From 0c75700793c5759da5132a2824846be39da580af Mon Sep 17 00:00:00 2001
From: Bianca Lisle <bianca.vianadeaguiar@mongodb.com>
Date: Fri, 17 Oct 2025 16:55:33 +0100
Subject: [PATCH 1/3] update

---
 internal/cli/auth/logout.go      | 37 +++++++++++---------------------
 internal/cli/auth/logout_test.go | 36 ++++++++++++-------------------
 2 files changed, 26 insertions(+), 47 deletions(-)

diff --git a/internal/cli/auth/logout.go b/internal/cli/auth/logout.go
index 1a8a3fc8e3..497f7a8d47 100644
--- a/internal/cli/auth/logout.go
+++ b/internal/cli/auth/logout.go
@@ -100,42 +100,29 @@ func (opts *logoutOpts) Run(ctx context.Context) error {
 		return nil
 	}
 
+	var err error
 	switch opts.config.AuthType() {
 	case config.UserAccount:
-		if _, err := opts.flow.RevokeToken(ctx, config.RefreshToken(), "refresh_token"); err != nil {
-			return err
-		}
-		opts.config.SetAccessToken("")
-		opts.config.SetRefreshToken("")
+		_, err = opts.flow.RevokeToken(ctx, config.RefreshToken(), "refresh_token")
 	case config.ServiceAccount:
-		if err := opts.revokeServiceAccountToken(); err != nil {
-			// If the service account doesn't exist, log a warning and proceed.
-			// This happens if the user has already deleted the service account or is pointing to the wrong environment.
-			// To not block users who have already deleted their account, we proceed with logout.
-			if !strings.Contains(err.Error(), "The specified service account doesn't exist") {
-				return err
-			}
+		if err = opts.revokeServiceAccountToken(); err != nil {
 			_, _ = log.Warningf("Warning: unable to revoke service account token: %v, proceeding with logout\n", err)
 		}
-		opts.config.SetClientID("")
-		opts.config.SetClientSecret("")
-	case config.APIKeys:
-		opts.config.SetPublicAPIKey("")
-		opts.config.SetPrivateAPIKey("")
-	case config.NoAuth, "": // Just clear any potential leftover credentials
-		opts.config.SetPublicAPIKey("")
-		opts.config.SetPrivateAPIKey("")
-		opts.config.SetAccessToken("")
-		opts.config.SetRefreshToken("")
-		opts.config.SetClientID("")
-		opts.config.SetClientSecret("")
+	case config.APIKeys, config.NoAuth, "":
 	}
 
+	// Clean up all the config
+	opts.config.SetPublicAPIKey("")
+	opts.config.SetPrivateAPIKey("")
+	opts.config.SetAccessToken("")
+	opts.config.SetRefreshToken("")
+	opts.config.SetClientID("")
+	opts.config.SetClientSecret("")
 	opts.config.SetProjectID("")
 	opts.config.SetOrgID("")
 
 	if !opts.keepConfig {
-		return opts.Delete(opts.config.Delete)
+		return opts.config.Delete()
 	}
 
 	return opts.config.Save()
diff --git a/internal/cli/auth/logout_test.go b/internal/cli/auth/logout_test.go
index 93b2640061..0e1ad0bc7d 100644
--- a/internal/cli/auth/logout_test.go
+++ b/internal/cli/auth/logout_test.go
@@ -54,7 +54,7 @@ func Test_logoutOpts_Run_UserAccount(t *testing.T) {
 		Return(nil, nil).
 		Times(1)
 
-	mockTokenCleanUp(mockConfig)
+	mockConfigCleanUp(mockConfig)
 	mockProjectAndOrgCleanUp(mockConfig)
 
 	mockConfig.
@@ -87,7 +87,7 @@ func Test_logoutOpts_Run_APIKeys(t *testing.T) {
 		Return(config.APIKeys).
 		Times(1)
 
-	mockAPIKeysCleanUp(mockConfig)
+	mockConfigCleanUp(mockConfig)
 	mockProjectAndOrgCleanUp(mockConfig)
 
 	mockConfig.
@@ -123,7 +123,7 @@ func Test_logoutOpts_Run_ServiceAccount(t *testing.T) {
 		Return(config.ServiceAccount).
 		Times(1)
 
-	mockServiceAccountCleanUp(mockConfig)
+	mockConfigCleanUp(mockConfig)
 	mockProjectAndOrgCleanUp(mockConfig)
 	mockConfig.
 		EXPECT().
@@ -163,7 +163,7 @@ func Test_logoutOpts_Run_Keep_UserAccount(t *testing.T) {
 		Return(nil, nil).
 		Times(1)
 
-	mockTokenCleanUp(mockConfig)
+	mockConfigCleanUp(mockConfig)
 	mockProjectAndOrgCleanUp(mockConfig)
 	mockConfig.
 		EXPECT().
@@ -197,7 +197,7 @@ func Test_logoutOpts_Run_Keep_APIKeys(t *testing.T) {
 		Return(config.APIKeys).
 		Times(1)
 
-	mockAPIKeysCleanUp(mockConfig)
+	mockConfigCleanUp(mockConfig)
 	mockProjectAndOrgCleanUp(mockConfig)
 	mockConfig.
 		EXPECT().
@@ -234,7 +234,7 @@ func Test_logoutOpts_Run_Keep_ServiceAccount(t *testing.T) {
 		Return(config.ServiceAccount).
 		Times(1)
 
-	mockServiceAccountCleanUp(mockConfig)
+	mockConfigCleanUp(mockConfig)
 	mockProjectAndOrgCleanUp(mockConfig)
 	mockConfig.
 		EXPECT().
@@ -268,9 +268,7 @@ func Test_logoutOpts_Run_NoAuth(t *testing.T) {
 		Return(config.NoAuth).
 		Times(1)
 
-	mockAPIKeysCleanUp(mockConfig)
-	mockTokenCleanUp(mockConfig)
-	mockServiceAccountCleanUp(mockConfig)
+	mockConfigCleanUp(mockConfig)
 	mockProjectAndOrgCleanUp(mockConfig)
 
 	mockConfig.
@@ -282,36 +280,30 @@ func Test_logoutOpts_Run_NoAuth(t *testing.T) {
 	require.NoError(t, opts.Run(ctx))
 }
 
-func mockAPIKeysCleanUp(mockConfig *MockConfigDeleter) {
+func mockConfigCleanUp(mockConfig *MockConfigDeleter) {
 	mockConfig.
 		EXPECT().
-		SetPublicAPIKey("").
+		SetRefreshToken("").
 		Times(1)
 	mockConfig.
 		EXPECT().
-		SetPrivateAPIKey("").
+		SetAccessToken("").
 		Times(1)
-}
-
-func mockTokenCleanUp(mockConfig *MockConfigDeleter) {
 	mockConfig.
 		EXPECT().
-		SetRefreshToken("").
+		SetClientID("").
 		Times(1)
 	mockConfig.
 		EXPECT().
-		SetAccessToken("").
+		SetClientSecret("").
 		Times(1)
-}
-
-func mockServiceAccountCleanUp(mockConfig *MockConfigDeleter) {
 	mockConfig.
 		EXPECT().
-		SetClientID("").
+		SetPublicAPIKey("").
 		Times(1)
 	mockConfig.
 		EXPECT().
-		SetClientSecret("").
+		SetPrivateAPIKey("").
 		Times(1)
 }
 

From 160cbab8ab15581def46ccb9d8ff1a9c392fbfe0 Mon Sep 17 00:00:00 2001
From: Bianca Lisle <bianca.vianadeaguiar@mongodb.com>
Date: Fri, 17 Oct 2025 17:51:19 +0100
Subject: [PATCH 2/3]  lint

---
 internal/cli/auth/logout.go | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/internal/cli/auth/logout.go b/internal/cli/auth/logout.go
index 497f7a8d47..e140dd7879 100644
--- a/internal/cli/auth/logout.go
+++ b/internal/cli/auth/logout.go
@@ -100,12 +100,14 @@ func (opts *logoutOpts) Run(ctx context.Context) error {
 		return nil
 	}
 
-	var err error
 	switch opts.config.AuthType() {
 	case config.UserAccount:
-		_, err = opts.flow.RevokeToken(ctx, config.RefreshToken(), "refresh_token")
+		_, err := opts.flow.RevokeToken(ctx, config.RefreshToken(), "refresh_token")
+		if err != nil {
+			_, _ = log.Warningf("Warning: unable to revoke user account token: %v, proceeding with logout\n", err)
+		}
 	case config.ServiceAccount:
-		if err = opts.revokeServiceAccountToken(); err != nil {
+		if err := opts.revokeServiceAccountToken(); err != nil {
 			_, _ = log.Warningf("Warning: unable to revoke service account token: %v, proceeding with logout\n", err)
 		}
 	case config.APIKeys, config.NoAuth, "":

From 16fa9c1b3519b5630d19a89981a0b261d4d24190 Mon Sep 17 00:00:00 2001
From: Bianca Lisle <bianca.vianadeaguiar@mongodb.com>
Date: Fri, 17 Oct 2025 17:55:01 +0100
Subject: [PATCH 3/3] fix logout

---
 internal/cli/auth/logout.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/cli/auth/logout.go b/internal/cli/auth/logout.go
index e140dd7879..6a81406ff1 100644
--- a/internal/cli/auth/logout.go
+++ b/internal/cli/auth/logout.go
@@ -124,7 +124,7 @@ func (opts *logoutOpts) Run(ctx context.Context) error {
 	opts.config.SetOrgID("")
 
 	if !opts.keepConfig {
-		return opts.config.Delete()
+		return opts.Delete(opts.config.Delete)
 	}
 
 	return opts.config.Save()