This repository has been archived by the owner on Jan 30, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 62
/
Copy pathindex.ts
130 lines (105 loc) · 3.55 KB
/
index.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
import {Context} from 'koa';
import {OAuthStartOptions, AccessMode, NextFunction} from '../types';
import getCookieOptions from './cookie-options';
import createEnableCookies from './create-enable-cookies';
import createTopLevelOAuthRedirect from './create-top-level-oauth-redirect';
import createRequestStorageAccess from './create-request-storage-access';
import setUserAgent from './set-user-agent';
import Shopify from '@shopify/shopify-api';
const DEFAULT_MYSHOPIFY_DOMAIN = 'myshopify.com';
export const DEFAULT_ACCESS_MODE: AccessMode = 'online';
export const TOP_LEVEL_OAUTH_COOKIE_NAME = 'shopifyTopLevelOAuth';
export const TEST_COOKIE_NAME = 'shopifyTestCookie';
export const GRANTED_STORAGE_ACCESS_COOKIE_NAME = 'shopify.granted_storage_access';
function hasCookieAccess({cookies}: Context) {
return Boolean(cookies.get(TEST_COOKIE_NAME));
}
function grantedStorageAccess({cookies}: Context) {
return Boolean(cookies.get(GRANTED_STORAGE_ACCESS_COOKIE_NAME));
}
function shouldPerformInlineOAuth({cookies}: Context) {
return Boolean(cookies.get(TOP_LEVEL_OAUTH_COOKIE_NAME));
}
export default function createShopifyAuth(options: OAuthStartOptions) {
const config = {
prefix: '',
myShopifyDomain: DEFAULT_MYSHOPIFY_DOMAIN,
accessMode: DEFAULT_ACCESS_MODE,
...options,
};
const {prefix} = config;
const oAuthStartPath = `${prefix}/auth`;
const oAuthCallbackPath = `${oAuthStartPath}/callback`;
const inlineOAuthPath = `${prefix}/auth/inline`;
const topLevelOAuthRedirect = createTopLevelOAuthRedirect(
Shopify.Context.API_KEY,
inlineOAuthPath,
);
const enableCookiesPath = `${oAuthStartPath}/enable_cookies`;
const enableCookies = createEnableCookies(config);
const requestStorageAccess = createRequestStorageAccess(config);
setUserAgent();
return async function shopifyAuth(ctx: Context, next: NextFunction) {
ctx.cookies.secure = true;
if (
ctx.path === oAuthStartPath &&
!hasCookieAccess(ctx) &&
!grantedStorageAccess(ctx)
) {
await requestStorageAccess(ctx);
return;
}
if (
ctx.path === inlineOAuthPath ||
(ctx.path === oAuthStartPath && shouldPerformInlineOAuth(ctx))
) {
const shop = ctx.query.shop;
if (shop == null) {
ctx.throw(400);
}
ctx.cookies.set(TOP_LEVEL_OAUTH_COOKIE_NAME, '', getCookieOptions(ctx));
const redirectUrl = await Shopify.Auth.beginAuth(
ctx.req,
ctx.res,
shop,
oAuthCallbackPath,
config.accessMode === 'online'
);
ctx.redirect(redirectUrl);
return;
}
if (ctx.path === oAuthStartPath) {
await topLevelOAuthRedirect(ctx);
return;
}
if (ctx.path === oAuthCallbackPath) {
try {
await Shopify.Auth.validateAuthCallback(ctx.req, ctx.res, ctx.query);
ctx.state.shopify = await Shopify.Utils.loadCurrentSession(ctx.req, ctx.res, config.accessMode === 'online');
if (config.afterAuth) {
await config.afterAuth(ctx);
}
}
catch (e) {
switch (true) {
case (e instanceof Shopify.Errors.InvalidOAuthError):
ctx.throw(400, e.message);
break;
case (e instanceof Shopify.Errors.SessionNotFound):
ctx.throw(403, e.message);
break;
default:
ctx.throw(500, e.message);
break;
}
}
return;
}
if (ctx.path === enableCookiesPath) {
await enableCookies(ctx);
return;
}
await next();
};
}
export {default as Error} from './errors';