upgrade shopify OAuth process

3 years ago · 720f6868da
parent a8bc6dfc62
commit 720f6868da
7 changed files with 8 additions and 3 deletions
--- a/src/main/java/au/com/royalpay/payment/manage/shopify/auth/web/ShopifyAuthTemplateController.java
+++ b/src/main/java/au/com/royalpay/payment/manage/shopify/auth/web/ShopifyAuthTemplateController.java
@ -67,7 +67,7 @@ public class ShopifyAuthTemplateController {
     * @return
     */
    @GetMapping("/auth/back")
-    public RedirectView shopifyStoreAuthRedirect(@RequestParam("code") String code,
+    public String shopifyStoreAuthRedirect(@RequestParam("code") String code,
                                                 @RequestParam("hmac") String hmac,
                                                 @RequestParam("host") String host,
                                                 @RequestParam("state") String state,
@ -98,7 +98,7 @@ public class ShopifyAuthTemplateController {

        String redirectUri = PlatformEnvironment.getEnv().concatUrl("/auth.html#/shopify/login?code=" + code + "&hmac=" + hmac + "&host=" + host + "&state=" + state + "&shop=" + shop + "&timestamp=" + timestamp);
        response.setHeader("content-security-policy", "frame-ancestors https://" + shop + ".myshopify.com https://admin.shopify.com");
-        return new RedirectView(redirectUri);
+        return "redirect:" + redirectUri;
    }

 }
--- a/src/main/resources/application-dev.yml
+++ b/src/main/resources/application-dev.yml
@ -73,7 +73,7 @@ spring:
 app:
  run-tasks: false
  host:
-    main: https://1c6d-222-95-180-118.ngrok.io/
+    main: https://65e5-222-95-183-204.ngrok.io/
    regions:
      au: http://dalong-au.dev.rpaygroup.com/
      cn: http://dalong-au.dev.rpaygroup.com/
--- a/src/main/resources/templates/shopify/auth_back.html
+++ b/src/main/resources/templates/shopify/auth_back.html
@ -2,6 +2,7 @@
 <html lang="en">
 <head>
    <meta charset="UTF-8">
+    <meta http-equiv="Content-Security-Policy" content="frame-ancestors 'none'">
    <title>Auth</title>
    <link rel="stylesheet" type="text/css" href="/static/lib/bootstrap/css/bootstrap.min.css">
    <script type="text/javascript" src="/static/lib/jquery/jquery-2.1.4.min.js"></script>
--- a/src/main/ui/static/shopify/auth/templates/auth_root.html
+++ b/src/main/ui/static/shopify/auth/templates/auth_root.html
@ -2,6 +2,7 @@
 <html lang="en">
 <head>
  <meta charset="UTF-8">
+  <meta http-equiv="Content-Security-Policy" content="frame-ancestors 'none'">
  <title>Title</title>

  <style>
--- a/src/main/ui/static/shopify/auth/templates/shopify_auth.html
+++ b/src/main/ui/static/shopify/auth/templates/shopify_auth.html
@ -2,6 +2,7 @@
 <html lang="en">
 <head>
    <meta charset="UTF-8">
+    <meta http-equiv="Content-Security-Policy" content="frame-ancestors 'none'">
    <title>Title</title>

    <style>
--- a/src/main/ui/static/shopify/auth/templates/shopify_login.html
+++ b/src/main/ui/static/shopify/auth/templates/shopify_login.html
@ -2,6 +2,7 @@
 <html lang="en">
 <head>
    <meta charset="UTF-8">
+    <meta http-equiv="Content-Security-Policy" content="frame-ancestors 'none'">
    <title>Title</title>

    <style>
--- a/src/main/ui/static/shopify/auth/templates/shopify_register.html
+++ b/src/main/ui/static/shopify/auth/templates/shopify_register.html
@ -2,6 +2,7 @@
 <html lang="en">
 <head>
    <meta charset="UTF-8">
+    <meta http-equiv="Content-Security-Policy" content="frame-ancestors 'none'">
    <title>Title</title>
    <style>
        .col-centered {