@workos-inc/node
Advanced tools
Comparing version 7.14.0 to 7.15.0
@@ -9,2 +9,3 @@ import { AppInfo } from './app-info.interface'; | ||
fetchFn?: typeof fetch; | ||
clientId?: string; | ||
} |
@@ -1,2 +0,1 @@ | ||
/// <reference types="node" /> | ||
import { HttpClient, HttpClientResponse } from './http-client'; | ||
@@ -3,0 +2,0 @@ import { HttpClientInterface, HttpClientResponseInterface, RequestOptions } from '../interfaces/http-client.interface'; |
@@ -0,1 +1,5 @@ | ||
export interface AuthenticateWithSessionOptions { | ||
cookiePassword?: string; | ||
sealSession: boolean; | ||
} | ||
export interface AuthenticateWithOptionsBase { | ||
@@ -5,2 +9,3 @@ clientId: string; | ||
userAgent?: string; | ||
session?: AuthenticateWithSessionOptions; | ||
} | ||
@@ -7,0 +12,0 @@ export interface SerializedAuthenticateWithOptionsBase { |
@@ -11,2 +11,3 @@ import { Impersonator, ImpersonatorResponse } from './impersonator.interface'; | ||
authenticationMethod?: AuthenticationMethod; | ||
sealedSession?: string; | ||
} | ||
@@ -13,0 +14,0 @@ export interface AuthenticationResponseResponse { |
@@ -10,2 +10,3 @@ export * from './authenticate-with-magic-auth-options.interface'; | ||
export * from './authenticate-with-refresh-token-options.interface'; | ||
export * from './authenticate-with-session-cookie.interface'; | ||
export * from './authenticate-with-totp-options.interface'; | ||
@@ -29,2 +30,3 @@ export * from './authentication-response.interface'; | ||
export * from './password-reset.interface'; | ||
export * from './refresh-and-seal-session-data.interface'; | ||
export * from './reset-password-options.interface'; | ||
@@ -31,0 +33,0 @@ export * from './revoke-session-options.interface'; |
@@ -26,2 +26,3 @@ "use strict"; | ||
__exportStar(require("./authenticate-with-refresh-token-options.interface"), exports); | ||
__exportStar(require("./authenticate-with-session-cookie.interface"), exports); | ||
__exportStar(require("./authenticate-with-totp-options.interface"), exports); | ||
@@ -45,2 +46,3 @@ __exportStar(require("./authentication-response.interface"), exports); | ||
__exportStar(require("./password-reset.interface"), exports); | ||
__exportStar(require("./refresh-and-seal-session-data.interface"), exports); | ||
__exportStar(require("./reset-password-options.interface"), exports); | ||
@@ -47,0 +49,0 @@ __exportStar(require("./revoke-session-options.interface"), exports); |
@@ -1,20 +0,24 @@ | ||
import { WorkOS } from '../workos'; | ||
import { AutoPaginatable } from '../common/utils/pagination'; | ||
import { AuthenticateWithCodeOptions, AuthenticateWithMagicAuthOptions, AuthenticateWithPasswordOptions, AuthenticateWithTotpOptions, AuthenticationResponse, ResetPasswordOptions, SendPasswordResetEmailOptions, CreateUserOptions, EnrollAuthFactorOptions, ListAuthFactorsOptions, ListUsersOptions, SendMagicAuthCodeOptions, SendVerificationEmailOptions, UpdateUserOptions, User, VerifyEmailOptions, AuthenticateWithRefreshTokenOptions, MagicAuth, CreateMagicAuthOptions, EmailVerification, PasswordReset, CreatePasswordResetOptions } from './interfaces'; | ||
import { Challenge } from '../mfa/interfaces'; | ||
import { OrganizationMembership } from './interfaces/organization-membership.interface'; | ||
import { ListOrganizationMembershipsOptions } from './interfaces/list-organization-memberships-options.interface'; | ||
import { WorkOS } from '../workos'; | ||
import { AuthenticateWithCodeOptions, AuthenticateWithMagicAuthOptions, AuthenticateWithPasswordOptions, AuthenticateWithRefreshTokenOptions, AuthenticateWithTotpOptions, AuthenticationResponse, CreateMagicAuthOptions, CreatePasswordResetOptions, CreateUserOptions, EmailVerification, EnrollAuthFactorOptions, ListAuthFactorsOptions, ListUsersOptions, MagicAuth, PasswordReset, ResetPasswordOptions, SendMagicAuthCodeOptions, SendPasswordResetEmailOptions, SendVerificationEmailOptions, UpdateUserOptions, User, VerifyEmailOptions } from './interfaces'; | ||
import { AuthenticateWithEmailVerificationOptions } from './interfaces/authenticate-with-email-verification-options.interface'; | ||
import { AuthenticateWithOrganizationSelectionOptions } from './interfaces/authenticate-with-organization-selection.interface'; | ||
import { AuthenticateWithSessionCookieFailedResponse, AuthenticateWithSessionCookieSuccessResponse, SessionCookieData } from './interfaces/authenticate-with-session-cookie.interface'; | ||
import { AuthorizationURLOptions } from './interfaces/authorization-url-options.interface'; | ||
import { CreateOrganizationMembershipOptions } from './interfaces/create-organization-membership-options.interface'; | ||
import { Factor, FactorWithSecrets } from './interfaces/factor.interface'; | ||
import { Identity } from './interfaces/identity.interface'; | ||
import { Invitation } from './interfaces/invitation.interface'; | ||
import { ListInvitationsOptions } from './interfaces/list-invitations-options.interface'; | ||
import { ListOrganizationMembershipsOptions } from './interfaces/list-organization-memberships-options.interface'; | ||
import { OrganizationMembership } from './interfaces/organization-membership.interface'; | ||
import { RefreshAndSealSessionDataResponse } from './interfaces/refresh-and-seal-session-data.interface'; | ||
import { RevokeSessionOptions } from './interfaces/revoke-session-options.interface'; | ||
import { SendInvitationOptions } from './interfaces/send-invitation-options.interface'; | ||
import { AuthorizationURLOptions } from './interfaces/authorization-url-options.interface'; | ||
import { AuthenticateWithEmailVerificationOptions } from './interfaces/authenticate-with-email-verification-options.interface'; | ||
import { AuthenticateWithOrganizationSelectionOptions } from './interfaces/authenticate-with-organization-selection.interface'; | ||
import { Factor, FactorWithSecrets } from './interfaces/factor.interface'; | ||
import { RevokeSessionOptions } from './interfaces/revoke-session-options.interface'; | ||
import { SessionHandlerOptions } from './interfaces/session-handler-options.interface'; | ||
import { UpdateOrganizationMembershipOptions } from './interfaces/update-organization-membership-options.interface'; | ||
import { Identity } from './interfaces/identity.interface'; | ||
export declare class UserManagement { | ||
private readonly workos; | ||
private jwks; | ||
constructor(workos: WorkOS); | ||
@@ -31,2 +35,8 @@ getUser(userId: string): Promise<User>; | ||
authenticateWithOrganizationSelection(payload: AuthenticateWithOrganizationSelectionOptions): Promise<AuthenticationResponse>; | ||
authenticateWithSessionCookie({ sessionData, cookiePassword, }: SessionHandlerOptions): Promise<AuthenticateWithSessionCookieSuccessResponse | AuthenticateWithSessionCookieFailedResponse>; | ||
private isValidJwt; | ||
refreshAndSealSessionData({ sessionData, cookiePassword, }: SessionHandlerOptions): Promise<RefreshAndSealSessionDataResponse>; | ||
private prepareAuthenticationResponse; | ||
private sealSessionDataFromAuthenticationResponse; | ||
getSessionFromCookie({ sessionData, cookiePassword, }: SessionHandlerOptions): Promise<SessionCookieData | undefined>; | ||
getEmailVerification(emailVerificationId: string): Promise<EmailVerification>; | ||
@@ -33,0 +43,0 @@ sendVerificationEmail({ userId, }: SendVerificationEmailOptions): Promise<{ |
@@ -24,19 +24,24 @@ "use strict"; | ||
exports.UserManagement = void 0; | ||
const iron_session_1 = require("iron-session"); | ||
const jose_1 = require("jose"); | ||
const oauth_exception_1 = require("../common/exceptions/oauth.exception"); | ||
const fetch_and_deserialize_1 = require("../common/utils/fetch-and-deserialize"); | ||
const pagination_1 = require("../common/utils/pagination"); | ||
const serializers_1 = require("./serializers"); | ||
const fetch_and_deserialize_1 = require("../common/utils/fetch-and-deserialize"); | ||
const serializers_2 = require("../mfa/serializers"); | ||
const organization_membership_serializer_1 = require("./serializers/organization-membership.serializer"); | ||
const list_organization_memberships_options_serializer_1 = require("./serializers/list-organization-memberships-options.serializer"); | ||
const serializers_1 = require("../mfa/serializers"); | ||
const authenticate_with_session_cookie_interface_1 = require("./interfaces/authenticate-with-session-cookie.interface"); | ||
const refresh_and_seal_session_data_interface_1 = require("./interfaces/refresh-and-seal-session-data.interface"); | ||
const revoke_session_options_interface_1 = require("./interfaces/revoke-session-options.interface"); | ||
const serializers_2 = require("./serializers"); | ||
const authenticate_with_email_verification_serializer_1 = require("./serializers/authenticate-with-email-verification.serializer"); | ||
const authenticate_with_organization_selection_options_serializer_1 = require("./serializers/authenticate-with-organization-selection-options.serializer"); | ||
const create_organization_membership_options_serializer_1 = require("./serializers/create-organization-membership-options.serializer"); | ||
const factor_serializer_1 = require("./serializers/factor.serializer"); | ||
const identity_serializer_1 = require("./serializers/identity.serializer"); | ||
const invitation_serializer_1 = require("./serializers/invitation.serializer"); | ||
const list_invitations_options_serializer_1 = require("./serializers/list-invitations-options.serializer"); | ||
const list_organization_memberships_options_serializer_1 = require("./serializers/list-organization-memberships-options.serializer"); | ||
const list_users_options_serializer_1 = require("./serializers/list-users-options.serializer"); | ||
const organization_membership_serializer_1 = require("./serializers/organization-membership.serializer"); | ||
const send_invitation_options_serializer_1 = require("./serializers/send-invitation-options.serializer"); | ||
const list_users_options_serializer_1 = require("./serializers/list-users-options.serializer"); | ||
const authenticate_with_email_verification_serializer_1 = require("./serializers/authenticate-with-email-verification.serializer"); | ||
const authenticate_with_organization_selection_options_serializer_1 = require("./serializers/authenticate-with-organization-selection-options.serializer"); | ||
const factor_serializer_1 = require("./serializers/factor.serializer"); | ||
const revoke_session_options_interface_1 = require("./interfaces/revoke-session-options.interface"); | ||
const update_organization_membership_options_serializer_1 = require("./serializers/update-organization-membership-options.serializer"); | ||
const identity_serializer_1 = require("./serializers/identity.serializer"); | ||
const toQueryString = (options) => { | ||
@@ -56,2 +61,7 @@ const searchParams = new URLSearchParams(); | ||
this.workos = workos; | ||
const { clientId } = workos.options; | ||
// Set the JWKS URL. This is used to verify if the JWT is still valid | ||
this.jwks = clientId | ||
? (0, jose_1.createRemoteJWKSet)(new URL(this.getJwksUrl(clientId))) | ||
: undefined; | ||
} | ||
@@ -61,3 +71,3 @@ getUser(userId) { | ||
const { data } = yield this.workos.get(`/user_management/users/${userId}`); | ||
return (0, serializers_1.deserializeUser)(data); | ||
return (0, serializers_2.deserializeUser)(data); | ||
}); | ||
@@ -67,3 +77,3 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
return new pagination_1.AutoPaginatable(yield (0, fetch_and_deserialize_1.fetchAndDeserialize)(this.workos, '/user_management/users', serializers_1.deserializeUser, options ? (0, list_users_options_serializer_1.serializeListUsersOptions)(options) : undefined), (params) => (0, fetch_and_deserialize_1.fetchAndDeserialize)(this.workos, '/user_management/users', serializers_1.deserializeUser, params), options ? (0, list_users_options_serializer_1.serializeListUsersOptions)(options) : undefined); | ||
return new pagination_1.AutoPaginatable(yield (0, fetch_and_deserialize_1.fetchAndDeserialize)(this.workos, '/user_management/users', serializers_2.deserializeUser, options ? (0, list_users_options_serializer_1.serializeListUsersOptions)(options) : undefined), (params) => (0, fetch_and_deserialize_1.fetchAndDeserialize)(this.workos, '/user_management/users', serializers_2.deserializeUser, params), options ? (0, list_users_options_serializer_1.serializeListUsersOptions)(options) : undefined); | ||
}); | ||
@@ -73,4 +83,4 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.post('/user_management/users', (0, serializers_1.serializeCreateUserOptions)(payload)); | ||
return (0, serializers_1.deserializeUser)(data); | ||
const { data } = yield this.workos.post('/user_management/users', (0, serializers_2.serializeCreateUserOptions)(payload)); | ||
return (0, serializers_2.deserializeUser)(data); | ||
}); | ||
@@ -80,4 +90,8 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, serializers_1.serializeAuthenticateWithMagicAuthOptions)(Object.assign(Object.assign({}, payload), { clientSecret: this.workos.key }))); | ||
return (0, serializers_1.deserializeAuthenticationResponse)(data); | ||
const { session } = payload, remainingPayload = __rest(payload, ["session"]); | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, serializers_2.serializeAuthenticateWithMagicAuthOptions)(Object.assign(Object.assign({}, remainingPayload), { clientSecret: this.workos.key }))); | ||
return this.prepareAuthenticationResponse({ | ||
authenticationResponse: (0, serializers_2.deserializeAuthenticationResponse)(data), | ||
session, | ||
}); | ||
}); | ||
@@ -87,4 +101,8 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, serializers_1.serializeAuthenticateWithPasswordOptions)(Object.assign(Object.assign({}, payload), { clientSecret: this.workos.key }))); | ||
return (0, serializers_1.deserializeAuthenticationResponse)(data); | ||
const { session } = payload, remainingPayload = __rest(payload, ["session"]); | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, serializers_2.serializeAuthenticateWithPasswordOptions)(Object.assign(Object.assign({}, remainingPayload), { clientSecret: this.workos.key }))); | ||
return this.prepareAuthenticationResponse({ | ||
authenticationResponse: (0, serializers_2.deserializeAuthenticationResponse)(data), | ||
session, | ||
}); | ||
}); | ||
@@ -94,4 +112,8 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, serializers_1.serializeAuthenticateWithCodeOptions)(Object.assign(Object.assign({}, payload), { clientSecret: this.workos.key }))); | ||
return (0, serializers_1.deserializeAuthenticationResponse)(data); | ||
const { session } = payload, remainingPayload = __rest(payload, ["session"]); | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, serializers_2.serializeAuthenticateWithCodeOptions)(Object.assign(Object.assign({}, remainingPayload), { clientSecret: this.workos.key }))); | ||
return this.prepareAuthenticationResponse({ | ||
authenticationResponse: (0, serializers_2.deserializeAuthenticationResponse)(data), | ||
session, | ||
}); | ||
}); | ||
@@ -101,4 +123,8 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, serializers_1.serializeAuthenticateWithRefreshTokenOptions)(Object.assign(Object.assign({}, payload), { clientSecret: this.workos.key }))); | ||
return (0, serializers_1.deserializeAuthenticationResponse)(data); | ||
const { session } = payload, remainingPayload = __rest(payload, ["session"]); | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, serializers_2.serializeAuthenticateWithRefreshTokenOptions)(Object.assign(Object.assign({}, remainingPayload), { clientSecret: this.workos.key }))); | ||
return this.prepareAuthenticationResponse({ | ||
authenticationResponse: (0, serializers_2.deserializeAuthenticationResponse)(data), | ||
session, | ||
}); | ||
}); | ||
@@ -108,4 +134,8 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, serializers_1.serializeAuthenticateWithTotpOptions)(Object.assign(Object.assign({}, payload), { clientSecret: this.workos.key }))); | ||
return (0, serializers_1.deserializeAuthenticationResponse)(data); | ||
const { session } = payload, remainingPayload = __rest(payload, ["session"]); | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, serializers_2.serializeAuthenticateWithTotpOptions)(Object.assign(Object.assign({}, remainingPayload), { clientSecret: this.workos.key }))); | ||
return this.prepareAuthenticationResponse({ | ||
authenticationResponse: (0, serializers_2.deserializeAuthenticationResponse)(data), | ||
session, | ||
}); | ||
}); | ||
@@ -115,4 +145,8 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, authenticate_with_email_verification_serializer_1.serializeAuthenticateWithEmailVerificationOptions)(Object.assign(Object.assign({}, payload), { clientSecret: this.workos.key }))); | ||
return (0, serializers_1.deserializeAuthenticationResponse)(data); | ||
const { session } = payload, remainingPayload = __rest(payload, ["session"]); | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, authenticate_with_email_verification_serializer_1.serializeAuthenticateWithEmailVerificationOptions)(Object.assign(Object.assign({}, remainingPayload), { clientSecret: this.workos.key }))); | ||
return this.prepareAuthenticationResponse({ | ||
authenticationResponse: (0, serializers_2.deserializeAuthenticationResponse)(data), | ||
session, | ||
}); | ||
}); | ||
@@ -122,10 +156,154 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, authenticate_with_organization_selection_options_serializer_1.serializeAuthenticateWithOrganizationSelectionOptions)(Object.assign(Object.assign({}, payload), { clientSecret: this.workos.key }))); | ||
return (0, serializers_1.deserializeAuthenticationResponse)(data); | ||
const { session } = payload, remainingPayload = __rest(payload, ["session"]); | ||
const { data } = yield this.workos.post('/user_management/authenticate', (0, authenticate_with_organization_selection_options_serializer_1.serializeAuthenticateWithOrganizationSelectionOptions)(Object.assign(Object.assign({}, remainingPayload), { clientSecret: this.workos.key }))); | ||
return this.prepareAuthenticationResponse({ | ||
authenticationResponse: (0, serializers_2.deserializeAuthenticationResponse)(data), | ||
session, | ||
}); | ||
}); | ||
} | ||
authenticateWithSessionCookie({ sessionData, cookiePassword = process.env.WORKOS_COOKIE_PASSWORD, }) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
if (!cookiePassword) { | ||
throw new Error('Cookie password is required'); | ||
} | ||
if (!this.jwks) { | ||
throw new Error('Must provide clientId to initialize JWKS'); | ||
} | ||
if (!sessionData) { | ||
return { | ||
authenticated: false, | ||
reason: authenticate_with_session_cookie_interface_1.AuthenticateWithSessionCookieFailureReason.NO_SESSION_COOKIE_PROVIDED, | ||
}; | ||
} | ||
const session = yield (0, iron_session_1.unsealData)(sessionData, { | ||
password: cookiePassword, | ||
}); | ||
if (!session.accessToken) { | ||
return { | ||
authenticated: false, | ||
reason: authenticate_with_session_cookie_interface_1.AuthenticateWithSessionCookieFailureReason.INVALID_SESSION_COOKIE, | ||
}; | ||
} | ||
if (!(yield this.isValidJwt(session.accessToken))) { | ||
return { | ||
authenticated: false, | ||
reason: authenticate_with_session_cookie_interface_1.AuthenticateWithSessionCookieFailureReason.INVALID_JWT, | ||
}; | ||
} | ||
const { sid: sessionId, org_id: organizationId, role, permissions, } = (0, jose_1.decodeJwt)(session.accessToken); | ||
return { | ||
authenticated: true, | ||
sessionId, | ||
organizationId, | ||
role, | ||
permissions, | ||
}; | ||
}); | ||
} | ||
isValidJwt(accessToken) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
if (!this.jwks) { | ||
throw new Error('Must provide clientId to initialize JWKS'); | ||
} | ||
try { | ||
yield (0, jose_1.jwtVerify)(accessToken, this.jwks); | ||
return true; | ||
} | ||
catch (e) { | ||
return false; | ||
} | ||
}); | ||
} | ||
refreshAndSealSessionData({ sessionData, cookiePassword = process.env.WORKOS_COOKIE_PASSWORD, }) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
if (!cookiePassword) { | ||
throw new Error('Cookie password is required'); | ||
} | ||
if (!sessionData) { | ||
return { | ||
authenticated: false, | ||
reason: refresh_and_seal_session_data_interface_1.RefreshAndSealSessionDataFailureReason.NO_SESSION_COOKIE_PROVIDED, | ||
}; | ||
} | ||
const session = yield (0, iron_session_1.unsealData)(sessionData, { | ||
password: cookiePassword, | ||
}); | ||
if (!session.refreshToken || !session.user) { | ||
return { | ||
authenticated: false, | ||
reason: refresh_and_seal_session_data_interface_1.RefreshAndSealSessionDataFailureReason.INVALID_SESSION_COOKE, | ||
}; | ||
} | ||
try { | ||
const { sealedSession } = yield this.authenticateWithRefreshToken({ | ||
clientId: this.workos.clientId, | ||
refreshToken: session.refreshToken, | ||
session: { sealSession: true, cookiePassword }, | ||
}); | ||
if (!sealedSession) { | ||
return { | ||
authenticated: false, | ||
reason: refresh_and_seal_session_data_interface_1.RefreshAndSealSessionDataFailureReason.INVALID_SESSION_COOKE, | ||
}; | ||
} | ||
return { authenticated: true, sealedSession }; | ||
} | ||
catch (error) { | ||
if (error instanceof oauth_exception_1.OauthException && | ||
// TODO: Add additional known errors and remove re-throw | ||
(error.error === refresh_and_seal_session_data_interface_1.RefreshAndSealSessionDataFailureReason.INVALID_GRANT || | ||
error.error === | ||
refresh_and_seal_session_data_interface_1.RefreshAndSealSessionDataFailureReason.ORGANIZATION_NOT_AUTHORIZED)) { | ||
return { | ||
authenticated: false, | ||
reason: error.error, | ||
}; | ||
} | ||
throw error; | ||
} | ||
}); | ||
} | ||
prepareAuthenticationResponse({ authenticationResponse, session, }) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
if (session) { | ||
return Object.assign(Object.assign({}, authenticationResponse), { sealedSession: yield this.sealSessionDataFromAuthenticationResponse({ | ||
authenticationResponse, | ||
cookiePassword: session.cookiePassword, | ||
}) }); | ||
} | ||
return authenticationResponse; | ||
}); | ||
} | ||
sealSessionDataFromAuthenticationResponse({ authenticationResponse, cookiePassword, }) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
if (!cookiePassword) { | ||
throw new Error('Cookie password is required'); | ||
} | ||
const sessionData = { | ||
user: authenticationResponse.user, | ||
accessToken: authenticationResponse.accessToken, | ||
refreshToken: authenticationResponse.refreshToken, | ||
impersonator: authenticationResponse.impersonator, | ||
}; | ||
return (0, iron_session_1.sealData)(sessionData, { password: cookiePassword }); | ||
}); | ||
} | ||
getSessionFromCookie({ sessionData, cookiePassword = process.env.WORKOS_COOKIE_PASSWORD, }) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
if (!cookiePassword) { | ||
throw new Error('Cookie password is required'); | ||
} | ||
if (sessionData) { | ||
return (0, iron_session_1.unsealData)(sessionData, { | ||
password: cookiePassword, | ||
}); | ||
} | ||
return undefined; | ||
}); | ||
} | ||
getEmailVerification(emailVerificationId) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.get(`/user_management/email_verification/${emailVerificationId}`); | ||
return (0, serializers_1.deserializeEmailVerification)(data); | ||
return (0, serializers_2.deserializeEmailVerification)(data); | ||
}); | ||
@@ -136,3 +314,3 @@ } | ||
const { data } = yield this.workos.post(`/user_management/users/${userId}/email_verification/send`, {}); | ||
return { user: (0, serializers_1.deserializeUser)(data.user) }; | ||
return { user: (0, serializers_2.deserializeUser)(data.user) }; | ||
}); | ||
@@ -143,3 +321,3 @@ } | ||
const { data } = yield this.workos.get(`/user_management/magic_auth/${magicAuthId}`); | ||
return (0, serializers_1.deserializeMagicAuth)(data); | ||
return (0, serializers_2.deserializeMagicAuth)(data); | ||
}); | ||
@@ -149,4 +327,4 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.post('/user_management/magic_auth', (0, serializers_1.serializeCreateMagicAuthOptions)(Object.assign({}, options))); | ||
return (0, serializers_1.deserializeMagicAuth)(data); | ||
const { data } = yield this.workos.post('/user_management/magic_auth', (0, serializers_2.serializeCreateMagicAuthOptions)(Object.assign({}, options))); | ||
return (0, serializers_2.deserializeMagicAuth)(data); | ||
}); | ||
@@ -159,3 +337,3 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
yield this.workos.post('/user_management/magic_auth/send', (0, serializers_1.serializeSendMagicAuthCodeOptions)(options)); | ||
yield this.workos.post('/user_management/magic_auth/send', (0, serializers_2.serializeSendMagicAuthCodeOptions)(options)); | ||
}); | ||
@@ -168,3 +346,3 @@ } | ||
}); | ||
return { user: (0, serializers_1.deserializeUser)(data.user) }; | ||
return { user: (0, serializers_2.deserializeUser)(data.user) }; | ||
}); | ||
@@ -175,3 +353,3 @@ } | ||
const { data } = yield this.workos.get(`/user_management/password_reset/${passwordResetId}`); | ||
return (0, serializers_1.deserializePasswordReset)(data); | ||
return (0, serializers_2.deserializePasswordReset)(data); | ||
}); | ||
@@ -181,4 +359,4 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.post('/user_management/password_reset', (0, serializers_1.serializeCreatePasswordResetOptions)(Object.assign({}, options))); | ||
return (0, serializers_1.deserializePasswordReset)(data); | ||
const { data } = yield this.workos.post('/user_management/password_reset', (0, serializers_2.serializeCreatePasswordResetOptions)(Object.assign({}, options))); | ||
return (0, serializers_2.deserializePasswordReset)(data); | ||
}); | ||
@@ -191,3 +369,3 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
yield this.workos.post('/user_management/password_reset/send', (0, serializers_1.serializeSendPasswordResetEmailOptions)(payload)); | ||
yield this.workos.post('/user_management/password_reset/send', (0, serializers_2.serializeSendPasswordResetEmailOptions)(payload)); | ||
}); | ||
@@ -197,4 +375,4 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.post('/user_management/password_reset/confirm', (0, serializers_1.serializeResetPasswordOptions)(payload)); | ||
return { user: (0, serializers_1.deserializeUser)(data.user) }; | ||
const { data } = yield this.workos.post('/user_management/password_reset/confirm', (0, serializers_2.serializeResetPasswordOptions)(payload)); | ||
return { user: (0, serializers_2.deserializeUser)(data.user) }; | ||
}); | ||
@@ -204,4 +382,4 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.put(`/user_management/users/${payload.userId}`, (0, serializers_1.serializeUpdateUserOptions)(payload)); | ||
return (0, serializers_1.deserializeUser)(data); | ||
const { data } = yield this.workos.put(`/user_management/users/${payload.userId}`, (0, serializers_2.serializeUpdateUserOptions)(payload)); | ||
return (0, serializers_2.deserializeUser)(data); | ||
}); | ||
@@ -211,6 +389,6 @@ } | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const { data } = yield this.workos.post(`/user_management/users/${payload.userId}/auth_factors`, (0, serializers_1.serializeEnrollAuthFactorOptions)(payload)); | ||
const { data } = yield this.workos.post(`/user_management/users/${payload.userId}/auth_factors`, (0, serializers_2.serializeEnrollAuthFactorOptions)(payload)); | ||
return { | ||
authenticationFactor: (0, serializers_1.deserializeFactorWithSecrets)(data.authentication_factor), | ||
authenticationChallenge: (0, serializers_2.deserializeChallenge)(data.authentication_challenge), | ||
authenticationFactor: (0, serializers_2.deserializeFactorWithSecrets)(data.authentication_factor), | ||
authenticationChallenge: (0, serializers_1.deserializeChallenge)(data.authentication_challenge), | ||
}; | ||
@@ -217,0 +395,0 @@ }); |
@@ -19,2 +19,3 @@ import { GetOptions, PostOptions, PutOptions, WorkOSOptions } from './common/interfaces'; | ||
readonly client: HttpClient; | ||
readonly clientId?: string; | ||
readonly auditLogs: AuditLogs; | ||
@@ -21,0 +22,0 @@ readonly directorySync: DirectorySync; |
@@ -29,6 +29,7 @@ "use strict"; | ||
const fetch_client_1 = require("./common/net/fetch-client"); | ||
const VERSION = '7.14.0'; | ||
const VERSION = '7.15.0'; | ||
const DEFAULT_HOSTNAME = 'api.workos.com'; | ||
class WorkOS { | ||
constructor(key, options = {}) { | ||
var _a; | ||
this.key = key; | ||
@@ -45,3 +46,2 @@ this.options = options; | ||
this.events = new events_1.Events(this); | ||
this.userManagement = new user_management_1.UserManagement(this); | ||
if (!key) { | ||
@@ -57,2 +57,3 @@ // process might be undefined in some environments | ||
} | ||
this.clientId = (_a = this.options.clientId) !== null && _a !== void 0 ? _a : process === null || process === void 0 ? void 0 : process.env.WORKOS_CLIENT_ID; | ||
const protocol = this.options.https ? 'https' : 'http'; | ||
@@ -71,2 +72,4 @@ const apiHostname = this.options.apiHostname || DEFAULT_HOSTNAME; | ||
this.webhooks = this.createWebhookClient(); | ||
// Must initialize UserManagement after baseURL is configured | ||
this.userManagement = new user_management_1.UserManagement(this); | ||
this.client = this.createHttpClient(options, userAgent); | ||
@@ -73,0 +76,0 @@ } |
{ | ||
"version": "7.14.0", | ||
"version": "7.15.0", | ||
"name": "@workos-inc/node", | ||
@@ -40,2 +40,4 @@ "author": "WorkOS", | ||
"dependencies": { | ||
"iron-session": "~6.3.1", | ||
"jose": "~5.6.3", | ||
"pluralize": "8.0.0" | ||
@@ -67,2 +69,2 @@ }, | ||
} | ||
} | ||
} |
Sorry, the diff of this file is too big to display
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
512404
470
10946
3
11
+ Addediron-session@~6.3.1
+ Addedjose@~5.6.3
+ Added@peculiar/asn1-schema@2.3.13(transitive)
+ Added@peculiar/json-schema@1.1.12(transitive)
+ Added@peculiar/webcrypto@1.5.0(transitive)
+ Added@types/accepts@1.3.7(transitive)
+ Added@types/body-parser@1.19.5(transitive)
+ Added@types/connect@3.4.38(transitive)
+ Added@types/content-disposition@0.5.8(transitive)
+ Added@types/cookie@0.5.4(transitive)
+ Added@types/cookies@0.9.0(transitive)
+ Added@types/express@4.17.21(transitive)
+ Added@types/express-serve-static-core@4.19.5(transitive)
+ Added@types/http-assert@1.5.5(transitive)
+ Added@types/http-errors@2.0.4(transitive)
+ Added@types/keygrip@1.0.6(transitive)
+ Added@types/koa@2.15.0(transitive)
+ Added@types/koa-compose@3.2.8(transitive)
+ Added@types/mime@1.3.5(transitive)
+ Added@types/node@17.0.45(transitive)
+ Added@types/qs@6.9.16(transitive)
+ Added@types/range-parser@1.2.7(transitive)
+ Added@types/send@0.17.4(transitive)
+ Added@types/serve-static@1.15.7(transitive)
+ Addedasn1js@3.0.5(transitive)
+ Addedbase64-js@1.5.1(transitive)
+ Addedbuffer@6.0.3(transitive)
+ Addedcookie@0.5.0(transitive)
+ Addedieee754@1.2.1(transitive)
+ Addediron-session@6.3.1(transitive)
+ Addediron-webcrypto@0.2.8(transitive)
+ Addedjose@5.6.3(transitive)
+ Addedpvtsutils@1.3.5(transitive)
+ Addedpvutils@1.1.3(transitive)
+ Addedtslib@2.7.0(transitive)
+ Addedwebcrypto-core@1.8.0(transitive)