Refactor SessionUtil to use new method and add test coverage

zzooeeyy · zzooeeyy · commit e2d3ac860f1c · 2024-04-17T14:45:06.000-06:00
diff --git a/lib/shopify_api/utils/session_utils.rb b/lib/shopify_api/utils/session_utils.rb
@@ -25,14 +25,7 @@ def current_session_id(auth_header, cookies, online)
                 raise Errors::MissingJwtTokenError, "Missing Bearer token in authorization header"
               end
 
-              jwt_payload = Auth::JwtPayload.new(T.must(matches[1]))
-              shop = jwt_payload.shop
-
-              if online
-                jwt_session_id(shop, jwt_payload.sub)
-              else
-                offline_session_id(shop)
-              end
+              session_id_from_shopify_id_token(id_token: T.must(matches[1]), online: online)
             else
               # falling back to session cookie
               raise Errors::CookieNotFoundError, "JWT token or Session cookie not found for app" unless
diff --git a/test/utils/session_utils_test.rb b/test/utils/session_utils_test.rb
@@ -24,6 +24,7 @@ def setup
         }
 
         @jwt_token = JWT.encode(@jwt_payload, ShopifyAPI::Context.api_secret_key, "HS256")
+        @auth_header = "Bearer #{@jwt_token}"
       end
 
       def test_gets_online_session_id_from_shopify_id_token
@@ -47,6 +48,88 @@ def test_session_id_from_shopify_id_token_raises_invalid_jwt_errors
           ShopifyAPI::Utils::SessionUtils.session_id_from_shopify_id_token(id_token: "invalid_token", online: true)
         end
       end
+
+      def test_non_embedded_app_current_session_id_raises_cookie_not_found_error
+        ShopifyAPI::Context.stubs(:embedded?).returns(false)
+
+        [
+          nil,
+          {},
+          { "not-session-cookie-name": "not-this-cookie" },
+        ].each do |cookies|
+          error = assert_raises(ShopifyAPI::Errors::CookieNotFoundError) do
+            ShopifyAPI::Utils::SessionUtils.current_session_id(nil, cookies, true)
+          end
+          assert_equal("Session cookie not found for app", error.message)
+        end
+      end
+
+      def test_non_embedded_app_current_session_id_returns_id_from_cookie
+        ShopifyAPI::Context.stubs(:embedded?).returns(false)
+        expected_session_id = "cookie_value"
+        cookies = { ShopifyAPI::Auth::Oauth::SessionCookie::SESSION_COOKIE_NAME => expected_session_id }
+
+        assert_equal(
+          expected_session_id,
+          ShopifyAPI::Utils::SessionUtils.current_session_id(nil, cookies, true),
+        )
+      end
+
+      def test_embedded_app_current_session_id_raises_cookie_not_found_error
+        ShopifyAPI::Context.stubs(:embedded?).returns(true)
+
+        [
+          nil,
+          {},
+          { "not-session-cookie-name": "not-this-cookie" },
+        ].each do |cookies|
+          error = assert_raises(ShopifyAPI::Errors::CookieNotFoundError) do
+            ShopifyAPI::Utils::SessionUtils.current_session_id(nil, cookies, true)
+          end
+          assert_equal("JWT token or Session cookie not found for app", error.message)
+        end
+      end
+
+      def test_embedded_app_current_session_id_raises_missing_jwt_token_error
+        ShopifyAPI::Context.stubs(:embedded?).returns(true)
+
+        error = assert_raises(ShopifyAPI::Errors::MissingJwtTokenError) do
+          ShopifyAPI::Utils::SessionUtils.current_session_id("", nil, true)
+        end
+
+        assert_equal("Missing Bearer token in authorization header", error.message)
+      end
+
+      def test_embedded_app_current_session_id_returns_online_id_from_auth_header
+        ShopifyAPI::Context.stubs(:embedded?).returns(true)
+        expected_session_id = "#{@shop}_#{@user_id}"
+
+        assert_equal(
+          expected_session_id,
+          ShopifyAPI::Utils::SessionUtils.current_session_id(@auth_header, nil, true),
+        )
+      end
+
+      def test_embedded_app_current_session_id_returns_offline_id_from_auth_header
+        ShopifyAPI::Context.stubs(:embedded?).returns(true)
+        expected_session_id = "offline_#{@shop}"
+
+        assert_equal(
+          expected_session_id,
+          ShopifyAPI::Utils::SessionUtils.current_session_id(@auth_header, nil, false),
+        )
+      end
+
+      def test_embedded_app_current_session_id_returns_id_from_auth_header_even_with_cookies
+        ShopifyAPI::Context.stubs(:embedded?).returns(true)
+        cookies = { ShopifyAPI::Auth::Oauth::SessionCookie::SESSION_COOKIE_NAME => "cookie_value" }
+        expected_session_id = "#{@shop}_#{@user_id}"
+
+        assert_equal(
+          expected_session_id,
+          ShopifyAPI::Utils::SessionUtils.current_session_id(@auth_header, cookies, true),
+        )
+      end
     end
   end
 end
