How to manage redirect back to original URL in laravel passport Oauth2 flow

Question

I have an authenticating server (auth-server) running laravel passport, and another web application (application B) running on laravel using above auth-server to authenticate users using authorization code grant

Now what I want is to redirect user to the original url in application B after logged in using the auth-server. In oAuth2 flow in laravel passport, we can not send the originating url to the auth process or any extra parameters in that case, it only redirect the user to a pre-given path.

In application B side also I couldn't handle it since, after the redirection, laravel creates a brand new session.So there is no way for me to keep track of the original url.

So since I couldn't send the originating url to the auth-server and get it back from there, nor keep it in a session in application B, how could I keep track on the originating URL..? (Database also is not an option here)

Answer 1

This is actually due to some black magic legacy codes that destroys and regenerating the session right before redirecting to the auth-server. Session do remains after the redirection.

If you have cookie configuration for same_site to none or lax it session will persists even after external redirection.