From b4be39888b45fddd154c9e76eccfc9032229931b Mon Sep 17 00:00:00 2001
From: saravanakumardb1 <saravanakumardb1@users.noreply.github.com>
Date: Sat, 28 Feb 2026 22:54:01 -0800
Subject: [PATCH] fix(swift-sdk): remove productId prefix from BLAuthClient
 keychain keys
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

BLAuthClient stored tokens as '{productId}_access_token' but all app
wrappers use KeychainHelper.read(key: "access_token") — the bare key.
This caused a critical mismatch: after login, BlobService/LicenseService
could not find the token, and token migration from UserDefaults was invisible
to BLAuthClient.isAuthenticated.

The Keychain service name (bundleId) already namespaces per product,
making the productId prefix redundant. Now uses bare 'access_token' and
'refresh_token' keys matching existing app conventions.
---
 .../swift-platform-sdk/Sources/BLAuthClient.swift    | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/packages/swift-platform-sdk/Sources/BLAuthClient.swift b/packages/swift-platform-sdk/Sources/BLAuthClient.swift
index 316f0b1b..6bb27712 100644
--- a/packages/swift-platform-sdk/Sources/BLAuthClient.swift
+++ b/packages/swift-platform-sdk/Sources/BLAuthClient.swift
@@ -86,11 +86,11 @@ public final class BLAuthClient {
     // MARK: - Token Access
 
     public var accessToken: String? {
-        BLKeychain.read(service: keychainService, key: "\(config.productId)_access_token")
+        BLKeychain.read(service: keychainService, key: "access_token")
     }
 
     public var refreshTokenValue: String? {
-        BLKeychain.read(service: keychainService, key: "\(config.productId)_refresh_token")
+        BLKeychain.read(service: keychainService, key: "refresh_token")
     }
 
     public var isAuthenticated: Bool {
@@ -229,15 +229,15 @@ public final class BLAuthClient {
     // MARK: - Private
 
     private func saveTokens(access: String, refresh: String) {
-        BLKeychain.save(service: keychainService, key: "\(config.productId)_access_token", value: access)
-        BLKeychain.save(service: keychainService, key: "\(config.productId)_refresh_token", value: refresh)
+        BLKeychain.save(service: keychainService, key: "access_token", value: access)
+        BLKeychain.save(service: keychainService, key: "refresh_token", value: refresh)
         client.authToken = access
         onTokensUpdated?(access)
     }
 
     private func clearTokens() {
-        BLKeychain.delete(service: keychainService, key: "\(config.productId)_access_token")
-        BLKeychain.delete(service: keychainService, key: "\(config.productId)_refresh_token")
+        BLKeychain.delete(service: keychainService, key: "access_token")
+        BLKeychain.delete(service: keychainService, key: "refresh_token")
         client.authToken = nil
         onTokensUpdated?(nil)
     }