shopify_app 21.0.0 → 21.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 818a15b2d9822d6cf785722387873d805ca1709f9c4bec394e4481a0a7e8f70e
-  data.tar.gz: 0701e46e9492f2d387abbc1d2b2ef3c33a20b6196df340c353c6e6ddadc48cbe
+  metadata.gz: 56a2bcb7ba62da6e7f8c1357a18cb21ecaaa8010a930b537a1a2da76b76e5daa
+  data.tar.gz: a79ae7871ca2fef1cdafb859cc7e6916c07e6e1411d368bcdac2397d349f38c6
 SHA512:
-  metadata.gz: 60f33ceb026c9684efbfe16d638f822a7ea82f9c4a24346a4ca3ddd6c525bfd6819913ea8fd3ac2c5aa7979d053dddf45fa5496c028d26f7a30e4dd2dd8d1b1c
-  data.tar.gz: b2c1fba3d38554e357d77e6c75348af9ade64e70e8aacb9bc9910a6e07c4eb8d69fa29e694abda00a25e7e836445a3f31eba2f8e88299f4d0a689ea70a99b7f7
+  metadata.gz: c5441d540170afa6a532fb88a2b19350a9ccf394d13487c5fc71c1cdeb4cd885fe6b3895adf0202f6f4be9c7a73e08acd407c5b5213ebd9d0694617c1fc582fe
+  data.tar.gz: b4bf6920d7ada93c7fe4b238088910d9c150b81219281c78c24efd45efe4b7829e738d93752bf0c6f95e0f5f660955d363e71063bc5cc62ee2e4e571cd38afde

data/.rubocop.yml

@@ -16,3 +16,5 @@ Style/ClassAndModuleChildren:
   Exclude:
     - 'test/**/*'
 
+Style/ClassMethodsDefinitions:
+  Enabled: false

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased
 ----------
 
+21.1.0 (Oct 17, 2022)
+----------
+
+* Removes assumed `https` required to run locally. Support both `http` and `https` in backward compatible way. [#1518](https://github.com/Shopify/shopify_app/pull/1518)
+
 21.0.0 (Oct 3, 2022)
 ----------
 * Updating shopify_api gem to 12.0.0

data/Gemfile.lock

@@ -1,87 +1,93 @@
 PATH
   remote: .
   specs:
-    shopify_app (21.0.0)
+    shopify_app (21.1.0)
       activeresource
       browser_sniffer (~> 2.0)
       jwt (>= 2.2.3)
       rails (> 5.2.1)
       redirect_safely (~> 1.0)
-      shopify_api (~> 12.0.0)
+      shopify_api (~> 12.1)
       sprockets-rails (>= 2.0.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (6.1.5)
-      actionpack (= 6.1.5)
-      activesupport (= 6.1.5)
+    actioncable (7.0.4)
+      actionpack (= 7.0.4)
+      activesupport (= 7.0.4)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (6.1.5)
-      actionpack (= 6.1.5)
-      activejob (= 6.1.5)
-      activerecord (= 6.1.5)
-      activestorage (= 6.1.5)
-      activesupport (= 6.1.5)
+    actionmailbox (7.0.4)
+      actionpack (= 7.0.4)
+      activejob (= 7.0.4)
+      activerecord (= 7.0.4)
+      activestorage (= 7.0.4)
+      activesupport (= 7.0.4)
       mail (>= 2.7.1)
-    actionmailer (6.1.5)
-      actionpack (= 6.1.5)
-      actionview (= 6.1.5)
-      activejob (= 6.1.5)
-      activesupport (= 6.1.5)
+      net-imap
+      net-pop
+      net-smtp
+    actionmailer (7.0.4)
+      actionpack (= 7.0.4)
+      actionview (= 7.0.4)
+      activejob (= 7.0.4)
+      activesupport (= 7.0.4)
       mail (~> 2.5, >= 2.5.4)
+      net-imap
+      net-pop
+      net-smtp
       rails-dom-testing (~> 2.0)
-    actionpack (6.1.5)
-      actionview (= 6.1.5)
-      activesupport (= 6.1.5)
-      rack (~> 2.0, >= 2.0.9)
+    actionpack (7.0.4)
+      actionview (= 7.0.4)
+      activesupport (= 7.0.4)
+      rack (~> 2.0, >= 2.2.0)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.1.5)
-      actionpack (= 6.1.5)
-      activerecord (= 6.1.5)
-      activestorage (= 6.1.5)
-      activesupport (= 6.1.5)
+    actiontext (7.0.4)
+      actionpack (= 7.0.4)
+      activerecord (= 7.0.4)
+      activestorage (= 7.0.4)
+      activesupport (= 7.0.4)
+      globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (6.1.5)
-      activesupport (= 6.1.5)
+    actionview (7.0.4)
+      activesupport (= 7.0.4)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (6.1.5)
-      activesupport (= 6.1.5)
+    activejob (7.0.4)
+      activesupport (= 7.0.4)
       globalid (>= 0.3.6)
-    activemodel (6.1.5)
-      activesupport (= 6.1.5)
+    activemodel (7.0.4)
+      activesupport (= 7.0.4)
     activemodel-serializers-xml (1.0.2)
       activemodel (> 5.x)
       activesupport (> 5.x)
       builder (~> 3.1)
-    activerecord (6.1.5)
-      activemodel (= 6.1.5)
-      activesupport (= 6.1.5)
+    activerecord (7.0.4)
+      activemodel (= 7.0.4)
+      activesupport (= 7.0.4)
     activeresource (6.0.0)
       activemodel (>= 6.0)
       activemodel-serializers-xml (~> 1.0)
       activesupport (>= 6.0)
-    activestorage (6.1.5)
-      actionpack (= 6.1.5)
-      activejob (= 6.1.5)
-      activerecord (= 6.1.5)
-      activesupport (= 6.1.5)
+    activestorage (7.0.4)
+      actionpack (= 7.0.4)
+      activejob (= 7.0.4)
+      activerecord (= 7.0.4)
+      activesupport (= 7.0.4)
       marcel (~> 1.0)
       mini_mime (>= 1.1.0)
-    activesupport (6.1.5)
+    activesupport (7.0.4)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
       tzinfo (~> 2.0)
-      zeitwerk (~> 2.3)
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
+    addressable (2.8.1)
+      public_suffix (>= 2.0.2, < 6.0)
     ast (2.4.2)
     binding_of_caller (1.0.0)
       debug_inspector (>= 0.0.1)
@@ -94,7 +100,7 @@ GEM
       rexml
     crass (1.0.6)
     debug_inspector (1.1.0)
-    erubi (1.10.0)
+    erubi (1.11.0)
     globalid (1.0.0)
       activesupport (>= 5.0)
     hash_diff (1.1.1)
@@ -102,10 +108,11 @@ GEM
     httparty (0.20.0)
       mime-types (~> 3.0)
       multi_xml (>= 0.5.2)
-    i18n (1.10.0)
+    i18n (1.12.0)
       concurrent-ruby (~> 1.0)
+    json (2.6.2)
     jwt (2.5.0)
-    loofah (2.15.0)
+    loofah (2.19.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
@@ -117,17 +124,25 @@ GEM
     mime-types-data (3.2022.0105)
     mini_mime (1.1.2)
     mini_portile2 (2.8.0)
-    minitest (5.15.0)
-    mocha (1.13.0)
+    minitest (5.16.3)
+    mocha (1.15.0)
     multi_xml (0.6.0)
+    net-imap (0.3.1)
+      net-protocol
+    net-pop (0.1.2)
+      net-protocol
+    net-protocol (0.1.3)
+      timeout
+    net-smtp (0.3.2)
+      net-protocol
     nio4r (2.5.8)
-    nokogiri (1.13.4)
+    nokogiri (1.13.8)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
     oj (3.13.21)
     openssl (3.0.1)
-    parallel (1.21.0)
-    parser (3.1.0.0)
+    parallel (1.22.1)
+    parser (3.1.2.1)
       ast (~> 2.4.1)
     pry (0.14.1)
       coderay (~> 1.1)
@@ -137,26 +152,25 @@ GEM
     pry-stack_explorer (0.6.1)
       binding_of_caller (~> 1.0)
       pry (~> 0.13)
-    public_suffix (4.0.6)
+    public_suffix (5.0.0)
     racc (1.6.0)
-    rack (2.2.3)
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
-    rails (6.1.5)
-      actioncable (= 6.1.5)
-      actionmailbox (= 6.1.5)
-      actionmailer (= 6.1.5)
-      actionpack (= 6.1.5)
-      actiontext (= 6.1.5)
-      actionview (= 6.1.5)
-      activejob (= 6.1.5)
-      activemodel (= 6.1.5)
-      activerecord (= 6.1.5)
-      activestorage (= 6.1.5)
-      activesupport (= 6.1.5)
+    rack (2.2.4)
+    rack-test (2.0.2)
+      rack (>= 1.3)
+    rails (7.0.4)
+      actioncable (= 7.0.4)
+      actionmailbox (= 7.0.4)
+      actionmailer (= 7.0.4)
+      actionpack (= 7.0.4)
+      actiontext (= 7.0.4)
+      actionview (= 7.0.4)
+      activejob (= 7.0.4)
+      activemodel (= 7.0.4)
+      activerecord (= 7.0.4)
+      activestorage (= 7.0.4)
+      activesupport (= 7.0.4)
       bundler (>= 1.15.0)
-      railties (= 6.1.5)
-      sprockets-rails (>= 2.0.0)
+      railties (= 7.0.4)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
       actionview (>= 5.0.1.rc1)
@@ -164,37 +178,39 @@ GEM
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.4.2)
+    rails-html-sanitizer (1.4.3)
       loofah (~> 2.3)
-    railties (6.1.5)
-      actionpack (= 6.1.5)
-      activesupport (= 6.1.5)
+    railties (7.0.4)
+      actionpack (= 7.0.4)
+      activesupport (= 7.0.4)
       method_source
       rake (>= 12.2)
       thor (~> 1.0)
+      zeitwerk (~> 2.5)
     rainbow (3.1.1)
     rake (13.0.6)
     rb-readline (0.5.5)
     redirect_safely (1.0.0)
       activemodel
-    regexp_parser (2.2.0)
+    regexp_parser (2.6.0)
     rexml (3.2.5)
-    rubocop (1.25.1)
+    rubocop (1.36.0)
+      json (~> 2.3)
       parallel (~> 1.10)
-      parser (>= 3.1.0.0)
+      parser (>= 3.1.2.1)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
-      rexml
-      rubocop-ast (>= 1.15.1, < 2.0)
+      rexml (>= 3.2.5, < 4.0)
+      rubocop-ast (>= 1.20.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.15.1)
-      parser (>= 3.0.1.1)
-    rubocop-shopify (2.4.0)
-      rubocop (~> 1.24)
+    rubocop-ast (1.21.0)
+      parser (>= 3.1.1.0)
+    rubocop-shopify (2.10.1)
+      rubocop (~> 1.35)
     ruby-progressbar (1.11.0)
     securerandom (0.2.0)
-    shopify_api (12.0.0)
+    shopify_api (12.1.0)
       concurrent-ruby
       hash_diff
       httparty
@@ -204,7 +220,7 @@ GEM
       securerandom
       sorbet-runtime
       zeitwerk (~> 2.5)
-    sorbet-runtime (0.5.10477)
+    sorbet-runtime (0.5.10488)
     sprockets (4.1.1)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
@@ -212,12 +228,14 @@ GEM
       actionpack (>= 5.2)
       activesupport (>= 5.2)
       sprockets (>= 3.0.0)
-    sqlite3 (1.4.2)
+    sqlite3 (1.5.3)
+      mini_portile2 (~> 2.8.0)
     thor (1.2.1)
-    tzinfo (2.0.4)
+    timeout (0.3.0)
+    tzinfo (2.0.5)
       concurrent-ruby (~> 1.0)
-    unicode-display_width (2.1.0)
-    webmock (3.14.0)
+    unicode-display_width (2.3.0)
+    webmock (3.18.1)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
@@ -245,4 +263,4 @@ DEPENDENCIES
   webmock
 
 BUNDLED WITH
-   2.3.5
+   2.3.7

data/README.md

@@ -46,9 +46,10 @@ rails new my_shopify_app
 bundle add shopify_app
 ```
 
-3. Create a `.env` file in the root of `my_shopify_app` to specify your Shopify API credentials:
+3. Create a `.env` file in the root of `my_shopify_app` to specify your full host and Shopify API credentials:
 
 ```sh
+HOST=http://localhost:3000
 SHOPIFY_API_KEY=<Your Shopify API key>
 SHOPIFY_API_SECRET=<Your Shopify API secret>
 ```
@@ -67,17 +68,15 @@ rails generate shopify_app
 rails db:migrate
 ```
 
-6. Setup a SSH tunnel to allow the OAuth redirect to work. See how in the [Setup SSH tunnel for development](/docs/Quickstart.md#setup-ssh-tunnel-for-development) section in [Quickstart](/docs/Quickstart.md)
-
-7. Run the app:
+6. Run the app:
 
 ```sh
 rails server
 ```
 
-8. Install the app by visiting the server's URL (e.g. http://127.0.0.1:3000) and specifying the subdomain of the shop where you want it to be installed to.
+7. Install the app by visiting the server's URL (e.g. http://127.0.0.1:3000) and specifying the subdomain of the shop where you want it to be installed to.
 
-9. After the app is installed, you're redirected to the embedded app.
+8. After the app is installed, you're redirected to the embedded app.
 
 This app implements [OAuth 2.0](https://shopify.dev/tutorials/authenticate-with-oauth) with Shopify to authenticate requests made to Shopify APIs. By default, this app is configured to use [session tokens](https://shopify.dev/concepts/apps/building-embedded-apps-using-session-tokens) to authenticate merchants when embedded in the Shopify Admin.
 

data/app/controllers/concerns/shopify_app/ensure_authenticated_links.rb

@@ -14,7 +14,7 @@ module ShopifyApp
       splash_page_with_params(
         return_to: request.fullpath,
         shop: current_shopify_domain,
-        host: params[:host]
+        host: params[:host],
       )
     end
 

data/app/controllers/shopify_app/callback_controller.rb

@@ -15,7 +15,7 @@ module ShopifyApp
             ShopifyAPI::Auth::Oauth::SessionCookie::SESSION_COOKIE_NAME =>
               cookies.encrypted[ShopifyAPI::Auth::Oauth::SessionCookie::SESSION_COOKIE_NAME],
           },
-          auth_query: ShopifyAPI::Auth::Oauth::AuthQuery.new(**filtered_params)
+          auth_query: ShopifyAPI::Auth::Oauth::AuthQuery.new(**filtered_params),
         )
       rescue
         return respond_with_error
@@ -95,7 +95,7 @@ module ShopifyApp
       ScripttagsManager.queue(
         session.shop,
         session.access_token,
-        ShopifyApp.configuration.scripttags
+        ShopifyApp.configuration.scripttags,
       )
     end
 

data/app/controllers/shopify_app/sessions_controller.rb

@@ -56,7 +56,7 @@ module ShopifyApp
       auth_attributes = ShopifyAPI::Auth::Oauth.begin_auth(
         shop: sanitized_shop_name,
         redirect_path: "/#{callback_url}",
-        is_online: user_session_expected?
+        is_online: user_session_expected?,
       )
       cookies.encrypted[auth_attributes[:cookie].name] = {
         expires: auth_attributes[:cookie].expires,

data/app/controllers/shopify_app/webhooks_controller.rb

@@ -8,7 +8,7 @@ module ShopifyApp
       params.permit!
 
       ShopifyAPI::Webhooks::Registry.process(
-        ShopifyAPI::Webhooks::Request.new(raw_body: request.raw_post, headers: request.headers.to_h)
+        ShopifyAPI::Webhooks::Request.new(raw_body: request.raw_post, headers: request.headers.to_h),
       )
       head(:ok)
     end

data/docs/Quickstart.md

@@ -4,13 +4,15 @@ This guide assumes you have completed the steps to create a new Rails app using
 
 #### Table of contents
 
-[Setup SSH tunnel for development](#setup-ssh-tunnel-for-development)
+[Optionally Setup SSH tunnel for development](#setup-ssh-tunnel-for-development)
 
 [Use Shopify App Bridge to embed your app in the Shopify Admin](#use-shopify-app-bridge-to-embed-your-app-in-the-shopify-admin)
 
-## Setup SSH tunnel for development
+## Optionally Setup SSH tunnel for development
 
-Your local app needs to be accessible from the public Internet in order to install it on a Shopify store, to use the [App Proxy Controller](/lib/generators/shopify_app/app_proxy_controller/templates/app_proxy_controller.rb) or receive [webhooks](/docs/shopify_app/webhooks.md).
+Local development supports both `http` and `https` schemes. By default `http` and localhost are used.
+
+To use `https`, your local app needs to be accessible from the public Internet in order to install it on a Shopify store to use the [App Proxy Controller](/lib/generators/shopify_app/app_proxy_controller/templates/app_proxy_controller.rb) or receive [webhooks](/docs/shopify_app/webhooks.md).
 
 In order to receive requests securely, you'll need to setup a tunnel from the internet to localhost. You can use [Cloudflare](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/run-tunnel/trycloudflare/) for this.
 

data/lib/generators/shopify_app/add_after_authenticate_job/add_after_authenticate_job_generator.rb

@@ -21,7 +21,7 @@ module ShopifyApp
         inject_into_file(
           "config/initializers/shopify_app.rb",
           after_authenticate_job_config,
-          before: "end"
+          before: "end",
         )
 
         unless initializer.include?(after_authenticate_job_config)

data/lib/generators/shopify_app/add_marketing_activity_extension/add_marketing_activity_extension_generator.rb

@@ -18,7 +18,7 @@ module ShopifyApp
         inject_into_file(
           "config/routes.rb",
           optimize_indentation(routes, 2),
-          after: "root :to => 'home#index'\n"
+          after: "root :to => 'home#index'\n",
         )
       end
 

data/lib/generators/shopify_app/add_webhook/add_webhook_generator.rb

@@ -20,7 +20,7 @@ module ShopifyApp
         inject_into_file(
           "config/initializers/shopify_app.rb",
           "  config.webhooks = [\n  ]\n",
-          after: /ShopifyApp\.configure.*\n/
+          after: /ShopifyApp\.configure.*\n/,
         )
       end
 
@@ -28,7 +28,7 @@ module ShopifyApp
         inject_into_file(
           "config/initializers/shopify_app.rb",
           webhook_config,
-          after: "config.webhooks = ["
+          after: "config.webhooks = [",
         )
 
         initializer = load_initializer

data/lib/generators/shopify_app/app_proxy_controller/app_proxy_controller_generator.rb

@@ -19,7 +19,7 @@ module ShopifyApp
         inject_into_file(
           "config/routes.rb",
           File.read(File.expand_path(find_in_source_paths("app_proxy_route.rb"))),
-          after: "mount ShopifyApp::Engine, at: '/'\n"
+          after: "mount ShopifyApp::Engine, at: '/'\n",
         )
       end
     end

data/lib/generators/shopify_app/install/install_generator.rb

@@ -66,7 +66,7 @@ module ShopifyApp
         inject_into_file(
           "config/environments/development.rb",
           comment,
-          after: insert_after_line
+          after: insert_after_line,
         )
         comment
       end
@@ -78,7 +78,7 @@ module ShopifyApp
         inject_into_file(
           "config/environments/development.rb",
           host_line,
-          after: explaination_comment
+          after: explaination_comment,
         )
         host_line
       end

data/lib/generators/shopify_app/install/templates/shopify_app.rb.tt

@@ -38,7 +38,7 @@ Rails.application.config.after_initialize do
       api_key: ShopifyApp.configuration.api_key,
       api_secret_key: ShopifyApp.configuration.secret,
       api_version: ShopifyApp.configuration.api_version,
-      host_name: URI(ENV.fetch('HOST', '')).host || '',
+      host: ENV['HOST'],
       scope: ShopifyApp.configuration.scope,
       is_private: !ENV.fetch('SHOPIFY_APP_PRIVATE_SHOP', '').empty?,
       is_embedded: ShopifyApp.configuration.embedded_app,

data/lib/generators/shopify_app/rotate_shopify_token_job/templates/rotate_shopify_token.rake

@@ -6,7 +6,7 @@ namespace :shopify do
     all_active_shops.find_each do |shop|
       Shopify::RotateShopifyTokenJob.perform_later(
         shop_domain: shop.shopify_domain,
-        refresh_token: args[:refresh_token]
+        refresh_token: args[:refresh_token],
       )
     end
   end

data/lib/generators/shopify_app/routes/routes_generator.rb

@@ -15,7 +15,7 @@ module ShopifyApp
         gsub_file(
           "config/routes.rb",
           "mount ShopifyApp::Engine, at: '/'",
-          ""
+          "",
         )
       end
 

data/lib/generators/shopify_app/shop_model/shop_model_generator.rb

@@ -35,7 +35,7 @@ module ShopifyApp
         if new_shopify_cli_app? || Rails.env.test? || yes?(scopes_column_prompt)
           migration_template(
             "db/migrate/add_shop_access_scopes_column.erb",
-            "db/migrate/add_shop_access_scopes_column.rb"
+            "db/migrate/add_shop_access_scopes_column.rb",
           )
         end
       end

data/lib/generators/shopify_app/user_model/user_model_generator.rb

@@ -35,7 +35,7 @@ module ShopifyApp
         if new_shopify_cli_app? || Rails.env.test? || yes?(scopes_column_prompt)
           migration_template(
             "db/migrate/add_user_access_scopes_column.erb",
-            "db/migrate/add_user_access_scopes_column.rb"
+            "db/migrate/add_user_access_scopes_column.rb",
           )
         end
       end

data/lib/shopify_app/controller_concerns/app_proxy_verification.rb

@@ -22,7 +22,7 @@ module ShopifyApp
 
       ActiveSupport::SecurityUtils.secure_compare(
         calculated_signature(query_hash),
-        signature
+        signature,
       )
     end
 
@@ -32,7 +32,7 @@ module ShopifyApp
       OpenSSL::HMAC.hexdigest(
         OpenSSL::Digest.new("sha256"),
         ShopifyApp.configuration.secret,
-        sorted_params
+        sorted_params,
       )
     end
   end

data/lib/shopify_app/controller_concerns/ensure_billing.rb

@@ -98,7 +98,7 @@ module ShopifyApp
     def request_payment(session)
       shop = session.shop
       host = Base64.encode64("#{shop}/admin")
-      return_url = "https://#{ShopifyAPI::Context.host_name}?shop=#{shop}&host=#{host}"
+      return_url = "#{ShopifyAPI::Context.host}?shop=#{shop}&host=#{host}"
 
       if recurring?
         data = request_recurring_payment(session: session, return_url: return_url)
@@ -132,7 +132,7 @@ module ShopifyApp
           },
           returnUrl: return_url,
           test: !Rails.env.production?,
-        }
+        },
       )
 
       response.body
@@ -150,7 +150,7 @@ module ShopifyApp
           },
           returnUrl: return_url,
           test: !Rails.env.production?,
-        }
+        },
       )
 
       response.body

data/lib/shopify_app/controller_concerns/frame_ancestors.rb

@@ -8,7 +8,7 @@ module ShopifyApp
       content_security_policy do |policy|
         policy.frame_ancestors(-> do
           domain_host = current_shopify_domain || "*.#{::ShopifyApp.configuration.myshopify_domain}"
-          "https://#{domain_host} https://admin.shopify.com"
+          "#{ShopifyAPI::Context.host_scheme}://#{domain_host} https://admin.shopify.com"
         end)
       end
     end

data/lib/shopify_app/controller_concerns/login_protection.rb

@@ -42,7 +42,7 @@ module ShopifyApp
         ShopifyAPI::Utils::SessionUtils.load_current_session(
           auth_header: request.headers["HTTP_AUTHORIZATION"],
           cookies: { cookie_name => cookies.encrypted[cookie_name] },
-          is_online: user_session_expected?
+          is_online: user_session_expected?,
         )
       rescue ShopifyAPI::Errors::CookieNotFoundError
         nil

data/lib/shopify_app/controller_concerns/payload_verification.rb

@@ -17,7 +17,7 @@ module ShopifyApp
         digest = OpenSSL::Digest.new("sha256")
         ActiveSupport::SecurityUtils.secure_compare(
           shopify_hmac,
-          Base64.strict_encode64(OpenSSL::HMAC.digest(digest, secret, data))
+          Base64.strict_encode64(OpenSSL::HMAC.digest(digest, secret, data)),
         )
       end
     end

data/lib/shopify_app/controller_concerns/redirect_for_embedded.rb

@@ -21,7 +21,7 @@ module ShopifyApp
 
     def redirect_uri_for_embedded
       redirect_query_params = {}
-      redirect_uri = "https://#{ShopifyAPI::Context.host_name}#{ShopifyApp.configuration.login_url}"
+      redirect_uri = "#{ShopifyAPI::Context.host}#{ShopifyApp.configuration.login_url}"
       redirect_query_params[:shop] = sanitized_shop_name
       redirect_query_params[:shop] ||= referer_sanitized_shop_name if referer_sanitized_shop_name.present?
       redirect_query_params[:host] ||= params[:host] if params[:host].present?

data/lib/shopify_app/controller_concerns/sanitized_params.rb

@@ -21,6 +21,7 @@ module ShopifyApp
 
     def sanitize_shop_param(params)
       return unless params[:shop].present?
+
       ShopifyApp::Utils.sanitize_shop_domain(params[:shop])
     end
 

data/lib/shopify_app/managers/scripttags_manager.rb

@@ -7,7 +7,7 @@ module ShopifyApp
         shop_domain: shop_domain,
         shop_token: shop_token,
         # Procs cannot be serialized so we interpolate now, if necessary
-        scripttags: build_src(scripttags, shop_domain)
+        scripttags: build_src(scripttags, shop_domain),
       )
     end
 

data/lib/shopify_app/managers/webhooks_manager.rb

@@ -8,7 +8,7 @@ module ShopifyApp
       def queue(shop_domain, shop_token)
         ShopifyApp::WebhooksManagerJob.perform_later(
           shop_domain: shop_domain,
-          shop_token: shop_token
+          shop_token: shop_token,
         )
       end
 
@@ -45,7 +45,7 @@ module ShopifyApp
             delivery_method: attributes[:delivery_method] || :http,
             path: webhook_path,
             handler: webhook_job_klass(webhook_path),
-            fields: attributes[:fields]
+            fields: attributes[:fields],
           )
         end
       end

data/lib/shopify_app/session/jwt.rb

@@ -55,6 +55,7 @@ module ShopifyApp
       raise ::ShopifyApp::InvalidAudienceError,
         "'aud' claim does not match api_key" unless payload["aud"] == api_key
       raise ::ShopifyApp::InvalidDestinationError, "'dest' claim host not a valid shopify host" unless dest_host
+
       raise ::ShopifyApp::MismatchedHostsError,
         "'dest' claim host does not match 'iss' claim host" unless dest_host == iss_host
 

data/lib/shopify_app/session/shop_session_storage.rb

@@ -34,7 +34,7 @@ module ShopifyApp
 
         ShopifyAPI::Auth::Session.new(
           shop: shop.shopify_domain,
-          access_token: shop.shopify_token
+          access_token: shop.shopify_token,
         )
       end
     end

data/lib/shopify_app/session/shop_session_storage_with_scopes.rb

@@ -37,7 +37,7 @@ module ShopifyApp
         ShopifyAPI::Auth::Session.new(
           shop: shop.shopify_domain,
           access_token: shop.shopify_token,
-          scope: shop.access_scopes
+          scope: shop.access_scopes,
         )
       end
     end

data/lib/shopify_app/session/user_session_storage.rb

@@ -41,13 +41,13 @@ module ShopifyApp
           email_verified: false,
           account_owner: false,
           locale: "",
-          collaborator: false
+          collaborator: false,
         )
 
         ShopifyAPI::Auth::Session.new(
           shop: user.shopify_domain,
           access_token: user.shopify_token,
-          associated_user: associated_user
+          associated_user: associated_user,
         )
       end
     end

data/lib/shopify_app/session/user_session_storage_with_scopes.rb

@@ -43,7 +43,7 @@ module ShopifyApp
           email_verified: false,
           account_owner: false,
           locale: "",
-          collaborator: false
+          collaborator: false,
         )
 
         ShopifyAPI::Auth::Session.new(
@@ -51,7 +51,7 @@ module ShopifyApp
           access_token: user.shopify_token,
           scope: user.access_scopes,
           associated_user_scope: user.access_scopes,
-          associated_user: associated_user
+          associated_user: associated_user,
         )
       end
     end

data/lib/shopify_app/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module ShopifyApp
-  VERSION = "21.0.0"
+  VERSION = "21.1.0"
 end

data/shopify_app.gemspec

@@ -19,7 +19,7 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency("jwt", ">= 2.2.3")
   s.add_runtime_dependency("rails", "> 5.2.1")
   s.add_runtime_dependency("redirect_safely", "~> 1.0")
-  s.add_runtime_dependency("shopify_api", "~> 12.0.0")
+  s.add_runtime_dependency("shopify_api", "~> 12.1")
   s.add_runtime_dependency("sprockets-rails", ">= 2.0.0")
 
   s.add_development_dependency("byebug")
@@ -34,6 +34,5 @@ Gem::Specification.new do |s|
   s.add_development_dependency("webmock")
 
   s.files         = %x(git ls-files).split("\n").reject { |f| f.match(%r{^(test|example)/}) }
-  s.test_files    = %x(git ls-files -- {test}/*).split("\n")
   s.require_paths = ["lib"]
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: shopify_app
 version: !ruby/object:Gem::Version
-  version: 21.0.0
+  version: 21.1.0
 platform: ruby
 authors:
 - Shopify
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-10-04 00:00:00.000000000 Z
+date: 2022-10-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activeresource
@@ -86,14 +86,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 12.0.0
+        version: '12.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 12.0.0
+        version: '12.1'
 - !ruby/object:Gem::Dependency
   name: sprockets-rails
   requirement: !ruby/object:Gem::Requirement