gavinballard

Keybase proof

I hereby claim:

• I am gavinballard on github.
• I am gavinballard (https://keybase.io/gavinballard) on keybase.
• I have a public key ASCUpC7m1tZ3oROkXKKsQTz9EXM_wtV2OwZLJcE0BYUA8Qo

To claim this, I am signing this object:

gavinballard

#!/bin/ruby
require 'shopify_api'

# This is an example script for the course "Mastering Shopify Apps"
# available at http://gavinballard.com/msa/. You're free to use and
# modify this script as desired.

# Define authentication parameters. You should update these with the
# authentication details for your own shop and private application.
SHOPIFY_SHOP='mastering-apps.myshopify.com'

gavinballard

<!--
    This is some example markup for using the DOM Binding feature of CartJS (http://cartjs.org).
    It's a direct copy of the second live example code on the front page of the documentation site.
-->

<!-- Add to cart form, using Data API -->
<form data-cart-submit="data-cart-submit">
    <label>Select a Product</label>
    <select name="id">
        <option value="716986707">Coat</option>

gavinballard

import hashlib, base64, hmac, json, settings

def shopify_carrierservice_request(f):
  """
  A decorator thats checks and validates a CarrierService request from Shopify.
  """

  def _hmac_is_valid(body, secret, hmac_to_verify):
    hash            = hmac.new(body, secret, hashlib.sha256)
    hmac_calculated = base64.b64encode(hash.digest())

gavinballard

#!/usr/bin/env/ruby

require 'yaml'

# Get the "type" of checkout from the arguments Git passes to us.
# Possible values for this are "0" for a file-only checkout (which we dont' care about)
# or "1" for a full branch checkout (which we do).
checkout_type = ARGV[2]

if checkout_type == "1"

gavinballard

#!/usr/bin/env ruby

require 'yaml'

# Get the "type" of checkout from the arguments Git passes to us.
# Possible values for this are "0" for a file-only checkout (which we dont' care about)
# or "1" for a full branch checkout (which we do).
checkout_type = ARGV[2]

if checkout_type == "1"

gavinballard

<fieldset>
    <legend>Appearance and Fonts</legend>
    <h3>
        Background
    </h3>
    <table>
        <tr>
            <th>
                <label for="background_style">Background Style</label>
            </th>

gavinballard

/*! Respond.js: min/max-width media query polyfill. Remote proxy (c) Scott Jehl. MIT/GPLv2 Lic. j.mp/respondjs  */
(function(win, doc, undefined) {

  // Add a modified version of selectivizr.js here. Could remove the methods
  // that fetch remote stylesheets (as Respond.js would be doing that for us
  // via the proxy method), but expose the code that parses and applies
  // patches as a public method - something like Selectivizr.parseStyleSheets().

  var docElem     = doc.documentElement,
    proxyURL    = doc.getElementById("respond-proxy").href,

gavinballard

import hashlib, base64, hmac


def get_proxy_signature(query_dict, secret):
    """
    Calculate the signature of the given query dict as per Shopify's documentation for proxy requests.
    See: http://docs.shopify.com/api/tutorials/application-proxies#security
    """

    # Sort and combine query parameters into a single string.

gavinballard

import hashlib, base64, hmac, json, settings

def shopify_webhook(f):
  """
  A decorator thats checks and validates a Shopify Webhook request.
  """

  def _hmac_is_valid(body, secret, hmac_to_verify):
    hash            = hmac.new(body, secret, hashlib.sha256)
    hmac_calculated = base64.b64encode(hash.digest())