Don't delete session on 401 error

CHANGELOG.md

@@ -1,5 +1,6 @@
 Unreleased
 ----------
+* Patch - Don't delete session on 401 errors during retry in `with_token_refetch` [#1844](https://github.com/Shopify/shopify_app/pull/1844)
 
 22.2.0 (May 2,2024)
 ----------

lib/shopify_app/admin_api/with_token_refetch.rb

@@ -11,8 +11,7 @@ def with_token_refetch(session, shopify_id_token)
           ShopifyApp::Logger.debug("Encountered error: #{error.code} - #{error.response.inspect}, re-raising")
         elsif retrying
           ShopifyApp::Logger.debug("Shopify API returned a 401 Unauthorized error that was not corrected " \
-            "with token exchange, deleting current session and re-raising")
-          ShopifyApp::SessionRepository.delete_session(session.id)
+            "with token exchange, re-raising error")
         else
           retrying = true
           ShopifyApp::Logger.debug("Shopify API returned a 401 Unauthorized error, exchanging token and " \

test/shopify_app/admin_api/with_token_refetch_test.rb

@@ -55,7 +55,7 @@ def setup
     assert_equal @new_session.expires, @session.expires
   end
 
-  test "#with_token_refetch deletes existing token and re-raises when 401 persists" do
+  test "#with_token_refetch re-raises when 401 persists" do
     response = ShopifyAPI::Clients::HttpResponse.new(code: 401, body: "401 message", headers: {})
     api_error = ShopifyAPI::Errors::HttpResponseError.new(response: response)
 
@@ -67,8 +67,7 @@ def setup
       "and retrying with new session")
 
     ShopifyApp::Logger.expects(:debug).with("Shopify API returned a 401 Unauthorized error that was not corrected " \
-      "with token exchange, deleting current session and re-raising")
-    ShopifyApp::SessionRepository.expects(:delete_session).with("session-id")
+      "with token exchange, re-raising error")
 
     reraised_error = assert_raises ShopifyAPI::Errors::HttpResponseError do
       with_token_refetch(@session, @id_token) do