kinde_sdk 1.2.0 → 1.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2edea62c5bda0b80177bcb0444a278e5deb6b6a99317f29f2e5d51033dd6a488
-  data.tar.gz: 360a4ef5a4de05384ad6186960f22c3955839d63edcc7df6cb3f76f66428fdb0
+  metadata.gz: 4813caa0071e90cbe5821db9c0f8c553d2affbd62a1d64071e241957591bb7cb
+  data.tar.gz: 1802d0a2c465d51d358dcbdb497288eeedb2181ffe9ebf8e22877b332830b57d
 SHA512:
-  metadata.gz: 6b69c73af4c5ca4c291e54cba3c9284d74d2aaab8024c27c6d09b7f40ac859cf3004dabf362dd5839acf46d2bfab25f9fcd4a67377ea52afb948e619b6827eec
-  data.tar.gz: b9b249b70f9983335153b5d6ba6ab8187588c4a9da240e97fb6e1f17076b37d600d16a7ea61c9693adf419d80cdbdfa671f867b8a8d94dab9331c6925ef564e0
+  metadata.gz: fc3e8f2567082887624aabc0b407622f6296ac2495afe43befbc4608de1387ce050c67befe82044b9c8f802e8368a744613d324712b10906e6f99e1072592a29
+  data.tar.gz: f6e9e510340d215d26877d20ac1e25ac2d34496738a7dbd711882b64c91ad57c90f0afb952abcb7112253fa9b34b9a4f67fbc32e931ca42a46940f374008faab

data/README.md

@@ -65,6 +65,7 @@ KindeSdk.configure do |c|
  # c.authorize_url = '/oauth2/auth'         # default value
  # c.token_url = '/oauth2/token'            # default value
  # c.debugging = false                      # default value
+ # c.auto_refresh_tokens = true             # default value
  c.logger = Rails.logger
 end
 ```
@@ -84,6 +85,8 @@ defined in allowed logout urls of your kinde organization's application config
 - `Debugging` set to true start writing verbose request logs. Might be useful while developing your application.
 - `Logger` might be set to any kind of loggers you are using. By default it is set to `Rails.logger` if gem is used in
 rails application or `Logger.new(STDOUT)` if it is not a rails app.
+- `auto_refresh_tokens` defines default behaviour on api instance method calls. If the config set to false, there will not be any auto refreshes during method calling,
+otherwise each time client will try to refresh expired tokens if `expires_at` are present (see [token expiration and refreshing](#token-expiration-and-refreshing) section).
 
 These variables can be handled with any system you want: .env files, settings.yml or any type of config files.
 For example, .env file (you can name variables by yourself):
@@ -181,6 +184,13 @@ client.refresh_token # => {"access_token" => "qwe...", ...., "expires_at"=>16854
 If you are calling `#refresh_token` on a client instance, the instance token data will be automatically updated.
 If you are calling `KindeSdk#refresh_token`, you'll need to store new token data in your configured storage (redis/session/etc).
 
+**Warning!**
+Each instance_api method checking tokens for expiration if expires_at present in a hash.
+So, if in your backend code you are using some storage, be sure you are saving `client.tokens_hash` after each instance
+method calling, otherwise you will keep in your storage (session/redis/etc.) old data and unable to fetch new tokens.
+
+If you don't want auto refreshing behavior, set `auto_refresh_tokens` config to false.
+
 #### Audience
 An `audience` is the intended recipient of an access token - for example the API for your application.
 The audience argument can be passed to the Kinde `#auth_url` method to request an audience be added to the provided token:

data/lib/kinde_sdk/client.rb

@@ -5,10 +5,11 @@ module KindeSdk
     include FeatureFlags
     include Permissions
 
-    attr_accessor :kinde_api_client, :bearer_token, :tokens_hash, :expires_at
+    attr_accessor :kinde_api_client, :auto_refresh_tokens, :bearer_token, :tokens_hash, :expires_at
 
-    def initialize(sdk_api_client, tokens_hash)
+    def initialize(sdk_api_client, tokens_hash, auto_refresh_tokens)
       @kinde_api_client = sdk_api_client
+      @auto_refresh_tokens = auto_refresh_tokens
       set_hash_related_data(tokens_hash)
     end
 
@@ -49,12 +50,23 @@ module KindeSdk
 
     def set_hash_related_data(tokens_hash)
       @tokens_hash = tokens_hash.transform_keys(&:to_sym)
-      @bearer_token = tokens_hash[:access_token]
-      @expires_at = tokens_hash[:expires_at]
+      @bearer_token = @tokens_hash[:access_token]
+      @expires_at = @tokens_hash[:expires_at]
     end
 
+    # going from another side: prepending each api_client's public method to check token for expiration
     def init_instance_api(api_klass)
-      api_klass.new(kinde_api_client)
+      instance = api_klass.new(kinde_api_client)
+      main_client = self
+      methods_to_prepend = instance.public_methods(false).reject { |m| m.to_s.start_with?("api_client") }
+      methods_to_prepend.each do |method_name|
+        original = instance.method(method_name)
+        instance.define_singleton_method(method_name) do |*args, &block|
+          main_client.refresh_token if main_client.auto_refresh_tokens && main_client.token_expired?
+          original.call(*args, &block)
+        end
+      end
+      instance
     end
   end
 end

data/lib/kinde_sdk/configuration.rb

@@ -14,6 +14,7 @@ module KindeSdk
     attr_accessor :debugging
     attr_accessor :oauth_client
     attr_accessor :pkce_enabled
+    attr_accessor :auto_refresh_tokens
 
     def initialize
       @authorize_url = '/oauth2/auth'
@@ -22,6 +23,7 @@ module KindeSdk
       @logger = defined?(Rails) ? Rails.logger : Logger.new(STDOUT)
       @scope = 'openid offline email profile'
       @pkce_enabled = true
+      @auto_refresh_tokens = true
 
       yield(self) if block_given?
     end

data/lib/kinde_sdk/version.rb

@@ -1,3 +1,3 @@
 module KindeSdk
-  VERSION = "1.2.0"
+  VERSION = "1.2.1"
 end

data/lib/kinde_sdk.rb

@@ -67,7 +67,7 @@ module KindeSdk
     # @return [KindeSdk::Client]
     def client(tokens_hash)
       sdk_api_client = api_client(tokens_hash["access_token"])
-      KindeSdk::Client.new(sdk_api_client, tokens_hash)
+      KindeSdk::Client.new(sdk_api_client, tokens_hash, @config.auto_refresh_tokens)
     end
 
     def logout_url

data/spec/kinde_sdk_spec.rb

@@ -6,6 +6,7 @@ describe KindeSdk do
   let(:client_secret) { "client_secret" }
   let(:callback_url) { "http://localhost:3000/callback" }
   let(:logout_url) { "http://localhost/logout-callback" }
+  let(:auto_refresh_tokens) { true }
 
   before do
     KindeSdk.configure do |c|
@@ -14,6 +15,7 @@ describe KindeSdk do
       c.client_secret = client_secret
       c.callback_url = callback_url
       c.logout_url = logout_url
+      c.auto_refresh_tokens = auto_refresh_tokens
     end
   end
 
@@ -227,6 +229,11 @@ describe KindeSdk do
     end
 
     describe "api instances" do
+      before do
+        stub_request(:get, "#{domain}/oauth2/user_profile")
+        # allow(client.oauth).to receive(:get_user_with_http_info).and_return(["data", 200, {}])
+      end
+
       it 'initializes client by passing the tokens_hash' do
         expect(client).to be_instance_of(KindeSdk::Client)
       end
@@ -242,6 +249,29 @@ describe KindeSdk do
       it "initializes feature flags instance api" do
         expect(client.feature_flags).to be_instance_of(KindeApi::FeatureFlagsApi)
       end
+
+      it "does not call for refresh tokens" do
+        expect(client).not_to receive(:refresh_token)
+        client.oauth.get_user({})
+      end
+
+      context "when token expired" do
+        let(:expires_at) { Time.now.to_i - 1 }
+
+        it "calls refresh_tokens before method if token expired" do
+          expect(client).to receive(:refresh_token).at_least(:once)
+          client.oauth.get_user({})
+        end
+
+        context "when auto_refresh_tokens disabled" do
+          let(:auto_refresh_tokens) { false }
+
+          it "does not call for refresh tokens" do
+            expect(client).not_to receive(:refresh_token)
+            client.oauth.get_user({})
+          end
+        end
+      end
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kinde_sdk
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.2.1
 platform: ruby
 authors:
 - Kinde Australia Pty Ltd
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-07-07 00:00:00.000000000 Z
+date: 2023-07-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: typhoeus