workos 0.11.2 → 0.12.0

package/dist/emulate/workos/routes/directories.js

@@ -0,0 +1,90 @@
+import { notFound, parseListParams } from '../../core/index.js';
+import { getWorkOSStore } from '../store.js';
+import { formatDirectory, formatDirectoryUser, formatDirectoryGroup, formatListResponse } from '../helpers.js';
+export function directoryRoutes(ctx) {
+    const { app, store } = ctx;
+    const ws = getWorkOSStore(store);
+    // List directories
+    app.get('/directories', (c) => {
+        const url = new URL(c.req.url);
+        const params = parseListParams(url);
+        const orgFilter = url.searchParams.get('organization_id') ?? undefined;
+        const search = url.searchParams.get('search') ?? undefined;
+        const result = ws.directories.list({
+            ...params,
+            filter: (d) => {
+                if (orgFilter && d.organization_id !== orgFilter)
+                    return false;
+                if (search && !d.name.toLowerCase().includes(search.toLowerCase()))
+                    return false;
+                return true;
+            },
+        });
+        return c.json(formatListResponse(result, formatDirectory));
+    });
+    // Get directory
+    app.get('/directories/:id', (c) => {
+        const dir = ws.directories.get(c.req.param('id'));
+        if (!dir)
+            throw notFound('Directory');
+        return c.json(formatDirectory(dir));
+    });
+    // Delete directory (cascade users + groups)
+    app.delete('/directories/:id', (c) => {
+        const dir = ws.directories.get(c.req.param('id'));
+        if (!dir)
+            throw notFound('Directory');
+        ws.directoryUsers.deleteBy('directory_id', dir.id);
+        ws.directoryGroups.deleteBy('directory_id', dir.id);
+        ws.directories.delete(dir.id);
+        return c.body(null, 204);
+    });
+    // List directory users
+    app.get('/directory_users', (c) => {
+        const url = new URL(c.req.url);
+        const params = parseListParams(url);
+        const directoryId = url.searchParams.get('directory_id') ?? undefined;
+        const groupId = url.searchParams.get('group_id') ?? undefined;
+        const result = ws.directoryUsers.list({
+            ...params,
+            filter: (u) => {
+                if (directoryId && u.directory_id !== directoryId)
+                    return false;
+                if (groupId && !u.groups.some((g) => g.id === groupId))
+                    return false;
+                return true;
+            },
+        });
+        return c.json(formatListResponse(result, formatDirectoryUser));
+    });
+    // Get directory user
+    app.get('/directory_users/:id', (c) => {
+        const user = ws.directoryUsers.get(c.req.param('id'));
+        if (!user)
+            throw notFound('DirectoryUser');
+        return c.json(formatDirectoryUser(user));
+    });
+    // List directory groups
+    app.get('/directory_groups', (c) => {
+        const url = new URL(c.req.url);
+        const params = parseListParams(url);
+        const directoryId = url.searchParams.get('directory_id') ?? undefined;
+        const result = ws.directoryGroups.list({
+            ...params,
+            filter: (g) => {
+                if (directoryId && g.directory_id !== directoryId)
+                    return false;
+                return true;
+            },
+        });
+        return c.json(formatListResponse(result, formatDirectoryGroup));
+    });
+    // Get directory group
+    app.get('/directory_groups/:id', (c) => {
+        const group = ws.directoryGroups.get(c.req.param('id'));
+        if (!group)
+            throw notFound('DirectoryGroup');
+        return c.json(formatDirectoryGroup(group));
+    });
+}
+//# sourceMappingURL=directories.js.map

package/dist/emulate/workos/routes/directories.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"directories.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/directories.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,QAAQ,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACnF,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAE/G,MAAM,UAAU,eAAe,CAAC,GAAiB;IAC/C,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC;IAC3B,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,mBAAmB;IACnB,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC,CAAC,EAAE,EAAE;QAC5B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QACpC,MAAM,SAAS,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,SAAS,CAAC;QACvE,MAAM,MAAM,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC;QAE3D,MAAM,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC;YACjC,GAAG,MAAM;YACT,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE;gBACZ,IAAI,SAAS,IAAI,CAAC,CAAC,eAAe,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC;gBAC/D,IAAI,MAAM,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;oBAAE,OAAO,KAAK,CAAC;gBACjF,OAAO,IAAI,CAAC;YACd,CAAC;SACF,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,gBAAgB;IAChB,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,CAAC,EAAE,EAAE;QAChC,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAClD,IAAI,CAAC,GAAG;YAAE,MAAM,QAAQ,CAAC,WAAW,CAAC,CAAC;QACtC,OAAO,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,4CAA4C;IAC5C,GAAG,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC,CAAC,EAAE,EAAE;QACnC,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAClD,IAAI,CAAC,GAAG;YAAE,MAAM,QAAQ,CAAC,WAAW,CAAC,CAAC;QAEtC,EAAE,CAAC,cAAc,CAAC,QAAQ,CAAC,cAAc,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;QACnD,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,cAAc,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;QAEpD,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;IAEH,uBAAuB;IACvB,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,CAAC,EAAE,EAAE;QAChC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QACpC,MAAM,WAAW,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;QACtE,MAAM,OAAO,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;QAE9D,MAAM,MAAM,GAAG,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC;YACpC,GAAG,MAAM;YACT,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE;gBACZ,IAAI,WAAW,IAAI,CAAC,CAAC,YAAY,KAAK,WAAW;oBAAE,OAAO,KAAK,CAAC;gBAChE,IAAI,OAAO,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,OAAO,CAAC;oBAAE,OAAO,KAAK,CAAC;gBACrE,OAAO,IAAI,CAAC;YACd,CAAC;SACF,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,qBAAqB;IACrB,GAAG,CAAC,GAAG,CAAC,sBAAsB,EAAE,CAAC,CAAC,EAAE,EAAE;QACpC,MAAM,IAAI,GAAG,EAAE,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACtD,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,eAAe,CAAC,CAAC;QAC3C,OAAO,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,wBAAwB;IACxB,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,CAAC,CAAC,EAAE,EAAE;QACjC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QACpC,MAAM,WAAW,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS,CAAC;QAEtE,MAAM,MAAM,GAAG,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;YACrC,GAAG,MAAM;YACT,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE;gBACZ,IAAI,WAAW,IAAI,CAAC,CAAC,YAAY,KAAK,WAAW;oBAAE,OAAO,KAAK,CAAC;gBAChE,OAAO,IAAI,CAAC;YACd,CAAC;SACF,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,sBAAsB;IACtB,GAAG,CAAC,GAAG,CAAC,uBAAuB,EAAE,CAAC,CAAC,EAAE,EAAE;QACrC,MAAM,KAAK,GAAG,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACxD,IAAI,CAAC,KAAK;YAAE,MAAM,QAAQ,CAAC,gBAAgB,CAAC,CAAC;QAC7C,OAAO,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import { type RouteContext, notFound, parseListParams } from '../../core/index.js';\nimport { getWorkOSStore } from '../store.js';\nimport { formatDirectory, formatDirectoryUser, formatDirectoryGroup, formatListResponse } from '../helpers.js';\n\nexport function directoryRoutes(ctx: RouteContext): void {\n  const { app, store } = ctx;\n  const ws = getWorkOSStore(store);\n\n  // List directories\n  app.get('/directories', (c) => {\n    const url = new URL(c.req.url);\n    const params = parseListParams(url);\n    const orgFilter = url.searchParams.get('organization_id') ?? undefined;\n    const search = url.searchParams.get('search') ?? undefined;\n\n    const result = ws.directories.list({\n      ...params,\n      filter: (d) => {\n        if (orgFilter && d.organization_id !== orgFilter) return false;\n        if (search && !d.name.toLowerCase().includes(search.toLowerCase())) return false;\n        return true;\n      },\n    });\n\n    return c.json(formatListResponse(result, formatDirectory));\n  });\n\n  // Get directory\n  app.get('/directories/:id', (c) => {\n    const dir = ws.directories.get(c.req.param('id'));\n    if (!dir) throw notFound('Directory');\n    return c.json(formatDirectory(dir));\n  });\n\n  // Delete directory (cascade users + groups)\n  app.delete('/directories/:id', (c) => {\n    const dir = ws.directories.get(c.req.param('id'));\n    if (!dir) throw notFound('Directory');\n\n    ws.directoryUsers.deleteBy('directory_id', dir.id);\n    ws.directoryGroups.deleteBy('directory_id', dir.id);\n\n    ws.directories.delete(dir.id);\n    return c.body(null, 204);\n  });\n\n  // List directory users\n  app.get('/directory_users', (c) => {\n    const url = new URL(c.req.url);\n    const params = parseListParams(url);\n    const directoryId = url.searchParams.get('directory_id') ?? undefined;\n    const groupId = url.searchParams.get('group_id') ?? undefined;\n\n    const result = ws.directoryUsers.list({\n      ...params,\n      filter: (u) => {\n        if (directoryId && u.directory_id !== directoryId) return false;\n        if (groupId && !u.groups.some((g) => g.id === groupId)) return false;\n        return true;\n      },\n    });\n\n    return c.json(formatListResponse(result, formatDirectoryUser));\n  });\n\n  // Get directory user\n  app.get('/directory_users/:id', (c) => {\n    const user = ws.directoryUsers.get(c.req.param('id'));\n    if (!user) throw notFound('DirectoryUser');\n    return c.json(formatDirectoryUser(user));\n  });\n\n  // List directory groups\n  app.get('/directory_groups', (c) => {\n    const url = new URL(c.req.url);\n    const params = parseListParams(url);\n    const directoryId = url.searchParams.get('directory_id') ?? undefined;\n\n    const result = ws.directoryGroups.list({\n      ...params,\n      filter: (g) => {\n        if (directoryId && g.directory_id !== directoryId) return false;\n        return true;\n      },\n    });\n\n    return c.json(formatListResponse(result, formatDirectoryGroup));\n  });\n\n  // Get directory group\n  app.get('/directory_groups/:id', (c) => {\n    const group = ws.directoryGroups.get(c.req.param('id'));\n    if (!group) throw notFound('DirectoryGroup');\n    return c.json(formatDirectoryGroup(group));\n  });\n}\n"]}

package/dist/emulate/workos/routes/email-verification.d.ts

@@ -0,0 +1,2 @@
+import { type RouteContext } from '../../core/index.js';
+export declare function emailVerificationRoutes(ctx: RouteContext): void;

package/dist/emulate/workos/routes/email-verification.js

@@ -0,0 +1,49 @@
+import { notFound, parseJsonBody, WorkOSApiError } from '../../core/index.js';
+import { getWorkOSStore } from '../store.js';
+import { formatEmailVerification, formatUser, generateCode, expiresIn, isExpired } from '../helpers.js';
+export function emailVerificationRoutes(ctx) {
+    const { app, store } = ctx;
+    const ws = getWorkOSStore(store);
+    app.get('/user_management/email_verification/:id', (c) => {
+        const ev = ws.emailVerifications.get(c.req.param('id'));
+        if (!ev)
+            throw notFound('Email Verification');
+        return c.json(formatEmailVerification(ev));
+    });
+    app.post('/user_management/users/:id/email_verification/send', (c) => {
+        const user = ws.users.get(c.req.param('id'));
+        if (!user)
+            throw notFound('User');
+        const ev = ws.emailVerifications.insert({
+            object: 'email_verification',
+            user_id: user.id,
+            email: user.email,
+            code: generateCode(),
+            expires_at: expiresIn(10),
+        });
+        return c.json(formatEmailVerification(ev), 201);
+    });
+    app.post('/user_management/users/:id/email_verification/confirm', async (c) => {
+        const user = ws.users.get(c.req.param('id'));
+        if (!user)
+            throw notFound('User');
+        const body = await parseJsonBody(c);
+        const code = body.code;
+        if (!code) {
+            throw new WorkOSApiError(400, 'code is required', 'invalid_request');
+        }
+        const verifications = ws.emailVerifications.findBy('user_id', user.id);
+        const ev = verifications.find((v) => v.code === code);
+        if (!ev) {
+            throw new WorkOSApiError(400, 'Invalid code', 'invalid_code');
+        }
+        if (isExpired(ev.expires_at)) {
+            throw new WorkOSApiError(400, 'Code has expired', 'expired_code');
+        }
+        ws.users.update(user.id, { email_verified: true });
+        ws.emailVerifications.delete(ev.id);
+        const updated = ws.users.get(user.id);
+        return c.json(formatUser(updated));
+    });
+}
+//# sourceMappingURL=email-verification.js.map

package/dist/emulate/workos/routes/email-verification.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"email-verification.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/email-verification.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,QAAQ,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACjG,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,uBAAuB,EAAE,UAAU,EAAE,YAAY,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAExG,MAAM,UAAU,uBAAuB,CAAC,GAAiB;IACvD,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC;IAC3B,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,GAAG,CAAC,GAAG,CAAC,yCAAyC,EAAE,CAAC,CAAC,EAAE,EAAE;QACvD,MAAM,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACxD,IAAI,CAAC,EAAE;YAAE,MAAM,QAAQ,CAAC,oBAAoB,CAAC,CAAC;QAC9C,OAAO,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,IAAI,CAAC,oDAAoD,EAAE,CAAC,CAAC,EAAE,EAAE;QACnE,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;QAElC,MAAM,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC;YACtC,MAAM,EAAE,oBAAoB;YAC5B,OAAO,EAAE,IAAI,CAAC,EAAE;YAChB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,YAAY,EAAE;YACpB,UAAU,EAAE,SAAS,CAAC,EAAE,CAAC;SAC1B,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,IAAI,CAAC,uDAAuD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC5E,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;QAElC,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,IAAI,GAAG,IAAI,CAAC,IAA0B,CAAC;QAC7C,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;QACvE,CAAC;QAED,MAAM,aAAa,GAAG,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACvE,MAAM,EAAE,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;QAEtD,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,cAAc,EAAE,cAAc,CAAC,CAAC;QAChE,CAAC;QACD,IAAI,SAAS,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,kBAAkB,EAAE,cAAc,CAAC,CAAC;QACpE,CAAC;QAED,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC;QACnD,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAEpC,MAAM,OAAO,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAE,CAAC;QACvC,OAAO,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import { type RouteContext, notFound, parseJsonBody, WorkOSApiError } from '../../core/index.js';\nimport { getWorkOSStore } from '../store.js';\nimport { formatEmailVerification, formatUser, generateCode, expiresIn, isExpired } from '../helpers.js';\n\nexport function emailVerificationRoutes(ctx: RouteContext): void {\n  const { app, store } = ctx;\n  const ws = getWorkOSStore(store);\n\n  app.get('/user_management/email_verification/:id', (c) => {\n    const ev = ws.emailVerifications.get(c.req.param('id'));\n    if (!ev) throw notFound('Email Verification');\n    return c.json(formatEmailVerification(ev));\n  });\n\n  app.post('/user_management/users/:id/email_verification/send', (c) => {\n    const user = ws.users.get(c.req.param('id'));\n    if (!user) throw notFound('User');\n\n    const ev = ws.emailVerifications.insert({\n      object: 'email_verification',\n      user_id: user.id,\n      email: user.email,\n      code: generateCode(),\n      expires_at: expiresIn(10),\n    });\n\n    return c.json(formatEmailVerification(ev), 201);\n  });\n\n  app.post('/user_management/users/:id/email_verification/confirm', async (c) => {\n    const user = ws.users.get(c.req.param('id'));\n    if (!user) throw notFound('User');\n\n    const body = await parseJsonBody(c);\n    const code = body.code as string | undefined;\n    if (!code) {\n      throw new WorkOSApiError(400, 'code is required', 'invalid_request');\n    }\n\n    const verifications = ws.emailVerifications.findBy('user_id', user.id);\n    const ev = verifications.find((v) => v.code === code);\n\n    if (!ev) {\n      throw new WorkOSApiError(400, 'Invalid code', 'invalid_code');\n    }\n    if (isExpired(ev.expires_at)) {\n      throw new WorkOSApiError(400, 'Code has expired', 'expired_code');\n    }\n\n    ws.users.update(user.id, { email_verified: true });\n    ws.emailVerifications.delete(ev.id);\n\n    const updated = ws.users.get(user.id)!;\n    return c.json(formatUser(updated));\n  });\n}\n"]}

package/dist/emulate/workos/routes/events.d.ts

@@ -0,0 +1,2 @@
+import { type RouteContext } from '../../core/index.js';
+export declare function eventRoutes(ctx: RouteContext): void;

package/dist/emulate/workos/routes/events.js

@@ -0,0 +1,18 @@
+import { parseListParams } from '../../core/index.js';
+import { getWorkOSStore } from '../store.js';
+import { formatEvent, formatListResponse } from '../helpers.js';
+export function eventRoutes(ctx) {
+    const { app, store } = ctx;
+    const ws = getWorkOSStore(store);
+    app.get('/events', (c) => {
+        const url = new URL(c.req.url);
+        const params = parseListParams(url);
+        const eventTypes = url.searchParams.getAll('events[]');
+        const result = ws.events.list({
+            ...params,
+            filter: eventTypes.length > 0 ? (e) => eventTypes.includes(e.event) : undefined,
+        });
+        return c.json(formatListResponse(result, formatEvent));
+    });
+}
+//# sourceMappingURL=events.js.map

package/dist/emulate/workos/routes/events.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"events.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/events.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACzE,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEhE,MAAM,UAAU,WAAW,CAAC,GAAiB;IAC3C,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC;IAC3B,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE;QACvB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QACpC,MAAM,UAAU,GAAG,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAEvD,MAAM,MAAM,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC;YAC5B,GAAG,MAAM;YACT,MAAM,EAAE,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS;SAChF,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import { type RouteContext, parseListParams } from '../../core/index.js';\nimport { getWorkOSStore } from '../store.js';\nimport { formatEvent, formatListResponse } from '../helpers.js';\n\nexport function eventRoutes(ctx: RouteContext): void {\n  const { app, store } = ctx;\n  const ws = getWorkOSStore(store);\n\n  app.get('/events', (c) => {\n    const url = new URL(c.req.url);\n    const params = parseListParams(url);\n    const eventTypes = url.searchParams.getAll('events[]');\n\n    const result = ws.events.list({\n      ...params,\n      filter: eventTypes.length > 0 ? (e) => eventTypes.includes(e.event) : undefined,\n    });\n\n    return c.json(formatListResponse(result, formatEvent));\n  });\n}\n"]}

package/dist/emulate/workos/routes/feature-flags.d.ts

@@ -0,0 +1,2 @@
+import { type RouteContext } from '../../core/index.js';
+export declare function featureFlagRoutes(ctx: RouteContext): void;

package/dist/emulate/workos/routes/feature-flags.js

@@ -0,0 +1,103 @@
+import { notFound, parseJsonBody, parseListParams } from '../../core/index.js';
+import { getWorkOSStore } from '../store.js';
+import { formatFeatureFlag, formatFlagTarget, formatListResponse } from '../helpers.js';
+function evaluateFlags(ws, resourceId) {
+    const flags = ws.featureFlags.all();
+    return flags.map((flag) => {
+        const target = ws.flagTargets.findBy('flag_slug', flag.slug).find((t) => t.resource_id === resourceId);
+        return {
+            slug: flag.slug,
+            type: flag.type,
+            value: target ? target.value : flag.enabled ? flag.default_value : null,
+            enabled: flag.enabled,
+        };
+    });
+}
+export function featureFlagRoutes(ctx) {
+    const { app, store } = ctx;
+    const ws = getWorkOSStore(store);
+    // List all flags
+    app.get('/feature-flags', (c) => {
+        const url = new URL(c.req.url);
+        const params = parseListParams(url);
+        const result = ws.featureFlags.list({ ...params });
+        return c.json(formatListResponse(result, formatFeatureFlag));
+    });
+    // Get flag by slug
+    app.get('/feature-flags/:slug', (c) => {
+        const flag = ws.featureFlags.findOneBy('slug', c.req.param('slug'));
+        if (!flag)
+            throw notFound('FeatureFlag');
+        return c.json(formatFeatureFlag(flag));
+    });
+    // Enable flag
+    app.post('/feature-flags/:slug/enable', (c) => {
+        const flag = ws.featureFlags.findOneBy('slug', c.req.param('slug'));
+        if (!flag)
+            throw notFound('FeatureFlag');
+        const updated = ws.featureFlags.update(flag.id, { enabled: true });
+        return c.json(formatFeatureFlag(updated));
+    });
+    // Disable flag
+    app.post('/feature-flags/:slug/disable', (c) => {
+        const flag = ws.featureFlags.findOneBy('slug', c.req.param('slug'));
+        if (!flag)
+            throw notFound('FeatureFlag');
+        const updated = ws.featureFlags.update(flag.id, { enabled: false });
+        return c.json(formatFeatureFlag(updated));
+    });
+    // Add/update target
+    app.put('/feature-flags/:slug/targets/:resourceId', async (c) => {
+        const flag = ws.featureFlags.findOneBy('slug', c.req.param('slug'));
+        if (!flag)
+            throw notFound('FeatureFlag');
+        const resourceId = c.req.param('resourceId');
+        const body = await parseJsonBody(c);
+        // Upsert: find existing target or create
+        const existing = ws.flagTargets.findBy('flag_slug', flag.slug).find((t) => t.resource_id === resourceId);
+        if (existing) {
+            const updated = ws.flagTargets.update(existing.id, {
+                value: body.value,
+                resource_type: body.resource_type ?? existing.resource_type,
+            });
+            return c.json(formatFlagTarget(updated));
+        }
+        const target = ws.flagTargets.insert({
+            object: 'flag_target',
+            flag_slug: flag.slug,
+            resource_id: resourceId,
+            resource_type: body.resource_type ?? 'user',
+            value: body.value,
+        });
+        return c.json(formatFlagTarget(target), 201);
+    });
+    // Remove target
+    app.delete('/feature-flags/:slug/targets/:resourceId', (c) => {
+        const flag = ws.featureFlags.findOneBy('slug', c.req.param('slug'));
+        if (!flag)
+            throw notFound('FeatureFlag');
+        const resourceId = c.req.param('resourceId');
+        const target = ws.flagTargets.findBy('flag_slug', flag.slug).find((t) => t.resource_id === resourceId);
+        if (!target)
+            throw notFound('FlagTarget');
+        ws.flagTargets.delete(target.id);
+        return c.body(null, 204);
+    });
+    // Evaluate flags for organization
+    app.get('/organizations/:orgId/feature-flags', (c) => {
+        return c.json({
+            object: 'list',
+            data: evaluateFlags(ws, c.req.param('orgId')),
+            list_metadata: { before: null, after: null },
+        });
+    });
+    // Evaluate flags for user
+    app.get('/user_management/users/:userId/feature-flags', (c) => {
+        return c.json({
+            object: 'list',
+            data: evaluateFlags(ws, c.req.param('userId')),
+            list_metadata: { before: null, after: null },
+        });
+    });
+}
+//# sourceMappingURL=feature-flags.js.map

package/dist/emulate/workos/routes/feature-flags.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"feature-flags.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/feature-flags.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,QAAQ,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAClG,OAAO,EAAE,cAAc,EAAoB,MAAM,aAAa,CAAC;AAC/D,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAExF,SAAS,aAAa,CAAC,EAAe,EAAE,UAAkB;IACxD,MAAM,KAAK,GAAG,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC;IACpC,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACxB,MAAM,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,UAAU,CAAC,CAAC;QACvG,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI;YACvE,OAAO,EAAE,IAAI,CAAC,OAAO;SACtB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,GAAiB;IACjD,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC;IAC3B,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,iBAAiB;IACjB,GAAG,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC,CAAC,EAAE,EAAE;QAC9B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QACpC,MAAM,MAAM,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,GAAG,MAAM,EAAE,CAAC,CAAC;QACnD,OAAO,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC,CAAC;IAC/D,CAAC,CAAC,CAAC;IAEH,mBAAmB;IACnB,GAAG,CAAC,GAAG,CAAC,sBAAsB,EAAE,CAAC,CAAC,EAAE,EAAE;QACpC,MAAM,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QACpE,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,aAAa,CAAC,CAAC;QACzC,OAAO,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,cAAc;IACd,GAAG,CAAC,IAAI,CAAC,6BAA6B,EAAE,CAAC,CAAC,EAAE,EAAE;QAC5C,MAAM,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QACpE,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,aAAa,CAAC,CAAC;QACzC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QACnE,OAAO,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,OAAQ,CAAC,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,eAAe;IACf,GAAG,CAAC,IAAI,CAAC,8BAA8B,EAAE,CAAC,CAAC,EAAE,EAAE;QAC7C,MAAM,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QACpE,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,aAAa,CAAC,CAAC;QACzC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;QACpE,OAAO,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,OAAQ,CAAC,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,oBAAoB;IACpB,GAAG,CAAC,GAAG,CAAC,0CAA0C,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC9D,MAAM,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QACpE,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,aAAa,CAAC,CAAC;QAEzC,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAC7C,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QAEpC,yCAAyC;QACzC,MAAM,QAAQ,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,UAAU,CAAC,CAAC;QAEzG,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,EAAE;gBACjD,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,aAAa,EAAG,IAAI,CAAC,aAAwB,IAAI,QAAQ,CAAC,aAAa;aACxE,CAAC,CAAC;YACH,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAQ,CAAC,CAAC,CAAC;QAC5C,CAAC;QAED,MAAM,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC;YACnC,MAAM,EAAE,aAAa;YACrB,SAAS,EAAE,IAAI,CAAC,IAAI;YACpB,WAAW,EAAE,UAAU;YACvB,aAAa,EAAG,IAAI,CAAC,aAAwB,IAAI,MAAM;YACvD,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,gBAAgB;IAChB,GAAG,CAAC,MAAM,CAAC,0CAA0C,EAAE,CAAC,CAAC,EAAE,EAAE;QAC3D,MAAM,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QACpE,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,aAAa,CAAC,CAAC;QAEzC,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,UAAU,CAAC,CAAC;QACvG,IAAI,CAAC,MAAM;YAAE,MAAM,QAAQ,CAAC,YAAY,CAAC,CAAC;QAE1C,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACjC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;IAEH,kCAAkC;IAClC,GAAG,CAAC,GAAG,CAAC,qCAAqC,EAAE,CAAC,CAAC,EAAE,EAAE;QACnD,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,aAAa,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC7C,aAAa,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE;SAC7C,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,0BAA0B;IAC1B,GAAG,CAAC,GAAG,CAAC,8CAA8C,EAAE,CAAC,CAAC,EAAE,EAAE;QAC5D,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,aAAa,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAC9C,aAAa,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE;SAC7C,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import { type RouteContext, notFound, parseJsonBody, parseListParams } from '../../core/index.js';\nimport { getWorkOSStore, type WorkOSStore } from '../store.js';\nimport { formatFeatureFlag, formatFlagTarget, formatListResponse } from '../helpers.js';\n\nfunction evaluateFlags(ws: WorkOSStore, resourceId: string) {\n  const flags = ws.featureFlags.all();\n  return flags.map((flag) => {\n    const target = ws.flagTargets.findBy('flag_slug', flag.slug).find((t) => t.resource_id === resourceId);\n    return {\n      slug: flag.slug,\n      type: flag.type,\n      value: target ? target.value : flag.enabled ? flag.default_value : null,\n      enabled: flag.enabled,\n    };\n  });\n}\n\nexport function featureFlagRoutes(ctx: RouteContext): void {\n  const { app, store } = ctx;\n  const ws = getWorkOSStore(store);\n\n  // List all flags\n  app.get('/feature-flags', (c) => {\n    const url = new URL(c.req.url);\n    const params = parseListParams(url);\n    const result = ws.featureFlags.list({ ...params });\n    return c.json(formatListResponse(result, formatFeatureFlag));\n  });\n\n  // Get flag by slug\n  app.get('/feature-flags/:slug', (c) => {\n    const flag = ws.featureFlags.findOneBy('slug', c.req.param('slug'));\n    if (!flag) throw notFound('FeatureFlag');\n    return c.json(formatFeatureFlag(flag));\n  });\n\n  // Enable flag\n  app.post('/feature-flags/:slug/enable', (c) => {\n    const flag = ws.featureFlags.findOneBy('slug', c.req.param('slug'));\n    if (!flag) throw notFound('FeatureFlag');\n    const updated = ws.featureFlags.update(flag.id, { enabled: true });\n    return c.json(formatFeatureFlag(updated!));\n  });\n\n  // Disable flag\n  app.post('/feature-flags/:slug/disable', (c) => {\n    const flag = ws.featureFlags.findOneBy('slug', c.req.param('slug'));\n    if (!flag) throw notFound('FeatureFlag');\n    const updated = ws.featureFlags.update(flag.id, { enabled: false });\n    return c.json(formatFeatureFlag(updated!));\n  });\n\n  // Add/update target\n  app.put('/feature-flags/:slug/targets/:resourceId', async (c) => {\n    const flag = ws.featureFlags.findOneBy('slug', c.req.param('slug'));\n    if (!flag) throw notFound('FeatureFlag');\n\n    const resourceId = c.req.param('resourceId');\n    const body = await parseJsonBody(c);\n\n    // Upsert: find existing target or create\n    const existing = ws.flagTargets.findBy('flag_slug', flag.slug).find((t) => t.resource_id === resourceId);\n\n    if (existing) {\n      const updated = ws.flagTargets.update(existing.id, {\n        value: body.value,\n        resource_type: (body.resource_type as string) ?? existing.resource_type,\n      });\n      return c.json(formatFlagTarget(updated!));\n    }\n\n    const target = ws.flagTargets.insert({\n      object: 'flag_target',\n      flag_slug: flag.slug,\n      resource_id: resourceId,\n      resource_type: (body.resource_type as string) ?? 'user',\n      value: body.value,\n    });\n\n    return c.json(formatFlagTarget(target), 201);\n  });\n\n  // Remove target\n  app.delete('/feature-flags/:slug/targets/:resourceId', (c) => {\n    const flag = ws.featureFlags.findOneBy('slug', c.req.param('slug'));\n    if (!flag) throw notFound('FeatureFlag');\n\n    const resourceId = c.req.param('resourceId');\n    const target = ws.flagTargets.findBy('flag_slug', flag.slug).find((t) => t.resource_id === resourceId);\n    if (!target) throw notFound('FlagTarget');\n\n    ws.flagTargets.delete(target.id);\n    return c.body(null, 204);\n  });\n\n  // Evaluate flags for organization\n  app.get('/organizations/:orgId/feature-flags', (c) => {\n    return c.json({\n      object: 'list',\n      data: evaluateFlags(ws, c.req.param('orgId')),\n      list_metadata: { before: null, after: null },\n    });\n  });\n\n  // Evaluate flags for user\n  app.get('/user_management/users/:userId/feature-flags', (c) => {\n    return c.json({\n      object: 'list',\n      data: evaluateFlags(ws, c.req.param('userId')),\n      list_metadata: { before: null, after: null },\n    });\n  });\n}\n"]}

package/dist/emulate/workos/routes/invitations.d.ts

@@ -0,0 +1,2 @@
+import { type RouteContext } from '../../core/index.js';
+export declare function invitationRoutes(ctx: RouteContext): void;

package/dist/emulate/workos/routes/invitations.js

@@ -0,0 +1,122 @@
+import { notFound, validationError, parseJsonBody, WorkOSApiError, parseListParams, } from '../../core/index.js';
+import { getWorkOSStore } from '../store.js';
+import { formatInvitation, generateVerificationToken, expiresIn, formatListResponse } from '../helpers.js';
+import { STORE_KEYS, EVENTS } from '../constants.js';
+export function invitationRoutes(ctx) {
+    const { app, store, baseUrl } = ctx;
+    const ws = getWorkOSStore(store);
+    app.post('/user_management/invitations', async (c) => {
+        const body = await parseJsonBody(c);
+        const email = body.email;
+        if (!email) {
+            throw validationError('email is required', [{ field: 'email', code: 'required' }]);
+        }
+        const token = generateVerificationToken();
+        const inv = ws.invitations.insert({
+            object: 'invitation',
+            email,
+            state: 'pending',
+            token,
+            accept_invitation_url: `${baseUrl}/user_management/invitations/accept?token=${token}`,
+            organization_id: body.organization_id ?? null,
+            inviter_user_id: body.inviter_user_id ?? null,
+            role_slug: body.role_slug ?? null,
+            expires_at: expiresIn(72 * 60), // 72 hours
+        });
+        return c.json(formatInvitation(inv), 201);
+    });
+    app.get('/user_management/invitations', (c) => {
+        const url = new URL(c.req.url);
+        const params = parseListParams(url);
+        const emailFilter = url.searchParams.get('email') ?? undefined;
+        const orgFilter = url.searchParams.get('organization_id') ?? undefined;
+        const result = ws.invitations.list({
+            ...params,
+            filter: (inv) => {
+                if (emailFilter && inv.email !== emailFilter)
+                    return false;
+                if (orgFilter && inv.organization_id !== orgFilter)
+                    return false;
+                return true;
+            },
+        });
+        return c.json(formatListResponse(result, formatInvitation));
+    });
+    app.get('/user_management/invitations/by_token/:token', (c) => {
+        const inv = ws.invitations.findOneBy('token', c.req.param('token'));
+        if (!inv)
+            throw notFound('Invitation');
+        return c.json(formatInvitation(inv));
+    });
+    app.get('/user_management/invitations/:id', (c) => {
+        const inv = ws.invitations.get(c.req.param('id'));
+        if (!inv)
+            throw notFound('Invitation');
+        return c.json(formatInvitation(inv));
+    });
+    app.post('/user_management/invitations/:id/accept', (c) => {
+        const inv = ws.invitations.get(c.req.param('id'));
+        if (!inv)
+            throw notFound('Invitation');
+        if (inv.state !== 'pending') {
+            throw new WorkOSApiError(400, `Invitation is ${inv.state}`, 'invalid_invitation_state');
+        }
+        ws.invitations.update(inv.id, { state: 'accepted' });
+        const eventBus = store.getData(STORE_KEYS.eventBus);
+        eventBus?.emit({ event: EVENTS.invitationAccepted, data: formatInvitation(ws.invitations.get(inv.id)) });
+        // Create org membership if invitation has an organization
+        if (inv.organization_id) {
+            const user = ws.users.findOneBy('email', inv.email);
+            if (user) {
+                ws.organizationMemberships.insert({
+                    object: 'organization_membership',
+                    organization_id: inv.organization_id,
+                    user_id: user.id,
+                    role: { slug: inv.role_slug ?? 'member' },
+                    status: 'active',
+                    external_id: null,
+                    metadata: {},
+                });
+            }
+        }
+        const updated = ws.invitations.get(inv.id);
+        return c.json(formatInvitation(updated));
+    });
+    app.post('/user_management/invitations/:id/revoke', (c) => {
+        const inv = ws.invitations.get(c.req.param('id'));
+        if (!inv)
+            throw notFound('Invitation');
+        if (inv.state !== 'pending') {
+            throw new WorkOSApiError(400, `Invitation is ${inv.state}`, 'invalid_invitation_state');
+        }
+        ws.invitations.update(inv.id, { state: 'revoked' });
+        const eventBus = store.getData(STORE_KEYS.eventBus);
+        eventBus?.emit({ event: EVENTS.invitationRevoked, data: formatInvitation(ws.invitations.get(inv.id)) });
+        const updated = ws.invitations.get(inv.id);
+        return c.json(formatInvitation(updated));
+    });
+    app.post('/user_management/invitations/:id/resend', (c) => {
+        const inv = ws.invitations.get(c.req.param('id'));
+        if (!inv)
+            throw notFound('Invitation');
+        const newToken = generateVerificationToken();
+        ws.invitations.update(inv.id, {
+            token: newToken,
+            accept_invitation_url: `${baseUrl}/user_management/invitations/accept?token=${newToken}`,
+            expires_at: expiresIn(72 * 60),
+            state: 'pending',
+        });
+        const eventBus = store.getData(STORE_KEYS.eventBus);
+        eventBus?.emit({ event: EVENTS.invitationResent, data: formatInvitation(ws.invitations.get(inv.id)) });
+        const updated = ws.invitations.get(inv.id);
+        return c.json(formatInvitation(updated));
+    });
+    app.delete('/user_management/invitations/:id', (c) => {
+        const inv = ws.invitations.get(c.req.param('id'));
+        if (!inv)
+            throw notFound('Invitation');
+        ws.invitations.delete(inv.id);
+        return c.body(null, 204);
+    });
+}
+//# sourceMappingURL=invitations.js.map

package/dist/emulate/workos/routes/invitations.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"invitations.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/invitations.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,QAAQ,EACR,eAAe,EACf,aAAa,EACb,cAAc,EACd,eAAe,GAChB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,gBAAgB,EAAE,yBAAyB,EAAE,SAAS,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAE3G,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAErD,MAAM,UAAU,gBAAgB,CAAC,GAAiB;IAChD,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;IACpC,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,GAAG,CAAC,IAAI,CAAC,8BAA8B,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACnD,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,KAAK,GAAG,IAAI,CAAC,KAA2B,CAAC;QAC/C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,eAAe,CAAC,mBAAmB,EAAE,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;QACrF,CAAC;QAED,MAAM,KAAK,GAAG,yBAAyB,EAAE,CAAC;QAC1C,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC;YAChC,MAAM,EAAE,YAAY;YACpB,KAAK;YACL,KAAK,EAAE,SAAS;YAChB,KAAK;YACL,qBAAqB,EAAE,GAAG,OAAO,6CAA6C,KAAK,EAAE;YACrF,eAAe,EAAG,IAAI,CAAC,eAA0B,IAAI,IAAI;YACzD,eAAe,EAAG,IAAI,CAAC,eAA0B,IAAI,IAAI;YACzD,SAAS,EAAG,IAAI,CAAC,SAAoB,IAAI,IAAI;YAC7C,UAAU,EAAE,SAAS,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,WAAW;SAC5C,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,8BAA8B,EAAE,CAAC,CAAC,EAAE,EAAE;QAC5C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QACpC,MAAM,WAAW,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;QAC/D,MAAM,SAAS,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,SAAS,CAAC;QAEvE,MAAM,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC;YACjC,GAAG,MAAM;YACT,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE;gBACd,IAAI,WAAW,IAAI,GAAG,CAAC,KAAK,KAAK,WAAW;oBAAE,OAAO,KAAK,CAAC;gBAC3D,IAAI,SAAS,IAAI,GAAG,CAAC,eAAe,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC;gBACjE,OAAO,IAAI,CAAC;YACd,CAAC;SACF,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,8CAA8C,EAAE,CAAC,CAAC,EAAE,EAAE;QAC5D,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;QACpE,IAAI,CAAC,GAAG;YAAE,MAAM,QAAQ,CAAC,YAAY,CAAC,CAAC;QACvC,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,kCAAkC,EAAE,CAAC,CAAC,EAAE,EAAE;QAChD,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAClD,IAAI,CAAC,GAAG;YAAE,MAAM,QAAQ,CAAC,YAAY,CAAC,CAAC;QACvC,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,IAAI,CAAC,yCAAyC,EAAE,CAAC,CAAC,EAAE,EAAE;QACxD,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAClD,IAAI,CAAC,GAAG;YAAE,MAAM,QAAQ,CAAC,YAAY,CAAC,CAAC;QAEvC,IAAI,GAAG,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;YAC5B,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,iBAAiB,GAAG,CAAC,KAAK,EAAE,EAAE,0BAA0B,CAAC,CAAC;QAC1F,CAAC;QAED,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC;QACrD,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAW,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC9D,QAAQ,EAAE,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,kBAAkB,EAAE,IAAI,EAAE,gBAAgB,CAAC,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAE,CAAC,EAAE,CAAC,CAAC;QAE1G,0DAA0D;QAC1D,IAAI,GAAG,CAAC,eAAe,EAAE,CAAC;YACxB,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YACpD,IAAI,IAAI,EAAE,CAAC;gBACT,EAAE,CAAC,uBAAuB,CAAC,MAAM,CAAC;oBAChC,MAAM,EAAE,yBAAyB;oBACjC,eAAe,EAAE,GAAG,CAAC,eAAe;oBACpC,OAAO,EAAE,IAAI,CAAC,EAAE;oBAChB,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,CAAC,SAAS,IAAI,QAAQ,EAAE;oBACzC,MAAM,EAAE,QAAQ;oBAChB,WAAW,EAAE,IAAI;oBACjB,QAAQ,EAAE,EAAE;iBACb,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAE,CAAC;QAC5C,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,IAAI,CAAC,yCAAyC,EAAE,CAAC,CAAC,EAAE,EAAE;QACxD,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAClD,IAAI,CAAC,GAAG;YAAE,MAAM,QAAQ,CAAC,YAAY,CAAC,CAAC;QAEvC,IAAI,GAAG,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;YAC5B,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,iBAAiB,GAAG,CAAC,KAAK,EAAE,EAAE,0BAA0B,CAAC,CAAC;QAC1F,CAAC;QAED,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;QACpD,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAW,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC9D,QAAQ,EAAE,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,iBAAiB,EAAE,IAAI,EAAE,gBAAgB,CAAC,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAE,CAAC,EAAE,CAAC,CAAC;QACzG,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAE,CAAC;QAC5C,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,IAAI,CAAC,yCAAyC,EAAE,CAAC,CAAC,EAAE,EAAE;QACxD,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAClD,IAAI,CAAC,GAAG;YAAE,MAAM,QAAQ,CAAC,YAAY,CAAC,CAAC;QAEvC,MAAM,QAAQ,GAAG,yBAAyB,EAAE,CAAC;QAC7C,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE;YAC5B,KAAK,EAAE,QAAQ;YACf,qBAAqB,EAAE,GAAG,OAAO,6CAA6C,QAAQ,EAAE;YACxF,UAAU,EAAE,SAAS,CAAC,EAAE,GAAG,EAAE,CAAC;YAC9B,KAAK,EAAE,SAAS;SACjB,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAW,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC9D,QAAQ,EAAE,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,gBAAgB,EAAE,IAAI,EAAE,gBAAgB,CAAC,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAE,CAAC,EAAE,CAAC,CAAC;QACxG,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAE,CAAC;QAC5C,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,MAAM,CAAC,kCAAkC,EAAE,CAAC,CAAC,EAAE,EAAE;QACnD,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAClD,IAAI,CAAC,GAAG;YAAE,MAAM,QAAQ,CAAC,YAAY,CAAC,CAAC;QACvC,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9B,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import {\n  type RouteContext,\n  notFound,\n  validationError,\n  parseJsonBody,\n  WorkOSApiError,\n  parseListParams,\n} from '../../core/index.js';\nimport { getWorkOSStore } from '../store.js';\nimport { formatInvitation, generateVerificationToken, expiresIn, formatListResponse } from '../helpers.js';\nimport type { EventBus } from '../event-bus.js';\nimport { STORE_KEYS, EVENTS } from '../constants.js';\n\nexport function invitationRoutes(ctx: RouteContext): void {\n  const { app, store, baseUrl } = ctx;\n  const ws = getWorkOSStore(store);\n\n  app.post('/user_management/invitations', async (c) => {\n    const body = await parseJsonBody(c);\n    const email = body.email as string | undefined;\n    if (!email) {\n      throw validationError('email is required', [{ field: 'email', code: 'required' }]);\n    }\n\n    const token = generateVerificationToken();\n    const inv = ws.invitations.insert({\n      object: 'invitation',\n      email,\n      state: 'pending',\n      token,\n      accept_invitation_url: `${baseUrl}/user_management/invitations/accept?token=${token}`,\n      organization_id: (body.organization_id as string) ?? null,\n      inviter_user_id: (body.inviter_user_id as string) ?? null,\n      role_slug: (body.role_slug as string) ?? null,\n      expires_at: expiresIn(72 * 60), // 72 hours\n    });\n\n    return c.json(formatInvitation(inv), 201);\n  });\n\n  app.get('/user_management/invitations', (c) => {\n    const url = new URL(c.req.url);\n    const params = parseListParams(url);\n    const emailFilter = url.searchParams.get('email') ?? undefined;\n    const orgFilter = url.searchParams.get('organization_id') ?? undefined;\n\n    const result = ws.invitations.list({\n      ...params,\n      filter: (inv) => {\n        if (emailFilter && inv.email !== emailFilter) return false;\n        if (orgFilter && inv.organization_id !== orgFilter) return false;\n        return true;\n      },\n    });\n\n    return c.json(formatListResponse(result, formatInvitation));\n  });\n\n  app.get('/user_management/invitations/by_token/:token', (c) => {\n    const inv = ws.invitations.findOneBy('token', c.req.param('token'));\n    if (!inv) throw notFound('Invitation');\n    return c.json(formatInvitation(inv));\n  });\n\n  app.get('/user_management/invitations/:id', (c) => {\n    const inv = ws.invitations.get(c.req.param('id'));\n    if (!inv) throw notFound('Invitation');\n    return c.json(formatInvitation(inv));\n  });\n\n  app.post('/user_management/invitations/:id/accept', (c) => {\n    const inv = ws.invitations.get(c.req.param('id'));\n    if (!inv) throw notFound('Invitation');\n\n    if (inv.state !== 'pending') {\n      throw new WorkOSApiError(400, `Invitation is ${inv.state}`, 'invalid_invitation_state');\n    }\n\n    ws.invitations.update(inv.id, { state: 'accepted' });\n    const eventBus = store.getData<EventBus>(STORE_KEYS.eventBus);\n    eventBus?.emit({ event: EVENTS.invitationAccepted, data: formatInvitation(ws.invitations.get(inv.id)!) });\n\n    // Create org membership if invitation has an organization\n    if (inv.organization_id) {\n      const user = ws.users.findOneBy('email', inv.email);\n      if (user) {\n        ws.organizationMemberships.insert({\n          object: 'organization_membership',\n          organization_id: inv.organization_id,\n          user_id: user.id,\n          role: { slug: inv.role_slug ?? 'member' },\n          status: 'active',\n          external_id: null,\n          metadata: {},\n        });\n      }\n    }\n\n    const updated = ws.invitations.get(inv.id)!;\n    return c.json(formatInvitation(updated));\n  });\n\n  app.post('/user_management/invitations/:id/revoke', (c) => {\n    const inv = ws.invitations.get(c.req.param('id'));\n    if (!inv) throw notFound('Invitation');\n\n    if (inv.state !== 'pending') {\n      throw new WorkOSApiError(400, `Invitation is ${inv.state}`, 'invalid_invitation_state');\n    }\n\n    ws.invitations.update(inv.id, { state: 'revoked' });\n    const eventBus = store.getData<EventBus>(STORE_KEYS.eventBus);\n    eventBus?.emit({ event: EVENTS.invitationRevoked, data: formatInvitation(ws.invitations.get(inv.id)!) });\n    const updated = ws.invitations.get(inv.id)!;\n    return c.json(formatInvitation(updated));\n  });\n\n  app.post('/user_management/invitations/:id/resend', (c) => {\n    const inv = ws.invitations.get(c.req.param('id'));\n    if (!inv) throw notFound('Invitation');\n\n    const newToken = generateVerificationToken();\n    ws.invitations.update(inv.id, {\n      token: newToken,\n      accept_invitation_url: `${baseUrl}/user_management/invitations/accept?token=${newToken}`,\n      expires_at: expiresIn(72 * 60),\n      state: 'pending',\n    });\n\n    const eventBus = store.getData<EventBus>(STORE_KEYS.eventBus);\n    eventBus?.emit({ event: EVENTS.invitationResent, data: formatInvitation(ws.invitations.get(inv.id)!) });\n    const updated = ws.invitations.get(inv.id)!;\n    return c.json(formatInvitation(updated));\n  });\n\n  app.delete('/user_management/invitations/:id', (c) => {\n    const inv = ws.invitations.get(c.req.param('id'));\n    if (!inv) throw notFound('Invitation');\n    ws.invitations.delete(inv.id);\n    return c.body(null, 204);\n  });\n}\n"]}

package/dist/emulate/workos/routes/legacy-mfa.d.ts

@@ -0,0 +1,2 @@
+import { type RouteContext } from '../../core/index.js';
+export declare function legacyMfaRoutes(ctx: RouteContext): void;

package/dist/emulate/workos/routes/legacy-mfa.js

@@ -0,0 +1,75 @@
+import { notFound, parseJsonBody, WorkOSApiError } from '../../core/index.js';
+import { getWorkOSStore } from '../store.js';
+import { formatAuthFactor, formatAuthChallenge, expiresIn, isExpired, generateCode } from '../helpers.js';
+import { randomBytes } from 'node:crypto';
+export function legacyMfaRoutes(ctx) {
+    const { app, store } = ctx;
+    const ws = getWorkOSStore(store);
+    // Enroll factor (legacy path — not tied to user management users)
+    app.post('/auth/factors/enroll', async (c) => {
+        const body = await parseJsonBody(c);
+        const type = body.type ?? 'totp';
+        const issuer = body.totp_issuer ?? 'WorkOS Emulator';
+        const totpUser = body.totp_user ?? 'legacy@emulator';
+        const secret = randomBytes(20).toString('hex').slice(0, 32).toUpperCase();
+        const uri = `otpauth://totp/${encodeURIComponent(issuer)}:${encodeURIComponent(totpUser)}?secret=${secret}&issuer=${encodeURIComponent(issuer)}`;
+        const factor = ws.authFactors.insert({
+            object: 'authentication_factor',
+            user_id: 'legacy',
+            type: type,
+            totp: { issuer, user: totpUser, uri },
+        });
+        return c.json(formatAuthFactor(factor), 201);
+    });
+    // Get factor
+    app.get('/auth/factors/:id', (c) => {
+        const factor = ws.authFactors.get(c.req.param('id'));
+        if (!factor)
+            throw notFound('AuthenticationFactor');
+        return c.json(formatAuthFactor(factor));
+    });
+    // Delete factor
+    app.delete('/auth/factors/:id', (c) => {
+        const factor = ws.authFactors.get(c.req.param('id'));
+        if (!factor)
+            throw notFound('AuthenticationFactor');
+        ws.authFactors.delete(factor.id);
+        return c.body(null, 204);
+    });
+    // Create challenge
+    app.post('/auth/factors/:id/challenge', async (c) => {
+        const factor = ws.authFactors.get(c.req.param('id'));
+        if (!factor)
+            throw notFound('AuthenticationFactor');
+        const code = generateCode();
+        const challenge = ws.authChallenges.insert({
+            object: 'authentication_challenge',
+            user_id: factor.user_id,
+            factor_id: factor.id,
+            expires_at: expiresIn(10),
+            code,
+        });
+        return c.json(formatAuthChallenge(challenge), 201);
+    });
+    // Verify challenge
+    app.post('/auth/challenges/:id/verify', async (c) => {
+        const challenge = ws.authChallenges.get(c.req.param('id'));
+        if (!challenge)
+            throw notFound('AuthenticationChallenge');
+        if (isExpired(challenge.expires_at)) {
+            ws.authChallenges.delete(challenge.id);
+            throw new WorkOSApiError(400, 'Challenge has expired', 'expired_challenge');
+        }
+        const body = await parseJsonBody(c);
+        const code = body.code;
+        if (!code) {
+            throw new WorkOSApiError(400, 'code is required', 'invalid_request');
+        }
+        if (challenge.code && code !== challenge.code) {
+            throw new WorkOSApiError(400, 'Invalid one-time code', 'invalid_one_time_code');
+        }
+        ws.authChallenges.delete(challenge.id);
+        return c.json({ challenge: formatAuthChallenge(challenge), valid: true });
+    });
+}
+//# sourceMappingURL=legacy-mfa.js.map

package/dist/emulate/workos/routes/legacy-mfa.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"legacy-mfa.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/legacy-mfa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,QAAQ,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACjG,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,SAAS,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC1G,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE1C,MAAM,UAAU,eAAe,CAAC,GAAiB;IAC/C,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC;IAC3B,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,kEAAkE;IAClE,GAAG,CAAC,IAAI,CAAC,sBAAsB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC3C,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,IAAI,GAAI,IAAI,CAAC,IAAe,IAAI,MAAM,CAAC;QAC7C,MAAM,MAAM,GAAI,IAAI,CAAC,WAAsB,IAAI,iBAAiB,CAAC;QACjE,MAAM,QAAQ,GAAI,IAAI,CAAC,SAAoB,IAAI,iBAAiB,CAAC;QACjE,MAAM,MAAM,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;QAC1E,MAAM,GAAG,GAAG,kBAAkB,kBAAkB,CAAC,MAAM,CAAC,IAAI,kBAAkB,CAAC,QAAQ,CAAC,WAAW,MAAM,WAAW,kBAAkB,CAAC,MAAM,CAAC,EAAE,CAAC;QAEjJ,MAAM,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC;YACnC,MAAM,EAAE,uBAAuB;YAC/B,OAAO,EAAE,QAAQ;YACjB,IAAI,EAAE,IAAc;YACpB,IAAI,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,EAAE;SACtC,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,aAAa;IACb,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,CAAC,CAAC,EAAE,EAAE;QACjC,MAAM,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACrD,IAAI,CAAC,MAAM;YAAE,MAAM,QAAQ,CAAC,sBAAsB,CAAC,CAAC;QACpD,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,gBAAgB;IAChB,GAAG,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC,CAAC,EAAE,EAAE;QACpC,MAAM,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACrD,IAAI,CAAC,MAAM;YAAE,MAAM,QAAQ,CAAC,sBAAsB,CAAC,CAAC;QACpD,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACjC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;IAEH,mBAAmB;IACnB,GAAG,CAAC,IAAI,CAAC,6BAA6B,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAClD,MAAM,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACrD,IAAI,CAAC,MAAM;YAAE,MAAM,QAAQ,CAAC,sBAAsB,CAAC,CAAC;QAEpD,MAAM,IAAI,GAAG,YAAY,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC;YACzC,MAAM,EAAE,0BAA0B;YAClC,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,SAAS,EAAE,MAAM,CAAC,EAAE;YACpB,UAAU,EAAE,SAAS,CAAC,EAAE,CAAC;YACzB,IAAI;SACL,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,EAAE,GAAG,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,mBAAmB;IACnB,GAAG,CAAC,IAAI,CAAC,6BAA6B,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAClD,MAAM,SAAS,GAAG,EAAE,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAC3D,IAAI,CAAC,SAAS;YAAE,MAAM,QAAQ,CAAC,yBAAyB,CAAC,CAAC;QAE1D,IAAI,SAAS,CAAC,SAAS,CAAC,UAAU,CAAC,EAAE,CAAC;YACpC,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;YACvC,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,uBAAuB,EAAE,mBAAmB,CAAC,CAAC;QAC9E,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAc,CAAC;QACjC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;QACvE,CAAC;QACD,IAAI,SAAS,CAAC,IAAI,IAAI,IAAI,KAAK,SAAS,CAAC,IAAI,EAAE,CAAC;YAC9C,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,uBAAuB,EAAE,uBAAuB,CAAC,CAAC;QAClF,CAAC;QAED,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACvC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,mBAAmB,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import { type RouteContext, notFound, parseJsonBody, WorkOSApiError } from '../../core/index.js';\nimport { getWorkOSStore } from '../store.js';\nimport { formatAuthFactor, formatAuthChallenge, expiresIn, isExpired, generateCode } from '../helpers.js';\nimport { randomBytes } from 'node:crypto';\n\nexport function legacyMfaRoutes(ctx: RouteContext): void {\n  const { app, store } = ctx;\n  const ws = getWorkOSStore(store);\n\n  // Enroll factor (legacy path — not tied to user management users)\n  app.post('/auth/factors/enroll', async (c) => {\n    const body = await parseJsonBody(c);\n    const type = (body.type as string) ?? 'totp';\n    const issuer = (body.totp_issuer as string) ?? 'WorkOS Emulator';\n    const totpUser = (body.totp_user as string) ?? 'legacy@emulator';\n    const secret = randomBytes(20).toString('hex').slice(0, 32).toUpperCase();\n    const uri = `otpauth://totp/${encodeURIComponent(issuer)}:${encodeURIComponent(totpUser)}?secret=${secret}&issuer=${encodeURIComponent(issuer)}`;\n\n    const factor = ws.authFactors.insert({\n      object: 'authentication_factor',\n      user_id: 'legacy',\n      type: type as 'totp',\n      totp: { issuer, user: totpUser, uri },\n    });\n\n    return c.json(formatAuthFactor(factor), 201);\n  });\n\n  // Get factor\n  app.get('/auth/factors/:id', (c) => {\n    const factor = ws.authFactors.get(c.req.param('id'));\n    if (!factor) throw notFound('AuthenticationFactor');\n    return c.json(formatAuthFactor(factor));\n  });\n\n  // Delete factor\n  app.delete('/auth/factors/:id', (c) => {\n    const factor = ws.authFactors.get(c.req.param('id'));\n    if (!factor) throw notFound('AuthenticationFactor');\n    ws.authFactors.delete(factor.id);\n    return c.body(null, 204);\n  });\n\n  // Create challenge\n  app.post('/auth/factors/:id/challenge', async (c) => {\n    const factor = ws.authFactors.get(c.req.param('id'));\n    if (!factor) throw notFound('AuthenticationFactor');\n\n    const code = generateCode();\n    const challenge = ws.authChallenges.insert({\n      object: 'authentication_challenge',\n      user_id: factor.user_id,\n      factor_id: factor.id,\n      expires_at: expiresIn(10),\n      code,\n    });\n\n    return c.json(formatAuthChallenge(challenge), 201);\n  });\n\n  // Verify challenge\n  app.post('/auth/challenges/:id/verify', async (c) => {\n    const challenge = ws.authChallenges.get(c.req.param('id'));\n    if (!challenge) throw notFound('AuthenticationChallenge');\n\n    if (isExpired(challenge.expires_at)) {\n      ws.authChallenges.delete(challenge.id);\n      throw new WorkOSApiError(400, 'Challenge has expired', 'expired_challenge');\n    }\n\n    const body = await parseJsonBody(c);\n    const code = body.code as string;\n    if (!code) {\n      throw new WorkOSApiError(400, 'code is required', 'invalid_request');\n    }\n    if (challenge.code && code !== challenge.code) {\n      throw new WorkOSApiError(400, 'Invalid one-time code', 'invalid_one_time_code');\n    }\n\n    ws.authChallenges.delete(challenge.id);\n    return c.json({ challenge: formatAuthChallenge(challenge), valid: true });\n  });\n}\n"]}

package/dist/emulate/workos/routes/magic-auth.d.ts

@@ -0,0 +1,2 @@
+import { type RouteContext } from '../../core/index.js';
+export declare function magicAuthRoutes(ctx: RouteContext): void;

package/dist/emulate/workos/routes/magic-auth.js

@@ -0,0 +1,32 @@
+import { notFound, parseJsonBody, WorkOSApiError } from '../../core/index.js';
+import { getWorkOSStore } from '../store.js';
+import { formatMagicAuth, generateCode, expiresIn } from '../helpers.js';
+export function magicAuthRoutes(ctx) {
+    const { app, store } = ctx;
+    const ws = getWorkOSStore(store);
+    app.get('/user_management/magic_auth/:id', (c) => {
+        const ma = ws.magicAuths.get(c.req.param('id'));
+        if (!ma)
+            throw notFound('Magic Auth');
+        return c.json(formatMagicAuth(ma));
+    });
+    app.post('/user_management/magic_auth', async (c) => {
+        const body = await parseJsonBody(c);
+        const email = body.email;
+        if (!email) {
+            throw new WorkOSApiError(400, 'email is required', 'invalid_request');
+        }
+        const user = ws.users.findOneBy('email', email);
+        if (!user)
+            throw notFound('User');
+        const ma = ws.magicAuths.insert({
+            object: 'magic_auth',
+            user_id: user.id,
+            email: user.email,
+            code: generateCode(),
+            expires_at: expiresIn(10),
+        });
+        return c.json(formatMagicAuth(ma), 201);
+    });
+}
+//# sourceMappingURL=magic-auth.js.map

package/dist/emulate/workos/routes/magic-auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"magic-auth.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/magic-auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,QAAQ,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACjG,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAEzE,MAAM,UAAU,eAAe,CAAC,GAAiB;IAC/C,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC;IAC3B,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,GAAG,CAAC,GAAG,CAAC,iCAAiC,EAAE,CAAC,CAAC,EAAE,EAAE;QAC/C,MAAM,EAAE,GAAG,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAChD,IAAI,CAAC,EAAE;YAAE,MAAM,QAAQ,CAAC,YAAY,CAAC,CAAC;QACtC,OAAO,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,IAAI,CAAC,6BAA6B,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAClD,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,KAAK,GAAG,IAAI,CAAC,KAA2B,CAAC;QAC/C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,mBAAmB,EAAE,iBAAiB,CAAC,CAAC;QACxE,CAAC;QAED,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAChD,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;QAElC,MAAM,EAAE,GAAG,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC;YAC9B,MAAM,EAAE,YAAY;YACpB,OAAO,EAAE,IAAI,CAAC,EAAE;YAChB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,YAAY,EAAE;YACpB,UAAU,EAAE,SAAS,CAAC,EAAE,CAAC;SAC1B,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import { type RouteContext, notFound, parseJsonBody, WorkOSApiError } from '../../core/index.js';\nimport { getWorkOSStore } from '../store.js';\nimport { formatMagicAuth, generateCode, expiresIn } from '../helpers.js';\n\nexport function magicAuthRoutes(ctx: RouteContext): void {\n  const { app, store } = ctx;\n  const ws = getWorkOSStore(store);\n\n  app.get('/user_management/magic_auth/:id', (c) => {\n    const ma = ws.magicAuths.get(c.req.param('id'));\n    if (!ma) throw notFound('Magic Auth');\n    return c.json(formatMagicAuth(ma));\n  });\n\n  app.post('/user_management/magic_auth', async (c) => {\n    const body = await parseJsonBody(c);\n    const email = body.email as string | undefined;\n    if (!email) {\n      throw new WorkOSApiError(400, 'email is required', 'invalid_request');\n    }\n\n    const user = ws.users.findOneBy('email', email);\n    if (!user) throw notFound('User');\n\n    const ma = ws.magicAuths.insert({\n      object: 'magic_auth',\n      user_id: user.id,\n      email: user.email,\n      code: generateCode(),\n      expires_at: expiresIn(10),\n    });\n\n    return c.json(formatMagicAuth(ma), 201);\n  });\n}\n"]}