What's the purpose of static State variable

vivekprm · November 19, 2020, 5:08am

I was going through below Okta Golang samples. We are using static state while implementing authorization-code flow, what’s the point of static state as it’s leaking into frontend?

https://github.com/okta/samples-golang/blob/develop/custom-login/main.go

If I change it to random string then how can I compare it across different requests (i.e. authorize and token call) as there is nothing common in both these requests and are stateless.

Lijia · November 24, 2020, 11:12pm

@vivekprm Can you please discuss this issue at GH issues of Okta sample-golang? You can post the specific issue there.

vivekprm · November 26, 2020, 6:31am

Thanks posted there…

system · January 19, 2024, 1:03am

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
OAuth Authorization State Parameter Questions	3	10450	October 1, 2019
Passing state in auth flow Questions	3	6140	January 23, 2024
Should I generate STATE from my front end (REACT) when authorizing or? OAuth/OIDC reactjs	2	278	July 2, 2024
State Token Generation issue OAuth/OIDC	2	2294	February 16, 2024
How to find state? OAuth/OIDC api	4	5369	August 24, 2021

What's the purpose of static State variable

Related topics