What's the purpose of static State variable

I was going through below Okta Golang samples. We are using static state while implementing authorization-code flow, what’s the point of static state as it’s leaking into frontend?

https://github.com/okta/samples-golang/blob/develop/custom-login/main.go

If I change it to random string then how can I compare it across different requests (i.e. authorize and token call) as there is nothing common in both these requests and are stateless.

@vivekprm Can you please discuss this issue at GH issues of Okta sample-golang? You can post the specific issue there.

Thanks posted there…