omniauth-shopify-oauth2 1.1.12 → 1.1.13

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 753ea51893552576c2eebc375147568613694af8
4
- data.tar.gz: a2c1d077db0e9f08bba5a4626247467ce41d0145
3
+ metadata.gz: 302968d8c7499cf54d89ef0b5b53549911545743
4
+ data.tar.gz: 20b3c6e2381e5229e0a00166568426416cff46f8
5
5
  SHA512:
6
- metadata.gz: 3b9f5917e02733e066f6f83a253ffc45bf2ad48b0b77c1ee1645451d171cdcb4cf1f7ec546030042690259411e04d406208a398bf58b733a2d37244a80edf616
7
- data.tar.gz: 76c7448c74383acb722f98759f9a0762f3b3955f4eb91bbf610ae4c2da2a2b128065faaafa1e004ce5a06f5864c171594e58147478bb64c4ff27ee1f2609daaf
6
+ metadata.gz: a99dc64abd740de41d62508b0939fa62f7b1b69f3e4fee52e40c8996440155d9f69a607cf844a915543257c751440bff2ed9d5207ea9bd00df830a7e7173f041
7
+ data.tar.gz: 31a0d25400a590a03f8ce4d09c5f05a7caf46480b344c856929dce9a7cf8ecaba2c2a78ec2c81d7fba8c28a022b158ecf58e14c06329834decd78b5536741bcd
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module Shopify
3
- VERSION = "1.1.12"
3
+ VERSION = "1.1.13"
4
4
  end
5
5
  end
@@ -49,7 +49,8 @@ module OmniAuth
49
49
  def valid_scope?(token)
50
50
  params = options.authorize_params.merge(options_for("authorize"))
51
51
  return false unless token && params[:scope] && token['scope']
52
- (params[:scope].split(',').sort == token['scope'].split(',').sort)
52
+ expected_scope = params[:scope].split(',').map(&:strip).reject(&:empty?).uniq.sort
53
+ (expected_scope == token['scope'].split(',').sort)
53
54
  end
54
55
 
55
56
  def self.encoded_params_for_signature(params)
@@ -85,6 +85,17 @@ class IntegrationTest < Minitest::Test
85
85
  assert_callback_success(response, access_token, code)
86
86
  end
87
87
 
88
+ def test_callback_with_spaces_in_scope
89
+ build_app scope: 'write_products, read_orders'
90
+ access_token = SecureRandom.hex(16)
91
+ code = SecureRandom.hex(16)
92
+ expect_access_token_request(access_token, 'read_orders,write_products')
93
+
94
+ response = callback(sign_params(shop: 'snowdevil.myshopify.com', code: code, state: opts["rack.session"]["omniauth.state"]))
95
+
96
+ assert_callback_success(response, access_token, code)
97
+ end
98
+
88
99
  def test_callback_rejects_invalid_hmac
89
100
  @secret = 'wrong_secret'
90
101
  response = callback(sign_params(shop: 'snowdevil.myshopify.com', code: SecureRandom.hex(16)))
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-shopify-oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.12
4
+ version: 1.1.13
5
5
  platform: ruby
6
6
  authors:
7
7
  - Denis Odorcic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-02-17 00:00:00.000000000 Z
11
+ date: 2016-02-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: omniauth-oauth2