RubyGems - shopify_api - Versions diffs - 4.0.1 → 4.0.2 - Mend

shopify_api 4.0.1 → 4.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f83cb9b80cf63282dd34ebaebc6c7623f9c54778
-  data.tar.gz: 281e61d77b3e56c4823bdab49fe8d7d400b240c7
+  metadata.gz: 5e77deea6dfc797030a7a149f0cd566827158a3e
+  data.tar.gz: 5c12b55cdb182378441ca7599920f71236715828
 SHA512:
-  metadata.gz: b87bc82865feaf0f54e6132d8794bc926bf31ab3e980b857577ec4c9855a10e2d09207e379db9ac912d5707f85c1e23ece857cf987025d9aa780b6ea3a85a02e
-  data.tar.gz: b9e4cd9e1001a1ddd539ce796448359f78ef5eb9643360be17c4f03b939a2572fc331afd91c073b37b8f434e977bcd1b927aa2ee4660efb9123265ce9fa5caac
+  metadata.gz: cff7626240f096796cd027a20b9afa8982e638ea19018943e429b1a9055587c3306f252be08becd64651853de25a0f4417615b74acaf3ae8a96a98b5af2f3338
+  data.tar.gz: 55f71dc3d02ba0c21e45921c9125c9efa34a6f8c98a1827361d6c7da0fc47f67cc07e3dba617d70a2c6fe37e9c50c3418dddc8d049ce04b66c7e02354d4d50d5

data/CHANGELOG CHANGED

@@ -1,3 +1,7 @@
+== Version 4.0.2
+* Verify that the shop domain is a subdomain of .myshopify.com which creating the session
 == Version 4.0.1
 * Added `ShopifyAPI::OAuth.revoke` for easy token revocation.

data/lib/shopify_api/session.rb CHANGED

@@ -6,10 +6,9 @@ module ShopifyAPI
   end
   class Session
-    cattr_accessor :api_key
-    cattr_accessor :secret
-    cattr_accessor :protocol
+    cattr_accessor :api_key, :secret, :protocol, :myshopify_domain, :port
     self.protocol = 'https'
+    self.myshopify_domain = 'myshopify.com'
     attr_accessor :url, :token, :name
@@ -21,12 +20,9 @@ module ShopifyAPI
       def temp(domain, token, &block)
         session = new(domain, token)
-        begin
-          original_domain = host_with_port(ShopifyAPI::Base.site.to_s)
-        rescue URI::InvalidURIError
-        end
-        original_token   = ShopifyAPI::Base.headers['X-Shopify-Access-Token']
-        original_session = new(original_domain, original_token)
+        original_site = ShopifyAPI::Base.site.to_s
+        original_token = ShopifyAPI::Base.headers['X-Shopify-Access-Token']
+        original_session = new(original_site, original_token)
         begin
           ShopifyAPI::Base.activate_session(session)
@@ -38,8 +34,19 @@ module ShopifyAPI
       def prepare_url(url)
         return nil if url.blank?
-        url.gsub!(/https?:\/\//, '')                            # remove http:// or https://
-        url.concat(".myshopify.com") unless url.include?('.')   # extend url to myshopify.com if no host is given
+        # remove http:// or https://
+        url = url.strip.gsub(/\Ahttps?:\/\//, '')
+        # extract host, removing any username, password or path
+        shop = URI.parse("https://#{url}").host
+        # extract subdomain of .myshopify.com
+        if idx = shop.index(".")
+          shop = shop.slice(0, idx)
+        end
+        return nil if shop.empty?
+        shop = "#{shop}.#{myshopify_domain}"
+        port ? "#{shop}:#{port}" : shop
+      rescue URI::InvalidURIError
+        nil
       end
       def validate_signature(params)
@@ -49,29 +56,17 @@ module ShopifyAPI
         sorted_params = params.except(:signature, :hmac, :action, :controller).collect{|k,v|"#{k}=#{v}"}.sort.join('&')
         OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new(), secret, sorted_params) == signature
       end
-      def host_with_port(site)
-        parsed_site = URI.parse(site)
-        host = parsed_site.host or return
-        port = parsed_site.port
-        if (protocol == 'http' && port == 80) || (protocol == 'https' && port == 443)
-          host
-        else
-          "#{host}:#{port}"
-        end
-      end
     end
     def initialize(url, token = nil)
-      self.url, self.token = url, token
-      self.class.prepare_url(self.url)
+      self.url = self.class.prepare_url(url)
+      self.token = token
     end
     def create_permission_url(scope, redirect_uri = nil)
       params = {:client_id => api_key, :scope => scope.join(',')}
       params[:redirect_uri] = redirect_uri if redirect_uri
-      "#{protocol}://#{url}/admin/oauth/authorize?#{parameterize(params)}"
+      "#{site}/oauth/authorize?#{parameterize(params)}"
     end
     def request_token(params)

data/lib/shopify_api/version.rb CHANGED

@@ -1,3 +1,3 @@
 module ShopifyAPI
-  VERSION = "4.0.1"
+  VERSION = "4.0.2"
 end

data/test/session_test.rb CHANGED

@@ -18,6 +18,14 @@ class SessionTest < Test::Unit::TestCase
       assert session.valid?
     end
+    should "ignore everything but the subdomain in the shop" do
+      assert_equal "https://testshop.myshopify.com/admin", ShopifyAPI::Session.new("http://user:pass@testshop.notshopify.net/path", "any-token").site
+    end
+    should "append the myshopify domain if not given" do
+      assert_equal "https://testshop.myshopify.com/admin", ShopifyAPI::Session.new("testshop", "any-token").site
+    end
     should "not raise error without params" do
       assert_nothing_raised do
         session = ShopifyAPI::Session.new("testshop.myshopify.com", "any-token")
@@ -96,16 +104,21 @@ class SessionTest < Test::Unit::TestCase
       assert_equal false, session.valid?
     end
-    should "#temp reset ShopifyAPI::Base.site to original value when using a non-standard port" do
-      ShopifyAPI::Session.setup(:api_key => "key", :secret => "secret")
-      session1 = ShopifyAPI::Session.new('fakeshop.myshopify.com:3000', 'token1')
-      ShopifyAPI::Base.activate_session(session1)
+    should "myshopify_domain supports non-standard ports" do
+      begin
+        ShopifyAPI::Session.setup(:api_key => "key", :secret => "secret", :myshopify_domain => 'localhost', port: '3000')
-      ShopifyAPI::Session.temp("testshop.myshopify.com", "any-token") {
-        @assigned_site = ShopifyAPI::Base.site
-      }
-      assert_equal 'https://testshop.myshopify.com/admin', @assigned_site.to_s
-      assert_equal 'https://fakeshop.myshopify.com:3000/admin', ShopifyAPI::Base.site.to_s
+        session = ShopifyAPI::Session.new('fakeshop.localhost:3000', 'token1')
+        ShopifyAPI::Base.activate_session(session)
+        assert_equal 'https://fakeshop.localhost:3000/admin', ShopifyAPI::Base.site.to_s
+        session = ShopifyAPI::Session.new('fakeshop', 'token1')
+        ShopifyAPI::Base.activate_session(session)
+        assert_equal 'https://fakeshop.localhost:3000/admin', ShopifyAPI::Base.site.to_s
+      ensure
+        ShopifyAPI::Session.myshopify_domain = "myshopify.com"
+        ShopifyAPI::Session.port = nil
+      end
     end
     should "return site for session" do

metadata CHANGED

@@ -1,36 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: shopify_api
 version: !ruby/object:Gem::Version
-  version: 4.0.1
+  version: 4.0.2
 platform: ruby
 authors:
 - Shopify
 autorequire:
 bindir: bin
-cert_chain:
-- |
-  -----BEGIN CERTIFICATE-----
-  MIIDcDCCAligAwIBAgIBATANBgkqhkiG9w0BAQUFADA/MQ8wDQYDVQQDDAZhZG1p
-  bnMxFzAVBgoJkiaJk/IsZAEZFgdzaG9waWZ5MRMwEQYKCZImiZPyLGQBGRYDY29t
-  MB4XDTE0MDUxNTIwMzM0OFoXDTE1MDUxNTIwMzM0OFowPzEPMA0GA1UEAwwGYWRt
-  aW5zMRcwFQYKCZImiZPyLGQBGRYHc2hvcGlmeTETMBEGCgmSJomT8ixkARkWA2Nv
-  bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL0/81O3e1vh5smcwp2G
-  MpLQ6q0kejQLa65bPYPxdzWA1SYOKyGfw+yR9LdFzsuKpwWzKq6zX35lj1IckWS4
-  bNBEQzxmufUxU0XPM02haFB8fOfDJzdXsWte9Ge4IFwahwn68gpMqN+BvxL+KMYz
-  Iut9YmN44d4LZdsENEIO5vmybuG2vYDz7R56qB0PA+Q2P2CdhymsBad2DQs69FBo
-  uico9V6VMYYctL9lCYdzu9IXrOYNTt88suKIVzzAlHOKeN0Ng5qdztFoTR8sfxDr
-  Ydg3KHl5n47wlpgd8R0f/4b5gGxW+v9pyJCgQnLlRu7DedVSvv7+GMtj3g9r3nhJ
-  KqECAwEAAaN3MHUwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFI/o
-  maf34HXbUOQsdoLHacEKQgunMB0GA1UdEQQWMBSBEmFkbWluc0BzaG9waWZ5LmNv
-  bTAdBgNVHRIEFjAUgRJhZG1pbnNAc2hvcGlmeS5jb20wDQYJKoZIhvcNAQEFBQAD
-  ggEBADkK9aj5T0HPExsov4EoMWFnO+G7RQ28C30VAfKxnL2UxG6i4XMHVs6Xi94h
-  qXFw1ec9Y2eDUqaolT3bviOk9BB197+A8Vz/k7MC6ci2NE+yDDB7HAC8zU6LAx8Y
-  Iqvw7B/PSZ/pz4bUVFlTATif4mi1vO3lidRkdHRtM7UePSn2rUpOi0gtXBP3bLu5
-  YjHJN7wx5cugMEyroKITG5gL0Nxtu21qtOlHX4Hc4KdE2JqzCPOsS4zsZGhgwhPs
-  fl3hbtVFTqbOlwL9vy1fudXcolIE/ZTcxQ+er07ZFZdKCXayR9PPs64heamfn0fp
-  TConQSX2BnZdhIEYW+cKzEC/bLc=
-  -----END CERTIFICATE-----
-date: 2015-05-04 00:00:00.000000000 Z
+cert_chain: []
+date: 2015-05-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activeresource

checksums.yaml.gz.sig DELETED

Binary file

data.tar.gz.sig DELETED

Binary file

metadata.gz.sig DELETED

Binary file