Add param state in authorize method.

#63
lepture · Dec 10, 2013 · 21f5c3e · 21f5c3e
1 parent 6202188
commit 21f5c3e
Showing 1 changed file with 13 additions and 7 deletions.
diff --git a/flask_oauthlib/client.py b/flask_oauthlib/client.py
@@ -442,8 +442,10 @@ def authorize(self, callback=None, state=None):
         Returns a redirect response to the remote authorization URL with
         the signed callback given.
 
-        :param state: an optional value to embed in the OAuth request. Use this
-        if you want to pass around application state (e.g. CSRF tokens).
+        :param callback: a redirect url for the callback
+        :param state: an optional value to embed in the OAuth request.
+                      Use this if you want to pass around application
+                      state (e.g. CSRF tokens).
         """
         if self.request_token_url:
             token = self.generate_request_token(callback)[0]
@@ -466,11 +468,15 @@ def authorize(self, callback=None, state=None):
                 scope = _encode(scope, self.encoding)
 
             if 'state' in params:
-                state = params.pop('state')
-                if callable(state):
-                    state = state()
-            else:
-                state = None
+                if not state:
+                    state = params.pop('state')
+                else:
+                    # remove state in params
+                    params.pop('state')
+
+            if callable(state):
+                # state can be function for generate a random string
+                state = state()
 
             session['%s_oauthredir' % self.name] = callback
             url = client.prepare_request_uri(