hybridauth

diff -uprb a/hybridauth.pages.inc b/hybridauth.pages.inc
--- hybridauth.pages.inc	2013-10-25 00:59:12.000000000 +0530
+++ hybridauth.pages.inc	2015-01-14 12:46:44.000000000 +0530
@@ -6,7 +6,7 @@

 function hybridauth_endpoint() {
   // Make sure the session is started, HybridAuth library needs it.
-  drupal_session_start();
+  hybridauth_session_start();

   if ($lib_path = _hybridauth_library_path()) {
     try {
@@ -21,6 +21,29 @@ function hybridauth_endpoint() {
 }

 /**
+ * Initialize the user session before using the hybridauth library.
+ */
+function hybridauth_session_start() {
+  // Make sure that a user session exists.
+  drupal_session_start();
+  // Special handling for HTTPS with normal session IDs and secure session IDs.
+  // Duplicated sessions are created, so we need to pull out the correct session
+  // data.
+  global $is_https;
+  if ($is_https && variable_get('https', FALSE)) {
+    // If there is an existing session with the same secure session ID we need
+    // to replace the $_SESSION contents with that.
+    $session = db_query('SELECT session FROM {sessions} WHERE sid = :sid AND ssid = :sid', array('sid' => session_id()))->fetchField();
+    if ($session) {
+      // Overwrite $_SESSION with the data.
+      session_decode($session);
+      // Remove the duplicate session from the database.
+      db_delete('sessions')->condition('sid', session_id())->execute();
+    }
+  }
+}
+
+/**
  * Returns HybridAuth widget with list of providers icons.
  */
 function hybridauth_providers($js, $icon_pack) {
@@ -49,7 +72,7 @@ function hybridauth_window_start($provid
   }

   // Make sure the session is started, HybridAuth library needs it.
-  drupal_session_start();
+  hybridauth_session_start();

   // Try to get HybridAuth instance.
   if ($hybridauth = hybridauth_get_instance()) {