• Socialite Version: 5.5.6
• Laravel Version: 9.42.2
• PHP Version: 8.1
• Database Driver & Version:

Description:

In Socialite's regular workflow, the user is redirected to the platform, in this case Apple, for authorisation, authorises themselves there and then a callback is made to the Laravel application. If this callback is a POST request instead of a GET query, Laravel does not restore the original session but starts a new session. Original data such as a shopping cart is lost in the process. The problem can be solved with a workaround by setting the same_site settings in the config/session settings to Null instead of the default setting of lax. However, this does not make sense from a security point of view. CORS as the source can be ruled out so far.

Steps To Reproduce:

The steps to reproduce should be clear after reading the description

Just want to make clear that its not just a behavior from the apple login, it affects all login-methods that use POST requests at the callback point.

Hi there,

Thanks for reporting but it looks like this is a question which can be asked on a support channel. Please only use this issue tracker for reporting bugs with the library itself. If you have a question on how to use functionality provided by this repo you can try one of the following channels:

• Laracasts Forums
• Laravel.io Forums
• StackOverflow
• Discord
• Larachat
• IRC

However, this issue will not be locked and everyone is still free to discuss solutions to your problem!

Thanks.