Skip to content

Exposes UserProfile to return contents of id token without refreshing credentials #840

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Exposes UserProfile to return contents of id token without refreshing credentials #840

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
7521d10
GH issue Allow accessing credentials without an attempt to refresh #378
NandanPrabhu Jun 10, 2025
0ff7698
fixes a build issue in CredentialsManager
NandanPrabhu Jun 10, 2025
9ad1b15
Merge branch 'main' into SDK-6070
NandanPrabhu Jun 10, 2025
0a4c311
reverts few changes
NandanPrabhu Jun 10, 2025
e89b755
resolves PR comments
NandanPrabhu Jun 16, 2025
c98cbdd
reverts changes
NandanPrabhu Jun 17, 2025
334aeaf
Merge branch 'main' into SDK-6070
NandanPrabhu Jun 17, 2025
3a5ebdf
Address PR comments
NandanPrabhu Jun 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions auth0/src/main/java/com/auth0/android/authentication/storage/BaseCredentialsManager.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,16 @@ package com.auth0.android.authentication.storage
import androidx.annotation.VisibleForTesting
import com.auth0.android.authentication.AuthenticationAPIClient
import com.auth0.android.callback.Callback
import com.auth0.android.request.internal.GsonProvider
import com.auth0.android.request.internal.Jwt
import com.auth0.android.result.APICredentials
import com.auth0.android.result.Credentials
import com.auth0.android.result.SSOCredentials
import com.auth0.android.result.UserProfile
import com.auth0.android.util.Clock
import java.util.*
import kotlin.collections.component1
import kotlin.collections.component2

/**
* Base class meant to abstract common logic across Credentials Manager implementations.
Expand Down Expand Up @@ -38,6 +43,7 @@ public abstract class BaseCredentialsManager internal constructor(
callback: Callback<SSOCredentials, CredentialsManagerException>
)


public abstract fun getSsoCredentials(
callback: Callback<SSOCredentials, CredentialsManagerException>
)
Expand Down Expand Up @@ -136,6 +142,8 @@ public abstract class BaseCredentialsManager internal constructor(
headers: Map<String, String> = emptyMap()
): APICredentials

public abstract val userProfile: UserProfile?

public abstract fun clearCredentials()
public abstract fun clearApiCredentials(audience: String)
public abstract fun hasValidCredentials(): Boolean
Expand Down
19 changes: 19 additions & 0 deletions auth0/src/main/java/com/auth0/android/authentication/storage/CredentialsManager.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,21 +1,28 @@
package com.auth0.android.authentication.storage

import android.text.TextUtils
import android.util.Base64
import android.util.Log
import androidx.annotation.VisibleForTesting
import com.auth0.android.authentication.AuthenticationAPIClient
import com.auth0.android.authentication.AuthenticationException
import com.auth0.android.authentication.storage.SecureCredentialsManager.Companion.KEY_CREDENTIALS
import com.auth0.android.callback.Callback
import com.auth0.android.request.internal.GsonProvider
import com.auth0.android.request.internal.Jwt
import com.auth0.android.result.APICredentials
import com.auth0.android.result.Credentials
import com.auth0.android.result.OptionalCredentials
import com.auth0.android.result.SSOCredentials
import com.auth0.android.result.UserProfile
import com.auth0.android.result.toAPICredentials
import com.google.gson.Gson
import kotlinx.coroutines.suspendCancellableCoroutine
import java.util.*
import java.util.concurrent.Executor
import java.util.concurrent.Executors
import kotlin.collections.component1
import kotlin.collections.component2
import kotlin.coroutines.resume
import kotlin.coroutines.resumeWithException

Expand Down Expand Up @@ -44,6 +51,18 @@ public class CredentialsManager @VisibleForTesting(otherwise = VisibleForTesting
Executors.newSingleThreadExecutor()
)

public override val userProfile: UserProfile?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Credentials class already has an userProfile property which returns the decoded UserProfile . We can reuse that

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we can add a getExistingCredentials() method here similar to SecureCredentialsManager to construct the complete Credentials object. Since here usecase is to retrieve id token and returns its contents, we are retrieving only the ID token from storage @pmathew92

get() {
val idToken = storage.retrieveString(KEY_ID_TOKEN)

if (idToken.isNullOrBlank()) {
return null
}
val (_, payload) = Jwt.splitToken(idToken)
val gson = GsonProvider.gson
return gson.fromJson(Jwt.decodeBase64(payload), UserProfile::class.java)
}

/**
* Stores the given credentials in the storage. Must have an access_token or id_token and a expires_in value.
*
Expand Down
17 changes: 17 additions & 0 deletions auth0/src/main/java/com/auth0/android/authentication/storage/SecureCredentialsManager.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,16 +11,23 @@ import com.auth0.android.authentication.AuthenticationAPIClient
import com.auth0.android.authentication.AuthenticationException
import com.auth0.android.callback.Callback
import com.auth0.android.request.internal.GsonProvider
import com.auth0.android.request.internal.Jwt
import com.auth0.android.result.APICredentials
import com.auth0.android.result.Credentials
import com.auth0.android.result.OptionalCredentials
import com.auth0.android.result.SSOCredentials
import com.auth0.android.result.UserProfile
import com.auth0.android.result.toAPICredentials
import com.google.gson.Gson
import kotlinx.coroutines.CoroutineScope
import kotlinx.coroutines.GlobalScope
import kotlinx.coroutines.launch
import kotlinx.coroutines.suspendCancellableCoroutine
import java.lang.ref.WeakReference
import java.util.*
import java.util.concurrent.Executor
import kotlin.collections.component1
import kotlin.collections.component2
import kotlin.coroutines.resume
import kotlin.coroutines.resumeWithException

Expand Down Expand Up @@ -250,6 +257,16 @@ public class SecureCredentialsManager @VisibleForTesting(otherwise = VisibleForT
}
}

public override val userProfile: UserProfile?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reuse userProfile property from Credentials class

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

get() {
val credentials: Credentials? = getExistingCredentials()
// Handle null credentials gracefully
if (credentials == null) {
return null
}
return credentials.user
}

/**
* Creates a new request to exchange a refresh token for a session transfer token that can be used to perform web single sign-on.
*
Expand Down
3 changes: 1 addition & 2 deletions auth0/src/test/java/com/auth0/android/authentication/storage/SecureCredentialsManagerTest.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -173,8 +173,7 @@ public class SecureCredentialsManagerTest {
)
MatcherAssert.assertThat(manager, Is.`is`(Matchers.notNullValue()))
}



/*
* SAVE SSO credentials test
*/
Expand Down