Merge pull request #91 from umbraco/feature/oauth-self-hosted

Feature/oauth self hosted

Author: acoumb

src/Umbraco.Cms.Integrations.Commerce.Shopify/Configuration/ShopifyOAuthSettings.cs

@@ -0,0 +1,32 @@
+using System.Collections.Specialized;
+
+namespace Umbraco.Cms.Integrations.Commerce.Shopify.Configuration
+{
+    public class ShopifyOAuthSettings
+    {
+        public ShopifyOAuthSettings() { }
+
+        public ShopifyOAuthSettings(NameValueCollection appSettings)
+        {
+            ClientId = appSettings[Constants.Configuration.UmbracoCmsIntegrationsCommerceShopifyClientIdKey];
+
+            ClientSecret = appSettings[Constants.Configuration.UmbracoCmsIntegrationsCommerceShopifyClientSecretKey];
+
+            RedirectUri = appSettings[Constants.Configuration.UmbracoCmsIntegrationsCommerceShopifyRedirectUriKey];
+
+            Scopes = appSettings[Constants.Configuration.UmbracoCmsIntegrationsCommerceShopifyScopesKey];
+
+            TokenEndpoint = appSettings[Constants.Configuration.UmbracoCmsIntegrationsCommerceShopifyTokenEndpointKey];
+        }
+
+        public string ClientId { get; set; }
+
+        public string ClientSecret { get; set; }
+
+        public string RedirectUri { get; set; }
+
+        public string Scopes { get; set; }
+
+        public string TokenEndpoint { get; set; }
+    }
+}

src/Umbraco.Cms.Integrations.Commerce.Shopify/Configuration/ShopifySettings.cs

@@ -11,15 +11,20 @@ public ShopifySettings()
 
         public ShopifySettings(NameValueCollection appSettings)
         {
-            ApiVersion = appSettings[Constants.UmbracoCmsIntegrationsCommerceShopifyApiVersion];
-            Shop = appSettings[Constants.UmbracoCmsIntegrationsCommerceShopifyShop];
-            AccessToken = appSettings[Constants.UmbracoCmsIntegrationsCommerceShopifyAccessToken];
+            ApiVersion = appSettings[Constants.Configuration.UmbracoCmsIntegrationsCommerceShopifyApiVersion];
+            Shop = appSettings[Constants.Configuration.UmbracoCmsIntegrationsCommerceShopifyShop];
+            AccessToken = appSettings[Constants.Configuration.UmbracoCmsIntegrationsCommerceShopifyAccessToken];
+            UseUmbracoAuthorization = bool.TryParse(appSettings[Constants.Configuration.UmbracoCmsIntegrationsCommerceShopifyUseUmbracoAuthorizationKey], out var key)
+               ? key
+               : true;
         }
 
         public string ApiVersion { get; set; }
 
         public string Shop { get; set; }
 
         public string AccessToken { get; set; }
+
+        public bool UseUmbracoAuthorization { get; set; }
     }
 }

src/Umbraco.Cms.Integrations.Commerce.Shopify/Constants.cs

@@ -3,16 +3,11 @@ namespace Umbraco.Cms.Integrations.Commerce.Shopify
 {
     public static class Constants
     {
-        public const string UmbracoCmsIntegrationsCommerceShopifyApiVersion =
-            "Umbraco.Cms.Integrations.Commerce.Shopify.ApiVersion";
-
-        public const string UmbracoCmsIntegrationsCommerceShopifyShop =
-            "Umbraco.Cms.Integrations.Commerce.Shopify.Shop";
+        public const string AppPluginFolderPath = "~/App_Plugins/UmbracoCms.Integrations/Commerce/Shopify";
 
-        public const string UmbracoCmsIntegrationsCommerceShopifyAccessToken =
-            "Umbraco.Cms.Integrations.Commerce.Shopify.AccessToken";
+        public const string AccessTokenDbKey = "Umbraco.Cms.Integrations.Shopify.AccessTokenDbKey";
 
-        public const string AppPluginFolderPath = "~/App_Plugins/UmbracoCms.Integrations/Commerce/Shopify";
+        public const string ProductsApiEndpoint = "https://{0}.myshopify.com/admin/api/{1}/products.json";
 
         public static class RenderingComponent
         {
@@ -24,6 +19,30 @@ public static class RenderingComponent
         public static class Configuration
         {
             public const string Settings = "Umbraco:Cms:Integrations:Commerce:Shopify:Settings";
+
+            public const string OAuthSettings = "Umbraco:Cms:Integrations:Commerce:Shopify:OAuthSettings";
+
+            public const string UmbracoCmsIntegrationsCommerceShopifyApiVersion =
+            "Umbraco.Cms.Integrations.Commerce.Shopify.ApiVersion";
+
+            public const string UmbracoCmsIntegrationsCommerceShopifyShop =
+                "Umbraco.Cms.Integrations.Commerce.Shopify.Shop";
+
+            public const string UmbracoCmsIntegrationsCommerceShopifyAccessToken =
+                "Umbraco.Cms.Integrations.Commerce.Shopify.AccessToken";
+
+            public const string UmbracoCmsIntegrationsCommerceShopifyUseUmbracoAuthorizationKey =
+                "Umbraco.Cms.Integrations.Commerce.Shopify.UseUmbracoAuthorization";
+
+            public const string UmbracoCmsIntegrationsCommerceShopifyClientIdKey = "Umbraco.Cms.Integrations.Commerce.Shopify.ClientId";
+
+            public const string UmbracoCmsIntegrationsCommerceShopifyClientSecretKey = "Umbraco.Cms.Integrations.Commerce.Shopify.ClientSecret";
+
+            public const string UmbracoCmsIntegrationsCommerceShopifyRedirectUriKey = "Umbraco.Cms.Integrations.Commerce.Shopify.RedirectUri";
+
+            public const string UmbracoCmsIntegrationsCommerceShopifyScopesKey = "Umbraco.Cms.Integrations.Commerce.Shopify.Scopes";
+
+            public const string UmbracoCmsIntegrationsCommerceShopifyTokenEndpointKey = "Umbraco.Cms.Integrations.Commerce.Shopify.TokenEndpoint";
         }
 
         public static class PropertyEditors

src/Umbraco.Cms.Integrations.Commerce.Shopify/Controllers/ProductsController.cs

@@ -1,16 +1,22 @@
 using System.Threading.Tasks;
+
 using Umbraco.Cms.Integrations.Commerce.Shopify.Models;
 using Umbraco.Cms.Integrations.Commerce.Shopify.Models.Dtos;
 using Umbraco.Cms.Integrations.Commerce.Shopify.Services;
+using Umbraco.Cms.Integrations.Commerce.Shopify.Configuration;
 
+using static Umbraco.Cms.Integrations.Commerce.Shopify.ShopifyComposer;
 
 #if NETCOREAPP
+using Microsoft.Extensions.Options;
 using Microsoft.AspNetCore.Mvc;
 
 using Umbraco.Cms.Web.BackOffice.Controllers;
 using Umbraco.Cms.Web.Common.Attributes;
 #else
+using System.Configuration;
 using System.Web.Http;
+
 using Umbraco.Web.Mvc;
 using Umbraco.Web.WebApi;
 #endif
@@ -20,21 +26,36 @@ namespace Umbraco.Cms.Integrations.Commerce.Shopify.Controllers
     [PluginController("UmbracoCmsIntegrationsCommerceShopify")]
     public class ProductsController : UmbracoAuthorizedApiController
     {
+        private readonly ShopifySettings _settings;
+
+        private readonly IShopifyAuthorizationService _authorizationService;
+
         private readonly IShopifyService _apiService;
 
-        public ProductsController(IShopifyService apiService)
+#if NETCOREAPP
+        public ProductsController(IOptions<ShopifySettings> options, IShopifyService apiService, AuthorizationImplementationFactory authorizationImplementationFactory)
+#else
+        public ProductsController(IShopifyService apiService, AuthorizationImplementationFactory authorizationImplementationFactory)
+#endif
         {
+#if NETCOREAPP
+            _settings = options.Value;
+#else
+            _settings = new ShopifySettings(ConfigurationManager.AppSettings);
+#endif
             _apiService = apiService;
+            _authorizationService = authorizationImplementationFactory(_settings.UseUmbracoAuthorization);
         }
 
         [HttpGet]
         public EditorSettings CheckConfiguration() => _apiService.GetApiConfiguration();
 
         [HttpGet]
-        public string GetAuthorizationUrl() => _apiService.GetAuthorizationUrl();
+        public string GetAuthorizationUrl() => _authorizationService.GetAuthorizationUrl();
 
         [HttpPost]
-        public async Task<string> GetAccessToken([FromBody] OAuthRequestDto authRequestDto) => await _apiService.GetAccessToken(authRequestDto);
+        public async Task<string> GetAccessToken([FromBody] OAuthRequestDto authRequestDto) => 
+            await _authorizationService.GetAccessTokenAsync(authRequestDto.Code);
 
         [HttpGet]
         public async Task<ResponseDto<ProductsListDto>> ValidateAccessToken() => await _apiService.ValidateAccessToken();

src/Umbraco.Cms.Integrations.Commerce.Shopify/Controllers/ShopifyAuthorizationController.cs

@@ -0,0 +1,43 @@
+using Umbraco.Cms.Integrations.Commerce.Shopify.Models;
+
+#if NETCOREAPP
+using Microsoft.AspNetCore.Mvc;
+
+using Umbraco.Cms.Web.Common.Controllers;
+#else
+using System.Web.Http;
+using System.Net.Http;
+using System.Net.Http.Headers;
+
+using Umbraco.Web.WebApi;
+#endif
+
+namespace Umbraco.Cms.Integrations.Commerce.Shopify.Controllers
+{
+    public class ShopifyAuthorizationController : UmbracoApiController
+    {
+        [HttpGet]
+#if NETCOREAPP
+        public IActionResult OAuth(string code)
+        {
+            return new ContentResult
+            {
+                Content = string.IsNullOrEmpty(code)
+                    ? JavascriptResponse.Fail("Authorization process failed.")
+                    : JavascriptResponse.Ok(code),
+                ContentType = "text/html"
+            };
+        }
+#else
+        public HttpResponseMessage OAuth(string code)
+        {
+            var response = new HttpResponseMessage();
+            response.Content = new StringContent(string.IsNullOrEmpty(code)
+                ? JavascriptResponse.Fail("Authorization process failed.")
+                : JavascriptResponse.Ok(code));
+            response.Content.Headers.ContentType = new MediaTypeHeaderValue("text/html");
+            return response;
+         }
+#endif
+    }
+}

src/Umbraco.Cms.Integrations.Commerce.Shopify/Models/JavascriptResponse.cs

@@ -0,0 +1,50 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Umbraco.Cms.Integrations.Commerce.Shopify.Models
+{
+    public class JavascriptResponse
+    {
+        protected StringBuilder ScriptBuilder { get; set; }
+
+        public bool Success { get; set; }
+
+        public string Error { get; set; }
+
+        public bool Failure => !Success;
+
+        protected JavascriptResponse(bool success, string data, string error)
+        {
+            if (success && !string.IsNullOrEmpty(error))
+            {
+                throw new ArgumentException("A succesful Response cannot have an error message.", error);
+            }
+
+            if (!success && string.IsNullOrEmpty(error))
+            {
+                throw new ArgumentException("A failure Response must have an error message.", error);
+            }
+
+            Success = success;
+
+            Error = error;
+
+            ScriptBuilder = new StringBuilder();
+            ScriptBuilder.AppendLine("<script>");
+            ScriptBuilder.AppendLine(success
+                ? "window.opener.postMessage({ type: 'shopify:oauth:success', url: location.href, code: '" + data + "' }, '*');"
+                : "window.opener.postMessage({ type: 'shopify:oauth:error', url: location.href, response: '" + error + "' }, '*');");
+            ScriptBuilder.AppendLine("window.close();");
+            ScriptBuilder.AppendLine("</script>");
+        }
+
+        public override string ToString() => ScriptBuilder.ToString();
+
+        public static string Ok(string data) => new JavascriptResponse(true, data, string.Empty).ToString();
+
+        public static string Fail(string error) => new JavascriptResponse(false, string.Empty, error).ToString();
+    }
+}

src/Umbraco.Cms.Integrations.Commerce.Shopify/Services/AuthorizationService.cs

@@ -0,0 +1,91 @@
+#if NETCOREAPP
+using Microsoft.Extensions.Options;
+#else
+using System.Configuration;
+#endif
+
+using System;
+using System.Collections.Generic;
+using System.Net;
+using System.Net.Http;
+using System.Threading.Tasks;
+
+using Umbraco.Cms.Integrations.Commerce.Shopify.Configuration;
+using Umbraco.Cms.Integrations.Commerce.Shopify.Models.Dtos;
+
+using Newtonsoft.Json;
+
+namespace Umbraco.Cms.Integrations.Commerce.Shopify.Services
+{
+    public class AuthorizationService : BaseAuthorizationService, IShopifyAuthorizationService
+    {
+        private readonly ShopifySettings _settings;
+
+        private readonly ShopifyOAuthSettings _oauthSettings;
+
+#if NETCOREAPP
+        public AuthorizationService(IOptions<ShopifySettings> options, IOptions<ShopifyOAuthSettings> oauthSettings, ITokenService tokenService)
+#else
+        public AuthorizationService(ITokenService tokenService)
+#endif
+            : base(tokenService) 
+        {
+#if NETCOREAPP
+            _settings = options.Value;
+            _oauthSettings = oauthSettings.Value;
+#else
+            _settings = new ShopifySettings(ConfigurationManager.AppSettings);
+            _oauthSettings = new ShopifyOAuthSettings(ConfigurationManager.AppSettings);
+#endif
+        }
+
+        public string GetAccessToken(string code) =>
+            GetAccessTokenAsync(code).ConfigureAwait(false).GetAwaiter().GetResult();
+
+        public async Task<string> GetAccessTokenAsync(string code)
+        {
+            var data = new Dictionary<string, string>
+            {
+                { "client_id", _oauthSettings.ClientId },
+                { "client_secret", _oauthSettings.ClientSecret },
+                { "redirect_uri", _oauthSettings.RedirectUri },
+                { "code", code }
+            };
+
+            var requestMessage = new HttpRequestMessage
+            {
+                Method = HttpMethod.Post,
+                RequestUri = new Uri(_oauthSettings.TokenEndpoint),
+                Content = new FormUrlEncodedContent(data)
+            };
+
+            var response = await ClientFactory().SendAsync(requestMessage);
+            if (response.IsSuccessStatusCode)
+            {
+                var result = await response.Content.ReadAsStringAsync();
+
+                var tokenDto = JsonConvert.DeserializeObject<TokenDto>(result);
+
+                TokenService.SaveParameters(Constants.AccessTokenDbKey, tokenDto.AccessToken);
+
+                return result;
+            }
+
+            if (response.StatusCode == HttpStatusCode.BadRequest)
+            {
+                var errorResult = await response.Content.ReadAsStringAsync();
+                var errorDto = JsonConvert.DeserializeObject<ErrorDto>(errorResult);
+
+                return "Error: " + errorDto.Message;
+            }
+
+            return "Error: An unexpected error occurred.";
+        }
+
+        public string GetAuthorizationUrl() =>
+            string.Format(ShopifyAuthorizationUrl,
+            _settings.Shop,
+            _oauthSettings.ClientId,
+            _oauthSettings.RedirectUri);
+    }
+}

src/Umbraco.Cms.Integrations.Commerce.Shopify/Services/BaseAuthorizationService.cs

@@ -0,0 +1,27 @@
+using System;
+using System.Net.Http;
+
+namespace Umbraco.Cms.Integrations.Commerce.Shopify.Services
+{
+    public class BaseAuthorizationService
+    {
+        // Using a static HttpClient (see: https://www.aspnetmonsters.com/2016/08/2016-08-27-httpclientwrong/).
+        private readonly static HttpClient s_client = new HttpClient();
+
+        // Access to the client within the class is via ClientFactory(), allowing us to mock the responses in tests.
+        public static Func<HttpClient> ClientFactory = () => s_client;
+
+        protected readonly ITokenService TokenService;
+
+        protected const string ShopifyAuthorizationUrl = "https://{0}.myshopify.com/admin/oauth/authorize" +
+            "?client_id={1}" +
+            "&redirect_uri={2}" +
+            "&scope=read_products" +
+            "&grant_options[]=value";
+
+        public BaseAuthorizationService(ITokenService tokenService)
+        {
+            TokenService = tokenService;
+        }
+    }
+}

src/Umbraco.Cms.Integrations.Commerce.Shopify/Services/IShopifyAuthorizationService.cs

@@ -0,0 +1,13 @@
+using System.Threading.Tasks;
+
+namespace Umbraco.Cms.Integrations.Commerce.Shopify.Services
+{
+    public interface IShopifyAuthorizationService
+    {
+        string GetAuthorizationUrl();
+
+        string GetAccessToken(string code);
+
+        Task<string> GetAccessTokenAsync(string code);
+    }
+}