I am using Google Sign-In iOS SDK to implement the sign-in with Google feature. However, I am confused with the disconnect function.
GIDSignIn.sharedInstance()?.disconnect()
According to the documentation, it disconnects the current user from the app and revokes previous authentication. If the operation succeeds, the OAuth 2.0 token is also removed from keychain.
However, when I disconnect the Google Account in my app, I can still use the old id_token to fetch the user's data with the following API:
https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=xxxxxx
I can only see the id_token will be expired according to the exp field which is 3600s since the token is created.
What does the disconnect() actually mean? Why can the user's profile be fetched even the Google Account has been disconnected successfully?