Add "impersonator" field to WorkOSAuthenticationResponse

mthadley · mthadley · commit dd83a4a2fb80 · 2024-03-14T15:18:41.000-07:00
diff --git a/tests/test_user_management.py b/tests/test_user_management.py
@@ -140,6 +140,19 @@ def mock_auth_response(self):
 
         return {"user": user, "organization_id": "org_12345"}
 
+    @pytest.fixture
+    def mock_auth_response_with_impersonator(self):
+        user = MockUser("user_01H7ZGXFP5C6BBQY6Z7277ZCT0").to_dict()
+
+        return {
+            "user": user,
+            "organization_id": "org_12345",
+            "impersonator": {
+                "email": "admin@foocorp.com",
+                "reason": "Debugging an account issue."
+            }
+        }
+
     @pytest.fixture
     def mock_magic_auth_challenge_response(self):
         return {
@@ -532,7 +545,7 @@ def test_authenticate_with_password(
         assert request["json"]["user_agent"] == user_agent
         assert request["json"]["ip_address"] == ip_address
         assert request["json"]["client_id"] == "client_b27needthisforssotemxo"
-        assert request["json"]["client_secret"] == "sk_abdsomecharactersm284"
+        assert request["json"]["client_secret"] == "sk_test"
         assert request["json"]["grant_type"] == "password"
 
     def test_authenticate_with_code(self, capture_and_mock_request, mock_auth_response):
@@ -555,9 +568,24 @@ def test_authenticate_with_code(self, capture_and_mock_request, mock_auth_respon
         assert request["json"]["user_agent"] == user_agent
         assert request["json"]["ip_address"] == ip_address
         assert request["json"]["client_id"] == "client_b27needthisforssotemxo"
-        assert request["json"]["client_secret"] == "sk_abdsomecharactersm284"
+        assert request["json"]["client_secret"] == "sk_test"
         assert request["json"]["grant_type"] == "authorization_code"
 
+    def test_authenticate_impersonator_with_code(self, capture_and_mock_request, mock_auth_response_with_impersonator):
+        code = "test_code"
+
+        url, request = capture_and_mock_request("post", mock_auth_response_with_impersonator, 200)
+
+        response = self.user_management.authenticate_with_code(
+            code=code,
+        )
+
+        print (response)
+        assert url[0].endswith("user_management/authenticate")
+        assert response["user"]["id"] == "user_01H7ZGXFP5C6BBQY6Z7277ZCT0"
+        assert response["impersonator"]["email"] == "admin@foocorp.com"
+        assert response["impersonator"]["reason"] == "Debugging an account issue."
+
     def test_authenticate_with_magic_auth(
         self, capture_and_mock_request, mock_auth_response
     ):
@@ -583,7 +611,7 @@ def test_authenticate_with_magic_auth(
         assert request["json"]["email"] == email
         assert request["json"]["ip_address"] == ip_address
         assert request["json"]["client_id"] == "client_b27needthisforssotemxo"
-        assert request["json"]["client_secret"] == "sk_abdsomecharactersm284"
+        assert request["json"]["client_secret"] == "sk_test"
         assert (
             request["json"]["grant_type"]
             == "urn:workos:oauth:grant-type:magic-auth:code"
@@ -617,7 +645,7 @@ def test_authenticate_with_email_verification(
         )
         assert request["json"]["ip_address"] == ip_address
         assert request["json"]["client_id"] == "client_b27needthisforssotemxo"
-        assert request["json"]["client_secret"] == "sk_abdsomecharactersm284"
+        assert request["json"]["client_secret"] == "sk_test"
         assert (
             request["json"]["grant_type"]
             == "urn:workos:oauth:grant-type:email-verification:code"
@@ -655,7 +683,7 @@ def test_authenticate_with_totp(self, capture_and_mock_request, mock_auth_respon
         )
         assert request["json"]["ip_address"] == ip_address
         assert request["json"]["client_id"] == "client_b27needthisforssotemxo"
-        assert request["json"]["client_secret"] == "sk_abdsomecharactersm284"
+        assert request["json"]["client_secret"] == "sk_test"
         assert request["json"]["grant_type"] == "urn:workos:oauth:grant-type:mfa-totp"
 
     def test_authenticate_with_organization_selection(
@@ -686,7 +714,7 @@ def test_authenticate_with_organization_selection(
         )
         assert request["json"]["ip_address"] == ip_address
         assert request["json"]["client_id"] == "client_b27needthisforssotemxo"
-        assert request["json"]["client_secret"] == "sk_abdsomecharactersm284"
+        assert request["json"]["client_secret"] == "sk_test"
         assert (
             request["json"]["grant_type"]
             == "urn:workos:oauth:grant-type:organization-selection"
diff --git a/workos/resources/user_management.py b/workos/resources/user_management.py
@@ -21,6 +21,12 @@ def construct_from_response(cls, response):
         user = WorkOSUser.construct_from_response(response["user"])
         authentication_response.user = user
 
+        if "impersonator" in response:
+            impersonator = WorkOSImpersonator.construct_from_response(response["impersonator"])
+            authentication_response.impersonator = impersonator
+        else:
+            authentication_response.impersonator = None
+
         return authentication_response
 
     def to_dict(self):
@@ -31,6 +37,9 @@ def to_dict(self):
         user_dict = self.user.to_dict()
         authentication_response_dict["user"] = user_dict
 
+        if self.impersonator:
+            authentication_response_dict["impersonator"] = self.impersonator.to_dict()
+
         return authentication_response_dict
 
 
@@ -119,3 +128,15 @@ class WorkOSUser(WorkOSBaseResource):
         "created_at",
         "updated_at",
     ]
+
+class WorkOSImpersonator(WorkOSBaseResource):
+    """Representation of a WorkOS Dashboard member impersonating a user
+
+    Attributes:
+        OBJECT_FIELDS (list): List of fields a WorkOSUser comprises.
+    """
+
+    OBJECT_FIELDS = [
+        "email",
+        "reason",
+    ]
