class ShopifyAPI::Auth::JwtPayload

Constants

JWT_EXPIRATION_LEEWAY
JWT_LEEWAY

Attributes

aud[R]
dest[R]
exp[R]
expire_at[R]
iat[R]
iss[R]
jti[R]
nbf[R]
sid[R]
sub[R]

Public Class Methods

new(token) click to toggle source
# File lib/shopify_api/auth/jwt_payload.rb, line 21
def initialize(token)
  payload_hash = begin
    decode_token(token, Context.api_secret_key)
  rescue ShopifyAPI::Errors::InvalidJwtTokenError
    raise unless Context.old_api_secret_key

    decode_token(token, T.must(Context.old_api_secret_key))
  end

  @iss = T.let(payload_hash["iss"], String)
  @dest = T.let(payload_hash["dest"], String)
  @aud = T.let(payload_hash["aud"], String)
  @sub = T.let(payload_hash["sub"], String)
  @exp = T.let(payload_hash["exp"], Integer)
  @nbf = T.let(payload_hash["nbf"], Integer)
  @iat = T.let(payload_hash["iat"], Integer)
  @jti = T.let(payload_hash["jti"], String)
  @sid = T.let(payload_hash["sid"], String)

  raise ShopifyAPI::Errors::InvalidJwtTokenError,
    "Session token had invalid API key" unless @aud == Context.api_key
end

Public Instance Methods

==(other) click to toggle source
# File lib/shopify_api/auth/jwt_payload.rb, line 67
def ==(other)
  return false unless other

  iss == other.iss &&
    dest == other.dest &&
    aud == other.aud &&
    sub == other.sub &&
    exp == other.exp &&
    nbf == other.nbf &&
    iat == other.iat &&
    jti == other.jti &&
    sid == other.sid
end
Also aliased as: eql?
eql?(other)
Alias for: ==
shop() click to toggle source
# File lib/shopify_api/auth/jwt_payload.rb, line 45
def shop
  @dest.gsub("https://", "")
end
Also aliased as: shopify_domain
shopify_domain()
Alias for: shop
shopify_user_id() click to toggle source
# File lib/shopify_api/auth/jwt_payload.rb, line 51
def shopify_user_id
  @sub.to_i
end
validate_shop(shop) click to toggle source
# File lib/shopify_api/auth/jwt_payload.rb, line 57
def validate_shop(shop)
  Context.logger.warn(
    "Deprecation notice: ShopifyAPI::Auth::JwtPayload.validate_shop no longer checks the given shop and always " \
      "returns true. It will be removed in v11.",
  )
  true
end

Private Instance Methods

decode_token(token, api_secret_key) click to toggle source
# File lib/shopify_api/auth/jwt_payload.rb, line 84
def decode_token(token, api_secret_key)
  JWT.decode(token, api_secret_key, true, leeway: JWT_LEEWAY, algorithm: "HS256")[0]
rescue JWT::DecodeError => err
  raise ShopifyAPI::Errors::InvalidJwtTokenError, "Error decoding session token: #{err.message}"
end