@shopify/shopify-app-remix
Version:
Shopify Remix - to simplify the building of Shopify Apps with Remix
1 lines • 8.81 kB
Source Map (JSON)
{"version":3,"file":"token-exchange.mjs","sources":["../../../../../../../src/server/authenticate/admin/strategies/token-exchange.ts"],"sourcesContent":["import {\n HttpResponseError,\n InvalidJwtError,\n RequestedTokenType,\n Session,\n Shopify,\n} from '@shopify/shopify-api';\n\nimport {AppConfig, AppConfigArg} from '../../../config-types';\nimport {BasicParams} from '../../../types';\nimport {\n respondToInvalidSessionToken,\n invalidateAccessToken,\n getShopFromRequest,\n} from '../../helpers';\nimport {handleClientErrorFactory, triggerAfterAuthHook} from '../helpers';\nimport {HandleAdminClientError} from '../../../clients';\nimport type {\n ApiConfigWithFutureFlags,\n ApiFutureFlags,\n} from '../../../future/flags';\nimport {WITHIN_MILLISECONDS_OF_EXPIRY} from '../../../helpers';\n\nimport {AuthorizationStrategy, SessionContext, OnErrorOptions} from './types';\n\nexport class TokenExchangeStrategy<\n Config extends AppConfigArg,\n> implements AuthorizationStrategy {\n protected api: Shopify<\n ApiConfigWithFutureFlags<Config['future']>,\n ApiFutureFlags<Config['future']>\n >;\n\n protected config: AppConfig;\n protected logger: Shopify['logger'];\n\n public constructor({api, config, logger}: BasicParams<Config['future']>) {\n this.api = api;\n this.config = config;\n this.logger = logger;\n }\n\n public async respondToOAuthRequests(_request: Request): Promise<void> {}\n\n public async authenticate(\n request: Request,\n sessionContext: SessionContext,\n ): Promise<Session> {\n const {api, config, logger} = this;\n const {shop, session, sessionToken} = sessionContext;\n\n if (!sessionToken) throw new InvalidJwtError();\n\n if (\n !session ||\n !session.isActive(undefined, WITHIN_MILLISECONDS_OF_EXPIRY)\n ) {\n logger.info('No valid session found', {shop});\n logger.info('Requesting offline access token', {shop});\n const {session: offlineSession} = await this.exchangeToken({\n request,\n sessionToken,\n shop,\n requestedTokenType: RequestedTokenType.OfflineAccessToken,\n });\n\n await config.sessionStorage!.storeSession(offlineSession);\n\n let newSession = offlineSession;\n\n if (config.useOnlineTokens) {\n logger.info('Requesting online access token', {shop});\n const {session: onlineSession} = await this.exchangeToken({\n request,\n sessionToken,\n shop,\n requestedTokenType: RequestedTokenType.OnlineAccessToken,\n });\n\n await config.sessionStorage!.storeSession(onlineSession);\n newSession = onlineSession;\n }\n\n logger.debug('Request is valid, loaded session from session token', {\n shop: newSession.shop,\n isOnline: newSession.isOnline,\n });\n\n try {\n await this.handleAfterAuthHook(\n {api, config, logger},\n newSession,\n request,\n sessionToken,\n );\n } catch (errorOrResponse) {\n if (errorOrResponse instanceof Response) {\n throw errorOrResponse;\n }\n\n throw new Response(undefined, {\n status: 500,\n statusText: 'Internal Server Error',\n });\n }\n\n return newSession;\n }\n\n return session!;\n }\n\n public handleClientError(request: Request): HandleAdminClientError {\n const {api, config, logger} = this;\n return handleClientErrorFactory({\n request,\n onError: async ({session, error}: OnErrorOptions) => {\n if (error.response.code === 401) {\n logger.debug('Responding to invalid access token', {\n shop: getShopFromRequest(request),\n });\n await invalidateAccessToken({config, api, logger}, session);\n\n respondToInvalidSessionToken({\n params: {config, api, logger},\n request,\n });\n }\n },\n });\n }\n\n private async exchangeToken({\n request,\n shop,\n sessionToken,\n requestedTokenType,\n }: {\n request: Request;\n shop: string;\n sessionToken: string;\n requestedTokenType: RequestedTokenType;\n }): Promise<{session: Session}> {\n const {api, config, logger} = this;\n\n try {\n return await api.auth.tokenExchange({\n sessionToken,\n shop,\n requestedTokenType,\n expiring: config.future.expiringOfflineAccessTokens,\n });\n } catch (error) {\n if (\n error instanceof InvalidJwtError ||\n (error instanceof HttpResponseError &&\n error.response.code === 400 &&\n error.response.body?.error === 'invalid_subject_token')\n ) {\n throw respondToInvalidSessionToken({\n params: {api, config, logger},\n request,\n retryRequest: true,\n });\n }\n\n throw new Response(undefined, {\n status: 500,\n statusText: 'Internal Server Error',\n });\n }\n }\n\n private async handleAfterAuthHook(\n params: BasicParams,\n session: Session,\n request: Request,\n sessionToken: string,\n ) {\n const {config} = params;\n await config.idempotentPromiseHandler.handlePromise({\n promiseFunction: () => {\n return triggerAfterAuthHook(params, session, request, this);\n },\n identifier: sessionToken,\n });\n }\n}\n"],"names":[],"mappings":";;;;;;;;;;;MAyBa,qBAAqB,CAAA;AAGtB,IAAA,GAAG;AAKH,IAAA,MAAM;AACN,IAAA,MAAM;AAEhB,IAAA,WAAA,CAAmB,EAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAgC,EAAA;AACrE,QAAA,IAAI,CAAC,GAAG,GAAG,GAAG;AACd,QAAA,IAAI,CAAC,MAAM,GAAG,MAAM;AACpB,QAAA,IAAI,CAAC,MAAM,GAAG,MAAM;IACtB;AAEO,IAAA,MAAM,sBAAsB,CAAC,QAAiB,IAAkB;AAEhE,IAAA,MAAM,YAAY,CACvB,OAAgB,EAChB,cAA8B,EAAA;QAE9B,MAAM,EAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAC,GAAG,IAAI;QAClC,MAAM,EAAC,IAAI,EAAE,OAAO,EAAE,YAAY,EAAC,GAAG,cAAc;AAEpD,QAAA,IAAI,CAAC,YAAY;YAAE,MAAM,IAAI,eAAe,EAAE;AAE9C,QAAA,IACE,CAAC,OAAO;YACR,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,EAAE,6BAA6B,CAAC,EAC3D;YACA,MAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAC,IAAI,EAAC,CAAC;YAC7C,MAAM,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAC,IAAI,EAAC,CAAC;YACtD,MAAM,EAAC,OAAO,EAAE,cAAc,EAAC,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC;gBACzD,OAAO;gBACP,YAAY;gBACZ,IAAI;gBACJ,kBAAkB,EAAE,kBAAkB,CAAC,kBAAkB;AAC1D,aAAA,CAAC;YAEF,MAAM,MAAM,CAAC,cAAe,CAAC,YAAY,CAAC,cAAc,CAAC;YAEzD,IAAI,UAAU,GAAG,cAAc;AAE/B,YAAA,IAAI,MAAM,CAAC,eAAe,EAAE;gBAC1B,MAAM,CAAC,IAAI,CAAC,gCAAgC,EAAE,EAAC,IAAI,EAAC,CAAC;gBACrD,MAAM,EAAC,OAAO,EAAE,aAAa,EAAC,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC;oBACxD,OAAO;oBACP,YAAY;oBACZ,IAAI;oBACJ,kBAAkB,EAAE,kBAAkB,CAAC,iBAAiB;AACzD,iBAAA,CAAC;gBAEF,MAAM,MAAM,CAAC,cAAe,CAAC,YAAY,CAAC,aAAa,CAAC;gBACxD,UAAU,GAAG,aAAa;YAC5B;AAEA,YAAA,MAAM,CAAC,KAAK,CAAC,qDAAqD,EAAE;gBAClE,IAAI,EAAE,UAAU,CAAC,IAAI;gBACrB,QAAQ,EAAE,UAAU,CAAC,QAAQ;AAC9B,aAAA,CAAC;AAEF,YAAA,IAAI;AACF,gBAAA,MAAM,IAAI,CAAC,mBAAmB,CAC5B,EAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAC,EACrB,UAAU,EACV,OAAO,EACP,YAAY,CACb;YACH;YAAE,OAAO,eAAe,EAAE;AACxB,gBAAA,IAAI,eAAe,YAAY,QAAQ,EAAE;AACvC,oBAAA,MAAM,eAAe;gBACvB;AAEA,gBAAA,MAAM,IAAI,QAAQ,CAAC,SAAS,EAAE;AAC5B,oBAAA,MAAM,EAAE,GAAG;AACX,oBAAA,UAAU,EAAE,uBAAuB;AACpC,iBAAA,CAAC;YACJ;AAEA,YAAA,OAAO,UAAU;QACnB;AAEA,QAAA,OAAO,OAAQ;IACjB;AAEO,IAAA,iBAAiB,CAAC,OAAgB,EAAA;QACvC,MAAM,EAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAC,GAAG,IAAI;AAClC,QAAA,OAAO,wBAAwB,CAAC;YAC9B,OAAO;YACP,OAAO,EAAE,OAAO,EAAC,OAAO,EAAE,KAAK,EAAiB,KAAI;gBAClD,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,GAAG,EAAE;AAC/B,oBAAA,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE;AACjD,wBAAA,IAAI,EAAE,kBAAkB,CAAC,OAAO,CAAC;AAClC,qBAAA,CAAC;AACF,oBAAA,MAAM,qBAAqB,CAAC,EAAC,MAAM,EAAO,MAAM,EAAC,EAAE,OAAO,CAAC;AAE3D,oBAAA,4BAA4B,CAAC;AAC3B,wBAAA,MAAM,EAAE,EAAC,MAAM,EAAE,GAAG,EAAE,MAAM,EAAC;wBAC7B,OAAO;AACR,qBAAA,CAAC;gBACJ;YACF,CAAC;AACF,SAAA,CAAC;IACJ;IAEQ,MAAM,aAAa,CAAC,EAC1B,OAAO,EACP,IAAI,EACJ,YAAY,EACZ,kBAAkB,GAMnB,EAAA;QACC,MAAM,EAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAC,GAAG,IAAI;AAElC,QAAA,IAAI;AACF,YAAA,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC;gBAClC,YAAY;gBACZ,IAAI;gBACJ,kBAAkB;AAClB,gBAAA,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,2BAA2B;AACpD,aAAA,CAAC;QACJ;QAAE,OAAO,KAAK,EAAE;YACd,IACE,KAAK,YAAY,eAAe;iBAC/B,KAAK,YAAY,iBAAiB;AACjC,oBAAA,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,GAAG;oBAC3B,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,KAAK,KAAK,uBAAuB,CAAC,EACzD;AACA,gBAAA,MAAM,4BAA4B,CAAC;AACjC,oBAAA,MAAM,EAAE,EAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAC;oBAC7B,OAAO;AACP,oBAAA,YAAY,EAAE,IAAI;AACnB,iBAAA,CAAC;YACJ;AAEA,YAAA,MAAM,IAAI,QAAQ,CAAC,SAAS,EAAE;AAC5B,gBAAA,MAAM,EAAE,GAAG;AACX,gBAAA,UAAU,EAAE,uBAAuB;AACpC,aAAA,CAAC;QACJ;IACF;IAEQ,MAAM,mBAAmB,CAC/B,MAAmB,EACnB,OAAgB,EAChB,OAAgB,EAChB,YAAoB,EAAA;AAEpB,QAAA,MAAM,EAAC,MAAM,EAAC,GAAG,MAAM;AACvB,QAAA,MAAM,MAAM,CAAC,wBAAwB,CAAC,aAAa,CAAC;YAClD,eAAe,EAAE,MAAK;gBACpB,OAAO,oBAAoB,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC;YAC7D,CAAC;AACD,YAAA,UAAU,EAAE,YAAY;AACzB,SAAA,CAAC;IACJ;AACD;;;;"}