search

Kyon147 / laravel-shopify

A full-featured Laravel package for aiding in Shopify App development
MIT License
353 stars 102 forks source link

Access Token Invalid - Forward to Oauth process again #142

Closed ricardoceci closed 1 year ago

ricardoceci commented 1 year ago

For bug reporting only! If you're posting a feature request or discussion, please ignore.

Expected Behavior

If the access token stored in the database in the column "password" is not longer valid (let's say store closed and reopened, app uninstalled and webhook not listened, even secret of the app changed) the app should renegotiate a new access token.

Current Behavior

If there's a password stored in the table and it is invalid, the app is redirecting the user to a 404 page.

Steps to Reproduce

Please provide detailed steps for reproducing the issue.

  1. Install the app in a store
  2. Disconnect the webhooks for uninstalling (this is just to force an invalid access token in the database)
  3. Uninstall the app
  4. Try to re-install the app, you won't be able and you'll get redirected to a 404.

Context

Please provide any relevant information about your setup. This is important in case the issue is not reproducible except for under certain conditions.

Maybe adding an additional check in the checkPreviousInstall method?

Kyon147 commented 1 year ago

The package does indeed wait on Shopify to tell us that the app has been uninstalled, this is how we know to go through the full auth flow again.

Shopify will also keep sending the webhook for a long time, even if the first one is not returned as a 200 resp.

The main cause (from my memory) I think comes from the deleted_at as we look to see if an app is "Trashed" or not. There is also some logic in there to check for invalid and previous installs.

Feel free to open a PR, if you believe there is a way to improve the flow and I'll review it.