From 45582b6ee9b11f32cbfa07cc6c0a3a67b700a06d Mon Sep 17 00:00:00 2001
From: Diego Parisi <gandaldf@users.noreply.github.com>
Date: Mon, 14 Aug 2023 17:14:24 +0200
Subject: [PATCH] feat: delete PKCE cookie after code exchange (#419)

---
 pkg/client/rp/relying_party.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pkg/client/rp/relying_party.go b/pkg/client/rp/relying_party.go
index 114599d..051b8c8 100644
--- a/pkg/client/rp/relying_party.go
+++ b/pkg/client/rp/relying_party.go
@@ -438,6 +438,7 @@ func CodeExchangeHandler[C oidc.IDClaims](callback CodeExchangeCallback[C], rp R
 				return
 			}
 			codeOpts = append(codeOpts, WithCodeVerifier(codeVerifier))
+			rp.CookieHandler().DeleteCookie(w, pkceCode)
 		}
 		if rp.Signer() != nil {
 			assertion, err := client.SignedJWTProfileAssertion(rp.OAuthConfig().ClientID, []string{rp.Issuer()}, time.Hour, rp.Signer())