shopify_app 14.4.4 → 17.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/build.yml +38 -0
- data/.github/workflows/rubocop.yml +1 -7
- data/.gitignore +0 -2
- data/CHANGELOG.md +24 -0
- data/Gemfile.lock +256 -0
- data/README.md +34 -15
- data/app/assets/images/storage_access.svg +1 -2
- data/app/controllers/concerns/shopify_app/ensure_authenticated_links.rb +22 -0
- data/app/controllers/shopify_app/callback_controller.rb +0 -6
- data/app/controllers/shopify_app/sessions_controller.rb +1 -15
- data/app/views/shopify_app/partials/_button_styles.html.erb +41 -36
- data/app/views/shopify_app/partials/_card_styles.html.erb +3 -3
- data/app/views/shopify_app/partials/_empty_state_styles.html.erb +28 -59
- data/app/views/shopify_app/partials/_form_styles.html.erb +56 -0
- data/app/views/shopify_app/partials/_layout_styles.html.erb +16 -1
- data/app/views/shopify_app/partials/_typography_styles.html.erb +6 -6
- data/app/views/shopify_app/sessions/enable_cookies.html.erb +1 -1
- data/app/views/shopify_app/sessions/new.html.erb +38 -110
- data/app/views/shopify_app/sessions/request_storage_access.html.erb +1 -1
- data/app/views/shopify_app/sessions/top_level_interaction.html.erb +20 -15
- data/config/locales/de.yml +11 -11
- data/config/locales/vi.yml +22 -0
- data/config/locales/zh-CN.yml +1 -1
- data/docs/Releasing.md +5 -3
- data/lib/generators/shopify_app/home_controller/home_controller_generator.rb +16 -7
- data/lib/generators/shopify_app/home_controller/templates/index.html.erb +10 -10
- data/lib/generators/shopify_app/install/install_generator.rb +6 -1
- data/lib/generators/shopify_app/install/templates/shopify_app.rb.tt +4 -3
- data/lib/shopify_app/configuration.rb +3 -0
- data/lib/shopify_app/controller_concerns/itp.rb +0 -2
- data/lib/shopify_app/controller_concerns/login_protection.rb +4 -14
- data/lib/shopify_app/session/jwt.rb +3 -1
- data/lib/shopify_app/version.rb +1 -1
- data/package.json +1 -1
- data/shopify_app.gemspec +1 -1
- data/translation.yml +1 -1
- metadata +13 -3
- data/.travis.yml +0 -27
|
@@ -11,6 +11,7 @@ module ShopifyApp
|
|
|
11
11
|
class_option :scope, type: :array, default: ['read_products']
|
|
12
12
|
class_option :embedded, type: :string, default: 'true'
|
|
13
13
|
class_option :api_version, type: :string, default: nil
|
|
14
|
+
class_option :with_cookie_authentication, type: :boolean, default: false
|
|
14
15
|
|
|
15
16
|
def create_shopify_app_initializer
|
|
16
17
|
@application_name = format_array_argument(options['application_name'])
|
|
@@ -64,7 +65,7 @@ module ShopifyApp
|
|
|
64
65
|
def insert_hosts_into_development_config
|
|
65
66
|
inject_into_file(
|
|
66
67
|
'config/environments/development.rb',
|
|
67
|
-
" config.hosts = (config.hosts rescue []) << /\\
|
|
68
|
+
" config.hosts = (config.hosts rescue []) << /\\w+\\.ngrok\\.io/\n",
|
|
68
69
|
after: "Rails.application.configure do\n"
|
|
69
70
|
)
|
|
70
71
|
end
|
|
@@ -78,6 +79,10 @@ module ShopifyApp
|
|
|
78
79
|
def format_array_argument(array)
|
|
79
80
|
array.join(' ').tr('"', '')
|
|
80
81
|
end
|
|
82
|
+
|
|
83
|
+
def with_cookie_authentication?
|
|
84
|
+
options['with_cookie_authentication'] || !embedded_app?
|
|
85
|
+
end
|
|
81
86
|
end
|
|
82
87
|
end
|
|
83
88
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
ShopifyApp.configure do |config|
|
|
2
2
|
config.application_name = "<%= @application_name %>"
|
|
3
|
-
config.api_key = ENV
|
|
4
|
-
config.secret = ENV
|
|
3
|
+
config.api_key = ENV.fetch('SHOPIFY_API_KEY', '').presence || raise('Missing SHOPIFY_API_KEY')
|
|
4
|
+
config.secret = ENV.fetch('SHOPIFY_API_SECRET', '').presence || raise('Missing SHOPIFY_API_SECRET')
|
|
5
5
|
config.old_secret = "<%= @old_secret %>"
|
|
6
6
|
config.scope = "<%= @scope %>" # Consult this page for more scope options:
|
|
7
7
|
# https://help.shopify.com/en/api/getting-started/authentication/oauth/scopes
|
|
@@ -9,7 +9,8 @@ ShopifyApp.configure do |config|
|
|
|
9
9
|
config.after_authenticate_job = false
|
|
10
10
|
config.api_version = "<%= @api_version %>"
|
|
11
11
|
config.shop_session_repository = 'Shop'
|
|
12
|
-
config.allow_jwt_authentication =
|
|
12
|
+
config.allow_jwt_authentication = <%= !with_cookie_authentication? %>
|
|
13
|
+
config.allow_cookie_authentication = <%= with_cookie_authentication? %>
|
|
13
14
|
end
|
|
14
15
|
|
|
15
16
|
# ShopifyApp::Utils.fetch_known_api_versions # Uncomment to fetch known api versions from shopify servers on boot
|
|
@@ -39,12 +39,15 @@ module ShopifyApp
|
|
|
39
39
|
# allow enabling jwt headers for authentication
|
|
40
40
|
attr_accessor :allow_jwt_authentication
|
|
41
41
|
|
|
42
|
+
attr_accessor :allow_cookie_authentication
|
|
43
|
+
|
|
42
44
|
def initialize
|
|
43
45
|
@root_url = '/'
|
|
44
46
|
@myshopify_domain = 'myshopify.com'
|
|
45
47
|
@scripttags_manager_queue_name = Rails.application.config.active_job.queue_name
|
|
46
48
|
@webhooks_manager_queue_name = Rails.application.config.active_job.queue_name
|
|
47
49
|
@disable_webpacker = ENV['SHOPIFY_APP_DISABLE_WEBPACKER'].present?
|
|
50
|
+
@allow_cookie_authentication = true
|
|
48
51
|
end
|
|
49
52
|
|
|
50
53
|
def login_url
|
|
@@ -13,12 +13,10 @@ module ShopifyApp
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
def set_top_level_oauth_cookie
|
|
16
|
-
Rails.logger.debug("[ShopifyApp::Itp] Setting top level oauth cookie...")
|
|
17
16
|
session['shopify.top_level_oauth'] = true
|
|
18
17
|
end
|
|
19
18
|
|
|
20
19
|
def clear_top_level_oauth_cookie
|
|
21
|
-
Rails.logger.debug("[ShopifyApp::Itp] Clearing top level oauth cookie...")
|
|
22
20
|
session.delete('shopify.top_level_oauth')
|
|
23
21
|
end
|
|
24
22
|
|
|
@@ -18,24 +18,18 @@ module ShopifyApp
|
|
|
18
18
|
|
|
19
19
|
def activate_shopify_session
|
|
20
20
|
if user_session_expected? && user_session.blank?
|
|
21
|
-
Rails.logger.debug("[ShopifyApp::LoginProtection] User session required. Redirecting to login...")
|
|
22
21
|
signal_access_token_required
|
|
23
22
|
return redirect_to_login
|
|
24
23
|
end
|
|
25
24
|
|
|
26
|
-
if current_shopify_session.blank?
|
|
27
|
-
Rails.logger.debug("[ShopifyApp::LoginProtection] Current shopify session is blank. Redirecting to login...")
|
|
28
|
-
return redirect_to_login
|
|
29
|
-
end
|
|
25
|
+
return redirect_to_login if current_shopify_session.blank?
|
|
30
26
|
|
|
31
27
|
clear_top_level_oauth_cookie
|
|
32
28
|
|
|
33
29
|
begin
|
|
34
|
-
Rails.logger.debug("[ShopifyApp::LoginProtection] Activating session...")
|
|
35
30
|
ShopifyAPI::Base.activate_session(current_shopify_session)
|
|
36
31
|
yield
|
|
37
32
|
ensure
|
|
38
|
-
Rails.logger.debug("[ShopifyApp::LoginProtection] Clearing session...")
|
|
39
33
|
ShopifyAPI::Base.clear_session
|
|
40
34
|
end
|
|
41
35
|
end
|
|
@@ -57,6 +51,7 @@ module ShopifyApp
|
|
|
57
51
|
end
|
|
58
52
|
|
|
59
53
|
def user_session_by_cookie
|
|
54
|
+
return unless ShopifyApp.configuration.allow_cookie_authentication
|
|
60
55
|
return unless session[:user_id].present?
|
|
61
56
|
ShopifyApp::SessionRepository.retrieve_user_session(session[:user_id])
|
|
62
57
|
end
|
|
@@ -72,18 +67,14 @@ module ShopifyApp
|
|
|
72
67
|
end
|
|
73
68
|
|
|
74
69
|
def shop_session_by_cookie
|
|
70
|
+
return unless ShopifyApp.configuration.allow_cookie_authentication
|
|
75
71
|
return unless session[:shop_id].present?
|
|
76
72
|
ShopifyApp::SessionRepository.retrieve_shop_session(session[:shop_id])
|
|
77
73
|
end
|
|
78
74
|
|
|
79
75
|
def login_again_if_different_user_or_shop
|
|
80
76
|
if session[:user_session].present? && params[:session].present? # session data was sent/stored correctly
|
|
81
|
-
Rails.logger.debug("[ShopifyApp::LoginProtection] Session data was sent/stored correctly.")
|
|
82
77
|
clear_session = session[:user_session] != params[:session] # current user is different from stored user
|
|
83
|
-
if clear_session
|
|
84
|
-
Rails.logger.debug("[ShopifyApp::LoginProtection] Current user is different from stored user.")
|
|
85
|
-
end
|
|
86
|
-
clear_session
|
|
87
78
|
end
|
|
88
79
|
|
|
89
80
|
if current_shopify_session &&
|
|
@@ -93,14 +84,13 @@ module ShopifyApp
|
|
|
93
84
|
end
|
|
94
85
|
|
|
95
86
|
if clear_session
|
|
96
|
-
Rails.logger.debug("[ShopifyApp::LoginProtection] Clearing shopify session and redirecting to login...")
|
|
97
87
|
clear_shopify_session
|
|
98
88
|
redirect_to_login
|
|
99
89
|
end
|
|
100
90
|
end
|
|
101
91
|
|
|
102
92
|
def signal_access_token_required
|
|
103
|
-
response.set_header(ACCESS_TOKEN_REQUIRED_HEADER, true)
|
|
93
|
+
response.set_header(ACCESS_TOKEN_REQUIRED_HEADER, "true")
|
|
104
94
|
end
|
|
105
95
|
|
|
106
96
|
protected
|
|
@@ -2,7 +2,9 @@
|
|
|
2
2
|
module ShopifyApp
|
|
3
3
|
class JWT
|
|
4
4
|
class InvalidDestinationError < StandardError; end
|
|
5
|
+
|
|
5
6
|
class MismatchedHostsError < StandardError; end
|
|
7
|
+
|
|
6
8
|
class InvalidAudienceError < StandardError; end
|
|
7
9
|
|
|
8
10
|
WARN_EXCEPTIONS = [
|
|
@@ -25,7 +27,7 @@ module ShopifyApp
|
|
|
25
27
|
end
|
|
26
28
|
|
|
27
29
|
def shopify_user_id
|
|
28
|
-
@payload && @payload['sub']
|
|
30
|
+
@payload['sub'].to_i if @payload && @payload['sub']
|
|
29
31
|
end
|
|
30
32
|
|
|
31
33
|
private
|
data/lib/shopify_app/version.rb
CHANGED
data/package.json
CHANGED
data/shopify_app.gemspec
CHANGED
|
@@ -14,7 +14,7 @@ Gem::Specification.new do |s|
|
|
|
14
14
|
s.metadata['allowed_push_host'] = 'https://rubygems.org'
|
|
15
15
|
|
|
16
16
|
s.add_runtime_dependency('browser_sniffer', '~> 1.2.2')
|
|
17
|
-
s.add_runtime_dependency('rails', '> 5.2.1')
|
|
17
|
+
s.add_runtime_dependency('rails', '> 5.2.1', '< 6.1')
|
|
18
18
|
s.add_runtime_dependency('shopify_api', '~> 9.1')
|
|
19
19
|
s.add_runtime_dependency('omniauth-shopify-oauth2', '~> 2.2.2')
|
|
20
20
|
s.add_runtime_dependency('jwt', '~> 2.2.1')
|
data/translation.yml
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
source_language: en
|
|
2
|
-
target_languages: [cs, da, de, es, fi, fr, hi, it, ja, ko, ms, nb, nl, pl, pt-BR, pt-PT, sv, th, tr, zh-CN, zh-TW]
|
|
2
|
+
target_languages: [cs, da, de, es, fi, fr, hi, it, ja, ko, ms, nb, nl, pl, pt-BR, pt-PT, sv, th, tr, vi, zh-CN, zh-TW]
|
|
3
3
|
components:
|
|
4
4
|
- name: 'merchant'
|
|
5
5
|
paths:
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: shopify_app
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 17.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Shopify
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-01-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: browser_sniffer
|
|
@@ -31,6 +31,9 @@ dependencies:
|
|
|
31
31
|
- - ">"
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
33
|
version: 5.2.1
|
|
34
|
+
- - "<"
|
|
35
|
+
- !ruby/object:Gem::Version
|
|
36
|
+
version: '6.1'
|
|
34
37
|
type: :runtime
|
|
35
38
|
prerelease: false
|
|
36
39
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -38,6 +41,9 @@ dependencies:
|
|
|
38
41
|
- - ">"
|
|
39
42
|
- !ruby/object:Gem::Version
|
|
40
43
|
version: 5.2.1
|
|
44
|
+
- - "<"
|
|
45
|
+
- !ruby/object:Gem::Version
|
|
46
|
+
version: '6.1'
|
|
41
47
|
- !ruby/object:Gem::Dependency
|
|
42
48
|
name: shopify_api
|
|
43
49
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -245,14 +251,15 @@ files:
|
|
|
245
251
|
- ".github/ISSUE_TEMPLATE.md"
|
|
246
252
|
- ".github/PULL_REQUEST_TEMPLATE.md"
|
|
247
253
|
- ".github/probots.yml"
|
|
254
|
+
- ".github/workflows/build.yml"
|
|
248
255
|
- ".github/workflows/rubocop.yml"
|
|
249
256
|
- ".gitignore"
|
|
250
257
|
- ".nvmrc"
|
|
251
258
|
- ".rubocop.yml"
|
|
252
259
|
- ".ruby-version"
|
|
253
|
-
- ".travis.yml"
|
|
254
260
|
- CHANGELOG.md
|
|
255
261
|
- Gemfile
|
|
262
|
+
- Gemfile.lock
|
|
256
263
|
- LICENSE
|
|
257
264
|
- README.md
|
|
258
265
|
- Rakefile
|
|
@@ -268,6 +275,7 @@ files:
|
|
|
268
275
|
- app/assets/javascripts/shopify_app/top_level.js
|
|
269
276
|
- app/assets/javascripts/shopify_app/top_level_interaction.js
|
|
270
277
|
- app/controllers/concerns/shopify_app/authenticated.rb
|
|
278
|
+
- app/controllers/concerns/shopify_app/ensure_authenticated_links.rb
|
|
271
279
|
- app/controllers/concerns/shopify_app/require_known_shop.rb
|
|
272
280
|
- app/controllers/shopify_app/authenticated_controller.rb
|
|
273
281
|
- app/controllers/shopify_app/callback_controller.rb
|
|
@@ -277,6 +285,7 @@ files:
|
|
|
277
285
|
- app/views/shopify_app/partials/_button_styles.html.erb
|
|
278
286
|
- app/views/shopify_app/partials/_card_styles.html.erb
|
|
279
287
|
- app/views/shopify_app/partials/_empty_state_styles.html.erb
|
|
288
|
+
- app/views/shopify_app/partials/_form_styles.html.erb
|
|
280
289
|
- app/views/shopify_app/partials/_layout_styles.html.erb
|
|
281
290
|
- app/views/shopify_app/partials/_typography_styles.html.erb
|
|
282
291
|
- app/views/shopify_app/sessions/enable_cookies.html.erb
|
|
@@ -304,6 +313,7 @@ files:
|
|
|
304
313
|
- config/locales/sv.yml
|
|
305
314
|
- config/locales/th.yml
|
|
306
315
|
- config/locales/tr.yml
|
|
316
|
+
- config/locales/vi.yml
|
|
307
317
|
- config/locales/zh-CN.yml
|
|
308
318
|
- config/locales/zh-TW.yml
|
|
309
319
|
- config/routes.rb
|
data/.travis.yml
DELETED
|
@@ -1,27 +0,0 @@
|
|
|
1
|
-
sudo: required
|
|
2
|
-
dist: trusty
|
|
3
|
-
addons:
|
|
4
|
-
chrome: stable
|
|
5
|
-
before_script:
|
|
6
|
-
- "sudo chown root /opt/google/chrome/chrome-sandbox"
|
|
7
|
-
- "sudo chmod 4755 /opt/google/chrome/chrome-sandbox"
|
|
8
|
-
language: ruby
|
|
9
|
-
cache:
|
|
10
|
-
bundler: true
|
|
11
|
-
directories:
|
|
12
|
-
- node_modules
|
|
13
|
-
yarn: true
|
|
14
|
-
|
|
15
|
-
rvm:
|
|
16
|
-
- 2.5
|
|
17
|
-
- 2.6
|
|
18
|
-
- 2.7
|
|
19
|
-
|
|
20
|
-
install:
|
|
21
|
-
- bundle install
|
|
22
|
-
- nvm install node
|
|
23
|
-
- yarn
|
|
24
|
-
|
|
25
|
-
script:
|
|
26
|
-
- yarn test
|
|
27
|
-
- bundle exec rake test
|