shopify_app 13.0.0 → 18.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (145) hide show
  1. checksums.yaml +4 -4
  2. data/.github/CODEOWNERS +1 -0
  3. data/.github/ISSUE_TEMPLATE/bug-report.md +63 -0
  4. data/.github/ISSUE_TEMPLATE/config.yml +1 -0
  5. data/.github/ISSUE_TEMPLATE/feature-request.md +33 -0
  6. data/.github/PULL_REQUEST_TEMPLATE.md +22 -0
  7. data/.github/workflows/build.yml +41 -0
  8. data/.github/workflows/release.yml +24 -0
  9. data/.github/workflows/rubocop.yml +22 -0
  10. data/.gitignore +0 -2
  11. data/.rubocop.yml +14 -6
  12. data/CHANGELOG.md +158 -0
  13. data/CONTRIBUTING.md +76 -0
  14. data/Gemfile +5 -0
  15. data/Gemfile.lock +268 -0
  16. data/README.md +73 -534
  17. data/Rakefile +1 -0
  18. data/SECURITY.md +59 -0
  19. data/app/assets/images/storage_access.svg +1 -2
  20. data/app/assets/javascripts/shopify_app/post_redirect.js +9 -0
  21. data/app/assets/javascripts/shopify_app/storage_access.js +2 -1
  22. data/app/assets/javascripts/shopify_app/top_level_interaction.js +1 -1
  23. data/app/controllers/concerns/shopify_app/authenticated.rb +1 -0
  24. data/app/controllers/concerns/shopify_app/ensure_authenticated_links.rb +26 -0
  25. data/app/controllers/concerns/shopify_app/require_known_shop.rb +39 -0
  26. data/app/controllers/concerns/shopify_app/shop_access_scopes_verification.rb +32 -0
  27. data/app/controllers/shopify_app/authenticated_controller.rb +1 -0
  28. data/app/controllers/shopify_app/callback_controller.rb +104 -18
  29. data/app/controllers/shopify_app/extension_verification_controller.rb +2 -7
  30. data/app/controllers/shopify_app/sessions_controller.rb +26 -10
  31. data/app/controllers/shopify_app/webhooks_controller.rb +6 -5
  32. data/app/views/shopify_app/partials/_button_styles.html.erb +41 -36
  33. data/app/views/shopify_app/partials/_card_styles.html.erb +3 -3
  34. data/app/views/shopify_app/partials/_empty_state_styles.html.erb +28 -59
  35. data/app/views/shopify_app/partials/_form_styles.html.erb +56 -0
  36. data/app/views/shopify_app/partials/_layout_styles.html.erb +16 -1
  37. data/app/views/shopify_app/partials/_typography_styles.html.erb +6 -6
  38. data/app/views/shopify_app/sessions/enable_cookies.html.erb +2 -7
  39. data/app/views/shopify_app/sessions/new.html.erb +38 -110
  40. data/app/views/shopify_app/sessions/request_storage_access.html.erb +1 -1
  41. data/app/views/shopify_app/sessions/top_level_interaction.html.erb +21 -22
  42. data/app/views/shopify_app/shared/post_redirect_to_auth_shopify.html.erb +13 -0
  43. data/config/locales/de.yml +11 -11
  44. data/config/locales/fi.yml +1 -1
  45. data/config/locales/nl.yml +8 -8
  46. data/config/locales/th.yml +4 -4
  47. data/config/locales/vi.yml +22 -0
  48. data/config/locales/zh-CN.yml +1 -1
  49. data/config/routes.rb +1 -0
  50. data/docs/Quickstart.md +15 -87
  51. data/docs/Releasing.md +18 -14
  52. data/docs/Troubleshooting.md +147 -4
  53. data/docs/Upgrading.md +126 -0
  54. data/docs/shopify_app/authentication.md +124 -0
  55. data/docs/shopify_app/engine.md +82 -0
  56. data/docs/shopify_app/generators.md +127 -0
  57. data/docs/shopify_app/handling-access-scopes-changes.md +14 -0
  58. data/docs/shopify_app/script-tags.md +28 -0
  59. data/docs/shopify_app/session-repository.md +88 -0
  60. data/docs/shopify_app/testing.md +38 -0
  61. data/docs/shopify_app/webhooks.md +72 -0
  62. data/karma.conf.js +1 -1
  63. data/lib/generators/shopify_app/add_after_authenticate_job/add_after_authenticate_job_generator.rb +5 -3
  64. data/lib/generators/shopify_app/add_after_authenticate_job/templates/after_authenticate_job.rb +1 -0
  65. data/lib/generators/shopify_app/add_marketing_activity_extension/add_marketing_activity_extension_generator.rb +2 -1
  66. data/lib/generators/shopify_app/add_marketing_activity_extension/templates/marketing_activities_controller.rb +4 -4
  67. data/lib/generators/shopify_app/add_webhook/add_webhook_generator.rb +5 -4
  68. data/lib/generators/shopify_app/add_webhook/templates/{webhook_job.rb → webhook_job.rb.tt} +5 -0
  69. data/lib/generators/shopify_app/app_proxy_controller/app_proxy_controller_generator.rb +4 -3
  70. data/lib/generators/shopify_app/app_proxy_controller/templates/app_proxy_controller.rb +3 -3
  71. data/lib/generators/shopify_app/app_proxy_controller/templates/app_proxy_route.rb +10 -9
  72. data/lib/generators/shopify_app/authenticated_controller/authenticated_controller_generator.rb +1 -1
  73. data/lib/generators/shopify_app/controllers/controllers_generator.rb +2 -1
  74. data/lib/generators/shopify_app/home_controller/home_controller_generator.rb +31 -3
  75. data/lib/generators/shopify_app/home_controller/templates/home_controller.rb +10 -0
  76. data/lib/generators/shopify_app/home_controller/templates/index.html.erb +66 -16
  77. data/lib/generators/shopify_app/home_controller/templates/unauthenticated_home_controller.rb +12 -0
  78. data/lib/generators/shopify_app/install/install_generator.rb +46 -11
  79. data/lib/generators/shopify_app/install/templates/embedded_app.html.erb +3 -2
  80. data/lib/generators/shopify_app/install/templates/flash_messages.js +0 -2
  81. data/lib/generators/shopify_app/install/templates/omniauth.rb +3 -1
  82. data/lib/generators/shopify_app/install/templates/shopify_app.js +1 -1
  83. data/lib/generators/shopify_app/install/templates/shopify_app.rb.tt +25 -0
  84. data/lib/generators/shopify_app/install/templates/shopify_provider.rb.tt +8 -0
  85. data/lib/generators/shopify_app/install/templates/user_agent.rb +2 -1
  86. data/lib/generators/shopify_app/products_controller/products_controller_generator.rb +19 -0
  87. data/lib/generators/shopify_app/products_controller/templates/products_controller.rb +8 -0
  88. data/lib/generators/shopify_app/routes/routes_generator.rb +1 -0
  89. data/lib/generators/shopify_app/routes/templates/routes.rb +10 -9
  90. data/lib/generators/shopify_app/shop_model/shop_model_generator.rb +39 -7
  91. data/lib/generators/shopify_app/shop_model/templates/db/migrate/add_shop_access_scopes_column.erb +5 -0
  92. data/lib/generators/shopify_app/shop_model/templates/shop.rb +2 -1
  93. data/lib/generators/shopify_app/shopify_app_generator.rb +4 -3
  94. data/lib/generators/shopify_app/user_model/templates/db/migrate/add_user_access_scopes_column.erb +5 -0
  95. data/lib/generators/shopify_app/user_model/templates/user.rb +2 -1
  96. data/lib/generators/shopify_app/user_model/user_model_generator.rb +39 -7
  97. data/lib/generators/shopify_app/views/views_generator.rb +2 -1
  98. data/lib/shopify_app/access_scopes/noop_strategy.rb +13 -0
  99. data/lib/shopify_app/access_scopes/shop_strategy.rb +24 -0
  100. data/lib/shopify_app/access_scopes/user_strategy.rb +41 -0
  101. data/lib/shopify_app/configuration.rb +40 -8
  102. data/lib/shopify_app/controller_concerns/app_proxy_verification.rb +3 -3
  103. data/lib/shopify_app/controller_concerns/csrf_protection.rb +15 -0
  104. data/lib/shopify_app/controller_concerns/embedded_app.rb +3 -2
  105. data/lib/shopify_app/controller_concerns/localization.rb +1 -0
  106. data/lib/shopify_app/controller_concerns/login_protection.rb +81 -16
  107. data/lib/shopify_app/controller_concerns/payload_verification.rb +24 -0
  108. data/lib/shopify_app/controller_concerns/webhook_verification.rb +3 -18
  109. data/lib/shopify_app/engine.rb +27 -0
  110. data/lib/shopify_app/jobs/scripttags_manager_job.rb +1 -1
  111. data/lib/shopify_app/jobs/webhooks_manager_job.rb +1 -1
  112. data/lib/shopify_app/managers/scripttags_manager.rb +4 -3
  113. data/lib/shopify_app/managers/webhooks_manager.rb +4 -3
  114. data/lib/shopify_app/middleware/jwt_middleware.rb +42 -0
  115. data/lib/shopify_app/middleware/same_site_cookie_middleware.rb +3 -2
  116. data/lib/shopify_app/omniauth/omniauth_configuration.rb +64 -0
  117. data/lib/shopify_app/session/in_memory_session_store.rb +7 -3
  118. data/lib/shopify_app/session/in_memory_shop_session_store.rb +12 -0
  119. data/lib/shopify_app/session/in_memory_user_session_store.rb +12 -0
  120. data/lib/shopify_app/session/jwt.rb +63 -0
  121. data/lib/shopify_app/session/null_user_session_store.rb +22 -0
  122. data/lib/shopify_app/session/session_repository.rb +13 -16
  123. data/lib/shopify_app/session/session_storage.rb +1 -0
  124. data/lib/shopify_app/session/shop_session_storage.rb +21 -9
  125. data/lib/shopify_app/session/shop_session_storage_with_scopes.rb +58 -0
  126. data/lib/shopify_app/session/user_session_storage.rb +19 -8
  127. data/lib/shopify_app/session/user_session_storage_with_scopes.rb +58 -0
  128. data/lib/shopify_app/test_helpers/all.rb +2 -0
  129. data/lib/shopify_app/test_helpers/webhook_verification_helper.rb +17 -0
  130. data/lib/shopify_app/utils.rb +18 -5
  131. data/lib/shopify_app/version.rb +2 -1
  132. data/lib/shopify_app.rb +23 -5
  133. data/package.json +7 -8
  134. data/service.yml +1 -4
  135. data/shopify_app.gemspec +15 -9
  136. data/translation.yml +1 -1
  137. data/yarn.lock +2140 -2188
  138. metadata +107 -19
  139. data/.github/ISSUE_TEMPLATE.md +0 -14
  140. data/.travis.yml +0 -27
  141. data/docs/install-on-dev-shop.png +0 -0
  142. data/docs/test-your-app.png +0 -0
  143. data/lib/generators/shopify_app/install/templates/shopify_app.rb +0 -15
  144. data/lib/generators/shopify_app/install/templates/shopify_provider.rb +0 -20
  145. data/package-lock.json +0 -7245
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d4e2d37f9112725500d1a9f36fe76b743e8981920eea4838024cafd6a71cb5eb
4
- data.tar.gz: 3c52a0ee9a7f40433ad01b82bda3a0c6d30dd9bb45c319f1d457a0bd13c30fc0
3
+ metadata.gz: 2fcfa987c56d06c327c1cff6e12350711473a1a265844b6f4f3c32b696c1495e
4
+ data.tar.gz: 57b44743afc3e0175fe408ccfa688bc0b8c28d7b99db6fae5e6c7ab1a843ec9a
5
5
  SHA512:
6
- metadata.gz: 19a445a22b25b01f860a84128551234313bc44e7acd1583ec90bc96f59d65a8fac208feb1d5a6899453935dd19458196c5253605d85e3ac346be2fa405a50b4c
7
- data.tar.gz: 526354098526753ade6d30a346ffa75b2280707638b66dba61c89b34a771e72dd4c23cfae8bda319de58a7a373e7c05d233a13a4f2f8325c7754cda1ed58d835
6
+ metadata.gz: 583dbf51eaa3a3a600a410eca4d30fab58776709f6882908ed72af5da222163bbeaeba6805682ed95100abcce1217aceeba5851fa9cf00836b7a1f1201f30289
7
+ data.tar.gz: 8dcb0f7bceb2f4ec7bcbe8eb5f5d5bb294767fa5ead28b1d329ef34a5119fd835f99669480514473a5e184b91f9e79f4abd9941399b269faf5522ce6f69e6eb7
data/.github/CODEOWNERS CHANGED
@@ -1 +1,2 @@
1
1
  * @shopify/platform-dev-tools-education
2
+ * @shopify/app-foundations
@@ -0,0 +1,63 @@
1
+ ---
2
+ name: Bug report
3
+ about: Report a technical issue with the Shopify App gem.
4
+ labels: bug
5
+ ---
6
+
7
+ <!--
8
+
9
+ Do you want to ask a question? Are you looking for support? The Shopify Community forum is the best place for getting support: https://community.shopify.com
10
+
11
+ You can also join the Partners Slack Community group: https://www.shopify.com/partners/community#conversation
12
+
13
+ Authentication Issues: A great deal of the issues surrounding this repo are around authenticating (installing) the generated app with Shopify.
14
+
15
+ If you are experiencing issues with your app authenticating/installing the best way to get help fast is to create a repo with the minimal amount of code to demonstrate the issue and a clearly documented set of steps you took to arrive there. This will help us solve your problem quicker since we won't need to spend any time figuring out how to reproduce the bug. Please also include your operating system and browser.
16
+
17
+ -->
18
+
19
+ ### Description
20
+
21
+ <!-- Description of the issue -->
22
+
23
+ ### Steps to Reproduce
24
+
25
+ 1. <!-- First Step -->
26
+ 2. <!-- Second Step -->
27
+ 3. <!-- and so on… -->
28
+
29
+ **Expected behavior:**
30
+
31
+ <!-- What you expect to happen -->
32
+
33
+ **Actual behavior:**
34
+
35
+ <!-- What actually happens -->
36
+
37
+ **Reproduces how often:**
38
+
39
+ <!-- What percentage of the time does it reproduce? -->
40
+
41
+ ### Browsers
42
+
43
+ <!-- Please specify the browser(s) you have tested that exhibit this behaviour. -->
44
+
45
+ ### Gem versions
46
+
47
+ <!-- Please specify which version(s) of the gem exhibit this behaviour. -->
48
+
49
+ ### Additional Information
50
+
51
+ <!-- Any additional information, configuration or data that might be necessary to reproduce the issue. See common examples of important information below. -->
52
+
53
+ <!-- - [x] My app relies on third-party cookies -->
54
+ <!-- - [x] My app is intended to be a non-embedded app -->
55
+ <!-- - [x] My app uses session tokens -->
56
+
57
+
58
+ ### Security
59
+
60
+ <!-- Please be certain to redact any private information from your logs or code snippets such as Api Keys, Api Secrets, and any authentication tokens such as shop_tokens. -->
61
+
62
+ - [ ] I have redacted any private information from my logs or code snippets.
63
+
@@ -0,0 +1 @@
1
+ blank_issues_enabled: false
@@ -0,0 +1,33 @@
1
+ ---
2
+ name: Feature request
3
+ about: Request new functionality for the Shopify App gem.
4
+ labels: feature request
5
+ ---
6
+
7
+ <!--
8
+
9
+ Do you want to ask a question? Are you looking for support? The Shopify Community forum is the best place for getting support: https://community.shopify.com
10
+
11
+ You can also join the Partners Slack Community group: https://www.shopify.com/partners/community#conversation
12
+
13
+ ---
14
+
15
+ Please note that the team that maintains this gem has finite resources so it's unlikely that we'll work on feature requests. If we're interested in a particular feature however, we'll follow up and ask for more detail.
16
+
17
+ -->
18
+
19
+ ### Summary
20
+
21
+ <!-- One paragraph explanation of the feature or suggestions. -->
22
+
23
+ ### Motivation
24
+
25
+ <!-- Why is this feature or suggestion needed? What is the expected outcome? -->
26
+
27
+ ### Describe alternatives you've considered
28
+
29
+ <!-- A clear and concise description of the alternative solutions you've considered. -->
30
+
31
+ ### Additional context
32
+
33
+ <!-- Add any other context or screenshots about the feature request here. -->
@@ -0,0 +1,22 @@
1
+ ### What this PR does
2
+
3
+ <!-- Please describe what changes this PR introduces and why they're needed. -->
4
+
5
+ ### Reviewer's guide to testing
6
+
7
+ <!-- If this PR changes functionality, please list out steps to test your changes. This helps reviewers verify your changes are correct. -->
8
+
9
+ ### Things to focus on
10
+
11
+ 1. <!-- Focus on a particular file -->
12
+ 2. <!-- Is the test case correct? -->
13
+ 3. <!-- Etc. -->
14
+
15
+ ### Checklist
16
+
17
+ Before submitting the PR, please consider if any of the following are needed:
18
+
19
+ - [ ] Update `CHANGELOG.md` if the changes would impact users
20
+ - [ ] Update `README.md`, if appropriate.
21
+ - [ ] Update any relevant pages in `/docs`, if necessary
22
+ - [ ] For security fixes, the [Disclosure Policy](https://github.com/Shopify/shopify_app/blob/master/SECURITY.md#disclosure-policy) must be followed.
@@ -0,0 +1,41 @@
1
+ name: CI
2
+
3
+ on:
4
+ push:
5
+ branches: [ master ]
6
+ pull_request:
7
+ branches: [ master ]
8
+
9
+ jobs:
10
+ build:
11
+ runs-on: macos-latest # prevents intermittent Chrome Headless error unlike ubuntu
12
+ name: Ruby ${{ matrix.version }}
13
+ strategy:
14
+ matrix:
15
+ version: [2.5, 2.6, 2.7]
16
+
17
+ steps:
18
+ - uses: actions/checkout@v2
19
+ - name: Cache node modules
20
+ uses: actions/cache@v2
21
+ with:
22
+ # npm cache files are stored in `~/.npm` on Linux/macOS
23
+ path: ~/.npm
24
+ key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }}
25
+ - name: Set up Ruby ${{ matrix.version }}
26
+ uses: ruby/setup-ruby@v1
27
+ with:
28
+ ruby-version: ${{ matrix.version }}
29
+ bundler-cache: true
30
+ - name: Set up Node
31
+ uses: actions/setup-node@v2-beta
32
+ with:
33
+ node-version: '12'
34
+ - name: Install Dependencies
35
+ run: |
36
+ yarn
37
+ - name: Run Tests
38
+ run: |
39
+ yarn test
40
+ bundle exec rake test
41
+
@@ -0,0 +1,24 @@
1
+ name: Create Release
2
+
3
+ on:
4
+ push:
5
+ tags:
6
+ - 'v*'
7
+
8
+ jobs:
9
+ create-release:
10
+ runs-on: ubuntu-latest
11
+ steps:
12
+ - name: Extract tag name
13
+ id: tag
14
+ run: echo "::set-output name=value::${GITHUB_REF##*/}"
15
+ - uses: actions/checkout@v2
16
+
17
+ - name: Create Release
18
+ id: create_release
19
+ uses: actions/create-release@v1
20
+ env:
21
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
22
+ with:
23
+ tag_name: ${{ steps.tag.outputs.value }}
24
+ release_name: ${{ steps.tag.outputs.value }}
@@ -0,0 +1,22 @@
1
+ name: RuboCop
2
+
3
+ on: [push, pull_request]
4
+
5
+ jobs:
6
+ build:
7
+ runs-on: ubuntu-latest
8
+
9
+ steps:
10
+ - uses: actions/checkout@v2
11
+ - name: Set up Ruby 2.7
12
+ uses: ruby/setup-ruby@v1
13
+ with:
14
+ ruby-version: 2.7
15
+ bundler-cache: true
16
+ - name: Install gems
17
+ run: |
18
+ bundle config path vendor/bundle
19
+ bundle config set without 'default development test'
20
+ bundle install --jobs 4 --retry 3
21
+ - name: Run RuboCop
22
+ run: bundle exec rubocop --parallel
data/.gitignore CHANGED
@@ -1,6 +1,5 @@
1
1
  *.gem
2
2
  .bundle
3
- Gemfile.lock
4
3
  pkg/*
5
4
  .DS_Store
6
5
  .yardoc
@@ -13,4 +12,3 @@ test/tmp/*
13
12
  /test/dummy/tmp/*
14
13
  /node_modules/
15
14
  .byebug_history
16
-
data/.rubocop.yml CHANGED
@@ -1,10 +1,18 @@
1
- inherit_from:
2
- - https://shopify.github.io/ruby-style-guide/rubocop.yml
1
+ inherit_gem:
2
+ rubocop-shopify: rubocop.yml
3
3
 
4
- LineLength:
4
+ AllCops:
5
+ TargetRubyVersion: 2.7
5
6
  Exclude:
6
- - test/**/*
7
+ - 'test/tmp/**/*'
8
+ - 'vendor/bundle/**/*'
7
9
 
8
- Metrics/ClassLength:
10
+ Style/MethodCallWithArgsParentheses:
9
11
  Exclude:
10
- - test/**/*
12
+ - '**/Gemfile'
13
+ - 'test/**/*'
14
+
15
+ Style/ClassAndModuleChildren:
16
+ Exclude:
17
+ - 'test/**/*'
18
+
data/CHANGELOG.md CHANGED
@@ -1,3 +1,161 @@
1
+ 18.0.2 (Jun 15, 2021)
2
+ ----------
3
+ * Added careers link to readme. [#1274](https://github.com/Shopify/shopify_app/pull/1274)
4
+
5
+ 18.0.1 (May 7, 2021)
6
+ ----------
7
+ * Fix bug causing OAuth flow to fail due to CSP violation. [#1265](https://github.com/Shopify/shopify_app/pull/1265)
8
+
9
+ 18.0.0 (May 3, 2021)
10
+ ----------
11
+ * Support OmniAuth 2.x
12
+ * If your app has custom OmniAuth configuration, please refer to the [OmniAuth 2.0 upgrade guide](https://github.com/omniauth/omniauth/wiki/Upgrading-to-2.0).
13
+ * Support App Bridge version 2.x in the Embedded App layout. [#1241](https://github.com/Shopify/shopify_app/pull/1241)
14
+
15
+ 17.2.1 (April 1, 2021)
16
+ ----------
17
+ * Bug fix: Lock the CDN App Bridge version to `v1.X.Y` in the Embedded App layout [#1238](https://github.com/Shopify/shopify_app/pull/1238)
18
+ * App Bridge `v2.0` is a non-backwards compatible release
19
+ * A future major shopify_app gem release will support only App Bridge `v2.0`
20
+
21
+ 17.2.0 (April 1, 2021)
22
+ ----------
23
+ * Support Rails `v6.1` [#1221](https://github.com/Shopify/shopify_app/pull/1221)
24
+ * Check out [Upgrading to `v17.2.0`](/docs/Upgrading.md#upgrading-to-v1720) in the Upgrading.md guide for the changes needed to support Rails `v6.1`
25
+
26
+ 17.1.1 (March 12, 2021)
27
+ ----------
28
+ * Fix issues with mocking OmniAuth callback controller tests [#1210](https://github.com/Shopify/shopify_app/pull/1210)
29
+
30
+ 17.1.0 (March 5, 2021)
31
+ ----------
32
+ * Create OmniAuthConfiguration object to build future OmniAuth strategies [#1190](https://github.com/Shopify/shopify_app/pull/1190)
33
+ * Added access scopes to Shop and User models, added checks to handle scope changes [#1192](https://github.com/Shopify/shopify_app/pull/1192) [#1197](https://github.com/Shopify/shopify_app/pull/1197)
34
+
35
+ 17.0.5 (January 27, 2021)
36
+ ----------
37
+ * Fix omniauth strategy not being set correctly for apps using session tokens [#1164](https://github.com/Shopify/shopify_app/pull/1164)
38
+
39
+ 17.0.4 (January 25, 2021)
40
+ ----------
41
+ * Redirect user to login page if shopify domain is not found in the `EnsureAuthenticatedLinks` concern [#1158](https://github.com/Shopify/shopify_app/pull/1158)
42
+
43
+ 17.0.3 (January 22, 2021)
44
+ ----------
45
+ * Amend fix for #1144 to raise on missing API keys only when running the server [#1155](https://github.com/Shopify/shopify_app/pull/1155)
46
+
47
+ 17.0.2 (January 20, 2021)
48
+ ------
49
+ * Fix failing script tags and webhooks installs after completing OAuth [#1151](https://github.com/Shopify/shopify_app/pull/1151)
50
+
51
+ 17.0.1 (January 18, 2021)
52
+ ------
53
+ * Don't attempt to read Shopify environment variables when the generators are running, since they may not be present yet [#1144](https://github.com/Shopify/shopify_app/pull/1144)
54
+
55
+ 17.0.0 (January 13, 2021)
56
+ ------
57
+ * Rails 6.1 is not yet supported [#1134](https://github.com/Shopify/shopify_app/pull/1134)
58
+
59
+ 16.1.0
60
+ ------
61
+ * Use Session Token auth strategy by default for new embedded apps [#1111](https://github.com/Shopify/shopify_app/pull/1111)
62
+ * Create optional `EnsureAuthenticatedLinks` concern to authenticate deep links using Turbolinks [#1118](https://github.com/Shopify/shopify_app/pull/1118)
63
+
64
+ 16.0.0
65
+ ------
66
+ * Update all `html.erb` and `css` files to correspond with updated store admin design language [#1102](https://github.com/Shopify/shopify_app/pull/1102)
67
+
68
+ 15.0.1
69
+ ------
70
+ * Allow JWT session token `sub` field to be parsed as a string [#1103](https://github.com/Shopify/shopify_app/pull/1103)
71
+
72
+ 15.0.0
73
+ ------
74
+ * Change `X-Shopify-API-Request-Failure-Unauthorized` HTTP header value from boolean to string
75
+
76
+ 14.4.4
77
+ ------
78
+ * Patch to not log params in ShopifyApp jobs [#1086](https://github.com/Shopify/shopify_app/pull/1086)
79
+
80
+ 14.4.3
81
+ ------
82
+ * Fix to ensure post authenticate jobs are run after callback requests [#1079](https://github.com/Shopify/shopify_app/pull/1079)
83
+
84
+ 14.4.2
85
+ ------
86
+ * Add debug logs in sessions controller
87
+
88
+ 14.4.1
89
+ ------
90
+ * Add debug logs for investigating authentication issues
91
+
92
+ 14.4.0
93
+ ------
94
+ * Replace script tags for ITP screens with data attributes
95
+
96
+ 14.3.0
97
+ ------
98
+ * Create user session if one does not exist but was expected
99
+
100
+ 14.2.0
101
+ ------
102
+ * Revert "Replace redirect calls to use App Bridge redirect functionality"
103
+
104
+ 14.1.0
105
+ ------
106
+ * Replace redirect calls to use App Bridge redirect functionality
107
+
108
+ 14.0.0
109
+ ------
110
+ * Ruby 2.4 is no longer supported by this gem
111
+ * Bump gemspec ruby dependency to 2.5
112
+ * (Beta) Add `--with-session-token` flag to the Shopify App generator to create an app that is compatible with App Bridge Authentication
113
+
114
+ 13.5.0
115
+ ------
116
+ * Add `signal_access_token_required` helper method for apps to indicate access token has expired and that a new one is required
117
+
118
+ 13.4.1
119
+ ------
120
+ * Fix the version checks for the dependency on `shopify_api` to allow all of v9.X
121
+
122
+ 13.4.0
123
+ ------
124
+ * Skip CSRF protection if a valid signed JWT token is present as we trust Shopify to be the only source that can sign it securely. [#994](https://github.com/Shopify/shopify_app/pull/994)
125
+
126
+ 13.3.0
127
+ ------
128
+ * Added Payload Verification module [#992](https://github.com/Shopify/shopify_app/pull/992)
129
+ * Add concern to check for valid shop domains in the unauthenticated controller
130
+
131
+ 13.2.0
132
+ ------
133
+ * Get current shop domain from JWT header
134
+ * Validate that the omniauth data matches the JWT data
135
+ * Persist the token information to the session store
136
+
137
+ 13.1.1
138
+ ------
139
+ * Update browser_sniffer to 1.2.2
140
+
141
+ 13.1.0
142
+ ------
143
+ * Adds the shop URL as a parameter when redirecting after the callback
144
+ * Bump minimum Ruby version to 2.4
145
+ * Bug fixes
146
+
147
+ 13.0.1
148
+ ------
149
+ * Small addition to WebhookJob to return if the shop is nil #952
150
+ * Added Rubocop to the Repo #948
151
+ * Added a WebhookVerification test helper #950
152
+ * Fix for deprecation warning while loading session storage at startup
153
+ * Changes that will allow future JWT authentication
154
+
155
+ 13.0.1
156
+ ------
157
+ * fix for deprecation warning while loading session storage at startup
158
+
1
159
  13.0.0
2
160
  ------
3
161
  + #887 Added concurrent user and shop session support (online/offline)
data/CONTRIBUTING.md ADDED
@@ -0,0 +1,76 @@
1
+ # Contributing to the Shopify App gem
2
+
3
+ The following is a set of guidelines for contributing to the Shopify App gem. These are mostly guidelines, not rules. Use your best judgement, and feel free to propose changes to this document in a pull request.
4
+
5
+ #### Table of contents
6
+
7
+ [I just have a question!](#i-just-have-a-question)
8
+
9
+ [How can I contribute?](#how-can-i-contribute)
10
+ * [Reporting bugs](#reporting-bugs)
11
+ * [Suggesting or requesting improvements](#suggesting-or-requesting-improvements)
12
+ * [Pull requests](#pull-requests)
13
+
14
+ ## I just have a question!
15
+
16
+ > **Note:** Please don't file an issue to ask a question. You'll get faster results by using the resources below.
17
+
18
+ Shopify has an official message board with dedicated forums to discuss all things apps, APIs, SDKs and more.
19
+
20
+ #### Shopify Community forum links
21
+
22
+ * [Shopify Community](https://community.shopify.com)
23
+ * [Shopify Apps](https://community.shopify.com/c/Shopify-Apps/bd-p/shopify-apps)
24
+ * [Shopify APIs & SDKs](https://community.shopify.com/c/Shopify-APIs-SDKs/bd-p/shopify-apis-and-technology)
25
+
26
+ If you prefer to chat instead, join the [Shopify Partners Slack Community group](https://www.shopify.com/partners/community#conversation). This Slack group hosts an active community of thousands of app developers.
27
+
28
+ By participating in the Community forum or Slack group, you agree to adhere to the forum [Code of Conduct](https://community.shopify.com/c/Announcements/Code-of-Conduct/m-p/491969#M23) outlined.
29
+
30
+ ## How can I contribute?
31
+
32
+ ### Reporting bugs
33
+
34
+ This section guides you through submitting a bug report for the Shopify App gem. Following these guidelines helps maintainers and the community understand your report, reproduce the behavior, and find related reports.
35
+
36
+ #### Before submitting a bug report
37
+
38
+ * **Check the [troubleshooting guide](/docs/Troubleshooting.md).** You may be able to troubleshoot the issue you're facing.
39
+ * **Check the [Shopify Community links](#shopify-community-forum-links) to search for your issue.** This problem may have been reported before and solved on the Shopify forum.
40
+ * **Perform a cursory search for similar issues.** You may find that the same problem (or a similar one) has been filed already as an issue.
41
+
42
+ #### How do I submit a good bug report?
43
+
44
+ Bugs are tracked as GitHub issues. Create an issue and provide the following information by filling in the [bug-report template](/.github/ISSUE_TEMPLATE/bug-report.md).
45
+
46
+ Explain the problem and include additional details to help maintainers reproduce the problem:
47
+
48
+ * **Use a clear and descriptive title** for the issue to identify the problem.
49
+ * **Describe the exact steps which reproduce the problem** in as many details as possible.
50
+ * **Provide specific examples to demonstrate the steps.** Include links to files, or copy/pasteable snippets. If you're providing snippets in the issue, use Markdown code blocks.
51
+ * **Describe the behavior you observed** after following the steps and point out what exactly is the problem with that behavior.
52
+ * **Explain which behavior you expected to see** instead and why.
53
+ * **Include screenshots and animated GIFs** where possible.
54
+ * **Redact any private information** from your logs and issue description. This includes things like API keys, API secrets, and any access tokens.
55
+
56
+ ### Suggesting or requesting improvements
57
+
58
+ If you have a suggestion for the Shopify App gem or a feature request, provide the appropriate information by filling out the [feature-request template](/.github/ISSUE_TEMPLATE/feature-request.md).
59
+
60
+ ### Pull requests
61
+
62
+ The process described here has several goals:
63
+
64
+ * Maintain the Shopify App gem's quality
65
+ * Fix problems that are important to app developers
66
+ * Enable a sustainable system for the Shopify App gem's maintainers to review contributions
67
+
68
+ Please follow these steps to have your contribution considered by the maintainers:
69
+
70
+ * Follow all instructions in the [pull request template](/.github/PULL_REQUEST_TEMPLATE.md)
71
+ * After you submit your pull request, verify that all status checks are passing
72
+ * <details>
73
+ <summary>What if the status checks are failing?</summary>
74
+
75
+ While the prerequisites above must be satisfied prior to having your pull request reviewed, the reviewer(s) may ask you to complete additional design work, tests, or other changes before your pull request can be ultimately accepted.
76
+ </details>