workos 1.5.1__py3-none-any.whl → 5.38.0__py3-none-any.whl

workos/__about__.py

@@ -12,7 +12,7 @@ __package_name__ = "workos"
 
 __package_url__ = "https://github.com/workos-inc/workos-python"
 
-__version__ = "1.5.1"
+__version__ = "5.38.0"
 
 __author__ = "WorkOS"
 

workos/__init__.py

@@ -1,8 +1,4 @@
-import os
+from workos.client import SyncClient as WorkOSClient
+from workos.async_client import AsyncClient as AsyncWorkOSClient
 
-from workos.__about__ import __version__
-from workos.client import client
-
-api_key = os.getenv("WORKOS_API_KEY")
-client_id = os.getenv("WORKOS_CLIENT_ID")
-base_api_url = "https://api.workos.com/"
+__all__ = ["WorkOSClient", "AsyncWorkOSClient"]

workos/_base_client.py

@@ -0,0 +1,138 @@
+import os
+from abc import abstractmethod
+from typing import Optional
+
+from workos._client_configuration import ClientConfiguration
+from workos.api_keys import ApiKeysModule
+from workos.audit_logs import AuditLogsModule
+from workos.directory_sync import DirectorySyncModule
+from workos.events import EventsModule
+from workos.fga import FGAModule
+from workos.mfa import MFAModule
+from workos.organization_domains import OrganizationDomainsModule
+from workos.pipes import PipesModule
+from workos.organizations import OrganizationsModule
+from workos.passwordless import PasswordlessModule
+from workos.portal import PortalModule
+from workos.sso import SSOModule
+from workos.user_management import UserManagementModule
+from workos.utils._base_http_client import DEFAULT_REQUEST_TIMEOUT
+from workos.webhooks import WebhooksModule
+
+
+class BaseClient(ClientConfiguration):
+    """Base client for accessing the WorkOS feature set."""
+
+    _api_key: str
+    _base_url: str
+    _client_id: str
+    _request_timeout: int
+
+    def __init__(
+        self,
+        *,
+        api_key: Optional[str],
+        client_id: Optional[str],
+        base_url: Optional[str] = None,
+        request_timeout: Optional[int] = None,
+    ) -> None:
+        api_key = api_key or os.getenv("WORKOS_API_KEY")
+        if api_key is None:
+            raise ValueError(
+                "WorkOS API key must be provided when instantiating the client or via the WORKOS_API_KEY environment variable."
+            )
+
+        self._api_key = api_key
+
+        client_id = client_id or os.getenv("WORKOS_CLIENT_ID")
+        if client_id is None:
+            raise ValueError(
+                "WorkOS client ID must be provided when instantiating the client or via the WORKOS_CLIENT_ID environment variable."
+            )
+
+        self._client_id = client_id
+
+        self._base_url = self._enforce_trailing_slash(
+            url=(
+                base_url
+                if base_url
+                else os.getenv("WORKOS_BASE_URL", "https://api.workos.com/")
+            )
+        )
+
+        self._request_timeout = (
+            request_timeout
+            if request_timeout
+            else int(os.getenv("WORKOS_REQUEST_TIMEOUT", DEFAULT_REQUEST_TIMEOUT))
+        )
+
+    @property
+    @abstractmethod
+    def api_keys(self) -> ApiKeysModule: ...
+
+    @property
+    @abstractmethod
+    def audit_logs(self) -> AuditLogsModule: ...
+
+    @property
+    @abstractmethod
+    def directory_sync(self) -> DirectorySyncModule: ...
+
+    @property
+    @abstractmethod
+    def events(self) -> EventsModule: ...
+
+    @property
+    @abstractmethod
+    def fga(self) -> FGAModule: ...
+
+    @property
+    @abstractmethod
+    def mfa(self) -> MFAModule: ...
+
+    @property
+    @abstractmethod
+    def organizations(self) -> OrganizationsModule: ...
+
+    @property
+    @abstractmethod
+    def organization_domains(self) -> OrganizationDomainsModule: ...
+
+    @property
+    @abstractmethod
+    def passwordless(self) -> PasswordlessModule: ...
+
+    @property
+    @abstractmethod
+    def pipes(self) -> PipesModule: ...
+
+    @property
+    @abstractmethod
+    def portal(self) -> PortalModule: ...
+
+    @property
+    @abstractmethod
+    def sso(self) -> SSOModule: ...
+
+    @property
+    @abstractmethod
+    def user_management(self) -> UserManagementModule: ...
+
+    @property
+    @abstractmethod
+    def webhooks(self) -> WebhooksModule: ...
+
+    def _enforce_trailing_slash(self, url: str) -> str:
+        return url if url.endswith("/") else url + "/"
+
+    @property
+    def base_url(self) -> str:
+        return self._base_url
+
+    @property
+    def client_id(self) -> str:
+        return self._client_id
+
+    @property
+    def request_timeout(self) -> int:
+        return self._request_timeout

workos/_client_configuration.py

@@ -0,0 +1,10 @@
+from typing import Protocol
+
+
+class ClientConfiguration(Protocol):
+    @property
+    def base_url(self) -> str: ...
+    @property
+    def client_id(self) -> str: ...
+    @property
+    def request_timeout(self) -> int: ...

workos/api_keys.py

@@ -0,0 +1,53 @@
+from typing import Optional, Protocol
+
+from workos.types.api_keys import ApiKey
+from workos.typing.sync_or_async import SyncOrAsync
+from workos.utils.http_client import AsyncHTTPClient, SyncHTTPClient
+from workos.utils.request_helper import REQUEST_METHOD_POST
+
+API_KEY_VALIDATION_PATH = "api_keys/validations"
+RESOURCE_OBJECT_ATTRIBUTE_NAME = "api_key"
+
+
+class ApiKeysModule(Protocol):
+    def validate_api_key(self, *, value: str) -> SyncOrAsync[Optional[ApiKey]]:
+        """Validate an API key.
+
+        Kwargs:
+            value (str): API key value
+
+        Returns:
+            Optional[ApiKey]: Returns ApiKey resource object
+                if supplied value was valid, None if it was not
+        """
+        ...
+
+
+class ApiKeys(ApiKeysModule):
+    _http_client: SyncHTTPClient
+
+    def __init__(self, http_client: SyncHTTPClient):
+        self._http_client = http_client
+
+    def validate_api_key(self, *, value: str) -> Optional[ApiKey]:
+        response = self._http_client.request(
+            API_KEY_VALIDATION_PATH, method=REQUEST_METHOD_POST, json={"value": value}
+        )
+        if response.get(RESOURCE_OBJECT_ATTRIBUTE_NAME) is None:
+            return None
+        return ApiKey.model_validate(response[RESOURCE_OBJECT_ATTRIBUTE_NAME])
+
+
+class AsyncApiKeys(ApiKeysModule):
+    _http_client: AsyncHTTPClient
+
+    def __init__(self, http_client: AsyncHTTPClient):
+        self._http_client = http_client
+
+    async def validate_api_key(self, *, value: str) -> Optional[ApiKey]:
+        response = await self._http_client.request(
+            API_KEY_VALIDATION_PATH, method=REQUEST_METHOD_POST, json={"value": value}
+        )
+        if response.get(RESOURCE_OBJECT_ATTRIBUTE_NAME) is None:
+            return None
+        return ApiKey.model_validate(response[RESOURCE_OBJECT_ATTRIBUTE_NAME])

workos/async_client.py

@@ -0,0 +1,144 @@
+from typing import Optional
+from workos.__about__ import __version__
+from workos._base_client import BaseClient
+from workos.api_keys import AsyncApiKeys
+from workos.audit_logs import AuditLogsModule
+from workos.directory_sync import AsyncDirectorySync
+from workos.events import AsyncEvents
+from workos.fga import FGAModule
+from workos.mfa import MFAModule
+from workos.organizations import AsyncOrganizations
+from workos.organization_domains import AsyncOrganizationDomains
+from workos.passwordless import PasswordlessModule
+from workos.pipes import AsyncPipes
+from workos.portal import PortalModule
+from workos.sso import AsyncSSO
+from workos.user_management import AsyncUserManagement
+from workos.utils.http_client import AsyncHTTPClient
+from workos.webhooks import WebhooksModule
+from workos.widgets import WidgetsModule
+from workos.vault import VaultModule
+
+
+class AsyncClient(BaseClient):
+    """Client for a convenient way to access the WorkOS feature set."""
+
+    _http_client: AsyncHTTPClient
+
+    def __init__(
+        self,
+        *,
+        api_key: Optional[str] = None,
+        client_id: Optional[str] = None,
+        base_url: Optional[str] = None,
+        request_timeout: Optional[int] = None,
+    ):
+        super().__init__(
+            api_key=api_key,
+            client_id=client_id,
+            base_url=base_url,
+            request_timeout=request_timeout,
+        )
+        self._http_client = AsyncHTTPClient(
+            api_key=self._api_key,
+            base_url=self.base_url,
+            client_id=self._client_id,
+            version=__version__,
+            timeout=self.request_timeout,
+        )
+
+    @property
+    def api_keys(self) -> AsyncApiKeys:
+        if not getattr(self, "_api_keys", None):
+            self._api_keys = AsyncApiKeys(self._http_client)
+        return self._api_keys
+
+    @property
+    def sso(self) -> AsyncSSO:
+        if not getattr(self, "_sso", None):
+            self._sso = AsyncSSO(
+                http_client=self._http_client, client_configuration=self
+            )
+        return self._sso
+
+    @property
+    def audit_logs(self) -> AuditLogsModule:
+        raise NotImplementedError(
+            "Audit logs APIs are not yet supported in the async client."
+        )
+
+    @property
+    def directory_sync(self) -> AsyncDirectorySync:
+        if not getattr(self, "_directory_sync", None):
+            self._directory_sync = AsyncDirectorySync(self._http_client)
+        return self._directory_sync
+
+    @property
+    def events(self) -> AsyncEvents:
+        if not getattr(self, "_events", None):
+            self._events = AsyncEvents(self._http_client)
+        return self._events
+
+    @property
+    def fga(self) -> FGAModule:
+        raise NotImplementedError("FGA APIs are not yet supported in the async client.")
+
+    @property
+    def organizations(self) -> AsyncOrganizations:
+        if not getattr(self, "_organizations", None):
+            self._organizations = AsyncOrganizations(self._http_client)
+        return self._organizations
+
+    @property
+    def organization_domains(self) -> AsyncOrganizationDomains:
+        if not getattr(self, "_organization_domains", None):
+            self._organization_domains = AsyncOrganizationDomains(
+                http_client=self._http_client, client_configuration=self
+            )
+        return self._organization_domains
+
+    @property
+    def passwordless(self) -> PasswordlessModule:
+        raise NotImplementedError(
+            "Passwordless APIs are not yet supported in the async client."
+        )
+
+    @property
+    def pipes(self) -> AsyncPipes:
+        if not getattr(self, "_pipes", None):
+            self._pipes = AsyncPipes(self._http_client)
+        return self._pipes
+
+    @property
+    def portal(self) -> PortalModule:
+        raise NotImplementedError(
+            "Portal APIs are not yet supported in the async client."
+        )
+
+    @property
+    def webhooks(self) -> WebhooksModule:
+        raise NotImplementedError("Webhooks are not yet supported in the async client.")
+
+    @property
+    def mfa(self) -> MFAModule:
+        raise NotImplementedError("MFA APIs are not yet supported in the async client.")
+
+    @property
+    def user_management(self) -> AsyncUserManagement:
+        if not getattr(self, "_user_management", None):
+            self._user_management = AsyncUserManagement(
+                http_client=self._http_client, client_configuration=self
+            )
+        return self._user_management
+
+    @property
+    def widgets(self) -> WidgetsModule:
+        raise NotImplementedError(
+            "Widgets APIs are not yet supported in the async client."
+        )
+
+    @property
+    def vault(self) -> VaultModule:
+        raise NotImplementedError(
+            "Vault APIs are not yet supported in the async client."
+        )

workos/audit_logs.py

@@ -0,0 +1,125 @@
+from typing import Optional, Protocol, Sequence
+
+from workos.types.audit_logs import AuditLogExport
+from workos.types.audit_logs.audit_log_event import AuditLogEvent
+from workos.utils.http_client import SyncHTTPClient
+from workos.utils.request_helper import REQUEST_METHOD_GET, REQUEST_METHOD_POST
+
+EVENTS_PATH = "audit_logs/events"
+EXPORTS_PATH = "audit_logs/exports"
+
+
+class AuditLogsModule(Protocol):
+    """Offers methods through the WorkOS Audit Logs service."""
+
+    def create_event(
+        self,
+        *,
+        organization_id: str,
+        event: AuditLogEvent,
+        idempotency_key: Optional[str] = None,
+    ) -> None:
+        """Create an Audit Logs event.
+
+        Kwargs:
+            organization_id (str): Organization's unique identifier.
+            event (AuditLogEvent): An AuditLogEvent object.
+            idempotency_key (str): Idempotency key. (Optional)
+        Returns:
+            None
+        """
+        ...
+
+    def create_export(
+        self,
+        *,
+        organization_id: str,
+        range_start: str,
+        range_end: str,
+        actions: Optional[Sequence[str]] = None,
+        targets: Optional[Sequence[str]] = None,
+        actor_names: Optional[Sequence[str]] = None,
+        actor_ids: Optional[Sequence[str]] = None,
+    ) -> AuditLogExport:
+        """Trigger the creation of an export of audit logs.
+
+        Kwargs:
+            organization_id (str): Organization's unique identifier.
+            range_start (str): Start date of the date range filter.
+            range_end (str): End date of the date range filter.
+            actions (list): Optional list of actions to filter. (Optional)
+            actor_names (list): Optional list of actors to filter by name. (Optional)
+            targets (list): Optional list of targets to filter. (Optional)
+
+        Returns:
+            AuditLogExport: Object that describes the audit log export
+        """
+        ...
+
+    def get_export(self, audit_log_export_id: str) -> AuditLogExport:
+        """Retrieve an created export.
+        Args:
+            audit_log_export_id (str): Audit log export unique identifier.
+        Returns:
+            AuditLogExport: Object that describes the audit log export
+        """
+        ...
+
+
+class AuditLogs(AuditLogsModule):
+    _http_client: SyncHTTPClient
+
+    def __init__(self, http_client: SyncHTTPClient):
+        self._http_client = http_client
+
+    def create_event(
+        self,
+        *,
+        organization_id: str,
+        event: AuditLogEvent,
+        idempotency_key: Optional[str] = None,
+    ) -> None:
+        json = {"organization_id": organization_id, "event": event}
+
+        headers = {}
+        if idempotency_key:
+            headers["idempotency-key"] = idempotency_key
+
+        self._http_client.request(
+            EVENTS_PATH, method=REQUEST_METHOD_POST, json=json, headers=headers
+        )
+
+    def create_export(
+        self,
+        *,
+        organization_id: str,
+        range_start: str,
+        range_end: str,
+        actions: Optional[Sequence[str]] = None,
+        targets: Optional[Sequence[str]] = None,
+        actor_names: Optional[Sequence[str]] = None,
+        actor_ids: Optional[Sequence[str]] = None,
+    ) -> AuditLogExport:
+        json = {
+            "actions": actions,
+            "actor_ids": actor_ids,
+            "actor_names": actor_names,
+            "organization_id": organization_id,
+            "range_start": range_start,
+            "range_end": range_end,
+            "targets": targets,
+        }
+
+        response = self._http_client.request(
+            EXPORTS_PATH, method=REQUEST_METHOD_POST, json=json
+        )
+
+        return AuditLogExport.model_validate(response)
+
+    def get_export(self, audit_log_export_id: str) -> AuditLogExport:
+        response = self._http_client.request(
+            "{0}/{1}".format(EXPORTS_PATH, audit_log_export_id),
+            method=REQUEST_METHOD_GET,
+        )
+
+        return AuditLogExport.model_validate(response)

workos/client.py

@@ -1,56 +1,148 @@
-from workos.audit_trail import AuditTrail
+from typing import Optional
+from workos.__about__ import __version__
+from workos._base_client import BaseClient
+from workos.api_keys import ApiKeys
+from workos.audit_logs import AuditLogs
 from workos.directory_sync import DirectorySync
+from workos.fga import FGA
 from workos.organizations import Organizations
+from workos.organization_domains import OrganizationDomains
 from workos.passwordless import Passwordless
+from workos.pipes import Pipes
 from workos.portal import Portal
 from workos.sso import SSO
 from workos.webhooks import Webhooks
+from workos.mfa import Mfa
+from workos.events import Events
+from workos.user_management import UserManagement
+from workos.utils.http_client import SyncHTTPClient
+from workos.widgets import Widgets
+from workos.vault import Vault
 
 
-class Client(object):
+class SyncClient(BaseClient):
     """Client for a convenient way to access the WorkOS feature set."""
 
+    _http_client: SyncHTTPClient
+
+    def __init__(
+        self,
+        *,
+        api_key: Optional[str] = None,
+        client_id: Optional[str] = None,
+        base_url: Optional[str] = None,
+        request_timeout: Optional[int] = None,
+    ):
+        super().__init__(
+            api_key=api_key,
+            client_id=client_id,
+            base_url=base_url,
+            request_timeout=request_timeout,
+        )
+        self._http_client = SyncHTTPClient(
+            api_key=self._api_key,
+            base_url=self.base_url,
+            client_id=self._client_id,
+            version=__version__,
+            timeout=self.request_timeout,
+        )
+
     @property
-    def sso(self):
+    def api_keys(self) -> ApiKeys:
+        if not getattr(self, "_api_keys", None):
+            self._api_keys = ApiKeys(self._http_client)
+        return self._api_keys
+
+    @property
+    def sso(self) -> SSO:
         if not getattr(self, "_sso", None):
-            self._sso = SSO()
+            self._sso = SSO(http_client=self._http_client, client_configuration=self)
         return self._sso
 
     @property
-    def audit_trail(self):
-        if not getattr(self, "_audit_trail", None):
-            self._audit_trail = AuditTrail()
-        return self._audit_trail
+    def audit_logs(self) -> AuditLogs:
+        if not getattr(self, "_audit_logs", None):
+            self._audit_logs = AuditLogs(self._http_client)
+        return self._audit_logs
 
     @property
-    def directory_sync(self):
+    def directory_sync(self) -> DirectorySync:
         if not getattr(self, "_directory_sync", None):
-            self._directory_sync = DirectorySync()
+            self._directory_sync = DirectorySync(self._http_client)
         return self._directory_sync
 
     @property
-    def organizations(self):
+    def events(self) -> Events:
+        if not getattr(self, "_events", None):
+            self._events = Events(self._http_client)
+        return self._events
+
+    @property
+    def fga(self) -> FGA:
+        if not getattr(self, "_fga", None):
+            self._fga = FGA(self._http_client)
+        return self._fga
+
+    @property
+    def organizations(self) -> Organizations:
         if not getattr(self, "_organizations", None):
-            self._organizations = Organizations()
+            self._organizations = Organizations(self._http_client)
         return self._organizations
 
     @property
-    def passwordless(self):
+    def organization_domains(self) -> OrganizationDomains:
+        if not getattr(self, "_organization_domains", None):
+            self._organization_domains = OrganizationDomains(
+                http_client=self._http_client, client_configuration=self
+            )
+        return self._organization_domains
+
+    @property
+    def passwordless(self) -> Passwordless:
         if not getattr(self, "_passwordless", None):
-            self._passwordless = Passwordless()
+            self._passwordless = Passwordless(self._http_client)
         return self._passwordless
 
     @property
-    def portal(self):
+    def pipes(self) -> Pipes:
+        if not getattr(self, "_pipes", None):
+            self._pipes = Pipes(self._http_client)
+        return self._pipes
+
+    @property
+    def portal(self) -> Portal:
         if not getattr(self, "_portal", None):
-            self._portal = Portal()
+            self._portal = Portal(self._http_client)
         return self._portal
 
     @property
-    def webhooks(self):
+    def webhooks(self) -> Webhooks:
         if not getattr(self, "_webhooks", None):
             self._webhooks = Webhooks()
         return self._webhooks
 
+    @property
+    def mfa(self) -> Mfa:
+        if not getattr(self, "_mfa", None):
+            self._mfa = Mfa(self._http_client)
+        return self._mfa
 
-client = Client()
+    @property
+    def user_management(self) -> UserManagement:
+        if not getattr(self, "_user_management", None):
+            self._user_management = UserManagement(
+                http_client=self._http_client, client_configuration=self
+            )
+        return self._user_management
+
+    @property
+    def widgets(self) -> Widgets:
+        if not getattr(self, "_widgets", None):
+            self._widgets = Widgets(http_client=self._http_client)
+        return self._widgets
+
+    @property
+    def vault(self) -> Vault:
+        if not getattr(self, "_vault", None):
+            self._vault = Vault(http_client=self._http_client)
+        return self._vault