shopify_app 19.0.1 → 19.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -0
- data/Gemfile.lock +4 -4
- data/app/controllers/shopify_app/callback_controller.rb +25 -0
- data/docs/Upgrading.md +1 -1
- data/lib/shopify_app/controller_concerns/login_protection.rb +6 -0
- data/lib/shopify_app/session/session_repository.rb +1 -1
- data/lib/shopify_app/session/user_session_storage_with_scopes.rb +1 -1
- data/lib/shopify_app/version.rb +1 -1
- data/yarn.lock +3 -3
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d047c2c86697b849fa77f14bf2d264f752d25e8756254f2bd87f1f788b1a71e4
|
|
4
|
+
data.tar.gz: c8f75825dbfefb68fb068d21b794fe6b1f7a07fe43c6a875810fe9f9207ca970
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ccca162565545b8edf66dd3dc336df29b75f54020ade68f20f691aaf6c583d473a5c0b2af83cfd45f3ddfcdeee06c923ba82b023792f0865dc99ea721930130a
|
|
7
|
+
data.tar.gz: e7ba37bf6451e51bf9a4d848b0466808c2c89caca5581f9685fa1e14c6b0c06b8c9cfa0f4fd4631b10d7d13efd056592a73eb02e822b69679f7b752fad404ec9
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,12 @@
|
|
|
1
|
+
Unreleased
|
|
2
|
+
----------
|
|
3
|
+
|
|
4
|
+
19.0.2 (April 27, 2022)
|
|
5
|
+
----------
|
|
6
|
+
|
|
7
|
+
* Fix regression in apps using online tokens. [#1413](https://github.com/Shopify/shopify_app/pull/1413)
|
|
8
|
+
* Bump [Shopify API](https://github.com/Shopify/shopify_api) to version 10.0.3. It includes [these fixes](https://github.com/Shopify/shopify_api/blob/main/CHANGELOG.md#version-1003).
|
|
9
|
+
|
|
1
10
|
19.0.1 (April 11, 2022)
|
|
2
11
|
----------
|
|
3
12
|
* Bump Shopify API (https://github.com/Shopify/shopify_api) to version 10.0.2. This update includes patch fixes since the initial v10 release.
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
shopify_app (19.0.
|
|
4
|
+
shopify_app (19.0.2)
|
|
5
5
|
activeresource
|
|
6
6
|
browser_sniffer (~> 1.4.0)
|
|
7
7
|
jwt (>= 2.2.3)
|
|
@@ -121,7 +121,7 @@ GEM
|
|
|
121
121
|
mocha (1.13.0)
|
|
122
122
|
multi_xml (0.6.0)
|
|
123
123
|
nio4r (2.5.8)
|
|
124
|
-
nokogiri (1.13.
|
|
124
|
+
nokogiri (1.13.4)
|
|
125
125
|
mini_portile2 (~> 2.8.0)
|
|
126
126
|
racc (~> 1.4)
|
|
127
127
|
oj (3.13.11)
|
|
@@ -194,7 +194,7 @@ GEM
|
|
|
194
194
|
rubocop (~> 1.24)
|
|
195
195
|
ruby-progressbar (1.11.0)
|
|
196
196
|
securerandom (0.2.0)
|
|
197
|
-
shopify_api (10.0.
|
|
197
|
+
shopify_api (10.0.3)
|
|
198
198
|
concurrent-ruby
|
|
199
199
|
hash_diff
|
|
200
200
|
httparty
|
|
@@ -204,7 +204,7 @@ GEM
|
|
|
204
204
|
securerandom
|
|
205
205
|
sorbet-runtime
|
|
206
206
|
zeitwerk (~> 2.5)
|
|
207
|
-
sorbet-runtime (0.5.
|
|
207
|
+
sorbet-runtime (0.5.9944)
|
|
208
208
|
sprockets (4.0.3)
|
|
209
209
|
concurrent-ruby (~> 1.0)
|
|
210
210
|
rack (> 1, < 3)
|
|
@@ -27,6 +27,12 @@ module ShopifyApp
|
|
|
27
27
|
value: auth_result[:cookie].value,
|
|
28
28
|
}
|
|
29
29
|
|
|
30
|
+
session[:shopify_user_id] = auth_result[:session].associated_user.id if auth_result[:session].online?
|
|
31
|
+
|
|
32
|
+
if start_user_token_flow?(auth_result[:session])
|
|
33
|
+
return respond_with_user_token_flow
|
|
34
|
+
end
|
|
35
|
+
|
|
30
36
|
perform_post_authenticate_jobs(auth_result[:session])
|
|
31
37
|
|
|
32
38
|
respond_successfully
|
|
@@ -43,6 +49,25 @@ module ShopifyApp
|
|
|
43
49
|
redirect_to(login_url_with_optional_shop)
|
|
44
50
|
end
|
|
45
51
|
|
|
52
|
+
def respond_with_user_token_flow
|
|
53
|
+
redirect_to(login_url_with_optional_shop)
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def start_user_token_flow?(shopify_session)
|
|
57
|
+
return false unless ShopifyApp::SessionRepository.user_storage.present?
|
|
58
|
+
return false if shopify_session.online?
|
|
59
|
+
update_user_access_scopes?
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
def update_user_access_scopes?
|
|
63
|
+
return true if session[:shopify_user_id].nil?
|
|
64
|
+
user_access_scopes_strategy.update_access_scopes?(shopify_user_id: session[:shopify_user_id])
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def user_access_scopes_strategy
|
|
68
|
+
ShopifyApp.configuration.user_access_scopes_strategy
|
|
69
|
+
end
|
|
70
|
+
|
|
46
71
|
def perform_post_authenticate_jobs(session)
|
|
47
72
|
install_webhooks(session)
|
|
48
73
|
install_scripttags(session)
|
data/docs/Upgrading.md
CHANGED
|
@@ -31,7 +31,7 @@ gem.
|
|
|
31
31
|
`config/initializers/shopify_app.rb` as the decision logic for which authentication method to use is now handled
|
|
32
32
|
internally by the `shopify_api` gem, using the `ShopifyAPI::Context.embedded_app` setting.
|
|
33
33
|
* `v19.0.0` updates the `shopify_api` dependency to `10.0.0`. This version of `shopify_api` has breaking changes. See
|
|
34
|
-
the documentation for addressing these breaking changes on GitHub [here](https://github.com/Shopify/shopify_api
|
|
34
|
+
the documentation for addressing these breaking changes on GitHub [here](https://github.com/Shopify/shopify_api#breaking-change-notice-for-version-1000).
|
|
35
35
|
|
|
36
36
|
### Specific cases
|
|
37
37
|
|
|
@@ -232,7 +232,13 @@ module ShopifyApp
|
|
|
232
232
|
current_shopify_session && params[:shop].is_a?(String) && current_shopify_session.shop != params[:shop]
|
|
233
233
|
end
|
|
234
234
|
|
|
235
|
+
def shop_session
|
|
236
|
+
ShopifyApp::SessionRepository.retrieve_shop_session_by_shopify_domain(sanitize_shop_param(params))
|
|
237
|
+
end
|
|
238
|
+
|
|
235
239
|
def user_session_expected?
|
|
240
|
+
return false if shop_session.nil?
|
|
241
|
+
return false if ShopifyApp.configuration.shop_access_scopes_strategy.update_access_scopes?(shop_session.shop)
|
|
236
242
|
!ShopifyApp.configuration.user_session_repository.blank? && ShopifyApp::SessionRepository.user_storage.present?
|
|
237
243
|
end
|
|
238
244
|
end
|
|
@@ -46,7 +46,7 @@ module ShopifyApp
|
|
|
46
46
|
# ShopifyAPI::Auth::SessionStorage override
|
|
47
47
|
def store_session(session)
|
|
48
48
|
if session.online?
|
|
49
|
-
user_storage.store(session, session.associated_user
|
|
49
|
+
user_storage.store(session, session.associated_user)
|
|
50
50
|
else
|
|
51
51
|
shop_storage.store(session)
|
|
52
52
|
end
|
|
@@ -11,7 +11,7 @@ module ShopifyApp
|
|
|
11
11
|
|
|
12
12
|
class_methods do
|
|
13
13
|
def store(auth_session, user)
|
|
14
|
-
user = find_or_initialize_by(shopify_user_id: user
|
|
14
|
+
user = find_or_initialize_by(shopify_user_id: user.id)
|
|
15
15
|
user.shopify_token = auth_session.access_token
|
|
16
16
|
user.shopify_domain = auth_session.shop
|
|
17
17
|
user.access_scopes = auth_session.scope.to_s
|
data/lib/shopify_app/version.rb
CHANGED
data/yarn.lock
CHANGED
|
@@ -3515,9 +3515,9 @@ minimatch@3.0.4, minimatch@^3.0.4:
|
|
|
3515
3515
|
brace-expansion "^1.1.7"
|
|
3516
3516
|
|
|
3517
3517
|
minimist@^1.2.0, minimist@^1.2.3, minimist@^1.2.5:
|
|
3518
|
-
version "1.2.
|
|
3519
|
-
resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.
|
|
3520
|
-
integrity sha512-
|
|
3518
|
+
version "1.2.6"
|
|
3519
|
+
resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.6.tgz#8637a5b759ea0d6e98702cfb3a9283323c93af44"
|
|
3520
|
+
integrity sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==
|
|
3521
3521
|
|
|
3522
3522
|
mississippi@^3.0.0:
|
|
3523
3523
|
version "3.0.0"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: shopify_app
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 19.0.
|
|
4
|
+
version: 19.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Shopify
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-04-
|
|
11
|
+
date: 2022-04-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activeresource
|