npm - shoplazza-cli - Versions diffs - 1.0.13 → 1.1.1 - Mend

shoplazza-cli 1.0.13 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (176) hide show

package/lib/app/services/auth/partner-token.js ADDED Viewed

@@ -0,0 +1,45 @@
+const axios = require('axios');
+const { getPartnerHost } = require('./config');
+const { getSSOAccessToken } = require('./sso-token');
+/**
+ * 获取合作伙伴访问令牌
+ * @param {string} appClientId
+ * @param {string} appSecret
+ * @returns {Promise<{
+*   access_token: string,
+*   token_type: string,
+*   expires_in: number,
+*   created_at: number,
+*   store_id: string | null,
+*   store_name: string | null,
+*   expires_at: number,
+*   locale: string
+* }>}
+*/
+async function getPartnerAccessToken(appClientId, appSecret) {
+ try {
+   const ssoAccessToken = await getSSOAccessToken();
+   const response = await axios.post(
+     `${getPartnerHost()}/partner/oauth/token`,
+     {
+       client_id: appClientId,
+       client_secret: appSecret,
+       grant_type: 'client_credentials'
+     },
+     {
+       headers: {
+         Cookie: `awesomev2=${ssoAccessToken.access_token}`
+       }
+     }
+   );
+   return response.data;
+ } catch (error) {
+   throw new Error(`[${error.config.url}] ${error.response.data.message}`);
+ }
+}
+module.exports = {
+  getPartnerAccessToken
+}

package/lib/app/services/auth/sso-token.js ADDED Viewed

@@ -0,0 +1,69 @@
+const axios = require('axios');
+const { getSSOHost, getSSOClientId } = require('./config');
+const { startOAuthServer } = require('./oauth-server');
+const { buildAuthUrl } = require('./url-builder');
+const { GRANT_TYPE, REDIRECT_URI } = require('../../constant/sso');
+const { ssoStore } = require('../../store');
+const { SSO_STORE_KEY } = require('../../store/config');
+const { errorMessageRender } = require('../../utils/views/message');
+/**
+ * 获取 SSO 访问令牌
+ * @returns {Promise<{
+ *   access_token: string,
+ *   expires_in: number,
+ *   session_id: string,
+ *   token_type: string
+ * }>}
+ */
+async function getSSOAccessToken() {
+  if (ssoStore.has(SSO_STORE_KEY.ACCESS_TOKEN)) {
+    return ssoStore.getSSOInfo();
+  }
+  let code;
+  try {
+    // 启动 OAuth 服务器并获取授权码
+    code = await startOAuthServer({
+      onGetUrl: buildAuthUrl // 传入URL构建函数
+    });
+  } catch (error) {
+    errorMessageRender(error.message);
+    process.exit(1);
+  }
+  let response;
+  try {
+    // 用授权码换取访问令牌
+    response = await axios.post(
+      `${getSSOHost()}/api/oauth/token`,
+      {
+        code,
+        client_id: getSSOClientId(),
+        redirect_uri: REDIRECT_URI,
+        grant_type: GRANT_TYPE
+      },
+      {
+        headers: {
+          'Content-Type': 'application/x-www-form-urlencoded'
+        }
+      }
+    );
+  } catch (error) {
+    errorMessageRender(error.message);
+    process.exit(1);
+  }
+  ssoStore.setSSOInfo({
+    access_token: response.data.access_token,
+    expires_in: response.data.expires_in,
+    session_id: response.data.session_id,
+    token_type: response.data.token_type
+  });
+  return response.data;
+}
+module.exports = {
+  getSSOAccessToken
+}

package/lib/app/services/auth/store-token.js ADDED Viewed

@@ -0,0 +1,100 @@
+const axios = require('axios');
+const { getSSOHost, getAccountHost, getPartnerHost } = require('./config');
+const { getSSOAccessToken } = require('./sso-token');
+const { installStore } = require('../../store');
+const { selectOne } = require('../../utils/views/select');
+// 获取店铺列表
+async function getStoreList(partnerId, ssoAccessToken) {
+  const response = await axios.get(`${getPartnerHost()}/api/partners/stores`, {
+    params: {
+      page_size: 10
+    },
+    headers: {
+      'x-shoplazza-partner-id': partnerId,
+      Cookie: `awesomev2=${ssoAccessToken}`
+    }
+  });
+  return response.data;
+}
+// 选择店铺
+async function chooseStore(partnerId, ssoAccessToken) {
+  const storesResponse = await getStoreList(partnerId, ssoAccessToken);
+  if (storesResponse.count === 0) {
+    throw new Error('No store found, please create one first!');
+  }
+  const store = await selectOne(storesResponse.data, {
+    message: 'Please select a store to install:',
+    autoPickSingle: false,
+    formatChoice: (store) => ({ name: `${store.slug} (${store.id})`, value: store.primary_domain })
+  });
+  return store;
+}
+/**
+ * 获取店铺访问令牌
+ * @param {string} appClientId
+ * @returns {Promise<{
+ *   store_id: string,
+ *   access_token: string,
+ *   expires_at: number,
+ * }>}
+ */
+async function getStoreAccessToken(appClientId, partnerId) {
+  if (installStore.has(appClientId)) {
+    const installData = installStore.getInstallInfo(appClientId);
+    return installData;
+  }
+  try {
+    const ssoAccessToken = await getSSOAccessToken();
+    const store_domain = await chooseStore(partnerId, ssoAccessToken.access_token);
+    const response = await axios.get(`${getSSOHost()}/api/sso/current/users`, {
+      headers: {
+        Cookie: `awesomev2=${ssoAccessToken.access_token}`,
+        'Content-Type': 'application/json'
+      }
+    });
+    const userInfo = response.data;
+    const activeUser = userInfo.users.find((user) => user.active);
+    const storeTokenResponse = await axios.post(
+      `${getAccountHost()}/api/accounts/store/token`,
+      {
+        user_id: activeUser.user_id,
+        domain: store_domain
+      },
+      {
+        headers: {
+          Cookie: `awesomev2=${ssoAccessToken.access_token}`,
+          'Content-Type': 'application/json'
+        }
+      }
+    );
+    const installData = {
+      store_domain,
+      access_token: storeTokenResponse.data.access_token,
+      expires_at: storeTokenResponse.data.expires_at,
+      store_id: storeTokenResponse.data.store_id
+    };
+    installStore.setInstallInfo(appClientId, installData);
+    return installData;
+  } catch (error) {
+    throw new Error(`Store access token get failed: ${error.message}`);
+  }
+}
+module.exports = {
+  getStoreAccessToken
+};

package/lib/app/services/auth/url-builder.js ADDED Viewed

@@ -0,0 +1,23 @@
+const { getSSOHost, getSSOClientId } = require('./config');
+const { REDIRECT_URI } = require('../../constant/sso');
+function buildAuthUrl() {
+  const url = new URL(`${getSSOHost()}/switch_account`);
+  url.searchParams.set('lack', '0');
+  url.searchParams.set('continue', buildContinueUrl());
+  return url.toString();
+}
+function buildContinueUrl() {
+  const url = new URL(`${getSSOHost()}/api/oauth/authorize`);
+  url.searchParams.set('action', 'login');
+  url.searchParams.set('client_id', getSSOClientId());
+  url.searchParams.set('redirect_uri', REDIRECT_URI);
+  url.searchParams.set('response_type', 'code');
+  return url.toString();
+}
+module.exports = {
+  buildAuthUrl,
+  buildContinueUrl
+};

package/lib/app/services/config/index.js ADDED Viewed

@@ -0,0 +1,41 @@
+const { configStore } = require('../../store');
+const { parseTomlFile } = require('../../utils/toml');
+const { getAppCompleteInfoRequest } = require('../../api/cli');
+const path = require('path');
+/**
+ * @description 获取当前正在使用的 configFile
+ * @param {string} projectDir 项目目录，默认使用 process.env.APP_PROJECT_DIR
+ * @returns {string} 返回当前正在使用的 configFile
+ */
+function getActiveConfigFile(projectDir = process.env.APP_PROJECT_DIR) {
+  const configCache = configStore.getProjectConfig(projectDir);
+  return configCache?.configFile ? configCache.configFile : 'shoplazza.app.toml';
+}
+/**
+ * @description 获取 config 相关信息
+ * @param {string} projectDir 项目目录，默认使用 process.env.APP_PROJECT_DIR
+ * @returns {Promise<{app: object, partner: object, user: object, configContent: object}>} 返回 app、partner、user、configContent 信息
+ */
+async function getAppCompleteInfo(projectDir = process.env.APP_PROJECT_DIR) {
+  const activeConfigFile = getActiveConfigFile(projectDir);
+  // 获取 configFile 信息
+  const configContent = parseTomlFile(path.join(projectDir, activeConfigFile));
+  // 获取 config 相关信息
+  const completeInfo = await getAppCompleteInfoRequest(configContent.client_id);
+  return {
+    app: completeInfo.app,
+    partner: completeInfo.partner,
+    user: completeInfo.user,
+    configContent: configContent
+  };
+}
+module.exports = {
+  getActiveConfigFile,
+  getAppCompleteInfo
+};

package/lib/app/services/devServer/app.js ADDED Viewed

@@ -0,0 +1,76 @@
+// lib/app/services/devServer/app.js
+const express = require('express');
+const path = require('path');
+const crypto = require('crypto');
+const axios = require('axios');
+const { hmacValidatorMiddleWare } = require('./middleware');
+/**
+ * 创建 dev server 应用
+ * @param {{ client_id: string, client_secret: string, redirect_uri: string, app_url_path: string, redirect_url_path: string }} config 配置
+ * @returns {express.Application} dev server 应用
+ */
+function createApp(config) {
+  if (typeof config !== 'object') {
+    throw new Error('Dev server config is invalid');
+  }
+  const { client_id, client_secret, redirect_uri, app_url_path, redirect_url_path, scopes } = config;
+  if (!client_id || !client_secret || !redirect_uri || !app_url_path || !redirect_url_path || !scopes) {
+    throw new Error('Dev server config is invalid');
+  }
+  const app = express();
+  app.set('view engine', 'ejs');
+  app.set('views', path.join(__dirname, 'views'));
+  app.use(express.json());
+  app.use(express.urlencoded({ extended: true }));
+  // 将 config 挂载到 req.config 上
+  app.use((req, res, next) => {
+    req.config = { client_id, client_secret, redirect_uri };
+    next();
+  });
+  app.get('/', (req, res) => {
+    res.render('app', {
+      title: '插件调试导航',
+      preview_url: '/admin/card'
+    });
+  });
+  app.get(app_url_path, (req, res) => {
+    const encodedScopes = encodeURIComponent(scopes);
+    const state = crypto.randomBytes(16).toString('hex');
+    const { client_id, redirect_uri } = req.config;
+    res.redirect(
+      `https://${req.query.shop}/admin/oauth/authorize?client_id=${client_id}&scope=${encodedScopes}&redirect_uri=${redirect_uri}&response_type=code&state=${state}`
+    );
+  });
+  app.get(redirect_url_path, hmacValidatorMiddleWare, async (req, res) => {
+    const { code, hmac, state, shop } = req.query;
+    const { client_id, client_secret, redirect_uri } = req.config;
+    if (shop && hmac && code) {
+      const { data } = await axios.post(`https://${shop}/admin/oauth/token`, {
+        client_id,
+        client_secret,
+        code,
+        grant_type: 'authorization_code',
+        redirect_uri
+      });
+      res.redirect('/');
+    } else {
+      res.status(400).send('Required parameters missing');
+    }
+  });
+  return app;
+}
+module.exports = createApp;

package/lib/app/services/devServer/index.js ADDED Viewed

@@ -0,0 +1,103 @@
+const createApp = require('./app');
+const { CloudflareTunnel, NgrokTunnel, TunnelManager } = require('./tunnel');
+const chalk = require('chalk');
+const net = require('net');
+/**
+ * 检查端口是否可用
+ * @param {number} port 要检查的端口
+ * @returns {Promise<boolean>} 端口是否可用
+ */
+function isPortAvailable(port) {
+  return new Promise((resolve) => {
+    const server = net.createServer();
+    server.listen(port, () => {
+      server.once('close', () => {
+        resolve(true);
+      });
+      server.close();
+    });
+    server.on('error', () => {
+      resolve(false);
+    });
+  });
+}
+/**
+ * 查找可用的端口
+ * @param {number} startPort 起始端口，默认3457
+ * @param {number} maxAttempts 最大尝试次数，默认100
+ * @returns {Promise<number>} 可用的端口号
+ */
+async function findAvailablePort(startPort = 3457, maxAttempts = 100) {
+  for (let i = 0; i < maxAttempts; i++) {
+    const port = startPort + i;
+    if (await isPortAvailable(port)) {
+      return port;
+    }
+  }
+  throw new Error(`无法找到可用端口，已尝试端口范围 ${startPort}-${startPort + maxAttempts - 1}`);
+}
+// 启动隧道（策略：cloudflare -> ngrok）
+async function startTunnel(port) {
+  const manager = new TunnelManager([
+    new CloudflareTunnel(port),
+    new NgrokTunnel(port, process.env.NGROK_AUTHTOKEN, process.env.NGROK_DOMAIN)
+  ]);
+  return manager.start();
+}
+const APP_PATH = '/auth';
+const REDIRECT_PATH = '/auth/callback';
+const PORT = 3457;
+/**
+ * 启动 dev 服务
+ * @param {Object} params - 请求参数
+ * @param {string} params.clientId - 客户端 ID
+ * @param {string} params.clientSecret - 客户端密钥
+ * @param {string} params.scopes - 权限范围
+ */
+async function startDevServer({ clientId, clientSecret, scopes }) {
+  // 查找可用端口
+  const availablePort = await findAvailablePort(PORT);
+  // 启动隧道
+  const { url: publicUrl, close: closeTunnel } = await startTunnel(availablePort);
+  const appUrl = new URL(APP_PATH, publicUrl).toString();
+  const redirectUrl = new URL(REDIRECT_PATH, publicUrl).toString();
+  const app = createApp({
+    client_id: clientId,
+    client_secret: clientSecret,
+    redirect_uri: redirectUrl,
+    app_url_path: APP_PATH,
+    redirect_url_path: REDIRECT_PATH,
+    scopes: scopes
+  });
+  return new Promise((resolve, reject) => {
+    const server = app.listen(availablePort, () => {
+      resolve({
+        server,
+        appUrl,
+        redirectUrl,
+        closeTunnel
+      });
+      console.log(`🔍 dev server port: ${availablePort}`);
+      console.log(chalk.green('Dev server start success 🎉 🎉 🎉'));
+    });
+    app.on('error', reject);
+  });
+}
+module.exports = {
+  startDevServer
+};

package/lib/app/services/devServer/middleware/hmacValidatorMiddleWare.js ADDED Viewed

@@ -0,0 +1,20 @@
+const crypto = require('crypto');
+const { secureCompare } = require('../utils');
+module.exports = function hmacValidatorMiddleWare(req, res, next) {
+  const { code, hmac, state, shop } = req.query;
+  const map = Object.assign({}, req.query);
+  delete map['hmac'];
+  const sortedKeys = Object.keys(map).sort();
+  const message = sortedKeys.map((key) => `${key}=${map[key]}`).join('&');
+  const { client_secret } = req.config;
+  const generated_hash = crypto
+    .createHmac('sha256', client_secret)
+    .update(message)
+    .digest('hex');
+  if (!secureCompare(generated_hash, hmac)) {
+    return res.status(400).send('HMAC validation failed');
+  }
+  next();
+};

package/lib/app/services/devServer/middleware/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+const hmacValidatorMiddleWare = require('./hmacValidatorMiddleWare');
+module.exports = {
+  hmacValidatorMiddleWare
+};

package/lib/app/services/devServer/tunnel/index.js ADDED Viewed

@@ -0,0 +1,43 @@
+const CloudflareTunnel = require('./providers/cloudflare');
+const NgrokTunnel = require('./providers/ngrok');
+class TunnelManager {
+  constructor(strategies) {
+    this.strategies = strategies;
+  }
+  async start() {
+    const errors = []; // 收集所有策略的错误信息
+    for (let i = 0; i < this.strategies.length; i++) {
+      const strategy = this.strategies[i];
+      const strategyName = strategy.constructor.name;
+      try {
+        console.log(`🔄 Trying tunnel strategy: ${strategyName}...`);
+        const { url, close } = await strategy.start();
+        console.log(`✅ ${strategyName} tunnel started successfully!`);
+        return { url, close, strategy: strategyName };
+      } catch (err) {
+        console.error(`❌ ${strategyName} failed:`, err.message);
+        errors.push({ strategy: strategyName, error: err.message });
+        // 如果不是最后一个策略，继续尝试下一个
+        if (i < this.strategies.length - 1) {
+          console.log(`🔄 Falling back to next tunnel strategy...`);
+          continue;
+        }
+      }
+    }
+    // 所有策略都失败了
+    const errorDetails = errors.map((e) => `${e.strategy}: ${e.error}`).join('; ');
+    throw new Error(`All tunnel strategies failed. Errors: ${errorDetails}`);
+  }
+}
+module.exports = {
+  CloudflareTunnel,
+  NgrokTunnel,
+  TunnelManager
+};