workos 0.11.2 → 0.12.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (169) hide show
  1. package/README.md +163 -6
  2. package/dist/bin.js +20 -1
  3. package/dist/bin.js.map +1 -1
  4. package/dist/check-coverage.ts +237 -0
  5. package/dist/commands/dev.d.ts +23 -0
  6. package/dist/commands/dev.js +139 -0
  7. package/dist/commands/dev.js.map +1 -0
  8. package/dist/commands/emulate.d.ts +6 -0
  9. package/dist/commands/emulate.js +64 -0
  10. package/dist/commands/emulate.js.map +1 -0
  11. package/dist/emulate/core/id.d.ts +33 -0
  12. package/dist/emulate/core/id.js +58 -0
  13. package/dist/emulate/core/id.js.map +1 -0
  14. package/dist/emulate/core/index.d.ts +8 -0
  15. package/dist/emulate/core/index.js +8 -0
  16. package/dist/emulate/core/index.js.map +1 -0
  17. package/dist/emulate/core/jwt.d.ts +28 -0
  18. package/dist/emulate/core/jwt.js +78 -0
  19. package/dist/emulate/core/jwt.js.map +1 -0
  20. package/dist/emulate/core/middleware/auth.d.ts +18 -0
  21. package/dist/emulate/core/middleware/auth.js +28 -0
  22. package/dist/emulate/core/middleware/auth.js.map +1 -0
  23. package/dist/emulate/core/middleware/error-handler.d.ts +22 -0
  24. package/dist/emulate/core/middleware/error-handler.js +72 -0
  25. package/dist/emulate/core/middleware/error-handler.js.map +1 -0
  26. package/dist/emulate/core/pagination.d.ts +21 -0
  27. package/dist/emulate/core/pagination.js +35 -0
  28. package/dist/emulate/core/pagination.js.map +1 -0
  29. package/dist/emulate/core/plugin.d.ts +15 -0
  30. package/dist/emulate/core/plugin.js +2 -0
  31. package/dist/emulate/core/plugin.js.map +1 -0
  32. package/dist/emulate/core/server.d.ts +17 -0
  33. package/dist/emulate/core/server.js +116 -0
  34. package/dist/emulate/core/server.js.map +1 -0
  35. package/dist/emulate/core/store.d.ts +42 -0
  36. package/dist/emulate/core/store.js +148 -0
  37. package/dist/emulate/core/store.js.map +1 -0
  38. package/dist/emulate/index.d.ts +25 -0
  39. package/dist/emulate/index.js +47 -0
  40. package/dist/emulate/index.js.map +1 -0
  41. package/dist/emulate/workos/entities.d.ts +360 -0
  42. package/dist/emulate/workos/entities.js +2 -0
  43. package/dist/emulate/workos/entities.js.map +1 -0
  44. package/dist/emulate/workos/event-bus.d.ts +12 -0
  45. package/dist/emulate/workos/event-bus.js +45 -0
  46. package/dist/emulate/workos/event-bus.js.map +1 -0
  47. package/dist/emulate/workos/helpers.d.ts +63 -0
  48. package/dist/emulate/workos/helpers.js +518 -0
  49. package/dist/emulate/workos/helpers.js.map +1 -0
  50. package/dist/emulate/workos/index.d.ts +91 -0
  51. package/dist/emulate/workos/index.js +319 -0
  52. package/dist/emulate/workos/index.js.map +1 -0
  53. package/dist/emulate/workos/routes/api-keys.d.ts +2 -0
  54. package/dist/emulate/workos/routes/api-keys.js +35 -0
  55. package/dist/emulate/workos/routes/api-keys.js.map +1 -0
  56. package/dist/emulate/workos/routes/audit-logs.d.ts +2 -0
  57. package/dist/emulate/workos/routes/audit-logs.js +107 -0
  58. package/dist/emulate/workos/routes/audit-logs.js.map +1 -0
  59. package/dist/emulate/workos/routes/auth-challenges.d.ts +2 -0
  60. package/dist/emulate/workos/routes/auth-challenges.js +51 -0
  61. package/dist/emulate/workos/routes/auth-challenges.js.map +1 -0
  62. package/dist/emulate/workos/routes/auth-factors.d.ts +2 -0
  63. package/dist/emulate/workos/routes/auth-factors.js +51 -0
  64. package/dist/emulate/workos/routes/auth-factors.js.map +1 -0
  65. package/dist/emulate/workos/routes/auth.d.ts +2 -0
  66. package/dist/emulate/workos/routes/auth.js +349 -0
  67. package/dist/emulate/workos/routes/auth.js.map +1 -0
  68. package/dist/emulate/workos/routes/authorization-checks.d.ts +10 -0
  69. package/dist/emulate/workos/routes/authorization-checks.js +135 -0
  70. package/dist/emulate/workos/routes/authorization-checks.js.map +1 -0
  71. package/dist/emulate/workos/routes/authorization-org-roles.d.ts +2 -0
  72. package/dist/emulate/workos/routes/authorization-org-roles.js +206 -0
  73. package/dist/emulate/workos/routes/authorization-org-roles.js.map +1 -0
  74. package/dist/emulate/workos/routes/authorization-permissions.d.ts +2 -0
  75. package/dist/emulate/workos/routes/authorization-permissions.js +78 -0
  76. package/dist/emulate/workos/routes/authorization-permissions.js.map +1 -0
  77. package/dist/emulate/workos/routes/authorization-resources.d.ts +2 -0
  78. package/dist/emulate/workos/routes/authorization-resources.js +128 -0
  79. package/dist/emulate/workos/routes/authorization-resources.js.map +1 -0
  80. package/dist/emulate/workos/routes/authorization-roles.d.ts +2 -0
  81. package/dist/emulate/workos/routes/authorization-roles.js +136 -0
  82. package/dist/emulate/workos/routes/authorization-roles.js.map +1 -0
  83. package/dist/emulate/workos/routes/config.d.ts +2 -0
  84. package/dist/emulate/workos/routes/config.js +56 -0
  85. package/dist/emulate/workos/routes/config.js.map +1 -0
  86. package/dist/emulate/workos/routes/connect.d.ts +2 -0
  87. package/dist/emulate/workos/routes/connect.js +69 -0
  88. package/dist/emulate/workos/routes/connect.js.map +1 -0
  89. package/dist/emulate/workos/routes/connections.d.ts +2 -0
  90. package/dist/emulate/workos/routes/connections.js +77 -0
  91. package/dist/emulate/workos/routes/connections.js.map +1 -0
  92. package/dist/emulate/workos/routes/data-integrations.d.ts +2 -0
  93. package/dist/emulate/workos/routes/data-integrations.js +55 -0
  94. package/dist/emulate/workos/routes/data-integrations.js.map +1 -0
  95. package/dist/emulate/workos/routes/directories.d.ts +2 -0
  96. package/dist/emulate/workos/routes/directories.js +106 -0
  97. package/dist/emulate/workos/routes/directories.js.map +1 -0
  98. package/dist/emulate/workos/routes/email-verification.d.ts +2 -0
  99. package/dist/emulate/workos/routes/email-verification.js +49 -0
  100. package/dist/emulate/workos/routes/email-verification.js.map +1 -0
  101. package/dist/emulate/workos/routes/events.d.ts +2 -0
  102. package/dist/emulate/workos/routes/events.js +21 -0
  103. package/dist/emulate/workos/routes/events.js.map +1 -0
  104. package/dist/emulate/workos/routes/feature-flags.d.ts +2 -0
  105. package/dist/emulate/workos/routes/feature-flags.js +131 -0
  106. package/dist/emulate/workos/routes/feature-flags.js.map +1 -0
  107. package/dist/emulate/workos/routes/invitations.d.ts +2 -0
  108. package/dist/emulate/workos/routes/invitations.js +125 -0
  109. package/dist/emulate/workos/routes/invitations.js.map +1 -0
  110. package/dist/emulate/workos/routes/legacy-mfa.d.ts +2 -0
  111. package/dist/emulate/workos/routes/legacy-mfa.js +75 -0
  112. package/dist/emulate/workos/routes/legacy-mfa.js.map +1 -0
  113. package/dist/emulate/workos/routes/magic-auth.d.ts +2 -0
  114. package/dist/emulate/workos/routes/magic-auth.js +32 -0
  115. package/dist/emulate/workos/routes/magic-auth.js.map +1 -0
  116. package/dist/emulate/workos/routes/memberships.d.ts +2 -0
  117. package/dist/emulate/workos/routes/memberships.js +118 -0
  118. package/dist/emulate/workos/routes/memberships.js.map +1 -0
  119. package/dist/emulate/workos/routes/organization-domains.d.ts +2 -0
  120. package/dist/emulate/workos/routes/organization-domains.js +58 -0
  121. package/dist/emulate/workos/routes/organization-domains.js.map +1 -0
  122. package/dist/emulate/workos/routes/organizations.d.ts +2 -0
  123. package/dist/emulate/workos/routes/organizations.js +133 -0
  124. package/dist/emulate/workos/routes/organizations.js.map +1 -0
  125. package/dist/emulate/workos/routes/password-reset.d.ts +2 -0
  126. package/dist/emulate/workos/routes/password-reset.js +61 -0
  127. package/dist/emulate/workos/routes/password-reset.js.map +1 -0
  128. package/dist/emulate/workos/routes/pipes.d.ts +2 -0
  129. package/dist/emulate/workos/routes/pipes.js +86 -0
  130. package/dist/emulate/workos/routes/pipes.js.map +1 -0
  131. package/dist/emulate/workos/routes/portal.d.ts +2 -0
  132. package/dist/emulate/workos/routes/portal.js +18 -0
  133. package/dist/emulate/workos/routes/portal.js.map +1 -0
  134. package/dist/emulate/workos/routes/radar.d.ts +2 -0
  135. package/dist/emulate/workos/routes/radar.js +45 -0
  136. package/dist/emulate/workos/routes/radar.js.map +1 -0
  137. package/dist/emulate/workos/routes/sessions.d.ts +2 -0
  138. package/dist/emulate/workos/routes/sessions.js +51 -0
  139. package/dist/emulate/workos/routes/sessions.js.map +1 -0
  140. package/dist/emulate/workos/routes/sso.d.ts +2 -0
  141. package/dist/emulate/workos/routes/sso.js +160 -0
  142. package/dist/emulate/workos/routes/sso.js.map +1 -0
  143. package/dist/emulate/workos/routes/user-features.d.ts +2 -0
  144. package/dist/emulate/workos/routes/user-features.js +50 -0
  145. package/dist/emulate/workos/routes/user-features.js.map +1 -0
  146. package/dist/emulate/workos/routes/users.d.ts +2 -0
  147. package/dist/emulate/workos/routes/users.js +133 -0
  148. package/dist/emulate/workos/routes/users.js.map +1 -0
  149. package/dist/emulate/workos/routes/webhook-endpoints.d.ts +2 -0
  150. package/dist/emulate/workos/routes/webhook-endpoints.js +70 -0
  151. package/dist/emulate/workos/routes/webhook-endpoints.js.map +1 -0
  152. package/dist/emulate/workos/routes/widgets.d.ts +2 -0
  153. package/dist/emulate/workos/routes/widgets.js +27 -0
  154. package/dist/emulate/workos/routes/widgets.js.map +1 -0
  155. package/dist/emulate/workos/store.d.ts +48 -0
  156. package/dist/emulate/workos/store.js +93 -0
  157. package/dist/emulate/workos/store.js.map +1 -0
  158. package/dist/emulate/workos/webhook-signer.d.ts +1 -0
  159. package/dist/emulate/workos/webhook-signer.js +8 -0
  160. package/dist/emulate/workos/webhook-signer.js.map +1 -0
  161. package/dist/gen-routes-lib.spec.ts +659 -0
  162. package/dist/gen-routes-lib.ts +647 -0
  163. package/dist/gen-routes.ts +96 -0
  164. package/dist/lib/dev-command.d.ts +26 -0
  165. package/dist/lib/dev-command.js +122 -0
  166. package/dist/lib/dev-command.js.map +1 -0
  167. package/dist/utils/help-json.js +23 -0
  168. package/dist/utils/help-json.js.map +1 -1
  169. package/package.json +20 -7
package/dist/emulate/workos/helpers.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"helpers.js","sourceRoot":"","sources":["../../../src/emulate/workos/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AACtE,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AA0ClD,MAAM,UAAU,kBAAkB,CAAC,GAAuB,EAAE,EAAe;IACzE,MAAM,OAAO,GAAG,EAAE,CAAC,mBAAmB,CAAC,MAAM,CAAC,iBAAiB,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAE3F,OAAO;QACL,MAAM,EAAE,cAAc;QACtB,EAAE,EAAE,GAAG,CAAC,EAAE;QACV,IAAI,EAAE,GAAG,CAAC,IAAI;QACd,WAAW,EAAE,GAAG,CAAC,WAAW;QAC5B,QAAQ,EAAE,GAAG,CAAC,QAAQ;QACtB,OAAO;QACP,kBAAkB,EAAE,GAAG,CAAC,kBAAkB;QAC1C,UAAU,EAAE,GAAG,CAAC,UAAU;QAC1B,UAAU,EAAE,GAAG,CAAC,UAAU;KAC3B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,MAAgC;IAC3D,OAAO;QACL,MAAM,EAAE,qBAAqB;QAC7B,EAAE,EAAE,MAAM,CAAC,EAAE;QACb,eAAe,EAAE,MAAM,CAAC,eAAe;QACvC,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,qBAAqB,EAAE,MAAM,CAAC,qBAAqB;QACnD,kBAAkB,EAAE,MAAM,CAAC,kBAAkB;QAC7C,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;QAC/C,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,UAAU,EAAE,MAAM,CAAC,UAAU;KAC9B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,CAA+B;IAC9D,OAAO;QACL,MAAM,EAAE,yBAAyB;QACjC,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,eAAe,EAAE,CAAC,CAAC,eAAe;QAClC,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,WAAW,EAAE,CAAC,CAAC,WAAW;QAC1B,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,IAAgB;IACzC,OAAO;QACL,MAAM,EAAE,MAAM;QACd,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,cAAc,EAAE,IAAI,CAAC,cAAc;QACnC,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;QAC7C,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;KAC5B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,CAAgB;IAC5C,OAAO;QACL,MAAM,EAAE,SAAS;QACjB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,eAAe,EAAE,CAAC,CAAC,eAAe;QAClC,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,EAA2B;IACjE,OAAO;QACL,MAAM,EAAE,oBAAoB;QAC5B,EAAE,EAAE,EAAE,CAAC,EAAE;QACT,OAAO,EAAE,EAAE,CAAC,OAAO;QACnB,KAAK,EAAE,EAAE,CAAC,KAAK;QACf,IAAI,EAAE,EAAE,CAAC,IAAI;QACb,UAAU,EAAE,EAAE,CAAC,UAAU;QACzB,UAAU,EAAE,EAAE,CAAC,UAAU;QACzB,UAAU,EAAE,EAAE,CAAC,UAAU;KAC1B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,EAAuB;IACzD,OAAO;QACL,MAAM,EAAE,gBAAgB;QACxB,EAAE,EAAE,EAAE,CAAC,EAAE;QACT,OAAO,EAAE,EAAE,CAAC,OAAO;QACnB,KAAK,EAAE,EAAE,CAAC,KAAK;QACf,KAAK,EAAE,EAAE,CAAC,KAAK;QACf,UAAU,EAAE,EAAE,CAAC,UAAU;QACzB,UAAU,EAAE,EAAE,CAAC,UAAU;QACzB,UAAU,EAAE,EAAE,CAAC,UAAU;KAC1B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,EAAmB;IACjD,OAAO;QACL,MAAM,EAAE,YAAY;QACpB,EAAE,EAAE,EAAE,CAAC,EAAE;QACT,OAAO,EAAE,EAAE,CAAC,OAAO;QACnB,KAAK,EAAE,EAAE,CAAC,KAAK;QACf,IAAI,EAAE,EAAE,CAAC,IAAI;QACb,UAAU,EAAE,EAAE,CAAC,UAAU;QACzB,UAAU,EAAE,EAAE,CAAC,UAAU;QACzB,UAAU,EAAE,EAAE,CAAC,UAAU;KAC1B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,CAA6B;IAC5D,OAAO;QACL,MAAM,EAAE,uBAAuB;QAC/B,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,CAAiB;IAC9C,OAAO;QACL,MAAM,EAAE,UAAU;QAClB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,WAAW,EAAE,CAAC,CAAC,WAAW;QAC1B,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,yBAAyB;IACvC,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACzC,CAAC;AAED,MAAM,UAAU,YAAY;IAC1B,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,QAAgB;IAC3C,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAC7D,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,QAAgB,EAAE,IAAY;IAC3D,OAAO,YAAY,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC;AACzC,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,OAAe;IACvC,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;AAClE,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,SAAiB;IACzC,OAAO,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;AACpD,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,IAAsB;IACrD,OAAO;QACL,MAAM,EAAE,YAAY;QACpB,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;KAC5B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,CAAmB;IAClD,OAAO;QACL,MAAM,EAAE,SAAS;QACjB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,aAAa,EAAE,CAAC,CAAC,aAAa;QAC9B,eAAe,EAAE,CAAC,CAAC,eAAe;QAClC,eAAe,EAAE,CAAC,CAAC,eAAe;QAClC,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,SAAS,EAAE,CAAC,CAAC,SAAS;QACtB,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,cAAc,EAAE,CAAC,CAAC,cAAc;QAChC,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,EAAwB;IAC3D,OAAO;QACL,MAAM,EAAE,iBAAiB;QACzB,EAAE,EAAE,EAAE,CAAC,EAAE;QACT,OAAO,EAAE,EAAE,CAAC,OAAO;QACnB,QAAQ,EAAE,EAAE,CAAC,QAAQ;QACrB,MAAM,EAAE,EAAE,CAAC,MAAM;QACjB,MAAM,EAAE,EAAE,CAAC,MAAM;QACjB,mBAAmB,EAAE,EAAE,CAAC,mBAAmB;QAC3C,UAAU,EAAE,EAAE,CAAC,UAAU;QACzB,UAAU,EAAE,EAAE,CAAC,UAAU;KAC1B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,GAAqB;IACpD,OAAO;QACL,MAAM,EAAE,YAAY;QACpB,EAAE,EAAE,GAAG,CAAC,EAAE;QACV,KAAK,EAAE,GAAG,CAAC,KAAK;QAChB,KAAK,EAAE,GAAG,CAAC,KAAK;QAChB,KAAK,EAAE,GAAG,CAAC,KAAK;QAChB,qBAAqB,EAAE,GAAG,CAAC,qBAAqB;QAChD,eAAe,EAAE,GAAG,CAAC,eAAe;QACpC,eAAe,EAAE,GAAG,CAAC,eAAe;QACpC,SAAS,EAAE,GAAG,CAAC,SAAS;QACxB,UAAU,EAAE,GAAG,CAAC,UAAU;QAC1B,UAAU,EAAE,GAAG,CAAC,UAAU;QAC1B,UAAU,EAAE,GAAG,CAAC,UAAU;KAC3B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,CAAoB;IACpD,OAAO;QACL,MAAM,EAAE,cAAc;QACtB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,GAAG,EAAE,CAAC,CAAC,GAAG;QACV,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,CAAmB;IAClD,OAAO;QACL,MAAM,EAAE,aAAa;QACrB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,2BAA2B,CAAC,CAA8B;IACxE,OAAO;QACL,MAAM,EAAE,wBAAwB;QAChC,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,YAAY,EAAE,CAAC,CAAC,YAAY;QAC5B,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,CAAyB;IAC9D,OAAO;QACL,MAAM,EAAE,mBAAmB;QAC3B,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,WAAW,EAAE,CAAC,CAAC,WAAW;QAC1B,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,GAAQ;IACtC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IAC1F,MAAM,KAAK,GAAI,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAoB,IAAI,MAAM,CAAC;IAC1E,MAAM,MAAM,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC;IAC3D,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;IACzD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;AACzC,CAAC;AAED,yEAAyE;AACzE,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC,CAAC;AAE5E;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,GAAW;IAChD,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,sBAAsB,EAAE,sBAAsB,CAAC,CAAC;IAChF,CAAC;IACD,IAAI,CAAC,sBAAsB,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjD,MAAM,IAAI,cAAc,CACtB,GAAG,EACH,6CAA6C,MAAM,CAAC,QAAQ,EAAE,EAC9D,sBAAsB,CACvB,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,CAAgC;IAClE,OAAO;QACL,MAAM,EAAE,0BAA0B;QAClC,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,SAAS,EAAE,CAAC,CAAC,SAAS;QACtB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,IAAgB;IACzC,OAAO;QACL,MAAM,EAAE,MAAM;QACd,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;KAC5B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,CAAmB;IAClD,OAAO;QACL,MAAM,EAAE,YAAY;QACpB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,WAAW,EAAE,CAAC,CAAC,WAAW;QAC1B,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,2BAA2B,CAAC,CAA8B;IACxE,OAAO;QACL,MAAM,EAAE,wBAAwB;QAChC,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,kBAAkB,EAAE,CAAC,CAAC,kBAAkB;QACxC,WAAW,EAAE,CAAC,CAAC,WAAW;QAC1B,eAAe,EAAE,CAAC,CAAC,eAAe;QAClC,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,EAAwB;IAC3D,OAAO;QACL,MAAM,EAAE,iBAAiB;QACzB,EAAE,EAAE,EAAE,CAAC,EAAE;QACT,0BAA0B,EAAE,EAAE,CAAC,0BAA0B;QACzD,OAAO,EAAE,EAAE,CAAC,OAAO;QACnB,UAAU,EAAE,EAAE,CAAC,UAAU;QACzB,UAAU,EAAE,EAAE,CAAC,UAAU;KAC1B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,CAA4B;IACpE,OAAO;QACL,WAAW,EAAE,CAAC,CAAC,WAAW;QAC1B,SAAS,EAAE,CAAC,CAAC,SAAS;QACtB,gBAAgB,EAAE,4DAA4D;QAC9E,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;QAC3F,QAAQ,EAAE,CAAC,CAAC,QAAQ;KACrB,CAAC;AACJ,CAAC;AAED,0CAA0C;AAE1C,MAAM,UAAU,eAAe,CAAC,CAAkB;IAChD,OAAO;QACL,MAAM,EAAE,WAAW;QACnB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,eAAe,EAAE,CAAC,CAAC,eAAe;QAClC,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,YAAY,EAAE,CAAC,CAAC,YAAY;QAC5B,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,CAAsB;IACxD,OAAO;QACL,MAAM,EAAE,gBAAgB;QACxB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,YAAY,EAAE,CAAC,CAAC,YAAY;QAC5B,eAAe,EAAE,CAAC,CAAC,eAAe;QAClC,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,SAAS,EAAE,CAAC,CAAC,SAAS;QACtB,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,iBAAiB,EAAE,CAAC,CAAC,iBAAiB;QACtC,cAAc,EAAE,CAAC,CAAC,cAAc;QAChC,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,CAAuB;IAC1D,OAAO;QACL,MAAM,EAAE,iBAAiB;QACzB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,YAAY,EAAE,CAAC,CAAC,YAAY;QAC5B,eAAe,EAAE,CAAC,CAAC,eAAe;QAClC,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,cAAc,EAAE,CAAC,CAAC,cAAc;QAChC,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,CAAuB;IAC1D,OAAO;QACL,MAAM,EAAE,kBAAkB;QAC1B,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,WAAW,EAAE,CAAC,CAAC,WAAW;QAC1B,SAAS,EAAE,CAAC,CAAC,SAAS;QACtB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,CAAsB;IACxD,OAAO;QACL,MAAM,EAAE,iBAAiB;QACzB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,eAAe,EAAE,CAAC,CAAC,eAAe;QAClC,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,WAAW,EAAE,CAAC,CAAC,WAAW;QAC1B,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,EAAwB;IAC3D,OAAO;QACL,MAAM,EAAE,kBAAkB;QAC1B,EAAE,EAAE,EAAE,CAAC,EAAE;QACT,eAAe,EAAE,EAAE,CAAC,eAAe;QACnC,KAAK,EAAE,EAAE,CAAC,KAAK;QACf,GAAG,EAAE,EAAE,CAAC,GAAG;QACX,OAAO,EAAE,EAAE,CAAC,OAAO;QACnB,UAAU,EAAE,EAAE,CAAC,UAAU;QACzB,UAAU,EAAE,EAAE,CAAC,UAAU;KAC1B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,CAAoB;IACpD,OAAO;QACL,MAAM,EAAE,cAAc;QACtB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,WAAW,EAAE,CAAC,CAAC,WAAW;QAC1B,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,aAAa,EAAE,CAAC,CAAC,aAAa;QAC9B,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,wBAAwB,CAAC,CAA2B;IAClE,OAAO;QACL,MAAM,EAAE,qBAAqB;QAC7B,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,aAAa,EAAE,CAAC,CAAC,aAAa;QAC9B,SAAS,EAAE,CAAC,CAAC,SAAS;QACtB,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,CAAqB;IACtD,OAAO;QACL,MAAM,EAAE,eAAe;QACvB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,cAAc,EAAE,CAAC,CAAC,cAAc;QAChC,SAAS,EAAE,CAAC,CAAC,SAAS;QACtB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,CAAqB;IACtD,OAAO;QACL,MAAM,EAAE,eAAe;QACvB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,CAAe;IAChD,OAAO;QACL,MAAM,EAAE,SAAS;QACjB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,CAAc;IACxC,OAAO;QACL,MAAM,EAAE,OAAO;QACf,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,cAAc,EAAE,CAAC,CAAC,cAAc;QAChC,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,qBAAqB,CACnC,EAAyB,EACzB,IAAkC;IAElC,OAAO;QACL,MAAM,EAAE,kBAAkB;QAC1B,EAAE,EAAE,EAAE,CAAC,EAAE;QACT,GAAG,EAAE,EAAE,CAAC,GAAG;QACX,MAAM,EAAE,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM;QACxE,OAAO,EAAE,EAAE,CAAC,OAAO;QACnB,MAAM,EAAE,EAAE,CAAC,MAAM;QACjB,WAAW,EAAE,EAAE,CAAC,WAAW;QAC3B,UAAU,EAAE,EAAE,CAAC,UAAU;QACzB,UAAU,EAAE,EAAE,CAAC,UAAU;KAC1B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,WAAW,CACzB,IAAyE,EACzE,MAAc;IAEd,MAAM,GAAG,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC;IACzD,MAAM,EAAE,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;IAC3B,MAAM,MAAM,GAAG,cAAc,CAAC,aAAa,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACvC,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IACpF,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;IAChC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAChE,CAAC","sourcesContent":["import { randomBytes, createHash, createCipheriv } from 'node:crypto';\nimport { WorkOSApiError } from '../core/index.js';\nimport type { WorkOSStore } from './store.js';\nimport type {\n WorkOSOrganization,\n WorkOSOrganizationDomain,\n WorkOSOrganizationMembership,\n WorkOSUser,\n WorkOSSession,\n WorkOSEmailVerification,\n WorkOSPasswordReset,\n WorkOSMagicAuth,\n WorkOSAuthenticationFactor,\n WorkOSIdentity,\n WorkOSConnection,\n WorkOSSSOProfile,\n WorkOSPipeConnection,\n WorkOSInvitation,\n WorkOSRedirectUri,\n WorkOSCorsOrigin,\n WorkOSAuthorizedApplication,\n WorkOSConnectedAccount,\n WorkOSAuthenticationChallenge,\n WorkOSDeviceAuthorization,\n WorkOSRole,\n WorkOSPermission,\n WorkOSAuthorizationResource,\n WorkOSRoleAssignment,\n WorkOSDirectory,\n WorkOSDirectoryUser,\n WorkOSDirectoryGroup,\n WorkOSAuditLogAction,\n WorkOSAuditLogEvent,\n WorkOSAuditLogExport,\n WorkOSFeatureFlag,\n WorkOSConnectApplication,\n WorkOSClientSecret,\n WorkOSRadarAttempt,\n WorkOSApiKey,\n WorkOSEvent,\n WorkOSWebhookEndpoint,\n} from './entities.js';\n\nexport function formatOrganization(org: WorkOSOrganization, ws: WorkOSStore): Record<string, unknown> {\n const domains = ws.organizationDomains.findBy('organization_id', org.id).map(formatDomain);\n\n return {\n object: 'organization',\n id: org.id,\n name: org.name,\n external_id: org.external_id,\n metadata: org.metadata,\n domains,\n stripe_customer_id: org.stripe_customer_id,\n created_at: org.created_at,\n updated_at: org.updated_at,\n };\n}\n\nexport function formatDomain(domain: WorkOSOrganizationDomain): Record<string, unknown> {\n return {\n object: 'organization_domain',\n id: domain.id,\n organization_id: domain.organization_id,\n domain: domain.domain,\n state: domain.state,\n verification_strategy: domain.verification_strategy,\n verification_token: domain.verification_token,\n verification_prefix: domain.verification_prefix,\n created_at: domain.created_at,\n updated_at: domain.updated_at,\n };\n}\n\nexport function formatMembership(m: WorkOSOrganizationMembership): Record<string, unknown> {\n return {\n object: 'organization_membership',\n id: m.id,\n organization_id: m.organization_id,\n user_id: m.user_id,\n role: m.role,\n status: m.status,\n external_id: m.external_id,\n metadata: m.metadata,\n created_at: m.created_at,\n updated_at: m.updated_at,\n };\n}\n\nexport function formatUser(user: WorkOSUser): Record<string, unknown> {\n return {\n object: 'user',\n id: user.id,\n email: user.email,\n first_name: user.first_name,\n last_name: user.last_name,\n email_verified: user.email_verified,\n profile_picture_url: user.profile_picture_url,\n last_sign_in_at: user.last_sign_in_at,\n external_id: user.external_id,\n metadata: user.metadata,\n locale: user.locale,\n created_at: user.created_at,\n updated_at: user.updated_at,\n };\n}\n\nexport function formatSession(s: WorkOSSession): Record<string, unknown> {\n return {\n object: 'session',\n id: s.id,\n user_id: s.user_id,\n organization_id: s.organization_id,\n ip_address: s.ip_address,\n user_agent: s.user_agent,\n created_at: s.created_at,\n updated_at: s.updated_at,\n };\n}\n\nexport function formatEmailVerification(ev: WorkOSEmailVerification): Record<string, unknown> {\n return {\n object: 'email_verification',\n id: ev.id,\n user_id: ev.user_id,\n email: ev.email,\n code: ev.code,\n expires_at: ev.expires_at,\n created_at: ev.created_at,\n updated_at: ev.updated_at,\n };\n}\n\nexport function formatPasswordReset(pr: WorkOSPasswordReset): Record<string, unknown> {\n return {\n object: 'password_reset',\n id: pr.id,\n user_id: pr.user_id,\n email: pr.email,\n token: pr.token,\n expires_at: pr.expires_at,\n created_at: pr.created_at,\n updated_at: pr.updated_at,\n };\n}\n\nexport function formatMagicAuth(ma: WorkOSMagicAuth): Record<string, unknown> {\n return {\n object: 'magic_auth',\n id: ma.id,\n user_id: ma.user_id,\n email: ma.email,\n code: ma.code,\n expires_at: ma.expires_at,\n created_at: ma.created_at,\n updated_at: ma.updated_at,\n };\n}\n\nexport function formatAuthFactor(f: WorkOSAuthenticationFactor): Record<string, unknown> {\n return {\n object: 'authentication_factor',\n id: f.id,\n user_id: f.user_id,\n type: f.type,\n totp: f.totp,\n created_at: f.created_at,\n updated_at: f.updated_at,\n };\n}\n\nexport function formatIdentity(i: WorkOSIdentity): Record<string, unknown> {\n return {\n object: 'identity',\n id: i.id,\n user_id: i.user_id,\n provider: i.provider,\n provider_id: i.provider_id,\n type: i.type,\n created_at: i.created_at,\n updated_at: i.updated_at,\n };\n}\n\nexport function generateVerificationToken(): string {\n return randomBytes(16).toString('hex');\n}\n\nexport function generateCode(): string {\n return String(Math.floor(100000 + Math.random() * 900000));\n}\n\nexport function hashPassword(password: string): string {\n return createHash('sha256').update(password).digest('hex');\n}\n\nexport function verifyPassword(password: string, hash: string): boolean {\n return hashPassword(password) === hash;\n}\n\nexport function expiresIn(minutes: number): string {\n return new Date(Date.now() + minutes * 60 * 1000).toISOString();\n}\n\nexport function isExpired(expiresAt: string): boolean {\n return new Date(expiresAt).getTime() < Date.now();\n}\n\nexport function formatConnection(conn: WorkOSConnection): Record<string, unknown> {\n return {\n object: 'connection',\n id: conn.id,\n organization_id: conn.organization_id,\n connection_type: conn.connection_type,\n name: conn.name,\n state: conn.state,\n domains: conn.domains,\n created_at: conn.created_at,\n updated_at: conn.updated_at,\n };\n}\n\nexport function formatSSOProfile(p: WorkOSSSOProfile): Record<string, unknown> {\n return {\n object: 'profile',\n id: p.id,\n connection_id: p.connection_id,\n connection_type: p.connection_type,\n organization_id: p.organization_id,\n idp_id: p.idp_id,\n email: p.email,\n first_name: p.first_name,\n last_name: p.last_name,\n groups: p.groups,\n raw_attributes: p.raw_attributes,\n created_at: p.created_at,\n updated_at: p.updated_at,\n };\n}\n\nexport function formatPipeConnection(pc: WorkOSPipeConnection): Record<string, unknown> {\n return {\n object: 'pipe_connection',\n id: pc.id,\n user_id: pc.user_id,\n provider: pc.provider,\n scopes: pc.scopes,\n status: pc.status,\n external_account_id: pc.external_account_id,\n created_at: pc.created_at,\n updated_at: pc.updated_at,\n };\n}\n\nexport function formatInvitation(inv: WorkOSInvitation): Record<string, unknown> {\n return {\n object: 'invitation',\n id: inv.id,\n email: inv.email,\n state: inv.state,\n token: inv.token,\n accept_invitation_url: inv.accept_invitation_url,\n organization_id: inv.organization_id,\n inviter_user_id: inv.inviter_user_id,\n role_slug: inv.role_slug,\n expires_at: inv.expires_at,\n created_at: inv.created_at,\n updated_at: inv.updated_at,\n };\n}\n\nexport function formatRedirectUri(r: WorkOSRedirectUri): Record<string, unknown> {\n return {\n object: 'redirect_uri',\n id: r.id,\n uri: r.uri,\n created_at: r.created_at,\n updated_at: r.updated_at,\n };\n}\n\nexport function formatCorsOrigin(o: WorkOSCorsOrigin): Record<string, unknown> {\n return {\n object: 'cors_origin',\n id: o.id,\n origin: o.origin,\n created_at: o.created_at,\n updated_at: o.updated_at,\n };\n}\n\nexport function formatAuthorizedApplication(a: WorkOSAuthorizedApplication): Record<string, unknown> {\n return {\n object: 'authorized_application',\n id: a.id,\n user_id: a.user_id,\n name: a.name,\n redirect_uri: a.redirect_uri,\n created_at: a.created_at,\n updated_at: a.updated_at,\n };\n}\n\nexport function formatConnectedAccount(a: WorkOSConnectedAccount): Record<string, unknown> {\n return {\n object: 'connected_account',\n id: a.id,\n user_id: a.user_id,\n provider: a.provider,\n provider_id: a.provider_id,\n created_at: a.created_at,\n updated_at: a.updated_at,\n };\n}\n\nexport function parseListParams(url: URL) {\n const limit = Math.max(1, Math.min(parseInt(url.searchParams.get('limit') ?? '10'), 100));\n const order = (url.searchParams.get('order') as 'asc' | 'desc') ?? 'desc';\n const before = url.searchParams.get('before') ?? undefined;\n const after = url.searchParams.get('after') ?? undefined;\n return { limit, order, before, after };\n}\n\n/** Allowed redirect URI hosts for the emulator's authorize endpoints. */\nconst ALLOWED_REDIRECT_HOSTS = new Set(['localhost', '127.0.0.1', '[::1]']);\n\n/**\n * Validate that a redirect_uri points to a localhost origin.\n * Prevents the emulator from being used as an open redirect.\n */\nexport function assertLocalRedirectUri(uri: string): void {\n let parsed: URL;\n try {\n parsed = new URL(uri);\n } catch {\n throw new WorkOSApiError(400, 'Invalid redirect_uri', 'invalid_redirect_uri');\n }\n if (!ALLOWED_REDIRECT_HOSTS.has(parsed.hostname)) {\n throw new WorkOSApiError(\n 400,\n `redirect_uri must point to localhost, got ${parsed.hostname}`,\n 'invalid_redirect_uri',\n );\n }\n}\n\nexport function formatAuthChallenge(c: WorkOSAuthenticationChallenge): Record<string, unknown> {\n return {\n object: 'authentication_challenge',\n id: c.id,\n user_id: c.user_id,\n factor_id: c.factor_id,\n expires_at: c.expires_at,\n created_at: c.created_at,\n updated_at: c.updated_at,\n };\n}\n\nexport function formatRole(role: WorkOSRole): Record<string, unknown> {\n return {\n object: 'role',\n id: role.id,\n slug: role.slug,\n name: role.name,\n description: role.description,\n type: role.type,\n organization_id: role.organization_id,\n is_default_role: role.is_default_role,\n priority: role.priority,\n created_at: role.created_at,\n updated_at: role.updated_at,\n };\n}\n\nexport function formatPermission(p: WorkOSPermission): Record<string, unknown> {\n return {\n object: 'permission',\n id: p.id,\n slug: p.slug,\n name: p.name,\n description: p.description,\n created_at: p.created_at,\n updated_at: p.updated_at,\n };\n}\n\nexport function formatAuthorizationResource(r: WorkOSAuthorizationResource): Record<string, unknown> {\n return {\n object: 'authorization_resource',\n id: r.id,\n resource_type_slug: r.resource_type_slug,\n external_id: r.external_id,\n organization_id: r.organization_id,\n metadata: r.metadata,\n created_at: r.created_at,\n updated_at: r.updated_at,\n };\n}\n\nexport function formatRoleAssignment(ra: WorkOSRoleAssignment): Record<string, unknown> {\n return {\n object: 'role_assignment',\n id: ra.id,\n organization_membership_id: ra.organization_membership_id,\n role_id: ra.role_id,\n created_at: ra.created_at,\n updated_at: ra.updated_at,\n };\n}\n\nexport function formatDeviceAuthorization(d: WorkOSDeviceAuthorization): Record<string, unknown> {\n return {\n device_code: d.device_code,\n user_code: d.user_code,\n verification_uri: 'http://localhost:0/user_management/authorize/device/verify',\n expires_in: Math.max(0, Math.floor((new Date(d.expires_at).getTime() - Date.now()) / 1000)),\n interval: d.interval,\n };\n}\n\n// --- Phase 4: CRUD Domain formatters ---\n\nexport function formatDirectory(d: WorkOSDirectory): Record<string, unknown> {\n return {\n object: 'directory',\n id: d.id,\n name: d.name,\n organization_id: d.organization_id,\n domain: d.domain,\n type: d.type,\n state: d.state,\n external_key: d.external_key,\n created_at: d.created_at,\n updated_at: d.updated_at,\n };\n}\n\nexport function formatDirectoryUser(u: WorkOSDirectoryUser): Record<string, unknown> {\n return {\n object: 'directory_user',\n id: u.id,\n directory_id: u.directory_id,\n organization_id: u.organization_id,\n idp_id: u.idp_id,\n first_name: u.first_name,\n last_name: u.last_name,\n email: u.email,\n username: u.username,\n state: u.state,\n role: u.role,\n custom_attributes: u.custom_attributes,\n raw_attributes: u.raw_attributes,\n groups: u.groups,\n created_at: u.created_at,\n updated_at: u.updated_at,\n };\n}\n\nexport function formatDirectoryGroup(g: WorkOSDirectoryGroup): Record<string, unknown> {\n return {\n object: 'directory_group',\n id: g.id,\n directory_id: g.directory_id,\n organization_id: g.organization_id,\n idp_id: g.idp_id,\n name: g.name,\n raw_attributes: g.raw_attributes,\n created_at: g.created_at,\n updated_at: g.updated_at,\n };\n}\n\nexport function formatAuditLogAction(a: WorkOSAuditLogAction): Record<string, unknown> {\n return {\n object: 'audit_log_action',\n id: a.id,\n name: a.name,\n description: a.description,\n condition: a.condition,\n created_at: a.created_at,\n updated_at: a.updated_at,\n };\n}\n\nexport function formatAuditLogEvent(e: WorkOSAuditLogEvent): Record<string, unknown> {\n return {\n object: 'audit_log_event',\n id: e.id,\n organization_id: e.organization_id,\n action: e.action,\n actor: e.actor,\n targets: e.targets,\n metadata: e.metadata,\n occurred_at: e.occurred_at,\n created_at: e.created_at,\n updated_at: e.updated_at,\n };\n}\n\nexport function formatAuditLogExport(ex: WorkOSAuditLogExport): Record<string, unknown> {\n return {\n object: 'audit_log_export',\n id: ex.id,\n organization_id: ex.organization_id,\n state: ex.state,\n url: ex.url,\n filters: ex.filters,\n created_at: ex.created_at,\n updated_at: ex.updated_at,\n };\n}\n\nexport function formatFeatureFlag(f: WorkOSFeatureFlag): Record<string, unknown> {\n return {\n object: 'feature_flag',\n id: f.id,\n slug: f.slug,\n name: f.name,\n description: f.description,\n type: f.type,\n default_value: f.default_value,\n enabled: f.enabled,\n created_at: f.created_at,\n updated_at: f.updated_at,\n };\n}\n\nexport function formatConnectApplication(a: WorkOSConnectApplication): Record<string, unknown> {\n return {\n object: 'connect_application',\n id: a.id,\n name: a.name,\n redirect_uris: a.redirect_uris,\n client_id: a.client_id,\n logo_url: a.logo_url,\n created_at: a.created_at,\n updated_at: a.updated_at,\n };\n}\n\nexport function formatClientSecret(s: WorkOSClientSecret): Record<string, unknown> {\n return {\n object: 'client_secret',\n id: s.id,\n application_id: s.application_id,\n last_four: s.last_four,\n created_at: s.created_at,\n updated_at: s.updated_at,\n };\n}\n\nexport function formatRadarAttempt(a: WorkOSRadarAttempt): Record<string, unknown> {\n return {\n object: 'radar_attempt',\n id: a.id,\n user_id: a.user_id,\n ip_address: a.ip_address,\n user_agent: a.user_agent,\n verdict: a.verdict,\n signals: a.signals,\n created_at: a.created_at,\n updated_at: a.updated_at,\n };\n}\n\nexport function formatApiKeyRecord(k: WorkOSApiKey): Record<string, unknown> {\n return {\n object: 'api_key',\n id: k.id,\n name: k.name,\n created_at: k.created_at,\n updated_at: k.updated_at,\n };\n}\n\nexport function formatEvent(e: WorkOSEvent): Record<string, unknown> {\n return {\n object: 'event',\n id: e.id,\n event: e.event,\n data: e.data,\n environment_id: e.environment_id,\n created_at: e.created_at,\n };\n}\n\nexport function formatWebhookEndpoint(\n ep: WorkOSWebhookEndpoint,\n opts?: { includeSecret?: boolean },\n): Record<string, unknown> {\n return {\n object: 'webhook_endpoint',\n id: ep.id,\n url: ep.url,\n secret: opts?.includeSecret ? ep.secret : `${ep.secret.slice(0, 8)}****`,\n enabled: ep.enabled,\n events: ep.events,\n description: ep.description,\n created_at: ep.created_at,\n updated_at: ep.updated_at,\n };\n}\n\nexport function sealSession(\n data: { access_token: string; refresh_token: string; session_id: string },\n apiKey: string,\n): string {\n const key = createHash('sha256').update(apiKey).digest();\n const iv = randomBytes(12);\n const cipher = createCipheriv('aes-256-gcm', key, iv);\n const plaintext = JSON.stringify(data);\n const encrypted = Buffer.concat([cipher.update(plaintext, 'utf8'), cipher.final()]);\n const tag = cipher.getAuthTag();\n return Buffer.concat([iv, tag, encrypted]).toString('base64');\n}\n"]}
package/dist/emulate/workos/index.d.ts ADDED
@@ -0,0 +1,91 @@
1
+ import type { ServicePlugin, Store } from '../core/index.js';
2
+ import type { WorkOSConnectionType, PipeProvider, PipeConnectionStatus } from './entities.js';
3
+ export { getWorkOSStore, type WorkOSStore } from './store.js';
4
+ export * from './entities.js';
5
+ export interface WorkOSSeedOrganization {
6
+ name: string;
7
+ external_id?: string;
8
+ metadata?: Record<string, string>;
9
+ domains?: Array<{
10
+ domain: string;
11
+ state?: 'verified' | 'pending';
12
+ }>;
13
+ memberships?: Array<{
14
+ user_id: string;
15
+ role?: string;
16
+ status?: 'active' | 'inactive' | 'pending';
17
+ }>;
18
+ }
19
+ export interface WorkOSSeedUser {
20
+ email: string;
21
+ first_name?: string;
22
+ last_name?: string;
23
+ password?: string;
24
+ email_verified?: boolean;
25
+ external_id?: string;
26
+ metadata?: Record<string, string>;
27
+ impersonator?: {
28
+ email: string;
29
+ reason: string;
30
+ };
31
+ }
32
+ export interface WorkOSSeedConnection {
33
+ name: string;
34
+ connection_type?: WorkOSConnectionType;
35
+ organization: string;
36
+ state?: 'active' | 'inactive' | 'validating';
37
+ domains?: string[];
38
+ profiles?: Array<{
39
+ email: string;
40
+ first_name?: string;
41
+ last_name?: string;
42
+ idp_id?: string;
43
+ groups?: string[];
44
+ }>;
45
+ }
46
+ export interface WorkOSSeedPipeConnection {
47
+ user_id: string;
48
+ provider: PipeProvider;
49
+ scopes: string[];
50
+ status?: PipeConnectionStatus;
51
+ external_account_id?: string;
52
+ }
53
+ export interface WorkOSSeedInvitation {
54
+ email: string;
55
+ organization_id?: string;
56
+ inviter_user_id?: string;
57
+ role_slug?: string;
58
+ }
59
+ export interface WorkOSSeedRole {
60
+ slug: string;
61
+ name: string;
62
+ description?: string;
63
+ type?: 'EnvironmentRole' | 'OrganizationRole';
64
+ organization_id?: string;
65
+ is_default_role?: boolean;
66
+ priority?: number;
67
+ permissions?: string[];
68
+ }
69
+ export interface WorkOSSeedPermission {
70
+ slug: string;
71
+ name: string;
72
+ description?: string;
73
+ }
74
+ export interface WorkOSSeedWebhookEndpoint {
75
+ url: string;
76
+ events?: string[];
77
+ enabled?: boolean;
78
+ }
79
+ export interface WorkOSSeedConfig {
80
+ organizations?: WorkOSSeedOrganization[];
81
+ users?: WorkOSSeedUser[];
82
+ connections?: WorkOSSeedConnection[];
83
+ pipeConnections?: WorkOSSeedPipeConnection[];
84
+ invitations?: WorkOSSeedInvitation[];
85
+ roles?: WorkOSSeedRole[];
86
+ permissions?: WorkOSSeedPermission[];
87
+ webhookEndpoints?: WorkOSSeedWebhookEndpoint[];
88
+ }
89
+ export declare function seedFromConfig(store: Store, _baseUrl: string, config: WorkOSSeedConfig): void;
90
+ export declare const workosPlugin: ServicePlugin;
91
+ export default workosPlugin;
package/dist/emulate/workos/index.js ADDED
@@ -0,0 +1,319 @@
1
+ import { randomBytes } from 'node:crypto';
2
+ import { generateId } from '../core/index.js';
3
+ import { getWorkOSStore } from './store.js';
4
+ import { organizationRoutes } from './routes/organizations.js';
5
+ import { organizationDomainRoutes } from './routes/organization-domains.js';
6
+ import { membershipRoutes } from './routes/memberships.js';
7
+ import { userRoutes } from './routes/users.js';
8
+ import { emailVerificationRoutes } from './routes/email-verification.js';
9
+ import { passwordResetRoutes } from './routes/password-reset.js';
10
+ import { magicAuthRoutes } from './routes/magic-auth.js';
11
+ import { authFactorRoutes } from './routes/auth-factors.js';
12
+ import { sessionRoutes } from './routes/sessions.js';
13
+ import { authRoutes } from './routes/auth.js';
14
+ import { connectionRoutes } from './routes/connections.js';
15
+ import { ssoRoutes } from './routes/sso.js';
16
+ import { pipeRoutes } from './routes/pipes.js';
17
+ import { authChallengeRoutes } from './routes/auth-challenges.js';
18
+ import { invitationRoutes } from './routes/invitations.js';
19
+ import { configRoutes } from './routes/config.js';
20
+ import { userFeatureRoutes } from './routes/user-features.js';
21
+ import { widgetRoutes } from './routes/widgets.js';
22
+ import { authorizationRoleRoutes } from './routes/authorization-roles.js';
23
+ import { authorizationPermissionRoutes } from './routes/authorization-permissions.js';
24
+ import { authorizationOrgRoleRoutes } from './routes/authorization-org-roles.js';
25
+ import { authorizationResourceRoutes } from './routes/authorization-resources.js';
26
+ import { authorizationCheckRoutes } from './routes/authorization-checks.js';
27
+ import { portalRoutes } from './routes/portal.js';
28
+ import { legacyMfaRoutes } from './routes/legacy-mfa.js';
29
+ import { apiKeyRoutes } from './routes/api-keys.js';
30
+ import { radarRoutes } from './routes/radar.js';
31
+ import { connectRoutes } from './routes/connect.js';
32
+ import { directoryRoutes } from './routes/directories.js';
33
+ import { auditLogRoutes } from './routes/audit-logs.js';
34
+ import { featureFlagRoutes } from './routes/feature-flags.js';
35
+ import { dataIntegrationRoutes } from './routes/data-integrations.js';
36
+ import { webhookEndpointRoutes } from './routes/webhook-endpoints.js';
37
+ import { eventRoutes } from './routes/events.js';
38
+ import { EventBus } from './event-bus.js';
39
+ import { generateVerificationToken, hashPassword, expiresIn, formatUser, formatOrganization, formatMembership, formatConnection, formatSession, formatInvitation, formatRole, formatPermission, formatDirectory, formatDirectoryUser, formatDirectoryGroup, formatDomain, } from './helpers.js';
40
+ export { getWorkOSStore } from './store.js';
41
+ export * from './entities.js';
42
+ function seedDefaults(_store, _baseUrl) {
43
+ // No default seed data — users provide their own via config
44
+ }
45
+ export function seedFromConfig(store, _baseUrl, config) {
46
+ const ws = getWorkOSStore(store);
47
+ if (config.users) {
48
+ for (const userConfig of config.users) {
49
+ ws.users.insert({
50
+ object: 'user',
51
+ email: userConfig.email,
52
+ first_name: userConfig.first_name ?? null,
53
+ last_name: userConfig.last_name ?? null,
54
+ email_verified: userConfig.email_verified ?? false,
55
+ profile_picture_url: null,
56
+ last_sign_in_at: null,
57
+ external_id: userConfig.external_id ?? null,
58
+ metadata: userConfig.metadata ?? {},
59
+ locale: null,
60
+ password_hash: userConfig.password ? hashPassword(userConfig.password) : null,
61
+ impersonator: userConfig.impersonator ?? null,
62
+ });
63
+ }
64
+ }
65
+ if (config.organizations) {
66
+ for (const orgConfig of config.organizations) {
67
+ const org = ws.organizations.insert({
68
+ object: 'organization',
69
+ name: orgConfig.name,
70
+ external_id: orgConfig.external_id ?? null,
71
+ metadata: orgConfig.metadata ?? {},
72
+ stripe_customer_id: null,
73
+ });
74
+ if (orgConfig.domains) {
75
+ for (const dd of orgConfig.domains) {
76
+ ws.organizationDomains.insert({
77
+ object: 'organization_domain',
78
+ organization_id: org.id,
79
+ domain: dd.domain,
80
+ state: dd.state ?? 'pending',
81
+ verification_strategy: 'manual',
82
+ verification_token: generateVerificationToken(),
83
+ verification_prefix: 'workos-verify',
84
+ });
85
+ }
86
+ }
87
+ if (orgConfig.memberships) {
88
+ for (const mm of orgConfig.memberships) {
89
+ ws.organizationMemberships.insert({
90
+ object: 'organization_membership',
91
+ organization_id: org.id,
92
+ user_id: mm.user_id,
93
+ role: { slug: mm.role ?? 'member' },
94
+ status: mm.status ?? 'active',
95
+ external_id: null,
96
+ metadata: {},
97
+ });
98
+ }
99
+ }
100
+ }
101
+ }
102
+ if (config.connections) {
103
+ for (const connConfig of config.connections) {
104
+ const org = ws.organizations.findOneBy('name', connConfig.organization);
105
+ if (!org)
106
+ continue;
107
+ const domains = (connConfig.domains ?? []).map((d) => ({
108
+ object: 'connection_domain',
109
+ id: generateId('conn_domain'),
110
+ domain: d,
111
+ }));
112
+ const conn = ws.connections.insert({
113
+ object: 'connection',
114
+ organization_id: org.id,
115
+ connection_type: connConfig.connection_type ?? 'GenericSAML',
116
+ name: connConfig.name,
117
+ state: connConfig.state ?? 'active',
118
+ domains,
119
+ });
120
+ if (connConfig.profiles) {
121
+ for (const p of connConfig.profiles) {
122
+ ws.ssoProfiles.insert({
123
+ object: 'profile',
124
+ connection_id: conn.id,
125
+ connection_type: conn.connection_type,
126
+ organization_id: org.id,
127
+ idp_id: p.idp_id ?? `idp_${generateId('usr')}`,
128
+ email: p.email,
129
+ first_name: p.first_name ?? null,
130
+ last_name: p.last_name ?? null,
131
+ groups: p.groups ?? [],
132
+ raw_attributes: { email: p.email },
133
+ });
134
+ }
135
+ }
136
+ }
137
+ }
138
+ if (config.pipeConnections) {
139
+ for (const pc of config.pipeConnections) {
140
+ ws.pipeConnections.insert({
141
+ object: 'pipe_connection',
142
+ user_id: pc.user_id,
143
+ provider: pc.provider,
144
+ scopes: pc.scopes,
145
+ status: pc.status ?? 'connected',
146
+ external_account_id: pc.external_account_id ?? null,
147
+ });
148
+ }
149
+ }
150
+ if (config.permissions) {
151
+ for (const permConfig of config.permissions) {
152
+ ws.permissions.insert({
153
+ object: 'permission',
154
+ slug: permConfig.slug,
155
+ name: permConfig.name,
156
+ description: permConfig.description ?? null,
157
+ });
158
+ }
159
+ }
160
+ if (config.roles) {
161
+ for (const roleConfig of config.roles) {
162
+ const role = ws.roles.insert({
163
+ object: 'role',
164
+ slug: roleConfig.slug,
165
+ name: roleConfig.name,
166
+ description: roleConfig.description ?? null,
167
+ type: roleConfig.type ?? 'EnvironmentRole',
168
+ organization_id: roleConfig.organization_id ?? null,
169
+ is_default_role: roleConfig.is_default_role ?? false,
170
+ priority: roleConfig.priority ?? 0,
171
+ });
172
+ if (roleConfig.permissions) {
173
+ for (const permSlug of roleConfig.permissions) {
174
+ const perm = ws.permissions.findOneBy('slug', permSlug);
175
+ if (perm) {
176
+ ws.rolePermissions.insert({ role_id: role.id, permission_id: perm.id });
177
+ }
178
+ }
179
+ }
180
+ }
181
+ }
182
+ if (config.invitations) {
183
+ for (const invConfig of config.invitations) {
184
+ const token = generateVerificationToken();
185
+ ws.invitations.insert({
186
+ object: 'invitation',
187
+ email: invConfig.email,
188
+ state: 'pending',
189
+ token,
190
+ accept_invitation_url: `${_baseUrl}/user_management/invitations/accept?token=${token}`,
191
+ organization_id: invConfig.organization_id ?? null,
192
+ inviter_user_id: invConfig.inviter_user_id ?? null,
193
+ role_slug: invConfig.role_slug ?? null,
194
+ expires_at: expiresIn(72 * 60),
195
+ });
196
+ }
197
+ }
198
+ if (config.webhookEndpoints) {
199
+ for (const whConfig of config.webhookEndpoints) {
200
+ ws.webhookEndpoints.insert({
201
+ object: 'webhook_endpoint',
202
+ url: whConfig.url,
203
+ secret: randomBytes(32).toString('hex'),
204
+ enabled: whConfig.enabled !== false,
205
+ events: whConfig.events ?? [],
206
+ description: null,
207
+ });
208
+ }
209
+ }
210
+ }
211
+ export const workosPlugin = {
212
+ name: 'workos',
213
+ register(ctx) {
214
+ organizationRoutes(ctx);
215
+ organizationDomainRoutes(ctx);
216
+ membershipRoutes(ctx);
217
+ userRoutes(ctx);
218
+ emailVerificationRoutes(ctx);
219
+ passwordResetRoutes(ctx);
220
+ magicAuthRoutes(ctx);
221
+ authFactorRoutes(ctx);
222
+ authChallengeRoutes(ctx);
223
+ sessionRoutes(ctx);
224
+ authRoutes(ctx);
225
+ connectionRoutes(ctx);
226
+ ssoRoutes(ctx);
227
+ pipeRoutes(ctx);
228
+ invitationRoutes(ctx);
229
+ configRoutes(ctx);
230
+ userFeatureRoutes(ctx);
231
+ widgetRoutes(ctx);
232
+ authorizationRoleRoutes(ctx);
233
+ authorizationPermissionRoutes(ctx);
234
+ authorizationOrgRoleRoutes(ctx);
235
+ authorizationResourceRoutes(ctx);
236
+ authorizationCheckRoutes(ctx);
237
+ portalRoutes(ctx);
238
+ legacyMfaRoutes(ctx);
239
+ apiKeyRoutes(ctx);
240
+ radarRoutes(ctx);
241
+ connectRoutes(ctx);
242
+ directoryRoutes(ctx);
243
+ auditLogRoutes(ctx);
244
+ featureFlagRoutes(ctx);
245
+ dataIntegrationRoutes(ctx);
246
+ webhookEndpointRoutes(ctx);
247
+ eventRoutes(ctx);
248
+ // Set up event bus with collection hooks (Option A from spec)
249
+ // Store on ctx.store for route-level access (hybrid Option A+B for action events)
250
+ const eventBus = new EventBus(ctx.store);
251
+ ctx.store.setData('eventBus', eventBus);
252
+ const ws = getWorkOSStore(ctx.store);
253
+ ws.users.setHooks({
254
+ onInsert: (u) => eventBus.emit({ event: 'user.created', data: formatUser(u) }),
255
+ onUpdate: (u) => eventBus.emit({ event: 'user.updated', data: formatUser(u) }),
256
+ onDelete: (u) => eventBus.emit({ event: 'user.deleted', data: formatUser(u) }),
257
+ });
258
+ ws.organizations.setHooks({
259
+ onInsert: (o) => eventBus.emit({ event: 'organization.created', data: formatOrganization(o, ws) }),
260
+ onUpdate: (o) => eventBus.emit({ event: 'organization.updated', data: formatOrganization(o, ws) }),
261
+ onDelete: (o) => eventBus.emit({ event: 'organization.deleted', data: formatOrganization(o, ws) }),
262
+ });
263
+ ws.organizationDomains.setHooks({
264
+ onInsert: (d) => eventBus.emit({ event: 'organization_domain.created', data: formatDomain(d) }),
265
+ onUpdate: (d) => eventBus.emit({
266
+ event: d.state === 'verified' ? 'organization_domain.verified' : 'organization_domain.updated',
267
+ data: formatDomain(d),
268
+ }),
269
+ onDelete: (d) => eventBus.emit({ event: 'organization_domain.deleted', data: formatDomain(d) }),
270
+ });
271
+ ws.organizationMemberships.setHooks({
272
+ onInsert: (m) => eventBus.emit({ event: 'organization_membership.created', data: formatMembership(m) }),
273
+ onUpdate: (m) => eventBus.emit({ event: 'organization_membership.updated', data: formatMembership(m) }),
274
+ onDelete: (m) => eventBus.emit({ event: 'organization_membership.deleted', data: formatMembership(m) }),
275
+ });
276
+ ws.connections.setHooks({
277
+ onInsert: (c) => eventBus.emit({ event: 'connection.created', data: formatConnection(c) }),
278
+ onUpdate: (c) => eventBus.emit({ event: 'connection.updated', data: formatConnection(c) }),
279
+ onDelete: (c) => eventBus.emit({ event: 'connection.deleted', data: formatConnection(c) }),
280
+ });
281
+ ws.sessions.setHooks({
282
+ onInsert: (s) => eventBus.emit({ event: 'session.created', data: formatSession(s) }),
283
+ onDelete: (s) => eventBus.emit({ event: 'session.revoked', data: formatSession(s) }),
284
+ });
285
+ ws.invitations.setHooks({
286
+ onInsert: (i) => eventBus.emit({ event: 'invitation.created', data: formatInvitation(i) }),
287
+ });
288
+ ws.roles.setHooks({
289
+ onInsert: (r) => eventBus.emit({ event: 'role.created', data: formatRole(r) }),
290
+ onUpdate: (r) => eventBus.emit({ event: 'role.updated', data: formatRole(r) }),
291
+ onDelete: (r) => eventBus.emit({ event: 'role.deleted', data: formatRole(r) }),
292
+ });
293
+ ws.permissions.setHooks({
294
+ onInsert: (p) => eventBus.emit({ event: 'permission.created', data: formatPermission(p) }),
295
+ onUpdate: (p) => eventBus.emit({ event: 'permission.updated', data: formatPermission(p) }),
296
+ onDelete: (p) => eventBus.emit({ event: 'permission.deleted', data: formatPermission(p) }),
297
+ });
298
+ ws.directories.setHooks({
299
+ onInsert: (d) => eventBus.emit({ event: 'directory.created', data: formatDirectory(d) }),
300
+ onUpdate: (d) => eventBus.emit({ event: 'directory.updated', data: formatDirectory(d) }),
301
+ onDelete: (d) => eventBus.emit({ event: 'directory.deleted', data: formatDirectory(d) }),
302
+ });
303
+ ws.directoryUsers.setHooks({
304
+ onInsert: (u) => eventBus.emit({ event: 'directory_user.created', data: formatDirectoryUser(u) }),
305
+ onUpdate: (u) => eventBus.emit({ event: 'directory_user.updated', data: formatDirectoryUser(u) }),
306
+ onDelete: (u) => eventBus.emit({ event: 'directory_user.deleted', data: formatDirectoryUser(u) }),
307
+ });
308
+ ws.directoryGroups.setHooks({
309
+ onInsert: (g) => eventBus.emit({ event: 'directory_group.created', data: formatDirectoryGroup(g) }),
310
+ onUpdate: (g) => eventBus.emit({ event: 'directory_group.updated', data: formatDirectoryGroup(g) }),
311
+ onDelete: (g) => eventBus.emit({ event: 'directory_group.deleted', data: formatDirectoryGroup(g) }),
312
+ });
313
+ },
314
+ seed(store, baseUrl) {
315
+ seedDefaults(store, baseUrl);
316
+ },
317
+ };
318
+ export default workosPlugin;
319
+ //# sourceMappingURL=index.js.map
package/dist/emulate/workos/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/emulate/workos/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE1C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAoB,MAAM,YAAY,CAAC;AAC9D,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAC/D,OAAO,EAAE,wBAAwB,EAAE,MAAM,kCAAkC,CAAC;AAC5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,uBAAuB,EAAE,MAAM,gCAAgC,CAAC;AACzE,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAC1E,OAAO,EAAE,6BAA6B,EAAE,MAAM,uCAAuC,CAAC;AACtF,OAAO,EAAE,0BAA0B,EAAE,MAAM,qCAAqC,CAAC;AACjF,OAAO,EAAE,2BAA2B,EAAE,MAAM,qCAAqC,CAAC;AAClF,OAAO,EAAE,wBAAwB,EAAE,MAAM,kCAAkC,CAAC;AAC5E,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AACtE,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AACtE,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,UAAU,EACV,kBAAkB,EAClB,gBAAgB,EAChB,gBAAgB,EAChB,aAAa,EACb,gBAAgB,EAChB,UAAU,EACV,gBAAgB,EAChB,eAAe,EACf,mBAAmB,EACnB,oBAAoB,EACpB,YAAY,GACb,MAAM,cAAc,CAAC;AAGtB,OAAO,EAAE,cAAc,EAAoB,MAAM,YAAY,CAAC;AAC9D,cAAc,eAAe,CAAC;AAyF9B,SAAS,YAAY,CAAC,MAAa,EAAE,QAAgB;IACnD,4DAA4D;AAC9D,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,KAAY,EAAE,QAAgB,EAAE,MAAwB;IACrF,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACtC,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC;gBACd,MAAM,EAAE,MAAM;gBACd,KAAK,EAAE,UAAU,CAAC,KAAK;gBACvB,UAAU,EAAE,UAAU,CAAC,UAAU,IAAI,IAAI;gBACzC,SAAS,EAAE,UAAU,CAAC,SAAS,IAAI,IAAI;gBACvC,cAAc,EAAE,UAAU,CAAC,cAAc,IAAI,KAAK;gBAClD,mBAAmB,EAAE,IAAI;gBACzB,eAAe,EAAE,IAAI;gBACrB,WAAW,EAAE,UAAU,CAAC,WAAW,IAAI,IAAI;gBAC3C,QAAQ,EAAE,UAAU,CAAC,QAAQ,IAAI,EAAE;gBACnC,MAAM,EAAE,IAAI;gBACZ,aAAa,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI;gBAC7E,YAAY,EAAE,UAAU,CAAC,YAAY,IAAI,IAAI;aAC9C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;YAC7C,MAAM,GAAG,GAAG,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC;gBAClC,MAAM,EAAE,cAAc;gBACtB,IAAI,EAAE,SAAS,CAAC,IAAI;gBACpB,WAAW,EAAE,SAAS,CAAC,WAAW,IAAI,IAAI;gBAC1C,QAAQ,EAAE,SAAS,CAAC,QAAQ,IAAI,EAAE;gBAClC,kBAAkB,EAAE,IAAI;aACzB,CAAC,CAAC;YAEH,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;gBACtB,KAAK,MAAM,EAAE,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;oBACnC,EAAE,CAAC,mBAAmB,CAAC,MAAM,CAAC;wBAC5B,MAAM,EAAE,qBAAqB;wBAC7B,eAAe,EAAE,GAAG,CAAC,EAAE;wBACvB,MAAM,EAAE,EAAE,CAAC,MAAM;wBACjB,KAAK,EAAE,EAAE,CAAC,KAAK,IAAI,SAAS;wBAC5B,qBAAqB,EAAE,QAAQ;wBAC/B,kBAAkB,EAAE,yBAAyB,EAAE;wBAC/C,mBAAmB,EAAE,eAAe;qBACrC,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,IAAI,SAAS,CAAC,WAAW,EAAE,CAAC;gBAC1B,KAAK,MAAM,EAAE,IAAI,SAAS,CAAC,WAAW,EAAE,CAAC;oBACvC,EAAE,CAAC,uBAAuB,CAAC,MAAM,CAAC;wBAChC,MAAM,EAAE,yBAAyB;wBACjC,eAAe,EAAE,GAAG,CAAC,EAAE;wBACvB,OAAO,EAAE,EAAE,CAAC,OAAO;wBACnB,IAAI,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,IAAI,QAAQ,EAAE;wBACnC,MAAM,EAAE,EAAE,CAAC,MAAM,IAAI,QAAQ;wBAC7B,WAAW,EAAE,IAAI;wBACjB,QAAQ,EAAE,EAAE;qBACb,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;QACvB,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5C,MAAM,GAAG,GAAG,EAAE,CAAC,aAAa,CAAC,SAAS,CAAC,MAAM,EAAE,UAAU,CAAC,YAAY,CAAC,CAAC;YACxE,IAAI,CAAC,GAAG;gBAAE,SAAS;YAEnB,MAAM,OAAO,GAAG,CAAC,UAAU,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACrD,MAAM,EAAE,mBAA4B;gBACpC,EAAE,EAAE,UAAU,CAAC,aAAa,CAAC;gBAC7B,MAAM,EAAE,CAAC;aACV,CAAC,CAAC,CAAC;YAEJ,MAAM,IAAI,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC;gBACjC,MAAM,EAAE,YAAY;gBACpB,eAAe,EAAE,GAAG,CAAC,EAAE;gBACvB,eAAe,EAAE,UAAU,CAAC,eAAe,IAAI,aAAa;gBAC5D,IAAI,EAAE,UAAU,CAAC,IAAI;gBACrB,KAAK,EAAE,UAAU,CAAC,KAAK,IAAI,QAAQ;gBACnC,OAAO;aACR,CAAC,CAAC;YAEH,IAAI,UAAU,CAAC,QAAQ,EAAE,CAAC;gBACxB,KAAK,MAAM,CAAC,IAAI,UAAU,CAAC,QAAQ,EAAE,CAAC;oBACpC,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC;wBACpB,MAAM,EAAE,SAAS;wBACjB,aAAa,EAAE,IAAI,CAAC,EAAE;wBACtB,eAAe,EAAE,IAAI,CAAC,eAAe;wBACrC,eAAe,EAAE,GAAG,CAAC,EAAE;wBACvB,MAAM,EAAE,CAAC,CAAC,MAAM,IAAI,OAAO,UAAU,CAAC,KAAK,CAAC,EAAE;wBAC9C,KAAK,EAAE,CAAC,CAAC,KAAK;wBACd,UAAU,EAAE,CAAC,CAAC,UAAU,IAAI,IAAI;wBAChC,SAAS,EAAE,CAAC,CAAC,SAAS,IAAI,IAAI;wBAC9B,MAAM,EAAE,CAAC,CAAC,MAAM,IAAI,EAAE;wBACtB,cAAc,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE;qBACnC,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;QAC3B,KAAK,MAAM,EAAE,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;YACxC,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC;gBACxB,MAAM,EAAE,iBAAiB;gBACzB,OAAO,EAAE,EAAE,CAAC,OAAO;gBACnB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,MAAM,EAAE,EAAE,CAAC,MAAM,IAAI,WAAW;gBAChC,mBAAmB,EAAE,EAAE,CAAC,mBAAmB,IAAI,IAAI;aACpD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;QACvB,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5C,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC;gBACpB,MAAM,EAAE,YAAY;gBACpB,IAAI,EAAE,UAAU,CAAC,IAAI;gBACrB,IAAI,EAAE,UAAU,CAAC,IAAI;gBACrB,WAAW,EAAE,UAAU,CAAC,WAAW,IAAI,IAAI;aAC5C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC;gBAC3B,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,UAAU,CAAC,IAAI;gBACrB,IAAI,EAAE,UAAU,CAAC,IAAI;gBACrB,WAAW,EAAE,UAAU,CAAC,WAAW,IAAI,IAAI;gBAC3C,IAAI,EAAE,UAAU,CAAC,IAAI,IAAI,iBAAiB;gBAC1C,eAAe,EAAE,UAAU,CAAC,eAAe,IAAI,IAAI;gBACnD,eAAe,EAAE,UAAU,CAAC,eAAe,IAAI,KAAK;gBACpD,QAAQ,EAAE,UAAU,CAAC,QAAQ,IAAI,CAAC;aACnC,CAAC,CAAC;YAEH,IAAI,UAAU,CAAC,WAAW,EAAE,CAAC;gBAC3B,KAAK,MAAM,QAAQ,IAAI,UAAU,CAAC,WAAW,EAAE,CAAC;oBAC9C,MAAM,IAAI,GAAG,EAAE,CAAC,WAAW,CAAC,SAAS,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;oBACxD,IAAI,IAAI,EAAE,CAAC;wBACT,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,EAAE,aAAa,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;oBAC1E,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;QACvB,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YAC3C,MAAM,KAAK,GAAG,yBAAyB,EAAE,CAAC;YAC1C,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC;gBACpB,MAAM,EAAE,YAAY;gBACpB,KAAK,EAAE,SAAS,CAAC,KAAK;gBACtB,KAAK,EAAE,SAAS;gBAChB,KAAK;gBACL,qBAAqB,EAAE,GAAG,QAAQ,6CAA6C,KAAK,EAAE;gBACtF,eAAe,EAAE,SAAS,CAAC,eAAe,IAAI,IAAI;gBAClD,eAAe,EAAE,SAAS,CAAC,eAAe,IAAI,IAAI;gBAClD,SAAS,EAAE,SAAS,CAAC,SAAS,IAAI,IAAI;gBACtC,UAAU,EAAE,SAAS,CAAC,EAAE,GAAG,EAAE,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,gBAAgB,EAAE,CAAC;QAC5B,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,gBAAgB,EAAE,CAAC;YAC/C,EAAE,CAAC,gBAAgB,CAAC,MAAM,CAAC;gBACzB,MAAM,EAAE,kBAAkB;gBAC1B,GAAG,EAAE,QAAQ,CAAC,GAAG;gBACjB,MAAM,EAAE,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;gBACvC,OAAO,EAAE,QAAQ,CAAC,OAAO,KAAK,KAAK;gBACnC,MAAM,EAAE,QAAQ,CAAC,MAAM,IAAI,EAAE;gBAC7B,WAAW,EAAE,IAAI;aAClB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC;AAED,MAAM,CAAC,MAAM,YAAY,GAAkB;IACzC,IAAI,EAAE,QAAQ;IACd,QAAQ,CAAC,GAAiB;QACxB,kBAAkB,CAAC,GAAG,CAAC,CAAC;QACxB,wBAAwB,CAAC,GAAG,CAAC,CAAC;QAC9B,gBAAgB,CAAC,GAAG,CAAC,CAAC;QACtB,UAAU,CAAC,GAAG,CAAC,CAAC;QAChB,uBAAuB,CAAC,GAAG,CAAC,CAAC;QAC7B,mBAAmB,CAAC,GAAG,CAAC,CAAC;QACzB,eAAe,CAAC,GAAG,CAAC,CAAC;QACrB,gBAAgB,CAAC,GAAG,CAAC,CAAC;QACtB,mBAAmB,CAAC,GAAG,CAAC,CAAC;QACzB,aAAa,CAAC,GAAG,CAAC,CAAC;QACnB,UAAU,CAAC,GAAG,CAAC,CAAC;QAChB,gBAAgB,CAAC,GAAG,CAAC,CAAC;QACtB,SAAS,CAAC,GAAG,CAAC,CAAC;QACf,UAAU,CAAC,GAAG,CAAC,CAAC;QAChB,gBAAgB,CAAC,GAAG,CAAC,CAAC;QACtB,YAAY,CAAC,GAAG,CAAC,CAAC;QAClB,iBAAiB,CAAC,GAAG,CAAC,CAAC;QACvB,YAAY,CAAC,GAAG,CAAC,CAAC;QAClB,uBAAuB,CAAC,GAAG,CAAC,CAAC;QAC7B,6BAA6B,CAAC,GAAG,CAAC,CAAC;QACnC,0BAA0B,CAAC,GAAG,CAAC,CAAC;QAChC,2BAA2B,CAAC,GAAG,CAAC,CAAC;QACjC,wBAAwB,CAAC,GAAG,CAAC,CAAC;QAC9B,YAAY,CAAC,GAAG,CAAC,CAAC;QAClB,eAAe,CAAC,GAAG,CAAC,CAAC;QACrB,YAAY,CAAC,GAAG,CAAC,CAAC;QAClB,WAAW,CAAC,GAAG,CAAC,CAAC;QACjB,aAAa,CAAC,GAAG,CAAC,CAAC;QACnB,eAAe,CAAC,GAAG,CAAC,CAAC;QACrB,cAAc,CAAC,GAAG,CAAC,CAAC;QACpB,iBAAiB,CAAC,GAAG,CAAC,CAAC;QACvB,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3B,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3B,WAAW,CAAC,GAAG,CAAC,CAAC;QAEjB,8DAA8D;QAC9D,kFAAkF;QAClF,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACzC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QACxC,MAAM,EAAE,GAAG,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAErC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC;YAChB,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9E,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9E,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;SAC/E,CAAC,CAAC;QACH,EAAE,CAAC,aAAa,CAAC,QAAQ,CAAC;YACxB,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,IAAI,EAAE,kBAAkB,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;YAClG,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,IAAI,EAAE,kBAAkB,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;YAClG,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,IAAI,EAAE,kBAAkB,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;SACnG,CAAC,CAAC;QACH,EAAE,CAAC,mBAAmB,CAAC,QAAQ,CAAC;YAC9B,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,6BAA6B,EAAE,IAAI,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/F,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CACd,QAAQ,CAAC,IAAI,CAAC;gBACZ,KAAK,EAAE,CAAC,CAAC,KAAK,KAAK,UAAU,CAAC,CAAC,CAAC,8BAA8B,CAAC,CAAC,CAAC,6BAA6B;gBAC9F,IAAI,EAAE,YAAY,CAAC,CAAC,CAAC;aACtB,CAAC;YACJ,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,6BAA6B,EAAE,IAAI,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;SAChG,CAAC,CAAC;QACH,EAAE,CAAC,uBAAuB,CAAC,QAAQ,CAAC;YAClC,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iCAAiC,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;YACvG,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iCAAiC,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;YACvG,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iCAAiC,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;SACxG,CAAC,CAAC;QACH,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC;YACtB,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1F,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1F,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;SAC3F,CAAC,CAAC;QACH,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC;YACnB,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;YACpF,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;SACrF,CAAC,CAAC;QACH,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC;YACtB,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;SAC3F,CAAC,CAAC;QACH,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC;YAChB,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9E,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9E,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;SAC/E,CAAC,CAAC;QACH,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC;YACtB,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1F,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1F,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;SAC3F,CAAC,CAAC;QACH,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC;YACtB,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC;YACxF,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC;YACxF,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC;SACzF,CAAC,CAAC;QACH,EAAE,CAAC,cAAc,CAAC,QAAQ,CAAC;YACzB,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wBAAwB,EAAE,IAAI,EAAE,mBAAmB,CAAC,CAAC,CAAC,EAAE,CAAC;YACjG,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wBAAwB,EAAE,IAAI,EAAE,mBAAmB,CAAC,CAAC,CAAC,EAAE,CAAC;YACjG,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wBAAwB,EAAE,IAAI,EAAE,mBAAmB,CAAC,CAAC,CAAC,EAAE,CAAC;SAClG,CAAC,CAAC;QACH,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC;YAC1B,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yBAAyB,EAAE,IAAI,EAAE,oBAAoB,CAAC,CAAC,CAAC,EAAE,CAAC;YACnG,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yBAAyB,EAAE,IAAI,EAAE,oBAAoB,CAAC,CAAC,CAAC,EAAE,CAAC;YACnG,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yBAAyB,EAAE,IAAI,EAAE,oBAAoB,CAAC,CAAC,CAAC,EAAE,CAAC;SACpG,CAAC,CAAC;IACL,CAAC;IACD,IAAI,CAAC,KAAY,EAAE,OAAe;QAChC,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAC/B,CAAC;CACF,CAAC;AAEF,eAAe,YAAY,CAAC","sourcesContent":["import { randomBytes } from 'node:crypto';\nimport type { ServicePlugin, Store, RouteContext } from '../core/index.js';\nimport { generateId } from '../core/index.js';\nimport { getWorkOSStore, type WorkOSStore } from './store.js';\nimport { organizationRoutes } from './routes/organizations.js';\nimport { organizationDomainRoutes } from './routes/organization-domains.js';\nimport { membershipRoutes } from './routes/memberships.js';\nimport { userRoutes } from './routes/users.js';\nimport { emailVerificationRoutes } from './routes/email-verification.js';\nimport { passwordResetRoutes } from './routes/password-reset.js';\nimport { magicAuthRoutes } from './routes/magic-auth.js';\nimport { authFactorRoutes } from './routes/auth-factors.js';\nimport { sessionRoutes } from './routes/sessions.js';\nimport { authRoutes } from './routes/auth.js';\nimport { connectionRoutes } from './routes/connections.js';\nimport { ssoRoutes } from './routes/sso.js';\nimport { pipeRoutes } from './routes/pipes.js';\nimport { authChallengeRoutes } from './routes/auth-challenges.js';\nimport { invitationRoutes } from './routes/invitations.js';\nimport { configRoutes } from './routes/config.js';\nimport { userFeatureRoutes } from './routes/user-features.js';\nimport { widgetRoutes } from './routes/widgets.js';\nimport { authorizationRoleRoutes } from './routes/authorization-roles.js';\nimport { authorizationPermissionRoutes } from './routes/authorization-permissions.js';\nimport { authorizationOrgRoleRoutes } from './routes/authorization-org-roles.js';\nimport { authorizationResourceRoutes } from './routes/authorization-resources.js';\nimport { authorizationCheckRoutes } from './routes/authorization-checks.js';\nimport { portalRoutes } from './routes/portal.js';\nimport { legacyMfaRoutes } from './routes/legacy-mfa.js';\nimport { apiKeyRoutes } from './routes/api-keys.js';\nimport { radarRoutes } from './routes/radar.js';\nimport { connectRoutes } from './routes/connect.js';\nimport { directoryRoutes } from './routes/directories.js';\nimport { auditLogRoutes } from './routes/audit-logs.js';\nimport { featureFlagRoutes } from './routes/feature-flags.js';\nimport { dataIntegrationRoutes } from './routes/data-integrations.js';\nimport { webhookEndpointRoutes } from './routes/webhook-endpoints.js';\nimport { eventRoutes } from './routes/events.js';\nimport { EventBus } from './event-bus.js';\nimport {\n generateVerificationToken,\n hashPassword,\n expiresIn,\n formatUser,\n formatOrganization,\n formatMembership,\n formatConnection,\n formatSession,\n formatInvitation,\n formatRole,\n formatPermission,\n formatDirectory,\n formatDirectoryUser,\n formatDirectoryGroup,\n formatDomain,\n} from './helpers.js';\nimport type { WorkOSConnectionType, PipeProvider, PipeConnectionStatus } from './entities.js';\n\nexport { getWorkOSStore, type WorkOSStore } from './store.js';\nexport * from './entities.js';\n\nexport interface WorkOSSeedOrganization {\n name: string;\n external_id?: string;\n metadata?: Record<string, string>;\n domains?: Array<{ domain: string; state?: 'verified' | 'pending' }>;\n memberships?: Array<{\n user_id: string;\n role?: string;\n status?: 'active' | 'inactive' | 'pending';\n }>;\n}\n\nexport interface WorkOSSeedUser {\n email: string;\n first_name?: string;\n last_name?: string;\n password?: string;\n email_verified?: boolean;\n external_id?: string;\n metadata?: Record<string, string>;\n impersonator?: { email: string; reason: string };\n}\n\nexport interface WorkOSSeedConnection {\n name: string;\n connection_type?: WorkOSConnectionType;\n organization: string;\n state?: 'active' | 'inactive' | 'validating';\n domains?: string[];\n profiles?: Array<{\n email: string;\n first_name?: string;\n last_name?: string;\n idp_id?: string;\n groups?: string[];\n }>;\n}\n\nexport interface WorkOSSeedPipeConnection {\n user_id: string;\n provider: PipeProvider;\n scopes: string[];\n status?: PipeConnectionStatus;\n external_account_id?: string;\n}\n\nexport interface WorkOSSeedInvitation {\n email: string;\n organization_id?: string;\n inviter_user_id?: string;\n role_slug?: string;\n}\n\nexport interface WorkOSSeedRole {\n slug: string;\n name: string;\n description?: string;\n type?: 'EnvironmentRole' | 'OrganizationRole';\n organization_id?: string;\n is_default_role?: boolean;\n priority?: number;\n permissions?: string[];\n}\n\nexport interface WorkOSSeedPermission {\n slug: string;\n name: string;\n description?: string;\n}\n\nexport interface WorkOSSeedWebhookEndpoint {\n url: string;\n events?: string[];\n enabled?: boolean;\n}\n\nexport interface WorkOSSeedConfig {\n organizations?: WorkOSSeedOrganization[];\n users?: WorkOSSeedUser[];\n connections?: WorkOSSeedConnection[];\n pipeConnections?: WorkOSSeedPipeConnection[];\n invitations?: WorkOSSeedInvitation[];\n roles?: WorkOSSeedRole[];\n permissions?: WorkOSSeedPermission[];\n webhookEndpoints?: WorkOSSeedWebhookEndpoint[];\n}\n\nfunction seedDefaults(_store: Store, _baseUrl: string): void {\n // No default seed data — users provide their own via config\n}\n\nexport function seedFromConfig(store: Store, _baseUrl: string, config: WorkOSSeedConfig): void {\n const ws = getWorkOSStore(store);\n\n if (config.users) {\n for (const userConfig of config.users) {\n ws.users.insert({\n object: 'user',\n email: userConfig.email,\n first_name: userConfig.first_name ?? null,\n last_name: userConfig.last_name ?? null,\n email_verified: userConfig.email_verified ?? false,\n profile_picture_url: null,\n last_sign_in_at: null,\n external_id: userConfig.external_id ?? null,\n metadata: userConfig.metadata ?? {},\n locale: null,\n password_hash: userConfig.password ? hashPassword(userConfig.password) : null,\n impersonator: userConfig.impersonator ?? null,\n });\n }\n }\n\n if (config.organizations) {\n for (const orgConfig of config.organizations) {\n const org = ws.organizations.insert({\n object: 'organization',\n name: orgConfig.name,\n external_id: orgConfig.external_id ?? null,\n metadata: orgConfig.metadata ?? {},\n stripe_customer_id: null,\n });\n\n if (orgConfig.domains) {\n for (const dd of orgConfig.domains) {\n ws.organizationDomains.insert({\n object: 'organization_domain',\n organization_id: org.id,\n domain: dd.domain,\n state: dd.state ?? 'pending',\n verification_strategy: 'manual',\n verification_token: generateVerificationToken(),\n verification_prefix: 'workos-verify',\n });\n }\n }\n\n if (orgConfig.memberships) {\n for (const mm of orgConfig.memberships) {\n ws.organizationMemberships.insert({\n object: 'organization_membership',\n organization_id: org.id,\n user_id: mm.user_id,\n role: { slug: mm.role ?? 'member' },\n status: mm.status ?? 'active',\n external_id: null,\n metadata: {},\n });\n }\n }\n }\n }\n\n if (config.connections) {\n for (const connConfig of config.connections) {\n const org = ws.organizations.findOneBy('name', connConfig.organization);\n if (!org) continue;\n\n const domains = (connConfig.domains ?? []).map((d) => ({\n object: 'connection_domain' as const,\n id: generateId('conn_domain'),\n domain: d,\n }));\n\n const conn = ws.connections.insert({\n object: 'connection',\n organization_id: org.id,\n connection_type: connConfig.connection_type ?? 'GenericSAML',\n name: connConfig.name,\n state: connConfig.state ?? 'active',\n domains,\n });\n\n if (connConfig.profiles) {\n for (const p of connConfig.profiles) {\n ws.ssoProfiles.insert({\n object: 'profile',\n connection_id: conn.id,\n connection_type: conn.connection_type,\n organization_id: org.id,\n idp_id: p.idp_id ?? `idp_${generateId('usr')}`,\n email: p.email,\n first_name: p.first_name ?? null,\n last_name: p.last_name ?? null,\n groups: p.groups ?? [],\n raw_attributes: { email: p.email },\n });\n }\n }\n }\n }\n\n if (config.pipeConnections) {\n for (const pc of config.pipeConnections) {\n ws.pipeConnections.insert({\n object: 'pipe_connection',\n user_id: pc.user_id,\n provider: pc.provider,\n scopes: pc.scopes,\n status: pc.status ?? 'connected',\n external_account_id: pc.external_account_id ?? null,\n });\n }\n }\n\n if (config.permissions) {\n for (const permConfig of config.permissions) {\n ws.permissions.insert({\n object: 'permission',\n slug: permConfig.slug,\n name: permConfig.name,\n description: permConfig.description ?? null,\n });\n }\n }\n\n if (config.roles) {\n for (const roleConfig of config.roles) {\n const role = ws.roles.insert({\n object: 'role',\n slug: roleConfig.slug,\n name: roleConfig.name,\n description: roleConfig.description ?? null,\n type: roleConfig.type ?? 'EnvironmentRole',\n organization_id: roleConfig.organization_id ?? null,\n is_default_role: roleConfig.is_default_role ?? false,\n priority: roleConfig.priority ?? 0,\n });\n\n if (roleConfig.permissions) {\n for (const permSlug of roleConfig.permissions) {\n const perm = ws.permissions.findOneBy('slug', permSlug);\n if (perm) {\n ws.rolePermissions.insert({ role_id: role.id, permission_id: perm.id });\n }\n }\n }\n }\n }\n\n if (config.invitations) {\n for (const invConfig of config.invitations) {\n const token = generateVerificationToken();\n ws.invitations.insert({\n object: 'invitation',\n email: invConfig.email,\n state: 'pending',\n token,\n accept_invitation_url: `${_baseUrl}/user_management/invitations/accept?token=${token}`,\n organization_id: invConfig.organization_id ?? null,\n inviter_user_id: invConfig.inviter_user_id ?? null,\n role_slug: invConfig.role_slug ?? null,\n expires_at: expiresIn(72 * 60),\n });\n }\n }\n\n if (config.webhookEndpoints) {\n for (const whConfig of config.webhookEndpoints) {\n ws.webhookEndpoints.insert({\n object: 'webhook_endpoint',\n url: whConfig.url,\n secret: randomBytes(32).toString('hex'),\n enabled: whConfig.enabled !== false,\n events: whConfig.events ?? [],\n description: null,\n });\n }\n }\n}\n\nexport const workosPlugin: ServicePlugin = {\n name: 'workos',\n register(ctx: RouteContext): void {\n organizationRoutes(ctx);\n organizationDomainRoutes(ctx);\n membershipRoutes(ctx);\n userRoutes(ctx);\n emailVerificationRoutes(ctx);\n passwordResetRoutes(ctx);\n magicAuthRoutes(ctx);\n authFactorRoutes(ctx);\n authChallengeRoutes(ctx);\n sessionRoutes(ctx);\n authRoutes(ctx);\n connectionRoutes(ctx);\n ssoRoutes(ctx);\n pipeRoutes(ctx);\n invitationRoutes(ctx);\n configRoutes(ctx);\n userFeatureRoutes(ctx);\n widgetRoutes(ctx);\n authorizationRoleRoutes(ctx);\n authorizationPermissionRoutes(ctx);\n authorizationOrgRoleRoutes(ctx);\n authorizationResourceRoutes(ctx);\n authorizationCheckRoutes(ctx);\n portalRoutes(ctx);\n legacyMfaRoutes(ctx);\n apiKeyRoutes(ctx);\n radarRoutes(ctx);\n connectRoutes(ctx);\n directoryRoutes(ctx);\n auditLogRoutes(ctx);\n featureFlagRoutes(ctx);\n dataIntegrationRoutes(ctx);\n webhookEndpointRoutes(ctx);\n eventRoutes(ctx);\n\n // Set up event bus with collection hooks (Option A from spec)\n // Store on ctx.store for route-level access (hybrid Option A+B for action events)\n const eventBus = new EventBus(ctx.store);\n ctx.store.setData('eventBus', eventBus);\n const ws = getWorkOSStore(ctx.store);\n\n ws.users.setHooks({\n onInsert: (u) => eventBus.emit({ event: 'user.created', data: formatUser(u) }),\n onUpdate: (u) => eventBus.emit({ event: 'user.updated', data: formatUser(u) }),\n onDelete: (u) => eventBus.emit({ event: 'user.deleted', data: formatUser(u) }),\n });\n ws.organizations.setHooks({\n onInsert: (o) => eventBus.emit({ event: 'organization.created', data: formatOrganization(o, ws) }),\n onUpdate: (o) => eventBus.emit({ event: 'organization.updated', data: formatOrganization(o, ws) }),\n onDelete: (o) => eventBus.emit({ event: 'organization.deleted', data: formatOrganization(o, ws) }),\n });\n ws.organizationDomains.setHooks({\n onInsert: (d) => eventBus.emit({ event: 'organization_domain.created', data: formatDomain(d) }),\n onUpdate: (d) =>\n eventBus.emit({\n event: d.state === 'verified' ? 'organization_domain.verified' : 'organization_domain.updated',\n data: formatDomain(d),\n }),\n onDelete: (d) => eventBus.emit({ event: 'organization_domain.deleted', data: formatDomain(d) }),\n });\n ws.organizationMemberships.setHooks({\n onInsert: (m) => eventBus.emit({ event: 'organization_membership.created', data: formatMembership(m) }),\n onUpdate: (m) => eventBus.emit({ event: 'organization_membership.updated', data: formatMembership(m) }),\n onDelete: (m) => eventBus.emit({ event: 'organization_membership.deleted', data: formatMembership(m) }),\n });\n ws.connections.setHooks({\n onInsert: (c) => eventBus.emit({ event: 'connection.created', data: formatConnection(c) }),\n onUpdate: (c) => eventBus.emit({ event: 'connection.updated', data: formatConnection(c) }),\n onDelete: (c) => eventBus.emit({ event: 'connection.deleted', data: formatConnection(c) }),\n });\n ws.sessions.setHooks({\n onInsert: (s) => eventBus.emit({ event: 'session.created', data: formatSession(s) }),\n onDelete: (s) => eventBus.emit({ event: 'session.revoked', data: formatSession(s) }),\n });\n ws.invitations.setHooks({\n onInsert: (i) => eventBus.emit({ event: 'invitation.created', data: formatInvitation(i) }),\n });\n ws.roles.setHooks({\n onInsert: (r) => eventBus.emit({ event: 'role.created', data: formatRole(r) }),\n onUpdate: (r) => eventBus.emit({ event: 'role.updated', data: formatRole(r) }),\n onDelete: (r) => eventBus.emit({ event: 'role.deleted', data: formatRole(r) }),\n });\n ws.permissions.setHooks({\n onInsert: (p) => eventBus.emit({ event: 'permission.created', data: formatPermission(p) }),\n onUpdate: (p) => eventBus.emit({ event: 'permission.updated', data: formatPermission(p) }),\n onDelete: (p) => eventBus.emit({ event: 'permission.deleted', data: formatPermission(p) }),\n });\n ws.directories.setHooks({\n onInsert: (d) => eventBus.emit({ event: 'directory.created', data: formatDirectory(d) }),\n onUpdate: (d) => eventBus.emit({ event: 'directory.updated', data: formatDirectory(d) }),\n onDelete: (d) => eventBus.emit({ event: 'directory.deleted', data: formatDirectory(d) }),\n });\n ws.directoryUsers.setHooks({\n onInsert: (u) => eventBus.emit({ event: 'directory_user.created', data: formatDirectoryUser(u) }),\n onUpdate: (u) => eventBus.emit({ event: 'directory_user.updated', data: formatDirectoryUser(u) }),\n onDelete: (u) => eventBus.emit({ event: 'directory_user.deleted', data: formatDirectoryUser(u) }),\n });\n ws.directoryGroups.setHooks({\n onInsert: (g) => eventBus.emit({ event: 'directory_group.created', data: formatDirectoryGroup(g) }),\n onUpdate: (g) => eventBus.emit({ event: 'directory_group.updated', data: formatDirectoryGroup(g) }),\n onDelete: (g) => eventBus.emit({ event: 'directory_group.deleted', data: formatDirectoryGroup(g) }),\n });\n },\n seed(store: Store, baseUrl: string): void {\n seedDefaults(store, baseUrl);\n },\n};\n\nexport default workosPlugin;\n"]}
package/dist/emulate/workos/routes/api-keys.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import { type RouteContext } from '../../core/index.js';
2
+ export declare function apiKeyRoutes(ctx: RouteContext): void;
package/dist/emulate/workos/routes/api-keys.js ADDED
@@ -0,0 +1,35 @@
1
+ import { notFound, parseJsonBody } from '../../core/index.js';
2
+ import { getWorkOSStore } from '../store.js';
3
+ import { formatApiKeyRecord, parseListParams } from '../helpers.js';
4
+ export function apiKeyRoutes(ctx) {
5
+ const { app, store } = ctx;
6
+ const ws = getWorkOSStore(store);
7
+ // Validate an API key
8
+ app.post('/api_keys/validations', async (c) => {
9
+ const body = await parseJsonBody(c);
10
+ const key = body.key;
11
+ const apiKeyMap = store.getData('apiKeyMap') ?? {};
12
+ const valid = !!key && key in apiKeyMap;
13
+ return c.json({ valid });
14
+ });
15
+ // Delete an API key record
16
+ app.delete('/api_keys/:id', (c) => {
17
+ const record = ws.apiKeyRecords.get(c.req.param('id'));
18
+ if (!record)
19
+ throw notFound('ApiKey');
20
+ ws.apiKeyRecords.delete(record.id);
21
+ return c.body(null, 204);
22
+ });
23
+ // List API keys for an organization
24
+ app.get('/organizations/:orgId/api_keys', (c) => {
25
+ const url = new URL(c.req.url);
26
+ const params = parseListParams(url);
27
+ const result = ws.apiKeyRecords.list({ ...params });
28
+ return c.json({
29
+ object: 'list',
30
+ data: result.data.map(formatApiKeyRecord),
31
+ list_metadata: result.list_metadata,
32
+ });
33
+ });
34
+ }
35
+ //# sourceMappingURL=api-keys.js.map
package/dist/emulate/workos/routes/api-keys.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"api-keys.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/api-keys.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,QAAQ,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACjF,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAGpE,MAAM,UAAU,YAAY,CAAC,GAAiB;IAC5C,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC;IAC3B,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,sBAAsB;IACtB,GAAG,CAAC,IAAI,CAAC,uBAAuB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC5C,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAyB,CAAC;QAC3C,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAY,WAAW,CAAC,IAAI,EAAE,CAAC;QAC9D,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,IAAI,GAAG,IAAI,SAAS,CAAC;QACxC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;IAEH,2BAA2B;IAC3B,GAAG,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC,CAAC,EAAE,EAAE;QAChC,MAAM,MAAM,GAAG,EAAE,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACvD,IAAI,CAAC,MAAM;YAAE,MAAM,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACtC,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACnC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;IAEH,oCAAoC;IACpC,GAAG,CAAC,GAAG,CAAC,gCAAgC,EAAE,CAAC,CAAC,EAAE,EAAE;QAC9C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QACpC,MAAM,MAAM,GAAG,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,GAAG,MAAM,EAAE,CAAC,CAAC;QACpD,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC;YACzC,aAAa,EAAE,MAAM,CAAC,aAAa;SACpC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import { type RouteContext, notFound, parseJsonBody } from '../../core/index.js';\nimport { getWorkOSStore } from '../store.js';\nimport { formatApiKeyRecord, parseListParams } from '../helpers.js';\nimport type { ApiKeyMap } from '../../core/index.js';\n\nexport function apiKeyRoutes(ctx: RouteContext): void {\n const { app, store } = ctx;\n const ws = getWorkOSStore(store);\n\n // Validate an API key\n app.post('/api_keys/validations', async (c) => {\n const body = await parseJsonBody(c);\n const key = body.key as string | undefined;\n const apiKeyMap = store.getData<ApiKeyMap>('apiKeyMap') ?? {};\n const valid = !!key && key in apiKeyMap;\n return c.json({ valid });\n });\n\n // Delete an API key record\n app.delete('/api_keys/:id', (c) => {\n const record = ws.apiKeyRecords.get(c.req.param('id'));\n if (!record) throw notFound('ApiKey');\n ws.apiKeyRecords.delete(record.id);\n return c.body(null, 204);\n });\n\n // List API keys for an organization\n app.get('/organizations/:orgId/api_keys', (c) => {\n const url = new URL(c.req.url);\n const params = parseListParams(url);\n const result = ws.apiKeyRecords.list({ ...params });\n return c.json({\n object: 'list',\n data: result.data.map(formatApiKeyRecord),\n list_metadata: result.list_metadata,\n });\n });\n}\n"]}
package/dist/emulate/workos/routes/audit-logs.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import { type RouteContext } from '../../core/index.js';
2
+ export declare function auditLogRoutes(ctx: RouteContext): void;