAA,EAClB;AAAA,EACD;AAAA,EAQP,IAAI,OAA0D;AAC5D,QAAI,CAAC,KAAK,UAAU;AAClB;AAAA,IACF;AAGA,SAAK,cAAU,gCAAmB,IAAI,IAAI,KAAK,WAAW,KAAK,QAAQ,CAAC,GAAG;AAAA,MACzE,kBAAkB,MAAO,KAAK;AAAA,IAChC,CAAC;AAED,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,kBAAkB,SAGA;AAChB,WAAO,IAAI,6BAAc,MAAM,QAAQ,aAAa,QAAQ,cAAc;AAAA,EAC5E;AAAA,EAEA,MAAM,QAAQ,QAA+B;AAC3C,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,0BAA0B,MAAM;AAAA,IAClC;AAEA,eAAO,qCAAgB,IAAI;AAAA,EAC7B;AAAA,EAEA,MAAM,oBAAoB,YAAmC;AAC3D,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,sCAAsC,UAAU;AAAA,IAClD;AAEA,eAAO,qCAAgB,IAAI;AAAA,EAC7B;AAAA,EAEA,MAAM,UACJ,SAC4D;AAC5D,WAAO,IAAI;AAAA,MACT,UAAM;AAAA,QACJ,KAAK;AAAA,QACL;AAAA,QACA;AAAA,QACA,cAAU,qDAA0B,OAAO,IAAI;AAAA,MACjD;AAAA,MACA,CAAC,eACC;AAAA,QACE,KAAK;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,MACF,cAAU,qDAA0B,OAAO,IAAI;AAAA,IACjD;AAAA,EACF;AAAA,EAEA,MAAM,WAAW,SAA2C;AAC1D,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO,KAGjC,8BAA0B,gDAA2B,OAAO,CAAC;AAE/D,eAAO,qCAAgB,IAAI;AAAA,EAC7B;AAAA,EAEA,MAAM,0BACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,+DAA0C;AAAA,QACxC,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,yBACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,8DAAyC;AAAA,QACvC,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,qBACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,0DAAqC;AAAA,QACnC,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,gCACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,qEAAgD,gBAAgB;AAAA,IAClE;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,6BACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,kEAA6C;AAAA,QAC3C,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,qBACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,0DAAqC;AAAA,QACnC,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,kCACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,+FAAkD;AAAA,QAChD,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,sCACJ,SACiC;AACjC,UAAM,EAAE,SAAS,GAAG,iBAAiB,IAAI;AAEzC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,+GAAsD;AAAA,QACpD,GAAG;AAAA,QACH,cAAc,KAAK,OAAO;AAAA,MAC5B,CAAC;AAAA,IACH;AAEA,WAAO,KAAK,8BAA8B;AAAA,MACxC,4BAAwB,uDAAkC,IAAI;AAAA,MAC9D;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,8BAA8B;AAAA,IAClC;AAAA,IACA,qBAAiB,mBAAO,wBAAwB;AAAA,EAClD,GAGE;AACA,QAAI,CAAC,gBAAgB;AACnB,YAAM,IAAI,MAAM,6BAA6B;AAAA,IAC/C;AAEA,QAAI,CAAC,KAAK,MAAM;AACd,YAAM,IAAI,MAAM,0CAA0C;AAAA,IAC5D;AAEA,QAAI,CAAC,aAAa;AAChB,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QACE,mFAA2C;AAAA,MAC/C;AAAA,IACF;AAEA,UAAM,UAAU,UAAM,gCAA8B,aAAa;AAAA,MAC/D,UAAU;AAAA,IACZ,CAAC;AAED,QAAI,CAAC,QAAQ,aAAa;AACxB,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QACE,mFAA2C;AAAA,MAC/C;AAAA,IACF;AAEA,QAAI,CAAE,MAAM,KAAK,WAAW,QAAQ,WAAW,GAAI;AACjD,aAAO;AAAA,QACL,eAAe;AAAA,QACf,QAAQ,mFAA2C;AAAA,MACrD;AAAA,IACF;AAEA,UAAM;AAAA,MACJ,KAAK;AAAA,MACL,QAAQ;AAAA,MACR;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,eAAe;AAAA,IACjB,QAAI,uBAAuB,QAAQ,WAAW;AAE9C,WAAO;AAAA,MACL,eAAe;AAAA,MACf;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,MAAM,QAAQ;AAAA,MACd;AAAA,MACA;AAAA,MACA;AAAA,MACA,aAAa,QAAQ;AAAA,IACvB;AAAA,EACF;AAAA,EAEA,MAAc,WAAW,aAAuC;AAC9D,QAAI,CAAC,KAAK,MAAM;AACd,YAAM,IAAI,MAAM,0CAA0C;AAAA,IAC5D;AAEA,QAAI;AACF,gBAAM,uBAAU,aAAa,KAAK,IAAI;AACtC,aAAO;AAAA,IACT,SAAS,GAAG;AACV,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAc,8BAA8B;AAAA,IAC1C;AAAA,IACA;AAAA,EACF,GAGoC;AAClC,QAAI,SAAS,aAAa;AACxB,aAAO;AAAA,QACL,GAAG;AAAA,QACH,eAAe,MAAM,KAAK,0CAA0C;AAAA,UAClE;AAAA,UACA,gBAAgB,QAAQ;AAAA,QAC1B,CAAC;AAAA,MACH;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,0CAA0C;AAAA,IACtD;AAAA,IACA;AAAA,EACF,GAGoB;AAClB,QAAI,CAAC,gBAAgB;AACnB,YAAM,IAAI,MAAM,6BAA6B;AAAA,IAC/C;AAEA,UAAM,EAAE,QAAQ,8BAA8B,QAAI;AAAA,MAChD,uBAAuB;AAAA,IACzB;AAEA,UAAM,cAAiC;AAAA,MACrC,gBAAgB;AAAA,MAChB,MAAM,uBAAuB;AAAA,MAC7B,aAAa,uBAAuB;AAAA,MACpC,cAAc,uBAAuB;AAAA,MACrC,cAAc,uBAAuB;AAAA,IACvC;AAEA,eAAO,8BAAS,aAAa;AAAA,MAC3B,UAAU;AAAA,IACZ,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,qBAAqB;AAAA,IACzB;AAAA,IACA,qBAAiB,mBAAO,wBAAwB;AAAA,EAClD,GAAkE;AAChE,QAAI,CAAC,gBAAgB;AACnB,YAAM,IAAI,MAAM,6BAA6B;AAAA,IAC/C;AAEA,QAAI,aAAa;AACf,iBAAO,gCAA8B,aAAa;AAAA,QAChD,UAAU;AAAA,MACZ,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,qBACJ,qBAC4B;AAC5B,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,uCAAuC,mBAAmB;AAAA,IAC5D;AAEA,eAAO,kDAA6B,IAAI;AAAA,EAC1C;AAAA,EAEA,MAAM,sBAAsB;AAAA,IAC1B;AAAA,EACF,GAA0D;AACxD,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,0BAA0B,MAAM;AAAA,MAChC,CAAC;AAAA,IACH;AAEA,WAAO,EAAE,UAAM,qCAAgB,KAAK,IAAI,EAAE;AAAA,EAC5C;AAAA,EAEA,MAAM,aAAa,aAAyC;AAC1D,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,+BAA+B,WAAW;AAAA,IAC5C;AAEA,eAAO,0CAAqB,IAAI;AAAA,EAClC;AAAA,EAEA,MAAM,gBAAgB,SAAqD;AACzE,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,qDAAgC;AAAA,QAC9B,GAAG;AAAA,MACL,CAAC;AAAA,IACH;AAEA,eAAO,0CAAqB,IAAI;AAAA,EAClC;AAAA,EAEA,MAAM,YAAY;AAAA,IAChB;AAAA,IACA;AAAA,EACF,GAAgD;AAC9C,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO,KAGjC,0BAA0B,MAAM,+BAA+B;AAAA,MAC/D;AAAA,IACF,CAAC;AAED,WAAO,EAAE,UAAM,qCAAgB,KAAK,IAAI,EAAE;AAAA,EAC5C;AAAA,EAEA,MAAM,iBAAiB,iBAAiD;AACtE,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,mCAAmC,eAAe;AAAA,IACpD;AAEA,eAAO,8CAAyB,IAAI;AAAA,EACtC;AAAA,EAEA,MAAM,oBACJ,SACwB;AACxB,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,yDAAoC;AAAA,QAClC,GAAG;AAAA,MACL,CAAC;AAAA,IACH;AAEA,eAAO,8CAAyB,IAAI;AAAA,EACtC;AAAA,EAEA,MAAM,cAAc,SAAwD;AAC1E,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,mDAA8B,OAAO;AAAA,IACvC;AAEA,WAAO,EAAE,UAAM,qCAAgB,KAAK,IAAI,EAAE;AAAA,EAC5C;AAAA,EAEA,MAAM,WAAW,SAA2C;AAC1D,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,0BAA0B,QAAQ,MAAM;AAAA,UACxC,gDAA2B,OAAO;AAAA,IACpC;AAEA,eAAO,qCAAgB,IAAI;AAAA,EAC7B;AAAA,EAEA,MAAM,iBAAiB,SAGpB;AACD,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC,0BAA0B,QAAQ,MAAM;AAAA,UACxC,sDAAiC,OAAO;AAAA,IAC1C;AAEA,WAAO;AAAA,MACL,0BAAsB;AAAA,QACpB,KAAK;AAAA,MACP;AAAA,MACA,6BAAyB;AAAA,QACvB,KAAK;AAAA,MACP;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,gBACJ,SACqD;AACrD,UAAM,EAAE,QAAQ,GAAG,cAAc,IAAI;AACrC,WAAO,IAAI;AAAA,MACT,UAAM;AAAA,QACJ,KAAK;AAAA,QACL,0BAA0B,MAAM;AAAA,QAChC;AAAA,QACA;AAAA,MACF;AAAA,MACA,CAAC,eACC;AAAA,QACE,KAAK;AAAA,QACL,0BAA0B,MAAM;AAAA,QAChC;AAAA,QACA;AAAA,MACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,aACJ,QACA,SACkE;AAClE,WAAO,IAAI;AAAA,MACT,UAAM;AAAA,QACJ,KAAK;AAAA,QACL,0BAA0B,MAAM;AAAA,QAChC;AAAA,QACA,cAAU,kDAA6B,OAAO,IAAI;AAAA,MACpD;AAAA,MACA,CAAC,eACC;AAAA,QACE,KAAK;AAAA,QACL,0BAA0B,MAAM;AAAA,QAChC;AAAA,QACA;AAAA,MACF;AAAA,MACF,cAAU,kDAA6B,OAAO,IAAI;AAAA,IACpD;AAAA,EACF;AAAA,EAEA,MAAM,WAAW,QAAgB;AAC/B,UAAM,KAAK,OAAO,OAAO,0BAA0B,MAAM,EAAE;AAAA,EAC7D;AAAA,EAEA,MAAM,kBAAkB,QAAqC;AAC3D,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI,UAAU,iDAAiD;AAAA,IACvE;AAEA,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,0BAA0B,MAAM;AAAA,IAClC;AAEA,eAAO,wCAAsB,IAAI;AAAA,EACnC;AAAA,EAEA,MAAM,0BACJ,0BACiC;AACjC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,6CAA6C,wBAAwB;AAAA,IACvE;AAEA,eAAO,mEAAkC,IAAI;AAAA,EAC/C;AAAA,EAEA,MAAM,4BACJ,SAMA;AACA,UAAM,wBACJ,2FAA4C,OAAO;AAErD,WAAO,IAAI;AAAA,MACT,UAAM;AAAA,QAIJ,KAAK;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,MACA,CAAC,eACC;AAAA,QAIE,KAAK;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,6BACJ,SACiC;AACjC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,6FAA6C,OAAO;AAAA,IACtD;AAEA,eAAO,mEAAkC,IAAI;AAAA,EAC/C;AAAA,EAEA,MAAM,6BACJ,0BACA,SACiC;AACjC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC,6CAA6C,wBAAwB;AAAA,UACrE,6FAA6C,OAAO;AAAA,IACtD;AAEA,eAAO,mEAAkC,IAAI;AAAA,EAC/C;AAAA,EAEA,MAAM,6BACJ,0BACe;AACf,UAAM,KAAK,OAAO;AAAA,MAChB,6CAA6C,wBAAwB;AAAA,IACvE;AAAA,EACF;AAAA,EAEA,MAAM,iCACJ,0BACiC;AACjC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,6CAA6C,wBAAwB;AAAA,MACrE,CAAC;AAAA,IACH;AAEA,eAAO,mEAAkC,IAAI;AAAA,EAC/C;AAAA,EAEA,MAAM,iCACJ,0BACiC;AACjC,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,6CAA6C,wBAAwB;AAAA,MACrE,CAAC;AAAA,IACH;AAEA,eAAO,mEAAkC,IAAI;AAAA,EAC/C;AAAA,EAEA,MAAM,cAAc,cAA2C;AAC7D,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,gCAAgC,YAAY;AAAA,IAC9C;AAEA,eAAO,0CAAsB,IAAI;AAAA,EACnC;AAAA,EAEA,MAAM,sBAAsB,iBAA8C;AACxE,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,yCAAyC,eAAe;AAAA,IAC1D;AAEA,eAAO,0CAAsB,IAAI;AAAA,EACnC;AAAA,EAEA,MAAM,gBACJ,SACwE;AACxE,WAAO,IAAI;AAAA,MACT,UAAM;AAAA,QACJ,KAAK;AAAA,QACL;AAAA,QACA;AAAA,QACA,cAAU,kEAAgC,OAAO,IAAI;AAAA,MACvD;AAAA,MACA,CAAC,eACC;AAAA,QACE,KAAK;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,MACF,cAAU,kEAAgC,OAAO,IAAI;AAAA,IACvD;AAAA,EACF;AAAA,EAEA,MAAM,eAAe,SAAqD;AACxE,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MAIjC;AAAA,UACA,gEAA+B;AAAA,QAC7B,GAAG;AAAA,MACL,CAAC;AAAA,IACH;AAEA,eAAO,0CAAsB,IAAI;AAAA,EACnC;AAAA,EAEA,MAAM,iBAAiB,cAA2C;AAChE,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,gCAAgC,YAAY;AAAA,MAC5C;AAAA,IACF;AAEA,eAAO,0CAAsB,IAAI;AAAA,EACnC;AAAA,EAEA,MAAM,iBAAiB,cAA2C;AAChE,UAAM,EAAE,KAAK,IAAI,MAAM,KAAK,OAAO;AAAA,MACjC,gCAAgC,YAAY;AAAA,MAC5C;AAAA,IACF;AAEA,eAAO,0CAAsB,IAAI;AAAA,EACnC;AAAA,EAEA,MAAM,cAAc,SAA8C;AAChE,UAAM,KAAK,OAAO;AAAA,MAChB;AAAA,UACA,6DAA8B,OAAO;AAAA,IACvC;AAAA,EACF;AAAA,EAEA,oBAAoB,SAAwD;AAE1E,WAAO,qBAAqB,oBAAoB;AAAA,MAC9C,GAAG;AAAA,MACH,SAAS,KAAK,OAAO;AAAA,IACvB,CAAC;AAAA,EACH;AAAA,EAEA,aAAa,SAAwD;AAEnE,WAAO,qBAAqB,aAAa;AAAA,MACvC,GAAG;AAAA,MACH,SAAS,KAAK,OAAO;AAAA,IACvB,CAAC;AAAA,EACH;AAAA,EAEA,WAAW,UAA0B;AAEnC,WAAO,qBAAqB,WAAW,UAAU,KAAK,OAAO,OAAO;AAAA,EACtE;AACF;","names":["import_serializers","import_create_organization_membership_options","import_factor","import_identity","import_invitation","import_list_invitations_options","import_list_organization_memberships_options","import_organization_membership","import_send_invitation_options","import_update_organization_membership_options"]}
package/lib/cjs/user-management/user-management.d.cts CHANGED
@@ -1,8 +1,9 @@
1
1
  import 'jose';
2
+ import '../user-management-B38wNrIN.cjs';
2
3
  import '../common/interfaces/pagination-options.interface.cjs';
3
4
  import '../common/utils/pagination.cjs';
4
5
  import '../mfa/interfaces/challenge.interface.cjs';
5
- export { U as UserManagement } from '../workos-Da6gE2T5.cjs';
6
+ export { U as UserManagement } from '../workos-Bt8QqzZV.cjs';
6
7
  import './interfaces/authenticate-with-code-options.interface.cjs';
7
8
  import './interfaces/authenticate-with-code-and-verifier-options.interface.cjs';
8
9
  import './interfaces/authenticate-with-email-verification-options.interface.cjs';
@@ -78,6 +79,7 @@ import '../sso/interfaces/get-profile-options.interface.cjs';
78
79
  import '../sso/interfaces/get-profile-and-token-options.interface.cjs';
79
80
  import '../sso/interfaces/list-connections-options.interface.cjs';
80
81
  import '../sso/interfaces/profile-and-token.interface.cjs';
82
+ import './interfaces/oauth-tokens.interface.cjs';
81
83
  import '../sso/interfaces/profile.interface.cjs';
82
84
  import '../webhooks/webhooks.cjs';
83
85
  import '../common/crypto/crypto-provider.cjs';
@@ -93,7 +95,6 @@ import '../audit-logs/interfaces/audit-log-export.interface.cjs';
93
95
  import '../audit-logs/interfaces/create-audit-log-event-options.interface.cjs';
94
96
  import '../audit-logs/interfaces/create-audit-log-schema-options.interface.cjs';
95
97
  import './interfaces/refresh-and-seal-session-data.interface.cjs';
96
- import './interfaces/oauth-tokens.interface.cjs';
97
98
  import '../fga/interfaces/check.interface.cjs';
98
99
  import '../fga/interfaces/resource.interface.cjs';
99
100
  import '../fga/interfaces/resource-op.enum.cjs';