STATE parameter is lost in OAUTH callback (nondeterministically)

Baris_Uppercase
Shopify Partner
14 0 0

Hi there, 

 

During the OAUTH handshake, our STATE query parameter is not returned in the token callback. 

 

def gettoken():
  auth_url_shop = shopifySession.create_permission_url(scope=ourscope, redirect_uri=redirect_uri, state=state)
  return redirect(auth_url_shop)

 

The redirect (sometimes) comes back with no STATE parameter:

 

def gettoken_callback():
  if not request.GET.get('state'):
     logger.error('no state')

 

Any idea how we can fix this? 

0 Likes
kennySF
New Member
1 0 0

We're also experiencing this issue. Has there been any resolution?

0 Likes
8tomo8
Shopify Partner
5 0 3

I am having the same issue. Sometimes "State" falls off the callback url.

0 Likes
violuke
New Member
2 0 1

We're also experiencing this issue (happened in app review process today). Review reference 20959.

 

Any response from Shopify on this?

EBC
Tourist
4 0 1

Also affects our app.
Sometimes the state is there, sometimes it is lost.

0 Likes