fix: automatically clear auth token if refresh token is invalid

core/src/cloud/grow/auth.ts

@@ -14,8 +14,9 @@ import type { Log } from "../../logger/log-entry.js"
 import { getNonAuthenticatedApiClient } from "./trpc.js"
 import { CloudApiTokenRefreshError } from "../api.js"
 import { CloudApiError } from "../../exceptions.js"
-import { saveAuthToken } from "../auth.js"
+import { clearAuthToken, saveAuthToken } from "../auth.js"
 import { getCloudDistributionName } from "../util.js"
+import dedent from "dedent"
 
 export function isTokenExpired(token: ClientAuthToken) {
   const now = new Date()
@@ -86,8 +87,15 @@ export async function refreshAuthTokenAndWriteToConfigStore(
     }
 
     log.debug({ msg: `Failed to refresh the token.` })
+    if (err.message.toLowerCase().includes("invalid refresh token")) {
+      await clearAuthToken(log, globalConfigStore, cloudDomain)
+      log.info("Invalid refresh token was removed from the configuration store.")
+    }
+
     throw new CloudApiTokenRefreshError({
-      message: `An error occurred while verifying client auth token with ${getCloudDistributionName(cloudDomain)}: ${err.message}`,
+      message: dedent`An error occurred while verifying client auth token with ${getCloudDistributionName(cloudDomain)}: ${err.message}
+        Please try again.
+        `,
       responseStatusCode: err.data?.httpStatus,
     })
   }