RubyGems - shopify_app - Versions diffs - 13.0.0 → 13.0.1 - Mend

shopify_app 13.0.0 → 13.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (65) hide show

data/lib/generators/shopify_app/install/install_generator.rb CHANGED

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'rails/generators/base'
 module ShopifyApp
@@ -16,7 +17,7 @@ module ShopifyApp
         @scope = format_array_argument(options['scope'])
         @api_version = options['api_version'] || ShopifyAPI::Meta.admin_versions.find(&:latest_supported).handle
-        template 'shopify_app.rb', 'config/initializers/shopify_app.rb'
+        template('shopify_app.rb', 'config/initializers/shopify_app.rb')
       end
       def create_session_store_initializer
@@ -24,22 +25,22 @@ module ShopifyApp
       end
       def create_and_inject_into_omniauth_initializer
-        unless File.exist? "config/initializers/omniauth.rb"
-          copy_file 'omniauth.rb', 'config/initializers/omniauth.rb'
+        unless File.exist?("config/initializers/omniauth.rb")
+          copy_file('omniauth.rb', 'config/initializers/omniauth.rb')
         end
         inject_into_file(
           'config/initializers/omniauth.rb',
           File.read(File.expand_path(find_in_source_paths('shopify_provider.rb'))),
-          after: "Rails.application.config.middleware.use OmniAuth::Builder do\n"
+          after: "Rails.application.config.middleware.use(OmniAuth::Builder) do\n"
         )
       end
       def create_embedded_app_layout
         return unless embedded_app?
-        copy_file 'embedded_app.html.erb', 'app/views/layouts/embedded_app.html.erb'
-        copy_file '_flash_messages.html.erb', 'app/views/layouts/_flash_messages.html.erb'
+        copy_file('embedded_app.html.erb', 'app/views/layouts/embedded_app.html.erb')
+        copy_file('_flash_messages.html.erb', 'app/views/layouts/_flash_messages.html.erb')
         if ShopifyApp.use_webpacker?
           copy_file('shopify_app.js', 'app/javascript/shopify_app/shopify_app.js')
@@ -53,11 +54,11 @@ module ShopifyApp
       end
       def create_user_agent_initializer
-        template 'user_agent.rb', 'config/initializers/user_agent.rb'
+        template('user_agent.rb', 'config/initializers/user_agent.rb')
       end
       def mount_engine
-        route "mount ShopifyApp::Engine, at: '/'"
+        route("mount ShopifyApp::Engine, at: '/'")
       end
       def insert_hosts_into_development_config

data/lib/generators/shopify_app/install/templates/omniauth.rb CHANGED

@@ -1,2 +1,3 @@
-Rails.application.config.middleware.use OmniAuth::Builder do
+# frozen_string_literal: true
+Rails.application.config.middleware.use(OmniAuth::Builder) do
 end

data/lib/generators/shopify_app/install/templates/user_agent.rb CHANGED

@@ -1,5 +1,6 @@
+# frozen_string_literal: true
 module ShopifyAPI
   class Base < ActiveResource::Base
-    self.headers['User-Agent'] << " | ShopifyApp/#{ShopifyApp::VERSION}"
+    headers['User-Agent'] << " | ShopifyApp/#{ShopifyApp::VERSION}"
   end
 end

data/lib/generators/shopify_app/routes/routes_generator.rb CHANGED

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'rails/generators/base'
 module ShopifyApp

data/lib/generators/shopify_app/routes/templates/routes.rb CHANGED

@@ -1,11 +1,12 @@
+# frozen_string_literal: true
-  controller :sessions do
-    get 'login' => :new, :as => :login
-    post 'login' => :create, :as => :authenticate
-    get 'auth/shopify/callback' => :callback
-    get 'logout' => :destroy, :as => :logout
-  end
+controller :sessions do
+  get 'login' => :new, :as => :login
+  post 'login' => :create, :as => :authenticate
+  get 'auth/shopify/callback' => :callback
+  get 'logout' => :destroy, :as => :logout
+end
-  namespace :webhooks do
-    post ':type' => :receive
-  end
+namespace :webhooks do
+  post ':type' => :receive
+end

data/lib/generators/shopify_app/shop_model/shop_model_generator.rb CHANGED

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'rails/generators/base'
 require 'rails/generators/active_record'
@@ -8,19 +9,19 @@ module ShopifyApp
       source_root File.expand_path('../templates', __FILE__)
       def create_shop_model
-        copy_file 'shop.rb', 'app/models/shop.rb'
+        copy_file('shop.rb', 'app/models/shop.rb')
       end
       def create_shop_migration
-        migration_template 'db/migrate/create_shops.erb', 'db/migrate/create_shops.rb'
+        migration_template('db/migrate/create_shops.erb', 'db/migrate/create_shops.rb')
       end
       def update_shopify_app_initializer
-        gsub_file 'config/initializers/shopify_app.rb', 'ShopifyApp::InMemoryShopSessionStore', 'Shop'
+        gsub_file('config/initializers/shopify_app.rb', 'ShopifyApp::InMemoryShopSessionStore', 'Shop')
       end
       def create_shop_fixtures
-        copy_file 'shops.yml', 'test/fixtures/shops.yml'
+        copy_file('shops.yml', 'test/fixtures/shops.yml')
       end
       private

data/lib/generators/shopify_app/shop_model/templates/shop.rb CHANGED

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Shop < ActiveRecord::Base
   include ShopifyApp::ShopSessionStorage

data/lib/generators/shopify_app/shopify_app_generator.rb CHANGED

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module ShopifyApp
   module Generators
     class ShopifyAppGenerator < Rails::Generators::Base
@@ -7,10 +8,10 @@ module ShopifyApp
       end
       def run_all_generators
-        generate "shopify_app:install #{@opts.join(' ')}"
-        generate "shopify_app:shop_model"
+        generate("shopify_app:install #{@opts.join(' ')}")
+        generate("shopify_app:shop_model")
         generate("shopify_app:authenticated_controller")
-        generate "shopify_app:home_controller"
+        generate("shopify_app:home_controller")
       end
     end
   end

data/lib/generators/shopify_app/user_model/templates/user.rb CHANGED

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class User < ActiveRecord::Base
   include ShopifyApp::UserSessionStorage

data/lib/generators/shopify_app/user_model/user_model_generator.rb CHANGED

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'rails/generators/base'
 require 'rails/generators/active_record'
@@ -8,19 +9,19 @@ module ShopifyApp
       source_root File.expand_path('../templates', __FILE__)
       def create_user_model
-        copy_file 'user.rb', 'app/models/user.rb'
+        copy_file('user.rb', 'app/models/user.rb')
       end
       def create_user_migration
-        migration_template 'db/migrate/create_users.erb', 'db/migrate/create_users.rb'
+        migration_template('db/migrate/create_users.erb', 'db/migrate/create_users.rb')
       end
       def update_shopify_app_initializer
-        gsub_file 'config/initializers/shopify_app.rb', 'ShopifyApp::InMemoryUserSessionStore', 'User'
+        gsub_file('config/initializers/shopify_app.rb', 'ShopifyApp::InMemoryUserSessionStore', 'User')
       end
       def create_user_fixtures
-        copy_file 'users.yml', 'test/fixtures/users.yml'
+        copy_file('users.yml', 'test/fixtures/users.yml')
       end
       private

data/lib/generators/shopify_app/views/views_generator.rb CHANGED

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'rails/generators/base'
 module ShopifyApp

data/lib/shopify_app.rb CHANGED

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'shopify_app/version'
 # deps
@@ -44,11 +45,13 @@ module ShopifyApp
   require 'shopify_app/middleware/same_site_cookie_middleware'
   # session
-  require 'shopify_app/session/session_storage'
-  require 'shopify_app/session/shop_session_storage'
-  require 'shopify_app/session/user_session_storage'
-  require 'shopify_app/session/session_repository'
   require 'shopify_app/session/in_memory_session_store'
   require 'shopify_app/session/in_memory_shop_session_store'
   require 'shopify_app/session/in_memory_user_session_store'
+  require 'shopify_app/session/jwt'
+  require 'shopify_app/session/null_user_session_store'
+  require 'shopify_app/session/session_repository'
+  require 'shopify_app/session/session_storage'
+  require 'shopify_app/session/shop_session_storage'
+  require 'shopify_app/session/user_session_storage'
 end

data/lib/shopify_app/configuration.rb CHANGED

@@ -1,11 +1,11 @@
+# frozen_string_literal: true
 module ShopifyApp
   class Configuration
     # Shopify App settings. These values should match the configuration
     # for the app in your Shopify Partners page. Change your settings in
     # `config/initializers/shopify_app.rb`
     attr_accessor :application_name
-    attr_accessor  :api_key
+    attr_accessor :api_key
     attr_accessor :secret
     attr_accessor :old_secret
     attr_accessor :scope
@@ -14,13 +14,11 @@ module ShopifyApp
     attr_accessor :webhooks
     attr_accessor :scripttags
     attr_accessor :after_authenticate_job
-    attr_reader :shop_session_repository
-    attr_reader :user_session_repository
     attr_accessor :api_version
     # customise urls
     attr_accessor :root_url
-    attr_accessor :login_url
+    attr_writer :login_url
     # customise ActiveJob queue names
     attr_accessor :scripttags_manager_queue_name
@@ -36,7 +34,10 @@ module ShopifyApp
     attr_accessor :webhook_jobs_namespace
     # allow enabling of same site none on cookies
-    attr_accessor :enable_same_site_none
+    attr_writer :enable_same_site_none
+    # allow enabling jwt headers for authentication
+    attr_accessor :allow_jwt_authentication
     def initialize
       @root_url = '/'
@@ -51,15 +52,21 @@ module ShopifyApp
     end
     def user_session_repository=(klass)
-      @user_session_repository = klass
       ShopifyApp::SessionRepository.user_storage = klass
     end
+    def user_session_repository
+      ShopifyApp::SessionRepository.user_storage
+    end
     def shop_session_repository=(klass)
-      @shop_session_repository = klass
       ShopifyApp::SessionRepository.shop_storage = klass
     end
+    def shop_session_repository
+      ShopifyApp::SessionRepository.shop_storage
+    end
     def has_webhooks?
       webhooks.present?
     end

data/lib/shopify_app/controller_concerns/app_proxy_verification.rb CHANGED

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module ShopifyApp
   module AppProxyVerification
     extend ActiveSupport::Concern
@@ -8,7 +9,7 @@ module ShopifyApp
     end
     def verify_proxy_request
-      return head :forbidden unless query_string_valid?(request.query_string)
+      return head(:forbidden) unless query_string_valid?(request.query_string)
     end
     private
@@ -26,7 +27,7 @@ module ShopifyApp
     end
     def calculated_signature(query_hash_without_signature)
-      sorted_params = query_hash_without_signature.collect{|k,v| "#{k}=#{Array(v).join(',')}"}.sort.join
+      sorted_params = query_hash_without_signature.collect { |k, v| "#{k}=#{Array(v).join(',')}" }.sort.join
       OpenSSL::HMAC.hexdigest(
         OpenSSL::Digest.new('sha256'),

data/lib/shopify_app/controller_concerns/embedded_app.rb CHANGED

@@ -1,11 +1,12 @@
+# frozen_string_literal: true
 module ShopifyApp
   module EmbeddedApp
     extend ActiveSupport::Concern
     included do
       if ShopifyApp.configuration.embedded_app?
-        after_action :set_esdk_headers
-        layout 'embedded_app'
+        after_action(:set_esdk_headers)
+        layout('embedded_app')
       end
     end

data/lib/shopify_app/controller_concerns/localization.rb CHANGED

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module ShopifyApp
   module Localization
     extend ActiveSupport::Concern

data/lib/shopify_app/controller_concerns/login_protection.rb CHANGED

@@ -11,7 +11,7 @@ module ShopifyApp
     included do
       after_action :set_test_cookie
-      rescue_from ActiveResource::UnauthorizedAccess, :with => :close_session
+      rescue_from ActiveResource::UnauthorizedAccess, with: :close_session
     end
     def activate_shopify_session
@@ -27,20 +27,38 @@ module ShopifyApp
     end
     def current_shopify_session
-      if session[:user_id].present?
-        @current_shopify_session ||= user_session
-      else
-        @current_shopify_session ||= shop_session
+      @current_shopify_session ||= begin
+        user_session || shop_session
       end
     end
     def user_session
-      return if session[:user_id].blank?
+      user_session_by_jwt || user_session_by_cookie
+    end
+    def user_session_by_jwt
+      return unless ShopifyApp.configuration.allow_jwt_authentication
+      return unless jwt_shopify_user_id
+      ShopifyApp::SessionRepository.retrieve_user_session_by_shopify_user_id(jwt_shopify_user_id)
+    end
+    def user_session_by_cookie
+      return unless session[:user_id].present?
       ShopifyApp::SessionRepository.retrieve_user_session(session[:user_id])
     end
     def shop_session
-      return if session[:shop_id].blank?
+      shop_session_by_jwt || shop_session_by_cookie
+    end
+    def shop_session_by_jwt
+      return unless ShopifyApp.configuration.allow_jwt_authentication
+      return unless jwt_shopify_domain
+      ShopifyApp::SessionRepository.retrieve_shop_session_by_shopify_domain(jwt_shopify_domain)
+    end
+    def shop_session_by_cookie
+      return unless session[:shop_id].present?
       ShopifyApp::SessionRepository.retrieve_shop_session(session[:shop_id])
     end
@@ -50,7 +68,9 @@ module ShopifyApp
       end
-      if current_shopify_session && params[:shop] && params[:shop].is_a?(String) && (current_shopify_session.domain != params[:shop])
+      if current_shopify_session &&
+        params[:shop] && params[:shop].is_a?(String) &&
+        (current_shopify_session.domain != params[:shop])
         clear_session = true
       end
@@ -62,9 +82,23 @@ module ShopifyApp
     protected
+    def jwt_shopify_domain
+      return unless jwt
+      @jwt_shopify_domain ||= JWT.new(jwt).shopify_domain
+    end
+    def jwt_shopify_user_id
+      return unless jwt
+      @jwt_user_id ||= JWT.new(jwt).shopify_user_id
+    end
+    def jwt
+      @jwt ||= authenticate_with_http_token { |token| token }
+    end
     def redirect_to_login
       if request.xhr?
-        head :unauthorized
+        head(:unauthorized)
       else
         if request.get?
           path = request.path
@@ -128,9 +162,10 @@ module ShopifyApp
     def fullpage_redirect_to(url)
       if ShopifyApp.configuration.embedded_app?
-        render 'shopify_app/shared/redirect', layout: false, locals: { url: url, current_shopify_domain: current_shopify_domain }
+        render('shopify_app/shared/redirect', layout: false,
+               locals: { url: url, current_shopify_domain: current_shopify_domain })
       else
-        redirect_to url
+        redirect_to(url)
       end
     end

data/lib/shopify_app/controller_concerns/webhook_verification.rb CHANGED

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module ShopifyApp
   module WebhookVerification
     extend ActiveSupport::Concern
@@ -11,7 +12,7 @@ module ShopifyApp
     def verify_request
       data = request.raw_post
-      return head :unauthorized unless hmac_valid?(data)
+      return head(:unauthorized) unless hmac_valid?(data)
     end
     def hmac_valid?(data)

data/lib/shopify_app/engine.rb CHANGED

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module ShopifyApp
   class Engine < Rails::Engine
     engine_name 'shopify_app'

data/lib/shopify_app/jobs/scripttags_manager_job.rb CHANGED

@@ -1,6 +1,6 @@
+# frozen_string_literal: true
 module ShopifyApp
   class ScripttagsManagerJob < ActiveJob::Base
     queue_as do
       ShopifyApp.configuration.scripttags_manager_queue_name
     end