test(profile-sync-controller): prevent sign-out race condition

mirceanis · mirceanis · commit d060ed2adcd0 · 2025-07-17T12:56:06.000+02:00
diff --git a/packages/profile-sync-controller/src/controllers/authentication/AuthenticationController.test.ts b/packages/profile-sync-controller/src/controllers/authentication/AuthenticationController.test.ts
@@ -393,8 +393,8 @@ describe('authentication/authentication-controller - performSignIn() with pairin
     });
 
     const controller = new AuthenticationController({ messenger, metametrics });
-    const requestCounter  = jest.fn();
-    mockEndpoints.mockPairSocialIdentifierUrl.on('request', requestCounter)
+    const requestCounter = jest.fn();
+    mockEndpoints.mockPairSocialIdentifierUrl.on('request', requestCounter);
 
     // Call performSignIn 10 times in parallel
     const signInPromises = Array.from({ length: 10 }, () =>
@@ -448,6 +448,46 @@ describe('authentication/authentication-controller - performSignOut() tests', ()
     expect(controller.state.srpSessionData).toBeUndefined();
     expect(controller.state.socialPairingDone).toBe(false);
   });
+
+  it('prevents race condition where async pairing could set socialPairingDone to true after sign-out', async () => {
+    const metametrics = createMockAuthMetaMetrics();
+    const mockEndpoints = arrangeAuthAPIs();
+    const { messenger, mockSeedlessOnboardingGetState } =
+      createMockAuthenticationMessenger();
+
+    // Ensure social token is available for pairing
+    mockSeedlessOnboardingGetState.mockReturnValue({
+      accessToken: MOCK_SOCIAL_TOKEN,
+    });
+
+    const controller = new AuthenticationController({ messenger, metametrics });
+
+    // Start sign-in which triggers async pairing
+    await controller.performSignIn();
+    // Immediately sign out before async pairing completes
+    controller.performSignOut();
+
+    // Verify initial sign-out state
+    expect(controller.state.isSignedIn).toBe(false);
+    expect(controller.state.socialPairingDone).toBe(false);
+    expect(controller.state.srpSessionData).toBeUndefined();
+
+    // Wait a bit for the async pairing operation to complete
+    await waitFor(() => {
+      expect(controller.state.pairingInProgress).toBe(false);
+    });
+
+    // Verify that socialPairingDone remains false after sign-out
+    expect(controller.state.isSignedIn).toBe(false);
+    expect(controller.state.socialPairingDone).toBe(false);
+    expect(controller.state.srpSessionData).toBeUndefined();
+    expect(controller.state.pairingInProgress).toBe(false);
+
+    mockEndpoints.mockNonceUrl.done();
+    mockEndpoints.mockSrpLoginUrl.done();
+    mockEndpoints.mockOAuth2TokenUrl.done();
+    mockEndpoints.mockPairSocialIdentifierUrl.done();
+  });
 });
 
 describe('authentication/authentication-controller - getBearerToken() tests', () => {
diff --git a/packages/profile-sync-controller/src/controllers/authentication/AuthenticationController.ts b/packages/profile-sync-controller/src/controllers/authentication/AuthenticationController.ts
@@ -403,7 +403,10 @@ export default class AuthenticationController extends BaseController<
       console.log(`pairing with social token success=${paired}`);
       if (paired) {
         this.update((state) => {
-          state.socialPairingDone = true;
+          // Prevents a race condition when sign-out is performed before pairing completes
+          if (state.isSignedIn) {
+            state.socialPairingDone = true;
+          }
         });
       }
     } finally {
