-
Notifications
You must be signed in to change notification settings - Fork 699
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Constantly redirected to //patch_shopify_id_token
#1937
Comments
Hi there 👋 Are you using the Shopify Rails template? Or building without it? Would you be able to provide code to reproduce this? I want to ensure we are on the same page. |
Same issue also reported here @lizkenyon |
I'm setting up an new Rails project to illustrate the issue, but now in a brand-new clean app, I'm getting
New Rails 8 project, |
Okay I got past it. Found an issue here on Github that mentions the problem. Apparently you have to add a toml file (and empty package.json) to set access scopes (would be great if you could just do that in the dashboard and not having to rely on the toml file and CLI). Here's a fresh project that is set up using Rails 8 and https://github.com/danielfriis/shopify_app_test It is not possible to navigate to /products. Added some js because I saw a mention of the new session token authentication. But still not working. |
Yes if you haven't already, I would recommend reviewing this documentation regarding embedded app authentication and authorization. (It is in javascript but a general concepts still apply.) Your requests will need to have to have a session token (also called ID token) so the app can authenticate the requests from your frontend to your back end. App Bridge will automatically add these to fetch requests If your app is doing a document request on navigation then you will need to add the session token yourself. The .dev community would be a good place to ask these questions as well. |
Thanks @lizkenyon ! The key was to set the session token myself. Since I'm using vanilla Rails with Turbo, I had to integrate with that. This is my code: // Get session token
async function getSessionToken() {
const SessionToken = window['app-bridge'].actions.SessionToken;
return new Promise((resolve, reject) => {
window.app.dispatch(SessionToken.request());
// Add timeout to prevent hanging
const timeoutId = setTimeout(() => {
reject(new Error('Session token request timed out'));
}, 5000);
window.app.subscribe(SessionToken.Action.RESPOND, (payload) => {
clearTimeout(timeoutId);
resolve(payload.sessionToken);
});
});
}
// Set the session token for the request
document.addEventListener("turbo:before-fetch-request", async (event) => {
console.log("turbo:before-fetch-request");
try {
const sessionToken = await getSessionToken();
event.detail.fetchOptions.headers['Authorization'] = `Bearer ${sessionToken}`;
console.log("sessionToken", sessionToken);
} catch (error) {
console.error('Failed to get session token:', error);
// Optionally reload the page if token acquisition fails
window.location.reload();
}
}); |
And just to add; the constant redirect I experienced was due to how I'd try to implement an example I found which used this url ( Since I have the AppScript script on all pages, a separate URL for patching is unnecessary. |
Issue summary
Before opening this issue, I have:
shopify_app
version: 22.5log_level: :debug
in my configuration, if applicableI'm building and embedded app which loads as expected. However, when I navigate in the app, I'm constantly being redirected to:
//patch_shopify_id_token?shopify-reload=<URL>
I have included
ShopifyApp::EnsureHasSession
in my controller, and I'm setting theBearer
token using app bridge as I navigate to other pages.Expected behavior
I should be able to navigate to other pages.
Actual behavior
I'm redirected to
//patch_shopify_id_token
which btw turns out blank.Debug logs
And in the web console, I'm getting:
App Bridge Next: missing required configuration fields: shop
The text was updated successfully, but these errors were encountered: