...
Request from shopify to the app with the hmac and shop.
The app recodes and removes the hmac value, sends authorization request with shop api key or client id and with the redirect url. Then it redirects with callback.Request from shopify with callback while process is still actually in the install method.
app parses request in callback action method, creates a request to shopify to get the access token.
Then the app registers the un-install webhook.Then upon success the app should return the application settings form.
This is where the NetcommId and eKomi details are captured.
Form then validates & saves.Check from start to finish. Shopify has a list of app requirements.
Refactor to include omission of Customer & Store Redaction and privileges for shopify are not needed.