From 69e9995a243672540a48b0593740fac3ea1b1479 Mon Sep 17 00:00:00 2001 From: mansisampat Date: Tue, 7 Oct 2025 09:39:47 +0530 Subject: [PATCH 1/4] Remove firebaseToken from persistence if tokenRefreshHandler is not set and token is expired --- packages/auth/src/core/auth/auth_impl.test.ts | 6 ++++++ packages/auth/src/core/auth/auth_impl.ts | 4 ++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/packages/auth/src/core/auth/auth_impl.test.ts b/packages/auth/src/core/auth/auth_impl.test.ts index 2ad345cd546..e3892a8448e 100644 --- a/packages/auth/src/core/auth/auth_impl.test.ts +++ b/packages/auth/src/core/auth/auth_impl.test.ts @@ -367,6 +367,9 @@ describe('core/auth/auth_impl', () => { const token = await auth.getFirebaseAccessToken(); expect(token).to.be.null; expect(exchangeTokenStub).not.to.have.been.called; + expect(persistenceStub._remove).to.have.been.calledWith( + 'firebase:persistence-token:api-key:test-app' + ); }); it('should refresh the token if token is expiring in next 1 minute and a token refresh handler is set', async () => { @@ -442,6 +445,9 @@ describe('core/auth/auth_impl', () => { 'Token refresh failed:', sinon.match.instanceOf(Error) ); + expect(persistenceStub._remove).to.have.been.calledWith( + 'firebase:persistence-token:api-key:test-app' + ); }); it('should return null and log an error if the refreshed token is invalid', async () => { diff --git a/packages/auth/src/core/auth/auth_impl.ts b/packages/auth/src/core/auth/auth_impl.ts index 507bad0ceb5..2c64f471285 100644 --- a/packages/auth/src/core/auth/auth_impl.ts +++ b/packages/auth/src/core/auth/auth_impl.ts @@ -266,9 +266,9 @@ export class AuthImpl implements AuthInternal, _FirebaseService { return firebaseAccessToken.token; } + // Resets the Firebase Access Token to null i.e. logs out the user. + await this._updateFirebaseToken(null); if (firebaseAccessToken && this.tokenRefreshHandler) { - // Resets the Firebase Access Token to null i.e. logs out the user. - await this._updateFirebaseToken(null); try { // Awaits for the callback method to execute. The callback method // is responsible for performing the exchangeToken(auth, valid3pIdpToken) From 8cba3305359dc24159c0b145aa5ed55cf4fcee85 Mon Sep 17 00:00:00 2001 From: mansisampat Date: Tue, 7 Oct 2025 10:39:10 +0530 Subject: [PATCH 2/4] Update to call signOut instead --- packages/auth/src/core/auth/auth_impl.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/auth/src/core/auth/auth_impl.ts b/packages/auth/src/core/auth/auth_impl.ts index 2c64f471285..a5c0cc8afcd 100644 --- a/packages/auth/src/core/auth/auth_impl.ts +++ b/packages/auth/src/core/auth/auth_impl.ts @@ -267,7 +267,7 @@ export class AuthImpl implements AuthInternal, _FirebaseService { } // Resets the Firebase Access Token to null i.e. logs out the user. - await this._updateFirebaseToken(null); + await this.signOut(); if (firebaseAccessToken && this.tokenRefreshHandler) { try { // Awaits for the callback method to execute. The callback method From bd6e33158c9b95458f82dee4eb6cfedcd75b26f4 Mon Sep 17 00:00:00 2001 From: mansisampat Date: Tue, 7 Oct 2025 10:40:05 +0530 Subject: [PATCH 3/4] update comment --- packages/auth/src/core/auth/auth_impl.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/auth/src/core/auth/auth_impl.ts b/packages/auth/src/core/auth/auth_impl.ts index a5c0cc8afcd..8b7ea98f770 100644 --- a/packages/auth/src/core/auth/auth_impl.ts +++ b/packages/auth/src/core/auth/auth_impl.ts @@ -266,7 +266,7 @@ export class AuthImpl implements AuthInternal, _FirebaseService { return firebaseAccessToken.token; } - // Resets the Firebase Access Token to null i.e. logs out the user. + // Signs out the user i.e. sets the firebaseToken to null. await this.signOut(); if (firebaseAccessToken && this.tokenRefreshHandler) { try { From 91b4d52a352d358bf1a95188bc59ad96a5f9f8da Mon Sep 17 00:00:00 2001 From: mansisampat Date: Tue, 7 Oct 2025 10:50:28 +0530 Subject: [PATCH 4/4] minnor changes --- packages/auth/src/core/auth/auth_impl.test.ts | 8 ++------ packages/auth/src/core/auth/auth_impl.ts | 5 ++--- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/packages/auth/src/core/auth/auth_impl.test.ts b/packages/auth/src/core/auth/auth_impl.test.ts index e3892a8448e..79c459ce9e1 100644 --- a/packages/auth/src/core/auth/auth_impl.test.ts +++ b/packages/auth/src/core/auth/auth_impl.test.ts @@ -367,9 +367,7 @@ describe('core/auth/auth_impl', () => { const token = await auth.getFirebaseAccessToken(); expect(token).to.be.null; expect(exchangeTokenStub).not.to.have.been.called; - expect(persistenceStub._remove).to.have.been.calledWith( - 'firebase:persistence-token:api-key:test-app' - ); + expect(persistenceStub._remove).to.have.been.called; }); it('should refresh the token if token is expiring in next 1 minute and a token refresh handler is set', async () => { @@ -445,9 +443,7 @@ describe('core/auth/auth_impl', () => { 'Token refresh failed:', sinon.match.instanceOf(Error) ); - expect(persistenceStub._remove).to.have.been.calledWith( - 'firebase:persistence-token:api-key:test-app' - ); + expect(persistenceStub._remove).to.have.been.called; }); it('should return null and log an error if the refreshed token is invalid', async () => { diff --git a/packages/auth/src/core/auth/auth_impl.ts b/packages/auth/src/core/auth/auth_impl.ts index 8b7ea98f770..258e2052186 100644 --- a/packages/auth/src/core/auth/auth_impl.ts +++ b/packages/auth/src/core/auth/auth_impl.ts @@ -266,8 +266,6 @@ export class AuthImpl implements AuthInternal, _FirebaseService { return firebaseAccessToken.token; } - // Signs out the user i.e. sets the firebaseToken to null. - await this.signOut(); if (firebaseAccessToken && this.tokenRefreshHandler) { try { // Awaits for the callback method to execute. The callback method @@ -282,9 +280,10 @@ export class AuthImpl implements AuthInternal, _FirebaseService { return this.getFirebaseAccessToken(false); } catch (error) { console.error('Token refresh failed:', error); - return null; } } + // Signs out the user i.e. sets the firebaseToken to null if firebase token is not valid and refresh token handler is not set/ successful. + await this.signOut(); return null; }