From 64eb123a45b9a59fbd7bf001dc032e15be16089a Mon Sep 17 00:00:00 2001
From: Lino Moretto <lino.moretto@gmail.com>
Date: Thu, 31 Oct 2024 16:15:34 +0100
Subject: [PATCH] Patched JwtPayload in order to parse Checkout UI extensions
 session tokens, missing "iss" and "sid" keys (see:
 https://shopify.dev/docs/api/checkout-ui-extensions/2024-10/apis/session-token)

---
 lib/shopify_api/auth/jwt_payload.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/shopify_api/auth/jwt_payload.rb b/lib/shopify_api/auth/jwt_payload.rb
index 59ab7fc9..9359e9b2 100644
--- a/lib/shopify_api/auth/jwt_payload.rb
+++ b/lib/shopify_api/auth/jwt_payload.rb
@@ -27,7 +27,7 @@ def initialize(token)
           decode_token(token, T.must(Context.old_api_secret_key))
         end
 
-        @iss = T.let(payload_hash["iss"], String)
+        @iss = T.let(payload_hash["iss"], T.nilable(String))
         @dest = T.let(payload_hash["dest"], String)
         @aud = T.let(payload_hash["aud"], String)
         @sub = T.let(payload_hash["sub"], String)
@@ -35,7 +35,7 @@ def initialize(token)
         @nbf = T.let(payload_hash["nbf"], Integer)
         @iat = T.let(payload_hash["iat"], Integer)
         @jti = T.let(payload_hash["jti"], String)
-        @sid = T.let(payload_hash["sid"], String)
+        @sid = T.let(payload_hash["sid"], T.nilable(String))
 
         raise ShopifyAPI::Errors::InvalidJwtTokenError,
           "Session token had invalid API key" unless @aud == Context.api_key
@@ -49,7 +49,7 @@ def shop
 
       sig { returns(Integer) }
       def shopify_user_id
-        @sub.to_i
+        @sub.tr("^0-9", "").to_i
       end
 
       # TODO: Remove before releasing v11