OK, I think I get what you're saying. Build a "public" app but do not publish it. Set the App URLs to my (in this case) Ruby on Rails app: (only temporarily on localhost - is that a problem?)
Application Callback URL: http://localhost:3010
Preferences URL: http://localhost:3010/preferences
Support URL: http://localhost:3010/support
In my case, set a Shop admin link for Orders Action Drop Down to point to http://localhost:3010/print-product-labels
Add an App proxy to /apps/print that directs to http://localhost:3010/print-product-labels as well.
Then just get my oAuth working in Rails.. not easy, but another issue that I think I can tackle with your (and docs.shopify's) advice.
Is that about right?
Thanks! - Bergen