@shopify/shopify-app-express
Version:
Shopify Express Middleware - to simplify the building of Shopify Apps with Express
1 lines • 3.94 kB
Source Map (JSON)
{"version":3,"file":"redirect-out-of-app.mjs","sources":["../../../src/redirect-out-of-app.ts"],"sourcesContent":["import {Request, Response} from 'express';\n\nimport {AppConfigInterface} from './config-types';\nimport {RedirectOutOfAppFunction, ApiAndConfigParams} from './types';\n\nexport function redirectOutOfApp({\n api,\n config,\n}: ApiAndConfigParams): RedirectOutOfAppFunction {\n return function redirectOutOfApp({req, res, redirectUri, shop}): void {\n if (\n (!api.config.isEmbeddedApp && isFetchRequest(req)) ||\n req.headers.authorization?.match(/Bearer (.*)/)\n ) {\n appBridgeHeaderRedirect(config, res, redirectUri);\n } else if (req.query.embedded === '1') {\n exitIframeRedirect(config, req, res, redirectUri, shop);\n } else {\n serverSideRedirect(config, res, redirectUri, shop);\n }\n };\n}\n\nfunction appBridgeHeaderRedirect(\n config: AppConfigInterface,\n res: Response,\n redirectUri: string,\n) {\n config.logger.debug(\n `Redirecting: request has bearer token, returning headers to ${redirectUri}`,\n );\n\n res.status(403);\n res.append('Access-Control-Expose-Headers', [\n 'X-Shopify-Api-Request-Failure-Reauthorize',\n 'X-Shopify-Api-Request-Failure-Reauthorize-Url',\n ]);\n res.header('X-Shopify-API-Request-Failure-Reauthorize', '1');\n res.header('X-Shopify-API-Request-Failure-Reauthorize-Url', redirectUri);\n res.end();\n}\n\nfunction exitIframeRedirect(\n config: AppConfigInterface,\n req: Request,\n res: Response,\n redirectUri: string,\n shop: string,\n): void {\n config.logger.debug(\n `Redirecting: request is embedded, using exitiframe path to ${redirectUri}`,\n {shop},\n );\n\n const queryParams = new URLSearchParams({\n ...req.query,\n shop,\n redirectUri,\n }).toString();\n\n res.redirect(`${config.exitIframePath}?${queryParams}`);\n}\n\nfunction serverSideRedirect(\n config: AppConfigInterface,\n res: Response,\n redirectUri: string,\n shop: string,\n): void {\n config.logger.debug(\n `Redirecting: request is at top level, going to ${redirectUri} `,\n {shop},\n );\n\n res.redirect(redirectUri);\n}\n\nfunction isFetchRequest(req: Request) {\n return req.xhr || req.headers['sec-fetch-dest'] === 'empty';\n}\n"],"names":[],"mappings":"SAKgB,gBAAgB,CAAC,EAC/B,GAAG,EACH,MAAM,GACa,EAAA;IACnB,OAAO,SAAS,gBAAgB,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,WAAW,EAAE,IAAI,EAAC,EAAA;AAC5D,QAAA,IACE,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,cAAc,CAAC,GAAG,CAAC;YACjD,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,KAAK,CAAC,aAAa,CAAC,EAC/C;AACA,YAAA,uBAAuB,CAAC,MAAM,EAAE,GAAG,EAAE,WAAW,CAAC;QACnD;aAAO,IAAI,GAAG,CAAC,KAAK,CAAC,QAAQ,KAAK,GAAG,EAAE;YACrC,kBAAkB,CAAC,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,WAAW,EAAE,IAAI,CAAC;QACzD;aAAO;YACL,kBAAkB,CAAC,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,IAAI,CAAC;QACpD;AACF,IAAA,CAAC;AACH;AAEA,SAAS,uBAAuB,CAC9B,MAA0B,EAC1B,GAAa,EACb,WAAmB,EAAA;IAEnB,MAAM,CAAC,MAAM,CAAC,KAAK,CACjB,CAAA,4DAAA,EAA+D,WAAW,CAAA,CAAE,CAC7E;AAED,IAAA,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC;AACf,IAAA,GAAG,CAAC,MAAM,CAAC,+BAA+B,EAAE;QAC1C,2CAA2C;QAC3C,+CAA+C;AAChD,KAAA,CAAC;AACF,IAAA,GAAG,CAAC,MAAM,CAAC,2CAA2C,EAAE,GAAG,CAAC;AAC5D,IAAA,GAAG,CAAC,MAAM,CAAC,+CAA+C,EAAE,WAAW,CAAC;IACxE,GAAG,CAAC,GAAG,EAAE;AACX;AAEA,SAAS,kBAAkB,CACzB,MAA0B,EAC1B,GAAY,EACZ,GAAa,EACb,WAAmB,EACnB,IAAY,EAAA;AAEZ,IAAA,MAAM,CAAC,MAAM,CAAC,KAAK,CACjB,CAAA,2DAAA,EAA8D,WAAW,CAAA,CAAE,EAC3E,EAAC,IAAI,EAAC,CACP;AAED,IAAA,MAAM,WAAW,GAAG,IAAI,eAAe,CAAC;QACtC,GAAG,GAAG,CAAC,KAAK;QACZ,IAAI;QACJ,WAAW;KACZ,CAAC,CAAC,QAAQ,EAAE;IAEb,GAAG,CAAC,QAAQ,CAAC,CAAA,EAAG,MAAM,CAAC,cAAc,CAAA,CAAA,EAAI,WAAW,CAAA,CAAE,CAAC;AACzD;AAEA,SAAS,kBAAkB,CACzB,MAA0B,EAC1B,GAAa,EACb,WAAmB,EACnB,IAAY,EAAA;AAEZ,IAAA,MAAM,CAAC,MAAM,CAAC,KAAK,CACjB,CAAA,+CAAA,EAAkD,WAAW,CAAA,CAAA,CAAG,EAChE,EAAC,IAAI,EAAC,CACP;AAED,IAAA,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC;AAC3B;AAEA,SAAS,cAAc,CAAC,GAAY,EAAA;AAClC,IAAA,OAAO,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC,KAAK,OAAO;AAC7D;;;;"}