Skip to content

Commit

Permalink
User Management - get Authorization URL (#193)
Browse files Browse the repository at this point in the history 
* User Management - get Authorization URL

* Fix comment var names
  • Loading branch information
@jbvolta
jbvolta authored Nov 20, 2023
1 parent cc0d51a commit eb581df
Show file tree
Hide file tree
Showing 2 changed files with 144 additions and 3 deletions.
74 changes: 71 additions & 3 deletions lib/UserManagement.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ public function updateUser($userId, $firstName = null, $lastName = null, $emailV
* List Users.
*
* @param null|string $email
* @param null|string $organization Organization users are a member of
* @param null|string $organizationId Organization users are a member of
* @param int $limit Maximum number of records to return
* @param null|string $before User ID to look before
* @param null|string $after User ID to look after
Expand All @@ -103,7 +103,7 @@ public function updateUser($userId, $firstName = null, $lastName = null, $emailV
*/
public function listUsers(
$email = null,
$organization = null,
$organizationId = null,
$limit = self::DEFAULT_PAGE_SIZE,
$before = null,
$after = null,
Expand All @@ -113,7 +113,7 @@ public function listUsers(

$params = [
"email" => $email,
"organization_id" => $organization,
"organization_id" => $organizationId,
"limit" => $limit,
"before" => $before,
"after" => $after,
Expand Down Expand Up @@ -426,6 +426,74 @@ public function revokeInvitation($invitationId)
return Resource\Invitation::constructFromResponse($response);
}

/**
* Generates an OAuth 2.0 authorization URL used to initiate the SSO flow with WorkOS.
*
* @param null|string $redirectUri URI to direct the user to upon successful completion of SSO
* @param null|array $state Associative array containing state that will be returned from WorkOS as a json encoded string
* @param null|string $provider Service provider that handles the identity of the user
* @param null|string $connectionId Unique identifier for a WorkOS Connection
* @param null|string $organizationId Unique identifier for a WorkOS Organization
* @param null|string $domainHint DDomain hint that will be passed as a parameter to the IdP login page
* @param null|string $loginHint Username/email hint that will be passed as a parameter to the to IdP login page
*
* @throws Exception\UnexpectedValueException
* @throws Exception\ConfigurationException
*
* @return string
*/
public function getAuthorizationUrl(
$redirectUri,
$state,
$provider = null,
$connectionId = null,
$organizationId = null,
$domainHint = null,
$loginHint = null
) {
$path = "user_management/authorize";

if (!isset($provider) && !isset($connectionId) && !isset($organizationId)) {
$msg = "Either \$provider, \$connectionId, or \$organizationId is required";
throw new Exception\UnexpectedValueException($msg);
}

$params = [
"client_id" => WorkOS::getClientId(),
"response_type" => "code"
];

if ($redirectUri) {
$params["redirect_uri"] = $redirectUri;
}

if (null !== $state && !empty($state)) {
$params["state"] = \json_encode($state);
}

if ($provider) {
$params["provider"] = $provider;
}

if ($connectionId) {
$params["connection_id"] = $connectionId;
}

if ($organizationId) {
$params["organization_id"] = $organizationId;
}

if ($domainHint) {
$params["domain_hint"] = $domainHint;
}

if ($loginHint) {
$params["login_hint"] = $loginHint;
}

return Client::generateUrl($path, $params);
}

/**
* Authenticate a User with Password
*
Expand Down
73 changes: 73 additions & 0 deletions tests/WorkOS/UserManagementTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,79 @@ public function testUpdateUserPassword()
$this->assertSame($user, $response->toArray());
}

public static function authorizationUrlTestDataProvider()
{
return [
[null, null, Resource\ConnectionType::GoogleOAuth, null],
[null, null, null, "connection_123"],
[null, null, null, null, "org_01FG7HGMY2CZZR2FWHTEE94VF0"],
["https://papagenos.com/auth/callback", null, null, "connection_123", null, "foo.com", null],
["https://papagenos.com/auth/callback", null, null, "connection_123", null, null, "[email protected]"],
["https://papagenos.com/auth/callback", null, null, "connection_123"],
[null, null, null, "connection_123"],
["https://papagenos.com/auth/callback", ["toppings" => "ham"], null, "connection_123"]
];
}

/**
* @dataProvider authorizationUrlTestDataProvider
*/
public function testAuthorizationURLExpectedParams(
$redirectUri,
$state,
$provider,
$connectionId,
$organizationId = null,
$domainHint = null,
$loginHint = null
) {
$expectedParams = [
"client_id" => WorkOS::getClientId(),
"response_type" => "code"
];

if ($redirectUri) {
$expectedParams["redirect_uri"] = $redirectUri;
}

if (null !== $state && !empty($state)) {
$expectedParams["state"] = \json_encode($state);
}

if ($provider) {
$expectedParams["provider"] = $provider;
}

if ($connectionId) {
$expectedParams["connection_id"] = $connectionId;
}

if ($organizationId) {
$expectedParams["organization_id"] = $organizationId;
}

if ($domainHint) {
$expectedParams["domain_hint"] = $domainHint;
}

if ($loginHint) {
$expectedParams["login_hint"] = $loginHint;
}

$authorizationUrl = $this->userManagement->getAuthorizationUrl(
$redirectUri,
$state,
$provider,
$connectionId,
$organizationId,
$domainHint,
$loginHint
);
$paramsString = \parse_url($authorizationUrl, \PHP_URL_QUERY);
\parse_str($paramsString, $paramsArray);
$this->assertSame($expectedParams, $paramsArray);
}

public function testAuthenticateWithPassword()
{
$path = "users/authenticate";
Expand Down

0 comments on commit eb581df

Please sign in to comment.