noezdev
commented
1 year ago Just want to make clear that its not just a behavior from the apple login, it affects all login-methods that use POST requests at the callback point.
Closed noezdev closed 1 year ago
noezdev
commented
1 year ago Just want to make clear that its not just a behavior from the apple login, it affects all login-methods that use POST requests at the callback point.
driesvints
commented
1 year ago Hi there,
Thanks for reporting but it looks like this is a question which can be asked on a support channel. Please only use this issue tracker for reporting bugs with the library itself. If you have a question on how to use functionality provided by this repo you can try one of the following channels:
However, this issue will not be locked and everyone is still free to discuss solutions to your problem!
Thanks.
Description:
In Socialite's regular workflow, the user is redirected to the platform, in this case Apple, for authorisation, authorises themselves there and then a callback is made to the Laravel application. If this callback is a POST request instead of a GET query, Laravel does not restore the original session but starts a new session. Original data such as a shopping cart is lost in the process. The problem can be solved with a workaround by setting the same_site settings in the config/session settings to Null instead of the default setting of lax. However, this does not make sense from a security point of view. CORS as the source can be ruled out so far.
Steps To Reproduce:
The steps to reproduce should be clear after reading the description