From debb1365b5ffd7357320713d43bdf75b61f4e97b Mon Sep 17 00:00:00 2001
From: Unchained <unchained@nodecrew.me>
Date: Fri, 27 Mar 2026 06:18:39 +0200
Subject: [PATCH] feat: prefer SALEOR_API_URL env var over stored auth URL

- NormalizingAPL now checks for SALEOR_API_URL env var
- If set, uses env var URL for API calls while keeping stored token
- Enables internal K8s networking without reinstallation
- Makes app portable across different network configurations

The app stores auth data during installation, but at runtime uses
SALEOR_API_URL for API calls. This allows deployment with internal
networking (e.g., http://saleor-api.saleor:8000) while keeping the
same token from installation.
---
 src/saleor-app.ts | 27 +++++++++++++++++++++++++--
 1 file changed, 25 insertions(+), 2 deletions(-)

diff --git a/src/saleor-app.ts b/src/saleor-app.ts
index 81e2045..a5f3361 100644
--- a/src/saleor-app.ts
+++ b/src/saleor-app.ts
@@ -3,7 +3,9 @@ import { SaleorApp } from "@saleor/app-sdk/saleor-app";
 import { FileAPL } from "@saleor/app-sdk/APL/file";
 
 /**
- * APL wrapper that normalizes HTTP to HTTPS for auth data lookups
+ * APL wrapper that:
+ * 1. Normalizes HTTP to HTTPS for auth data lookups (for Cloudflare compatibility)
+ * 2. Prefers SALEOR_API_URL env var over stored auth URL (for internal networking)
  */
 class NormalizingAPL implements APL {
   private apl: FileAPL;
@@ -16,10 +18,31 @@ class NormalizingAPL implements APL {
     return url.replace(/^http:\/\//, "https://");
   }
 
+  /**
+   * Get auth data and optionally override saleorApiUrl with env var
+   */
   async get(saleorApiUrl: string): Promise<AuthData | undefined> {
     const normalizedUrl = this.normalizeUrl(saleorApiUrl);
     console.log(`[NormalizingAPL] Looking up auth for: ${saleorApiUrl} -> ${normalizedUrl}`);
-    return this.apl.get(normalizedUrl);
+    
+    const authData = await this.apl.get(normalizedUrl);
+    
+    if (!authData) {
+      return undefined;
+    }
+
+    // If SALEOR_API_URL is set, prefer it over the stored URL
+    // This enables internal networking (e.g., http://saleor-api.saleor:8000)
+    // while still using the stored token for authentication
+    if (process.env.SALEOR_API_URL) {
+      console.log(`[NormalizingAPL] Using SALEOR_API_URL: ${process.env.SALEOR_API_URL} (env var overrides stored: ${authData.saleorApiUrl})`);
+      return {
+        ...authData,
+        saleorApiUrl: process.env.SALEOR_API_URL,
+      };
+    }
+
+    return authData;
   }
 
   async set(authData: AuthData): Promise<void> {