diff --git a/lib/workos/user_management.rb b/lib/workos/user_management.rb index eb1680bd..cd362005 100644 --- a/lib/workos/user_management.rb +++ b/lib/workos/user_management.rb @@ -298,16 +298,19 @@ def delete_user(id:) # @param [String] client_id The WorkOS client ID for the environment # @param [String] ip_address The IP address of the request from the user who is attempting to authenticate. # @param [String] user_agent The user agent of the request from the user who is attempting to authenticate. + # @param [String] invitation_token The token of an Invitation, if required. # @param [Hash] session An optional hash that determines whether the session should be sealed and # the optional cookie password. # # @return WorkOS::AuthenticationResponse + # rubocop:disable Metrics/ParameterLists def authenticate_with_password( email:, password:, client_id:, ip_address: nil, user_agent: nil, + invitation_token: nil, session: nil ) validate_session(session) @@ -322,6 +325,7 @@ def authenticate_with_password( password: password, ip_address: ip_address, user_agent: user_agent, + invitation_token: invitation_token, grant_type: 'password', }, ), @@ -329,6 +333,7 @@ def authenticate_with_password( WorkOS::AuthenticationResponse.new(response.body, session) end + # rubocop:enable Metrics/ParameterLists # Authenticate a user using OAuth or an organization's SSO connection. # @@ -337,6 +342,7 @@ def authenticate_with_password( # @param [String] client_id The WorkOS client ID for the environment # @param [String] ip_address The IP address of the request from the user who is attempting to authenticate. # @param [String] user_agent The user agent of the request from the user who is attempting to authenticate. + # @param [String] invitation_token The token of an Invitation, if required. # @param [Hash] session An optional hash that determines whether the session should be sealed and # the optional cookie password. # @@ -346,6 +352,7 @@ def authenticate_with_code( client_id:, ip_address: nil, user_agent: nil, + invitation_token: nil, session: nil ) validate_session(session) @@ -359,6 +366,7 @@ def authenticate_with_code( client_secret: WorkOS.config.key!, ip_address: ip_address, user_agent: user_agent, + invitation_token: invitation_token, grant_type: 'authorization_code', }, ), @@ -415,6 +423,7 @@ def authenticate_with_refresh_token( # @param [String] link_authorization_code Used to link an OAuth profile to an existing user, # after having completed a Magic Code challenge. # @param [String] user_agent The user agent of the request from the user who is attempting to authenticate. + # @param [String] invitation_token The token of an Invitation, if required. # @param [Hash] session An optional hash that determines whether the session should be sealed and # the optional cookie password. # @@ -427,6 +436,7 @@ def authenticate_with_magic_auth( ip_address: nil, user_agent: nil, link_authorization_code: nil, + invitation_token: nil, session: nil ) validate_session(session) @@ -443,6 +453,7 @@ def authenticate_with_magic_auth( user_agent: user_agent, grant_type: 'urn:workos:oauth:grant-type:magic-auth:code', link_authorization_code: link_authorization_code, + invitation_token: invitation_token, }, ), ) diff --git a/spec/lib/workos/user_management_spec.rb b/spec/lib/workos/user_management_spec.rb index d8613dd8..2cdbc4e7 100644 --- a/spec/lib/workos/user_management_spec.rb +++ b/spec/lib/workos/user_management_spec.rb @@ -588,6 +588,28 @@ end end end + + context 'with an invitation_token' do + it 'includes invitation_token in the request body' do + expect(described_class).to receive(:post_request) do |options| + body = options[:body] + expect(body[:invitation_token]).to eq('invitation_token_123') + + double('request') + end.and_return(double('request')) + + expect(described_class).to receive(:execute_request).and_return( + double('response', body: '{"user": {"id": "user_123"}, "access_token": "token", "refresh_token": "refresh"}'), + ) + + described_class.authenticate_with_password( + email: 'test@workos.app', + password: 'password123', + client_id: 'client_123', + invitation_token: 'invitation_token_123', + ) + end + end end describe '.authenticate_with_code' do @@ -671,6 +693,27 @@ end end end + + context 'with an invitation_token' do + it 'includes invitation_token in the request body' do + expect(described_class).to receive(:post_request) do |options| + body = options[:body] + expect(body[:invitation_token]).to eq('invitation_token_123') + + double('request') + end.and_return(double('request')) + + expect(described_class).to receive(:execute_request).and_return( + double('response', body: '{"user": {"id": "user_123"}, "access_token": "token", "refresh_token": "refresh"}'), + ) + + described_class.authenticate_with_code( + code: '01H93ZZHA0JBHFJH9RR11S83YN', + client_id: 'client_123', + invitation_token: 'invitation_token_123', + ) + end + end end describe '.authenticate_with_refresh_token' do @@ -735,6 +778,28 @@ end end end + + context 'with an invitation_token' do + it 'includes invitation_token in the request body' do + expect(described_class).to receive(:post_request) do |options| + body = options[:body] + expect(body[:invitation_token]).to eq('invitation_token_123') + + double('request') + end.and_return(double('request')) + + expect(described_class).to receive(:execute_request).and_return( + double('response', body: '{"user": {"id": "user_123"}, "access_token": "token", "refresh_token": "refresh"}'), + ) + + described_class.authenticate_with_magic_auth( + code: '452079', + client_id: 'client_123', + email: 'test@workos.com', + invitation_token: 'invitation_token_123', + ) + end + end end describe '.authenticate_with_organization_selection' do