fix: make use of new cookies.service defaults when setting cookies (#…

…1485)

src/app/core/utils/api-token/api-token.service.ts

@@ -88,8 +88,7 @@ export class ApiTokenService {
         if (cookieContent) {
           this.cookiesService.put('apiToken', cookieContent, {
             expires: this.cookieOptions?.expires ?? new Date(Date.now() + DEFAULT_EXPIRY_TIME),
-            secure: this.cookieOptions?.secure ?? true,
-            sameSite: 'Strict',
+            secure: this.cookieOptions?.secure,
             path: '/',
           });
         }

src/app/core/utils/cookies/cookies.service.ts

@@ -57,7 +57,6 @@ export class CookiesService {
     this.deleteAllCookies();
     this.put('cookieConsent', JSON.stringify({ enabledOptions: options, version: cookieConsentVersion }), {
       expires: new Date(new Date().setFullYear(new Date().getFullYear() + 1)),
-      sameSite: 'Strict',
     });
     window.location.reload();
   }

src/app/extensions/punchout/identity-provider/punchout-identity-provider.spec.ts

@@ -192,9 +192,9 @@ describe('Punchout Identity Provider', () => {
               boolean | UrlTree
             >;
             login$.subscribe(() => {
-              verify(cookiesService.put('punchout_SID', 'sid', anything())).once();
-              verify(cookiesService.put('punchout_ReturnURL', 'home', anything())).once();
-              verify(cookiesService.put('punchout_BasketID', 'basket-id', anything())).once();
+              verify(cookiesService.put('punchout_SID', 'sid')).once();
+              verify(cookiesService.put('punchout_ReturnURL', 'home')).once();
+              verify(cookiesService.put('punchout_BasketID', 'basket-id')).once();
             });
 
             tick(500);
@@ -213,7 +213,7 @@ describe('Punchout Identity Provider', () => {
               boolean | UrlTree
             >;
             login$.subscribe(() => {
-              verify(cookiesService.put('punchout_HookURL', 'url', anything())).once();
+              verify(cookiesService.put('punchout_HookURL', 'url')).once();
               verify(checkoutFacade.createBasket()).once();
               expect(routerSpy).toHaveBeenCalledWith('/home');
               done();

src/app/extensions/punchout/identity-provider/punchout-identity-provider.ts

@@ -149,18 +149,9 @@ export class PunchoutIdentityProvider implements IdentityProvider {
     return this.punchoutService.getCxmlPunchoutSession(route.queryParamMap.get('sid')).pipe(
       // persist cXML session information (sid, returnURL, basketId) in cookies for later basket transfer
       tap(data => {
-        this.cookiesService.put('punchout_SID', route.queryParamMap.get('sid'), {
-          sameSite: 'None',
-          secure: true,
-        });
-        this.cookiesService.put('punchout_ReturnURL', data.returnURL, {
-          sameSite: 'None',
-          secure: true,
-        });
-        this.cookiesService.put('punchout_BasketID', data.basketId, {
-          sameSite: 'None',
-          secure: true,
-        });
+        this.cookiesService.put('punchout_SID', route.queryParamMap.get('sid'));
+        this.cookiesService.put('punchout_ReturnURL', data.returnURL);
+        this.cookiesService.put('punchout_BasketID', data.basketId);
       }),
       // use the basketId basket for the current PWA session (instead of default current basket)
       // TODO: if load basket error (currently no error page) -> logout and do not use default 'current' basket
@@ -173,10 +164,7 @@ export class PunchoutIdentityProvider implements IdentityProvider {
 
   private handleOciPunchoutLogin(route: ActivatedRouteSnapshot) {
     // save HOOK_URL to cookie for later basket transfer
-    this.cookiesService.put('punchout_HookURL', route.queryParamMap.get('HOOK_URL'), {
-      sameSite: 'None',
-      secure: true,
-    });
+    this.cookiesService.put('punchout_HookURL', route.queryParamMap.get('HOOK_URL'));
 
     const basketId = window.sessionStorage.getItem('basket-id');
     if (!basketId) {