shopify_app 17.0.4 → 17.0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/Gemfile.lock +3 -3
- data/app/controllers/shopify_app/callback_controller.rb +7 -0
- data/app/controllers/shopify_app/sessions_controller.rb +13 -4
- data/lib/shopify_app/version.rb +1 -1
- data/package.json +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 41c18b0e92a08c6f1ddf4b172e6eacc71392222f7c50cf894f63a7e2d05a5420
|
|
4
|
+
data.tar.gz: 4110f9c21b060325cde47a9fac5cb60f4417b3279219a650585c719214b7dd7c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 04ee583382594207dbe63962b72c31ff0ca973453d89840552425443758c767f501772c50c27d31436505b4e2891bdaca58fe3aca731bd9c56c3edda05d88e2f
|
|
7
|
+
data.tar.gz: beff89c7a9c01e3a9becedace07f2d22ef10182425693c1244b997e350f19916e74faa2873f2bef8d00b6ed32444f09fac75b6b14cfbbabe5239ed7baccb1752
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
Unreleased
|
|
2
2
|
----------
|
|
3
3
|
|
|
4
|
+
17.0.5 (January 27, 2021)
|
|
5
|
+
----------
|
|
6
|
+
* Fix omniauth strategy not being set correctly for apps using session tokens [#1164](https://github.com/Shopify/shopify_app/pull/1164)
|
|
7
|
+
|
|
4
8
|
17.0.4 (January 25, 2021)
|
|
5
9
|
----------
|
|
6
10
|
* Redirect user to login page if shopify domain is not found in the `EnsureAuthenticatedLinks` concern [#1158](https://github.com/Shopify/shopify_app/pull/1158)
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
shopify_app (17.0.
|
|
4
|
+
shopify_app (17.0.5)
|
|
5
5
|
browser_sniffer (~> 1.2.2)
|
|
6
6
|
jwt (~> 2.2.1)
|
|
7
7
|
omniauth-shopify-oauth2 (~> 2.2.2)
|
|
@@ -96,7 +96,7 @@ GEM
|
|
|
96
96
|
faraday-net_http (1.0.1)
|
|
97
97
|
globalid (0.4.2)
|
|
98
98
|
activesupport (>= 4.2.0)
|
|
99
|
-
graphql (1.12.
|
|
99
|
+
graphql (1.12.3)
|
|
100
100
|
graphql-client (0.16.0)
|
|
101
101
|
activesupport (>= 3.0)
|
|
102
102
|
graphql (~> 1.8)
|
|
@@ -208,7 +208,7 @@ GEM
|
|
|
208
208
|
rubocop (~> 1.4)
|
|
209
209
|
ruby-progressbar (1.10.1)
|
|
210
210
|
ruby2_keywords (0.0.4)
|
|
211
|
-
shopify_api (9.
|
|
211
|
+
shopify_api (9.3.0)
|
|
212
212
|
activeresource (>= 4.1.0, < 6.0.0)
|
|
213
213
|
graphql-client
|
|
214
214
|
rack
|
|
@@ -65,6 +65,13 @@ module ShopifyApp
|
|
|
65
65
|
end
|
|
66
66
|
end
|
|
67
67
|
|
|
68
|
+
# Override user_session_by_cookie from LoginProtection to bypass allow_cookie_authentication
|
|
69
|
+
# setting check because session cookies are justified at top level
|
|
70
|
+
def user_session_by_cookie
|
|
71
|
+
return unless session[:user_id].present?
|
|
72
|
+
ShopifyApp::SessionRepository.retrieve_user_session(session[:user_id])
|
|
73
|
+
end
|
|
74
|
+
|
|
68
75
|
def start_user_token_flow?
|
|
69
76
|
if jwt_request?
|
|
70
77
|
false
|
|
@@ -92,9 +92,18 @@ module ShopifyApp
|
|
|
92
92
|
end
|
|
93
93
|
end
|
|
94
94
|
|
|
95
|
+
# Override shop_session_by_cookie from LoginProtection to bypass allow_cookie_authentication
|
|
96
|
+
# setting check because session cookies are justified at top level
|
|
97
|
+
def shop_session_by_cookie
|
|
98
|
+
return unless session[:shop_id].present?
|
|
99
|
+
ShopifyApp::SessionRepository.retrieve_shop_session(session[:shop_id])
|
|
100
|
+
end
|
|
101
|
+
|
|
95
102
|
# rubocop:disable Lint/SuppressedException
|
|
96
103
|
def set_user_tokens_option
|
|
97
|
-
|
|
104
|
+
current_shop_session = shop_session
|
|
105
|
+
|
|
106
|
+
if current_shop_session.blank?
|
|
98
107
|
session[:user_tokens] = false
|
|
99
108
|
return
|
|
100
109
|
end
|
|
@@ -102,9 +111,9 @@ module ShopifyApp
|
|
|
102
111
|
session[:user_tokens] = ShopifyApp::SessionRepository.user_storage.present?
|
|
103
112
|
|
|
104
113
|
ShopifyAPI::Session.temp(
|
|
105
|
-
domain:
|
|
106
|
-
token:
|
|
107
|
-
api_version:
|
|
114
|
+
domain: current_shop_session.domain,
|
|
115
|
+
token: current_shop_session.token,
|
|
116
|
+
api_version: current_shop_session.api_version
|
|
108
117
|
) do
|
|
109
118
|
ShopifyAPI::Metafield.find(:token_validity_bogus_check)
|
|
110
119
|
end
|
data/lib/shopify_app/version.rb
CHANGED
data/package.json
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: shopify_app
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 17.0.
|
|
4
|
+
version: 17.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Shopify
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-01-
|
|
11
|
+
date: 2021-01-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: browser_sniffer
|