Hi!
I've successfully implemented the Oauth flow with a small inconvenience. Before redirecting the user to:
"https://example.myshopify.com/admin/oauth/authorize?client_id=client_id&scope=read_orders&redirect_u..."
I set a cookie with the value of the "state" param. This is to later validate the auth callback using:
validate_auth_callback.
Now, when I my server gets the redirect_uri, I don't receive any cookie. Thus I cannot validate it cause I don't have the state.
This is the code I'm using:
cookies.encrypted[auth_response[:cookie].name] = {
expires: auth_response[:cookie].expires,
secure: true,
http_only: true,
same_site: :none, # I tried this but didnt work
value: auth_response[:cookie].value
}
p.d.: I just followed the ruby template app.
p.d.: this is not an embedded app
