[ PROMPT_NODE_28032 ]

app-development

[ SKILL_DOCUMENTATION ]

# 应用开发参考使用 OAuth、GraphQL/REST API、Webhook 和账单构建 Shopify 应用的指南。 ## OAuth 认证 ### OAuth 2.0 流程 **1. 重定向至授权 URL：** https://{shop}.myshopify.com/admin/oauth/authorize? client_id={api_key}& scope={scopes}& redirect_uri={redirect_uri}& state={nonce} **2. 处理回调：** javascript app.get("/auth/callback", async (req, res) => { const { code, shop, state } = req.query; // 验证 state 以防止 CSRF if (state !== storedState) { return res.status(403).send("Invalid state"); } // 交换 code 获取访问令牌 const accessToken = await exchangeCodeForToken(shop, code); // 安全存储令牌 await storeAccessToken(shop, accessToken); res.redirect(`https://${shop}/admin/apps/${appHandle}`); }); **3. 交换 Code 获取令牌：** javascript async function exchangeCodeForToken(shop, code) { const response = await fetch(`https://${shop}/admin/oauth/access_token`, { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ client_id: process.env.SHOPIFY_API_KEY, client_secret: process.env.SHOPIFY_API_SECRET, code, }), }); const { access_token } = await response.json(); return access_token; } ### 访问范围 (Access Scopes) **常用范围：** - `read_products`, `write_products` - 产品目录 - `read_orders`, `write_orders` - 订单管理 - `read_customers`, `write_customers` - 客户数据 - `read_inventory`, `write_inventory` - 库存水平 - `read_fulfillments`, `write_fulfillments` - 订单履行 - `read_shipping`, `write_shipping` - 运费 - `read_analytics` - 店铺分析 - `read_checkouts`, `write_checkouts` - 结账数据完整列表：https://shopify.dev/api/usage/access-scopes ### 会话令牌 (嵌入式应用) 对于使用 App Bridge 的嵌入式应用： javascript import { getSessionToken } from '@shopify/app-bridge/utilities'; async function authenticatedFetch(url, options = {}) { const app = createApp({ ... }); const token = await getSessionToken(app); return fetch(url, { ...options, headers: { ...options.headers, 'Authorization': `Bearer ${token}` } }); } ## GraphQL Admin API ### 发起请求 javascript async function graphqlRequest(shop, accessToken, query, variables = {}) { const response = await fetch( `https://${shop}/admin/api/2026-01/graphql.json`, { method: "P

数据来源：claude-code-templates（MIT），中文翻译由 AI 生成。详见关于我们。

BAGUA AI