Apple Provider Regenerates the Session

[hettiger]

The current implementation uses Apples response_mode=form_post option in order to support scopes.
This causes Laravel to loose the session when Apple hits the callback …

Also you have to mess with CSRF token protection because it's not a GET request.

There's a lot of trouble you can run into when using the Apple provider …
E.g. here's an existing discussion: #1145

Please review my workaround with detailed explanation here:
https://laracasts.com/discuss/channels/laravel/apple-login-with-socialite-clears-my-cart-session?page=1&replyId=930481

I'm not sure what would be the best way moving forward.
I don't think this can be fixed without a breaking change.
Maybe provide an opt-in solution + docs …?

[Ssionn]

Unless an application uses a username, you could still prompt the user after the callback to a form where they can fill in their name. Basically like openai. This is huge in terms of not dealing with apple's shenanigans.