@workos-inc/node 9.2.0 → 9.3.1

package/lib/{factory-CdcF5208.mjs → factory-B2N5WzoO.mjs}

@@ -99,6 +99,8 @@ for (let i = 0; i < byteHexMapping.length; i++) byteHexMapping[i] = i.toString(1
 //#endregion
 //#region src/common/net/http-client.ts
 var HttpClient = class HttpClient {
+	baseURL;
+	options;
 	MAX_RETRY_ATTEMPTS = 3;
 	BACKOFF_MULTIPLIER = 1.5;
 	MINIMUM_SLEEP_TIME_IN_MILLISECONDS = 500;
@@ -112,14 +114,6 @@ var HttpClient = class HttpClient {
 		this.baseURL = baseURL;
 		this.options = options;
 	}
-	/** The HTTP client name used for diagnostics */
-	getClientName() {
-		throw new Error("getClientName not implemented");
-	}
-	addClientToUserAgent(userAgent) {
-		if (userAgent.indexOf(" ") > -1) return userAgent.replace(/\b\s/, `/${this.getClientName()} `);
-		else return `${userAgent}/${this.getClientName()}`;
-	}
 	static getResourceURL(baseURL, path, params) {
 		const queryString = HttpClient.getQueryString(params);
 		return new URL([path, queryString].filter(Boolean).join("?"), baseURL).toString();
@@ -190,6 +184,8 @@ var ParseError = class extends Error {
 //#region src/common/net/fetch-client.ts
 const DEFAULT_FETCH_TIMEOUT = 6e4;
 var FetchHttpClient = class extends HttpClient {
+	baseURL;
+	options;
 	_fetchFn;
 	constructor(baseURL, options, fetchFn) {
 		super(baseURL, options);
@@ -201,10 +197,6 @@ var FetchHttpClient = class extends HttpClient {
 		}
 		this._fetchFn = fetchFn.bind(globalThis);
 	}
-	/** @override */
-	getClientName() {
-		return "fetch";
-	}
 	async get(path, options) {
 		const resourceURL = HttpClient.getResourceURL(this.baseURL, path, options.params);
 		if (HttpClient.isPathRetryable(path)) return await this.fetchRequestWithRetry(resourceURL, "GET", null, options.headers);
@@ -275,7 +267,7 @@ var FetchHttpClient = class extends HttpClient {
 					"Content-Type": "application/json",
 					...this.options?.headers,
 					...headers,
-					"User-Agent": this.addClientToUserAgent((userAgent || "workos-node").toString())
+					"User-Agent": (userAgent || "workos-node").toString()
 				},
 				body: requestBody,
 				signal: abortController?.signal
@@ -370,6 +362,19 @@ var FetchHttpClientResponse = class FetchHttpClientResponse extends HttpClientRe
 	}
 };
 //#endregion
+//#region src/common/crypto/decode-payload.ts
+function isBinaryPayload(payload) {
+	return ArrayBuffer.isView(payload) || Object.prototype.toString.call(payload) === "[object ArrayBuffer]";
+}
+function decodePayloadToString(payload) {
+	if (typeof payload === "string") return payload;
+	if (isBinaryPayload(payload)) {
+		const bytes = Object.prototype.toString.call(payload) === "[object ArrayBuffer]" ? new Uint8Array(payload) : payload;
+		return new TextDecoder("utf-8", { ignoreBOM: true }).decode(bytes);
+	}
+	return JSON.stringify(payload);
+}
+//#endregion
 //#region src/common/exceptions/api-key-required.exception.ts
 var ApiKeyRequiredException = class extends Error {
 	status = 403;
@@ -383,6 +388,9 @@ var ApiKeyRequiredException = class extends Error {
 //#endregion
 //#region src/common/exceptions/generic-server.exception.ts
 var GenericServerException = class extends Error {
+	status;
+	rawData;
+	requestID;
 	name = "GenericServerException";
 	message = "The request could not be completed.";
 	code;
@@ -417,6 +425,7 @@ function isAuthenticationErrorData(data) {
 	return getAuthenticationErrorCode(data) !== void 0;
 }
 var AuthenticationException = class extends GenericServerException {
+	rawData;
 	name = "AuthenticationException";
 	code;
 	pendingAuthenticationToken;
@@ -486,6 +495,11 @@ var NotFoundException = class extends Error {
 //#endregion
 //#region src/common/exceptions/oauth.exception.ts
 var OauthException = class extends Error {
+	status;
+	requestID;
+	error;
+	errorDescription;
+	rawData;
 	name = "OauthException";
 	constructor(status, requestID, error, errorDescription, rawData) {
 		super();
@@ -502,6 +516,7 @@ var OauthException = class extends Error {
 //#endregion
 //#region src/common/exceptions/rate-limit-exceeded.exception.ts
 var RateLimitExceededException = class extends GenericServerException {
+	retryAfter;
 	name = "RateLimitExceededException";
 	constructor(message, requestID, retryAfter) {
 		super(429, message, {}, requestID);
@@ -519,6 +534,7 @@ var SignatureVerificationException = class extends Error {
 //#endregion
 //#region src/common/exceptions/unauthorized.exception.ts
 var UnauthorizedException = class extends Error {
+	requestID;
 	status = 401;
 	name = "UnauthorizedException";
 	message;
@@ -542,7 +558,8 @@ var UnprocessableEntityException = class extends Error {
 		if (message) this.message = message;
 		if (code) this.code = code;
 		if (errors) {
-			this.message = `The following ${errors.length === 1 ? "requirement" : "requirements"} must be met:\n`;
+			const requirement = errors.length === 1 ? "requirement" : "requirements";
+			this.message = `The following ${requirement} must be met:\n`;
 			for (const { code } of errors) this.message = this.message.concat(`\t${code}\n`);
 		}
 	}
@@ -570,8 +587,7 @@ var SignatureProvider = class {
 		return [timestamp, signatureHash];
 	}
 	async computeSignature(timestamp, payload, secret) {
-		payload = JSON.stringify(payload);
-		const signedPayload = `${timestamp}.${payload}`;
+		const signedPayload = `${timestamp}.${decodePayloadToString(payload)}`;
 		return await this.cryptoProvider.computeHMACSignatureAsync(signedPayload, secret);
 	}
 };
@@ -1062,7 +1078,7 @@ var Actions = class {
 			tolerance
 		};
 		await this.verifyHeader(options);
-		return deserializeAction(payload);
+		return deserializeAction(typeof payload === "string" || isBinaryPayload(payload) ? JSON.parse(decodePayloadToString(payload)) : payload);
 	}
 };
 //#endregion
@@ -1697,6 +1713,10 @@ const serializePaginationOptions = (options) => ({
 });
 //#endregion
 //#region src/webhooks/webhooks.ts
+function parseVerifiedPayload(payload) {
+	if (typeof payload === "object" && !isBinaryPayload(payload)) return payload;
+	return JSON.parse(decodePayloadToString(payload));
+}
 var Webhooks = class {
 	signatureProvider;
 	constructor(cryptoProvider) {
@@ -1719,7 +1739,7 @@ var Webhooks = class {
 			tolerance
 		};
 		await this.verifyHeader(options);
-		return deserializeEvent(payload);
+		return deserializeEvent(parseVerifiedPayload(payload));
 	}
 };
 //#endregion
@@ -1775,6 +1795,8 @@ var PKCE = class {
 //#endregion
 //#region src/common/utils/pagination.ts
 var AutoPaginatable = class {
+	list;
+	apiCall;
 	object = "list";
 	options;
 	constructor(list, apiCall, options) {
@@ -1858,6 +1880,7 @@ const fetchAndDeserialize = async (workos, endpoint, deserializeFn, options, req
 //#endregion
 //#region src/api-keys/api-keys.ts
 var ApiKeys = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -1929,6 +1952,7 @@ var ApiKeys = class {
 //#endregion
 //#region src/directory-sync/directory-sync.ts
 var DirectorySync = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -2050,6 +2074,7 @@ const serializeListEventOptions = (options) => ({
 //#endregion
 //#region src/events/events.ts
 var Events = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -2070,6 +2095,7 @@ var Events = class {
 //#endregion
 //#region src/organizations/organizations.ts
 var Organizations = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -2172,6 +2198,7 @@ const serializeCreateOrganizationDomainOptions = (options) => ({
 //#endregion
 //#region src/organization-domains/organization-domains.ts
 var OrganizationDomains = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -2247,6 +2274,7 @@ const deserializePasswordlessSession = (passwordlessSession) => ({
 //#endregion
 //#region src/passwordless/passwordless.ts
 var Passwordless = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -2295,6 +2323,7 @@ function deserializeGetAccessTokenResponse(response) {
 //#endregion
 //#region src/pipes/pipes.ts
 var Pipes = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -2306,6 +2335,7 @@ var Pipes = class {
 //#endregion
 //#region src/admin-portal/admin-portal.ts
 var AdminPortal = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -2369,6 +2399,7 @@ function encodeRFC1738(str) {
 //#endregion
 //#region src/sso/sso.ts
 var SSO = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -2571,6 +2602,7 @@ const deserializeVerifyResponse = (verifyResponse) => ({
 //#endregion
 //#region src/multi-factor-auth/multi-factor-auth.ts
 var MultiFactorAuth = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -2772,6 +2804,7 @@ const deserializeAuditLogSchema = (auditLogSchema) => ({
 //#endregion
 //#region src/audit-logs/audit-logs.ts
 var AuditLogs = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -3323,7 +3356,7 @@ let _josePromise;
 * @returns Promise that resolves to the jose module
 */
 function getJose() {
-	return _josePromise ??= import("./webapi-CxKOxXjo.mjs");
+	return _josePromise ??= import("./webapi-CKFbiPvQ.mjs");
 }
 //#endregion
 //#region src/user-management/session.ts
@@ -3345,16 +3378,16 @@ var CookieSession = class {
 	async authenticate() {
 		if (!this.sessionData) return {
 			authenticated: false,
-			reason: AuthenticateWithSessionCookieFailureReason.NO_SESSION_COOKIE_PROVIDED
+			reason: "no_session_cookie_provided"
 		};
 		const session = await unsealData(this.sessionData, { password: this.cookiePassword });
 		if (!session.accessToken) return {
 			authenticated: false,
-			reason: AuthenticateWithSessionCookieFailureReason.INVALID_SESSION_COOKIE
+			reason: "invalid_session_cookie"
 		};
 		if (!await this.isValidJwt(session.accessToken)) return {
 			authenticated: false,
-			reason: AuthenticateWithSessionCookieFailureReason.INVALID_JWT
+			reason: "invalid_jwt"
 		};
 		const { decodeJwt } = await getJose();
 		const { sid: sessionId, org_id: organizationId, role, roles, permissions, entitlements, feature_flags: featureFlags } = decodeJwt(session.accessToken);
@@ -3386,7 +3419,7 @@ var CookieSession = class {
 		const session = await unsealData(this.sessionData, { password: this.cookiePassword });
 		if (!session.refreshToken || !session.user) return {
 			authenticated: false,
-			reason: RefreshSessionFailureReason.INVALID_SESSION_COOKIE
+			reason: "invalid_session_cookie"
 		};
 		const { org_id: organizationIdFromAccessToken } = decodeJwt(session.accessToken);
 		try {
@@ -3419,7 +3452,7 @@ var CookieSession = class {
 				impersonator: session.impersonator
 			};
 		} catch (error) {
-			if (error instanceof OauthException && (error.error === RefreshSessionFailureReason.INVALID_GRANT || error.error === RefreshSessionFailureReason.MFA_ENROLLMENT || error.error === RefreshSessionFailureReason.SSO_REQUIRED)) return {
+			if (error instanceof OauthException && (error.error === "invalid_grant" || error.error === "mfa_enrollment" || error.error === "sso_required")) return {
 				authenticated: false,
 				reason: error.error
 			};
@@ -3458,6 +3491,7 @@ var CookieSession = class {
 //#endregion
 //#region src/user-management/user-management.ts
 var UserManagement = class {
+	workos;
 	_jwks;
 	clientId;
 	constructor(workos) {
@@ -3694,16 +3728,16 @@ var UserManagement = class {
 		const { decodeJwt } = await getJose();
 		if (!sessionData) return {
 			authenticated: false,
-			reason: AuthenticateWithSessionCookieFailureReason.NO_SESSION_COOKIE_PROVIDED
+			reason: "no_session_cookie_provided"
 		};
 		const session = await unsealData(sessionData, { password: cookiePassword });
 		if (!session.accessToken) return {
 			authenticated: false,
-			reason: AuthenticateWithSessionCookieFailureReason.INVALID_SESSION_COOKIE
+			reason: "invalid_session_cookie"
 		};
 		if (!await this.isValidJwt(session.accessToken)) return {
 			authenticated: false,
-			reason: AuthenticateWithSessionCookieFailureReason.INVALID_JWT
+			reason: "invalid_jwt"
 		};
 		const { sid: sessionId, org_id: organizationId, role, roles, permissions, entitlements, feature_flags: featureFlags } = decodeJwt(session.accessToken);
 		return {
@@ -4238,6 +4272,7 @@ var InMemoryStore = class {
 //#endregion
 //#region src/feature-flags/evaluator.ts
 var Evaluator = class {
+	store;
 	constructor(store) {
 		this.store = store;
 	}
@@ -4273,6 +4308,7 @@ const INITIAL_RETRY_MS = 1e3;
 const MAX_RETRY_MS = 6e4;
 const BACKOFF_MULTIPLIER = 2;
 var FeatureFlagsRuntimeClient = class extends EventEmitter {
+	workos;
 	store;
 	evaluator;
 	pollingIntervalMs;
@@ -4455,6 +4491,7 @@ var FeatureFlagsRuntimeClient = class extends EventEmitter {
 //#endregion
 //#region src/feature-flags/feature-flags.ts
 var FeatureFlags = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -4577,6 +4614,7 @@ var FeatureFlags = class {
 //#endregion
 //#region src/groups/groups.ts
 var Groups = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -4629,6 +4667,7 @@ const deserializeGetTokenResponse = (data) => ({ token: data.token });
 //#endregion
 //#region src/widgets/widgets.ts
 var Widgets = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -4798,6 +4837,20 @@ const deserializeRoleAssignment = (response) => ({
 	updatedAt: response.updated_at
 });
 //#endregion
+//#region src/authorization/serializers/list-role-assignments-options.serializer.ts
+const serializeListRoleAssignmentsOptions = (options) => ({
+	...options.resourceId && { resource_id: options.resourceId },
+	...options.resourceExternalId && { resource_external_id: options.resourceExternalId },
+	...options.resourceTypeSlug && { resource_type_slug: options.resourceTypeSlug },
+	...serializePaginationOptions(options)
+});
+//#endregion
+//#region src/authorization/serializers/list-role-assignments-for-resource-options.serializer.ts
+const serializeListRoleAssignmentsForResourceOptions = (options) => ({
+	...options.roleSlug && { role_slug: options.roleSlug },
+	...serializePaginationOptions(options)
+});
+//#endregion
 //#region src/authorization/serializers/assign-role-options.serializer.ts
 const serializeAssignRoleOptions = (options) => ({
 	role_slug: options.roleSlug,
@@ -4823,6 +4876,7 @@ const serializeListEffectivePermissionsOptions = (options) => ({ ...serializePag
 //#endregion
 //#region src/authorization/authorization.ts
 var Authorization = class {
+	workos;
 	constructor(workos) {
 		this.workos = workos;
 	}
@@ -5399,7 +5453,8 @@ var Authorization = class {
 	async listRoleAssignments(options) {
 		const { organizationMembershipId, ...queryOptions } = options;
 		const endpoint = `/authorization/organization_memberships/${organizationMembershipId}/role_assignments`;
-		return new AutoPaginatable(await fetchAndDeserialize(this.workos, endpoint, deserializeRoleAssignment, queryOptions), (params) => fetchAndDeserialize(this.workos, endpoint, deserializeRoleAssignment, params), queryOptions);
+		const serializedOptions = serializeListRoleAssignmentsOptions(queryOptions);
+		return new AutoPaginatable(await fetchAndDeserialize(this.workos, endpoint, deserializeRoleAssignment, serializedOptions), (params) => fetchAndDeserialize(this.workos, endpoint, deserializeRoleAssignment, params), serializedOptions);
 	}
 	/**
 	* List role assignments for a resource
@@ -5418,7 +5473,8 @@ var Authorization = class {
 	async listRoleAssignmentsForResource(options) {
 		const { resourceId, ...queryOptions } = options;
 		const endpoint = `/authorization/resources/${resourceId}/role_assignments`;
-		return new AutoPaginatable(await fetchAndDeserialize(this.workos, endpoint, deserializeRoleAssignment, queryOptions), (params) => fetchAndDeserialize(this.workos, endpoint, deserializeRoleAssignment, params), queryOptions);
+		const serializedOptions = serializeListRoleAssignmentsForResourceOptions(queryOptions);
+		return new AutoPaginatable(await fetchAndDeserialize(this.workos, endpoint, deserializeRoleAssignment, serializedOptions), (params) => fetchAndDeserialize(this.workos, endpoint, deserializeRoleAssignment, params), serializedOptions);
 	}
 	/**
 	* List role assignments for a resource by external ID
@@ -5447,7 +5503,8 @@ var Authorization = class {
 	async listResourceRoleAssignments(options) {
 		const { organizationId, resourceTypeSlug, externalId, ...queryOptions } = options;
 		const endpoint = `/authorization/organizations/${organizationId}/resources/${resourceTypeSlug}/${externalId}/role_assignments`;
-		return new AutoPaginatable(await fetchAndDeserialize(this.workos, endpoint, deserializeRoleAssignment, queryOptions), (params) => fetchAndDeserialize(this.workos, endpoint, deserializeRoleAssignment, params), queryOptions);
+		const serializedOptions = serializeListRoleAssignmentsForResourceOptions(queryOptions);
+		return new AutoPaginatable(await fetchAndDeserialize(this.workos, endpoint, deserializeRoleAssignment, serializedOptions), (params) => fetchAndDeserialize(this.workos, endpoint, deserializeRoleAssignment, params), serializedOptions);
 	}
 	/**
 	* Assign a role
@@ -5771,6 +5828,7 @@ const serializeUpdateObjectEntity = (options) => ({
 //#endregion
 //#region src/vault/vault.ts
 var Vault = class {
+	workos;
 	cryptoProvider;
 	constructor(workos) {
 		this.workos = workos;
@@ -5864,50 +5922,8 @@ var Vault = class {
 	}
 };
 //#endregion
-//#region src/common/utils/runtime-info.ts
-/**
-* Get runtime information including name and version.
-* Safely extracts version information for different JavaScript runtimes.
-* @returns RuntimeInfo object with name and optional version
-*/
-function getRuntimeInfo() {
-	const name = detectRuntime();
-	let version;
-	try {
-		switch (name) {
-			case "node":
-				version = typeof process !== "undefined" ? process.version : void 0;
-				break;
-			case "deno":
-				version = globalThis.Deno?.version?.deno;
-				break;
-			case "bun":
-				version = globalThis.Bun?.version || extractBunVersionFromUserAgent();
-				break;
-			default:
-				version = void 0;
-				break;
-		}
-	} catch {
-		version = void 0;
-	}
-	return {
-		name,
-		version
-	};
-}
-/**
-* Extract Bun version from navigator.userAgent as fallback.
-* @returns Bun version string or undefined
-*/
-function extractBunVersionFromUserAgent() {
-	try {
-		if (typeof navigator !== "undefined" && navigator.userAgent) return navigator.userAgent.match(/Bun\/(\d+\.\d+\.\d+)/)?.[1];
-	} catch {}
-}
-//#endregion
 //#region package.json
-var version = "9.2.0";
+var version = "9.3.1";
 //#endregion
 //#region src/workos.ts
 const DEFAULT_HOSTNAME = "api.workos.com";
@@ -5986,15 +6002,8 @@ var WorkOS = class {
 		const userAgent = this.createUserAgent(this.options);
 		this.client = this.createHttpClient(this.options, userAgent);
 	}
-	createUserAgent(options) {
-		let userAgent = `workos-node/${version}`;
-		const { name: runtimeName, version: runtimeVersion } = getRuntimeInfo();
-		userAgent += ` (${runtimeName}${runtimeVersion ? `/${runtimeVersion}` : ""})`;
-		if (options.appInfo) {
-			const { name, version } = options.appInfo;
-			userAgent += ` ${name}: ${version}`;
-		}
-		return userAgent;
+	createUserAgent(_options) {
+		return `workos-node/${version}`;
 	}
 	createWebhookClient() {
 		return new Webhooks(this.getCryptoProvider());
@@ -6292,4 +6301,4 @@ function createWorkOS(options) {
 //#endregion
 export { FetchHttpClient as A, NoApiKeyProvidedException as C, isAuthenticationErrorData as D, AuthenticationException as E, GenericServerException as O, NotFoundException as S, BadRequestException as T, UnprocessableEntityException as _, DomainDataState as a, RateLimitExceededException as b, FeatureFlagsRuntimeClient as c, serializeRevokeSessionOptions as d, AuthenticateWithSessionCookieFailureReason as f, Actions as g, Webhooks as h, OrganizationDomainVerificationStrategy as i, SubtleCryptoProvider as j, ApiKeyRequiredException as k, CookieSession as l, PKCE as m, ConnectionType as n, GenerateLinkIntent as o, AutoPaginatable as p, OrganizationDomainState as r, WorkOS as s, createWorkOS as t, RefreshSessionFailureReason as u, UnauthorizedException as v, ConflictException as w, OauthException as x, SignatureVerificationException as y };
 
-//# sourceMappingURL=factory-CdcF5208.mjs.map
+//# sourceMappingURL=factory-B2N5WzoO.mjs.map