Additional cleanup

Author: gonzaloriestra

packages/cli-kit/src/private/node/session.test.ts

@@ -7,17 +7,11 @@ import {
   setLastSeenAuthMethod,
   setLastSeenUserIdAfterAuth,
 } from './session.js'
-import {
-  exchangeAccessForApplicationTokens,
-  exchangeCustomPartnerToken,
-  refreshAccessToken,
-  InvalidGrantError,
-} from './session/exchange.js'
+import {exchangeCustomPartnerToken, refreshAccessToken, InvalidGrantError} from './session/exchange.js'
 import {allDefaultScopes} from './session/scopes.js'
 import {store as storeSessions, fetch as fetchSessions, remove as secureRemove} from './session/store.js'
-import {ApplicationToken, IdentityToken, Sessions} from './session/schema.js'
+import {IdentityToken, Sessions} from './session/schema.js'
 import {validateSession} from './session/validate.js'
-import {applicationId} from './session/identity.js'
 import {pollForDeviceAuthorization, requestDeviceAuthorization} from './session/device-authorization.js'
 import {getCurrentSessionId} from './conf-store.js'
 import * as fqdnModule from '../../public/node/context/fqdn.js'
@@ -56,26 +50,9 @@ const validTokens: OAuthSession = {
   userId,
 }
 
-const appTokens: Record<string, ApplicationToken> = {}
-
-const partnersToken: ApplicationToken = {
-  accessToken: 'custom_partners_token',
-  expiresAt: futureDate,
-  scopes: ['scope2'],
-}
-
 const fqdn = 'fqdn.com'
 
 const validSessions: Sessions = {
-  [fqdn]: {
-    [userId]: {
-      identity: validIdentityToken,
-      applications: appTokens,
-    },
-  },
-}
-
-const invalidSessions: Sessions = {
   [fqdn]: {
     [userId]: {
       identity: validIdentityToken,
@@ -85,7 +62,6 @@ const invalidSessions: Sessions = {
 }
 
 vi.mock('../../public/node/context/local.js')
-vi.mock('./session/identity')
 vi.mock('./session/authorize')
 vi.mock('./session/exchange')
 vi.mock('./session/scopes')
@@ -101,11 +77,9 @@ vi.mock('../../public/node/system.js')
 
 beforeEach(() => {
   vi.spyOn(fqdnModule, 'identityFqdn').mockResolvedValue(fqdn)
-  vi.mocked(exchangeAccessForApplicationTokens).mockResolvedValue(appTokens)
   vi.mocked(refreshAccessToken).mockResolvedValue(validIdentityToken)
-  vi.mocked(applicationId).mockImplementation((app) => app)
   vi.mocked(exchangeCustomPartnerToken).mockResolvedValue({
-    accessToken: partnersToken.accessToken,
+    accessToken: 'custom_partners_token',
     userId: validIdentityToken.userId,
   })
   vi.mocked(partnersRequest).mockResolvedValue(undefined)
@@ -140,7 +114,6 @@ describe('ensureAuthenticated when previous session is invalid', () => {
     const got = await ensureAuthenticated(defaultApplications)
 
     // Then
-    expect(exchangeAccessForApplicationTokens).not.toBeCalled()
     expect(refreshAccessToken).not.toBeCalled()
     expect(businessPlatformRequest).toHaveBeenCalled()
     expect(storeSessions).toHaveBeenCalledOnce()
@@ -180,9 +153,9 @@ The CLI is currently unable to prompt for reauthentication.`,
   test('executes complete auth flow if session is for a different fqdn', async () => {
     // Given
     vi.mocked(validateSession).mockResolvedValueOnce('needs_full_auth')
-    vi.mocked(fetchSessions).mockResolvedValue(invalidSessions)
+    vi.mocked(fetchSessions).mockResolvedValue(validSessions)
     const expectedSessions = {
-      ...invalidSessions,
+      ...validSessions,
       [fqdn]: {
         [userId]: {
           identity: {
@@ -198,7 +171,7 @@ The CLI is currently unable to prompt for reauthentication.`,
     const got = await ensureAuthenticated(defaultApplications)
 
     // Then
-    expect(exchangeAccessForApplicationTokens).not.toBeCalled()
+
     expect(refreshAccessToken).not.toBeCalled()
     expect(storeSessions).toBeCalledWith(expectedSessions)
     expect(got).toEqual(validTokens)
@@ -217,7 +190,7 @@ The CLI is currently unable to prompt for reauthentication.`,
     const got = await ensureAuthenticated(defaultApplications)
 
     // Then
-    expect(exchangeAccessForApplicationTokens).not.toBeCalled()
+
     expect(businessPlatformRequest).toHaveBeenCalled()
     expect(storeSessions).toHaveBeenCalledOnce()
 
@@ -253,7 +226,7 @@ The CLI is currently unable to prompt for reauthentication.`,
     const got = await ensureAuthenticated(defaultApplications)
 
     // Then
-    expect(exchangeAccessForApplicationTokens).not.toBeCalled()
+
     expect(refreshAccessToken).not.toBeCalled()
     expect(businessPlatformRequest).toHaveBeenCalled()
     expect(storeSessions).toHaveBeenCalledOnce()
@@ -279,7 +252,7 @@ describe('when existing session is valid', () => {
     const got = await ensureAuthenticated(defaultApplications)
 
     // Then
-    expect(exchangeAccessForApplicationTokens).not.toBeCalled()
+
     expect(refreshAccessToken).not.toBeCalled()
     expect(got).toEqual(validTokens)
     await expect(getLastSeenUserIdAfterAuth()).resolves.toBe('1234-5678')
@@ -303,7 +276,7 @@ describe('when existing session is valid', () => {
     const got = await ensureAuthenticated(defaultApplications)
 
     // Then
-    expect(exchangeAccessForApplicationTokens).not.toBeCalled()
+
     expect(refreshAccessToken).not.toBeCalled()
     expect(got).toEqual(expected)
     await expect(getLastSeenUserIdAfterAuth()).resolves.toBe('1234-5678')
@@ -321,7 +294,7 @@ describe('when existing session is valid', () => {
 
     // Then
     expect(refreshAccessToken).toBeCalled()
-    expect(exchangeAccessForApplicationTokens).not.toBeCalled()
+
     const expectedSessions = {
       [fqdn]: {
         [userId]: {
@@ -349,7 +322,7 @@ describe('when existing session is expired', () => {
 
     // Then
     expect(refreshAccessToken).toBeCalled()
-    expect(exchangeAccessForApplicationTokens).not.toBeCalled()
+
     const expectedSessions = {
       [fqdn]: {
         [userId]: {
@@ -378,7 +351,7 @@ describe('when existing session is expired', () => {
 
     // Then
     expect(refreshAccessToken).toBeCalled()
-    expect(exchangeAccessForApplicationTokens).not.toBeCalled()
+
     expect(businessPlatformRequest).toHaveBeenCalled()
     expect(storeSessions).toHaveBeenCalledOnce()
 

packages/cli-kit/src/private/node/session.ts

@@ -220,7 +220,7 @@ For applications:
 ${outputToken.json(applications)}
 `)
 
-  const validationResult = await validateSession(scopes, applications, currentSession)
+  const validationResult = await validateSession(scopes, currentSession)
 
   let newSession = {}
 
@@ -352,33 +352,15 @@ async function refreshTokens(session: Session, _applications: OAuthApplications)
  * @param fqdn - The identity FQDN.
  */
 async function tokensFor(applications: OAuthApplications, session: Session): Promise<OAuthSession> {
-  const tokens: OAuthSession = {
+  const token = session.identity.accessToken
+  return {
     userId: session.identity.userId,
+    admin: applications.adminApi ? {token, storeFqdn: applications.adminApi.storeFqdn} : undefined,
+    partners: applications.partnersApi ? token : undefined,
+    storefront: applications.storefrontRendererApi ? token : undefined,
+    businessPlatform: applications.businessPlatformApi ? token : undefined,
+    appManagement: applications.appManagementApi ? token : undefined,
   }
-
-  const pcatToken = session.identity.accessToken
-
-  if (applications.adminApi) {
-    tokens.admin = {token: pcatToken, storeFqdn: applications.adminApi.storeFqdn}
-  }
-
-  if (applications.partnersApi) {
-    tokens.partners = pcatToken
-  }
-
-  if (applications.storefrontRendererApi) {
-    tokens.storefront = pcatToken
-  }
-
-  if (applications.businessPlatformApi) {
-    tokens.businessPlatform = pcatToken
-  }
-
-  if (applications.appManagementApi) {
-    tokens.appManagement = pcatToken
-  }
-
-  return tokens
 }
 
 // Scope Helpers

packages/cli-kit/src/private/node/session/exchange.test.ts

@@ -1,5 +1,4 @@
 import {
-  exchangeAccessForApplicationTokens,
   exchangeCustomPartnerToken,
   exchangeCliTokenForAppManagementAccessToken,
   exchangeCliTokenForBusinessPlatformAccessToken,
@@ -55,88 +54,6 @@ afterAll(() => {
   vi.useRealTimers()
 })
 
-describe('exchange identity token for application tokens', () => {
-  const scopes = {admin: [], partners: [], storefront: [], businessPlatform: [], appManagement: []}
-
-  test('returns tokens for all APIs if a store is passed', async () => {
-    // Given
-    vi.mocked(shopifyFetch).mockImplementation(async () => Promise.resolve(new Response(JSON.stringify(data))))
-
-    // When
-    const got = await exchangeAccessForApplicationTokens(identityToken, scopes, 'storeFQDN')
-
-    // Then
-    const expected = {
-      'app-management': {
-        accessToken: 'access_token',
-        expiresAt: expiredDate,
-        scopes: ['scope', 'scope2'],
-      },
-      partners: {
-        accessToken: 'access_token',
-        expiresAt: expiredDate,
-        scopes: ['scope', 'scope2'],
-      },
-      'storefront-renderer': {
-        accessToken: 'access_token',
-        expiresAt: expiredDate,
-        scopes: ['scope', 'scope2'],
-      },
-      'storeFQDN-admin': {
-        accessToken: 'access_token',
-        expiresAt: expiredDate,
-        scopes: ['scope', 'scope2'],
-      },
-      'business-platform': {
-        accessToken: 'access_token',
-        expiresAt: expiredDate,
-        scopes: ['scope', 'scope2'],
-      },
-    }
-    expect(got).toEqual(expected)
-  })
-
-  test('does not return token for admin if there is no store', async () => {
-    // Given
-    const response = new Response(JSON.stringify(data))
-
-    // Need to do it 3 times because a Response can only be used once
-    vi.mocked(shopifyFetch)
-      .mockResolvedValue(response)
-      .mockResolvedValueOnce(response.clone())
-      .mockResolvedValueOnce(response.clone())
-      .mockResolvedValueOnce(response.clone())
-
-    // When
-    const got = await exchangeAccessForApplicationTokens(identityToken, scopes, undefined)
-
-    // Then
-    const expected = {
-      'app-management': {
-        accessToken: 'access_token',
-        expiresAt: expiredDate,
-        scopes: ['scope', 'scope2'],
-      },
-      partners: {
-        accessToken: 'access_token',
-        expiresAt: expiredDate,
-        scopes: ['scope', 'scope2'],
-      },
-      'storefront-renderer': {
-        accessToken: 'access_token',
-        expiresAt: expiredDate,
-        scopes: ['scope', 'scope2'],
-      },
-      'business-platform': {
-        accessToken: 'access_token',
-        expiresAt: expiredDate,
-        scopes: ['scope', 'scope2'],
-      },
-    }
-    expect(got).toEqual(expected)
-  })
-})
-
 describe('refresh access tokens', () => {
   test('throws an InvalidGrantError when Identity returns invalid_grant', async () => {
     // Given

packages/cli-kit/src/private/node/session/exchange.ts

@@ -15,44 +15,6 @@ export class InvalidGrantError extends ExtendableError {}
 export class InvalidRequestError extends ExtendableError {}
 class InvalidTargetError extends AbortError {}
 
-interface ExchangeScopes {
-  admin: string[]
-  partners: string[]
-  storefront: string[]
-  businessPlatform: string[]
-  appManagement: string[]
-}
-
-/**
- * Given an identity token, request an application token.
- * @param identityToken - access token obtained in a previous step
- * @param store - the store to use, only needed for admin API
- * @returns An array with the application access tokens.
- */
-export async function exchangeAccessForApplicationTokens(
-  identityToken: IdentityToken,
-  scopes: ExchangeScopes,
-  store?: string,
-): Promise<Record<string, ApplicationToken>> {
-  const token = identityToken.accessToken
-
-  const [partners, storefront, businessPlatform, admin, appManagement] = await Promise.all([
-    requestAppToken('partners', token, scopes.partners),
-    requestAppToken('storefront-renderer', token, scopes.storefront),
-    requestAppToken('business-platform', token, scopes.businessPlatform),
-    store ? requestAppToken('admin', token, scopes.admin, store) : {},
-    requestAppToken('app-management', token, scopes.appManagement),
-  ])
-
-  return {
-    ...partners,
-    ...storefront,
-    ...businessPlatform,
-    ...admin,
-    ...appManagement,
-  }
-}
-
 /**
  * Given an expired access token, refresh it to get a new one.
  */