From 6f0ec24d0b220f4ba6f3460392c2ae6fc3b4d998 Mon Sep 17 00:00:00 2001
From: mshanemc <shane.mclaughlin@salesforce.com>
Date: Mon, 14 Dec 2020 11:53:21 -0600
Subject: [PATCH] fix: accessToken works as username

---
 src/authInfo.ts            |  6 +++---
 src/user.ts                |  4 ++++
 src/util/sfdc.ts           |  9 +++++++++
 test/unit/util/sfdcTest.ts | 13 +++++++++++++
 4 files changed, 29 insertions(+), 3 deletions(-)

diff --git a/src/authInfo.ts b/src/authInfo.ts
index ebd22ae08e..1fa213ee8e 100644
--- a/src/authInfo.ts
+++ b/src/authInfo.ts
@@ -42,6 +42,7 @@ import { Global } from './global';
 import { Logger } from './logger';
 import { SfdxError, SfdxErrorConfig } from './sfdxError';
 import { fs } from './util/fs';
+import { sfdc } from './util/sfdc';
 
 /**
  * Fields for authorization, org, and local information.
@@ -758,8 +759,7 @@ export class AuthInfo extends AsyncCreatable<AuthInfo.Options> {
     this.fields.username = this.options.username || getString(options, 'username') || undefined;
 
     // If the username is an access token, use that for auth and don't persist
-    const accessTokenMatch = isString(this.fields.username) && this.fields.username.match(/^(00D\w{12,15})![.\w]*$/);
-    if (accessTokenMatch) {
+    if (isString(this.fields.username) && sfdc.matchesAccessToken(this.fields.username)) {
       // Need to initAuthOptions the logger and authInfoCrypto since we don't call init()
       this.logger = await Logger.child('AuthInfo');
       this.authInfoCrypto = await AuthInfoCrypto.create({
@@ -772,7 +772,7 @@ export class AuthInfo extends AsyncCreatable<AuthInfo.Options> {
       this.update({
         accessToken: this.options.username,
         instanceUrl,
-        orgId: accessTokenMatch[1],
+        orgId: this.fields.username.split('!')[0],
       });
 
       this.usingAccessToken = true;
diff --git a/src/user.ts b/src/user.ts
index a11af810ee..da4e2a1ca2 100644
--- a/src/user.ts
+++ b/src/user.ts
@@ -75,6 +75,10 @@ async function retrieveUserFields(logger: Logger, username: string): Promise<Use
     authInfo: await AuthInfo.create({ username }),
   });
 
+  if (sfdc.matchesAccessToken(username)) {
+    username = (await connection.identity()).username;
+  }
+
   const fromFields = Object.keys(REQUIRED_FIELDS).map(upperFirst);
   const requiredFieldsFromAdminQuery = `SELECT ${fromFields} FROM User WHERE Username='${username}'`;
   const result: QueryResult<string[]> = await connection.query<string[]>(requiredFieldsFromAdminQuery);
diff --git a/src/util/sfdc.ts b/src/util/sfdc.ts
index a0bda60be9..9120920301 100644
--- a/src/util/sfdc.ts
+++ b/src/util/sfdc.ts
@@ -111,4 +111,13 @@ export const sfdc = {
     });
     return key;
   },
+
+  /**
+   * Tests whether a given string is an access token
+   *
+   * @param value
+   */
+  matchesAccessToken: (value: string): boolean => {
+    return value.match(/^(00D\w{12,15})![.\w]*$/) !== null;
+  },
 };
diff --git a/test/unit/util/sfdcTest.ts b/test/unit/util/sfdcTest.ts
index 70ca8b9bf0..c01f447b99 100644
--- a/test/unit/util/sfdcTest.ts
+++ b/test/unit/util/sfdcTest.ts
@@ -134,4 +134,17 @@ describe('util/sfdc', () => {
       expect(sfdc.findUpperCaseKeys(testObj, ['nested'])).to.equal(undefined);
     });
   });
+
+  describe('matchesAccessToken', () => {
+    it('should return true for a valid access token', () => {
+      expect(
+        sfdc.matchesAccessToken(
+          '00D0t000000HkBf!AQ8AQAuHh7lXOFdOA202PMQuGflRrtUkVIfSNK1BrWLlJTJuvypx3r8dLONoJdniYKap1nsTlbxRbbGDqT6r2Rze_Ii5no2y'
+        )
+      ).to.equal(true);
+    });
+    it('should return false for an invalid access token', () => {
+      expect(sfdc.matchesAccessToken('iamjustaregularusername@example.com')).to.equal(false);
+    });
+  });
 });