workos
diff --git a/‎src/workos/authorization.py‎
Lines changed: 241 additions & 40 deletions b/‎src/workos/authorization.py‎
Lines changed: 241 additions & 40 deletions
diff --git a/‎src/workos/utils/_base_http_client.py‎
Lines changed: 2 additions & 1 deletion b/‎src/workos/utils/_base_http_client.py‎
Lines changed: 2 additions & 1 deletion
@@ -1,6 +1,8 @@
-from typing import Any, Dict, Optional, Protocol, Sequence
+from enum import Enum
+from typing import Any, Dict, Optional, Protocol, Sequence, Union
 
 from pydantic import TypeAdapter
+from typing_extensions import TypedDict
 
 from workos.types.authorization.environment_role import (
     EnvironmentRole,
@@ -28,9 +30,16 @@
     REQUEST_METHOD_PUT,
 )
 
+
+class _Unset(Enum):
+    TOKEN = 0
+
+
+UNSET: _Unset = _Unset.TOKEN
+
 AUTHORIZATION_PERMISSIONS_PATH = "authorization/permissions"
-AUTHORIZATION_ORGANIZATIONS_PATH = "authorization/organizations"
 AUTHORIZATION_RESOURCES_PATH = "authorization/resources"
+AUTHORIZATION_ORGANIZATIONS_PATH = "authorization/organizations"
 
 
 class ResourceListFilters(ListArgs, total=False):
@@ -44,6 +53,18 @@ class ResourceListFilters(ListArgs, total=False):
 
 ResourcesListResource = WorkOSListResource[Resource, ResourceListFilters, ListMetadata]
 
+
+class ParentResourceById(TypedDict):
+    parent_resource_id: str
+
+
+class ParentResourceByExternalId(TypedDict):
+    parent_resource_external_id: str
+    parent_resource_type_slug: str
+
+
+ParentResource = Union[ParentResourceById, ParentResourceByExternalId]
+
 _role_adapter: TypeAdapter[Role] = TypeAdapter(Role)
 
 
@@ -176,30 +197,32 @@ def add_environment_role_permission(
         permission_slug: str,
     ) -> SyncOrAsync[EnvironmentRole]: ...
 
-    # Resources (External ID) + List
+    # Resources
 
-    def get_resource_by_external_id(
+    def get_resource(self, resource_id: str) -> SyncOrAsync[Resource]: ...
+
+    def create_resource(
         self,
+        *,
+        resource_type_slug: str,
         organization_id: str,
-        resource_type: str,
         external_id: str,
+        name: str,
+        parent: Optional[ParentResource] = None,
+        description: Optional[str] = None,
     ) -> SyncOrAsync[Resource]: ...
 
-    def update_resource_by_external_id(
+    def update_resource(
         self,
-        organization_id: str,
-        resource_type: str,
-        external_id: str,
+        resource_id: str,
         *,
         name: Optional[str] = None,
-        description: Optional[str] = None,
+        description: Union[str, None, _Unset] = UNSET,
     ) -> SyncOrAsync[Resource]: ...
 
-    def delete_resource_by_external_id(
+    def delete_resource(
         self,
-        organization_id: str,
-        resource_type: str,
-        external_id: str,
+        resource_id: str,
         *,
         cascade_delete: Optional[bool] = None,
     ) -> SyncOrAsync[None]: ...
@@ -219,6 +242,32 @@ def list_resources(
         order: PaginationOrder = "desc",
     ) -> SyncOrAsync[ResourcesListResource]: ...
 
+    def get_resource_by_external_id(
+        self,
+        organization_id: str,
+        resource_type: str,
+        external_id: str,
+    ) -> SyncOrAsync[Resource]: ...
+
+    def update_resource_by_external_id(
+        self,
+        organization_id: str,
+        resource_type: str,
+        external_id: str,
+        *,
+        name: Optional[str] = None,
+        description: Optional[str] = None,
+    ) -> SyncOrAsync[Resource]: ...
+
+    def delete_resource_by_external_id(
+        self,
+        organization_id: str,
+        resource_type: str,
+        external_id: str,
+        *,
+        cascade_delete: Optional[bool] = None,
+    ) -> SyncOrAsync[None]: ...
+
 
 class Authorization(AuthorizationModule):
     _http_client: SyncHTTPClient
@@ -495,7 +544,83 @@ def add_environment_role_permission(
 
         return EnvironmentRole.model_validate(response)
 
-    # Resources (External ID) + List
+    # Resources
+
+    def get_resource(self, resource_id: str) -> Resource:
+        response = self._http_client.request(
+            f"{AUTHORIZATION_RESOURCES_PATH}/{resource_id}",
+            method=REQUEST_METHOD_GET,
+        )
+
+        return Resource.model_validate(response)
+
+    def create_resource(
+        self,
+        *,
+        resource_type_slug: str,
+        organization_id: str,
+        external_id: str,
+        name: str,
+        parent: Optional[ParentResource] = None,
+        description: Optional[str] = None,
+    ) -> Resource:
+        json: Dict[str, Any] = {
+            "resource_type_slug": resource_type_slug,
+            "organization_id": organization_id,
+            "external_id": external_id,
+            "name": name,
+        }
+        if parent is not None:
+            json.update(parent)
+        if description is not None:
+            json["description"] = description
+
+        response = self._http_client.request(
+            AUTHORIZATION_RESOURCES_PATH,
+            method=REQUEST_METHOD_POST,
+            json=json,
+        )
+
+        return Resource.model_validate(response)
+
+    def update_resource(
+        self,
+        resource_id: str,
+        *,
+        name: Optional[str] = None,
+        description: Union[str, None, _Unset] = UNSET,
+    ) -> Resource:
+        json: Dict[str, Any] = {}
+        if name is not None:
+            json["name"] = name
+        if not isinstance(description, _Unset):
+            json["description"] = description
+
+        response = self._http_client.request(
+            f"{AUTHORIZATION_RESOURCES_PATH}/{resource_id}",
+            method=REQUEST_METHOD_PATCH,
+            json=json,
+            exclude_none=False,
+        )
+
+        return Resource.model_validate(response)
+
+    def delete_resource(
+        self,
+        resource_id: str,
+        *,
+        cascade_delete: Optional[bool] = None,
+    ) -> None:
+        if cascade_delete is not None:
+            self._http_client.delete_with_body(
+                f"{AUTHORIZATION_RESOURCES_PATH}/{resource_id}",
+                json={"cascade_delete": cascade_delete},
+            )
+        else:
+            self._http_client.request(
+                f"{AUTHORIZATION_RESOURCES_PATH}/{resource_id}",
+                method=REQUEST_METHOD_DELETE,
+            )
 
     def get_resource_by_external_id(
         self,
@@ -873,62 +998,83 @@ async def add_environment_role_permission(
 
         return EnvironmentRole.model_validate(response)
 
-    # Resources (External ID) + List
+    # Resources
 
-    async def get_resource_by_external_id(
+    async def get_resource(self, resource_id: str) -> Resource:
+        response = await self._http_client.request(
+            f"{AUTHORIZATION_RESOURCES_PATH}/{resource_id}",
+            method=REQUEST_METHOD_GET,
+        )
+
+        return Resource.model_validate(response)
+
+    async def create_resource(
         self,
+        *,
+        resource_type_slug: str,
         organization_id: str,
-        resource_type: str,
         external_id: str,
+        name: str,
+        parent: Optional[ParentResource] = None,
+        description: Optional[str] = None,
     ) -> Resource:
+        json: Dict[str, Any] = {
+            "resource_type_slug": resource_type_slug,
+            "organization_id": organization_id,
+            "external_id": external_id,
+            "name": name,
+        }
+        if parent is not None:
+            json.update(parent)
+        if description is not None:
+            json["description"] = description
+
         response = await self._http_client.request(
-            f"{AUTHORIZATION_ORGANIZATIONS_PATH}/{organization_id}/resources/{resource_type}/{external_id}",
-            method=REQUEST_METHOD_GET,
+            AUTHORIZATION_RESOURCES_PATH,
+            method=REQUEST_METHOD_POST,
+            json=json,
         )
 
         return Resource.model_validate(response)
 
-    async def update_resource_by_external_id(
+    async def update_resource(
         self,
-        organization_id: str,
-        resource_type: str,
-        external_id: str,
+        resource_id: str,
         *,
         name: Optional[str] = None,
-        description: Optional[str] = None,
+        description: Union[str, None, _Unset] = UNSET,
     ) -> Resource:
         json: Dict[str, Any] = {}
         if name is not None:
             json["name"] = name
-        if description is not None:
+        if not isinstance(description, _Unset):
             json["description"] = description
 
         response = await self._http_client.request(
-            f"{AUTHORIZATION_ORGANIZATIONS_PATH}/{organization_id}/resources/{resource_type}/{external_id}",
+            f"{AUTHORIZATION_RESOURCES_PATH}/{resource_id}",
             method=REQUEST_METHOD_PATCH,
             json=json,
+            exclude_none=False,
         )
 
         return Resource.model_validate(response)
 
-    async def delete_resource_by_external_id(
+    async def delete_resource(
         self,
-        organization_id: str,
-        resource_type: str,
-        external_id: str,
+        resource_id: str,
         *,
         cascade_delete: Optional[bool] = None,
     ) -> None:
-        path = f"{AUTHORIZATION_ORGANIZATIONS_PATH}/{organization_id}/resources/{resource_type}/{external_id}"
-        params: Dict[str, bool] = {}
         if cascade_delete is not None:
-            params["cascade_delete"] = cascade_delete
-
-        await self._http_client.request(
-            path,
-            method=REQUEST_METHOD_DELETE,
-            params=params if params else None,
-        )
+            await self._http_client.delete_with_body(
+                f"{AUTHORIZATION_RESOURCES_PATH}/{resource_id}",
+                json={"cascade_delete": cascade_delete},
+            )
+        else:
+            await self._http_client.request(
+                f"{AUTHORIZATION_RESOURCES_PATH}/{resource_id}",
+                method=REQUEST_METHOD_DELETE,
+            )
 
     async def list_resources(
         self,
@@ -974,3 +1120,58 @@ async def list_resources(
             list_args=list_params,
             **ListPage[Resource](**response).model_dump(),
         )
+
+    async def get_resource_by_external_id(
+        self,
+        organization_id: str,
+        resource_type: str,
+        external_id: str,
+    ) -> Resource:
+        response = await self._http_client.request(
+            f"{AUTHORIZATION_ORGANIZATIONS_PATH}/{organization_id}/resources/{resource_type}/{external_id}",
+            method=REQUEST_METHOD_GET,
+        )
+
+        return Resource.model_validate(response)
+
+    async def update_resource_by_external_id(
+        self,
+        organization_id: str,
+        resource_type: str,
+        external_id: str,
+        *,
+        name: Optional[str] = None,
+        description: Optional[str] = None,
+    ) -> Resource:
+        json: Dict[str, Any] = {}
+        if name is not None:
+            json["name"] = name
+        if description is not None:
+            json["description"] = description
+
+        response = await self._http_client.request(
+            f"{AUTHORIZATION_ORGANIZATIONS_PATH}/{organization_id}/resources/{resource_type}/{external_id}",
+            method=REQUEST_METHOD_PATCH,
+            json=json,
+        )
+
+        return Resource.model_validate(response)
+
+    async def delete_resource_by_external_id(
+        self,
+        organization_id: str,
+        resource_type: str,
+        external_id: str,
+        *,
+        cascade_delete: Optional[bool] = None,
+    ) -> None:
+        path = f"{AUTHORIZATION_ORGANIZATIONS_PATH}/{organization_id}/resources/{resource_type}/{external_id}"
+        params: Dict[str, bool] = {}
+        if cascade_delete is not None:
+            params["cascade_delete"] = cascade_delete
+
+        await self._http_client.request(
+            path,
+            method=REQUEST_METHOD_DELETE,
+            params=params if params else None,
+        )
@@ -124,6 +124,7 @@ def _prepare_request(
         headers: HeadersType = None,
         exclude_default_auth_headers: bool = False,
         force_include_body: bool = False,
+        exclude_none: bool = True,
     ) -> PreparedRequest:
         """Executes a request against the WorkOS API.
 
@@ -159,7 +160,7 @@ def _prepare_request(
             params = {k: v for k, v in params.items() if v is not None}
 
         # Remove any body values that are None
-        if json is not None and isinstance(json, Mapping):
+        if exclude_none and json is not None and isinstance(json, Mapping):
             json = {k: v for k, v in json.items() if v is not None}
 
         # We'll spread these return values onto the HTTP client request method