fix(auth): clear oauth data before initiating a new oauth flow (#12409)

* fix: call clearOauthData before starting the oauthf flow

* chore: addess pr feedback

* chore: address feedback

packages/auth/__tests__/providers/cognito/getCurrentUser.test.ts

@@ -5,9 +5,6 @@ import { Amplify } from 'aws-amplify';
 import { decodeJWT } from '@aws-amplify/core/internals/utils';
 import { AuthError } from '../../../src/errors/AuthError';
 import { getCurrentUser } from '../../../src/providers/cognito';
-import { InitiateAuthException } from '../../../src/providers/cognito/types/errors';
-import { fetchTransferHandler } from '@aws-amplify/core/internals/aws-client-utils';
-import { buildMockErrorResponse, mockJsonResponse } from './testUtils/data';
 import { Amplify as AmplifyV6 } from '@aws-amplify/core';
 import { USER_UNAUTHENTICATED_EXCEPTION } from '../../../src/errors/constants';
 jest.mock('@aws-amplify/core/lib/clients/handlers/fetch');

packages/auth/__tests__/providers/cognito/signInWithRedirect.test.ts

@@ -1,5 +1,44 @@
-describe.skip('signInWithRedirect API', () => {
+// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+import { Amplify } from '@aws-amplify/core';
+
+import * as signInWithRedirectModule from '../../../src/providers/cognito/apis/signInWithRedirect';
+Amplify.configure({
+	Auth: {
+		Cognito: {
+			userPoolClientId: '111111-aaaaa-42d8-891d-ee81a1549398',
+			userPoolId: 'us-west-2_zzzzz',
+			loginWith: {
+				oauth: {
+					domain: 'mydomain.com',
+					redirectSignIn: ['localHost:3000'],
+					redirectSignOut: ['localHost:3000'],
+					responseType: 'code',
+					scopes: ['aws.cognito.signin.user.admin'],
+				},
+			},
+		},
+	},
+});
+
+describe('signInWithRedirect API', () => {
+	let oauthSignInSpy;
+	beforeEach(() => {
+		oauthSignInSpy = jest
+			.spyOn(signInWithRedirectModule, 'oauthSignIn')
+			.mockImplementationOnce(async () => {
+				return {};
+			});
+	});
+	afterEach(() => {
+		oauthSignInSpy.mockClear();
+	});
 	it('should pass correct arguments to oauth', () => {
-		// ADD tests
+		// TODO ADD tests
+	});
+
+	it('should try to clear oauth data before starting an oauth flow.', async () => {
+		// TODO: ADD Test: previous test was invalid
 	});
 });

packages/auth/src/providers/cognito/apis/signInWithRedirect.ts

@@ -33,7 +33,8 @@ import { getCurrentUser } from './getCurrentUser';
  *
  * @param input - The SignInWithRedirectInput object, if empty it will redirect to Cognito HostedUI
  *
- * TODO: add config errors
+ * @throws AuthTokenConfigException - Thrown when the userpool config is invalid.
+ * @throws OAuthNotConfigureException - Thrown when the oauth config is invalid.
  */
 export async function signInWithRedirect(
 	input?: SignInWithRedirectInput
@@ -61,9 +62,9 @@ export async function signInWithRedirect(
 	});
 }
 
-const store = new DefaultOAuthStore(defaultStorage);
+export const store = new DefaultOAuthStore(defaultStorage);
 
-async function oauthSignIn({
+export async function oauthSignIn({
 	oauthConfig,
 	provider,
 	clientId,
@@ -162,6 +163,7 @@ async function handleCodeFlow({
 	const code = url.searchParams.get('code');
 
 	if (!code) {
+		await store.clearOAuthData();
 		return;
 	}
 
@@ -258,8 +260,11 @@ async function handleImplicitFlow({
 			tokenType: undefined,
 			expiresIn: undefined,
 		});
+	if (!idToken || !accessToken) {
+		await store.clearOAuthData();
+		return;
+	}
 
-	await store.clearOAuthInflightData();
 	try {
 		validateState(state);
 	} catch (error) {
@@ -290,6 +295,7 @@ async function completeFlow({
 	redirectUri: string;
 	state: string;
 }) {
+	await store.clearOAuthData();
 	await store.storeOAuthSignIn(true, preferPrivateSession);
 	if (isCustomState(state)) {
 		Hub.dispatch(