go1.16 (#14783)

2021-02-28 18:08:33 -05:00 · 2021-02-28 18:08:33 -05:00 · 47f6a4ec3f
commit 47f6a4ec3f
parent 030646eea4
947 changed files with 26119 additions and 7062 deletions
--- a/vendor/github.com/markbates/goth/gothic/gothic.go
+++ b/vendor/github.com/markbates/goth/gothic/gothic.go
@ -99,7 +99,11 @@ var SetState = func(req *http.Request) string {
 // This is used to prevent CSRF attacks, see
 // http://tools.ietf.org/html/rfc6749#section-10.12
 var GetState = func(req *http.Request) string {
-	return req.URL.Query().Get("state")
+	params := req.URL.Query()
+	if params.Encode() == "" && req.Method == http.MethodPost {
+		return req.FormValue("state")
+	}
+	return params.Get("state")
 }

 /*
@ -155,7 +159,6 @@ as either "provider" or ":provider".
 See https://github.com/markbates/goth/examples/main.go to see this in action.
 */
 var CompleteUserAuth = func(res http.ResponseWriter, req *http.Request) (goth.User, error) {
-	defer Logout(res, req)
 	if !keySet && defaultStore == Store {
 		fmt.Println("goth/gothic: no SESSION_SECRET environment variable is set. The default cookie store is not available and any calls will fail. Ignore this warning if you are using a different store.")
 	}
@ -174,7 +177,7 @@ var CompleteUserAuth = func(res http.ResponseWriter, req *http.Request) (goth.Us
 	if err != nil {
 		return goth.User{}, err
 	}
-
+	defer Logout(res, req)
 	sess, err := provider.UnmarshalSession(value)
 	if err != nil {
 		return goth.User{}, err