From 25878e9209c1d20dc8229a859ea71e0e2ba65b3d Mon Sep 17 00:00:00 2001
From: Kevin J Gao <32936811+gaokevin1@users.noreply.github.com>
Date: Fri, 27 Dec 2024 15:14:53 -0800
Subject: [PATCH] Revert "added MD5 hashing algo support"

This reverts commit ac32f8682adb657b41a6d71562eedf713bcb35d2.
---
 .phpunit.result.cache                         |  1 -
 src/SDK/DescopeSDK.php                        | 31 +++++++-------
 .../Management/Password/UserPasswordMD5.php   | 41 -------------------
 src/SDK/Management/Role.php                   |  4 +-
 src/SDK/Token/Extractor.php                   |  2 +-
 src/tests/DescopeSDKTest.php                  | 14 +++----
 src/tests/Management/UserPwdTest.php          | 14 -------
 src/tests/Management/UserTest.php             |  3 ++
 8 files changed, 25 insertions(+), 85 deletions(-)
 delete mode 100644 .phpunit.result.cache
 delete mode 100644 src/SDK/Management/Password/UserPasswordMD5.php

diff --git a/.phpunit.result.cache b/.phpunit.result.cache
deleted file mode 100644
index de413ee..0000000
--- a/.phpunit.result.cache
+++ /dev/null
@@ -1 +0,0 @@
-{"version":1,"defects":{"Descope\\Tests\\Management\\UserPwdTest::testUserPasswordMD5":4},"times":{"Descope\\Tests\\Management\\UserPwdTest::testUserPasswordBcrypt":0.004,"Descope\\Tests\\Management\\UserPwdTest::testUserPasswordFirebase":0,"Descope\\Tests\\Management\\UserPwdTest::testUserPasswordPbkdf2":0,"Descope\\Tests\\Management\\UserPwdTest::testUserPasswordDjango":0,"Descope\\Tests\\Management\\UserPwdTest::testUserPasswordMD5":0,"Descope\\Tests\\Management\\UserPwdTest::testUserPasswordWithCleartext":0,"Descope\\Tests\\Management\\UserPwdTest::testUserPasswordWithHashedPassword":0}}
\ No newline at end of file
diff --git a/src/SDK/DescopeSDK.php b/src/SDK/DescopeSDK.php
index 2bf29c2..4a48677 100644
--- a/src/SDK/DescopeSDK.php
+++ b/src/SDK/DescopeSDK.php
@@ -13,7 +13,6 @@
 use Descope\SDK\Auth\Management\Audit;
 use Descope\SDK\EndpointsV1;
 use Descope\SDK\EndpointsV2;
-use Descope\SDK\Exception\AuthException;
 
 use Descope\SDK\Management\MgmtV1;
 
@@ -63,10 +62,10 @@ public function __construct(array $config)
       */
     public function verify($sessionToken = null): bool
     {
-        $sessionToken = $sessionToken ?? $_COOKIE[EndpointsV1::$SESSION_COOKIE_NAME] ?? null;
+        $sessionToken = $sessionToken ?? $_COOKIE[EndpointsV1::SESSION_COOKIE_NAME] ?? null;
 
         if (!$sessionToken) {
-            throw new \InvalidArgumentException('Session token cannot be null or empty.');
+            throw new \InvalidArgumentException('Session token is required.');
         }
 
         $verifier = new Verifier($this->config, $this->api);
@@ -82,10 +81,10 @@ public function verify($sessionToken = null): bool
      */
     public function refreshSession($refreshToken = null): array
     {
-        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;
+        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
 
         if (empty($refreshToken)) {
-            throw new \InvalidArgumentException('Refresh token cannot be null or empty.');
+            throw new AuthException('Refresh token cannot be null or empty.');
         }
 
         try {
@@ -112,11 +111,11 @@ public function refreshSession($refreshToken = null): array
      */
     public function verifyAndRefreshSession($sessionToken = null, $refreshToken = null): array
     {
-        $sessionToken = $sessionToken ?? $_COOKIE[EndpointsV1::$SESSION_COOKIE_NAME] ?? null;
-        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;
+        $sessionToken = $sessionToken ?? $_COOKIE[EndpointsV1::SESSION_COOKIE_NAME] ?? null;
+        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
 
         if (empty($sessionToken) || empty($refreshToken)) {
-            throw new \InvalidArgumentException('Session or refresh token cannot be null or empty.');
+            throw new AuthException(400, 'Session or refresh token cannot be null or empty.');
         }
         
         try {
@@ -136,10 +135,10 @@ public function verifyAndRefreshSession($sessionToken = null, $refreshToken = nu
      */
     public function getClaims($token = null): array
     {
-        $token = $token ?? $_COOKIE[EndpointsV1::$SESSION_COOKIE_NAME] ?? null;
+        $token = $token ?? $_COOKIE[EndpointsV1::SESSION_COOKIE_NAME] ?? null;
 
         if (!$token) {
-            throw new \InvalidArgumentException('Session token cannot be null or empty.');
+            throw new \InvalidArgumentException('Token is required.');
         }
 
         $extractor = new Extractor($this->config);
@@ -155,10 +154,10 @@ public function getClaims($token = null): array
      */
     public function getUserDetails(string $refreshToken = null): array
     {
-        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;
+        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
 
         if (!$refreshToken) {
-            throw new \InvalidArgumentException('Refresh token cannot be null or empty.');
+            throw new \InvalidArgumentException('Refresh token is required.');
         }
 
         try {
@@ -183,10 +182,10 @@ public function getUserDetails(string $refreshToken = null): array
      */
     public function logout(string $refreshToken = null): void
     {
-        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;
+        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
 
         if (!$refreshToken) {
-            throw new \InvalidArgumentException('Refresh token cannot be null or empty.');
+            throw new \InvalidArgumentException('Refresh token is required.');
         }
 
         try {
@@ -213,10 +212,10 @@ public function logout(string $refreshToken = null): void
      */
     public function logoutAll(string $refreshToken = null): void
     {
-        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;
+        $refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
 
         if (!$refreshToken) {
-            throw new \InvalidArgumentException('Refresh token cannot be null or empty.');
+            throw new \InvalidArgumentException('Refresh token is required.');
         }
 
         try {
diff --git a/src/SDK/Management/Password/UserPasswordMD5.php b/src/SDK/Management/Password/UserPasswordMD5.php
deleted file mode 100644
index a83ca3e..0000000
--- a/src/SDK/Management/Password/UserPasswordMD5.php
+++ /dev/null
@@ -1,41 +0,0 @@
-<?php
-// phpcs:ignoreFile
-
-declare(strict_types=1);
-
-namespace Descope\SDK\Management\Password;
-
-/**
- * Class UserPasswordMD5
- * 
- * Represents a user password hashed using the MD5 hashing scheme.
- * 
- */
-class UserPasswordMD5
-{
-    public string $hash;
-
-    /**
-     * Constructor to initialize MD5 password details.
-     *
-     * @param string $hash The MD5 hash in plaintext format.
-     */
-    public function __construct(string $hash)
-    {
-        $this->hash = $hash;
-    }
-
-    /**
-     * Convert object data to an array format.
-     *
-     * @return array The password data as an associative array.
-     */
-    public function toArray(): array
-    {
-        return [
-            'md5' => [
-                'hash' => $this->hash,
-            ],
-        ];
-    }
-}
\ No newline at end of file
diff --git a/src/SDK/Management/Role.php b/src/SDK/Management/Role.php
index 5e822be..ef074ba 100644
--- a/src/SDK/Management/Role.php
+++ b/src/SDK/Management/Role.php
@@ -29,10 +29,8 @@ public function __construct(API $api)
      * @return bool True if tenant permissions are valid, false otherwise.
      * @throws AuthException If JWT response is invalid.
      */
-    public function validateTenantPermissions(array $jwtResponse, array $permissions, ?string $tenant = null): bool
+    public function validateTenantPermissions(array $jwtResponse, string $tenant = '', array $permissions): bool
     {
-        $tenant = $tenant ?? '';
-
         if (!is_array($permissions)) {
             $permissions = [$permissions];
         }
diff --git a/src/SDK/Token/Extractor.php b/src/SDK/Token/Extractor.php
index ad76a74..3dc3edb 100644
--- a/src/SDK/Token/Extractor.php
+++ b/src/SDK/Token/Extractor.php
@@ -67,7 +67,7 @@ public function parseToken(string $sessionToken): array
 
     /**
      * Validate a JWT using the provided JWK Set.
-     */
+    */
     public function validateJWT(string $sessionToken): array
     {
         $useRefreshedKey = false;
diff --git a/src/tests/DescopeSDKTest.php b/src/tests/DescopeSDKTest.php
index 22e0d85..37ebfbb 100644
--- a/src/tests/DescopeSDKTest.php
+++ b/src/tests/DescopeSDKTest.php
@@ -1,15 +1,11 @@
 <?php
 
-namespace Descope\Tests;
-
 use PHPUnit\Framework\TestCase;
 use Descope\SDK\DescopeSDK;
 use Descope\SDK\API;
-use Descope\SDK\Auth\Password;
-use Descope\SDK\Auth\SSO;
-use Descope\SDK\Management\Management;
+use Descope\SDK\Configuration\SDKConfig;
 
-final class DescopeSDKTest extends TestCase
+class DescopeSDKTest extends TestCase
 {
     private $config;
     private $sdk;
@@ -25,9 +21,9 @@ protected function setUp(): void
 
     public function testConstructorInitializesComponents()
     {
-        $this->assertInstanceOf(Password::class, $this->sdk->password());
-        $this->assertInstanceOf(SSO::class, $this->sdk->sso());
-        $this->assertInstanceOf(Management::class, $this->sdk->management());
+        $this->assertInstanceOf(SDKConfig::class, $this->sdk->password());
+        $this->assertInstanceOf(SDKConfig::class, $this->sdk->sso());
+        $this->assertInstanceOf(SDKConfig::class, $this->sdk->management());
     }
 
     public function testVerifyThrowsExceptionWithoutToken()
diff --git a/src/tests/Management/UserPwdTest.php b/src/tests/Management/UserPwdTest.php
index aa3ace7..ec6eeb6 100644
--- a/src/tests/Management/UserPwdTest.php
+++ b/src/tests/Management/UserPwdTest.php
@@ -8,7 +8,6 @@
 use Descope\SDK\Management\Password\UserPasswordFirebase;
 use Descope\SDK\Management\Password\UserPasswordPbkdf2;
 use Descope\SDK\Management\Password\UserPasswordDjango;
-use Descope\SDK\Management\Password\UserPasswordMD5;
 
 class UserPwdTest extends TestCase
 {
@@ -82,19 +81,6 @@ public function testUserPasswordDjango()
         $this->assertEquals($expectedArray, $userPasswordDjango->toArray());
     }
 
-    public function testUserPasswordMD5()
-    {
-        $md5Hash = 'pbkdf2_sha256$30000$hashvalue';
-        $userPasswordMD5 = new UserPasswordMD5($md5Hash);
-        $expectedArray = [
-            'md5' => [
-                'hash' => $md5Hash,
-            ],
-        ];
-
-        $this->assertEquals($expectedArray, $userPasswordMD5->toArray());
-    }
-
     public function testUserPasswordWithCleartext()
     {
         $cleartextPassword = 'mypassword';
diff --git a/src/tests/Management/UserTest.php b/src/tests/Management/UserTest.php
index 0ba158f..19ecf65 100644
--- a/src/tests/Management/UserTest.php
+++ b/src/tests/Management/UserTest.php
@@ -6,6 +6,9 @@
 use Descope\SDK\DescopeSDK;
 use Descope\SDK\Management\Password\UserPassword;
 use Descope\SDK\Management\Password\UserPasswordBcrypt;
+use Descope\SDK\Management\Password\UserPasswordFirebase;
+use Descope\SDK\Management\Password\UserPasswordPbkdf2;
+use Descope\SDK\Management\Password\UserPasswordDjango;
 use Descope\SDK\Management\User;
 use Descope\SDK\Management\AssociatedTenant;
 use Descope\SDK\Management\UserObj;