I'm trying to add some custom code to make the user/shop re-authenticate when the scope changes.
It's related to this point from #350:
Keep track of extra information returned by Shopify, such as scope & associated user. Currently this app has no way to keep track of this, it only keeps the access token. Keeping track of the scope would facilitate the workflow when updating the application's requested scope. We should force a new oauth autorization when the needed access scope change.
Here's a little code snippet:
current_scope = ShopifyAPI::AccessScope.all.map(&:handle)
new_scope = ShopifyApp.configuration.scope.split(', ')
if current_scope.sort != new_scope.sort
# what to do here?
end
I'm stuck as to how to redirect to re-auth path. I've tried all of these (and several more):
set_esdk_headers # response.set_header('P3P', 'CP="Not used"'); response.headers.except!('X-Frame-Options')
fullpage_redirect_to "/auth/shopify?shop=#{@shop.shopify_domain}"
fullpage_redirect_to "https://#{@shop.shopify_domain}/admin/oauth/authorize?client_id=#{ENV['SHOPIFY_API_KEY']}&redirect_uri=...&response_type=code&scope=write_themes%2Cread_orders&state=#{? SecureRandom.hex ?}"
params[:shop] = @shop.shopify_domain
close_session
session[:shopify] = nil
session[:shopify_domain] = nil
redirect_to_login
fullpage_redirect_to "/auth/shopify?shop=#{@shop.shopify_domain}"
What I'm trying to do is logout user and redirect him to reauthenticate. If it's not needed, we could skip logout. But I'm generally stuck as to where to redirect to. I understand this might not be shopify_app specific question, but omniauth / oauth specific question. I'm also going through the omniauth documentation, but I still can't figure out what should the redirect url be.
I restarted the app after changing the scope so my thought was that redirecting to /auth/shopify would trigger new scope.
I'm trying to add some custom code to make the user/shop re-authenticate when the scope changes.
It's related to this point from #350:
Here's a little code snippet:
I'm stuck as to how to redirect to re-auth path. I've tried all of these (and several more):
What I'm trying to do is logout user and redirect him to reauthenticate. If it's not needed, we could skip logout. But I'm generally stuck as to where to redirect to. I understand this might not be shopify_app specific question, but omniauth / oauth specific question. I'm also going through the omniauth documentation, but I still can't figure out what should the redirect url be.
I restarted the app after changing the scope so my thought was that redirecting to
/auth/shopifywould trigger new scope.