From 4e385f1424b60e98613d0d8d7289997a042bf7d3 Mon Sep 17 00:00:00 2001 From: Gonzalo Riestra Date: Fri, 7 Jun 2024 11:30:01 +0200 Subject: [PATCH 1/2] Only request App Management scope when needed --- packages/cli-kit/src/private/node/session/scopes.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/packages/cli-kit/src/private/node/session/scopes.ts b/packages/cli-kit/src/private/node/session/scopes.ts index 659553324f..eff6dba3ff 100644 --- a/packages/cli-kit/src/private/node/session/scopes.ts +++ b/packages/cli-kit/src/private/node/session/scopes.ts @@ -1,5 +1,6 @@ import {allAPIs, API} from '../api.js' import {BugError} from '../../../public/node/error.js' +import {isTruthy} from '@shopify/cli-kit/node/context/utilities' /** * Generate a flat array with all the default scopes for all the APIs plus @@ -36,7 +37,7 @@ function defaultApiScopes(api: API): string[] { case 'business-platform': return ['destinations'] case 'app-management': - return ['app-management'] + return isTruthy(process.env.USE_APP_MANAGEMENT_API) ? ['app-management'] : [] default: throw new BugError(`Unknown API: ${api}`) } From 64ce31734640a259ad4743fbaa0878e2717d2209 Mon Sep 17 00:00:00 2001 From: Gonzalo Riestra Date: Fri, 7 Jun 2024 11:48:55 +0200 Subject: [PATCH 2/2] Fix tests --- .../src/private/node/session/scopes.test.ts | 21 ++++++++++++++++++- .../src/private/node/session/scopes.ts | 12 +++++------ 2 files changed, 26 insertions(+), 7 deletions(-) diff --git a/packages/cli-kit/src/private/node/session/scopes.test.ts b/packages/cli-kit/src/private/node/session/scopes.test.ts index 161e770299..cd237603e9 100644 --- a/packages/cli-kit/src/private/node/session/scopes.test.ts +++ b/packages/cli-kit/src/private/node/session/scopes.test.ts @@ -19,10 +19,29 @@ describe('allDefaultScopes', () => { 'https://api.shopify.com/auth/shop.storefront-renderer.devtools', 'https://api.shopify.com/auth/partners.app.cli.access', 'https://api.shopify.com/auth/destinations.readonly', - 'https://api.shopify.com/auth/organization.apps.manage', ...customScopes, ]) }) + + test('includes the App Management one when the required env var is defined', async () => { + // Given + const envVars = {USE_APP_MANAGEMENT_API: 'true'} + + // When + const got = allDefaultScopes([], envVars) + + // Then + expect(got).toEqual([ + 'openid', + 'https://api.shopify.com/auth/shop.admin.graphql', + 'https://api.shopify.com/auth/shop.admin.themes', + 'https://api.shopify.com/auth/partners.collaborator-relationships.readonly', + 'https://api.shopify.com/auth/shop.storefront-renderer.devtools', + 'https://api.shopify.com/auth/partners.app.cli.access', + 'https://api.shopify.com/auth/destinations.readonly', + 'https://api.shopify.com/auth/organization.apps.manage', + ]) + }) }) describe('apiScopes', () => { diff --git a/packages/cli-kit/src/private/node/session/scopes.ts b/packages/cli-kit/src/private/node/session/scopes.ts index eff6dba3ff..42988b88be 100644 --- a/packages/cli-kit/src/private/node/session/scopes.ts +++ b/packages/cli-kit/src/private/node/session/scopes.ts @@ -8,8 +8,8 @@ import {isTruthy} from '@shopify/cli-kit/node/context/utilities' * @param extraScopes - custom user-defined scopes * @returns Array of scopes */ -export function allDefaultScopes(extraScopes: string[] = []): string[] { - let scopes = allAPIs.map(defaultApiScopes).flat() +export function allDefaultScopes(extraScopes: string[] = [], systemEnvironment = process.env): string[] { + let scopes = allAPIs.map((api) => defaultApiScopes(api, systemEnvironment)).flat() scopes = ['openid', ...scopes, ...extraScopes].map(scopeTransform) return Array.from(new Set(scopes)) } @@ -21,12 +21,12 @@ export function allDefaultScopes(extraScopes: string[] = []): string[] { * @param extraScopes - custom user-defined scopes * @returns Array of scopes */ -export function apiScopes(api: API, extraScopes: string[] = []): string[] { - const scopes = [...defaultApiScopes(api), ...extraScopes.map(scopeTransform)].map(scopeTransform) +export function apiScopes(api: API, extraScopes: string[] = [], systemEnvironment = process.env): string[] { + const scopes = [...defaultApiScopes(api, systemEnvironment), ...extraScopes.map(scopeTransform)].map(scopeTransform) return Array.from(new Set(scopes)) } -function defaultApiScopes(api: API): string[] { +function defaultApiScopes(api: API, systemEnvironment = process.env): string[] { switch (api) { case 'admin': return ['graphql', 'themes', 'collaborator'] @@ -37,7 +37,7 @@ function defaultApiScopes(api: API): string[] { case 'business-platform': return ['destinations'] case 'app-management': - return isTruthy(process.env.USE_APP_MANAGEMENT_API) ? ['app-management'] : [] + return isTruthy(systemEnvironment.USE_APP_MANAGEMENT_API) ? ['app-management'] : [] default: throw new BugError(`Unknown API: ${api}`) }