@shopify/koa-shopify-graphql-proxy/build/node/shopify-graphql-proxy.js

A wrapper around `koa-better-http-proxy` which allows easy proxying of GraphQL requests from an embedded Shopify app

"use strict";

Object.defineProperty(exports, "__esModule", {
  value: true
});
exports.default = shopifyGraphQLProxy;
exports.ApiVersion = exports.GRAPHQL_PATH_PREFIX = exports.PROXY_BASE_PATH = void 0;

var _koaBetterHttpProxy = _interopRequireDefault(require("koa-better-http-proxy"));

function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }

const PROXY_BASE_PATH = '/graphql';
exports.PROXY_BASE_PATH = PROXY_BASE_PATH;
const GRAPHQL_PATH_PREFIX = '/admin/api';
exports.GRAPHQL_PATH_PREFIX = GRAPHQL_PATH_PREFIX;
let ApiVersion;
exports.ApiVersion = ApiVersion;

(function (ApiVersion) {
  ApiVersion["July19"] = "2019-07";
  ApiVersion["October19"] = "2019-10";
  ApiVersion["January20"] = "2020-01";
  ApiVersion["April20"] = "2020-04";
  ApiVersion["July20"] = "2020-07";
  ApiVersion["October20"] = "2020-10";
  ApiVersion["Unstable"] = "unstable";
  ApiVersion["Unversioned"] = "unversioned";
})(ApiVersion || (exports.ApiVersion = ApiVersion = {}));

function shopifyGraphQLProxy(proxyOptions) {
  return async function shopifyGraphQLProxyMiddleware(ctx, next) {
    const {
      session = {}
    } = ctx;
    const shop = 'shop' in proxyOptions ? proxyOptions.shop : session.shop;
    const accessToken = 'password' in proxyOptions ? proxyOptions.password : session.accessToken;
    const version = proxyOptions.version;

    if (ctx.path !== PROXY_BASE_PATH || ctx.method !== 'POST') {
      await next();
      return;
    }

    if (accessToken == null || shop == null) {
      ctx.throw(403, 'Unauthorized');
      return;
    }

    await (0, _koaBetterHttpProxy.default)(shop, {
      https: true,
      parseReqBody: false,
      // Setting request header here, not response. That's why we don't use ctx.set()
      // proxy middleware will grab this request header
      headers: {
        'Content-Type': 'application/json',
        'X-Shopify-Access-Token': accessToken
      },

      proxyReqOptDecorator(proxyReqOpts) {
        delete proxyReqOpts.headers.cookie;
        delete proxyReqOpts.headers.Cookie;
        return proxyReqOpts;
      },

      proxyReqPathResolver() {
        return `${GRAPHQL_PATH_PREFIX}/${version}/graphql.json`;
      }

    })(ctx,
    /*
      We want this middleware to terminate, not fall through to the next in the chain,
      but sadly it doesn't support not passing a `next` function. To get around this we
      just pass our own dummy `next` that resolves immediately.
    */
    noop);
  };
}

async function noop() {}