Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

User Management - get Authorization URL #193

Merged
merged 2 commits into from
Nov 20, 2023
Merged

User Management - get Authorization URL #193

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a77f6f7
User Management - get Authorization URL
jbvolta Nov 20, 2023
ca96585
Fix comment var names
jbvolta Nov 20, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
74 changes: 71 additions & 3 deletions lib/UserManagement.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ public function updateUser($userId, $firstName = null, $lastName = null, $emailV
* List Users.
*
* @param null|string $email
* @param null|string $organization Organization users are a member of
* @param null|string $organizationId Organization users are a member of
* @param int $limit Maximum number of records to return
* @param null|string $before User ID to look before
* @param null|string $after User ID to look after
Expand All @@ -103,7 +103,7 @@ public function updateUser($userId, $firstName = null, $lastName = null, $emailV
*/
public function listUsers(
$email = null,
$organization = null,
$organizationId = null,
$limit = self::DEFAULT_PAGE_SIZE,
$before = null,
$after = null,
Expand All @@ -113,7 +113,7 @@ public function listUsers(

$params = [
"email" => $email,
"organization_id" => $organization,
"organization_id" => $organizationId,
"limit" => $limit,
"before" => $before,
"after" => $after,
Expand Down Expand Up @@ -426,6 +426,74 @@ public function revokeInvitation($invitationId)
return Resource\Invitation::constructFromResponse($response);
}

/**
* Generates an OAuth 2.0 authorization URL used to initiate the SSO flow with WorkOS.
*
* @param null|string $redirectUri URI to direct the user to upon successful completion of SSO
* @param null|array $state Associative array containing state that will be returned from WorkOS as a json encoded string
* @param null|string $provider Service provider that handles the identity of the user
* @param null|string $connectionId Unique identifier for a WorkOS Connection
* @param null|string $organizationId Unique identifier for a WorkOS Organization
* @param null|string $domainHint DDomain hint that will be passed as a parameter to the IdP login page
* @param null|string $loginHint Username/email hint that will be passed as a parameter to the to IdP login page
*
* @throws Exception\UnexpectedValueException
* @throws Exception\ConfigurationException
*
* @return string
*/
public function getAuthorizationUrl(
$redirectUri,
$state,
$provider = null,
$connectionId = null,
$organizationId = null,
$domainHint = null,
$loginHint = null
) {
$path = "user_management/authorize";

if (!isset($provider) && !isset($connectionId) && !isset($organizationId)) {
$msg = "Either \$provider, \$connectionId, or \$organizationId is required";
throw new Exception\UnexpectedValueException($msg);
}

$params = [
"client_id" => WorkOS::getClientId(),
"response_type" => "code"
];

if ($redirectUri) {
$params["redirect_uri"] = $redirectUri;
}

if (null !== $state && !empty($state)) {
$params["state"] = \json_encode($state);
}

if ($provider) {
$params["provider"] = $provider;
}

if ($connectionId) {
$params["connection_id"] = $connectionId;
}

if ($organizationId) {
$params["organization_id"] = $organizationId;
}

if ($domainHint) {
$params["domain_hint"] = $domainHint;
}

if ($loginHint) {
$params["login_hint"] = $loginHint;
}

return Client::generateUrl($path, $params);
}

/**
* Authenticate a User with Password
*
Expand Down
73 changes: 73 additions & 0 deletions tests/WorkOS/UserManagementTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,79 @@ public function testUpdateUserPassword()
$this->assertSame($user, $response->toArray());
}

public static function authorizationUrlTestDataProvider()
{
return [
[null, null, Resource\ConnectionType::GoogleOAuth, null],
[null, null, null, "connection_123"],
[null, null, null, null, "org_01FG7HGMY2CZZR2FWHTEE94VF0"],
["https://papagenos.com/auth/callback", null, null, "connection_123", null, "foo.com", null],
["https://papagenos.com/auth/callback", null, null, "connection_123", null, null, "[email protected]"],
["https://papagenos.com/auth/callback", null, null, "connection_123"],
[null, null, null, "connection_123"],
["https://papagenos.com/auth/callback", ["toppings" => "ham"], null, "connection_123"]
];
}

/**
* @dataProvider authorizationUrlTestDataProvider
*/
public function testAuthorizationURLExpectedParams(
$redirectUri,
$state,
$provider,
$connectionId,
$organizationId = null,
$domainHint = null,
$loginHint = null
) {
$expectedParams = [
"client_id" => WorkOS::getClientId(),
"response_type" => "code"
];

if ($redirectUri) {
$expectedParams["redirect_uri"] = $redirectUri;
}

if (null !== $state && !empty($state)) {
$expectedParams["state"] = \json_encode($state);
}

if ($provider) {
$expectedParams["provider"] = $provider;
}

if ($connectionId) {
$expectedParams["connection_id"] = $connectionId;
}

if ($organizationId) {
$expectedParams["organization_id"] = $organizationId;
}

if ($domainHint) {
$expectedParams["domain_hint"] = $domainHint;
}

if ($loginHint) {
$expectedParams["login_hint"] = $loginHint;
}

$authorizationUrl = $this->userManagement->getAuthorizationUrl(
$redirectUri,
$state,
$provider,
$connectionId,
$organizationId,
$domainHint,
$loginHint
);
$paramsString = \parse_url($authorizationUrl, \PHP_URL_QUERY);
\parse_str($paramsString, $paramsArray);
$this->assertSame($expectedParams, $paramsArray);
}

public function testAuthenticateWithPassword()
{
$path = "users/authenticate";
Expand Down