Skip to content
This repository has been archived by the owner on Jan 30, 2023. It is now read-only.

fix request used to check oauth #144

Merged
merged 3 commits into from
Feb 15, 2022
Merged

fix request used to check oauth #144

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
453aba7
fix request used to check oauth
JaKXz Feb 15, 2022
ab91151
Update CHANGELOG.md
JaKXz Feb 15, 2022
7d8b9ad
Update CHANGELOG.md
JaKXz Feb 15, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ and adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).

## [Unreleased]

### Fixed
- Replace deprecated metafields API request used for oauth token check with longer lived call to teh shop endpoint [144](https://github.com/Shopify/koa-shopify-auth/pull/144)
JaKXz marked this conversation as resolved.
Show resolved Hide resolved

## [4.1.4] - 2021-07-19
### Fixed
- Retry OAuth if cookie / session has expired on callback [112](https://github.com/Shopify/koa-shopify-auth/pull/112)
Expand Down
9 changes: 3 additions & 6 deletions src/verify-request/tests/verify-request.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,13 @@
import '../../test/test_helper';

import {createMockContext} from '@shopify/jest-koa-mocks';
import {StatusCode} from '@shopify/network';
import Shopify, { RequestReturn } from '@shopify/shopify-api';
import jwt from 'jsonwebtoken';

import verifyRequest from '../verify-request';
import {clearSession} from '../utilities';
import {TEST_COOKIE_NAME, TOP_LEVEL_OAUTH_COOKIE_NAME} from '../../index';
import {REAUTH_HEADER, REAUTH_URL_HEADER} from '../verify-token';
import { clear } from 'console';
const TEST_SHOP = 'testshop.myshopify.io';
const TEST_USER = '1';

Expand Down Expand Up @@ -41,10 +39,9 @@ describe('verifyRequest', () => {
session.scope = 'test_scope';
await Shopify.Utils.storeSession(session);

// mocking metafields call from client.get()
Shopify.Clients.Rest.prototype.get = jest.fn(({path, query}) => {
expect(path).toEqual('metafields');
expect(query).toEqual({'limit': 1})
// mocking shop call from client.get()
Shopify.Clients.Rest.prototype.get = jest.fn(({path}) => {
expect(path).toEqual('shop');
return Promise.resolve({ "body": "" } as RequestReturn);
});
});
Expand Down
2 changes: 1 addition & 1 deletion src/verify-request/verify-token.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ export function verifyToken(routes: Routes, accessMode: AccessMode = DEFAULT_ACC
try {
// make a request to make sure oauth has succeeded, retry otherwise
const client = new Shopify.Clients.Rest(session.shop, session.accessToken)
await client.get({ path: "metafields", query: {'limit': 1} })
await client.get({path: 'shop'});
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

May I know what the response of this updated path going to be? Just trying to understand if it would cause any latency issues as I've seen metafields API timing out during auth process multiple times.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @snehapawar9910

Just trying to understand if it would cause any latency issues as I've seen metafields API timing out during auth process multiple times.

I don't think you should see any of these issues with this change. The response body should just be an object with your shop name [and other details] - Paulo and I agree this is the cheapest call we can make here. As I mentioned above I am not a huge fan of making a request for data to check on the session, but, I wanted to unblock those using this library from not being able to publish.

Copy link

@Dynogic Dynogic Mar 8, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@JaKXz any reason to why the metafields REST endpoint is now deprecated? From my understanding, as of 2022-04, this REST endpoint still exists and nothing looks to be deprecated: https://shopify.dev/api/admin-rest/2022-04/resources/metafield#get-metafields

Is it maybe because this code calls into an older API version (or it's calling the un-versioned endpoint), and the deprecation you are mentioning is the value_type deprecation? The reason I ask is that our app still relies on the API call I've quoted below, and I'd prefer to keep relying on the metafields resource and version it to 2022-01 rather than switch over to the shop resource.

Some inputs would be great here... :)

const response = await fetch(
  `https://${session.shop}/admin/metafields.json`,
  {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      'X-Shopify-Access-Token': session.accessToken,
    },
  },
);


ctx.cookies.set(TOP_LEVEL_OAUTH_COOKIE_NAME);
await next();
Expand Down