From bf15235efb5de03cd66fd7830665ad0c1b7f2f7d Mon Sep 17 00:00:00 2001
From: Angelo Reale <12191809+angeloreale@users.noreply.github.com>
Date: Wed, 7 Aug 2024 21:28:30 +0100
Subject: [PATCH] ar(fix) [DPCP-62]: Consolidate Domain

---
 patches/@auth+core+0.34.2.patch | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/patches/@auth+core+0.34.2.patch b/patches/@auth+core+0.34.2.patch
index b1a3fe8a..1481d676 100644
--- a/patches/@auth+core+0.34.2.patch
+++ b/patches/@auth+core+0.34.2.patch
@@ -17,3 +17,24 @@ index a35e8f0..792a6ce 100644
              return { csrfTokenVerified, csrfToken };
          }
      }
+diff --git a/node_modules/@auth/core/src/lib/actions/callback/oauth/csrf-token.ts b/node_modules/@auth/core/src/lib/actions/callback/oauth/csrf-token.ts
+index 337c1d6..803ca2f 100644
+--- a/node_modules/@auth/core/src/lib/actions/callback/oauth/csrf-token.ts
++++ b/node_modules/@auth/core/src/lib/actions/callback/oauth/csrf-token.ts
+@@ -31,6 +31,7 @@ export async function createCSRFToken({
+ }: CreateCSRFTokenParams) {
+   if (cookieValue) {
+     const [csrfToken, csrfTokenHash] = cookieValue.split("|")
++    const [bodyValueToken] = bodyValue?.split("|") || []
+ 
+     const expectedCsrfTokenHash = await createHash(
+       `${csrfToken}${options.secret}`
+@@ -40,7 +41,7 @@ export async function createCSRFToken({
+       // If hash matches then we trust the CSRF token value
+       // If this is a POST request and the CSRF Token in the POST request matches
+       // the cookie we have already verified is the one we have set, then the token is verified!
+-      const csrfTokenVerified = isPost && csrfToken === bodyValue
++      const csrfTokenVerified = isPost && csrfToken === bodyValueToken
+ 
+       return { csrfTokenVerified, csrfToken }
+     }