Store BP token in session

Author: isaacroldan

packages/app/src/cli/services/context/partner-account-info.ts

@@ -5,6 +5,7 @@ import {outputDebug} from '@shopify/cli-kit/node/output'
 
 export interface PartnersSession {
   token: string
+  businessPlatformToken: string
   accountInfo: AccountInfo
   userId: string
 }

packages/app/src/cli/utilities/developer-platform-client/app-management-client.ts

@@ -118,7 +118,7 @@ import {
   SchemaDefinitionByApiTypeQueryVariables,
 } from '../../api/graphql/functions/generated/schema-definition-by-api-type.js'
 import {WebhooksSpecIdentifier} from '../../models/extensions/specifications/app_config_webhook.js'
-import {ensureAuthenticatedAppManagement, ensureAuthenticatedBusinessPlatform} from '@shopify/cli-kit/node/session'
+import {ensureAuthenticatedAppManagementAndBusinessPlatform} from '@shopify/cli-kit/node/session'
 import {isUnitTest} from '@shopify/cli-kit/node/context/local'
 import {AbortError, BugError} from '@shopify/cli-kit/node/error'
 import {fetch} from '@shopify/cli-kit/node/http'
@@ -156,7 +156,6 @@ export class AppManagementClient implements DeveloperPlatformClient {
   public readonly supportsDevSessions = true
   public readonly organizationSource = OrganizationSource.BusinessPlatform
   private _session: PartnersSession | undefined
-  private _businessPlatformToken: string | undefined
 
   constructor(session?: PartnersSession) {
     this._session = session
@@ -171,20 +170,24 @@ export class AppManagementClient implements DeveloperPlatformClient {
       if (isUnitTest()) {
         throw new Error('AppManagementClient.session() should not be invoked dynamically in a unit test')
       }
-      const userInfoResult = await businessPlatformRequestDoc(UserInfo, await this.businessPlatformToken())
-      const {token, userId} = await ensureAuthenticatedAppManagement()
-      if (userInfoResult.currentUserAccount) {
+
+      const {appToken, userId, businessPlatformToken} = await ensureAuthenticatedAppManagementAndBusinessPlatform()
+      const userAccount = await businessPlatformRequestDoc(UserInfo, businessPlatformToken)
+
+      if (userAccount.currentUserAccount) {
         this._session = {
-          token,
+          token: appToken,
+          businessPlatformToken,
           accountInfo: {
             type: 'UserAccount',
-            email: userInfoResult.currentUserAccount.email,
+            email: userAccount.currentUserAccount.email,
           },
           userId,
         }
       } else {
         this._session = {
-          token,
+          token: appToken,
+          businessPlatformToken,
           accountInfo: {
             type: 'UnknownAccount',
           },
@@ -199,23 +202,22 @@ export class AppManagementClient implements DeveloperPlatformClient {
     return (await this.session()).token
   }
 
+  async businessPlatformToken(): Promise<string> {
+    return (await this.session()).businessPlatformToken
+  }
+
   async refreshToken(): Promise<string> {
-    const {token} = await ensureAuthenticatedAppManagement([], process.env, {noPrompt: true})
+    const {appToken, businessPlatformToken} = await ensureAuthenticatedAppManagementAndBusinessPlatform(
+      [],
+      [],
+      process.env,
+      {noPrompt: true},
+    )
     const session = await this.session()
-    if (token) {
-      session.token = token
-    }
-    return session.token
-  }
+    session.token = appToken
+    session.businessPlatformToken = businessPlatformToken
 
-  async businessPlatformToken(): Promise<string> {
-    if (isUnitTest()) {
-      throw new Error('AppManagementClient.businessPlatformToken() should not be invoked dynamically in a unit test')
-    }
-    if (!this._businessPlatformToken) {
-      this._businessPlatformToken = await ensureAuthenticatedBusinessPlatform()
-    }
-    return this._businessPlatformToken
+    return session.token
   }
 
   async accountInfo(): Promise<PartnersSession['accountInfo']> {

packages/app/src/cli/utilities/developer-platform-client/partners-client.ts

@@ -229,11 +229,12 @@ export class PartnersClient implements DeveloperPlatformClient {
       const {token, userId} = await ensureAuthenticatedPartners()
       this._session = {
         token,
+        businessPlatformToken: '',
         accountInfo: {type: 'UnknownAccount'},
         userId,
       }
       const accountInfo = await fetchCurrentAccountInformation(this, userId)
-      this._session = {token, accountInfo, userId}
+      this._session = {token, businessPlatformToken: '', accountInfo, userId}
     }
     return this._session
   }

packages/cli-kit/src/private/node/api.ts

@@ -1,6 +1,5 @@
 import {sanitizedHeadersOutput} from './api/headers.js'
 import {sanitizeURL} from './api/urls.js'
-import {startHRTime} from '@shopify/cli-kit/node/hrtime'
 import {outputDebug} from '@shopify/cli-kit/node/output'
 import {Headers} from 'form-data'
 import {ClientError} from 'graphql-request'
@@ -54,9 +53,7 @@ async function makeVerboseRequest<T extends {headers: Headers; status: number}>(
   const sanitizedUrl = sanitizeURL(url)
   let response: T = {} as T
   try {
-    const start = startHRTime()
     response = await request()
-    // console.log(`${endHRTimeInMs(start)}ms - Network: ${outputContent`${outputToken.magenta(url)}`.value}`)
     // eslint-disable-next-line @typescript-eslint/no-explicit-any
     response.headers.forEach((value: any, key: any) => {
       if (responseHeaderIsInteresting(key)) responseHeaders[key] = value

packages/cli-kit/src/private/node/session/validate.ts

@@ -6,7 +6,6 @@ import {sessionConstants} from '../constants.js'
 import {outputDebug} from '../../../public/node/output.js'
 import {firstPartyDev} from '../../../public/node/context/local.js'
 import {OAuthApplications} from '../session.js'
-import {endHRTimeInMs, startHRTime} from '@shopify/cli-kit/node/hrtime'
 
 type ValidationResult = 'needs_refresh' | 'needs_full_auth' | 'ok'
 
@@ -36,9 +35,7 @@ export async function validateSession(
 ): Promise<ValidationResult> {
   if (!session) return 'needs_full_auth'
   const scopesAreValid = validateScopes(scopes, session.identity)
-  const start = startHRTime()
   const identityIsValid = await validateIdentityToken(session.identity.accessToken)
-  console.log(`${endHRTimeInMs(start)}ms - Auth: Identity token introspection (${identityIsValid ? 'OK' : 'FAILED'})`)
   if (!scopesAreValid) return 'needs_full_auth'
   let tokensAreExpired = isTokenExpired(session.identity)
 

packages/cli-kit/src/public/node/analytics.ts

@@ -49,7 +49,6 @@ export async function reportAnalyticsEvent(options: ReportAnalyticsEventOptions)
         withinRateLimit = true
       },
     })
-    console.log('All network time:', payload.public.cmd_all_timing_network_ms)
     if (!withinRateLimit) {
       outputDebug(outputContent`Skipping command analytics due to rate limiting, payload: ${outputToken.json(payload)}`)
       return

packages/cli-kit/src/public/node/api/graphql.ts

@@ -3,8 +3,6 @@ import {debugLogRequestInfo, errorHandler} from '../../../private/node/api/graph
 import {addPublicMetadata, runWithTimer} from '../metadata.js'
 import {retryAwareRequest} from '../../../private/node/api.js'
 import {requestIdsCollection} from '../../../private/node/request-ids.js'
-import {endHRTimeInMs, startHRTime} from '../hrtime.js'
-import {outputContent, outputToken} from '../output.js'
 import {
   GraphQLClient,
   rawRequest,
@@ -77,13 +75,8 @@ async function performGraphQLRequest<TResult>(options: PerformGraphQLRequestOpti
     // there is a errorPolicy option which returns rather than throwing on errors, but we _do_ ultimately want to
     // throw.
     try {
-      const time = startHRTime()
       fullResponse = await client.rawRequest<TResult>(queryAsString, variables)
       await logLastRequestIdFromResponse(fullResponse)
-      const firstLine = queryAsString.split('\n')[0] ?? ''
-      const secondLine = queryAsString.split('\n')[1] ?? ''
-      const validLine = firstLine.includes('query') ? firstLine : secondLine
-      console.log(`${endHRTimeInMs(time)}ms - Network: ${outputContent`${outputToken.yellow(validLine)}`.value}`)
       return fullResponse
     } catch (error) {
       if (error instanceof ClientError) {

packages/cli-kit/src/public/node/session.test.ts

@@ -1,5 +1,6 @@
 import {
   ensureAuthenticatedAdmin,
+  ensureAuthenticatedAppManagementAndBusinessPlatform,
   ensureAuthenticatedBusinessPlatform,
   ensureAuthenticatedPartners,
   ensureAuthenticatedStorefront,
@@ -210,3 +211,35 @@ describe('ensureAuthenticatedBusinessPlatform', () => {
     await expect(got).rejects.toThrow(`No business-platform token`)
   })
 })
+
+describe('ensureAuthenticatedAppManagementAndBusinessPlatform', () => {
+  test('returns app management and business platform tokens if success', async () => {
+    // Given
+    vi.mocked(ensureAuthenticated).mockResolvedValueOnce({
+      appManagement: 'app_management_token',
+      businessPlatform: 'business_platform_token',
+      userId: '1234-5678',
+    })
+
+    // When
+    const got = await ensureAuthenticatedAppManagementAndBusinessPlatform()
+
+    // Then
+    expect(got).toEqual({
+      appToken: 'app_management_token',
+      businessPlatformToken: 'business_platform_token',
+      userId: '1234-5678',
+    })
+  })
+
+  test('throws error if there are no tokens', async () => {
+    // Given
+    vi.mocked(ensureAuthenticated).mockResolvedValueOnce({userId: '1234-5678'})
+
+    // When
+    const got = ensureAuthenticatedAppManagementAndBusinessPlatform()
+
+    // Then
+    await expect(got).rejects.toThrow('No App Management or Business Platform token found after ensuring authenticated')
+  })
+})

packages/cli-kit/src/public/node/session.ts

@@ -62,25 +62,35 @@ ${outputToken.json(scopes)}
 /**
  * Ensure that we have a valid session to access the App Management API.
  *
- * @param scopes - Optional array of extra scopes to authenticate with.
+ * @param appManagementScopes - Optional array of extra scopes to authenticate with.
+ * @param businessPlatformScopes - Optional array of extra scopes to authenticate with.
  * @param env - Optional environment variables to use.
  * @param options - Optional extra options to use.
  * @returns The access token for the App Management API.
  */
-export async function ensureAuthenticatedAppManagement(
-  scopes: AppManagementAPIScope[] = [],
+export async function ensureAuthenticatedAppManagementAndBusinessPlatform(
+  appManagementScopes: AppManagementAPIScope[] = [],
+  businessPlatformScopes: BusinessPlatformScope[] = [],
   env = process.env,
   options: EnsureAuthenticatedAdditionalOptions = {},
-): Promise<{token: string; userId: string}> {
+): Promise<{appToken: string; userId: string; businessPlatformToken: string}> {
   outputDebug(outputContent`Ensuring that the user is authenticated with the App Management API with the following scopes:
-${outputToken.json(scopes)}
+${outputToken.json(appManagementScopes)}
 `)
-  const tokens = await ensureAuthenticated({appManagementApi: {scopes}}, env, options)
-  if (!tokens) {
-    throw new BugError('No App Management token found after ensuring authenticated')
+  const tokens = await ensureAuthenticated(
+    {appManagementApi: {scopes: appManagementScopes}, businessPlatformApi: {scopes: businessPlatformScopes}},
+    env,
+    options,
+  )
+  if (!tokens.appManagement || !tokens.businessPlatform) {
+    throw new BugError('No App Management or Business Platform token found after ensuring authenticated')
+  }
+
+  return {
+    appToken: tokens.appManagement,
+    userId: tokens.userId,
+    businessPlatformToken: tokens.businessPlatform,
   }
-  // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
-  return {token: tokens.appManagement!, userId: tokens.userId}
 }
 
 /**