From 159c1c70f15b421c5bc2e2ead301a19a273036de Mon Sep 17 00:00:00 2001 From: Esteban Romero Date: Thu, 15 Jan 2026 11:56:41 -0300 Subject: [PATCH] fix: add finally block to refresh access token --- src/client/metadataApiDeploy.ts | 9 ++++----- test/client/metadataApiDeploy.test.ts | 9 +++++++++ 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/src/client/metadataApiDeploy.ts b/src/client/metadataApiDeploy.ts index 7603dbde9..9c2eb20a3 100644 --- a/src/client/metadataApiDeploy.ts +++ b/src/client/metadataApiDeploy.ts @@ -531,6 +531,10 @@ const compileAABComponents = async (connection: Connection, aabComponents: Sourc ]; } throw error; + } finally { + // regardless of success or failure, we don't need the named user jwt access token anymore + delete connection.accessToken; + await connection.refreshAuth(); } }) ); @@ -546,11 +550,6 @@ const compileAABComponents = async (connection: Connection, aabComponents: Sourc message: `${EOL}${errors.join(EOL)}`, name: 'AgentCompilationError', }); - } else { - // everything successfully compiled - // stop using named user jwt access token - delete connection.accessToken; - await connection.refreshAuth(); } }; diff --git a/test/client/metadataApiDeploy.test.ts b/test/client/metadataApiDeploy.test.ts index 29ea9b838..dc434cd0e 100644 --- a/test/client/metadataApiDeploy.test.ts +++ b/test/client/metadataApiDeploy.test.ts @@ -1445,6 +1445,7 @@ describe('MetadataApiDeploy', () => { const connection = await testOrg.getConnection(); const readFileStub = $$.SANDBOX.stub(fs.promises, 'readFile').resolves(agentContent); + const refreshAuthStub = $$.SANDBOX.stub(Connection.prototype, 'refreshAuth').resolves(); $$.SANDBOX.stub(connection, 'getConnectionOptions').returns({ accessToken: 'test-access-token', @@ -1488,6 +1489,8 @@ describe('MetadataApiDeploy', () => { expect(callCount).to.be.at.least(2); // Verify URL uses production endpoint when SF_TEST_API is not set expect(compileUrl).to.equal('https://api.salesforce.com/einstein/ai-agent/v1.1/authoring/scripts'); + // Regardless of success or failure, compileAABComponents should refresh auth. + expect(refreshAuthStub.calledOnce).to.be.true; }); it('should not throw error when compilation succeeds', async () => { @@ -1496,6 +1499,7 @@ describe('MetadataApiDeploy', () => { // Stub retrieveMaxApiVersion on prototype before getting connection $$.SANDBOX.stub(Connection.prototype, 'retrieveMaxApiVersion').resolves('60.0'); + const refreshAuthStub = $$.SANDBOX.stub(Connection.prototype, 'refreshAuth').resolves(); const connection = await testOrg.getConnection(); const readFileStub = $$.SANDBOX.stub(fs.promises, 'readFile').resolves(agentContent); @@ -1530,6 +1534,8 @@ describe('MetadataApiDeploy', () => { expect(callCount).to.be.at.least(2); // Verify URL uses production endpoint when SF_TEST_API is not set expect(compileUrl).to.equal('https://api.salesforce.com/einstein/ai-agent/v1.1/authoring/scripts'); + // Regardless of success or failure, compileAABComponents should refresh auth. + expect(refreshAuthStub.calledOnce).to.be.true; }); it('should not compile when no AABs present in component set', async () => { @@ -1669,6 +1675,7 @@ describe('MetadataApiDeploy', () => { // Stub retrieveMaxApiVersion on prototype before getting connection $$.SANDBOX.stub(Connection.prototype, 'retrieveMaxApiVersion').resolves('60.0'); + const refreshAuthStub = $$.SANDBOX.stub(Connection.prototype, 'refreshAuth').resolves(); const connection = await testOrg.getConnection(); const readFileStub = $$.SANDBOX.stub(fs.promises, 'readFile').resolves(agentContent); @@ -1705,6 +1712,8 @@ describe('MetadataApiDeploy', () => { expect((e as Error).name).to.equal('ERROR_HTTP_404'); expect((e as SfError).actions!.length).to.equal(2); } + // Regardless of success or failure, compileAABComponents should refresh auth. + expect(refreshAuthStub.calledOnce).to.be.true; }); it('should not compile when SF_AAB_COMPILATION=false', async () => {