You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
JWTMiddleware warns excessively for our application because we have non-Shopify endpoints that include HTTP_AUTHORIZATION headers. We aren't mounting the ShopifyApp::Engine so I was surprised to find that any decoding was happening at all. Can the decoding be restricted to just Shopify endpoints somehow or be disabled by configuration?
Steps to Reproduce
Install shopify_app gem
Make an API call with an HTTP AUTHORIZATION header that's not from Shopify
Expected behavior:
Non-Shopify calls are ignored
Actual behavior:
A warning is logged: [ShopifyApp::JWT] Failed to validate JWT: [JWT::DecodeError] Not enough or too many segments
Reproduces how often:
100%
Gem versions
21.2.0
The text was updated successfully, but these errors were encountered:
Description
JWTMiddleware warns excessively for our application because we have non-Shopify endpoints that include
HTTP_AUTHORIZATION
headers. We aren't mounting the ShopifyApp::Engine so I was surprised to find that any decoding was happening at all. Can the decoding be restricted to just Shopify endpoints somehow or be disabled by configuration?Steps to Reproduce
HTTP AUTHORIZATION
header that's not from ShopifyExpected behavior:
Non-Shopify calls are ignored
Actual behavior:
A warning is logged:
[ShopifyApp::JWT] Failed to validate JWT: [JWT::DecodeError] Not enough or too many segments
Reproduces how often:
100%
Gem versions
21.2.0
The text was updated successfully, but these errors were encountered: