Revert "added MD5 hashing algo support"

This reverts commit ac32f86.

src/SDK/DescopeSDK.php

@@ -13,7 +13,6 @@
 use Descope\SDK\Auth\Management\Audit;
 use Descope\SDK\EndpointsV1;
 use Descope\SDK\EndpointsV2;
-use Descope\SDK\Exception\AuthException;
 
 use Descope\SDK\Management\MgmtV1;
 
@@ -63,10 +62,10 @@ public function __construct(array $config)
       */
     public function verify($sessionToken = null): bool
     {
-        $sessionToken = $sessionToken ?? $_COOKIE[EndpointsV1::$SESSION_COOKIE_NAME] ?? null;
+        $sessionToken = $sessionToken ?? $_COOKIE[EndpointsV1::SESSION_COOKIE_NAME] ?? null;
 
         if (!$sessionToken) {
-            throw new \InvalidArgumentException('Session token cannot be null or empty.');
+            throw new \InvalidArgumentException('Session token is required.');
         }
 
         $verifier = new Verifier($this->config, $this->api);
@@ -82,10 +81,10 @@ public function verify($sessionToken = null): bool
      */
     public function refreshSession($refreshToken = null): array
     {
-        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;
+        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
 
         if (empty($refreshToken)) {
-            throw new \InvalidArgumentException('Refresh token cannot be null or empty.');
+            throw new AuthException('Refresh token cannot be null or empty.');
         }
 
         try {
@@ -112,11 +111,11 @@ public function refreshSession($refreshToken = null): array
      */
     public function verifyAndRefreshSession($sessionToken = null, $refreshToken = null): array
     {
-        $sessionToken = $sessionToken ?? $_COOKIE[EndpointsV1::$SESSION_COOKIE_NAME] ?? null;
-        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;
+        $sessionToken = $sessionToken ?? $_COOKIE[EndpointsV1::SESSION_COOKIE_NAME] ?? null;
+        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
 
         if (empty($sessionToken) || empty($refreshToken)) {
-            throw new \InvalidArgumentException('Session or refresh token cannot be null or empty.');
+            throw new AuthException(400, 'Session or refresh token cannot be null or empty.');
         }
 
         try {
@@ -136,10 +135,10 @@ public function verifyAndRefreshSession($sessionToken = null, $refreshToken = nu
      */
     public function getClaims($token = null): array
     {
-        $token = $token ?? $_COOKIE[EndpointsV1::$SESSION_COOKIE_NAME] ?? null;
+        $token = $token ?? $_COOKIE[EndpointsV1::SESSION_COOKIE_NAME] ?? null;
 
         if (!$token) {
-            throw new \InvalidArgumentException('Session token cannot be null or empty.');
+            throw new \InvalidArgumentException('Token is required.');
         }
 
         $extractor = new Extractor($this->config);
@@ -155,10 +154,10 @@ public function getClaims($token = null): array
      */
     public function getUserDetails(string $refreshToken = null): array
     {
-        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;
+        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
 
         if (!$refreshToken) {
-            throw new \InvalidArgumentException('Refresh token cannot be null or empty.');
+            throw new \InvalidArgumentException('Refresh token is required.');
         }
 
         try {
@@ -183,10 +182,10 @@ public function getUserDetails(string $refreshToken = null): array
      */
     public function logout(string $refreshToken = null): void
     {
-        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;
+        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
 
         if (!$refreshToken) {
-            throw new \InvalidArgumentException('Refresh token cannot be null or empty.');
+            throw new \InvalidArgumentException('Refresh token is required.');
         }
 
         try {
@@ -213,10 +212,10 @@ public function logout(string $refreshToken = null): void
      */
     public function logoutAll(string $refreshToken = null): void
     {
-        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;
+        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
 
         if (!$refreshToken) {
-            throw new \InvalidArgumentException('Refresh token cannot be null or empty.');
+            throw new \InvalidArgumentException('Refresh token is required.');
         }
 
         try {

src/SDK/Management/Role.php

@@ -29,10 +29,8 @@ public function __construct(API $api)
      * @return bool True if tenant permissions are valid, false otherwise.
      * @throws AuthException If JWT response is invalid.
      */
-    public function validateTenantPermissions(array $jwtResponse, array $permissions, ?string $tenant = null): bool
+    public function validateTenantPermissions(array $jwtResponse, string $tenant = '', array $permissions): bool
     {
-        $tenant = $tenant ?? '';
-
         if (!is_array($permissions)) {
             $permissions = [$permissions];
         }

src/SDK/Token/Extractor.php

@@ -67,7 +67,7 @@ public function parseToken(string $sessionToken): array
 
     /**
      * Validate a JWT using the provided JWK Set.
-     */
+    */
     public function validateJWT(string $sessionToken): array
     {
         $useRefreshedKey = false;

src/tests/DescopeSDKTest.php

@@ -1,15 +1,11 @@
 <?php
 
-namespace Descope\Tests;
-
 use PHPUnit\Framework\TestCase;
 use Descope\SDK\DescopeSDK;
 use Descope\SDK\API;
-use Descope\SDK\Auth\Password;
-use Descope\SDK\Auth\SSO;
-use Descope\SDK\Management\Management;
+use Descope\SDK\Configuration\SDKConfig;
 
-final class DescopeSDKTest extends TestCase
+class DescopeSDKTest extends TestCase
 {
     private $config;
     private $sdk;
@@ -25,9 +21,9 @@ protected function setUp(): void
 
     public function testConstructorInitializesComponents()
     {
-        $this->assertInstanceOf(Password::class, $this->sdk->password());
-        $this->assertInstanceOf(SSO::class, $this->sdk->sso());
-        $this->assertInstanceOf(Management::class, $this->sdk->management());
+        $this->assertInstanceOf(SDKConfig::class, $this->sdk->password());
+        $this->assertInstanceOf(SDKConfig::class, $this->sdk->sso());
+        $this->assertInstanceOf(SDKConfig::class, $this->sdk->management());
     }
 
     public function testVerifyThrowsExceptionWithoutToken()

src/tests/Management/UserPwdTest.php

@@ -8,7 +8,6 @@
 use Descope\SDK\Management\Password\UserPasswordFirebase;
 use Descope\SDK\Management\Password\UserPasswordPbkdf2;
 use Descope\SDK\Management\Password\UserPasswordDjango;
-use Descope\SDK\Management\Password\UserPasswordMD5;
 
 class UserPwdTest extends TestCase
 {
@@ -82,19 +81,6 @@ public function testUserPasswordDjango()
         $this->assertEquals($expectedArray, $userPasswordDjango->toArray());
     }
 
-    public function testUserPasswordMD5()
-    {
-        $md5Hash = 'pbkdf2_sha256$30000$hashvalue';
-        $userPasswordMD5 = new UserPasswordMD5($md5Hash);
-        $expectedArray = [
-            'md5' => [
-                'hash' => $md5Hash,
-            ],
-        ];
-
-        $this->assertEquals($expectedArray, $userPasswordMD5->toArray());
-    }
-
     public function testUserPasswordWithCleartext()
     {
         $cleartextPassword = 'mypassword';

src/tests/Management/UserTest.php

@@ -6,6 +6,9 @@
 use Descope\SDK\DescopeSDK;
 use Descope\SDK\Management\Password\UserPassword;
 use Descope\SDK\Management\Password\UserPasswordBcrypt;
+use Descope\SDK\Management\Password\UserPasswordFirebase;
+use Descope\SDK\Management\Password\UserPasswordPbkdf2;
+use Descope\SDK\Management\Password\UserPasswordDjango;
 use Descope\SDK\Management\User;
 use Descope\SDK\Management\AssociatedTenant;
 use Descope\SDK\Management\UserObj;