shopify_api 4.0.1 → 4.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: f83cb9b80cf63282dd34ebaebc6c7623f9c54778
4
- data.tar.gz: 281e61d77b3e56c4823bdab49fe8d7d400b240c7
3
+ metadata.gz: 5e77deea6dfc797030a7a149f0cd566827158a3e
4
+ data.tar.gz: 5c12b55cdb182378441ca7599920f71236715828
5
5
  SHA512:
6
- metadata.gz: b87bc82865feaf0f54e6132d8794bc926bf31ab3e980b857577ec4c9855a10e2d09207e379db9ac912d5707f85c1e23ece857cf987025d9aa780b6ea3a85a02e
7
- data.tar.gz: b9e4cd9e1001a1ddd539ce796448359f78ef5eb9643360be17c4f03b939a2572fc331afd91c073b37b8f434e977bcd1b927aa2ee4660efb9123265ce9fa5caac
6
+ metadata.gz: cff7626240f096796cd027a20b9afa8982e638ea19018943e429b1a9055587c3306f252be08becd64651853de25a0f4417615b74acaf3ae8a96a98b5af2f3338
7
+ data.tar.gz: 55f71dc3d02ba0c21e45921c9125c9efa34a6f8c98a1827361d6c7da0fc47f67cc07e3dba617d70a2c6fe37e9c50c3418dddc8d049ce04b66c7e02354d4d50d5
data/CHANGELOG CHANGED
@@ -1,3 +1,7 @@
1
+ == Version 4.0.2
2
+
3
+ * Verify that the shop domain is a subdomain of .myshopify.com which creating the session
4
+
1
5
  == Version 4.0.1
2
6
 
3
7
  * Added `ShopifyAPI::OAuth.revoke` for easy token revocation.
@@ -6,10 +6,9 @@ module ShopifyAPI
6
6
  end
7
7
 
8
8
  class Session
9
- cattr_accessor :api_key
10
- cattr_accessor :secret
11
- cattr_accessor :protocol
9
+ cattr_accessor :api_key, :secret, :protocol, :myshopify_domain, :port
12
10
  self.protocol = 'https'
11
+ self.myshopify_domain = 'myshopify.com'
13
12
 
14
13
  attr_accessor :url, :token, :name
15
14
 
@@ -21,12 +20,9 @@ module ShopifyAPI
21
20
 
22
21
  def temp(domain, token, &block)
23
22
  session = new(domain, token)
24
- begin
25
- original_domain = host_with_port(ShopifyAPI::Base.site.to_s)
26
- rescue URI::InvalidURIError
27
- end
28
- original_token = ShopifyAPI::Base.headers['X-Shopify-Access-Token']
29
- original_session = new(original_domain, original_token)
23
+ original_site = ShopifyAPI::Base.site.to_s
24
+ original_token = ShopifyAPI::Base.headers['X-Shopify-Access-Token']
25
+ original_session = new(original_site, original_token)
30
26
 
31
27
  begin
32
28
  ShopifyAPI::Base.activate_session(session)
@@ -38,8 +34,19 @@ module ShopifyAPI
38
34
 
39
35
  def prepare_url(url)
40
36
  return nil if url.blank?
41
- url.gsub!(/https?:\/\//, '') # remove http:// or https://
42
- url.concat(".myshopify.com") unless url.include?('.') # extend url to myshopify.com if no host is given
37
+ # remove http:// or https://
38
+ url = url.strip.gsub(/\Ahttps?:\/\//, '')
39
+ # extract host, removing any username, password or path
40
+ shop = URI.parse("https://#{url}").host
41
+ # extract subdomain of .myshopify.com
42
+ if idx = shop.index(".")
43
+ shop = shop.slice(0, idx)
44
+ end
45
+ return nil if shop.empty?
46
+ shop = "#{shop}.#{myshopify_domain}"
47
+ port ? "#{shop}:#{port}" : shop
48
+ rescue URI::InvalidURIError
49
+ nil
43
50
  end
44
51
 
45
52
  def validate_signature(params)
@@ -49,29 +56,17 @@ module ShopifyAPI
49
56
  sorted_params = params.except(:signature, :hmac, :action, :controller).collect{|k,v|"#{k}=#{v}"}.sort.join('&')
50
57
  OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new(), secret, sorted_params) == signature
51
58
  end
52
-
53
- def host_with_port(site)
54
- parsed_site = URI.parse(site)
55
- host = parsed_site.host or return
56
- port = parsed_site.port
57
- if (protocol == 'http' && port == 80) || (protocol == 'https' && port == 443)
58
- host
59
- else
60
- "#{host}:#{port}"
61
- end
62
- end
63
-
64
59
  end
65
60
 
66
61
  def initialize(url, token = nil)
67
- self.url, self.token = url, token
68
- self.class.prepare_url(self.url)
62
+ self.url = self.class.prepare_url(url)
63
+ self.token = token
69
64
  end
70
65
 
71
66
  def create_permission_url(scope, redirect_uri = nil)
72
67
  params = {:client_id => api_key, :scope => scope.join(',')}
73
68
  params[:redirect_uri] = redirect_uri if redirect_uri
74
- "#{protocol}://#{url}/admin/oauth/authorize?#{parameterize(params)}"
69
+ "#{site}/oauth/authorize?#{parameterize(params)}"
75
70
  end
76
71
 
77
72
  def request_token(params)
@@ -1,3 +1,3 @@
1
1
  module ShopifyAPI
2
- VERSION = "4.0.1"
2
+ VERSION = "4.0.2"
3
3
  end
@@ -18,6 +18,14 @@ class SessionTest < Test::Unit::TestCase
18
18
  assert session.valid?
19
19
  end
20
20
 
21
+ should "ignore everything but the subdomain in the shop" do
22
+ assert_equal "https://testshop.myshopify.com/admin", ShopifyAPI::Session.new("http://user:pass@testshop.notshopify.net/path", "any-token").site
23
+ end
24
+
25
+ should "append the myshopify domain if not given" do
26
+ assert_equal "https://testshop.myshopify.com/admin", ShopifyAPI::Session.new("testshop", "any-token").site
27
+ end
28
+
21
29
  should "not raise error without params" do
22
30
  assert_nothing_raised do
23
31
  session = ShopifyAPI::Session.new("testshop.myshopify.com", "any-token")
@@ -96,16 +104,21 @@ class SessionTest < Test::Unit::TestCase
96
104
  assert_equal false, session.valid?
97
105
  end
98
106
 
99
- should "#temp reset ShopifyAPI::Base.site to original value when using a non-standard port" do
100
- ShopifyAPI::Session.setup(:api_key => "key", :secret => "secret")
101
- session1 = ShopifyAPI::Session.new('fakeshop.myshopify.com:3000', 'token1')
102
- ShopifyAPI::Base.activate_session(session1)
107
+ should "myshopify_domain supports non-standard ports" do
108
+ begin
109
+ ShopifyAPI::Session.setup(:api_key => "key", :secret => "secret", :myshopify_domain => 'localhost', port: '3000')
103
110
 
104
- ShopifyAPI::Session.temp("testshop.myshopify.com", "any-token") {
105
- @assigned_site = ShopifyAPI::Base.site
106
- }
107
- assert_equal 'https://testshop.myshopify.com/admin', @assigned_site.to_s
108
- assert_equal 'https://fakeshop.myshopify.com:3000/admin', ShopifyAPI::Base.site.to_s
111
+ session = ShopifyAPI::Session.new('fakeshop.localhost:3000', 'token1')
112
+ ShopifyAPI::Base.activate_session(session)
113
+ assert_equal 'https://fakeshop.localhost:3000/admin', ShopifyAPI::Base.site.to_s
114
+
115
+ session = ShopifyAPI::Session.new('fakeshop', 'token1')
116
+ ShopifyAPI::Base.activate_session(session)
117
+ assert_equal 'https://fakeshop.localhost:3000/admin', ShopifyAPI::Base.site.to_s
118
+ ensure
119
+ ShopifyAPI::Session.myshopify_domain = "myshopify.com"
120
+ ShopifyAPI::Session.port = nil
121
+ end
109
122
  end
110
123
 
111
124
  should "return site for session" do
metadata CHANGED
@@ -1,36 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: shopify_api
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.0.1
4
+ version: 4.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Shopify
8
8
  autorequire:
9
9
  bindir: bin
10
- cert_chain:
11
- - |
12
- -----BEGIN CERTIFICATE-----
13
- MIIDcDCCAligAwIBAgIBATANBgkqhkiG9w0BAQUFADA/MQ8wDQYDVQQDDAZhZG1p
14
- bnMxFzAVBgoJkiaJk/IsZAEZFgdzaG9waWZ5MRMwEQYKCZImiZPyLGQBGRYDY29t
15
- MB4XDTE0MDUxNTIwMzM0OFoXDTE1MDUxNTIwMzM0OFowPzEPMA0GA1UEAwwGYWRt
16
- aW5zMRcwFQYKCZImiZPyLGQBGRYHc2hvcGlmeTETMBEGCgmSJomT8ixkARkWA2Nv
17
- bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL0/81O3e1vh5smcwp2G
18
- MpLQ6q0kejQLa65bPYPxdzWA1SYOKyGfw+yR9LdFzsuKpwWzKq6zX35lj1IckWS4
19
- bNBEQzxmufUxU0XPM02haFB8fOfDJzdXsWte9Ge4IFwahwn68gpMqN+BvxL+KMYz
20
- Iut9YmN44d4LZdsENEIO5vmybuG2vYDz7R56qB0PA+Q2P2CdhymsBad2DQs69FBo
21
- uico9V6VMYYctL9lCYdzu9IXrOYNTt88suKIVzzAlHOKeN0Ng5qdztFoTR8sfxDr
22
- Ydg3KHl5n47wlpgd8R0f/4b5gGxW+v9pyJCgQnLlRu7DedVSvv7+GMtj3g9r3nhJ
23
- KqECAwEAAaN3MHUwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFI/o
24
- maf34HXbUOQsdoLHacEKQgunMB0GA1UdEQQWMBSBEmFkbWluc0BzaG9waWZ5LmNv
25
- bTAdBgNVHRIEFjAUgRJhZG1pbnNAc2hvcGlmeS5jb20wDQYJKoZIhvcNAQEFBQAD
26
- ggEBADkK9aj5T0HPExsov4EoMWFnO+G7RQ28C30VAfKxnL2UxG6i4XMHVs6Xi94h
27
- qXFw1ec9Y2eDUqaolT3bviOk9BB197+A8Vz/k7MC6ci2NE+yDDB7HAC8zU6LAx8Y
28
- Iqvw7B/PSZ/pz4bUVFlTATif4mi1vO3lidRkdHRtM7UePSn2rUpOi0gtXBP3bLu5
29
- YjHJN7wx5cugMEyroKITG5gL0Nxtu21qtOlHX4Hc4KdE2JqzCPOsS4zsZGhgwhPs
30
- fl3hbtVFTqbOlwL9vy1fudXcolIE/ZTcxQ+er07ZFZdKCXayR9PPs64heamfn0fp
31
- TConQSX2BnZdhIEYW+cKzEC/bLc=
32
- -----END CERTIFICATE-----
33
- date: 2015-05-04 00:00:00.000000000 Z
10
+ cert_chain: []
11
+ date: 2015-05-05 00:00:00.000000000 Z
34
12
  dependencies:
35
13
  - !ruby/object:Gem::Dependency
36
14
  name: activeresource
Binary file
data.tar.gz.sig DELETED
Binary file
metadata.gz.sig DELETED
Binary file