OAuth API returns wrong state

Solved
New Member
1 0 0

Hi,

 

We have an app that has been working fine until recently it could not be installed.

 

Since we have not changed any code but the app stopped working. We had a lose look found the state we pass in /oauth/authorize is not correctly sent back. Here are the examples

 

https://a-store.myshopify.com/admin/oauth/authorize?client_id=213a4e5baed0f3943470e83a89c442sf&scope...

 

state=1H6po21ElgG3WiCa

 

but in next callback from the redirect_uri it was sending a different state back

https://app.our-server.com/shopify/oauth?code=9df57596dc7c30efbb53539c3b0cecc0&hmac=3bd95595e58fb2983bdbf37460ff74a7f32dc9c2aede7b7243a0f12d67ed5aa9&shop=a-store.myshopify.com&state=g1vEsSiBVPYNyVxO&timestamp=1580197475

 

state=g1vEsSiBVPYNyVxO

 

We tested other apps with the same code there was no such issue.

 

please help.

0 Likes
Highlighted

Success.

Shopify Staff
Shopify Staff
521 67 79

Hey @atom-dev,

 

Can you please provide the app URL I can run a test on? (via reply or DM)

0 Likes