[google_sign_in] Implement clearAuthorizationToken (#10024)

Platform interface portion of #9846

Part of flutter/flutter#173924

## Pre-Review Checklist

[^1]: Regular contributors who have demonstrated familiarity with the repository guidelines only need to comment if the PR is not auto-exempted by repo tooling.

Author: stuartmorgan-g

packages/google_sign_in/google_sign_in_android/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 7.1.0
+
+* Adds support for the `clearAuthorizationToken` method.
+
 ## 7.0.5
 
 * Adds support for `hostedDomain` when authenticating.

packages/google_sign_in/google_sign_in_android/android/build.gradle

@@ -70,7 +70,7 @@ dependencies {
     implementation 'androidx.credentials:credentials:1.5.0'
     implementation 'androidx.credentials:credentials-play-services-auth:1.5.0'
     implementation 'com.google.android.libraries.identity.googleid:googleid:1.1.1'
-    implementation 'com.google.android.gms:play-services-auth:21.3.0'
+    implementation 'com.google.android.gms:play-services-auth:21.4.0'
     testImplementation 'junit:junit:4.13.2'
     testImplementation 'org.mockito:mockito-inline:5.2.0'
 }

packages/google_sign_in/google_sign_in_android/android/src/main/java/io/flutter/plugins/googlesignin/GoogleSignInPlugin.java

@@ -32,6 +32,7 @@
 import com.google.android.gms.auth.api.identity.AuthorizationClient;
 import com.google.android.gms.auth.api.identity.AuthorizationRequest;
 import com.google.android.gms.auth.api.identity.AuthorizationResult;
+import com.google.android.gms.auth.api.identity.ClearTokenRequest;
 import com.google.android.gms.auth.api.identity.Identity;
 import com.google.android.gms.common.api.ApiException;
 import com.google.android.gms.common.api.Scope;
@@ -219,7 +220,7 @@ public void getCredential(
           return;
         }
 
-        // getCredentialAsync requires an acitivity context, not an application context, per
+        // getCredentialAsync requires an activity context, not an application context, per
         // the API docs.
         Activity activity = getActivity();
         if (activity == null) {
@@ -337,17 +338,31 @@ public void clearCredentialState(@NonNull Function1<? super Result<Unit>, Unit>
           new CredentialManagerCallback<>() {
             @Override
             public void onResult(Void result) {
-              ResultUtilsKt.completeWithClearCredentialStateSuccess(callback);
+              ResultUtilsKt.completeWithUnitSuccess(callback);
             }
 
             @Override
             public void onError(@NonNull ClearCredentialException e) {
-              ResultUtilsKt.completeWithClearCredentialStateError(
+              ResultUtilsKt.completeWithUnitError(
                   callback, new FlutterError("Clear Failed", e.getMessage(), null));
             }
           });
     }
 
+    @Override
+    public void clearAuthorizationToken(
+        @NonNull String token, @NonNull Function1<? super Result<Unit>, Unit> callback) {
+      authorizationClientFactory
+          .create(context)
+          .clearToken(ClearTokenRequest.builder().setToken(token).build())
+          .addOnSuccessListener(unused -> ResultUtilsKt.completeWithUnitSuccess(callback))
+          .addOnFailureListener(
+              e ->
+                  ResultUtilsKt.completeWithUnitError(
+                      callback,
+                      new FlutterError("clearAuthorizationToken failed", e.getMessage(), null)));
+    }
+
     @Override
     public void authorize(
         @NonNull PlatformAuthorizationRequest params,

packages/google_sign_in/google_sign_in_android/android/src/main/kotlin/io/flutter/plugins/googlesignin/Messages.kt

@@ -606,6 +606,8 @@ interface GoogleSignInApi {
   )
   /** Clears CredentialManager credential state. */
   fun clearCredentialState(callback: (Result<Unit>) -> Unit)
+  /** Clears the authorization cache for the given token. */
+  fun clearAuthorizationToken(token: String, callback: (Result<Unit>) -> Unit)
   /** Requests authorization tokens via AuthorizationClient. */
   fun authorize(
       params: PlatformAuthorizationRequest,
@@ -692,6 +694,29 @@ interface GoogleSignInApi {
           channel.setMessageHandler(null)
         }
       }
+      run {
+        val channel =
+            BasicMessageChannel<Any?>(
+                binaryMessenger,
+                "dev.flutter.pigeon.google_sign_in_android.GoogleSignInApi.clearAuthorizationToken$separatedMessageChannelSuffix",
+                codec)
+        if (api != null) {
+          channel.setMessageHandler { message, reply ->
+            val args = message as List<Any?>
+            val tokenArg = args[0] as String
+            api.clearAuthorizationToken(tokenArg) { result: Result<Unit> ->
+              val error = result.exceptionOrNull()
+              if (error != null) {
+                reply.reply(MessagesPigeonUtils.wrapError(error))
+              } else {
+                reply.reply(MessagesPigeonUtils.wrapResult(null))
+              }
+            }
+          }
+        } else {
+          channel.setMessageHandler(null)
+        }
+      }
       run {
         val channel =
             BasicMessageChannel<Any?>(

packages/google_sign_in/google_sign_in_android/android/src/main/kotlin/io/flutter/plugins/googlesignin/ResultUtils.kt

@@ -18,11 +18,11 @@ fun completeWithGetCredentialFailure(
   callback(Result.success(failure))
 }
 
-fun completeWithClearCredentialStateSuccess(callback: (Result<Unit>) -> Unit) {
+fun completeWithUnitSuccess(callback: (Result<Unit>) -> Unit) {
   callback(Result.success(Unit))
 }
 
-fun completeWithClearCredentialStateError(callback: (Result<Unit>) -> Unit, failure: FlutterError) {
+fun completeWithUnitError(callback: (Result<Unit>) -> Unit, failure: FlutterError) {
   callback(Result.failure(failure))
 }
 

packages/google_sign_in/google_sign_in_android/android/src/test/java/io/flutter/plugins/googlesignin/GoogleSignInTest.java

@@ -40,6 +40,7 @@
 import com.google.android.gms.auth.api.identity.AuthorizationClient;
 import com.google.android.gms.auth.api.identity.AuthorizationRequest;
 import com.google.android.gms.auth.api.identity.AuthorizationResult;
+import com.google.android.gms.auth.api.identity.ClearTokenRequest;
 import com.google.android.gms.common.api.ApiException;
 import com.google.android.gms.common.api.Status;
 import com.google.android.gms.tasks.OnSuccessListener;
@@ -71,6 +72,7 @@ public class GoogleSignInTest {
   @Mock CustomCredential mockGenericCredential;
   @Mock GoogleIdTokenCredential mockGoogleCredential;
   @Mock Task<AuthorizationResult> mockAuthorizationTask;
+  @Mock Task<Void> mockClearTokenTask;
 
   private GoogleSignInPlugin flutterPlugin;
   // Technically this is not the plugin, but in practice almost all of the functionality is in this
@@ -88,6 +90,8 @@ public void setUp() {
         .thenReturn(GoogleIdTokenCredential.TYPE_GOOGLE_ID_TOKEN_CREDENTIAL);
     when(mockAuthorizationTask.addOnSuccessListener(any())).thenReturn(mockAuthorizationTask);
     when(mockAuthorizationTask.addOnFailureListener(any())).thenReturn(mockAuthorizationTask);
+    when(mockClearTokenTask.addOnSuccessListener(any())).thenReturn(mockClearTokenTask);
+    when(mockClearTokenTask.addOnFailureListener(any())).thenReturn(mockClearTokenTask);
     when(mockAuthorizationIntent.getIntentSender()).thenReturn(mockAuthorizationIntentSender);
     when(mockActivityPluginBinding.getActivity()).thenReturn(mockActivity);
 
@@ -1144,4 +1148,29 @@ public void clearCredentialState_reportsFailure() {
 
     callbackCaptor.getValue().onError(mock(ClearCredentialException.class));
   }
+
+  @Test
+  public void clearAuthorizationToken_callsClient() {
+    final String testToken = "testToken";
+    when(mockAuthorizationClient.clearToken(any())).thenReturn(mockClearTokenTask);
+    plugin.clearAuthorizationToken(
+        testToken,
+        ResultCompat.asCompatCallback(
+            reply -> {
+              return null;
+            }));
+
+    ArgumentCaptor<ClearTokenRequest> authRequestCaptor =
+        ArgumentCaptor.forClass(ClearTokenRequest.class);
+    verify(mockAuthorizationClient).clearToken(authRequestCaptor.capture());
+
+    @SuppressWarnings("unchecked")
+    ArgumentCaptor<OnSuccessListener<Void>> callbackCaptor =
+        ArgumentCaptor.forClass(OnSuccessListener.class);
+    verify(mockClearTokenTask).addOnSuccessListener(callbackCaptor.capture());
+    callbackCaptor.getValue().onSuccess(null);
+
+    ClearTokenRequest request = authRequestCaptor.getValue();
+    assertEquals(testToken, request.getToken());
+  }
 }

packages/google_sign_in/google_sign_in_android/example/pubspec.yaml

@@ -16,7 +16,7 @@ dependencies:
     # The example app is bundled with the plugin so we use a path dependency on
     # the parent directory to use the current plugin's version.
     path: ../
-  google_sign_in_platform_interface: ^3.0.0
+  google_sign_in_platform_interface: ^3.1.0
   http: ">=0.13.0 <2.0.0"
 
 dev_dependencies:

packages/google_sign_in/google_sign_in_android/lib/google_sign_in_android.dart

@@ -27,6 +27,11 @@ class GoogleSignInAndroid extends GoogleSignInPlatform {
     GoogleSignInPlatform.instance = GoogleSignInAndroid();
   }
 
+  @override
+  Future<void> clearAuthorizationToken(ClearAuthorizationTokenParams params) {
+    return _hostApi.clearAuthorizationToken(params.accessToken);
+  }
+
   @override
   Future<void> init(InitParameters params) async {
     _hostedDomain = params.hostedDomain;

packages/google_sign_in/google_sign_in_android/lib/src/messages.g.dart

@@ -713,6 +713,34 @@ class GoogleSignInApi {
     }
   }
 
+  /// Clears the authorization cache for the given token.
+  Future<void> clearAuthorizationToken(String token) async {
+    final String pigeonVar_channelName =
+        'dev.flutter.pigeon.google_sign_in_android.GoogleSignInApi.clearAuthorizationToken$pigeonVar_messageChannelSuffix';
+    final BasicMessageChannel<Object?> pigeonVar_channel =
+        BasicMessageChannel<Object?>(
+          pigeonVar_channelName,
+          pigeonChannelCodec,
+          binaryMessenger: pigeonVar_binaryMessenger,
+        );
+    final Future<Object?> pigeonVar_sendFuture = pigeonVar_channel.send(
+      <Object?>[token],
+    );
+    final List<Object?>? pigeonVar_replyList =
+        await pigeonVar_sendFuture as List<Object?>?;
+    if (pigeonVar_replyList == null) {
+      throw _createConnectionError(pigeonVar_channelName);
+    } else if (pigeonVar_replyList.length > 1) {
+      throw PlatformException(
+        code: pigeonVar_replyList[0]! as String,
+        message: pigeonVar_replyList[1] as String?,
+        details: pigeonVar_replyList[2],
+      );
+    } else {
+      return;
+    }
+  }
+
   /// Requests authorization tokens via AuthorizationClient.
   Future<AuthorizeResult> authorize(
     PlatformAuthorizationRequest params, {

packages/google_sign_in/google_sign_in_android/pigeons/messages.dart

@@ -196,6 +196,10 @@ abstract class GoogleSignInApi {
   @async
   void clearCredentialState();
 
+  /// Clears the authorization cache for the given token.
+  @async
+  void clearAuthorizationToken(String token);
+
   /// Requests authorization tokens via AuthorizationClient.
   @async
   AuthorizeResult authorize(