duodealer_app 1.0.0 → 1.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (29) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -2
  3. data/app/controllers/duodealer_app/callback_controller.rb +10 -10
  4. data/app/controllers/duodealer_app/sessions_controller.rb +23 -23
  5. data/app/controllers/duodealer_app/webhooks_controller.rb +1 -1
  6. data/lib/duodealer_app/controller_concerns/login_protection.rb +29 -29
  7. data/lib/duodealer_app/controller_concerns/webhook_verification.rb +2 -2
  8. data/lib/duodealer_app/jobs/scripttags_manager_job.rb +3 -3
  9. data/lib/duodealer_app/jobs/webhooks_manager_job.rb +2 -2
  10. data/lib/duodealer_app/version.rb +1 -1
  11. data/lib/generators/duodealer_app/install/templates/duodealer_provider.rb +0 -2
  12. data/lib/generators/duodealer_app/rotate_duodealer_token_job/templates/rotate_duodealer_token_job.rb +7 -7
  13. metadata +2 -18
  14. data/app/controllers/concerns/duodealer_app/authenticated.rb-e +0 -15
  15. data/app/controllers/duodealer_app/authenticated_controller.rb-e +0 -9
  16. data/app/controllers/duodealer_app/callback_controller.rb-e +0 -104
  17. data/app/controllers/duodealer_app/extension_verification_controller.rb-e +0 -19
  18. data/app/controllers/duodealer_app/sessions_controller.rb-e +0 -159
  19. data/app/controllers/duodealer_app/webhooks_controller.rb-e +0 -37
  20. data/app/views/duodealer_app/partials/_button_styles.html.erb-e +0 -104
  21. data/app/views/duodealer_app/partials/_card_styles.html.erb-e +0 -33
  22. data/app/views/duodealer_app/partials/_empty_state_styles.html.erb-e +0 -129
  23. data/app/views/duodealer_app/partials/_layout_styles.html.erb-e +0 -167
  24. data/app/views/duodealer_app/partials/_typography_styles.html.erb-e +0 -35
  25. data/app/views/duodealer_app/sessions/enable_cookies.html.erb-e +0 -75
  26. data/app/views/duodealer_app/sessions/new.html.erb-e +0 -123
  27. data/app/views/duodealer_app/sessions/request_storage_access.html.erb-e +0 -68
  28. data/app/views/duodealer_app/sessions/top_level_interaction.html.erb-e +0 -64
  29. data/app/views/duodealer_app/shared/redirect.html.erb-e +0 -23
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 867012539e0d946ff8737b9f5a10995a2e40762ba4245c00fb4cbdfba998d3af
4
- data.tar.gz: 976c1f4cc69c53a17fc6241594fd9a3405369dfca8dc2e01efd21906a2400c48
3
+ metadata.gz: a2269bcddcbaf2ec4b28af339d18939f72c087eeb238612d5ffafd30c1911f7f
4
+ data.tar.gz: 9837fe7b93b11dda135fab7e9913cebe4388ccd23f48c4182309a3e9839f17cc
5
5
  SHA512:
6
- metadata.gz: 7012a1cd22626b677d50ed634e41084c55f7f170f1cdd3781f77b169c8c9434ae8ce04f8efc9e559adeb51175e2391dc0578d867d87f3678b389ebbf36a2286d
7
- data.tar.gz: 73874f4a88d4a4b744b7b95f43681f5c0083465cb7cb4e6c6f40f9c8f7195b96e79928552c2e4ddb240a62a6985e8cb0cff7e539fa273e01fbb07f46b60d9f67
6
+ metadata.gz: 390073fdc0a5321ec2f11c5535237e23299f3718bb9f38d786370a46367e73ae292154721cfcebbf23bec93e72b360b249427f9c988f5f9e16468a8b5444a3d9
7
+ data.tar.gz: 8c230c87bbcc2e07d9c95c980c6444f604a5eca30172359776fc49870d75230c52641baf40578c670f4495da9323924463f7bb46b844ae85b26536dfceb9d521
data/README.md CHANGED
@@ -155,7 +155,7 @@ Mounting the Engine will provide the basic routes to authenticating a shop with
155
155
  |--------|-------------------------------|------------------------------|
156
156
  |GET |'/login' |Login |
157
157
  |POST |'/login' |Login |
158
- |GET |'/auth/duodealer/callback' |Authenticate Callback |
158
+ |GET |'/auth/duodealer/callback' |Authenticate Callback |
159
159
  |GET |'/logout' |Logout |
160
160
  |POST |'/webhooks/:type' |Webhook Callback |
161
161
 
@@ -294,7 +294,7 @@ Duo Dealer's API is versioned, and you can [read about that process in the Duo D
294
294
 
295
295
  Since duodealer_app gem version 1.11.0, the included duodealer_api gem has also been updated to allow you to easily set and switch what version of the Duo Dealer API you want your app or service to use, as well as surface warnings to Rails apps about [deprecated endpoints, GraphQL fields and more](https://duodealer.dev/concepts/about-apis/versioning#deprecation-practices).
296
296
 
297
- See the [duodealer_api gem README](https://github.com/Duo Dealer/duodealer_api/) for more details.
297
+ See the [duodealer_api gem README](https://gitlab.com/duodealer/duodealer_api/) for more details.
298
298
 
299
299
  WebhooksManager
300
300
  ---------------
@@ -7,7 +7,7 @@ module DuodealerApp
7
7
 
8
8
  def callback
9
9
  if auth_hash
10
- login_shop
10
+ login_account
11
11
  install_webhooks
12
12
  install_scripttags
13
13
  perform_after_authenticate_job
@@ -15,12 +15,12 @@ module DuodealerApp
15
15
  redirect_to return_address
16
16
  else
17
17
  flash[:error] = I18n.t("could_not_log_in")
18
- redirect_to(login_url_with_optional_shop)
18
+ redirect_to(login_url_with_optional_account)
19
19
  end
20
20
  end
21
21
 
22
22
  private
23
- def login_shop
23
+ def login_account
24
24
  reset_session_options
25
25
  set_duodealer_session
26
26
  end
@@ -29,7 +29,7 @@ module DuodealerApp
29
29
  request.env["omniauth.auth"]
30
30
  end
31
31
 
32
- def shop_name
32
+ def account_name
33
33
  auth_hash.uid
34
34
  end
35
35
 
@@ -50,12 +50,12 @@ module DuodealerApp
50
50
 
51
51
  def set_duodealer_session
52
52
  session_store = DuodealerAPI::Session.new(
53
- domain: shop_name,
53
+ domain: account_name,
54
54
  token: token,
55
55
  api_version: DuodealerApp.configuration.api_version
56
56
  )
57
57
  session[:duodealer] = DuodealerApp::SessionRepository.store(session_store, user: associated_user)
58
- session[:duodealer_domain] = shop_name
58
+ session[:duodealer_domain] = account_name
59
59
  session[:duodealer_user] = associated_user
60
60
 
61
61
  if DuodealerApp.configuration.per_user_tokens?
@@ -70,7 +70,7 @@ module DuodealerApp
70
70
  return unless DuodealerApp.configuration.has_webhooks?
71
71
 
72
72
  WebhooksManager.queue(
73
- shop_name,
73
+ account_name,
74
74
  token,
75
75
  DuodealerApp.configuration.webhooks
76
76
  )
@@ -80,7 +80,7 @@ module DuodealerApp
80
80
  return unless DuodealerApp.configuration.has_scripttags?
81
81
 
82
82
  ScripttagsManager.queue(
83
- shop_name,
83
+ account_name,
84
84
  token,
85
85
  DuodealerApp.configuration.scripttags
86
86
  )
@@ -95,9 +95,9 @@ module DuodealerApp
95
95
  job = job.constantize if job.is_a?(String)
96
96
 
97
97
  if config[:inline] == true
98
- job.perform_now(shop_domain: session[:duodealer_domain])
98
+ job.perform_now(account_domain: session[:duodealer_domain])
99
99
  else
100
- job.perform_later(shop_domain: session[:duodealer_domain])
100
+ job.perform_later(account_domain: session[:duodealer_domain])
101
101
  end
102
102
  end
103
103
  end
@@ -10,7 +10,7 @@ module DuodealerApp
10
10
  end
11
11
 
12
12
  def new
13
- authenticate if sanitized_shop_name.present?
13
+ authenticate if sanitized_account_name.present?
14
14
  end
15
15
 
16
16
  def create
@@ -18,16 +18,16 @@ module DuodealerApp
18
18
  end
19
19
 
20
20
  def enable_cookies
21
- return unless validate_shop
21
+ return unless validate_account
22
22
 
23
23
  render(:enable_cookies, layout: false, locals: {
24
24
  does_not_have_storage_access_url: top_level_interaction_path(
25
- shop: sanitized_shop_name,
25
+ account: sanitized_account_name,
26
26
  return_to: params[:return_to]
27
27
  ),
28
- has_storage_access_url: login_url_with_optional_shop(top_level: true),
28
+ has_storage_access_url: login_url_with_optional_account(top_level: true),
29
29
  app_target_url: granted_storage_access_path(
30
- shop: sanitized_shop_name,
30
+ account: sanitized_account_name,
31
31
  return_to: params[:return_to]
32
32
  ),
33
33
  current_duodealer_domain: current_duodealer_domain
@@ -35,30 +35,30 @@ module DuodealerApp
35
35
  end
36
36
 
37
37
  def top_level_interaction
38
- @url = login_url_with_optional_shop(top_level: true)
39
- validate_shop
38
+ @url = login_url_with_optional_account(top_level: true)
39
+ validate_account
40
40
  end
41
41
 
42
42
  def granted_storage_access
43
- return unless validate_shop
43
+ return unless validate_account
44
44
 
45
45
  session["duodealer.granted_storage_access"] = true
46
46
 
47
47
  copy_return_to_param_to_session
48
48
 
49
- redirect_to(return_address_with_params({ shop: @shop }))
49
+ redirect_to(return_address_with_params({ account: @account }))
50
50
  end
51
51
 
52
52
  def destroy
53
53
  reset_session
54
54
  flash[:notice] = I18n.t(".logged_out")
55
- redirect_to(login_url_with_optional_shop)
55
+ redirect_to(login_url_with_optional_account)
56
56
  end
57
57
 
58
58
  private
59
59
  def authenticate
60
- return render_invalid_shop_error if sanitized_shop_name.blank?
61
- session["duodealer.omniauth_params"] = { shop: sanitized_shop_name }
60
+ return render_invalid_account_error if sanitized_account_name.blank?
61
+ session["duodealer.omniauth_params"] = { account: sanitized_account_name }
62
62
 
63
63
  copy_return_to_param_to_session
64
64
 
@@ -89,10 +89,10 @@ module DuodealerApp
89
89
  end
90
90
  end
91
91
 
92
- def validate_shop
93
- @shop = sanitized_shop_name
94
- unless @shop
95
- render_invalid_shop_error
92
+ def validate_account
93
+ @account = sanitized_account_name
94
+ unless @account
95
+ render_invalid_account_error
96
96
  return false
97
97
  end
98
98
 
@@ -103,14 +103,14 @@ module DuodealerApp
103
103
  session[:return_to] = params[:return_to] if params[:return_to]
104
104
  end
105
105
 
106
- def render_invalid_shop_error
107
- flash[:error] = I18n.t("invalid_shop_url")
106
+ def render_invalid_account_error
107
+ flash[:error] = I18n.t("invalid_account_url")
108
108
  redirect_to return_address
109
109
  end
110
110
 
111
111
  def enable_cookie_access
112
112
  fullpage_redirect_to(enable_cookies_path(
113
- shop: sanitized_shop_name,
113
+ account: sanitized_account_name,
114
114
  return_to: session[:return_to]
115
115
  ))
116
116
  end
@@ -120,7 +120,7 @@ module DuodealerApp
120
120
  end
121
121
 
122
122
  def authenticate_at_top_level
123
- fullpage_redirect_to(login_url_with_optional_shop(top_level: true))
123
+ fullpage_redirect_to(login_url_with_optional_account(top_level: true))
124
124
  end
125
125
 
126
126
  def authenticate_in_context?
@@ -143,12 +143,12 @@ module DuodealerApp
143
143
  layout: false,
144
144
  locals: {
145
145
  does_not_have_storage_access_url: top_level_interaction_path(
146
- shop: sanitized_shop_name,
146
+ account: sanitized_account_name,
147
147
  return_to: session[:return_to]
148
148
  ),
149
- has_storage_access_url: login_url_with_optional_shop(top_level: true),
149
+ has_storage_access_url: login_url_with_optional_account(top_level: true),
150
150
  app_target_url: granted_storage_access_path(
151
- shop: sanitized_shop_name,
151
+ account: sanitized_account_name,
152
152
  return_to: session[:return_to]
153
153
  ),
154
154
  current_duodealer_domain: current_duodealer_domain
@@ -8,7 +8,7 @@ module DuodealerApp
8
8
 
9
9
  def receive
10
10
  params.permit!
11
- job_args = { shop_domain: shop_domain, webhook: webhook_params.to_h }
11
+ job_args = { account_domain: account_domain, webhook: webhook_params.to_h }
12
12
  webhook_job_klass.perform_later(job_args)
13
13
  head :no_content
14
14
  end
@@ -15,28 +15,28 @@ module DuodealerApp
15
15
  end
16
16
 
17
17
  def duodealer_session
18
- return redirect_to_login unless shop_session
18
+ return redirect_to_login unless account_session
19
19
  clear_top_level_oauth_cookie
20
20
 
21
21
  begin
22
- DuodealerAPI::Base.activate_session(shop_session)
22
+ DuodealerAPI::Base.activate_session(account_session)
23
23
  yield
24
24
  ensure
25
25
  DuodealerAPI::Base.clear_session
26
26
  end
27
27
  end
28
28
 
29
- def shop_session
29
+ def account_session
30
30
  if DuodealerApp.configuration.per_user_tokens?
31
31
  return unless session[:duodealer_user]
32
- @shop_session ||= DuodealerApp::SessionRepository.retrieve(session[:duodealer_user]["id"])
32
+ @account_session ||= DuodealerApp::SessionRepository.retrieve(session[:duodealer_user]["id"])
33
33
  else
34
34
  return unless session[:duodealer]
35
- @shop_session ||= DuodealerApp::SessionRepository.retrieve(session[:duodealer])
35
+ @account_session ||= DuodealerApp::SessionRepository.retrieve(session[:duodealer])
36
36
  end
37
37
  end
38
38
 
39
- def login_again_if_different_user_or_shop
39
+ def login_again_if_different_user_or_account
40
40
  if DuodealerApp.configuration.per_user_tokens?
41
41
  valid_session_data = session[:user_session].present? && params[:session].present? # session data was sent/stored correctly
42
42
  sessions_do_not_match = session[:user_session] != params[:session] # current user is different from stored user
@@ -46,12 +46,12 @@ module DuodealerApp
46
46
  end
47
47
  end
48
48
 
49
- if shop_session && params[:shop] && params[:shop].is_a?(String) && (shop_session.domain != params[:shop])
49
+ if account_session && params[:account] && params[:account].is_a?(String) && (account_session.domain != params[:account])
50
50
  clear_session = true
51
51
  end
52
52
 
53
53
  if clear_session
54
- clear_shop_session
54
+ clear_account_session
55
55
  redirect_to_login
56
56
  end
57
57
  end
@@ -70,23 +70,23 @@ module DuodealerApp
70
70
  query = "#{referer.query}&#{sanitized_params.to_query}"
71
71
  end
72
72
  session[:return_to] = "#{path}?#{query}"
73
- redirect_to(login_url_with_optional_shop)
73
+ redirect_to(login_url_with_optional_account)
74
74
  end
75
75
  end
76
76
 
77
77
  def close_session
78
- clear_shop_session
79
- redirect_to(login_url_with_optional_shop)
78
+ clear_account_session
79
+ redirect_to(login_url_with_optional_account)
80
80
  end
81
81
 
82
- def clear_shop_session
82
+ def clear_account_session
83
83
  session[:duodealer] = nil
84
84
  session[:duodealer_domain] = nil
85
85
  session[:duodealer_user] = nil
86
86
  session[:user_session] = nil
87
87
  end
88
88
 
89
- def login_url_with_optional_shop(top_level: false)
89
+ def login_url_with_optional_account(top_level: false)
90
90
  url = DuodealerApp.configuration.login_url
91
91
 
92
92
  query_params = login_url_params(top_level: top_level)
@@ -97,7 +97,7 @@ module DuodealerApp
97
97
 
98
98
  def login_url_params(top_level:)
99
99
  query_params = {}
100
- query_params[:shop] = sanitized_params[:shop] if params[:shop].present?
100
+ query_params[:account] = sanitized_params[:account] if params[:account].present?
101
101
 
102
102
  return_to = session[:return_to] || params[:return_to]
103
103
 
@@ -105,10 +105,10 @@ module DuodealerApp
105
105
  query_params[:return_to] = return_to
106
106
  end
107
107
 
108
- has_referer_shop_name = referer_sanitized_shop_name.present?
108
+ has_referer_account_name = referer_sanitized_account_name.present?
109
109
 
110
- if has_referer_shop_name
111
- query_params[:shop] ||= referer_sanitized_shop_name
110
+ if has_referer_account_name
111
+ query_params[:account] ||= referer_sanitized_account_name
112
112
  end
113
113
 
114
114
  query_params[:top_level] = true if top_level
@@ -116,7 +116,7 @@ module DuodealerApp
116
116
  end
117
117
 
118
118
  def return_to_param_required?
119
- native_params = %i[shop hmac timestamp locale protocol return_to]
119
+ native_params = %i[account hmac timestamp locale protocol return_to]
120
120
  request.path != "/" || sanitized_params.except(*native_params).any?
121
121
  end
122
122
 
@@ -129,36 +129,36 @@ module DuodealerApp
129
129
  end
130
130
 
131
131
  def current_duodealer_domain
132
- duodealer_domain = sanitized_shop_name || session[:duodealer_domain]
132
+ duodealer_domain = sanitized_account_name || session[:duodealer_domain]
133
133
  return duodealer_domain if duodealer_domain.present?
134
134
 
135
135
  raise DuodealerDomainNotFound
136
136
  end
137
137
 
138
- def sanitized_shop_name
139
- @sanitized_shop_name ||= sanitize_shop_param(params)
138
+ def sanitized_account_name
139
+ @sanitized_account_name ||= sanitize_account_param(params)
140
140
  end
141
141
 
142
- def referer_sanitized_shop_name
142
+ def referer_sanitized_account_name
143
143
  return if request.referer.blank?
144
144
 
145
- @referer_sanitized_shop_name ||= begin
145
+ @referer_sanitized_account_name ||= begin
146
146
  referer_uri = URI(request.referer)
147
147
  query_params = Rack::Utils.parse_query(referer_uri.query)
148
148
 
149
- sanitize_shop_param(query_params.with_indifferent_access)
149
+ sanitize_account_param(query_params.with_indifferent_access)
150
150
  end
151
151
  end
152
152
 
153
- def sanitize_shop_param(params)
154
- return if params[:shop].blank?
155
- DuodealerApp::Utils.sanitize_shop_domain(params[:shop])
153
+ def sanitize_account_param(params)
154
+ return if params[:account].blank?
155
+ DuodealerApp::Utils.sanitize_account_domain(params[:account])
156
156
  end
157
157
 
158
158
  def sanitized_params
159
159
  request.query_parameters.clone.tap do |query_params|
160
- if params[:shop].is_a?(String)
161
- query_params[:shop] = sanitize_shop_param(params)
160
+ if params[:account].is_a?(String)
161
+ query_params[:account] = sanitize_account_param(params)
162
162
  end
163
163
  end
164
164
  end
@@ -28,8 +28,8 @@ module DuodealerApp
28
28
  end
29
29
  end
30
30
 
31
- def shop_domain
32
- request.headers["HTTP_X_DUODEALER_SHOP_DOMAIN"]
31
+ def account_domain
32
+ request.headers["HTTP_X_DUODEALER_ACCOUNT_DOMAIN"]
33
33
  end
34
34
 
35
35
  def duodealer_hmac
@@ -6,10 +6,10 @@ module DuodealerApp
6
6
  DuodealerApp.configuration.scripttags_manager_queue_name
7
7
  end
8
8
 
9
- def perform(shop_domain:, shop_token:, scripttags:)
9
+ def perform(account_domain:, account_token:, scripttags:)
10
10
  api_version = DuodealerApp.configuration.api_version
11
- DuodealerAPI::Session.temp(domain: shop_domain, token: shop_token, api_version: api_version) do
12
- manager = ScripttagsManager.new(scripttags, shop_domain)
11
+ DuodealerAPI::Session.temp(domain: account_domain, token: account_token, api_version: api_version) do
12
+ manager = ScripttagsManager.new(scripttags, account_domain)
13
13
  manager.create_scripttags
14
14
  end
15
15
  end
@@ -6,9 +6,9 @@ module DuodealerApp
6
6
  DuodealerApp.configuration.webhooks_manager_queue_name
7
7
  end
8
8
 
9
- def perform(shop_domain:, shop_token:, webhooks:)
9
+ def perform(account_domain:, account_token:, webhooks:)
10
10
  api_version = DuodealerApp.configuration.api_version
11
- DuodealerAPI::Session.temp(domain: shop_domain, token: shop_token, api_version: api_version) do
11
+ DuodealerAPI::Session.temp(domain: account_domain, token: account_token, api_version: api_version) do
12
12
  manager = WebhooksManager.new(webhooks)
13
13
  manager.create_webhooks
14
14
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module DuodealerApp
4
- VERSION = "1.0.0"
4
+ VERSION = "1.0.1"
5
5
  end
@@ -1,5 +1,3 @@
1
- # frozen_string_literal: true
2
-
3
1
  provider :duodealer,
4
2
  DuodealerApp.configuration.api_key,
5
3
  DuodealerApp.configuration.secret,