From 0b43c342da8a596002689397bbc12019ba34144c Mon Sep 17 00:00:00 2001
From: Kirill Platonov <mail@kirillplatonov.com>
Date: Sat, 5 Jun 2021 20:48:25 +0300
Subject: [PATCH] Make EnsureAuthenticatedLinks compatible with AppBridge 2

---
 .../shopify_app/ensure_authenticated_links.rb   | 17 +++++++++++++++--
 .../concerns/ensure_authenticated_links_test.rb |  8 ++++++++
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/app/controllers/concerns/shopify_app/ensure_authenticated_links.rb b/app/controllers/concerns/shopify_app/ensure_authenticated_links.rb
index 26cf32e16..519ad05fc 100644
--- a/app/controllers/concerns/shopify_app/ensure_authenticated_links.rb
+++ b/app/controllers/concerns/shopify_app/ensure_authenticated_links.rb
@@ -10,9 +10,22 @@ module EnsureAuthenticatedLinks
 
     private
 
+    def splash_page
+      splash_page_with_params(
+        return_to: request.fullpath,
+        shop: current_shopify_domain,
+        host: params[:host]
+      )
+    end
+
+    def splash_page_with_params(params)
+      uri = URI(root_path)
+      uri.query = params.compact.to_query
+      uri.to_s
+    end
+
     def redirect_to_splash_page
-      splash_page_path = root_path(return_to: request.fullpath, shop: current_shopify_domain)
-      redirect_to(splash_page_path)
+      redirect_to(splash_page)
     rescue ShopifyApp::LoginProtection::ShopifyDomainNotFound => error
       Rails.logger.warn("[ShopifyApp::EnsureAuthenticatedLinks] Redirecting to login: [#{error.class}] "\
                          "Could not determine current shop domain")
diff --git a/test/controllers/concerns/ensure_authenticated_links_test.rb b/test/controllers/concerns/ensure_authenticated_links_test.rb
index 25cd9ad2a..28cf175c0 100644
--- a/test/controllers/concerns/ensure_authenticated_links_test.rb
+++ b/test/controllers/concerns/ensure_authenticated_links_test.rb
@@ -44,6 +44,14 @@ def current_shopify_domain
     assert_redirected_to expected_path
   end
 
+  test 'redirects to splash page with a return_to, shop and host params if no session token is present' do
+    get :some_link, params: { shop: @shop_domain, host: 'test-host' }
+
+    expected_path = "/?host=test-host&return_to=#{CGI.escape(request.fullpath)}&shop=#{@shop_domain}"
+
+    assert_redirected_to expected_path
+  end
+
   test 'returns the requested resource if a valid session token exists' do
     request.env['jwt.shopify_domain'] = @shop_domain