Add option to use OAuth "state" param in internet accounts (#3296)

* Add option to use OAuth "state" param

* Make state not a getter

plugins/authentication/src/OAuthModel/configSchema.ts

@@ -58,6 +58,14 @@ const OAuthConfigSchema = ConfigurationSchema(
       type: 'string',
       defaultValue: '',
     },
+    /**
+     * #slot
+     */
+    state: {
+      description: 'optional state for the authorization call',
+      type: 'string',
+      defaultValue: '',
+    },
     /**
      * #slot
      */

plugins/authentication/src/OAuthModel/model.tsx

@@ -15,6 +15,7 @@ interface OAuthData {
   code_challenge?: string
   code_challenge_method?: string
   token_access_type?: string
+  state?: string
 }
 
 function fixup(buf: string) {
@@ -70,6 +71,13 @@ const stateModelFactory = (configSchema: OAuthInternetAccountConfigModel) => {
       get scopes(): string {
         return getConf(self, 'scopes')
       },
+      /**
+       * OAuth state parameter: https://www.rfc-editor.org/rfc/rfc6749#section-4.1.1
+       * Can override or extend if dynamic state is needed.
+       */
+      state(): string | undefined {
+        return getConf(self, 'state') || undefined
+      },
       get responseType(): 'token' | 'code' {
         return getConf(self, 'responseType')
       },
@@ -155,7 +163,7 @@ const stateModelFactory = (configSchema: OAuthInternetAccountConfigModel) => {
             if (obj.error === 'invalid_grant') {
               this.removeRefreshToken()
             }
-            text ??= obj?.error_description
+            text = obj?.error_description ?? text
           } catch (e) {
             /* just use original text as error */
           }
@@ -256,6 +264,10 @@ const stateModelFactory = (configSchema: OAuthInternetAccountConfigModel) => {
             response_type: self.responseType || 'code',
           }
 
+          if (self.state()) {
+            data.state = self.state()
+          }
+
           if (self.scopes) {
             data.scope = self.scopes
           }