chore(ui): remove refresh token on logout (#11936)

* chore(ui): remove refresh token on logout

* update test

openmetadata-ui/src/main/resources/ui/src/components/PermissionProvider/PermissionProvider.tsx

@@ -12,7 +12,7 @@
  */
 
 import { CookieStorage } from 'cookie-storage';
-import { isEmpty, isUndefined } from 'lodash';
+import { isEmpty } from 'lodash';
 import { observer } from 'mobx-react';
 import React, {
   createContext,
@@ -177,14 +177,10 @@ const PermissionProvider: FC<PermissionProviderProps> = ({ children }) => {
     /**
      * Only fetch permissions if current user is present
      */
-    if (
-      isProtectedRoute(location.pathname) &&
-      !isUndefined(currentUser) &&
-      !isEmpty(currentUser)
-    ) {
+    if (isProtectedRoute(location.pathname) && !isEmpty(currentUser)) {
       fetchLoggedInUserPermissions();
     }
-    if (isUndefined(currentUser) || isEmpty(currentUser)) {
+    if (isEmpty(currentUser)) {
       resetPermissions();
     }
   }, [currentUser]);

openmetadata-ui/src/main/resources/ui/src/components/authentication/auth-provider/AuthProvider.test.tsx

@@ -18,9 +18,21 @@ import {
 } from '@testing-library/react';
 import userEvent from '@testing-library/user-event';
 import AppState from 'AppState';
+import { refreshTokenKey } from 'constants/constants';
 import React from 'react';
 import AuthProvider, { useAuthContext } from './AuthProvider';
 
+const localStorageMock = {
+  getItem: jest.fn(),
+  setItem: jest.fn(),
+  removeItem: jest.fn(),
+  clear: jest.fn(),
+};
+
+Object.defineProperty(window, 'localStorage', {
+  value: localStorageMock,
+});
+
 jest.mock('react-router-dom', () => ({
   useHistory: jest.fn().mockReturnValue({ push: jest.fn(), listen: jest.fn() }),
   useLocation: jest.fn().mockReturnValue({ pathname: 'pathname' }),
@@ -70,4 +82,34 @@ describe('Test auth provider', () => {
     expect(mockUpdateUserDetails).toHaveBeenCalled();
     expect(mockUpdateUserDetails).toHaveBeenCalledWith({});
   });
+
+  it('Logout handler should remove the refresh token', async () => {
+    const ConsumerComponent = () => {
+      const { onLogoutHandler } = useAuthContext();
+
+      return (
+        <button data-testid="logout-button" onClick={onLogoutHandler}>
+          Logout
+        </button>
+      );
+    };
+
+    render(
+      <AuthProvider childComponentType={ConsumerComponent}>
+        <ConsumerComponent />
+      </AuthProvider>
+    );
+
+    await waitForElementToBeRemoved(() => screen.getByTestId('loader'));
+
+    const logoutButton = screen.getByTestId('logout-button');
+
+    expect(logoutButton).toBeInTheDocument();
+
+    await act(async () => {
+      userEvent.click(logoutButton);
+    });
+
+    expect(localStorageMock.removeItem).toHaveBeenCalledWith(refreshTokenKey);
+  });
 });

openmetadata-ui/src/main/resources/ui/src/components/authentication/auth-provider/AuthProvider.tsx

@@ -138,6 +138,10 @@ export const AuthProvider = ({
 
     // remove analytics session on logout
     removeSession();
+
+    // remove the refresh token on logout
+    localState.removeRefreshToken();
+
     setLoading(false);
   }, [timeoutId, appState]);
 

openmetadata-ui/src/main/resources/ui/src/utils/LocalStorageUtils.ts

@@ -30,6 +30,8 @@ const localState = {
   },
 
   removeOidcToken: () => localStorage.removeItem(oidcTokenKey),
+
+  removeRefreshToken: () => localStorage.removeItem(refreshTokenKey),
 };
 
 export default localState;