SG-786 - Fix 400 error code log outs without invalid_grant (#2156)

* SG-786 - Added validation to check if the 400 error is invalid grant * SG 786 - Improved code quality
2024-11-26 12:16:07 +01:00 · 2022-10-31 17:40:26 +00:00 · 2022-10-31 17:40:26 +00:00 · ee09c0abda
commit ee09c0abda
parent 9baa79e10b
1 changed files with 11 additions and 2 deletions
--- a/src/Core/Services/ApiService.cs
+++ b/src/Core/Services/ApiService.cs
@ -795,8 +795,6 @@ namespace Bit.Core.Services
            if (authed
                &&
                (
-                    (tokenError && response.StatusCode == HttpStatusCode.BadRequest)
-                    ||
                    (logoutOnUnauthorized && response.StatusCode == HttpStatusCode.Unauthorized)
                    ||
                    response.StatusCode == HttpStatusCode.Forbidden
@ -813,6 +811,17 @@ namespace Bit.Core.Services
                    var responseJsonString = await response.Content.ReadAsStringAsync();
                    responseJObject = JObject.Parse(responseJsonString);
                }
+
+                if (authed && tokenError
+                    &&
+                    response.StatusCode == HttpStatusCode.BadRequest
+                    &&
+                    responseJObject?["error"]?.ToString() == "invalid_grant")
+                {
+                    await _logoutCallbackAsync(new Tuple<string, bool, bool>(null, false, true));
+                    return null;
+                }
+
                return new ErrorResponse(responseJObject, response.StatusCode, tokenError);
            }
            catch