From 38baf271dc88f37a2a83d28215cf9b026ef572e8 Mon Sep 17 00:00:00 2001 From: ci-stytch <72180218+ci-stytch@users.noreply.github.com> Date: Mon, 13 Jan 2025 15:55:37 -0500 Subject: [PATCH] Add User Impersonation Authenticate Method (#232) Co-authored-by: Stytch Codegen Bot --- stytch/b2b/api/discovery_organizations.py | 4 +- stytch/b2b/api/impersonation.py | 48 +++++++++++++++++++++++ stytch/b2b/api/organizations.py | 8 ++-- stytch/b2b/client.py | 6 +++ stytch/b2b/models/impersonation.py | 27 +++++++++++++ stytch/b2b/models/organizations.py | 2 +- stytch/version.py | 2 +- 7 files changed, 89 insertions(+), 8 deletions(-) create mode 100644 stytch/b2b/api/impersonation.py create mode 100644 stytch/b2b/models/impersonation.py diff --git a/stytch/b2b/api/discovery_organizations.py b/stytch/b2b/api/discovery_organizations.py index 918be61..5b37844 100644 --- a/stytch/b2b/api/discovery_organizations.py +++ b/stytch/b2b/api/discovery_organizations.py @@ -115,7 +115,7 @@ def create( `RESTRICTED` – only methods that comply with `allowed_auth_methods` can be used for authentication. This setting does not apply to Members with `is_breakglass` set to `true`. - allowed_auth_methods: An array of allowed authentication methods. This list is enforced when `auth_methods` is set to `RESTRICTED`. - The list's accepted values are: `sso`, `magic_link`, `password`, `google_oauth`, and `microsoft_oauth`. + The list's accepted values are: `sso`, `magic_link`, `email_otp`, `password`, `google_oauth`, `microsoft_oauth`, `slack_oauth`, `github_oauth`, and `hubspot_oauth`. - mfa_policy: The setting that controls the MFA policy for all Members in the Organization. The accepted values are: @@ -285,7 +285,7 @@ async def create_async( `RESTRICTED` – only methods that comply with `allowed_auth_methods` can be used for authentication. This setting does not apply to Members with `is_breakglass` set to `true`. - allowed_auth_methods: An array of allowed authentication methods. This list is enforced when `auth_methods` is set to `RESTRICTED`. - The list's accepted values are: `sso`, `magic_link`, `password`, `google_oauth`, and `microsoft_oauth`. + The list's accepted values are: `sso`, `magic_link`, `email_otp`, `password`, `google_oauth`, `microsoft_oauth`, `slack_oauth`, `github_oauth`, and `hubspot_oauth`. - mfa_policy: The setting that controls the MFA policy for all Members in the Organization. The accepted values are: diff --git a/stytch/b2b/api/impersonation.py b/stytch/b2b/api/impersonation.py new file mode 100644 index 0000000..1db2191 --- /dev/null +++ b/stytch/b2b/api/impersonation.py @@ -0,0 +1,48 @@ +# !!! +# WARNING: This file is autogenerated +# Only modify code within MANUAL() sections +# or your changes may be overwritten later! +# !!! + +from __future__ import annotations + +from typing import Any, Dict + +from stytch.b2b.models.impersonation import AuthenticateResponse +from stytch.core.api_base import ApiBase +from stytch.core.http.client import AsyncClient, SyncClient + + +class Impersonation: + def __init__( + self, api_base: ApiBase, sync_client: SyncClient, async_client: AsyncClient + ) -> None: + self.api_base = api_base + self.sync_client = sync_client + self.async_client = async_client + + def authenticate( + self, + token: str, + ) -> AuthenticateResponse: + headers: Dict[str, str] = {} + data: Dict[str, Any] = { + "token": token, + } + + url = self.api_base.url_for("/v1/b2b/impersonation/authenticate", data) + res = self.sync_client.post(url, data, headers) + return AuthenticateResponse.from_json(res.response.status_code, res.json) + + async def authenticate_async( + self, + token: str, + ) -> AuthenticateResponse: + headers: Dict[str, str] = {} + data: Dict[str, Any] = { + "token": token, + } + + url = self.api_base.url_for("/v1/b2b/impersonation/authenticate", data) + res = await self.async_client.post(url, data, headers) + return AuthenticateResponse.from_json(res.response.status, res.json) diff --git a/stytch/b2b/api/organizations.py b/stytch/b2b/api/organizations.py index a9da8c7..c64da1b 100644 --- a/stytch/b2b/api/organizations.py +++ b/stytch/b2b/api/organizations.py @@ -103,7 +103,7 @@ def create( `RESTRICTED` – only methods that comply with `allowed_auth_methods` can be used for authentication. This setting does not apply to Members with `is_breakglass` set to `true`. - allowed_auth_methods: An array of allowed authentication methods. This list is enforced when `auth_methods` is set to `RESTRICTED`. - The list's accepted values are: `sso`, `magic_link`, `password`, `google_oauth`, and `microsoft_oauth`. + The list's accepted values are: `sso`, `magic_link`, `email_otp`, `password`, `google_oauth`, `microsoft_oauth`, `slack_oauth`, `github_oauth`, and `hubspot_oauth`. - mfa_policy: The setting that controls the MFA policy for all Members in the Organization. The accepted values are: @@ -239,7 +239,7 @@ async def create_async( `RESTRICTED` – only methods that comply with `allowed_auth_methods` can be used for authentication. This setting does not apply to Members with `is_breakglass` set to `true`. - allowed_auth_methods: An array of allowed authentication methods. This list is enforced when `auth_methods` is set to `RESTRICTED`. - The list's accepted values are: `sso`, `magic_link`, `password`, `google_oauth`, and `microsoft_oauth`. + The list's accepted values are: `sso`, `magic_link`, `email_otp`, `password`, `google_oauth`, `microsoft_oauth`, `slack_oauth`, `github_oauth`, and `hubspot_oauth`. - mfa_policy: The setting that controls the MFA policy for all Members in the Organization. The accepted values are: @@ -439,7 +439,7 @@ def update( If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.settings.allowed-auth-methods` action on the `stytch.organization` Resource. - allowed_auth_methods: An array of allowed authentication methods. This list is enforced when `auth_methods` is set to `RESTRICTED`. - The list's accepted values are: `sso`, `magic_link`, `password`, `google_oauth`, and `microsoft_oauth`. + The list's accepted values are: `sso`, `magic_link`, `email_otp`, `password`, `google_oauth`, `microsoft_oauth`, `slack_oauth`, `github_oauth`, and `hubspot_oauth`. If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.settings.allowed-auth-methods` action on the `stytch.organization` Resource. @@ -627,7 +627,7 @@ async def update_async( If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.settings.allowed-auth-methods` action on the `stytch.organization` Resource. - allowed_auth_methods: An array of allowed authentication methods. This list is enforced when `auth_methods` is set to `RESTRICTED`. - The list's accepted values are: `sso`, `magic_link`, `password`, `google_oauth`, and `microsoft_oauth`. + The list's accepted values are: `sso`, `magic_link`, `email_otp`, `password`, `google_oauth`, `microsoft_oauth`, `slack_oauth`, `github_oauth`, and `hubspot_oauth`. If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.settings.allowed-auth-methods` action on the `stytch.organization` Resource. diff --git a/stytch/b2b/client.py b/stytch/b2b/client.py index f6217a9..4ce5f81 100644 --- a/stytch/b2b/client.py +++ b/stytch/b2b/client.py @@ -11,6 +11,7 @@ import jwt from stytch.b2b.api.discovery import Discovery +from stytch.b2b.api.impersonation import Impersonation from stytch.b2b.api.magic_links import MagicLinks from stytch.b2b.api.oauth import OAuth from stytch.b2b.api.organizations import Organizations @@ -72,6 +73,11 @@ def __init__( sync_client=self.sync_client, async_client=self.async_client, ) + self.impersonation = Impersonation( + api_base=self.api_base, + sync_client=self.sync_client, + async_client=self.async_client, + ) self.m2m = M2M( api_base=self.api_base, sync_client=self.sync_client, diff --git a/stytch/b2b/models/impersonation.py b/stytch/b2b/models/impersonation.py new file mode 100644 index 0000000..195bbba --- /dev/null +++ b/stytch/b2b/models/impersonation.py @@ -0,0 +1,27 @@ +# !!! +# WARNING: This file is autogenerated +# Only modify code within MANUAL() sections +# or your changes may be overwritten later! +# !!! + +from __future__ import annotations + +from typing import Optional + +from stytch.b2b.models.mfa import MfaRequired +from stytch.b2b.models.organizations import Member, Organization +from stytch.b2b.models.sessions import MemberSession +from stytch.core.response_base import ResponseBase + + +class AuthenticateResponse(ResponseBase): + member_id: str + organization_id: str + member: Member + session_token: str + session_jwt: str + organization: Organization + intermediate_session_token: str + member_authenticated: bool + member_session: Optional[MemberSession] = None + mfa_required: Optional[MfaRequired] = None diff --git a/stytch/b2b/models/organizations.py b/stytch/b2b/models/organizations.py index 5bb6429..71b9454 100644 --- a/stytch/b2b/models/organizations.py +++ b/stytch/b2b/models/organizations.py @@ -282,7 +282,7 @@ class Organization(pydantic.BaseModel): `RESTRICTED` – only methods that comply with `allowed_auth_methods` can be used for authentication. This setting does not apply to Members with `is_breakglass` set to `true`. - allowed_auth_methods: An array of allowed authentication methods. This list is enforced when `auth_methods` is set to `RESTRICTED`. - The list's accepted values are: `sso`, `magic_link`, `password`, `google_oauth`, and `microsoft_oauth`. + The list's accepted values are: `sso`, `magic_link`, `email_otp`, `password`, `google_oauth`, `microsoft_oauth`, `slack_oauth`, `github_oauth`, and `hubspot_oauth`. - mfa_policy: (no documentation yet) - rbac_email_implicit_role_assignments: Implicit role assignments based off of email domains. diff --git a/stytch/version.py b/stytch/version.py index 13b4a72..59c3246 100644 --- a/stytch/version.py +++ b/stytch/version.py @@ -1 +1 @@ -__version__ = "12.1.0" +__version__ = "12.2.0"