README
¶
go-shopify-oauth
OAuth Server for Shopify App.
How OAuth of Shopify App works
How to authenticate with OAuth for Shopify App is described in here.
In Short, OAuth client needs to provide two endpoints:
-
Endpoint to provide App's detail
- Provide requesting scope of App for authorization with a shop
-
Endpoint to handle redirect after authorization
- Receive AuthZ code so that requesting access token
Example
Runnable server example is in example.
Prerequisite
Following env var is required to run the example.
- APP_NAME
- Application's name
- API_KEY
- API key of Shopify App
- API_SECRET
- API Secret of Shopify App
- SCOPE
- OAuth Scope of Shopify App
- GRANT_OPTION
- (Optional) Access mode. Default is Offline
- SERVICE_URL
- URL of the service
Installation Steps of Shopify App
- Create App in Shopify Partner dashboard
- Get
API keyandAPI Secret keyfrom App Setup page and set them in env var - Set env var of Scopes that an App needs
- Set env var of host name where your service will run
- Run the service
- Go to
Test on development storein App page of Shopify Partner dashboard - Select your test store and proceed installation
Documentation
¶
Index ¶
- Constants
- Variables
- func DefaultAccessTokenHandle(token string) error
- type AccessToken
- type AccessTokenRequestPayload
- type App
- type AuthorizeOption
- type Client
- func (c Client) CacheState(shop, state string)
- func (c *Client) DefaultAuthorizeHandler() http.HandlerFunc
- func (c *Client) DefaultOAuthRedirectHandler() http.HandlerFunc
- func (c *Client) GetAccessToken(r *http.Request) (string, *ShopAccessTokenParam, error)
- func (c *Client) PrepareRedirect(r *http.Request) (string, error)
- func (c *Client) VerifyRedirect(r *http.Request, p *ShopAccessTokenParam) (bool, error)
- type OnlineModeAccessToken
- type ShopAccessTokenParam
- type ShopParam
- type TokenHandle
- type TokenHandler
Constants ¶
const ( HMACParamKey = "hmac" ShopParamKey = "shop" TimestampParamKey = "timestamp" StateParamKey = "state" HostParamKey = "host" CodeParamKey = "code" SignatureParamKey = "signature" )
const AccessTokenURL = "https://%s/admin/oauth/access_token"
AccessTokenURL is the URL to extract access token of Shopify.
const AuthZURL = "https://%s/admin/oauth/authorize"
const DefaultDestinationURL = "https://%s/admin/apps"
DefaultDestinationURL is an URL of redirect target after App's installation.
const RedirectPath = "/oauth/redirect"
Variables ¶
var ErrStateVerification = errors.New("value of OAuth state is not matched")
var ErrURLVerification = errors.New("url verification failed")
Functions ¶
func DefaultAccessTokenHandle ¶
DefaultAccessTokenHandle is a default handler of AccessToken.
Types ¶
type AccessToken ¶
AccessToken is the response of oauth access_token endpoint.
type AccessTokenRequestPayload ¶
type AccessTokenRequestPayload struct {
// Client ID is the API key.
ClientID string `url:"client_id"`
// ClientSecret is the API secret.
ClientSecret string `url:"client_secret"`
// code is the authorization code provided in the redirect.
Code string `url:"code"`
}
AccessTokenRequestPayload is the payload of oauth access_token endpoint.
type AuthorizeOption ¶
type AuthorizeOption struct {
// Client ID is the API key.
ClientID string `url:"client_id"`
// Scope is comma separated value of AuthZ scope in Shopify.
Scope string `url:"scope"`
// RedirectURI is a url redirected after authorizing client.
RedirectURI string `url:"redirect_uri"`
// State is nonce to keep the AuthN secure.
State string `url:"state"`
// GrantOptions is [Access Mode](https://shopify.dev/concepts/about-apis/authentication#api-access-modes).
GrantOptions string `url:"grant_options,omitempty"`
}
AuthorizeOption is query params used on AuthZ redirect. [Shopify Docs](https://shopify.dev/tutorials/authenticate-with-oauth#step-2-ask-for-permission).
type Client ¶
type Client struct {
App *goshopify.App
ShopState map[string]string
HTTPClient *http.Client
TokenHandler TokenHandler
}
func (Client) CacheState ¶
func (*Client) DefaultAuthorizeHandler ¶
func (c *Client) DefaultAuthorizeHandler() http.HandlerFunc
DefaultAuthorizeHandler is HTTP handler to respond AuthZ trigger to Shopify. A successful request is redirected to Shopify's App AuthZ view.
func (*Client) DefaultOAuthRedirectHandler ¶
func (c *Client) DefaultOAuthRedirectHandler() http.HandlerFunc
func (*Client) GetAccessToken ¶
func (*Client) PrepareRedirect ¶
PrepareRedirect generates an URL of Shopify for user's AuthZ view. While generating an URL, keep nonce per shop ID for CSRF prevention.
func (*Client) VerifyRedirect ¶ added in v0.1.0
type OnlineModeAccessToken ¶
type OnlineModeAccessToken struct {
*AccessToken
ExpiresIn string `json:"expires_in"`
AssociatedUser struct {
ID string `json:"id"`
FirstName string `json:"first_name"`
LastName string `json:"last_name"`
Email string `json:"email"`
EmailVerified bool `json:"email_verified"`
AccountOwner bool `json:"account_owner"`
Locale string `json:"locale"`
Collaborator bool `json:"collaborator"`
} `json:"associated_user"`
}
OnlineModeAccessToken is the response of oauth access_token endpoint when AuthZ was for online mode.
type ShopAccessTokenParam ¶
ShopAccessTokenParam is used to store params used in redirect request from Shopify.
type ShopParam ¶
type ShopParam struct {
HMAC string `url:"hmac"`
Shop string `url:"shop"`
TimeStamp string `url:"timestamp"`
}
ShopParam is params sent from Shopify on AuthZ process start.
type TokenHandle ¶
func (TokenHandle) Handle ¶
func (th TokenHandle) Handle(token string) error
Source Files
Directories