fix: add invalid token code to IsValid checker (#19)

fix: add notes to the clear command
+semver: feature

Author: dnitsch

cmd/clear.go

@@ -28,6 +28,9 @@ This will forcefully all chromium processes.
 If you are on a windows machine and also use chrome as your current/main browser this will also kill those processes. 
 
 Use with caution.
+
+If for any reason the local ini file and the secret store on your OS (keyring on GNU, keychain MacOS, windows secret store) are out of sync and the secrets cannot be retrieved by name but still exists,
+you might want to use CLI or GUI interface to the secret backing store on your OS and search for a secret prefixed with aws-cli-* and delete manually
 `)
 	RootCmd.AddCommand(ClearCmd)
 }

internal/credentialexchange/credentialexchange.go

@@ -119,7 +119,8 @@ func IsValid(ctx context.Context, currentCreds *AWSCredentials, reloadBeforeTime
 		// var oe *smithy.OperationError
 		var oe smithy.APIError
 		if errors.As(err, &oe) {
-			if oe.ErrorCode() == "ExpiredToken" {
+			if oe.ErrorCode() == "ExpiredToken" || oe.ErrorCode() == "InvalidClientTokenId" {
+				fmt.Fprintln(os.Stderr, "Stored Credentials invalid or expired")
 				return false, nil
 			}
 		}