Hi there,
Just a general question, we’re using Next.js for our apps because before Shopify purchased Remix, Next.js was the official tutorial for authenticating with the App Bridge (at the time).
We’re trying to upgrade to the newest version of the AppBridge v4 as well as the newest version of Next.js, but trying to use the official Shopify API Node library relies on cookies to validate the HMAC and perform the OAuth session → access token exchange.
It seems like cookies are stripped from the post-authorization redirect, so we’re not able to finish our upgrades.
However, the hmac, code, shop and state parameters are appended as query strings, which makes sense - shouldn’t those be used for the shopify.auth.callback method instead of attempting to read the cookies from the request?