Change in the clearAPICredentials method signature

pmathew92 · pmathew92 · commit cec383f8380b · 2025-11-20T10:16:58.000+05:30
diff --git a/auth0/src/main/java/com/auth0/android/authentication/storage/BaseCredentialsManager.kt b/auth0/src/main/java/com/auth0/android/authentication/storage/BaseCredentialsManager.kt
@@ -146,7 +146,7 @@ public abstract class BaseCredentialsManager internal constructor(
     public abstract val userProfile: UserProfile?
 
     public abstract fun clearCredentials()
-    public abstract fun clearApiCredentials(audience: String)
+    public abstract fun clearApiCredentials(audience: String, scope: String? = null)
     public abstract fun hasValidCredentials(): Boolean
     public abstract fun hasValidCredentials(minTtl: Long): Boolean
 
diff --git a/auth0/src/main/java/com/auth0/android/authentication/storage/CredentialsManager.kt b/auth0/src/main/java/com/auth0/android/authentication/storage/CredentialsManager.kt
@@ -718,8 +718,9 @@ public class CredentialsManager @VisibleForTesting(otherwise = VisibleForTesting
     /**
      * Removes the credentials for the given audience from the storage if present.
      */
-    override fun clearApiCredentials(audience: String) {
-        storage.remove(audience)
+    override fun clearApiCredentials(audience: String, scope: String?) {
+        val key = getAPICredentialsKey(audience, scope)
+        storage.remove(key)
         Log.d(TAG, "API Credentials for $audience were just removed from the storage")
     }
 
diff --git a/auth0/src/main/java/com/auth0/android/authentication/storage/SecureCredentialsManager.kt b/auth0/src/main/java/com/auth0/android/authentication/storage/SecureCredentialsManager.kt
@@ -232,7 +232,7 @@ public class SecureCredentialsManager @VisibleForTesting(otherwise = VisibleForT
              * to use on the next call. We clear any existing credentials so #hasValidCredentials returns
              * a true value. Retrying this operation will succeed.
              */
-            clearApiCredentials(audience)
+            clearApiCredentials(audience, scope)
             throw CredentialsManagerException(
                 CredentialsManagerException.Code.CRYPTO_EXCEPTION,
                 e
@@ -780,8 +780,9 @@ public class SecureCredentialsManager @VisibleForTesting(otherwise = VisibleForT
     /**
      * Removes the credentials for the given audience from the storage if present.
      */
-    override fun clearApiCredentials(audience: String) {
-        storage.remove(audience)
+    override fun clearApiCredentials(audience: String, scope: String?) {
+        val key = getAPICredentialsKey(audience, scope)
+        storage.remove(key)
         Log.d(TAG, "API Credentials for $audience were just removed from the storage")
     }
 
@@ -994,8 +995,7 @@ public class SecureCredentialsManager @VisibleForTesting(otherwise = VisibleForT
                     )
                     return@execute
                 } catch (e: CryptoException) {
-                    //If keys were invalidated, existing credentials will not be recoverable.
-                    clearApiCredentials(audience)
+                    clearApiCredentials(audience, scope)
                     callback.onFailure(
                         CredentialsManagerException(
                             CredentialsManagerException.Code.CRYPTO_EXCEPTION,
