From 9b289eca9d63a2be7c1831c7384e92a436a42964 Mon Sep 17 00:00:00 2001
From: Julian Lam <julian@nodebb.org>
Date: Wed, 13 Jan 2021 16:25:19 -0500
Subject: [PATCH] fix: ssoState passed to strategies even if not called for

---
 src/routes/authentication.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/routes/authentication.js b/src/routes/authentication.js
index 8de1915c21..eba27b038f 100644
--- a/src/routes/authentication.js
+++ b/src/routes/authentication.js
@@ -103,7 +103,7 @@ Auth.reloadRoutes = async function (params) {
 				passport.authenticate(strategy.name, {
 					scope: strategy.scope,
 					prompt: strategy.prompt || undefined,
-					state: req.session.ssoState,
+					state: strategy.checkState ? req.session.ssoState : undefined,
 				})(req, res, next);
 			});
 		}