Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Order

Title

Link

Start

Finish

1

New Shopify Plugin for Widget Installation.

PRD-618

18/06/2024

18/072024

1.1

Local Dev Setup & Plugin Dashboard Onboarding.

PRD-642

18/06/2024

Ongoing

1.2

Shopify Onboarding.

PRD-643

18/06/2024

28/072024

1.3

Plugin - Coding - Planning & Unassigned time tracking.

PRD-644

28/06/2024

04/072024

1.4

Plugin - Coding - Installation

PRD-773

04/072024

14/07/2024

1.5

Plugin - Coding - Uninstallation

PRD-774

04/072024

14/07/2024

1.6

Plugin - Coding - Configuration - CRUD

PRD-763

06/07/2024

14/07/2024

1.7

Plugin - Coding - Refactor & Comment & Document

PRD-764

14/07/2024

18/072024

1.8

Plugin - Coding - FrontEnd design to Polaris

PRD-795

16/07/2024

20/072024

1.9

Plugin - Coding - Add form to capture widget code to display on their site.

PRD-796

16/07/2024

20/072024

1.10

Widget Store Front Display Requirements.

PRD-855

29/07/2024

31/07/2024

1.11

Widget Store Front Display Functionality.

PRD-856

29/07/2024

31/07/2024

Process:

  1. Requirement Gathering. 

    • Local Dev Setup & Plugin Dashboard Onboarding. PRD-642

    • Shopify Onboarding. PRD-643

  2. Planning & Design. 

    • Plugin - Coding - Planning & Unassigned time tracking. PRD-644

  3. Implementation.

    • Dev setup

      • Local Dev Setup & Plugin Dashboard Onboarding. PRD-642

    • Shopify setup

    • Plugin development

      • Plugin - Coding - Planning & Unassigned time tracking. PRD-644

      • Plugin - Coding - Installation. PRD-773

      • Plugin - Coding - Uninstallation. PRD-774

      • Plugin - Coding - Configuration - CRUD. PRD-763

      • Plugin - Coding - Refactor & Comment & Document. PRD-764

      • Widget Store Front Display Requirements. PRD-855

      • Widget Store Front Display Functionality. PRD-856

Process Breakdown:

...

  1. Requirement Gathering:

    • Plugin Dashboard Repo - Local Dev Setup & Research. 

      • Develop overview of system.

      • Define system purpose.

    • Shopify Dashboard & Research.

      • Develop overview of Shopify system.

      • Define Shopify requirements.

  2. Planning & Design:
    The plugin is broken down into components, namely:

    1. Shopify Admin App Setup

    2. DB Schema

    3. App install

    4. App uninstall

    5. App Configuration

    Implementation:

    Each in their respective page.

    1. Plugin Dashboard Repo - Local Dev Setup & Research

      Setup environment to develop - environment specifics needed for the repo to work.

      RabbitMQ : Add settings.

      1. Docker-Compose file:

        Code Block
          rabbitmq:
            image: rabbitmq:3.8
            container_name: plugindashboard_rabbitmq
            ports:
              - "5672:5672"
              - "15672:15672"
            healthcheck:
              test: ["CMD", "rabbitmqctl", "status"]
              interval: 30s
            restart: unless-stopped
            volumes:
              - ../shared-data/rabbitmq:/var/lib/rabbitmq
    2. Docker-Compose and Parameters file need to have the App’s Client Id & Client Secret added.
      Both are Hex value strings.

      1. Docker-Compose file:

        Code Block
              NETCOMM_API_KEY: 2de2b028c0c30db8de8e44c5bacfd5ed 
              NETCOMM_API_SECRET: c3c5932fa8aeb97b80eddf132bc11abf
      2. Parameters file:

        Code Block
            netcomm_api_key: '%env(NETCOMM_API_KEY)%'
            netcomm_api_secret: '%env(NETCOMM_API_SECRET)%'
    3. So based upon our tech stack it seems like we actually just use the PHP library / dependancy to intergrate the app with Shopify.

      1. Composerr.json → "phpclassic/php-shopify": "~1.0",
        https://github.com/phpclassic/php-shopify.git

    4. Shopify Dashboard & Research.

    5. Learn what Shopify requires and how to do development with them.
      Shopify PHP - https://github.com/Shopify/shopify-api-php
      https://shopify.dev/docs/apps/launch/app-requirements-checklist
      https://shopify.dev/docs/api/app-bridge

    6. Shopify app authentication and authorization.
      https://shopify.dev/docs/apps/build/authentication-authorization
      https://shopify.dev/docs/apps/build/authentication-authorization/set-embedded-app-authorization?extension=javascript

    7. Authentication is the process of verifying the identity of the user or the app. To keep transactions on Shopify’s platform safe and secure, all apps connecting with Shopify APIs must authenticate when making API requests.

    8. Authorization is the process of giving permissions to apps. When an app user installs a Shopify app they authorize the app, enabling the app to acquire an access token. For example, an app might be authorized to access orders and product data in a store.
      Outline of the Shopify Auth process:

      1. Create a route for starting the OAuth method such as /installAction.

      2. In this route, the Shopify\Auth\OAuth::begin method will be used.

      3. The begin method returns a URL that will be used for redirecting the user to the Shopify Authentication screen to complete the OAuth process, your app needs to validate the callback request made by Shopify after the merchant authorizes your app to access their store data.

      4. To do that, you can call the Shopify\Auth\OAuth::callbackAction method in the endpoint defined in the redirectPath argument of the begin method.

    9. App minimal required permissions:

      1. View personal data:
        Store Owner → Name, email address, phone number, physical address.
        Minimal use of information from shopify which means we pass certain compliance expectations.

        Code Block
        {
          "storeId": 66872279297,
          "storeName": "ek-dev-plugins",
          "storeEmail": "productmanagement@ekomi-group.com",
          "storeDomain": "ek-dev-plugins.myshopify.com",
          "storeOwnerName": "eKomi Product",
          "accountCreated": 0
        }
    10. In the Shopify App Dashboard Configuration Settings these must be added for installation and authentication (The callback verification):

      1. App URL

      2. Preferences URL (optional)

      3. Allowed redirection URL(s)

    11. Compliance Webhooks that Shopify requires to be registered.
      Every app that's distributed through the Shopify App Store must subscribe to the following compliance webhook topics in the Partner Dashboard:

      1. Customer data request endpoint - customers/data_request - Requests to view stored customer data.

      2. Customer data erasure endpoint - customers/redact - Requests to delete customer data.

      3. Shop data erasure endpoint - shop/redact - Requests to delete shop data.
        When you receive one of the compliance webhooks, you need to take the following actions:

        • Confirm that you've received the request by responding with a 200 series status code.

        • Complete the action within 30 days of receiving the request. However, if you're unable to comply with a redaction request because you're legally required to retain data, then you shouldn't complete the action.

    12. Security requirements:
      Security header to only allow iframes to work in the provided domains.

      Code Block
      // Setting this directive guarantees that your app can be framed only within the shop admin.
      header("Content-Security-Policy: frame-ancestors " . $secureShopUrl . " https://admin.shopify.com;");
    13. Shopify - Ngrok.
      In the Shopify ecosystem, embedded apps run in an iframe in a production environment. In order to test the functionality of your app within that context in development, you’re going to want to tunnel what you have running locally to an accessible URL.

      1. https://ngrok.com/

      2. Setup Ngrok for local development with Shopify platform.

        1. Set the Ngrok URL as the URL for your webhook call backs in Shopify Admin.

        2. Customer data request endpoint → https://a80d-41-193-138-209.ngrok-free.app/netcomm/customers/data_request

    14. DB Schema
      Create Table: netcomm_configuration
      Advised to have the user_id and other fields as they will probably part of a plan or future relationship.

      netcomm.pngImage Removed

    15. Install - Process definition:
      Link to Installation Process flow:

      PluginDashboardNetcomm.pngImage Removed

      1. Install requires registration as an app provider.

        1. Checks by the Shopify shop URL if it exists, if not then proceeds with installation.
          "shopUrl": "uextension.myshopify.com",
          "secureShopUrl": "https:\\/\\/uextension.myshopify.com",

      2. Authentication process and Token exchange.

        1. Retrieves the hmac & host & timestamp GET variable fields to prepare for authentication.
          "hmac": "67265c0683abeab279465c633ccb98ed86bebe456cf396189e6283c61665b78d",
          "host": "YWRtaW4uc2hvcGlmeS5jb20vc3RvcmUvdWV4dGVuc2lvbg",
          "timestamp": "1720782483"

      3. The app registers within Shopify and Customer’s shop.
        Creates the App’s auth package with the new shop URL and a new Auth request.

        Code Block
        // Shopify Netcomm App ID & Key & URL
        $appConfig = $this->getNetcommAppConfig($secureShopUrl);
                    
        // Creates static configuration for Shopify
        $shopifySdk = ShopifySDK::config($appConfig);
        
        // Auth calls static ShopifySDK config set earlier. This should redirect after the auth request is approved.
        AuthHelper::createAuthRequest(self::APP_SCOPES, $redirectUrl);

        The auth request goes to Shopify which verifies and redirects the user to login and then passes the request to the call back callback method which will receive the Access Token and register the necessary webhooks with shopify retrieving a ID for each.

      4. Privilege establishment.
        Privileges are requested during authentication the result is a a install modal from Shopify asking user to approve the App’s privilege request.

        permission_request.pngImage Removed

      5. Persists to DB.
        Once Install is clicked then the Shopify shop details will be stored in the DB, and the user redirected to the Netcomm & eKomi Configuration Page to complete installation.
        After the user has clicked the install button then Shopify sends a request to our callbackAction to register all the webhooks through a Curl request.
        Important header information:

        Code Block
                curl_setopt($ch, CURLOPT_HTTPHEADER, [
                    'X-Shopify-Access-Token: ' . $accessToken,
                    'Accept: application/json',
                    'Content-Type: application/json'
                ]);
    16. Uninstall

      1. Authentication process and Token exchange.

      2. The app un-registers within Shopify and Customer shop.

      3. Deletes from DB.
        The same process as the install but in reverse order.

    17. Configuration CRUD

      1. Configuration settings. App requires configuring.
        Options are provided to be either an eKomi client or Netcomm or both.

        1. eKomi Client settings:

          1. ShopId

          2. Shop Interface Password

        2. Netcomm Client settings:

          1. NetcommId

      2. Configuration outcomes:

        1. Case#1:
          Is Netcomm member: Yes
          Is eKomi member : No
          In that case we show a dedicated widget to client in front-end store, which shows the simple seal.

        2. Case#2:
          Is Netcomm member: Yes
          Is eKomi member : Yes
          In that case we just authenticate the credentials and create the widget seal runtime and show the widget to client store successfully.

        3. Case#3:
          Is Netcomm member: No
          Is eKomi member : Yes
          In that case we just authenticate the credentials and create the widget seal runtime and show the widget to client store successfully.

      3. App configuration will be persisted in the DB.
        CRUD functionality.

    18. Refactor / Testing Phase.

    19. Identify issues and refactor

    20. Documentation / Commenting.

      1. Document Shopify requirements for apps.

      2. Explain where app meets requirements.

      3. Comment functions and classes.

...

    1. DB Schema

    2. Plugin Install - Process

    3. Plugin Uninstall Process

    4. Plugin Configuration - eKomi & Netcomm

    5. Widget Token Configuration

    6. Widget Store Front Display Requirements

    7. Widget Store Front Display Functionality

Main Process Flow Diagrams:

Inc drawio
simple0
zoom1
pageId4100718596
custContentId4132798480
diagramDisplayNamePluginDashboardNetcomm.drawio
lbox1
hiResPreview0
contentVer1
revision1
baseUrlhttps://ekomi01.atlassian.net/wiki
diagramName1722871311661-PluginDashboardNetcomm.drawio
pCenter0
aspectLL70ml2rnKzf4Suguo_p 1
width3901
linksauto
isUpload1
tbstyletop
height5271