From 1ae374609f2f078c4f0988aedeb9833ff27aaca4 Mon Sep 17 00:00:00 2001
From: Andy Zhao <andyzhao@google.com>
Date: Fri, 19 Mar 2021 11:49:16 -0700
Subject: [PATCH] authhandler: Reword comment regarding state

---
 authhandler/authhandler.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/authhandler/authhandler.go b/authhandler/authhandler.go
index e397346..69967cf 100644
--- a/authhandler/authhandler.go
+++ b/authhandler/authhandler.go
@@ -28,8 +28,10 @@ type AuthorizationHandler func(authCodeURL string) (code string, state string, e
 //
 // An environment-specific AuthorizationHandler is used to obtain user consent.
 //
-// Per the OAuth protocol, a unique "state" string should be sent and verified
-// before exchanging the auth code for OAuth token to prevent CSRF attacks.
+// Per the OAuth protocol, a unique "state" string should be specified here.
+// This token source will verify that the "state" is identical in the request
+// and response before exchanging the auth code for OAuth token to prevent CSRF
+// attacks.
 func TokenSource(ctx context.Context, config *oauth2.Config, state string, authHandler AuthorizationHandler) oauth2.TokenSource {
 	return oauth2.ReuseTokenSource(nil, authHandlerSource{config: config, ctx: ctx, authHandler: authHandler, state: state})
 }