omniauth-shopify-oauth2 1.2.1 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/probots.yml +2 -0
- data/README.md +15 -0
- data/lib/omniauth/shopify/version.rb +1 -1
- data/lib/omniauth/strategies/shopify.rb +10 -6
- data/omniauth-shopify-oauth2.gemspec +1 -0
- data/test/integration_test.rb +24 -6
- data/test/test_helper.rb +1 -0
- metadata +18 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3c2fdff942824597bca290d63c4d5f2e8ad3fea3
|
|
4
|
+
data.tar.gz: 175291a1282389126084a7d32c2fd7c4965faa9c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f905cd84cc0df6a8b1ef9d61ae432e0aaeb2d88547b77e4ddf5ca09c991ef181d131690a5ec6022553ff31b1246875cc76fd7420911cb463d021f459a72b8b4b
|
|
7
|
+
data.tar.gz: e909527c818473c35ae5e9caf4f3afaffe38e9fdf835fc7bff13fe41c1be8ab2e81f71f1fca02011013d78303d1baccb222fb9e2c6cd7be9704fd9645c668e31
|
data/.github/probots.yml
ADDED
data/README.md
CHANGED
|
@@ -38,6 +38,8 @@ Authenticate the user by having them visit /auth/shopify with a `shop` query par
|
|
|
38
38
|
|
|
39
39
|
## Configuring
|
|
40
40
|
|
|
41
|
+
### Scope
|
|
42
|
+
|
|
41
43
|
You can configure the scope, which you pass in to the `provider` method via a `Hash`:
|
|
42
44
|
|
|
43
45
|
* `scope`: A comma-separated list of permissions you want to request from the user. See [the Shopify API docs](http://docs.shopify.com/api/tutorials/oauth) for a full list of available permissions.
|
|
@@ -50,6 +52,19 @@ Rails.application.config.middleware.use OmniAuth::Builder do
|
|
|
50
52
|
end
|
|
51
53
|
```
|
|
52
54
|
|
|
55
|
+
### Online Access
|
|
56
|
+
|
|
57
|
+
Shopify offers two different types of access tokens: [online access and offline access](https://help.shopify.com/api/getting-started/authentication/oauth/api-access-modes). You can configure for online-access by passing the `per_user_permissions` option:
|
|
58
|
+
|
|
59
|
+
```
|
|
60
|
+
Rails.application.config.middleware.use OmniAuth::Builder do
|
|
61
|
+
provider :shopify, ENV['SHOPIFY_API_KEY'],
|
|
62
|
+
ENV['SHOPIFY_SHARED_SECRET'],
|
|
63
|
+
:scope => 'read_orders',
|
|
64
|
+
:per_user_permissions => true
|
|
65
|
+
end
|
|
66
|
+
```
|
|
67
|
+
|
|
53
68
|
## Authentication Hash
|
|
54
69
|
|
|
55
70
|
Here's an example *Authentication Hash* available in `request.env['omniauth.auth']`:
|
|
@@ -22,13 +22,17 @@ module OmniAuth
|
|
|
22
22
|
# the requested access scope) when making API requests to Shopify.
|
|
23
23
|
option :per_user_permissions, false
|
|
24
24
|
|
|
25
|
-
# When `true`, the authorization phase will fail if the granted scopes
|
|
26
|
-
# mismatch the requested scopes.
|
|
27
|
-
option :validate_granted_scopes, true
|
|
28
|
-
|
|
29
25
|
option :setup, proc { |env|
|
|
30
|
-
|
|
31
|
-
|
|
26
|
+
strategy = env['omniauth.strategy']
|
|
27
|
+
|
|
28
|
+
shopify_auth_params = strategy.session['shopify.omniauth_params'] && strategy.session['shopify.omniauth_params'].with_indifferent_access
|
|
29
|
+
shop = if shopify_auth_params && shopify_auth_params['shop']
|
|
30
|
+
"https://#{shopify_auth_params['shop']}"
|
|
31
|
+
else
|
|
32
|
+
''
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
strategy.options[:client_options][:site] = shop
|
|
32
36
|
}
|
|
33
37
|
|
|
34
38
|
uid { URI.parse(options[:client_options][:site]).host }
|
|
@@ -18,6 +18,7 @@ Gem::Specification.new do |s|
|
|
|
18
18
|
s.required_ruby_version = '>= 2.1.9'
|
|
19
19
|
|
|
20
20
|
s.add_runtime_dependency 'omniauth-oauth2', '~> 1.5.0'
|
|
21
|
+
s.add_runtime_dependency 'activesupport'
|
|
21
22
|
|
|
22
23
|
s.add_development_dependency 'minitest', '~> 5.6'
|
|
23
24
|
s.add_development_dependency 'fakeweb', '~> 1.3'
|
data/test/integration_test.rb
CHANGED
|
@@ -34,7 +34,7 @@ class IntegrationTest < Minitest::Test
|
|
|
34
34
|
env['omniauth.strategy'].options[:client_options][:site] = "http://#{params['shop']}"
|
|
35
35
|
}
|
|
36
36
|
|
|
37
|
-
response =
|
|
37
|
+
response = request.get('https://app.example.com/auth/shopify?shop=snowdevil.myshopify.com')
|
|
38
38
|
assert_match %r{\A#{Regexp.quote(shopify_authorize_url)}}, response.location
|
|
39
39
|
end
|
|
40
40
|
|
|
@@ -48,6 +48,7 @@ class IntegrationTest < Minitest::Test
|
|
|
48
48
|
'user@snowdevil.myshopify.com', # shop contains user
|
|
49
49
|
'snowdevil.myshopify.com:22', # shop contains port
|
|
50
50
|
].each do |shop, valid|
|
|
51
|
+
@shop = shop
|
|
51
52
|
response = authorize(shop)
|
|
52
53
|
assert_auth_failure(response, 'invalid_site')
|
|
53
54
|
|
|
@@ -133,7 +134,10 @@ class IntegrationTest < Minitest::Test
|
|
|
133
134
|
|
|
134
135
|
response = request.get("https://app.example.com/auth/shopify/callback?#{Rack::Utils.build_query(params)}",
|
|
135
136
|
input: body,
|
|
136
|
-
"CONTENT_TYPE" => 'application/x-www-form-urlencoded'
|
|
137
|
+
"CONTENT_TYPE" => 'application/x-www-form-urlencoded',
|
|
138
|
+
'rack.session' => {
|
|
139
|
+
'shopify.omniauth_params' => { shop: 'snowdevil.myshopify.com' }
|
|
140
|
+
})
|
|
137
141
|
|
|
138
142
|
assert_auth_failure(response, 'invalid_signature')
|
|
139
143
|
end
|
|
@@ -148,7 +152,7 @@ class IntegrationTest < Minitest::Test
|
|
|
148
152
|
env['omniauth.strategy'].options[:client_options][:site] = "https://#{shop}"
|
|
149
153
|
}
|
|
150
154
|
|
|
151
|
-
response =
|
|
155
|
+
response = request.get("https://app.example.com/auth/shopify?shop=snowdevil.myshopify.dev:3000")
|
|
152
156
|
assert_equal 302, response.status
|
|
153
157
|
assert_match %r{\A#{Regexp.quote("https://snowdevil.myshopify.dev:3000/admin/oauth/authorize?")}}, response.location
|
|
154
158
|
redirect_params = Rack::Utils.parse_query(URI(response.location).query)
|
|
@@ -156,17 +160,25 @@ class IntegrationTest < Minitest::Test
|
|
|
156
160
|
assert_equal 'https://app.example.com/admin/auth/legacy/callback', redirect_params['redirect_uri']
|
|
157
161
|
end
|
|
158
162
|
|
|
163
|
+
def test_default_setup_reads_shop_from_session
|
|
164
|
+
build_app
|
|
165
|
+
response = authorize('snowdevil.myshopify.com')
|
|
166
|
+
assert_equal 302, response.status
|
|
167
|
+
assert_match %r{\A#{Regexp.quote("https://snowdevil.myshopify.com/admin/oauth/authorize?")}}, response.location
|
|
168
|
+
redirect_params = Rack::Utils.parse_query(URI(response.location).query)
|
|
169
|
+
assert_equal 'https://app.example.com/auth/shopify/callback', redirect_params['redirect_uri']
|
|
170
|
+
end
|
|
171
|
+
|
|
159
172
|
def test_unnecessary_read_scopes_are_removed
|
|
160
173
|
build_app scope: 'read_content,read_products,write_products',
|
|
161
174
|
callback_path: '/admin/auth/legacy/callback',
|
|
162
175
|
myshopify_domain: 'myshopify.dev:3000',
|
|
163
176
|
setup: lambda { |env|
|
|
164
177
|
shop = Rack::Request.new(env).GET['shop']
|
|
165
|
-
shop += ".myshopify.dev:3000" unless shop.include?(".")
|
|
166
178
|
env['omniauth.strategy'].options[:client_options][:site] = "https://#{shop}"
|
|
167
179
|
}
|
|
168
180
|
|
|
169
|
-
response =
|
|
181
|
+
response = request.get("https://app.example.com/auth/shopify?shop=snowdevil.myshopify.dev:3000")
|
|
170
182
|
assert_equal 302, response.status
|
|
171
183
|
redirect_params = Rack::Utils.parse_query(URI(response.location).query)
|
|
172
184
|
assert_equal 'read_content,write_products', redirect_params['scope']
|
|
@@ -345,11 +357,17 @@ class IntegrationTest < Minitest::Test
|
|
|
345
357
|
@app = Rack::Session::Cookie.new(app, secret: SecureRandom.hex(64))
|
|
346
358
|
end
|
|
347
359
|
|
|
360
|
+
def shop
|
|
361
|
+
@shop ||= 'snowdevil.myshopify.com'
|
|
362
|
+
end
|
|
363
|
+
|
|
348
364
|
def authorize(shop)
|
|
349
|
-
|
|
365
|
+
@opts['rack.session']['shopify.omniauth_params'] = { shop: shop }
|
|
366
|
+
request.get('https://app.example.com/auth/shopify', opts)
|
|
350
367
|
end
|
|
351
368
|
|
|
352
369
|
def callback(params)
|
|
370
|
+
@opts['rack.session']['shopify.omniauth_params'] = { shop: shop }
|
|
353
371
|
request.get("https://app.example.com/auth/shopify/callback?#{Rack::Utils.build_query(params)}", opts)
|
|
354
372
|
end
|
|
355
373
|
|
data/test/test_helper.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-shopify-oauth2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 2.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Denis Odorcic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-11-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: omniauth-oauth2
|
|
@@ -24,6 +24,20 @@ dependencies:
|
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
26
|
version: 1.5.0
|
|
27
|
+
- !ruby/object:Gem::Dependency
|
|
28
|
+
name: activesupport
|
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - ">="
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: '0'
|
|
34
|
+
type: :runtime
|
|
35
|
+
prerelease: false
|
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
37
|
+
requirements:
|
|
38
|
+
- - ">="
|
|
39
|
+
- !ruby/object:Gem::Version
|
|
40
|
+
version: '0'
|
|
27
41
|
- !ruby/object:Gem::Dependency
|
|
28
42
|
name: minitest
|
|
29
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -73,6 +87,7 @@ executables: []
|
|
|
73
87
|
extensions: []
|
|
74
88
|
extra_rdoc_files: []
|
|
75
89
|
files:
|
|
90
|
+
- ".github/probots.yml"
|
|
76
91
|
- ".gitignore"
|
|
77
92
|
- ".travis.yml"
|
|
78
93
|
- Gemfile
|
|
@@ -109,7 +124,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
109
124
|
version: '0'
|
|
110
125
|
requirements: []
|
|
111
126
|
rubyforge_project:
|
|
112
|
-
rubygems_version: 2.
|
|
127
|
+
rubygems_version: 2.6.14
|
|
113
128
|
signing_key:
|
|
114
129
|
specification_version: 4
|
|
115
130
|
summary: Shopify strategy for OmniAuth
|