Why do we pass "state" to only googleAuth middleware?

[buiducnhat]

Which middleware is the feature for?

@hono/oauth-providers

What is the feature you are proposing?

Currently, I see that @hono/oauth-providers supports discord, facebook, github, google, linkedin, x OAuth. I have just test for github and google and it works probably.

But I face a problem, I want to configure the URL that clients can be redirected after authorized successfully (redirect from Hono context, not from the providers, they are callbacks).

Then, I see that the googleAuth.ts has a options that can pass the state:

export function googleAuth(options: {
  scope: string[]
  login_hint?: string
  prompt?: 'none' | 'consent' | 'select_account'
  access_type?: 'online' | 'offline'
  client_id?: string
  client_secret?: string
  state?: string
  redirect_uri?: string
}): MiddlewareHandler {
  return async (c, next) => {
    const newState = options.state || getRandomState()

Then I can pass the clientRedirectUrl to the state, and extract it later.

But when dealing with Github (or other providers like the code I see), they don't have parameter state?

export function githubAuth(options: {
  client_id?: string
  client_secret?: string
  scope?: GitHubScope[]
  oauthApp?: boolean
  redirect_uri?: string
}): MiddlewareHandler {
  return async (c, next) => {
    const newState = getRandomState()

The above block is the githubAuth.ts for example

Are there any reasons so we cannot pass the state to the middlewares? From my side, I think it's inconsistent when we do like that. And of course, I love to have a parameter "state", it will help for my case. If there're no issues if we pass the state to the other providers, I can contribute to this project for completely.

Thanks for reading!

[buiducnhat]

After finding for some problems can occur if we can pass state, I got nothing.
So I have created this PR 917. I would be happy if we complete this.