search

Shopify / shopify-app-bridge

https://shopify.dev/docs/api/app-bridge
82 stars 9 forks source link

Automatic redirect after oauth forces oauth to start again #243

Open asacarter opened 9 months ago

asacarter commented 9 months ago

Describe the bug

I'm using Remix and React but I'm not using the Shopify Remix package.

I can complete offline and online oAuth successfully outside of the iframe and store the online user session in a database.

As soon as the client side is loaded, it redirects inside the iFrame if App Bridge 4 is loaded.

As cookies are not allowed, I cant find any way to persist the user between oAuth completing outside of the iframe and the app reloading inside the iframe. Therefore it tries to complete oAuth for a second time inside the iframe.

Additionally when the app does load inside the iframe, it goes to a path that is /undefined and loads a 404. I have no idea where undefined is coming from in the path as the previous path is just the return path after oauth has completed.

There is no JWT available when the app first loads inside the iFrame to identify the user.

To Reproduce

N/A

Expected behaviour

N/A

Contextual information

Packages and versions

App bridge 4

Platform

N/A

Additional context

The Shopify docs for the oAuth flow are out of date and still describe using cookies to persist the user.

There is no explanation of the correct flow using oauth with Remix other than use the Shopify package...

dev-coderise commented 2 months ago

We're encountering the same issue, unable to perform OAuth due to this bug. It's blocking our migration to the new app bridge CDN, necessary for the Built for Shopify badge due to a critical fix for LCP. Any updates from Shopify would be greatly appreciated, as it's been 6 months since this bug was reported