@shopify/cli 3.63.2 → 3.64.1

package/dist/chunk-XSKJYEAZ.js

@@ -1,1453 +0,0 @@
-import {
-  checkPort,
-  require_find_process,
-  require_lib
-} from "./chunk-EQPYUHNM.js";
-import {
-  setNextDeprecationDate
-} from "./chunk-LH533WG4.js";
-import {
-  z
-} from "./chunk-6UDFXWNE.js";
-import {
-  base_command_default
-} from "./chunk-WP234IUO.js";
-import {
-  GraphQLClientError,
-  RequestClientError,
-  allAPIs,
-  buildHeaders,
-  debugLogResponseInfo,
-  getIdentityTokenInformation,
-  getPartnersToken,
-  httpsAgent,
-  sanitizedHeadersOutput,
-  shopifyFetch
-} from "./chunk-QCDYZY46.js";
-import {
-  ClientError,
-  GraphQLClient,
-  gql,
-  resolveRequestDocument
-} from "./chunk-A2UVOX6O.js";
-import {
-  base64URLEncode,
-  randomBytes,
-  randomHex,
-  sha256
-} from "./chunk-VQTHQBEC.js";
-import {
-  cacheRetrieveOrRepopulate,
-  getSession,
-  removeSession,
-  setSession
-} from "./chunk-XLPMGRR3.js";
-import {
-  AbortError,
-  BugError,
-  CancelExecution,
-  FatalError,
-  findPathUp,
-  firstPartyDev,
-  import_ts_error,
-  isSpin,
-  isSpinEnvironment,
-  isTruthy,
-  keypress,
-  openURL,
-  outputCompleted,
-  outputContent,
-  outputDebug,
-  outputInfo,
-  outputSuccess,
-  outputToken,
-  outputWarn,
-  readFile,
-  renderConfirmationPrompt,
-  runWithTimer,
-  serviceEnvironment,
-  spinFqdn,
-  stringifyMessage,
-  useDeviceAuth
-} from "./chunk-3MDI6LZT.js";
-import {
-  sessionConstants
-} from "./chunk-WADS2TV5.js";
-import {
-  moduleDirectory
-} from "./chunk-UNPXLODI.js";
-import {
-  __toESM,
-  init_cjs_shims
-} from "./chunk-ZPL24Y2D.js";
-
-// src/cli/commands/auth/logout.ts
-init_cjs_shims();
-
-// ../cli-kit/src/public/node/session.ts
-init_cjs_shims();
-
-// ../cli-kit/src/public/node/context/fqdn.ts
-init_cjs_shims();
-var CouldntObtainPartnersSpinFQDNError = new AbortError(
-  "Couldn't obtain the Spin FQDN for Partners when the CLI is not running from a Spin environment."
-);
-var CouldntObtainIdentitySpinFQDNError = new AbortError(
-  "Couldn't obtain the Spin FQDN for Identity when the CLI is not running from a Spin environment."
-);
-var CouldntObtainShopifySpinFQDNError = new AbortError(
-  "Couldn't obtain the Spin FQDN for Shopify when the CLI is not running from a Spin environment."
-);
-var NotProvidedStoreFQDNError = new AbortError(
-  "Couldn't obtain the Shopify FQDN because the store FQDN was not provided."
-);
-async function partnersFqdn() {
-  const environment = serviceEnvironment();
-  const productionFqdn = "partners.shopify.com";
-  switch (environment) {
-    case "local":
-      return "partners.myshopify.io";
-    case "spin":
-      return `partners.${await spinFqdn()}`;
-    default:
-      return productionFqdn;
-  }
-}
-async function appManagementFqdn() {
-  const environment = serviceEnvironment();
-  const productionFqdn = "shopify.com";
-  switch (environment) {
-    case "local":
-      return "app.shopify.myshopify.io";
-    case "spin":
-      return `app.shopify.${await spinFqdn()}`;
-    default:
-      return productionFqdn;
-  }
-}
-async function businessPlatformFqdn() {
-  const environment = serviceEnvironment();
-  const productionFqdn = "destinations.shopifysvc.com";
-  switch (environment) {
-    case "local":
-      return "business-platform.myshopify.io";
-    case "spin":
-      return `business-platform.${await spinFqdn()}`;
-    default:
-      return productionFqdn;
-  }
-}
-async function identityFqdn() {
-  const environment = serviceEnvironment();
-  const productionFqdn = "accounts.shopify.com";
-  switch (environment) {
-    case "local":
-      return "identity.myshopify.io";
-    case "spin":
-      return `identity.${await spinFqdn()}`;
-    default:
-      return productionFqdn;
-  }
-}
-async function normalizeStoreFqdn(store2) {
-  const storeFqdn = store2.replace(/^https?:\/\//, "").replace(/\/$/, "");
-  const addDomain = async (storeFqdn2) => isSpinEnvironment() ? `${storeFqdn2}.shopify.${await spinFqdn()}` : `${storeFqdn2}.myshopify.com`;
-  const containDomain = (storeFqdn2) => storeFqdn2.includes(".myshopify.com") || storeFqdn2.includes("spin.dev");
-  return containDomain(storeFqdn) ? storeFqdn : addDomain(storeFqdn);
-}
-
-// ../cli-kit/src/private/node/session/store.ts
-init_cjs_shims();
-
-// ../cli-kit/src/private/node/session/schema.ts
-init_cjs_shims();
-var DateSchema = z.preprocess((arg) => {
-  if (typeof arg === "string" || arg instanceof Date)
-    return new Date(arg);
-  return null;
-}, z.date());
-var IdentityTokenSchema = z.object({
-  accessToken: z.string(),
-  refreshToken: z.string(),
-  expiresAt: DateSchema,
-  scopes: z.array(z.string())
-});
-var ApplicationTokenSchema = z.object({
-  accessToken: z.string(),
-  expiresAt: DateSchema,
-  scopes: z.array(z.string())
-});
-var SessionSchema = z.object({}).catchall(
-  z.object({
-    /**
-     * It contains the identity token. Before usint it, we exchange it
-     * to get a token that we can use with different applications. The exchanged
-     * tokens for the applications are stored under applications.
-     */
-    identity: IdentityTokenSchema,
-    /**
-     * It contains exchanged tokens for the applications the CLI
-     * authenticates with. Tokens are scoped under the fqdn of the applications.
-     */
-    applications: z.object({}).catchall(ApplicationTokenSchema)
-  })
-);
-
-// ../cli-kit/src/private/node/session/store.ts
-async function store(session) {
-  const jsonSession = JSON.stringify(session);
-  setSession(jsonSession);
-}
-async function fetch() {
-  const content = getSession();
-  if (!content) {
-    return void 0;
-  }
-  const contentJson = JSON.parse(content);
-  const parsedSession = await SessionSchema.safeParseAsync(contentJson);
-  if (parsedSession.success) {
-    return parsedSession.data;
-  } else {
-    await remove();
-    return void 0;
-  }
-}
-async function remove() {
-  removeSession();
-}
-
-// ../cli-kit/src/private/node/session/exchange.ts
-init_cjs_shims();
-
-// ../cli-kit/src/private/node/session/identity.ts
-init_cjs_shims();
-function clientId() {
-  const environment = serviceEnvironment();
-  if (environment === "local" /* Local */) {
-    return "e5380e02-312a-7408-5718-e07017e9cf52";
-  } else if (environment === "production" /* Production */) {
-    return "fbdb2649-e327-4907-8f67-908d24cfd7e3";
-  } else {
-    return "e5380e02-312a-7408-5718-e07017e9cf52";
-  }
-}
-function applicationId(api) {
-  switch (api) {
-    case "admin": {
-      const environment = serviceEnvironment();
-      if (environment === "local" /* Local */) {
-        return "e92482cebb9bfb9fb5a0199cc770fde3de6c8d16b798ee73e36c9d815e070e52";
-      } else if (environment === "production" /* Production */) {
-        return "7ee65a63608843c577db8b23c4d7316ea0a01bd2f7594f8a9c06ea668c1b775c";
-      } else {
-        return "e92482cebb9bfb9fb5a0199cc770fde3de6c8d16b798ee73e36c9d815e070e52";
-      }
-    }
-    case "partners": {
-      const environment = serviceEnvironment();
-      if (environment === "local" /* Local */) {
-        return "df89d73339ac3c6c5f0a98d9ca93260763e384d51d6038da129889c308973978";
-      } else if (environment === "production" /* Production */) {
-        return "271e16d403dfa18082ffb3d197bd2b5f4479c3fc32736d69296829cbb28d41a6";
-      } else {
-        return "df89d73339ac3c6c5f0a98d9ca93260763e384d51d6038da129889c308973978";
-      }
-    }
-    case "storefront-renderer": {
-      const environment = serviceEnvironment();
-      if (environment === "local" /* Local */) {
-        return "46f603de-894f-488d-9471-5b721280ff49";
-      } else if (environment === "production" /* Production */) {
-        return "ee139b3d-5861-4d45-b387-1bc3ada7811c";
-      } else {
-        return "46f603de-894f-488d-9471-5b721280ff49";
-      }
-    }
-    case "business-platform": {
-      const environment = serviceEnvironment();
-      if (environment === "local" /* Local */) {
-        return "ace6dc89-b526-456d-a942-4b8ef6acda4b";
-      } else if (environment === "production" /* Production */) {
-        return "32ff8ee5-82b8-4d93-9f8a-c6997cefb7dc";
-      } else {
-        return "ace6dc89-b526-456d-a942-4b8ef6acda4b";
-      }
-    }
-    case "app-management": {
-      const environment = serviceEnvironment();
-      if (environment === "production" /* Production */) {
-        return "7ee65a63608843c577db8b23c4d7316ea0a01bd2f7594f8a9c06ea668c1b775c";
-      } else {
-        return "e92482cebb9bfb9fb5a0199cc770fde3de6c8d16b798ee73e36c9d815e070e52";
-      }
-    }
-    default:
-      throw new BugError(`Application id for API of type: ${api}`);
-  }
-}
-
-// ../cli-kit/src/public/node/result.ts
-init_cjs_shims();
-var ok = (value) => new Ok(value);
-var err = (err2) => new Err(err2);
-var Ok = class {
-  constructor(value) {
-    this.value = value;
-  }
-  /**
-   * Check if a `Result` is an `Err` inferring its type. `!isErr()` should be used before accessing the `value`
-   *
-   * @returns `false` as the `Resul` is `OK`
-   */
-  isErr() {
-    return false;
-  }
-  /**
-   * Runs the `handler` method an return the same an unaltered copy of the `Result`. It could be used to log an
-   * output when the result is `Ok` without breaking the flow
-   *
-   * @param handler - method to be run when the result is `Ok`
-   * @returns a copy of the same `Result`
-   */
-  doOnOk(handler) {
-    handler(this.value);
-    return ok(this.value);
-  }
-  /**
-   * A safe mode to throw the `error` of the `Result`
-   */
-  valueOrBug() {
-    return this.value;
-  }
-  /**
-   * Throws an abort error if the result doesn't represent a value.
-   */
-  valueOrAbort() {
-    return this.value;
-  }
-  /**
-   * Maps the value to another one with a different type. It leaves the `Error` type unaltered
-   *
-   * @param mapper - The mapper method to apply an `OK` value
-   * @returns a new result with the new mapped value
-   */
-  map(mapper) {
-    return ok(mapper(this.value));
-  }
-  /**
-   * Maps the error type to another one. It leaves the `Ok` type and value unaltered
-   *
-   * @param _mapper - This mapper method is not used for an `Ok` value
-   * @returns a new result with the new mapped error type and an value
-   */
-  mapError(_mapper) {
-    return ok(this.value);
-  }
-};
-var Err = class {
-  // eslint-disable-next-line node/handle-callback-err
-  constructor(error) {
-    this.error = error;
-  }
-  /**
-   * Check if a `Result` is an `Err` inferring its type. `!isErr()` should be used before accessing the `value`
-   *
-   * @returns `false` as the `Resul` is `OK`
-   */
-  isErr() {
-    return true;
-  }
-  /**
-   * Return an unaltered copy of the `Error` without doing anything.
-   *
-   * @param _handler - This handler method is not used for an `Error`
-   * @returns a copy of the same `Error`
-   */
-  doOnOk(_handler) {
-    return err(this.error);
-  }
-  /**
-   * A safe mode to throw the `error` of the `Result`
-   */
-  valueOrBug() {
-    throw this.error;
-  }
-  /**
-   * Throws an abort error if the result doesn't represent a value.
-   */
-  valueOrAbort() {
-    if (this.error instanceof FatalError) {
-      throw this.error;
-    } else if (this.error instanceof import_ts_error.ExtendableError || this.error instanceof Error) {
-      const error = new AbortError(this.error.message);
-      error.stack = this.error.stack;
-      throw error;
-    } else {
-      throw new AbortError(`${this.error}`);
-    }
-  }
-  /**
-   * Maps the value type to another one. It leaves the `Error` unaltered
-   *
-   * @param _mapper - This mapper method is not used for an `Error` value
-   * @returns a new result with the new value type and an unaltered error
-   */
-  map(_mapper) {
-    return err(this.error);
-  }
-  /**
-   * Maps the error to another one with a different type. It leaves the value type unaltered
-   *
-   * @param mapper - The mapper method to apply an `Error` value
-   * @returns a new result with the new mapped error
-   */
-  mapError(mapper) {
-    return err(mapper(this.error));
-  }
-};
-
-// ../cli-kit/src/private/node/session/exchange.ts
-var InvalidGrantError = class extends import_ts_error.ExtendableError {
-};
-var InvalidRequestError = class extends import_ts_error.ExtendableError {
-};
-async function exchangeCodeForAccessToken(codeData) {
-  const clientId2 = await clientId();
-  const params = {
-    grant_type: "authorization_code",
-    code: codeData.code,
-    redirect_uri: "http://127.0.0.1:3456",
-    client_id: clientId2,
-    code_verifier: codeData.codeVerifier
-  };
-  const tokenResult = await tokenRequest(params);
-  const value = tokenResult.mapError(tokenRequestErrorHandler).valueOrBug();
-  return buildIdentityToken(value);
-}
-async function exchangeAccessForApplicationTokens(identityToken, scopes, store2) {
-  const token = identityToken.accessToken;
-  const appManagementEnabled = isTruthy(process.env.USE_APP_MANAGEMENT_API);
-  const [partners, storefront, businessPlatform, admin, appManagement] = await Promise.all([
-    requestAppToken("partners", token, scopes.partners),
-    requestAppToken("storefront-renderer", token, scopes.storefront),
-    requestAppToken("business-platform", token, scopes.businessPlatform),
-    store2 ? requestAppToken("admin", token, scopes.admin, store2) : {},
-    appManagementEnabled ? requestAppToken("app-management", token, scopes.appManagement) : {}
-  ]);
-  return {
-    ...partners,
-    ...storefront,
-    ...businessPlatform,
-    ...admin,
-    ...appManagement
-  };
-}
-async function refreshAccessToken(currentToken) {
-  const clientId2 = clientId();
-  const params = {
-    grant_type: "refresh_token",
-    access_token: currentToken.accessToken,
-    refresh_token: currentToken.refreshToken,
-    client_id: clientId2
-  };
-  const tokenResult = await tokenRequest(params);
-  const value = tokenResult.mapError(tokenRequestErrorHandler).valueOrBug();
-  return buildIdentityToken(value);
-}
-async function exchangeCustomPartnerToken(token) {
-  const appId = applicationId("partners");
-  try {
-    const newToken = await requestAppToken("partners", token, ["https://api.shopify.com/auth/partners.app.cli.access"]);
-    return newToken[appId];
-  } catch (error) {
-    throw new AbortError("The custom token provided is invalid.", "Ensure the token is correct and not expired.");
-  }
-}
-async function exchangeDeviceCodeForAccessToken(deviceCode) {
-  const clientId2 = await clientId();
-  const params = {
-    grant_type: "urn:ietf:params:oauth:grant-type:device_code",
-    device_code: deviceCode,
-    client_id: clientId2
-  };
-  const tokenResult = await tokenRequest(params);
-  if (tokenResult.isErr()) {
-    return err(tokenResult.error);
-  }
-  const identityToken = buildIdentityToken(tokenResult.value);
-  return ok(identityToken);
-}
-async function requestAppToken(api, token, scopes = [], store2) {
-  const appId = applicationId(api);
-  const clientId2 = await clientId();
-  const params = {
-    grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
-    requested_token_type: "urn:ietf:params:oauth:token-type:access_token",
-    subject_token_type: "urn:ietf:params:oauth:token-type:access_token",
-    client_id: clientId2,
-    audience: appId,
-    scope: scopes.join(" "),
-    subject_token: token,
-    ...api === "admin" && { destination: `https://${store2}/admin` }
-  };
-  let identifier = appId;
-  if (api === "admin" && store2) {
-    identifier = `${store2}-${appId}`;
-  }
-  const tokenResult = await tokenRequest(params);
-  const value = tokenResult.mapError(tokenRequestErrorHandler).valueOrBug();
-  const appToken = buildApplicationToken(value);
-  return { [identifier]: appToken };
-}
-function tokenRequestErrorHandler(error) {
-  if (error === "invalid_grant") {
-    return new InvalidGrantError();
-  }
-  if (error === "invalid_request") {
-    return new InvalidRequestError();
-  }
-  return new AbortError(error);
-}
-async function tokenRequest(params) {
-  const fqdn = await identityFqdn();
-  const url2 = new URL(`https://${fqdn}/oauth/token`);
-  url2.search = new URLSearchParams(Object.entries(params)).toString();
-  const res = await shopifyFetch(url2.href, { method: "POST" });
-  const payload = await res.json();
-  if (res.ok)
-    return ok(payload);
-  return err(payload.error);
-}
-function buildIdentityToken(result) {
-  return {
-    accessToken: result.access_token,
-    refreshToken: result.refresh_token,
-    expiresAt: new Date(Date.now() + result.expires_in * 1e3),
-    scopes: result.scope.split(" ")
-  };
-}
-function buildApplicationToken(result) {
-  return {
-    accessToken: result.access_token,
-    expiresAt: new Date(Date.now() + result.expires_in * 1e3),
-    scopes: result.scope.split(" ")
-  };
-}
-
-// ../cli-kit/src/private/node/session.ts
-init_cjs_shims();
-
-// ../cli-kit/src/private/node/session/validate.ts
-init_cjs_shims();
-
-// ../cli-kit/src/private/node/session/identity-token-validation.ts
-init_cjs_shims();
-async function validateIdentityToken(token) {
-  if (isSpin() && firstPartyDev())
-    return true;
-  try {
-    return withIntrospectionURL(async (introspectionURL) => {
-      const options = {
-        method: "POST",
-        headers: { Authorization: `Bearer ${token}`, "Content-Type": "application/json" },
-        body: JSON.stringify({ token })
-      };
-      outputDebug(`Sending Identity Introspection request to URL: ${introspectionURL}`);
-      const response = await shopifyFetch(introspectionURL, options);
-      if (response.ok && response.headers.get("content-type")?.includes("json")) {
-        const json = await response.json();
-        outputDebug(`The identity token is valid: ${json.valid}`);
-        return ok(json.valid);
-      } else if (response.status === 404 || response.status > 500) {
-        return err(new AbortError(`The introspection endpoint returned a ${response.status}: ${introspectionURL}`));
-      } else {
-        const text = await response.text();
-        outputDebug(`The Introspection request failed with:
- - status: ${response.status}
- - www-authenticate header: ${JSON.stringify(response.headers.get("www-authenticate"))}
- - body: ${JSON.stringify(text)}`);
-        return ok(false);
-      }
-    });
-  } catch (error) {
-    outputDebug(`The identity token is invalid: ${error}`);
-    return false;
-  }
-}
-async function withIntrospectionURL(fn) {
-  const week = 7 * 24 * 60 * 60 * 1e3;
-  const cacheKey = `identity-introspection-url-${await identityFqdn()}`;
-  let introspectionURL = await cacheRetrieveOrRepopulate(cacheKey, getIntrospectionURL, week);
-  let result = await fn(introspectionURL);
-  if (result.isErr()) {
-    introspectionURL = await cacheRetrieveOrRepopulate(cacheKey, getIntrospectionURL, 0);
-    result = await fn(introspectionURL);
-  }
-  if (result.isErr()) {
-    throw result.error;
-  } else {
-    return result.value;
-  }
-}
-async function getIntrospectionURL() {
-  const response = await shopifyFetch(`https://${await identityFqdn()}/.well-known/openid-configuration.json`);
-  const json = await response.json();
-  return json.introspection_endpoint;
-}
-
-// ../cli-kit/src/private/node/session/validate.ts
-function validateScopes(requestedScopes, identity) {
-  const currentScopes = identity.scopes;
-  if (firstPartyDev() !== currentScopes.includes("employee"))
-    return false;
-  return requestedScopes.every((scope) => currentScopes.includes(scope));
-}
-async function validateSession(scopes, applications, session) {
-  if (!session)
-    return "needs_full_auth";
-  const scopesAreValid = validateScopes(scopes, session.identity);
-  const identityIsValid = await validateIdentityToken(session.identity.accessToken);
-  if (!scopesAreValid)
-    return "needs_full_auth";
-  let tokensAreExpired = isTokenExpired(session.identity);
-  if (applications.partnersApi) {
-    const appId = applicationId("partners");
-    const token = session.applications[appId];
-    tokensAreExpired = tokensAreExpired || isTokenExpired(token);
-  }
-  if (applications.appManagementApi) {
-    const appId = applicationId("app-management");
-    const token = session.applications[appId];
-    tokensAreExpired = tokensAreExpired || isTokenExpired(token);
-  }
-  if (applications.storefrontRendererApi) {
-    const appId = applicationId("storefront-renderer");
-    const token = session.applications[appId];
-    tokensAreExpired = tokensAreExpired || isTokenExpired(token);
-  }
-  if (applications.adminApi) {
-    const appId = applicationId("admin");
-    const realAppId = `${applications.adminApi.storeFqdn}-${appId}`;
-    const token = session.applications[realAppId];
-    tokensAreExpired = tokensAreExpired || isTokenExpired(token);
-  }
-  outputDebug(`
-The validation of the token for application/identity completed with the following results:
-- It's expired: ${tokensAreExpired}
-- It's invalid in identity: ${!identityIsValid}
-  `);
-  if (tokensAreExpired)
-    return "needs_refresh";
-  if (!identityIsValid)
-    return "needs_full_auth";
-  return "ok";
-}
-function isTokenExpired(token) {
-  if (!token)
-    return true;
-  return token.expiresAt < expireThreshold();
-}
-function expireThreshold() {
-  return new Date(Date.now() + sessionConstants.expirationTimeMarginInMinutes * 60 * 1e3);
-}
-
-// ../cli-kit/src/private/node/session/scopes.ts
-init_cjs_shims();
-function allDefaultScopes(extraScopes = [], systemEnvironment = process.env) {
-  let scopes = allAPIs.map((api) => defaultApiScopes(api, systemEnvironment)).flat();
-  scopes = ["openid", ...scopes, ...extraScopes].map(scopeTransform);
-  return Array.from(new Set(scopes));
-}
-function apiScopes(api, extraScopes = [], systemEnvironment = process.env) {
-  const scopes = [...defaultApiScopes(api, systemEnvironment), ...extraScopes.map(scopeTransform)].map(scopeTransform);
-  return Array.from(new Set(scopes));
-}
-function defaultApiScopes(api, systemEnvironment = process.env) {
-  switch (api) {
-    case "admin":
-      return ["graphql", "themes", "collaborator"];
-    case "storefront-renderer":
-      return ["devtools"];
-    case "partners":
-      return ["cli"];
-    case "business-platform":
-      return ["destinations"];
-    case "app-management":
-      return isTruthy(systemEnvironment.USE_APP_MANAGEMENT_API) ? ["app-management"] : [];
-    default:
-      throw new BugError(`Unknown API: ${api}`);
-  }
-}
-function scopeTransform(scope) {
-  switch (scope) {
-    case "graphql":
-      return "https://api.shopify.com/auth/shop.admin.graphql";
-    case "themes":
-      return "https://api.shopify.com/auth/shop.admin.themes";
-    case "collaborator":
-      return "https://api.shopify.com/auth/partners.collaborator-relationships.readonly";
-    case "cli":
-      return "https://api.shopify.com/auth/partners.app.cli.access";
-    case "devtools":
-      return "https://api.shopify.com/auth/shop.storefront-renderer.devtools";
-    case "destinations":
-      return "https://api.shopify.com/auth/destinations.readonly";
-    case "app-management":
-      return "https://api.shopify.com/auth/organization.apps.manage";
-    default:
-      return scope;
-  }
-}
-
-// ../cli-kit/src/private/node/session/authorize.ts
-init_cjs_shims();
-
-// ../cli-kit/src/private/node/session/redirect-listener.ts
-init_cjs_shims();
-
-// ../cli-kit/src/private/node/session/post-auth.ts
-init_cjs_shims();
-var HTMLFileNames = [
-  "empty-url.html",
-  "auth-error.html",
-  "missing-code.html",
-  "missing-state.html",
-  "success.html"
-];
-var StylesheetFilename = "style.css";
-var FaviconFileName = "favicon.svg";
-var getFilePath = async (fileName) => {
-  const filePath = await findPathUp(`assets/${fileName}`, {
-    type: "file",
-    cwd: moduleDirectory(import.meta.url)
-  });
-  if (!filePath) {
-    throw RedirectPageAssetNotFoundError();
-  }
-  return filePath;
-};
-var getEmptyUrlHTML = async () => {
-  const filePath = await getFilePath(HTMLFileNames[0]);
-  return readFile(filePath);
-};
-var getAuthErrorHTML = async () => {
-  const filePath = await getFilePath(HTMLFileNames[1]);
-  return readFile(filePath);
-};
-var getMissingCodeHTML = async () => {
-  const filePath = await getFilePath(HTMLFileNames[2]);
-  return readFile(filePath);
-};
-var getMissingStateHTML = async () => {
-  const filePath = await getFilePath(HTMLFileNames[3]);
-  return readFile(filePath);
-};
-var getSuccessHTML = async () => {
-  const filePath = await getFilePath(HTMLFileNames[4]);
-  return readFile(filePath);
-};
-var getStylesheet = async () => {
-  const filePath = await getFilePath(StylesheetFilename);
-  return readFile(filePath);
-};
-var getFavicon = async () => {
-  const filePath = await getFilePath(FaviconFileName);
-  return readFile(filePath);
-};
-var EmptyUrlString = "We received the authentication redirect but the URL is empty.";
-var MissingCodeString = "The authentication can't continue because the redirect doesn't include the code.";
-var MissingStateString = "The authentication can't continue because the redirect doesn't include the state.";
-var RedirectPageAssetNotFoundError = () => new BugError(`Redirect page asset not found`);
-
-// ../cli-kit/src/private/node/session/redirect-listener.ts
-import url from "url";
-import { createServer } from "http";
-var ResponseTimeoutSeconds = 10;
-var ServerStopDelaySeconds = 0.5;
-var RedirectListener = class _RedirectListener {
-  static createServer(callback) {
-    const app = async (request, response) => {
-      const requestUrl = request.url;
-      if (requestUrl?.includes("favicon")) {
-        const faviconFile = await getFavicon();
-        response.setHeader("Content-Type", "image/svg+xml");
-        response.write(faviconFile);
-        response.end();
-        return {};
-      } else if (requestUrl === "/style.css") {
-        const stylesheetFile = await getStylesheet();
-        response.setHeader("Content-Type", "text/css");
-        response.write(stylesheetFile);
-        response.end();
-        return {};
-      }
-      const respond = async (contents, error, state, code) => {
-        response.setHeader("Content-Type", "text/html");
-        response.write(contents);
-        response.end();
-        callback(error, state, code);
-        return {};
-      };
-      if (!requestUrl) {
-        const file2 = await getEmptyUrlHTML();
-        const err2 = new BugError(EmptyUrlString);
-        return respond(file2, err2, void 0, void 0);
-      }
-      const queryObject = url.parse(requestUrl, true).query;
-      if (queryObject.error && queryObject.error_description) {
-        const file2 = await getAuthErrorHTML();
-        const err2 = new AbortError(`${queryObject.error_description}`);
-        return respond(file2, err2, void 0, void 0);
-      }
-      if (!queryObject.code) {
-        const file2 = await getMissingCodeHTML();
-        const err2 = new BugError(MissingCodeString);
-        return respond(file2, err2, void 0, void 0);
-      }
-      if (!queryObject.state) {
-        const file2 = await getMissingStateHTML();
-        const err2 = new BugError(MissingStateString);
-        return respond(file2, err2, void 0, void 0);
-      }
-      const file = await getSuccessHTML();
-      return respond(file, void 0, `${queryObject.code}`, `${queryObject.state}`);
-    };
-    return createServer(app);
-  }
-  constructor(options) {
-    this.port = options.port;
-    this.host = options.host;
-    this.server = _RedirectListener.createServer(options.callback);
-  }
-  start() {
-    this.server.listen({ port: this.port, host: this.host }, () => {
-    });
-  }
-  async stop() {
-    await this.server.close();
-  }
-};
-async function listenRedirect(host, port, url2) {
-  const result = await new Promise((resolve, reject) => {
-    const timeout = setTimeout(() => {
-      const message = "\nAuto-open timed out. Open the login page: ";
-      outputInfo(outputContent`${message}${outputToken.link("Log in to Shopify Partners", url2)}\n`);
-    }, ResponseTimeoutSeconds * 1e3);
-    const callback = (error, code, state) => {
-      clearTimeout(timeout);
-      setTimeout(() => {
-        redirectListener.stop();
-        if (error)
-          reject(error);
-        else
-          resolve({ code, state });
-      }, ServerStopDelaySeconds * 1e3);
-    };
-    const redirectListener = new RedirectListener({ host, port, callback });
-    redirectListener.start();
-  });
-  return result;
-}
-
-// ../cli-kit/src/private/node/session/authorize.ts
-var import_find_process = __toESM(require_find_process(), 1);
-async function authorize(scopes, state = randomHex(30)) {
-  const port = 3456;
-  const host = "127.0.0.1";
-  const redirectUri = `http://${host}:${port}`;
-  const fqdn = await identityFqdn();
-  const identityClientId = clientId();
-  await validateRedirectionPortAvailability(port);
-  let url2 = `http://${fqdn}/oauth/authorize`;
-  const { codeVerifier, codeChallenge } = generateRandomChallengePair();
-  const params = {
-    client_id: identityClientId,
-    scope: scopes.join(" "),
-    redirect_uri: redirectUri,
-    state,
-    response_type: "code",
-    code_challenge_method: "S256",
-    code_challenge: codeChallenge
-  };
-  outputInfo("\nTo run this command, log in to Shopify.");
-  outputInfo("\u{1F449} Press any key to open the login page on your browser");
-  await keypress();
-  url2 = `${url2}?${new URLSearchParams(params).toString()}`;
-  await openURL(url2);
-  return runWithTimer("cmd_all_timing_prompts_ms")(async () => {
-    const result = await listenRedirect(host, port, url2);
-    if (result.state !== state) {
-      throw new AbortError(
-        "The state received from the authentication doesn't match the one that initiated the authentication process."
-      );
-    }
-    return { code: result.code, codeVerifier };
-  });
-}
-function generateRandomChallengePair() {
-  const codeVerifier = base64URLEncode(randomBytes(32));
-  const codeChallenge = base64URLEncode(sha256(codeVerifier));
-  return { codeVerifier, codeChallenge };
-}
-async function validateRedirectionPortAvailability(port) {
-  const { killPortProcess } = await import("./lib-MUDJYT6A.js");
-  if (await checkPort(port)) {
-    return;
-  }
-  if (await terminateBlockingPortProcessPrompt(port, "Authentication")) {
-    await killPortProcess(port);
-  } else {
-    throw new CancelExecution();
-  }
-}
-async function terminateBlockingPortProcessPrompt(port, stepDescription) {
-  const processInfo = await (0, import_find_process.default)("port", port);
-  const formattedProcessName = processInfo && processInfo.length > 0 && processInfo[0]?.name ? ` (${processInfo[0].name})` : "";
-  return renderConfirmationPrompt({
-    message: `${stepDescription} requires a port ${port} that's unavailable because it's running another process${formattedProcessName}. Terminate that process?`,
-    confirmationMessage: "Yes, terminate process in order to log in now",
-    cancellationMessage: `No, cancel command and try later`
-  });
-}
-
-// ../cli-kit/src/private/node/session/device-authorization.ts
-init_cjs_shims();
-async function requestDeviceAuthorization(scopes) {
-  const fqdn = await identityFqdn();
-  const identityClientId = await clientId();
-  const queryParams = { client_id: identityClientId, scope: scopes.join(" ") };
-  const url2 = `https://${fqdn}/oauth/device_authorization`;
-  const response = await shopifyFetch(url2, {
-    method: "POST",
-    headers: { "Content-type": "application/x-www-form-urlencoded" },
-    body: convertRequestToParams(queryParams)
-  });
-  const jsonResult = await response.json();
-  outputDebug(outputContent`Received device authorization code: ${outputToken.json(jsonResult)}`);
-  if (!jsonResult.device_code || !jsonResult.verification_uri_complete) {
-    throw new BugError("Failed to start authorization process");
-  }
-  outputInfo("\nTo run this command, log in to Shopify.");
-  outputInfo(outputContent`User verification code: ${jsonResult.user_code}`);
-  outputInfo(
-    outputContent`👉 Open this link to start the auth process: ${outputToken.green(
-      jsonResult.verification_uri_complete
-    )}`
-  );
-  return {
-    deviceCode: jsonResult.device_code,
-    userCode: jsonResult.user_code,
-    verificationUri: jsonResult.verification_uri,
-    expiresIn: jsonResult.expires_in,
-    verificationUriComplete: jsonResult.verification_uri_complete,
-    interval: jsonResult.interval
-  };
-}
-async function pollForDeviceAuthorization(code, interval = 5) {
-  let currentIntervalInSeconds = interval;
-  return new Promise((resolve, reject) => {
-    const onPoll = async () => {
-      const result = await exchangeDeviceCodeForAccessToken(code);
-      if (!result.isErr())
-        return resolve(result.value);
-      const error = result.error ?? "unknown_failure";
-      outputDebug(outputContent`Polling for device authorization... status: ${error}`);
-      switch (error) {
-        case "authorization_pending":
-          return startPolling();
-        case "slow_down":
-          currentIntervalInSeconds += 5;
-          return startPolling();
-        case "access_denied":
-        case "expired_token":
-        case "unknown_failure":
-          return reject(result);
-      }
-    };
-    const startPolling = () => {
-      setTimeout(onPoll, currentIntervalInSeconds * 1e3);
-    };
-    startPolling();
-  });
-}
-function convertRequestToParams(queryParams) {
-  return Object.entries(queryParams).map(([key, value]) => value && `${key}=${value}`).filter((hasValue) => Boolean(hasValue)).join("&");
-}
-
-// ../cli-kit/src/public/node/api/partners.ts
-init_cjs_shims();
-
-// ../cli-kit/src/public/node/api/graphql.ts
-init_cjs_shims();
-
-// ../cli-kit/src/private/node/api/graphql.ts
-init_cjs_shims();
-function debugLogRequestInfo(api, query, variables, headers = {}) {
-  outputDebug(outputContent`Sending ${outputToken.json(api)} GraphQL request:
-  ${outputToken.raw(query.toString().trim())}
-${variables ? `
-With variables:
-${sanitizeVariables(variables)}
-` : ""}
-With request headers:
-${sanitizedHeadersOutput(headers)}
-`);
-}
-function sanitizeVariables(variables) {
-  const result = { ...variables };
-  if ("apiKey" in result) {
-    result.apiKey = "*****";
-  }
-  return JSON.stringify(result, null, 2);
-}
-function errorHandler(api) {
-  return (error, requestId) => {
-    if (error instanceof ClientError) {
-      const { status } = error.response;
-      let errorMessage = stringifyMessage(outputContent`
-The ${outputToken.raw(api)} GraphQL API responded unsuccessfully with${status === 200 ? "" : ` the HTTP status ${status} and`} errors:
-
-${outputToken.json(error.response.errors)}
-      `);
-      if (requestId) {
-        errorMessage += `
-Request ID: ${requestId}
-`;
-      }
-      let mappedError;
-      if (status < 500) {
-        mappedError = new GraphQLClientError(errorMessage, status, error.response.errors);
-      } else {
-        mappedError = new AbortError(errorMessage);
-      }
-      mappedError.stack = error.stack;
-      return mappedError;
-    } else {
-      return error;
-    }
-  };
-}
-
-// ../cli-kit/src/public/node/api/graphql.ts
-async function performGraphQLRequest(options) {
-  const { token, addedHeaders, queryAsString, variables, api, url: url2, responseOptions } = options;
-  const headers = {
-    ...addedHeaders,
-    ...buildHeaders(token)
-  };
-  debugLogRequestInfo(api, queryAsString, variables, headers);
-  const clientOptions = { agent: await httpsAgent(), headers };
-  const client = new GraphQLClient(url2, clientOptions);
-  return runWithTimer("cmd_all_timing_network_ms")(async () => {
-    const response = await debugLogResponseInfo(
-      { request: client.rawRequest(queryAsString, variables), url: url2 },
-      responseOptions?.handleErrors === false ? void 0 : errorHandler(api)
-    );
-    if (responseOptions?.onResponse) {
-      responseOptions.onResponse(response);
-    }
-    return response.data;
-  });
-}
-async function graphqlRequest(options) {
-  return performGraphQLRequest({
-    ...options,
-    queryAsString: options.query
-  });
-}
-async function graphqlRequestDoc(options) {
-  return performGraphQLRequest({
-    ...options,
-    queryAsString: resolveRequestDocument(options.query).query
-  });
-}
-
-// ../cli-kit/src/public/node/api/partners.ts
-var import_bottleneck = __toESM(require_lib(), 1);
-var limiter = new import_bottleneck.default({
-  minTime: 150,
-  maxConcurrent: 10
-});
-async function setupRequest(token) {
-  const api = "Partners";
-  const fqdn = await partnersFqdn();
-  const url2 = `https://${fqdn}/api/cli/graphql`;
-  return {
-    token,
-    api,
-    url: url2,
-    responseOptions: { onResponse: handleDeprecations }
-  };
-}
-async function partnersRequest(query, token, variables) {
-  const opts = await setupRequest(token);
-  const result = limiter.schedule(
-    () => graphqlRequest({
-      ...opts,
-      query,
-      variables
-    })
-  );
-  return result;
-}
-async function partnersRequestDoc(query, token, variables) {
-  const opts = await setupRequest(token);
-  const result = limiter.schedule(
-    () => graphqlRequestDoc({
-      ...opts,
-      query,
-      variables
-    })
-  );
-  return result;
-}
-var FunctionUploadUrlGenerateMutation = gql`
-  mutation functionUploadUrlGenerateMutation {
-    functionUploadUrlGenerate {
-      generatedUrlDetails {
-        url
-        moduleId
-        headers
-        maxBytes
-        maxSize
-      }
-    }
-  }
-`;
-function handleDeprecations(response) {
-  if (!response.extensions)
-    return;
-  const deprecationDates = [];
-  for (const deprecation of response.extensions.deprecations) {
-    if (deprecation.supportedUntilDate) {
-      deprecationDates.push(new Date(deprecation.supportedUntilDate));
-    }
-  }
-  setNextDeprecationDate(deprecationDates);
-}
-
-// ../cli-kit/src/private/node/session.ts
-async function ensureAuthenticated(applications, _env, { forceRefresh = false, noPrompt = false } = {}) {
-  const fqdn = await identityFqdn();
-  const previousStoreFqdn = applications.adminApi?.storeFqdn;
-  if (previousStoreFqdn) {
-    const normalizedStoreName = await normalizeStoreFqdn(previousStoreFqdn);
-    if (previousStoreFqdn === applications.adminApi?.storeFqdn) {
-      applications.adminApi.storeFqdn = normalizedStoreName;
-    }
-  }
-  const currentSession = await fetch() || {};
-  const fqdnSession = currentSession[fqdn];
-  const scopes = getFlattenScopes(applications);
-  outputDebug(outputContent`Validating existing session against the scopes:
-${outputToken.json(scopes)}
-For applications:
-${outputToken.json(applications)}
-`);
-  const validationResult = await validateSession(scopes, applications, fqdnSession);
-  let newSession = {};
-  function throwOnNoPrompt() {
-    if (!noPrompt || isSpin() && firstPartyDev())
-      return;
-    throw new AbortError(
-      `The currently available CLI credentials are invalid.
-
-The CLI is currently unable to prompt for reauthentication.`,
-      "Restart the CLI process you were running. If in an interactive terminal, you will be prompted to reauthenticate. If in a non-interactive terminal, ensure the correct credentials are available in the program environment."
-    );
-  }
-  if (validationResult === "needs_full_auth") {
-    throwOnNoPrompt();
-    outputDebug(outputContent`Initiating the full authentication flow...`);
-    newSession = await executeCompleteFlow(applications, fqdn);
-  } else if (validationResult === "needs_refresh" || forceRefresh) {
-    outputDebug(outputContent`The current session is valid but needs refresh. Refreshing...`);
-    try {
-      newSession = await refreshTokens(fqdnSession.identity, applications, fqdn);
-    } catch (error) {
-      if (error instanceof InvalidGrantError) {
-        throwOnNoPrompt();
-        newSession = await executeCompleteFlow(applications, fqdn);
-      } else if (error instanceof InvalidRequestError) {
-        await remove();
-        throw new AbortError("\nError validating auth session", "We've cleared the current session, please try again");
-      } else {
-        throw error;
-      }
-    }
-  }
-  const completeSession = { ...currentSession, ...newSession };
-  if (Object.keys(newSession).length > 0)
-    await store(completeSession);
-  const tokens = await tokensFor(applications, completeSession, fqdn);
-  const envToken = getPartnersToken();
-  if (envToken && applications.partnersApi) {
-    tokens.partners = (await exchangeCustomPartnerToken(envToken)).accessToken;
-  }
-  if (!envToken && tokens.partners) {
-    await ensureUserHasPartnerAccount(tokens.partners);
-  }
-  return tokens;
-}
-async function executeCompleteFlow(applications, identityFqdn2) {
-  const scopes = getFlattenScopes(applications);
-  const exchangeScopes = getExchangeScopes(applications);
-  const store2 = applications.adminApi?.storeFqdn;
-  if (firstPartyDev()) {
-    outputDebug(outputContent`Authenticating as Shopify Employee...`);
-    scopes.push("employee");
-  }
-  let identityToken;
-  const identityTokenInformation = getIdentityTokenInformation();
-  if (identityTokenInformation) {
-    identityToken = buildIdentityTokenFromEnv(scopes, identityTokenInformation);
-  } else if (useDeviceAuth()) {
-    outputDebug(outputContent`Requesting device authorization code...`);
-    const deviceAuth = await requestDeviceAuthorization(scopes);
-    outputDebug(outputContent`Starting polling for the identity token...`);
-    identityToken = await pollForDeviceAuthorization(deviceAuth.deviceCode, deviceAuth.interval);
-  } else {
-    outputDebug(outputContent`Authorizing through Identity's website...`);
-    const code = await authorize(scopes);
-    outputDebug(outputContent`Authorization code received. Exchanging it for a CLI token...`);
-    identityToken = await exchangeCodeForAccessToken(code);
-  }
-  outputDebug(outputContent`CLI token received. Exchanging it for application tokens...`);
-  const result = await exchangeAccessForApplicationTokens(identityToken, exchangeScopes, store2);
-  const session = {
-    [identityFqdn2]: {
-      identity: identityToken,
-      applications: result
-    }
-  };
-  outputCompleted("Logged in.");
-  return session;
-}
-async function ensureUserHasPartnerAccount(partnersToken) {
-  if (isTruthy(process.env.USE_APP_MANAGEMENT_API))
-    return;
-  outputDebug(outputContent`Verifying that the user has a Partner organization`);
-  if (!await hasPartnerAccount(partnersToken)) {
-    outputInfo(`
-A Shopify Partners organization is needed to proceed.`);
-    outputInfo(`\u{1F449} Press any key to create one`);
-    await keypress();
-    await openURL(`https://${await partnersFqdn()}/signup`);
-    outputInfo(outputContent`👉 Press any key when you have ${outputToken.cyan("created the organization")}`);
-    outputWarn(outputContent`Make sure you've confirmed your Shopify and the Partner organization from the email`);
-    await keypress();
-    if (!await hasPartnerAccount(partnersToken)) {
-      throw new AbortError(
-        `Couldn't find your Shopify Partners organization`,
-        `Have you confirmed your accounts from the emails you received?`
-      );
-    }
-  }
-}
-var getFirstOrganization = gql`
-  {
-    organizations(first: 1) {
-      nodes {
-        id
-      }
-    }
-  }
-`;
-async function hasPartnerAccount(partnersToken) {
-  try {
-    await partnersRequest(getFirstOrganization, partnersToken);
-    return true;
-  } catch (error) {
-    if (error instanceof RequestClientError && error.statusCode === 404) {
-      return false;
-    } else {
-      return true;
-    }
-  }
-}
-async function refreshTokens(token, applications, fqdn) {
-  const identityToken = await refreshAccessToken(token);
-  const exchangeScopes = getExchangeScopes(applications);
-  const applicationTokens = await exchangeAccessForApplicationTokens(
-    identityToken,
-    exchangeScopes,
-    applications.adminApi?.storeFqdn
-  );
-  return {
-    [fqdn]: {
-      identity: identityToken,
-      applications: applicationTokens
-    }
-  };
-}
-async function tokensFor(applications, session, fqdn) {
-  const fqdnSession = session[fqdn];
-  if (!fqdnSession) {
-    throw new BugError("No session found after ensuring authenticated");
-  }
-  const tokens = {};
-  if (applications.adminApi) {
-    const appId = applicationId("admin");
-    const realAppId = `${applications.adminApi.storeFqdn}-${appId}`;
-    const token = fqdnSession.applications[realAppId]?.accessToken;
-    if (token) {
-      tokens.admin = { token, storeFqdn: applications.adminApi.storeFqdn };
-    }
-  }
-  if (applications.partnersApi) {
-    const appId = applicationId("partners");
-    tokens.partners = fqdnSession.applications[appId]?.accessToken;
-  }
-  if (applications.storefrontRendererApi) {
-    const appId = applicationId("storefront-renderer");
-    tokens.storefront = fqdnSession.applications[appId]?.accessToken;
-  }
-  if (applications.businessPlatformApi) {
-    const appId = applicationId("business-platform");
-    tokens.businessPlatform = fqdnSession.applications[appId]?.accessToken;
-  }
-  if (applications.appManagementApi) {
-    const appId = applicationId("app-management");
-    tokens.appManagement = fqdnSession.applications[appId]?.accessToken;
-  }
-  return tokens;
-}
-function getFlattenScopes(apps) {
-  const admin = apps.adminApi?.scopes || [];
-  const partner = apps.partnersApi?.scopes || [];
-  const storefront = apps.storefrontRendererApi?.scopes || [];
-  const businessPlatform = apps.businessPlatformApi?.scopes || [];
-  const appManagement = apps.appManagementApi?.scopes || [];
-  const requestedScopes = [...admin, ...partner, ...storefront, ...businessPlatform, ...appManagement];
-  return allDefaultScopes(requestedScopes);
-}
-function getExchangeScopes(apps) {
-  const adminScope = apps.adminApi?.scopes || [];
-  const partnerScope = apps.partnersApi?.scopes || [];
-  const storefrontScopes = apps.storefrontRendererApi?.scopes || [];
-  const businessPlatformScopes = apps.businessPlatformApi?.scopes || [];
-  const appManagementScopes = apps.appManagementApi?.scopes || [];
-  return {
-    admin: apiScopes("admin", adminScope),
-    partners: apiScopes("partners", partnerScope),
-    storefront: apiScopes("storefront-renderer", storefrontScopes),
-    businessPlatform: apiScopes("business-platform", businessPlatformScopes),
-    appManagement: apiScopes("app-management", appManagementScopes)
-  };
-}
-function buildIdentityTokenFromEnv(scopes, identityTokenInformation) {
-  return {
-    ...identityTokenInformation,
-    expiresAt: new Date(Date.now() + 30 * 24 * 60 * 60 * 1e3),
-    scopes
-  };
-}
-
-// ../cli-kit/src/public/node/session.ts
-async function ensureAuthenticatedPartners(scopes = [], env = process.env, options = {}) {
-  outputDebug(outputContent`Ensuring that the user is authenticated with the Partners API with the following scopes:
-${outputToken.json(scopes)}
-`);
-  const envToken = getPartnersToken();
-  if (envToken) {
-    return (await exchangeCustomPartnerToken(envToken)).accessToken;
-  }
-  const tokens = await ensureAuthenticated({ partnersApi: { scopes } }, env, options);
-  if (!tokens.partners) {
-    throw new BugError("No partners token found after ensuring authenticated");
-  }
-  return tokens.partners;
-}
-async function ensureAuthenticatedAppManagement(scopes = [], env = process.env, options = {}) {
-  outputDebug(outputContent`Ensuring that the user is authenticated with the App Management API with the following scopes:
-${outputToken.json(scopes)}
-`);
-  const tokens = await ensureAuthenticated({ appManagementApi: { scopes } }, env, options);
-  if (!tokens) {
-    throw new BugError("No App Management token found after ensuring authenticated");
-  }
-  return tokens.appManagement;
-}
-async function ensureAuthenticatedStorefront(scopes = [], password = void 0, forceRefresh = false) {
-  if (password)
-    return password;
-  outputDebug(outputContent`Ensuring that the user is authenticated with the Storefront API with the following scopes:
-${outputToken.json(scopes)}
-`);
-  const tokens = await ensureAuthenticated({ storefrontRendererApi: { scopes } }, process.env, { forceRefresh });
-  if (!tokens.storefront) {
-    throw new BugError("No storefront token found after ensuring authenticated");
-  }
-  return tokens.storefront;
-}
-async function ensureAuthenticatedAdmin(store2, scopes = [], forceRefresh = false, options = {}) {
-  outputDebug(outputContent`Ensuring that the user is authenticated with the Admin API with the following scopes for the store ${outputToken.raw(
-    store2
-  )}:
-${outputToken.json(scopes)}
-`);
-  const tokens = await ensureAuthenticated({ adminApi: { scopes, storeFqdn: store2 } }, process.env, {
-    forceRefresh,
-    ...options
-  });
-  if (!tokens.admin) {
-    throw new BugError("No admin token found after ensuring authenticated");
-  }
-  return tokens.admin;
-}
-async function ensureAuthenticatedThemes(store2, password, scopes = [], forceRefresh = false) {
-  outputDebug(outputContent`Ensuring that the user is authenticated with the Theme API with the following scopes:
-${outputToken.json(scopes)}
-`);
-  if (password)
-    return { token: password, storeFqdn: await normalizeStoreFqdn(store2) };
-  return ensureAuthenticatedAdmin(store2, scopes, forceRefresh);
-}
-async function ensureAuthenticatedBusinessPlatform(scopes = []) {
-  outputDebug(outputContent`Ensuring that the user is authenticated with the Business Platform API with the following scopes:
-${outputToken.json(scopes)}
-`);
-  const tokens = await ensureAuthenticated({ businessPlatformApi: { scopes } }, process.env);
-  if (!tokens.businessPlatform) {
-    throw new BugError("No business-platform token found after ensuring authenticated");
-  }
-  return tokens.businessPlatform;
-}
-function logout() {
-  return remove();
-}
-
-// src/cli/commands/auth/logout.ts
-var Logout = class extends base_command_default {
-  static {
-    this.description = "Logs you out of the Shopify account or Partner account and store.";
-  }
-  async run() {
-    await logout();
-    outputSuccess("Logged out from Shopify");
-  }
-};
-
-export {
-  partnersFqdn,
-  appManagementFqdn,
-  businessPlatformFqdn,
-  normalizeStoreFqdn,
-  ok,
-  err,
-  graphqlRequest,
-  graphqlRequestDoc,
-  partnersRequest,
-  partnersRequestDoc,
-  FunctionUploadUrlGenerateMutation,
-  handleDeprecations,
-  ensureAuthenticatedPartners,
-  ensureAuthenticatedAppManagement,
-  ensureAuthenticatedStorefront,
-  ensureAuthenticatedAdmin,
-  ensureAuthenticatedThemes,
-  ensureAuthenticatedBusinessPlatform,
-  logout,
-  Logout
-};
-//# sourceMappingURL=chunk-XSKJYEAZ.js.map