From 6ce5984c1e233a0b1acf4c174c8d4b10f4b65ea2 Mon Sep 17 00:00:00 2001
From: lilly <li@lly.sh>
Date: Thu, 14 May 2026 17:51:56 +0200
Subject: [PATCH] api: fix OIDC not re-persisting token nonce

---
 api/src/dooris_api/deps.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/src/dooris_api/deps.py b/api/src/dooris_api/deps.py
index fa86c1b..949fd13 100644
--- a/api/src/dooris_api/deps.py
+++ b/api/src/dooris_api/deps.py
@@ -44,7 +44,7 @@ async def get_current_user(
         token_resp = oidc_client.exchange_refresh_token(req.cookies["refresh_token"])
         if isinstance(token_resp, TokenSuccessResponse):
             logger.debug("successfully got new tokens from refresh token")
-            persist_auth_state(oidc_client, resp, token_resp, auth_start_time)
+            persist_auth_state(oidc_client, resp, token_resp, auth_start_time, req.cookies["auth_nonce"])
 
             # return the newly gotten info
             id_token = oidc_client.decode_id_token(token_resp.id_token)