Merge pull request #34 from brettchaldecott/parameter_override_thread_safe

Support for multi business setup

Author: brettchaldecott

lib/kinde_sdk.rb

@@ -27,33 +27,59 @@ def configure
     # receive url for authorization in Kinde itself
     #
     # @return [Hash]
-    def auth_url(redirect_uri: @config.callback_url, **kwargs)
+    def auth_url(
+      client_id: @config.client_id,
+      client_secret: @config.client_secret,
+      domain: @config.domain,
+      redirect_uri: @config.callback_url,
+       **kwargs)
       params = {
         redirect_uri: redirect_uri,
         state: SecureRandom.hex,
         scope: @config.scope
       }.merge(**kwargs)
-      return { url: @config.oauth_client.auth_code.authorize_url(params) } unless @config.pkce_enabled
+      return { url: @config.oauth_client(
+        client_id: client_id,
+        client_secret: client_secret,
+        domain: domain,
+        authorize_url: "#{domain}/oauth2/auth",
+        token_url: "#{domain}/oauth2/token").auth_code.authorize_url(params) } unless @config.pkce_enabled
 
       pkce_challenge = PkceChallenge.challenge(char_length: 128)
       params.merge!(code_challenge_method: 'S256', code_challenge: pkce_challenge.code_challenge)
       {
-        url: @config.oauth_client.auth_code.authorize_url(params),
+        url: @config.oauth_client(
+          client_id: client_id,
+          client_secret: client_secret,
+          domain: domain,
+          authorize_url: "#{domain}/oauth2/auth",
+          token_url: "#{domain}/oauth2/token").auth_code.authorize_url(params),
         code_verifier: pkce_challenge.code_verifier
       }
     end
 
     # when callback processor receives code, it needs to be used for fetching bearer token
     #
     # @return [Hash]
-    def fetch_tokens(params_or_code, code_verifier: nil, redirect_uri: @config.callback_url)
-      code = params_or_code.kind_of?(Hash) ? params.fetch("code") : params_or_code
+    def fetch_tokens(
+      params_or_code, 
+      client_id: @config.client_id,
+      client_secret: @config.client_secret,
+      domain: @config.domain,
+      code_verifier: nil,
+      redirect_uri: @config.callback_url)
+      code = params_or_code.kind_of?(Hash) ? params_or_code.fetch("code") : params_or_code
       params = {
         redirect_uri: redirect_uri,
         headers: { 'User-Agent' => "Kinde-SDK: Ruby/#{KindeSdk::VERSION}" }
       }
       params[:code_verifier] = code_verifier if code_verifier
-      @config.oauth_client.auth_code.get_token(code.to_s, params).to_hash
+      @config.oauth_client(
+        client_id: client_id,
+        client_secret: client_secret,
+        domain: domain,
+        authorize_url: "#{domain}/oauth2/auth",
+        token_url: "#{domain}/oauth2/token").auth_code.get_token(code.to_s, params).to_hash
     end
 
     # tokens_hash #=>
@@ -70,35 +96,56 @@ def client(tokens_hash)
       KindeSdk::Client.new(sdk_api_client, tokens_hash, @config.auto_refresh_tokens)
     end
 
-    def logout_url
-      query = @config.logout_url ? URI.encode_www_form(redirect: @config.logout_url) : nil
-      host = URI::parse(@config.domain).host
+    def logout_url(logout_url: @config.logout_url, domain: @config.domain)
+      query = logout_url ? URI.encode_www_form(redirect: logout_url) : nil
+      host = URI::parse(domain).host
       URI::HTTP.build(host: host, path: '/logout', query: query).to_s
     end
 
     def client_credentials_access(
       client_id: @config.client_id,
       client_secret: @config.client_secret,
-      audience: "#{@config.domain}/api"
+      audience: "#{@config.domain}/api",
+      domain: @config.domain
     )
-      Faraday.new(url: @config.domain) do |faraday|
+      Faraday.new(url: domain) do |faraday|
         faraday.response :json
         faraday.use Faraday::FollowRedirects::Middleware
       end
-        .post(@config.token_url) do |req|
+        .post("#{domain}/oauth2/token") do |req|
         req.headers[:content_type] = 'application/x-www-form-urlencoded'
         req.body =
           "grant_type=client_credentials&client_id=#{client_id}&client_secret=#{client_secret}&audience=#{audience}"
       end.body
     end
 
-    def token_expired?(hash)
-      OAuth2::AccessToken.from_hash(@config.oauth_client, hash).expired?
+    def token_expired?(hash,
+      client_id: @config.client_id,
+      client_secret: @config.client_secret,
+      audience: "#{@config.domain}/api",
+      domain: @config.domain
+    )
+      OAuth2::AccessToken.from_hash(@config.oauth_client(
+        client_id: client_id, 
+        client_secret: client_secret,
+        domain: domain,
+        authorize_url: "#{domain}/oauth2/auth",
+        token_url: "#{domain}/oauth2/token"), hash).expired?
     end
 
     # @return [Hash]
-    def refresh_token(hash)
-      OAuth2::AccessToken.from_hash(@config.oauth_client, hash).refresh.to_hash
+    def refresh_token(hash,
+      client_id: @config.client_id,
+      client_secret: @config.client_secret,
+      audience: "#{@config.domain}/api",
+      domain: @config.domain
+    )
+      OAuth2::AccessToken.from_hash(@config.oauth_client(
+        client_id: client_id, 
+        client_secret: client_secret,
+        domain: domain,
+        authorize_url: "#{domain}/oauth2/auth",
+        token_url: "#{domain}/oauth2/token"), hash).refresh.to_hash
     end
 
     # init sdk api client by bearer token

lib/kinde_sdk/configuration.rb

@@ -36,7 +36,7 @@ def configure
       yield(self) if block_given?
     end
 
-    def oauth_client
+    def oauth_client(client_id: @client_id, client_secret: @client_secret, domain: @domain, authorize_url: @authorize_url, token_url: @token_url )
       ::OAuth2::Client.new(
         client_id,
         client_secret,