From d87be8676cddd3aff777d563332c87786023dea7 Mon Sep 17 00:00:00 2001
From: Stavros <steveiliop56@gmail.com>
Date: Sun, 21 Jun 2026 16:53:31 +0300
Subject: [PATCH] fix: use case insensitive check in the oauth controller

---
 internal/controller/oauth_controller.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/internal/controller/oauth_controller.go b/internal/controller/oauth_controller.go
index 1aa84a7b..fffc363c 100644
--- a/internal/controller/oauth_controller.go
+++ b/internal/controller/oauth_controller.go
@@ -335,7 +335,7 @@ func (controller *OAuthController) isRedirectSafe(redirectURI string) bool {
 		return false
 	}
 
-	if u.Host == au.Host {
+	if strings.EqualFold(u.Host, au.Host) {
 		return true
 	}
 
@@ -343,7 +343,7 @@ func (controller *OAuthController) isRedirectSafe(redirectURI string) bool {
 		return false
 	}
 
-	if strings.HasSuffix(u.Host, "."+au.Host) {
+	if strings.HasSuffix(strings.ToLower(u.Host), "."+strings.ToLower(controller.runtime.CookieDomain)) {
 		return true
 	}