fix: problem with custom app install not passing the cookies due to sameSite=lax.

See this PR for other people who have ran into this issue
Shopify#905

Author: ryanray

packages/shopify-api/lib/auth/oauth/oauth.ts

@@ -94,9 +94,12 @@ export function begin(config: ConfigInterface): OAuthBegin {
 
     await cookies.setAndSign(STATE_COOKIE_NAME, state, {
       expires: new Date(Date.now() + 60000),
-      sameSite: 'lax',
-      secure: true,
+      // hack necessary due to browsers not setting cookies with sameSite=lax
+      // https://github.com/Shopify/shopify-api-js/pull/905
+      sameSite: 'none',
+      secure: true, // needs to be true, especially when sameSite=none
       path: callbackPath,
+      domain: config.cookieDomain || undefined,
     });
 
     const query = {