From 26e69fc31d1d9e6cd5125becc2f8c7cdedce628b Mon Sep 17 00:00:00 2001
From: Eric Amodio <eamodio@gmail.com>
Date: Fri, 1 Apr 2022 17:30:45 -0400
Subject: [PATCH] Ensures that logout actually removes all sessions

---
 src/plus/subscription/authenticationProvider.ts | 36 +++++++++++++++++++++++++
 src/plus/subscription/subscriptionService.ts    |  5 ++++
 2 files changed, 41 insertions(+)

diff --git a/src/plus/subscription/authenticationProvider.ts b/src/plus/subscription/authenticationProvider.ts
index 1cd085c..9927835 100644
--- a/src/plus/subscription/authenticationProvider.ts
+++ b/src/plus/subscription/authenticationProvider.ts
@@ -138,6 +138,42 @@ export class SubscriptionAuthenticationProvider implements AuthenticationProvide
 		}
 	}
 
+	@debug()
+	public async removeSessionsByScopes(scopes?: string[]) {
+		const cc = Logger.getCorrelationContext();
+
+		try {
+			scopes = scopes?.sort();
+			const scopesKey = getScopesKey(scopes);
+
+			const removed: AuthenticationSession[] = [];
+
+			let index = 0;
+
+			const sessions = await this._sessionsPromise;
+
+			for (const session of sessions) {
+				if (getScopesKey(session.scopes) !== scopesKey) {
+					index++;
+					continue;
+				}
+
+				sessions.splice(index, 1);
+				removed.push(session);
+			}
+
+			if (removed.length === 0) return;
+
+			await this.storeSessions(sessions);
+
+			this._onDidChangeSessions.fire({ added: [], removed: removed, changed: [] });
+		} catch (ex) {
+			Logger.error(ex, cc);
+			void window.showErrorMessage(`Unable to sign out of GitLens+: ${ex}`);
+			throw ex;
+		}
+	}
+
 	private _migrated: boolean | undefined;
 	async tryMigrateSession(): Promise<AuthenticationSession | undefined> {
 		if (this._migrated == null) {
diff --git a/src/plus/subscription/subscriptionService.ts b/src/plus/subscription/subscriptionService.ts
index 89b7905..09441c2 100644
--- a/src/plus/subscription/subscriptionService.ts
+++ b/src/plus/subscription/subscriptionService.ts
@@ -282,6 +282,11 @@ export class SubscriptionService implements Disposable {
 		if (this._session != null) {
 			void this.container.subscriptionAuthentication.removeSession(this._session.id);
 			this._session = undefined;
+		} else {
+			// Even if we don't have a session, make sure to remove any other matching sessions
+			void this.container.subscriptionAuthentication.removeSessionsByScopes(
+				SubscriptionService.authenticationScopes,
+			);
 		}
 
 		if (reset && this.container.debugging) {