Skip to content
This repository has been archived by the owner on Jan 30, 2023. It is now read-only.

Retry OAuth if cookie / session expired #112

Merged
merged 1 commit into from
Jul 19, 2021
+21 −3
Merged

Retry OAuth if cookie / session expired #112

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
and adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).

## [Unreleased]
### Fixed
- Retry OAuth if cookie / session has expired on callback [112](https://github.com/Shopify/koa-shopify-auth/pull/112)

## [4.1.3] - 2021-04-22
### Fixed
Expand Down
4 changes: 3 additions & 1 deletion src/auth/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,8 +107,10 @@ export default function createShopifyAuth(options: OAuthStartOptions) {
case (e instanceof Shopify.Errors.InvalidOAuthError):
ctx.throw(400, e.message);
break;
case (e instanceof Shopify.Errors.CookieNotFound):
case (e instanceof Shopify.Errors.SessionNotFound):
ctx.throw(403, e.message);
// This is likely because the OAuth session cookie expired before the merchant approved the request
ctx.redirect(`${oAuthStartPath}?shop=${ctx.query.shop}`);
break;
default:
ctx.throw(500, e.message);
Expand Down
18 changes: 16 additions & 2 deletions src/auth/test/index.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -212,7 +212,7 @@ describe('Index', () => {
expect(ctx.throw).toHaveBeenCalledWith(400, '');
});

it('throws a 403 if the session does not exist', async () => {
it('retries if the session does not exist', async () => {
Shopify.Auth.validateAuthCallback = jest.fn(() => Promise.reject(new Shopify.Errors.SessionNotFound));

const ctx = createMockContext({
Expand All @@ -223,7 +223,21 @@ describe('Index', () => {
const shopifyAuth = createShopifyAuth(baseConfig);
await shopifyAuth(ctx, nextFunction);

expect(ctx.throw).toHaveBeenCalledWith(403, '');
expect(ctx.redirect).toHaveBeenCalledTimes(1);
});

it('retries if the cookie does not exist', async () => {
Shopify.Auth.validateAuthCallback = jest.fn(() => Promise.reject(new Shopify.Errors.CookieNotFound));

const ctx = createMockContext({
url: `${baseCallbackUrl}?${querystring.stringify(queryData)}`,
throw: jest.fn(),
});

const shopifyAuth = createShopifyAuth(baseConfig);
await shopifyAuth(ctx, nextFunction);

expect(ctx.redirect).toHaveBeenCalledTimes(1);
});

it('throws a 500 on any other errors', async () => {
Expand Down