Merge branch 'main' into logan/url-encoding

Author: logan-stytch

stytch/b2b/api/discovery_intermediate_sessions.py

@@ -31,6 +31,7 @@ def exchange(
         session_duration_minutes: Optional[int] = None,
         session_custom_claims: Optional[Dict[str, Any]] = None,
         locale: Optional[Union[ExchangeRequestLocale, str]] = None,
+        telemetry_id: Optional[str] = None,
     ) -> ExchangeResponse:
         """Exchange an Intermediate Session for a fully realized [Member Session](https://stytch.com/docs/b2b/api/session-object) for the [Organization](https://stytch.com/docs/b2b/api/organization-object) that the user wishes to log into.
 
@@ -73,6 +74,7 @@ def exchange(
 
         Request support for additional languages [here](https://docs.google.com/forms/d/e/1FAIpQLScZSpAu_m2AmLXRT3F3kap-s_mcV6UTBitYn6CdyWP0-o7YjQ/viewform?usp=sf_link")!
 
+          - telemetry_id: If the `telemetry_id` is passed, as part of this request, Stytch will call the [Fingerprint Lookup API](https://stytch.com/docs/fraud/api/fingerprint-lookup) and store the associated fingerprints and IPGEO information for the Member. Your workspace must be enabled for Device Fingerprinting to use this feature.
         """  # noqa
         headers: Dict[str, str] = {}
         data: Dict[str, Any] = {
@@ -85,6 +87,8 @@ def exchange(
             data["session_custom_claims"] = session_custom_claims
         if locale is not None:
             data["locale"] = locale
+        if telemetry_id is not None:
+            data["telemetry_id"] = telemetry_id
 
         url = self.api_base.url_for(
             "/v1/b2b/discovery/intermediate_sessions/exchange", data
@@ -99,6 +103,7 @@ async def exchange_async(
         session_duration_minutes: Optional[int] = None,
         session_custom_claims: Optional[Dict[str, Any]] = None,
         locale: Optional[ExchangeRequestLocale] = None,
+        telemetry_id: Optional[str] = None,
     ) -> ExchangeResponse:
         """Exchange an Intermediate Session for a fully realized [Member Session](https://stytch.com/docs/b2b/api/session-object) for the [Organization](https://stytch.com/docs/b2b/api/organization-object) that the user wishes to log into.
 
@@ -141,6 +146,7 @@ async def exchange_async(
 
         Request support for additional languages [here](https://docs.google.com/forms/d/e/1FAIpQLScZSpAu_m2AmLXRT3F3kap-s_mcV6UTBitYn6CdyWP0-o7YjQ/viewform?usp=sf_link")!
 
+          - telemetry_id: If the `telemetry_id` is passed, as part of this request, Stytch will call the [Fingerprint Lookup API](https://stytch.com/docs/fraud/api/fingerprint-lookup) and store the associated fingerprints and IPGEO information for the Member. Your workspace must be enabled for Device Fingerprinting to use this feature.
         """  # noqa
         headers: Dict[str, str] = {}
         data: Dict[str, Any] = {
@@ -153,6 +159,8 @@ async def exchange_async(
             data["session_custom_claims"] = session_custom_claims
         if locale is not None:
             data["locale"] = locale
+        if telemetry_id is not None:
+            data["telemetry_id"] = telemetry_id
 
         url = self.api_base.url_for(
             "/v1/b2b/discovery/intermediate_sessions/exchange", data

stytch/b2b/api/discovery_organizations.py

@@ -58,6 +58,7 @@ def create(
             Union[CreateRequestThirdPartyConnectedAppsAllowedType, str]
         ] = None,
         allowed_third_party_connected_apps: Optional[List[str]] = None,
+        telemetry_id: Optional[str] = None,
     ) -> CreateResponse:
         """This endpoint allows you to exchange the `intermediate_session_token` returned when the user successfully completes a Discovery authentication flow to create a new
         [Organization](https://stytch.com/docs/b2b/api/organization-object) and [Member](https://stytch.com/docs/b2b/api/member-object) and log the user in. If the user wants to log into an existing Organization, use the [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) instead.
@@ -174,6 +175,7 @@ def create(
           `NOT_ALLOWED` – no third party Connected Apps are permitted.
 
           - allowed_third_party_connected_apps: An array of third party Connected App IDs that are allowed for the Organization. Only used when the Organization's `third_party_connected_apps_allowed_type` is `RESTRICTED`.
+          - telemetry_id: If the `telemetry_id` is passed, as part of this request, Stytch will call the [Fingerprint Lookup API](https://stytch.com/docs/fraud/api/fingerprint-lookup) and store the associated fingerprints and IPGEO information for the Member. Your workspace must be enabled for Device Fingerprinting to use this feature.
         """  # noqa
         headers: Dict[str, str] = {}
         data: Dict[str, Any] = {
@@ -234,6 +236,8 @@ def create(
             data["allowed_third_party_connected_apps"] = (
                 allowed_third_party_connected_apps
             )
+        if telemetry_id is not None:
+            data["telemetry_id"] = telemetry_id
 
         url = self.api_base.url_for("/v1/b2b/discovery/organizations/create", data)
         res = self.sync_client.post(url, data, headers)
@@ -270,6 +274,7 @@ async def create_async(
             CreateRequestThirdPartyConnectedAppsAllowedType
         ] = None,
         allowed_third_party_connected_apps: Optional[List[str]] = None,
+        telemetry_id: Optional[str] = None,
     ) -> CreateResponse:
         """This endpoint allows you to exchange the `intermediate_session_token` returned when the user successfully completes a Discovery authentication flow to create a new
         [Organization](https://stytch.com/docs/b2b/api/organization-object) and [Member](https://stytch.com/docs/b2b/api/member-object) and log the user in. If the user wants to log into an existing Organization, use the [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) instead.
@@ -386,6 +391,7 @@ async def create_async(
           `NOT_ALLOWED` – no third party Connected Apps are permitted.
 
           - allowed_third_party_connected_apps: An array of third party Connected App IDs that are allowed for the Organization. Only used when the Organization's `third_party_connected_apps_allowed_type` is `RESTRICTED`.
+          - telemetry_id: If the `telemetry_id` is passed, as part of this request, Stytch will call the [Fingerprint Lookup API](https://stytch.com/docs/fraud/api/fingerprint-lookup) and store the associated fingerprints and IPGEO information for the Member. Your workspace must be enabled for Device Fingerprinting to use this feature.
         """  # noqa
         headers: Dict[str, str] = {}
         data: Dict[str, Any] = {
@@ -446,6 +452,8 @@ async def create_async(
             data["allowed_third_party_connected_apps"] = (
                 allowed_third_party_connected_apps
             )
+        if telemetry_id is not None:
+            data["telemetry_id"] = telemetry_id
 
         url = self.api_base.url_for("/v1/b2b/discovery/organizations/create", data)
         res = await self.async_client.post(url, data, headers)

stytch/b2b/api/idp.py

@@ -1,9 +1,16 @@
+# !!!
+# WARNING: This file is autogenerated
+# Only modify code within MANUAL() sections
+# or your changes may be overwritten later!
+# !!!
+
 from __future__ import annotations
 
 from typing import Any, Dict, Optional
 
 import jwt
 
+from stytch.b2b.api.idp_oauth import OAuth
 from stytch.b2b.models.sessions import AuthorizationCheck
 from stytch.consumer.models.idp import IDPTokenClaims, IDPTokenResponse
 from stytch.core.api_base import ApiBase
@@ -25,26 +32,19 @@ def __init__(
         self.api_base = api_base
         self.sync_client = sync_client
         self.async_client = async_client
+        self.policy_cache = policy_cache
         self.jwks_client = jwks_client
         self.project_id = project_id
-        self.non_custom_claim_keys = [
-            "aud",
-            "exp",
-            "iat",
-            "iss",
-            "jti",
-            "nbf",
-            "sub",
-            "active",
-            "client_id",
-            "request_id",
-            "scope",
-            "status_code",
-            "token_type",
-            "https://stytch.com/organization",
-        ]
-        self.policy_cache = policy_cache
+        self.oauth = OAuth(
+            api_base=self.api_base,
+            sync_client=self.sync_client,
+            async_client=self.async_client,
+        )
 
+    # MANUAL(IDP)(SERVICE_METHOD)
+    # ADDIMPORT: from stytch.b2b.models.sessions import AuthorizationCheck
+    # ADDIMPORT: from stytch.shared import jwt_helpers, rbac_local
+    # ADDIMPORT: from stytch.consumer.models.idp import IDPTokenClaims, IDPTokenResponse
     def introspect_token_network(
         self,
         token: str,
@@ -80,7 +80,7 @@ def introspect_token_network(
         if not jwtResponse.active:
             return None
         custom_claims = {
-            k: v for k, v in res.json.items() if k not in self.non_custom_claim_keys
+            k: v for k, v in res.json.items() if k not in self._non_custom_claim_keys()
         }
         organization_claim = res.json["https://stytch.com/organization"]
         organization_id = organization_claim["organization_id"]
@@ -142,7 +142,7 @@ async def introspect_token_network_async(
         if not jwtResponse.active:
             return None
         custom_claims = {
-            k: v for k, v in res.json.items() if k not in self.non_custom_claim_keys
+            k: v for k, v in res.json.items() if k not in self._non_custom_claim_keys()
         }
         organization_claim = res.json["https://stytch.com/organization"]
         organization_id = organization_claim["organization_id"]
@@ -222,3 +222,22 @@ def introspect_access_token_local(
             token_type="access_token",
             organization_claim=org_claim,
         )
+
+    def _non_custom_claim_keys(self):
+        return [
+            "aud",
+            "exp",
+            "iat",
+            "iss",
+            "jti",
+            "nbf",
+            "sub",
+            "active",
+            "client_id",
+            "request_id",
+            "scope",
+            "status_code",
+            "token_type",
+        ]
+
+    # ENDMANUAL(IDP)