Aligning logout reasons with Android

wmathurin · wmathurin · commit 5342fe243bb2 · 2025-02-10T16:28:46.000-08:00
* during login when signout out an existing user matching the newly logged in user, Android uses REFRESH_TOKEN_ROTATED while iOS was using SFLogoutReasonUnknown See https://github.com/forcedotcom/SalesforceMobileSDK-Android/blob/dev/libs/SalesforceSDK/src/com/salesforce/androidsdk/auth/AuthenticationUtilities.kt#L163 and https://github.com/forcedotcom/SalesforceMobileSDK-Android/blob/dev/libs/SalesforceSDK/src/com/salesforce/androidsdk/ui/OAuthWebviewHelper.kt#L529 * on login with bio auth enabled, when signing out existing users (which should not happen because we only support one bio auth user) Android uses UNEXPECTED while iOS was using SFLogoutReasonRefreshTokenRotated See https://github.com/forcedotcom/SalesforceMobileSDK-Android/blob/dev/libs/SalesforceSDK/src/com/salesforce/androidsdk/auth/AuthenticationUtilities.kt#L176
diff --git a/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/UserAccount/SFUserAccountManager.m b/libs/SalesforceSDKCore/SalesforceSDKCore/Classes/UserAccount/SFUserAccountManager.m
@@ -1574,8 +1574,9 @@ - (void)setCurrentUserInternal:(SFUserAccount*)user {
             NSArray *keys = [self.userAccountMap allKeys];
             for (SFUserAccountIdentity *identity in keys) {
                 // Logout any other user with Biometric Authentication
+                // This is an unexpected logout(s) because we only support one Bio Auth user.
                 if ([bioAuthManager checkForPolicyWithUserId:identity.userId] && ![identity isEqual:[self currentUserIdentity]]) {
-                    [self logoutUser:[self userAccountForUserIdentity:identity] reason:SFLogoutReasonRefreshTokenRotated];
+                    [self logoutUser:[self userAccountForUserIdentity:identity] reason:SFLogoutReasonUnexpected];
                 }
             }
         }
@@ -1821,7 +1822,7 @@ - (void)retrievedIdentityData:(SFSDKAuthSession *)authSession {
                 if (preLoginCredentials != nil && ![preLoginCredentials.refreshToken isEqualToString:self.currentUser.credentials.refreshToken]) {
                     
                     id<SFSDKOAuthProtocol> authClient = self.authClient();
-                    [authClient revokeRefreshToken:preLoginCredentials reason:SFLogoutReasonUnknown];
+                    [authClient revokeRefreshToken:preLoginCredentials reason:SFLogoutReasonRefreshTokenRotated];
                 }
             } else if (hasMobilePolicy) {
                 [SFSDKAppFeatureMarkers registerAppFeature:kSFAppFeatureScreenLock];

Original file line number	Diff line number	Diff line change
`@@ -1574,8 +1574,9 @@ - (void)setCurrentUserInternal:(SFUserAccount*)user {`
`1574`	`1574`	`NSArray *keys = [self.userAccountMap allKeys];`
`1575`	`1575`	`for (SFUserAccountIdentity *identity in keys) {`
`1576`	`1576`	`// Logout any other user with Biometric Authentication`
	`1577`	`+ // This is an unexpected logout(s) because we only support one Bio Auth user.`
`1577`	`1578`	`if ([bioAuthManager checkForPolicyWithUserId:identity.userId] && ![identity isEqual:[self currentUserIdentity]]) {`
`1578`		`- [self logoutUser:[self userAccountForUserIdentity:identity] reason:SFLogoutReasonRefreshTokenRotated];`
	`1579`	`+ [self logoutUser:[self userAccountForUserIdentity:identity] reason:SFLogoutReasonUnexpected];`
`1579`	`1580`	`}`
`1580`	`1581`	`}`
`1581`	`1582`	`}`
`@@ -1821,7 +1822,7 @@ - (void)retrievedIdentityData:(SFSDKAuthSession *)authSession {`
`1821`	`1822`	`if (preLoginCredentials != nil && ![preLoginCredentials.refreshToken isEqualToString:self.currentUser.credentials.refreshToken]) {`
`1822`	`1823`
`1823`	`1824`	`id<SFSDKOAuthProtocol> authClient = self.authClient();`
`1824`		`- [authClient revokeRefreshToken:preLoginCredentials reason:SFLogoutReasonUnknown];`
	`1825`	`+ [authClient revokeRefreshToken:preLoginCredentials reason:SFLogoutReasonRefreshTokenRotated];`
`1825`	`1826`	`}`
`1826`	`1827`	`} else if (hasMobilePolicy) {`
`1827`	`1828`	`[SFSDKAppFeatureMarkers registerAppFeature:kSFAppFeatureScreenLock];`