duodealer_app 1.0.0

data/lib/duodealer_app/managers/webhooks_manager.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  class WebhooksManager
+    class CreationFailed < StandardError; end
+
+    def self.queue(shop_domain, shop_token, webhooks)
+      DuodealerApp::WebhooksManagerJob.perform_later(
+        shop_domain: shop_domain,
+        shop_token: shop_token,
+        webhooks: webhooks
+      )
+    end
+
+    attr_reader :required_webhooks
+
+    def initialize(webhooks)
+      @required_webhooks = webhooks
+    end
+
+    def recreate_webhooks!
+      destroy_webhooks
+      create_webhooks
+    end
+
+    def create_webhooks
+      return if required_webhooks.blank?
+
+      required_webhooks.each do |webhook|
+        create_webhook(webhook) unless webhook_exists?(webhook[:topic])
+      end
+    end
+
+    def destroy_webhooks
+      DuodealerAPI::Webhook.all.to_a.each do |webhook|
+        DuodealerAPI::Webhook.delete(webhook.id) if is_required_webhook?(webhook)
+      end
+
+      @current_webhooks = nil
+    end
+
+    private
+      def is_required_webhook?(webhook)
+        required_webhooks.map { |w| w[:address] }.include? webhook.address
+      end
+
+      def create_webhook(attributes)
+        attributes.reverse_merge!(format: "json")
+        webhook = DuodealerAPI::Webhook.create(attributes)
+        raise CreationFailed, webhook.errors.full_messages.to_sentence unless webhook.persisted?
+        webhook
+      end
+
+      def webhook_exists?(topic)
+        current_webhooks[topic]
+      end
+
+      def current_webhooks
+        @current_webhooks ||= DuodealerAPI::Webhook.all.to_a.index_by(&:topic)
+      end
+  end
+end

data/lib/duodealer_app/middleware/same_site_cookie_middleware.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  class SameSiteCookieMiddleware
+    COOKIE_SEPARATOR = "\n"
+
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      status, headers, body = @app.call(env)
+      user_agent = env["HTTP_USER_AGENT"]
+
+      if headers && headers["Set-Cookie"] &&
+          !SameSiteCookieMiddleware.same_site_none_incompatible?(user_agent) &&
+          DuodealerApp.configuration.enable_same_site_none
+
+        set_cookies = headers["Set-Cookie"]
+          .split(COOKIE_SEPARATOR)
+          .compact
+          .map do |cookie|
+            cookie << "; Secure" if not cookie =~ /;\s*secure/i
+            cookie << "; SameSite=None" unless /;\s*samesite=/i.match?(cookie)
+            cookie
+          end
+
+        headers["Set-Cookie"] = set_cookies.join(COOKIE_SEPARATOR)
+      end
+
+      [status, headers, body]
+    end
+
+    def self.same_site_none_incompatible?(user_agent)
+      sniffer = BrowserSniffer.new(user_agent)
+
+      webkit_same_site_bug?(sniffer) || drops_unrecognized_same_site_cookies?(sniffer)
+    rescue
+      true
+    end
+
+    def self.webkit_same_site_bug?(sniffer)
+      (sniffer.os == :ios && sniffer.os_version.match(/^([0-9]|1[12])[\.\_]/)) ||
+        (sniffer.os == :mac && sniffer.browser == :safari && sniffer.os_version.match(/^10[\.\_]14/))
+    end
+
+    def self.drops_unrecognized_same_site_cookies?(sniffer)
+      (chromium_based?(sniffer) && sniffer.major_browser_version >= 51 && sniffer.major_browser_version <= 66) ||
+        (uc_browser?(sniffer) && !uc_browser_version_at_least?(sniffer: sniffer, major: 12, minor: 13, build: 2))
+    end
+
+    def self.chromium_based?(sniffer)
+      sniffer.browser_name.downcase.match(/chrom(e|ium)/)
+    end
+
+    def self.uc_browser?(sniffer)
+      sniffer.user_agent.downcase.match(/uc\s?browser/)
+    end
+
+    def self.uc_browser_version_at_least?(sniffer:, major:, minor:, build:)
+      digits = sniffer.browser_version.split(".").map(&:to_i)
+      return false unless digits.count >= 3
+
+      return digits[0] > major if digits[0] != major
+      return digits[1] > minor if digits[1] != minor
+      digits[2] >= build
+    end
+  end
+end

data/lib/duodealer_app/session/in_memory_session_store.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  class InMemorySessionStore
+    class EnvironmentError < StandardError; end
+
+    def self.retrieve(id)
+      repo[id]
+    end
+
+    def self.store(session, *args)
+      id = SecureRandom.uuid
+      repo[id] = session
+      id
+    end
+
+    def self.clear
+      @@repo = nil
+    end
+
+    def self.repo
+      if Rails.env.production?
+        raise EnvironmentError.new("Cannot use InMemorySessionStore in a Production environment. \
+          Please initialize DuodealerApp with a model that can store and retrieve sessions")
+      end
+      @@repo ||= {}
+    end
+  end
+end

data/lib/duodealer_app/session/session_repository.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  class SessionRepository
+    class ConfigurationError < StandardError; end
+
+    class << self
+      def storage=(storage)
+        @storage = storage
+
+        unless storage.nil? || self.storage.respond_to?(:store) && self.storage.respond_to?(:retrieve)
+          raise ArgumentError, "storage must respond to :store and :retrieve"
+        end
+      end
+
+      delegate :retrieve, to: :storage
+
+      def store(session, *args)
+        storage.store(session, *args)
+      end
+
+      def storage
+        load_storage || raise(ConfigurationError.new("DuodealerSessionRepository.storage is not configured!"))
+      end
+
+      private
+        def load_storage
+          return unless @storage
+          @storage.respond_to?(:safe_constantize) ? @storage.safe_constantize : @storage
+        end
+    end
+  end
+end

data/lib/duodealer_app/session/session_storage.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  module SessionStorage
+    extend ActiveSupport::Concern
+
+    included do
+      if DuodealerApp.configuration.per_user_tokens?
+        extend DuodealerApp::SessionStorage::UserStorageStrategy
+      else
+        extend DuodealerApp::SessionStorage::ShopStorageStrategy
+      end
+
+      validates :duodealer_token, presence: true
+      validates :api_version, presence: true
+      validates :duodealer_domain, presence: true,
+        if: Proc.new { |_| DuodealerApp.configuration.per_user_tokens? }
+      validates :duodealer_domain, presence: true, uniqueness: { case_sensitive: false },
+        if: Proc.new { |_| !DuodealerApp.configuration.per_user_tokens? }
+    end
+
+    def with_duodealer_session(&block)
+      DuodealerAPI::Session.temp(
+        domain: duodealer_domain,
+        token: duodealer_token,
+        api_version: api_version,
+        &block
+      )
+    end
+  end
+end

data/lib/duodealer_app/session/storage_strategies/shop_storage_strategy.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  module SessionStorage
+    module ShopStorageStrategy
+      def store(auth_session, *args)
+        shop = find_or_initialize_by(duodealer_domain: auth_session.domain)
+        shop.duodealer_token = auth_session.token
+        shop.save!
+        shop.id
+      end
+
+      def retrieve(id)
+        return unless id
+        if shop = self.find_by(id: id)
+          DuodealerAPI::Session.new(
+            domain: shop.duodealer_domain,
+            token: shop.duodealer_token,
+            api_version: shop.api_version
+          )
+        end
+      end
+    end
+  end
+end

data/lib/duodealer_app/session/storage_strategies/user_storage_strategy.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  module SessionStorage
+    module UserStorageStrategy
+      def store(auth_session, user)
+        user = find_or_initialize_by(duodealer_user_id: user[:id])
+        user.duodealer_token = auth_session.token
+        user.duodealer_domain = auth_session.domain
+        user.save!
+        user.id
+      end
+
+      def retrieve(id)
+        return unless id
+        if user = self.find_by(duodealer_user_id: id)
+          DuodealerAPI::Session.new(
+            domain: user.duodealer_domain,
+            token: user.duodealer_token,
+            api_version: user.api_version
+          )
+        end
+      end
+    end
+  end
+end

data/lib/duodealer_app/utils.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  module Utils
+    def self.sanitize_shop_domain(shop_domain)
+      name = shop_domain.to_s.downcase.strip
+      name += ".#{DuodealerApp.configuration.duodealer_domain}" if !name.include?("#{DuodealerApp.configuration.duodealer_domain}") && !name.include?(".")
+      name.sub!(%r|https?://|, "")
+
+      u = URI("http://#{name}")
+      u.host if u.host&.match(/^[a-z0-9][a-z0-9\-]*[a-z0-9]\.#{Regexp.escape(DuodealerApp.configuration.duodealer_domain)}$/)
+    rescue URI::InvalidURIError
+      nil
+    end
+
+    def self.fetch_known_api_versions
+      Rails.logger.info("[DuodealerAPI::ApiVersion] Fetching known Admin API Versions from Duo Dealer...")
+      DuodealerAPI::ApiVersion.fetch_known_versions
+      Rails.logger.info("[DuodealerAPI::ApiVersion] Known API Versions: #{DuodealerAPI::ApiVersion.versions.keys}")
+      rescue ActiveResource::ConnectionError
+        logger.error("[DuodealerAPI::ApiVersion] Unable to fetch api_versions from Duo Dealer")
+    end
+  end
+end

data/lib/duodealer_app/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  VERSION = "1.0.0"
+end

data/lib/generators/duodealer_app/add_after_authenticate_job/add_after_authenticate_job_generator.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+require "rails/generators/base"
+
+module DuodealerApp
+  module Generators
+    class AddAfterAuthenticateJobGenerator < Rails::Generators::Base
+      source_root File.expand_path("../templates", __FILE__)
+
+      hook_for :test_framework, as: :job, in: :rails do |instance, generator|
+        instance.invoke generator, [ instance.send(:job_file_name) ]
+      end
+
+      def init_after_authenticate_config
+        initializer = load_initializer
+
+        after_authenticate_job_config =
+          "  config.after_authenticate_job = "\
+          "{ job: \"Duodealer::AfterAuthenticateJob\", inline: false }\n"
+
+        inject_into_file(
+          "config/initializers/duodealer_app.rb",
+          after_authenticate_job_config,
+          before: "end"
+        )
+
+        unless initializer.include?(after_authenticate_job_config)
+          shell.say("Error adding after_authenticate_job to config. Add this line manually: #{after_authenticate_job_config}", :red)
+        end
+      end
+
+      def add_after_authenticate_job
+        template "after_authenticate_job.rb", "app/jobs/#{job_file_name}_job.rb"
+      end
+
+      private
+        def load_initializer
+          File.read(File.join(destination_root, "config/initializers/duodealer_app.rb"))
+        end
+
+        def job_file_name
+          "duodealer/after_authenticate"
+        end
+    end
+  end
+end

data/lib/generators/duodealer_app/add_after_authenticate_job/templates/after_authenticate_job.rb

@@ -0,0 +1,10 @@
+module Duodealer
+  class AfterAuthenticateJob < ActiveJob::Base
+    def perform(shop_domain:)
+      shop = Shop.find_by(duodealer_domain: shop_domain)
+
+      shop.with_duodealer_session do
+      end
+    end
+  end
+end

data/lib/generators/duodealer_app/add_marketing_activity_extension/add_marketing_activity_extension_generator.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+require "rails/generators/base"
+
+module DuodealerApp
+  module Generators
+    class AddMarketingActivityExtensionGenerator < Rails::Generators::Base
+      source_root File.expand_path("../templates", __FILE__)
+
+      def generate_app_extension
+        template "marketing_activities_controller.rb", "app/controllers/marketing_activities_controller.rb"
+        generate_routes
+      end
+
+      private
+        def generate_routes
+          inject_into_file(
+            "config/routes.rb",
+            optimize_indentation(routes, 2),
+            after: "root :to => 'home#index'\n"
+          )
+        end
+
+        def routes
+          <<~EOS
+
+          resource :marketing_activities, only: [:create, :update] do
+            patch :resume
+            patch :pause
+            patch :delete
+            post :republish
+            post :preload_form_data
+            post :preview
+            post :errors
+          end
+          EOS
+        end
+    end
+  end
+end

data/lib/generators/duodealer_app/add_marketing_activity_extension/templates/marketing_activities_controller.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+class MarketingActivitiesController < DuodealerApp::ExtensionVerificationController
+  def preload_form_data
+    preload_data = {
+      "form_data": {}
+    }
+    render(json: preload_data, status: :ok)
+  end
+
+  def update
+    render(json: {}, status: :accepted)
+  end
+
+  def pause
+    render(json: {}, status: :accepted)
+  end
+
+  def resume
+    render(json: {}, status: :accepted)
+  end
+
+  def delete
+    render(json: {}, status: :accepted)
+  end
+
+  def preview
+    placeholder_img = "https://cdn.duodealer.com/s/files/1/0533/2089/files/placeholder-images-image_small.png"
+    preview_response = {
+      "desktop": {
+        "preview_url": placeholder_img,
+        "content_type": "text/html",
+        "width": 360,
+        "height": 200
+      },
+      "mobile": {
+        "preview_url": placeholder_img,
+        "content_type": "text/html",
+        "width": 360,
+        "height": 200
+      }
+    }
+    render(json: preview_response, status: :ok)
+  end
+
+  def create
+    render(json: {}, status: :ok)
+  end
+
+  def republish
+    render(json: {}, status: :accepted)
+  end
+
+  def errors
+    request_id = params[:request_id]
+    message = params[:message]
+
+    Rails.logger.info("[Marketing Activity App Error Feedback] Request id: #{request_id}, message: #{message}")
+
+    render(json: {}, status: :ok)
+  end
+end