Skip to content

fix: replace parameter-group hashes with typed variant classes #473

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
gjtorikian merged 7 commits into from
Apr 30, 2026
Merged

fix: replace parameter-group hashes with typed variant classes #473

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
5d4fe45
fix: replace parameter-group hashes with typed variant classes
gjtorikian Apr 30, 2026
154b350
fix: send body on update_organization_membership
gjtorikian Apr 30, 2026
205b77e
test: assert request body for parameter-group dispatchers
gjtorikian Apr 30, 2026
5ede3be
fix: type PasswordPlaintext.password as required String
gjtorikian Apr 30, 2026
e93da86
fix: harden parameter-group dispatchers and broaden test coverage
gjtorikian Apr 30, 2026
769a617
fix(ruby): scope parameter-group variant classes under resource modules
gjtorikian Apr 30, 2026
4e4c93f
fix(ruby): regenerate test stubs with recovered array shapes
gjtorikian Apr 30, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .oagen-manifest.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"version": 2,
"language": "ruby",
"generatedAt": "2026-04-27T20:55:49.741Z",
"generatedAt": "2026-04-30T17:41:02.756Z",
"files": [
"lib/workos.rb",
"lib/workos/admin_portal.rb",
Expand Down
2 changes: 1 addition & 1 deletion lib/workos/api_keys.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ def create_validation(
)
body = {
"value" => value
}.compact
}
response = @client.request(
method: :post,
path: "/api_keys/validations",
Expand Down
4 changes: 2 additions & 2 deletions lib/workos/audit_logs.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ def update_organization_audit_logs_retention(
)
body = {
"retention_period_in_days" => retention_period_in_days
}.compact
}
response = @client.request(
method: :put,
path: "/organizations/#{WorkOS::Util.encode_path(id)}/audit_logs_retention",
Expand Down Expand Up @@ -189,7 +189,7 @@ def create_event(
body = {
"organization_id" => organization_id,
"event" => event
}.compact
}
response = @client.request(
method: :post,
path: "/audit_logs/events",
Expand Down
244 changes: 128 additions & 116 deletions lib/workos/authorization.rb
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion lib/workos/groups.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -219,7 +219,7 @@ def create_group_organization_membership(
)
body = {
"organization_membership_id" => organization_membership_id
}.compact
}
response = @client.request(
method: :post,
path: "/organizations/#{WorkOS::Util.encode_path(organization_id)}/groups/#{WorkOS::Util.encode_path(group_id)}/organization-memberships",
Expand Down
2 changes: 1 addition & 1 deletion lib/workos/multi_factor_auth.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ def verify_challenge(
)
body = {
"code" => code
}.compact
}
response = @client.request(
method: :post,
path: "/auth/challenges/#{WorkOS::Util.encode_path(id)}/verify",
Expand Down
2 changes: 1 addition & 1 deletion lib/workos/organization_domains.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ def create_organization_domain(
body = {
"domain" => domain,
"organization_id" => organization_id
}.compact
}
response = @client.request(
method: :post,
path: "/organization_domains",
Expand Down
4 changes: 2 additions & 2 deletions lib/workos/radar.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ def add_list_entry(
)
body = {
"entry" => entry
}.compact
}
response = @client.request(
method: :post,
path: "/radar/lists/#{WorkOS::Util.encode_path(type)}/#{WorkOS::Util.encode_path(action)}",
Expand All @@ -118,7 +118,7 @@ def remove_list_entry(
)
body = {
"entry" => entry
}.compact
}
@client.request(
method: :delete,
path: "/radar/lists/#{WorkOS::Util.encode_path(type)}/#{WorkOS::Util.encode_path(action)}",
Expand Down
4 changes: 2 additions & 2 deletions lib/workos/sso.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ def authorize_logout(
)
body = {
"profile_id" => profile_id
}.compact
}
response = @client.request(
method: :post,
path: "/sso/logout/authorize",
Expand Down Expand Up @@ -157,7 +157,7 @@ def get_profile_and_token(
"client_id" => request_options[:client_id] || @client.client_id,
"client_secret" => request_options[:api_key] || @client.api_key,
"code" => code
}.compact
}
response = @client.request(
method: :post,
path: "/sso/token",
Expand Down
139 changes: 74 additions & 65 deletions lib/workos/user_management.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,32 @@

module WorkOS
class UserManagement
# Identifies the password (plaintext variant).
#
# @!attribute [r] password
# @return [String]
PasswordPlaintext = Data.define(:password)

# Identifies the password (hashed variant).
#
# @!attribute [r] password_hash
# @return [String]
# @!attribute [r] password_hash_type
# @return [WorkOS::Types::CreateUserPasswordHashType]
PasswordHashed = Data.define(:password_hash, :password_hash_type)

# Identifies the role (single variant).
#
# @!attribute [r] role_slug
# @return [String]
RoleSingle = Data.define(:role_slug)

# Identifies the role (multiple variant).
#
# @!attribute [r] role_slugs
# @return [Array<String>]
RoleMultiple = Data.define(:role_slugs)

def initialize(client)
@client = client
end
Expand Down Expand Up @@ -403,7 +429,7 @@ def create_device(
)
body = {
"client_id" => client_id
}.compact
}
response = @client.request(
method: :post,
path: "/user_management/authorize/device",
Expand Down Expand Up @@ -450,7 +476,7 @@ def create_cors_origin(
)
body = {
"origin" => origin
}.compact
}
response = @client.request(
method: :post,
path: "/user_management/cors_origins",
Expand Down Expand Up @@ -492,7 +518,7 @@ def reset_password(
)
body = {
"email" => email
}.compact
}
response = @client.request(
method: :post,
path: "/user_management/password_reset",
Expand All @@ -518,7 +544,7 @@ def confirm_password_reset(
body = {
"token" => token,
"new_password" => new_password
}.compact
}
response = @client.request(
method: :post,
path: "/user_management/password_reset/confirm",
Expand Down Expand Up @@ -613,9 +639,7 @@ def list_users(
# @param email_verified [Boolean, nil] Whether the user's email has been verified.
# @param metadata [Hash{String => String}, nil] Object containing metadata key/value pairs associated with the user.
# @param external_id [String, nil] The external ID of the user.
# @param password [String, nil] The password to set for the user. Mutually exclusive with `password_hash` and `password_hash_type`.
# @param password_hash [String, nil] The hashed password to set for the user. Required with `password_hash_type`. Mutually exclusive with `password`.
# @param password_hash_type [WorkOS::Types::CreateUserPasswordHashType, nil] The algorithm originally used to hash the password, used when providing a `password_hash`. Required with `password_hash`. Mutually exclusive with `password`.
# @param password [WorkOS::UserManagement::PasswordPlaintext, WorkOS::UserManagement::PasswordHashed, nil] Identifies the password.
# @param request_options [Hash] (see WorkOS::Types::RequestOptions)
# @return [WorkOS::User]
def create_user(
Expand All @@ -626,8 +650,6 @@ def create_user(
metadata: nil,
external_id: nil,
password: nil,
password_hash: nil,
password_hash_type: nil,
request_options: {}
)
body = {
Expand All @@ -636,18 +658,17 @@ def create_user(
"last_name" => last_name,
"email_verified" => email_verified,
"metadata" => metadata,
"external_id" => external_id,
"password" => password,
"password_hash" => password_hash,
"password_hash_type" => password_hash_type
"external_id" => external_id
}.compact
if password
case password[:type]
when "plaintext"
body["password"] = password[:password]
when "hashed"
body["password_hash"] = password[:password_hash]
body["password_hash_type"] = password[:password_hash_type]
case password
when WorkOS::UserManagement::PasswordPlaintext
body["password"] = password.password
when WorkOS::UserManagement::PasswordHashed
body["password_hash"] = password.password_hash
body["password_hash_type"] = password.password_hash_type
else
raise ArgumentError, "expected password to be one of: WorkOS::UserManagement::PasswordPlaintext, WorkOS::UserManagement::PasswordHashed, got #{password.class}"
end
end
response = @client.request(
Expand Down Expand Up @@ -709,9 +730,7 @@ def get_user(
# @param metadata [Hash{String => String}, nil] Object containing metadata key/value pairs associated with the user.
# @param external_id [String, nil] The external ID of the user.
# @param locale [String, nil] The user's preferred locale.
# @param password [String, nil] The password to set for the user. Mutually exclusive with `password_hash` and `password_hash_type`.
# @param password_hash [String, nil] The hashed password to set for the user. Required with `password_hash_type`. Mutually exclusive with `password`.
# @param password_hash_type [WorkOS::Types::UpdateUserPasswordHashType, nil] The algorithm originally used to hash the password, used when providing a `password_hash`. Required with `password_hash`. Mutually exclusive with `password`.
# @param password [WorkOS::UserManagement::PasswordPlaintext, WorkOS::UserManagement::PasswordHashed, nil] Identifies the password.
# @param request_options [Hash] (see WorkOS::Types::RequestOptions)
# @return [WorkOS::User]
def update_user(
Expand All @@ -724,8 +743,6 @@ def update_user(
external_id: nil,
locale: nil,
password: nil,
password_hash: nil,
password_hash_type: nil,
request_options: {}
)
body = {
Expand All @@ -735,18 +752,17 @@ def update_user(
"email_verified" => email_verified,
"metadata" => metadata,
"external_id" => external_id,
"locale" => locale,
"password" => password,
"password_hash" => password_hash,
"password_hash_type" => password_hash_type
"locale" => locale
}.compact
if password
case password[:type]
when "plaintext"
body["password"] = password[:password]
when "hashed"
body["password_hash"] = password[:password_hash]
body["password_hash_type"] = password[:password_hash_type]
case password
when WorkOS::UserManagement::PasswordPlaintext
body["password"] = password.password
when WorkOS::UserManagement::PasswordHashed
body["password_hash"] = password.password_hash
body["password_hash_type"] = password.password_hash_type
else
raise ArgumentError, "expected password to be one of: WorkOS::UserManagement::PasswordPlaintext, WorkOS::UserManagement::PasswordHashed, got #{password.class}"
end
end
response = @client.request(
Expand Down Expand Up @@ -790,7 +806,7 @@ def confirm_email_change(
)
body = {
"code" => code
}.compact
}
response = @client.request(
method: :post,
path: "/user_management/users/#{WorkOS::Util.encode_path(id)}/email_change/confirm",
Expand All @@ -815,7 +831,7 @@ def send_email_change(
)
body = {
"new_email" => new_email
}.compact
}
response = @client.request(
method: :post,
path: "/user_management/users/#{WorkOS::Util.encode_path(id)}/email_change/send",
Expand All @@ -840,7 +856,7 @@ def verify_email(
)
body = {
"code" => code
}.compact
}
response = @client.request(
method: :post,
path: "/user_management/users/#{WorkOS::Util.encode_path(id)}/email_verification/confirm",
Expand Down Expand Up @@ -1138,7 +1154,7 @@ def update_jwt_template(
)
body = {
"content" => content
}.compact
}
response = @client.request(
method: :put,
path: "/user_management/jwt_template",
Expand Down Expand Up @@ -1255,30 +1271,27 @@ def list_organization_memberships(
# Create an organization membership
# @param user_id [String] The ID of the [user](https://workos.com/docs/reference/authkit/user).
# @param organization_id [String] The ID of the [organization](https://workos.com/docs/reference/organization) which the user belongs to.
# @param role_slug [String, nil] A single role identifier. Defaults to `member` or the explicit default role. Mutually exclusive with `role_slugs`.
# @param role_slugs [Array<String>, nil] An array of role identifiers. Limited to one role when Multiple Roles is disabled. Mutually exclusive with `role_slug`.
# @param role [WorkOS::UserManagement::RoleSingle, WorkOS::UserManagement::RoleMultiple, nil] Identifies the role.
# @param request_options [Hash] (see WorkOS::Types::RequestOptions)
# @return [WorkOS::OrganizationMembership]
def create_organization_membership(
user_id:,
organization_id:,
role_slug: nil,
role_slugs: nil,
role: nil,
request_options: {}
)
body = {
"user_id" => user_id,
"organization_id" => organization_id,
"role_slug" => role_slug,
"role_slugs" => role_slugs
}.compact
"organization_id" => organization_id
}
if role
case role[:type]
when "single"
body["role_slug"] = role[:role_slug]
when "multiple"
body["role_slugs"] = role[:role_slugs]
case role
when WorkOS::UserManagement::RoleSingle
body["role_slug"] = role.role_slug
when WorkOS::UserManagement::RoleMultiple
body["role_slugs"] = role.role_slugs
else
raise ArgumentError, "expected role to be one of: WorkOS::UserManagement::RoleSingle, WorkOS::UserManagement::RoleMultiple, got #{role.class}"
end
end
response = @client.request(
Expand Down Expand Up @@ -1314,27 +1327,23 @@ def get_organization_membership(

# Update an organization membership
# @param id [String] The unique ID of the organization membership.
# @param role_slug [String, nil] A single role identifier. Defaults to `member` or the explicit default role. Mutually exclusive with `role_slugs`.
# @param role_slugs [Array<String>, nil] An array of role identifiers. Limited to one role when Multiple Roles is disabled. Mutually exclusive with `role_slug`.
# @param role [WorkOS::UserManagement::RoleSingle, WorkOS::UserManagement::RoleMultiple, nil] Identifies the role.
# @param request_options [Hash] (see WorkOS::Types::RequestOptions)
# @return [WorkOS::UserOrganizationMembership]
def update_organization_membership(
id:,
role_slug: nil,
role_slugs: nil,
role: nil,
request_options: {}
)
body = {
"role_slug" => role_slug,
"role_slugs" => role_slugs
}.compact
body = {}
if role
case role[:type]
when "single"
body["role_slug"] = role[:role_slug]
when "multiple"
body["role_slugs"] = role[:role_slugs]
case role
when WorkOS::UserManagement::RoleSingle
body["role_slug"] = role.role_slug
when WorkOS::UserManagement::RoleMultiple
body["role_slugs"] = role.role_slugs
else
raise ArgumentError, "expected role to be one of: WorkOS::UserManagement::RoleSingle, WorkOS::UserManagement::RoleMultiple, got #{role.class}"
end
end
response = @client.request(
Expand Down Expand Up @@ -1414,7 +1423,7 @@ def create_redirect_uri(
)
body = {
"uri" => uri
}.compact
}
response = @client.request(
method: :post,
path: "/user_management/redirect_uris",
Expand Down
2 changes: 1 addition & 1 deletion lib/workos/webhooks.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ def create_webhook_endpoint(
body = {
"endpoint_url" => endpoint_url,
"events" => events
}.compact
}
response = @client.request(
method: :post,
path: "/webhook_endpoints",
Expand Down
Loading