From ddd823afab4a35e141baa89de5177292d8819557 Mon Sep 17 00:00:00 2001
From: Khwezi Mngoma <khwezi@msn.com>
Date: Sun, 14 Jun 2026 13:09:57 +0200
Subject: [PATCH 1/2] Configured AddLiteCharmsWebSecurity() to setup
 ConfigureCookieOidcSameSiteSupport()

---
 LiteCharms.Features/Extensions/Api.cs | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/LiteCharms.Features/Extensions/Api.cs b/LiteCharms.Features/Extensions/Api.cs
index 0a72ceb..0fac5fa 100644
--- a/LiteCharms.Features/Extensions/Api.cs
+++ b/LiteCharms.Features/Extensions/Api.cs
@@ -60,6 +60,8 @@ public static class Api
             .ProtectKeysWithCertificate(certificate)
             .SetApplicationName("LiteCharmsApp");
 
+        services.ConfigureCookieOidcSameSiteSupport();
+
         var configSection = configuration.GetSection(nameof(LiteCharmsSettings));
 
         var authOptions = new LiteCharmsSettings();
@@ -269,4 +271,26 @@ public static class Api
 
     public static string ToEndpointName(this Type target, string? annotation = "") =>
         $"{target.Name.Replace("Endpoint", string.Empty)}{annotation}".ToLower(CultureInfo.CurrentCulture);
+
+    private static void ConfigureCookieOidcSameSiteSupport(this IServiceCollection services)
+    {
+        services.Configure<CookiePolicyOptions>(options =>
+        {
+            options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
+            options.OnAppendCookie = cookieContext => CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
+            options.OnDeleteCookie = cookieContext => CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
+        });
+    }
+
+    private static void CheckSameSite(HttpContext httpContext, CookieOptions options)
+    {
+        if (options.SameSite == SameSiteMode.None)
+        {
+            // Double check that we are executing under an HTTPS routing context before emitting 'None'
+            if (!httpContext.Request.IsHttps && httpContext.Request.Headers["X-Forwarded-Proto"] != "https")
+            {
+                options.SameSite = SameSiteMode.Unspecified;
+            }
+        }
+    }
 }

From 9cb4b8264d0c4fd44a25c9f64c503db893f5cf7a Mon Sep 17 00:00:00 2001
From: Khwezi Mngoma <khwezi@msn.com>
Date: Sun, 14 Jun 2026 13:11:40 +0200
Subject: [PATCH 2/2] Refactored Api registration methods

---
 LiteCharms.Features/Extensions/Api.cs | 37 +++++++++++----------------
 1 file changed, 15 insertions(+), 22 deletions(-)

diff --git a/LiteCharms.Features/Extensions/Api.cs b/LiteCharms.Features/Extensions/Api.cs
index 0fac5fa..bd659e3 100644
--- a/LiteCharms.Features/Extensions/Api.cs
+++ b/LiteCharms.Features/Extensions/Api.cs
@@ -126,6 +126,21 @@ public static class Api
         return services;
     }
 
+    private static void ConfigureCookieOidcSameSiteSupport(this IServiceCollection services) =>
+        services.Configure<CookiePolicyOptions>(options =>
+        {
+            options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
+            options.OnAppendCookie = cookieContext => CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
+            options.OnDeleteCookie = cookieContext => CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
+        });
+
+    private static void CheckSameSite(HttpContext httpContext, CookieOptions options)
+    {
+        if (options.SameSite == SameSiteMode.None)
+            if (!httpContext.Request.IsHttps && httpContext.Request.Headers["X-Forwarded-Proto"] != "https") 
+                options.SameSite = SameSiteMode.Unspecified;
+    }
+
     public static IServiceCollection AddLiteCharmsApiSecurity(this IServiceCollection services, IConfiguration configuration)
     {
         var configSection = configuration.GetSection(nameof(LiteCharmsSettings));
@@ -271,26 +286,4 @@ public static class Api
 
     public static string ToEndpointName(this Type target, string? annotation = "") =>
         $"{target.Name.Replace("Endpoint", string.Empty)}{annotation}".ToLower(CultureInfo.CurrentCulture);
-
-    private static void ConfigureCookieOidcSameSiteSupport(this IServiceCollection services)
-    {
-        services.Configure<CookiePolicyOptions>(options =>
-        {
-            options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
-            options.OnAppendCookie = cookieContext => CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
-            options.OnDeleteCookie = cookieContext => CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
-        });
-    }
-
-    private static void CheckSameSite(HttpContext httpContext, CookieOptions options)
-    {
-        if (options.SameSite == SameSiteMode.None)
-        {
-            // Double check that we are executing under an HTTPS routing context before emitting 'None'
-            if (!httpContext.Request.IsHttps && httpContext.Request.Headers["X-Forwarded-Proto"] != "https")
-            {
-                options.SameSite = SameSiteMode.Unspecified;
-            }
-        }
-    }
 }