RubyGems - shopify_app - Versions diffs - 18.1.1 → 20.0.0 - Mend

shopify_app 18.1.1 → 20.0.0

Files changed (103) hide show

data/lib/shopify_app/jobs/scripttags_manager_job.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 module ShopifyApp
   class ScripttagsManagerJob < ActiveJob::Base
     queue_as do
@@ -6,8 +7,7 @@ module ShopifyApp
     end
     def perform(shop_domain:, shop_token:, scripttags:)
-      api_version = ShopifyApp.configuration.api_version
-      ShopifyAPI::Session.temp(domain: shop_domain, token: shop_token, api_version: api_version) do
+      ShopifyAPI::Auth::Session.temp(shop: shop_domain, access_token: shop_token) do
         manager = ScripttagsManager.new(scripttags, shop_domain)
         manager.create_scripttags
       end

data/lib/shopify_app/jobs/webhooks_manager_job.rb CHANGED Viewed

@@ -1,15 +1,14 @@
 # frozen_string_literal: true
 module ShopifyApp
   class WebhooksManagerJob < ActiveJob::Base
     queue_as do
       ShopifyApp.configuration.webhooks_manager_queue_name
     end
-    def perform(shop_domain:, shop_token:, webhooks:)
-      api_version = ShopifyApp.configuration.api_version
-      ShopifyAPI::Session.temp(domain: shop_domain, token: shop_token, api_version: api_version) do
-        manager = WebhooksManager.new(webhooks)
-        manager.create_webhooks
+    def perform(shop_domain:, shop_token:)
+      ShopifyAPI::Auth::Session.temp(shop: shop_domain, access_token: shop_token) do |session|
+        WebhooksManager.create_webhooks(session: session)
       end
     end
   end

data/lib/shopify_app/managers/scripttags_manager.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 module ShopifyApp
   class ScripttagsManager
     class CreationFailed < StandardError; end
@@ -44,7 +45,7 @@ module ShopifyApp
     def destroy_scripttags
       scripttags = expanded_scripttags
       ShopifyAPI::ScriptTag.all.each do |tag|
-        ShopifyAPI::ScriptTag.delete(tag.id) if required_scripttag?(scripttags, tag)
+        tag.delete if required_scripttag?(scripttags, tag)
       end
       @current_scripttags = nil
@@ -61,9 +62,15 @@ module ShopifyApp
     end
     def create_scripttag(attributes)
-      attributes.reverse_merge!(format: 'json')
-      scripttag = ShopifyAPI::ScriptTag.create(attributes)
-      raise CreationFailed, scripttag.errors.full_messages.to_sentence unless scripttag.persisted?
+      scripttag = ShopifyAPI::ScriptTag.new
+      attributes.each { |key, value| scripttag.public_send("#{key}=", value) }
+      begin
+        scripttag.save!
+      rescue ShopifyAPI::Errors::HttpResponseError => e
+        raise CreationFailed, e.message
+      end
       scripttag
     end

data/lib/shopify_app/managers/webhooks_manager.rb CHANGED Viewed

@@ -1,62 +1,60 @@
 # frozen_string_literal: true
 module ShopifyApp
   class WebhooksManager
     class CreationFailed < StandardError; end
-    def self.queue(shop_domain, shop_token, webhooks)
-      ShopifyApp::WebhooksManagerJob.perform_later(
-        shop_domain: shop_domain,
-        shop_token: shop_token,
-        webhooks: webhooks
-      )
-    end
-    attr_reader :required_webhooks
-    def initialize(webhooks)
-      @required_webhooks = webhooks
-    end
-    def recreate_webhooks!
-      destroy_webhooks
-      create_webhooks
-    end
-    def create_webhooks
-      return unless required_webhooks.present?
+    class << self
+      def queue(shop_domain, shop_token)
+        ShopifyApp::WebhooksManagerJob.perform_later(
+          shop_domain: shop_domain,
+          shop_token: shop_token
+        )
+      end
-      required_webhooks.each do |webhook|
-        create_webhook(webhook) unless webhook_exists?(webhook[:topic])
+      def create_webhooks(session:)
+        return unless ShopifyApp.configuration.has_webhooks?
+        ShopifyAPI::Webhooks::Registry.register_all(session: session)
       end
-    end
-    def destroy_webhooks
-      ShopifyAPI::Webhook.all.to_a.each do |webhook|
-        ShopifyAPI::Webhook.delete(webhook.id) if required_webhook?(webhook)
+      def recreate_webhooks!(session:)
+        destroy_webhooks
+        return unless ShopifyApp.configuration.has_webhooks?
+        add_registrations
+        ShopifyAPI::Webhooks::Registry.register_all(session: session)
       end
-      @current_webhooks = nil
-    end
+      def destroy_webhooks
+        return unless ShopifyApp.configuration.has_webhooks?
-    private
+        ShopifyApp.configuration.webhooks.each do |attributes|
+          ShopifyAPI::Webhooks::Registry.unregister(topic: attributes[:topic])
+        end
+      end
-    def required_webhook?(webhook)
-      required_webhooks.map { |w| w[:address] }.include?(webhook.address)
-    end
+      def add_registrations
+        return unless ShopifyApp.configuration.has_webhooks?
+        ShopifyApp.configuration.webhooks.each do |attributes|
+          ShopifyAPI::Webhooks::Registry.add_registration(
+            topic: attributes[:topic],
+            delivery_method: attributes[:delivery_method] || :http,
+            path: attributes[:address],
+            handler: webhook_job_klass(attributes[:topic]),
+            fields: attributes[:fields]
+          )
+        end
+      end
-    def create_webhook(attributes)
-      attributes.reverse_merge!(format: 'json')
-      webhook = ShopifyAPI::Webhook.create(attributes)
-      raise CreationFailed, webhook.errors.full_messages.to_sentence unless webhook.persisted?
-      webhook
-    end
+      private
-    def webhook_exists?(topic)
-      current_webhooks[topic]
-    end
+      def webhook_job_klass(topic)
+        webhook_job_klass_name(topic).safe_constantize || raise(ShopifyApp::MissingWebhookJobError)
+      end
-    def current_webhooks
-      @current_webhooks ||= ShopifyAPI::Webhook.all.to_a.index_by(&:topic)
+      def webhook_job_klass_name(topic)
+        [ShopifyApp.configuration.webhook_jobs_namespace, "#{topic.gsub("/", "_")}_job"].compact.join("/").classify
+      end
     end
   end
 end

data/lib/shopify_app/middleware/jwt_middleware.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 module ShopifyApp
   class JWTMiddleware
     TOKEN_REGEX = /^Bearer\s+(.*?)$/
@@ -24,7 +25,7 @@ module ShopifyApp
     end
     def authorization_header(env)
-      env['HTTP_AUTHORIZATION']
+      env["HTTP_AUTHORIZATION"]
     end
     def extract_token(env)
@@ -35,9 +36,9 @@ module ShopifyApp
     def set_env_variables(token, env)
       jwt = ShopifyApp::JWT.new(token)
-      env['jwt.shopify_domain'] = jwt.shopify_domain
-      env['jwt.shopify_user_id'] = jwt.shopify_user_id
-      env['jwt.expire_at'] = jwt.expire_at
+      env["jwt.shopify_domain"] = jwt.shopify_domain
+      env["jwt.shopify_user_id"] = jwt.shopify_user_id
+      env["jwt.expire_at"] = jwt.expire_at
     end
   end
 end

data/lib/shopify_app/session/in_memory_session_store.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 module ShopifyApp
   # rubocop:disable Style/ClassVars
   # Class var repo is needed here in order to share data between the 2 child classes.

data/lib/shopify_app/session/in_memory_shop_session_store.rb CHANGED Viewed

@@ -1,10 +1,11 @@
 # frozen_string_literal: true
 module ShopifyApp
   class InMemoryShopSessionStore < InMemorySessionStore
     class << self
       def store(session, *args)
         id = super
-        repo[session.domain] = session
+        repo[session.shop] = session
         id
       end

data/lib/shopify_app/session/in_memory_user_session_store.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 module ShopifyApp
   class InMemoryUserSessionStore < InMemorySessionStore
     class << self

data/lib/shopify_app/session/jwt.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 module ShopifyApp
   class JWT
     class InvalidDestinationError < StandardError; end
@@ -23,15 +24,15 @@ module ShopifyApp
     end
     def shopify_domain
-      @payload && ShopifyApp::Utils.sanitize_shop_domain(@payload['dest'])
+      @payload && ShopifyApp::Utils.sanitize_shop_domain(@payload["dest"])
     end
     def shopify_user_id
-      @payload['sub'].to_i if @payload && @payload['sub']
+      @payload["sub"].to_i if @payload && @payload["sub"]
     end
     def expire_at
-      @payload['exp'].to_i if @payload && @payload['exp']
+      @payload["exp"].to_i if @payload && @payload["exp"]
     end
     private
@@ -45,19 +46,19 @@ module ShopifyApp
     end
     def parse_token_data(secret, old_secret)
-      ::JWT.decode(@token, secret, true, { algorithm: 'HS256' })
+      ::JWT.decode(@token, secret, true, { algorithm: "HS256" })
     rescue ::JWT::VerificationError
       raise unless old_secret
-      ::JWT.decode(@token, old_secret, true, { algorithm: 'HS256' })
+      ::JWT.decode(@token, old_secret, true, { algorithm: "HS256" })
     end
     def validate_payload(payload)
-      dest_host = ShopifyApp::Utils.sanitize_shop_domain(payload['dest'])
-      iss_host = ShopifyApp::Utils.sanitize_shop_domain(payload['iss'])
+      dest_host = ShopifyApp::Utils.sanitize_shop_domain(payload["dest"])
+      iss_host = ShopifyApp::Utils.sanitize_shop_domain(payload["iss"])
       api_key = ShopifyApp.configuration.api_key
-      raise InvalidAudienceError, "'aud' claim does not match api_key" unless payload['aud'] == api_key
+      raise InvalidAudienceError, "'aud' claim does not match api_key" unless payload["aud"] == api_key
       raise InvalidDestinationError, "'dest' claim host not a valid shopify host" unless dest_host
       raise MismatchedHostsError, "'dest' claim host does not match 'iss' claim host" unless dest_host == iss_host

data/lib/shopify_app/session/null_user_session_store.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 module ShopifyApp
   class NullUserSessionStore
     class << self
@@ -7,7 +8,7 @@ module ShopifyApp
       end
       def store(_, _)
-        raise SessionRepository::ConfigurationError, 'user_storage is not configured'
+        raise SessionRepository::ConfigurationError, "user_storage is not configured"
       end
       def retrieve_by_shopify_user_id(_)

data/lib/shopify_app/session/session_repository.rb CHANGED Viewed

@@ -1,6 +1,9 @@
 # frozen_string_literal: true
 module ShopifyApp
   class SessionRepository
+    extend ShopifyAPI::Auth::SessionStorage
     class ConfigurationError < StandardError; end
     class << self
@@ -40,6 +43,40 @@ module ShopifyApp
         load_user_storage
       end
+      # ShopifyAPI::Auth::SessionStorage override
+      def store_session(session)
+        if session.online?
+          user_storage.store(session, session.associated_user)
+        else
+          shop_storage.store(session)
+        end
+      end
+      # ShopifyAPI::Auth::SessionStorage override
+      def load_session(id)
+        match = id.match(/^offline_(.*)/)
+        if match
+          retrieve_shop_session_by_shopify_domain(match[1])
+        else
+          retrieve_user_session_by_shopify_user_id(id.split("_").last)
+        end
+      end
+      # ShopifyAPI::Auth::SessionStorage override
+      def delete_session(id)
+        match = id.match(/^offline_(.*)/)
+        record = if match
+          Shop.find_by(shopify_domain: match[1])
+        else
+          User.find_by(shopify_user_id: id.split("_").last)
+        end
+        record.destroy
+        true
+      end
       private
       def load_shop_storage

data/lib/shopify_app/session/session_storage.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 module ShopifyApp
   module SessionStorage
     extend ActiveSupport::Concern
@@ -9,12 +10,9 @@ module ShopifyApp
     end
     def with_shopify_session(&block)
-      ShopifyAPI::Session.temp(
-        domain: shopify_domain,
-        token: shopify_token,
-        api_version: api_version,
-        &block
-      )
+      ShopifyAPI::Auth::Session.temp(shop: shopify_domain, access_token: shopify_token) do
+        yield block
+      end
     end
   end
 end

data/lib/shopify_app/session/shop_session_storage.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 module ShopifyApp
   module ShopSessionStorage
     extend ActiveSupport::Concern
@@ -10,8 +11,8 @@ module ShopifyApp
     class_methods do
       def store(auth_session, *_args)
-        shop = find_or_initialize_by(shopify_domain: auth_session.domain)
-        shop.shopify_token = auth_session.token
+        shop = find_or_initialize_by(shopify_domain: auth_session.shop)
+        shop.shopify_token = auth_session.access_token
         shop.save!
         shop.id
       end
@@ -31,10 +32,9 @@ module ShopifyApp
       def construct_session(shop)
         return unless shop
-        ShopifyAPI::Session.new(
-          domain: shop.shopify_domain,
-          token: shop.shopify_token,
-          api_version: shop.api_version,
+        ShopifyAPI::Auth::Session.new(
+          shop: shop.shopify_domain,
+          access_token: shop.shopify_token
         )
       end
     end

data/lib/shopify_app/session/shop_session_storage_with_scopes.rb CHANGED Viewed

@@ -11,9 +11,9 @@ module ShopifyApp
     class_methods do
       def store(auth_session, *_args)
-        shop = find_or_initialize_by(shopify_domain: auth_session.domain)
-        shop.shopify_token = auth_session.token
-        shop.access_scopes = auth_session.access_scopes
+        shop = find_or_initialize_by(shopify_domain: auth_session.shop)
+        shop.shopify_token = auth_session.access_token
+        shop.access_scopes = auth_session.scope.to_s
         shop.save!
         shop.id
@@ -34,11 +34,10 @@ module ShopifyApp
       def construct_session(shop)
         return unless shop
-        ShopifyAPI::Session.new(
-          domain: shop.shopify_domain,
-          token: shop.shopify_token,
-          api_version: shop.api_version,
-          access_scopes: shop.access_scopes
+        ShopifyAPI::Auth::Session.new(
+          shop: shop.shopify_domain,
+          access_token: shop.shopify_token,
+          scope: shop.access_scopes
         )
       end
     end

data/lib/shopify_app/session/user_session_storage.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 module ShopifyApp
   module UserSessionStorage
     extend ActiveSupport::Concern
@@ -11,8 +12,8 @@ module ShopifyApp
     class_methods do
       def store(auth_session, user)
         user = find_or_initialize_by(shopify_user_id: user[:id])
-        user.shopify_token = auth_session.token
-        user.shopify_domain = auth_session.domain
+        user.shopify_token = auth_session.access_token
+        user.shopify_domain = auth_session.shop
         user.save!
         user.id
       end
@@ -31,10 +32,22 @@ module ShopifyApp
       def construct_session(user)
         return unless user
-        ShopifyAPI::Session.new(
-          domain: user.shopify_domain,
-          token: user.shopify_token,
-          api_version: user.api_version,
+        associated_user = ShopifyAPI::Auth::AssociatedUser.new(
+          id: user.shopify_user_id,
+          first_name: "",
+          last_name: "",
+          email: "",
+          email_verified: false,
+          account_owner: false,
+          locale: "",
+          collaborator: false
+        )
+        ShopifyAPI::Auth::Session.new(
+          shop: user.shopify_domain,
+          access_token: user.shopify_token,
+          associated_user: associated_user
         )
       end
     end

data/lib/shopify_app/session/user_session_storage_with_scopes.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 module ShopifyApp
   module UserSessionStorageWithScopes
     extend ActiveSupport::Concern
@@ -10,10 +11,10 @@ module ShopifyApp
     class_methods do
       def store(auth_session, user)
-        user = find_or_initialize_by(shopify_user_id: user[:id])
-        user.shopify_token = auth_session.token
-        user.shopify_domain = auth_session.domain
-        user.access_scopes = auth_session.access_scopes
+        user = find_or_initialize_by(shopify_user_id: user.id)
+        user.shopify_token = auth_session.access_token
+        user.shopify_domain = auth_session.shop
+        user.access_scopes = auth_session.scope.to_s
         user.save!
         user.id
@@ -34,11 +35,23 @@ module ShopifyApp
       def construct_session(user)
         return unless user
-        ShopifyAPI::Session.new(
-          domain: user.shopify_domain,
-          token: user.shopify_token,
-          api_version: user.api_version,
-          access_scopes: user.access_scopes
+        associated_user = ShopifyAPI::Auth::AssociatedUser.new(
+          id: user.shopify_user_id,
+          first_name: "",
+          last_name: "",
+          email: "",
+          email_verified: false,
+          account_owner: false,
+          locale: "",
+          collaborator: false
+        )
+        ShopifyAPI::Auth::Session.new(
+          shop: user.shopify_domain,
+          access_token: user.shopify_token,
+          scope: user.access_scopes,
+          associated_user_scope: user.access_scopes,
+          associated_user: associated_user
         )
       end
     end

data/lib/shopify_app/test_helpers/all.rb CHANGED Viewed

@@ -1,2 +1,3 @@
 # frozen_string_literal: true
-require 'shopify_app/test_helpers/webhook_verification_helper'
+require "shopify_app/test_helpers/webhook_verification_helper"

data/lib/shopify_app/test_helpers/webhook_verification_helper.rb CHANGED Viewed

@@ -1,16 +1,17 @@
 # frozen_string_literal: true
 module ShopifyApp
   module TestHelpers
     module WebhookVerificationHelper
       def authorized_webhook_verification_headers!(params = {})
-        digest = OpenSSL::Digest.new('sha256')
+        digest = OpenSSL::Digest.new("sha256")
         secret = ShopifyApp.configuration.secret
         valid_hmac = Base64.encode64(OpenSSL::HMAC.digest(digest, secret, params.to_query)).strip
-        @request.headers['HTTP_X_SHOPIFY_HMAC_SHA256'] = valid_hmac
+        @request.headers["HTTP_X_SHOPIFY_HMAC_SHA256"] = valid_hmac
       end
       def unauthorized_webhook_verification_headers!
-        @request.headers['HTTP_X_SHOPIFY_HMAC_SHA256'] = "invalid_hmac"
+        @request.headers["HTTP_X_SHOPIFY_HMAC_SHA256"] = "invalid_hmac"
       end
     end
   end

data/lib/shopify_app/utils.rb CHANGED Viewed

@@ -1,11 +1,12 @@
 # frozen_string_literal: true
 module ShopifyApp
   module Utils
     def self.sanitize_shop_domain(shop_domain)
       myshopify_domain = ShopifyApp.configuration.myshopify_domain
       name = shop_domain.to_s.downcase.strip
       name += ".#{myshopify_domain}" if !name.include?(myshopify_domain.to_s) && !name.include?(".")
-      name.sub!(%r|https?://|, '')
+      name.sub!(%r|https?://|, "")
       u = URI("http://#{name}")
       u.host if u.host&.match(/^[a-z0-9][a-z0-9\-]*[a-z0-9]\.#{Regexp.escape(myshopify_domain)}$/)
@@ -13,20 +14,13 @@ module ShopifyApp
       nil
     end
-    def self.fetch_known_api_versions
-      Rails.logger.info("[ShopifyAPI::ApiVersion] Fetching known Admin API Versions from Shopify...")
-      ShopifyAPI::ApiVersion.fetch_known_versions
-      Rails.logger.info("[ShopifyAPI::ApiVersion] Known API Versions: #{ShopifyAPI::ApiVersion.versions.keys}")
-    rescue ActiveResource::ConnectionError
-      logger.error("[ShopifyAPI::ApiVersion] Unable to fetch api_versions from Shopify")
-    end
-    def self.shop_login_url(shop:, return_to:)
+    def self.shop_login_url(shop:, host:, return_to:)
       return ShopifyApp.configuration.login_url unless shop
       url = URI(ShopifyApp.configuration.login_url)
       url.query = URI.encode_www_form(
         shop: shop,
+        host: host,
         return_to: return_to,
       )

data/lib/shopify_app/version.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 module ShopifyApp
-  VERSION = '18.1.1'
+  VERSION = "20.0.0"
 end