-
Notifications
You must be signed in to change notification settings - Fork 683
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Un-rescuable ShopifyApp::LoginProtection::ShopifyDomainNotFound
error every time there is an invalid JWT token error
#1536
Comments
There are lots of bugs with the latest release (v21.1.1), we are noticing many and have started trying to document them via #1539 For example, calling
|
We appreciate the feedback on this! We will add this to our list for this week |
Can you confirm what version you are upgrading from? |
Thanks for looking into it @nelsonwittwer. This was a big update that spanned multiple versions but I believe the last version of the |
This week I'm specifically working on updating documentation for that path. Hopefully that will help you out; if it doesn't, I'd love to dive in more as I'm sure other developers are having similar problems. |
Thanks @nelsonwittwer , any updated documentation regarding upgrade path will be helpful - especially about how we should use shopify_app for deep linking into the app (app uses Turbolinks). |
Same error is happening for me. current_shopify_store is not set and it breaks the oauth flow. |
I suspected this didn't have anything to do with the version bump and can confirm. I created a reduced test case here: https://github.com/dansundy/app_gem_error_test This was created with a freshly generated app from the
I hope that helps @nelsonwittwer. Let me know if you have any problems with this |
I just upgraded an app from 19.1.1 to 20.2.0 and am not receiving this error with almost every call: 2022-11-15T00:24:05.549870+00:00 app[web.1]: [9c955853-e457-4e67-b41e-977884af2451] ShopifyApp::ShopifyDomainNotFound (ShopifyApp::ShopifyDomainNotFound): Any progress or updates on a fix? If I'm following this is a JWT issue, so should the stale tokens just expire out after a while ? |
turns out this problem was masking a few other problems 🤦 . I've got a fix proposed with #1580 that will address the 500 responses and return an expected |
Shout out to @dansundy for creating an environment to reproduce the issue! I request the highest of fives! ✋ 5️⃣ |
Description
After upgrading to version
20.1.1
we are seeing aShopifyApp::LoginProtection::ShopifyDomainNotFound
error every time there is an invalid JWT token error:ShopifyAPI::Errors::InvalidJwtTokenError
. The former error can't seem to be rescued or handled in any way and the request returns a 500 level error even if the latter 401 is handled and returned to the front end. I've sifted through the Shopify App gem's login protection concern without seeing any way to avoid this with my configuration.Steps to Reproduce
Send a request with an invalid (e.g. expired) JWT token.
Expected behavior:
The server returns a 401 level error to the front end.
Actual behavior:
The server return a 500 level error to the front end.
Reproduces how often:
The
ShopifyApp::LoginProtection::ShopifyDomainNotFound
error happens every time aShopifyAPI::Errors::InvalidJwtTokenError
happens. I can't figure out if it is happening after or simultaneously somehow.Browsers
Gem versions
v20.1.1
in productionv20.2.0
Additional Information
Stack trace for
ShopifyApp::LoginProtection::ShopifyDomainNotFound
:Stack trace for
ShopifyAPI::Errors::InvalidJwtTokenError
Security
The text was updated successfully, but these errors were encountered: