Open vablings opened 5 months ago
It seems this is an intermittent issue? I had it working yesterday but now its not working again today.
I've seen this before with I think every provider I've tried, also intermittently. One thing you might try is using the Network inspector in a browser to validate whether or not it sends the cookie in the different requests - I did a quick test just now and confirmed that the rocket_oauth2_state
cookie was not sent by the browser on the first attempt when using http://
in the redirect, but it was sent on future attempts. I'm not sure exactly why, but I had assumed it was a security measure of sorts that the cookie wasn't sent if it had been created earlier on the same redirect chain. Why it works on later attempts (with the cookie already set), I never figured out.
I don't have a good way to test it at present, but as I remember https://
consistently (and mysteriously?) worked as expected - so this was only a problem during development and not production.
Follow the example defined in the docs
Will fail for the following despite the state cookie being matched?