yordis
commented
3 years ago Thank you so much for the support! Appreciate!
Closed greg-rychlewski closed 3 years ago
yordis
commented
3 years ago Thank you so much for the support! Appreciate!
Ueberauth 0.7.0 introduces automatic CSFR attack protection: https://github.com/ueberauth/ueberauth/pull/136. This conflicts with the current way that this library fetches the CSRF state parameter.
Ueberauth exposes helper functions to pull the state param from the correct location: https://hexdocs.pm/ueberauth/Ueberauth.Strategy.Helpers.html#with_state_param/2. I've replaced the current method with this helper.
I've also updated some of the tests to be compatible with the new CSRF protection.