{"version":3,"file":"authenticate.mjs","sources":["../../../../../../src/server/authenticate/webhooks/authenticate.ts"],"sourcesContent":["import {WebhookValidationErrorReason, WebhookType} from '@shopify/shopify-api';\n\nimport type {BasicParams} from '../../types';\nimport {adminClientFactory} from '../../clients';\nimport {handleClientErrorFactory} from '../admin/helpers';\nimport {ensureValidOfflineSession} from '../../helpers';\n\nimport type {\n  AuthenticateWebhook,\n  WebhookContext,\n  WebhookContextWithoutSession,\n} from './types';\n\nexport function authenticateWebhookFactory<Topics extends string>(\n  params: BasicParams,\n): AuthenticateWebhook<Topics> {\n  const {api, logger} = params;\n\n  return async function authenticate(\n    request: Request,\n  ): Promise<WebhookContext<Topics>> {\n    if (request.method !== 'POST') {\n      logger.debug(\n        'Received a non-POST request for a webhook. Only POST requests are allowed.',\n        {url: request.url, method: request.method},\n      );\n      throw new Response(undefined, {\n        status: 405,\n        statusText: 'Method not allowed',\n      });\n    }\n\n    const rawBody = await request.text();\n\n    const check = await api.webhooks.validate({\n      rawBody,\n      rawRequest: request,\n    });\n\n    if (!check.valid) {\n      if (check.reason === WebhookValidationErrorReason.InvalidHmac) {\n        logger.debug('Webhook HMAC validation failed', check);\n        throw new Response(undefined, {\n          status: 401,\n          statusText: 'Unauthorized',\n        });\n      } else {\n        logger.debug('Webhook validation failed', check);\n        throw new Response(undefined, {status: 400, statusText: 'Bad Request'});\n      }\n    }\n    const session = await ensureValidOfflineSession(params, check.domain);\n\n    let webhookContext: WebhookContextWithoutSession<Topics>;\n\n    if (check.webhookType === WebhookType.Webhooks) {\n      webhookContext = {\n        apiVersion: check.apiVersion,\n        shop: check.domain,\n        topic: check.topic as Topics,\n        webhookId: check.webhookId,\n        payload: JSON.parse(rawBody),\n        subTopic: check.subTopic || undefined,\n        session: undefined,\n        admin: undefined,\n        webhookType: check.webhookType,\n        name: check.name,\n        triggeredAt: check.triggeredAt,\n        eventId: check.eventId,\n      };\n    } else {\n      webhookContext = {\n        apiVersion: check.apiVersion,\n        shop: check.domain,\n        topic: check.topic as Topics,\n        webhookId: check.eventId,\n        payload: JSON.parse(rawBody),\n        session: undefined,\n        admin: undefined,\n        webhookType: check.webhookType,\n        handle: check.handle,\n        action: check.action,\n        resourceId: check.resourceId,\n        triggeredAt: check.triggeredAt,\n        eventId: check.eventId,\n      };\n    }\n\n    if (!session) {\n      return webhookContext;\n    }\n\n    const admin = adminClientFactory({\n      params,\n      session,\n      handleClientError: handleClientErrorFactory({request}),\n    });\n\n    return {\n      ...webhookContext,\n      session,\n      admin,\n    };\n  };\n}\n"],"names":[],"mappings":";;;;;;;AAaM,SAAU,0BAA0B,CACxC,MAAmB,EAAA;AAEnB,IAAA,MAAM,EAAC,GAAG,EAAE,MAAM,EAAC,GAAG,MAAM;AAE5B,IAAA,OAAO,eAAe,YAAY,CAChC,OAAgB,EAAA;AAEhB,QAAA,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE;AAC7B,YAAA,MAAM,CAAC,KAAK,CACV,4EAA4E,EAC5E,EAAC,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAC,CAC3C;AACD,YAAA,MAAM,IAAI,QAAQ,CAAC,SAAS,EAAE;AAC5B,gBAAA,MAAM,EAAE,GAAG;AACX,gBAAA,UAAU,EAAE,oBAAoB;AACjC,aAAA,CAAC;QACJ;AAEA,QAAA,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE;QAEpC,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC;YACxC,OAAO;AACP,YAAA,UAAU,EAAE,OAAO;AACpB,SAAA,CAAC;AAEF,QAAA,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE;YAChB,IAAI,KAAK,CAAC,MAAM,KAAK,4BAA4B,CAAC,WAAW,EAAE;AAC7D,gBAAA,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,KAAK,CAAC;AACrD,gBAAA,MAAM,IAAI,QAAQ,CAAC,SAAS,EAAE;AAC5B,oBAAA,MAAM,EAAE,GAAG;AACX,oBAAA,UAAU,EAAE,cAAc;AAC3B,iBAAA,CAAC;YACJ;iBAAO;AACL,gBAAA,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE,KAAK,CAAC;AAChD,gBAAA,MAAM,IAAI,QAAQ,CAAC,SAAS,EAAE,EAAC,MAAM,EAAE,GAAG,EAAE,UAAU,EAAE,aAAa,EAAC,CAAC;YACzE;QACF;QACA,MAAM,OAAO,GAAG,MAAM,yBAAyB,CAAC,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC;AAErE,QAAA,IAAI,cAAoD;QAExD,IAAI,KAAK,CAAC,WAAW,KAAK,WAAW,CAAC,QAAQ,EAAE;AAC9C,YAAA,cAAc,GAAG;gBACf,UAAU,EAAE,KAAK,CAAC,UAAU;gBAC5B,IAAI,EAAE,KAAK,CAAC,MAAM;gBAClB,KAAK,EAAE,KAAK,CAAC,KAAe;gBAC5B,SAAS,EAAE,KAAK,CAAC,SAAS;AAC1B,gBAAA,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;AAC5B,gBAAA,QAAQ,EAAE,KAAK,CAAC,QAAQ,IAAI,SAAS;AACrC,gBAAA,OAAO,EAAE,SAAS;AAClB,gBAAA,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,OAAO,EAAE,KAAK,CAAC,OAAO;aACvB;QACH;aAAO;AACL,YAAA,cAAc,GAAG;gBACf,UAAU,EAAE,KAAK,CAAC,UAAU;gBAC5B,IAAI,EAAE,KAAK,CAAC,MAAM;gBAClB,KAAK,EAAE,KAAK,CAAC,KAAe;gBAC5B,SAAS,EAAE,KAAK,CAAC,OAAO;AACxB,gBAAA,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;AAC5B,gBAAA,OAAO,EAAE,SAAS;AAClB,gBAAA,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,MAAM,EAAE,KAAK,CAAC,MAAM;gBACpB,MAAM,EAAE,KAAK,CAAC,MAAM;gBACpB,UAAU,EAAE,KAAK,CAAC,UAAU;gBAC5B,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,OAAO,EAAE,KAAK,CAAC,OAAO;aACvB;QACH;QAEA,IAAI,CAAC,OAAO,EAAE;AACZ,YAAA,OAAO,cAAc;QACvB;QAEA,MAAM,KAAK,GAAG,kBAAkB,CAAC;YAC/B,MAAM;YACN,OAAO;AACP,YAAA,iBAAiB,EAAE,wBAAwB,CAAC,EAAC,OAAO,EAAC,CAAC;AACvD,SAAA,CAAC;QAEF,OAAO;AACL,YAAA,GAAG,cAAc;YACjB,OAAO;YACP,KAAK;SACN;AACH,IAAA,CAAC;AACH;;;;"}