Skip to content

Commit f4307a6

Browse files
bookernathbookernath
committed
Update uninstall and remove user callbacks to use JWT
1 parent bf5eb07 commit f4307a6

File tree

1 file changed

+18
-14
lines changed

1 file changed

+18
-14
lines changed

app.py

Lines changed: 18 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -109,6 +109,11 @@ def bad_request(e):
109109
return content, 400
110110

111111

112+
def jwt_error(e):
113+
print(f"JWT verification failed: {e}")
114+
return "Payload verification failed!", 401
115+
116+
112117
# Helper for template rendering
113118
def render(template, context):
114119
return flask.render_template(template, **context)
@@ -192,8 +197,7 @@ def load():
192197
try:
193198
user_data = BigcommerceApi.oauth_verify_payload_jwt(payload, client_secret(), client_id())
194199
except Exception as e:
195-
print(e)
196-
return "Payload verification failed!", 401
200+
return jwt_error(e)
197201

198202
bc_user_id = user_data['user']['id']
199203
email = user_data['user']['email']
@@ -226,13 +230,14 @@ def load():
226230
@app.route('/bigcommerce/uninstall')
227231
def uninstall():
228232
# Decode and verify payload
229-
payload = flask.request.args['signed_payload']
230-
user_data = BigcommerceApi.oauth_verify_payload(payload, client_secret())
231-
if user_data is False:
232-
return "Payload verification failed!", 401
233+
payload = flask.request.args['signed_payload_jwt']
234+
try:
235+
user_data = BigcommerceApi.oauth_verify_payload_jwt(payload, client_secret(), client_id())
236+
except Exception as e:
237+
return jwt_error(e)
233238

234239
# Lookup store
235-
store_hash = user_data['store_hash']
240+
store_hash = user_data['sub'].split('stores/')[1]
236241
store = Store.query.filter_by(store_hash=store_hash).first()
237242
if store is None:
238243
return "Store not found!", 401
@@ -252,14 +257,13 @@ def uninstall():
252257
# The Remove User Callback URL.
253258
@app.route('/bigcommerce/remove-user')
254259
def remove_user():
255-
# Decode and verify payload
256-
payload = flask.request.args['signed_payload']
257-
user_data = BigcommerceApi.oauth_verify_payload(payload, client_secret())
258-
if user_data is False:
259-
return "Payload verification failed!", 401
260+
payload = flask.request.args['signed_payload_jwt']
261+
try:
262+
user_data = BigcommerceApi.oauth_verify_payload_jwt(payload, client_secret(), client_id())
263+
except Exception as e:
264+
return jwt_error(e)
260265

261-
# Lookup store
262-
store_hash = user_data['store_hash']
266+
store_hash = user_data['sub'].split('stores/')[1]
263267
store = Store.query.filter_by(store_hash=store_hash).first()
264268
if store is None:
265269
return "Store not found!", 401

0 commit comments

Comments
 (0)