Fix nhosoya#103

manba-inc · Dec 20, 2023 · c653a63 · c653a63
1 parent b42831b
commit c653a63
Showing 1 changed file with 16 additions and 2 deletions.
diff --git a/lib/omniauth/strategies/apple.rb b/lib/omniauth/strategies/apple.rb
@@ -65,12 +65,26 @@ def callback_url
 
       private
 
+      # https://github.com/nhosoya/omniauth-apple/issues/103
+      # https://github.com/nhosoya/omniauth-apple/pull/106#issuecomment-1559825025
       def new_nonce
-        session['omniauth.nonce'] = SecureRandom.urlsafe_base64(16)
+        Rails.logger.info("#{self.class.name}\##{__method__} new_nonce")
+        nonce = SecureRandom.urlsafe_base64(16)
+        session["omniauth.nonce"] = nonce
+        cookies.encrypted[:apple_auth_params] =
+          { same_site: :none, expires: 1.hour.from_now, secure: true, value: nonce }
+        nonce
       end
 
       def stored_nonce
-        session.delete('omniauth.nonce')
+        Rails.logger.info("#{self.class.name}\##{__method__} stored_nonce")
+        nonce = session.delete("omniauth.nonce") || cookies.encrypted[:apple_auth_params]
+        cookies.delete :apple_auth_params
+        nonce
+      end
+
+      def cookies
+        request.env["action_dispatch.cookies"]
       end
 
       def id_info