Authentication errors on "session state value missing"
Configuration is social.backends.github.GithubOAuth2 integrated into a Django app running on Heroku host.
I can see that response cookies are not getting set during the callback portion of the oauth2
This is the request
Response is missing the csrftoken and sessionid cookies.
Pipeline is known good - same configuration working in different environments.
SOCIAL_AUTH_PIPELINE = (
'social.pipeline.social_auth.social_details',
'social.pipeline.social_auth.social_uid',
'social.pipeline.social_auth.auth_allowed',
'social.pipeline.social_auth.social_user',
'social.pipeline.social_auth.associate_user',
'social.pipeline.social_auth.load_extra_data',
'apps.accounts.pipeline.get_user_teams',
'social.pipeline.user.user_details',
)
Protocol is https, and these potentially relevant settings are currently applied. I have tried several combinations of true/false with the first 4.
SESSION_COOKIE_SECURE = 'True'
SESSION_COOKIE_HTTPONLY = 'True'
CSRF_COOKIE_SECURE = 'True'
CSRF_COOKIE_HTTPONLY = 'True'
SOCIAL_AUTH_REDIRECT_IS_HTTPS = 'True'
Attached is a settings dump