duodealer_app 1.0.0

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rake/testtask"
+
+require File.expand_path("../test/dummy/config/application", __FILE__)
+
+Rails.application.load_tasks

data/app/assets/images/storage_access.svg

@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg enable-background="new 0 0 1920 1080" version="1.1" viewBox="0 0 1920 1080" xml:space="preserve" xmlns="http://www.w3.org/2000/svg"><polygon points="1345 330.75 1345 437.24 1224.7 437.24 1224.7 676.56 873.52 676.56 874.04 643.85 1203.2 330.23" fill="#fff"/><path d="m1095.7 677.54c-18.553 0.074-37.107 0.163-55.66 0.126-18.553 0.056-37.107-0.188-55.66-0.233l-13.915-0.063-13.915 0.044-27.83 0.094c-18.553 0.128-37.107-5e-3 -55.66-0.056l-1.266-3e-3 3e-3 -1.259 0.047-22.532-0.093-22.532-0.068-11.266 6e-3 -11.266 0.019-22.532h2.703l0.111 22.532c0.053 7.511 0.06 15.022 0.038 22.532l-0.094 45.065-1.407-1.407c18.553 7e-3 37.107-0.041 55.66 0.086l27.83 0.131 13.915 0.066 13.915-0.028c18.553-8e-3 37.107-0.151 55.66-0.019 18.553 0.099 37.107 0.049 55.66-0.181v2.701z" fill="#0C1238"/><path d="m1225 677.54c-9.24 0.123-18.48 0.187-27.72 0.077l-13.86-0.213c-2.31-0.051-4.62-0.023-6.93 1e-3l-6.93 0.062c-9.24 0.156-18.48 0.076-27.72-0.054-2.31-0.034-4.62 1e-3 -6.93 2e-3l-6.93 0.121c-4.62 0.062-9.24-2e-3 -13.86 3e-3v-2.703c4.62-0.048 9.24-0.165 13.86-0.157l6.93 0.025c2.31 0.027 4.62 0.088 6.93 0.076 9.24-0.024 18.48-0.031 27.72 0.145 4.62 0.038 9.24 0.163 13.86 0.126l13.86-0.081c4.62-0.04 9.24 0.088 13.86 0.101 2.31 0.047 4.62-0.048 6.93-0.065 2.31-0.026 4.62-0.07 6.93-0.169v2.703z" fill="#0C1238"/><path d="m871.68 561.78l-0.13-115.72 0.07-115.72 1e-3 -1.414 1.411 3e-3 117.9 0.228 117.9-0.138 58.951-0.061 58.951 0.072 117.9 0.09 1.218 1e-3 4e-3 1.221 0.156 53.426-0.026 53.426h-2.703l-0.154-53.426 0.04-53.426 1.466 1.466-235.8-0.148-117.9-0.193-117.9 0.087 1.212-1.212-0.084 115.72c-0.058 19.286 0.032 38.573 0.074 57.859l0.15 57.859h-2.705z" fill="#0C1238"/><g fill="#E6E8F0"><circle cx="891.37" cy="344.49" r="6.812"/><circle cx="912.86" cy="345.01" r="6.812"/><circle cx="934.34" cy="345.54" r="6.812"/><path d="m1202.7 352.87h-186.64c-0.552 0-1-0.448-1-1v-11.624c0-0.552 0.448-1 1-1h186.64c0.552 0 1 0.448 1 1v11.624c0 0.552-0.448 1-1 1z" stroke="#F0F3F5" stroke-miterlimit="10"/><rect x="1288.6" y="339.25" width="17.816" height="13.624"/><path d="m1327.4 352.87h-15.816c-0.552 0-1-0.448-1-1v-11.624c0-0.552 0.448-1 1-1h15.816c0.552 0 1 0.448 1 1v11.624c0 0.552-0.447 1-1 1z"/></g><g fill="none" stroke="#8891EA" stroke-miterlimit="10" stroke-width="8"><path d="m1098.3 576.8c-24.295 0-43.99-19.695-43.99-43.99v-29.485c0-2.209 1.791-4 4-4h79.98c2.209 0 4 1.791 4 4v29.485c0 24.295-19.695 43.99-43.99 43.99z"/><path d="m1066 499.33v-12.41c0-17.804 14.433-32.237 32.237-32.237s32.237 14.433 32.237 32.237v12.41"/></g><circle cx="1098.3" cy="529.08" r="8.966" fill="#8891EA"/><line x1="1098.3" x2="1098.3" y1="529.08" y2="546.68" fill="#fff" stroke="#8891EA" stroke-linecap="round" stroke-miterlimit="10" stroke-width="8"/><polygon points="1416.1 676.19 1358 748.57 1416.1 749.77 1225 749.77 1225 659.42 1416.1 437.19" fill="#fff"/><path d="m1415.2 497.07l-0.12-59.83 1.472 1.472-95.89-0.052-47.945-0.135c-15.982-0.023-31.963-0.14-47.945-0.085l1.2-1.2 0.139 78.077c0.086 26.026 4e-3 52.052-0.039 78.077l-0.076 78.077c0.056 26.026 0.201 52.052 0.145 78.077l-1.368-1.368 38.25 0.017v2.703l-38.251 0.1-1.444 4e-3 -6e-3 -1.454c-0.102-26.026-0.045-52.052-0.026-78.077l0.068-78.077 0.067-78.077 0.191-78.077 3e-3 -1.15h1.147l47.945-0.013 47.945-0.051 95.89 0.089 1.121 1e-3 4e-3 1.125 0.226 59.83h-2.703z" fill="#0C1238"/><path d="m1417.9 518.33c0.051 19.268 0.165 38.536 0.128 57.804l-0.022 28.902-0.134 28.902-0.134 28.902 0.061 28.902 0.087 28.902 0.046 14.451-0.034 14.451-3e-3 1.353-1.347-3e-3c-22.64-0.042-45.28-0.192-67.919-0.118l-33.96 0.144-33.96-0.025v-2.703l33.96-0.143 33.96 0.01c11.32 0.049 22.64 0.1 33.96 0.078l33.96-2e-3 -1.409 1.409c-0.03-19.268 0.125-38.536 0.178-57.804l0.103-28.902-0.051-28.902-0.051-28.902 0.081-28.902c0.128-19.268-0.116-38.536-0.204-57.804h2.704z" fill="#0C1238"/><path d="m1400.3 458.72h-160.44c-0.552 0-1-0.448-1-1v-11.624c0-0.552 0.448-1 1-1h160.44c0.552 0 1 0.448 1 1v11.624c0 0.552-0.448 1-1 1z" fill="#E6E8F0" stroke="#F0F3F5" stroke-miterlimit="10"/><path d="m1238.5 467.44c13.587-0.084 27.173-0.121 40.76-0.055l20.38 0.141c6.793 0.061 13.587-0.03 20.38-0.038 13.587-0.116 27.173-0.022 40.76 0.038 6.793 0.029 13.587-0.022 20.38-0.082 6.793-0.046 13.587 0 20.38-5e-3v1.802c-13.587 0.111-27.173 0.144-40.76 0.036-13.587 2e-3 -27.173 0.027-40.76-0.09-6.793-0.025-13.587-0.117-20.38-0.088l-20.38 0.054c-6.793 0.022-13.587-0.048-20.38-0.067-6.793-7e-3 -13.587 0.107-20.38 0.154v-1.8z" fill="#E6E8F0"/><path d="m891.69 362.56c36.392-0.084 72.784-0.121 109.18-0.055l54.588 0.141c18.196 0.062 36.392-0.034 54.588-0.043l218.35-0.043v1.802c-36.392 0.111-72.784 0.144-109.18 0.036l-109.18-0.09-54.588-0.088-54.588 0.054-54.588-0.067-54.588 0.154v-1.801z" fill="#E6E8F0"/><g fill="none" stroke="#8891EA" stroke-miterlimit="10" stroke-width="6"><path d="m1320.6 638.41c-17.878 0-32.371-14.493-32.371-32.371v-21.697c0-1.626 1.318-2.943 2.943-2.943h58.854c1.626 0 2.943 1.318 2.943 2.943v21.697c1e-3 17.878-14.491 32.371-32.369 32.371z"/><path d="m1296.9 581.4v-9.132c0-13.101 10.62-23.722 23.722-23.722 13.101 0 23.722 10.621 23.722 23.722v9.132"/></g><circle cx="1320.6" cy="604.5" r="5.88" fill="#8891EA"/><line x1="1320.6" x2="1320.6" y1="603.3" y2="616.25" fill="#fff" stroke="#8891EA" stroke-linecap="round" stroke-miterlimit="10" stroke-width="6"/><path d="m966.35 697.36l-0.029 13.745c-0.01 1.145 0.011 2.291-0.023 3.436l-0.124 3.436c-0.103 2.291 0.022 4.582 0.121 6.872l-1.912-1.912c10.168-0.857 20.337-0.478 30.505-0.36 5.084 0.104 10.168 0.133 15.252 0.178 5.084 6e-3 10.168 0.199 15.252 0.287l7.626 0.168 7.626 0.264c2.542 0.09 5.084 0.032 7.626 0.023 2.542-0.035 5.084 0.047 7.626 0.065 10.168 0.377 20.337-0.052 30.505 0.201l7.626 0.04c2.542 6e-3 5.084-0.283 7.626-0.394 5.084-0.14 10.168-0.184 15.252-0.268 5.084-0.072 10.168-0.071 15.252-0.204 2.542-0.07 5.084-0.088 7.626-0.118 2.542-0.019 5.084 0.1 7.626 0.143 10.168 0.462 20.337-0.303 30.505 0.192 2.542 0.145 5.084 0.163 7.626 0.139 2.542 0 5.084-0.038 7.626-0.099l15.252-0.314v3.936l-15.252 0.106c-5.084 0.024-10.168 0.012-15.252 0.3-10.168 0.483-20.337-0.281-30.505-0.213-20.337-1.165-40.673 0.704-61.01-0.137-2.542 0.117-5.084 0.33-7.626 0.382-2.542 0.092-5.084 0.173-7.626-0.018s-5.084-0.219-7.626-0.183c-2.542-2e-3 -5.084 0.099-7.626 0.081-2.542-0.027-5.084 0.026-7.626-0.066-1.271-0.039-2.542-0.079-3.813-0.09-1.271-0.022-2.542-0.05-3.813 0.018-2.542 0.097-5.084 0.355-7.626 0.327-1.271-0.037-2.542-0.06-3.813-0.12l-3.813-0.238c-2.542-0.162-5.084-0.324-7.626-0.268-2.542 0.109-5.084-0.092-7.626-0.222-2.542-0.112-5.084-0.326-7.626-0.371-2.542-0.094-5.084-0.061-7.626-0.038-5.084 0.101-10.168 0.266-15.252 0.414-2.542 0.071-5.084 0.122-7.626 0.123l-7.626-0.19-1.598-0.04 0.032-1.527c0.047-2.291 0.153-4.582 9e-3 -6.872l-0.162-3.436c-0.047-1.145-0.04-2.291-0.062-3.436l-0.186-13.745h3.934z" fill="#E6E8F0"/><path d="m1434.8 722.88l16.096 0.019 8.048 0.01c2.683 0.018 5.365-0.029 8.048 0.05l-1.89 1.89c0.07-3.44 0.218-6.88 0.086-10.32l-0.312-10.32c-0.261-6.88-0.364-13.76-0.339-20.639l0.314-41.279c0.052-6.88 0.033-13.76 0.144-20.639l0.275-20.639c0.057-6.88 0.274-13.76 0.375-20.639 0.058-6.88-0.069-13.76 0.033-20.639l0.226-20.639-0.071-10.32-0.046-5.16 0.032-5.16 0.11-20.639c0.012-3.44 0.045-6.88-0.068-10.32-0.149-3.44-0.261-6.88-0.361-10.32l-0.328-41.279c-0.074-6.88-0.188-13.76-0.211-20.639 0.028-6.88 0.177-13.76 0.261-20.639l1.77 1.77c-4.37-0.095-8.74 1e-3 -13.111 1e-3l-13.111 0.063c-4.37 1e-3 -8.74 0.084-13.111 0.016l-13.111-0.231c-4.37-0.118-8.74-0.058-13.111-0.055-4.37-4e-3 -8.74 0.077-13.111 0.113l-26.221 0.29v-3.936l26.221-0.107 13.111-0.052c4.37-0.026 8.74 2e-3 13.111-0.14l13.111-0.262c4.37-0.066 8.74 0.04 13.111 0.051l26.221 0.283 2.211 0.024-0.016 2.172c-0.049 6.88-0.045 13.76-0.139 20.639-0.152 6.88-0.325 13.76-0.304 20.639l0.499 41.279c-0.024 1.72-0.037 3.44-0.138 5.16l-0.297 5.16c-0.137 3.44-0.045 6.88 0.01 10.32 0.12 6.88 0.479 13.76 0.59 20.639 0.273 6.88-0.127 13.76-0.227 20.639-0.014 6.88 0.146 13.76 0.091 20.639 0.051 6.88-0.202 13.76-0.162 20.639 0.04 3.44 0.226 6.88 0.324 10.32 0.061 3.44 4e-3 6.88-0.082 10.32l-0.356 10.32c-0.047 1.72-0.141 3.44-0.149 5.16l2e-3 5.16c-0.012 1.72 0.032 3.44-0.026 5.16l-0.164 5.16-0.335 10.32c-0.306 13.76 0.065 27.519 0.289 41.279 0.074 3.44 0.091 6.88 0.13 10.32 0.059 3.44-0.071 6.88-0.098 10.32l-0.153 10.32c-0.053 1.72 0.021 3.44 0.049 5.16l0.139 5.16 0.044 1.627-1.73 0.06c-2.683 0.093-5.365 0.065-8.048 0.1l-8.048 0.061-16.096 0.121v-3.941z" fill="#E6E8F0"/></svg>

data/app/assets/javascripts/duodealer_app/enable_cookies.js

@@ -0,0 +1,3 @@
+//= require ./itp_helper.js
+//= require ./storage_access.js
+//= require ./partition_cookies.js

data/app/assets/javascripts/duodealer_app/itp_helper.js

@@ -0,0 +1,40 @@
+(function() {
+  function ITPHelper(opts) {
+    this.itpContent = document.getElementById('TopLevelInteractionContent');
+    this.itpAction = document.getElementById('TopLevelInteractionButton');
+    this.redirectUrl = opts.redirectUrl;
+  }
+
+  ITPHelper.prototype.redirect = function() {
+    sessionStorage.setItem('duodealer.top_level_interaction', true);
+    window.location.href = this.redirectUrl;
+  }
+
+  ITPHelper.prototype.userAgentIsAffected = function() {
+    return Boolean(document.hasStorageAccess);
+  }
+
+  ITPHelper.prototype.canPartitionCookies = function() {
+    var versionRegEx = /Version\/12\.0\.?\d? Safari/;
+    return versionRegEx.test(navigator.userAgent);
+  }
+
+  ITPHelper.prototype.setUpContent = function(onClick) {
+    this.itpContent.style.display = 'block';
+    this.itpAction.addEventListener('click', this.redirect.bind(this));
+  }
+
+  ITPHelper.prototype.execute = function() {
+    if (!this.itpContent) {
+      return;
+    }
+
+    if (this.userAgentIsAffected()) {
+      this.setUpContent();
+    } else {
+      this.redirect();
+    }
+  }
+
+  this.ITPHelper = ITPHelper;
+})(window);

data/app/assets/javascripts/duodealer_app/partition_cookies.js

@@ -0,0 +1,8 @@
+(function() {
+  document.addEventListener("DOMContentLoaded", function() {
+    var redirectTargetElement = document.getElementById("redirection-target");
+    var targetInfo = JSON.parse(redirectTargetElement.dataset.target)
+    var storageAccessHelper = new StorageAccessHelper(targetInfo);
+    storageAccessHelper.execute();
+  });
+})();

data/app/assets/javascripts/duodealer_app/redirect.js

@@ -0,0 +1,33 @@
+(function() {
+  function redirect() {
+    var redirectTargetElement = document.getElementById("redirection-target");
+
+    if (!redirectTargetElement) {
+      return;
+    }
+
+    var targetInfo = JSON.parse(redirectTargetElement.dataset.target)
+
+    if (window.top == window.self) {
+      // If the current window is the 'parent', change the URL by setting location.href
+      window.top.location.href = targetInfo.url;
+    } else {
+      // If the current window is the 'child', change the parent's URL with postMessage
+      normalizedLink = document.createElement('a');
+      normalizedLink.href = targetInfo.url;
+
+      data = JSON.stringify({
+        message: 'Duodealer.API.remoteRedirect',
+        data: {location: normalizedLink.href}
+      });
+      window.parent.postMessage(data, targetInfo.duodealerUrl);
+    }
+  }
+
+  document.addEventListener("DOMContentLoaded", redirect);
+
+  // In the turbolinks context, neither DOMContentLoaded nor turbolinks:load
+  // consistently fires. This ensures that we at least attempt to fire in the
+  // turbolinks situation as well.
+  redirect();
+})();

data/app/assets/javascripts/duodealer_app/request_storage_access.js

@@ -0,0 +1,3 @@
+//= require ./itp_helper.js
+//= require ./storage_access.js
+//= require ./storage_access_redirect.js

data/app/assets/javascripts/duodealer_app/storage_access.js

@@ -0,0 +1,153 @@
+(function() {
+  var ACCESS_GRANTED_STATUS = 'storage_access_granted';
+  var ACCESS_DENIED_STATUS = 'storage_access_denied';
+
+  function StorageAccessHelper(redirectData) {
+    this.redirectData = redirectData;
+  }
+
+  StorageAccessHelper.prototype.setNormalizedLink = function(storageAccessStatus) {
+    return storageAccessStatus === ACCESS_GRANTED_STATUS ? this.redirectData.hasStorageAccessUrl : this.redirectData.doesNotHaveStorageAccessUrl;
+  }
+
+  StorageAccessHelper.prototype.redirectToAppTLD = function(storageAccessStatus) {
+    var normalizedLink = document.createElement('a');
+
+    normalizedLink.href = this.setNormalizedLink(storageAccessStatus);
+
+    data = JSON.stringify({
+      message: 'Duodealer.API.remoteRedirect',
+      data: {
+        location: normalizedLink.href,
+      }
+    });
+    window.parent.postMessage(data, this.redirectData.duodealerUrl);
+  }
+
+  StorageAccessHelper.prototype.redirectToAppsIndex = function() {
+    window.parent.location.href = this.redirectData.duodealerUrl + '/admin/apps';
+  }
+
+  StorageAccessHelper.prototype.redirectToAppTargetUrl = function() {
+    window.location.href = this.redirectData.appTargetUrl;
+  }
+
+  StorageAccessHelper.prototype.sameSiteNoneIncompatible = function(ua) {
+    return ua.includes("iPhone OS 12_") || ua.includes("iPad; CPU OS 12_") || //iOS 12
+    (ua.includes("UCBrowser/")
+        ? this.isOlderUcBrowser(ua) //UC Browser < 12.13.2
+        : (ua.includes("Chrome/5") || ua.includes("Chrome/6"))) ||
+    ua.includes("Chromium/5") || ua.includes("Chromium/6") ||
+    (ua.includes(" OS X 10_14_") &&
+        ((ua.includes("Version/") && ua.includes("Safari")) || //Safari on MacOS 10.14
+        ua.endsWith("(KHTML, like Gecko)"))); //Web view on MacOS 10.14
+  }
+
+  StorageAccessHelper.prototype.isOlderUcBrowser = function(ua) {
+    var match = ua.match(/UCBrowser\/(\d+)\.(\d+)\.(\d+)\./);
+    if (!match) return false;
+    var major = parseInt(match[1]);
+    var minor = parseInt(match[2]);
+    var build = parseInt(match[3]);
+    if (major != 12) return major < 12;
+    if (minor != 13) return minor < 13;
+    return build < 2;
+  }
+
+  StorageAccessHelper.prototype.setCookie = function(value) {
+    if(!this.sameSiteNoneIncompatible(navigator.userAgent)) {
+      value += '; secure; SameSite=None'
+    }
+    document.cookie = value;
+  }
+
+  StorageAccessHelper.prototype.grantedStorageAccess = function() {
+    try {
+      sessionStorage.setItem('duodealer.granted_storage_access', true);
+      this.setCookie('duodealer.granted_storage_access=true');
+      if (!document.cookie) {
+        throw 'Cannot set third-party cookie.'
+      }
+      this.redirectToAppTargetUrl();
+    } catch (error) {
+      console.warn('Third party cookies may be blocked.', error);
+      this.redirectToAppTLD(ACCESS_DENIED_STATUS);
+    }
+  }
+
+  StorageAccessHelper.prototype.handleRequestStorageAccess = function() {
+    return document.requestStorageAccess().then(this.grantedStorageAccess.bind(this), this.redirectToAppsIndex.bind(this, ACCESS_DENIED_STATUS));
+  }
+
+  StorageAccessHelper.prototype.setupRequestStorageAccess = function() {
+    var requestContent = document.getElementById('RequestStorageAccess');
+    var requestButton = document.getElementById('TriggerAllowCookiesPrompt');
+
+    requestButton.addEventListener('click', this.handleRequestStorageAccess.bind(this));
+    requestContent.style.display = 'block';
+  }
+
+  StorageAccessHelper.prototype.handleHasStorageAccess = function() {
+    if (sessionStorage.getItem('duodealer.granted_storage_access')) {
+      // If app was classified by ITP and used Storage Access API to acquire access
+      this.redirectToAppTargetUrl();
+    } else {
+      // If app has not been classified by ITP and still has storage access
+      this.redirectToAppTLD(ACCESS_GRANTED_STATUS);
+    }
+  }
+
+  StorageAccessHelper.prototype.handleGetStorageAccess = function() {
+    if (sessionStorage.getItem('duodealer.top_level_interaction')) {
+      // If merchant has been redirected to interact with TLD (requirement for prompting request to gain storage access)
+      this.setupRequestStorageAccess();
+    } else {
+      // If merchant has not been redirected to interact with TLD (requirement for prompting request to gain storage access)
+      this.redirectToAppTLD(ACCESS_DENIED_STATUS);
+    }
+  }
+
+  StorageAccessHelper.prototype.manageStorageAccess = function() {
+    return document.hasStorageAccess().then(function(hasAccess) {
+      if (hasAccess) {
+        this.handleHasStorageAccess();
+      } else {
+        this.handleGetStorageAccess();
+      }
+    }.bind(this));
+  }
+
+  StorageAccessHelper.prototype.execute = function() {
+    if (ITPHelper.prototype.canPartitionCookies()) {
+      this.setUpCookiePartitioning();
+      return;
+    }
+
+    if (ITPHelper.prototype.userAgentIsAffected()) {
+      this.manageStorageAccess();
+    } else {
+      this.grantedStorageAccess();
+    }
+  }
+
+  /* ITP 2.0 solution: handles cookie partitioning */
+  StorageAccessHelper.prototype.setUpHelper = function() {
+    return new ITPHelper({redirectUrl: window.shopOrigin + "/admin/apps/" + window.apiKey + window.returnTo});
+  }
+
+  StorageAccessHelper.prototype.setCookieAndRedirect = function() {
+    this.setCookie('duodealer.cookies_persist=true');
+    var helper = this.setUpHelper();
+    helper.redirect();
+  }
+
+  StorageAccessHelper.prototype.setUpCookiePartitioning = function() {
+    var itpContent = document.getElementById('CookiePartitionPrompt');
+    itpContent.style.display = 'block';
+
+    var button = document.getElementById('AcceptCookies');
+    button.addEventListener('click', this.setCookieAndRedirect.bind(this));
+  }
+
+  this.StorageAccessHelper = StorageAccessHelper;
+})(window);

data/app/assets/javascripts/duodealer_app/storage_access_redirect.js

@@ -0,0 +1,17 @@
+(function() {
+  function redirect() {
+    var redirectTargetElement = document.getElementById("redirection-target");
+
+    var targetInfo = JSON.parse(redirectTargetElement.dataset.target)
+
+    if (window.top == window.self) {
+      // If the current window is the 'parent', change the URL by setting location.href
+      window.top.location.href = targetInfo.hasStorageAccessUrl;
+    } else {
+        var storageAccessHelper = new StorageAccessHelper(targetInfo);
+        storageAccessHelper.execute();
+    }
+  }
+
+  document.addEventListener("DOMContentLoaded", redirect);
+})();

data/app/assets/javascripts/duodealer_app/top_level.js

@@ -0,0 +1,2 @@
+//= require ./itp_helper.js
+//= require ./top_level_interaction.js

data/app/assets/javascripts/duodealer_app/top_level_interaction.js

@@ -0,0 +1,11 @@
+(function() {
+  function setUpTopLevelInteraction() {
+    var TopLevelInteraction = new ITPHelper({
+      redirectUrl: window.redirectUrl,
+    });
+
+    TopLevelInteraction.execute();
+  }
+
+  document.addEventListener("DOMContentLoaded", setUpTopLevelInteraction);
+})();

data/app/controllers/concerns/duodealer_app/authenticated.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  module Authenticated
+    extend ActiveSupport::Concern
+
+    included do
+      include DuodealerApp::Localization
+      include DuodealerApp::LoginProtection
+      include DuodealerApp::EmbeddedApp
+      before_action :login_again_if_different_user_or_shop
+      around_action :duodealer_session
+    end
+  end
+end

data/app/controllers/concerns/duodealer_app/authenticated.rb-e

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  module Authenticated
+    extend ActiveSupport::Concern
+
+    included do
+      include DuodealerApp::Localization
+      include DuodealerApp::LoginProtection
+      include DuodealerApp::EmbeddedApp
+      before_action :login_again_if_different_user_or_shop
+      around_action :duodealer_session
+    end
+  end
+end

data/app/controllers/duodealer_app/authenticated_controller.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  class AuthenticatedController < ApplicationController
+    include DuodealerApp::Authenticated
+
+    protect_from_forgery with: :exception
+  end
+end

data/app/controllers/duodealer_app/authenticated_controller.rb-e

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  class AuthenticatedController < ApplicationController
+    include DuodealerApp::Authenticated
+
+    protect_from_forgery with: :exception
+  end
+end

data/app/controllers/duodealer_app/callback_controller.rb

@@ -0,0 +1,104 @@
+# frozen_string_literal: true
+
+module DuodealerApp
+  # Performs login after OAuth completes
+  class CallbackController < ApplicationController
+    include DuodealerApp::LoginProtection
+
+    def callback
+      if auth_hash
+        login_shop
+        install_webhooks
+        install_scripttags
+        perform_after_authenticate_job
+
+        redirect_to return_address
+      else
+        flash[:error] = I18n.t("could_not_log_in")
+        redirect_to(login_url_with_optional_shop)
+      end
+    end
+
+    private
+      def login_shop
+        reset_session_options
+        set_duodealer_session
+      end
+
+      def auth_hash
+        request.env["omniauth.auth"]
+      end
+
+      def shop_name
+        auth_hash.uid
+      end
+
+      def associated_user
+        return if auth_hash["extra"].blank?
+
+        auth_hash["extra"]["associated_user"]
+      end
+
+      def token
+        auth_hash["credentials"]["token"]
+      end
+
+      def reset_session_options
+        request.session_options[:renew] = true
+        session.delete(:_csrf_token)
+      end
+
+      def set_duodealer_session
+        session_store = DuodealerAPI::Session.new(
+          domain: shop_name,
+          token: token,
+          api_version: DuodealerApp.configuration.api_version
+        )
+        session[:duodealer] = DuodealerApp::SessionRepository.store(session_store, user: associated_user)
+        session[:duodealer_domain] = shop_name
+        session[:duodealer_user] = associated_user
+
+        if DuodealerApp.configuration.per_user_tokens?
+          # Adds the user_session to the session to determine if the logged in user has changed
+          user_session = auth_hash&.extra&.session
+          raise IndexError, "Missing user session signature" if user_session.nil?
+          session[:user_session] = user_session
+        end
+      end
+
+      def install_webhooks
+        return unless DuodealerApp.configuration.has_webhooks?
+
+        WebhooksManager.queue(
+          shop_name,
+          token,
+          DuodealerApp.configuration.webhooks
+        )
+      end
+
+      def install_scripttags
+        return unless DuodealerApp.configuration.has_scripttags?
+
+        ScripttagsManager.queue(
+          shop_name,
+          token,
+          DuodealerApp.configuration.scripttags
+        )
+      end
+
+      def perform_after_authenticate_job
+        config = DuodealerApp.configuration.after_authenticate_job
+
+        return unless config && config[:job].present?
+
+        job = config[:job]
+        job = job.constantize if job.is_a?(String)
+
+        if config[:inline] == true
+          job.perform_now(shop_domain: session[:duodealer_domain])
+        else
+          job.perform_later(shop_domain: session[:duodealer_domain])
+        end
+      end
+  end
+end