@ueberauth/developers please share some code review on this one.

cc: @jclem

I will fix CI once the TODOs are solved (they are questions)

Great work.
I don't think the name csrf_attack is great since it make it sound you enable csrf_attacks. I would rather see it named something like csrf_protection, and ignore_csrf_protection

@jclem since you reported the initial issue, would you like to take a peek at this code?

Codecov Report

Merging #136 (725c214) into master (4b8b1e9) will increase coverage by 1.74%.
The diff coverage is 85.18%.

@@            Coverage Diff             @@
##           master     #136      +/-   ##
==========================================
+ Coverage   73.83%   75.57%   +1.74%     
==========================================
  Files           4        4              
  Lines         107      131      +24     
==========================================
+ Hits           79       99      +20     
- Misses         28       32       +4     

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4b8b1e9...725c214. Read the comment docs.

Please share some CR

@doomspork yeah I will make another PR adding the proper changelog and version

I think this looks good now. As soo n as we have a release we should properly to update one of the provider libs to make sure everything looks as intended