Merge pull request 'Refactored to deal with cookie hell' (#82) from payments into master

Reviewed-on: #82

LiteCharms.Features/Extensions/Api.cs

@@ -42,18 +42,13 @@ public static class Api
             options.Scope.Add("profile");
             options.Scope.Add("email");
 
-            options.Events = new OpenIdConnectEvents
+            options.CorrelationCookie.SecurePolicy = CookieSecurePolicy.Always;
-            {
+            options.CorrelationCookie.SameSite = SameSiteMode.None;
-                OnRedirectToIdentityProvider = context =>
+            options.CorrelationCookie.HttpOnly = true;
-                {
-                    var fallbackUri = context.ProtocolMessage.RedirectUri;
 
-                    if (fallbackUri.StartsWith("http://", StringComparison.OrdinalIgnoreCase))
+            options.NonceCookie.SecurePolicy = CookieSecurePolicy.Always;
-                        context.ProtocolMessage.RedirectUri = fallbackUri.Replace("http://", "https://", StringComparison.OrdinalIgnoreCase);
+            options.NonceCookie.SameSite = SameSiteMode.None;
-
+            options.NonceCookie.HttpOnly = true;
-                    return Task.CompletedTask;
-                }
-            };
         });
 
         return services;