omniauth-shopify-oauth2 1.0.0

data/.gitignore

@@ -0,0 +1 @@
+pkg/*

data/Gemfile

@@ -0,0 +1,3 @@
+source :rubygems
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,45 @@
+PATH
+  remote: .
+  specs:
+    omniauth-shopify-oauth2 (1.0.0)
+      omniauth-oauth2 (~> 1.0.0)
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    addressable (2.2.6)
+    diff-lcs (1.1.3)
+    faraday (0.7.6)
+      addressable (~> 2.2)
+      multipart-post (~> 1.1)
+      rack (~> 1.1)
+    hashie (1.2.0)
+    multi_json (1.0.4)
+    multipart-post (1.1.4)
+    oauth2 (0.5.2)
+      faraday (~> 0.7)
+      multi_json (~> 1.0)
+    omniauth (1.0.2)
+      hashie (~> 1.2)
+      rack
+    omniauth-oauth2 (1.0.0)
+      oauth2 (~> 0.5.0)
+      omniauth (~> 1.0)
+    rack (1.4.1)
+    rake (0.9.2.2)
+    rspec (2.7.0)
+      rspec-core (~> 2.7.0)
+      rspec-expectations (~> 2.7.0)
+      rspec-mocks (~> 2.7.0)
+    rspec-core (2.7.1)
+    rspec-expectations (2.7.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.7.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  omniauth-shopify-oauth2!
+  rake
+  rspec (~> 2.7.0)

data/README.md

@@ -0,0 +1,67 @@
+# OmniAuth Shopify
+
+Shopify OAuth2 Strategy for OmniAuth 1.0.
+
+## Installing
+
+Add to your `Gemfile`:
+
+```ruby
+gem 'omniauth-shopify-oauth2'
+```
+
+Then `bundle install`.
+
+## Usage
+
+`OmniAuth::Strategies::Shopify` is simply a Rack middleware. Read the OmniAuth 1.0 docs for detailed instructions: https://github.com/intridea/omniauth.
+
+Here's a quick example, adding the middleware to a Rails app in `config/initializers/omniauth.rb`:
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :shopify, ENV['SHOPIFY_API_KEY'], ENV['SHOPIFY_SHARED_SECRET']
+end
+```
+
+## Configuring
+
+You can configure the scope, which you pass in to the `provider` method via a `Hash`:
+
+* `scope`: A comma-separated list of permissions you want to request from the user. See the Shopify API docs for a full list of available permissions: http://api.shopify.com.
+
+* `setup`: A lambda which dynamically sets the `site`. You must initiate the omniauth process by passing in a shop query parameter of the shop you're requesting permissions for. Ex. http://myapp.com/auth/shopify?shop=example.myshopify.com
+
+For example, to request `read_products`, `read_orders` and `write_content` permissions and display the authentication page:
+
+```ruby
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :shopify, ENV['SHOPIFY_API_KEY'], ENV['SHOPIFY_SHARED_SECRET'],
+            :scope => 'read_products,read_orders,write_content',
+            :setup => lambda { |env| params = Rack::Utils.parse_query(env['QUERY_STRING'])
+                                     env['omniauth.strategy'].options[:client_options][:site] = "http://#{params['shop']}" }
+end
+```
+
+## Authentication Hash
+
+Here's an example *Authentication Hash* available in `request.env['omniauth.auth']`:
+
+```ruby
+{
+  :provider => 'shopify',
+  :credentials => {
+    :token => 'afasd923kjh0934kf', # OAuth 2.0 access_token, which you store and use to authenticate API requests
+  }
+}
+```
+
+## License
+
+Copyright (c) 2012 by Denis Odorcic
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,6 @@
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/example/Gemfile

@@ -0,0 +1,6 @@
+source :rubygems
+
+gem 'rack'
+
+gem 'sinatra'
+gem 'omniauth-shopify-oauth2', :path => '../'

data/example/Gemfile.lock

@@ -0,0 +1,42 @@
+PATH
+  remote: ../
+  specs:
+    omniauth-shopify-oauth2 (1.0.0)
+      omniauth-oauth2 (~> 1.0.0)
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    addressable (2.2.6)
+    faraday (0.7.6)
+      addressable (~> 2.2)
+      multipart-post (~> 1.1)
+      rack (~> 1.1)
+    hashie (1.2.0)
+    multi_json (1.0.4)
+    multipart-post (1.1.4)
+    oauth2 (0.5.2)
+      faraday (~> 0.7)
+      multi_json (~> 1.0)
+    omniauth (1.0.2)
+      hashie (~> 1.2)
+      rack
+    omniauth-oauth2 (1.0.0)
+      oauth2 (~> 0.5.0)
+      omniauth (~> 1.0)
+    rack (1.4.1)
+    rack-protection (1.2.0)
+      rack
+    sinatra (1.3.2)
+      rack (~> 1.3, >= 1.3.6)
+      rack-protection (~> 1.2)
+      tilt (~> 1.3, >= 1.3.3)
+    tilt (1.3.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  omniauth-shopify-oauth2!
+  rack
+  sinatra

data/example/config.ru

@@ -0,0 +1,46 @@
+require 'bundler/setup'
+require 'sinatra/base'
+require 'omniauth-shopify-oauth2'
+
+SCOPE = 'read_products,read_orders,read_customers,write_shipping'
+
+class App < Sinatra::Base
+  get '/auth/:provider/callback' do
+    <<-HTML
+    <html>
+    <head>
+      <title>Shopify Oauth2</title>
+    </head>
+    <body>
+      <h3>Authorized</h3>
+      <p>Token: #{request.env['omniauth.auth']['credentials']['token']}</p>
+    </body>
+    </html>
+    HTML
+  end
+
+  get '/auth/failure' do
+    <<-HTML
+    <html>
+    <head>
+      <title>Shopify Oauth2</title>
+    </head>
+    <body>
+      <h3>Failed Authorization</h3>
+      <p>Message: #{params[:message]}</p>
+    </body>
+    </html>
+    HTML
+  end
+end
+
+use Rack::Session::Cookie
+
+use OmniAuth::Builder do
+  provider :shopify, ENV['SHOPIFY_API_KEY'], ENV['SHOPIFY_SHARED_SECRET'],
+           :scope => SCOPE,
+           :setup => lambda { |env| params = Rack::Utils.parse_query(env['QUERY_STRING'])
+                                    env['omniauth.strategy'].options[:client_options][:site] = "https://#{params['shop']}" }
+end
+
+run App.new

data/lib/omniauth-shopify-oauth2.rb

@@ -0,0 +1 @@
+require 'omniauth/shopify'

data/lib/omniauth/shopify.rb

@@ -0,0 +1,2 @@
+require 'omniauth/shopify/version'
+require 'omniauth/strategies/shopify'

data/lib/omniauth/shopify/version.rb

@@ -0,0 +1,5 @@
+module OmniAuth
+  module Shopify
+    VERSION = "1.0.0"
+  end
+end

data/lib/omniauth/strategies/shopify.rb

@@ -0,0 +1,28 @@
+require 'omniauth/strategies/oauth2'
+
+module OmniAuth
+  module Strategies
+    class Shopify < OmniAuth::Strategies::OAuth2
+      # Available scopes: content themes products customers orders script_tags shipping
+      # read_*  or write_*
+      DEFAULT_SCOPE = 'read_products'
+
+      option :client_options, {
+        :authorize_url => '/admin/oauth/authorize',
+        :token_url => '/admin/oauth/access_token'
+      }
+
+      option :callback_url
+
+      def authorize_params
+        super.tap do |params|
+          params[:scope] ||= DEFAULT_SCOPE
+        end
+      end
+
+      def callback_url
+        options.callback_url || super
+      end
+    end
+  end
+end

data/omniauth-shopify-oauth2.gemspec

@@ -0,0 +1,22 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path('../lib', __FILE__)
+require 'omniauth/shopify/version'
+
+Gem::Specification.new do |s|
+  s.name     = 'omniauth-shopify-oauth2'
+  s.version  = OmniAuth::Shopify::VERSION
+  s.authors  = ['Denis Odorcic']
+  s.email    = ['denis.odorcic@shopify.com']
+  s.summary  = 'Shopify strategy for OmniAuth'
+  s.homepage = 'https://github.com/Shopify/omniauth-shopify-oauth2'
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
+  s.require_paths = ['lib']
+
+  s.add_runtime_dependency 'omniauth-oauth2', '~> 1.0.0'
+
+  s.add_development_dependency 'rspec', '~> 2.7.0'
+  s.add_development_dependency 'rake'
+end

data/spec/omniauth/strategies/shopify_spec.rb

@@ -0,0 +1,92 @@
+require 'spec_helper'
+require 'omniauth-shopify-oauth2'
+require 'base64'
+
+describe OmniAuth::Strategies::Shopify do
+  before :each do
+    @request = double('Request')
+    @request.stub(:params) { {} }
+    @request.stub(:cookies) { {} }
+
+    @client_id = '123'
+    @client_secret = '53cr3tz'
+    @options = {:client_options => {:site => 'https://example.myshopify.com'}}
+  end
+
+  subject do
+    args = [@client_id, @client_secret, @options].compact
+    OmniAuth::Strategies::Shopify.new(nil, *args).tap do |strategy|
+      strategy.stub(:request) { @request }
+    end
+  end
+
+  describe '#client' do
+    it 'has correct shopify site' do
+      subject.client.site.should eq('https://example.myshopify.com')
+    end
+
+    it 'has correct authorize url' do
+      subject.client.options[:authorize_url].should eq('/admin/oauth/authorize')
+    end
+
+    it 'has correct token url' do
+      subject.client.options[:token_url].should eq('/admin/oauth/access_token')
+    end
+  end
+
+  describe '#callback_url' do
+    it "returns value from #callback_url" do
+      url = 'http://auth.myapp.com/auth/callback'
+      @options = {:callback_url => url}
+      subject.callback_url.should eq(url)
+    end
+
+    it "defaults to callback" do
+      url_base = 'http://auth.request.com'
+      @request.stub(:url) { "#{url_base}/page/path" }
+      subject.stub(:script_name) { "" } # to not depend from Rack env
+      subject.callback_url.should eq("#{url_base}/auth/shopify/callback")
+    end
+  end
+
+  describe '#authorize_params' do
+    it 'includes default scope for read_products' do
+      subject.authorize_params.should be_a(Hash)
+      subject.authorize_params[:scope].should eq('read_products')
+    end
+
+    it 'includes custom scope' do
+      @options = {:scope => 'write_products'}
+      subject.authorize_params.should be_a(Hash)
+      subject.authorize_params[:scope].should eq('write_products')
+    end
+  end
+
+  describe '#credentials' do
+    before :each do
+      @access_token = double('OAuth2::AccessToken')
+      @access_token.stub(:token)
+      @access_token.stub(:expires?)
+      @access_token.stub(:expires_at)
+      @access_token.stub(:refresh_token)
+      subject.stub(:access_token) { @access_token }
+    end
+
+    it 'returns a Hash' do
+      subject.credentials.should be_a(Hash)
+    end
+
+    it 'returns the token' do
+      @access_token.stub(:token) { '123' }
+      subject.credentials['token'].should eq('123')
+    end
+
+    it 'returns the expiry status' do
+      @access_token.stub(:expires?) { true }
+      subject.credentials['expires'].should eq(true)
+
+      @access_token.stub(:expires?) { false }
+      subject.credentials['expires'].should eq(false)
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,6 @@
+require 'bundler/setup'
+require 'rspec'
+Dir[File.expand_path('../support/**/*', __FILE__)].each { |f| require f }
+
+RSpec.configure do |config|
+end

data/spec/support/shared_examples.rb

@@ -0,0 +1,36 @@
+shared_examples 'an oauth2 strategy' do
+  describe '#client' do
+    it 'should be initialized with symbolized client_options' do
+      @options = { :client_options => { 'authorize_url' => 'https://example.com' } }
+      subject.client.options[:authorize_url].should == 'https://example.com'
+    end
+  end
+
+  describe '#authorize_params' do
+    it 'should include any authorize params passed in the :authorize_params option' do
+      @options = { :authorize_params => { :foo => 'bar', :baz => 'zip' } }
+      subject.authorize_params['foo'].should eq('bar')
+      subject.authorize_params['baz'].should eq('zip')
+    end
+
+    it 'should include top-level options that are marked as :authorize_options' do
+      @options = { :authorize_options => [:scope, :foo], :scope => 'bar', :foo => 'baz' }
+      subject.authorize_params['scope'].should eq('bar')
+      subject.authorize_params['foo'].should eq('baz')
+    end
+  end
+
+  describe '#token_params' do
+    it 'should include any token params passed in the :token_params option' do
+      @options = { :token_params => { :foo => 'bar', :baz => 'zip' } }
+      subject.token_params['foo'].should eq('bar')
+      subject.token_params['baz'].should eq('zip')
+    end
+
+    it 'should include top-level options that are marked as :token_options' do
+      @options = { :token_options => [:scope, :foo], :scope => 'bar', :foo => 'baz' }
+      subject.token_params['scope'].should eq('bar')
+      subject.token_params['foo'].should eq('baz')
+    end
+  end
+end

metadata

@@ -0,0 +1,130 @@
+--- !ruby/object:Gem::Specification 
+name: omniauth-shopify-oauth2
+version: !ruby/object:Gem::Version 
+  hash: 23
+  prerelease: 
+  segments: 
+  - 1
+  - 0
+  - 0
+  version: 1.0.0
+platform: ruby
+authors: 
+- Denis Odorcic
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2012-04-05 00:00:00 -04:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: omniauth-oauth2
+  type: :runtime
+  version_requirements: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 23
+        segments: 
+        - 1
+        - 0
+        - 0
+        version: 1.0.0
+  prerelease: false
+  requirement: *id001
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  type: :development
+  version_requirements: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 19
+        segments: 
+        - 2
+        - 7
+        - 0
+        version: 2.7.0
+  prerelease: false
+  requirement: *id002
+- !ruby/object:Gem::Dependency 
+  name: rake
+  type: :development
+  version_requirements: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  prerelease: false
+  requirement: *id003
+description: 
+email: 
+- denis.odorcic@shopify.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- Gemfile.lock
+- README.md
+- Rakefile
+- example/Gemfile
+- example/Gemfile.lock
+- example/config.ru
+- lib/omniauth-shopify-oauth2.rb
+- lib/omniauth/shopify.rb
+- lib/omniauth/shopify/version.rb
+- lib/omniauth/strategies/shopify.rb
+- omniauth-shopify-oauth2.gemspec
+- spec/omniauth/strategies/shopify_spec.rb
+- spec/spec_helper.rb
+- spec/support/shared_examples.rb
+has_rdoc: true
+homepage: https://github.com/Shopify/omniauth-shopify-oauth2
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.5.3
+signing_key: 
+specification_version: 3
+summary: Shopify strategy for OmniAuth
+test_files: 
+- spec/omniauth/strategies/shopify_spec.rb
+- spec/spec_helper.rb
+- spec/support/shared_examples.rb