don’t attempt login flow when api key is set (#79)

heroku · Feb 18, 2021 · b9db1c1 · b9db1c1
1 parent cdf2287
commit b9db1c1
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 0 deletions.
diff --git a/src/api-client.ts b/src/api-client.ts
@@ -123,6 +123,9 @@ export class APIClient {
           if (!(err instanceof deps.HTTP.HTTPError)) throw err
           if (retries > 0) {
             if (opts.retryAuth !== false && err.http.statusCode === 401 && err.body.id === 'unauthorized') {
+              if (process.env.HEROKU_API_KEY) {
+                throw new Error('The token provided to HEROKU_API_KEY is invalid. Please double-check that you have the correct token, or run `heroku login` without HEROKU_API_KEY set.')
+              }
               if (!self.authPromise) self.authPromise = self.login()
               await self.authPromise
               opts.headers.authorization = `Bearer ${self.auth}`

diff --git a/test/api-client.test.ts b/test/api-client.test.ts
@@ -75,6 +75,24 @@ describe('api_client', () => {
       })
   })
 
+  describe('with HEROKU_API_KEY', () => {
+    test
+      .it('errors out before attempting a login when HEROKU_API_KEY is set, but invalid', async ctx => {
+        process.env.HEROKU_API_KEY = 'blah'
+        api = nock('https://api.heroku.com', {
+          reqheaders: {Authorization: 'Bearer blah'}
+        })
+        api.get('/account').reply(401, {id: 'unauthorized'})
+
+        const cmd = new Command([], ctx.config)
+        try {
+          await cmd.heroku.get('/account')
+        } catch (error) {
+          expect(error.message).to.equal('The token provided to HEROKU_API_KEY is invalid. Please double-check that you have the correct token, or run `heroku login` without HEROKU_API_KEY set.')
+        }
+      })
+  })
+
   describe('with HEROKU_HOST', () => {
     test
       .it('makes an HTTP request with HEROKU_HOST', async ctx => {