feat: Added 401 fallback to re-generate access_token (#853)

* feat: current changes

* feat: updated request retry code

* feat: limited auth to 401's only

* feat: cleaned up code

* feat: moved timeout into seperate function

* feat: further improved code

* feat: using bind on function

* feat: access_token now being regenerated

* feat: fixed bug

* feat: fixed es-lint errors

* feat: testing 429

* test: request 401 re auth test (#857)

Co-authored-by: Robert Field <[email protected]>

* feat: fixed failing 404 test

* feat: removed test button

* feat: updated errors to not silently fail

* feat: updated error handling

---------

Co-authored-by: Robert Field <[email protected]>

Author: ImBenHayward

examples/index.html

@@ -1,18 +1,16 @@
 <!DOCTYPE html>
 <html lang="en">
-
   <head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <meta http-equiv="X-UA-Compatible" content="ie=edge">
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta http-equiv="X-UA-Compatible" content="ie=edge" />
     <title>Moltin Example</title>
   </head>
 
   <body>
     <div id="products"></div>
     <script src="/moltin.js"></script>
     <script charset="utf-8">
-
       const Moltin = moltin.gateway({
         client_id: 'j6hSilXRQfxKohTndUuVrErLcSJWP15P347L6Im0M4'
       })
@@ -21,5 +19,4 @@
       Moltin.Products.All().then(({ data }) => console.log(data))
     </script>
   </body>
-
 </html>

package.json

@@ -44,7 +44,6 @@
     "url": "https://github.com/moltin/js-sdk/issues"
   },
   "devDependencies": {
-    "babel-plugin-rewire": "^1.2.0",
     "@babel/core": "7.21.3",
     "@babel/eslint-parser": "7.21.3",
     "@babel/preset-env": "7.20.2",
@@ -54,9 +53,12 @@
     "@rollup/plugin-json": "4.1.0",
     "@rollup/plugin-node-resolve": "13.3.0",
     "@semantic-release/exec": "^6.0.3",
+    "@sinonjs/fake-timers": "^11.1.0",
     "@types/chai": "4.3.4",
     "@types/mocha": "9.1.1",
     "@types/node": "18.0.6",
+    "@types/sinonjs__fake-timers": "^8.1.2",
+    "babel-plugin-rewire": "^1.2.0",
     "chai": "4.3.7",
     "commitizen": "4.2.5",
     "core-js": "3.29.1",

src/factories/request.js

@@ -4,7 +4,8 @@ import {
   resetProps,
   tokenInvalid,
   getCredentials,
-  isNode, resolveCredentialsStorageKey
+  isNode,
+  resolveCredentialsStorageKey
 } from '../utils/helpers'
 
 const createAuthRequest = config => {
@@ -57,10 +58,34 @@ const fetchRetry = (
   version,
   headers,
   requestBody,
+  authenticate,
   attempt = 1
 ) =>
   new Promise((resolve, reject) => {
     const ver = version || config.version
+    const updatedHeaders = headers
+
+    function retryTimeout(access_token) {
+      if (access_token) {
+        updatedHeaders.Authorization = `Bearer ${access_token}`
+      }
+
+      setTimeout(() => {
+        fetchRetry(
+          config,
+          uri,
+          method,
+          version,
+          updatedHeaders,
+          requestBody,
+          authenticate,
+          attempt + 1
+        )
+          .then(result => resolve(result))
+          .catch(error => reject(error))
+      }, attempt * config.retryDelay + Math.floor(Math.random() * config.retryJitter))
+    }
+
     config.auth.fetch
       .bind()(
         `${config.protocol}://${config.host}${ver ? `/${ver}` : ''}/${uri}`,
@@ -75,23 +100,16 @@ const fetchRetry = (
         if (response.ok) {
           resolve(response.json)
         }
-        if (attempt < config.fetchMaxAttempts && response.status === 429) {
-          setTimeout(
-            () =>
-              fetchRetry(
-                config,
-                uri,
-                method,
-                version,
-                headers,
-                requestBody,
-                attempt + 1
-              )
-                .then(result => resolve(result))
-                .catch(error => reject(error)),
-            attempt * config.retryDelay +
-              Math.floor(Math.random() * config.retryJitter)
-          )
+        if (attempt < config.fetchMaxAttempts) {
+          if (response.status === 401 && config.reauth) {
+            authenticate()
+              .then(data => retryTimeout(data.access_token))
+              .catch(error => reject(error))
+          } else if (response.status === 429) {
+            retryTimeout()
+          } else {
+            reject(response.json)
+          }
         } else {
           reject(response.json)
         }
@@ -133,7 +151,10 @@ class RequestFactory {
               ...(refresh_token && { refresh_token })
             }
 
-            storage.set(resolveCredentialsStorageKey(config.name), JSON.stringify(credentials))
+            storage.set(
+              resolveCredentialsStorageKey(config.name),
+              JSON.stringify(credentials)
+            )
           }
         }
       )
@@ -154,7 +175,7 @@ class RequestFactory {
   ) {
     const { config, storage } = this
 
-    const storageKey = resolveCredentialsStorageKey(config.name);
+    const storageKey = resolveCredentialsStorageKey(config.name)
     const credentials = getCredentials(storage, storageKey)
 
     const req = cred => {
@@ -214,11 +235,22 @@ class RequestFactory {
         return wrapBody ? buildRequestBody(body) : JSON.stringify(body)
       }
 
-      return fetchRetry(config, uri, method, version, headers, requestBody)
+      return fetchRetry(
+        config,
+        uri,
+        method,
+        version,
+        headers,
+        requestBody,
+        this.authenticate.bind(this),
+        1
+      )
     }
 
     if (tokenInvalid(config) && config.reauth && !config.store_id) {
-      return this.authenticate().then(() => req(getCredentials(storage, storageKey)))
+      return this.authenticate().then(() =>
+        req(getCredentials(storage, storageKey))
+      )
     }
 
     if (instance) resetProps(instance)

test/factories.ts

@@ -1067,3 +1067,49 @@ export const applicationKeysArray = [
     }
   }
 ]
+
+export const shopperCatalogProductResponse = {
+  data: {
+    id: '072541c8-1558-440b-979e-05b7880128fa',
+    type: 'product',
+    attributes: {
+      base_product: false,
+      commodity_type: 'physical',
+      created_at: '2023-05-17T11:21:02.014Z',
+      manage_stock: false,
+      name: 'Playstation 5 Controller',
+      price: {
+        USD: {
+          amount: 5000,
+          includes_tax: false
+        }
+      },
+      sku: 'ps5-controller',
+      slug: 'playstation-5-controller',
+      status: 'live',
+      updated_at: '2023-05-30T17:00:04.994Z',
+      published_at: '2023-05-31T10:21:28.184Z'
+    },
+    meta: {
+      catalog_id: 'bb06b811-95db-420d-a7ef-810eee1bb343',
+      catalog_source: 'pim',
+      pricebook_id: 'fe4a40ab-4bd1-4678-b94c-be799cbd58ac',
+      bread_crumb_nodes: ['50059701-ec6d-4829-b6d4-65831b98855e'],
+      bread_crumbs: {
+        '50059701-ec6d-4829-b6d4-65831b98855e': [
+          '06d5d325-487d-411d-9504-4bc8ca3b677b'
+        ]
+      },
+      display_price: {
+        without_tax: {
+          amount: 5000,
+          currency: 'USD',
+          formatted: '$50.00'
+        }
+      }
+    }
+  },
+  links: {
+    self: '/catalog/products/072541c8-1558-440b-979e-05b7880128fa'
+  }
+}

test/factories/request.ts

@@ -0,0 +1,64 @@
+import { assert } from 'chai'
+import nock from 'nock'
+import fakeTimers from '@sinonjs/fake-timers'
+import { gateway as MoltinGateway } from '../../src/moltin'
+import { shopperCatalogProductResponse } from '../factories'
+
+const apiUrl = 'https://euwest.api.elasticpath.com'
+
+describe('Moltin request', () => {
+  const Moltin = MoltinGateway({
+    client_id: 'XXX'
+  })
+
+  let clock: fakeTimers.InstalledClock | undefined
+
+  beforeEach(() => {
+    clock = fakeTimers.install({
+      shouldAdvanceTime: true,
+      advanceTimeDelta: 1
+    })
+  })
+
+  afterEach(() => {
+    clock?.uninstall()
+  })
+
+  it('Moltin request when 401 response should attempt to re-authenticate', () => {
+    // Intercept the API request
+    nock(apiUrl, {
+      reqheaders: {
+        Authorization: 'Bearer a550d8cbd4a4627013452359ab69694cd446615a'
+      }
+    })
+      .post('/oauth/access_token')
+      .reply(200, {
+        token_type: 'Bearer',
+        expires_in: 9999999999,
+        expires: 9999999999,
+        identifier: 'implicit',
+        access_token: 'a550d8cbd4a4627013452359ab69694cd446615a'
+      })
+
+    nock(apiUrl, {
+      reqheaders: {
+        Authorization: 'Bearer a550d8cbd4a4627013452359ab69694cd446615a'
+      }
+    })
+      .get('/catalog/products/1')
+      .reply(401, {
+        errors: {
+          title: 'Unauthorized',
+          status: 401
+        }
+      })
+      .get('/catalog/products/1')
+      .reply(200, shopperCatalogProductResponse)
+
+    return Moltin.ShopperCatalog.Products.Get({ productId: '1' }).then(
+      response => {
+        assert.equal(response.data.attributes.name, 'Playstation 5 Controller')
+      }
+    )
+  })
+})

test/tests.ts

@@ -42,3 +42,5 @@ require('./unit/one-time-password-token-request')
 require('./utils/helpers')
 require('./utils/throttle')
 require('./utils/configFetch')
+
+require('./factories/request')

yarn.lock

@@ -1561,6 +1561,20 @@
     lodash "^4.17.4"
     parse-json "^5.0.0"
 
+"@sinonjs/commons@^3.0.0":
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/@sinonjs/commons/-/commons-3.0.0.tgz#beb434fe875d965265e04722ccfc21df7f755d72"
+  integrity sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==
+  dependencies:
+    type-detect "4.0.8"
+
+"@sinonjs/fake-timers@^11.1.0":
+  version "11.1.0"
+  resolved "https://registry.yarnpkg.com/@sinonjs/fake-timers/-/fake-timers-11.1.0.tgz#5ad7b44514a61bbd04a3ddec863e21edd6efc2da"
+  integrity sha512-pUBaWhXoa9N0R/LeYKLqkrN9mqN3jwKBeMfbvlRtHUzLmk55o+0swncIuZBcSH/PpXDttRf/AcPF22pknAzORQ==
+  dependencies:
+    "@sinonjs/commons" "^3.0.0"
+
 "@tootallnate/once@1":
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/@tootallnate/once/-/once-1.1.2.tgz#ccb91445360179a04e7fe6aff78c00ffc1eeaf82"
@@ -1633,6 +1647,11 @@
   dependencies:
     "@types/node" "*"
 
+"@types/sinonjs__fake-timers@^8.1.2":
+  version "8.1.2"
+  resolved "https://registry.yarnpkg.com/@types/sinonjs__fake-timers/-/sinonjs__fake-timers-8.1.2.tgz#bf2e02a3dbd4aecaf95942ecd99b7402e03fad5e"
+  integrity sha512-9GcLXF0/v3t80caGs5p2rRfkB+a8VBGLJZVih6CNFkx8IZ994wiKKLSRs9nuFwk1HevWs/1mnUmkApGrSGsShA==
+
 "@ungap/[email protected]":
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/@ungap/promise-all-settled/-/promise-all-settled-1.1.2.tgz#aa58042711d6e3275dd37dc597e5d31e8c290a44"
@@ -6798,7 +6817,7 @@ type-check@^0.4.0, type-check@~0.4.0:
   dependencies:
     prelude-ls "^1.2.1"
 
-type-detect@^4.0.0, type-detect@^4.0.5:
+type-detect@4.0.8, type-detect@^4.0.0, type-detect@^4.0.5:
   version "4.0.8"
   resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-4.0.8.tgz#7646fb5f18871cfbb7749e69bd39a6388eb7450c"
   integrity sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==