86 legacy session support

wlaurance · Nov 5, 2012 · 7a9a595 · 7a9a595
1 parent 39d937b
commit 7a9a595
Show file tree

Hide file tree

Showing 5 changed files with 80 additions and 220 deletions.
diff --git a/lib/main.js b/lib/main.js
diff --git a/lib/session.js b/lib/session.js
diff --git a/src/main.coffee b/src/main.coffee
@@ -1,5 +1,2 @@
-Session = require './session-oauth'
-
-
-exports.createSession = (url, token, apiKey, secret, params) ->
-	new Session(url, token, apiKey, secret, params)
+exports.createSession = (shopname, permanent_token) ->
+	new (require __dirname + "/session")(shopname, permanent_token)
diff --git a/src/session-oauth.coffee b/src/session-oauth.coffee
diff --git a/src/session.coffee b/src/session.coffee
@@ -1,87 +1,42 @@
-crypto = require 'crypto'
 Blog = require './resources/blog'
 Product = require './resources/product'
 Order = require './resources/order'
-
-trim = (string) ->
-  string.replace(/^\s\s*/, '').replace(/\s\s*$/, '')
-
-empty = (string)->
-  string = trim(string)
-  string.length is 0 
-
-sortObj = (o) ->
-  sorted = {}
-  a = []
-
-  for key of o 
-    if o.hasOwnProperty key
-      a.push key
-
-  a.sort()
-
-  for key in [0..a.length] 
-    sorted[a[key]] = o[a[key]]
-
-  return sorted
-
-isNumeric = (n) ->
-  !isNaN(parseFloat(n)) and isFinite(n)
-
+Resource = require './resource'
 
 class Session
 
-  protocol: "https"
-
-  constructor: (@url, @token = '', @apiKey, @secret, @params = {}) ->
-    @token = @url if empty(@token)
-    if @params['signature']?
-      timestamp = (new Date(@params['timestamp'])).getTime()
-      expireTime = (new Date).getTime() - (24 * 84600)
-      if not @validateSignature(@params) and expireTime > timestamp
-        throw new Error 'Invalid signature: Possible malicious login.'
-
-    @url = @prepareUrl(@url)
-
-    if @valid
-      @blog = new Blog(@site())
-      @product = new Product(@site())
-      @order = new Order(@site())
-
-  createPermissionUrl: ->
-    "http://#{@url}/admin/api/auth?api_key=#{@apiKey}" if not empty(@url) and not empty(@apiKey)
-
-  site: -> 
-    "#{@protocol}://#{@apiKey}:#{@computedPassword()}@#{@url}/admin"
-
-  valid: ->
-    not empty(@url) and not empty(@token)
-
-  computedPassword: ->
-    crypto.createHash('md5').update("#{@secret}#{@token}").digest("hex")
-
-  prepareUrl: (url) ->
-    return '' if empty(url)
-    url.replace /https?:\/\//, ''
-    url += '.myshopify.com' unless url.indexOf(".") isnt -1
-    return url
-
-  validateSignature: (params) ->
-    @signature = params['signature']
-    generatedSignature = @secret
-    params = sortObj(params)
-    for k, v of params
-      if k isnt "signature" and k isnt "action" and k isnt "controller" and not isNumeric(k) and k?
-        generatedSignature += "#{k}=#{v}"
-
-    generatedSignature = generatedSignature.replace(new RegExp("undefined=undefined"), '')
-    generatedSignature = crypto.createHash('md5').update("#{generatedSignature}").digest("hex")    
-    generatedSignature is @signature   
-
-
-
-
-
-
+  constructor:(@store_name, @persistent_token)->
+    @protocol = 'https'
+    @registerOAuthToken()
+    @blog = new Blog(@site())
+    @product = new Product(@site())
+    @order = new Order(@site())
+
+
+  onRedirectUrl:(url, cb)->
+    url.replace /\?code=[\w\d]+/, (code)=>
+      temp_token = code.split('=')[1]
+      @requestPermanentAccessToken temp_token, (@persistent_token)=>
+        @registerOAuthToken()
+        process.nextTick ->
+          do cb
+
+  requestPermanentAccessToken:(temp_token, cb)->
+    params = "client_id=#{@api_key}&client_secret=#{@secret}&code=#{temp_token}"
+    Resource.post "#{@site()}/oauth/access_token", 'oauth', params, (err, response)=>
+      if err?
+        throw err
+        return
+      response = JSON.parse response
+      process.nextTick ->
+        cb response.access_token
+
+
+  site:()->
+    "#{@protocol}://#{@store_name}.myshopify.com/admin"
+
+  registerOAuthToken:()->
+    if @persistent_token isnt null
+      Resource.setOAuthToken @persistent_token
 
 module.exports = Session