diff --git a/packages/shopify-app-remix/src/server/authenticate/admin/embedded-authenticate.ts b/packages/shopify-app-remix/src/server/authenticate/admin/embedded-authenticate.ts index 240115ef22..ed7497b9d5 100644 --- a/packages/shopify-app-remix/src/server/authenticate/admin/embedded-authenticate.ts +++ b/packages/shopify-app-remix/src/server/authenticate/admin/embedded-authenticate.ts @@ -180,12 +180,6 @@ export class EmbeddedAuthStrategy< if (persistedSession) { logger.debug(`Reusing existing token: ${persistedSession.accessToken}`); - if (persistedSession.isScopeChanged(config.scopes)) { - config.sessionStorage.deleteSession(persistedSession.id); - - // this.redirectToInstall(request, shop); - } - if (!persistedSession.isExpired()) { return {session: persistedSession}; } @@ -223,24 +217,4 @@ export class EmbeddedAuthStrategy< }, }); } - - // this does not initiate oauth auth code flow, it just triggers managed install - // private redirectToInstall(request: Request, shop: string) { - // const {config, logger, api} = this; - - // // TODO: make it unified admin - // const redirectUrl = `https://${shop}/admin/oauth/install?client_id=${config.apiKey}`; - - // const isXhrRequest = request.headers.get('authorization'); - // if (isXhrRequest) { - // throw redirectWithAppBridgeHeaders(redirectUrl); - // } else { - // throw redirectWithExitIframe( - // {config, logger, api}, - // request, - // shop, - // redirectUrl, - // ); - // } - // } } diff --git a/packages/shopify-app-remix/src/server/authenticate/admin/helpers/handle-embedded-client-error.ts b/packages/shopify-app-remix/src/server/authenticate/admin/helpers/handle-embedded-client-error.ts index 752c9f9372..e595230c21 100644 --- a/packages/shopify-app-remix/src/server/authenticate/admin/helpers/handle-embedded-client-error.ts +++ b/packages/shopify-app-remix/src/server/authenticate/admin/helpers/handle-embedded-client-error.ts @@ -1,4 +1,4 @@ -import {HttpResponseError} from '@shopify/shopify-api'; +import {GraphqlQueryError, HttpResponseError} from '@shopify/shopify-api'; import {redirect} from '@remix-run/server-runtime'; import type {HandleAdminClientError} from '../../../clients/admin/types'; @@ -18,6 +18,17 @@ export function handleEmbeddedClientErrorFactory({ session, }): Promise { if (error instanceof HttpResponseError !== true) { + const gqlerror = error.response.errors[0] as any; + console.log('EXTENSIONS ERROR', gqlerror.extensions.code); + if (error instanceof GraphqlQueryError && gqlerror.extensions.code) { + throw new Response(undefined, { + status: 403, + headers: { + 'Content-Type': 'application/json', + 'X-Shopify-Insufficient-Access': '1', + }, + }); + } params.logger.debug( `Got a response error from the API: ${error.message}`, ); @@ -50,10 +61,22 @@ export function handleEmbeddedClientErrorFactory({ }, }); } else { + // On document load, delete the access token and reload the app to retrigger + // token exchange throw redirect(request.url); } } + if (error.response.code === 403) { + throw new Response(undefined, { + status: error.response.code, + headers: { + 'Content-Type': 'application/json', + 'X-Shopify-Insufficient-Access': '1', + }, + }); + } + // forward a minimal copy of the upstream HTTP response instead of an Error: throw new Response(JSON.stringify(error.response.body), { status: error.response.code,