workos 5.29.0__py3-none-any.whl → 5.31.0__py3-none-any.whl

workos/__about__.py

@@ -12,7 +12,7 @@ __package_name__ = "workos"
 
 __package_url__ = "https://github.com/workos-inc/workos-python"
 
-__version__ = "5.29.0"
+__version__ = "5.31.0"
 
 __author__ = "WorkOS"
 

workos/session.py

@@ -4,6 +4,7 @@ from typing import TYPE_CHECKING, List, Protocol
 from functools import lru_cache
 import json
 from typing import Any, Dict, Optional, Union, cast
+
 import jwt
 from jwt import PyJWKClient
 from cryptography.fernet import Fernet
@@ -107,6 +108,7 @@ class SessionModule(Protocol):
             entitlements=decoded.get("entitlements", None),
             user=session["user"],
             impersonator=session.get("impersonator", None),
+            feature_flags=decoded.get("feature_flags", None),
         )
 
     def refresh(
@@ -235,6 +237,7 @@ class Session(SessionModule):
                 entitlements=decoded.get("entitlements", None),
                 user=auth_response.user,
                 impersonator=auth_response.impersonator,
+                feature_flags=decoded.get("feature_flags", None),
             )
         except Exception as e:
             return RefreshWithSessionCookieErrorResponse(
@@ -326,6 +329,7 @@ class AsyncSession(SessionModule):
                 entitlements=decoded.get("entitlements", None),
                 user=auth_response.user,
                 impersonator=auth_response.impersonator,
+                feature_flags=decoded.get("feature_flags", None),
             )
         except Exception as e:
             return RefreshWithSessionCookieErrorResponse(

workos/types/list_resource.py

@@ -34,6 +34,7 @@ from workos.types.mfa import AuthenticationFactor
 from workos.types.organizations import Organization
 from workos.types.sso import ConnectionWithDomains
 from workos.types.user_management import Invitation, OrganizationMembership, User
+from workos.types.user_management.session import Session as UserManagementSession
 from workos.types.vault import ObjectDigest
 from workos.types.workos_model import WorkOSModel
 from workos.utils.request_helper import DEFAULT_LIST_RESPONSE_LIMIT
@@ -54,6 +55,7 @@ ListableResource = TypeVar(
     AuthorizationResource,
     AuthorizationResourceType,
     User,
+    UserManagementSession,
     ObjectDigest,
     Warrant,
     WarrantQueryResult,

workos/types/user_management/__init__.py

@@ -9,3 +9,4 @@ from .password_hash_type import *
 from .password_reset import *
 from .user_management_provider_type import *
 from .user import *
+from .session import *

workos/types/user_management/authenticate_with_common.py

@@ -19,6 +19,7 @@ class AuthenticateWithCodeParameters(AuthenticateWithBaseParameters):
     code_verifier: Union[str, None]
     grant_type: Literal["authorization_code"]
     session: Union[SessionConfig, None]
+    invitation_token: Union[str, None]
 
 
 class AuthenticateWithMagicAuthParameters(AuthenticateWithBaseParameters):

workos/types/user_management/list_filters.py

@@ -23,3 +23,7 @@ class OrganizationMembershipsListFilters(ListArgs, total=False):
 
 class AuthenticationFactorsListFilters(ListArgs, total=False):
     user_id: str
+
+
+class SessionsListFilters(ListArgs, total=False):
+    user_id: str

workos/types/user_management/session.py

@@ -24,6 +24,7 @@ class AuthenticateWithSessionCookieSuccessResponse(WorkOSModel):
     user: User
     impersonator: Optional[Impersonator] = None
     entitlements: Optional[Sequence[str]] = None
+    feature_flags: Optional[Sequence[str]] = None
 
 
 class AuthenticateWithSessionCookieErrorResponse(WorkOSModel):
@@ -45,3 +46,34 @@ class RefreshWithSessionCookieErrorResponse(WorkOSModel):
 class SessionConfig(TypedDict, total=False):
     seal_session: bool
     cookie_password: str
+
+
+AuthMethodType = Literal[
+    "external_auth",
+    "impersonation",
+    "magic_code",
+    "migrated_session",
+    "oauth",
+    "passkey",
+    "password",
+    "sso",
+    "unknown",
+]
+
+
+class Session(WorkOSModel):
+    """Representation of a WorkOS User Management Session."""
+
+    object: Literal["session"]
+    id: str
+    user_id: str
+    organization_id: Optional[str] = None
+    status: str
+    auth_method: AuthMethodType
+    impersonator: Optional[Impersonator] = None
+    ip_address: Optional[str] = None
+    user_agent: Optional[str] = None
+    expires_at: str
+    ended_at: Optional[str] = None
+    created_at: str
+    updated_at: str

workos/user_management.py

@@ -48,6 +48,7 @@ from workos.types.user_management.list_filters import (
 from workos.types.user_management.password_hash_type import PasswordHashType
 from workos.types.user_management.screen_hint import ScreenHintType
 from workos.types.user_management.session import SessionConfig
+from workos.types.user_management.session import Session as UserManagementSession
 from workos.types.user_management.user_management_provider_type import (
     UserManagementProviderType,
 )
@@ -86,6 +87,8 @@ MAGIC_AUTH_DETAIL_PATH = "user_management/magic_auth/{0}"
 MAGIC_AUTH_PATH = "user_management/magic_auth"
 USER_SEND_MAGIC_AUTH_PATH = "user_management/magic_auth/send"
 USER_AUTH_FACTORS_PATH = "user_management/users/{0}/auth_factors"
+USER_SESSIONS_PATH = "user_management/users/{0}/sessions"
+SESSIONS_REVOKE_PATH = "user_management/sessions/revoke"
 EMAIL_VERIFICATION_DETAIL_PATH = "user_management/email_verification/{0}"
 INVITATION_PATH = "user_management/invitations"
 INVITATION_DETAIL_PATH = "user_management/invitations/{0}"
@@ -109,6 +112,12 @@ InvitationsListResource = WorkOSListResource[
     Invitation, InvitationsListFilters, ListMetadata
 ]
 
+from workos.types.user_management.list_filters import SessionsListFilters
+
+SessionsListResource = WorkOSListResource[
+    UserManagementSession, SessionsListFilters, ListMetadata
+]
+
 
 class UserManagementModule(Protocol):
     """Offers methods for using the WorkOS User Management API."""
@@ -488,6 +497,7 @@ class UserManagementModule(Protocol):
         code_verifier: Optional[str] = None,
         ip_address: Optional[str] = None,
         user_agent: Optional[str] = None,
+        invitation_token: Optional[str] = None,
     ) -> SyncOrAsync[AuthenticationResponse]:
         """Authenticates an OAuth user or a user that is logging in through SSO.
 
@@ -498,6 +508,7 @@ class UserManagementModule(Protocol):
                 url as part of the PKCE flow. This parameter is required when the client secret is not present. (Optional)
             ip_address (str): The IP address of the request from the user who is attempting to authenticate. (Optional)
             user_agent (str): The user agent of the request from the user who is attempting to authenticate. (Optional)
+            invitation_token (str): The token of an Invitation, if required. (Optional)
 
         Returns:
             AuthenticationResponse: Authentication response from WorkOS.
@@ -718,6 +729,20 @@ class UserManagementModule(Protocol):
         """
         ...
 
+    def list_sessions(
+        self,
+        *,
+        user_id: str,
+        limit: Optional[int] = None,
+        before: Optional[str] = None,
+        after: Optional[str] = None,
+        order: Optional[PaginationOrder] = "desc",
+    ) -> SyncOrAsync["SessionsListResource"]: ...
+
+    def revoke_session(
+        self, *, session_id: str
+    ) -> SyncOrAsync[UserManagementSession]: ...
+
     def get_magic_auth(self, magic_auth_id: str) -> SyncOrAsync[MagicAuth]:
         """Get the details of a Magic Auth object.
 
@@ -1166,6 +1191,7 @@ class UserManagement(UserManagementModule):
         code_verifier: Optional[str] = None,
         ip_address: Optional[str] = None,
         user_agent: Optional[str] = None,
+        invitation_token: Optional[str] = None,
     ) -> AuthKitAuthenticationResponse:
         if (
             session is not None
@@ -1181,6 +1207,7 @@ class UserManagement(UserManagementModule):
             "user_agent": user_agent,
             "code_verifier": code_verifier,
             "session": session,
+            "invitation_token": invitation_token,
         }
 
         return self._authenticate_with(
@@ -1373,6 +1400,54 @@ class UserManagement(UserManagementModule):
 
         return MagicAuth.model_validate(response)
 
+    def list_sessions(
+        self,
+        *,
+        user_id: str,
+        limit: Optional[int] = DEFAULT_LIST_RESPONSE_LIMIT,
+        before: Optional[str] = None,
+        after: Optional[str] = None,
+        order: Optional[PaginationOrder] = "desc",
+    ) -> "SessionsListResource":
+        limit_value: int = limit if limit is not None else DEFAULT_LIST_RESPONSE_LIMIT
+
+        params: ListArgs = {
+            "limit": limit_value,
+            "before": before,
+            "after": after,
+            "order": order,
+        }
+
+        response = self._http_client.request(
+            USER_SESSIONS_PATH.format(user_id),
+            method=REQUEST_METHOD_GET,
+            params=params,
+        )
+
+        list_args: SessionsListFilters = {
+            "limit": limit_value,
+            "before": before,
+            "after": after,
+            "user_id": user_id,
+        }
+        if order is not None:
+            list_args["order"] = order
+
+        return SessionsListResource(
+            list_method=self.list_sessions,
+            list_args=list_args,
+            **ListPage[UserManagementSession](**response).model_dump(),
+        )
+
+    def revoke_session(self, *, session_id: str) -> UserManagementSession:
+        json = {"session_id": session_id}
+
+        response = self._http_client.request(
+            SESSIONS_REVOKE_PATH, method=REQUEST_METHOD_POST, json=json
+        )
+
+        return UserManagementSession.model_validate(response)
+
     def enroll_auth_factor(
         self,
         *,
@@ -1807,6 +1882,7 @@ class AsyncUserManagement(UserManagementModule):
         code_verifier: Optional[str] = None,
         ip_address: Optional[str] = None,
         user_agent: Optional[str] = None,
+        invitation_token: Optional[str] = None,
     ) -> AuthKitAuthenticationResponse:
         if (
             session is not None
@@ -1822,6 +1898,7 @@ class AsyncUserManagement(UserManagementModule):
             "user_agent": user_agent,
             "code_verifier": code_verifier,
             "session": session,
+            "invitation_token": invitation_token,
         }
 
         return await self._authenticate_with(
@@ -2027,6 +2104,54 @@ class AsyncUserManagement(UserManagementModule):
 
         return MagicAuth.model_validate(response)
 
+    async def list_sessions(
+        self,
+        *,
+        user_id: str,
+        limit: Optional[int] = DEFAULT_LIST_RESPONSE_LIMIT,
+        before: Optional[str] = None,
+        after: Optional[str] = None,
+        order: Optional[PaginationOrder] = "desc",
+    ) -> "SessionsListResource":
+        limit_value: int = limit if limit is not None else DEFAULT_LIST_RESPONSE_LIMIT
+
+        params: ListArgs = {
+            "limit": limit_value,
+            "before": before,
+            "after": after,
+            "order": order,
+        }
+
+        response = await self._http_client.request(
+            USER_SESSIONS_PATH.format(user_id),
+            method=REQUEST_METHOD_GET,
+            params=params,
+        )
+
+        list_args: SessionsListFilters = {
+            "limit": limit_value,
+            "before": before,
+            "after": after,
+            "user_id": user_id,
+        }
+        if order is not None:
+            list_args["order"] = order
+
+        return SessionsListResource(
+            list_method=self.list_sessions,
+            list_args=list_args,
+            **ListPage[UserManagementSession](**response).model_dump(),
+        )
+
+    async def revoke_session(self, *, session_id: str) -> UserManagementSession:
+        json = {"session_id": session_id}
+
+        response = await self._http_client.request(
+            SESSIONS_REVOKE_PATH, method=REQUEST_METHOD_POST, json=json
+        )
+
+        return UserManagementSession.model_validate(response)
+
     async def enroll_auth_factor(
         self,
         *,

{workos-5.29.0.dist-info → workos-5.31.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: workos
-Version: 5.29.0
+Version: 5.31.0
 Summary: WorkOS Python Client
 Home-page: https://github.com/workos-inc/workos-python
 Author: WorkOS

{workos-5.29.0.dist-info → workos-5.31.0.dist-info}/RECORD

@@ -1,4 +1,4 @@
-workos/__about__.py,sha256=ig7DRAa6dkds_8J3NhtXTP12KO0T4nB-9JNj4NgC2No,406
+workos/__about__.py,sha256=sUrMcjQcQtdtxSlUlUuALqeDB8XbntQylllk9swC78M,406
 workos/__init__.py,sha256=hOdbO_MJCvpLx8EbRjQg-fvFAB-glJmrmxUZK8kWG0k,167
 workos/_base_client.py,sha256=YWLXBpd0YeID3WKYZkKa4l9ZuB9e6HgdLmPKZIzXsME,3599
 workos/_client_configuration.py,sha256=g3eXhtrEMN6CW0hZ5uHb2PmLurXjyBkWZeQYMPeJD6s,222
@@ -15,14 +15,14 @@ workos/organizations.py,sha256=_kiS0KbFd6TjOqFxwA2gL2EaDO7cDPKwb3RWlw8sQi4,15285
 workos/passwordless.py,sha256=NGXDoxomBkrIml8-VHXH1HvCFMqotQ-YhRobUQXpVZs,3203
 workos/portal.py,sha256=lzf3fnOor4AyVdHCHMuJzVSpAC9LWWdC5sZIRtCsb0c,2443
 workos/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-workos/session.py,sha256=i5znIJjfMHejpaeXKmRjFR_G5FA9-5KQYAF0VsLasgw,12217
+workos/session.py,sha256=Fh9Y7fyjoX_cK2TayhNzpL725pwrNg-QClsgEfuMZsU,12412
 workos/sso.py,sha256=ZBC3y-IRmxG0jPd0BOj7s7XQkXJoTLUg1fx-h3Gfy4g,13541
-workos/user_management.py,sha256=PW969XfXk02E-JDliGvK45cv_4d3NsXXdQeUiUrZEZc,78126
+workos/user_management.py,sha256=vrqOJO7U8abvnDq36BE7bvqLk9e6diGHeKBH2RYY534,82176
 workos/vault.py,sha256=SJXr3nJ03qJFuf30FjevMD6LLlDNX3MGaKlYGgICRRE,15657
 workos/webhooks.py,sha256=CuwBxh6va9VZFVSXOknveGt6CCGDF3em07a-J12DbXI,4790
 workos/widgets.py,sha256=bfbR0hQOHZabbgGL2ekD5sY1sjiUoWBTdrBd_a6WmBc,1721
 workos/types/__init__.py,sha256=aYScTXq5jOyp0AYvdWffaj5-zdDuNtCCJtbzt5GM19k,267
-workos/types/list_resource.py,sha256=I2ToBP7mNF_LcooHocyX2WckKO0N3_920W7cKFDBfks,6638
+workos/types/list_resource.py,sha256=VcJaz8qE91y9t-PRI0mTjzPdtyoU8EGAo6-TJGjbqzg,6747
 workos/types/metadata.py,sha256=uUqDkGJGyFY3H4JZObSiCfn4jKBue5CBhOqv79TI1n0,52
 workos/types/workos_model.py,sha256=bV_p3baadcUJOU_7f6ysZ6KXhpt3E_93spuZnfJs9vc,735
 workos/types/audit_logs/__init__.py,sha256=daPn8wAVEnlM1fCpOsy3dVZV_0YEp8bA1T_nhk5-pU8,211
@@ -91,20 +91,20 @@ workos/types/sso/connection.py,sha256=GTpaS02EMv2cJAkt20tSxldVCcKQlpl37vQSIAIHSd
 workos/types/sso/connection_domain.py,sha256=kMa9GatwUl6YilMU9iiyUKXFfEUKWYub7PyjjYmqhLc,185
 workos/types/sso/profile.py,sha256=IWHpg2GdIvE7eAGi1RJheAqp9AozsKuGfiFc9_IteHI,1075
 workos/types/sso/sso_provider_type.py,sha256=JfO-Ta1wJP7jhtbnWKcS9tElMK_7P6AM10nY-7mM4XE,159
-workos/types/user_management/__init__.py,sha256=Z4KR9pBDb1pbCL26WxSuNLautf4mOVqntWztNr6i6QQ,361
-workos/types/user_management/authenticate_with_common.py,sha256=7YNj_hGzn9Vt2GVKzGfJiAFAjg0QHMJBhT_olXdikug,2062
+workos/types/user_management/__init__.py,sha256=paHEZ8-QWPjX6PftupYRRVqfy6tVNevfl2kAD3ZgEZw,384
+workos/types/user_management/authenticate_with_common.py,sha256=2mGRfIgoeX5Ee7c_rxQm6rb6PHyaIBHbGFQsWAhGhY8,2101
 workos/types/user_management/authentication_response.py,sha256=2A6vU8FBEE7bXl5aULB-s80_xsR9caqC9tSr9Yq1NtE,1437
 workos/types/user_management/email_verification.py,sha256=4EqlN7qZBVTZGKaU9WdCSdgFjOMZtkYWTolE-h_hTXA,399
 workos/types/user_management/impersonator.py,sha256=_PAPYg_Q1M8wpwtnkQxuA2vtUIwvs_G30vYY91aqw8E,192
 workos/types/user_management/invitation.py,sha256=4fK-Fk786MlhzZvvOrZtU_6SCJXmem3xw62SkBE1c-0,721
-workos/types/user_management/list_filters.py,sha256=qgJUKUuVmBIG1g-rdaq9vLAW1gu14WzJ67ctPVlFEtg,687
+workos/types/user_management/list_filters.py,sha256=9QH4UbU28LaZ1iyiMs8H6heqbWpbCunD2MYmO_qA9pY,756
 workos/types/user_management/magic_auth.py,sha256=Sda13_uMOC-hHlyGeOXNnCn-HrpwUmtrf2hO5ek9U98,359
 workos/types/user_management/oauth_tokens.py,sha256=pANk6AyqyRq6hrOrJYQ9AHALVxUbqhGnggzD8PVV-Ew,468
 workos/types/user_management/organization_membership.py,sha256=dllONFtD1IZZiyqxnV8lJpJyH55OeOeaHRBDZlcWLwk,735
 workos/types/user_management/password_hash_type.py,sha256=1752LWdXbaH6TZ6IxbJWeRwlYXX9zN5iJATTaDrCQVA,93
 workos/types/user_management/password_reset.py,sha256=-NJCfEh4Q1xS9fFXJaF_acYeuUc9POqERLh8urMhqt8,403
 workos/types/user_management/screen_hint.py,sha256=DnPgvjRK-20i82v3YPzggna1rc6yOMyhiqwUdk01L3s,75
-workos/types/user_management/session.py,sha256=ckDH0Opgp8-w-08FBJax3sPNCGzxSg9z1JzsjbUNryQ,1434
+workos/types/user_management/session.py,sha256=crNGjN5pwGM3rXET7iCp0PZpSBK826P_bRlpFOhM5-4,2128
 workos/types/user_management/user.py,sha256=aXRHsLXnQbXWBPRTdAP9Ym_-D9hjmrp_E4PTPi1gF1s,603
 workos/types/user_management/user_management_provider_type.py,sha256=t7S3zLf9n9GSYQJjshGRdiAfebYQKziGmUgbBlOmYuE,185
 workos/types/vault/__init__.py,sha256=krBuIl8luysrtDf9-b8KTkXOHDOaSsOR-Aao6Wlil0Q,41
@@ -128,8 +128,8 @@ workos/utils/crypto_provider.py,sha256=QeQSR4t9xLlb90kEfl8onVUsf1yCkYq0EjFTxK0mU
 workos/utils/http_client.py,sha256=TM5yMFFExmAE8D2Z43-5O301tRbnylLG0aXO0isGorE,6197
 workos/utils/pagination_order.py,sha256=_-et1DDJLG0czarTU7op4W6RA0V1f85GNsUgtyRU55Q,70
 workos/utils/request_helper.py,sha256=NaO16qPPbSNnCeE0fiNKYb8gM-dK_okYVJbLGrEGXz8,793
-workos-5.29.0.dist-info/LICENSE,sha256=mU--WL1JzelH2tXpKVoOlpud4cpqKSRTtdArCvYZmb4,1063
-workos-5.29.0.dist-info/METADATA,sha256=TazcEUR6BRrDtctstXayz4J1kIHOv6-vfifNzi2bn7U,4187
-workos-5.29.0.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
-workos-5.29.0.dist-info/top_level.txt,sha256=ZFskIfue1Tw-JwjyIXRvdsAl9i0DX9VbqmgICXV84Sk,7
-workos-5.29.0.dist-info/RECORD,,
+workos-5.31.0.dist-info/LICENSE,sha256=mU--WL1JzelH2tXpKVoOlpud4cpqKSRTtdArCvYZmb4,1063
+workos-5.31.0.dist-info/METADATA,sha256=YUFDYHxuihkBeFTZ3EbNagDQuyDcI431mVt8mNGFtc0,4187
+workos-5.31.0.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
+workos-5.31.0.dist-info/top_level.txt,sha256=ZFskIfue1Tw-JwjyIXRvdsAl9i0DX9VbqmgICXV84Sk,7
+workos-5.31.0.dist-info/RECORD,,