From d46f61d3dff783bb5753a61700362c910f906a00 Mon Sep 17 00:00:00 2001
From: Cyril David <cyril.david@auth0.com>
Date: Fri, 5 Mar 2021 18:03:48 -0800
Subject: [PATCH] Remove refresh token as well on logout

---
 internal/auth/auth.go    | 2 ++
 internal/auth/secrets.go | 5 +++++
 internal/auth/token.go   | 5 +++++
 internal/cli/cli.go      | 7 ++++++-
 4 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/internal/auth/auth.go b/internal/auth/auth.go
index 4877c550a..878c6f57b 100644
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -36,6 +36,8 @@ type SecretStore interface {
 	Set(namespace, key, value string) error
 	// Get gets the secret
 	Get(namespace, key string) (string, error)
+	// Delete removes the secret
+	Delete(namespace, key string) error
 }
 
 type Authenticator struct {
diff --git a/internal/auth/secrets.go b/internal/auth/secrets.go
index 06f76820e..d3967107b 100644
--- a/internal/auth/secrets.go
+++ b/internal/auth/secrets.go
@@ -13,3 +13,8 @@ func (k *Keyring) Set(namespace, key, value string) error {
 func (k *Keyring) Get(namespace, key string) (string, error) {
 	return keyring.Get(namespace, key)
 }
+
+// Delete deletes a value for the given namespace and key.
+func (k *Keyring) Delete(namespace, key string) error {
+	return keyring.Delete(namespace, key)
+}
diff --git a/internal/auth/token.go b/internal/auth/token.go
index 7fee8d290..3395810d9 100644
--- a/internal/auth/token.go
+++ b/internal/auth/token.go
@@ -22,6 +22,11 @@ type TokenRetriever struct {
 	Client  *http.Client
 }
 
+// Delete deletes the given tenant from the secrets storage.
+func (t *TokenRetriever) Delete(tenant string) error {
+	return t.Secrets.Delete(secretsNamespace, tenant)
+}
+
 // Refresh gets a new access token from the provided refresh token,
 // The request is used the default client_id and endpoint for device authentication.
 func (t *TokenRetriever) Refresh(ctx context.Context, tenant string) (TokenResponse, error) {
diff --git a/internal/cli/cli.go b/internal/cli/cli.go
index 9ecb0a41a..8ef322dc7 100644
--- a/internal/cli/cli.go
+++ b/internal/cli/cli.go
@@ -259,7 +259,12 @@ func (c *cli) removeTenant(ten string) error {
 	}
 
 	if err := c.persistConfig(); err != nil {
-		return fmt.Errorf("persisting config: %w", err)
+		return fmt.Errorf("Unexpected error persisting config: %w", err)
+	}
+
+	tr := &auth.TokenRetriever{Secrets: &auth.Keyring{}}
+	if err := tr.Delete(ten); err != nil {
+		return fmt.Errorf("Unexpected error clearing tenant information: %w", err)
 	}
 
 	return nil