[SDK-3738] Option to clear session only in Credentials Manager (#543)

* Option to clear session only in Credentials Manager * Reworked clearCredentials API
auth0 · Nov 7, 2022 · 92540f9 · 92540f9
1 parent 85a796e
commit 92540f9
Show file tree

Hide file tree

Showing 4 changed files with 59 additions and 1 deletion.
diff --git a/src/hooks/__tests__/use-auth0.spec.js b/src/hooks/__tests__/use-auth0.spec.js
@@ -5,6 +5,7 @@ import * as React from 'react';
 import {renderHook} from '@testing-library/react-hooks';
 import Auth0Provider from '../auth0-provider';
 import useAuth0 from '../use-auth0';
+import {act} from 'react-dom/test-utils';
 
 function makeJwt(claims) {
   const header = {alg: 'RS256', typ: 'JWT'};
@@ -257,6 +258,47 @@ describe('The useAuth0 hook', () => {
     );
   });
 
+  it('can clear the credentials', async () => {
+    const {result, waitForNextUpdate} = renderHook(() => useAuth0(), {wrapper});
+
+    act(() => {
+      result.current.clearCredentials();
+    });
+    await waitForNextUpdate();
+
+    expect(mockAuth0.credentialsManager.clearCredentials).toHaveBeenCalled();
+  });
+
+  it('sets the error property when an error is raised in clearing credentials', async () => {
+    const {result, waitForNextUpdate} = renderHook(() => useAuth0(), {wrapper});
+    const errorToThrow = new Error('Error clearing credentials');
+
+    mockAuth0.credentialsManager.clearCredentials.mockRejectedValue(
+      errorToThrow,
+    );
+
+    result.current.clearCredentials();
+    await waitForNextUpdate();
+    expect(result.current.error).toBe(errorToThrow);
+  });
+
+  it('clears the error on successful logout when clearing credentials', async () => {
+    const {result, waitForNextUpdate} = renderHook(() => useAuth0(), {wrapper});
+    const errorToThrow = new Error('Error clearing credentials');
+
+    mockAuth0.credentialsManager.clearCredentials.mockRejectedValueOnce(
+      errorToThrow,
+    );
+    mockAuth0.credentialsManager.clearCredentials.mockResolvedValue();
+
+    result.current.clearCredentials();
+    await waitForNextUpdate();
+    expect(result.current.error).toBe(errorToThrow);
+    result.current.clearCredentials();
+    await waitForNextUpdate();
+    expect(result.current.error).toBeNull();
+  });
+
   it('sets the error property when an error is raised in authorize', async () => {
     const {result, waitForNextUpdate} = renderHook(() => useAuth0(), {wrapper});
     const errorToThrow = new Error('Authorize error');
@@ -300,6 +342,7 @@ describe('The useAuth0 hook', () => {
 
     mockAuth0.webAuth.clearSession.mockRejectedValueOnce(errorToThrow);
     mockAuth0.webAuth.clearSession.mockResolvedValue();
+    mockAuth0.credentialsManager.clearCredentials.mockResolvedValue();
 
     result.current.clearSession();
     await waitForNextUpdate();

diff --git a/src/hooks/auth0-context.js b/src/hooks/auth0-context.js
@@ -10,6 +10,7 @@ const initialContext = {
   authorize: stub,
   clearSession: stub,
   getCredentials: stub,
+  clearCredentials: stub,
   requireLocalAuthentication: stub,
 };
 

diff --git a/src/hooks/auth0-provider.js b/src/hooks/auth0-provider.js
@@ -112,6 +112,16 @@ const Auth0Provider = ({domain, clientId, children}) => {
     [client],
   );
 
+  const clearCredentials = useCallback(async () => {
+    try {
+      await client.credentialsManager.clearCredentials();
+      dispatch({type: 'LOGOUT_COMPLETE'});
+    } catch (error) {
+      dispatch({type: 'ERROR', error});
+      return;
+    }
+  }, [client]);
+
   const requireLocalAuthentication = useCallback(async (...options) => {
     try {
       await client.credentialsManager.requireLocalAuthentication(...options);
@@ -127,13 +137,15 @@ const Auth0Provider = ({domain, clientId, children}) => {
       authorize,
       clearSession,
       getCredentials,
+      clearCredentials,
       requireLocalAuthentication,
     }),
     [
       state,
       authorize,
       clearSession,
       getCredentials,
+      clearCredentials,
       requireLocalAuthentication,
     ],
   );

diff --git a/src/hooks/use-auth0.js b/src/hooks/use-auth0.js
@@ -6,8 +6,9 @@ import Auth0Context from './auth0-context';
  * @property {Object} user The user profile as decoded from the ID token after authentication
  * @property {Object} error An object representing the last exception
  * @property {Function} authorize Authorize the user using Auth0 Universal Login. See {@link WebAuth#authorize}
- * @property {Function} clearSession Clears the user's session and logs them out. See {@link WebAuth#clearSession}
+ * @property {Function} clearSession Clears the user's web session, credentials and logs them out. See {@link WebAuth#clearSession}.
  * @property {Function} getCredentials Gets the user's credentials from the native credential store. See {@link CredentialsManager#getCredentials}
+ * @property {Function} clearCredentials Clears the user's credentials without clearing their web session and logs them out.
  * @property {Function} requireLocalAuthentication Enables Local Authentication (PIN, Biometric, Swipe etc) to get the credentials. See {@link CredentialsManager#requireLocalAuthentication}
  */
 
@@ -23,6 +24,7 @@ import Auth0Context from './auth0-context';
  *   authorize,
  *   clearSession,
  *   getCredentials,
+ *   clearCredentials,
  *   requireLocalAuthentication
  * } = useAuth0();
  */