{"id":16819770,"url":"https://github.com/lpinca/shopify-token","last_synced_at":"2025-04-05T08:09:43.618Z","repository":{"id":52119303,"uuid":"49079662","full_name":"lpinca/shopify-token","owner":"lpinca","description":"Get an OAuth 2.0 access token for the Shopify API with ease","archived":false,"fork":false,"pushed_at":"2023-11-29T20:59:06.000Z","size":62,"stargazers_count":145,"open_issues_count":1,"forks_count":25,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-10-19T19:55:09.938Z","etag":null,"topics":["api","oauth2","shopify","token"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lpinca.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-01-05T16:57:44.000Z","updated_at":"2024-10-10T12:45:15.000Z","dependencies_parsed_at":"2023-11-29T21:49:19.807Z","dependency_job_id":null,"html_url":"https://github.com/lpinca/shopify-token","commit_stats":{"total_commits":91,"total_committers":8,"mean_commits":11.375,"dds":0.09890109890109888,"last_synced_commit":"49386ca995afe283b8b6b2232870eb12c5306ff0"},"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lpinca%2Fshopify-token","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lpinca%2Fshopify-token/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lpinca%2Fshopify-token/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lpinca%2Fshopify-token/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lpinca","download_url":"https://codeload.github.com/lpinca/shopify-token/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247305935,"owners_count":20917208,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","oauth2","shopify","token"],"created_at":"2024-10-13T10:54:34.520Z","updated_at":"2025-04-05T08:09:43.564Z","avatar_url":"https://github.com/lpinca.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# shopify-token\n\n[![Version npm][npm-shopify-token-badge]][npm-shopify-token]\n[![Build Status][ci-shopify-token-badge]][ci-shopify-token]\n[![Coverage Status][coverage-shopify-token-badge]][coverage-shopify-token]\n\nThis module helps you retrieve an access token for the Shopify REST API. It\nprovides some convenience methods that can be used when implementing the [OAuth\n2.0 flow][shopify-oauth-doc]. No assumptions are made about your server-side\narchitecture, allowing the module to easily adapt to any setup.\n\n## Install\n\n```\nnpm install --save shopify-token\n```\n\n## API\n\nThe module exports a class whose constructor takes an options object.\n\n### `new ShopifyToken(options)`\n\nCreates a new `ShopifyToken` instance.\n\n#### Arguments\n\n- `options` - A plain JavaScript object, e.g. `{ apiKey: 'YOUR_API_KEY' }`.\n\n#### Options\n\n- `apiKey` - Required - A string that specifies the API key of your app.\n- `sharedSecret` - Required - A string that specifies the shared secret of your\n  app.\n- `redirectUri` - Required - A string that specifies the URL where you want to\n  redirect the users after they authorize the app.\n- `scopes` - Optional - An array of strings or a comma-separated string that\n  specifies the list of scopes e.g. `'read_content,read_themes'`. Defaults to\n  `'read_content'`.\n- `timeout` - Optional - A number that specifies the milliseconds to wait for\n  the server to send a response to the HTTPS request initiated by the\n  `getAccessToken` method before aborting it. Defaults to 60000, or 1 minute.\n- `accessMode` - Optional - A string representing the [API access\n  modes][api-access-mode]. Set this option to `'per-user'` to receive an access\n  token that respects the user's permission level when making API requests\n  (called online access). This is strongly recommended for embedded apps.\n  Defaults to offline access mode.\n- `agent` - Optional - An HTTPS agent which will be passed to the HTTPS\n  request made for obtaining the auth token. This is useful when trying to\n  obtain a token from a server that has restrictions on internet access.\n\n#### Return value\n\nA `ShopifyToken` instance.\n\n#### Exceptions\n\nThrows a `Error` exception if the required options are missing.\n\n#### Example\n\n```js\nconst ShopifyToken = require('shopify-token');\n\nconst shopifyToken = new ShopifyToken({\n  sharedSecret: '8ceb18e8ca581aee7cad1ddd3991610b',\n  redirectUri: 'http://localhost:8080/callback',\n  apiKey: 'e74d25b9a6f2b15f2836c954ea8c1711'\n});\n```\n\n### `shopifyToken.generateNonce()`\n\nGenerates a random nonce.\n\n#### Return value\n\nA string representing the nonce.\n\n#### Example\n\n```js\nconst nonce = shopifyToken.generateNonce();\n\nconsole.log(nonce);\n// =\u003e 212a8b839860d1aefb258aaffcdbd63f\n```\n\n### `shopifyToken.generateAuthUrl(shop[, scopes[, nonce[, accessMode]]])`\n\nBuilds and returns the authorization URL where you should redirect the user.\n\n#### Arguments\n\n- `shop` - A string that specifies the name of the user's shop.\n- `scopes` - An optional array of strings or comma-separated string to specify\n  the list of scopes. This allows you to override the default scopes.\n- `nonce` - An optional string representing the nonce. If not provided it will\n  be generated automatically.\n- `accessMode` - An optional string dictating the API access mode. If not\n  provided the access mode defined by the `accessMode` constructor option will\n  be used.\n\n#### Return value\n\nA string representing the URL where the user should be redirected.\n\n#### Example\n\n```js\nconst url = shopifyToken.generateAuthUrl('dolciumi');\n\nconsole.log(url);\n// =\u003e https://dolciumi.myshopify.com/admin/oauth/authorize?scope=read_content\u0026state=7194ee27dd47ac9efb0ad04e93750e64\u0026redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fcallback\u0026client_id=e74d25b9a6f2b15f2836c954ea8c1711\n```\n\n### `shopifyToken.verifyHmac(query)`\n\nEvery request or redirect from Shopify to the client server includes a hmac\nparameter that can be used to ensure that it came from Shopify. This method\nvalidates the hmac parameter.\n\n#### Arguments\n\n- `query` - The parsed query string object.\n\n#### Return value\n\n`true` if the hmac is valid, else `false`.\n\n#### Example\n\n```js\nconst ok = shopifyToken.verifyHmac({\n  hmac: 'd1c59b480761bdabf7ee7eb2c09a3d84e71b1d37991bc2872bea8a4c43f8b2b3',\n  signature: '184559898f5bbd1301606e7919c6e67f',\n  state: 'b77827e928ee8eee614b5808d3276c8a',\n  code: '4d732838ad8c22cd1d2dd96f8a403fb7',\n  shop: 'dolciumi.myshopify.com',\n  timestamp: '1452342558'\n});\n\nconsole.log(ok);\n// =\u003e true\n```\n\n### `shopifyToken.getAccessToken(hostname, code)`\n\nExchanges the authorization code for a permanent access token.\n\n#### Arguments\n\n- `hostname` - A string that specifies the hostname of the user's shop. e.g.\n  `foo.myshopify.com`. You can get this from the `shop` parameter passed by\n  Shopify in the confirmation redirect.\n- `code` - The authorization Code. You can get this from the `code` parameter\n  passed by Shopify in the confirmation redirect.\n\n#### Return value\n\nA `Promise` which gets resolved with an access token and additional data. When\nthe exchange fails, you can read the HTTPS response status code and body from\nthe `statusCode` and `responseBody` properties which are added to the error\nobject.\n\n#### Example\n\n```js\nconst code = '4d732838ad8c22cd1d2dd96f8a403fb7';\nconst hostname = 'dolciumi.myshopify.com';\n\nshopifyToken\n  .getAccessToken(hostname, code)\n  .then((data) =\u003e {\n    console.log(data);\n    // =\u003e { access_token: 'f85632530bf277ec9ac6f649fc327f17', scope: 'read_content' }\n  })\n  .catch((err) =\u003e console.err(err));\n```\n\n## License\n\n[MIT](LICENSE)\n\n[api-access-mode]: https://shopify.dev/apps/auth/access-modes\n[npm-shopify-token-badge]: https://img.shields.io/npm/v/shopify-token.svg\n[npm-shopify-token]: https://www.npmjs.com/package/shopify-token\n[ci-shopify-token-badge]:\n  https://img.shields.io/github/actions/workflow/status/lpinca/shopify-token/ci.yml?branch=master\u0026label=CI\n[ci-shopify-token]:\n  https://github.com/lpinca/shopify-token/actions?query=workflow%3ACI+branch%3Amaster\n[coverage-shopify-token-badge]:\n  https://img.shields.io/coveralls/lpinca/shopify-token/master.svg\n[coverage-shopify-token]:\n  https://coveralls.io/r/lpinca/shopify-token?branch=master\n[shopify-oauth-doc]: https://shopify.dev/apps/auth/oauth\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flpinca%2Fshopify-token","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flpinca%2Fshopify-token","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flpinca%2Fshopify-token/lists"}