Shopify · d-koval · May 5, 2021 · May 4, 2021 · May 5, 2021 · tanema
diff --git a/src/httpify/client.go b/src/httpify/client.go
@@ -15,6 +15,8 @@ import (
 	"github.com/Shopify/themekit/src/release"
 )
 
+const themeKitPasswordPrefix = "shptka_"
+
 var (
 	// ErrConnectionIssue is an error that is thrown when a very specific error is
 	// returned from our http request that usually implies bad connections.
@@ -27,6 +29,7 @@ var (
 	httpClient = &http.Client{
 		Timeout: 30 * time.Second,
 	}
+	themeKitAccessURL = "https://theme-kit-access.shopifyapps.com/cli"
 )
 
 type proxyHandler func(*http.Request) (*url.URL, error)
@@ -103,7 +106,15 @@ func (client *HTTPClient) Delete(path string, headers map[string]string) (*http.
 
 // do will issue an authenticated json request to shopify.
 func (client *HTTPClient) do(method, path string, body interface{}, headers map[string]string) (*http.Response, error) {
-	req, err := http.NewRequest(method, client.baseURL.String()+path, nil)
+	appBaseURL := client.baseURL.String()
+
+	// redirect to Theme Kit Access
+	if strings.HasPrefix(client.password, themeKitPasswordPrefix) {
+		appBaseURL = themeKitAccessURL
+	}
+
+	req, err := http.NewRequest(method, appBaseURL+path, nil)
+
 	if err != nil {
 		return nil, err
 	}
@@ -112,6 +123,9 @@ func (client *HTTPClient) do(method, path string, body interface{}, headers map[
 	req.Header.Add("Content-Type", "application/json")
 	req.Header.Add("Accept", "application/json")
 	req.Header.Add("User-Agent", fmt.Sprintf("go/themekit (%s; %s; %s)", runtime.GOOS, runtime.GOARCH, release.ThemeKitVersion.String()))
+	if strings.HasPrefix(client.password, themeKitPasswordPrefix) {
+		req.Header.Add("X-Shopify-Shop", client.domain)
+	}
 	for label, value := range headers {
 		req.Header.Add(label, value)
 	}

diff --git a/src/httpify/client_test.go b/src/httpify/client_test.go
@@ -141,6 +141,50 @@ func TestClient_do(t *testing.T) {
 	_, err = client.do("POST", "/assets.json", body, nil)
 	assert.Contains(t, err.Error(), "request failed after 1 retries", server.URL)
 	server.Close()
+
+	// Client should query Theme Kit Access server instead of Shopify when password starts with a prefix "shptka_"
+	shopifyServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}))
+
+	themeKitAccessServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		assert.Equal(t, r.Header.Get("X-Shopify-Shop"), client.domain)
+	}))
+
+	client, err = NewClient(Params{
+		Domain:   shopifyServer.URL,
+		Password: "shptka_00000000000000000000000000000000",
+	})
+	themeKitAccessURL = themeKitAccessServer.URL
+
+	assert.NotNil(t, client)
+	assert.Nil(t, err)
+
+	resp, err = client.Post("/assets.json", body, map[string]string{"X-Custom-Header": "Checksum"})
+	assert.Nil(t, err)
+	assert.NotNil(t, resp)
+
+	server.Close()
+
+	// Client should query Shopify instead of Theme Kit Access server when password has no specified prefix
+	shopifyServer = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		assert.Empty(t, r.Header.Get("X-Shopify-Shop"))
+	}))
+
+	themeKitAccessServer = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}))
+
+	client, err = NewClient(Params{
+		Domain:   shopifyServer.URL,
+		Password: "secret_password",
+	})
+	themeKitAccessURL = themeKitAccessServer.URL
+
+	assert.NotNil(t, client)
+	assert.Nil(t, err)
+
+	resp, err = client.Post("/assets.json", body, map[string]string{"X-Custom-Header": "Checksum"})
+	assert.Nil(t, err)
+	assert.NotNil(t, resp)
+
+	server.Close()
 }
 
 func TestGenerateHTTPAdapter(t *testing.T) {