shopify-client 0.0.1

data/lib/shopify-client/cache/redis_store.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module ShopifyClient
+  module Cache
+    class RedisStore < Store
+      # @see Store#get
+      def get(key)
+        value = Redis.current.get(key)
+
+        @decode.(value) unless value.nil?
+      end
+
+      # @see Store#set
+      def set(key, value, ttl: ShopifyClient.config.cache_ttl)
+        Redis.current.set(key, @encode.(value))
+
+        if ttl > 0
+          Redis.current.expire(key, ttl)
+        end
+      end
+
+      # @see Store#clear
+      def clear(key)
+        Redis.current.del(key)
+      end
+    end
+  end
+end

data/lib/shopify-client/cache/store.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module ShopifyClient
+  module Cache
+    # @abstract
+    class Store
+      # @param encode [#call]
+      # @param decode [#call]
+      #
+      # @example
+      #   store = Store.new(
+      #     encode: MessagePack.method(:pack),
+      #     decode: MessagePack.method(:unpack),
+      #   )
+      def initialize(encode: JSON.method(:generate), decode: JSON.method(:parse))
+        @encode = encode
+        @decode = decode
+      end
+
+      # Fetch a value from the cache, falling back to the result of the given
+      # block when the cache is empty/expired.
+      #
+      # @param key [String]
+      # @param ttl [Integer] in seconds
+      #
+      # @return [Object]
+      def call(key, ttl: ShopifyClient.config.cache_ttl, &block)
+        value = get(key)
+
+        if value.nil?
+          value = block.()
+
+          set(key, value, ttl: ttl)
+        end
+
+        value
+      end
+
+      # Get cached data, or nil if unset.
+      #
+      # @param key [String]
+      #
+      # @return [Object]
+      private def get(key)
+        raise NotImplementedError
+      end
+
+      # Overwrite cached data and set TTL (if implemented by child class).
+      #
+      # @param key [String]
+      # @param value [Object]
+      # @param ttl [Integer] in seconds
+      def set(key, value, ttl: ShopifyClient.config.cache_ttl)
+        raise NotImplementedError
+      end
+
+      # Clear cached data.
+      #
+      # @param key [String]
+      def clear(key)
+        raise NotImplementedError
+      end
+    end
+  end
+end

data/lib/shopify-client/cache/thread_local_store.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+module ShopifyClient
+  module Cache
+    class ThreadLocalStore < Store
+      # @see Store#get
+      def get(key)
+        return nil if expired?(key)
+
+        value = Thread.current[key]
+
+        @decode.(value) unless value.nil?
+      end
+
+      # @see Store#set
+      def set(key, value, ttl: ShopifyClient.config.cache_ttl)
+        Thread.current[key] = @encode.(value)
+
+        if ttl > 0
+          Thread.current[build_expiry_key(key)] = Time.now + ttl
+        end
+      end
+
+      # @see Store#clear
+      def clear(key)
+        Thread.current[key] = nil
+        Thread.current[build_expiry_key(key)] = nil
+      end
+
+      # @param key [String]
+      #
+      # @return [Boolean]
+      private def expired?(key)
+        expires_at = Thread.current[build_expiry_key(key)]
+
+        expires_at.nil? ? false : Time.now > expires_at
+      end
+
+      # @param key [String]
+      #
+      # @return [String]
+      private def build_expiry_key(key)
+        "#{key}:expires_at"
+      end
+    end
+  end
+end

data/lib/shopify-client/cached_request.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+require 'digest'
+
+module ShopifyClient
+  # Caching for GET requests.
+  #
+  # @example
+  #   get_shop = CachedRequest.new('shop', fields: 'domain,plan')
+  #   get_shop.(client) # not cached, makes API request
+  #   get_shop.(client) # cached
+  class CachedRequest
+    # @param path [String]
+    # @param params [Hash]
+    # @param store [Cache::Store]
+    def initialize(path, params: {}, store: default_store)
+      @path = path
+      @params = params
+      @store = store
+    end
+
+    # @return [Cache::Store]
+    def default_store
+      if defined?(Redis)
+        Cache::RedisStore.new
+      else
+        Cache::ThreadLocalStore.new
+      end
+    end
+
+    # @param client [Client]
+    #
+    # @return [Hash] response data
+    def call(client)
+      @store.(build_key(client.myshopify_domain)) do
+        client.get(@path, @params).data
+      end
+    end
+
+    # @param myshopify_domain [String]
+    #
+    # @return [String]
+    private def build_key(myshopify_domain)
+      separator = "\x1f" # ASCII unit separator
+
+      format('shopify-client:cached_request:%s', Digest::SHA256.hexdigest([
+        myshopify_domain,
+        @path,
+        @params.sort,
+      ].join(separator)))
+    end
+
+    # Overwrite cached data for a given shop. This might be used when the data
+    # is received from a webhook.
+    #
+    # @param myshopify_domain [String]
+    # @param data [Hash]
+    def set(myshopify_domain, data)
+      @store.set(build_key(myshopify_domain), data)
+    end
+
+    # Clear the cached data for a given shop.
+    #
+    # @param myshopify_domain [String]
+    def clear(myshopify_domain)
+      @store.clear(build_key(myshopify_domain))
+    end
+  end
+end

data/lib/shopify-client/client.rb

@@ -0,0 +1,126 @@
+# frozen_string_literal: true
+
+require 'faraday'
+require 'faraday_middleware'
+
+module ShopifyClient
+  # @!attribute [r] myshopify_domain
+  #   @return [String]
+  # @!attribute [r] access_token
+  #   @return [String]
+  class Client
+    # @param myshopify_domain [String]
+    # @param access_token [String, nil] if request is authenticated
+    def initialize(myshopify_domain, access_token = nil)
+      @conn = Faraday.new(
+        headers: {
+          'X-Shopify-Access-Token' => access_token,
+        },
+        url: "https://#{myshopify_domain}/admin/api/#{ShopifyClient.config.api_version}",
+      ) do |conn|
+        # Request throttling to avoid API rate limit.
+        conn.use default_throttling_strategy
+        # Retry for 429, too many requests.
+        conn.use Faraday::Request::Retry, {
+          backoff_factor: 2,
+          interval: 0.5,
+          retry_statuses: [429],
+        }
+        # Retry for 5xx, server errors.
+        conn.use Faraday::Request::Retry, {
+          exceptions: [
+            Faraday::ConnectionFailed,
+            Faraday::RetriableResponse,
+            Faraday::ServerError,
+            Faraday::SSLError,
+            Faraday::TimeoutError,
+          ],
+          backoff_factor: 2,
+          interval: 0.5,
+          retry_statuses: (500..599).to_a,
+        }
+        conn.use FaradayMiddleware::EncodeJson
+        conn.use FaradayMiddleware::ParseJson, content_type: 'application/json'
+        # Add .json suffix if not present (all endpoints use this).
+        conn.use NormalisePath
+        conn.use Logging
+      end
+
+      @myshopify_domain = myshopify_domain
+      @access_token = access_token
+    end
+
+    # @return [Throttling::Strategy]
+    def default_throttling_strategy
+      if defined?(Redis)
+        Throttling::RedisStrategy
+      else
+        Throttling::ThreadLocalStrategy
+      end
+    end
+
+    attr_reader :myshopify_domain
+    attr_reader :access_token
+
+    # @see Faraday::Connection#delete
+    #
+    # @return [Response]
+    def delete(...)
+      Response.from_faraday_response(@conn.delete(...), self)
+    end
+
+    # @see Faraday::Connection#get
+    #
+    # @return [Response]
+    def get(...)
+      Response.from_faraday_response(@conn.get(...), self)
+    end
+
+    # @see CachedRequest#initialize
+    def get_cached(...)
+      CachedRequest.new(...).(self)
+    end
+
+    # @see Faraday::Connection#post
+    #
+    # @return [Response]
+    def post(...)
+      Response.from_faraday_response(@conn.post(...), self)
+    end
+
+    # @see Faraday::Connection#put
+    #
+    # @return [Response]
+    def put(...)
+      Response.from_faraday_response(@conn.put(...), self)
+    end
+
+    # @param query [String] the GraphQL query
+    # @param variables [Hash] the GraphQL variables (if any)
+    #
+    # @return [Response]
+    def graphql(query, variables = {})
+      Response.from_faraday_response(@conn.post('graphql', {
+        query: query,
+        variables: variables,
+      }), self)
+    end
+
+    # If called with a block, calls {BulkRequest::Operation#call} immediately,
+    # else, returns the {BulkRequest::Operation}.
+    #
+    # @param query [String] the GraphQL query
+    #
+    # @return [Operation]
+    def graphql_bulk(query, &block)
+      op = BulkRequest.new.(self, query)
+
+      block ? op.(&block) : op
+    end
+
+    # @return [String]
+    def inspect
+      "#<ShopifyClient::Client (#{@myshopify_domain})>"
+    end
+  end
+end

data/lib/shopify-client/client/logging.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'securerandom'
+
+module ShopifyClient
+  class Client
+    class Logging < Faraday::Middleware
+      # @param env [Faraday::Env]
+      def on_request(env)
+        env[:uuid] = SecureRandom.uuid
+
+        ShopifyClient.config.logger.info({
+          source: 'shopify-client',
+          type: 'request',
+          info: {
+            transaction_id: env[:uuid],
+            method: env[:method].to_s,
+            url: env[:url].to_s,
+          },
+        }.to_json)
+      end
+
+      # @param env [Faraday::Env]
+      def on_complete(env)
+        ShopifyClient.config.logger.info({
+          source: 'shopify-client',
+          type: 'response',
+          info: {
+            transaction_id: env[:uuid],
+            status: env[:status],
+            api_call_limit: env[:response_headers]['X-Shopify-Shop-Api-Call-Limit'],
+          },
+        }.to_json)
+      end
+    end
+  end
+end

data/lib/shopify-client/client/normalise_path.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module ShopifyClient
+  class Client
+    class NormalisePath < Faraday::Middleware
+      # @param env [Faraday::Env]
+      def on_request(env)
+        unless env[:url].path.end_with?('.json')
+          env[:url].path += '.json'
+        end
+      end
+    end
+  end
+end

data/lib/shopify-client/cookieless/check_header.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module ShopifyClient
+  module Cookieless
+    class CheckHeader
+      UnauthorisedError = Class.new(Error)
+
+      # @param rack_env [Hash]
+      #
+      # @raise [UnauthorisedError]
+      def call(rack_env)
+        header = rack_env['HTTP_AUTHORIZATION']
+
+        raise UnauthorisedError, 'missing Authorization header' if header.nil?
+
+        session_token = header.[](/Bearer (\S+)/, 1)
+
+        raise UnauthorisedError, 'invalid Authorization header' if session_token.nil?
+
+        rack_env['shopify-client.shop'] = DecodeSessionToken.new.(session_token)
+      rescue DecodeSessionToken::Error
+        raise UnauthorisedError, 'invalid session token'
+      end
+    end
+  end
+end

data/lib/shopify-client/cookieless/decode_session_token.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+require 'jwt'
+
+module ShopifyClient
+  module Cookieless
+    class DecodeSessionToken
+      Error = Class.new(Error)
+
+      # @param token [String]
+      #
+      # @return [String] the *.myshopify.com domain of the authenticated shop
+      #
+      # @raise [Error]
+      def call(token)
+        payload, _ = JWT.decode(token, ShopifyClient.config.shared_secret, true, algorithm: 'HS256')
+
+        raise Error unless valid?(payload)
+
+        parse_myshopify_domain(payload)
+      rescue JWT::DecodeError
+        raise Error
+      end
+
+      # @param payload [Hash]
+      #
+      # @return [String]
+      private def parse_myshopify_domain(payload)
+        payload['dest'].sub('https://', '')
+      end
+
+      # @param payload [Hash]
+      #
+      # @return [Boolean]
+      private def valid?(payload)
+        return false unless payload['aud'] == ShopifyClient.config.api_key
+        return false unless payload['iss'].start_with?(payload['dest'])
+
+        true
+      end
+    end
+  end
+end