wire up identity client to current identity callsites #6641
+57
−61
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was referenced Nov 19, 2025
Contributor
Author
|
Warning This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
This stack of pull requests is managed by Graphite. Learn more about stacking. |
alexanderMontague
force-pushed
the
11-19-wire_up_identity_client_to_current_identity_callsites
branch
from
aa6704a to
a22cfed
Compare
alexanderMontague
force-pushed
the
11-18-implement_identity_client_body
branch
from
c83c012 to
78b33dc
Compare
alexanderMontague
force-pushed
the
11-19-wire_up_identity_client_to_current_identity_callsites
branch
from
a22cfed to
3bae1d2
Compare
Contributor
Coverage report
Show files with reduced coverage 🔻
Test suite run success3364 tests passing in 1378 suites. Report generated by 🧪jest coverage report action from 9caadf8 |
alexanderMontague
force-pushed
the
11-19-wire_up_identity_client_to_current_identity_callsites
branch
from
3bae1d2 to
9caadf8
Compare
Contributor
|
We detected some changes at Caution DO NOT create changesets for features which you do not wish to be included in the public changelog of the next CLI release. |
Contributor
Differences in type declarationsWe detected differences in the type declarations generated by Typescript for this branch compared to the baseline ('main' branch). Please, review them to ensure they are backward-compatible. Here are some important things to keep in mind:
New type declarationspackages/cli-kit/dist/private/node/clients/identity/identity-client.d.tsimport { IdentityToken } from '../../session/schema.js';
import { TokenRequestResult } from '../../session/exchange.js';
import { API } from '../../api.js';
import { Result } from '../../../../public/node/result.js';
export declare abstract class IdentityClient {
abstract requestAccessToken(scopes: string[]): Promise<IdentityToken>;
abstract tokenRequest(params: {
[key: string]: string;
}): Promise<Result<TokenRequestResult, {
error: string;
store?: string;
}>>;
abstract refreshAccessToken(currentToken: IdentityToken): Promise<IdentityToken>;
abstract clientId(): string;
applicationId(api: API): string;
}
packages/cli-kit/dist/private/node/clients/identity/identity-mock-client.d.tsimport { IdentityClient } from './identity-client.js';
import { ApplicationToken, IdentityToken } from '../../session/schema.js';
import { ExchangeScopes, TokenRequestResult } from '../../session/exchange.js';
import { Result } from '../../../../public/node/result.js';
export declare class IdentityMockClient extends IdentityClient {
private readonly mockUserId;
private readonly authTokenPrefix;
requestAccessToken(_scopes: string[]): Promise<IdentityToken>;
exchangeAccessForApplicationTokens(_identityToken: IdentityToken, _scopes: ExchangeScopes, _store?: string): Promise<{
[x: string]: ApplicationToken;
}>;
tokenRequest(params: {
[key: string]: string;
}): Promise<Result<TokenRequestResult, {
error: string;
store?: string;
}>>;
refreshAccessToken(_currentToken: IdentityToken): Promise<IdentityToken>;
clientId(): string;
private readonly generateTokens;
private getFutureDate;
private getCurrentUnixTimestamp;
private encodeTokenPayload;
}
packages/cli-kit/dist/private/node/clients/identity/identity-service-client.d.tsimport { IdentityClient } from './identity-client.js';
import { IdentityToken } from '../../session/schema.js';
import { TokenRequestResult } from '../../session/exchange.js';
import { Result } from '../../../../public/node/result.js';
export declare class IdentityServiceClient extends IdentityClient {
requestAccessToken(scopes: string[]): Promise<IdentityToken>;
tokenRequest(params: {
[key: string]: string;
}): Promise<Result<TokenRequestResult, {
error: string;
store?: string;
}>>;
refreshAccessToken(currentToken: IdentityToken): Promise<IdentityToken>;
clientId(): string;
/**
* ========================
* Private Instance Methods
* ========================
*/
/**
* Initiate a device authorization flow.
* This will return a DeviceAuthorizationResponse containing the URL where user
* should go to authorize the device without the need of a callback to the CLI.
*
* Also returns a `deviceCode` used for polling the token endpoint in the next step.
*
* @param scopes - The scopes to request
* @returns An object with the device authorization response.
*/
private requestDeviceAuthorization;
/**
* Poll the Oauth token endpoint with the device code obtained from a DeviceAuthorizationResponse.
* The endpoint will return `authorization_pending` until the user completes the auth flow in the browser.
* Once the user completes the auth flow, the endpoint will return the identity token.
*
* Timeout for the polling is defined by the server and is around 600 seconds.
*
* @param code - The device code obtained after starting a device identity flow
* @param interval - The interval to poll the token endpoint
* @returns The identity token
*/
private pollForDeviceAuthorization;
}
packages/cli-kit/dist/private/node/clients/identity/instance.d.tsimport { IdentityClient } from './identity-client.js';
export declare function getIdentityClient(): IdentityClient;
Existing type declarationspackages/cli-kit/dist/private/node/session/device-authorization.d.ts@@ -1,4 +1,5 @@
import { IdentityToken } from './schema.js';
+import { Response } from 'node-fetch';
export interface DeviceAuthorizationResponse {
deviceCode: string;
userCode: string;
@@ -29,4 +30,17 @@ export declare function requestDeviceAuthorization(scopes: string[]): Promise<De
* @param interval - The interval to poll the token endpoint
* @returns The identity token
*/
-export declare function pollForDeviceAuthorization(code: string, interval?: number): Promise<IdentityToken>;
\ No newline at end of file
+export declare function pollForDeviceAuthorization(code: string, interval?: number): Promise<IdentityToken>;
+export declare function convertRequestToParams(queryParams: {
+ client_id: string;
+ scope: string;
+}): string;
+/**
+ * Build a detailed error message for JSON parsing failures from the authorization service.
+ * Provides context-specific error messages based on response status and content.
+ *
+ * @param response - The HTTP response object
+ * @param responseText - The raw response body text
+ * @returns Detailed error message about the failure
+ */
+export declare function buildAuthorizationParseErrorMessage(response: Response, responseText: string): string;
\ No newline at end of file
packages/cli-kit/dist/private/node/session/exchange.d.ts@@ -1,7 +1,7 @@
import { ApplicationToken, IdentityToken } from './schema.js';
import { API } from '../api.js';
import { Result } from '../../../public/node/result.js';
-import { ExtendableError } from '../../../public/node/error.js';
+import { AbortError, ExtendableError } from '../../../public/node/error.js';
export declare class InvalidGrantError extends ExtendableError {
}
export declare class InvalidRequestError extends ExtendableError {
@@ -65,4 +65,16 @@ export declare function exchangeDeviceCodeForAccessToken(deviceCode: string): Pr
export declare function requestAppToken(api: API, token: string, scopes?: string[], store?: string): Promise<{
[x: string]: ApplicationToken;
}>;
+export interface TokenRequestResult {
+ access_token: string;
+ expires_in: number;
+ refresh_token: string;
+ scope: string;
+ id_token?: string;
+}
+export declare function tokenRequestErrorHandler({ error, store }: {
+ error: string;
+ store?: string;
+}): AbortError | InvalidGrantError | InvalidRequestError;
+export declare function buildIdentityToken(result: TokenRequestResult, existingUserId?: string, existingAlias?: string): IdentityToken;
export {};
\ No newline at end of file
packages/cli-kit/dist/private/node/session/identity.d.ts@@ -1,3 +1,2 @@
import { API } from '../api.js';
-export declare function clientId(): string;
export declare function applicationId(api: API): string;
\ No newline at end of file
packages/cli-kit/dist/public/node/vendor/dev_server/dev-server-2024.d.ts@@ -4,6 +4,7 @@ export declare function createServer(projectName: string): {
url: (options?: HostOptions) => string;
};
declare function assertRunning2024(projectName: string): void;
+export declare function isRunning2024(projectName: string): boolean;
declare let assertRunningOverride: typeof assertRunning2024 | undefined;
export declare function setAssertRunning(override: typeof assertRunningOverride): void;
export {};
\ No newline at end of file
|
This was referenced Nov 20, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
WHY are these changes introduced?
Part of: https://github.com/shop/issues-develop/issues/21594
WHAT is this pull request doing?