Add Optional Refresh Token Revocation on Sign-Out

[michelecoco]

When users sign out, developers can now choose whether to revoke the refresh token. This helps improve security by preventing unauthorized access to user accounts.

Details:

• New Option: We added a revokeRefreshToken parameter to the CognitoUser#signOut function. It's optional and defaults to false.
• What It Does: When set to true, it revokes the refresh token, enhancing security by invalidating it after sign-out.
• Why It Matters: This gives developers more control over security and helps protect user accounts from unauthorized access.

AWS API reference

We're open to feedback and suggestions to make it even better.

[furaiev]

@SpaicyGaming thank you for your collaboration. Your changes are available as of 3.6.4.