Preston_PLB
/
oauth2
forked from Mirrors/oauth2
1
0
Fork 0
Code Pull Requests Activity

authhandler: Reword comment regarding state

This commit is contained in:
Andy Zhao 2021-03-19 11:49:16 -07:00
parent fcaf0780fa
commit 1ae374609f
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
authhandler/authhandler.go
View File

@ -28,8 +28,10 @@ type AuthorizationHandler func(authCodeURL string) (code string, state string, e
//
// An environment-specific AuthorizationHandler is used to obtain user consent.
//
// Per the OAuth protocol, a unique "state" string should be sent and verified
// before exchanging the auth code for OAuth token to prevent CSRF attacks.
// Per the OAuth protocol, a unique "state" string should be specified here.
// This token source will verify that the "state" is identical in the request
// and response before exchanging the auth code for OAuth token to prevent CSRF
// attacks.
func TokenSource(ctx context.Context, config *oauth2.Config, state string, authHandler AuthorizationHandler) oauth2.TokenSource {
return oauth2.ReuseTokenSource(nil, authHandlerSource{config: config, ctx: ctx, authHandler: authHandler, state: state})
}