Skip to content
This repository was archived by the owner on May 12, 2023. It is now read-only.

Include state in auth url #17

Open
peterchaula wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Include state in auth url #17

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b5d2820
Include state in auth url
peterchaula Aug 15, 2016
5e2cfbd
Update shopify.php
peterchaula Aug 15, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 9 additions & 2 deletions shopify.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,19 @@ public function __construct($shop_domain, $token, $api_key, $secret) {
}

// Get the URL required to request authorization
public function getAuthorizeUrl($scope, $redirect_url='') {
public function getAuthorizeUrl($scope, $redirect_url='', $state = null) {

if($state === null){
$state = sha1(time());
}

$url = "https://{$this->shop_domain}/admin/oauth/authorize?client_id={$this->api_key}&scope=" . urlencode($scope);
$url .='&state=' urlencode($state);
if ($redirect_url != '')
{
$url .= "&redirect_uri=" . urlencode($redirect_url);
}

return $url;
}

Expand Down Expand Up @@ -79,7 +86,7 @@ public function validateSignature($query)

$dataString = array();
foreach ($query as $key => $value) {
if(!in_array($key, array('shop', 'timestamp', 'code'))) continue;
if(!in_array($key, array('shop', 'timestamp', 'code', 'state'))) continue;

$key = str_replace('=', '%3D', $key);
$key = str_replace('&', '%26', $key);
Expand Down