Improve invalid id token error handling

CHANGELOG.md

@@ -2,6 +2,7 @@ Unreleased
 ----------
 - ⚠️ [Breaking] Removes `ShopifyApp::JWTMiddleware`. Any existing app code relying on decoded JWT contents set from `request.env` should instead include the `WithShopifyIdToken` concern and call its respective methods. [#1861](https://github.com/Shopify/shopify_app/pull/1861)
 - Handle scenario when invalid URI is passed to `sanitize_shop_domain` [#1852](https://github.com/Shopify/shopify_app/pull/1852)
+- Add invalid id token handling for `current_shopify_domain` method [#1868](https://github.com/Shopify/shopify_app/pull/1868)
 
 22.2.1 (May 6,2024)
 ----------

lib/shopify_app/controller_concerns/token_exchange.rb

@@ -23,8 +23,7 @@ def activate_shopify_session(&block)
       ShopifyAPI::Context.activate_session(current_shopify_session)
       with_token_refetch(current_shopify_session, shopify_id_token, &block)
     rescue *INVALID_SHOPIFY_ID_TOKEN_ERRORS => e
-      ShopifyApp::Logger.debug("Responding to invalid Shopify ID token: #{e.message}")
-      respond_to_invalid_shopify_id_token unless performed?
+      respond_to_invalid_shopify_id_token(e)
     ensure
       ShopifyApp::Logger.debug("Deactivating session")
       ShopifyAPI::Context.deactivate_session
@@ -49,6 +48,8 @@ def current_shopify_session_id
 
     def current_shopify_domain
       sanitized_shop_name || current_shopify_session&.shop
+    rescue *INVALID_SHOPIFY_ID_TOKEN_ERRORS => e
+      respond_to_invalid_shopify_id_token(e)
     end
 
     private
@@ -58,7 +59,10 @@ def retrieve_session_from_token_exchange
       ShopifyApp::Auth::TokenExchange.perform(shopify_id_token)
     end
 
-    def respond_to_invalid_shopify_id_token
+    def respond_to_invalid_shopify_id_token(error)
+      ShopifyApp::Logger.debug("Responding to invalid Shopify ID token: #{error.message}")
+      return if performed?
+
       if request.headers["HTTP_AUTHORIZATION"].blank?
         if missing_embedded_param?
           redirect_to_embed_app_in_admin