RubyGems - shopify_app - Versions diffs - 7.2.0 → 8.5.0 - Mend

shopify_app 7.2.0 → 8.5.0

Files changed (105) hide show

checksums.yaml +5 -5
data/.babelrc +5 -0
data/.github/CODEOWNERS +1 -0
data/{ISSUE_TEMPLATE.md → .github/ISSUE_TEMPLATE.md} +0 -0
data/.github/probots.yml +2 -0
data/.gitignore +5 -0
data/.nvmrc +1 -0
data/.rubocop.yml +10 -0
data/.ruby-version +1 -0
data/.travis.yml +24 -12
data/CHANGELOG.md +151 -0
data/Gemfile +2 -0
data/README.md +167 -68
data/app/assets/images/storage_access.svg +2 -0
data/app/assets/javascripts/shopify_app/enable_cookies.js +3 -0
data/app/assets/javascripts/shopify_app/itp_helper.js +40 -0
data/app/assets/javascripts/shopify_app/partition_cookies.js +7 -0
data/app/assets/javascripts/shopify_app/redirect.js +33 -0
data/app/assets/javascripts/shopify_app/request_storage_access.js +3 -0
data/app/assets/javascripts/shopify_app/storage_access.js +121 -0
data/app/assets/javascripts/shopify_app/storage_access_redirect.js +17 -0
data/app/assets/javascripts/shopify_app/top_level.js +2 -0
data/app/assets/javascripts/shopify_app/top_level_interaction.js +11 -0
data/app/controllers/shopify_app/authenticated_controller.rb +5 -2
data/app/controllers/shopify_app/callback_controller.rb +92 -0
data/app/controllers/shopify_app/sessions_controller.rb +120 -2
data/app/controllers/shopify_app/webhooks_controller.rb +11 -3
data/app/views/shopify_app/partials/_button_styles.html.erb +104 -0
data/app/views/shopify_app/partials/_card_styles.html.erb +33 -0
data/app/views/shopify_app/partials/_empty_state_styles.html.erb +129 -0
data/app/views/shopify_app/partials/_layout_styles.html.erb +167 -0
data/app/views/shopify_app/partials/_typography_styles.html.erb +35 -0
data/app/views/shopify_app/sessions/enable_cookies.html.erb +59 -0
data/app/views/shopify_app/sessions/new.html.erb +88 -60
data/app/views/shopify_app/sessions/request_storage_access.html.erb +67 -0
data/app/views/shopify_app/sessions/top_level_interaction.html.erb +63 -0
data/app/views/shopify_app/shared/redirect.html.erb +22 -0
data/config/locales/de.yml +22 -0
data/config/locales/en.yml +12 -1
data/config/locales/es.yml +21 -3
data/config/locales/fr.yml +23 -0
data/config/locales/it.yml +22 -0
data/config/locales/ja.yml +17 -0
data/config/locales/nl.yml +21 -0
data/config/locales/pt-BR.yml +22 -0
data/config/locales/zh-CN.yml +16 -0
data/config/locales/zh-TW.yml +17 -0
data/config/routes.rb +11 -1
data/{QUICKSTART.md → docs/Quickstart.md} +26 -23
data/docs/Releasing.md +18 -0
data/docs/Troubleshooting.md +16 -0
data/karma.conf.js +43 -0
data/lib/generators/shopify_app/add_after_authenticate_job/add_after_authenticate_job_generator.rb +45 -0
data/lib/generators/shopify_app/add_after_authenticate_job/templates/after_authenticate_job.rb +10 -0
data/lib/generators/shopify_app/home_controller/templates/home_controller.rb +1 -0
data/lib/generators/shopify_app/home_controller/templates/index.html.erb +14 -0
data/lib/generators/shopify_app/home_controller/templates/shopify_app_ready_script.html.erb +1 -5
data/lib/generators/shopify_app/install/install_generator.rb +10 -16
data/lib/generators/shopify_app/install/templates/_flash_messages.html.erb +13 -9
data/lib/generators/shopify_app/install/templates/embedded_app.html.erb +1 -1
data/lib/generators/shopify_app/install/templates/shopify_app.rb +5 -3
data/lib/generators/shopify_app/install/templates/shopify_provider.rb +19 -4
data/lib/generators/shopify_app/rotate_shopify_token_job/rotate_shopify_token_job_generator.rb +16 -0
data/lib/generators/shopify_app/rotate_shopify_token_job/templates/rotate_shopify_token.rake +17 -0
data/lib/generators/shopify_app/rotate_shopify_token_job/templates/rotate_shopify_token_job.rb +42 -0
data/lib/generators/shopify_app/shop_model/shop_model_generator.rb +5 -9
data/lib/generators/shopify_app/shop_model/templates/db/migrate/{create_shops.rb → create_shops.erb} +1 -1
data/lib/generators/shopify_app/shop_model/templates/shop.rb +0 -1
data/lib/shopify_app/configuration.rb +27 -8
data/lib/shopify_app/{app_proxy_verification.rb → controller_concerns/app_proxy_verification.rb} +2 -7
data/lib/shopify_app/controller_concerns/embedded_app.rb +19 -0
data/lib/shopify_app/controller_concerns/itp.rb +45 -0
data/lib/shopify_app/controller_concerns/localization.rb +22 -0
data/lib/shopify_app/controller_concerns/login_protection.rb +135 -0
data/lib/shopify_app/{webhook_verification.rb → controller_concerns/webhook_verification.rb} +11 -12
data/lib/shopify_app/engine.rb +10 -0
data/lib/shopify_app/{scripttags_manager_job.rb → jobs/scripttags_manager_job.rb} +2 -2
data/lib/shopify_app/{webhooks_manager_job.rb → jobs/webhooks_manager_job.rb} +0 -0
data/lib/shopify_app/{scripttags_manager.rb → managers/scripttags_manager.rb} +24 -8
data/lib/shopify_app/{webhooks_manager.rb → managers/webhooks_manager.rb} +1 -1
data/lib/shopify_app/session/in_memory_session_store.rb +27 -0
data/lib/shopify_app/{shopify_session_repository.rb → session/session_repository.rb} +0 -0
data/lib/shopify_app/{session_storage.rb → session/session_storage.rb} +9 -0
data/lib/shopify_app/utils.rb +2 -2
data/lib/shopify_app/version.rb +1 -1
data/lib/shopify_app.rb +21 -16
data/package-lock.json +23 -0
data/package.json +28 -0
data/service.yml +7 -0
data/shipit.rubygems.yml +2 -0
data/shopify_app.gemspec +6 -5
data/translation.yml +7 -0
data/webpack.config.js +24 -0
data/yarn.lock +4594 -0
metadata +92 -35
data/Gemfile.rails50 +0 -5
data/Gemfile.ruby22 +0 -6
data/Gemfile.ruby22.rails50 +0 -9
data/RELEASING +0 -13
data/lib/generators/shopify_app/install/templates/shopify_session_repository.rb +0 -23
data/lib/generators/shopify_app/shop_model/templates/shopify_session_repository.rb +0 -7
data/lib/shopify_app/in_memory_session_store.rb +0 -25
data/lib/shopify_app/login_protection.rb +0 -103
data/lib/shopify_app/sessions_concern.rb +0 -101
data/lib/shopify_app/shop.rb +0 -15

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 47504ce67fc91bae133ac9451f21eb46b2307f6b
-  data.tar.gz: 1c9430ae87f14834389188ea630a43574e1d31c4
+SHA256:
+  metadata.gz: 8fe2949f5e38db4532dbcab3c05f96e228e6285fdbb4b729ffefecd8e40b2aad
+  data.tar.gz: 2fefc3ce45bc58cd82c874d5217f6abfce0a70ba56cb9105084dbec011f033cb
 SHA512:
-  metadata.gz: dce462b93f79c591d00801bf8eaedec76be7fcee1aa65184d6d2cad28480c438c92b2b4e1239382225f7782eb62bf735f941ca1c6bed166b0a016a4b7ca9d055
-  data.tar.gz: f5e656f7f0c720daa423d20dea3bddc47439e556713d6bfa8cca030ef12617ac64bbdeedb4541dd85dc311b229231662635f1ea6994b18ed761806d18a24207a
+  metadata.gz: 1a435b2541e5198fad47a247a97b2a68ce6e741b2b29a4b0b7f2cc29d256fc382a7fd8a56801e982744258e9efdfd3879a13dd4dffc033c88d432ce44d525e44
+  data.tar.gz: 1df140b61ca82e090eba2fcabac5f079cc5d87e7cb64bab657cbc725ff1063360fbd88822d4ed76c9224d2fd4e9429ba197dd3c7f6a6312b3c8dbdb060c35f26

data/.babelrc ADDED Viewed

@@ -0,0 +1,5 @@
+{
+  "babel": {
+    "presets": ["shopify/web"]
+  }
+}

data/.github/CODEOWNERS ADDED Viewed

	@@ -0,0 +1 @@
1	+ * @shopify/platform-dev-tools-education

data/{ISSUE_TEMPLATE.md → .github/ISSUE_TEMPLATE.md} RENAMED Viewed

File without changes

data/.github/probots.yml ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ enabled:
2	+ - cla

data/.gitignore CHANGED Viewed

@@ -9,3 +9,8 @@ doc/
 *.sqlite3
 test/tmp/*
 .idea
+# ignore sprockets cache
+/test/dummy/tmp/*
+/node_modules/
+.byebug_history

data/.nvmrc ADDED Viewed

	@@ -0,0 +1 @@
1	+ 8.10.0

data/.rubocop.yml ADDED Viewed

@@ -0,0 +1,10 @@
+inherit_from:
+  - https://shopify.github.io/ruby-style-guide/rubocop.yml
+LineLength:
+  Exclude:
+    - test/**/*
+Metrics/ClassLength:
+  Exclude:
+    - test/**/*

data/.ruby-version ADDED Viewed

	@@ -0,0 +1 @@
1	+ 2.5.0

data/.travis.yml CHANGED Viewed

@@ -1,17 +1,29 @@
+sudo: required
+dist: trusty
+addons:
+    chrome: stable
+before_script:
+    - "sudo chown root /opt/google/chrome/chrome-sandbox"
+    - "sudo chmod 4755 /opt/google/chrome/chrome-sandbox"
 language: ruby
-cache: bundler
-sudo: false
+before_install:
+  - gem update --system
+cache:
+  bundler: true
+  directories:
+    - node_modules
+  yarn: true
 rvm:
-  - 2.3.1
+  - 2.3.6
+  - 2.4.3
+  - 2.5.0
-gemfile:
-  - Gemfile
-  - Gemfile.rails50
+install:
+  - bundle install
+  - nvm install node
+  - yarn
-matrix:
-  include:
-  - rvm: 2.2.2
-    gemfile: Gemfile.ruby22
-  - rvm: 2.2.2
-    gemfile: Gemfile.ruby22.rails50
+script:
+  - yarn test
+  - bundle exec rake test

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,154 @@
+8.5.0
+-----
+Added support for rotating Shopify access tokens:
+* Added a generator shopify_app:rotate_shopify_token_job for generating the job to perform token rotation
+* Extend Shopify app configuration to support a new and old secret token
+* Extended webhook validation code to support validating against new and old secret tokens
+* See the README for more details: https://github.com/Shopify/shopify_app#rotateshopifytokenjob
+8.4.2
+-----
+* Clear stale user session during auth callback
+8.4.1
+-----
+* Update README and Releasing.md
+* Allow user agent to not be set
+* Remove legacy EASDK examples
+* Add .ruby-version file
+* Clean up omniauth setup and fix examples
+* Fix infinite redirect loops if users have disabled 3rd party cookies in their browser
+8.4.0
+----
+* Fix embedded app session management in Safari 12.1
+* Shop names passed to OAuth are no longer case sensitive
+8.3.2
+----
+* Removes `read_orders` from the default scopes provided upon app generation
+8.3.1
+----
+* Adds the ability to customize the login URL through the initializer
+8.3.0
+----
+* Fix embedded app session management in Safari 12
+* Add support for translation platform
+8.2.6
+----
+* Sanitize the shop query param to include `.myshopify.com` if no domain was provided
+8.2.5
+----
+* fix iframe headers on session controller
+8.2.4
+-----
+* Add CSRF protection through `protect_from_forgery with: :exception` on `ShopifyApp::AuthenticatedController`
+8.2.3
+-----
+* Send head :forbidden instead of :unauthorized when AppProxyVerification fails
+8.2.2
+-----
+* Changes how the ESDK concern allows iframes. Fixes an issue with the first request for some people
+8.2.1
+-----
+* Bugfix: Don't logout shops from `login_again_if_different_shop` when Rails
+  params for a 'Shop' model are passed in [[#477]](https://github.com/Shopify/shopify_app/pull/477)
+8.2.0
+-----
+Known bug: Shop logged out when submitting a form for 'Shop' objects, fixed in 8.2.1 [[See #480 for details]](https://github.com/Shopify/shopify_app/issues/480)
+* Add `webhook_jobs_namespace` config option. [[#463]](https://github.com/Shopify/shopify_app/pull/463)
+* Updates login page styles to match the [Polaris](https://polaris.shopify.com/) design system. [[#474]](https://github.com/Shopify/shopify_app/pull/474)
+8.1.0
+-----
+Known bug: Shop logged out when submitting a form for 'Shop' objects, fixed in 8.2.1 [[See #480 for details]](https://github.com/Shopify/shopify_app/issues/480)
+* Add support for per_user_authentication
+* Pass the shop param in the session for authentication instead of a url param (prevents csrf). If you are upgrading from an older version of the gem you will need to update your omniauth.rb initializer file. Check the example app for what it what it should look like.
+8.0.0
+-----
+Known bug: Shop logged out when submitting a form for 'Shop' objects, fixed in 8.2.1 [[See #480 for details]](https://github.com/Shopify/shopify_app/issues/480)
+* Removed the `shopify_session_repository` initializer. The SessionRepository is now configured through the main ShopifyApp configuration object and the generated initializer
+* Moved InMemorySessionStore into the ShopifyApp namespace
+* Remove ShopifySession concern. This module made the code internal to this engine harder to follow and we want to discourage over-writing the auth code now that we have generic hooks for all extra tasks during install.
+* Changed engine controllers to subclass ActionController::Base to avoid any possible conflict with the parent application
+* Removed the `ShopifyApp::Shop` concern and added its methods to `ShopifyApp::SessionStorage`. To update for this change just remove this concern anywhere it is being used in your application.
+* Add `ShopifyApp::EmbeddedApp` controller concern which handles setting the required headers for the ESDK. Previously this was done by injecting configuration into applicaton.rb which affects the entire app.
+* Add webhooks to generated home controller. This should help new users debug issues.
+7.4.0
+-----
+Known bug: Shop logged out when submitting a form for 'Shop' objects, fixed in 8.2.1 [[See #480 for details]](https://github.com/Shopify/shopify_app/issues/480)
+* Add an after_authenticate job which will be run once the shop is authenticated. [[#431]](https://github.com/Shopify/shopify_app/pull/432)
+7.3.0
+-----
+Known bug: Shop logged out when submitting a form for 'Shop' objects, fixed in 8.2.1 [[See #480 for details]](https://github.com/Shopify/shopify_app/issues/480)
+* Bump required omniauth-shopify-oauth2 version to 1.2.0.
+* Always expect params[:shop] to be a string.
+7.2.11
+-----
+* Remove 'Logged in' flash message [[#425]](https://github.com/Shopify/shopify_app/pull/425)
+7.2.10
+-----
+* Fix an issue with the create_shops generator template
+  [[#423]](https://github.com/Shopify/shopify_app/pull/423)
+7.2.9
+-----
+* Remove support for Rails 4
+  [[#417]](https://github.com/Shopify/shopify_app/pull/417)
+7.2.8
+-----
+* Add i18n locale param support
+  [[#409]](https://github.com/Shopify/shopify_app/pull/409)
+7.2.7
+-----
+* Require `shopify_app` `>= 4.3.2`. This version relaxes the ruby version requirement from `>= 2.3.0` to `>= 2.0`
+* Rails 5: ActionDispatch::Reloader#to_prepare is deprecated
+  [[#404]](https://github.com/Shopify/shopify_app/pull/404)
+7.2.6
+-----
+* Update LoginProtection#fullpage_redirect_to to get shopify domain from session
+  [[#401]](https://github.com/Shopify/shopify_app/pull/401)
+7.2.5
+-----
+* Update LoginProtection.redirection_javascript to work with absolute URLS
+  [[#389]](https://github.com/Shopify/shopify_app/pull/389)
+7.2.4
+-----
+* Fix redirect issue by sanitizing shop name on sessions#new
+7.2.3
+-----
+* Use postMessage to redirect parent iframe during authentication [[#366]](https://github.com/Shopify/shopify_app/pull/366)
+* Add support for dynamically generating scripttag URLs
+* Bug-fix: Update scripttags_manager_job
+* Bug-fix: `--application_name` and `--scope` generates proper Configuration even when options supplied to them contain whitespaces.
 7.2.0
 -----
 * Disable application layout rendering for the `/login` page

data/Gemfile CHANGED Viewed

@@ -2,3 +2,5 @@ source "https://rubygems.org"
 # Specify your gem's dependencies in shopify_app.gemspec
 gemspec
+gem 'rails-controller-testing', group: :test