From b04784c3b6508152a3e27b50b2636935c51039d3 Mon Sep 17 00:00:00 2001
From: colin <colin.in@foxmail.com>
Date: Fri, 5 Sep 2025 19:21:32 +0800
Subject: [PATCH] feat(oauth): add a default cookie options

---
 .../Bilibili/BilibiliAuthHandlerOptionsProvider.cs     |  1 +
 .../GitHub/GitHubAuthHandlerOptionsProvider.cs         |  1 +
 .../ExternalProviders/OAuthHandlerOptionsProvider.cs   | 10 +++++++++-
 .../QQ/QQAuthHandlerOptionsProvider.cs                 |  1 +
 .../WeChat/WeChatAuthHandlerOptionsProvider.cs         |  1 +
 .../WeCom/WeComAuthHandlerOptionsProvider.cs           |  1 +
 6 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/Bilibili/BilibiliAuthHandlerOptionsProvider.cs b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/Bilibili/BilibiliAuthHandlerOptionsProvider.cs
index 933a4e634..7749c2969 100644
--- a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/Bilibili/BilibiliAuthHandlerOptionsProvider.cs
+++ b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/Bilibili/BilibiliAuthHandlerOptionsProvider.cs
@@ -25,5 +25,6 @@ public class BilibiliAuthHandlerOptionsProvider : OAuthHandlerOptionsProvider<Bi
         {
             options.ClientSecret = clientSecret;
         }
+        await base.SetOptionsAsync(options);
     }
 }
diff --git a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/GitHub/GitHubAuthHandlerOptionsProvider.cs b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/GitHub/GitHubAuthHandlerOptionsProvider.cs
index 4bfd43fcf..4deac8bf2 100644
--- a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/GitHub/GitHubAuthHandlerOptionsProvider.cs
+++ b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/GitHub/GitHubAuthHandlerOptionsProvider.cs
@@ -25,5 +25,6 @@ public class GitHubAuthHandlerOptionsProvider : OAuthHandlerOptionsProvider<GitH
         {
             options.ClientSecret = clientSecret;
         }
+        await base.SetOptionsAsync(options);
     }
 }
diff --git a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/OAuthHandlerOptionsProvider.cs b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/OAuthHandlerOptionsProvider.cs
index 1fdd23695..43102d0d5 100644
--- a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/OAuthHandlerOptionsProvider.cs
+++ b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/OAuthHandlerOptionsProvider.cs
@@ -1,4 +1,5 @@
 using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Http;
 using System.Threading.Tasks;
 using Volo.Abp.DependencyInjection;
 using Volo.Abp.Settings;
@@ -14,5 +15,12 @@ public abstract class OAuthHandlerOptionsProvider<TOptions> : IOAuthHandlerOptio
         SettingProvider = settingProvider;
     }
 
-    public abstract Task SetOptionsAsync(TOptions options);
+    public virtual Task SetOptionsAsync(TOptions options)
+    {
+        options.CorrelationCookie.SameSite = SameSiteMode.Lax;
+        options.CorrelationCookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
+        options.CorrelationCookie.HttpOnly = true;
+
+        return Task.CompletedTask;
+    }
 }
diff --git a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/QQ/QQAuthHandlerOptionsProvider.cs b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/QQ/QQAuthHandlerOptionsProvider.cs
index 76f3b7b41..a5aa7da9b 100644
--- a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/QQ/QQAuthHandlerOptionsProvider.cs
+++ b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/QQ/QQAuthHandlerOptionsProvider.cs
@@ -25,5 +25,6 @@ public class QQAuthHandlerOptionsProvider : OAuthHandlerOptionsProvider<QQAuthen
         {
             options.ClientSecret = clientSecret;
         }
+        await base.SetOptionsAsync(options);
     }
 }
diff --git a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/WeChat/WeChatAuthHandlerOptionsProvider.cs b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/WeChat/WeChatAuthHandlerOptionsProvider.cs
index 7382370ef..7b619a5ce 100644
--- a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/WeChat/WeChatAuthHandlerOptionsProvider.cs
+++ b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/WeChat/WeChatAuthHandlerOptionsProvider.cs
@@ -25,5 +25,6 @@ public class WeChatAuthHandlerOptionsProvider : OAuthHandlerOptionsProvider<Weix
         {
             options.ClientSecret = clientSecret;
         }
+        await base.SetOptionsAsync(options);
     }
 }
diff --git a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/WeCom/WeComAuthHandlerOptionsProvider.cs b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/WeCom/WeComAuthHandlerOptionsProvider.cs
index 45d077871..65182746d 100644
--- a/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/WeCom/WeComAuthHandlerOptionsProvider.cs
+++ b/aspnet-core/modules/account/LINGYUN.Abp.Account.Web.OAuth/ExternalProviders/WeCom/WeComAuthHandlerOptionsProvider.cs
@@ -30,5 +30,6 @@ public class WeComAuthHandlerOptionsProvider : OAuthHandlerOptionsProvider<WorkW
         {
             options.AgentId = agentId;
         }
+        await base.SetOptionsAsync(options);
     }
 }