STATE parameter is lost in OAUTH callback (nondeterministically)

Highlighted
Shopify Partner
15 0 0

Hi there, 

 

During the OAUTH handshake, our STATE query parameter is not returned in the token callback. 

 

def gettoken():
  auth_url_shop = shopifySession.create_permission_url(scope=ourscope, redirect_uri=redirect_uri, state=state)
  return redirect(auth_url_shop)

 

The redirect (sometimes) comes back with no STATE parameter:

 

def gettoken_callback():
  if not request.GET.get('state'):
     logger.error('no state')

 

Any idea how we can fix this? 

0 Likes
Highlighted
New Member
1 0 0

We're also experiencing this issue. Has there been any resolution?

0 Likes
Highlighted
Shopify Partner
4 0 3

I am having the same issue. Sometimes "State" falls off the callback url.

0 Likes
Highlighted
New Member
1 0 0

We're also experiencing this issue (happened in app review process today). Review reference 20959.

 

Any response from Shopify on this?

0 Likes