Get offline access token from koa

Solved
avet
Shopify Partner
8 2 3

Hi, a newbie here.

Sorry for the basic question but can't find the answer elsewhere.

 

I am building an app which will execute background queries and mutations (not initiated from UI). So I am trying to get an offline access token but so far no luck. I am using Koa to authenticate against Shopify so I guess this is how it is supposed to work:

 
const server = new Koa();
server.use(session(server));
server.keys = [SHOPIFY_API_SECRET_KEY];
server.use(
    createShopifyAuth({
        apiKey: SHOPIFY_API_KEY,
        secret: SHOPIFY_API_SECRET_KEY,
        scopes: ['read_products', 'write_products', 'read_orders', 'write_orders'],
        async afterAuth(ctx) {
            const { shop, accessToken } = ctx.session;
            ctx.cookies.set('shopOrigin', shop, { httpOnly: false });

            //get offline access token
            //1. get code and hmac from URL <== how to get those
            //2. verify hmac
            //3. send POST to https://{shop}.myshopify.com/admin/oauth/access_token supplying client_id, client_secret and code from above


            ctx.redirect('/');
        },
    }),
);

Any advice how to get code and hmac from URL?

Thanks.

 
0 Likes
avet
Shopify Partner
8 2 3

This is an accepted solution.

Found the answer. ctx.query it is!

0 Likes
avet
Shopify Partner
8 2 3

Copying comment from another thread for the sake of full info:

 

Well, apparently you don't need to exchange the code to access token manually. koa-shopify-auth allows to request an offline access token as specified here: https://www.npmjs.com/package/@shopify/koa-shopify-auth

 

So final code look like this:

app.prepare().then(() => {
    const server = new Koa();    server.use(session(server));    server.keys = [SHOPIFY_API_SECRET_KEY];    server.use(        createShopifyAuth({            apiKey: SHOPIFY_API_KEY,            secret: SHOPIFY_API_SECRET_KEY,            scopes: ['read_products', 'write_products', 'read_orders', 'write_orders'],            accessMode: 'offline',
            async afterAuth(ctx) {
                const { shop, accessToken } = ctx.session;                ctx.cookies.set('shopOrigin', shop, { httpOnly: false });                console.log(`=========access token (offline):`, accessToken);
...

this access token can be used to execute GQL queries.

Binaize
New Member
7 0 0

@avet 

Hi there,

Can you please tell me if code in ctx.query is the offline access token?? Is it? If not how did you get the offline access token??

I have been trying to get the offline access token but not able to.

When I try accessMode as "offline" I get token but with expiry date so I am guessing it's not correct?

Please help.

Thank you!

0 Likes
Binaize
New Member
7 0 0

@avet 

Also, how do we get the token when user clicks our app second time after closing?

I don't see access_token being generated the next time they try to access the app.

Thank you in advance!

0 Likes
avet
Shopify Partner
8 2 3

Hi @Binaize ,

if you specify accessMode:offline, then you should get the offline token which doesn't expire. 

Not sure how you checked the expiry date.

Also, you are supposed to store this access token and re-use later. No need to re-generate it every time. 

0 Likes
Pravin-Bhapkar
New Member
7 0 0

What if first time missed to store token because of some server error ? When second time open app, there is no access token generated ? 

how we can force to regenerate or reauthorize token ? 

0 Likes
Kacher
Tourist
4 0 6

Do you still have this issue? 
I still cannot use the access token for later update even accessMode is offline. 

 

0 Likes
scole954387
Excursionist
15 1 7

Hi,

 

do you have an example of  code that can pull data offline using GraphQL and the offline token?

 

Thanks!

0 Likes
Pravin-Bhapkar
New Member
7 0 0

Even in offline token when app is launch it gives you same token. (Which you got first time). So even if you missed first time you will get same token next time when app launch. (OR this authenticate function is invoked)

0 Likes