diff --git a/src/main/kotlin/com/workos/common/models/Role.kt b/src/main/kotlin/com/workos/common/models/Role.kt new file mode 100644 index 00000000..e55457d2 --- /dev/null +++ b/src/main/kotlin/com/workos/common/models/Role.kt @@ -0,0 +1,14 @@ +package com.workos.common.models + +import com.fasterxml.jackson.annotation.JsonCreator +import com.fasterxml.jackson.annotation.JsonProperty + +/** + * A unique user role, used with organization memberships and profiles. + * + * @param slug The unique role identifier. + */ +data class Role @JsonCreator constructor( + @JsonProperty("slug") + val slug: String +) diff --git a/src/main/kotlin/com/workos/sso/models/Profile.kt b/src/main/kotlin/com/workos/sso/models/Profile.kt index b097cb9b..c166613e 100644 --- a/src/main/kotlin/com/workos/sso/models/Profile.kt +++ b/src/main/kotlin/com/workos/sso/models/Profile.kt @@ -16,6 +16,7 @@ import com.fasterxml.jackson.annotation.JsonProperty * @param email The user's email address. * @param firstName The user's first name. * @param lastName The user's last name. + * @param role The user's role based on group memberships. * @param groups The user's group memberships. * @param rawAttributes Object of key-value pairs containing relevant user data from the Identity Provider. */ @@ -55,6 +56,10 @@ data class Profile @JsonProperty("last_name") val lastName: String?, + @JvmField + @JsonProperty("role") + val role: ProfileRole? = null, + @JvmField @JsonProperty("groups") val groups: List?, diff --git a/src/main/kotlin/com/workos/sso/models/ProfileRole.kt b/src/main/kotlin/com/workos/sso/models/ProfileRole.kt new file mode 100644 index 00000000..c1f16a00 --- /dev/null +++ b/src/main/kotlin/com/workos/sso/models/ProfileRole.kt @@ -0,0 +1,5 @@ +package com.workos.sso.models + +import com.workos.common.models.Role + +typealias ProfileRole = Role diff --git a/src/main/kotlin/com/workos/usermanagement/models/OrganizationMembershipRole.kt b/src/main/kotlin/com/workos/usermanagement/models/OrganizationMembershipRole.kt index 709d1c1f..27eec096 100644 --- a/src/main/kotlin/com/workos/usermanagement/models/OrganizationMembershipRole.kt +++ b/src/main/kotlin/com/workos/usermanagement/models/OrganizationMembershipRole.kt @@ -1,14 +1,5 @@ package com.workos.usermanagement.models -import com.fasterxml.jackson.annotation.JsonCreator -import com.fasterxml.jackson.annotation.JsonProperty +import com.workos.common.models.Role -/** - * An organization membership role. - * - * @param slug The unique role identified. - */ -data class OrganizationMembershipRole @JsonCreator constructor( - @JsonProperty("slug") - val slug: String -) +typealias OrganizationMembershipRole = Role diff --git a/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt b/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt index c02c0fd7..10ea68fa 100644 --- a/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt +++ b/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt @@ -172,6 +172,7 @@ class SsoApiTest : TestBase() { "id": "prof_01DMC79VCBZ0NY2099737PSVF1", "idp_id": "00u1a0ufowBJlzPlk357", "last_name": "Rundgren", + "role":{"slug":"admin"}, "object": "profile", "organization_id": "org_01FJYCNTB6VC4K5R8BTF86286Q", "raw_attributes": {"foo": "bar"} @@ -206,6 +207,7 @@ class SsoApiTest : TestBase() { "id": "prof_01DMC79VCBZ0NY2099737PSVF1", "idp_id": "00u1a0ufowBJlzPlk357", "last_name": "Rundgren", + "role":{"slug":"admin"}, "groups":["Admins", "Developers"], "object": "profile", "organization_id": "org_01FJYCNTB6VC4K5R8BTF86286Q", @@ -242,6 +244,7 @@ class SsoApiTest : TestBase() { "id": "prof_01DMC79VCBZ0NY2099737PSVF1", "idp_id": "00u1a0ufowBJlzPlk357", "last_name": "Rundgren", + "role":{"slug":"admin"}, "object": "profile", "organization_id": "org_01FJYCNTB6VC4K5R8BTF86286Q", "raw_attributes": {"foo": "bar"} @@ -255,6 +258,41 @@ class SsoApiTest : TestBase() { assertNull(profile.groups) } + @Test + fun getProfileAndTokenWithoutRoleShouldNotReturnRole() { + val workos = createWorkOSClient() + + stubResponse( + url = "/sso/token", + requestBody = """{ + "client_id": "clientId", + "client_secret": "apiKey", + "code": "code", + "grant_type": "authorization_code" + }""", + responseBody = """{ + "access_token": "01DMEK0J53CVMC32CK5SE0KZ8Q", + "profile": { + "connection_id": "conn_01E4ZCR3C56J083X43JQXF3JK5", + "connection_type": "OktaSAML", + "email": "todd@foo-corp.com", + "first_name": "Todd", + "id": "prof_01DMC79VCBZ0NY2099737PSVF1", + "idp_id": "00u1a0ufowBJlzPlk357", + "last_name": "Rundgren", + "object": "profile", + "organization_id": "org_01FJYCNTB6VC4K5R8BTF86286Q", + "raw_attributes": {"foo": "bar"} + } + }""" + ) + + val profileAndToken = workos.sso.getProfileAndToken("code", "clientId") + val profile = profileAndToken.profile + + assertNull(profile.role) + } + @Test fun getProfileShouldReturnPayload() { val workos = createWorkOSClient() @@ -269,6 +307,7 @@ class SsoApiTest : TestBase() { "id": "prof_01DMC79VCBZ0NY2099737PSVF2", "idp_id": "00u1a0ufowBJlzPlk357", "last_name": "Rundgren", + "role":{"slug":"admin"}, "object": "profile", "organization_id": "org_01FJYCNTB6VC4K5R8BTF86286Q", "raw_attributes": {"foo": "foo_value"}