@shopify/shopify-api/dist/esm/runtime/http/cookies.mjs.map

Shopify API Library for Node - accelerate development with support for authentication, graphql proxy, webhooks

{"version":3,"file":"cookies.mjs","sources":["../../../../../../runtime/http/cookies.ts"],"sourcesContent":["// import type {Headers} from \"./headers\";\nimport {createSHA256HMAC} from '../crypto/utils';\n\nimport {splitN} from './utils';\nimport {getHeader, getHeaders, removeHeader, addHeader} from './headers';\n\nimport type {NormalizedRequest, NormalizedResponse} from '.';\n\nexport interface CookieData {\n  name: string;\n  value: string;\n  /**\n   * a number representing the milliseconds from Date.now() for expiry\n   */\n  maxAge?: number;\n  /**\n   * a Date object indicating the cookie's expiration\n   * date (expires at the end of session by default).\n   */\n  expires?: Date;\n  /**\n   * a string indicating the path of the cookie (/ by default).\n   */\n  path?: string;\n  /**\n   * a string indicating the domain of the cookie (no default).\n   */\n  domain?: string;\n  /**\n   * a boolean indicating whether the cookie is only to be sent\n   * over HTTPS (false by default for HTTP, true by default for HTTPS).\n   */\n  secure?: boolean;\n  /**\n   * a boolean indicating whether the cookie is only to be sent over HTTP(S),\n   * and not made available to client JavaScript (true by default).\n   */\n  httpOnly?: boolean;\n  /**\n   * a boolean or string indicating whether the cookie is a \"same site\" cookie (false by default).\n   * This can be set to 'strict', 'lax', or true (which maps to 'strict').\n   */\n  sameSite?: 'strict' | 'lax' | 'none';\n}\n\nexport type CookieJar = Record<string, CookieData>;\ninterface CookiesOptions {\n  keys: string[];\n  // Ignored. Only for type-compatibility with the node package for now.\n  secure: boolean;\n}\nexport class Cookies {\n  static parseCookies(hdrs: string[]): CookieJar {\n    const entries = hdrs\n      .filter((hdr) => hdr.trim().length > 0)\n      .map((cookieDef) => {\n        const [keyval, ...opts] = cookieDef.split(';');\n        const [name, value] = splitN(keyval, '=', 2).map((value) =>\n          value.trim(),\n        );\n        return [\n          name,\n          {\n            name,\n            value,\n            ...Object.fromEntries(\n              opts.map((opt) =>\n                splitN(opt, '=', 2).map((value) => value.trim()),\n              ),\n            ),\n          },\n        ];\n      });\n    const jar = Object.fromEntries(entries) as CookieJar;\n    for (const cookie of Object.values(jar)) {\n      if (typeof cookie.expires === 'string') {\n        cookie.expires = new Date(cookie.expires);\n      }\n    }\n    return jar;\n  }\n\n  static encodeCookie(data: CookieData): string {\n    let result = '';\n    result += `${data.name}=${data.value};`;\n    result += Object.entries(data)\n      .filter(([key]) => !['name', 'value', 'expires'].includes(key))\n      .map(([key, value]) => `${key}=${value}`)\n      .join('; ');\n    if (data.expires) {\n      result += ';';\n      result += `expires=${data.expires.toUTCString()}`;\n    }\n    return result;\n  }\n\n  receivedCookieJar: CookieJar = {};\n  outgoingCookieJar: CookieJar = {};\n  private keys: string[] = [];\n\n  constructor(\n    request: NormalizedRequest,\n    public response: NormalizedResponse,\n    {keys = []}: Partial<CookiesOptions> = {},\n  ) {\n    if (keys) this.keys = keys;\n\n    const cookieReqHdr = getHeader(request.headers, 'Cookie') ?? '';\n    this.receivedCookieJar = Cookies.parseCookies(cookieReqHdr.split(';'));\n    const cookieResHdr = getHeaders(response.headers, 'Set-Cookie') ?? [];\n    this.outgoingCookieJar = Cookies.parseCookies(cookieResHdr);\n  }\n\n  toHeaders(): string[] {\n    return Object.values(this.outgoingCookieJar).map((cookie) =>\n      Cookies.encodeCookie(cookie),\n    );\n  }\n\n  updateHeader() {\n    if (!this.response.headers) {\n      this.response.headers = {};\n    }\n    removeHeader(this.response.headers, 'Set-Cookie');\n    this.toHeaders().map((hdr) =>\n      addHeader(this.response.headers!, 'Set-Cookie', hdr),\n    );\n  }\n\n  get(name: string): string | undefined {\n    return this.receivedCookieJar[name]?.value;\n  }\n\n  deleteCookie(name: string) {\n    this.set(name, '', {\n      path: '/',\n      expires: new Date(0),\n    });\n  }\n\n  async getAndVerify(name: string): Promise<string | undefined> {\n    const value = this.get(name);\n    if (!value) return undefined;\n    if (!(await this.isSignedCookieValid(name))) {\n      return undefined;\n    }\n    return value;\n  }\n\n  private get canSign() {\n    return this.keys?.length > 0;\n  }\n\n  set(name: string, value: string, opts: Partial<CookieData> = {}): void {\n    this.outgoingCookieJar[name] = {\n      ...opts,\n      name,\n      value,\n    };\n    this.updateHeader();\n  }\n\n  async setAndSign(\n    name: string,\n    value: string,\n    opts: Partial<CookieData> = {},\n  ): Promise<void> {\n    if (!this.canSign) {\n      throw Error('No keys provided for signing.');\n    }\n    this.set(name, value, opts);\n    const sigName = `${name}.sig`;\n    const signature = await createSHA256HMAC(this.keys[0], value);\n    this.set(sigName, signature, opts);\n    this.updateHeader();\n  }\n\n  async isSignedCookieValid(cookieName: string): Promise<boolean> {\n    const signedCookieName = `${cookieName}.sig`;\n    if (\n      !this.cookieExists(cookieName) ||\n      !this.cookieExists(signedCookieName)\n    ) {\n      this.deleteInvalidCookies(cookieName, signedCookieName);\n      return false;\n    }\n    const cookieValue = this.get(cookieName);\n    const signature = this.get(signedCookieName);\n\n    if (!cookieValue || !signature) {\n      this.deleteInvalidCookies(cookieName, signedCookieName);\n      return false;\n    }\n\n    const allCheckSignatures = await Promise.all(\n      this.keys.map((key) => createSHA256HMAC(key, cookieValue)),\n    );\n\n    if (!allCheckSignatures.includes(signature)) {\n      this.deleteInvalidCookies(cookieName, signedCookieName);\n      return false;\n    }\n\n    return true;\n  }\n\n  private cookieExists(cookieName: string) {\n    return Boolean(this.get(cookieName));\n  }\n\n  private deleteInvalidCookies(...cookieNames: string[]): void {\n    cookieNames.forEach((cookieName) => this.deleteCookie(cookieName));\n  }\n}\n"],"names":[],"mappings":";;;;AAAA;MAmDa,OAAO,CAAA;AAmDT,IAAA,QAAA;IAlDT,OAAO,YAAY,CAAC,IAAc,EAAA;QAChC,MAAM,OAAO,GAAG;AACb,aAAA,MAAM,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC;AACrC,aAAA,GAAG,CAAC,CAAC,SAAS,KAAI;AACjB,YAAA,MAAM,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC;YAC9C,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,KACrD,KAAK,CAAC,IAAI,EAAE,CACb;YACD,OAAO;gBACL,IAAI;AACJ,gBAAA;oBACE,IAAI;oBACJ,KAAK;AACL,oBAAA,GAAG,MAAM,CAAC,WAAW,CACnB,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,KACX,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC,CACjD,CACF;AACF,iBAAA;aACF;AACH,QAAA,CAAC,CAAC;QACJ,MAAM,GAAG,GAAG,MAAM,CAAC,WAAW,CAAC,OAAO,CAAc;QACpD,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;AACvC,YAAA,IAAI,OAAO,MAAM,CAAC,OAAO,KAAK,QAAQ,EAAE;gBACtC,MAAM,CAAC,OAAO,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;YAC3C;QACF;AACA,QAAA,OAAO,GAAG;IACZ;IAEA,OAAO,YAAY,CAAC,IAAgB,EAAA;QAClC,IAAI,MAAM,GAAG,EAAE;QACf,MAAM,IAAI,CAAA,EAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,CAAA,CAAA,CAAG;AACvC,QAAA,MAAM,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI;aAC1B,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;AAC7D,aAAA,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,KAAK,CAAA,EAAG,GAAG,CAAA,CAAA,EAAI,KAAK,EAAE;aACvC,IAAI,CAAC,IAAI,CAAC;AACb,QAAA,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,MAAM,IAAI,GAAG;YACb,MAAM,IAAI,WAAW,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAA,CAAE;QACnD;AACA,QAAA,OAAO,MAAM;IACf;IAEA,iBAAiB,GAAc,EAAE;IACjC,iBAAiB,GAAc,EAAE;IACzB,IAAI,GAAa,EAAE;IAE3B,WAAA,CACE,OAA0B,EACnB,QAA4B,EACnC,EAAC,IAAI,GAAG,EAAE,EAAA,GAA6B,EAAE,EAAA;QADlC,IAAA,CAAA,QAAQ,GAAR,QAAQ;AAGf,QAAA,IAAI,IAAI;AAAE,YAAA,IAAI,CAAC,IAAI,GAAG,IAAI;AAE1B,QAAA,MAAM,YAAY,GAAG,SAAS,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,IAAI,EAAE;AAC/D,QAAA,IAAI,CAAC,iBAAiB,GAAG,OAAO,CAAC,YAAY,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AACtE,QAAA,MAAM,YAAY,GAAG,UAAU,CAAC,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC,IAAI,EAAE;QACrE,IAAI,CAAC,iBAAiB,GAAG,OAAO,CAAC,YAAY,CAAC,YAAY,CAAC;IAC7D;IAEA,SAAS,GAAA;QACP,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,KACtD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,CAC7B;IACH;IAEA,YAAY,GAAA;AACV,QAAA,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE;AAC1B,YAAA,IAAI,CAAC,QAAQ,CAAC,OAAO,GAAG,EAAE;QAC5B;QACA,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,KACvB,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAQ,EAAE,YAAY,EAAE,GAAG,CAAC,CACrD;IACH;AAEA,IAAA,GAAG,CAAC,IAAY,EAAA;QACd,OAAO,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,KAAK;IAC5C;AAEA,IAAA,YAAY,CAAC,IAAY,EAAA;AACvB,QAAA,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE;AACjB,YAAA,IAAI,EAAE,GAAG;AACT,YAAA,OAAO,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC;AACrB,SAAA,CAAC;IACJ;IAEA,MAAM,YAAY,CAAC,IAAY,EAAA;QAC7B,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;AAC5B,QAAA,IAAI,CAAC,KAAK;AAAE,YAAA,OAAO,SAAS;QAC5B,IAAI,EAAE,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,EAAE;AAC3C,YAAA,OAAO,SAAS;QAClB;AACA,QAAA,OAAO,KAAK;IACd;AAEA,IAAA,IAAY,OAAO,GAAA;AACjB,QAAA,OAAO,IAAI,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC;IAC9B;AAEA,IAAA,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,OAA4B,EAAE,EAAA;AAC7D,QAAA,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG;AAC7B,YAAA,GAAG,IAAI;YACP,IAAI;YACJ,KAAK;SACN;QACD,IAAI,CAAC,YAAY,EAAE;IACrB;IAEA,MAAM,UAAU,CACd,IAAY,EACZ,KAAa,EACb,OAA4B,EAAE,EAAA;AAE9B,QAAA,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;AACjB,YAAA,MAAM,KAAK,CAAC,+BAA+B,CAAC;QAC9C;QACA,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC;AAC3B,QAAA,MAAM,OAAO,GAAG,CAAA,EAAG,IAAI,MAAM;AAC7B,QAAA,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC;QAC7D,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC;QAClC,IAAI,CAAC,YAAY,EAAE;IACrB;IAEA,MAAM,mBAAmB,CAAC,UAAkB,EAAA;AAC1C,QAAA,MAAM,gBAAgB,GAAG,CAAA,EAAG,UAAU,MAAM;AAC5C,QAAA,IACE,CAAC,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC;AAC9B,YAAA,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,EACpC;AACA,YAAA,IAAI,CAAC,oBAAoB,CAAC,UAAU,EAAE,gBAAgB,CAAC;AACvD,YAAA,OAAO,KAAK;QACd;QACA,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC;QACxC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,gBAAgB,CAAC;AAE5C,QAAA,IAAI,CAAC,WAAW,IAAI,CAAC,SAAS,EAAE;AAC9B,YAAA,IAAI,CAAC,oBAAoB,CAAC,UAAU,EAAE,gBAAgB,CAAC;AACvD,YAAA,OAAO,KAAK;QACd;QAEA,MAAM,kBAAkB,GAAG,MAAM,OAAO,CAAC,GAAG,CAC1C,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,gBAAgB,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC,CAC3D;QAED,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE;AAC3C,YAAA,IAAI,CAAC,oBAAoB,CAAC,UAAU,EAAE,gBAAgB,CAAC;AACvD,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,OAAO,IAAI;IACb;AAEQ,IAAA,YAAY,CAAC,UAAkB,EAAA;QACrC,OAAO,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACtC;IAEQ,oBAAoB,CAAC,GAAG,WAAqB,EAAA;AACnD,QAAA,WAAW,CAAC,OAAO,CAAC,CAAC,UAAU,KAAK,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;IACpE;AACD;;;;"}