shopify_app 20.1.0 → 20.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/stale.yml +25 -0
- data/CHANGELOG.md +7 -0
- data/Gemfile.lock +4 -4
- data/docs/shopify_app/webhooks.md +4 -4
- data/lib/generators/shopify_app/add_webhook/add_webhook_generator.rb +5 -5
- data/lib/shopify_app/controller_concerns/login_protection.rb +2 -1
- data/lib/shopify_app/controller_concerns/redirect_for_embedded.rb +3 -2
- data/lib/shopify_app/controller_concerns/sanitized_params.rb +3 -2
- data/lib/shopify_app/managers/webhooks_manager.rb +27 -6
- data/lib/shopify_app/version.rb +1 -1
- data/package.json +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 87362d48113e64119d57d3f458fc3334f8097a7a234b9a77e806b327baa55196
|
|
4
|
+
data.tar.gz: 07bd6f5051b5e77a6c360699fb6fa090e55e8d7674ba9814eadcf025a8566523
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 750c1ffd57c2922165af74710a27e243b4a32fb016b393e22c8f861428700c754ebacc98e9c6604c0937df0a2197ed164444b1fe0bc9bab28c84b4d2be5ff2d0
|
|
7
|
+
data.tar.gz: fc987464248ff4c0e88a91c9b5e8150659ef93f683a9912a3b1088e80fe50057bf6a821eb169a18d4e82e5a190d42abb82c10bcf6159a744831bdc07a7583a51
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
name: Close inactive issues
|
|
2
|
+
on:
|
|
3
|
+
schedule:
|
|
4
|
+
- cron: "30 1 * * *"
|
|
5
|
+
|
|
6
|
+
jobs:
|
|
7
|
+
close-issues:
|
|
8
|
+
runs-on: ubuntu-latest
|
|
9
|
+
permissions:
|
|
10
|
+
issues: write
|
|
11
|
+
pull-requests: write
|
|
12
|
+
steps:
|
|
13
|
+
- uses: actions/stale@v5
|
|
14
|
+
with:
|
|
15
|
+
days-before-issue-stale: 730
|
|
16
|
+
days-before-issue-close: 14
|
|
17
|
+
stale-issue-label: "stale"
|
|
18
|
+
stale-issue-message: >
|
|
19
|
+
This issue is stale because it has been open for 2 years. It will be closed if no further action occurs in 14 days.
|
|
20
|
+
close-issue-message: >
|
|
21
|
+
This issue was closed because it has been inactive for 14 days since being marked as stale.
|
|
22
|
+
days-before-pr-stale: -1
|
|
23
|
+
days-before-pr-close: -1
|
|
24
|
+
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
|
25
|
+
operations_per_run: 100
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,13 @@
|
|
|
1
1
|
Unreleased
|
|
2
2
|
----------
|
|
3
3
|
|
|
4
|
+
20.1.1 (September 2, 2022)
|
|
5
|
+
----------
|
|
6
|
+
|
|
7
|
+
* Fixed an issue where the `embedded_redirect_url` could lead to a redirect loop in server-side rendered (or production) apps. [#1497](https://github.com/Shopify/shopify_app/pull/1497)
|
|
8
|
+
* Fixes bug where webhooks were generated with addresses instead of the [path the Ruby API](https://github.com/Shopify/shopify-api-ruby/blob/7a08ae9d96a7a85abd0113dae4eb76398cba8c64/lib/shopify_api/webhooks/registrations/http.rb#L12) is expecting [#1474](https://github.com/Shopify/shopify_app/pull/1474). The breaking change that was accidentially already shipped was that `address` attribute for webhooks should be paths not addresses with `https://` and the host name. While the `address` attribute name will still work assuming the value is a path, this name is deprecated. Please configure webhooks with the `path` attribute name instead.
|
|
9
|
+
* Deduce webhook path from deprecated webhook address if initializer uses address attribute. This makes this attribute change a non-breaking change for those upgrading.
|
|
10
|
+
|
|
4
11
|
20.1.0 (August 22, 2022)
|
|
5
12
|
----------
|
|
6
13
|
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
shopify_app (20.1.
|
|
4
|
+
shopify_app (20.1.1)
|
|
5
5
|
activeresource
|
|
6
6
|
browser_sniffer (~> 2.0)
|
|
7
7
|
jwt (>= 2.2.3)
|
|
@@ -97,14 +97,14 @@ GEM
|
|
|
97
97
|
erubi (1.10.0)
|
|
98
98
|
globalid (1.0.0)
|
|
99
99
|
activesupport (>= 5.0)
|
|
100
|
-
hash_diff (1.
|
|
100
|
+
hash_diff (1.1.1)
|
|
101
101
|
hashdiff (1.0.1)
|
|
102
102
|
httparty (0.20.0)
|
|
103
103
|
mime-types (~> 3.0)
|
|
104
104
|
multi_xml (>= 0.5.2)
|
|
105
105
|
i18n (1.10.0)
|
|
106
106
|
concurrent-ruby (~> 1.0)
|
|
107
|
-
jwt (2.
|
|
107
|
+
jwt (2.5.0)
|
|
108
108
|
loofah (2.15.0)
|
|
109
109
|
crass (~> 1.0.2)
|
|
110
110
|
nokogiri (>= 1.5.9)
|
|
@@ -204,7 +204,7 @@ GEM
|
|
|
204
204
|
securerandom
|
|
205
205
|
sorbet-runtime
|
|
206
206
|
zeitwerk (~> 2.5)
|
|
207
|
-
sorbet-runtime (0.5.
|
|
207
|
+
sorbet-runtime (0.5.10398)
|
|
208
208
|
sprockets (4.1.1)
|
|
209
209
|
concurrent-ruby (~> 1.0)
|
|
210
210
|
rack (> 1, < 3)
|
|
@@ -12,7 +12,7 @@ ShopifyApp can manage your app's webhooks for you if you set which webhooks you
|
|
|
12
12
|
```ruby
|
|
13
13
|
ShopifyApp.configure do |config|
|
|
14
14
|
config.webhooks = [
|
|
15
|
-
{topic: 'carts/update',
|
|
15
|
+
{topic: 'carts/update', path: 'webhooks/carts_update'}
|
|
16
16
|
]
|
|
17
17
|
end
|
|
18
18
|
```
|
|
@@ -34,7 +34,7 @@ If you are only interested in particular fields, you can optionally filter the d
|
|
|
34
34
|
```ruby
|
|
35
35
|
ShopifyApp.configure do |config|
|
|
36
36
|
config.webhooks = [
|
|
37
|
-
{topic: 'products/update',
|
|
37
|
+
{topic: 'products/update', path: 'webhooks/products_update', fields: ['title', 'vendor']}
|
|
38
38
|
]
|
|
39
39
|
end
|
|
40
40
|
```
|
|
@@ -66,7 +66,7 @@ The WebhooksManager uses ActiveJob. If ActiveJob is not configured then by defau
|
|
|
66
66
|
ShopifyApp can create webhooks for you using the `add_webhook` generator. This will add the new webhook to your config and create the required job class for you.
|
|
67
67
|
|
|
68
68
|
```
|
|
69
|
-
rails g shopify_app:add_webhook
|
|
69
|
+
rails g shopify_app:add_webhook --topic carts/update --path webhooks/carts_update
|
|
70
70
|
```
|
|
71
71
|
|
|
72
|
-
Where
|
|
72
|
+
Where `--topic` is the topic and `--path` is the path the webhook should be sent to.
|
|
@@ -7,7 +7,7 @@ module ShopifyApp
|
|
|
7
7
|
class AddWebhookGenerator < Rails::Generators::Base
|
|
8
8
|
source_root File.expand_path("../templates", __FILE__)
|
|
9
9
|
class_option :topic, type: :string, aliases: "-t", required: true
|
|
10
|
-
class_option :
|
|
10
|
+
class_option :path, type: :string, aliases: "-p", required: true
|
|
11
11
|
|
|
12
12
|
hook_for :test_framework, as: :job, in: :rails do |instance, generator|
|
|
13
13
|
instance.invoke(generator, [instance.send(:job_file_name)])
|
|
@@ -47,7 +47,7 @@ module ShopifyApp
|
|
|
47
47
|
private
|
|
48
48
|
|
|
49
49
|
def job_file_name
|
|
50
|
-
|
|
50
|
+
path.split("/").last
|
|
51
51
|
end
|
|
52
52
|
|
|
53
53
|
def load_initializer
|
|
@@ -55,15 +55,15 @@ module ShopifyApp
|
|
|
55
55
|
end
|
|
56
56
|
|
|
57
57
|
def webhook_config
|
|
58
|
-
"\n { topic: \"#{topic}\",
|
|
58
|
+
"\n { topic: \"#{topic}\", path: \"#{path}\" },"
|
|
59
59
|
end
|
|
60
60
|
|
|
61
61
|
def topic
|
|
62
62
|
options["topic"]
|
|
63
63
|
end
|
|
64
64
|
|
|
65
|
-
def
|
|
66
|
-
options["
|
|
65
|
+
def path
|
|
66
|
+
options["path"]
|
|
67
67
|
end
|
|
68
68
|
end
|
|
69
69
|
end
|
|
@@ -117,7 +117,8 @@ module ShopifyApp
|
|
|
117
117
|
else
|
|
118
118
|
referer = URI(request.referer || "/")
|
|
119
119
|
path = referer.path
|
|
120
|
-
query =
|
|
120
|
+
query = Rack::Utils.parse_nested_query(referer.query)
|
|
121
|
+
query = query.merge(sanitized_params).to_query
|
|
121
122
|
end
|
|
122
123
|
session[:return_to] = query.blank? ? path.to_s : "#{path}?#{query}"
|
|
123
124
|
redirect_to(login_url_with_optional_shop)
|
|
@@ -15,7 +15,8 @@ module ShopifyApp
|
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
def redirect_for_embedded
|
|
18
|
-
|
|
18
|
+
# Don't actually redirect if we're already in the redirect route - we want the request to reach the FE
|
|
19
|
+
redirect_to(redirect_uri_for_embedded) unless request.path == ShopifyApp.configuration.embedded_redirect_url
|
|
19
20
|
end
|
|
20
21
|
|
|
21
22
|
def redirect_uri_for_embedded
|
|
@@ -26,7 +27,7 @@ module ShopifyApp
|
|
|
26
27
|
redirect_query_params[:host] ||= params[:host] if params[:host].present?
|
|
27
28
|
redirect_uri = "#{redirect_uri}?#{redirect_query_params.to_query}" if redirect_query_params.present?
|
|
28
29
|
|
|
29
|
-
query_params = sanitized_params.except(:redirect_uri
|
|
30
|
+
query_params = sanitized_params.except(:redirect_uri)
|
|
30
31
|
query_params[:redirectUri] = redirect_uri
|
|
31
32
|
|
|
32
33
|
"#{ShopifyApp.configuration.embedded_redirect_url}?#{query_params.to_query}"
|
|
@@ -25,9 +25,10 @@ module ShopifyApp
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def sanitized_params
|
|
28
|
-
request.
|
|
28
|
+
parameters = request.post? ? request.request_parameters : request.query_parameters
|
|
29
|
+
parameters.clone.tap do |params_copy|
|
|
29
30
|
if params[:shop].is_a?(String)
|
|
30
|
-
|
|
31
|
+
params_copy[:shop] = sanitize_shop_param(params)
|
|
31
32
|
end
|
|
32
33
|
end
|
|
33
34
|
end
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require "uri"
|
|
4
|
+
|
|
3
5
|
module ShopifyApp
|
|
4
6
|
class WebhooksManager
|
|
5
7
|
class CreationFailed < StandardError; end
|
|
@@ -38,11 +40,13 @@ module ShopifyApp
|
|
|
38
40
|
return unless ShopifyApp.configuration.has_webhooks?
|
|
39
41
|
|
|
40
42
|
ShopifyApp.configuration.webhooks.each do |attributes|
|
|
43
|
+
webhook_path = path(attributes)
|
|
44
|
+
|
|
41
45
|
ShopifyAPI::Webhooks::Registry.add_registration(
|
|
42
46
|
topic: attributes[:topic],
|
|
43
47
|
delivery_method: attributes[:delivery_method] || :http,
|
|
44
|
-
path:
|
|
45
|
-
handler: webhook_job_klass(
|
|
48
|
+
path: webhook_path,
|
|
49
|
+
handler: webhook_job_klass(webhook_path),
|
|
46
50
|
fields: attributes[:fields]
|
|
47
51
|
)
|
|
48
52
|
end
|
|
@@ -50,12 +54,29 @@ module ShopifyApp
|
|
|
50
54
|
|
|
51
55
|
private
|
|
52
56
|
|
|
53
|
-
def
|
|
54
|
-
|
|
57
|
+
def path(webhook_attributes)
|
|
58
|
+
path = webhook_attributes[:path]
|
|
59
|
+
address = webhook_attributes[:address]
|
|
60
|
+
uri = URI(address) if address
|
|
61
|
+
|
|
62
|
+
if path.present?
|
|
63
|
+
path
|
|
64
|
+
elsif uri&.path&.present?
|
|
65
|
+
uri.path
|
|
66
|
+
else
|
|
67
|
+
raise ShopifyApp::MissingWebhookJobError, "The :path attribute is required for webhook registration."
|
|
68
|
+
end
|
|
55
69
|
end
|
|
56
70
|
|
|
57
|
-
def
|
|
58
|
-
|
|
71
|
+
def webhook_job_klass(path)
|
|
72
|
+
webhook_job_klass_name(path).safe_constantize || raise(ShopifyApp::MissingWebhookJobError)
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def webhook_job_klass_name(path)
|
|
76
|
+
job_file_name = Pathname(path.to_s).basename
|
|
77
|
+
|
|
78
|
+
[ShopifyApp.configuration.webhook_jobs_namespace,
|
|
79
|
+
"#{job_file_name}_job",].compact.join("/").classify
|
|
59
80
|
end
|
|
60
81
|
end
|
|
61
82
|
end
|
data/lib/shopify_app/version.rb
CHANGED
data/package.json
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: shopify_app
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 20.1.
|
|
4
|
+
version: 20.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Shopify
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-09-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activeresource
|
|
@@ -264,6 +264,7 @@ files:
|
|
|
264
264
|
- ".github/workflows/cla.yml"
|
|
265
265
|
- ".github/workflows/release.yml"
|
|
266
266
|
- ".github/workflows/rubocop.yml"
|
|
267
|
+
- ".github/workflows/stale.yml"
|
|
267
268
|
- ".gitignore"
|
|
268
269
|
- ".nvmrc"
|
|
269
270
|
- ".rubocop.yml"
|