Here's what I'm seeing on my server end when I pass a custom "state" to the server:
Parameters: {"client_id"=>"nepvvi6x5ecegqys6e32bob4bf2vzjb", "response_type"=>"token", "redirect_uri"=>"http://teamclockjs.payrollhero.dev/", "display"=>"popup", "scope"=>"write_schedules read_schedules", "state"=>"{\"client_id\":\"nepvvi6x5ecegqys6e32bob4bf2vzjb\",\"network\":\"payrollhero_dev_schedules\",\"display\":\"popup\",\"callback\":\"_hellojs_8db6uu1v\",\"state\":{\"require_account_id\":1},\"oauth_proxy\":\"https://auth-server.herokuapp.com/proxy\",\"scope\":\"change_schedules,basic\",\"oauth\":{\"version\":2,\"auth\":\"http://teamclockmanagerauth.payrollhero.dev/oauth/authorize\",\"grant\":\"http://teamclockmanagerauth.payrollhero.dev/oauth/token\",\"logout\":\"http://teamclockmanagerauth.payrollhero.dev/oauth/logout\"}}"}
Seems that the "state" ends up within "state" again. This is very confusing.
I note here's the problem:
//
// QUERY STRING
// querystring parameters, we may pass our own arguments to form the querystring
//
p.qs = {
client_id : provider.id,
response_type : opts.response_type,
redirect_uri : opts.redirect_uri,
display : opts.display,
scope : 'basic',
state : {
client_id : provider.id,
network : p.network,
display : opts.display,
callback : callback_id,
state : opts.state,
oauth_proxy : opts.oauth_proxy
}
};
Really the state object needs to merge these into the passed in state.