class ShopifyAPI::Auth::JwtPayload

def ==(other)

def ==(other)
  return false unless other
  iss == other.iss &&
    dest == other.dest &&
    aud == other.aud &&
    sub == other.sub &&
    exp == other.exp &&
    nbf == other.nbf &&
    iat == other.iat &&
    jti == other.jti &&
    sid == other.sid
end

def decode_token(token, api_secret_key)

def decode_token(token, api_secret_key)
  JWT.decode(token, api_secret_key, true,
    { exp_leeway: JWT_EXPIRATION_LEEWAY, algorithm: "HS256" })[0]
rescue
  raise ShopifyAPI::Errors::InvalidJwtTokenError, "Failed to parse session token '#{token}'"
end

def initialize(token)

def initialize(token)
  payload_hash = begin
    decode_token(token, Context.api_secret_key)
  rescue ShopifyAPI::Errors::InvalidJwtTokenError
    raise unless Context.old_api_secret_key
    decode_token(token, T.must(Context.old_api_secret_key))
  end
  @iss = T.let(payload_hash["iss"], String)
  @dest = T.let(payload_hash["dest"], String)
  @aud = T.let(payload_hash["aud"], String)
  @sub = T.let(payload_hash["sub"], String)
  @exp = T.let(payload_hash["exp"], Integer)
  @nbf = T.let(payload_hash["nbf"], Integer)
  @iat = T.let(payload_hash["iat"], Integer)
  @jti = T.let(payload_hash["jti"], String)
  @sid = T.let(payload_hash["sid"], String)
  raise ShopifyAPI::Errors::InvalidJwtTokenError,
    "Session token had invalid API key" unless @aud == Context.api_key
end

def shop

def shop
  @dest.gsub("https://", "")
end

def validate_shop(shop)

def validate_shop(shop)
  Context.logger.warn(
    "Deprecation notice: ShopifyAPI::Auth::JwtPayload.validate_shop no longer checks the given shop and always " \
      "returns true. It will be removed in v11.",
  )
  true
end

Namespace

ShopifyAPI::Auth

Extended Modules

ShopifyAPI::Auth::JwtPayload::T::Sig

Instance Methods

Defined in

lib/shopify_api/auth/jwt_payload.rb