@agnostack/next-shopify/dist/lib/utils/shopify-api-js/oauth.js

Please contact agnoStack via info@agnostack.com for any questions

"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
var __rest = (this && this.__rest) || function (s, e) {
    var t = {};
    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
        t[p] = s[p];
    if (s != null && typeof Object.getOwnPropertySymbols === "function")
        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
                t[p[i]] = s[p[i]];
        }
    return t;
};
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.beginAuth = void 0;
const isbot_1 = __importDefault(require("isbot"));
const runtime_1 = require("@shopify/shopify-api/runtime");
const shopify_api_1 = require("@shopify/shopify-api");
const crypto_1 = require("../crypto");
const shared_1 = require("../../../shared");
// NOTE this is a custom implementation of shopify.auth.begin from @shopify/shopify-api
// for leveraging a custom auth state
const beginAuth = (_a) => __awaiter(void 0, void 0, void 0, function* () {
    var { config, isOnline, callbackPath, shop: shopProp, state: stateProp } = _a, adapterArgs = __rest(_a, ["config", "isOnline", "callbackPath", "shop", "state"]);
    if (config.isCustomStoreApp) {
        throw new shopify_api_1.PrivateAppError('Cannot perform OAuth for private apps');
    }
    const request = yield (0, runtime_1.abstractConvertRequest)(adapterArgs);
    const response = yield (0, runtime_1.abstractConvertIncomingResponse)(adapterArgs);
    if ((0, isbot_1.default)(request.headers['User-Agent'])) {
        console.log(`Possible bot request to beginAuth: `, {
            userAgent: request.headers['User-Agent'],
        });
        response.statusCode = 410;
        return (0, runtime_1.abstractConvertResponse)(response, adapterArgs);
    }
    const cookies = new runtime_1.Cookies(request, response, {
        keys: [config.apiSecretKey],
        secure: true,
    });
    const { shop } = (0, shared_1.getSanitizedShopData)(shopProp);
    const state = stateProp !== null && stateProp !== void 0 ? stateProp : (0, crypto_1.getNonce)();
    yield cookies.setAndSign(shopify_api_1.STATE_COOKIE_NAME, state, {
        sameSite: 'lax',
        secure: true,
        expires: new Date(Date.now() + 60000), // TODO: explore datetime utils here?
        path: callbackPath,
    });
    const queryParams = new URLSearchParams({
        client_id: config.apiKey,
        scope: config.scopes.toString(),
        redirect_uri: `${config.hostScheme}://${config.hostName}${callbackPath}`,
        state,
        'grant_options[]': isOnline ? 'per-user' : '',
    }).toString();
    response.statusCode = 307;
    response.statusText = 'Found';
    response.headers = Object.assign(Object.assign(Object.assign({}, response.headers), cookies.response.headers), { Location: `https://${shop}/admin/oauth/authorize?${queryParams}` });
    return (0, runtime_1.abstractConvertResponse)(response, adapterArgs);
});
exports.beginAuth = beginAuth;
//# sourceMappingURL=oauth.js.map