From cb661c96c8748ecb2dfd5952a77910936149b89b Mon Sep 17 00:00:00 2001
From: Jon Armen <jarmen@cssnetpro.com>
Date: Fri, 12 Jul 2024 11:01:42 -0400
Subject: [PATCH 1/4] Setting Store Tokens should only clear tokens that no
 longer have a value.  This resolves thrashing events when a consumer is
 listening to storage events, preventing them from seeing a 'clear' followed
 immediatly by a 'set' value.

---
 .../cognito/tokenProvider/TokenStore.ts       | 44 +++++++++++++------
 1 file changed, 31 insertions(+), 13 deletions(-)

diff --git a/packages/auth/src/providers/cognito/tokenProvider/TokenStore.ts b/packages/auth/src/providers/cognito/tokenProvider/TokenStore.ts
index 53ac3228d85..a6b135da020 100644
--- a/packages/auth/src/providers/cognito/tokenProvider/TokenStore.ts
+++ b/packages/auth/src/providers/cognito/tokenProvider/TokenStore.ts
@@ -94,24 +94,34 @@ export class DefaultTokenStore implements AuthTokenStore {
 
 	async storeTokens(tokens: CognitoAuthTokens): Promise<void> {
 		assert(tokens !== undefined, TokenProviderErrorCode.InvalidAuthTokens);
-		await this.clearTokens();
 
 		const lastAuthUser = tokens.username;
-		await this.getKeyValueStorage().setItem(
-			this.getLastAuthUserKey(),
-			lastAuthUser,
-		);
+		if (lastAuthUser) {
+			await this.getKeyValueStorage().setItem(
+				this.getLastAuthUserKey(),
+				lastAuthUser,
+			);
+		} else {
+			await this.getKeyValueStorage().removeItem(this.getLastAuthUserKey());
+		}
+
 		const authKeys = await this.getAuthKeys();
-		await this.getKeyValueStorage().setItem(
-			authKeys.accessToken,
-			tokens.accessToken.toString(),
-		);
+		if (authKeys.accessToken) {
+			await this.getKeyValueStorage().setItem(
+				authKeys.accessToken,
+				tokens.accessToken.toString(),
+			);
+		} else {
+			await this.getKeyValueStorage().removeItem(authKeys.accessToken);
+		}
 
 		if (tokens.idToken) {
 			await this.getKeyValueStorage().setItem(
 				authKeys.idToken,
 				tokens.idToken.toString(),
 			);
+		} else {
+			await this.getKeyValueStorage().removeItem(authKeys.idToken);
 		}
 
 		if (tokens.refreshToken) {
@@ -119,6 +129,8 @@ export class DefaultTokenStore implements AuthTokenStore {
 				authKeys.refreshToken,
 				tokens.refreshToken,
 			);
+		} else {
+			await this.getKeyValueStorage().removeItem(authKeys.refreshToken);
 		}
 
 		if (tokens.deviceMetadata) {
@@ -145,12 +157,18 @@ export class DefaultTokenStore implements AuthTokenStore {
 				authKeys.signInDetails,
 				JSON.stringify(tokens.signInDetails),
 			);
+		} else {
+			await this.getKeyValueStorage().removeItem(authKeys.signInDetails);
 		}
 
-		await this.getKeyValueStorage().setItem(
-			authKeys.clockDrift,
-			`${tokens.clockDrift}`,
-		);
+		if (authKeys.clockDrift) {
+			await this.getKeyValueStorage().setItem(
+				authKeys.clockDrift,
+				`${tokens.clockDrift}`,
+			);
+		} else {
+			await this.getKeyValueStorage().removeItem(authKeys.clockDrift);
+		}
 	}
 
 	async clearTokens(): Promise<void> {

From c7900e93f139106d0e8ce46120f6c440175ae19a Mon Sep 17 00:00:00 2001
From: Jon Armen <jarmen@cssnetpro.com>
Date: Thu, 19 Dec 2024 22:33:03 -0500
Subject: [PATCH 2/4] Removing if/else pattern where arguments are not optional

---
 .../cognito/tokenProvider/TokenStore.ts       | 39 +++++++++----------
 1 file changed, 18 insertions(+), 21 deletions(-)

diff --git a/packages/auth/src/providers/cognito/tokenProvider/TokenStore.ts b/packages/auth/src/providers/cognito/tokenProvider/TokenStore.ts
index e75ac70755e..37f7c0f8fc9 100644
--- a/packages/auth/src/providers/cognito/tokenProvider/TokenStore.ts
+++ b/packages/auth/src/providers/cognito/tokenProvider/TokenStore.ts
@@ -97,24 +97,16 @@ export class DefaultTokenStore implements AuthTokenStore {
 		assert(tokens !== undefined, TokenProviderErrorCode.InvalidAuthTokens);
 
 		const lastAuthUser = tokens.username;
-		if (lastAuthUser) {
-			await this.getKeyValueStorage().setItem(
-				this.getLastAuthUserKey(),
-				lastAuthUser,
-			);
-		} else {
-			await this.getKeyValueStorage().removeItem(this.getLastAuthUserKey());
-		}
+		await this.getKeyValueStorage().setItem(
+			this.getLastAuthUserKey(),
+			lastAuthUser,
+		);
 
 		const authKeys = await this.getAuthKeys();
-		if (authKeys.accessToken) {
-			await this.getKeyValueStorage().setItem(
-				authKeys.accessToken,
-				tokens.accessToken.toString(),
-			);
-		} else {
-			await this.getKeyValueStorage().removeItem(authKeys.accessToken);
-		}
+		await this.getKeyValueStorage().setItem(
+			authKeys.accessToken,
+			tokens.accessToken.toString(),
+		);
 
 		if (tokens.idToken) {
 			await this.getKeyValueStorage().setItem(
@@ -162,13 +154,18 @@ export class DefaultTokenStore implements AuthTokenStore {
 			await this.getKeyValueStorage().removeItem(authKeys.signInDetails);
 		}
 
-		if (authKeys.clockDrift) {
+		await this.getKeyValueStorage().setItem(
+			authKeys.clockDrift,
+			`${tokens.clockDrift}`,
+		);
+
+		if (authKeys.oauthMetadata) {
 			await this.getKeyValueStorage().setItem(
-				authKeys.clockDrift,
-				`${tokens.clockDrift}`,
-			);
+				authKeys.oauthMetadata,
+				JSON.stringify(tokens.oauthMetadata),
+			)
 		} else {
-			await this.getKeyValueStorage().removeItem(authKeys.clockDrift);
+			await this.getKeyValueStorage().removeItem(authKeys.oauthMetadata);
 		}
 	}
 

From 0bd12935368af452277d02ef440f1899d3e729e6 Mon Sep 17 00:00:00 2001
From: Jon Armen <jarmen@cssnetpro.com>
Date: Tue, 7 Jan 2025 18:02:57 -0500
Subject: [PATCH 3/4] Remove attempt to set oauthMetadata

Co-authored-by: Hui Zhao <10602282+HuiSF@users.noreply.github.com>
---
 .../src/providers/cognito/tokenProvider/TokenStore.ts    | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/packages/auth/src/providers/cognito/tokenProvider/TokenStore.ts b/packages/auth/src/providers/cognito/tokenProvider/TokenStore.ts
index 37f7c0f8fc9..411ebdb43f5 100644
--- a/packages/auth/src/providers/cognito/tokenProvider/TokenStore.ts
+++ b/packages/auth/src/providers/cognito/tokenProvider/TokenStore.ts
@@ -158,15 +158,6 @@ export class DefaultTokenStore implements AuthTokenStore {
 			authKeys.clockDrift,
 			`${tokens.clockDrift}`,
 		);
-
-		if (authKeys.oauthMetadata) {
-			await this.getKeyValueStorage().setItem(
-				authKeys.oauthMetadata,
-				JSON.stringify(tokens.oauthMetadata),
-			)
-		} else {
-			await this.getKeyValueStorage().removeItem(authKeys.oauthMetadata);
-		}
 	}
 
 	async clearTokens(): Promise<void> {

From c533e50e6e48e2bc40bf7bfc186f58e6b63026ce Mon Sep 17 00:00:00 2001
From: Allan Zheng <zheallan@amazon.com>
Date: Thu, 9 Jan 2025 14:48:37 -0800
Subject: [PATCH 4/4] chore: update auth bundle size

---
 packages/aws-amplify/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/aws-amplify/package.json b/packages/aws-amplify/package.json
index 7bb969cacbf..409df4beae0 100644
--- a/packages/aws-amplify/package.json
+++ b/packages/aws-amplify/package.json
@@ -383,7 +383,7 @@
 			"name": "[Auth] confirmSignIn (Cognito)",
 			"path": "./dist/esm/auth/index.mjs",
 			"import": "{ confirmSignIn }",
-			"limit": "28.62 kB"
+			"limit": "28.66 kB"
 		},
 		{
 			"name": "[Auth] updateMFAPreference (Cognito)",