fix(auth): Properly parse the lastRefreshTime.

src/auth/user-record.ts

@@ -326,7 +326,8 @@ export class UserMetadata {
     // These bugs have already been addressed since then.
     utils.addReadonlyGetter(this, 'creationTime', parseDate(response.createdAt));
     utils.addReadonlyGetter(this, 'lastSignInTime', parseDate(response.lastLoginAt));
-    utils.addReadonlyGetter(this, 'lastRefreshTime', parseDate(response.lastRefreshAt));
+    const lastRefreshAt = response.lastRefreshAt ? new Date(response.lastRefreshAt).toUTCString() : null;
+    utils.addReadonlyGetter(this, 'lastRefreshTime', lastRefreshAt);
   }
 
   /** @return The plain object representation of the user's metadata. */

test/integration/auth.spec.ts

@@ -336,6 +336,12 @@ describe('admin.auth', () => {
           .then((userRecord) => {
             expect(userRecord.metadata.lastRefreshTime).to.exist;
             expect(isUTCString(userRecord.metadata.lastRefreshTime!));
+            expect(new Date(userRecord.metadata.creationTime).getTime())
+              .lte(new Date(userRecord.metadata.lastRefreshTime!).getTime());
+            const creationTimePlus1Hour = new Date(userRecord.metadata.creationTime);
+            creationTimePlus1Hour.setHours(creationTimePlus1Hour.getHours()+1);
+            expect(new Date(userRecord.metadata.lastRefreshTime!).getTime())
+              .lte(creationTimePlus1Hour.getTime());
           });
       } finally {
         admin.auth().deleteUser('lastRefreshTimeUser');