shopify_app 18.0.2 → 18.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2fcfa987c56d06c327c1cff6e12350711473a1a265844b6f4f3c32b696c1495e
-  data.tar.gz: 57b44743afc3e0175fe408ccfa688bc0b8c28d7b99db6fae5e6c7ab1a843ec9a
+  metadata.gz: a17cc09be2742af3a0e91af4ac4c2e3d4ab246ae10c31dc2c26b1138058f1846
+  data.tar.gz: afd2922bb83d113c1c4d16c240db9455d1d63478cd2e231fd4e27d3aebb01958
 SHA512:
-  metadata.gz: 583dbf51eaa3a3a600a410eca4d30fab58776709f6882908ed72af5da222163bbeaeba6805682ed95100abcce1217aceeba5851fa9cf00836b7a1f1201f30289
-  data.tar.gz: 8dcb0f7bceb2f4ec7bcbe8eb5f5d5bb294767fa5ead28b1d329ef34a5119fd835f99669480514473a5e184b91f9e79f4abd9941399b269faf5522ce6f69e6eb7
+  metadata.gz: a19c5616ec96c8c454077dd114f4aedd215725e1af274eadc05d2989812bc5bd3b4674b9a850af3b28f7171b9f60c7db7a89398a97cf3ad8ad3023482a8ddd1d
+  data.tar.gz: f6eb5a88f94cab3f1555d017f0fada8809661716739186382a5038d880596ba451e2791f616f03400d95ab44c739720feae6b3f677a8188e56f000172b365c8d

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+18.0.3 (Jan 7, 2022)
+----------
+* Change regexp to match standard ngrok URLs. [#1311](https://github.com/Shopify/shopify_app/pull/1311)
+* Make `EnsureAuthenticatedLinks` compatible with AppBridge 2.0. [#1277](https://github.com/Shopify/shopify_app/pull/1277)
+  * Includes the `host` parameter when redirecting to the splash page in an unauthenticated state.
+
 18.0.2 (Jun 15, 2021)
 ----------
 * Added careers link to readme. [#1274](https://github.com/Shopify/shopify_app/pull/1274)

data/Gemfile.lock

@@ -1,8 +1,8 @@
 PATH
   remote: .
   specs:
-    shopify_app (18.0.2)
-      browser_sniffer (~> 1.2.2)
+    shopify_app (18.0.3)
+      browser_sniffer (~> 1.4.0)
       jwt (>= 2.2.3)
       omniauth-rails_csrf_protection
       omniauth-shopify-oauth2 (~> 2.3)
@@ -80,12 +80,12 @@ GEM
       minitest (>= 5.1)
       tzinfo (~> 2.0)
       zeitwerk (~> 2.3)
-    addressable (2.7.0)
+    addressable (2.8.0)
       public_suffix (>= 2.0.2, < 5.0)
     ast (2.4.1)
     binding_of_caller (0.8.0)
       debug_inspector (>= 0.0.1)
-    browser_sniffer (1.2.2)
+    browser_sniffer (1.4.0)
     builder (3.2.4)
     byebug (11.1.3)
     coderay (1.1.3)
@@ -94,32 +94,46 @@ GEM
     crass (1.0.6)
     debug_inspector (0.0.3)
     erubi (1.10.0)
-    faraday (1.4.1)
+    faraday (1.9.3)
+      faraday-em_http (~> 1.0)
+      faraday-em_synchrony (~> 1.0)
       faraday-excon (~> 1.1)
+      faraday-httpclient (~> 1.0)
+      faraday-multipart (~> 1.0)
       faraday-net_http (~> 1.0)
-      faraday-net_http_persistent (~> 1.1)
-      multipart-post (>= 1.2, < 3)
+      faraday-net_http_persistent (~> 1.0)
+      faraday-patron (~> 1.0)
+      faraday-rack (~> 1.0)
+      faraday-retry (~> 1.0)
       ruby2_keywords (>= 0.0.4)
+    faraday-em_http (1.0.0)
+    faraday-em_synchrony (1.0.0)
     faraday-excon (1.1.0)
+    faraday-httpclient (1.0.1)
+    faraday-multipart (1.0.2)
+      multipart-post (>= 1.2, < 3)
     faraday-net_http (1.0.1)
-    faraday-net_http_persistent (1.1.0)
-    globalid (0.4.2)
-      activesupport (>= 4.2.0)
-    graphql (1.12.8)
-    graphql-client (0.16.0)
+    faraday-net_http_persistent (1.2.0)
+    faraday-patron (1.0.0)
+    faraday-rack (1.0.0)
+    faraday-retry (1.0.3)
+    globalid (1.0.0)
+      activesupport (>= 5.0)
+    graphql (1.13.4)
+    graphql-client (0.17.0)
       activesupport (>= 3.0)
-      graphql (~> 1.8)
+      graphql (~> 1.10)
     hashdiff (1.0.1)
-    hashie (4.1.0)
+    hashie (5.0.0)
     i18n (1.8.9)
       concurrent-ruby (~> 1.0)
-    jwt (2.2.3)
+    jwt (2.3.0)
     loofah (2.9.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
       mini_mime (>= 0.1.1)
-    marcel (1.0.1)
+    marcel (1.0.2)
     method_source (0.9.2)
     mini_mime (1.0.3)
     mini_portile2 (2.5.0)
@@ -128,7 +142,7 @@ GEM
     multi_json (1.15.0)
     multi_xml (0.6.0)
     multipart-post (2.1.1)
-    nio4r (2.5.7)
+    nio4r (2.5.8)
     nokogiri (1.11.2)
       mini_portile2 (~> 2.5.0)
       racc (~> 1.4)
@@ -142,7 +156,7 @@ GEM
       hashie (>= 3.4.6)
       rack (>= 1.6.2, < 3)
       rack-protection
-    omniauth-oauth2 (1.7.1)
+    omniauth-oauth2 (1.7.2)
       oauth2 (~> 1.4)
       omniauth (>= 1.9, < 3)
     omniauth-rails_csrf_protection (1.0.0)
@@ -220,20 +234,21 @@ GEM
     rubocop-shopify (1.0.7)
       rubocop (~> 1.4)
     ruby-progressbar (1.10.1)
-    ruby2_keywords (0.0.4)
-    shopify_api (9.4.1)
+    ruby2_keywords (0.0.5)
+    shopify_api (9.5)
       activeresource (>= 4.1.0, < 6.0.0)
       graphql-client
       rack
+      webrick
     sprockets (4.0.2)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
-    sprockets-rails (3.2.2)
-      actionpack (>= 4.0)
-      activesupport (>= 4.0)
+    sprockets-rails (3.4.2)
+      actionpack (>= 5.2)
+      activesupport (>= 5.2)
       sprockets (>= 3.0.0)
     sqlite3 (1.4.2)
-    thor (1.1.0)
+    thor (1.2.1)
     tzinfo (2.0.4)
       concurrent-ruby (~> 1.0)
     unicode-display_width (1.7.0)
@@ -241,7 +256,8 @@ GEM
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    websocket-driver (0.7.3)
+    webrick (1.7.0)
+    websocket-driver (0.7.5)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
     zeitwerk (2.4.2)
@@ -265,4 +281,4 @@ DEPENDENCIES
   webmock
 
 BUNDLED WITH
-   2.1.4
+   2.2.22

data/app/controllers/concerns/shopify_app/ensure_authenticated_links.rb

@@ -10,9 +10,22 @@ module ShopifyApp
 
     private
 
+    def splash_page
+      splash_page_with_params(
+        return_to: request.fullpath,
+        shop: current_shopify_domain,
+        host: params[:host]
+      )
+    end
+
+    def splash_page_with_params(params)
+      uri = URI(root_path)
+      uri.query = params.compact.to_query
+      uri.to_s
+    end
+
     def redirect_to_splash_page
-      splash_page_path = root_path(return_to: request.fullpath, shop: current_shopify_domain)
-      redirect_to(splash_page_path)
+      redirect_to(splash_page)
     rescue ShopifyApp::LoginProtection::ShopifyDomainNotFound => error
       Rails.logger.warn("[ShopifyApp::EnsureAuthenticatedLinks] Redirecting to login: [#{error.class}] "\
                          "Could not determine current shop domain")

data/docs/shopify_app/engine.md

@@ -15,7 +15,7 @@ While you can customize the login view by creating a `/app/views/shopify_app/ses
 
 ```ruby
 ShopifyApp.configure do |config|
-  config.login_url = 'https://my.domain.com/nested/login'
+  config.login_url = 'https://example.com/nested/login'
 end
 ```
 
@@ -77,6 +77,6 @@ class ReviewsController < ApplicationController
 end
 ```
 
-Create your app proxy URL in the [Shopify Partners dashboard](https://partners.shopify.com/organizations), making sure to point it to `https://your_app_website.com/app_proxy`.
+Create your app proxy URL in the [Shopify Partners dashboard](https://partners.shopify.com/organizations), making sure to point it to `https://example.com/app_proxy`.
 
 ![Creating an App Proxy](/images/app-proxy-screenshot.png)

data/docs/shopify_app/handling-access-scopes-changes.md

@@ -1,5 +1,15 @@
 # Handling changes in access scopes
-The Shopify App gem provides handling changes to scopes for both shop/offline and user/online tokens. To enable your app to login via OAuth on scope changes, you can set the following configuration flag in your `config/initializers/shopify_app.rb`:
+## Updating the list of scopes the app requests
+
+Your app specifies the [access scopes](https://shopify.dev/api/usage/access-scopes) it requires in the Shopify App initializer, located at`config/initializers/shopify_app.rb`. To modify this list, update the comma-delimited configuration option:
+
+```ruby
+config.scope = "read_products,write_discounts"
+```
+
+## Requesting new scopes from merchants
+
+The Shopify App gem will automatically request new scopes from merchants for both shop/offline and user/online tokens. To enable your app to reauth via OAuth on scope changes, you can set the following configuration flag in your `config/initializers/shopify_app.rb`:
 ```ruby
 config.reauth_on_access_scope_changes = true
 ```

data/docs/shopify_app/script-tags.md

@@ -11,7 +11,7 @@ As with webhooks, ShopifyApp can manage your app's [ScriptTags](https://shopify-
 ```ruby
 ShopifyApp.configure do |config|
   config.scripttags = [
-    {event:'onload', src: 'https://my-shopifyapp.herokuapp.com/fancy.js'},
+    {event:'onload', src: 'https://example.com/fancy.js'},
     {event:'onload', src: ->(domain) { dynamic_tag_url(domain) } }
   ]
 end

data/docs/shopify_app/webhooks.md

@@ -12,7 +12,7 @@ ShopifyApp can manage your app's webhooks for you if you set which webhooks you
 ```ruby
 ShopifyApp.configure do |config|
   config.webhooks = [
-    {topic: 'carts/update', address: 'https://example-app.com/webhooks/carts_update'}
+    {topic: 'carts/update', address: 'https://example.com/webhooks/carts_update'}
   ]
 end
 ```
@@ -34,7 +34,7 @@ If you are only interested in particular fields, you can optionally filter the d
 ```ruby
 ShopifyApp.configure do |config|
   config.webhooks = [
-    {topic: 'products/update', address: 'https://example-app.com/webhooks/products_update', fields: ['title', 'vendor']}
+    {topic: 'products/update', address: 'https://example.com/webhooks/products_update', fields: ['title', 'vendor']}
   ]
 end
 ```

data/lib/generators/shopify_app/install/install_generator.rb

@@ -67,7 +67,7 @@ module ShopifyApp
       def insert_hosts_into_development_config
         inject_into_file(
           'config/environments/development.rb',
-          "  config.hosts = (config.hosts rescue []) << /\\w+\\.ngrok\\.io/\n",
+          "  config.hosts = (config.hosts rescue []) << /\[-\w]+\\.ngrok\\.io/\n",
           after: "Rails.application.configure do\n"
         )
       end

data/lib/shopify_app/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module ShopifyApp
-  VERSION = '18.0.2'
+  VERSION = '18.0.3'
 end

data/package.json

@@ -1,6 +1,6 @@
 {
   "name": "shopify_app",
-  "version": "18.0.2",
+  "version": "18.0.3",
   "repository": "git@github.com:Shopify/shopify_app.git",
   "author": "Shopify",
   "license": "MIT",

data/shopify_app.gemspec

@@ -13,7 +13,7 @@ Gem::Specification.new do |s|
 
   s.metadata['allowed_push_host'] = 'https://rubygems.org'
 
-  s.add_runtime_dependency('browser_sniffer', '~> 1.2.2')
+  s.add_runtime_dependency('browser_sniffer', '~> 1.4.0')
   s.add_runtime_dependency('omniauth-rails_csrf_protection')
   s.add_runtime_dependency('rails', '> 5.2.1', '< 6.2')
   s.add_runtime_dependency('shopify_api', '~> 9.4')

data/translation.yml

@@ -1,5 +1,5 @@
 source_language: en
-target_languages: [cs, da, de, es, fi, fr, hi, it, ja, ko, ms, nb, nl, pl, pt-BR, pt-PT, sv, th, tr, vi, zh-CN, zh-TW]
+target_languages: [cs, da, de, es, fi, fr, it, ja, ko, nb, nl, pl, pt-BR, pt-PT, sv, th, tr, vi, zh-CN, zh-TW]
 components:
   - name: 'merchant'
     paths:

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: shopify_app
 version: !ruby/object:Gem::Version
-  version: 18.0.2
+  version: 18.0.3
 platform: ruby
 authors:
 - Shopify
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-06-15 00:00:00.000000000 Z
+date: 2022-01-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: browser_sniffer
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.2.2
+        version: 1.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.2.2
+        version: 1.4.0
 - !ruby/object:Gem::Dependency
   name: omniauth-rails_csrf_protection
   requirement: !ruby/object:Gem::Requirement
@@ -321,11 +321,9 @@ files:
 - config/locales/es.yml
 - config/locales/fi.yml
 - config/locales/fr.yml
-- config/locales/hi.yml
 - config/locales/it.yml
 - config/locales/ja.yml
 - config/locales/ko.yml
-- config/locales/ms.yml
 - config/locales/nb.yml
 - config/locales/nl.yml
 - config/locales/pl.yml
@@ -461,7 +459,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.17
+rubygems_version: 3.2.20
 signing_key: 
 specification_version: 4
 summary: This gem is used to get quickly started with the Shopify API

data/config/locales/hi.yml

@@ -1,23 +0,0 @@
----
-hi:
-  logged_out: सफलतापूर्वक लॉग आउट कर दिया
-  could_not_log_in: Shopify स्टोर में लॉग इन नहीं किया जा सका
-  invalid_shop_url: अमान्य शॉप डोमेन
-  enable_cookies_heading: "%{app} के कुकीज़ सक्षम करें"
-  enable_cookies_body: आपको %{app} का उपयोग Shopify में करने के लिए इस ब्राउज़र में
-    कुकीज़ मैन्युअल रूप से सक्षम करने चाहिए.
-  enable_cookies_footer: कुकीज़ अस्थायी रूप से आपकी वरीयताएं और व्यक्तिगत जानकारी स्टोर
-    कर ऐप को आपको प्रमाणित करने देते हैं. इनकी समय-सीमा 30 दिनों बाद समाप्त हो जाती
-    है.
-  enable_cookies_action: कुकीज़ को सक्षम करें
-  top_level_interaction_heading: आपके ब्राउज़र को %{app} प्रमाणित करने की आवश्यकता
-    है
-  top_level_interaction_body: आपके ब्राउज़र को %{app} जैसे ऐप की ज़रूरत होती है, जो
-    Shopify द्वारा आपके लिए उसे खोलने से पहले कुकीज़ पर पहुंचने करने की अनुमति मांगे.
-  top_level_interaction_action: जारी रखें
-  request_storage_access_heading: "%{app} को कुकीज़ पर पहुंच करने की आवश्यकता है"
-  request_storage_access_body: यह आपकी व्यक्तिगत जानकारी अस्थायी रूप से स्टोर कर ऐप
-    को आपको प्रमाणित करने देता है. जारी रखें पर क्लिक करें और कुकीज़ को ऐप उपयोग करने
-    की अनुमति दें.
-  request_storage_access_footer: कुकीज़ की समय-सीमा 30 दिनों बाद समाप्त हो जाती है.
-  request_storage_access_action: जारी रखें

data/config/locales/ms.yml

@@ -1,22 +0,0 @@
----
-ms:
-  logged_out: Berjaya log keluar
-  could_not_log_in: Tidak dapat log masuk ke kedai Shopify
-  invalid_shop_url: Domain kedai tidak sah
-  enable_cookies_heading: Dayakan kuki dari %{app}
-  enable_cookies_body: Anda mesti mengaktifkan kuki secara manual dalam pelayar ini
-    untuk %{app} digunakan dalam Shopify.
-  enable_cookies_footer: Kuki membenarkan aplikasi mengesahkan anda dengan menyimpan
-    keutamaan dan maklumat peribadi anda buat sementara waktu. Ia tamat tempoh selepas
-    30 hari.
-  enable_cookies_action: Dayakan kuki
-  top_level_interaction_heading: Pelayar anda perlu mengesahkan %{app}
-  top_level_interaction_body: Pelayar anda memerlukan aplikasi seperti %{app} untuk
-    meminta anda akses kepada kuki sebelum Shopify boleh membukanya untuk anda.
-  top_level_interaction_action: Teruskan
-  request_storage_access_heading: "%{app} memerlukan akses kepada kuki"
-  request_storage_access_body: Ini membolehkan aplikasi mengesahkan anda dengan menyimpan
-    maklumat peribadi anda buat sementara waktu. Klik teruskan dan benarkan kuki untuk
-    menggunakan aplikasi.
-  request_storage_access_footer: Kuki akan tamat tempoh selepas 30 hari.
-  request_storage_access_action: Teruskan