Callback state overwritten with generateState #559
Description
Issue
In RNAppAuth.m around line 283, state is overwritten with [[self class] generateState]. As far as I can see (at least with google), the state query parameter that is passed in the authorization request is the only stateful piece of information returned in the callback url query parameters. Therefore, when I would try to make a request with some stateful information for my app, the state is overwritten by a nonce.
I have temporarily fixed this by changing state: [[self class] generateState] to `state: useNonce ? [[self class] generateState] : nil'
Environment
- Google (google callbacks to my server, which does some stuff etc.)
- IOS at the moment
- Not using expo