Merge pull request #4006 from Shopify/optional-app-management-scope-s…

…table [stable] Only request App Management scope when needed
Shopify · Jun 7, 2024 · 4c0688f · 4c0688f
2 parents b4806d0 + 64ce317
commit 4c0688f
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 7 deletions.
diff --git a/packages/cli-kit/src/private/node/session/scopes.test.ts b/packages/cli-kit/src/private/node/session/scopes.test.ts
@@ -19,10 +19,29 @@ describe('allDefaultScopes', () => {
       'https://api.shopify.com/auth/shop.storefront-renderer.devtools',
       'https://api.shopify.com/auth/partners.app.cli.access',
       'https://api.shopify.com/auth/destinations.readonly',
-      'https://api.shopify.com/auth/organization.apps.manage',
       ...customScopes,
     ])
   })
+
+  test('includes the App Management one when the required env var is defined', async () => {
+    // Given
+    const envVars = {USE_APP_MANAGEMENT_API: 'true'}
+
+    // When
+    const got = allDefaultScopes([], envVars)
+
+    // Then
+    expect(got).toEqual([
+      'openid',
+      'https://api.shopify.com/auth/shop.admin.graphql',
+      'https://api.shopify.com/auth/shop.admin.themes',
+      'https://api.shopify.com/auth/partners.collaborator-relationships.readonly',
+      'https://api.shopify.com/auth/shop.storefront-renderer.devtools',
+      'https://api.shopify.com/auth/partners.app.cli.access',
+      'https://api.shopify.com/auth/destinations.readonly',
+      'https://api.shopify.com/auth/organization.apps.manage',
+    ])
+  })
 })
 
 describe('apiScopes', () => {

diff --git a/packages/cli-kit/src/private/node/session/scopes.ts b/packages/cli-kit/src/private/node/session/scopes.ts
@@ -1,14 +1,15 @@
 import {allAPIs, API} from '../api.js'
 import {BugError} from '../../../public/node/error.js'
+import {isTruthy} from '@shopify/cli-kit/node/context/utilities'
 
 /**
  * Generate a flat array with all the default scopes for all the APIs plus
  * any custom scope defined by the user.
  * @param extraScopes - custom user-defined scopes
  * @returns Array of scopes
  */
-export function allDefaultScopes(extraScopes: string[] = []): string[] {
-  let scopes = allAPIs.map(defaultApiScopes).flat()
+export function allDefaultScopes(extraScopes: string[] = [], systemEnvironment = process.env): string[] {
+  let scopes = allAPIs.map((api) => defaultApiScopes(api, systemEnvironment)).flat()
   scopes = ['openid', ...scopes, ...extraScopes].map(scopeTransform)
   return Array.from(new Set(scopes))
 }
@@ -20,12 +21,12 @@ export function allDefaultScopes(extraScopes: string[] = []): string[] {
  * @param extraScopes - custom user-defined scopes
  * @returns Array of scopes
  */
-export function apiScopes(api: API, extraScopes: string[] = []): string[] {
-  const scopes = [...defaultApiScopes(api), ...extraScopes.map(scopeTransform)].map(scopeTransform)
+export function apiScopes(api: API, extraScopes: string[] = [], systemEnvironment = process.env): string[] {
+  const scopes = [...defaultApiScopes(api, systemEnvironment), ...extraScopes.map(scopeTransform)].map(scopeTransform)
   return Array.from(new Set(scopes))
 }
 
-function defaultApiScopes(api: API): string[] {
+function defaultApiScopes(api: API, systemEnvironment = process.env): string[] {
   switch (api) {
     case 'admin':
       return ['graphql', 'themes', 'collaborator']
@@ -36,7 +37,7 @@ function defaultApiScopes(api: API): string[] {
     case 'business-platform':
       return ['destinations']
     case 'app-management':
-      return ['app-management']
+      return isTruthy(systemEnvironment.USE_APP_MANAGEMENT_API) ? ['app-management'] : []
     default:
       throw new BugError(`Unknown API: ${api}`)
   }