Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug] Fixes session.create_permission_url() to omit scope param if not required #757

Merged
merged 8 commits into from
Jan 20, 2025
Merged

[Bug] Fixes session.create_permission_url() to omit scope param if not required #757

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
024d946
Refactor `create_permission_url` to handle optional `scope`.
tylerj117 Jan 11, 2025
ceada24
Update to version 12.7.1 and update the CHANGELOG.
tylerj117 Jan 12, 2025
07d6c47
Fix typo in method signature of create_permission_url
tylerj117 Jan 12, 2025
adaf770
Update tests for `create_permission_url` method.
tylerj117 Jan 17, 2025
a3ae353
Merge branch 'main' into main
Arkham Jan 20, 2025
12e933b
Fix linting errors
tylerj117 Jan 20, 2025
a7b7ce0
Merge remote-tracking branch 'origin/main'
tylerj117 Jan 20, 2025
2f998c6
Fix linting errors
tylerj117 Jan 20, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
== Unreleased

- Remove requirement to provide scopes to Permission URL, as it should be omitted if defined with the TOML file.

== Version 12.7.0

- Remove requirement to use a predefined API version. Now you can use any valid API version string. ([#737](https://github.com/Shopify/shopify_python_api/pull/737))
Expand Down
6 changes: 4 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,10 +66,12 @@ pip install --upgrade ShopifyAPI
api_version = '2024-07'
state = binascii.b2a_hex(os.urandom(15)).decode("utf-8")
redirect_uri = "http://myapp.com/auth/shopify/callback"
# `scope` should be omitted if provided by app's TOML
scopes = ['read_products', 'read_orders']

newSession = shopify.Session(shop_url, api_version)
auth_url = newSession.create_permission_url(scopes, redirect_uri, state)
# `scope` should be omitted if provided by app's TOML
auth_url = newSession.create_permission_url(redirect_uri, scopes, state)
# redirect to auth_url
```

Expand Down Expand Up @@ -155,7 +157,7 @@ _Note: Your application must be public to test the billing process. To test on a
> **⚠️ Note**: As of October 1, 2024, the REST Admin API is legacy:
> - Public apps must migrate to GraphQL by February 2025
> - Custom apps must migrate to GraphQL by April 2025
>
>
> For migration guidance, see [Shopify's migration guide](https://shopify.dev/docs/apps/build/graphql/migrate/new-product-model)

It is recommended to have at least a basic grasp on the principles of the [pyactiveresource](https://github.com/Shopify/pyactiveresource) library, which is a port of rails/ActiveResource to Python and upon which this package relies heavily.
Expand Down
7 changes: 5 additions & 2 deletions shopify/session.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,8 +53,11 @@ def __init__(self, shop_url, version=None, token=None, access_scopes=None):
self.access_scopes = access_scopes
return

def create_permission_url(self, scope, redirect_uri, state=None):
query_params = {"client_id": self.api_key, "scope": ",".join(scope), "redirect_uri": redirect_uri}
def create_permission_url(self, redirect_uri, scope=None, state=None):
query_params = {"client_id": self.api_key, "redirect_uri": redirect_uri}
# `scope` should be omitted if provided by app's TOML
if scope:
query_params["scope"] = ",".join(scope)
if state:
query_params["state"] = state
return "https://%s/admin/oauth/authorize?%s" % (self.url, urllib.parse.urlencode(query_params))
Expand Down
2 changes: 1 addition & 1 deletion shopify/version.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
VERSION = "12.7.0"
VERSION = "12.7.1"
42 changes: 30 additions & 12 deletions test/session_test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,51 +86,69 @@ def test_temp_works_without_currently_active_session(self):
self.assertEqual("https://testshop.myshopify.com/admin/api/unstable", assigned_site)
self.assertEqual("https://none/admin/api/unstable", shopify.ShopifyResource.site)

def test_create_permission_url_returns_correct_url_with_single_scope_and_redirect_uri(self):
def test_create_permission_url_returns_correct_url_with_redirect_uri(self):
shopify.Session.setup(api_key="My_test_key", secret="My test secret")
session = shopify.Session("http://localhost.myshopify.com", "unstable")
permission_url = session.create_permission_url("my_redirect_uri.com")
self.assertEqual(
"https://localhost.myshopify.com/admin/oauth/authorize?client_id=My_test_key&redirect_uri=my_redirect_uri.com",
self.normalize_url(permission_url),
)

def test_create_permission_url_returns_correct_url_with_redirect_uri_and_single_scope(self):
shopify.Session.setup(api_key="My_test_key", secret="My test secret")
session = shopify.Session("http://localhost.myshopify.com", "unstable")
scope = ["write_products"]
permission_url = session.create_permission_url(scope, "my_redirect_uri.com")
permission_url = session.create_permission_url("my_redirect_uri.com", scope=scope)
self.assertEqual(
"https://localhost.myshopify.com/admin/oauth/authorize?client_id=My_test_key&redirect_uri=my_redirect_uri.com&scope=write_products",
self.normalize_url(permission_url),
)

def test_create_permission_url_returns_correct_url_with_dual_scope_and_redirect_uri(self):
def test_create_permission_url_returns_correct_url_with_redirect_uri_and_dual_scope(self):
shopify.Session.setup(api_key="My_test_key", secret="My test secret")
session = shopify.Session("http://localhost.myshopify.com", "unstable")
scope = ["write_products", "write_customers"]
permission_url = session.create_permission_url(scope, "my_redirect_uri.com")
permission_url = session.create_permission_url("my_redirect_uri.com", scope=scope)
self.assertEqual(
"https://localhost.myshopify.com/admin/oauth/authorize?client_id=My_test_key&redirect_uri=my_redirect_uri.com&scope=write_products%2Cwrite_customers",
self.normalize_url(permission_url),
)

def test_create_permission_url_returns_correct_url_with_no_scope_and_redirect_uri(self):
def test_create_permission_url_returns_correct_url_with_redirect_uri_and_empty_scope(self):
shopify.Session.setup(api_key="My_test_key", secret="My test secret")
session = shopify.Session("http://localhost.myshopify.com", "unstable")
scope = []
permission_url = session.create_permission_url(scope, "my_redirect_uri.com")
permission_url = session.create_permission_url("my_redirect_uri.com", scope=scope)
self.assertEqual(
"https://localhost.myshopify.com/admin/oauth/authorize?client_id=My_test_key&redirect_uri=my_redirect_uri.com",
self.normalize_url(permission_url),
)

def test_create_permission_url_returns_correct_url_with_redirect_uri_and_state(self):
shopify.Session.setup(api_key="My_test_key", secret="My test secret")
session = shopify.Session("http://localhost.myshopify.com", "unstable")
permission_url = session.create_permission_url("my_redirect_uri.com", state="mystate")
self.assertEqual(
"https://localhost.myshopify.com/admin/oauth/authorize?client_id=My_test_key&redirect_uri=my_redirect_uri.com&scope=",
"https://localhost.myshopify.com/admin/oauth/authorize?client_id=My_test_key&redirect_uri=my_redirect_uri.com&state=mystate",
self.normalize_url(permission_url),
)

def test_create_permission_url_returns_correct_url_with_no_scope_and_redirect_uri_and_state(self):
def test_create_permission_url_returns_correct_url_with_redirect_uri_empty_scope_and_state(self):
shopify.Session.setup(api_key="My_test_key", secret="My test secret")
session = shopify.Session("http://localhost.myshopify.com", "unstable")
scope = []
permission_url = session.create_permission_url(scope, "my_redirect_uri.com", state="mystate")
permission_url = session.create_permission_url("my_redirect_uri.com", scope=scope, state="mystate")
self.assertEqual(
"https://localhost.myshopify.com/admin/oauth/authorize?client_id=My_test_key&redirect_uri=my_redirect_uri.com&scope=&state=mystate",
"https://localhost.myshopify.com/admin/oauth/authorize?client_id=My_test_key&redirect_uri=my_redirect_uri.com&state=mystate",
self.normalize_url(permission_url),
)

def test_create_permission_url_returns_correct_url_with_single_scope_and_redirect_uri_and_state(self):
def test_create_permission_url_returns_correct_url_with_redirect_uri_and_single_scope_and_state(self):
shopify.Session.setup(api_key="My_test_key", secret="My test secret")
session = shopify.Session("http://localhost.myshopify.com", "unstable")
scope = ["write_customers"]
permission_url = session.create_permission_url(scope, "my_redirect_uri.com", state="mystate")
permission_url = session.create_permission_url("my_redirect_uri.com", scope=scope, state="mystate")
self.assertEqual(
"https://localhost.myshopify.com/admin/oauth/authorize?client_id=My_test_key&redirect_uri=my_redirect_uri.com&scope=write_customers&state=mystate",
self.normalize_url(permission_url),
Expand Down
Loading