Skip to content

Exposes UserProfile to return contents of id token without refreshing credentials#840

Merged
NandanPrabhu merged 8 commits intomainfrom
SDK-6070
Jun 27, 2025
Merged

Exposes UserProfile to return contents of id token without refreshing credentials#840
NandanPrabhu merged 8 commits intomainfrom
SDK-6070

Conversation

@NandanPrabhu
Copy link
Copy Markdown
Contributor

@NandanPrabhu NandanPrabhu commented Jun 10, 2025

Changes

This PR covers addressing a github issue requesting a feature to allow accessing credentials without refresh.
Both SecureCredentialsManager and CredentialManager returns credentials directly from storage. In case of SecureCredentialsManager, it takes care of fetching from storage and decrypting as well.

References

auth0/auth0-flutter#378

Testing

Please describe how this can be tested by reviewers. Be specific about anything not tested and reasons why. Since this library has unit testing, tests should be added for new functionality and existing tests should complete without errors.

  • This change adds unit test coverage

  • This change adds integration test coverage

  • This change has been tested on the latest version of the platform/language or why not

Checklist

@NandanPrabhu NandanPrabhu requested a review from a team as a code owner June 10, 2025 05:37
@pmathew92
Copy link
Copy Markdown
Contributor

pmathew92 commented Jun 12, 2025
edited
Loading

@NandanPrabhu The title claims to return Credentials but this returns only the UserProfile to the end user . Please update the tile accordingly as it can be misleading when generating the release notes

pmathew92
pmathew92 reviewed Jun 12, 2025
View reviewed changes
auth0/src/main/java/com/auth0/android/authentication/storage/CredentialsManager.kt
Executors.newSingleThreadExecutor()
)

public override val userProfile: UserProfile?
Copy link
Copy Markdown
Contributor

@pmathew92 pmathew92 Jun 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Credentials class already has an userProfile property which returns the decoded UserProfile . We can reuse that

Copy link
Copy Markdown
Contributor Author

@NandanPrabhu NandanPrabhu Jun 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we can add a getExistingCredentials() method here similar to SecureCredentialsManager to construct the complete Credentials object. Since here usecase is to retrieve id token and returns its contents, we are retrieving only the ID token from storage @pmathew92

pmathew92
pmathew92 reviewed Jun 12, 2025
View reviewed changes
auth0/src/main/java/com/auth0/android/authentication/storage/SecureCredentialsManager.kt Outdated
}
}

private fun retrieveCredentials() : Credentials? {
Copy link
Copy Markdown
Contributor

@pmathew92 pmathew92 Jun 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No need for this as there is already a method getExistingCredentials which does the exact same thing

Copy link
Copy Markdown
Contributor Author

@NandanPrabhu NandanPrabhu Jun 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done @pmathew92 updated the changes

@NandanPrabhu NandanPrabhu changed the title GH issue Allow accessing credentials without an attempt to refresh #378 Exposes UserProfile to return contents of id token without refreshing credentials Jun 12, 2025
pmathew92
pmathew92 reviewed Jun 12, 2025
View reviewed changes
auth0/src/main/java/com/auth0/android/authentication/storage/SecureCredentialsManager.kt
return credentials
}

public override val userProfile: UserProfile?
Copy link
Copy Markdown
Contributor

@pmathew92 pmathew92 Jun 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reuse userProfile property from Credentials class

Copy link
Copy Markdown
Contributor Author

@NandanPrabhu NandanPrabhu Jun 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

pmathew92
pmathew92 reviewed Jun 12, 2025
View reviewed changes
auth0/src/test/java/com/auth0/android/authentication/storage/CredentialsManagerTest.kt Outdated
}

@Test
public fun shouldFailOnUserProfileWhenCredentialsIsNotSaved() {
Copy link
Copy Markdown
Contributor

@pmathew92 pmathew92 Jun 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tests are incomplete

Copy link
Copy Markdown
Contributor Author

@NandanPrabhu NandanPrabhu Jun 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

since we are using existing function removed these test cases

pmathew92
pmathew92 requested changes Jun 12, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@pmathew92 pmathew92 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can reuse already existing properties / methods and avoid redundant code

@NandanPrabhu NandanPrabhu merged commit 6740faa into main Jun 27, 2025
7 checks passed
@NandanPrabhu NandanPrabhu deleted the SDK-6070 branch June 27, 2025 07:24
@pmathew92 pmathew92 mentioned this pull request Jul 2, 2025
Merged
@pmathew92 pmathew92 mentioned this pull request Aug 11, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pmathew92 pmathew92 pmathew92 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@NandanPrabhu @pmathew92