shopify-sinatra-app 0.7.0 → 0.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 824f5c84a183bf093bf35cb931166ed811fafb4dcdb32664a9c3027a56acf38f
-  data.tar.gz: 4369c1e33e0032792d4016f772bd041f3eb85aea722e015a9d7e1aed48e29f78
+  metadata.gz: 4dc86b5d946b17ee4bde67fbbc9c6ce4bdae741bfd10b34eb5b9eef269d8d30a
+  data.tar.gz: 3512d0ee6d5722ff8277256e5333e2ca779cd7381c0807add32e2787bfe3834d
 SHA512:
-  metadata.gz: e64a1b720743bde0a66a79c39d5574d62f9867da1c7bb479a96253051197efb6e21f0a9366c59d1d98d503478b50a69c3707ba4300fefda601e26a78f7b5f042
-  data.tar.gz: 7ff7babe886332b170e4ae052669acba61a922ee2b814a77b0d52d0c72ce5920ad7171e80956dcdac81358e4489acf17002448f6f784f2dacf9d57744b2c85a4
+  metadata.gz: 3cef0cd037591e3d7d19d13e65732b03587e1761dbe2dab73e31c95477d327332644a71aab4f898d7f3fc3cf45c2e3ca9ee7b8ec352862499b100f636395d69c
+  data.tar.gz: cbeeef8e569450e84ed861d8bd8ef53b0d1770b7d45256a5e4f73eb58de38ac225f2c07a7fd70360fc75d41fa3dc1adf6d9a4cc16ffeb3c3e534af3c188d03f1

data/.travis.yml

@@ -1,7 +1,7 @@
 language: ruby
 
 rvm:
-  - 2.5.3
+  - 2.6.3
 
 gemfile: example/Gemfile
 

data/CHANGELOG

@@ -1,3 +1,30 @@
+0.12.0
+------
+* Update to use the Shopify AppBridge instead of the ESDK
+  * This change is mostly to generated files so you'll need to apply those updates
+    to your own versions.
+* shop_origin no longer includes protocol
+* return_to re-worked to function with the AppBridge
+
+0.11.0
+------
+* remove rack-flash3 use sinatra-flash instead
+* remove a duplicate config of sessions that was breaking the same_site fix
+* remove a runtime dependency that didn't end up being used for the same_site fix but was added anyways
+* update ruby and rake versions
+
+0.10.0
+------
+* Add the api_version to settings and update to 2019-07
+
+0.9.0
+-----
+* set secure and and same_site options on the session cookie. Fixes auth with the upcoming chrome 80 release
+
+0.8.0
+-----
+* Shopify updated the way sessions are created: https://github.com/Shopify/shopify_api/blob/master/README.md#-breaking-change-notice-for-version-700-, updating code to reflect these changes.
+
 0.7.0
 -----
 * make base_url private (users can add back in their app easily if needed)

data/README.md

@@ -128,7 +128,7 @@ note - a flash must be followed by a redirect or it won't work!
 
 Developing
 ----------
-The embedded app sdk won't load non https content so you'll need to use a forwarding service like [ngrok](https://ngrok.com/) or [forwardhq](https://forwardhq.com/). Set your application url in the [Shopify Partner area](https://app.shopify.com/services/partners/api_clients) to your forwarded url. However The redirect_uri should still be `http://localhost:4567/auth/shopify/callback` which will allow you to install your app on a live shop while running it locally.
+The embedded app sdk won't load non https content so you'll need to use a forwarding service like [ngrok](https://ngrok.com/) or [forwardhq](https://forwardhq.com/). Set your application url in the [Shopify Partner area](https://app.shopify.com/services/partners/api_clients) to your forwarded url and set the redirect_uri to your forwarded url + `/auth/shopify/callback` which will allow you to install your app on a live shop while running it locally.
 
 To run the app locally we use `foreman` which comes with the [Heroku Toolbelt](https://devcenter.heroku.com/articles/quickstart). Foreman handles running our application and setting our credentials as environment variables. To run the application type:
 

data/example/Gemfile

@@ -1,9 +1,9 @@
 source 'https://rubygems.org'
-ruby '2.5.3'
+ruby '2.6.3'
 
 gem 'shopify-sinatra-app', path: '../'
 gem 'sinatra-activerecord'
-gem 'rack-flash3', require: 'rack-flash'
+gem 'sinatra-flash'
 
 group :production do
   gem 'pg'
@@ -15,7 +15,7 @@ group :development, :test do
 end
 
 group :development do
-  gem 'rake'
+  gem 'rake', '>= 12.3.3'
   gem 'foreman'
   gem 'dotenv'
 end

data/example/db/schema.rb

@@ -2,11 +2,11 @@
 # of editing this file, please use the migrations feature of Active Record to
 # incrementally modify your database, and then regenerate this schema definition.
 #
-# Note that this schema.rb definition is the authoritative source for your
-# database schema. If you need to create the application database on another
-# system, you should be using db:schema:load, not running all the migrations
-# from scratch. The latter is a flawed and unsustainable approach (the more migrations
-# you'll amass, the slower it'll run and the greater likelihood for issues).
+# This file is the source Rails uses to define your schema when running `rails
+# db:schema:load`. When creating a new database, `rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
 #
 # It's strongly recommended that you check this file into your version control system.
 

data/example/src/app.rb

@@ -1,7 +1,9 @@
 require 'sinatra/shopify-sinatra-app'
+require 'sinatra/flash'
 
 class SinatraApp < Sinatra::Base
   register Sinatra::Shopify
+  register Sinatra::Flash
 
   # set the scope that your app needs, read more here:
   # http://docs.shopify.com/api/tutorials/oauth

data/example/test/app_test.rb

@@ -23,8 +23,9 @@ class AppTest < Minitest::Test
 
   def test_root_with_session
     set_session
-    fake 'https://testshop.myshopify.com/admin/shop.json', body: {myshopify_domain: @shop_name}.to_json
-    fake 'https://testshop.myshopify.com/admin/products.json?limit=10', body: '{}'
+    api_url = "https://testshop.myshopify.com/admin/api/#{app.settings.api_version}"
+    fake "#{api_url}/shop.json", body: {myshopify_domain: @shop_name}.to_json
+    fake "#{api_url}/products.json?limit=10", body: '{}'
     get '/'
     assert last_response.ok?
   end

data/example/views/_flash_messages.erb

@@ -1,11 +1,25 @@
 <script type="text/javascript">
-  ShopifyApp.ready(function(){
-    <% if flash[:notice] %>
-      ShopifyApp.flashNotice("<%= flash[:notice] %>");
-    <% end %>
-
-    <% if flash[:error] %>
-      ShopifyApp.flashError("<%= flash[:error] %>");
-    <% end %>
-  });
+  var AppBridge = window['app-bridge'];
+
+  var actions = AppBridge.actions;
+  var Toast = actions.Toast;
+
+  <% if flash[:notice] %>
+    var notice = Toast.create(app, {
+      message: "<%= flash[:notice] %>",
+      duration: 5000
+    });
+
+    notice.dispatch(Toast.Action.SHOW);
+  <% end %>
+
+  <% if flash[:error] %>
+    var notice = Toast.create(app, {
+      message: "<%= flash[:error] %>",
+      duration: 5000,
+      isError: true,
+    });
+
+    notice.dispatch(Toast.Action.SHOW);
+  <% end %>
 </script>

data/example/views/_top_bar.erb

@@ -1,7 +1,10 @@
 <script type="text/javascript">
-  ShopifyApp.ready(function(){
-    ShopifyApp.Bar.initialize({
-      icon: '<%= "#{base_url}/icon.png" %>'
-    });
+  var AppBridge = window['app-bridge'];
+
+  var actions = AppBridge.actions;
+  var TitleBar = actions.TitleBar;
+
+  var titleBar = TitleBar.create(app, {
+    icon: '<%= "#{base_url}/icon.png" %>'
   });
 </script>

data/example/views/layouts/application.erb

@@ -1,12 +1,14 @@
 <!DOCTYPE html>
 <html lang="en">
 <head>
-  <script src="https://cdn.shopify.com/s/assets/external/app.js"></script>
+  <script src="https://unpkg.com/@shopify/app-bridge"></script>
   <script type="text/javascript">
-    ShopifyApp.init({
+    var AppBridge = window['app-bridge'];
+    var createApp = AppBridge.default;
+
+    var app = createApp({
       apiKey: "<%= SinatraApp.settings.api_key %>",
       shopOrigin: "<%= shop_origin %>",
-      debug: true
     });
   </script>
   <link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" rel="stylesheet" integrity="sha256-7s5uDGW3AHqw6xtJmNNtr+OBRJUlgkNJEo78P4b0yRw= sha512-nNo+yCHEyn0smMxSswnf/OnX6/KwJuZTlNZBjauKhTK0c+zT+q5JOCx0UFhXQ6rJR9jg6Es8gPuD2uZcYDLqSw==" crossorigin="anonymous">

data/lib/sinatra/shopify-sinatra-app.rb

@@ -1,7 +1,6 @@
 require 'sinatra/base'
 require 'sinatra/activerecord'
 
-require 'rack-flash'
 require 'attr_encrypted'
 require 'active_support/all'
 
@@ -21,9 +20,9 @@ module Sinatra
         session.clear
       end
 
-      # for the esdk initializer
+      # for the app bridge initializer
       def shop_origin
-        "https://#{session[:shopify][:shop]}"
+        "#{session[:shopify][:shop]}"
       end
 
       def shopify_session(&blk)
@@ -75,7 +74,7 @@ module Sinatra
       def authenticate(return_to = '/', return_params = nil)
         if shop_name = sanitized_shop_name
           session[:return_params] = return_params if return_params
-          redirect_url = "/auth/shopify?shop=#{shop_name}&return_to=#{base_url}#{return_to}"
+          redirect_url = "#{base_url}/auth/shopify"
           redirect_javascript redirect_url
         else
           redirect '/install'
@@ -83,7 +82,7 @@ module Sinatra
       end
 
       def activate_shopify_api(shop_name, token)
-        api_session = ShopifyAPI::Session.new(shop_name, token)
+        api_session = ShopifyAPI::Session.new(domain: shop_name, token: token, api_version: settings.api_version)
         ShopifyAPI::Base.activate_session(api_session)
       end
 
@@ -102,19 +101,37 @@ module Sinatra
             <meta charset="utf-8" />
             <base target="_top">
             <title>Redirecting…</title>
-
+            <script src="https://unpkg.com/@shopify/app-bridge"></script>
             <script type='text/javascript'>
+              var AppBridge = window['app-bridge'];
+              var createApp = AppBridge.createApp;
+              var actions = AppBridge.actions;
+              var Redirect = actions.Redirect;
+
+              var apiKey = '#{settings.api_key}';
+              var redirectUri = '#{url}';
+              var shopOrigin = '#{sanitized_shop_name}';
+
+              var permissionUrl = 'https://'+
+                                  shopOrigin+
+                                  '/admin'+
+                                  '/oauth/authorize?client_id='+
+                                  apiKey+
+                                  '&scope=#{settings.scope}&redirect_uri='+
+                                  redirectUri;
+
               // If the current window is the 'parent', change the URL by setting location.href
               if (window.top == window.self) {
-                window.top.location.href = #{url.to_json};
+                window.location.assign(permissionUrl);
 
-              // If the current window is the 'child', change the parent's URL with postMessage
+              // If the current window is the 'child', change the parent's URL with Shopify App Bridge's Redirect action
               } else {
-                message = JSON.stringify({
-                  message: 'Shopify.API.remoteRedirect',
-                  data: { location: window.location.origin + #{url.to_json} }
+                var app = createApp({
+                  apiKey: apiKey,
+                  shopOrigin: shopOrigin
                 });
-                window.parent.postMessage(message, 'https://#{sanitized_shop_name}');
+
+                Redirect.create(app).dispatch(Redirect.Action.REMOTE, permissionUrl);
               }
             </script>
           </head>
@@ -157,6 +174,7 @@ module Sinatra
     def self.registered(app)
       app.helpers Shopify::Methods
       app.register Sinatra::ActiveRecordExtension
+      app.enable :inline_templates
 
       app.set :database_file, File.expand_path('config/database.yml')
       app.set :views, File.expand_path('views')
@@ -164,19 +182,18 @@ module Sinatra
       app.set :erb, layout: :'layouts/application'
       app.set :protection, except: :frame_options
 
-      app.enable :sessions
-      app.enable :inline_templates
-
+      app.set :api_version, '2019-07'
       app.set :scope, 'read_products, read_orders'
 
       app.set :api_key, ENV['SHOPIFY_API_KEY']
       app.set :shared_secret, ENV['SHOPIFY_SHARED_SECRET']
       app.set :secret, ENV['SECRET']
 
-      app.use Rack::Flash, sweep: true
       app.use Rack::MethodOverride
       app.use Rack::Session::Cookie, key: 'rack.session',
                                      path: '/',
+                                     secure: true,
+                                     same_site: 'None',
                                      secret: app.settings.secret,
                                      expire_after: 60 * 30 # half an hour in seconds
 
@@ -231,10 +248,10 @@ module Sinatra
 
         after_shopify_auth()
 
-        return_to = env['omniauth.params']['return_to']
         return_params = session[:return_params]
         session.delete(:return_params)
 
+        return_to = '/'
         return_to += "?#{return_params.to_query}" if return_params.present?
 
         redirect return_to

data/shopify-sinatra-app.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name = 'shopify-sinatra-app'
-  s.version = '0.7.0'
+  s.version = '0.12.0'
 
   s.summary     = 'A classy shopify app'
   s.description = 'A Sinatra extension for building Shopify Apps. Akin to the shopify_app gem but for Sinatra'
@@ -15,14 +15,14 @@ Gem::Specification.new do |s|
 
   s.add_runtime_dependency 'sinatra', '~> 2.0.2'
   s.add_runtime_dependency 'sinatra-activerecord', '~> 2.0.9'
-  s.add_runtime_dependency 'rack-flash3', '~> 1.0.5'
   s.add_runtime_dependency 'activesupport'
   s.add_runtime_dependency 'attr_encrypted', '~> 3.1.0'
 
-  s.add_runtime_dependency 'shopify_api'
-  s.add_runtime_dependency 'omniauth-shopify-oauth2'
+  s.add_runtime_dependency 'shopify_api', '>= 7.0.1', '< 9.3.0'
+  s.add_runtime_dependency 'omniauth-shopify-oauth2', '>= 2.3.2'
+  s.add_runtime_dependency 'omniauth', '1.9.1'
 
-  s.add_development_dependency 'rake'
+  s.add_development_dependency 'rake', '>= 12.3.3'
   s.add_development_dependency 'sqlite3'
   s.add_development_dependency 'minitest'
   s.add_development_dependency 'rack-test'

data/test.sh

@@ -6,5 +6,8 @@ bundle install
 bundle exec rake db:migrate
 bundle exec rake test:prepare
 bundle exec rake test
+EXIT_CODE=$?
 
 cd ../../..
+
+exit $EXIT_CODE

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: shopify-sinatra-app
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.12.0
 platform: ruby
 authors:
 - Kevin Hughes
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-01-09 00:00:00.000000000 Z
+date: 2021-02-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sinatra
@@ -38,20 +38,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 2.0.9
-- !ruby/object:Gem::Dependency
-  name: rack-flash3
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.0.5
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.0.5
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
@@ -86,42 +72,62 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 7.0.1
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 9.3.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 7.0.1
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 9.3.0
 - !ruby/object:Gem::Dependency
   name: omniauth-shopify-oauth2
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.3.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.3.2
+- !ruby/object:Gem::Dependency
+  name: omniauth
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.9.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.9.1
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
@@ -250,8 +256,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: A classy shopify app