Class: ShopifyAPI::Session

Inherits:
Object show all
Defined in:
lib/shopify_api/session.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(url, token = nil, extra = {}) ⇒ Session

Returns a new instance of Session


70
71
72
73
74
# File 'lib/shopify_api/session.rb', line 70

def initialize(url, token = nil, extra = {})
  self.url = self.class.prepare_url(url)
  self.token = token
  self.extra = extra
end

Instance Attribute Details

#extraObject

Returns the value of attribute extra


14
15
16
# File 'lib/shopify_api/session.rb', line 14

def extra
  @extra
end

#nameObject

Returns the value of attribute name


14
15
16
# File 'lib/shopify_api/session.rb', line 14

def name
  @name
end

#tokenObject

Returns the value of attribute token


14
15
16
# File 'lib/shopify_api/session.rb', line 14

def token
  @token
end

#urlObject

Returns the value of attribute url


14
15
16
# File 'lib/shopify_api/session.rb', line 14

def url
  @url
end

Class Method Details

.prepare_url(url) ⇒ Object


36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
# File 'lib/shopify_api/session.rb', line 36

def prepare_url(url)
  return nil if url.blank?
  # remove http:// or https://
  url = url.strip.gsub(/\Ahttps?:\/\//, '')
  # extract host, removing any username, password or path
  shop = URI.parse("https://#{url}").host
  # extract subdomain of .myshopify.com
  if idx = shop.index(".")
    shop = shop.slice(0, idx)
  end
  return nil if shop.empty?
  shop = "#{shop}.#{myshopify_domain}"
  port ? "#{shop}:#{port}" : shop
rescue URI::InvalidURIError
  nil
end

.setup(params) ⇒ Object


18
19
20
# File 'lib/shopify_api/session.rb', line 18

def setup(params)
  params.each { |k,value| public_send("#{k}=", value) }
end

.temp(domain, token, &block) ⇒ Object


22
23
24
25
26
27
28
29
30
31
32
33
34
# File 'lib/shopify_api/session.rb', line 22

def temp(domain, token, &block)
  session = new(domain, token)
  original_site = ShopifyAPI::Base.site.to_s
  original_token = ShopifyAPI::Base.headers['X-Shopify-Access-Token']
  original_session = new(original_site, original_token)

  begin
    ShopifyAPI::Base.activate_session(session)
    yield
  ensure
    ShopifyAPI::Base.activate_session(original_session)
  end
end

.validate_signature(params) ⇒ Object


53
54
55
56
57
58
59
60
# File 'lib/shopify_api/session.rb', line 53

def validate_signature(params)
  params = params.with_indifferent_access
  return false unless signature = params[:hmac]

  calculated_signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new(), secret, encoded_params_for_signature(params))

  Rack::Utils.secure_compare(calculated_signature, signature)
end

Instance Method Details

#create_permission_url(scope, redirect_uri = nil) ⇒ Object


76
77
78
79
80
# File 'lib/shopify_api/session.rb', line 76

def create_permission_url(scope, redirect_uri = nil)
  params = {:client_id => api_key, :scope => scope.join(',')}
  params[:redirect_uri] = redirect_uri if redirect_uri
  "#{site}/oauth/authorize?#{parameterize(params)}"
end

#expired?Boolean

Returns:

  • (Boolean)

125
126
127
128
# File 'lib/shopify_api/session.rb', line 125

def expired?
  return false if expires_in.nil?
  expires_in <= 0
end

#expires_atObject


120
121
122
123
# File 'lib/shopify_api/session.rb', line 120

def expires_at
  return unless extra.present?
  @expires_at ||= Time.at(extra['expires_at']).utc
end

#expires_inObject


115
116
117
118
# File 'lib/shopify_api/session.rb', line 115

def expires_in
  return unless expires_at.present?
  [0, expires_at.to_i - Time.now.utc.to_i].max
end

#request_token(params) ⇒ Object


82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
# File 'lib/shopify_api/session.rb', line 82

def request_token(params)
  return token if token

  unless self.class.validate_signature(params) && params[:timestamp].to_i > 24.hours.ago.utc.to_i
    raise ShopifyAPI::ValidationException, "Invalid Signature: Possible malicious login"
  end

  response = access_token_request(params['code'])
  if response.code == "200"
    self.extra = JSON.parse(response.body)
    self.token = extra.delete('access_token')

    if expires_in = extra.delete('expires_in')
      extra['expires_at'] = Time.now.utc.to_i + expires_in
    end
    token
  else
    raise RuntimeError, response.msg
  end
end

#shopObject


103
104
105
# File 'lib/shopify_api/session.rb', line 103

def shop
  Shop.current
end

#siteObject


107
108
109
# File 'lib/shopify_api/session.rb', line 107

def site
  "#{protocol}://#{url}/admin"
end

#valid?Boolean

Returns:

  • (Boolean)

111
112
113
# File 'lib/shopify_api/session.rb', line 111

def valid?
  url.present? && token.present?
end