Prevent the issue of broken SAML login flow

compose/custom-nginx/iam.conf

@@ -38,6 +38,8 @@ server {
     proxy_set_header        X-SSL-Client-Verify  $ssl_client_verify;
     proxy_set_header        X-SSL-Protocol $ssl_protocol;
     proxy_set_header        X-SSL-Server-Name $ssl_server_name;
+
+    proxy_cookie_flags ~ secure samesite=none;
   }
 
   location /iam-test-client {

iam-login-service/src/main/java/it/infn/mw/iam/config/IamConfig.java

@@ -49,6 +49,7 @@
 import org.springframework.security.oauth2.provider.ClientDetailsService;
 import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
 import org.springframework.security.oauth2.provider.token.TokenEnhancer;
+import org.springframework.session.web.http.DefaultCookieSerializer;
 
 import com.google.common.collect.Maps;
 
@@ -309,8 +310,15 @@ UsernameValidator usernameRegExpValidator() {
   }
 
   @Bean(destroyMethod = "shutdown")
-  public ScheduledExecutorService taskScheduler() {
+  ScheduledExecutorService taskScheduler() {
     return Executors.newSingleThreadScheduledExecutor();
   }
 
+  @Bean
+  DefaultCookieSerializer defaultCookieSerializer() {
+    DefaultCookieSerializer cs = new DefaultCookieSerializer();
+    cs.setSameSite(null);
+    return cs;
+  }
+
 }