shopify_app 11.4.0 → 11.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +0 -2
  3. data/CHANGELOG.md +25 -0
  4. data/README.md +123 -115
  5. data/app/controllers/concerns/shopify_app/authenticated.rb +1 -1
  6. data/app/controllers/shopify_app/callback_controller.rb +8 -2
  7. data/app/controllers/shopify_app/extension_verification_controller.rb +20 -0
  8. data/config/locales/nl.yml +1 -1
  9. data/docs/Quickstart.md +44 -16
  10. data/docs/install-on-dev-shop.png +0 -0
  11. data/docs/test-your-app.png +0 -0
  12. data/lib/generators/shopify_app/add_marketing_activity_extension/templates/marketing_activities_controller.rb +1 -1
  13. data/lib/generators/shopify_app/install/install_generator.rb +0 -4
  14. data/lib/generators/shopify_app/install/templates/shopify_app.rb +1 -1
  15. data/lib/generators/shopify_app/install/templates/shopify_provider.rb +1 -0
  16. data/lib/generators/shopify_app/user_model/templates/db/migrate/create_users.erb +16 -0
  17. data/lib/generators/shopify_app/user_model/templates/user.rb +7 -0
  18. data/lib/generators/shopify_app/user_model/templates/users.yml +4 -0
  19. data/lib/generators/shopify_app/user_model/user_model_generator.rb +38 -0
  20. data/lib/shopify_app.rb +5 -3
  21. data/lib/shopify_app/configuration.rb +13 -8
  22. data/lib/shopify_app/controller_concerns/login_protection.rb +22 -3
  23. data/lib/shopify_app/engine.rb +4 -0
  24. data/lib/shopify_app/middleware/same_site_cookie_middleware.rb +60 -0
  25. data/lib/shopify_app/session/in_memory_session_store.rb +1 -1
  26. data/lib/shopify_app/session/session_repository.rb +2 -2
  27. data/lib/shopify_app/session/session_storage.rb +10 -22
  28. data/lib/shopify_app/session/storage_strategies/shop_storage_strategy.rb +23 -0
  29. data/lib/shopify_app/session/storage_strategies/user_storage_strategy.rb +24 -0
  30. data/lib/shopify_app/version.rb +1 -1
  31. data/package-lock.json +33 -35
  32. data/package.json +3 -2
  33. data/service.yml +1 -1
  34. data/shopify_app.gemspec +4 -1
  35. data/yarn.lock +14 -14
  36. metadata +54 -3
  37. data/lib/shopify_app/controllers/extension_verification_controller.rb +0 -17
@@ -0,0 +1,23 @@
1
+ module ShopifyApp
2
+ module SessionStorage
3
+ module ShopStorageStrategy
4
+ def store(auth_session, *args)
5
+ shop = find_or_initialize_by(shopify_domain: auth_session.domain)
6
+ shop.shopify_token = auth_session.token
7
+ shop.save!
8
+ shop.id
9
+ end
10
+
11
+ def retrieve(id)
12
+ return unless id
13
+ if shop = self.find_by(id: id)
14
+ ShopifyAPI::Session.new(
15
+ domain: shop.shopify_domain,
16
+ token: shop.shopify_token,
17
+ api_version: shop.api_version
18
+ )
19
+ end
20
+ end
21
+ end
22
+ end
23
+ end
@@ -0,0 +1,24 @@
1
+ module ShopifyApp
2
+ module SessionStorage
3
+ module UserStorageStrategy
4
+ def store(auth_session, user)
5
+ user = find_or_initialize_by(shopify_user_id: user[:id])
6
+ user.shopify_token = auth_session.token
7
+ user.shopify_domain = auth_session.domain
8
+ user.save!
9
+ user.id
10
+ end
11
+
12
+ def retrieve(id)
13
+ return unless id
14
+ if user = self.find_by(shopify_user_id: id)
15
+ ShopifyAPI::Session.new(
16
+ domain: user.shopify_domain,
17
+ token: user.shopify_token,
18
+ api_version: user.api_version
19
+ )
20
+ end
21
+ end
22
+ end
23
+ end
24
+ end
@@ -1,3 +1,3 @@
1
1
  module ShopifyApp
2
- VERSION = '11.4.0'.freeze
2
+ VERSION = '11.7.1'.freeze
3
3
  end
@@ -5909,12 +5909,6 @@
5909
5909
  "integrity": "sha512-Ya52jSX2u7QKghxeoFGpLwCtGlt7j0oY9DYb5apt9nPlJ42ID+ulTXESnt/qAQcoSERyZ5sl3LDIOw0nAn/5DA==",
5910
5910
  "dev": true
5911
5911
  },
5912
- "serialize-javascript": {
5913
- "version": "1.9.1",
5914
- "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-1.9.1.tgz",
5915
- "integrity": "sha512-0Vb/54WJ6k5v8sSWN09S0ora+Hnr+cX40r9F170nT+mSkaxltoE/7R3OrIdBSUv1OoiobH1QoWQbCnAO+e8J1A==",
5916
- "dev": true
5917
- },
5918
5912
  "set-blocking": {
5919
5913
  "version": "2.0.0",
5920
5914
  "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz",
@@ -6497,31 +6491,6 @@
6497
6491
  }
6498
6492
  }
6499
6493
  },
6500
- "terser-webpack-plugin": {
6501
- "version": "1.4.1",
6502
- "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-1.4.1.tgz",
6503
- "integrity": "sha512-ZXmmfiwtCLfz8WKZyYUuuHf3dMYEjg8NrjHMb0JqHVHVOSkzp3cW2/XG1fP3tRhqEqSzMwzzRQGtAPbs4Cncxg==",
6504
- "dev": true,
6505
- "requires": {
6506
- "cacache": "12.0.3",
6507
- "find-cache-dir": "2.1.0",
6508
- "is-wsl": "1.1.0",
6509
- "schema-utils": "1.0.0",
6510
- "serialize-javascript": "1.9.1",
6511
- "source-map": "0.6.1",
6512
- "terser": "4.3.1",
6513
- "webpack-sources": "1.4.3",
6514
- "worker-farm": "1.7.0"
6515
- },
6516
- "dependencies": {
6517
- "source-map": {
6518
- "version": "0.6.1",
6519
- "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
6520
- "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
6521
- "dev": true
6522
- }
6523
- }
6524
- },
6525
6494
  "through2": {
6526
6495
  "version": "2.0.5",
6527
6496
  "resolved": "https://registry.npmjs.org/through2/-/through2-2.0.5.tgz",
@@ -6878,9 +6847,9 @@
6878
6847
  }
6879
6848
  },
6880
6849
  "webpack": {
6881
- "version": "4.40.2",
6882
- "resolved": "https://registry.npmjs.org/webpack/-/webpack-4.40.2.tgz",
6883
- "integrity": "sha512-5nIvteTDCUws2DVvP9Qe+JPla7kWPPIDFZv55To7IycHWZ+Z5qBdaBYPyuXWdhggTufZkQwfIK+5rKQTVovm2A==",
6850
+ "version": "4.41.3",
6851
+ "resolved": "https://registry.npmjs.org/webpack/-/webpack-4.41.3.tgz",
6852
+ "integrity": "sha512-EcNzP9jGoxpQAXq1VOoTet0ik7/VVU1MovIfcUSAjLowc7GhcQku/sOXALvq5nPpSei2HF6VRhibeJSC3i/Law==",
6884
6853
  "dev": true,
6885
6854
  "requires": {
6886
6855
  "@webassemblyjs/ast": "1.8.5",
@@ -6903,7 +6872,7 @@
6903
6872
  "node-libs-browser": "2.2.1",
6904
6873
  "schema-utils": "1.0.0",
6905
6874
  "tapable": "1.1.3",
6906
- "terser-webpack-plugin": "1.4.1",
6875
+ "terser-webpack-plugin": "1.4.3",
6907
6876
  "watchpack": "1.6.0",
6908
6877
  "webpack-sources": "1.4.3"
6909
6878
  },
@@ -6925,6 +6894,35 @@
6925
6894
  "resolved": "https://registry.npmjs.org/ajv-keywords/-/ajv-keywords-3.4.1.tgz",
6926
6895
  "integrity": "sha512-RO1ibKvd27e6FEShVFfPALuHI3WjSVNeK5FIsmme/LYRNxjKuNj+Dt7bucLa6NdSv3JcVTyMlm9kGR84z1XpaQ==",
6927
6896
  "dev": true
6897
+ },
6898
+ "serialize-javascript": {
6899
+ "version": "2.1.2",
6900
+ "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-2.1.2.tgz",
6901
+ "integrity": "sha512-rs9OggEUF0V4jUSecXazOYsLfu7OGK2qIn3c7IPBiffz32XniEp/TX9Xmc9LQfK2nQ2QKHvZ2oygKUGU0lG4jQ==",
6902
+ "dev": true
6903
+ },
6904
+ "source-map": {
6905
+ "version": "0.6.1",
6906
+ "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
6907
+ "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
6908
+ "dev": true
6909
+ },
6910
+ "terser-webpack-plugin": {
6911
+ "version": "1.4.3",
6912
+ "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-1.4.3.tgz",
6913
+ "integrity": "sha512-QMxecFz/gHQwteWwSo5nTc6UaICqN1bMedC5sMtUc7y3Ha3Q8y6ZO0iCR8pq4RJC8Hjf0FEPEHZqcMB/+DFCrA==",
6914
+ "dev": true,
6915
+ "requires": {
6916
+ "cacache": "12.0.3",
6917
+ "find-cache-dir": "2.1.0",
6918
+ "is-wsl": "1.1.0",
6919
+ "schema-utils": "1.0.0",
6920
+ "serialize-javascript": "2.1.2",
6921
+ "source-map": "0.6.1",
6922
+ "terser": "4.3.1",
6923
+ "webpack-sources": "1.4.3",
6924
+ "worker-farm": "1.7.0"
6925
+ }
6928
6926
  }
6929
6927
  }
6930
6928
  },
@@ -19,9 +19,10 @@
19
19
  "mocha-debug": "^0.0.1",
20
20
  "sinon": "^7.4.2",
21
21
  "sinon-chai": "^3.2.0",
22
- "webpack": "^4.40.2"
22
+ "webpack": "^4.41.3"
23
23
  },
24
24
  "scripts": {
25
25
  "test": "./node_modules/.bin/karma start --browsers ChromeHeadless --single-run"
26
- }
26
+ },
27
+ "version": "11.7.1"
27
28
  }
@@ -2,6 +2,6 @@ audience: partner
2
2
  classification: library
3
3
  org_line: App & Partner Platform
4
4
  owners:
5
- - Shopify/app-partner-dev-tools-education
5
+ - Shopify/platform-dev-tools-education
6
6
  slack_channels:
7
7
  - dev-tools-education
@@ -18,6 +18,9 @@ Gem::Specification.new do |s|
18
18
  s.add_development_dependency('rake')
19
19
  s.add_development_dependency('byebug')
20
20
  s.add_development_dependency('pry')
21
+ s.add_development_dependency('pry-nav')
22
+ s.add_development_dependency('pry-stack_explorer')
23
+ s.add_development_dependency('rb-readline')
21
24
  s.add_development_dependency('sqlite3', '~> 1.4')
22
25
  s.add_development_dependency('minitest')
23
26
  s.add_development_dependency('mocha')
@@ -26,4 +29,4 @@ Gem::Specification.new do |s|
26
29
  s.files = `git ls-files`.split("\n").reject { |f| f.match(%r{^(test|example)/}) }
27
30
  s.test_files = `git ls-files -- {test}/*`.split("\n")
28
31
  s.require_paths = ["lib"]
29
- end
32
+ end
data/yarn.lock CHANGED
@@ -4360,10 +4360,10 @@ semver@^6.3.0:
4360
4360
  resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d"
4361
4361
  integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==
4362
4362
 
4363
- serialize-javascript@^1.7.0:
4364
- version "1.9.1"
4365
- resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-1.9.1.tgz#cfc200aef77b600c47da9bb8149c943e798c2fdb"
4366
- integrity sha512-0Vb/54WJ6k5v8sSWN09S0ora+Hnr+cX40r9F170nT+mSkaxltoE/7R3OrIdBSUv1OoiobH1QoWQbCnAO+e8J1A==
4363
+ serialize-javascript@^2.1.2:
4364
+ version "2.1.2"
4365
+ resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-2.1.2.tgz#ecec53b0e0317bdc95ef76ab7074b7384785fa61"
4366
+ integrity sha512-rs9OggEUF0V4jUSecXazOYsLfu7OGK2qIn3c7IPBiffz32XniEp/TX9Xmc9LQfK2nQ2QKHvZ2oygKUGU0lG4jQ==
4367
4367
 
4368
4368
  set-blocking@^2.0.0, set-blocking@~2.0.0:
4369
4369
  version "2.0.0"
@@ -4769,16 +4769,16 @@ tar@^4:
4769
4769
  safe-buffer "^5.1.2"
4770
4770
  yallist "^3.0.3"
4771
4771
 
4772
- terser-webpack-plugin@^1.4.1:
4773
- version "1.4.1"
4774
- resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-1.4.1.tgz#61b18e40eaee5be97e771cdbb10ed1280888c2b4"
4775
- integrity sha512-ZXmmfiwtCLfz8WKZyYUuuHf3dMYEjg8NrjHMb0JqHVHVOSkzp3cW2/XG1fP3tRhqEqSzMwzzRQGtAPbs4Cncxg==
4772
+ terser-webpack-plugin@^1.4.3:
4773
+ version "1.4.3"
4774
+ resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-1.4.3.tgz#5ecaf2dbdc5fb99745fd06791f46fc9ddb1c9a7c"
4775
+ integrity sha512-QMxecFz/gHQwteWwSo5nTc6UaICqN1bMedC5sMtUc7y3Ha3Q8y6ZO0iCR8pq4RJC8Hjf0FEPEHZqcMB/+DFCrA==
4776
4776
  dependencies:
4777
4777
  cacache "^12.0.2"
4778
4778
  find-cache-dir "^2.1.0"
4779
4779
  is-wsl "^1.1.0"
4780
4780
  schema-utils "^1.0.0"
4781
- serialize-javascript "^1.7.0"
4781
+ serialize-javascript "^2.1.2"
4782
4782
  source-map "^0.6.1"
4783
4783
  terser "^4.1.2"
4784
4784
  webpack-sources "^1.4.0"
@@ -5083,10 +5083,10 @@ webpack-sources@^1.4.0, webpack-sources@^1.4.1:
5083
5083
  source-list-map "^2.0.0"
5084
5084
  source-map "~0.6.1"
5085
5085
 
5086
- webpack@^4.40.2:
5087
- version "4.40.2"
5088
- resolved "https://registry.yarnpkg.com/webpack/-/webpack-4.40.2.tgz#d21433d250f900bf0facbabe8f50d585b2dc30a7"
5089
- integrity sha512-5nIvteTDCUws2DVvP9Qe+JPla7kWPPIDFZv55To7IycHWZ+Z5qBdaBYPyuXWdhggTufZkQwfIK+5rKQTVovm2A==
5086
+ webpack@^4.41.3:
5087
+ version "4.41.3"
5088
+ resolved "https://registry.yarnpkg.com/webpack/-/webpack-4.41.3.tgz#cb7592c43080337dbc9be9e98fc6478eb3981026"
5089
+ integrity sha512-EcNzP9jGoxpQAXq1VOoTet0ik7/VVU1MovIfcUSAjLowc7GhcQku/sOXALvq5nPpSei2HF6VRhibeJSC3i/Law==
5090
5090
  dependencies:
5091
5091
  "@webassemblyjs/ast" "1.8.5"
5092
5092
  "@webassemblyjs/helper-module-context" "1.8.5"
@@ -5108,7 +5108,7 @@ webpack@^4.40.2:
5108
5108
  node-libs-browser "^2.2.1"
5109
5109
  schema-utils "^1.0.0"
5110
5110
  tapable "^1.1.3"
5111
- terser-webpack-plugin "^1.4.1"
5111
+ terser-webpack-plugin "^1.4.3"
5112
5112
  watchpack "^1.6.0"
5113
5113
  webpack-sources "^1.4.1"
5114
5114
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: shopify_app
3
3
  version: !ruby/object:Gem::Version
4
- version: 11.4.0
4
+ version: 11.7.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Shopify
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-12-10 00:00:00.000000000 Z
11
+ date: 2020-01-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: browser_sniffer
@@ -108,6 +108,48 @@ dependencies:
108
108
  - - ">="
109
109
  - !ruby/object:Gem::Version
110
110
  version: '0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: pry-nav
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - ">="
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - ">="
123
+ - !ruby/object:Gem::Version
124
+ version: '0'
125
+ - !ruby/object:Gem::Dependency
126
+ name: pry-stack_explorer
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - ">="
130
+ - !ruby/object:Gem::Version
131
+ version: '0'
132
+ type: :development
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - ">="
137
+ - !ruby/object:Gem::Version
138
+ version: '0'
139
+ - !ruby/object:Gem::Dependency
140
+ name: rb-readline
141
+ requirement: !ruby/object:Gem::Requirement
142
+ requirements:
143
+ - - ">="
144
+ - !ruby/object:Gem::Version
145
+ version: '0'
146
+ type: :development
147
+ prerelease: false
148
+ version_requirements: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - ">="
151
+ - !ruby/object:Gem::Version
152
+ version: '0'
111
153
  - !ruby/object:Gem::Dependency
112
154
  name: sqlite3
113
155
  requirement: !ruby/object:Gem::Requirement
@@ -197,6 +239,7 @@ files:
197
239
  - app/controllers/concerns/shopify_app/authenticated.rb
198
240
  - app/controllers/shopify_app/authenticated_controller.rb
199
241
  - app/controllers/shopify_app/callback_controller.rb
242
+ - app/controllers/shopify_app/extension_verification_controller.rb
200
243
  - app/controllers/shopify_app/sessions_controller.rb
201
244
  - app/controllers/shopify_app/webhooks_controller.rb
202
245
  - app/views/shopify_app/partials/_button_styles.html.erb
@@ -235,6 +278,8 @@ files:
235
278
  - docs/Quickstart.md
236
279
  - docs/Releasing.md
237
280
  - docs/Troubleshooting.md
281
+ - docs/install-on-dev-shop.png
282
+ - docs/test-your-app.png
238
283
  - images/app-proxy-screenshot.png
239
284
  - karma.conf.js
240
285
  - lib/generators/shopify_app/add_after_authenticate_job/add_after_authenticate_job_generator.rb
@@ -275,6 +320,10 @@ files:
275
320
  - lib/generators/shopify_app/shop_model/templates/shop.rb
276
321
  - lib/generators/shopify_app/shop_model/templates/shops.yml
277
322
  - lib/generators/shopify_app/shopify_app_generator.rb
323
+ - lib/generators/shopify_app/user_model/templates/db/migrate/create_users.erb
324
+ - lib/generators/shopify_app/user_model/templates/user.rb
325
+ - lib/generators/shopify_app/user_model/templates/users.yml
326
+ - lib/generators/shopify_app/user_model/user_model_generator.rb
278
327
  - lib/generators/shopify_app/views/views_generator.rb
279
328
  - lib/shopify_app.rb
280
329
  - lib/shopify_app/configuration.rb
@@ -284,15 +333,17 @@ files:
284
333
  - lib/shopify_app/controller_concerns/localization.rb
285
334
  - lib/shopify_app/controller_concerns/login_protection.rb
286
335
  - lib/shopify_app/controller_concerns/webhook_verification.rb
287
- - lib/shopify_app/controllers/extension_verification_controller.rb
288
336
  - lib/shopify_app/engine.rb
289
337
  - lib/shopify_app/jobs/scripttags_manager_job.rb
290
338
  - lib/shopify_app/jobs/webhooks_manager_job.rb
291
339
  - lib/shopify_app/managers/scripttags_manager.rb
292
340
  - lib/shopify_app/managers/webhooks_manager.rb
341
+ - lib/shopify_app/middleware/same_site_cookie_middleware.rb
293
342
  - lib/shopify_app/session/in_memory_session_store.rb
294
343
  - lib/shopify_app/session/session_repository.rb
295
344
  - lib/shopify_app/session/session_storage.rb
345
+ - lib/shopify_app/session/storage_strategies/shop_storage_strategy.rb
346
+ - lib/shopify_app/session/storage_strategies/user_storage_strategy.rb
296
347
  - lib/shopify_app/utils.rb
297
348
  - lib/shopify_app/version.rb
298
349
  - package-lock.json
@@ -1,17 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class ExtensionVerificationController < ActionController::Base
4
- before_action :verify_request
5
-
6
- private
7
-
8
- def verify_request
9
- hmac_header = request.headers['HTTP_X_SHOPIFY_HMAC_SHA256']
10
- request_body = request.body.read
11
- secret = ShopifyApp.configuration.secret
12
- digest = OpenSSL::Digest.new('sha256')
13
-
14
- expected_hmac = Base64.strict_encode64(OpenSSL::HMAC.digest(digest, secret, request_body))
15
- head(:unauthorized) unless ActiveSupport::SecurityUtils.secure_compare(expected_hmac, hmac_header)
16
- end
17
- end