lucid-shopify 0.34.0

data/lib/lucid/shopify/redis_throttled_strategy.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+require 'lucid/shopify'
+
+if defined?(Redis)
+  module Lucid
+    module Shopify
+      # Use Redis to maintain API call limit throttling across threads/processes.
+      #
+      # No delay for requests up to half of the call limit.
+      class RedisThrottledStrategy < ThrottledStrategy
+        LEAK_RATE = 500
+
+        # @param redis_client [Redis]
+        def initialize(redis_client: Redis.current)
+          @redis_client = redis_client
+        end
+
+        # @param request [Request]
+        #
+        # @yieldreturn [Response]
+        #
+        # @return [Response]
+        def call(request, &send_request)
+          interval_key = build_interval_key(request)
+
+          interval(interval_key)
+
+          send_request.().tap do |res|
+            header = res.headers['X-Shopify-Shop-Api-Call-Limit']
+
+            next if header.nil?
+
+            cur, max = header.split('/')
+
+            @redis_client.mapped_hmset(interval_key,
+              cur: cur,
+              max: max,
+              at: timestamp
+            )
+          end
+        end
+
+        # If over half the call limit, sleep until requests leak back to the
+        # threshold.
+        #
+        # @param interval_key [String]
+        private def interval(interval_key)
+          cur, max, at = @redis_client.hmget(interval_key, :cur, :max, :at).map(&:to_i)
+
+          cur = leak(cur, at)
+
+          delay_threshold = max / 2 # no delay
+
+          if cur > delay_threshold
+            sleep(Rational((cur - delay_threshold) * LEAK_RATE, 1000))
+          end
+        end
+
+        # Find the actual value of {cur}, by subtracting requests leaked by the
+        # leaky bucket algorithm since the value was set.
+        #
+        # @param cur [Integer]
+        # @param at [Integer]
+        #
+        # @return [Integer]
+        private def leak(cur, at)
+          n = Rational(timestamp - at, LEAK_RATE).floor
+
+          n > cur ? 0 : cur - n
+        end
+      end
+    end
+  end
+end

data/lib/lucid/shopify/request.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+require 'lucid/shopify'
+
+module Lucid
+  module Shopify
+    # @abstract
+    class Request
+      extend Dry::Initializer
+
+      # @return [Credentials]
+      param :credentials
+      # @return [Symbol]
+      param :http_method
+      # @return [String] the endpoint relative to the base URL
+      param :path, reader: :private
+      # @return [Hash]
+      param :options, default: -> { {} }
+
+      # @return [Hash]
+      param :http_headers, default: -> { build_headers }
+      # @return [String]
+      param :url, default: -> { build_url }
+
+      # @return [String]
+      private def build_url
+        unless path.match?(/oauth/)
+          admin_url = "https://#{credentials.myshopify_domain}/admin/api/#{api_version}"
+        else
+          admin_url = "https://#{credentials.myshopify_domain}/admin"
+        end
+
+        normalised_path = path.sub(/^\//, '')
+        normalised_path = path.sub(/\.json$/, '')
+
+        admin_url + '/' + normalised_path + '.json'
+      end
+
+      # @return [Hash]
+      private def build_headers
+        access_token = credentials.access_token
+
+        {}.tap do |headers|
+          headers['Accept'] = 'application/json'
+          headers['X-Shopify-Access-Token'] = access_token if access_token
+        end
+      end
+
+      # @return [String]
+      private def api_version
+        ENV.fetch('SHOPIFY_API_VERSION', Shopify.config.api_version)
+      end
+    end
+  end
+end

data/lib/lucid/shopify/response.rb

@@ -0,0 +1,127 @@
+# frozen_string_literal: true
+
+require 'json'
+
+require 'lucid/shopify'
+
+module Lucid
+  module Shopify
+    class Response
+      # @abstract
+      class Error < Error
+        extend Dry::Initializer
+
+        # @return [Request]
+        param :request
+        # @return [Response]
+        param :response
+
+        # @return [String]
+        def message
+          "bad response (#{response.status_code})"
+        end
+      end
+
+      ClientError = Class.new(Error)
+      ServerError = Class.new(Error)
+      ShopError = Class.new(Error)
+
+      extend Dry::Initializer
+
+      include Enumerable
+
+      # @return [Request] the original request
+      param :request
+      # @return [Integer]
+      param :status_code
+      # @return [Hash]
+      param :headers
+      # @return [String]
+      param :data
+
+      # The parsed response body.
+      #
+      # @return [Hash]
+      def data_hash
+        return {} unless json?
+
+        @data_hash ||= JSON.parse(data)
+      end
+
+      # @return [Boolean]
+      private def json?
+        headers['Content-Type'] =~ /application\/json/ && !data.empty?
+      end
+
+      # @return [self]
+      #
+      # @raise [ClientError] for status 4xx
+      # @raise [ServerError] for status 5xx
+      #
+      # @note https://help.shopify.com/en/api/getting-started/response-status-codes
+      def assert!
+        case status_code
+        when 402
+          raise ShopError.new(request, self), 'Shop is frozen, awaiting payment'
+        when 423
+          raise ShopError.new(request, self), 'Shop is locked'
+        when 400..499
+          raise ClientError.new(request, self)
+        when 500..599
+          raise ServerError.new(request, self)
+        end
+
+        self
+      end
+
+      # @return [Boolean]
+      def success?
+        status_code.between?(200, 299)
+      end
+
+      # @return [Boolean]
+      def failure?
+        !success?
+      end
+
+      # @return [Boolean]
+      def errors?
+        data_hash.has_key?('errors')
+      end
+
+      # A string rather than an object is returned by Shopify in the case of,
+      # e.g., 'Not found'. In this case, we return it under the 'resource' key.
+      #
+      # @return [Hash, nil]
+      def errors
+        errors = data_hash['errors']
+        return {'resource' => errors} if errors.is_a?(String)
+        errors
+      end
+
+      # @see Hash#each
+      def each(&block)
+        data_hash.each(&block)
+      end
+
+      # @param key [String]
+      #
+      # @return [Object]
+      def [](key)
+        data_hash[key]
+      end
+
+      alias_method :to_h, :data_hash
+
+      # @return [Hash]
+      def as_json(*)
+        to_h
+      end
+
+      # @return [String]
+      def to_json(*args)
+        as_json.to_json(*args)
+      end
+    end
+  end
+end

data/lib/lucid/shopify/send_request.rb

@@ -0,0 +1,101 @@
+# frozen_string_literal: true
+
+require 'lucid/shopify'
+
+module Lucid
+  module Shopify
+    class SendRequest
+      class NetworkError < Error
+        extend Dry::Initializer
+
+        # @return [HTTP::Error]
+        param :original_exception
+      end
+
+      # @param http [HTTP::Client]
+      # @param strategy [#call, nil] unthrottled by default
+      def initialize(http: Container[:http],
+                     strategy: ->(*, &block) { block.() })
+        @http = http
+        @strategy = strategy
+      end
+
+      # @param request [Request]
+      # @param attempts [Integer] additional request attempts on client error
+      #
+      # @return [Hash] the parsed response body
+      #
+      # @raise [NetworkError] if the request failed all attempts
+      # @raise [Response::ClientError] for status 4xx
+      # @raise [Response::ServerError] for status 5xx
+      def call(request, attempts: default_attempts)
+        req = request
+
+        log_request(req)
+
+        res = @strategy.(req) do
+          res = send(req)
+
+          Response.new(req, res.code, res.headers.to_h, res.to_s)
+        end
+
+        log_response(req, res)
+
+        res.assert!
+      rescue HTTP::ConnectionError,
+             HTTP::ResponseError,
+             HTTP::TimeoutError => e
+        raise NetworkError.new(e), e.message if attempts.zero?
+
+        call(req, attempts: attempts - 1)
+      rescue Response::ClientError => e
+        raise e unless e.response.status_code == 429
+
+        sleep(e.response.headers['Retry-After']&.to_f || 0)
+
+        call(req, attempts: attempts)
+      end
+
+      # @param request [Request]
+      #
+      # @return [HTTP::Response]
+      private def send(request)
+        req = request
+
+        @http.headers(req.http_headers).__send__(req.http_method, req.url, req.options)
+      end
+
+      # @param request [Request]
+      def log_request(request)
+        req = request
+
+        Shopify.config.logger.info('<%s> [%i] %s %s %s' % [
+          self.class.to_s,
+          req.object_id,
+          req.http_method.to_s.upcase,
+          req.url,
+          req.options[:params]&.to_json || '{}',
+        ])
+      end
+
+      # @param request [Request]
+      # @param response [Response]
+      def log_response(request, response)
+        req = request
+        res = response
+
+        Shopify.config.logger.info('<%s> [%i] %i (%s)' % [
+          self.class.to_s,
+          req.object_id,
+          res.status_code,
+          res.headers['X-Shopify-Shop-Api-Call-Limit'],
+        ])
+      end
+
+      # @return [Integer]
+      private def default_attempts
+        3
+      end
+    end
+  end
+end

data/lib/lucid/shopify/throttled_strategy.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+require 'lucid/shopify'
+
+module Lucid
+  module Shopify
+    # Maintain API call limit throttling across a single thread.
+    class ThrottledStrategy
+      MINIMUM_INTERVAL = 500 # ms
+
+      # @param request [Request]
+      #
+      # @yieldreturn [Response]
+      #
+      # @return [Response]
+      def call(request, &send_request)
+        interval(build_interval_key(request))
+
+        send_request.()
+      end
+
+      # If time since the last request < {MINIMUM_INTERVAL}, then sleep for the
+      # difference.
+      #
+      # @param interval_key [String]
+      private def interval(interval_key)
+        if Thread.current[interval_key]
+          (timestamp - Thread.current[interval_key]).tap do |n|
+            sleep(Rational(MINIMUM_INTERVAL - n, 1000)) if n < MINIMUM_INTERVAL
+          end
+        end
+
+        Thread.current[interval_key] = timestamp
+      end
+
+      # @param request [Request]
+      #
+      # @return [String]
+      private def build_interval_key(request)
+        '%s[%s].timestamp' % [self.class, request.credentials.myshopify_domain]
+      end
+
+      # Time in milliseconds since the UNIX epoch.
+      #
+      # @return [Integer]
+      private def timestamp
+        (Time.now.to_f * 1000).to_i
+      end
+    end
+  end
+end

data/lib/lucid/shopify/types.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Lucid
+  module Shopify
+    module Types
+      include Dry.Types(default: :strict)
+
+      Logger = Instance(Logger)
+    end
+  end
+end

data/lib/lucid/shopify/verify_callback.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+require 'openssl'
+
+require 'lucid/shopify'
+
+module Lucid
+  module Shopify
+    class VerifyCallback
+      Error = Class.new(Error)
+
+      # Verify that the callback request originated from Shopify.
+      #
+      # @param params [Hash] the request params
+      #
+      # @raise [Error] if signature is invalid
+      def call(params)
+        params = params.to_h.transform_keys(&:to_s)
+        digest = OpenSSL::Digest::SHA256.new
+        digest = OpenSSL::HMAC.hexdigest(digest, Shopify.config.shared_secret, encoded_params(params))
+
+        raise Error, 'invalid signature' unless digest == params['hmac']
+      end
+
+      # @param params [Hash]
+      #
+      # @return [String]
+      private def encoded_params(params)
+        params.reject do |k, _|
+          k == 'hmac'
+        end.map do |k, v|
+          [].tap do |param|
+            param << k.gsub(/./) { |c| encode_key(c) }
+            param << '='
+            param << v.gsub(/./) { |c| encode_val(c) }
+          end.join
+        end.join('&')
+      end
+
+      # @param chr [String]
+      #
+      # @return [String]
+      private def encode_key(chr)
+        {'%' => '%25', '&' => '%26', '=' => '%3D'}[chr] || chr
+      end
+
+      # @param chr [String]
+      #
+      # @return [String]
+      private def encode_val(chr)
+        {'%' => '%25', '&' => '%26'}[chr] || chr
+      end
+    end
+  end
+end

data/lib/lucid/shopify/verify_webhook.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+require 'base64'
+require 'openssl'
+
+require 'lucid/shopify'
+
+module Lucid
+  module Shopify
+    class VerifyWebhook
+      Error = Class.new(Error)
+
+      # Verify that the webhook request originated from Shopify.
+      #
+      # @param data [String] the signed request data
+      # @param hmac [String] the signature
+      #
+      # @raise [Error] if signature is invalid
+      def call(data, hmac)
+        digest = OpenSSL::Digest::SHA256.new
+        digest = OpenSSL::HMAC.digest(digest, Shopify.config.shared_secret, data)
+        digest = Base64.encode64(digest).strip
+
+        raise Error, 'invalid signature' unless digest == hmac
+      end
+    end
+  end
+end

data/lib/lucid/shopify/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Lucid
+  module Shopify
+    VERSION = '0.34.0'
+  end
+end

data/lib/lucid/shopify/webhook.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+require 'json'
+
+require 'lucid/shopify'
+
+module Lucid
+  module Shopify
+    class Webhook
+      extend Dry::Initializer
+
+      # @return [String]
+      param :myshopify_domain
+      # @return [String]
+      param :topic
+      # @return [String]
+      param :data
+
+      # @return [Hash]
+      def data_hash
+        @data_hash ||= JSON.parse(data)
+      rescue JSON::ParserError
+        {}
+      end
+
+      # @see Hash#each
+      def each(&block)
+        data_hash.each(&block)
+      end
+
+      # @param key [String]
+      #
+      # @return [Object]
+      def [](key)
+        data_hash[key]
+      end
+
+      alias_method :to_h, :data_hash
+
+      # @return [Hash]
+      def as_json(*)
+        to_h
+      end
+
+      # @return [String]
+      def to_json(*args)
+        as_json.to_json(*args)
+      end
+    end
+  end
+end

data/lib/lucid/shopify/webhook_handler_list.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+module Lucid
+  module Shopify
+    class WebhookHandlerList
+      def initialize
+        @handlers = {}
+      end
+
+      # Register a handler for a webhook topic. The callable handler should
+      # receive a single {Webhook} argument.
+      #
+      # @param topic [String]
+      # @param handler [#call]
+      def register(topic, handler = nil, &block)
+        raise ArgumentError unless nil ^ handler ^ block
+
+        handler = block if block
+
+        @handlers[topic] ||= []
+        @handlers[topic] << handler
+
+        nil
+      end
+
+      # @param topic [String]
+      def [](topic)
+        @handlers[topic] || []
+      end
+
+      # Call each of the handlers registered for the given topic in turn.
+      #
+      # @param webhook [Webhook]
+      def delegate(webhook)
+        self[webhook.topic].each { |handler| handler.(webhook) }
+      end
+    end
+  end
+end

data/lib/lucid/shopify/webhook_list.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+module Lucid
+  module Shopify
+    class WebhookList
+      include Enumerable
+
+      def initialize
+        @webhooks = []
+      end
+
+      # @yield [Hash]
+      def each(&block)
+        @webhooks.each(&block)
+      end
+
+      # @param topic [String]
+      # @param fields [String] e.g. 'id,tags'
+      def register(topic, fields: nil)
+        @webhooks << {}.tap do |webhook|
+          webhook[:topic] = topic
+          webhook[:fields] = fields if fields
+        end
+
+        nil
+      end
+    end
+  end
+end