Support configurable cookie security policy. Details in place.

Author: Revsgaard

src/ITfoxtec.Identity.Saml2.MvcCore/Configuration/Saml2ServiceCollectionExtensions.cs

@@ -14,7 +14,10 @@ public static class Saml2ServiceCollectionExtensions
         /// <param name="slidingExpiration">If set to true the handler re-issue a new cookie with a new expiration time any time it processes a request which is more than halfway through the expiration window.</param>
         /// <param name="accessDeniedPath">If configured, access denied redirection target used by the handler.</param>
         /// <param name="sessionStore">Allow configuration of a custom ITicketStore.</param>
-        public static IServiceCollection AddSaml2(this IServiceCollection services, string loginPath = "/Auth/Login", bool slidingExpiration = false, string accessDeniedPath = null, ITicketStore sessionStore = null, SameSiteMode cookieSameSite = SameSiteMode.Lax, string cookieDomain = null, CookieSecurePolicy cookieSecurePolicy = CookieSecurePolicy.None)
+        /// <param name="cookieSameSite">The SameSite attribute of the cookie. The default value is Microsoft.AspNetCore.Http.SameSiteMode.Lax</param>
+        /// <param name="cookieDomain">If configured, the domain to associate the cookie with.</param>
+        /// <param name="cookieSecurePolicy">The cookie policy. The default value is Microsoft.AspNetCore.Http.CookieSecurePolicy.SameAsRequest.</param>
+        public static IServiceCollection AddSaml2(this IServiceCollection services, string loginPath = "/Auth/Login", bool slidingExpiration = false, string accessDeniedPath = null, ITicketStore sessionStore = null, SameSiteMode cookieSameSite = SameSiteMode.Lax, string cookieDomain = null, CookieSecurePolicy cookieSecurePolicy = CookieSecurePolicy.SameAsRequest)
         {
             services.AddAuthentication(Saml2Constants.AuthenticationScheme)
                 .AddCookie(Saml2Constants.AuthenticationScheme, o =>