kinde_sdk 1.6.2 → 1.6.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2c65c1b91fb94f9002ee2ce815a2455b7185db3ca91c7babfb7d2c8bc557eb5d
-  data.tar.gz: 6ca01f15fba17e280a8f3708ffa08ac86b613a2cf7de0ada9e9111eefb43d813
+  metadata.gz: 968c1259cbb736de98492390e22ff1ee9d696d377f53bee26c51638ef559dc4b
+  data.tar.gz: 1bfe473e41c17233663f3b56ac7dc7f7cc6e0206ba5ef4f789c168364dfc927b
 SHA512:
-  metadata.gz: 5cbb3e4d0d6b473a0a8037b944e463526f58264557ff8963958baeacf586ee33823c79a5d47ee8221cd468e5128f5e9fe36f59070fd80f09e8a4af061261115f
-  data.tar.gz: cbdb9bea2bb157d69c818a2e41e95bd47b47e69bab9aa60189549130cdb4fd86610b8df0b9d266e2924f9c0cf1006f8ba5c7b59be37e7775ee1aba5d31caeb46
+  metadata.gz: d0eb3ff3c628a848ef41b41e921a686a7cf86033e040c4468b6923b5f0b92490990fd93166064bf1109fcae36a1d13259f97c12e194ebe55059c981fdc648e52
+  data.tar.gz: 6958f1bce9b3b68c9d4d7d8fa166bc0f1bda5e9fce4d49a49f73da9f4369ecf1b59bc3539374bc8bbda21e55f62a08b647886b5ca951541e4ac98b56a72ca8f3

data/lib/kinde_sdk/client.rb

@@ -29,6 +29,9 @@ module KindeSdk
     # @return [Hash]
     # @example {name: "scp", value: ["openid", "offline"]}
     def get_claim(claim, token_type = :access_token)
+      # Validate the token before attempting to decode it
+      KindeSdk.validate_jwt_token(tokens_hash)
+
       token = tokens_hash[token_type]
       return unless token
 
@@ -49,6 +52,9 @@ module KindeSdk
     private
 
     def set_hash_related_data(tokens_hash)
+      # Validate tokens before setting them
+      KindeSdk.validate_jwt_token(tokens_hash)
+      
       @tokens_hash = tokens_hash.transform_keys(&:to_sym)
       @bearer_token = @tokens_hash[:access_token]
       @expires_at = @tokens_hash[:expires_at]

data/lib/kinde_sdk/version.rb

@@ -1,3 +1,3 @@
 module KindeSdk
-  VERSION = "1.6.2"
+  VERSION = "1.6.3"
 end

data/lib/kinde_sdk.rb

@@ -145,8 +145,6 @@ module KindeSdk
       audience: "#{@config.domain}/api",
       domain: @config.domain
     )
-      validate_jwt_token(hash)
-      
       OAuth2::AccessToken.from_hash(@config.oauth_client(
         client_id: client_id, 
         client_secret: client_secret,
@@ -162,8 +160,6 @@ module KindeSdk
       audience: "#{@config.domain}/api",
       domain: @config.domain
     )
-      validate_jwt_token(hash)
-      
       OAuth2::AccessToken.from_hash(@config.oauth_client(
         client_id: client_id, 
         client_secret: client_secret,
@@ -188,16 +184,6 @@ module KindeSdk
       KindeApi::ApiClient.new(config)
     end
 
-    private
-
-    def url_scheme(default_scheme)
-      parsed_url = URI.parse(@config.domain.to_s)
-      parsed_url.scheme || default_scheme
-    rescue URI::InvalidURIError
-      default_scheme
-    end
-
-
     def validate_jwt_token(token_hash)
       token_hash.each do |key, token|
         next unless %w[access_token id_token].include?(key.to_s.downcase)
@@ -210,6 +196,14 @@ module KindeSdk
       end
     end
 
+    private
+
+    def url_scheme(default_scheme)
+      parsed_url = URI.parse(@config.domain.to_s)
+      parsed_url.scheme || default_scheme
+    rescue URI::InvalidURIError
+      default_scheme
+    end
 
     # Method to validate a JWT token with caching for JWKS
     def jwt_validation(jwt_token, jwks_url, expected_issuer, expected_audience)
@@ -224,8 +218,6 @@ module KindeSdk
       end
     end
 
-    private
-
     # Fetch JWKS from the URL
     def fetch_jwks(jwks_url)
       jwks_response = HTTParty.get(jwks_url)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kinde_sdk
 version: !ruby/object:Gem::Version
-  version: 1.6.2
+  version: 1.6.3
 platform: ruby
 authors:
 - Kinde Australia Pty Ltd
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-03-31 00:00:00.000000000 Z
+date: 2025-04-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: typhoeus