RubyGems - omniauth-shopify-app - Versions diffs - 1.0.0 - Mend

omniauth-shopify-app 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

checksums.yaml +7 -0
data/.github/workflows/build.yml +25 -0
data/.gitignore +4 -0
data/Gemfile +8 -0
data/README.md +107 -0
data/Rakefile +9 -0
data/example/Gemfile +6 -0
data/example/config.ru +68 -0
data/lib/omniauth/shopify/encryptor.rb +121 -0
data/lib/omniauth/shopify/oauth_session.rb +81 -0
data/lib/omniauth/shopify/version.rb +5 -0
data/lib/omniauth/shopify.rb +3 -0
data/lib/omniauth/strategies/shopify.rb +310 -0
data/lib/omniauth-shopify-app.rb +1 -0
data/omniauth-shopify-app.gemspec +32 -0
data/test/integration_test.rb +486 -0
data/test/test_helper.rb +16 -0
metadata +194 -0

data/test/integration_test.rb ADDED Viewed

@@ -0,0 +1,486 @@
+require_relative 'test_helper'
+class IntegrationTest < Minitest::Test
+  def setup
+    build_app(scope: OmniAuth::Strategies::Shopify::DEFAULT_SCOPE)
+  end
+  def teardown
+    FakeWeb.clean_registry
+    FakeWeb.last_request = nil
+  end
+  def test_authorize
+    response = authorize('snowdevil.myshopify.com')
+    assert_equal 302, response.status
+    assert_match %r{\A#{Regexp.quote(shopify_authorize_url)}}, response.location
+    redirect_params = Rack::Utils.parse_query(URI(response.location).query)
+    assert_equal "123", redirect_params['client_id']
+    assert_equal "https://app.example.com/auth/shopify/callback", redirect_params['redirect_uri']
+    assert_equal "read_products", redirect_params['scope']
+    assert_nil redirect_params['grant_options']
+  end
+  def test_authorize_includes_auth_type_when_per_user_permissions_are_requested
+    build_app(per_user_permissions: true)
+    response = authorize('snowdevil.myshopify.com')
+    redirect_params = Rack::Utils.parse_query(URI(response.location).query)
+    assert_equal 'per-user', redirect_params['grant_options[]']
+  end
+  def test_authorize_overrides_site_with_https_scheme
+    build_app setup: lambda { |env|
+      params = Rack::Utils.parse_query(env['QUERY_STRING'])
+      env['omniauth.strategy'].options[:client_options][:site] = "http://#{params['shop']}"
+    }
+    response = request.get('https://app.example.com/auth/shopify?shop=snowdevil.myshopify.com')
+    assert_match %r{\A#{Regexp.quote(shopify_authorize_url)}}, response.location
+  end
+  def test_site_validation
+    code = SecureRandom.hex(16)
+    [
+      'foo.example.com',                # shop doesn't end with .myshopify.com
+      'http://snowdevil.myshopify.com', # shop contains protocol
+      'snowdevil.myshopify.com/path',   # shop contains path
+      'user@snowdevil.myshopify.com',   # shop contains user
+      'snowdevil.myshopify.com:22',     # shop contains port
+    ].each do |shop, valid|
+      @shop = shop
+      response = authorize(shop)
+      assert_auth_failure(response, 'invalid_site')
+      response = callback(sign_with_new_secret(shop: shop, code: code))
+      assert_auth_failure(response, 'invalid_site')
+    end
+  end
+  def test_callback
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, OmniAuth::Strategies::Shopify::DEFAULT_SCOPE)
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_callback_success(response, access_token, code)
+  end
+  def test_callback_with_legacy_signature
+    build_app scope: OmniAuth::Strategies::Shopify::DEFAULT_SCOPE
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, OmniAuth::Strategies::Shopify::DEFAULT_SCOPE)
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]).merge(signature: 'ignored'))
+    assert_callback_success(response, access_token, code)
+  end
+  def test_callback_custom_params
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, OmniAuth::Strategies::Shopify::DEFAULT_SCOPE)
+    now = Time.now.to_i
+    params = { shop: 'snowdevil.myshopify.com', code: code, timestamp: now, next: '/products?page=2&q=red%20shirt', state: opts["rack.session"]["omniauth.state"] }
+    encoded_params = "code=#{code}&next=%2Fproducts%3Fpage%3D2%26q%3Dred%2520shirt&shop=snowdevil.myshopify.com&state=#{opts["rack.session"]["omniauth.state"]}&timestamp=#{now}"
+    params[:hmac] = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, @secret, encoded_params)
+    response = callback(params)
+    assert_callback_success(response, access_token, code)
+  end
+  def test_callback_with_spaces_in_scope
+    build_app scope: 'write_products, read_orders'
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, 'read_orders,write_products')
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_callback_success(response, access_token, code)
+  end
+  def test_callback_rejects_invalid_hmac
+    @secret = 'wrong_secret'
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: SecureRandom.hex(16)))
+    assert_auth_failure(response, 'invalid_signature')
+  end
+  def test_callback_rejects_old_timestamps
+    expired_timestamp = Time.now.to_i - OmniAuth::Strategies::Shopify::CODE_EXPIRES_AFTER - 1
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: SecureRandom.hex(16), timestamp: expired_timestamp))
+    assert_auth_failure(response, 'invalid_signature')
+  end
+  def test_callback_rejects_missing_hmac
+    code = SecureRandom.hex(16)
+    response = callback(shop: 'snowdevil.myshopify.com', code: code, timestamp: Time.now.to_i)
+    assert_auth_failure(response, 'invalid_signature')
+  end
+  def test_callback_rejects_body_params
+    code = SecureRandom.hex(16)
+    params = sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code)
+    body = Rack::Utils.build_nested_query(unsigned: 'value')
+    response = request.get("https://app.example.com/auth/shopify/callback?#{Rack::Utils.build_query(params)}",
+                           input: body,
+                           "CONTENT_TYPE" => 'application/x-www-form-urlencoded',
+                           'rack.session' => {
+                              'shopify.omniauth_params' => { shop: 'snowdevil.myshopify.com' }
+                            })
+    assert_auth_failure(response, 'invalid_signature')
+  end
+  def test_provider_options
+    build_app scope: 'read_products,read_orders,write_content',
+              callback_path: '/admin/auth/legacy/callback',
+              myshopify_domain: 'myshopify.dev:3000',
+              setup: lambda { |env|
+                shop = Rack::Request.new(env).GET['shop']
+                shop += ".myshopify.dev:3000" unless shop.include?(".")
+                env['omniauth.strategy'].options[:client_options][:site] = "https://#{shop}"
+              }
+    response = request.get("https://app.example.com/auth/shopify?shop=snowdevil.myshopify.dev:3000")
+    assert_equal 302, response.status
+    assert_match %r{\A#{Regexp.quote("https://snowdevil.myshopify.dev:3000/admin/oauth/authorize?")}}, response.location
+    redirect_params = Rack::Utils.parse_query(URI(response.location).query)
+    assert_equal 'read_products,read_orders,write_content', redirect_params['scope']
+    assert_equal 'https://app.example.com/admin/auth/legacy/callback', redirect_params['redirect_uri']
+  end
+  def test_default_setup_reads_shop_from_session
+    build_app
+    response = authorize('snowdevil.myshopify.com')
+    assert_equal 302, response.status
+    assert_match %r{\A#{Regexp.quote("https://snowdevil.myshopify.com/admin/oauth/authorize?")}}, response.location
+    redirect_params = Rack::Utils.parse_query(URI(response.location).query)
+    assert_equal 'https://app.example.com/auth/shopify/callback', redirect_params['redirect_uri']
+  end
+  def test_default_setup_reads_shop_from_params
+    build_app
+    response = request.get('https://app.example.com/auth/shopify?shop=snowdevil.myshopify.com', opts)
+    assert_equal 302, response.status
+    assert_match %r{\A#{Regexp.quote("https://snowdevil.myshopify.com/admin/oauth/authorize?")}}, response.location
+    redirect_params = Rack::Utils.parse_query(URI(response.location).query)
+    assert_equal 'https://app.example.com/auth/shopify/callback', redirect_params['redirect_uri']
+  end
+  def test_unnecessary_read_scopes_are_removed
+    build_app scope: 'read_content,read_products,write_products,unauthenticated_read_checkouts,unauthenticated_write_checkouts',
+              callback_path: '/admin/auth/legacy/callback',
+              myshopify_domain: 'myshopify.dev:3000',
+              setup: lambda { |env|
+                shop = Rack::Request.new(env).GET['shop']
+                env['omniauth.strategy'].options[:client_options][:site] = "https://#{shop}"
+              }
+    response = request.get("https://app.example.com/auth/shopify?shop=snowdevil.myshopify.dev:3000")
+    assert_equal 302, response.status
+    redirect_params = Rack::Utils.parse_query(URI(response.location).query)
+    assert_equal 'read_content,write_products,unauthenticated_write_checkouts', redirect_params['scope']
+  end
+  def test_callback_with_invalid_state_fails
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, OmniAuth::Strategies::Shopify::DEFAULT_SCOPE)
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: 'invalid'))
+    assert_equal 302, response.status
+    assert_equal '/auth/failure?message=csrf_detected&strategy=shopify', response.location
+  end
+  def test_callback_with_mismatching_scope_succeeds
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, 'some_invalid_scope', nil)
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_callback_success(response, access_token, code)
+  end
+  def test_callback_with_no_scope_succeeds
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, nil)
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_callback_success(response, access_token, code)
+  end
+  def test_callback_with_missing_access_scope_succeeds
+    build_app scope: 'first_scope,second_scope'
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, 'first_scope')
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_callback_success(response, access_token, code)
+  end
+  def test_callback_with_extra_access_scope_succeeds
+    build_app scope: 'first_scope,second_scope'
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, 'second_scope,first_scope,third_scope')
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_callback_success(response, access_token, code)
+  end
+  def test_callback_with_scopes_out_of_order_works
+    build_app scope: 'first_scope,second_scope'
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, 'second_scope,first_scope')
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_callback_success(response, access_token, code)
+  end
+  def test_callback_with_duplicate_read_scopes_works
+    build_app scope: 'read_products,write_products,unauthenticated_read_products,unauthenticated_write_products'
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, 'write_products,unauthenticated_write_products')
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_callback_success(response, access_token, code)
+  end
+  def test_callback_with_extra_coma_works
+    build_app scope: 'read_content,,write_products,'
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, 'read_content,write_products')
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_callback_success(response, access_token, code)
+  end
+  def test_callback_when_per_user_permissions_are_present_but_not_requested
+    build_app(scope: 'scope', per_user_permissions: false)
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, 'scope', { id: 1, email: 'bob@bobsen.com'})
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_equal 302, response.status
+    assert_equal '/auth/failure?message=invalid_permissions&strategy=shopify', response.location
+  end
+  def test_callback_when_per_user_permissions_are_not_present_and_options_is_nil
+    build_app(scope: 'scope', per_user_permissions: nil)
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, 'scope', nil)
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_callback_success(response, access_token, code)
+  end
+  def test_callback_when_per_user_permissions_are_not_present_but_requested
+    build_app(scope: 'scope', per_user_permissions: true)
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, 'scope', nil)
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_equal 302, response.status
+    assert_equal '/auth/failure?message=invalid_permissions&strategy=shopify', response.location
+  end
+  def test_callback_works_when_per_user_permissions_are_present_and_requested
+    build_app(scope: 'scope', per_user_permissions: true)
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, 'scope', { id: 1, email: 'bob@bobsen.com'})
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_equal 200, response.status
+  end
+  def test_callback_when_a_session_is_present
+    build_app(scope: 'scope', per_user_permissions: true)
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    session = SecureRandom.hex
+    expect_access_token_request(access_token, 'scope', { id: 1, email: 'bob@bobsen.com'}, session)
+    response = callback(sign_with_new_secret(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
+    assert_equal 200, response.status
+  end
+  def test_callback_works_with_old_secret
+    build_app scope: OmniAuth::Strategies::Shopify::DEFAULT_SCOPE
+    access_token = SecureRandom.hex(16)
+    code = SecureRandom.hex(16)
+    expect_access_token_request(access_token, OmniAuth::Strategies::Shopify::DEFAULT_SCOPE)
+    signed_params = sign_with_old_secret(
+      shop: 'snowdevil.myshopify.com',
+      code: code,
+      state: opts["rack.session"]["omniauth.state"]
+    )
+    response = callback(signed_params)
+    assert_callback_success(response, access_token, code)
+  end
+  def test_callback_when_creds_are_invalid
+    build_app scope: OmniAuth::Strategies::Shopify::DEFAULT_SCOPE
+    FakeWeb.register_uri(
+      :post,
+      %r{snowdevil.myshopify.com/admin/oauth/access_token},
+      status: [ "401", "Invalid token" ],
+      body: "Token is invalid or has already been requested"
+    )
+    signed_params = sign_with_new_secret(
+      shop: 'snowdevil.myshopify.com',
+      code: SecureRandom.hex(16),
+      state: opts["rack.session"]["omniauth.state"]
+    )
+    response = callback(signed_params)
+    assert_equal 302, response.status
+    assert_equal '/auth/failure?message=invalid_credentials&strategy=shopify', response.location
+  end
+  private
+  def sign_with_old_secret(params)
+    params = add_time(params)
+    encoded_params = OmniAuth::Strategies::Shopify.encoded_params_for_signature(params)
+    params['hmac'] = OmniAuth::Strategies::Shopify.hmac_sign(encoded_params, @old_secret)
+    params
+  end
+  def add_time(params)
+    params = params.dup
+    params[:timestamp] ||= Time.now.to_i
+    params
+  end
+  def sign_with_new_secret(params)
+    params = add_time(params)
+    encoded_params = OmniAuth::Strategies::Shopify.encoded_params_for_signature(params)
+    params['hmac'] = OmniAuth::Strategies::Shopify.hmac_sign(encoded_params, @secret)
+    params
+  end
+  def expect_access_token_request(access_token, scope, associated_user=nil, session=nil)
+    FakeWeb.register_uri(:post, %r{snowdevil.myshopify.com/admin/oauth/access_token},
+                         body: JSON.dump(
+                           access_token: access_token,
+                           scope: scope,
+                           associated_user: associated_user,
+                           session: session,
+                         ),
+                         content_type: 'application/json')
+  end
+  def assert_callback_success(response, access_token, code)
+    credentials = ::Base64.decode64(FakeWeb.last_request['authorization'].split(" ", 2)[1] || "")
+    assert_equal "123:#{@secret}", credentials
+    token_request_params = Rack::Utils.parse_query(FakeWeb.last_request.body)
+    assert_equal code, token_request_params['code']
+    assert_equal 'snowdevil.myshopify.com', @omniauth_result.uid
+    assert_equal access_token, @omniauth_result.credentials.token
+    assert_equal false, @omniauth_result.credentials.expires
+    assert_equal 200, response.status
+    assert_equal "OK", response.body
+  end
+  def assert_auth_failure(response, reason)
+    assert_nil FakeWeb.last_request
+    assert_equal 302, response.status
+    assert_match %r{\A#{Regexp.quote("/auth/failure?message=#{reason}")}}, response.location
+  end
+  def build_app(options={})
+    @old_secret = '12d34s1'
+    @secret = '53cr3tz'
+    options.merge!(old_client_secret: @old_secret)
+    app = proc { |env|
+      @omniauth_result = env['omniauth.auth']
+      [200, {Rack::CONTENT_TYPE => "text/plain"}, "OK"]
+    }
+    opts["rack.session"]["omniauth.state"] = SecureRandom.hex(32)
+    app = OmniAuth::Builder.new(app) do
+      provider :shopify, '123', '53cr3tz' , options
+    end
+    @app = Rack::Session::Cookie.new(app, secret: SecureRandom.hex(64))
+  end
+  def shop
+    @shop ||= 'snowdevil.myshopify.com'
+  end
+  def authorize(shop)
+    @opts['rack.session']['shopify.omniauth_params'] = { shop: shop }
+    request.get('https://app.example.com/auth/shopify', opts)
+  end
+  def callback(params)
+    @opts['rack.session']['shopify.omniauth_params'] = { shop: shop }
+    request.get("https://app.example.com/auth/shopify/callback?#{Rack::Utils.build_query(params)}", opts)
+  end
+  def opts
+    @opts ||= { "rack.session" => {} }
+  end
+  def request
+    Rack::MockRequest.new(@app)
+  end
+  def shopify_authorize_url
+    "https://snowdevil.myshopify.com/admin/oauth/authorize?"
+  end
+end

data/test/test_helper.rb ADDED Viewed

@@ -0,0 +1,16 @@
+$: << File.expand_path("../../lib", __FILE__)
+require 'bundler/setup'
+require 'omniauth-shopify-app'
+require 'minitest/autorun'
+require 'minitest/focus'
+require 'rack/session'
+require 'fakeweb'
+require 'json'
+require 'active_support/core_ext/hash'
+require 'byebug'
+OmniAuth.config.logger = Logger.new(nil)
+OmniAuth.config.allowed_request_methods = [:post, :get]
+FakeWeb.allow_net_connect = false

metadata ADDED Viewed

@@ -0,0 +1,194 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-shopify-app
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Hopper Gee
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2024-06-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.4'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.4'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.6'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.9.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.9.0
+- !ruby/object:Gem::Dependency
+  name: fakeweb
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rack-session
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest-focus
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description:
+email:
+- hopper.gee@hey.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".github/workflows/build.yml"
+- ".gitignore"
+- Gemfile
+- README.md
+- Rakefile
+- example/Gemfile
+- example/config.ru
+- lib/omniauth-shopify-app.rb
+- lib/omniauth/shopify.rb
+- lib/omniauth/shopify/encryptor.rb
+- lib/omniauth/shopify/oauth_session.rb
+- lib/omniauth/shopify/version.rb
+- lib/omniauth/strategies/shopify.rb
+- omniauth-shopify-app.gemspec
+- test/integration_test.rb
+- test/test_helper.rb
+homepage: https://github.com/OldWayShopifyDev/omniauth-shopify-app
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.1.9
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.3.26
+signing_key:
+specification_version: 4
+summary: Shopify strategy for OmniAuth
+test_files:
+- test/integration_test.rb
+- test/test_helper.rb