shopify_app 20.1.0 → 20.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/stale.yml +25 -0
- data/CHANGELOG.md +7 -0
- data/Gemfile.lock +4 -4
- data/docs/shopify_app/webhooks.md +4 -4
- data/lib/generators/shopify_app/add_webhook/add_webhook_generator.rb +5 -5
- data/lib/shopify_app/controller_concerns/login_protection.rb +2 -1
- data/lib/shopify_app/controller_concerns/redirect_for_embedded.rb +3 -2
- data/lib/shopify_app/controller_concerns/sanitized_params.rb +3 -2
- data/lib/shopify_app/managers/webhooks_manager.rb +27 -6
- data/lib/shopify_app/version.rb +1 -1
- data/package.json +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 87362d48113e64119d57d3f458fc3334f8097a7a234b9a77e806b327baa55196
|
|
4
|
+
data.tar.gz: 07bd6f5051b5e77a6c360699fb6fa090e55e8d7674ba9814eadcf025a8566523
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 750c1ffd57c2922165af74710a27e243b4a32fb016b393e22c8f861428700c754ebacc98e9c6604c0937df0a2197ed164444b1fe0bc9bab28c84b4d2be5ff2d0
|
|
7
|
+
data.tar.gz: fc987464248ff4c0e88a91c9b5e8150659ef93f683a9912a3b1088e80fe50057bf6a821eb169a18d4e82e5a190d42abb82c10bcf6159a744831bdc07a7583a51
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
name: Close inactive issues
|
|
2
|
+
on:
|
|
3
|
+
schedule:
|
|
4
|
+
- cron: "30 1 * * *"
|
|
5
|
+
|
|
6
|
+
jobs:
|
|
7
|
+
close-issues:
|
|
8
|
+
runs-on: ubuntu-latest
|
|
9
|
+
permissions:
|
|
10
|
+
issues: write
|
|
11
|
+
pull-requests: write
|
|
12
|
+
steps:
|
|
13
|
+
- uses: actions/stale@v5
|
|
14
|
+
with:
|
|
15
|
+
days-before-issue-stale: 730
|
|
16
|
+
days-before-issue-close: 14
|
|
17
|
+
stale-issue-label: "stale"
|
|
18
|
+
stale-issue-message: >
|
|
19
|
+
This issue is stale because it has been open for 2 years. It will be closed if no further action occurs in 14 days.
|
|
20
|
+
close-issue-message: >
|
|
21
|
+
This issue was closed because it has been inactive for 14 days since being marked as stale.
|
|
22
|
+
days-before-pr-stale: -1
|
|
23
|
+
days-before-pr-close: -1
|
|
24
|
+
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
|
25
|
+
operations_per_run: 100
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,13 @@
|
|
|
1
1
|
Unreleased
|
|
2
2
|
----------
|
|
3
3
|
|
|
4
|
+
20.1.1 (September 2, 2022)
|
|
5
|
+
----------
|
|
6
|
+
|
|
7
|
+
* Fixed an issue where the `embedded_redirect_url` could lead to a redirect loop in server-side rendered (or production) apps. [#1497](https://github.com/Shopify/shopify_app/pull/1497)
|
|
8
|
+
* Fixes bug where webhooks were generated with addresses instead of the [path the Ruby API](https://github.com/Shopify/shopify-api-ruby/blob/7a08ae9d96a7a85abd0113dae4eb76398cba8c64/lib/shopify_api/webhooks/registrations/http.rb#L12) is expecting [#1474](https://github.com/Shopify/shopify_app/pull/1474). The breaking change that was accidentially already shipped was that `address` attribute for webhooks should be paths not addresses with `https://` and the host name. While the `address` attribute name will still work assuming the value is a path, this name is deprecated. Please configure webhooks with the `path` attribute name instead.
|
|
9
|
+
* Deduce webhook path from deprecated webhook address if initializer uses address attribute. This makes this attribute change a non-breaking change for those upgrading.
|
|
10
|
+
|
|
4
11
|
20.1.0 (August 22, 2022)
|
|
5
12
|
----------
|
|
6
13
|
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
shopify_app (20.1.
|
|
4
|
+
shopify_app (20.1.1)
|
|
5
5
|
activeresource
|
|
6
6
|
browser_sniffer (~> 2.0)
|
|
7
7
|
jwt (>= 2.2.3)
|
|
@@ -97,14 +97,14 @@ GEM
|
|
|
97
97
|
erubi (1.10.0)
|
|
98
98
|
globalid (1.0.0)
|
|
99
99
|
activesupport (>= 5.0)
|
|
100
|
-
hash_diff (1.
|
|
100
|
+
hash_diff (1.1.1)
|
|
101
101
|
hashdiff (1.0.1)
|
|
102
102
|
httparty (0.20.0)
|
|
103
103
|
mime-types (~> 3.0)
|
|
104
104
|
multi_xml (>= 0.5.2)
|
|
105
105
|
i18n (1.10.0)
|
|
106
106
|
concurrent-ruby (~> 1.0)
|
|
107
|
-
jwt (2.
|
|
107
|
+
jwt (2.5.0)
|
|
108
108
|
loofah (2.15.0)
|
|
109
109
|
crass (~> 1.0.2)
|
|
110
110
|
nokogiri (>= 1.5.9)
|
|
@@ -204,7 +204,7 @@ GEM
|
|
|
204
204
|
securerandom
|
|
205
205
|
sorbet-runtime
|
|
206
206
|
zeitwerk (~> 2.5)
|
|
207
|
-
sorbet-runtime (0.5.
|
|
207
|
+
sorbet-runtime (0.5.10398)
|
|
208
208
|
sprockets (4.1.1)
|
|
209
209
|
concurrent-ruby (~> 1.0)
|
|
210
210
|
rack (> 1, < 3)
|
|
@@ -12,7 +12,7 @@ ShopifyApp can manage your app's webhooks for you if you set which webhooks you
|
|
|
12
12
|
```ruby
|
|
13
13
|
ShopifyApp.configure do |config|
|
|
14
14
|
config.webhooks = [
|
|
15
|
-
{topic: 'carts/update',
|
|
15
|
+
{topic: 'carts/update', path: 'webhooks/carts_update'}
|
|
16
16
|
]
|
|
17
17
|
end
|
|
18
18
|
```
|
|
@@ -34,7 +34,7 @@ If you are only interested in particular fields, you can optionally filter the d
|
|
|
34
34
|
```ruby
|
|
35
35
|
ShopifyApp.configure do |config|
|
|
36
36
|
config.webhooks = [
|
|
37
|
-
{topic: 'products/update',
|
|
37
|
+
{topic: 'products/update', path: 'webhooks/products_update', fields: ['title', 'vendor']}
|
|
38
38
|
]
|
|
39
39
|
end
|
|
40
40
|
```
|
|
@@ -66,7 +66,7 @@ The WebhooksManager uses ActiveJob. If ActiveJob is not configured then by defau
|
|
|
66
66
|
ShopifyApp can create webhooks for you using the `add_webhook` generator. This will add the new webhook to your config and create the required job class for you.
|
|
67
67
|
|
|
68
68
|
```
|
|
69
|
-
rails g shopify_app:add_webhook
|
|
69
|
+
rails g shopify_app:add_webhook --topic carts/update --path webhooks/carts_update
|
|
70
70
|
```
|
|
71
71
|
|
|
72
|
-
Where
|
|
72
|
+
Where `--topic` is the topic and `--path` is the path the webhook should be sent to.
|
|
@@ -7,7 +7,7 @@ module ShopifyApp
|
|
|
7
7
|
class AddWebhookGenerator < Rails::Generators::Base
|
|
8
8
|
source_root File.expand_path("../templates", __FILE__)
|
|
9
9
|
class_option :topic, type: :string, aliases: "-t", required: true
|
|
10
|
-
class_option :
|
|
10
|
+
class_option :path, type: :string, aliases: "-p", required: true
|
|
11
11
|
|
|
12
12
|
hook_for :test_framework, as: :job, in: :rails do |instance, generator|
|
|
13
13
|
instance.invoke(generator, [instance.send(:job_file_name)])
|
|
@@ -47,7 +47,7 @@ module ShopifyApp
|
|
|
47
47
|
private
|
|
48
48
|
|
|
49
49
|
def job_file_name
|
|
50
|
-
|
|
50
|
+
path.split("/").last
|
|
51
51
|
end
|
|
52
52
|
|
|
53
53
|
def load_initializer
|
|
@@ -55,15 +55,15 @@ module ShopifyApp
|
|
|
55
55
|
end
|
|
56
56
|
|
|
57
57
|
def webhook_config
|
|
58
|
-
"\n { topic: \"#{topic}\",
|
|
58
|
+
"\n { topic: \"#{topic}\", path: \"#{path}\" },"
|
|
59
59
|
end
|
|
60
60
|
|
|
61
61
|
def topic
|
|
62
62
|
options["topic"]
|
|
63
63
|
end
|
|
64
64
|
|
|
65
|
-
def
|
|
66
|
-
options["
|
|
65
|
+
def path
|
|
66
|
+
options["path"]
|
|
67
67
|
end
|
|
68
68
|
end
|
|
69
69
|
end
|
|
@@ -117,7 +117,8 @@ module ShopifyApp
|
|
|
117
117
|
else
|
|
118
118
|
referer = URI(request.referer || "/")
|
|
119
119
|
path = referer.path
|
|
120
|
-
query =
|
|
120
|
+
query = Rack::Utils.parse_nested_query(referer.query)
|
|
121
|
+
query = query.merge(sanitized_params).to_query
|
|
121
122
|
end
|
|
122
123
|
session[:return_to] = query.blank? ? path.to_s : "#{path}?#{query}"
|
|
123
124
|
redirect_to(login_url_with_optional_shop)
|
|
@@ -15,7 +15,8 @@ module ShopifyApp
|
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
def redirect_for_embedded
|
|
18
|
-
|
|
18
|
+
# Don't actually redirect if we're already in the redirect route - we want the request to reach the FE
|
|
19
|
+
redirect_to(redirect_uri_for_embedded) unless request.path == ShopifyApp.configuration.embedded_redirect_url
|
|
19
20
|
end
|
|
20
21
|
|
|
21
22
|
def redirect_uri_for_embedded
|
|
@@ -26,7 +27,7 @@ module ShopifyApp
|
|
|
26
27
|
redirect_query_params[:host] ||= params[:host] if params[:host].present?
|
|
27
28
|
redirect_uri = "#{redirect_uri}?#{redirect_query_params.to_query}" if redirect_query_params.present?
|
|
28
29
|
|
|
29
|
-
query_params = sanitized_params.except(:redirect_uri
|
|
30
|
+
query_params = sanitized_params.except(:redirect_uri)
|
|
30
31
|
query_params[:redirectUri] = redirect_uri
|
|
31
32
|
|
|
32
33
|
"#{ShopifyApp.configuration.embedded_redirect_url}?#{query_params.to_query}"
|
|
@@ -25,9 +25,10 @@ module ShopifyApp
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def sanitized_params
|
|
28
|
-
request.
|
|
28
|
+
parameters = request.post? ? request.request_parameters : request.query_parameters
|
|
29
|
+
parameters.clone.tap do |params_copy|
|
|
29
30
|
if params[:shop].is_a?(String)
|
|
30
|
-
|
|
31
|
+
params_copy[:shop] = sanitize_shop_param(params)
|
|
31
32
|
end
|
|
32
33
|
end
|
|
33
34
|
end
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require "uri"
|
|
4
|
+
|
|
3
5
|
module ShopifyApp
|
|
4
6
|
class WebhooksManager
|
|
5
7
|
class CreationFailed < StandardError; end
|
|
@@ -38,11 +40,13 @@ module ShopifyApp
|
|
|
38
40
|
return unless ShopifyApp.configuration.has_webhooks?
|
|
39
41
|
|
|
40
42
|
ShopifyApp.configuration.webhooks.each do |attributes|
|
|
43
|
+
webhook_path = path(attributes)
|
|
44
|
+
|
|
41
45
|
ShopifyAPI::Webhooks::Registry.add_registration(
|
|
42
46
|
topic: attributes[:topic],
|
|
43
47
|
delivery_method: attributes[:delivery_method] || :http,
|
|
44
|
-
path:
|
|
45
|
-
handler: webhook_job_klass(
|
|
48
|
+
path: webhook_path,
|
|
49
|
+
handler: webhook_job_klass(webhook_path),
|
|
46
50
|
fields: attributes[:fields]
|
|
47
51
|
)
|
|
48
52
|
end
|
|
@@ -50,12 +54,29 @@ module ShopifyApp
|
|
|
50
54
|
|
|
51
55
|
private
|
|
52
56
|
|
|
53
|
-
def
|
|
54
|
-
|
|
57
|
+
def path(webhook_attributes)
|
|
58
|
+
path = webhook_attributes[:path]
|
|
59
|
+
address = webhook_attributes[:address]
|
|
60
|
+
uri = URI(address) if address
|
|
61
|
+
|
|
62
|
+
if path.present?
|
|
63
|
+
path
|
|
64
|
+
elsif uri&.path&.present?
|
|
65
|
+
uri.path
|
|
66
|
+
else
|
|
67
|
+
raise ShopifyApp::MissingWebhookJobError, "The :path attribute is required for webhook registration."
|
|
68
|
+
end
|
|
55
69
|
end
|
|
56
70
|
|
|
57
|
-
def
|
|
58
|
-
|
|
71
|
+
def webhook_job_klass(path)
|
|
72
|
+
webhook_job_klass_name(path).safe_constantize || raise(ShopifyApp::MissingWebhookJobError)
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def webhook_job_klass_name(path)
|
|
76
|
+
job_file_name = Pathname(path.to_s).basename
|
|
77
|
+
|
|
78
|
+
[ShopifyApp.configuration.webhook_jobs_namespace,
|
|
79
|
+
"#{job_file_name}_job",].compact.join("/").classify
|
|
59
80
|
end
|
|
60
81
|
end
|
|
61
82
|
end
|
data/lib/shopify_app/version.rb
CHANGED
data/package.json
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: shopify_app
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 20.1.
|
|
4
|
+
version: 20.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Shopify
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-09-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activeresource
|
|
@@ -264,6 +264,7 @@ files:
|
|
|
264
264
|
- ".github/workflows/cla.yml"
|
|
265
265
|
- ".github/workflows/release.yml"
|
|
266
266
|
- ".github/workflows/rubocop.yml"
|
|
267
|
+
- ".github/workflows/stale.yml"
|
|
267
268
|
- ".gitignore"
|
|
268
269
|
- ".nvmrc"
|
|
269
270
|
- ".rubocop.yml"
|