fix(Auth): Locally signOut the user if globaly signout fail with notAuthorized (#461)

* Added option to global signout and made local signOut as default

Author: royjit

Amplify/Categories/Auth/Request/AuthSignOutRequest.swift

@@ -12,6 +12,7 @@ public struct AuthSignOutRequest: AmplifyOperationRequest {
     public var options: Options
 
     public init(options: Options) {
+
         self.options = options
     }
 }
@@ -25,7 +26,11 @@ public extension AuthSignOutRequest {
         /// key/values
         public let pluginOptions: Any?
 
-        public init(pluginOptions: Any? = nil) {
+        public let globalSignOut: Bool
+        
+        public init(globalSignOut: Bool = false,
+                    pluginOptions: Any? = nil) {
+            self.globalSignOut = globalSignOut
             self.pluginOptions = pluginOptions
         }
     }

AmplifyPlugins/Auth/AWSAuthPlugin/Dependency/AuthenticationProviderAdapter+SignOut.swift

@@ -12,12 +12,17 @@ extension AuthenticationProviderAdapter {
 
     func signOut(request: AuthSignOutRequest, completionHandler: @escaping (Result<Void, AuthError>) -> Void) {
 
-        // If user is signed in through HostedUI the signout require UI to complete. So calling this in main thread.
-        DispatchQueue.main.async { [weak self] in
-            guard let self = self else {
-                return
+        if (request.options.globalSignOut) {
+            // If user is signed in through HostedUI the signout require UI to complete. So calling this in main thread.
+            DispatchQueue.main.async { [weak self] in
+                guard let self = self else {
+                    return
+                }
+                self.signOutWithUI(completionHandler)
             }
-            self.signOutWithUI(completionHandler)
+        } else {
+            awsMobileClient.signOutLocally()
+            completionHandler(.success(()))
         }
     }
 
@@ -27,11 +32,19 @@ extension AuthenticationProviderAdapter {
         // There is no point on returning an error back to the developer, because
         // they do not control how the UI is presented.
         dispatchPrecondition(condition: .onQueue(DispatchQueue.main))
+
         let signOutOptions = SignOutOptions(signOutGlobally: true, invalidateTokens: true)
-        awsMobileClient.signOut(options: signOutOptions) { error in
+        awsMobileClient.signOut(options: signOutOptions) { [weak self] error in
             guard error == nil else {
                 let authError = AuthErrorHelper.toAuthError(error!)
-                completionHandler(.failure(authError))
+                if case .notAuthorized(_, _, _) = authError {
+                    // signOut globally might return notAuthorized when the current token is expired or invalidated
+                    // In this case, we just signOut the user locally and return a success result back.
+                    self?.awsMobileClient.signOutLocally()
+                    completionHandler(.success(()))
+                } else {
+                    completionHandler(.failure(authError))
+                }
                 return
             }
             completionHandler(.success(()))

AmplifyPlugins/Auth/AWSAuthPlugin/Service/AWSMobileClient/AWSMobileClientAdapter.swift

@@ -103,6 +103,10 @@ class AWSMobileClientAdapter: AWSMobileClientBehavior {
         awsMobileClient.signOut(options: options, completionHandler: completionHandler)
     }
 
+    func signOutLocally() {
+        awsMobileClient.signOut()
+    }
+
     func username() -> String? {
         return awsMobileClient.username
     }

AmplifyPlugins/Auth/AWSAuthPlugin/Service/AWSMobileClient/AWSMobileClientBehavior.swift

@@ -50,6 +50,8 @@ protocol AWSMobileClientBehavior {
     func signOut(options: SignOutOptions,
                  completionHandler: @escaping ((Error?) -> Void))
 
+    func signOutLocally()
+
     func username() -> String?
 
     func verifyUserAttribute(attributeName: String,