module Sinatra::Shopify::Methods

Public Instance Methods

after_shopify_auth() click to toggle source

designed to be overriden

# File lib/sinatra/shopify-sinatra-app.rb, line 16
def after_shopify_auth
end
logout() click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 19
def logout
  session.delete(:shopify)
  session.clear
end
shop_origin() click to toggle source

for the esdk initializer

# File lib/sinatra/shopify-sinatra-app.rb, line 25
def shop_origin
  "https://#{session[:shopify][:shop]}"
end
shopify_session() { |shop_name| ... } click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 29
def shopify_session(&blk)
  return_to = request.path
  return_params = request.params

  if no_session?
    authenticate(return_to, return_params)
  elsif different_shop?
    logout
    authenticate(return_to, return_params)
  else
    shop_name = session[:shopify][:shop]
    token = session[:shopify][:token]
    activate_shopify_api(shop_name, token)
    yield shop_name
  end
rescue ActiveResource::UnauthorizedAccess
  clear_session shop_name
  redirect request.path
end
shopify_webhook() { |shop_name, webhook_body| ... } click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 49
def shopify_webhook(&blk)
  return unless verify_shopify_webhook
  shop_name = request.env['HTTP_X_SHOPIFY_SHOP_DOMAIN']
  webhook_body = ActiveSupport::JSON.decode(request.body.read.to_s)
  yield shop_name, webhook_body
  status 200
end

Private Instance Methods

activate_shopify_api(shop_name, token) click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 85
def activate_shopify_api(shop_name, token)
  api_session = ShopifyAPI::Session.new(domain: shop_name, token: token, api_version: ENV['SHOPIFY_API_VERSION'] || '2020-01')
  ShopifyAPI::Base.activate_session(api_session)
end
authenticate(return_to = '/', return_params = nil) click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 75
def authenticate(return_to = '/', return_params = nil)
  if shop_name = sanitized_shop_name
    session[:return_params] = return_params if return_params
    redirect_url = "/auth/shopify?shop=#{shop_name}&return_to=#{base_url}#{return_to}"
    redirect_javascript redirect_url
  else
    redirect '/install'
  end
end
base_url() click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 63
def base_url
  "#{request_protocol}://#{request.env['HTTP_HOST']}"
end
clear_session(shop_name) click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 90
def clear_session(shop_name)
  logout
  shop = Shop.find_by(name: shop_name)
  shop.token = nil
  shop.save
end
different_shop?() click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 71
def different_shop?
  params[:shop].present? && session[:shopify][:shop] != sanitize_shop_param(params)
end
no_session?() click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 67
def no_session?
  !session.key?(:shopify)
end
redirect_javascript(url) click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 97
def redirect_javascript(url)
  erb %(
    <!DOCTYPE html>
    <html lang="en">
    <head>
      <meta charset="utf-8" />
      <base target="_top">
      <title>Redirecting…</title>

      <script type='text/javascript'>
        // If the current window is the 'parent', change the URL by setting location.href
        if (window.top == window.self) {
          window.top.location.href = #{url.to_json};

        // If the current window is the 'child', change the parent's URL with postMessage
        } else {
          message = JSON.stringify({
            message: 'Shopify.API.remoteRedirect',
            data: { location: window.location.origin + #{url.to_json} }
          });
          window.parent.postMessage(message, 'https://#{sanitized_shop_name}');
        }
      </script>
    </head>
    <body>
    </body>
  </html>
  ), layout: false
end
request_protocol() click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 59
def request_protocol
  request.secure? ? 'https' : 'http'
end
sanitize_shop_param(params) click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 131
def sanitize_shop_param(params)
  return unless params[:shop].present?
  name = params[:shop].to_s.strip
  name += '.myshopify.com' if !name.include?('myshopify.com') && !name.include?('.')
  name.gsub!('https://', '')
  name.gsub!('http://', '')

  u = URI("http://#{name}")
  u.host.ends_with?('.myshopify.com') ? u.host : nil
end
sanitized_shop_name() click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 127
def sanitized_shop_name
  @sanitized_shop_name ||= sanitize_shop_param(params)
end
verify_shopify_webhook() click to toggle source
# File lib/sinatra/shopify-sinatra-app.rb, line 142
def verify_shopify_webhook
  data = request.body.read.to_s
  digest = OpenSSL::Digest.new('sha256')
  calculated_hmac = Base64.encode64(OpenSSL::HMAC.digest(digest, settings.shared_secret, data)).strip
  request.body.rewind

  if calculated_hmac == request.env['HTTP_X_SHOPIFY_HMAC_SHA256']
    true
  else
    puts 'Shopify Webhook verifictation failed!'
    false
  end
end