refactor: remove auto refreshing of tokens which didn't work anyway

Author: TheDevMinerTV

src/AuthenticatedAdapter.ts

@@ -1,69 +1,61 @@
 import { AxiosRequestConfig } from 'axios';
 import { Adapter } from './types/adapters';
 
-export class AuthenticatedAdapter {
-	protected authenticated = false;
-	mageId?: string;
+const replaceMageIdInURL = (url: string, mageId: string) => url.replace(/\|MAGE_ID\|/, mageId);
+const addHeaders = (config: AxiosRequestConfig | undefined, headers: Record<string, string>) => ({ ...config, headers: { ...config?.headers, ...headers } });
 
+export class AuthenticatedAdapter {
 	constructor(
 		protected readonly baseAdapter: Adapter,
 		protected readonly credentials: {
 			appSecret: string;
 			appId: string;
-			autoRefresh?: boolean;
-			tokenTTL?: number;
 		}
-	) {}
-
-	protected replaceMageIdInURL(url: string): string {
-		return url.replace(/\|MAGE_ID\|/, this.mageId as string);
-	}
+	) { }
 
 	async get<T>(url: string, config?: AxiosRequestConfig): Promise<T> {
-		await this.authenticate();
+		const [mageId, headers] = await this.authenticate();
 
-		return this.baseAdapter.get(this.replaceMageIdInURL(url), config);
+		return this.baseAdapter.get(replaceMageIdInURL(url, mageId), addHeaders(config, headers));
 	}
 
 	async post<T>(url: string, body: unknown, config?: AxiosRequestConfig): Promise<T> {
-		await this.authenticate();
+		const [mageId, headers] = await this.authenticate();
 
-		return this.baseAdapter.post(this.replaceMageIdInURL(url), body, config);
+		return this.baseAdapter.post(replaceMageIdInURL(url, mageId), body, addHeaders(config, headers));
 	}
 
 	async put<T>(url: string, body: unknown, config?: AxiosRequestConfig): Promise<T> {
-		await this.authenticate();
+		const [mageId, headers] = await this.authenticate();
 
-		return this.baseAdapter.put(this.replaceMageIdInURL(url), body, config);
+		return this.baseAdapter.put(replaceMageIdInURL(url, mageId), body, addHeaders(config, headers));
 	}
 
 	async delete<T>(url: string, config?: AxiosRequestConfig): Promise<T> {
-		await this.authenticate();
+		const [mageId, headers] = await this.authenticate();
 
-		return this.baseAdapter.delete(this.replaceMageIdInURL(url), config);
+		return this.baseAdapter.delete(replaceMageIdInURL(url, mageId), addHeaders(config, headers));
 	}
 
 	async getMageId(): Promise<string> {
-		await this.authenticate();
+		const [mageId] = await this.authenticate();
 
-		return this.mageId as string;
+		return mageId;
 	}
 
 	/**
 	 * Authenticate with the API. You can find the App ID and secret with the next link.
 	 * @see https://developer.magento.com/account/apikeys
 	 * @see https://devdocs.magento.com/marketplace/eqp/v1/auth.html#session-token
 	 */
-	protected async authenticate(): Promise<void> {
-		this.mageId = undefined;
-
-		const { expires_in, mage_id, ust } = await this.baseAdapter.post<{
+	protected async authenticate() {
+		const { mage_id, ust } = await this.baseAdapter.post<{
 			mage_id: string;
 			ust: string;
 			expires_in: number;
 		}>(
 			'/app/session/token',
-			{ grant_type: 'session', expires_in: this.credentials.tokenTTL ?? 7200 },
+			{ grant_type: 'session', expires_in: 360 },
 			{
 				auth: {
 					username: this.credentials.appId,
@@ -72,19 +64,6 @@ export class AuthenticatedAdapter {
 			}
 		);
 
-		this.mageId = mage_id;
-
-		this.baseAdapter.setHeader('Authorization', `Bearer ${ust}`);
-
-		if (this.credentials.autoRefresh) {
-			// Re-run this function 5 seconds before the token expires
-			setTimeout(async () => {
-				this.authenticated = false;
-
-				await this.authenticate();
-			}, expires_in * 1000 - 5);
-		}
-
-		this.authenticated = true;
+		return [mage_id, { authorization: `Bearer ${ust}` }] as const;
 	}
 }

src/index.ts

@@ -23,9 +23,12 @@ export class EQP {
 	readonly reportService: ReportService;
 	readonly packageService: PackageService;
 
-	/** The authenticated user's Magento ID */
-	get mageId(): string | undefined {
-		return this.adapter.mageId;
+	/**
+	 * Fetch the user's Mage ID
+	 * @see https://developer.adobe.com/commerce/marketplace/guides/eqp/v1/auth/#authentication-and-authorization-flow
+	 */
+	getMageId() {
+		return this.adapter.getMageId();
 	}
 
 	constructor(options: EQPOptions) {
@@ -35,9 +38,7 @@ export class EQP {
 			options.adapter ?? new AxiosAdapter(`https://commercedeveloper${options.environment === 'sandbox' ? '-sandbox' : ''}-api.adobe.com/rest/v1`),
 			{
 				appId: options.appId,
-				appSecret: options.appSecret,
-				autoRefresh: options.autoRefresh ?? false,
-				tokenTTL: options.expiresIn
+				appSecret: options.appSecret
 			}
 		);
 

tests/index.test.ts

@@ -22,20 +22,10 @@ describe('EQP', () => {
 	test('get mageId', async () => {
 		mockAuth(mock.mockAdapter);
 
-		mock.mockAdapter
-			.onGet(
-				'/users/MAGE_ID',
-				undefined,
-				expect.objectContaining({
-					Authorization: expect.stringMatching('Bearer TOKEN')
-				})
-			)
-			.reply(200, sampleUser);
-
 		// Already tested in tests/services/UserService.test.ts
-		await subject.userService.getUser(false);
+		const mageId = await subject.getMageId();
 
-		expect(subject.mageId).toBeDefined();
-		expect(subject.mageId).toEqual(sampleUser.mage_id);
+		expect(mageId).toBeDefined();
+		expect(mageId).toEqual(sampleUser.mage_id);
 	});
 });