arbi 0.2.0__py3-none-any.whl → 0.3.0__py3-none-any.whl

arbi/resources/api/user/user.py

@@ -2,6 +2,8 @@
 
 from __future__ import annotations
 
+from typing import Dict, Optional
+
 import httpx
 
 from .settings import (
@@ -12,7 +14,7 @@ from .settings import (
     SettingsResourceWithStreamingResponse,
     AsyncSettingsResourceWithStreamingResponse,
 )
-from ...._types import Body, Query, Headers, NotGiven, not_given
+from ...._types import Body, Omit, Query, Headers, NotGiven, omit, not_given
 from ...._utils import maybe_transform, async_maybe_transform
 from ...._compat import cached_property
 from ...._resource import SyncAPIResource, AsyncAPIResource
@@ -22,13 +24,22 @@ from ...._response import (
     async_to_raw_response_wrapper,
     async_to_streamed_response_wrapper,
 )
-from ....types.api import user_login_params, user_register_params, user_verify_email_params
+from ....types.api import (
+    user_login_params,
+    user_invite_params,
+    user_register_params,
+    user_verify_email_params,
+    user_change_password_params,
+    user_check_sso_status_params,
+)
 from ...._base_client import make_request_options
-from ....types.api.token import Token
-from ....types.api.user_response import UserResponse
+from ....types.api.user_login_response import UserLoginResponse
+from ....types.api.user_invite_response import UserInviteResponse
 from ....types.api.user_logout_response import UserLogoutResponse
 from ....types.api.user_verify_email_response import UserVerifyEmailResponse
+from ....types.api.user_change_password_response import UserChangePasswordResponse
 from ....types.api.user_list_workspaces_response import UserListWorkspacesResponse
+from ....types.api.user_check_sso_status_response import UserCheckSSOStatusResponse
 
 __all__ = ["UserResource", "AsyncUserResource"]
 
@@ -57,42 +68,90 @@ class UserResource(SyncAPIResource):
         """
         return UserResourceWithStreamingResponse(self)
 
-    def list_workspaces(
+    def change_password(
         self,
         *,
+        current_public_key: str,
+        new_public_key: str,
+        rewrapped_workspace_keys: Dict[str, str],
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
         # The extra values given here take precedence over values defined on the client or passed to this method.
         extra_headers: Headers | None = None,
         extra_query: Query | None = None,
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
-    ) -> UserListWorkspacesResponse:
-        """
-        Retrieve the list of workspaces associated with the current authenticated user.
-        Leverages RLS to enforce access control.
+    ) -> UserChangePasswordResponse:
+        """Change user's master password by re-keying all workspace keys.
+
+        Client must:
+
+        1.
+
+        Prove knowledge of current master password via X25519 public key
+        2. Provide new X25519 public key (derived from new master password)
+        3. Re-wrap all workspace keys with new X25519 public key
+
+        Server will:
+
+        1. Verify current master password (public key comparison)
+        2. Update X25519 public key
+        3. Update all workspace wrapped keys
+
+        Note: This changes the master password (encryption password), not authentication
+        password. Both local and SSO users can change their master password.
+
+        Args:
+          extra_headers: Send extra headers
+
+          extra_query: Add additional query parameters to the request
+
+          extra_body: Add additional JSON properties to the request
+
+          timeout: Override the client-level default timeout for this request, in seconds
         """
-        return self._get(
-            "/api/user/workspaces",
+        return self._post(
+            "/api/user/change_password",
+            body=maybe_transform(
+                {
+                    "current_public_key": current_public_key,
+                    "new_public_key": new_public_key,
+                    "rewrapped_workspace_keys": rewrapped_workspace_keys,
+                },
+                user_change_password_params.UserChangePasswordParams,
+            ),
             options=make_request_options(
                 extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
             ),
-            cast_to=UserListWorkspacesResponse,
+            cast_to=UserChangePasswordResponse,
         )
 
-    def login(
+    def check_sso_status(
         self,
         *,
         email: str,
-        password: str,
+        sso_token: str,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
         # The extra values given here take precedence over values defined on the client or passed to this method.
         extra_headers: Headers | None = None,
         extra_query: Query | None = None,
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
-    ) -> Token:
-        """
-        Login a user and return a JWT token.
+    ) -> UserCheckSSOStatusResponse:
+        """Check SSO user registration state.
+
+        Returns one of three states:
+
+        1.
+
+        new_user: No user exists with this email
+        2. local_exists: User exists but registered locally (can link to SSO)
+        3. sso_exists: User exists and already linked to SSO
+
+        Frontend uses this to show appropriate UI:
+
+        - new_user -> "Set Master Password"
+        - local_exists -> "Link SSO? Enter current master password"
+        - sso_exists -> "Enter Master Password"
 
         Args:
           extra_headers: Send extra headers
@@ -104,40 +163,59 @@ class UserResource(SyncAPIResource):
           timeout: Override the client-level default timeout for this request, in seconds
         """
         return self._post(
-            "/api/user/login",
+            "/api/user/sso-status",
             body=maybe_transform(
                 {
                     "email": email,
-                    "password": password,
+                    "sso_token": sso_token,
                 },
-                user_login_params.UserLoginParams,
+                user_check_sso_status_params.UserCheckSSOStatusParams,
             ),
             options=make_request_options(
                 extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
             ),
-            cast_to=Token,
+            cast_to=UserCheckSSOStatusResponse,
         )
 
-    def logout(
+    def invite(
         self,
         *,
+        email: str,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
         # The extra values given here take precedence over values defined on the client or passed to this method.
         extra_headers: Headers | None = None,
         extra_query: Query | None = None,
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
-    ) -> UserLogoutResponse:
-        """Log out the current user by clearing cached keys and refresh token cookie."""
+    ) -> UserInviteResponse:
+        """Send invitation email with 3-word verification code to a new user.
+
+        Protected
+        endpoint - requires authentication. Includes inviter's name in the email for
+        personalization.
+
+        Note: Fails silently if email already exists to prevent email enumeration
+        attacks.
+
+        Args:
+          extra_headers: Send extra headers
+
+          extra_query: Add additional query parameters to the request
+
+          extra_body: Add additional JSON properties to the request
+
+          timeout: Override the client-level default timeout for this request, in seconds
+        """
         return self._post(
-            "/api/user/logout",
+            "/api/user/invite",
+            body=maybe_transform({"email": email}, user_invite_params.UserInviteParams),
             options=make_request_options(
                 extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
             ),
-            cast_to=UserLogoutResponse,
+            cast_to=UserInviteResponse,
         )
 
-    def refresh_token(
+    def list_workspaces(
         self,
         *,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
@@ -146,37 +224,44 @@ class UserResource(SyncAPIResource):
         extra_query: Query | None = None,
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
-    ) -> Token:
-        """Refresh an expired access token using the refresh token cookie.
-
-        Validates the
-        refresh token and issues a new access token.
+    ) -> UserListWorkspacesResponse:
         """
-        return self._post(
-            "/api/user/token_refresh",
+        Retrieve the list of workspaces associated with the current authenticated user.
+        Includes wrapped_key, stats (conversation/document counts with shared/private
+        breakdown), and users for each workspace. All data is fetched efficiently using
+        batch queries to avoid N+1 problems. Leverages RLS to enforce access control.
+        """
+        return self._get(
+            "/api/user/workspaces",
             options=make_request_options(
                 extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
             ),
-            cast_to=Token,
+            cast_to=UserListWorkspacesResponse,
         )
 
-    def register(
+    def login(
         self,
         *,
         email: str,
-        last_name: str,
-        name: str,
-        password: str,
-        verification_code: str,
+        public_key: str,
+        sso_token: Optional[str] | Omit = omit,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
         # The extra values given here take precedence over values defined on the client or passed to this method.
         extra_headers: Headers | None = None,
         extra_query: Query | None = None,
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
-    ) -> UserResponse:
+    ) -> UserLoginResponse:
         """
-        Register a new user with email verification.
+        Login with X25519 public key verification (local or SSO).
+
+        SIMPLEST POSSIBLE AUTH: Client derives X25519 public key from password and sends
+        it. Server compares with stored public key. Match = correct password!
+
+        For SSO users: Also validates SSO token before proceeding. For local users: Only
+        public key verification needed.
+
+        Returns encrypted login response that only the correct password can decrypt.
 
         Args:
           extra_headers: Send extra headers
@@ -188,24 +273,22 @@ class UserResource(SyncAPIResource):
           timeout: Override the client-level default timeout for this request, in seconds
         """
         return self._post(
-            "/api/user/register",
+            "/api/user/login",
             body=maybe_transform(
                 {
                     "email": email,
-                    "last_name": last_name,
-                    "name": name,
-                    "password": password,
-                    "verification_code": verification_code,
+                    "public_key": public_key,
+                    "sso_token": sso_token,
                 },
-                user_register_params.UserRegisterParams,
+                user_login_params.UserLoginParams,
             ),
             options=make_request_options(
                 extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
             ),
-            cast_to=UserResponse,
+            cast_to=UserLoginResponse,
         )
 
-    def retrieve_me(
+    def logout(
         self,
         *,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
@@ -214,18 +297,66 @@ class UserResource(SyncAPIResource):
         extra_query: Query | None = None,
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
-    ) -> UserResponse:
-        """Retrieve current authenticated user information.
+    ) -> UserLogoutResponse:
+        """Log out the current user by clearing the refresh token cookie and session key."""
+        return self._post(
+            "/api/user/logout",
+            options=make_request_options(
+                extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
+            ),
+            cast_to=UserLogoutResponse,
+        )
 
-        This endpoint is useful for
-        validating tokens and checking authentication status.
+    def register(
+        self,
+        *,
+        email: str,
+        public_key: str,
+        verification_credential: str,
+        last_name: Optional[str] | Omit = omit,
+        name: Optional[str] | Omit = omit,
+        # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
+        # The extra values given here take precedence over values defined on the client or passed to this method.
+        extra_headers: Headers | None = None,
+        extra_query: Query | None = None,
+        extra_body: Body | None = None,
+        timeout: float | httpx.Timeout | None | NotGiven = not_given,
+    ) -> object:
         """
-        return self._get(
-            "/api/user/me",
+        Register a new user with email verification (local or SSO).
+
+        Accepts either:
+
+        - 3-word verification code for local users
+        - SSO JWT token for SSO users
+
+        Auto-detects credential type and handles both flows.
+
+        Args:
+          extra_headers: Send extra headers
+
+          extra_query: Add additional query parameters to the request
+
+          extra_body: Add additional JSON properties to the request
+
+          timeout: Override the client-level default timeout for this request, in seconds
+        """
+        return self._post(
+            "/api/user/register",
+            body=maybe_transform(
+                {
+                    "email": email,
+                    "public_key": public_key,
+                    "verification_credential": verification_credential,
+                    "last_name": last_name,
+                    "name": name,
+                },
+                user_register_params.UserRegisterParams,
+            ),
             options=make_request_options(
                 extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
             ),
-            cast_to=UserResponse,
+            cast_to=object,
         )
 
     def verify_email(
@@ -290,42 +421,90 @@ class AsyncUserResource(AsyncAPIResource):
         """
         return AsyncUserResourceWithStreamingResponse(self)
 
-    async def list_workspaces(
+    async def change_password(
         self,
         *,
+        current_public_key: str,
+        new_public_key: str,
+        rewrapped_workspace_keys: Dict[str, str],
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
         # The extra values given here take precedence over values defined on the client or passed to this method.
         extra_headers: Headers | None = None,
         extra_query: Query | None = None,
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
-    ) -> UserListWorkspacesResponse:
-        """
-        Retrieve the list of workspaces associated with the current authenticated user.
-        Leverages RLS to enforce access control.
+    ) -> UserChangePasswordResponse:
+        """Change user's master password by re-keying all workspace keys.
+
+        Client must:
+
+        1.
+
+        Prove knowledge of current master password via X25519 public key
+        2. Provide new X25519 public key (derived from new master password)
+        3. Re-wrap all workspace keys with new X25519 public key
+
+        Server will:
+
+        1. Verify current master password (public key comparison)
+        2. Update X25519 public key
+        3. Update all workspace wrapped keys
+
+        Note: This changes the master password (encryption password), not authentication
+        password. Both local and SSO users can change their master password.
+
+        Args:
+          extra_headers: Send extra headers
+
+          extra_query: Add additional query parameters to the request
+
+          extra_body: Add additional JSON properties to the request
+
+          timeout: Override the client-level default timeout for this request, in seconds
         """
-        return await self._get(
-            "/api/user/workspaces",
+        return await self._post(
+            "/api/user/change_password",
+            body=await async_maybe_transform(
+                {
+                    "current_public_key": current_public_key,
+                    "new_public_key": new_public_key,
+                    "rewrapped_workspace_keys": rewrapped_workspace_keys,
+                },
+                user_change_password_params.UserChangePasswordParams,
+            ),
             options=make_request_options(
                 extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
             ),
-            cast_to=UserListWorkspacesResponse,
+            cast_to=UserChangePasswordResponse,
         )
 
-    async def login(
+    async def check_sso_status(
         self,
         *,
         email: str,
-        password: str,
+        sso_token: str,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
         # The extra values given here take precedence over values defined on the client or passed to this method.
         extra_headers: Headers | None = None,
         extra_query: Query | None = None,
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
-    ) -> Token:
-        """
-        Login a user and return a JWT token.
+    ) -> UserCheckSSOStatusResponse:
+        """Check SSO user registration state.
+
+        Returns one of three states:
+
+        1.
+
+        new_user: No user exists with this email
+        2. local_exists: User exists but registered locally (can link to SSO)
+        3. sso_exists: User exists and already linked to SSO
+
+        Frontend uses this to show appropriate UI:
+
+        - new_user -> "Set Master Password"
+        - local_exists -> "Link SSO? Enter current master password"
+        - sso_exists -> "Enter Master Password"
 
         Args:
           extra_headers: Send extra headers
@@ -337,40 +516,59 @@ class AsyncUserResource(AsyncAPIResource):
           timeout: Override the client-level default timeout for this request, in seconds
         """
         return await self._post(
-            "/api/user/login",
+            "/api/user/sso-status",
             body=await async_maybe_transform(
                 {
                     "email": email,
-                    "password": password,
+                    "sso_token": sso_token,
                 },
-                user_login_params.UserLoginParams,
+                user_check_sso_status_params.UserCheckSSOStatusParams,
             ),
             options=make_request_options(
                 extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
             ),
-            cast_to=Token,
+            cast_to=UserCheckSSOStatusResponse,
         )
 
-    async def logout(
+    async def invite(
         self,
         *,
+        email: str,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
         # The extra values given here take precedence over values defined on the client or passed to this method.
         extra_headers: Headers | None = None,
         extra_query: Query | None = None,
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
-    ) -> UserLogoutResponse:
-        """Log out the current user by clearing cached keys and refresh token cookie."""
+    ) -> UserInviteResponse:
+        """Send invitation email with 3-word verification code to a new user.
+
+        Protected
+        endpoint - requires authentication. Includes inviter's name in the email for
+        personalization.
+
+        Note: Fails silently if email already exists to prevent email enumeration
+        attacks.
+
+        Args:
+          extra_headers: Send extra headers
+
+          extra_query: Add additional query parameters to the request
+
+          extra_body: Add additional JSON properties to the request
+
+          timeout: Override the client-level default timeout for this request, in seconds
+        """
         return await self._post(
-            "/api/user/logout",
+            "/api/user/invite",
+            body=await async_maybe_transform({"email": email}, user_invite_params.UserInviteParams),
             options=make_request_options(
                 extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
             ),
-            cast_to=UserLogoutResponse,
+            cast_to=UserInviteResponse,
         )
 
-    async def refresh_token(
+    async def list_workspaces(
         self,
         *,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
@@ -379,37 +577,44 @@ class AsyncUserResource(AsyncAPIResource):
         extra_query: Query | None = None,
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
-    ) -> Token:
-        """Refresh an expired access token using the refresh token cookie.
-
-        Validates the
-        refresh token and issues a new access token.
+    ) -> UserListWorkspacesResponse:
         """
-        return await self._post(
-            "/api/user/token_refresh",
+        Retrieve the list of workspaces associated with the current authenticated user.
+        Includes wrapped_key, stats (conversation/document counts with shared/private
+        breakdown), and users for each workspace. All data is fetched efficiently using
+        batch queries to avoid N+1 problems. Leverages RLS to enforce access control.
+        """
+        return await self._get(
+            "/api/user/workspaces",
             options=make_request_options(
                 extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
             ),
-            cast_to=Token,
+            cast_to=UserListWorkspacesResponse,
         )
 
-    async def register(
+    async def login(
         self,
         *,
         email: str,
-        last_name: str,
-        name: str,
-        password: str,
-        verification_code: str,
+        public_key: str,
+        sso_token: Optional[str] | Omit = omit,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
         # The extra values given here take precedence over values defined on the client or passed to this method.
         extra_headers: Headers | None = None,
         extra_query: Query | None = None,
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
-    ) -> UserResponse:
+    ) -> UserLoginResponse:
         """
-        Register a new user with email verification.
+        Login with X25519 public key verification (local or SSO).
+
+        SIMPLEST POSSIBLE AUTH: Client derives X25519 public key from password and sends
+        it. Server compares with stored public key. Match = correct password!
+
+        For SSO users: Also validates SSO token before proceeding. For local users: Only
+        public key verification needed.
+
+        Returns encrypted login response that only the correct password can decrypt.
 
         Args:
           extra_headers: Send extra headers
@@ -421,24 +626,22 @@ class AsyncUserResource(AsyncAPIResource):
           timeout: Override the client-level default timeout for this request, in seconds
         """
         return await self._post(
-            "/api/user/register",
+            "/api/user/login",
             body=await async_maybe_transform(
                 {
                     "email": email,
-                    "last_name": last_name,
-                    "name": name,
-                    "password": password,
-                    "verification_code": verification_code,
+                    "public_key": public_key,
+                    "sso_token": sso_token,
                 },
-                user_register_params.UserRegisterParams,
+                user_login_params.UserLoginParams,
             ),
             options=make_request_options(
                 extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
             ),
-            cast_to=UserResponse,
+            cast_to=UserLoginResponse,
         )
 
-    async def retrieve_me(
+    async def logout(
         self,
         *,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
@@ -447,18 +650,66 @@ class AsyncUserResource(AsyncAPIResource):
         extra_query: Query | None = None,
         extra_body: Body | None = None,
         timeout: float | httpx.Timeout | None | NotGiven = not_given,
-    ) -> UserResponse:
-        """Retrieve current authenticated user information.
+    ) -> UserLogoutResponse:
+        """Log out the current user by clearing the refresh token cookie and session key."""
+        return await self._post(
+            "/api/user/logout",
+            options=make_request_options(
+                extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
+            ),
+            cast_to=UserLogoutResponse,
+        )
 
-        This endpoint is useful for
-        validating tokens and checking authentication status.
+    async def register(
+        self,
+        *,
+        email: str,
+        public_key: str,
+        verification_credential: str,
+        last_name: Optional[str] | Omit = omit,
+        name: Optional[str] | Omit = omit,
+        # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
+        # The extra values given here take precedence over values defined on the client or passed to this method.
+        extra_headers: Headers | None = None,
+        extra_query: Query | None = None,
+        extra_body: Body | None = None,
+        timeout: float | httpx.Timeout | None | NotGiven = not_given,
+    ) -> object:
         """
-        return await self._get(
-            "/api/user/me",
+        Register a new user with email verification (local or SSO).
+
+        Accepts either:
+
+        - 3-word verification code for local users
+        - SSO JWT token for SSO users
+
+        Auto-detects credential type and handles both flows.
+
+        Args:
+          extra_headers: Send extra headers
+
+          extra_query: Add additional query parameters to the request
+
+          extra_body: Add additional JSON properties to the request
+
+          timeout: Override the client-level default timeout for this request, in seconds
+        """
+        return await self._post(
+            "/api/user/register",
+            body=await async_maybe_transform(
+                {
+                    "email": email,
+                    "public_key": public_key,
+                    "verification_credential": verification_credential,
+                    "last_name": last_name,
+                    "name": name,
+                },
+                user_register_params.UserRegisterParams,
+            ),
             options=make_request_options(
                 extra_headers=extra_headers, extra_query=extra_query, extra_body=extra_body, timeout=timeout
             ),
-            cast_to=UserResponse,
+            cast_to=object,
         )
 
     async def verify_email(
@@ -503,6 +754,15 @@ class UserResourceWithRawResponse:
     def __init__(self, user: UserResource) -> None:
         self._user = user
 
+        self.change_password = to_raw_response_wrapper(
+            user.change_password,
+        )
+        self.check_sso_status = to_raw_response_wrapper(
+            user.check_sso_status,
+        )
+        self.invite = to_raw_response_wrapper(
+            user.invite,
+        )
         self.list_workspaces = to_raw_response_wrapper(
             user.list_workspaces,
         )
@@ -512,15 +772,9 @@ class UserResourceWithRawResponse:
         self.logout = to_raw_response_wrapper(
             user.logout,
         )
-        self.refresh_token = to_raw_response_wrapper(
-            user.refresh_token,
-        )
         self.register = to_raw_response_wrapper(
             user.register,
         )
-        self.retrieve_me = to_raw_response_wrapper(
-            user.retrieve_me,
-        )
         self.verify_email = to_raw_response_wrapper(
             user.verify_email,
         )
@@ -534,6 +788,15 @@ class AsyncUserResourceWithRawResponse:
     def __init__(self, user: AsyncUserResource) -> None:
         self._user = user
 
+        self.change_password = async_to_raw_response_wrapper(
+            user.change_password,
+        )
+        self.check_sso_status = async_to_raw_response_wrapper(
+            user.check_sso_status,
+        )
+        self.invite = async_to_raw_response_wrapper(
+            user.invite,
+        )
         self.list_workspaces = async_to_raw_response_wrapper(
             user.list_workspaces,
         )
@@ -543,15 +806,9 @@ class AsyncUserResourceWithRawResponse:
         self.logout = async_to_raw_response_wrapper(
             user.logout,
         )
-        self.refresh_token = async_to_raw_response_wrapper(
-            user.refresh_token,
-        )
         self.register = async_to_raw_response_wrapper(
             user.register,
         )
-        self.retrieve_me = async_to_raw_response_wrapper(
-            user.retrieve_me,
-        )
         self.verify_email = async_to_raw_response_wrapper(
             user.verify_email,
         )
@@ -565,6 +822,15 @@ class UserResourceWithStreamingResponse:
     def __init__(self, user: UserResource) -> None:
         self._user = user
 
+        self.change_password = to_streamed_response_wrapper(
+            user.change_password,
+        )
+        self.check_sso_status = to_streamed_response_wrapper(
+            user.check_sso_status,
+        )
+        self.invite = to_streamed_response_wrapper(
+            user.invite,
+        )
         self.list_workspaces = to_streamed_response_wrapper(
             user.list_workspaces,
         )
@@ -574,15 +840,9 @@ class UserResourceWithStreamingResponse:
         self.logout = to_streamed_response_wrapper(
             user.logout,
         )
-        self.refresh_token = to_streamed_response_wrapper(
-            user.refresh_token,
-        )
         self.register = to_streamed_response_wrapper(
             user.register,
         )
-        self.retrieve_me = to_streamed_response_wrapper(
-            user.retrieve_me,
-        )
         self.verify_email = to_streamed_response_wrapper(
             user.verify_email,
         )
@@ -596,6 +856,15 @@ class AsyncUserResourceWithStreamingResponse:
     def __init__(self, user: AsyncUserResource) -> None:
         self._user = user
 
+        self.change_password = async_to_streamed_response_wrapper(
+            user.change_password,
+        )
+        self.check_sso_status = async_to_streamed_response_wrapper(
+            user.check_sso_status,
+        )
+        self.invite = async_to_streamed_response_wrapper(
+            user.invite,
+        )
         self.list_workspaces = async_to_streamed_response_wrapper(
             user.list_workspaces,
         )
@@ -605,15 +874,9 @@ class AsyncUserResourceWithStreamingResponse:
         self.logout = async_to_streamed_response_wrapper(
             user.logout,
         )
-        self.refresh_token = async_to_streamed_response_wrapper(
-            user.refresh_token,
-        )
         self.register = async_to_streamed_response_wrapper(
             user.register,
         )
-        self.retrieve_me = async_to_streamed_response_wrapper(
-            user.retrieve_me,
-        )
         self.verify_email = async_to_streamed_response_wrapper(
             user.verify_email,
         )