fix(gotrue): catch some errors in signOut (#501)

* fix(gotrue): catch some errors in signOut

* Update packages/gotrue/lib/src/gotrue_client.dart

Co-authored-by: Tyler <18113850+dshukertjr@users.noreply.github.com>

* fix: correct comments

---------

Co-authored-by: Tyler <18113850+dshukertjr@users.noreply.github.com>

packages/gotrue/lib/src/gotrue_client.dart

@@ -610,7 +610,15 @@ class GoTrueClient {
     _removeSession();
     _notifyAllSubscribers(AuthChangeEvent.signedOut);
     if (accessToken != null) {
-      return admin.signOut(accessToken);
+      try {
+        await admin.signOut(accessToken);
+      } on AuthException catch (error) {
+        // ignore 401s since an invalid or expired JWT should sign out the current session
+        // ignore 404s since user might not exist anymore
+        if (error.statusCode != '401' && error.statusCode != '404') {
+          rethrow;
+        }
+      }
     }
   }
 

packages/gotrue/test/admin_test.dart

@@ -1,6 +1,5 @@
 import 'dart:math';
 
-import 'package:dart_jsonwebtoken/dart_jsonwebtoken.dart';
 import 'package:dotenv/dotenv.dart' show env, load;
 import 'package:gotrue/gotrue.dart';
 import 'package:http/http.dart' as http;
@@ -13,15 +12,6 @@ void main() {
 
   final gotrueUrl = env['GOTRUE_URL'] ?? 'http://localhost:9998';
 
-  final serviceRoleToken = JWT(
-    {
-      'role': 'service_role',
-    },
-  ).sign(
-    SecretKey(
-        env['GOTRUE_JWT_SECRET'] ?? '37c304f8-51aa-419a-a1af-06154e63707a'),
-  );
-
   late GoTrueClient client;
 
   setUp(() async {
@@ -34,8 +24,8 @@ void main() {
     client = GoTrueClient(
       url: gotrueUrl,
       headers: {
-        'Authorization': 'Bearer $serviceRoleToken',
-        'apikey': serviceRoleToken,
+        'Authorization': 'Bearer ${getServiceRoleToken()}',
+        'apikey': getServiceRoleToken(),
       },
     );
   });

packages/gotrue/test/client_test.dart

@@ -19,6 +19,7 @@ void main() {
 
   group('Client with default http client', () {
     late GoTrueClient client;
+    late GoTrueClient adminClient;
     late GoTrueClient clientWithAuthConfirmOff;
 
     setUp(() async {
@@ -41,6 +42,15 @@ void main() {
         asyncStorage: asyncStorage,
       );
 
+      adminClient = client = GoTrueClient(
+        url: gotrueUrl,
+        headers: {
+          'Authorization': 'Bearer ${getServiceRoleToken()}',
+          'apikey': getServiceRoleToken(),
+        },
+        asyncStorage: asyncStorage,
+      );
+
       clientWithAuthConfirmOff = GoTrueClient(
         url: gotrueUrl,
         httpClient: NoEmailConfirmationHttpClient(),
@@ -256,6 +266,15 @@ void main() {
       expect(client.currentSession, isNull);
     });
 
+    test('signOut of deleted user', () async {
+      await client.signInWithPassword(email: email1, password: password);
+      expect(client.currentUser, isNotNull);
+      await adminClient.admin.deleteUser(userId1);
+      await client.signOut();
+      expect(client.currentUser, isNull);
+      expect(client.currentSession, isNull);
+    });
+
     test('Get user after logging out', () async {
       final user = client.currentUser;
       expect(user, isNull);

packages/gotrue/test/utils.dart

@@ -1,3 +1,5 @@
+import 'package:dart_jsonwebtoken/dart_jsonwebtoken.dart';
+import 'package:dotenv/dotenv.dart';
 import 'package:gotrue/gotrue.dart';
 
 /// Email of a user with unverified factor
@@ -35,6 +37,17 @@ String getNewPhone() {
   return '$timestamp';
 }
 
+String getServiceRoleToken() {
+  return JWT(
+    {
+      'role': 'service_role',
+    },
+  ).sign(
+    SecretKey(
+        env['GOTRUE_JWT_SECRET'] ?? '37c304f8-51aa-419a-a1af-06154e63707a'),
+  );
+}
+
 class TestAsyncStorage extends GotrueAsyncStorage {
   final Map<String, String> _map = {};
   @override