From 88cfd6a974405c5b8dc9ad2e441d8fb888b931f0 Mon Sep 17 00:00:00 2001
From: Erik Michelson <github@erik.michelson.eu>
Date: Fri, 13 Sep 2024 16:30:20 +0200
Subject: [PATCH] fix(auth/oidc): clean-up oidcIdToken session variable

When the OIDC login flow for a new user is cancelled, the oidcIdToken
session variable should be cleared as well.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
---
 backend/src/api/private/auth/auth.controller.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/backend/src/api/private/auth/auth.controller.ts b/backend/src/api/private/auth/auth.controller.ts
index 3277527a0..a80bc4f0c 100644
--- a/backend/src/api/private/auth/auth.controller.ts
+++ b/backend/src/api/private/auth/auth.controller.ts
@@ -109,5 +109,6 @@ export class AuthController {
     request.session.authProviderIdentifier = undefined;
     request.session.authProviderType = undefined;
     request.session.providerUserId = undefined;
+    request.session.oidcIdToken = undefined;
   }
 }