RubyGems - shopify_api - Versions diffs - 4.0.1 → 4.0.2 - Mend

shopify_api 4.0.1 → 4.0.2

Files changed (9) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f83cb9b80cf63282dd34ebaebc6c7623f9c54778
-  data.tar.gz: 281e61d77b3e56c4823bdab49fe8d7d400b240c7
+  metadata.gz: 5e77deea6dfc797030a7a149f0cd566827158a3e
+  data.tar.gz: 5c12b55cdb182378441ca7599920f71236715828
 SHA512:
-  metadata.gz: b87bc82865feaf0f54e6132d8794bc926bf31ab3e980b857577ec4c9855a10e2d09207e379db9ac912d5707f85c1e23ece857cf987025d9aa780b6ea3a85a02e
-  data.tar.gz: b9e4cd9e1001a1ddd539ce796448359f78ef5eb9643360be17c4f03b939a2572fc331afd91c073b37b8f434e977bcd1b927aa2ee4660efb9123265ce9fa5caac
+  metadata.gz: cff7626240f096796cd027a20b9afa8982e638ea19018943e429b1a9055587c3306f252be08becd64651853de25a0f4417615b74acaf3ae8a96a98b5af2f3338
+  data.tar.gz: 55f71dc3d02ba0c21e45921c9125c9efa34a6f8c98a1827361d6c7da0fc47f67cc07e3dba617d70a2c6fe37e9c50c3418dddc8d049ce04b66c7e02354d4d50d5

data/CHANGELOG CHANGED

@@ -1,3 +1,7 @@
+== Version 4.0.2
+* Verify that the shop domain is a subdomain of .myshopify.com which creating the session
 == Version 4.0.1
 * Added `ShopifyAPI::OAuth.revoke` for easy token revocation.

data/lib/shopify_api/session.rb CHANGED

@@ -6,10 +6,9 @@ module ShopifyAPI
   end
   class Session
-    cattr_accessor :api_key
-    cattr_accessor :secret
-    cattr_accessor :protocol
+    cattr_accessor :api_key, :secret, :protocol, :myshopify_domain, :port
     self.protocol = 'https'
+    self.myshopify_domain = 'myshopify.com'
     attr_accessor :url, :token, :name
@@ -21,12 +20,9 @@ module ShopifyAPI
       def temp(domain, token, &block)
         session = new(domain, token)
-        begin
-          original_domain = host_with_port(ShopifyAPI::Base.site.to_s)
-        rescue URI::InvalidURIError
-        end
-        original_token   = ShopifyAPI::Base.headers['X-Shopify-Access-Token']
-        original_session = new(original_domain, original_token)
+        original_site = ShopifyAPI::Base.site.to_s
+        original_token = ShopifyAPI::Base.headers['X-Shopify-Access-Token']
+        original_session = new(original_site, original_token)
         begin
           ShopifyAPI::Base.activate_session(session)
@@ -38,8 +34,19 @@ module ShopifyAPI
       def prepare_url(url)
         return nil if url.blank?
-        url.gsub!(/https?:\/\//, '')                            # remove http:// or https://
-        url.concat(".myshopify.com") unless url.include?('.')   # extend url to myshopify.com if no host is given
+        # remove http:// or https://
+        url = url.strip.gsub(/\Ahttps?:\/\//, '')
+        # extract host, removing any username, password or path
+        shop = URI.parse("https://#{url}").host
+        # extract subdomain of .myshopify.com
+        if idx = shop.index(".")
+          shop = shop.slice(0, idx)
+        end
+        return nil if shop.empty?
+        shop = "#{shop}.#{myshopify_domain}"
+        port ? "#{shop}:#{port}" : shop
+      rescue URI::InvalidURIError
+        nil
       end
       def validate_signature(params)
@@ -49,29 +56,17 @@ module ShopifyAPI
         sorted_params = params.except(:signature, :hmac, :action, :controller).collect{|k,v|"#{k}=#{v}"}.sort.join('&')
         OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new(), secret, sorted_params) == signature
       end
-      def host_with_port(site)
-        parsed_site = URI.parse(site)
-        host = parsed_site.host or return
-        port = parsed_site.port
-        if (protocol == 'http' && port == 80) || (protocol == 'https' && port == 443)
-          host
-        else
-          "#{host}:#{port}"
-        end
-      end
     end
     def initialize(url, token = nil)
-      self.url, self.token = url, token
-      self.class.prepare_url(self.url)
+      self.url = self.class.prepare_url(url)
+      self.token = token
     end
     def create_permission_url(scope, redirect_uri = nil)
       params = {:client_id => api_key, :scope => scope.join(',')}
       params[:redirect_uri] = redirect_uri if redirect_uri
-      "#{protocol}://#{url}/admin/oauth/authorize?#{parameterize(params)}"
+      "#{site}/oauth/authorize?#{parameterize(params)}"
     end
     def request_token(params)

data/lib/shopify_api/version.rb CHANGED

@@ -1,3 +1,3 @@
 module ShopifyAPI
-  VERSION = "4.0.1"
+  VERSION = "4.0.2"
 end

data/test/session_test.rb CHANGED

@@ -18,6 +18,14 @@ class SessionTest < Test::Unit::TestCase
       assert session.valid?
     end
+    should "ignore everything but the subdomain in the shop" do
+      assert_equal "https://testshop.myshopify.com/admin", ShopifyAPI::Session.new("http://user:pass@testshop.notshopify.net/path", "any-token").site
+    end
+    should "append the myshopify domain if not given" do
+      assert_equal "https://testshop.myshopify.com/admin", ShopifyAPI::Session.new("testshop", "any-token").site
+    end
     should "not raise error without params" do
       assert_nothing_raised do
         session = ShopifyAPI::Session.new("testshop.myshopify.com", "any-token")
@@ -96,16 +104,21 @@ class SessionTest < Test::Unit::TestCase
       assert_equal false, session.valid?
     end
-    should "#temp reset ShopifyAPI::Base.site to original value when using a non-standard port" do
-      ShopifyAPI::Session.setup(:api_key => "key", :secret => "secret")
-      session1 = ShopifyAPI::Session.new('fakeshop.myshopify.com:3000', 'token1')
-      ShopifyAPI::Base.activate_session(session1)
+    should "myshopify_domain supports non-standard ports" do
+      begin
+        ShopifyAPI::Session.setup(:api_key => "key", :secret => "secret", :myshopify_domain => 'localhost', port: '3000')
-      ShopifyAPI::Session.temp("testshop.myshopify.com", "any-token") {
-        @assigned_site = ShopifyAPI::Base.site
-      }
-      assert_equal 'https://testshop.myshopify.com/admin', @assigned_site.to_s
-      assert_equal 'https://fakeshop.myshopify.com:3000/admin', ShopifyAPI::Base.site.to_s
+        session = ShopifyAPI::Session.new('fakeshop.localhost:3000', 'token1')
+        ShopifyAPI::Base.activate_session(session)
+        assert_equal 'https://fakeshop.localhost:3000/admin', ShopifyAPI::Base.site.to_s
+        session = ShopifyAPI::Session.new('fakeshop', 'token1')
+        ShopifyAPI::Base.activate_session(session)
+        assert_equal 'https://fakeshop.localhost:3000/admin', ShopifyAPI::Base.site.to_s
+      ensure
+        ShopifyAPI::Session.myshopify_domain = "myshopify.com"
+        ShopifyAPI::Session.port = nil
+      end
     end
     should "return site for session" do

metadata CHANGED

@@ -1,36 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: shopify_api
 version: !ruby/object:Gem::Version
-  version: 4.0.1
+  version: 4.0.2
 platform: ruby
 authors:
 - Shopify
 autorequire:
 bindir: bin
-cert_chain:
-- |
-  -----BEGIN CERTIFICATE-----
-  MIIDcDCCAligAwIBAgIBATANBgkqhkiG9w0BAQUFADA/MQ8wDQYDVQQDDAZhZG1p
-  bnMxFzAVBgoJkiaJk/IsZAEZFgdzaG9waWZ5MRMwEQYKCZImiZPyLGQBGRYDY29t
-  MB4XDTE0MDUxNTIwMzM0OFoXDTE1MDUxNTIwMzM0OFowPzEPMA0GA1UEAwwGYWRt
-  aW5zMRcwFQYKCZImiZPyLGQBGRYHc2hvcGlmeTETMBEGCgmSJomT8ixkARkWA2Nv
-  bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL0/81O3e1vh5smcwp2G
-  MpLQ6q0kejQLa65bPYPxdzWA1SYOKyGfw+yR9LdFzsuKpwWzKq6zX35lj1IckWS4
-  bNBEQzxmufUxU0XPM02haFB8fOfDJzdXsWte9Ge4IFwahwn68gpMqN+BvxL+KMYz
-  Iut9YmN44d4LZdsENEIO5vmybuG2vYDz7R56qB0PA+Q2P2CdhymsBad2DQs69FBo
-  uico9V6VMYYctL9lCYdzu9IXrOYNTt88suKIVzzAlHOKeN0Ng5qdztFoTR8sfxDr
-  Ydg3KHl5n47wlpgd8R0f/4b5gGxW+v9pyJCgQnLlRu7DedVSvv7+GMtj3g9r3nhJ
-  KqECAwEAAaN3MHUwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFI/o
-  maf34HXbUOQsdoLHacEKQgunMB0GA1UdEQQWMBSBEmFkbWluc0BzaG9waWZ5LmNv
-  bTAdBgNVHRIEFjAUgRJhZG1pbnNAc2hvcGlmeS5jb20wDQYJKoZIhvcNAQEFBQAD
-  ggEBADkK9aj5T0HPExsov4EoMWFnO+G7RQ28C30VAfKxnL2UxG6i4XMHVs6Xi94h
-  qXFw1ec9Y2eDUqaolT3bviOk9BB197+A8Vz/k7MC6ci2NE+yDDB7HAC8zU6LAx8Y
-  Iqvw7B/PSZ/pz4bUVFlTATif4mi1vO3lidRkdHRtM7UePSn2rUpOi0gtXBP3bLu5
-  YjHJN7wx5cugMEyroKITG5gL0Nxtu21qtOlHX4Hc4KdE2JqzCPOsS4zsZGhgwhPs
-  fl3hbtVFTqbOlwL9vy1fudXcolIE/ZTcxQ+er07ZFZdKCXayR9PPs64heamfn0fp
-  TConQSX2BnZdhIEYW+cKzEC/bLc=
-  -----END CERTIFICATE-----
-date: 2015-05-04 00:00:00.000000000 Z
+cert_chain: []
+date: 2015-05-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activeresource

checksums.yaml.gz.sig DELETED

Binary file

data.tar.gz.sig DELETED

Binary file

metadata.gz.sig DELETED

Binary file