From ee09c0abdac941ab498f6db8dc4878205584884e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Carlos=20Gon=C3=A7alves?= <cgoncalves@bitwarden.com>
Date: Mon, 31 Oct 2022 17:40:26 +0000
Subject: [PATCH] SG-786 - Fix 400 error code log outs without invalid_grant
 (#2156)

* SG-786 - Added validation to check if the 400 error is invalid grant

* SG 786 - Improved code quality
---
 src/Core/Services/ApiService.cs | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/Core/Services/ApiService.cs b/src/Core/Services/ApiService.cs
index a58263f96..256135310 100644
--- a/src/Core/Services/ApiService.cs
+++ b/src/Core/Services/ApiService.cs
@@ -795,8 +795,6 @@ namespace Bit.Core.Services
             if (authed
                 &&
                 (
-                    (tokenError && response.StatusCode == HttpStatusCode.BadRequest)
-                    ||
                     (logoutOnUnauthorized && response.StatusCode == HttpStatusCode.Unauthorized)
                     ||
                     response.StatusCode == HttpStatusCode.Forbidden
@@ -813,6 +811,17 @@ namespace Bit.Core.Services
                     var responseJsonString = await response.Content.ReadAsStringAsync();
                     responseJObject = JObject.Parse(responseJsonString);
                 }
+
+                if (authed && tokenError
+                    &&
+                    response.StatusCode == HttpStatusCode.BadRequest
+                    &&
+                    responseJObject?["error"]?.ToString() == "invalid_grant")
+                {
+                    await _logoutCallbackAsync(new Tuple<string, bool, bool>(null, false, true));
+                    return null;
+                }
+
                 return new ErrorResponse(responseJObject, response.StatusCode, tokenError);
             }
             catch