Fix Issues with EnsureAuthenticatedLinks and updated OAuth flow #1549
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rdillensnyder
force-pushed
the
authenticatedlinks-patch
branch
from
9bc90cd
to
2cd4937
Compare
andyw8
force-pushed
the
authenticatedlinks-patch
branch
from
2cd4937
to
336f6d4
Compare
andyw8
approved these changes
Oct 25, 2022
rdillensnyder
force-pushed
the
authenticatedlinks-patch
branch
from
336f6d4
to
9142cfd
Compare
rdillensnyder
force-pushed
the
authenticatedlinks-patch
branch
from
9142cfd
to
7d7df7a
Compare
|
Thanks all, looking forward to this fix. |
nelsonwittwer
pushed a commit
that referenced
this pull request
Nov 12, 2022
nelsonwittwer
added a commit
that referenced
this pull request
Dec 7, 2022
* session stored in rails instead of library * move responsiblity for session persistence * move load_current_session to login_protection * FIXME notes * Move session concerns back to session utils * Add `embedded` param to `splash_page` (#1549) * use online tokens appropriately if there is a user session storage available * move load_current_session to login_protection * Move session concerns back to session utils * refactor login protection and tests with sesison ownership change * rubocop'd * no more session_storage in generated example * add x86_65-linux platform for CI * no more local pointer to api lib * more gemlock Co-authored-by: rdillensnyder <101280580+rdillensnyder@users.noreply.github.com> Co-authored-by: Teddy Hwang <teddy.hwang@shopify.com>
fabriazza
pushed a commit
to fabriazza/shopify_app
that referenced
this pull request
Feb 1, 2023
fabriazza
pushed a commit
to fabriazza/shopify_app
that referenced
this pull request
Feb 1, 2023
…ify#1563) * session stored in rails instead of library * move responsiblity for session persistence * move load_current_session to login_protection * FIXME notes * Move session concerns back to session utils * Add `embedded` param to `splash_page` (Shopify#1549) * use online tokens appropriately if there is a user session storage available * move load_current_session to login_protection * Move session concerns back to session utils * refactor login protection and tests with sesison ownership change * rubocop'd * no more session_storage in generated example * add x86_65-linux platform for CI * no more local pointer to api lib * more gemlock Co-authored-by: rdillensnyder <101280580+rdillensnyder@users.noreply.github.com> Co-authored-by: Teddy Hwang <teddy.hwang@shopify.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What this PR does
The 'embedded' param from the updated OAuth flow is lost by the EnsureAuthenticatedLinks concern during redirects for deep linked pages or Admin extensions. Adding this param to ensure the flow completes successfully.
Reviewer's guide to testing
Directly link to a page for an app using the
EnsureAuthenticatedLinksconcern such as Order PrinterChecklist
Before submitting the PR, please consider if any of the following are needed:
CHANGELOG.mdif the changes would impact usersUpdateREADME.md, if appropriate.Update any relevant pages in/docs, if necessaryFor security fixes, the Disclosure Policy must be followed.