Merge pull request #5339 from Shopify/02-03-unify_token_exchange_for_app_managament_client

Unify token exchange for app managament client

Author: isaacroldan

packages/app/src/cli/models/app/app.test-data.ts

@@ -1164,6 +1164,7 @@ export const testRemoteExtensionTemplates: ExtensionTemplate[] = [
 
 export const testPartnersUserSession: PartnersSession = {
   token: 'token',
+  businessPlatformToken: 'businessPlatformToken',
   accountInfo: {
     type: 'UserAccount',
     email: '[email protected]',
@@ -1435,6 +1436,7 @@ export function testDeveloperPlatformClient(stubs: Partial<DeveloperPlatformClie
 
 export const testPartnersServiceSession: PartnersSession = {
   token: 'partnersToken',
+  businessPlatformToken: 'businessPlatformToken',
   accountInfo: {
     type: 'ServiceAccount',
     orgName: 'organization',

packages/app/src/cli/services/context/partner-account-info.ts

@@ -5,6 +5,7 @@ import {outputDebug} from '@shopify/cli-kit/node/output'
 
 export interface PartnersSession {
   token: string
+  businessPlatformToken: string
   accountInfo: AccountInfo
   userId: string
 }

packages/app/src/cli/utilities/developer-platform-client/app-management-client.ts

@@ -118,7 +118,7 @@ import {
   SchemaDefinitionByApiTypeQueryVariables,
 } from '../../api/graphql/functions/generated/schema-definition-by-api-type.js'
 import {WebhooksSpecIdentifier} from '../../models/extensions/specifications/app_config_webhook.js'
-import {ensureAuthenticatedAppManagement, ensureAuthenticatedBusinessPlatform} from '@shopify/cli-kit/node/session'
+import {ensureAuthenticatedAppManagementAndBusinessPlatform} from '@shopify/cli-kit/node/session'
 import {isUnitTest} from '@shopify/cli-kit/node/context/local'
 import {AbortError, BugError} from '@shopify/cli-kit/node/error'
 import {fetch} from '@shopify/cli-kit/node/http'
@@ -156,7 +156,6 @@ export class AppManagementClient implements DeveloperPlatformClient {
   public readonly supportsDevSessions = true
   public readonly organizationSource = OrganizationSource.BusinessPlatform
   private _session: PartnersSession | undefined
-  private _businessPlatformToken: string | undefined
 
   constructor(session?: PartnersSession) {
     this._session = session
@@ -171,11 +170,16 @@ export class AppManagementClient implements DeveloperPlatformClient {
       if (isUnitTest()) {
         throw new Error('AppManagementClient.session() should not be invoked dynamically in a unit test')
       }
-      const userInfoResult = await businessPlatformRequestDoc(UserInfo, await this.businessPlatformToken())
-      const {token, userId} = await ensureAuthenticatedAppManagement()
+
+      const tokenResult = await ensureAuthenticatedAppManagementAndBusinessPlatform()
+      const {appManagementToken, businessPlatformToken, userId} = tokenResult
+
+      const userInfoResult = await businessPlatformRequestDoc(UserInfo, businessPlatformToken)
+
       if (userInfoResult.currentUserAccount) {
         this._session = {
-          token,
+          token: appManagementToken,
+          businessPlatformToken,
           accountInfo: {
             type: 'UserAccount',
             email: userInfoResult.currentUserAccount.email,
@@ -184,7 +188,8 @@ export class AppManagementClient implements DeveloperPlatformClient {
         }
       } else {
         this._session = {
-          token,
+          token: appManagementToken,
+          businessPlatformToken,
           accountInfo: {
             type: 'UnknownAccount',
           },
@@ -199,23 +204,17 @@ export class AppManagementClient implements DeveloperPlatformClient {
     return (await this.session()).token
   }
 
+  async businessPlatformToken(): Promise<string> {
+    return (await this.session()).businessPlatformToken
+  }
+
   async refreshToken(): Promise<string> {
-    const {token} = await ensureAuthenticatedAppManagement([], process.env, {noPrompt: true})
+    const result = await ensureAuthenticatedAppManagementAndBusinessPlatform({noPrompt: true})
     const session = await this.session()
-    if (token) {
-      session.token = token
-    }
-    return session.token
-  }
+    session.token = result.appManagementToken
+    session.businessPlatformToken = result.businessPlatformToken
 
-  async businessPlatformToken(): Promise<string> {
-    if (isUnitTest()) {
-      throw new Error('AppManagementClient.businessPlatformToken() should not be invoked dynamically in a unit test')
-    }
-    if (!this._businessPlatformToken) {
-      this._businessPlatformToken = await ensureAuthenticatedBusinessPlatform()
-    }
-    return this._businessPlatformToken
+    return session.token
   }
 
   async accountInfo(): Promise<PartnersSession['accountInfo']> {

packages/app/src/cli/utilities/developer-platform-client/partners-client.ts

@@ -229,11 +229,12 @@ export class PartnersClient implements DeveloperPlatformClient {
       const {token, userId} = await ensureAuthenticatedPartners()
       this._session = {
         token,
+        businessPlatformToken: '',
         accountInfo: {type: 'UnknownAccount'},
         userId,
       }
       const accountInfo = await fetchCurrentAccountInformation(this, userId)
-      this._session = {token, accountInfo, userId}
+      this._session = {token, businessPlatformToken: '', accountInfo, userId}
     }
     return this._session
   }

packages/cli-kit/src/public/node/session.test.ts

@@ -1,5 +1,6 @@
 import {
   ensureAuthenticatedAdmin,
+  ensureAuthenticatedAppManagementAndBusinessPlatform,
   ensureAuthenticatedBusinessPlatform,
   ensureAuthenticatedPartners,
   ensureAuthenticatedStorefront,
@@ -210,3 +211,35 @@ describe('ensureAuthenticatedBusinessPlatform', () => {
     await expect(got).rejects.toThrow(`No business-platform token`)
   })
 })
+
+describe('ensureAuthenticatedAppManagementAndBusinessPlatform', () => {
+  test('returns app management and business platform tokens if success', async () => {
+    // Given
+    vi.mocked(ensureAuthenticated).mockResolvedValueOnce({
+      appManagement: 'app_management_token',
+      businessPlatform: 'business_platform_token',
+      userId: '1234-5678',
+    })
+
+    // When
+    const got = await ensureAuthenticatedAppManagementAndBusinessPlatform()
+
+    // Then
+    expect(got).toEqual({
+      appManagementToken: 'app_management_token',
+      businessPlatformToken: 'business_platform_token',
+      userId: '1234-5678',
+    })
+  })
+
+  test('throws error if there are no tokens', async () => {
+    // Given
+    vi.mocked(ensureAuthenticated).mockResolvedValueOnce({userId: '1234-5678'})
+
+    // When
+    const got = ensureAuthenticatedAppManagementAndBusinessPlatform()
+
+    // Then
+    await expect(got).rejects.toThrow('No App Management or Business Platform token found after ensuring authenticated')
+  })
+})

packages/cli-kit/src/public/node/session.ts

@@ -62,25 +62,35 @@ ${outputToken.json(scopes)}
 /**
  * Ensure that we have a valid session to access the App Management API.
  *
- * @param scopes - Optional array of extra scopes to authenticate with.
- * @param env - Optional environment variables to use.
  * @param options - Optional extra options to use.
+ * @param appManagementScopes - Optional array of extra scopes to authenticate with.
+ * @param businessPlatformScopes - Optional array of extra scopes to authenticate with.
+ * @param env - Optional environment variables to use.
  * @returns The access token for the App Management API.
  */
-export async function ensureAuthenticatedAppManagement(
-  scopes: AppManagementAPIScope[] = [],
-  env = process.env,
+export async function ensureAuthenticatedAppManagementAndBusinessPlatform(
   options: EnsureAuthenticatedAdditionalOptions = {},
-): Promise<{token: string; userId: string}> {
+  appManagementScopes: AppManagementAPIScope[] = [],
+  businessPlatformScopes: BusinessPlatformScope[] = [],
+  env = process.env,
+): Promise<{appManagementToken: string; userId: string; businessPlatformToken: string}> {
   outputDebug(outputContent`Ensuring that the user is authenticated with the App Management API with the following scopes:
-${outputToken.json(scopes)}
+${outputToken.json(appManagementScopes)}
 `)
-  const tokens = await ensureAuthenticated({appManagementApi: {scopes}}, env, options)
-  if (!tokens) {
-    throw new BugError('No App Management token found after ensuring authenticated')
+  const tokens = await ensureAuthenticated(
+    {appManagementApi: {scopes: appManagementScopes}, businessPlatformApi: {scopes: businessPlatformScopes}},
+    env,
+    options,
+  )
+  if (!tokens.appManagement || !tokens.businessPlatform) {
+    throw new BugError('No App Management or Business Platform token found after ensuring authenticated')
+  }
+
+  return {
+    appManagementToken: tokens.appManagement,
+    userId: tokens.userId,
+    businessPlatformToken: tokens.businessPlatform,
   }
-  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-  return {token: tokens.appManagement!, userId: tokens.userId}
 }
 
 /**