Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Access Token Exchange always returns 'Error: Signature not authentic!'
See original GitHub issueI have been pulling my hair out for the past day trying to figure out where I am going wrong, but when i try to get my app setup for public use I just get errors when I try to finish doing the auth, see the relevant code below…
router.get('/install', function(req, res, next) {
shop = req.param('shop');
Shopify = new shopifyAPI({
shop: shop, // MYSHOP.myshopify.com
shopify_api_key: apikey, // Your API key
shopify_shared_secret: sharedkey, // Your Shared Secret
shopify_scope: 'read_orders,read_products,read_customers',
redirect_uri: appurl + '/finish_auth',
nonce: n() // you must provide a randomly selected value unique for each authorization request
});
writeConfigData(shop, Shopify.config); //writes the config to firebase, worried the config was wrong
var auth_url = Shopify.buildAuthURL();
res.redirect(auth_url);
});
router.get('/finish_auth', function(req, res){
var theshop = req.param('shop').replace(/\./g, "_"); //this is just to find the saved shopconfig in firebase
database.ref('configs/' + theshop).once('value').then(function(snapshot) {
var config = snapshot.val();
var Shopify = new shopifyAPI(config), // You need to pass in your config here
query_params = req.query;
Shopify.exchange_temporary_token(query_params, function (err, data) {
// This will return successful if the request was authentic from Shopify
// Otherwise err will be non-null.
// The module will automatically update your config with the new access token
// It is also available here as data['access_token']
console.log("HERE IS THE EXCHANGE: " + err + data);
});
});
});
The current Docs are a little fuzzy with is_valid_signature and the way that Shopify uses hmac now instead, I have tried about a thousand different workarounds but always get that same error… I am starting to think it might actually be Shopify.
Any help with this issue would be awesome
Issue Analytics
- State:
- Created 7 years ago
- Reactions:5
- Comments:9
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
for me, the @itjustwerks solution worked.
@MasterDover and @mayconfsousa … I’m working on setting up my first public Shopify app, and had the same issue as you with this package. It seems the issue is coming from the use of nonce function in the config parameters. If you generate your nonce before defining your Shopify var, it should work for ya!