From ac3f32da7e1bb12b18394cc8dd358be8423e6204 Mon Sep 17 00:00:00 2001
From: Roger Braun <roger@rogerbraun.net>
Date: Thu, 14 Sep 2017 09:29:51 +0200
Subject: [PATCH] Preserve state in oauth

---
 lib/pleroma/web/oauth/oauth_controller.ex             | 8 +++++++-
 lib/pleroma/web/templates/o_auth/o_auth/show.html.eex | 1 +
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
index 4672ce00e..d76a13d31 100644
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -10,7 +10,8 @@ def authorize(conn, params) do
       response_type: params["response_type"],
       client_id: params["client_id"],
       scope: params["scope"],
-      redirect_uri: params["redirect_uri"]
+      redirect_uri: params["redirect_uri"],
+      state: params["state"]
     }
   end
 
@@ -25,6 +26,11 @@ def create_authorization(conn, %{"authorization" => %{"name" => name, "password"
         }
       else
         url = "#{redirect_uri}?code=#{auth.token}"
+        url = if params["state"] do
+          url <> "&state=#{params["state"]}"
+        else
+          url
+        end
         redirect(conn, external: url)
       end
     end
diff --git a/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex b/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex
index ce295ed05..3c6903a16 100644
--- a/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex
+++ b/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex
@@ -10,5 +10,6 @@
 <%= hidden_input f, :response_type, value: @response_type %>
 <%= hidden_input f, :redirect_uri, value: @redirect_uri %>
 <%= hidden_input f, :scope, value: @scope %>
+<%= hidden_input f, :state, value: @state%>
 <%= submit "Authorize" %>
 <% end %>