@workos/oagen-emitters 0.4.0 → 0.6.0

package/dist/plugin.d.mts

@@ -0,0 +1,7 @@
+import { OagenConfig } from "@workos/oagen";
+
+//#region src/plugin.d.ts
+declare const workosEmittersPlugin: Pick<OagenConfig, 'emitters' | 'extractors' | 'smokeRunners'>;
+//#endregion
+export { workosEmittersPlugin };
+//# sourceMappingURL=plugin.d.mts.map

package/dist/plugin.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"plugin.d.mts","names":[],"sources":["../src/plugin.ts"],"mappings":";;;cAyBa,oBAAA,EAAsB,IAAA,CAAK,WAAA"}

package/dist/plugin.mjs

@@ -0,0 +1,2 @@
+import { t as workosEmittersPlugin } from "./plugin-Dws9b6T7.mjs";
+export { workosEmittersPlugin };

package/docs/sdk-architecture/dotnet.md

@@ -226,11 +226,11 @@ public class WorkOSList<T>
 
 The runtime translates HTTP status codes to SDK-native exceptions:
 
-- `AuthenticationError` (401)
-- `NotFoundError` (404)
-- `UnprocessableEntityError` (422)
-- `RateLimitExceededError` (429)
-- `ServerError` (500+)
+- `AuthenticationException` (401)
+- `NotFoundException` (404)
+- `UnprocessableEntityException` (422)
+- `RateLimitExceededException` (429)
+- `ServerException` (500+)
 
 These are hand-maintained in the runtime. The emitter generates error-handling _tests_, not the error classes themselves.
 

package/oagen.config.ts

@@ -1,377 +1,9 @@
-import type { OagenConfig, OperationHint } from '@workos/oagen';
-import { toCamelCase } from '@workos/oagen';
-import { nodeEmitter } from './src/node/index.js';
-import { pythonEmitter } from './src/python/index.js';
-import { phpEmitter } from './src/php/index.js';
-import { goEmitter } from './src/go/index.js';
-import { dotnetEmitter } from './src/dotnet/index.js';
-import { kotlinEmitter } from './src/kotlin/index.js';
-import { nodeExtractor } from './src/compat/extractors/node.js';
-import { rubyExtractor } from './src/compat/extractors/ruby.js';
-import { pythonExtractor } from './src/compat/extractors/python.js';
-import { phpExtractor } from './src/compat/extractors/php.js';
-import { goExtractor } from './src/compat/extractors/go.js';
-import { rustExtractor } from './src/compat/extractors/rust.js';
-import { kotlinExtractor } from './src/compat/extractors/kotlin.js';
-import { dotnetExtractor } from './src/compat/extractors/dotnet.js';
-import { elixirExtractor } from './src/compat/extractors/elixir.js';
-
-/**
- * NestJS-style operationId transform. Strips "Controller" and extracts the
- * action after the first underscore: `FooController_bar` → `bar`.
- */
-function nestjsOperationIdTransform(id: string): string {
-  const stripped = id.replace(/Controller/g, '');
-  const idx = stripped.indexOf('_');
-  return idx !== -1 ? toCamelCase(stripped.slice(idx + 1)) : toCamelCase(stripped);
-}
-
-// ---------------------------------------------------------------------------
-// Operation hints — per-operation overrides for the operation resolver.
-// Keyed by "METHOD /path". Only operations that need overrides are listed;
-// the algorithm handles the rest.
-// ---------------------------------------------------------------------------
-const operationHints: Record<string, OperationHint> = {
-  // ── Radar ────────────────────────────────────────────────────────────────
-  'POST /radar/lists/{type}/{action}': { name: 'add_list_entry' },
-  'DELETE /radar/lists/{type}/{action}': { name: 'remove_list_entry' },
-
-  // ── SSO ──────────────────────────────────────────────────────────────────
-  'GET /sso/authorize': {
-    name: 'get_authorization_url',
-    defaults: { response_type: 'code' },
-    inferFromClient: ['client_id'],
-    urlBuilder: true,
-  },
-  'GET /sso/logout': { name: 'get_logout_url', urlBuilder: true },
-  'GET /sso/profile': { name: 'get_profile' },
-  'POST /sso/token': {
-    name: 'get_profile_and_token',
-    defaults: { grant_type: 'authorization_code' },
-    inferFromClient: ['client_id', 'client_secret'],
-  },
-
-  // ── SSO / JWKS (mounted on UserManagement via mountRules) ────────────────
-  'GET /sso/jwks/{clientId}': { name: 'get_jwks' },
-
-  // ── User Management — auth ──────────────────────────────────────────────
-  'GET /user_management/authorize': {
-    name: 'get_authorization_url',
-    defaults: { response_type: 'code' },
-    inferFromClient: ['client_id'],
-    urlBuilder: true,
-  },
-  'GET /user_management/sessions/logout': { name: 'get_logout_url', urlBuilder: true },
-
-  // ── User Management — org membership actions ────────────────────────────
-  'PUT /user_management/organization_memberships/{id}/deactivate': {
-    name: 'deactivate_organization_membership',
-  },
-  'PUT /user_management/organization_memberships/{id}/reactivate': {
-    name: 'reactivate_organization_membership',
-  },
-
-  // ── Admin Portal ────────────────────────────────────────────────────────
-  'POST /portal/generate_link': { name: 'generate_link' },
-
-  // ── Feature Flags — disambiguate co-mounted list operations ─────────────
-  'GET /organizations/{organizationId}/feature-flags': { name: 'list_organization_feature_flags' },
-  'GET /user_management/users/{userId}/feature-flags': { name: 'list_user_feature_flags' },
-
-  // ── External ID lookups (not derivable from path) ──────────────────────
-  'GET /organizations/external_id/{external_id}': { name: 'get_organization_by_external_id' },
-  'GET /user_management/users/external_id/{external_id}': { name: 'get_user_by_external_id' },
-
-  // ── Authorization — environment-scoped roles ─────────────────────────────
-  'GET /authorization/roles': { name: 'list_environment_roles' },
-  'POST /authorization/roles': { name: 'create_environment_role' },
-  'GET /authorization/roles/{slug}': { name: 'get_environment_role' },
-  'PATCH /authorization/roles/{slug}': { name: 'update_environment_role' },
-  'PUT /authorization/roles/{slug}/permissions': {
-    name: 'set_environment_role_permissions',
-  },
-  'POST /authorization/roles/{slug}/permissions': {
-    name: 'add_environment_role_permission',
-  },
-
-  // ── Authorization — singularized/shortened names ────────────────────────
-  'POST /authorization/permissions': { name: 'create_permission' },
-  'POST /authorization/resources': { name: 'create_resource' },
-  'POST /authorization/organization_memberships/{organization_membership_id}/check': {
-    name: 'check',
-  },
-  'POST /authorization/organization_memberships/{organization_membership_id}/role_assignments': {
-    name: 'assign_role',
-  },
-  'DELETE /authorization/organization_memberships/{organization_membership_id}/role_assignments': {
-    name: 'remove_role',
-  },
-  'POST /authorization/organizations/{organizationId}/roles': {
-    name: 'create_organization_role',
-  },
-
-  // ── Authorization — env-scoped resource memberships ────────────────────
-  'GET /authorization/resources/{resource_id}/organization_memberships': { name: 'list_memberships_for_resource' },
-
-  // ── User Management — singularized/shortened names ─────────────────────
-  'POST /user_management/users': { name: 'create_user' },
-  'POST /user_management/organization_memberships': {
-    name: 'create_organization_membership',
-  },
-  'POST /user_management/invitations': { name: 'send_invitation' },
-  'GET /user_management/invitations/by_token/{token}': {
-    name: 'find_invitation_by_token',
-  },
-  'POST /user_management/users/{id}/email_verification/send': {
-    name: 'send_verification_email',
-  },
-  'POST /user_management/users/{id}/email_verification/confirm': {
-    name: 'verify_email',
-  },
-  'POST /user_management/password_reset': { name: 'reset_password' },
-  'POST /user_management/password_reset/confirm': {
-    name: 'confirm_password_reset',
-  },
-  'GET /user_management/users/{id}/sessions': { name: 'list_sessions' },
-  'GET /user_management/users/{id}/identities': { name: 'get_user_identities' },
-  'POST /user_management/cors_origins': { name: 'create_cors_origin' },
-  'POST /user_management/redirect_uris': { name: 'create_redirect_uri' },
-
-  // ── Organizations — singularized names ─────────────────────────────────
-  'POST /organizations': { name: 'create_organization' },
-
-  // ── Directory Sync — shortened names ───────────────────────────────────
-  'GET /directory_groups': { name: 'list_groups' },
-  'GET /directory_groups/{id}': { name: 'get_group' },
-  'GET /directory_users': { name: 'list_users' },
-  'GET /directory_users/{id}': { name: 'get_user' },
-
-  // ── Audit Logs — singularized names ────────────────────────────────────
-  'POST /audit_logs/events': { name: 'create_event' },
-  'POST /audit_logs/exports': { name: 'create_export' },
-  'POST /audit_logs/actions/{actionName}/schemas': { name: 'create_schema' },
-
-  // ── Feature Flags — match SDK conventions ──────────────────────────────
-  'POST /feature-flags/{slug}/targets/{resourceId}': { name: 'add_flag_target' },
-  'DELETE /feature-flags/{slug}/targets/{resourceId}': {
-    name: 'remove_flag_target',
-  },
-
-  // ── Organizations — audit log config (singular fetch, not a list) ───────
-  'GET /organizations/{id}/audit_log_configuration': {
-    name: 'get_audit_log_configuration',
-  },
-
-  // ── Organizations — audit logs retention (mounted on AuditLogs) ─────────
-  'GET /organizations/{id}/audit_logs_retention': {
-    name: 'get_organization_audit_logs_retention',
-    mountOn: 'AuditLogs',
-  },
-  'PUT /organizations/{id}/audit_logs_retention': { mountOn: 'AuditLogs' },
-
-  // ── Union split: POST /user_management/authenticate (8 variants) ────────
-  // Common optional fields appended to every variant's exposedParams so the
-  // generated wrappers cover the full spec body shape (fraud/audit context the
-  // server consumes when present).
-  'POST /user_management/authenticate': {
-    split: [
-      {
-        name: 'authenticate_with_password',
-        targetVariant: 'PasswordSessionAuthenticateRequest',
-        defaults: { grant_type: 'password' },
-        inferFromClient: ['client_id', 'client_secret'],
-        exposedParams: ['email', 'password', 'invitation_token', 'ip_address', 'device_id', 'user_agent'],
-        optionalParams: ['invitation_token', 'ip_address', 'device_id', 'user_agent'],
-      },
-      {
-        name: 'authenticate_with_code',
-        targetVariant: 'CodeSessionAuthenticateRequest',
-        defaults: { grant_type: 'authorization_code' },
-        inferFromClient: ['client_id', 'client_secret'],
-        exposedParams: ['code', 'ip_address', 'device_id', 'user_agent'],
-        optionalParams: ['ip_address', 'device_id', 'user_agent'],
-      },
-      {
-        name: 'authenticate_with_refresh_token',
-        targetVariant: 'RefreshTokenSessionAuthenticateRequest',
-        defaults: { grant_type: 'refresh_token' },
-        inferFromClient: ['client_id', 'client_secret'],
-        exposedParams: ['refresh_token', 'organization_id', 'ip_address', 'device_id', 'user_agent'],
-        optionalParams: ['organization_id', 'ip_address', 'device_id', 'user_agent'],
-      },
-      {
-        name: 'authenticate_with_magic_auth',
-        targetVariant: 'MagicAuthSessionAuthenticateRequest',
-        defaults: { grant_type: 'urn:workos:oauth:grant-type:magic-auth:code' },
-        inferFromClient: ['client_id', 'client_secret'],
-        exposedParams: ['code', 'email', 'invitation_token', 'ip_address', 'device_id', 'user_agent'],
-        optionalParams: ['invitation_token', 'ip_address', 'device_id', 'user_agent'],
-      },
-      {
-        name: 'authenticate_with_email_verification',
-        targetVariant: 'EmailVerificationSessionAuthenticateRequest',
-        defaults: { grant_type: 'urn:workos:oauth:grant-type:email-verification:code' },
-        inferFromClient: ['client_id', 'client_secret'],
-        exposedParams: ['code', 'pending_authentication_token', 'ip_address', 'device_id', 'user_agent'],
-        optionalParams: ['pending_authentication_token', 'ip_address', 'device_id', 'user_agent'],
-      },
-      {
-        name: 'authenticate_with_totp',
-        targetVariant: 'TotpSessionAuthenticateRequest',
-        defaults: { grant_type: 'urn:workos:oauth:grant-type:mfa-totp' },
-        inferFromClient: ['client_id', 'client_secret'],
-        exposedParams: [
-          'code',
-          'pending_authentication_token',
-          'authentication_challenge_id',
-          'ip_address',
-          'device_id',
-          'user_agent',
-        ],
-        optionalParams: ['ip_address', 'device_id', 'user_agent'],
-      },
-      {
-        name: 'authenticate_with_organization_selection',
-        targetVariant: 'OrganizationSelectionSessionAuthenticateRequest',
-        defaults: { grant_type: 'urn:workos:oauth:grant-type:organization-selection' },
-        inferFromClient: ['client_id', 'client_secret'],
-        exposedParams: ['pending_authentication_token', 'organization_id', 'ip_address', 'device_id', 'user_agent'],
-        optionalParams: ['ip_address', 'device_id', 'user_agent'],
-      },
-      {
-        name: 'authenticate_with_device_code',
-        targetVariant: 'DeviceCodeSessionAuthenticateRequest',
-        defaults: { grant_type: 'urn:ietf:params:oauth:grant-type:device_code' },
-        inferFromClient: ['client_id'],
-        exposedParams: ['device_code', 'ip_address', 'device_id', 'user_agent'],
-        optionalParams: ['ip_address', 'device_id', 'user_agent'],
-      },
-    ],
-  },
-
-  // ── Union split: POST /connect/applications (2 variants) ────────────────
-  'POST /connect/applications': {
-    split: [
-      {
-        name: 'create_oauth_application',
-        targetVariant: 'CreateOAuthApplication',
-        defaults: { application_type: 'oauth' },
-        exposedParams: [
-          'name',
-          'is_first_party',
-          'description',
-          'scopes',
-          'redirect_uris',
-          'uses_pkce',
-          'organization_id',
-        ],
-      },
-      {
-        name: 'create_m2m_application',
-        targetVariant: 'CreateM2MApplication',
-        defaults: { application_type: 'm2m' },
-        exposedParams: ['name', 'organization_id', 'description', 'scopes'],
-      },
-    ],
-  },
-};
-
-// ---------------------------------------------------------------------------
-// Mount rules — service-level remounting. Maps IR service name → target
-// service/namespace (PascalCase). All operations in the source service are
-// mounted on the target unless overridden per-operation in operationHints.
-// ---------------------------------------------------------------------------
-const mountRules: Record<string, string> = {
-  // MFA sub-services → MultiFactorAuth
-  MultiFactorAuthChallenges: 'MultiFactorAuth',
-
-  // RBAC permissions → Authorization
-  Permissions: 'Authorization',
-
-  // Connect sub-services → Connect
-  WorkosConnect: 'Connect',
-  Applications: 'Connect',
-  ApplicationClientSecrets: 'Connect',
-
-  // SSO connections → SSO
-  Connections: 'SSO',
-
-  // Directory Sync sub-services → DirectorySync
-  Directories: 'DirectorySync',
-  DirectoryGroups: 'DirectorySync',
-  DirectoryUsers: 'DirectorySync',
-
-  // Feature flag sub-services → FeatureFlags
-  FeatureFlagsTargets: 'FeatureFlags',
-  OrganizationsFeatureFlags: 'FeatureFlags',
-  UserManagementUsersFeatureFlags: 'FeatureFlags',
-
-  // Org API keys → ApiKeys
-  OrganizationsApiKeys: 'ApiKeys',
-
-  // User Management sub-services → UserManagement
-  UserManagementSessionTokens: 'UserManagement',
-  UserManagementAuthentication: 'UserManagement',
-  UserManagementCorsOrigins: 'UserManagement',
-  UserManagementUsers: 'UserManagement',
-  UserManagementInvitations: 'UserManagement',
-  UserManagementJWTTemplate: 'UserManagement',
-  UserManagementMagicAuth: 'UserManagement',
-  UserManagementOrganizationMembership: 'UserManagement',
-  UserManagementRedirectUris: 'UserManagement',
-  UserManagementUsersAuthorizedApplications: 'UserManagement',
-
-  // Pipes / Data Providers → Pipes
-  UserManagementDataProviders: 'Pipes',
-
-  // User Management MFA → MultiFactorAuth
-  UserManagementMultiFactorAuthentication: 'MultiFactorAuth',
-};
+import type { OagenConfig } from '@workos/oagen';
+import { workosEmittersPlugin } from './src/plugin.js';
 
+// Minimal config for local emitter development.
+// The canonical consumer config lives in openapi-spec/oagen.config.ts.
 const config: OagenConfig = {
-  emitters: [nodeEmitter, pythonEmitter, phpEmitter, goEmitter, dotnetEmitter, kotlinEmitter],
-  extractors: [
-    nodeExtractor,
-    rubyExtractor,
-    pythonExtractor,
-    phpExtractor,
-    goExtractor,
-    rustExtractor,
-    kotlinExtractor,
-    dotnetExtractor,
-    elixirExtractor,
-  ],
-  smokeRunners: {
-    node: './smoke/sdk-node.ts',
-    ruby: './smoke/sdk-ruby.ts',
-    python: './smoke/sdk-python.ts',
-    php: './smoke/sdk-php.ts',
-    go: './smoke/sdk-go.ts',
-    rust: './smoke/sdk-rust.ts',
-    elixir: './smoke/sdk-elixir.ts',
-    kotlin: './smoke/sdk-kotlin.ts',
-    dotnet: './smoke/sdk-dotnet.ts',
-  },
-  docUrl: 'https://workos.com/docs',
-  operationIdTransform: nestjsOperationIdTransform,
-  schemaNameTransform: (name: string) => {
-    // Explicit renames for Dto models that collide with response models
-    const COLLISION_RENAMES: Record<string, string> = {
-      OrganizationDto: 'OrganizationInput',
-      RedirectUriDto: 'RedirectUriInput',
-      // Generic list-derived names that need domain-specific identifiers
-      ListData: 'Role',
-      ListModel: 'RoleList',
-      // Double-List naming artifact
-      EventListListMetadata: 'EventListMetadata',
-    };
-    if (COLLISION_RENAMES[name]) return COLLISION_RENAMES[name];
-    return name
-      .replace(/Dto/g, '')
-      .replace(/DTO/g, '')
-      .replace(/^Urn(?:IetfParams|Workos)O[Aa]uthGrantType/, '');
-  },
-  operationHints,
-  mountRules,
+  ...workosEmittersPlugin,
 };
 export default config;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@workos/oagen-emitters",
-  "version": "0.4.0",
+  "version": "0.6.0",
   "description": "WorkOS' oagen emitters",
   "license": "MIT",
   "author": "WorkOS",
@@ -15,6 +15,10 @@
     ".": {
       "types": "./dist/index.d.mts",
       "import": "./dist/index.mjs"
+    },
+    "./plugin": {
+      "types": "./dist/plugin.d.mts",
+      "import": "./dist/plugin.mjs"
     }
   },
   "scripts": {
@@ -28,56 +32,28 @@
     "test": "vitest run",
     "test:watch": "vitest",
     "typecheck": "tsc --noEmit",
-    "git:push": "sh ./scripts/git-push-with-published-oagen.sh",
     "oagen:build:local": "npm --prefix ../oagen run build",
-    "oagen:use:local": "npm run oagen:build:local && npm link ../oagen",
-    "oagen:use:published": "sh -c 'npm unlink @workos/oagen >/dev/null 2>&1 || true; npm install --ignore-scripts @workos/oagen@^0.4.0'",
-    "prepare": "husky",
-    "sdk:generate:dotnet": "oagen generate --lang dotnet --output ./sdk-dotnet --namespace workos --api-surface ./sdk-dotnet-surface.json",
-    "sdk:verify:dotnet": "oagen verify --lang dotnet --output ./sdk-dotnet --api-surface ./sdk-dotnet-surface.json",
-    "sdk:extract:dotnet": "oagen extract --lang dotnet --sdk-path ../backend/workos-dotnet --output ./sdk-dotnet-surface.json",
-    "sdk:generate:elixir": "oagen generate --lang elixir --output ./sdk-elixir --namespace workos --api-surface ./sdk-elixir-surface.json",
-    "sdk:verify:elixir": "oagen verify --lang elixir --output ./sdk-elixir --api-surface ./sdk-elixir-surface.json",
-    "sdk:extract:elixir": "oagen extract --lang elixir --sdk-path ../backend/workos-elixir --output ./sdk-elixir-surface.json",
-    "sdk:generate:go": "oagen generate --lang go --output ./sdk-go --namespace workos --api-surface ./sdk-go-surface.json",
-    "sdk:verify:go": "oagen verify --lang go --output ./sdk-go --api-surface ./sdk-go-surface.json",
-    "sdk:extract:go": "oagen extract --lang go --sdk-path ../backend/workos-go --output ./sdk-go-surface.json",
-    "sdk:generate:kotlin": "oagen generate --lang kotlin --output ./sdk-kotlin --namespace workos --api-surface ./sdk-kotlin-surface.json",
-    "sdk:verify:kotlin": "oagen verify --lang kotlin --output ./sdk-kotlin --api-surface ./sdk-kotlin-surface.json",
-    "sdk:extract:kotlin": "oagen extract --lang kotlin --sdk-path ../backend/workos-kotlin --output ./sdk-kotlin-surface.json",
-    "sdk:generate:node": "oagen generate --lang node --output ./sdk-node --namespace workos --api-surface ./sdk-node-surface.json",
-    "sdk:verify:node": "oagen verify --lang node --output ./sdk-node --api-surface ./sdk-node-surface.json",
-    "sdk:extract:node": "oagen extract --lang node --sdk-path ../backend/workos-node --output ./sdk-node-surface.json",
-    "sdk:generate:php": "node scripts/generate-php.js",
-    "sdk:verify:php": "oagen verify --lang php --output ./sdk-php --api-surface ./sdk-php-surface.json",
-    "sdk:extract:php": "oagen extract --lang php --sdk-path ../backend/workos-php --output ./sdk-php-surface.json",
-    "sdk:generate:python": "oagen generate --lang python --output ./sdk-python --namespace workos --api-surface ./sdk-python-surface.json",
-    "sdk:verify:python": "oagen verify --lang python --output ./sdk-python --api-surface ./sdk-python-surface.json",
-    "sdk:extract:python": "oagen extract --lang python --sdk-path ../backend/workos-python --output ./sdk-python-surface.json",
-    "sdk:generate:ruby": "oagen generate --lang ruby --output ./sdk-ruby --namespace workos --api-surface ./sdk-ruby-surface.json",
-    "sdk:verify:ruby": "oagen verify --lang ruby --output ./sdk-ruby --api-surface ./sdk-ruby-surface.json",
-    "sdk:extract:ruby": "oagen extract --lang ruby --sdk-path ../backend/workos-ruby --output ./sdk-ruby-surface.json",
-    "sdk:generate:rust": "oagen generate --lang rust --output ./sdk-rust --namespace workos --api-surface ./sdk-rust-surface.json",
-    "sdk:verify:rust": "oagen verify --lang rust --output ./sdk-rust --api-surface ./sdk-rust-surface.json",
-    "sdk:extract:rust": "oagen extract --lang rust --sdk-path ../backend/workos-rust --output ./sdk-rust-surface.json"
+    "dev:link": "npm run oagen:build:local && npm link --prefix ../oagen && npm link @workos/oagen",
+    "dev:unlink": "npm install",
+    "prepare": "husky"
   },
   "devDependencies": {
     "@commitlint/cli": "^20.5.0",
     "@commitlint/config-conventional": "^20.5.0",
-    "@types/node": "^25.3.3",
+    "@types/node": "^25.6.0",
     "husky": "^9.1.7",
-    "oxfmt": "^0.36.0",
-    "oxlint": "^1.51.0",
-    "prettier": "^3.8.1",
-    "tsdown": "^0.21.5",
-    "tsx": "^4.19.0",
-    "typescript": "^6.0.0-dev.20260324",
-    "vitest": "^3.0.0"
+    "oxfmt": "^0.46.0",
+    "oxlint": "^1.61.0",
+    "prettier": "^3.8.3",
+    "tsdown": "^0.21.10",
+    "tsx": "^4.21.0",
+    "typescript": "^6.0.3",
+    "vitest": "^4.1.5"
   },
   "engines": {
     "node": ">=24.10.0"
   },
   "dependencies": {
-    "@workos/oagen": "^0.6.0"
+    "@workos/oagen": "^0.9.0"
   }
 }

package/smoke/sdk-dotnet.ts

@@ -152,15 +152,21 @@ function createProxyServer(apiKey: string, captures: ProxyCapture[]): Promise<{
 // ---------------------------------------------------------------------------
 
 function loadManifest(sdkPath: string): Map<string, ManifestEntry> | null {
-  const manifestPath = resolve(sdkPath, 'smoke-manifest.json');
+  const manifestPath = resolve(sdkPath, '.oagen-manifest.json');
   if (!existsSync(manifestPath)) {
-    console.warn(`Warning: No smoke-manifest.json found at ${manifestPath}`);
-    console.warn('  Method resolution will rely on heuristic tiers — most operations may be skipped.');
+    console.warn(`Warning: No .oagen-manifest.json found at ${manifestPath}`);
+    console.warn('  Method resolution will rely on heuristic tiers -- most operations may be skipped.');
+    return null;
+  }
+  const parsed = JSON.parse(readFileSync(manifestPath, 'utf-8'));
+  const operations = parsed?.operations;
+  if (!operations || typeof operations !== 'object') {
+    console.warn('Warning: .oagen-manifest.json has no operations field');
+    console.warn('  Method resolution will rely on heuristic tiers -- most operations may be skipped.');
     return null;
   }
-  const raw = JSON.parse(readFileSync(manifestPath, 'utf-8'));
   const manifest = new Map<string, ManifestEntry>();
-  for (const [httpKey, entry] of Object.entries(raw)) {
+  for (const [httpKey, entry] of Object.entries(operations)) {
     manifest.set(httpKey, entry as ManifestEntry);
   }
   return manifest;

package/smoke/sdk-elixir.ts

@@ -196,15 +196,21 @@ function startProxy(
 // ---------------------------------------------------------------------------
 
 function loadManifest(sdkPath: string): Map<string, ManifestEntry> | null {
-  const manifestPath = resolve(sdkPath, 'smoke-manifest.json');
+  const manifestPath = resolve(sdkPath, '.oagen-manifest.json');
   if (!existsSync(manifestPath)) {
-    console.warn(`Warning: No smoke-manifest.json found at ${manifestPath}`);
-    console.warn('  Method resolution will rely on heuristic tiers — most operations may be skipped.');
+    console.warn(`Warning: No .oagen-manifest.json found at ${manifestPath}`);
+    console.warn('  Method resolution will rely on heuristic tiers -- most operations may be skipped.');
+    return null;
+  }
+  const parsed = JSON.parse(readFileSync(manifestPath, 'utf-8'));
+  const operations = parsed?.operations;
+  if (!operations || typeof operations !== 'object') {
+    console.warn('Warning: .oagen-manifest.json has no operations field');
+    console.warn('  Method resolution will rely on heuristic tiers -- most operations may be skipped.');
     return null;
   }
-  const raw = JSON.parse(readFileSync(manifestPath, 'utf-8'));
   const manifest = new Map<string, ManifestEntry>();
-  for (const [httpKey, entry] of Object.entries(raw)) {
+  for (const [httpKey, entry] of Object.entries(operations)) {
     manifest.set(httpKey, entry as ManifestEntry);
   }
   return manifest;

package/smoke/sdk-go.ts

@@ -126,15 +126,21 @@ function goFieldName(name: string): string {
 // ---------------------------------------------------------------------------
 
 function loadManifest(sdkPath: string): Map<string, ManifestEntry> | null {
-  const manifestPath = resolve(sdkPath, 'smoke-manifest.json');
+  const manifestPath = resolve(sdkPath, '.oagen-manifest.json');
   if (!existsSync(manifestPath)) {
-    console.warn(`Warning: No smoke-manifest.json found at ${manifestPath}`);
+    console.warn(`Warning: No .oagen-manifest.json found at ${manifestPath}`);
+    console.warn('  Method resolution will rely on heuristic tiers -- most operations may be skipped.');
+    return null;
+  }
+  const parsed = JSON.parse(readFileSync(manifestPath, 'utf-8'));
+  const operations = parsed?.operations;
+  if (!operations || typeof operations !== 'object') {
+    console.warn('Warning: .oagen-manifest.json has no operations field');
     console.warn('  Method resolution will rely on heuristic tiers -- most operations may be skipped.');
     return null;
   }
-  const raw = JSON.parse(readFileSync(manifestPath, 'utf-8'));
   const manifest = new Map<string, ManifestEntry>();
-  for (const [httpKey, entry] of Object.entries(raw)) {
+  for (const [httpKey, entry] of Object.entries(operations)) {
     manifest.set(httpKey, entry as ManifestEntry);
   }
   return manifest;

package/smoke/sdk-kotlin.ts

@@ -175,15 +175,21 @@ function createProxyServer(
 // ---------------------------------------------------------------------------
 
 function loadManifest(sdkPath: string): Map<string, ManifestEntry> | null {
-  const manifestPath = resolve(sdkPath, 'smoke-manifest.json');
+  const manifestPath = resolve(sdkPath, '.oagen-manifest.json');
   if (!existsSync(manifestPath)) {
-    console.warn(`Warning: No smoke-manifest.json found at ${manifestPath}`);
-    console.warn('  Method resolution will rely on heuristic tiers — most operations may be skipped.');
+    console.warn(`Warning: No .oagen-manifest.json found at ${manifestPath}`);
+    console.warn('  Method resolution will rely on heuristic tiers -- most operations may be skipped.');
+    return null;
+  }
+  const parsed = JSON.parse(readFileSync(manifestPath, 'utf-8'));
+  const operations = parsed?.operations;
+  if (!operations || typeof operations !== 'object') {
+    console.warn('Warning: .oagen-manifest.json has no operations field');
+    console.warn('  Method resolution will rely on heuristic tiers -- most operations may be skipped.');
     return null;
   }
-  const raw = JSON.parse(readFileSync(manifestPath, 'utf-8'));
   const manifest = new Map<string, ManifestEntry>();
-  for (const [httpKey, entry] of Object.entries(raw)) {
+  for (const [httpKey, entry] of Object.entries(operations)) {
     manifest.set(httpKey, entry as ManifestEntry);
   }
   return manifest;

package/smoke/sdk-node.ts

@@ -107,15 +107,21 @@ function restoreFetch(): void {
 // ---------------------------------------------------------------------------
 
 function loadManifest(sdkPath: string): Map<string, ManifestEntry> | null {
-  const manifestPath = resolve(sdkPath, 'smoke-manifest.json');
+  const manifestPath = resolve(sdkPath, '.oagen-manifest.json');
   if (!existsSync(manifestPath)) {
-    console.warn(`⚠ No smoke-manifest.json found at ${manifestPath}`);
-    console.warn('  Method resolution will rely on heuristic tiers — most operations may be skipped.');
+    console.warn(`Warning: No .oagen-manifest.json found at ${manifestPath}`);
+    console.warn('  Method resolution will rely on heuristic tiers -- most operations may be skipped.');
+    return null;
+  }
+  const parsed = JSON.parse(readFileSync(manifestPath, 'utf-8'));
+  const operations = parsed?.operations;
+  if (!operations || typeof operations !== 'object') {
+    console.warn('Warning: .oagen-manifest.json has no operations field');
+    console.warn('  Method resolution will rely on heuristic tiers -- most operations may be skipped.');
     return null;
   }
-  const raw = JSON.parse(readFileSync(manifestPath, 'utf-8'));
   const manifest = new Map<string, ManifestEntry>();
-  for (const [httpKey, entry] of Object.entries(raw)) {
+  for (const [httpKey, entry] of Object.entries(operations)) {
     manifest.set(httpKey, entry as ManifestEntry);
   }
   return manifest;