shopify_app 7.2.0 → 8.5.0

data/config/locales/fr.yml

@@ -0,0 +1,23 @@
+---
+fr:
+  logged_out: Vous êtes déconnecté(e)
+  could_not_log_in: Impossible de se connecter à la boutique Shopify
+  invalid_shop_url: Url invalide
+  enable_cookies_heading: Activer les cookies de %{app}
+  enable_cookies_body: Vous devez manuellement activer les cookies dans ce navigateur
+    pour utiliser %{app} dans Shopify.
+  enable_cookies_footer: Les cookies permettent à l'application de vous authentifier
+    en stockant temporairement vos préférences et informations personnelles. Celles-ci
+    expirent après 30 jours.
+  enable_cookies_action: Activer les cookies
+  top_level_interaction_heading: Votre navigateur doit s'authentifier %{app}
+  top_level_interaction_body: Votre navigateur nécessite des applications tierces
+    telles que %{app} pour vous demander l'accès aux cookies avant que Shopify ne
+    puisse l'ouvrir pour vous.
+  top_level_interaction_action: Continuer
+  request_storage_access_heading: "%{app} a besoin d'accéder aux cookies"
+  request_storage_access_body: Cela permet à l'application de vous authentifier en
+    stockant temporairement vos informations personnelles. Cliquez pour continuer
+    et autorisez les cookies à utiliser l'application.
+  request_storage_access_footer: Les cookies expirent après 30 jours.
+  request_storage_access_action: Continuer

data/config/locales/it.yml

@@ -0,0 +1,22 @@
+---
+it:
+  logged_out: Disconnessione effettuata correttamente
+  could_not_log_in: Impossibile accedere al negozio Shopify
+  invalid_shop_url: Dominio negozio non valido
+  enable_cookies_heading: Abilita i cookie di %{app}
+  enable_cookies_body: Devi abilitare manualmente i cookie in questo browser per poter
+    utilizzare %{app} da Shopify.
+  enable_cookies_footer: I cookie consentono all'app di autenticarti memorizzando
+    temporaneamente le tue preferenze e informazioni personali. Scadono dopo 30 giorni.
+  enable_cookies_action: Abilita i cookie
+  top_level_interaction_heading: Il tuo browser deve autenticare %{app}
+  top_level_interaction_body: Il tuo browser richiede che app di terze parti come
+    %{app} ti chiedano l'accesso ai cookie prima dell'apertura automatica da parte
+    di Shopify.
+  top_level_interaction_action: Continua
+  request_storage_access_heading: "%{app} deve accedere ai cookie"
+  request_storage_access_body: L'app potrà così autenticarti memorizzando temporaneamente
+    le tue informazioni personali. Clicca su Continua e consenti ai cookie di utilizzare
+    l'app.
+  request_storage_access_footer: I cookie scadono dopo 30 giorni.
+  request_storage_access_action: Continua

data/config/locales/ja.yml

@@ -0,0 +1,17 @@
+---
+ja:
+  logged_out: ログインに成功しました
+  could_not_log_in: Shopifyストアにログインできませんでした
+  invalid_shop_url: ショップのドメインが無効です
+  enable_cookies_heading: "%{app}からのCookieを有効にする"
+  enable_cookies_body: Shopifyで%{app}を使用できるようにするためには、このブラウザのCookieを手動で有効にする必要があります。
+  enable_cookies_footer: Cookieを使用すると、各種設定や個人情報を一時的に保存することで、アプリ認証を受けることができます。30日後に有効期限が切れます。
+  enable_cookies_action: Cookieを有効にする
+  top_level_interaction_heading: お使いのブラウザを更新する必要があります%{app}
+  top_level_interaction_body: Shopifyがアプリを開けるように、ブラウザーはCookie にアクセスするための%{app}のような外部アプリが必要です。
+  top_level_interaction_action: 続ける
+  request_storage_access_heading: "%{app}クッキーにアクセスする必要がある"
+  request_storage_access_body: Cookieを使用すると、個人情報を一時的に保存することで、アプリ認証を受けることができます。[続行]
+    をクリックして、Cookieでアプリを使用できるようにします。
+  request_storage_access_footer: Cookieは30日後に有効期限が切れます。
+  request_storage_access_action: 続ける

data/config/locales/nl.yml

@@ -0,0 +1,21 @@
+---
+nl:
+  logged_out: U bent afgemeld
+  could_not_log_in: Kon niet aanmelden bij Shopify-winkel
+  invalid_shop_url: Ongeldig winkeldomein
+  enable_cookies_heading: Schakel cookies in van %{app}
+  enable_cookies_body: U moet cookies in deze browser handmatig inschakelen om %{app}
+    binnen Shopify te gebruiken.
+  enable_cookies_footer: Met cookies kan de app u verifiëren door uw voorkeuren en
+    persoonlijke informatie tijdelijk op te slaan. Ze vervallen na 30 dagen.
+  enable_cookies_action: Schakel cookies in
+  top_level_interaction_heading: Uw browser moet %{app} verifiëren
+  top_level_interaction_body: Uw browser heeft apps van derden nodig zoals %{app}
+    om u toegang te vragen tot cookies voordat Shopify het voor u kan openen.
+  top_level_interaction_action: Doorgaan
+  request_storage_access_heading: "%{app} heeft toegang tot cookies nodig"
+  request_storage_access_body: Hiermee kan de app u verifiëren door uw persoonlijke
+    gegevens tijdelijk op te slaan. Klik op Doorgaan en sta cookies toe om de app
+    te gebruiken.
+  request_storage_access_footer: Cookies verlopen na 30 dagen.
+  request_storage_access_action: Doorgaan

data/config/locales/pt-BR.yml

@@ -0,0 +1,22 @@
+---
+pt-BR:
+  logged_out: Você saiu com sucesso
+  could_not_log_in: Não foi possível fazer login na Shopify store
+  invalid_shop_url: Domínio de loja inválido
+  enable_cookies_heading: Ativar cookies de %{app}
+  enable_cookies_body: Você deve ativar manualmente os cookies neste navegador para
+    usar %{app} dentro da Shopify.
+  enable_cookies_footer: Os cookies permitem que o aplicativo o autentique armazenando
+    temporariamente suas preferências e informações pessoais. Eles expiram depois
+    de 30 dias.
+  enable_cookies_action: Ativar cookies
+  top_level_interaction_heading: Seu navegador precisa autenticar %{app}
+  top_level_interaction_body: Seu navegador exige que apps de terceiros como o %{app}
+    consultem você sobre o acesso a cookies antes da Shopify abri-los.
+  top_level_interaction_action: Continuar
+  request_storage_access_heading: "%{app} precisa acessar cookies"
+  request_storage_access_body: Isso permite que o app autentique você armazenando
+    temporariamente seus dados pessoais. Clique em continuar e permita os cookies
+    para usar o app.
+  request_storage_access_footer: Os cookies expiram depois de 30 dias.
+  request_storage_access_action: Continuar

data/config/locales/zh-CN.yml

@@ -0,0 +1,16 @@
+---
+zh-CN:
+  logged_out: 已成功注销
+  could_not_log_in: 无法登录到 Shopify 店铺
+  invalid_shop_url: 商店域无效
+  enable_cookies_heading: 从 %{app} 启用 Cookie
+  enable_cookies_body: 您必须在此浏览器中手动启用 Cookie 才能在 Shopify 中使用 %{app}。
+  enable_cookies_footer: Cookie 使此应用能够通过暂时存储您的首选项和个人信息来验证您的身份。这些信息将在 30 天后过期。
+  enable_cookies_action: 启用 Cookie
+  top_level_interaction_heading: 您的浏览器需要对 %{app} 进行验证
+  top_level_interaction_body: 您的浏览器要求类似 %{app} 的第三方应用向您请求访问 Cookie，之后 Shopify 才能为您打开它。
+  top_level_interaction_action: 继续
+  request_storage_access_heading: "%{app} 需要访问 Cookie"
+  request_storage_access_body: 这使此应用能够通过暂时存储您的个人信息来验证您的身份。单击继续并启用 Cookie 以使用此应用。
+  request_storage_access_footer: Cookie 将在 30 天后过期。
+  request_storage_access_action: 继续

data/config/locales/zh-TW.yml

@@ -0,0 +1,17 @@
+---
+zh-TW:
+  logged_out: 登出成功
+  could_not_log_in: 無法登入 Shopify 商店
+  invalid_shop_url: 商店網域無效
+  enable_cookies_heading: 啟用 %{app} 的 Cookie
+  enable_cookies_body: 您必須在此瀏覽器中手動啟用 Cookie，才能夠在 Shopify 使用 %{app}。
+  enable_cookies_footer: Cookie 可讓應用程式暫時儲存您的偏好設定和個人資訊，藉此驗證您的身分，這些資料會在 30 天後失效。
+  enable_cookies_action: 啟用 Cookie
+  top_level_interaction_heading: 您的瀏覽器需要驗證 %{app}
+  top_level_interaction_body: 您的瀏覽器會要求第三方應用程式 (例如：%{app}) 向您請求 Cookie 的存取權限，然後才讓 Shopify
+    為您開啟此應用程式。
+  top_level_interaction_action: 繼續
+  request_storage_access_heading: "%{app} 需要 Cookie 存取權限"
+  request_storage_access_body: Cookie 可讓應用程式暫時儲存您的個人資訊，藉此驗證您的身分。按一下繼續並允許 Cookie 使用此應用程式。
+  request_storage_access_footer: Cookie 將於 30 天後失效。
+  request_storage_access_action: 繼續

data/config/routes.rb

@@ -2,10 +2,20 @@ ShopifyApp::Engine.routes.draw do
   controller :sessions do
     get 'login' => :new, :as => :login
     post 'login' => :create, :as => :authenticate
-    get 'auth/shopify/callback' => :callback
+    get 'enable_cookies' => :enable_cookies, :as => :enable_cookies
+    get 'top_level_interaction' =>
+      :top_level_interaction,
+        :as => :top_level_interaction
+    get 'granted_storage_access' =>
+      :granted_storage_access,
+        :as => :granted_storage_access
     get 'logout' => :destroy, :as => :logout
   end
 
+  controller :callback do
+    get 'auth/shopify/callback' => :callback
+  end
+
   namespace :webhooks do
     post ':type' => :receive
   end

data/{QUICKSTART.md → docs/Quickstart.md}

@@ -6,12 +6,12 @@ Build and deploy a new Shopify App to Heroku in minutes
 1. New Rails App (with postgres)
 --------------------------------
 
-```
-rails new test-app --database=postgresql
-cd test-app
-git init
-git add .
-git commit -m 'new rails app'
+```sh
+$ rails new test-app --database=postgresql
+$ cd test-app
+$ git init
+$ git add .
+$ git commit -m 'new rails app'
 ```
 
 2. Create a new Heroku app
@@ -20,17 +20,17 @@ git commit -m 'new rails app'
 The next step is to create a new heroku app. Pull up your heroku dashboard and make a new app!
 
 cli:
+```sh
+$ heroku create name
+$ heroku git:remote -a name
 ```
-heroku create name
-heroku git:remote -a name
-  ```
 
 now we need to let git know where the remote server is so we'll be able to deploy later
 
 web:
-```
-https://dashboard.heroku.com/new
-git remote add heroku git@heroku.com:appinfive.git
+```sh
+# https://dashboard.heroku.com/new
+$ git remote add heroku git@heroku.com:appinfive.git
 ```
 
 3. Create a new App in the partners area
@@ -43,28 +43,31 @@ git remote add heroku git@heroku.com:appinfive.git
 
 4. Add ShopifyApp to gemfile
 ----------------------------
-```
+```sh
 $ echo "gem 'shopify_app'" >> Gemfile
-
-bundle install
+$ bundle install
 ```
 
 Note - its recommended to use the latest released version. Check the git tags to see the latest release and then add it to your Gemfile e.g `gem 'shopify_app', '~> 7.0.0'`
 
 5. Run the ShopifyApp generator
 -------------------------------
+```sh
+# use the keys from your app in the partners area
+$ rails generate shopify_app --api_key <shopify_api_key> --secret <shopify_api_secret>
+$ git add .
+$ git commit -m 'generated shopify app'
 ```
-use the keys from your app in the partners area
-rails generate shopify_app --api_key a366cbafaccebd2f615aebdfc932fa1c --secret 8750306a895b3dbc7f4136c2ae2ea293
-git add .
-git commit -m 'generated shopify app'
-```
+
+If you forget to set your keys or redirect uri above, you will find them in the shopify_app initializer at: `/config/initializers/shopify_app.rb`.
+
+We recommend adding a gem or utilizing ENV variables to handle your keys before releasing your app.
 
 6. Deploy
 ---------
-```
-git push heroku
-heroku run rake db:migrate
+```sh
+$ git push heroku
+$ heroku run rake db:migrate
 ```
 
 7. Install the App!

data/docs/Releasing.md

@@ -0,0 +1,18 @@
+Releasing ShopifyApp
+
+1. Check the Semantic Versioning page for info on how to version the new release: http://semver.org
+2. Create a pull request with the following changes:
+  * Update the version of ShopifyApp in lib/shopify_app/version.rb
+  * Update the version in package.json
+  * Add a CHANGELOG entry for the new release with the date
+  * Change the title of the PR to something like: "Packaging for release X.Y.Z"
+3. Merge your pull request
+4. Pull from master so you have the latest version of the shopify_app
+5. Tag the HEAD with the version (Leave REV blank for HEAD or provide a SHA)
+  $ git tag vX.Y.Z
+6. Push out your tags
+  $ git push --tags
+7. Use Shipit to build and push the gem
+
+If you see an error like 'You need to create the vX.Y.X tag first', clear GIT
+cache in Shipit settings

data/docs/Troubleshooting.md

@@ -0,0 +1,16 @@
+Troubleshooting Shopify App
+===========
+
+### Generator shopify_app:install hangs
+
+Rails uses spring by default to speed up development. To run the generator, spring has to be stopped:
+
+```sh
+$ bundle exec spring stop
+```
+
+Run shopify_app generator again.
+
+### App installation fails with 'The page you’re looking for could not be found' if the app was installed before
+
+This issue can occur when the session (the model you set as `ShopifyApp::SessionRepository.storage`) isn't deleted when the user uninstalls your app. A possible fix for this is listening to the `app/uninstalled` webhook and deleting the corresponding session in the webhook handler.

data/karma.conf.js

@@ -0,0 +1,43 @@
+const karmaReporters = ['mocha-clean'];
+
+function isDebug(argument) {
+  return argument === '--debug';
+}
+
+module.exports = function(config) {
+  config.set({
+    mode: 'development',
+    basePath: '',
+    frameworks: ['mocha-debug', 'mocha', 'chai-sinon'],
+    files: [
+      'app/assets/javascripts/**/*.js',
+      'test/javascripts/**/*test.js',
+    ],
+    exclude: [
+      // Exclude JS files that create 'DOMContentLoaded' event listeners
+      'app/assets/javascripts/**/redirect.js',
+      'app/assets/javascripts/**/storage_access_redirect.js',
+      'app/assets/javascripts/**/top_level_interaction.js',
+      'app/assets/javascripts/**/partition_cookies.js',
+    ],
+    mochaReporter: {
+      output: 'autowatch',
+    },
+    preprocessors: {
+      'test/javascripts/**/*test.js': ['webpack'],
+    },
+    reporters: karmaReporters,
+    port: 9876,
+    colors: true,
+    logLevel: config.LOG_WARN,
+    autoWatch: false,
+    browsers: ['ChromeHeadless'],
+    singleRun: true,
+    client: {
+      mocha: {
+        ui: 'tdd',
+        grep: config.grep,
+      },
+    },
+  });
+};

data/lib/generators/shopify_app/add_after_authenticate_job/add_after_authenticate_job_generator.rb

@@ -0,0 +1,45 @@
+require 'rails/generators/base'
+
+module ShopifyApp
+  module Generators
+    class AddAfterAuthenticateJobGenerator < Rails::Generators::Base
+      source_root File.expand_path('../templates', __FILE__)
+
+      hook_for :test_framework, as: :job, in: :rails do |instance, generator|
+        instance.invoke generator, [ instance.send(:job_file_name) ]
+      end
+
+      def init_after_authenticate_config
+        initializer = load_initializer
+
+        after_authenticate_job_config =
+          "  config.after_authenticate_job = "\
+          "{ job: Shopify::AfterAuthenticateJob, inline: false }\n"
+
+        inject_into_file(
+          'config/initializers/shopify_app.rb',
+          after_authenticate_job_config,
+          before: 'end'
+        )
+
+        unless initializer.include?(after_authenticate_job_config)
+          shell.say "Error adding after_authneticate_job to config. Add this line manually: #{after_authenticate_job_config}", :red
+        end
+      end
+
+      def add_after_authenticate_job
+        template 'after_authenticate_job.rb', "app/jobs/#{job_file_name}_job.rb"
+      end
+
+      private
+
+      def load_initializer
+        File.read(File.join(destination_root, 'config/initializers/shopify_app.rb'))
+      end
+
+      def job_file_name
+        'shopify/after_authenticate'
+      end
+    end
+  end
+end

data/lib/generators/shopify_app/add_after_authenticate_job/templates/after_authenticate_job.rb

@@ -0,0 +1,10 @@
+module Shopify
+  class AfterAuthenticateJob < ActiveJob::Base
+    def perform(shop_domain:)
+      shop = Shop.find_by(shopify_domain: shop_domain)
+
+      shop.with_shopify_session do
+      end
+    end
+  end
+end

data/lib/generators/shopify_app/home_controller/templates/home_controller.rb

@@ -1,5 +1,6 @@
 class HomeController < ShopifyApp::AuthenticatedController
   def index
     @products = ShopifyAPI::Product.find(:all, params: { limit: 10 })
+    @webhooks = ShopifyAPI::Webhook.find(:all)
   end
 end

data/lib/generators/shopify_app/home_controller/templates/index.html.erb

@@ -5,3 +5,17 @@
     <li><%= link_to product.title, "https://#{@shop_session.url}/admin/products/#{product.id}", target: "_top" %></li>
   <% end %>
 </ul>
+
+<hr>
+
+<h2>Webhooks</h2>
+
+<% if @webhooks.present? %>
+  <ul>
+    <% @webhooks.each do |webhook| %>
+      <li><%= webhook.topic %> : <%= webhook.address %></li>
+    <% end %>
+  </ul>
+<% else %>
+  <p>This app has not created any webhooks for this Shop. Add webhooks to your ShopifyApp initializer if you need webhooks</p>
+<% end %>

data/lib/generators/shopify_app/home_controller/templates/shopify_app_ready_script.html.erb

@@ -1,11 +1,7 @@
 <% content_for :javascript do %>
   <script type="text/javascript">
     ShopifyApp.ready(function(){
-      ShopifyApp.Bar.initialize({
-        title: "Home",
-        icon: "<%= asset_path('favicon.ico') %>"
-      });
+      ShopifyApp.Bar.initialize({ title: "Home" });
     });
   </script>
 <% end %>
-

data/lib/generators/shopify_app/install/install_generator.rb

@@ -1,5 +1,4 @@
 require 'rails/generators/base'
-require 'rails/generators/active_record'
 
 module ShopifyApp
   module Generators
@@ -7,17 +6,19 @@ module ShopifyApp
       include Rails::Generators::Migration
       source_root File.expand_path('../templates', __FILE__)
 
-      class_option :application_name, type: :string
+      class_option :application_name, type: :array, default: ['My', 'Shopify', 'App']
       class_option :api_key, type: :string, default: '<api_key>'
       class_option :secret, type: :string, default: '<secret>'
-      class_option :scope, type: :string, default: 'read_orders, read_products'
+      class_option :old_secret, type: :string, default: '<old_secret>'
+      class_option :scope, type: :array, default: ['read_products']
       class_option :embedded, type: :string, default: 'true'
 
       def create_shopify_app_initializer
-        @application_name = options['application_name']
+        @application_name = format_array_argument(options['application_name'])
         @api_key = options['api_key']
         @secret = options['secret']
-        @scope = options['scope']
+        @old_secret = options['old_secret']
+        @scope = format_array_argument(options['scope'])
 
         template 'shopify_app.rb', 'config/initializers/shopify_app.rb'
       end
@@ -34,17 +35,6 @@ module ShopifyApp
         )
       end
 
-      def create_shopify_session_repository_initializer
-        copy_file 'shopify_session_repository.rb', 'config/initializers/shopify_session_repository.rb'
-      end
-
-      def inject_embedded_app_options_to_application
-        if embedded_app?
-          application "config.action_dispatch.default_headers.delete('X-Frame-Options')"
-          application "config.action_dispatch.default_headers['P3P'] = 'CP=\"Not used\"'"
-        end
-      end
-
       def create_embedded_app_layout
         if embedded_app?
           copy_file 'embedded_app.html.erb', 'app/views/layouts/embedded_app.html.erb'
@@ -61,6 +51,10 @@ module ShopifyApp
       def embedded_app?
         options['embedded'] == 'true'
       end
+
+      def format_array_argument(array)
+        array.join(' ').tr('"', '')
+      end
     end
   end
 end

data/lib/generators/shopify_app/install/templates/_flash_messages.html.erb

@@ -1,15 +1,19 @@
 <% content_for :javascript do %>
 <script type="text/javascript">
-  var eventName = typeof(Turbolinks) !== 'undefined' ? 'page:change' : 'DOMContentLoaded';
+  var eventName = typeof(Turbolinks) !== 'undefined' ? 'turbolinks:load' : 'DOMContentLoaded';
 
-  document.addEventListener(eventName, function() {
-    <% if flash[:notice] %>
-      ShopifyApp.flashNotice("<%= j flash[:notice].html_safe %>");
-    <% end %>
+  if (!document.documentElement.hasAttribute("data-turbolinks-preview")) {
+    document.addEventListener(eventName, function flash() {
+      <% if flash[:notice] %>
+        ShopifyApp.flashNotice(<%== flash[:notice].to_json %>);
+      <% end %>
 
-    <% if flash[:error] %>
-      ShopifyApp.flashError("<%= j flash[:error].html_safe %>");
-    <% end %>
-  });
+      <% if flash[:error] %>
+        ShopifyApp.flashError(<%== flash[:error].to_json %>);
+      <% end %>
+                             
+      document.removeEventListener(eventName, flash)
+    });
+  }
 </script>
 <% end %>

data/lib/generators/shopify_app/install/templates/embedded_app.html.erb

@@ -3,7 +3,7 @@
   <head>
     <meta charset="utf-8" />
     <% application_name = ShopifyApp.configuration.application_name %>
-    <title><%= application_name.presence || 'Embedded Shopify App Example' %></title>
+    <title><%= application_name %></title>
     <%= stylesheet_link_tag 'application' %>
     <%= javascript_include_tag 'application', "data-turbolinks-track" => true %>
     <%= csrf_meta_tags %>

data/lib/generators/shopify_app/install/templates/shopify_app.rb

@@ -1,9 +1,11 @@
 ShopifyApp.configure do |config|
-<% if @application_name.present? %>
   config.application_name = "<%= @application_name %>"
-<% end %>
   config.api_key = "<%= @api_key %>"
   config.secret = "<%= @secret %>"
-  config.scope = "<%= @scope %>"
+  config.old_secret = "<%= @old_secret %>"
+  config.scope = "<%= @scope %>" # Consult this page for more scope options:
+                                 # https://help.shopify.com/en/api/getting-started/authentication/oauth/scopes
   config.embedded_app = <%= embedded_app? %>
+  config.after_authenticate_job = false
+  config.session_repository = ShopifyApp::InMemorySessionStore
 end

data/lib/generators/shopify_app/install/templates/shopify_provider.rb

@@ -1,4 +1,19 @@
-  provider :shopify,
-    ShopifyApp.configuration.api_key,
-    ShopifyApp.configuration.secret,
-    scope: ShopifyApp.configuration.scope
+# frozen_string_literal: true
+
+provider :shopify,
+  ShopifyApp.configuration.api_key,
+  ShopifyApp.configuration.secret,
+  scope: ShopifyApp.configuration.scope,
+  setup: lambda { |env|
+    strategy = env['omniauth.strategy']
+
+    shopify_auth_params = strategy.session['shopify.omniauth_params']&.with_indifferent_access
+    shop = if shopify_auth_params.present?
+      "https://#{shopify_auth_params[:shop]}"
+    else
+      ''
+    end
+
+    strategy.options[:client_options][:site] = shop
+    strategy.options[:old_client_secret] = ShopifyApp.configuration.old_secret
+  }

data/lib/generators/shopify_app/rotate_shopify_token_job/rotate_shopify_token_job_generator.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+require 'rails/generators/base'
+
+module ShopifyApp
+  module Generators
+    class RotateShopifyTokenJobGenerator < Rails::Generators::Base
+      source_root File.expand_path('../templates', __FILE__)
+
+      def add_rotate_shopify_token_job
+        copy_file('rotate_shopify_token_job.rb', "app/jobs/shopify/rotate_shopify_token_job.rb")
+        copy_file('rotate_shopify_token.rake', "lib/tasks/shopify/rotate_shopify_token.rake")
+      end
+    end
+  end
+end

data/lib/generators/shopify_app/rotate_shopify_token_job/templates/rotate_shopify_token.rake

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+namespace :shopify do
+  desc "Rotate shopify tokens for all active shops"
+  task :rotate_shopify_tokens, [:refresh_token] => :environment do |_t, args|
+    all_active_shops.find_each do |shop|
+      Shopify::RotateShopifyTokenJob.perform_later(
+        shop_domain: shop.shopify_domain,
+        refresh_token: args[:refresh_token]
+      )
+    end
+  end
+
+  # Its implementation will depend on the app configuration. Change accordingly.
+  def all_active_shops
+    Shop.all
+  end
+end

data/lib/generators/shopify_app/rotate_shopify_token_job/templates/rotate_shopify_token_job.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+module Shopify
+  class RotateShopifyTokenJob < ActiveJob::Base
+    def perform(params)
+      @shop = Shop.find_by(shopify_domain: params[:shop_domain])
+      return unless @shop
+
+      config = ShopifyApp.configuration
+      uri = URI("https://#{@shop.shopify_domain}/admin/oauth/access_token")
+      post_data = {
+        client_id: config.api_key,
+        client_secret: config.secret,
+        refresh_token: params[:refresh_token],
+        access_token: @shop.shopify_token,
+      }
+
+      @response = Net::HTTP.post_form(uri, post_data)
+      return log_error(response_expcetion_error_message) unless @response.is_a?(Net::HTTPSuccess)
+
+      access_token = JSON.parse(@response.body)['access_token']
+      return log_error(no_access_token_error_message) unless access_token
+
+      @shop.update(shopify_token: access_token)
+    end
+
+    private
+
+    def log_error(message)
+      Rails.logger.error(message)
+    end
+
+    def no_access_token_error_message
+      "RotateShopifyTokenJob response returned no access token for shop: #{@shop.shopify_domain}"
+    end
+
+    def response_exception_error_message
+      "RotateShopifyTokenJob failed for shop: #{@shop.shopify_domain}." \
+        "Response returned status: #{@response.code}. Error message: #{@response.message}. "
+    end
+  end
+end