From ef5d22adee759bee25cfb12a11f8094a736c04ca Mon Sep 17 00:00:00 2001
From: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Date: Thu, 23 Jan 2025 11:27:43 -0500
Subject: [PATCH] Clarify not-preferred use

---
 libs/common/src/auth/services/token.service.ts | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/libs/common/src/auth/services/token.service.ts b/libs/common/src/auth/services/token.service.ts
index df78564ce02..7802af7424f 100644
--- a/libs/common/src/auth/services/token.service.ts
+++ b/libs/common/src/auth/services/token.service.ts
@@ -472,6 +472,7 @@ export class TokenService implements TokenServiceAbstraction {
 
     const secureStorageSupport = await firstValueFrom(this.secureStorageService.support$);
 
+    // Since we are just reading the access token, we can use secure storage even if it's not preferred
     if (
       secureStorageSupport.type === "supported" ||
       secureStorageSupport.type === "not-preferred"
@@ -562,7 +563,7 @@ export class TokenService implements TokenServiceAbstraction {
       vaultTimeoutAction,
       vaultTimeout,
       true,
-      false, // used to set a real value, not only for reading or clearing
+      refreshToken == null, // if the refresh token we are about to set is null then we are using this for clearing
     );
 
     switch (storageLocation) {
@@ -698,6 +699,9 @@ export class TokenService implements TokenServiceAbstraction {
     // but we can simply clear all locations to avoid the need to require those parameters
 
     const secureStorageSupport = await firstValueFrom(this.secureStorageService.support$);
+    // We can use a not-preferred secure storage service to clear the token
+    // it's important though that we still clear it from the other locations
+    // when it's not-preferred though, which we are doing.
     if (
       secureStorageSupport.type === "supported" ||
       secureStorageSupport.type === "not-preferred"