Remove firebaseToken from persistence if tokenRefreshHandler is not s… (#9298)

* Remove firebaseToken from persistence if tokenRefreshHandler is not set and token is expired

* Update to call signOut instead

* update comment

* minnor changes

Author: mansisampat

packages/auth/src/core/auth/auth_impl.test.ts

@@ -367,6 +367,7 @@ describe('core/auth/auth_impl', () => {
       const token = await auth.getFirebaseAccessToken();
       expect(token).to.be.null;
       expect(exchangeTokenStub).not.to.have.been.called;
+      expect(persistenceStub._remove).to.have.been.called;
     });
 
     it('should refresh the token if token is expiring in next 1 minute and a token refresh handler is set', async () => {
@@ -442,6 +443,7 @@ describe('core/auth/auth_impl', () => {
         'Token refresh failed:',
         sinon.match.instanceOf(Error)
       );
+      expect(persistenceStub._remove).to.have.been.called;
     });
 
     it('should return null and log an error if the refreshed token is invalid', async () => {

packages/auth/src/core/auth/auth_impl.ts

@@ -267,8 +267,6 @@ export class AuthImpl implements AuthInternal, _FirebaseService {
     }
 
     if (firebaseAccessToken && this.tokenRefreshHandler) {
-      // Resets the Firebase Access Token to null i.e. logs out the user.
-      await this._updateFirebaseToken(null);
       try {
         // Awaits for the callback method to execute. The callback method
         // is responsible for performing the exchangeToken(auth, valid3pIdpToken)
@@ -282,9 +280,10 @@ export class AuthImpl implements AuthInternal, _FirebaseService {
         return this.getFirebaseAccessToken(false);
       } catch (error) {
         console.error('Token refresh failed:', error);
-        return null;
       }
     }
+    // Signs out the user i.e. sets the firebaseToken to null if firebase token is not valid and refresh token handler is not set/ successful.
+    await this.signOut();
     return null;
   }