shopify_app 18.1.0 → 19.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/build.yml +2 -2
- data/.gitignore +1 -0
- data/CHANGELOG.md +13 -0
- data/Gemfile +3 -2
- data/Gemfile.lock +124 -158
- data/README.md +1 -0
- data/Rakefile +4 -3
- data/app/assets/javascripts/shopify_app/app_bridge_2.0.12.js +10 -0
- data/app/assets/javascripts/shopify_app/app_bridge_redirect.js +3 -4
- data/app/assets/javascripts/shopify_app/storage_access.js +1 -1
- data/app/controllers/concerns/shopify_app/ensure_authenticated_links.rb +1 -1
- data/app/controllers/concerns/shopify_app/require_known_shop.rb +1 -0
- data/app/controllers/concerns/shopify_app/shop_access_scopes_verification.rb +1 -1
- data/app/controllers/shopify_app/authenticated_controller.rb +1 -0
- data/app/controllers/shopify_app/callback_controller.rb +35 -147
- data/app/controllers/shopify_app/sessions_controller.rb +25 -132
- data/app/controllers/shopify_app/webhooks_controller.rb +5 -23
- data/app/views/shopify_app/sessions/enable_cookies.html.erb +1 -8
- data/app/views/shopify_app/sessions/request_storage_access.html.erb +1 -8
- data/app/views/shopify_app/sessions/top_level_interaction.html.erb +1 -1
- data/app/views/shopify_app/shared/redirect.html.erb +1 -7
- data/config/routes.rb +6 -12
- data/docs/Troubleshooting.md +0 -3
- data/docs/Upgrading.md +92 -3
- data/docs/shopify_app/webhooks.md +1 -1
- data/lib/generators/shopify_app/add_after_authenticate_job/add_after_authenticate_job_generator.rb +10 -9
- data/lib/generators/shopify_app/add_after_authenticate_job/templates/after_authenticate_job.rb +1 -0
- data/lib/generators/shopify_app/add_marketing_activity_extension/add_marketing_activity_extension_generator.rb +4 -3
- data/lib/generators/shopify_app/add_webhook/add_webhook_generator.rb +13 -12
- data/lib/generators/shopify_app/add_webhook/templates/webhook_job.rb.tt +9 -1
- data/lib/generators/shopify_app/app_proxy_controller/app_proxy_controller_generator.rb +7 -6
- data/lib/generators/shopify_app/app_proxy_controller/templates/app_proxy_controller.rb +2 -1
- data/lib/generators/shopify_app/app_proxy_controller/templates/app_proxy_route.rb +1 -1
- data/lib/generators/shopify_app/authenticated_controller/authenticated_controller_generator.rb +3 -3
- data/lib/generators/shopify_app/controllers/controllers_generator.rb +4 -3
- data/lib/generators/shopify_app/home_controller/home_controller_generator.rb +11 -15
- data/lib/generators/shopify_app/home_controller/templates/home_controller.rb +2 -2
- data/lib/generators/shopify_app/home_controller/templates/index.html.erb +3 -3
- data/lib/generators/shopify_app/install/install_generator.rb +25 -74
- data/lib/generators/shopify_app/install/templates/embedded_app.html.erb +1 -1
- data/lib/generators/shopify_app/install/templates/session_store.rb +2 -1
- data/lib/generators/shopify_app/install/templates/shopify_app.rb.tt +20 -5
- data/lib/generators/shopify_app/products_controller/products_controller_generator.rb +3 -3
- data/lib/generators/shopify_app/products_controller/templates/products_controller.rb +1 -1
- data/lib/generators/shopify_app/rotate_shopify_token_job/rotate_shopify_token_job_generator.rb +4 -4
- data/lib/generators/shopify_app/rotate_shopify_token_job/templates/rotate_shopify_token.rake +1 -0
- data/lib/generators/shopify_app/rotate_shopify_token_job/templates/rotate_shopify_token_job.rb +1 -1
- data/lib/generators/shopify_app/routes/routes_generator.rb +6 -5
- data/lib/generators/shopify_app/routes/templates/routes.rb +5 -5
- data/lib/generators/shopify_app/shop_model/shop_model_generator.rb +11 -10
- data/lib/generators/shopify_app/shop_model/templates/shop.rb +1 -0
- data/lib/generators/shopify_app/shopify_app_generator.rb +4 -3
- data/lib/generators/shopify_app/user_model/templates/user.rb +1 -0
- data/lib/generators/shopify_app/user_model/user_model_generator.rb +11 -10
- data/lib/generators/shopify_app/views/views_generator.rb +4 -3
- data/lib/shopify_app/access_scopes/shop_strategy.rb +2 -2
- data/lib/shopify_app/access_scopes/user_strategy.rb +4 -4
- data/lib/shopify_app/configuration.rb +5 -17
- data/lib/shopify_app/controller_concerns/app_proxy_verification.rb +4 -3
- data/lib/shopify_app/controller_concerns/csrf_protection.rb +2 -1
- data/lib/shopify_app/controller_concerns/embedded_app.rb +4 -3
- data/lib/shopify_app/controller_concerns/itp.rb +3 -3
- data/lib/shopify_app/controller_concerns/localization.rb +1 -0
- data/lib/shopify_app/controller_concerns/login_protection.rb +55 -73
- data/lib/shopify_app/controller_concerns/payload_verification.rb +3 -2
- data/lib/shopify_app/controller_concerns/webhook_verification.rb +2 -1
- data/lib/shopify_app/engine.rb +7 -15
- data/lib/shopify_app/jobs/scripttags_manager_job.rb +2 -2
- data/lib/shopify_app/jobs/webhooks_manager_job.rb +4 -5
- data/lib/shopify_app/managers/scripttags_manager.rb +11 -4
- data/lib/shopify_app/managers/webhooks_manager.rb +42 -44
- data/lib/shopify_app/middleware/jwt_middleware.rb +5 -4
- data/lib/shopify_app/session/in_memory_session_store.rb +1 -0
- data/lib/shopify_app/session/in_memory_shop_session_store.rb +2 -1
- data/lib/shopify_app/session/in_memory_user_session_store.rb +1 -0
- data/lib/shopify_app/session/jwt.rb +9 -8
- data/lib/shopify_app/session/null_user_session_store.rb +2 -1
- data/lib/shopify_app/session/session_repository.rb +37 -0
- data/lib/shopify_app/session/session_storage.rb +4 -6
- data/lib/shopify_app/session/shop_session_storage.rb +6 -6
- data/lib/shopify_app/session/shop_session_storage_with_scopes.rb +7 -8
- data/lib/shopify_app/session/user_session_storage.rb +19 -6
- data/lib/shopify_app/session/user_session_storage_with_scopes.rb +21 -8
- data/lib/shopify_app/test_helpers/all.rb +2 -1
- data/lib/shopify_app/test_helpers/webhook_verification_helper.rb +4 -3
- data/lib/shopify_app/utils.rb +4 -10
- data/lib/shopify_app/version.rb +2 -1
- data/lib/shopify_app.rb +35 -40
- data/package.json +1 -1
- data/shopify_app.gemspec +21 -20
- data/yarn.lock +6 -6
- metadata +44 -49
- data/app/assets/javascripts/shopify_app/app_bridge_1.30.0.js +0 -1
- data/lib/generators/shopify_app/install/templates/omniauth.rb +0 -4
- data/lib/generators/shopify_app/install/templates/shopify_provider.rb.tt +0 -8
- data/lib/generators/shopify_app/install/templates/user_agent.rb +0 -6
- data/lib/shopify_app/middleware/same_site_cookie_middleware.rb +0 -34
- data/lib/shopify_app/omniauth/omniauth_configuration.rb +0 -64
@@ -1,62 +1,60 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
module ShopifyApp
|
3
4
|
class WebhooksManager
|
4
5
|
class CreationFailed < StandardError; end
|
5
6
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
attr_reader :required_webhooks
|
15
|
-
|
16
|
-
def initialize(webhooks)
|
17
|
-
@required_webhooks = webhooks
|
18
|
-
end
|
19
|
-
|
20
|
-
def recreate_webhooks!
|
21
|
-
destroy_webhooks
|
22
|
-
create_webhooks
|
23
|
-
end
|
24
|
-
|
25
|
-
def create_webhooks
|
26
|
-
return unless required_webhooks.present?
|
7
|
+
class << self
|
8
|
+
def queue(shop_domain, shop_token)
|
9
|
+
ShopifyApp::WebhooksManagerJob.perform_later(
|
10
|
+
shop_domain: shop_domain,
|
11
|
+
shop_token: shop_token
|
12
|
+
)
|
13
|
+
end
|
27
14
|
|
28
|
-
|
29
|
-
|
15
|
+
def create_webhooks(session:)
|
16
|
+
return unless ShopifyApp.configuration.has_webhooks?
|
17
|
+
ShopifyAPI::Webhooks::Registry.register_all(session: session)
|
30
18
|
end
|
31
|
-
end
|
32
19
|
|
33
|
-
|
34
|
-
|
35
|
-
|
20
|
+
def recreate_webhooks!(session:)
|
21
|
+
destroy_webhooks
|
22
|
+
return unless ShopifyApp.configuration.has_webhooks?
|
23
|
+
add_registrations
|
24
|
+
ShopifyAPI::Webhooks::Registry.register_all(session: session)
|
36
25
|
end
|
37
26
|
|
38
|
-
|
39
|
-
|
27
|
+
def destroy_webhooks
|
28
|
+
return unless ShopifyApp.configuration.has_webhooks?
|
40
29
|
|
41
|
-
|
30
|
+
ShopifyApp.configuration.webhooks.each do |attributes|
|
31
|
+
ShopifyAPI::Webhooks::Registry.unregister(topic: attributes[:topic])
|
32
|
+
end
|
33
|
+
end
|
42
34
|
|
43
|
-
|
44
|
-
|
45
|
-
|
35
|
+
def add_registrations
|
36
|
+
return unless ShopifyApp.configuration.has_webhooks?
|
37
|
+
|
38
|
+
ShopifyApp.configuration.webhooks.each do |attributes|
|
39
|
+
ShopifyAPI::Webhooks::Registry.add_registration(
|
40
|
+
topic: attributes[:topic],
|
41
|
+
delivery_method: attributes[:delivery_method] || :http,
|
42
|
+
path: attributes[:address],
|
43
|
+
handler: webhook_job_klass(attributes[:topic]),
|
44
|
+
fields: attributes[:fields]
|
45
|
+
)
|
46
|
+
end
|
47
|
+
end
|
46
48
|
|
47
|
-
|
48
|
-
attributes.reverse_merge!(format: 'json')
|
49
|
-
webhook = ShopifyAPI::Webhook.create(attributes)
|
50
|
-
raise CreationFailed, webhook.errors.full_messages.to_sentence unless webhook.persisted?
|
51
|
-
webhook
|
52
|
-
end
|
49
|
+
private
|
53
50
|
|
54
|
-
|
55
|
-
|
56
|
-
|
51
|
+
def webhook_job_klass(topic)
|
52
|
+
webhook_job_klass_name(topic).safe_constantize || raise(ShopifyApp::MissingWebhookJobError)
|
53
|
+
end
|
57
54
|
|
58
|
-
|
59
|
-
|
55
|
+
def webhook_job_klass_name(topic)
|
56
|
+
[ShopifyApp.configuration.webhook_jobs_namespace, "#{topic.gsub("/", "_")}_job"].compact.join("/").classify
|
57
|
+
end
|
60
58
|
end
|
61
59
|
end
|
62
60
|
end
|
@@ -1,4 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
module ShopifyApp
|
3
4
|
class JWTMiddleware
|
4
5
|
TOKEN_REGEX = /^Bearer\s+(.*?)$/
|
@@ -24,7 +25,7 @@ module ShopifyApp
|
|
24
25
|
end
|
25
26
|
|
26
27
|
def authorization_header(env)
|
27
|
-
env[
|
28
|
+
env["HTTP_AUTHORIZATION"]
|
28
29
|
end
|
29
30
|
|
30
31
|
def extract_token(env)
|
@@ -35,9 +36,9 @@ module ShopifyApp
|
|
35
36
|
def set_env_variables(token, env)
|
36
37
|
jwt = ShopifyApp::JWT.new(token)
|
37
38
|
|
38
|
-
env[
|
39
|
-
env[
|
40
|
-
env[
|
39
|
+
env["jwt.shopify_domain"] = jwt.shopify_domain
|
40
|
+
env["jwt.shopify_user_id"] = jwt.shopify_user_id
|
41
|
+
env["jwt.expire_at"] = jwt.expire_at
|
41
42
|
end
|
42
43
|
end
|
43
44
|
end
|
@@ -1,4 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
module ShopifyApp
|
3
4
|
class JWT
|
4
5
|
class InvalidDestinationError < StandardError; end
|
@@ -23,15 +24,15 @@ module ShopifyApp
|
|
23
24
|
end
|
24
25
|
|
25
26
|
def shopify_domain
|
26
|
-
@payload && ShopifyApp::Utils.sanitize_shop_domain(@payload[
|
27
|
+
@payload && ShopifyApp::Utils.sanitize_shop_domain(@payload["dest"])
|
27
28
|
end
|
28
29
|
|
29
30
|
def shopify_user_id
|
30
|
-
@payload[
|
31
|
+
@payload["sub"].to_i if @payload && @payload["sub"]
|
31
32
|
end
|
32
33
|
|
33
34
|
def expire_at
|
34
|
-
@payload[
|
35
|
+
@payload["exp"].to_i if @payload && @payload["exp"]
|
35
36
|
end
|
36
37
|
|
37
38
|
private
|
@@ -45,19 +46,19 @@ module ShopifyApp
|
|
45
46
|
end
|
46
47
|
|
47
48
|
def parse_token_data(secret, old_secret)
|
48
|
-
::JWT.decode(@token, secret, true, { algorithm:
|
49
|
+
::JWT.decode(@token, secret, true, { algorithm: "HS256" })
|
49
50
|
rescue ::JWT::VerificationError
|
50
51
|
raise unless old_secret
|
51
52
|
|
52
|
-
::JWT.decode(@token, old_secret, true, { algorithm:
|
53
|
+
::JWT.decode(@token, old_secret, true, { algorithm: "HS256" })
|
53
54
|
end
|
54
55
|
|
55
56
|
def validate_payload(payload)
|
56
|
-
dest_host = ShopifyApp::Utils.sanitize_shop_domain(payload[
|
57
|
-
iss_host = ShopifyApp::Utils.sanitize_shop_domain(payload[
|
57
|
+
dest_host = ShopifyApp::Utils.sanitize_shop_domain(payload["dest"])
|
58
|
+
iss_host = ShopifyApp::Utils.sanitize_shop_domain(payload["iss"])
|
58
59
|
api_key = ShopifyApp.configuration.api_key
|
59
60
|
|
60
|
-
raise InvalidAudienceError, "'aud' claim does not match api_key" unless payload[
|
61
|
+
raise InvalidAudienceError, "'aud' claim does not match api_key" unless payload["aud"] == api_key
|
61
62
|
raise InvalidDestinationError, "'dest' claim host not a valid shopify host" unless dest_host
|
62
63
|
raise MismatchedHostsError, "'dest' claim host does not match 'iss' claim host" unless dest_host == iss_host
|
63
64
|
|
@@ -1,4 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
module ShopifyApp
|
3
4
|
class NullUserSessionStore
|
4
5
|
class << self
|
@@ -7,7 +8,7 @@ module ShopifyApp
|
|
7
8
|
end
|
8
9
|
|
9
10
|
def store(_, _)
|
10
|
-
raise SessionRepository::ConfigurationError,
|
11
|
+
raise SessionRepository::ConfigurationError, "user_storage is not configured"
|
11
12
|
end
|
12
13
|
|
13
14
|
def retrieve_by_shopify_user_id(_)
|
@@ -1,6 +1,9 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
module ShopifyApp
|
3
4
|
class SessionRepository
|
5
|
+
extend ShopifyAPI::Auth::SessionStorage
|
6
|
+
|
4
7
|
class ConfigurationError < StandardError; end
|
5
8
|
|
6
9
|
class << self
|
@@ -40,6 +43,40 @@ module ShopifyApp
|
|
40
43
|
load_user_storage
|
41
44
|
end
|
42
45
|
|
46
|
+
# ShopifyAPI::Auth::SessionStorage override
|
47
|
+
def store_session(session)
|
48
|
+
if session.online?
|
49
|
+
user_storage.store(session, session.associated_user.id.to_s)
|
50
|
+
else
|
51
|
+
shop_storage.store(session)
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
# ShopifyAPI::Auth::SessionStorage override
|
56
|
+
def load_session(id)
|
57
|
+
match = id.match(/^offline_(.*)/)
|
58
|
+
if match
|
59
|
+
retrieve_shop_session_by_shopify_domain(match[1])
|
60
|
+
else
|
61
|
+
retrieve_user_session_by_shopify_user_id(id.split("_").last)
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
# ShopifyAPI::Auth::SessionStorage override
|
66
|
+
def delete_session(id)
|
67
|
+
match = id.match(/^offline_(.*)/)
|
68
|
+
|
69
|
+
record = if match
|
70
|
+
Shop.find_by(shopify_domain: match[1])
|
71
|
+
else
|
72
|
+
User.find_by(shopify_user_id: id.split("_").last)
|
73
|
+
end
|
74
|
+
|
75
|
+
record.destroy
|
76
|
+
|
77
|
+
true
|
78
|
+
end
|
79
|
+
|
43
80
|
private
|
44
81
|
|
45
82
|
def load_shop_storage
|
@@ -1,4 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
module ShopifyApp
|
3
4
|
module SessionStorage
|
4
5
|
extend ActiveSupport::Concern
|
@@ -9,12 +10,9 @@ module ShopifyApp
|
|
9
10
|
end
|
10
11
|
|
11
12
|
def with_shopify_session(&block)
|
12
|
-
ShopifyAPI::Session.temp(
|
13
|
-
|
14
|
-
|
15
|
-
api_version: api_version,
|
16
|
-
&block
|
17
|
-
)
|
13
|
+
ShopifyAPI::Auth::Session.temp(shop: shopify_domain, access_token: shopify_token) do
|
14
|
+
yield block
|
15
|
+
end
|
18
16
|
end
|
19
17
|
end
|
20
18
|
end
|
@@ -1,4 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
module ShopifyApp
|
3
4
|
module ShopSessionStorage
|
4
5
|
extend ActiveSupport::Concern
|
@@ -10,8 +11,8 @@ module ShopifyApp
|
|
10
11
|
|
11
12
|
class_methods do
|
12
13
|
def store(auth_session, *_args)
|
13
|
-
shop = find_or_initialize_by(shopify_domain: auth_session.
|
14
|
-
shop.shopify_token = auth_session.
|
14
|
+
shop = find_or_initialize_by(shopify_domain: auth_session.shop)
|
15
|
+
shop.shopify_token = auth_session.access_token
|
15
16
|
shop.save!
|
16
17
|
shop.id
|
17
18
|
end
|
@@ -31,10 +32,9 @@ module ShopifyApp
|
|
31
32
|
def construct_session(shop)
|
32
33
|
return unless shop
|
33
34
|
|
34
|
-
ShopifyAPI::Session.new(
|
35
|
-
|
36
|
-
|
37
|
-
api_version: shop.api_version,
|
35
|
+
ShopifyAPI::Auth::Session.new(
|
36
|
+
shop: shop.shopify_domain,
|
37
|
+
access_token: shop.shopify_token
|
38
38
|
)
|
39
39
|
end
|
40
40
|
end
|
@@ -11,9 +11,9 @@ module ShopifyApp
|
|
11
11
|
|
12
12
|
class_methods do
|
13
13
|
def store(auth_session, *_args)
|
14
|
-
shop = find_or_initialize_by(shopify_domain: auth_session.
|
15
|
-
shop.shopify_token = auth_session.
|
16
|
-
shop.access_scopes = auth_session.
|
14
|
+
shop = find_or_initialize_by(shopify_domain: auth_session.shop)
|
15
|
+
shop.shopify_token = auth_session.access_token
|
16
|
+
shop.access_scopes = auth_session.scope.to_s
|
17
17
|
|
18
18
|
shop.save!
|
19
19
|
shop.id
|
@@ -34,11 +34,10 @@ module ShopifyApp
|
|
34
34
|
def construct_session(shop)
|
35
35
|
return unless shop
|
36
36
|
|
37
|
-
ShopifyAPI::Session.new(
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
access_scopes: shop.access_scopes
|
37
|
+
ShopifyAPI::Auth::Session.new(
|
38
|
+
shop: shop.shopify_domain,
|
39
|
+
access_token: shop.shopify_token,
|
40
|
+
scope: shop.access_scopes
|
42
41
|
)
|
43
42
|
end
|
44
43
|
end
|
@@ -1,4 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
module ShopifyApp
|
3
4
|
module UserSessionStorage
|
4
5
|
extend ActiveSupport::Concern
|
@@ -11,8 +12,8 @@ module ShopifyApp
|
|
11
12
|
class_methods do
|
12
13
|
def store(auth_session, user)
|
13
14
|
user = find_or_initialize_by(shopify_user_id: user[:id])
|
14
|
-
user.shopify_token = auth_session.
|
15
|
-
user.shopify_domain = auth_session.
|
15
|
+
user.shopify_token = auth_session.access_token
|
16
|
+
user.shopify_domain = auth_session.shop
|
16
17
|
user.save!
|
17
18
|
user.id
|
18
19
|
end
|
@@ -31,10 +32,22 @@ module ShopifyApp
|
|
31
32
|
|
32
33
|
def construct_session(user)
|
33
34
|
return unless user
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
35
|
+
|
36
|
+
associated_user = ShopifyAPI::Auth::AssociatedUser.new(
|
37
|
+
id: user.shopify_user_id,
|
38
|
+
first_name: "",
|
39
|
+
last_name: "",
|
40
|
+
email: "",
|
41
|
+
email_verified: false,
|
42
|
+
account_owner: false,
|
43
|
+
locale: "",
|
44
|
+
collaborator: false
|
45
|
+
)
|
46
|
+
|
47
|
+
ShopifyAPI::Auth::Session.new(
|
48
|
+
shop: user.shopify_domain,
|
49
|
+
access_token: user.shopify_token,
|
50
|
+
associated_user: associated_user
|
38
51
|
)
|
39
52
|
end
|
40
53
|
end
|
@@ -1,4 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
module ShopifyApp
|
3
4
|
module UserSessionStorageWithScopes
|
4
5
|
extend ActiveSupport::Concern
|
@@ -11,9 +12,9 @@ module ShopifyApp
|
|
11
12
|
class_methods do
|
12
13
|
def store(auth_session, user)
|
13
14
|
user = find_or_initialize_by(shopify_user_id: user[:id])
|
14
|
-
user.shopify_token = auth_session.
|
15
|
-
user.shopify_domain = auth_session.
|
16
|
-
user.access_scopes = auth_session.
|
15
|
+
user.shopify_token = auth_session.access_token
|
16
|
+
user.shopify_domain = auth_session.shop
|
17
|
+
user.access_scopes = auth_session.scope.to_s
|
17
18
|
|
18
19
|
user.save!
|
19
20
|
user.id
|
@@ -34,11 +35,23 @@ module ShopifyApp
|
|
34
35
|
def construct_session(user)
|
35
36
|
return unless user
|
36
37
|
|
37
|
-
ShopifyAPI::
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
38
|
+
associated_user = ShopifyAPI::Auth::AssociatedUser.new(
|
39
|
+
id: user.shopify_user_id,
|
40
|
+
first_name: "",
|
41
|
+
last_name: "",
|
42
|
+
email: "",
|
43
|
+
email_verified: false,
|
44
|
+
account_owner: false,
|
45
|
+
locale: "",
|
46
|
+
collaborator: false
|
47
|
+
)
|
48
|
+
|
49
|
+
ShopifyAPI::Auth::Session.new(
|
50
|
+
shop: user.shopify_domain,
|
51
|
+
access_token: user.shopify_token,
|
52
|
+
scope: user.access_scopes,
|
53
|
+
associated_user_scope: user.access_scopes,
|
54
|
+
associated_user: associated_user
|
42
55
|
)
|
43
56
|
end
|
44
57
|
end
|
@@ -1,16 +1,17 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
module ShopifyApp
|
3
4
|
module TestHelpers
|
4
5
|
module WebhookVerificationHelper
|
5
6
|
def authorized_webhook_verification_headers!(params = {})
|
6
|
-
digest = OpenSSL::Digest.new(
|
7
|
+
digest = OpenSSL::Digest.new("sha256")
|
7
8
|
secret = ShopifyApp.configuration.secret
|
8
9
|
valid_hmac = Base64.encode64(OpenSSL::HMAC.digest(digest, secret, params.to_query)).strip
|
9
|
-
@request.headers[
|
10
|
+
@request.headers["HTTP_X_SHOPIFY_HMAC_SHA256"] = valid_hmac
|
10
11
|
end
|
11
12
|
|
12
13
|
def unauthorized_webhook_verification_headers!
|
13
|
-
@request.headers[
|
14
|
+
@request.headers["HTTP_X_SHOPIFY_HMAC_SHA256"] = "invalid_hmac"
|
14
15
|
end
|
15
16
|
end
|
16
17
|
end
|
data/lib/shopify_app/utils.rb
CHANGED
@@ -1,11 +1,12 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
module ShopifyApp
|
3
4
|
module Utils
|
4
5
|
def self.sanitize_shop_domain(shop_domain)
|
5
6
|
myshopify_domain = ShopifyApp.configuration.myshopify_domain
|
6
7
|
name = shop_domain.to_s.downcase.strip
|
7
8
|
name += ".#{myshopify_domain}" if !name.include?(myshopify_domain.to_s) && !name.include?(".")
|
8
|
-
name.sub!(%r|https?://|,
|
9
|
+
name.sub!(%r|https?://|, "")
|
9
10
|
|
10
11
|
u = URI("http://#{name}")
|
11
12
|
u.host if u.host&.match(/^[a-z0-9][a-z0-9\-]*[a-z0-9]\.#{Regexp.escape(myshopify_domain)}$/)
|
@@ -13,20 +14,13 @@ module ShopifyApp
|
|
13
14
|
nil
|
14
15
|
end
|
15
16
|
|
16
|
-
def self.
|
17
|
-
Rails.logger.info("[ShopifyAPI::ApiVersion] Fetching known Admin API Versions from Shopify...")
|
18
|
-
ShopifyAPI::ApiVersion.fetch_known_versions
|
19
|
-
Rails.logger.info("[ShopifyAPI::ApiVersion] Known API Versions: #{ShopifyAPI::ApiVersion.versions.keys}")
|
20
|
-
rescue ActiveResource::ConnectionError
|
21
|
-
logger.error("[ShopifyAPI::ApiVersion] Unable to fetch api_versions from Shopify")
|
22
|
-
end
|
23
|
-
|
24
|
-
def self.shop_login_url(shop:, return_to:)
|
17
|
+
def self.shop_login_url(shop:, host:, return_to:)
|
25
18
|
return ShopifyApp.configuration.login_url unless shop
|
26
19
|
url = URI(ShopifyApp.configuration.login_url)
|
27
20
|
|
28
21
|
url.query = URI.encode_www_form(
|
29
22
|
shop: shop,
|
23
|
+
host: host,
|
30
24
|
return_to: return_to,
|
31
25
|
)
|
32
26
|
|
data/lib/shopify_app/version.rb
CHANGED
data/lib/shopify_app.rb
CHANGED
@@ -1,11 +1,10 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
-
|
2
|
+
|
3
|
+
require "shopify_app/version"
|
3
4
|
|
4
5
|
# deps
|
5
|
-
require
|
6
|
-
require
|
7
|
-
require 'omniauth-shopify-oauth2'
|
8
|
-
require 'redirect_safely'
|
6
|
+
require "shopify_api"
|
7
|
+
require "redirect_safely"
|
9
8
|
|
10
9
|
module ShopifyApp
|
11
10
|
def self.rails6?
|
@@ -22,59 +21,55 @@ module ShopifyApp
|
|
22
21
|
|
23
22
|
def self.use_webpacker?
|
24
23
|
rails6? &&
|
25
|
-
defined?(Webpacker) ==
|
24
|
+
defined?(Webpacker) == "constant" &&
|
26
25
|
!configuration.disable_webpacker
|
27
26
|
end
|
28
27
|
|
29
28
|
# config
|
30
|
-
require
|
29
|
+
require "shopify_app/configuration"
|
31
30
|
|
32
31
|
# engine
|
33
|
-
require
|
32
|
+
require "shopify_app/engine"
|
34
33
|
|
35
34
|
# utils
|
36
|
-
require
|
35
|
+
require "shopify_app/utils"
|
37
36
|
|
38
37
|
# controller concerns
|
39
|
-
require
|
40
|
-
require
|
41
|
-
require
|
42
|
-
require
|
43
|
-
require
|
44
|
-
require
|
45
|
-
require
|
46
|
-
require
|
38
|
+
require "shopify_app/controller_concerns/csrf_protection"
|
39
|
+
require "shopify_app/controller_concerns/localization"
|
40
|
+
require "shopify_app/controller_concerns/itp"
|
41
|
+
require "shopify_app/controller_concerns/login_protection"
|
42
|
+
require "shopify_app/controller_concerns/embedded_app"
|
43
|
+
require "shopify_app/controller_concerns/payload_verification"
|
44
|
+
require "shopify_app/controller_concerns/app_proxy_verification"
|
45
|
+
require "shopify_app/controller_concerns/webhook_verification"
|
47
46
|
|
48
47
|
# jobs
|
49
|
-
require
|
50
|
-
require
|
48
|
+
require "shopify_app/jobs/webhooks_manager_job"
|
49
|
+
require "shopify_app/jobs/scripttags_manager_job"
|
51
50
|
|
52
51
|
# managers
|
53
|
-
require
|
54
|
-
require
|
52
|
+
require "shopify_app/managers/webhooks_manager"
|
53
|
+
require "shopify_app/managers/scripttags_manager"
|
55
54
|
|
56
55
|
# middleware
|
57
|
-
require
|
58
|
-
require 'shopify_app/middleware/same_site_cookie_middleware'
|
56
|
+
require "shopify_app/middleware/jwt_middleware"
|
59
57
|
|
60
58
|
# session
|
61
|
-
require
|
62
|
-
require
|
63
|
-
require
|
64
|
-
require
|
65
|
-
require
|
66
|
-
require
|
67
|
-
require
|
68
|
-
require
|
69
|
-
require
|
70
|
-
require
|
71
|
-
require
|
59
|
+
require "shopify_app/session/in_memory_session_store"
|
60
|
+
require "shopify_app/session/in_memory_shop_session_store"
|
61
|
+
require "shopify_app/session/in_memory_user_session_store"
|
62
|
+
require "shopify_app/session/jwt"
|
63
|
+
require "shopify_app/session/null_user_session_store"
|
64
|
+
require "shopify_app/session/session_repository"
|
65
|
+
require "shopify_app/session/session_storage"
|
66
|
+
require "shopify_app/session/shop_session_storage"
|
67
|
+
require "shopify_app/session/shop_session_storage_with_scopes"
|
68
|
+
require "shopify_app/session/user_session_storage"
|
69
|
+
require "shopify_app/session/user_session_storage_with_scopes"
|
72
70
|
|
73
71
|
# access scopes strategies
|
74
|
-
require
|
75
|
-
require
|
76
|
-
require
|
77
|
-
|
78
|
-
# omniauth_configuration
|
79
|
-
require 'shopify_app/omniauth/omniauth_configuration'
|
72
|
+
require "shopify_app/access_scopes/shop_strategy"
|
73
|
+
require "shopify_app/access_scopes/user_strategy"
|
74
|
+
require "shopify_app/access_scopes/noop_strategy"
|
80
75
|
end
|