From 470167f90482b7455296b8897cd5fd2df05ed22d Mon Sep 17 00:00:00 2001
From: Remco Lakens <remco.lakens@gmail.com>
Date: Mon, 27 Jan 2025 15:21:41 +0100
Subject: [PATCH 1/2] feat: add new auth api calls

---
 bruno/api/.env.sample                         |  7 ++-
 bruno/api/auth/Anonymous session flow.bru     | 47 +++++++++++++++++
 ...Credentials.bru => Client credentials.bru} | 16 +++---
 bruno/api/auth/Password flow.bru              | 50 +++++++++++++++++++
 bruno/api/environments/DotEnv.bru             |  4 +-
 bruno/api/environments/Example.bru            |  4 ++
 6 files changed, 117 insertions(+), 11 deletions(-)
 create mode 100644 bruno/api/auth/Anonymous session flow.bru
 rename bruno/api/auth/{clientCredentials.bru => Client credentials.bru} (97%)
 create mode 100644 bruno/api/auth/Password flow.bru

diff --git a/bruno/api/.env.sample b/bruno/api/.env.sample
index 1cfb6ea05..ebf6d8bec 100644
--- a/bruno/api/.env.sample
+++ b/bruno/api/.env.sample
@@ -1,4 +1,7 @@
+CTP_AUTH_URL=https://auth.europe-west1.gcp.commercetools.com
+CTP_API_URL=https://api.europe-west1.gcp.commercetools.com
+CTP_PROJECT_KEY=
 CTP_CLIENT_ID=
 CTP_CLIENT_SECRET=
-CTP_API_URL=https://api.europe-west1.gcp.commercetools.com
-CTP_AUTH_URL=https://auth.europe-west1.gcp.commercetools.com
+USERNAME=
+PASSWORD=
\ No newline at end of file
diff --git a/bruno/api/auth/Anonymous session flow.bru b/bruno/api/auth/Anonymous session flow.bru
new file mode 100644
index 000000000..9be9be721
--- /dev/null
+++ b/bruno/api/auth/Anonymous session flow.bru	
@@ -0,0 +1,47 @@
+meta {
+  name: Anonymous session flow
+  type: http
+  seq: 3
+}
+
+post {
+  url: {{authUrl}}/oauth/{{project-key}}/anonymous/token
+  body: formUrlEncoded
+  auth: basic
+}
+
+auth:basic {
+  username: {{ctp_client_id}}
+  password: {{ctp_client_secret}}
+}
+
+body:form-urlencoded {
+  grant_type: client_credentials
+}
+
+assert {
+  res.status: eq 200
+}
+
+script:post-response {
+  if(res.status == 200) {
+    var data = res.body;
+    if(data.access_token){
+      bru.setEnvVar("ctp_access_token", data.access_token, true);
+    }
+  
+    if (data.scope) {
+      parts = data.scope.split(" ");
+      parts = parts.filter(scope => scope.includes(":")).map(scope => scope.split(":"))
+      if (parts.length > 0) {
+          scopeParts = parts[0];
+          bru.setEnvVar("project-key", scopeParts[1]);
+          parts = parts.filter(scope => scope.length >= 3)
+          if (parts.length > 0) {
+              scopeParts = parts[0];
+              bru.setEnvVar("store-key", scopeParts[2]);
+          }
+      }
+    }
+  }
+}
diff --git a/bruno/api/auth/clientCredentials.bru b/bruno/api/auth/Client credentials.bru
similarity index 97%
rename from bruno/api/auth/clientCredentials.bru
rename to bruno/api/auth/Client credentials.bru
index c3e30eee8..74cf1f5f3 100644
--- a/bruno/api/auth/clientCredentials.bru
+++ b/bruno/api/auth/Client credentials.bru	
@@ -1,5 +1,5 @@
 meta {
-  name: Client Credentials
+  name: Client credentials
   type: http
   seq: 1
 }
@@ -10,13 +10,17 @@ post {
   auth: basic
 }
 
+auth:basic {
+  username: {{ctp_client_id}}
+  password: {{ctp_client_secret}}
+}
+
 body:form-urlencoded {
   grant_type: client_credentials
 }
 
-auth:basic {
-  username: {{ctp_client_id}}
-  password: {{ctp_client_secret}}
+assert {
+  res.status: eq 200
 }
 
 script:post-response {
@@ -41,7 +45,3 @@ script:post-response {
     }
   }
 }
-
-assert {
-  res.status: eq 200
-}
diff --git a/bruno/api/auth/Password flow.bru b/bruno/api/auth/Password flow.bru
new file mode 100644
index 000000000..c90cbe9a2
--- /dev/null
+++ b/bruno/api/auth/Password flow.bru	
@@ -0,0 +1,50 @@
+meta {
+  name: Password flow
+  type: http
+  seq: 2
+}
+
+post {
+  url: {{authUrl}}/oauth/{{project-key}}/customers/token
+  body: formUrlEncoded
+  auth: basic
+}
+
+auth:basic {
+  username: {{ctp_client_id}}
+  password: {{ctp_client_secret}}
+}
+
+body:form-urlencoded {
+  grant_type: password
+  username: {{username}}
+  password: {{password}}
+  scope: manage_my_profile:{{project-key}} manage_my_orders:{{project-key}}
+}
+
+assert {
+  res.status: eq 200
+}
+
+script:post-response {
+  if(res.status == 200) {
+    var data = res.body;
+    if(data.access_token){
+      bru.setEnvVar("ctp_access_token", data.access_token, true);
+    }
+  
+    if (data.scope) {
+      parts = data.scope.split(" ");
+      parts = parts.filter(scope => scope.includes(":")).map(scope => scope.split(":"))
+      if (parts.length > 0) {
+          scopeParts = parts[0];
+          bru.setEnvVar("project-key", scopeParts[1]);
+          parts = parts.filter(scope => scope.length >= 3)
+          if (parts.length > 0) {
+              scopeParts = parts[0];
+              bru.setEnvVar("store-key", scopeParts[2]);
+          }
+      }
+    }
+  }
+}
diff --git a/bruno/api/environments/DotEnv.bru b/bruno/api/environments/DotEnv.bru
index 59e5fcfec..19592b440 100644
--- a/bruno/api/environments/DotEnv.bru
+++ b/bruno/api/environments/DotEnv.bru
@@ -1,9 +1,11 @@
 vars {
   authUrl: {{process.env.CTP_AUTH_URL}}
   apiUrl: {{process.env.CTP_API_URL}}
-  project-key:
+  project-key: {{process.env.CTP_PROJECT_KEY}}
   ctp_client_id: {{process.env.CTP_CLIENT_ID}}
   ctp_client_secret: {{process.env.CTP_CLIENT_SECRET}}
+  username: {{process.env.USERNAME}}
+  password: {{process.env.PASSWORD}}!
 }
 vars:secret [
   ctp_access_token
diff --git a/bruno/api/environments/Example.bru b/bruno/api/environments/Example.bru
index 074a60aae..42906ca76 100644
--- a/bruno/api/environments/Example.bru
+++ b/bruno/api/environments/Example.bru
@@ -2,6 +2,10 @@ vars {
   authUrl: https://auth.europe-west1.gcp.commercetools.com
   apiUrl: https://api.europe-west1.gcp.commercetools.com
   project-key:
+  ctp_client_id:
+  ctp_client_secret:
+  username:
+  password:
 }
 vars:secret [
   ctp_client_id,

From b9dc06ab1bc51fa22ec516a0fd196d6b3c9de4d5 Mon Sep 17 00:00:00 2001
From: Remco Lakens <remco.lakens@gmail.com>
Date: Mon, 24 Feb 2025 15:35:24 +0100
Subject: [PATCH 2/2] chore: undo changes

---
 bruno/api/auth/Client credentials.bru | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/bruno/api/auth/Client credentials.bru b/bruno/api/auth/Client credentials.bru
index 74cf1f5f3..c46d71ef5 100644
--- a/bruno/api/auth/Client credentials.bru	
+++ b/bruno/api/auth/Client credentials.bru	
@@ -1,5 +1,5 @@
 meta {
-  name: Client credentials
+  name: Client Credentials
   type: http
   seq: 1
 }
@@ -10,17 +10,13 @@ post {
   auth: basic
 }
 
-auth:basic {
-  username: {{ctp_client_id}}
-  password: {{ctp_client_secret}}
-}
-
 body:form-urlencoded {
   grant_type: client_credentials
 }
 
-assert {
-  res.status: eq 200
+auth:basic {
+  username: {{ctp_client_id}}
+  password: {{ctp_client_secret}}
 }
 
 script:post-response {
@@ -29,7 +25,7 @@ script:post-response {
     if(data.access_token){
       bru.setEnvVar("ctp_access_token", data.access_token, true);
     }
-  
+
     if (data.scope) {
       parts = data.scope.split(" ");
       parts = parts.filter(scope => scope.includes(":")).map(scope => scope.split(":"))
@@ -45,3 +41,7 @@ script:post-response {
     }
   }
 }
+
+assert {
+  res.status: eq 200
+}
\ No newline at end of file