feat: add config parameter to redeclare same site cookie setup

[DeepDiver1975]

Description

In case of openid redirect the cookie samesite strict or lax are not working.

Use:

<?php
$CONFIG = [
        "http.cookie.samesite" => "None",

to choose a different setup

Related Issue

• Fixes https://github.com/owncloud/enterprise/issues/4191

How Has This Been Tested?

• http://openid-azure.owncloud.works/

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Database schema changes (next release will require increase of minor version instead of patch)
• Breaking change (fix or feature that would cause existing functionality to change)
• Technical debt
• Tests only (no source changes)

Checklist:

• Code changes
• Unit tests added
• Acceptance tests added
• Documentation ticket raised:
• Changelog item, see TEMPLATE

[update-docs]

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

[mmattel]

This will be docs relevant, pls do not forget to file a docs issue for a config-to-docs run when close to merge.

[C0rby]

Looks good

[DeepDiver1975]

@micbar pr is ready to be merged and released

[mmattel]

@DeepDiver1975 I know you don´t like it, but pls do: #38458 (comment)

Can you pls give more info what the values mean/do? Possible values: Strict, Lax or None

EDIT: let me rephrase, what would be the impact to a non openid environment when using strict or lax compared to the existing setup like without this PR?

[DeepDiver1975]

@DeepDiver1975 I know you don´t like it, but pls do: #38458 (comment)

owncloud/docs#3260

[DeepDiver1975]

Can you pls give more info what the values mean/do? Possible values: Strict, Lax or None

the internet is full of explanation around this .... no need to duplicate this information.

[DeepDiver1975]

EDIT: let me rephrase, what would be the impact to a non openid environment when using strict or lax compared to the existing setup like without this PR?

the default is 'strict' - same as before this pr - no no change in behavior.

[micbar]

@mmattel Thanks for the commit. Waiting for CI

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information

[jnweiger]

Can you pls give more info what the values mean/do? Possible values: Strict, Lax or None

the internet is full of explanation around this .... no need to duplicate this information.

Admin docu should make the connection from the error message "Unable to determine state" to the config setting "http.cookie.samesite"
I doubt the internet knows that much.

[mmattel]

I added a link to the docs issue (owncloud/docs#3260 (comment)) where there is more information. If you agree we take a closer look on that link if the information provided satisfies the needs and in case not, we have to ask @DeepDiver1975 for an in depth input.

[gabi18]

On macOS Mojave 10.14.6 (Safari 12.1.2) the error persists, see
#38519

Confirmed fixed on macOS BigSur 11.1 and 11.2.3.