@e-mage/nestjs-shopify-guards/dist/guards/shopify-auth.guard.js

Nest.js Shopify guards

"use strict";
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
    return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __param = (this && this.__param) || function (paramIndex, decorator) {
    return function (target, key) { decorator(target, key, paramIndex); }
};
var __rest = (this && this.__rest) || function (s, e) {
    var t = {};
    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
        t[p] = s[p];
    if (s != null && typeof Object.getOwnPropertySymbols === "function")
        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
                t[p[i]] = s[p[i]];
        }
    return t;
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.ShopifyAuthGuard = void 0;
const crypto_1 = require("crypto");
const common_1 = require("@nestjs/common");
const config_service_1 = require("../config-service");
let ShopifyAuthGuard = class ShopifyAuthGuard {
    constructor(config) {
        this.config = config;
    }
    canActivate(context) {
        const { query, method } = context.switchToHttp().getRequest();
        if (method !== 'GET') {
            return true;
        }
        if (!this.config.get('apiSecretKey') || !this.config.get('queryHmac')) {
            throw new common_1.HttpException('HMAC validation failed', common_1.HttpStatus.UNAUTHORIZED);
        }
        const _a = query, _b = this.config.get('queryHmac'), hmac = _a[_b], restQuery = __rest(_a, [typeof _b === "symbol" ? _b : _b + ""]);
        if (!hmac) {
            throw new common_1.HttpException('HMAC validation failed', common_1.HttpStatus.UNAUTHORIZED);
        }
        const digest = (0, crypto_1.createHmac)('sha256', this.config.get('apiSecretKey'))
            .update(decodeURIComponent(new URLSearchParams(restQuery).toString()))
            .digest('hex');
        if (hmac !== digest) {
            throw new common_1.HttpException('HMAC validation failed', common_1.HttpStatus.UNAUTHORIZED);
        }
        else {
            return true;
        }
    }
};
ShopifyAuthGuard = __decorate([
    (0, common_1.Injectable)(),
    __param(0, (0, common_1.Inject)(config_service_1.ConfigService)),
    __metadata("design:paramtypes", [config_service_1.ConfigService])
], ShopifyAuthGuard);
exports.ShopifyAuthGuard = ShopifyAuthGuard;
//# sourceMappingURL=shopify-auth.guard.js.map