Merge remote-tracking branch 'upstream/master' into replace_rest_with_graphql_for_theme_level_support

enmaboya · enmaboya · commit 65f4e98f5989 · 2025-12-17T09:46:31.000+04:00
diff --git a/ignore-by-php-version.neon.php b/ignore-by-php-version.neon.php
@@ -4,7 +4,7 @@
 
 use PHPStan\DependencyInjection\NeonAdapter;
 
-$adapter = new NeonAdapter();
+$adapter = new NeonAdapter([]);
 
 $config = [];
 
diff --git a/src/Http/Middleware/Billable.php b/src/Http/Middleware/Billable.php
@@ -8,7 +8,6 @@
 use Illuminate\Support\Facades\Redirect;
 use Osiset\ShopifyApp\Contracts\ShopModel as IShopModel;
 use Osiset\ShopifyApp\Util;
-use RuntimeException;
 
 /**
  * Responsible for ensuring the shop is being billed.
@@ -19,35 +18,47 @@ class Billable
      * Checks if a shop has paid for access.
      *
      * @param Request $request The request object.
-     * @param Closure $next The next action.
+     * @param Closure $next    The next action.
      *
-     *@throws Exception
+     * @throws Exception
      *
      * @return mixed
      */
     public function handle(Request $request, Closure $next)
     {
-        if (!Util::isMPAApplication()) {
-            throw new RuntimeException('You cannot use Billable middleware with SPA mode');
+        if (Util::getShopifyConfig('billing_enabled') !== true) {
+            return $next($request);
         }
 
-        if (Util::getShopifyConfig('billing_enabled') === true) {
-            /** @var $shop IShopModel */
-            $shop = auth()->user();
-            if (!$shop->plan && !$shop->isFreemium() && !$shop->isGrandfathered()) {
-                // They're not grandfathered in, and there is no charge or charge was declined... redirect to billing
-                return Redirect::route(
-                    Util::getShopifyConfig('route_names.billing'),
-                    array_merge($request->input(), [
-                        'shop' => $shop->getDomain()->toNative(),
-                        'host' => $request->get('host'),
-                        'locale' => $request->get('locale'),
-                    ])
-                );
-            }
+        // Proceed if we are on SPA mode & it's a non ajax request
+        if (!Util::isMPAApplication() && ! $request->ajax()) {
+            return $next($request);
         }
 
-        // Move on, everything's fine
-        return $next($request);
+        /** @var $shop IShopModel */
+        $shop = auth()->user();
+
+        // if shop has plan or is on freemium or is grandfathered then move on with request
+        if (! $shop || $shop->plan || $shop->isFreemium() || $shop->isGrandfathered()) {
+            return $next($request);
+        }
+
+        $args = [
+            Util::getShopifyConfig('route_names.billing'),
+            array_merge($request->input(), [
+                'shop' => $shop->getDomain()->toNative(),
+                'host' => $request->get('host'),
+                'locale' => $request->get('locale'),
+            ]),
+        ];
+
+        if ($request->ajax()) {
+            return response()->json(
+                ['forceRedirectUrl' => route(...$args)],
+                402
+            );
+        }
+
+        return Redirect::route(...$args);
     }
 }
diff --git a/src/Objects/Values/SessionToken.php b/src/Objects/Values/SessionToken.php
@@ -398,7 +398,7 @@ protected function verifyExpiration(): void
 
     protected function determineTokenSource(array $body): int
     {
-        if (!isset($body['iss']) && !isset($body['sid'])) {
+        if (!isset($body['sid'])) {
             return SessionTokenSource::CHECKOUT_EXTENSION;
         }
 
diff --git a/src/Traits/WebhookController.php b/src/Traits/WebhookController.php
@@ -32,11 +32,20 @@ public function handle(string $type, Request $request): ResponseResponse
             $jobClass = $config[$type]['class'];
         }
 
-        $jobClass::dispatch(
+        $dispatch = $jobClass::dispatch(
             $request->header('x-shopify-shop-domain'),
             $jobData
-        )->onConnection(Util::getShopifyConfig('job_connections')['webhooks'])
-        ->onQueue(Util::getShopifyConfig('job_queues')['webhooks']);
+        );
+
+        $connection = Util::getShopifyConfig('job_connections')['webhooks'] ?? null;
+        if ($connection) {
+            $dispatch->onConnection($connection);
+        }
+
+        $queue = Util::getShopifyConfig('job_queues')['webhooks'] ?? null;
+        if ($queue) {
+            $dispatch->onQueue($queue);
+        }
 
         return Response::make('', ResponseResponse::HTTP_CREATED);
     }
diff --git a/src/resources/views/auth/fullpage_redirect.blade.php b/src/resources/views/auth/fullpage_redirect.blade.php
@@ -4,6 +4,9 @@
         <meta charset="utf-8">
         <base target="_top">
         <meta name="shopify-api-key" content="{{ \Osiset\ShopifyApp\Util::getShopifyConfig('api_key', $shopDomain ?? Auth::user()->name ) }}"/>
+        @if(request()->header('sec-fetch-dest') === 'iframe')
+            <script src="https://cdn.shopify.com/shopifycloud/app-bridge.js"></script>
+        @endif
 
         <title>Redirecting...</title>
 
diff --git a/tests/Http/Middleware/BillableTest.php b/tests/Http/Middleware/BillableTest.php
@@ -3,6 +3,7 @@
 namespace Osiset\ShopifyApp\Test\Http\Middleware;
 
 use Illuminate\Auth\AuthManager;
+use Illuminate\Http\Request;
 use Osiset\ShopifyApp\Http\Middleware\Billable as BillableMiddleware;
 use Osiset\ShopifyApp\Storage\Models\Charge;
 use Osiset\ShopifyApp\Storage\Models\Plan;
@@ -100,4 +101,49 @@ public function testDisabledBillingShouldPassOn(): void
 
         $this->assertTrue($result[0]);
     }
+
+    public function testNoNativeAppBridgeAndNoAjaxRequest(): void
+    {
+        $plan = factory(Util::getShopifyConfig('models.plan', Plan::class))->states('type_recurring')->create();
+        $shop = factory($this->model)->create(['plan_id' => $plan->getId()->toNative()]);
+
+        factory(Util::getShopifyConfig('models.charge', Charge::class))->states('type_recurring')->create(
+            [
+                'plan_id' => $plan->getId()->toNative(),
+                'user_id' => $shop->getId()->toNative(),
+            ]
+        );
+
+        $this->auth->login($shop);
+        $this->app['config']->set('shopify-app.billing_enabled', true);
+        $this->app['config']->set('shopify-app.frontend_engine', 'REACT');
+
+        $request = Request::create('/test', 'GET');
+
+        $this->assertFalse($request->ajax());
+
+        $result = $this->runMiddleware(BillableMiddleware::class, $request);
+
+        $this->assertTrue($result[0]);
+    }
+
+    public function testAjaxRequest(): void
+    {
+        $shop = factory($this->model)->create();
+
+        $this->auth->login($shop);
+        $this->app['config']->set('shopify-app.billing_enabled', true);
+        $this->app['config']->set('shopify-app.frontend_engine', 'REACT');
+
+        $request = Request::create('/test', 'GET');
+        $request->headers->set('X-Requested-With', 'XMLHttpRequest');
+
+        $this->assertTrue($request->ajax());
+
+        $response = $this->runMiddleware(BillableMiddleware::class, $request);
+
+        $this->assertFalse($response[0]);
+        $this->assertEquals(402, $response[1]->getStatusCode());
+        $this->assertArrayHasKey('forceRedirectUrl', $response[1]->getData(true));
+    }
 }
diff --git a/tests/fixtures/get_theme_asset_no_schema.json b/tests/fixtures/get_theme_asset_no_schema.json
@@ -0,0 +1,6 @@
+{
+  "asset": {
+      "key": "sections/no-schema.liquid",
+      "value": "<!-- Invalid schema -->"
+    } 
+}

Original file line number	Diff line number	Diff line change
`@@ -398,7 +398,7 @@ protected function verifyExpiration(): void`
`398`	`398`
`399`	`399`	`protected function determineTokenSource(array $body): int`
`400`	`400`	`{`
`401`		`- if (!isset($body['iss']) && !isset($body['sid'])) {`
	`401`	`+ if (!isset($body['sid'])) {`
`402`	`402`	`return SessionTokenSource::CHECKOUT_EXTENSION;`
`403`	`403`	`}`
`404`	`404`