Comments (29)
Hi @CedricVleminckx and @tinhphantrong0612,
i think the best solution is to remove "shopOrigin" param from app brigde contructor (as @tinhphantrong0612 wrote before). Then, i add "host" param to all app route redirects and i add "host" to billing api return_url. I have working solution without "shopOrigin" on my side now, but i do not know how to test it. I am not skilled in git, so i am sending you print screens with my changes. Hope my solution help you a bit.
Archive.zip
from laravel-shopify.
@Kyon147 Can you update the package with @cvikenzi code? This problem can be resolved permanently?
@WajahatAnwar the issue is not as simple as merging a PR, as there are issues around using blade templates now as Shopify pushes towards SPA apps.
We need to see what the best next step is for the package overall with the blade templates.
from laravel-shopify.
Hi @CedricVleminckx and @tinhphantrong0612, i think the best solution is to remove "shopOrigin" param from app brigde contructor (as @tinhphantrong0612 wrote before). Then, i add "host" param to all app route redirects and i add "host" to billing api return_url. I have working solution without "shopOrigin" on my side now, but i do not know how to test it. I am not skilled in git, so i am sending you print screens with my changes. Hope my solution help you a bit. Archive.zip
@cvikenzi You saved me man.. You are genius.
Many Many Thanks!
from laravel-shopify.
same problem
from laravel-shopify.
I messaged Shopify as well so hopefully we'll get an answer soon.
from laravel-shopify.
#1248 might be related.
from laravel-shopify.
@talktohenryj have you fixed it?
from laravel-shopify.
Same problem in a Single page application.
Shopify says our host parameter is configured wrong in app bridge.
We also opened multiple support tickets to request a dev store on the new admin.shopify.com domain, but they say they can not help us. So there is no way for us to test this :(
This was the latest response from Shopify:
when we tried to open that last request to your /authenticate/token path in a new browser tab, it takes us to the legacy/store domain and They are getting a 500 error from your app if they donβt remove that host value attached to the target parameter, which is for redirection after authenticating.
from laravel-shopify.
@CedricVleminckx Have you tried to use SHOPIFY_FRONTEND_ENGINE=REACT?
You can use createApp from Shopify app bridge with host
parameter and apiKey only.
With SHOPIFY_FRONTEND_ENGINE=REACT, as explained in #1173, it will bypass verify.shopify
middleware to the homepage without any token
.
Then use app bridge in the homepage to generate a token and use it, instead of redirecting to authenticate/token and from there load app bridge library from cdn and generate token from host
and apiKey, then with that token, redirect to homepage with location.href.
And also, a middleware called IframeProtection was added in release 17.3.1, in PR #1178, it will attach Content-Security-Policy: frame-ancestors https://{$domain} https://admin.shopify.com
header to web
group response. So it's not necessary to attach it yourself.
from laravel-shopify.
@cvikenzi you saved my life!!!!! the changes on VerifyShopify.php was the solutions, i was passing host param but it was empty on the first load. Adding your changes worked!!! thanks!!!!!!
@osiset you should check @cvikenzi solution for edit code pleasse
from laravel-shopify.
@jhaineymilevis you are welcome :)
from laravel-shopify.
i have madre a pull request with fixes
from laravel-shopify.
I also have a fix in the works for the billing controller at the moment #1244
I'll take a look at the #1260 but it does not look like the tests have been updated to see if the host param exists @jhaineymilevis
from laravel-shopify.
You can do it.
Add this string to VerifyShopify middleware to the handle method.
if (!$request->session()->has('host')) {
$request->session()->put('host', $request->host);
}
It needs to replace this string host: "{{ \Request::get('host') }}"
to host: "{{ \session('host') }}"
in osiset default layout.
The host param will be available anywhere. And the app bridge won't be crashed.
from laravel-shopify.
I am created a pull request with my changes are described above #1261
from laravel-shopify.
@bugfixman i have tested your aproach and it works, but, problem with multi store opened in the same browser, the session host dont override when i change to another store
from laravel-shopify.
#1261 has been closed because it is a duplicate and from @jhaineymilevis does not provide a solution.
Please add any suggestions to #1260
from laravel-shopify.
@cvikenzi problems with installation now :( after this changes , it redirect for https://dropify.dropi.co/login and ask for shopDomain
from laravel-shopify.
Hello @jhaineymilevis,
can you please send screen recording here, where you simulate your problem?
Thanks.
from laravel-shopify.
@cvikenzi forgot it, was my error, thanks
from laravel-shopify.
@jhaineymilevis, so all ok now on your side?
from laravel-shopify.
@osiset this looks like the issue we were chatting about were Shopify for non-spa is getting harder and harder to work with.
Would be interested to see your thoughts on a path moving forward.
from laravel-shopify.
from laravel-shopify.
is there any solution which can work for non SPA app as well?
from laravel-shopify.
There's no straightforward answer @yasir-naseer as there are issues with non-spa and approval as well. Shopify don't allow any app to make requests after OAUTH other than to the homepage of the app.
So currently blade templates need to auth.token
route that happens between requests to get the JWT token to work. This is currently being rejected for new apps now - so the push by Shopify to be SPA is going to be an unwritten requirement I think.
Add that to the new admin route and AppBridge, they are slowly pushing out "traditional websites/apps" where each page is a new request.
from laravel-shopify.
@Kyon147 Can you update the package with @cvikenzi code? This problem can be resolved permanently?
from laravel-shopify.
@cvikenzi Can you please check after implementing your instruction am getting this error.
from laravel-shopify.
Hi @CedricVleminckx and @tinhphantrong0612, i think the best solution is to remove "shopOrigin" param from app brigde contructor (as @tinhphantrong0612 wrote before). Then, i add "host" param to all app route redirects and i add "host" to billing api return_url. I have working solution without "shopOrigin" on my side now, but i do not know how to test it. I am not skilled in git, so i am sending you print screens with my changes. Hope my solution help you a bit. Archive.zip
It is working fine
Very very thank you
Really nice work
We are very happy
God Bless You
from laravel-shopify.
@cvikenzi Can you please check after implementing your instruction am getting this error.
Please run this command - php artisan optimize
Your error will fix.............
from laravel-shopify.
Related Issues (20)
- CSRF token mismatch error in POST call using Ajax HOT 1
- Osiset\ShopifyApp\Exceptions\MissingAuthUrlException HOT 4
- 17.2 In the package in which I am facing the problem 302 status, I send the request or delete the error value, this is a problem facing HOT 3
- App must set security headers to protect against clickjacking && App must verify the authenticity of the request from Shopify. HOT 10
- rest api HOT 6
- There was an error opening your app in the Shopify admin. Your embedded app is loading an invalid URL (17.2) HOT 21
- shopify appuinstalljob problem HOT 2
- Scope Re-approval HOT 2
- Missing host parameter on getConfig(api_key) call HOT 1
- ORDER_TRANSACTIONS_CREATE Webhook not register on shopify HOT 3
- No authenticated user or shop domain error on command call HOT 1
- How to update webhook URL's for old stores? HOT 2
- Alpine.js/Livewire and Power-Grid Authentication redirect hangup HOT 1
- MissingAuthUrlException (Missing auth url) HOT 3
- The app not works on https://admin.shopify.com HOT 22
- Auth:user->name and utils Issues while Upgrading v12.x to v17.x HOT 2
- Approving recurring billing throws SignatureVerificationException using BLADE frontend_engine config HOT 8
- upgrading and downgrading plan got issue first time.. HOT 1
- App Extension Set up Issue HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from laravel-shopify.