From e5dd35db8cffaf2e6c8c9266825a981d459b433b Mon Sep 17 00:00:00 2001
From: Lucas Kim <lucas.kim@shopify.com>
Date: Wed, 15 Jan 2020 13:50:57 -0500
Subject: [PATCH 1/5] moved extension verification controller from engine to
 app

---
 .../shopify_app}/extension_verification_controller.rb           | 0
 .../templates/marketing_activities_controller.rb                | 2 +-
 .../controllers/extension_verification_controller_test.rb       | 2 +-
 .../add_marketing_activity_extension_generator_test.rb          | 2 +-
 4 files changed, 3 insertions(+), 3 deletions(-)
 rename {lib/shopify_app/controllers => app/controllers/shopify_app}/extension_verification_controller.rb (100%)
 rename test/{shopify_app => }/controllers/extension_verification_controller_test.rb (94%)

diff --git a/lib/shopify_app/controllers/extension_verification_controller.rb b/app/controllers/shopify_app/extension_verification_controller.rb
similarity index 100%
rename from lib/shopify_app/controllers/extension_verification_controller.rb
rename to app/controllers/shopify_app/extension_verification_controller.rb
diff --git a/lib/generators/shopify_app/add_marketing_activity_extension/templates/marketing_activities_controller.rb b/lib/generators/shopify_app/add_marketing_activity_extension/templates/marketing_activities_controller.rb
index fca3a3d03..98873b195 100644
--- a/lib/generators/shopify_app/add_marketing_activity_extension/templates/marketing_activities_controller.rb
+++ b/lib/generators/shopify_app/add_marketing_activity_extension/templates/marketing_activities_controller.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class MarketingActivitiesController < ExtensionVerificationController
+class MarketingActivitiesController < ShopifyApp::ExtensionVerificationController
   def preload_form_data
     preload_data = {
       "form_data": {
diff --git a/test/shopify_app/controllers/extension_verification_controller_test.rb b/test/controllers/extension_verification_controller_test.rb
similarity index 94%
rename from test/shopify_app/controllers/extension_verification_controller_test.rb
rename to test/controllers/extension_verification_controller_test.rb
index b315f0c9f..c31403b34 100644
--- a/test/shopify_app/controllers/extension_verification_controller_test.rb
+++ b/test/controllers/extension_verification_controller_test.rb
@@ -1,6 +1,6 @@
 require 'test_helper'
 
-class ExtensionController < ExtensionVerificationController
+class ExtensionController < ShopifyApp::ExtensionVerificationController
   def extension_action
     head :ok
   end
diff --git a/test/generators/add_marketing_activity_extension_generator_test.rb b/test/generators/add_marketing_activity_extension_generator_test.rb
index ed87c0b8e..af59441ac 100644
--- a/test/generators/add_marketing_activity_extension_generator_test.rb
+++ b/test/generators/add_marketing_activity_extension_generator_test.rb
@@ -11,7 +11,7 @@ class AddMarketingActivityExtensionGeneratorTest < Rails::Generators::TestCase
     run_generator
 
     assert_file "app/controllers/marketing_activities_controller.rb" do |controller|
-      assert_match 'class MarketingActivitiesController < ExtensionVerificationController', controller
+      assert_match 'class MarketingActivitiesController < ShopifyApp::ExtensionVerificationController', controller
     end
   end
 

From 1ff61dc09012e01f510b9e2187a90c49745596aa Mon Sep 17 00:00:00 2001
From: Lucas Kim <lucas.kim@shopify.com>
Date: Wed, 15 Jan 2020 13:53:00 -0500
Subject: [PATCH 2/5] nest in module

---
 .../extension_verification_controller.rb      | 24 ++++++++++---------
 1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/app/controllers/shopify_app/extension_verification_controller.rb b/app/controllers/shopify_app/extension_verification_controller.rb
index 25836ed4b..e06c61069 100644
--- a/app/controllers/shopify_app/extension_verification_controller.rb
+++ b/app/controllers/shopify_app/extension_verification_controller.rb
@@ -1,18 +1,20 @@
 # frozen_string_literal: true
 
-class ExtensionVerificationController < ActionController::Base
-  protect_from_forgery with: :null_session
-  before_action :verify_request
+module ShopifyApp
+  class ExtensionVerificationController < ActionController::Base
+    protect_from_forgery with: :null_session
+    before_action :verify_request
 
-  private
+    private
 
-  def verify_request
-    hmac_header = request.headers['HTTP_X_SHOPIFY_HMAC_SHA256']
-    request_body = request.body.read
-    secret = ShopifyApp.configuration.secret
-    digest = OpenSSL::Digest.new('sha256')
+    def verify_request
+      hmac_header = request.headers['HTTP_X_SHOPIFY_HMAC_SHA256']
+      request_body = request.body.read
+      secret = ShopifyApp.configuration.secret
+      digest = OpenSSL::Digest.new('sha256')
 
-    expected_hmac = Base64.strict_encode64(OpenSSL::HMAC.digest(digest, secret, request_body))
-    head(:unauthorized) unless ActiveSupport::SecurityUtils.secure_compare(expected_hmac, hmac_header)
+      expected_hmac = Base64.strict_encode64(OpenSSL::HMAC.digest(digest, secret, request_body))
+      head(:unauthorized) unless ActiveSupport::SecurityUtils.secure_compare(expected_hmac, hmac_header)
+    end
   end
 end

From 6058e1bb458586f1df34682e5a4ad80f5a4e05f9 Mon Sep 17 00:00:00 2001
From: Lucas Kim <lucas.kim@shopify.com>
Date: Wed, 15 Jan 2020 13:56:08 -0500
Subject: [PATCH 3/5] add changelog

---
 CHANGELOG.md               | 4 ++++
 lib/shopify_app/version.rb | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9caf60653..4852f50f2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,7 @@
+11.6.1
+-----
+* Move ExtensionVerificationController from engine to app controllers, as being in the engine makes ActionController::Base get loaded before app initiates [#855](https://github.com/Shopify/shopify_app/pull/855)
+
 11.6.0
 -----
 * Enable SameSite=None; Secure by default on all cookies for embedded apps [#851](https://github.com/Shopify/shopify_app/pull/851)
diff --git a/lib/shopify_app/version.rb b/lib/shopify_app/version.rb
index 2b23f689e..81e94961e 100644
--- a/lib/shopify_app/version.rb
+++ b/lib/shopify_app/version.rb
@@ -1,3 +1,3 @@
 module ShopifyApp
-  VERSION = '11.6.0'.freeze
+  VERSION = '11.6.1'.freeze
 end

From 8d0ea1a5ff9bd67ccd7aa24721f2a24ffdc69310 Mon Sep 17 00:00:00 2001
From: Lucas Kim <lucas.kim@shopify.com>
Date: Wed, 15 Jan 2020 13:59:37 -0500
Subject: [PATCH 4/5] remove loading controller from engine

---
 lib/shopify_app.rb | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/lib/shopify_app.rb b/lib/shopify_app.rb
index b3b58a664..9de1736e3 100644
--- a/lib/shopify_app.rb
+++ b/lib/shopify_app.rb
@@ -24,9 +24,6 @@ def self.use_webpacker?
   # utils
   require 'shopify_app/utils'
 
-  # controllers
-  require 'shopify_app/controllers/extension_verification_controller'
-
   # controller concerns
   require 'shopify_app/controller_concerns/localization'
   require 'shopify_app/controller_concerns/itp'

From eb5cc32146a32d0a675dc9827e5af7ee23992de5 Mon Sep 17 00:00:00 2001
From: Lucas Kim <lucas.kim@shopify.com>
Date: Wed, 15 Jan 2020 14:14:33 -0500
Subject: [PATCH 5/5] minor version change, not a patch

---
 CHANGELOG.md               | 2 +-
 lib/shopify_app/version.rb | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4852f50f2..60a4e6e85 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,4 @@
-11.6.1
+11.7.0
 -----
 * Move ExtensionVerificationController from engine to app controllers, as being in the engine makes ActionController::Base get loaded before app initiates [#855](https://github.com/Shopify/shopify_app/pull/855)
 
diff --git a/lib/shopify_app/version.rb b/lib/shopify_app/version.rb
index 81e94961e..dfd9cc19c 100644
--- a/lib/shopify_app/version.rb
+++ b/lib/shopify_app/version.rb
@@ -1,3 +1,3 @@
 module ShopifyApp
-  VERSION = '11.6.1'.freeze
+  VERSION = '11.7.0'.freeze
 end