npm - workos - Versions diffs - 0.11.2 → 0.12.0 - Mend

workos 0.11.2 → 0.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (186) hide show

package/README.md +165 -6
package/dist/bin.js +22 -1
package/dist/bin.js.map +1 -1
package/dist/check-coverage.ts +237 -0
package/dist/commands/debug.js +0 -1
package/dist/commands/debug.js.map +1 -1
package/dist/commands/dev.d.ts +23 -0
package/dist/commands/dev.js +139 -0
package/dist/commands/dev.js.map +1 -0
package/dist/commands/emulate.d.ts +6 -0
package/dist/commands/emulate.js +64 -0
package/dist/commands/emulate.js.map +1 -0
package/dist/commands/login.js +0 -4
package/dist/commands/login.js.map +1 -1
package/dist/emulate/core/id.d.ts +48 -0
package/dist/emulate/core/id.js +73 -0
package/dist/emulate/core/id.js.map +1 -0
package/dist/emulate/core/index.d.ts +8 -0
package/dist/emulate/core/index.js +8 -0
package/dist/emulate/core/index.js.map +1 -0
package/dist/emulate/core/jwt.d.ts +28 -0
package/dist/emulate/core/jwt.js +78 -0
package/dist/emulate/core/jwt.js.map +1 -0
package/dist/emulate/core/middleware/auth.d.ts +15 -0
package/dist/emulate/core/middleware/auth.js +17 -0
package/dist/emulate/core/middleware/auth.js.map +1 -0
package/dist/emulate/core/middleware/error-handler.d.ts +22 -0
package/dist/emulate/core/middleware/error-handler.js +72 -0
package/dist/emulate/core/middleware/error-handler.js.map +1 -0
package/dist/emulate/core/pagination.d.ts +27 -0
package/dist/emulate/core/pagination.js +43 -0
package/dist/emulate/core/pagination.js.map +1 -0
package/dist/emulate/core/plugin.d.ts +15 -0
package/dist/emulate/core/plugin.js +2 -0
package/dist/emulate/core/plugin.js.map +1 -0
package/dist/emulate/core/server.d.ts +17 -0
package/dist/emulate/core/server.js +90 -0
package/dist/emulate/core/server.js.map +1 -0
package/dist/emulate/core/store.d.ts +44 -0
package/dist/emulate/core/store.js +169 -0
package/dist/emulate/core/store.js.map +1 -0
package/dist/emulate/index.d.ts +25 -0
package/dist/emulate/index.js +47 -0
package/dist/emulate/index.js.map +1 -0
package/dist/emulate/workos/constants.d.ts +56 -0
package/dist/emulate/workos/constants.js +56 -0
package/dist/emulate/workos/constants.js.map +1 -0
package/dist/emulate/workos/entities.d.ts +360 -0
package/dist/emulate/workos/entities.js +2 -0
package/dist/emulate/workos/entities.js.map +1 -0
package/dist/emulate/workos/event-bus.d.ts +17 -0
package/dist/emulate/workos/event-bus.js +70 -0
package/dist/emulate/workos/event-bus.js.map +1 -0
package/dist/emulate/workos/helpers.d.ts +72 -0
package/dist/emulate/workos/helpers.js +211 -0
package/dist/emulate/workos/helpers.js.map +1 -0
package/dist/emulate/workos/index.d.ts +91 -0
package/dist/emulate/workos/index.js +322 -0
package/dist/emulate/workos/index.js.map +1 -0
package/dist/emulate/workos/role-helpers.d.ts +21 -0
package/dist/emulate/workos/role-helpers.js +130 -0
package/dist/emulate/workos/role-helpers.js.map +1 -0
package/dist/emulate/workos/routes/api-keys.d.ts +2 -0
package/dist/emulate/workos/routes/api-keys.js +32 -0
package/dist/emulate/workos/routes/api-keys.js.map +1 -0
package/dist/emulate/workos/routes/audit-logs.d.ts +2 -0
package/dist/emulate/workos/routes/audit-logs.js +104 -0
package/dist/emulate/workos/routes/audit-logs.js.map +1 -0
package/dist/emulate/workos/routes/auth-challenges.d.ts +2 -0
package/dist/emulate/workos/routes/auth-challenges.js +51 -0
package/dist/emulate/workos/routes/auth-challenges.js.map +1 -0
package/dist/emulate/workos/routes/auth-factors.d.ts +2 -0
package/dist/emulate/workos/routes/auth-factors.js +51 -0
package/dist/emulate/workos/routes/auth-factors.js.map +1 -0
package/dist/emulate/workos/routes/auth.d.ts +2 -0
package/dist/emulate/workos/routes/auth.js +350 -0
package/dist/emulate/workos/routes/auth.js.map +1 -0
package/dist/emulate/workos/routes/authorization-checks.d.ts +10 -0
package/dist/emulate/workos/routes/authorization-checks.js +123 -0
package/dist/emulate/workos/routes/authorization-checks.js.map +1 -0
package/dist/emulate/workos/routes/authorization-org-roles.d.ts +2 -0
package/dist/emulate/workos/routes/authorization-org-roles.js +64 -0
package/dist/emulate/workos/routes/authorization-org-roles.js.map +1 -0
package/dist/emulate/workos/routes/authorization-permissions.d.ts +2 -0
package/dist/emulate/workos/routes/authorization-permissions.js +67 -0
package/dist/emulate/workos/routes/authorization-permissions.js.map +1 -0
package/dist/emulate/workos/routes/authorization-resources.d.ts +2 -0
package/dist/emulate/workos/routes/authorization-resources.js +117 -0
package/dist/emulate/workos/routes/authorization-resources.js.map +1 -0
package/dist/emulate/workos/routes/authorization-roles.d.ts +2 -0
package/dist/emulate/workos/routes/authorization-roles.js +13 -0
package/dist/emulate/workos/routes/authorization-roles.js.map +1 -0
package/dist/emulate/workos/routes/config.d.ts +2 -0
package/dist/emulate/workos/routes/config.js +57 -0
package/dist/emulate/workos/routes/config.js.map +1 -0
package/dist/emulate/workos/routes/connect.d.ts +2 -0
package/dist/emulate/workos/routes/connect.js +65 -0
package/dist/emulate/workos/routes/connect.js.map +1 -0
package/dist/emulate/workos/routes/connections.d.ts +2 -0
package/dist/emulate/workos/routes/connections.js +73 -0
package/dist/emulate/workos/routes/connections.js.map +1 -0
package/dist/emulate/workos/routes/data-integrations.d.ts +2 -0
package/dist/emulate/workos/routes/data-integrations.js +55 -0
package/dist/emulate/workos/routes/data-integrations.js.map +1 -0
package/dist/emulate/workos/routes/directories.d.ts +2 -0
package/dist/emulate/workos/routes/directories.js +90 -0
package/dist/emulate/workos/routes/directories.js.map +1 -0
package/dist/emulate/workos/routes/email-verification.d.ts +2 -0
package/dist/emulate/workos/routes/email-verification.js +49 -0
package/dist/emulate/workos/routes/email-verification.js.map +1 -0
package/dist/emulate/workos/routes/events.d.ts +2 -0
package/dist/emulate/workos/routes/events.js +18 -0
package/dist/emulate/workos/routes/events.js.map +1 -0
package/dist/emulate/workos/routes/feature-flags.d.ts +2 -0
package/dist/emulate/workos/routes/feature-flags.js +103 -0
package/dist/emulate/workos/routes/feature-flags.js.map +1 -0
package/dist/emulate/workos/routes/invitations.d.ts +2 -0
package/dist/emulate/workos/routes/invitations.js +122 -0
package/dist/emulate/workos/routes/invitations.js.map +1 -0
package/dist/emulate/workos/routes/legacy-mfa.d.ts +2 -0
package/dist/emulate/workos/routes/legacy-mfa.js +75 -0
package/dist/emulate/workos/routes/legacy-mfa.js.map +1 -0
package/dist/emulate/workos/routes/magic-auth.d.ts +2 -0
package/dist/emulate/workos/routes/magic-auth.js +32 -0
package/dist/emulate/workos/routes/magic-auth.js.map +1 -0
package/dist/emulate/workos/routes/memberships.d.ts +2 -0
package/dist/emulate/workos/routes/memberships.js +114 -0
package/dist/emulate/workos/routes/memberships.js.map +1 -0
package/dist/emulate/workos/routes/organization-domains.d.ts +2 -0
package/dist/emulate/workos/routes/organization-domains.js +58 -0
package/dist/emulate/workos/routes/organization-domains.js.map +1 -0
package/dist/emulate/workos/routes/organizations.d.ts +2 -0
package/dist/emulate/workos/routes/organizations.js +131 -0
package/dist/emulate/workos/routes/organizations.js.map +1 -0
package/dist/emulate/workos/routes/password-reset.d.ts +2 -0
package/dist/emulate/workos/routes/password-reset.js +61 -0
package/dist/emulate/workos/routes/password-reset.js.map +1 -0
package/dist/emulate/workos/routes/pipes.d.ts +2 -0
package/dist/emulate/workos/routes/pipes.js +82 -0
package/dist/emulate/workos/routes/pipes.js.map +1 -0
package/dist/emulate/workos/routes/portal.d.ts +2 -0
package/dist/emulate/workos/routes/portal.js +18 -0
package/dist/emulate/workos/routes/portal.js.map +1 -0
package/dist/emulate/workos/routes/radar.d.ts +2 -0
package/dist/emulate/workos/routes/radar.js +41 -0
package/dist/emulate/workos/routes/radar.js.map +1 -0
package/dist/emulate/workos/routes/sessions.d.ts +2 -0
package/dist/emulate/workos/routes/sessions.js +51 -0
package/dist/emulate/workos/routes/sessions.js.map +1 -0
package/dist/emulate/workos/routes/sso.d.ts +2 -0
package/dist/emulate/workos/routes/sso.js +161 -0
package/dist/emulate/workos/routes/sso.js.map +1 -0
package/dist/emulate/workos/routes/user-features.d.ts +2 -0
package/dist/emulate/workos/routes/user-features.js +50 -0
package/dist/emulate/workos/routes/user-features.js.map +1 -0
package/dist/emulate/workos/routes/users.d.ts +2 -0
package/dist/emulate/workos/routes/users.js +129 -0
package/dist/emulate/workos/routes/users.js.map +1 -0
package/dist/emulate/workos/routes/webhook-endpoints.d.ts +2 -0
package/dist/emulate/workos/routes/webhook-endpoints.js +66 -0
package/dist/emulate/workos/routes/webhook-endpoints.js.map +1 -0
package/dist/emulate/workos/routes/widgets.d.ts +2 -0
package/dist/emulate/workos/routes/widgets.js +27 -0
package/dist/emulate/workos/routes/widgets.js.map +1 -0
package/dist/emulate/workos/store.d.ts +48 -0
package/dist/emulate/workos/store.js +102 -0
package/dist/emulate/workos/store.js.map +1 -0
package/dist/emulate/workos/webhook-signer.d.ts +1 -0
package/dist/emulate/workos/webhook-signer.js +8 -0
package/dist/emulate/workos/webhook-signer.js.map +1 -0
package/dist/gen-routes-lib.spec.ts +659 -0
package/dist/gen-routes-lib.ts +647 -0
package/dist/gen-routes.ts +96 -0
package/dist/lib/dev-command.d.ts +26 -0
package/dist/lib/dev-command.js +122 -0
package/dist/lib/dev-command.js.map +1 -0
package/dist/lib/run-with-core.js +0 -3
package/dist/lib/run-with-core.js.map +1 -1
package/dist/lib/settings.js +1 -1
package/dist/lib/settings.js.map +1 -1
package/dist/utils/help-json.js +1 -0
package/dist/utils/help-json.js.map +1 -1
package/dist/utils/register-subcommand.d.ts +5 -2
package/dist/utils/register-subcommand.js +16 -19
package/dist/utils/register-subcommand.js.map +1 -1
package/package.json +21 -8

package/dist/emulate/workos/routes/radar.js ADDED Viewed

@@ -0,0 +1,41 @@
+import { notFound, parseJsonBody, parseListParams } from '../../core/index.js';
+import { getWorkOSStore } from '../store.js';
+import { formatRadarAttempt, formatListResponse } from '../helpers.js';
+export function radarRoutes(ctx) {
+    const { app, store } = ctx;
+    const ws = getWorkOSStore(store);
+    // List attempts
+    app.get('/radar/attempts', (c) => {
+        const url = new URL(c.req.url);
+        const params = parseListParams(url);
+        const result = ws.radarAttempts.list({ ...params });
+        return c.json(formatListResponse(result, formatRadarAttempt));
+    });
+    // Get attempt
+    app.get('/radar/attempts/:id', (c) => {
+        const attempt = ws.radarAttempts.get(c.req.param('id'));
+        if (!attempt)
+            throw notFound('RadarAttempt');
+        return c.json(formatRadarAttempt(attempt));
+    });
+    // Manage allow/deny lists
+    app.post('/radar/lists/:type/:action', async (c) => {
+        const listType = c.req.param('type');
+        const action = c.req.param('action');
+        const body = await parseJsonBody(c);
+        const entries = body.entries ?? [];
+        const key = `radar_${listType}_list`;
+        const existing = store.getData(key) ?? new Set();
+        if (action === 'add') {
+            for (const entry of entries)
+                existing.add(entry);
+        }
+        else if (action === 'remove') {
+            for (const entry of entries)
+                existing.delete(entry);
+        }
+        store.setData(key, existing);
+        return c.json({ success: true });
+    });
+}
+//# sourceMappingURL=radar.js.map

package/dist/emulate/workos/routes/radar.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"radar.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/radar.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,QAAQ,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAClG,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEvE,MAAM,UAAU,WAAW,CAAC,GAAiB;IAC3C,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC;IAC3B,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,gBAAgB;IAChB,GAAG,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,CAAC,EAAE,EAAE;QAC/B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QACpC,MAAM,MAAM,GAAG,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,GAAG,MAAM,EAAE,CAAC,CAAC;QACpD,OAAO,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;IAEH,cAAc;IACd,GAAG,CAAC,GAAG,CAAC,qBAAqB,EAAE,CAAC,CAAC,EAAE,EAAE;QACnC,MAAM,OAAO,GAAG,EAAE,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACxD,IAAI,CAAC,OAAO;YAAE,MAAM,QAAQ,CAAC,cAAc,CAAC,CAAC;QAC7C,OAAO,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,0BAA0B;IAC1B,GAAG,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACjD,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACrC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,OAAO,GAAI,IAAI,CAAC,OAAoB,IAAI,EAAE,CAAC;QAEjD,MAAM,GAAG,GAAG,SAAS,QAAQ,OAAO,CAAC;QACrC,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAc,GAAG,CAAC,IAAI,IAAI,GAAG,EAAU,CAAC;QAEtE,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;YACrB,KAAK,MAAM,KAAK,IAAI,OAAO;gBAAE,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnD,CAAC;aAAM,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,KAAK,MAAM,KAAK,IAAI,OAAO;gBAAE,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACtD,CAAC;QAED,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAC7B,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import { type RouteContext, notFound, parseJsonBody, parseListParams } from '../../core/index.js';\nimport { getWorkOSStore } from '../store.js';\nimport { formatRadarAttempt, formatListResponse } from '../helpers.js';\n\nexport function radarRoutes(ctx: RouteContext): void {\n const { app, store } = ctx;\n const ws = getWorkOSStore(store);\n\n // List attempts\n app.get('/radar/attempts', (c) => {\n const url = new URL(c.req.url);\n const params = parseListParams(url);\n const result = ws.radarAttempts.list({ ...params });\n return c.json(formatListResponse(result, formatRadarAttempt));\n });\n\n // Get attempt\n app.get('/radar/attempts/:id', (c) => {\n const attempt = ws.radarAttempts.get(c.req.param('id'));\n if (!attempt) throw notFound('RadarAttempt');\n return c.json(formatRadarAttempt(attempt));\n });\n\n // Manage allow/deny lists\n app.post('/radar/lists/:type/:action', async (c) => {\n const listType = c.req.param('type');\n const action = c.req.param('action');\n const body = await parseJsonBody(c);\n const entries = (body.entries as string[]) ?? [];\n\n const key = `radar_${listType}_list`;\n const existing = store.getData<Set<string>>(key) ?? new Set<string>();\n\n if (action === 'add') {\n for (const entry of entries) existing.add(entry);\n } else if (action === 'remove') {\n for (const entry of entries) existing.delete(entry);\n }\n\n store.setData(key, existing);\n return c.json({ success: true });\n });\n}\n"]}

package/dist/emulate/workos/routes/sessions.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { type RouteContext } from '../../core/index.js';
2	+ export declare function sessionRoutes(ctx: RouteContext): void;

package/dist/emulate/workos/routes/sessions.js ADDED Viewed

@@ -0,0 +1,51 @@
+import { notFound, parseJsonBody, WorkOSApiError } from '../../core/index.js';
+import { getWorkOSStore } from '../store.js';
+import { formatSession, assertLocalRedirectUri } from '../helpers.js';
+export function sessionRoutes(ctx) {
+    const { app, store, jwt } = ctx;
+    const ws = getWorkOSStore(store);
+    app.get('/user_management/users/:id/sessions', (c) => {
+        const user = ws.users.get(c.req.param('id'));
+        if (!user)
+            throw notFound('User');
+        const sessions = ws.sessions.findBy('user_id', user.id);
+        return c.json({
+            object: 'list',
+            data: sessions.map(formatSession),
+            list_metadata: { before: null, after: null },
+        });
+    });
+    app.post('/user_management/sessions/revoke', async (c) => {
+        const body = await parseJsonBody(c);
+        const sessionId = body.session_id;
+        if (!sessionId) {
+            throw new WorkOSApiError(400, 'session_id is required', 'invalid_request');
+        }
+        const session = ws.sessions.get(sessionId);
+        if (!session)
+            throw notFound('Session');
+        ws.sessions.delete(session.id);
+        return c.json({ success: true });
+    });
+    // Public endpoint — no auth required (security: [])
+    app.get('/user_management/sessions/logout', (c) => {
+        const url = new URL(c.req.url);
+        const sessionId = url.searchParams.get('session_id');
+        const returnTo = url.searchParams.get('return_to');
+        if (!sessionId) {
+            throw new WorkOSApiError(422, 'session_id is required', 'invalid_request');
+        }
+        const session = ws.sessions.get(sessionId);
+        if (session)
+            ws.sessions.delete(session.id);
+        if (returnTo) {
+            assertLocalRedirectUri(returnTo);
+            return c.redirect(returnTo);
+        }
+        return c.json({ success: true });
+    });
+    app.get('/user_management/sessions/jwks/:clientId', (c) => {
+        return c.json(jwt.getJWKS());
+    });
+}
+//# sourceMappingURL=sessions.js.map

package/dist/emulate/workos/routes/sessions.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sessions.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/sessions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,QAAQ,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACjG,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAEtE,MAAM,UAAU,aAAa,CAAC,GAAiB;IAC7C,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC;IAChC,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,GAAG,CAAC,GAAG,CAAC,qCAAqC,EAAE,CAAC,CAAC,EAAE,EAAE;QACnD,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;QAElC,MAAM,QAAQ,GAAG,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACxD,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,QAAQ,CAAC,GAAG,CAAC,aAAa,CAAC;YACjC,aAAa,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE;SAC7C,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,IAAI,CAAC,kCAAkC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvD,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,UAAgC,CAAC;QACxD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,wBAAwB,EAAE,iBAAiB,CAAC,CAAC;QAC7E,CAAC;QAED,MAAM,OAAO,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC3C,IAAI,CAAC,OAAO;YAAE,MAAM,QAAQ,CAAC,SAAS,CAAC,CAAC;QAExC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC/B,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;IAEH,oDAAoD;IACpD,GAAG,CAAC,GAAG,CAAC,kCAAkC,EAAE,CAAC,CAAC,EAAE,EAAE;QAChD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,SAAS,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACrD,MAAM,QAAQ,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAEnD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,wBAAwB,EAAE,iBAAiB,CAAC,CAAC;QAC7E,CAAC;QAED,MAAM,OAAO,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC3C,IAAI,OAAO;YAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAE5C,IAAI,QAAQ,EAAE,CAAC;YACb,sBAAsB,CAAC,QAAQ,CAAC,CAAC;YACjC,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAC9B,CAAC;QACD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,0CAA0C,EAAE,CAAC,CAAC,EAAE,EAAE;QACxD,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import { type RouteContext, notFound, parseJsonBody, WorkOSApiError } from '../../core/index.js';\nimport { getWorkOSStore } from '../store.js';\nimport { formatSession, assertLocalRedirectUri } from '../helpers.js';\n\nexport function sessionRoutes(ctx: RouteContext): void {\n const { app, store, jwt } = ctx;\n const ws = getWorkOSStore(store);\n\n app.get('/user_management/users/:id/sessions', (c) => {\n const user = ws.users.get(c.req.param('id'));\n if (!user) throw notFound('User');\n\n const sessions = ws.sessions.findBy('user_id', user.id);\n return c.json({\n object: 'list',\n data: sessions.map(formatSession),\n list_metadata: { before: null, after: null },\n });\n });\n\n app.post('/user_management/sessions/revoke', async (c) => {\n const body = await parseJsonBody(c);\n const sessionId = body.session_id as string | undefined;\n if (!sessionId) {\n throw new WorkOSApiError(400, 'session_id is required', 'invalid_request');\n }\n\n const session = ws.sessions.get(sessionId);\n if (!session) throw notFound('Session');\n\n ws.sessions.delete(session.id);\n return c.json({ success: true });\n });\n\n // Public endpoint — no auth required (security: [])\n app.get('/user_management/sessions/logout', (c) => {\n const url = new URL(c.req.url);\n const sessionId = url.searchParams.get('session_id');\n const returnTo = url.searchParams.get('return_to');\n\n if (!sessionId) {\n throw new WorkOSApiError(422, 'session_id is required', 'invalid_request');\n }\n\n const session = ws.sessions.get(sessionId);\n if (session) ws.sessions.delete(session.id);\n\n if (returnTo) {\n assertLocalRedirectUri(returnTo);\n return c.redirect(returnTo);\n }\n return c.json({ success: true });\n });\n\n app.get('/user_management/sessions/jwks/:clientId', (c) => {\n return c.json(jwt.getJWKS());\n });\n}\n"]}

package/dist/emulate/workos/routes/sso.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { type RouteContext } from '../../core/index.js';
2	+ export declare function ssoRoutes(ctx: RouteContext): void;

package/dist/emulate/workos/routes/sso.js ADDED Viewed

@@ -0,0 +1,161 @@
+import { parseJsonBody, WorkOSApiError, generateId } from '../../core/index.js';
+import { getWorkOSStore } from '../store.js';
+import { formatSSOProfile, expiresIn, isExpired, assertLocalRedirectUri } from '../helpers.js';
+import { STORE_KEY_PREFIXES } from '../constants.js';
+export function ssoRoutes(ctx) {
+    const { app, store, jwt } = ctx;
+    const ws = getWorkOSStore(store);
+    app.get('/sso/authorize', (c) => {
+        const url = new URL(c.req.url);
+        const redirectUri = url.searchParams.get('redirect_uri');
+        const state = url.searchParams.get('state');
+        const connectionId = url.searchParams.get('connection');
+        const organizationId = url.searchParams.get('organization');
+        const domainHint = url.searchParams.get('domain_hint');
+        const loginHint = url.searchParams.get('login_hint');
+        if (!redirectUri) {
+            throw new WorkOSApiError(400, 'Missing required parameter: redirect_uri', 'invalid_request');
+        }
+        assertLocalRedirectUri(redirectUri);
+        let connection;
+        if (connectionId) {
+            connection = ws.connections.get(connectionId);
+        }
+        else if (organizationId) {
+            connection = ws.connections.findBy('organization_id', organizationId).find((c) => c.state === 'active');
+        }
+        else if (domainHint) {
+            connection = ws.connections
+                .all()
+                .find((c) => c.state === 'active' && c.domains.some((d) => d.domain === domainHint));
+        }
+        if (!connection || connection.state !== 'active') {
+            throw new WorkOSApiError(404, 'No active connection found', 'connection_not_found');
+        }
+        const email = loginHint ?? `user@${connection.domains[0]?.domain ?? 'example.com'}`;
+        let profile = ws.ssoProfiles.findOneBy('email', email);
+        if (!profile || profile.connection_id !== connection.id) {
+            profile = ws.ssoProfiles.insert({
+                object: 'profile',
+                connection_id: connection.id,
+                connection_type: connection.connection_type,
+                organization_id: connection.organization_id,
+                idp_id: `idp_${generateId('usr')}`,
+                email,
+                first_name: email.split('@')[0],
+                last_name: null,
+                groups: [],
+                raw_attributes: { email },
+            });
+        }
+        const authCode = ws.ssoAuthorizations.insert({
+            code: generateId('sso_code'),
+            connection_id: connection.id,
+            organization_id: connection.organization_id,
+            profile_id: profile.id,
+            redirect_uri: redirectUri,
+            state,
+            expires_at: expiresIn(10),
+        });
+        const redirect = new URL(redirectUri);
+        redirect.searchParams.set('code', authCode.code);
+        if (state)
+            redirect.searchParams.set('state', state);
+        return c.redirect(redirect.toString());
+    });
+    app.post('/sso/token', async (c) => {
+        const body = await parseJsonBody(c);
+        const grantType = body.grant_type;
+        const code = body.code;
+        if (grantType !== 'authorization_code') {
+            throw new WorkOSApiError(400, 'Unsupported grant_type', 'invalid_request');
+        }
+        if (!code) {
+            throw new WorkOSApiError(400, 'code is required', 'invalid_request');
+        }
+        const auth = ws.ssoAuthorizations.findOneBy('code', code);
+        if (!auth) {
+            throw new WorkOSApiError(400, 'Invalid authorization code', 'invalid_code');
+        }
+        if (isExpired(auth.expires_at)) {
+            ws.ssoAuthorizations.delete(auth.id);
+            throw new WorkOSApiError(400, 'Authorization code has expired', 'expired_code');
+        }
+        const profile = ws.ssoProfiles.get(auth.profile_id);
+        if (!profile) {
+            throw new WorkOSApiError(500, 'Profile not found', 'server_error');
+        }
+        ws.ssoAuthorizations.delete(auth.id);
+        const accessToken = jwt.sign({
+            sub: profile.id,
+            aud: body.client_id ?? 'workos-emulate',
+            org_id: auth.organization_id,
+        });
+        store.setData(`${STORE_KEY_PREFIXES.ssoToken}${accessToken}`, profile.id);
+        return c.json({
+            profile: formatSSOProfile(profile),
+            access_token: accessToken,
+        });
+    });
+    app.get('/sso/profile', (c) => {
+        const authHeader = c.req.header('Authorization');
+        if (!authHeader) {
+            throw new WorkOSApiError(401, 'Unauthorized', 'unauthorized');
+        }
+        const token = authHeader.replace(/^Bearer\s+/i, '').trim();
+        const profileId = store.getData(`${STORE_KEY_PREFIXES.ssoToken}${token}`);
+        if (!profileId) {
+            try {
+                const payload = jwt.verify(token);
+                const profile = ws.ssoProfiles.get(payload.sub);
+                if (profile)
+                    return c.json(formatSSOProfile(profile));
+            }
+            catch {
+                // fall through
+            }
+            throw new WorkOSApiError(401, 'Invalid access token', 'unauthorized');
+        }
+        const profile = ws.ssoProfiles.get(profileId);
+        if (!profile) {
+            throw new WorkOSApiError(404, 'Profile not found', 'not_found');
+        }
+        return c.json(formatSSOProfile(profile));
+    });
+    app.get('/sso/jwks', (c) => {
+        return c.json(jwt.getJWKS());
+    });
+    // SSO Single Logout — generate logout token
+    app.post('/sso/logout/authorize', async (c) => {
+        const body = await parseJsonBody(c);
+        const profileId = body.profile_id;
+        if (!profileId) {
+            throw new WorkOSApiError(400, 'profile_id is required', 'invalid_request');
+        }
+        const profile = ws.ssoProfiles.get(profileId);
+        if (!profile) {
+            throw new WorkOSApiError(404, 'Profile not found', 'not_found');
+        }
+        const logoutToken = generateId('sso_logout');
+        store.setData(`${STORE_KEY_PREFIXES.ssoLogout}${logoutToken}`, profile.id);
+        return c.json({
+            logout_token: logoutToken,
+            logout_url: `${ctx.baseUrl}/sso/logout?logout_token=${logoutToken}`,
+        });
+    });
+    // SSO Single Logout — redirect (public, no auth)
+    app.get('/sso/logout', (c) => {
+        const url = new URL(c.req.url);
+        const logoutToken = url.searchParams.get('logout_token');
+        if (!logoutToken) {
+            throw new WorkOSApiError(400, 'logout_token is required', 'invalid_request');
+        }
+        const profileId = store.getData(`${STORE_KEY_PREFIXES.ssoLogout}${logoutToken}`);
+        if (!profileId) {
+            throw new WorkOSApiError(400, 'Invalid logout token', 'invalid_logout_token');
+        }
+        store.setData(`${STORE_KEY_PREFIXES.ssoLogout}${logoutToken}`, undefined);
+        return c.json({ success: true });
+    });
+}
+//# sourceMappingURL=sso.js.map

package/dist/emulate/workos/routes/sso.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sso.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/sso.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,aAAa,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACnG,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,gBAAgB,EAAE,SAAS,EAAE,SAAS,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAE/F,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAErD,MAAM,UAAU,SAAS,CAAC,GAAiB;IACzC,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC;IAChC,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,GAAG,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC,CAAC,EAAE,EAAE;QAC9B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,WAAW,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACzD,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAC5C,MAAM,YAAY,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACxD,MAAM,cAAc,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAC5D,MAAM,UAAU,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QACvD,MAAM,SAAS,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAErD,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,0CAA0C,EAAE,iBAAiB,CAAC,CAAC;QAC/F,CAAC;QACD,sBAAsB,CAAC,WAAW,CAAC,CAAC;QAEpC,IAAI,UAAwC,CAAC;QAE7C,IAAI,YAAY,EAAE,CAAC;YACjB,UAAU,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAChD,CAAC;aAAM,IAAI,cAAc,EAAE,CAAC;YAC1B,UAAU,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC;QAC1G,CAAC;aAAM,IAAI,UAAU,EAAE,CAAC;YACtB,UAAU,GAAG,EAAE,CAAC,WAAW;iBACxB,GAAG,EAAE;iBACL,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,QAAQ,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC;QACzF,CAAC;QAED,IAAI,CAAC,UAAU,IAAI,UAAU,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YACjD,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,4BAA4B,EAAE,sBAAsB,CAAC,CAAC;QACtF,CAAC;QAED,MAAM,KAAK,GAAG,SAAS,IAAI,QAAQ,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,MAAM,IAAI,aAAa,EAAE,CAAC;QACpF,IAAI,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACvD,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,aAAa,KAAK,UAAU,CAAC,EAAE,EAAE,CAAC;YACxD,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC;gBAC9B,MAAM,EAAE,SAAS;gBACjB,aAAa,EAAE,UAAU,CAAC,EAAE;gBAC5B,eAAe,EAAE,UAAU,CAAC,eAAe;gBAC3C,eAAe,EAAE,UAAU,CAAC,eAAe;gBAC3C,MAAM,EAAE,OAAO,UAAU,CAAC,KAAK,CAAC,EAAE;gBAClC,KAAK;gBACL,UAAU,EAAE,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC/B,SAAS,EAAE,IAAI;gBACf,MAAM,EAAE,EAAE;gBACV,cAAc,EAAE,EAAE,KAAK,EAAE;aAC1B,CAAC,CAAC;QACL,CAAC;QAED,MAAM,QAAQ,GAAG,EAAE,CAAC,iBAAiB,CAAC,MAAM,CAAC;YAC3C,IAAI,EAAE,UAAU,CAAC,UAAU,CAAC;YAC5B,aAAa,EAAE,UAAU,CAAC,EAAE;YAC5B,eAAe,EAAE,UAAU,CAAC,eAAe;YAC3C,UAAU,EAAE,OAAO,CAAC,EAAE;YACtB,YAAY,EAAE,WAAW;YACzB,KAAK;YACL,UAAU,EAAE,SAAS,CAAC,EAAE,CAAC;SAC1B,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;QACtC,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;QACjD,IAAI,KAAK;YAAE,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACrD,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACjC,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,UAAoB,CAAC;QAC5C,MAAM,IAAI,GAAG,IAAI,CAAC,IAAc,CAAC;QAEjC,IAAI,SAAS,KAAK,oBAAoB,EAAE,CAAC;YACvC,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,wBAAwB,EAAE,iBAAiB,CAAC,CAAC;QAC7E,CAAC;QACD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;QACvE,CAAC;QAED,MAAM,IAAI,GAAG,EAAE,CAAC,iBAAiB,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC1D,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,4BAA4B,EAAE,cAAc,CAAC,CAAC;QAC9E,CAAC;QACD,IAAI,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YAC/B,EAAE,CAAC,iBAAiB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACrC,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,gCAAgC,EAAE,cAAc,CAAC,CAAC;QAClF,CAAC;QAED,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACpD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,mBAAmB,EAAE,cAAc,CAAC,CAAC;QACrE,CAAC;QAED,EAAE,CAAC,iBAAiB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAErC,MAAM,WAAW,GAAG,GAAG,CAAC,IAAI,CAAC;YAC3B,GAAG,EAAE,OAAO,CAAC,EAAE;YACf,GAAG,EAAG,IAAI,CAAC,SAAoB,IAAI,gBAAgB;YACnD,MAAM,EAAE,IAAI,CAAC,eAAe;SAC7B,CAAC,CAAC;QAEH,KAAK,CAAC,OAAO,CAAC,GAAG,kBAAkB,CAAC,QAAQ,GAAG,WAAW,EAAE,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;QAE1E,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,gBAAgB,CAAC,OAAO,CAAC;YAClC,YAAY,EAAE,WAAW;SAC1B,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC,CAAC,EAAE,EAAE;QAC5B,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,cAAc,EAAE,cAAc,CAAC,CAAC;QAChE,CAAC;QACD,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAE3D,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAS,GAAG,kBAAkB,CAAC,QAAQ,GAAG,KAAK,EAAE,CAAC,CAAC;QAClF,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAClC,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBAChD,IAAI,OAAO;oBAAE,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;YACxD,CAAC;YAAC,MAAM,CAAC;gBACP,eAAe;YACjB,CAAC;YACD,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,sBAAsB,EAAE,cAAc,CAAC,CAAC;QACxE,CAAC;QAED,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC9C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,mBAAmB,EAAE,WAAW,CAAC,CAAC;QAClE,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,EAAE;QACzB,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,4CAA4C;IAC5C,GAAG,CAAC,IAAI,CAAC,uBAAuB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC5C,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,UAAoB,CAAC;QAC5C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,wBAAwB,EAAE,iBAAiB,CAAC,CAAC;QAC7E,CAAC;QAED,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC9C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,mBAAmB,EAAE,WAAW,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,WAAW,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;QAC7C,KAAK,CAAC,OAAO,CAAC,GAAG,kBAAkB,CAAC,SAAS,GAAG,WAAW,EAAE,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;QAE3E,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,YAAY,EAAE,WAAW;YACzB,UAAU,EAAE,GAAG,GAAG,CAAC,OAAO,4BAA4B,WAAW,EAAE;SACpE,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,iDAAiD;IACjD,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,CAAC,EAAE,EAAE;QAC3B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,WAAW,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAEzD,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,0BAA0B,EAAE,iBAAiB,CAAC,CAAC;QAC/E,CAAC;QAED,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAS,GAAG,kBAAkB,CAAC,SAAS,GAAG,WAAW,EAAE,CAAC,CAAC;QACzF,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,sBAAsB,EAAE,sBAAsB,CAAC,CAAC;QAChF,CAAC;QAED,KAAK,CAAC,OAAO,CAAC,GAAG,kBAAkB,CAAC,SAAS,GAAG,WAAW,EAAE,EAAE,SAAS,CAAC,CAAC;QAC1E,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import { type RouteContext, parseJsonBody, WorkOSApiError, generateId } from '../../core/index.js';\nimport { getWorkOSStore } from '../store.js';\nimport { formatSSOProfile, expiresIn, isExpired, assertLocalRedirectUri } from '../helpers.js';\nimport type { WorkOSConnection } from '../entities.js';\nimport { STORE_KEY_PREFIXES } from '../constants.js';\n\nexport function ssoRoutes(ctx: RouteContext): void {\n const { app, store, jwt } = ctx;\n const ws = getWorkOSStore(store);\n\n app.get('/sso/authorize', (c) => {\n const url = new URL(c.req.url);\n const redirectUri = url.searchParams.get('redirect_uri');\n const state = url.searchParams.get('state');\n const connectionId = url.searchParams.get('connection');\n const organizationId = url.searchParams.get('organization');\n const domainHint = url.searchParams.get('domain_hint');\n const loginHint = url.searchParams.get('login_hint');\n\n if (!redirectUri) {\n throw new WorkOSApiError(400, 'Missing required parameter: redirect_uri', 'invalid_request');\n }\n assertLocalRedirectUri(redirectUri);\n\n let connection: WorkOSConnection | undefined;\n\n if (connectionId) {\n connection = ws.connections.get(connectionId);\n } else if (organizationId) {\n connection = ws.connections.findBy('organization_id', organizationId).find((c) => c.state === 'active');\n } else if (domainHint) {\n connection = ws.connections\n .all()\n .find((c) => c.state === 'active' && c.domains.some((d) => d.domain === domainHint));\n }\n\n if (!connection || connection.state !== 'active') {\n throw new WorkOSApiError(404, 'No active connection found', 'connection_not_found');\n }\n\n const email = loginHint ?? `user@${connection.domains[0]?.domain ?? 'example.com'}`;\n let profile = ws.ssoProfiles.findOneBy('email', email);\n if (!profile || profile.connection_id !== connection.id) {\n profile = ws.ssoProfiles.insert({\n object: 'profile',\n connection_id: connection.id,\n connection_type: connection.connection_type,\n organization_id: connection.organization_id,\n idp_id: `idp_${generateId('usr')}`,\n email,\n first_name: email.split('@')[0],\n last_name: null,\n groups: [],\n raw_attributes: { email },\n });\n }\n\n const authCode = ws.ssoAuthorizations.insert({\n code: generateId('sso_code'),\n connection_id: connection.id,\n organization_id: connection.organization_id,\n profile_id: profile.id,\n redirect_uri: redirectUri,\n state,\n expires_at: expiresIn(10),\n });\n\n const redirect = new URL(redirectUri);\n redirect.searchParams.set('code', authCode.code);\n if (state) redirect.searchParams.set('state', state);\n return c.redirect(redirect.toString());\n });\n\n app.post('/sso/token', async (c) => {\n const body = await parseJsonBody(c);\n const grantType = body.grant_type as string;\n const code = body.code as string;\n\n if (grantType !== 'authorization_code') {\n throw new WorkOSApiError(400, 'Unsupported grant_type', 'invalid_request');\n }\n if (!code) {\n throw new WorkOSApiError(400, 'code is required', 'invalid_request');\n }\n\n const auth = ws.ssoAuthorizations.findOneBy('code', code);\n if (!auth) {\n throw new WorkOSApiError(400, 'Invalid authorization code', 'invalid_code');\n }\n if (isExpired(auth.expires_at)) {\n ws.ssoAuthorizations.delete(auth.id);\n throw new WorkOSApiError(400, 'Authorization code has expired', 'expired_code');\n }\n\n const profile = ws.ssoProfiles.get(auth.profile_id);\n if (!profile) {\n throw new WorkOSApiError(500, 'Profile not found', 'server_error');\n }\n\n ws.ssoAuthorizations.delete(auth.id);\n\n const accessToken = jwt.sign({\n sub: profile.id,\n aud: (body.client_id as string) ?? 'workos-emulate',\n org_id: auth.organization_id,\n });\n\n store.setData(`${STORE_KEY_PREFIXES.ssoToken}${accessToken}`, profile.id);\n\n return c.json({\n profile: formatSSOProfile(profile),\n access_token: accessToken,\n });\n });\n\n app.get('/sso/profile', (c) => {\n const authHeader = c.req.header('Authorization');\n if (!authHeader) {\n throw new WorkOSApiError(401, 'Unauthorized', 'unauthorized');\n }\n const token = authHeader.replace(/^Bearer\\s+/i, '').trim();\n\n const profileId = store.getData<string>(`${STORE_KEY_PREFIXES.ssoToken}${token}`);\n if (!profileId) {\n try {\n const payload = jwt.verify(token);\n const profile = ws.ssoProfiles.get(payload.sub);\n if (profile) return c.json(formatSSOProfile(profile));\n } catch {\n // fall through\n }\n throw new WorkOSApiError(401, 'Invalid access token', 'unauthorized');\n }\n\n const profile = ws.ssoProfiles.get(profileId);\n if (!profile) {\n throw new WorkOSApiError(404, 'Profile not found', 'not_found');\n }\n\n return c.json(formatSSOProfile(profile));\n });\n\n app.get('/sso/jwks', (c) => {\n return c.json(jwt.getJWKS());\n });\n\n // SSO Single Logout — generate logout token\n app.post('/sso/logout/authorize', async (c) => {\n const body = await parseJsonBody(c);\n const profileId = body.profile_id as string;\n if (!profileId) {\n throw new WorkOSApiError(400, 'profile_id is required', 'invalid_request');\n }\n\n const profile = ws.ssoProfiles.get(profileId);\n if (!profile) {\n throw new WorkOSApiError(404, 'Profile not found', 'not_found');\n }\n\n const logoutToken = generateId('sso_logout');\n store.setData(`${STORE_KEY_PREFIXES.ssoLogout}${logoutToken}`, profile.id);\n\n return c.json({\n logout_token: logoutToken,\n logout_url: `${ctx.baseUrl}/sso/logout?logout_token=${logoutToken}`,\n });\n });\n\n // SSO Single Logout — redirect (public, no auth)\n app.get('/sso/logout', (c) => {\n const url = new URL(c.req.url);\n const logoutToken = url.searchParams.get('logout_token');\n\n if (!logoutToken) {\n throw new WorkOSApiError(400, 'logout_token is required', 'invalid_request');\n }\n\n const profileId = store.getData<string>(`${STORE_KEY_PREFIXES.ssoLogout}${logoutToken}`);\n if (!profileId) {\n throw new WorkOSApiError(400, 'Invalid logout token', 'invalid_logout_token');\n }\n\n store.setData(`${STORE_KEY_PREFIXES.ssoLogout}${logoutToken}`, undefined);\n return c.json({ success: true });\n });\n}\n"]}

package/dist/emulate/workos/routes/user-features.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { type RouteContext } from '../../core/index.js';
2	+ export declare function userFeatureRoutes(ctx: RouteContext): void;

package/dist/emulate/workos/routes/user-features.js ADDED Viewed

@@ -0,0 +1,50 @@
+import { notFound } from '../../core/index.js';
+import { getWorkOSStore } from '../store.js';
+import { formatAuthorizedApplication, formatConnectedAccount, formatPipeConnection } from '../helpers.js';
+export function userFeatureRoutes(ctx) {
+    const { app, store } = ctx;
+    const ws = getWorkOSStore(store);
+    app.get('/user_management/users/:user_id/authorized_applications', (c) => {
+        const user = ws.users.get(c.req.param('user_id'));
+        if (!user)
+            throw notFound('User');
+        const apps = ws.authorizedApplications.findBy('user_id', user.id);
+        return c.json({
+            object: 'list',
+            data: apps.map(formatAuthorizedApplication),
+            list_metadata: { before: null, after: null },
+        });
+    });
+    app.delete('/user_management/users/:user_id/authorized_applications/:application_id', (c) => {
+        const user = ws.users.get(c.req.param('user_id'));
+        if (!user)
+            throw notFound('User');
+        const appItem = ws.authorizedApplications.get(c.req.param('application_id'));
+        if (!appItem || appItem.user_id !== user.id)
+            throw notFound('Authorized Application');
+        ws.authorizedApplications.delete(appItem.id);
+        return c.body(null, 204);
+    });
+    app.get('/user_management/users/:user_id/connected_accounts/:slug', (c) => {
+        const user = ws.users.get(c.req.param('user_id'));
+        if (!user)
+            throw notFound('User');
+        const slug = c.req.param('slug');
+        const account = ws.connectedAccounts.findBy('user_id', user.id).find((a) => a.provider === slug);
+        if (!account)
+            throw notFound('Connected Account');
+        return c.json(formatConnectedAccount(account));
+    });
+    app.get('/user_management/users/:user_id/data_providers', (c) => {
+        const user = ws.users.get(c.req.param('user_id'));
+        if (!user)
+            throw notFound('User');
+        const pipes = ws.pipeConnections.findBy('user_id', user.id);
+        return c.json({
+            object: 'list',
+            data: pipes.map(formatPipeConnection),
+            list_metadata: { before: null, after: null },
+        });
+    });
+}
+//# sourceMappingURL=user-features.js.map

package/dist/emulate/workos/routes/user-features.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user-features.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/user-features.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAClE,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,2BAA2B,EAAE,sBAAsB,EAAE,oBAAoB,EAAE,MAAM,eAAe,CAAC;AAE1G,MAAM,UAAU,iBAAiB,CAAC,GAAiB;IACjD,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC;IAC3B,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,GAAG,CAAC,GAAG,CAAC,yDAAyD,EAAE,CAAC,CAAC,EAAE,EAAE;QACvE,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QAClD,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;QAElC,MAAM,IAAI,GAAG,EAAE,CAAC,sBAAsB,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAClE,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,GAAG,CAAC,2BAA2B,CAAC;YAC3C,aAAa,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE;SAC7C,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,MAAM,CAAC,yEAAyE,EAAE,CAAC,CAAC,EAAE,EAAE;QAC1F,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QAClD,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;QAElC,MAAM,OAAO,GAAG,EAAE,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC;QAC7E,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,OAAO,KAAK,IAAI,CAAC,EAAE;YAAE,MAAM,QAAQ,CAAC,wBAAwB,CAAC,CAAC;QAEtF,EAAE,CAAC,sBAAsB,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC7C,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,0DAA0D,EAAE,CAAC,CAAC,EAAE,EAAE;QACxE,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QAClD,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;QAElC,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,OAAO,GAAG,EAAE,CAAC,iBAAiB,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,CAAC;QAEjG,IAAI,CAAC,OAAO;YAAE,MAAM,QAAQ,CAAC,mBAAmB,CAAC,CAAC;QAClD,OAAO,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,gDAAgD,EAAE,CAAC,CAAC,EAAE,EAAE;QAC9D,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QAClD,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;QAElC,MAAM,KAAK,GAAG,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAC5D,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,KAAK,CAAC,GAAG,CAAC,oBAAoB,CAAC;YACrC,aAAa,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE;SAC7C,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import { type RouteContext, notFound } from '../../core/index.js';\nimport { getWorkOSStore } from '../store.js';\nimport { formatAuthorizedApplication, formatConnectedAccount, formatPipeConnection } from '../helpers.js';\n\nexport function userFeatureRoutes(ctx: RouteContext): void {\n const { app, store } = ctx;\n const ws = getWorkOSStore(store);\n\n app.get('/user_management/users/:user_id/authorized_applications', (c) => {\n const user = ws.users.get(c.req.param('user_id'));\n if (!user) throw notFound('User');\n\n const apps = ws.authorizedApplications.findBy('user_id', user.id);\n return c.json({\n object: 'list',\n data: apps.map(formatAuthorizedApplication),\n list_metadata: { before: null, after: null },\n });\n });\n\n app.delete('/user_management/users/:user_id/authorized_applications/:application_id', (c) => {\n const user = ws.users.get(c.req.param('user_id'));\n if (!user) throw notFound('User');\n\n const appItem = ws.authorizedApplications.get(c.req.param('application_id'));\n if (!appItem || appItem.user_id !== user.id) throw notFound('Authorized Application');\n\n ws.authorizedApplications.delete(appItem.id);\n return c.body(null, 204);\n });\n\n app.get('/user_management/users/:user_id/connected_accounts/:slug', (c) => {\n const user = ws.users.get(c.req.param('user_id'));\n if (!user) throw notFound('User');\n\n const slug = c.req.param('slug');\n const account = ws.connectedAccounts.findBy('user_id', user.id).find((a) => a.provider === slug);\n\n if (!account) throw notFound('Connected Account');\n return c.json(formatConnectedAccount(account));\n });\n\n app.get('/user_management/users/:user_id/data_providers', (c) => {\n const user = ws.users.get(c.req.param('user_id'));\n if (!user) throw notFound('User');\n\n const pipes = ws.pipeConnections.findBy('user_id', user.id);\n return c.json({\n object: 'list',\n data: pipes.map(formatPipeConnection),\n list_metadata: { before: null, after: null },\n });\n });\n}\n"]}

package/dist/emulate/workos/routes/users.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { type RouteContext } from '../../core/index.js';
2	+ export declare function userRoutes(ctx: RouteContext): void;

package/dist/emulate/workos/routes/users.js ADDED Viewed

@@ -0,0 +1,129 @@
+import { notFound, validationError, parseJsonBody, WorkOSApiError, parseListParams, } from '../../core/index.js';
+import { getWorkOSStore } from '../store.js';
+import { formatUser, formatIdentity, hashPassword, formatListResponse } from '../helpers.js';
+export function userRoutes(ctx) {
+    const { app, store } = ctx;
+    const ws = getWorkOSStore(store);
+    app.post('/user_management/users', async (c) => {
+        const body = await parseJsonBody(c);
+        const email = body.email;
+        if (!email) {
+            throw validationError('email is required', [{ field: 'email', code: 'required' }]);
+        }
+        const existing = ws.users.findOneBy('email', email);
+        if (existing) {
+            throw new WorkOSApiError(409, 'A user with this email already exists', 'user_already_exists');
+        }
+        const password = body.password;
+        const user = ws.users.insert({
+            object: 'user',
+            email,
+            first_name: body.first_name ?? null,
+            last_name: body.last_name ?? null,
+            email_verified: body.email_verified ?? false,
+            profile_picture_url: null,
+            last_sign_in_at: null,
+            external_id: body.external_id ?? null,
+            metadata: body.metadata ?? {},
+            locale: null,
+            password_hash: password ? hashPassword(password) : null,
+            impersonator: null,
+        });
+        return c.json(formatUser(user), 201);
+    });
+    app.get('/user_management/users', (c) => {
+        const url = new URL(c.req.url);
+        const params = parseListParams(url);
+        const emailFilter = url.searchParams.get('email') ?? undefined;
+        const orgFilter = url.searchParams.get('organization_id') ?? undefined;
+        let orgUserIds;
+        if (orgFilter) {
+            orgUserIds = new Set(ws.organizationMemberships.findBy('organization_id', orgFilter).map((m) => m.user_id));
+        }
+        const result = ws.users.list({
+            ...params,
+            filter: (user) => {
+                if (emailFilter && user.email !== emailFilter)
+                    return false;
+                if (orgUserIds && !orgUserIds.has(user.id))
+                    return false;
+                return true;
+            },
+        });
+        return c.json(formatListResponse(result, formatUser));
+    });
+    app.get('/user_management/users/:id', (c) => {
+        const user = ws.users.get(c.req.param('id'));
+        if (!user)
+            throw notFound('User');
+        return c.json(formatUser(user));
+    });
+    app.get('/user_management/users/external_id/:external_id', (c) => {
+        const user = ws.users.findOneBy('external_id', c.req.param('external_id'));
+        if (!user)
+            throw notFound('User');
+        return c.json(formatUser(user));
+    });
+    app.put('/user_management/users/:id', async (c) => {
+        const user = ws.users.get(c.req.param('id'));
+        if (!user)
+            throw notFound('User');
+        const body = await parseJsonBody(c);
+        const updates = {};
+        if ('first_name' in body)
+            updates.first_name = body.first_name ?? null;
+        if ('last_name' in body)
+            updates.last_name = body.last_name ?? null;
+        if ('email_verified' in body)
+            updates.email_verified = body.email_verified;
+        if ('external_id' in body)
+            updates.external_id = body.external_id ?? null;
+        if ('metadata' in body)
+            updates.metadata = body.metadata ?? {};
+        if ('password' in body && body.password) {
+            updates.password_hash = hashPassword(body.password);
+        }
+        const updated = ws.users.update(user.id, updates);
+        return c.json(formatUser(updated));
+    });
+    app.delete('/user_management/users/:id', (c) => {
+        const user = ws.users.get(c.req.param('id'));
+        if (!user)
+            throw notFound('User');
+        for (const s of ws.sessions.findBy('user_id', user.id)) {
+            ws.sessions.delete(s.id);
+        }
+        for (const m of ws.organizationMemberships.findBy('user_id', user.id)) {
+            ws.organizationMemberships.delete(m.id);
+        }
+        for (const f of ws.authFactors.findBy('user_id', user.id)) {
+            ws.authFactors.delete(f.id);
+        }
+        for (const i of ws.identities.findBy('user_id', user.id)) {
+            ws.identities.delete(i.id);
+        }
+        for (const pr of ws.passwordResets.findBy('user_id', user.id)) {
+            ws.passwordResets.delete(pr.id);
+        }
+        for (const ev of ws.emailVerifications.findBy('user_id', user.id)) {
+            ws.emailVerifications.delete(ev.id);
+        }
+        for (const ma of ws.magicAuths.findBy('user_id', user.id)) {
+            ws.magicAuths.delete(ma.id);
+        }
+        ws.users.delete(user.id);
+        return c.body(null, 204);
+    });
+    app.get('/user_management/users/:id/identities', (c) => {
+        const user = ws.users.get(c.req.param('id'));
+        if (!user)
+            throw notFound('User');
+        const identities = ws.identities.findBy('user_id', user.id);
+        return c.json({
+            object: 'list',
+            data: identities.map(formatIdentity),
+            list_metadata: { before: null, after: null },
+        });
+    });
+}
+//# sourceMappingURL=users.js.map

package/dist/emulate/workos/routes/users.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"users.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/users.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,QAAQ,EACR,eAAe,EACf,aAAa,EACb,cAAc,EACd,eAAe,GAChB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAE7F,MAAM,UAAU,UAAU,CAAC,GAAiB;IAC1C,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC;IAC3B,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,GAAG,CAAC,IAAI,CAAC,wBAAwB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC7C,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,KAAK,GAAG,IAAI,CAAC,KAA2B,CAAC;QAC/C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,eAAe,CAAC,mBAAmB,EAAE,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;QACrF,CAAC;QAED,MAAM,QAAQ,GAAG,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACpD,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,IAAI,cAAc,CAAC,GAAG,EAAE,uCAAuC,EAAE,qBAAqB,CAAC,CAAC;QAChG,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,CAAC,QAA8B,CAAC;QACrD,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC;YAC3B,MAAM,EAAE,MAAM;YACd,KAAK;YACL,UAAU,EAAG,IAAI,CAAC,UAAqB,IAAI,IAAI;YAC/C,SAAS,EAAG,IAAI,CAAC,SAAoB,IAAI,IAAI;YAC7C,cAAc,EAAG,IAAI,CAAC,cAA0B,IAAI,KAAK;YACzD,mBAAmB,EAAE,IAAI;YACzB,eAAe,EAAE,IAAI;YACrB,WAAW,EAAG,IAAI,CAAC,WAAsB,IAAI,IAAI;YACjD,QAAQ,EAAG,IAAI,CAAC,QAAmC,IAAI,EAAE;YACzD,MAAM,EAAE,IAAI;YACZ,aAAa,EAAE,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI;YACvD,YAAY,EAAE,IAAI;SACnB,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,wBAAwB,EAAE,CAAC,CAAC,EAAE,EAAE;QACtC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QACpC,MAAM,WAAW,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;QAC/D,MAAM,SAAS,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,SAAS,CAAC;QAEvE,IAAI,UAAmC,CAAC;QACxC,IAAI,SAAS,EAAE,CAAC;YACd,UAAU,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,uBAAuB,CAAC,MAAM,CAAC,iBAAiB,EAAE,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;QAC9G,CAAC;QAED,MAAM,MAAM,GAAG,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC;YAC3B,GAAG,MAAM;YACT,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBACf,IAAI,WAAW,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW;oBAAE,OAAO,KAAK,CAAC;gBAC5D,IAAI,UAAU,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;oBAAE,OAAO,KAAK,CAAC;gBACzD,OAAO,IAAI,CAAC;YACd,CAAC;SACF,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC,CAAC,EAAE,EAAE;QAC1C,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;QAClC,OAAO,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,iDAAiD,EAAE,CAAC,CAAC,EAAE,EAAE;QAC/D,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC;QAC3E,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;QAClC,OAAO,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,4BAA4B,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAChD,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;QAElC,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,OAAO,GAA4B,EAAE,CAAC;QAE5C,IAAI,YAAY,IAAI,IAAI;YAAE,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC;QACvE,IAAI,WAAW,IAAI,IAAI;YAAE,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC;QACpE,IAAI,gBAAgB,IAAI,IAAI;YAAE,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC;QAC3E,IAAI,aAAa,IAAI,IAAI;YAAE,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC;QAC1E,IAAI,UAAU,IAAI,IAAI;YAAE,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC;QAC/D,IAAI,UAAU,IAAI,IAAI,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACxC,OAAO,CAAC,aAAa,GAAG,YAAY,CAAC,IAAI,CAAC,QAAkB,CAAC,CAAC;QAChE,CAAC;QAED,MAAM,OAAO,GAAG,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QAClD,OAAO,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,OAAQ,CAAC,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,MAAM,CAAC,4BAA4B,EAAE,CAAC,CAAC,EAAE,EAAE;QAC7C,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;QAElC,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;YACvD,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC3B,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,uBAAuB,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;YACtE,EAAE,CAAC,uBAAuB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC1C,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;YAC1D,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC9B,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;YACzD,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC7B,CAAC;QACD,KAAK,MAAM,EAAE,IAAI,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;YAC9D,EAAE,CAAC,cAAc,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAClC,CAAC;QACD,KAAK,MAAM,EAAE,IAAI,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;YAClE,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QACtC,CAAC;QACD,KAAK,MAAM,EAAE,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;YAC1D,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAC9B,CAAC;QAED,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACzB,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,uCAAuC,EAAE,CAAC,CAAC,EAAE,EAAE;QACrD,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;QAElC,MAAM,UAAU,GAAG,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAC5D,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC;YACpC,aAAa,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE;SAC7C,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import {\n type RouteContext,\n notFound,\n validationError,\n parseJsonBody,\n WorkOSApiError,\n parseListParams,\n} from '../../core/index.js';\nimport { getWorkOSStore } from '../store.js';\nimport { formatUser, formatIdentity, hashPassword, formatListResponse } from '../helpers.js';\n\nexport function userRoutes(ctx: RouteContext): void {\n const { app, store } = ctx;\n const ws = getWorkOSStore(store);\n\n app.post('/user_management/users', async (c) => {\n const body = await parseJsonBody(c);\n const email = body.email as string | undefined;\n if (!email) {\n throw validationError('email is required', [{ field: 'email', code: 'required' }]);\n }\n\n const existing = ws.users.findOneBy('email', email);\n if (existing) {\n throw new WorkOSApiError(409, 'A user with this email already exists', 'user_already_exists');\n }\n\n const password = body.password as string | undefined;\n const user = ws.users.insert({\n object: 'user',\n email,\n first_name: (body.first_name as string) ?? null,\n last_name: (body.last_name as string) ?? null,\n email_verified: (body.email_verified as boolean) ?? false,\n profile_picture_url: null,\n last_sign_in_at: null,\n external_id: (body.external_id as string) ?? null,\n metadata: (body.metadata as Record<string, string>) ?? {},\n locale: null,\n password_hash: password ? hashPassword(password) : null,\n impersonator: null,\n });\n\n return c.json(formatUser(user), 201);\n });\n\n app.get('/user_management/users', (c) => {\n const url = new URL(c.req.url);\n const params = parseListParams(url);\n const emailFilter = url.searchParams.get('email') ?? undefined;\n const orgFilter = url.searchParams.get('organization_id') ?? undefined;\n\n let orgUserIds: Set<string> | undefined;\n if (orgFilter) {\n orgUserIds = new Set(ws.organizationMemberships.findBy('organization_id', orgFilter).map((m) => m.user_id));\n }\n\n const result = ws.users.list({\n ...params,\n filter: (user) => {\n if (emailFilter && user.email !== emailFilter) return false;\n if (orgUserIds && !orgUserIds.has(user.id)) return false;\n return true;\n },\n });\n\n return c.json(formatListResponse(result, formatUser));\n });\n\n app.get('/user_management/users/:id', (c) => {\n const user = ws.users.get(c.req.param('id'));\n if (!user) throw notFound('User');\n return c.json(formatUser(user));\n });\n\n app.get('/user_management/users/external_id/:external_id', (c) => {\n const user = ws.users.findOneBy('external_id', c.req.param('external_id'));\n if (!user) throw notFound('User');\n return c.json(formatUser(user));\n });\n\n app.put('/user_management/users/:id', async (c) => {\n const user = ws.users.get(c.req.param('id'));\n if (!user) throw notFound('User');\n\n const body = await parseJsonBody(c);\n const updates: Record<string, unknown> = {};\n\n if ('first_name' in body) updates.first_name = body.first_name ?? null;\n if ('last_name' in body) updates.last_name = body.last_name ?? null;\n if ('email_verified' in body) updates.email_verified = body.email_verified;\n if ('external_id' in body) updates.external_id = body.external_id ?? null;\n if ('metadata' in body) updates.metadata = body.metadata ?? {};\n if ('password' in body && body.password) {\n updates.password_hash = hashPassword(body.password as string);\n }\n\n const updated = ws.users.update(user.id, updates);\n return c.json(formatUser(updated!));\n });\n\n app.delete('/user_management/users/:id', (c) => {\n const user = ws.users.get(c.req.param('id'));\n if (!user) throw notFound('User');\n\n for (const s of ws.sessions.findBy('user_id', user.id)) {\n ws.sessions.delete(s.id);\n }\n for (const m of ws.organizationMemberships.findBy('user_id', user.id)) {\n ws.organizationMemberships.delete(m.id);\n }\n for (const f of ws.authFactors.findBy('user_id', user.id)) {\n ws.authFactors.delete(f.id);\n }\n for (const i of ws.identities.findBy('user_id', user.id)) {\n ws.identities.delete(i.id);\n }\n for (const pr of ws.passwordResets.findBy('user_id', user.id)) {\n ws.passwordResets.delete(pr.id);\n }\n for (const ev of ws.emailVerifications.findBy('user_id', user.id)) {\n ws.emailVerifications.delete(ev.id);\n }\n for (const ma of ws.magicAuths.findBy('user_id', user.id)) {\n ws.magicAuths.delete(ma.id);\n }\n\n ws.users.delete(user.id);\n return c.body(null, 204);\n });\n\n app.get('/user_management/users/:id/identities', (c) => {\n const user = ws.users.get(c.req.param('id'));\n if (!user) throw notFound('User');\n\n const identities = ws.identities.findBy('user_id', user.id);\n return c.json({\n object: 'list',\n data: identities.map(formatIdentity),\n list_metadata: { before: null, after: null },\n });\n });\n}\n"]}

package/dist/emulate/workos/routes/webhook-endpoints.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { type RouteContext } from '../../core/index.js';
2	+ export declare function webhookEndpointRoutes(ctx: RouteContext): void;

package/dist/emulate/workos/routes/webhook-endpoints.js ADDED Viewed

@@ -0,0 +1,66 @@
+import { randomBytes } from 'node:crypto';
+import { notFound, validationError, parseJsonBody, parseListParams } from '../../core/index.js';
+import { getWorkOSStore } from '../store.js';
+import { formatWebhookEndpoint, formatListResponse } from '../helpers.js';
+export function webhookEndpointRoutes(ctx) {
+    const { app, store } = ctx;
+    const ws = getWorkOSStore(store);
+    app.post('/webhook_endpoints', async (c) => {
+        const body = await parseJsonBody(c);
+        const url = body.url;
+        if (!url || typeof url !== 'string') {
+            throw validationError('URL is required', [{ field: 'url', code: 'required' }]);
+        }
+        const secret = body.secret ?? randomBytes(32).toString('hex');
+        const endpoint = ws.webhookEndpoints.insert({
+            object: 'webhook_endpoint',
+            url,
+            secret,
+            enabled: body.enabled !== false,
+            events: Array.isArray(body.events) ? body.events : [],
+            description: body.description ?? null,
+        });
+        return c.json(formatWebhookEndpoint(endpoint, { includeSecret: true }), 201);
+    });
+    app.get('/webhook_endpoints', (c) => {
+        const url = new URL(c.req.url);
+        const params = parseListParams(url);
+        const result = ws.webhookEndpoints.list(params);
+        return c.json(formatListResponse(result, (ep) => formatWebhookEndpoint(ep)));
+    });
+    app.get('/webhook_endpoints/:id', (c) => {
+        const ep = ws.webhookEndpoints.get(c.req.param('id'));
+        if (!ep)
+            throw notFound('WebhookEndpoint');
+        return c.json(formatWebhookEndpoint(ep));
+    });
+    app.put('/webhook_endpoints/:id', async (c) => {
+        const ep = ws.webhookEndpoints.get(c.req.param('id'));
+        if (!ep)
+            throw notFound('WebhookEndpoint');
+        const body = await parseJsonBody(c);
+        const updates = {};
+        if ('url' in body) {
+            if (!body.url || typeof body.url !== 'string') {
+                throw validationError('URL is required', [{ field: 'url', code: 'required' }]);
+            }
+            updates.url = body.url;
+        }
+        if ('enabled' in body)
+            updates.enabled = !!body.enabled;
+        if ('events' in body)
+            updates.events = Array.isArray(body.events) ? body.events : [];
+        if ('description' in body)
+            updates.description = body.description ?? null;
+        const updated = ws.webhookEndpoints.update(ep.id, updates);
+        return c.json(formatWebhookEndpoint(updated));
+    });
+    app.delete('/webhook_endpoints/:id', (c) => {
+        const ep = ws.webhookEndpoints.get(c.req.param('id'));
+        if (!ep)
+            throw notFound('WebhookEndpoint');
+        ws.webhookEndpoints.delete(ep.id);
+        return c.body(null, 204);
+    });
+}
+//# sourceMappingURL=webhook-endpoints.js.map

package/dist/emulate/workos/routes/webhook-endpoints.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"webhook-endpoints.js","sourceRoot":"","sources":["../../../../src/emulate/workos/routes/webhook-endpoints.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAqB,QAAQ,EAAE,eAAe,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACnH,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAE1E,MAAM,UAAU,qBAAqB,CAAC,GAAiB;IACrD,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,GAAG,CAAC;IAC3B,MAAM,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAEjC,GAAG,CAAC,IAAI,CAAC,oBAAoB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACzC,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAyB,CAAC;QAC3C,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACpC,MAAM,eAAe,CAAC,iBAAiB,EAAE,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;QACjF,CAAC;QAED,MAAM,MAAM,GAAI,IAAI,CAAC,MAAiB,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAE1E,MAAM,QAAQ,GAAG,EAAE,CAAC,gBAAgB,CAAC,MAAM,CAAC;YAC1C,MAAM,EAAE,kBAAkB;YAC1B,GAAG;YACH,MAAM;YACN,OAAO,EAAE,IAAI,CAAC,OAAO,KAAK,KAAK;YAC/B,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAE,IAAI,CAAC,MAAmB,CAAC,CAAC,CAAC,EAAE;YACnE,WAAW,EAAG,IAAI,CAAC,WAAsB,IAAI,IAAI;SAClD,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,QAAQ,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;IAC/E,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,oBAAoB,EAAE,CAAC,CAAC,EAAE,EAAE;QAClC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QAEpC,MAAM,MAAM,GAAG,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAChD,OAAO,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,qBAAqB,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAC/E,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,wBAAwB,EAAE,CAAC,CAAC,EAAE,EAAE;QACtC,MAAM,EAAE,GAAG,EAAE,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACtD,IAAI,CAAC,EAAE;YAAE,MAAM,QAAQ,CAAC,iBAAiB,CAAC,CAAC;QAC3C,OAAO,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,wBAAwB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC5C,MAAM,EAAE,GAAG,EAAE,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACtD,IAAI,CAAC,EAAE;YAAE,MAAM,QAAQ,CAAC,iBAAiB,CAAC,CAAC;QAE3C,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,OAAO,GAA4B,EAAE,CAAC;QAE5C,IAAI,KAAK,IAAI,IAAI,EAAE,CAAC;YAClB,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;gBAC9C,MAAM,eAAe,CAAC,iBAAiB,EAAE,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;YACjF,CAAC;YACD,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QACzB,CAAC;QACD,IAAI,SAAS,IAAI,IAAI;YAAE,OAAO,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC;QACxD,IAAI,QAAQ,IAAI,IAAI;YAAE,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;QACrF,IAAI,aAAa,IAAI,IAAI;YAAE,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC;QAE1E,MAAM,OAAO,GAAG,EAAE,CAAC,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QAC3D,OAAO,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,OAAQ,CAAC,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,MAAM,CAAC,wBAAwB,EAAE,CAAC,CAAC,EAAE,EAAE;QACzC,MAAM,EAAE,GAAG,EAAE,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACtD,IAAI,CAAC,EAAE;YAAE,MAAM,QAAQ,CAAC,iBAAiB,CAAC,CAAC;QAC3C,EAAE,CAAC,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAClC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;AACL,CAAC","sourcesContent":["import { randomBytes } from 'node:crypto';\nimport { type RouteContext, notFound, validationError, parseJsonBody, parseListParams } from '../../core/index.js';\nimport { getWorkOSStore } from '../store.js';\nimport { formatWebhookEndpoint, formatListResponse } from '../helpers.js';\n\nexport function webhookEndpointRoutes(ctx: RouteContext): void {\n const { app, store } = ctx;\n const ws = getWorkOSStore(store);\n\n app.post('/webhook_endpoints', async (c) => {\n const body = await parseJsonBody(c);\n const url = body.url as string | undefined;\n if (!url || typeof url !== 'string') {\n throw validationError('URL is required', [{ field: 'url', code: 'required' }]);\n }\n\n const secret = (body.secret as string) ?? randomBytes(32).toString('hex');\n\n const endpoint = ws.webhookEndpoints.insert({\n object: 'webhook_endpoint',\n url,\n secret,\n enabled: body.enabled !== false,\n events: Array.isArray(body.events) ? (body.events as string[]) : [],\n description: (body.description as string) ?? null,\n });\n\n return c.json(formatWebhookEndpoint(endpoint, { includeSecret: true }), 201);\n });\n\n app.get('/webhook_endpoints', (c) => {\n const url = new URL(c.req.url);\n const params = parseListParams(url);\n\n const result = ws.webhookEndpoints.list(params);\n return c.json(formatListResponse(result, (ep) => formatWebhookEndpoint(ep)));\n });\n\n app.get('/webhook_endpoints/:id', (c) => {\n const ep = ws.webhookEndpoints.get(c.req.param('id'));\n if (!ep) throw notFound('WebhookEndpoint');\n return c.json(formatWebhookEndpoint(ep));\n });\n\n app.put('/webhook_endpoints/:id', async (c) => {\n const ep = ws.webhookEndpoints.get(c.req.param('id'));\n if (!ep) throw notFound('WebhookEndpoint');\n\n const body = await parseJsonBody(c);\n const updates: Record<string, unknown> = {};\n\n if ('url' in body) {\n if (!body.url || typeof body.url !== 'string') {\n throw validationError('URL is required', [{ field: 'url', code: 'required' }]);\n }\n updates.url = body.url;\n }\n if ('enabled' in body) updates.enabled = !!body.enabled;\n if ('events' in body) updates.events = Array.isArray(body.events) ? body.events : [];\n if ('description' in body) updates.description = body.description ?? null;\n\n const updated = ws.webhookEndpoints.update(ep.id, updates);\n return c.json(formatWebhookEndpoint(updated!));\n });\n\n app.delete('/webhook_endpoints/:id', (c) => {\n const ep = ws.webhookEndpoints.get(c.req.param('id'));\n if (!ep) throw notFound('WebhookEndpoint');\n ws.webhookEndpoints.delete(ep.id);\n return c.body(null, 204);\n });\n}\n"]}

package/dist/emulate/workos/routes/widgets.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { type RouteContext } from '../../core/index.js';
2	+ export declare function widgetRoutes(ctx: RouteContext): void;