EnsureBilling and EnsureAuthenticatedLinks works with token exchange

[zzooeeyy]

• Fixes: https://github.com/Shopify/develop-app-access/issues/295

What this PR does

• Making sure EnsureBilling and EnsureAuthenticatedLinks can call methods defined in token exchange, by extracting some common helper methods for re-use
• Fixed an infinite redirect loop caused by handling billing API error -
  • Steps to reprduce:
    1. Open app
    2. EnsureHasSession checks if billing is valid
    3. Billing API responds with billing error
    4. EnsureBilling handles billing error by redirecting to shop /login with shop and host params
    5. /login starts auth again
    6. Auth CallbackController handles the callback, but it also checks billing, which could still return error - thus redirecting back to /login again. ↺
  • Fix was to only redirect to shop /login withOUT shop and host params so that /login does not re-start auth.
• TokenExchangeConcern -
  • If id_session is invalid, redirect to embed the app first before redirecting to bounce page.

Before - Billing API error sent app into infinite redirect loop

infinite-loop-billing-error.mp4

After - Billing API error does not send app into infinite redirect loop

redirect-to-login.mp4

Token exchange works with EnsureBIlling and can load app after confirming charge

token-exchange-confirm-charge.mp4

Checklist

Before submitting the PR, please consider if any of the following are needed:

• Update CHANGELOG.md if the changes would impact users
• Update README.md, if appropriate.
• Update any relevant pages in /docs, if necessary
• For security fixes, the Disclosure Policy must be followed.

[zzooeeyy]

This was causing an infinite redirect loop in auth code flow because the shop param gets added to the login path, and CallbackController would re-check billing on auto login with the shop param..

Changing the logic to redirect to login page without shop param.

[zzooeeyy]

url argument is not used anywhere anymore, removing this.
Extracted helper RedirectForEmbedded.add_app_bridge_redirect_url_header(url, response) to be reused elsewhere

[paulomarg]

I don't think this is something apps can use, right? Otherwise we might be removing functionality they need.

Although I guess in that case they could just use the other concern.

[zzooeeyy]

hmmm yea, although this method added more checks around when to add the headers. I think I'll just add the existing behaviour back to avoid breaking behaviour for apps

[zzooeeyy]

Extracted these 'jwt' helpers to be inside WithShopifyIdToken concern for reusability

[zzooeeyy]

Extracted these 'jwt' helpers to be inside WithShopifyIdToken concern for reusability

[paulomarg]

I don't think this is something apps can use, right? Otherwise we might be removing functionality they need.

Although I guess in that case they could just use the other concern.

[paulomarg]

Just out of curiosity - won't we have other places in the code that need to do this as well? Seems to me like this might also be extractable if that's the case.

[paulomarg]

This is a little bit of an assumption - I think there are some cases where we might not want this (requests aren't coming from the admin), but we can deal with those if / when they happen.

[zzooeeyy]

I'm not quite sure if I understand? If they're using the EnsureHasSession concern, they want to validate requests that are coming from the admin right?

[paulomarg]

There are cases where host isn't necessarily shop/admin, so we're basically assuming that will be the case whenever we hit this path. Which I think should be fine and in the unlikely event that this fails on any specific interaction, we can look into it later.

[paulomarg]

Are we locking down the time here? I wonder if this could lead to flaky tests if the second happens to shift during the run.

[paulomarg]

Nothing blocking.