Embedded app redirect inconsistent between initial install and clicking in the App Page

Excursionist
24 1 2

I've submitted my app and it was recently rejected. One of the reasons was this:

 

  1. Upon installing the app, I am being redirected to a non-embedded version. When accessing the app from the installed apps list, the app is redirecting to the embedded version. This occurs when an initial OAuth request redirect fails to escape the iframe. Refer to our embedded app OAuth doc. Please see this screencast for additional details. 

 

It seems that upon initial install, my app doesn't re-direct to the Shopify Admin Dashboard with my app loading in an iframe, but when going back to the app from a store's App Page, it loads it in an iframe.

 

I searched for a few threads regarding this in the forums and couldn't find anything concrete in terms of code. I was able to find this: https://help.shopify.com/en/api/embedded-apps/app-bridge/oauth but I'm not using App Bridge.

0 Likes
Excursionist
24 1 2

@KarlOffenberger have you seen this before?

0 Likes
Shopify Staff
Shopify Staff
1369 56 202

@pthieu Assuming you're using the embedded app SDK: are you calling ShopifyApp.init on the view being served at the end of your oauth flow?

0 Likes
Excursionist
24 1 2

@Alex yes I am now. I've now fixed the issue.

 

The issue was two-prong for me. The first issue is that on an initial app install, I needed to forward the user to the Shopify Admin, instead of to my UI. What happens when I do this is that Shopify will perform the auth flow all over again so I needed to track if the shop has already been authenticated and then render the UI on the 2nd run-through.

 

For the user coming back to the app through the App page after installation, I needed to perform an iframe escape.

0 Likes
Highlighted
Tourist
6 1 0

Hi there,

 

I have the same issue with my python Flask app. I have tried the following:

 

1) Redirecting from install to oauth via `window.top.location.href` method. (Step 2 here)

2) "Confirming Installation" by sending things to my /finalize endpoint, like so -

 

 

redirect_uri = url_for("finalize", _external=True)
permission_url = shopify_session.create_permission_url(scopes, redirect_uri)
return render_template('install.html', permission_url=permission_url)

 

3) After Oauth calls /finalize, I request the token and activate the session.

4) From /finalize, I've tried redirecting to my /index directly, externally, or via JS window location. But no matter what I do, it ALWAYS pops it in a new tab after install. It does keep it within the same iframe if I visit the app again from the store.

 

I suspect the redirect_url isn't what it should be. Anyone have any suggestions for this?

I'd love to get approved for public listing as soon as possible.

 

Thank you for taking the time to read through this.

I have been testing this over 30+ times over two days and am nowhere close to the resolution.

0 Likes
New Member
2 0 2

@ignorant wrote:

Hi there,

 

I have the same issue with my python Flask app. I have tried the following:

 

1) Redirecting from install to oauth via `window.top.location.href` method. (Step 2 here)

2) "Confirming Installation" by sending things to my /finalize endpoint, like so -

 

 

redirect_uri = url_for("finalize", _external=True)
permission_url = shopify_session.create_permission_url(scopes, redirect_uri)
return render_template('install.html', permission_url=permission_url)

 

3) After Oauth calls /finalize, I request the token and activate the session.

4) From /finalize, I've tried redirecting to my /index directly, externally, or via JS window location. But no matter what I do, it ALWAYS pops it in a new tab after install. It does keep it within the same iframe if I visit the app again from the store.

 

I suspect the redirect_url isn't what it should be. Anyone have any suggestions for this?

I'd love to get approved for public listing as soon as possible.

 

Thank you for taking the time to read through this.

I have been testing this over 30+ times over two days and am nowhere close to the resolution.



I had the same issue on a recent submission using shopify app rails gem where we were just redirecting back to our root app URL. This caused an escape of the iframe, then it loaded back into the iframe. Still worked but not a good experience for the end user.

 

I forget how i found this, but you you can redirect to the instance of your app inside the iframe which the url is as follows:

 

https://{myshopify_domain}/admin/apps/{shopify_app_config_api_key}

 

myshopify_domain = Clients myshopify domain

shopify_app_config_api_key = Your app api key

 

Let me know how you go.

1 Like
Tourist
6 1 0

Thank you... I think this is on the right track... but now I get 

 

Oauth error invalid_request: The redirect_uri is not whitelisted

I'm redirecting to -

https://{test-website}/admin/oauth/authorize?client_id=XXX&scope=read_orders&redirect_uri={test-website}/admin/apps/{API_KEY}

How did you end up configuring your whitelisted uris?

0 Likes
Tourist
6 1 0

I could not figure out out... so I ended up rewriting my entire app to Shopify App Bridge.

I wish things were better documented for non standard languages and frameworks, like python/flask.

 

0 Likes