Merge pull request #7695 from appwrite/fix-encode-secret-in-oauth-workaround

fix: encode secret in oauth workaround
2024-06-03 03:14:50 +12:00 · 2024-02-29 20:17:31 +05:30 · 2024-02-29 20:17:31 +05:30 · cc2e4087a1
parent 88ed3e421d b9a8c0caf1
commit cc2e4087a1
1 changed files with 2 additions and 2 deletions
--- a/app/controllers/api/account.php
+++ b/app/controllers/api/account.php
@ -934,12 +934,12 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
                ->setPayload($response->output($session, Response::MODEL_SESSION))
            ;

-            // TODO: Remove this deprecated, undocumented workaround
+            // TODO: Remove this deprecated workaround - support only token
            if ($state['success']['path'] == $oauthDefaultSuccess) {
                $query['project'] = $project->getId();
                $query['domain'] = Config::getParam('cookieDomain');
                $query['key'] = Auth::$cookieName;
-                $query['secret'] = $secret;
+                $query['secret'] = Auth::encodeSession($user->getId(), $secret);
            }

            $response