From ea1e1ba665a474ec23f32bf16b06bdc806508a63 Mon Sep 17 00:00:00 2001
From: "yadong.zhang" <yadong.zhang0415@gmail.com>
Date: Thu, 25 Jul 2019 22:33:24 +0800
Subject: [PATCH] =?UTF-8?q?State=E4=BC=98=E5=8C=96=E7=AC=AC=E4=B8=80?=
 =?UTF-8?q?=E6=AD=A5=EF=BC=9A=E5=8E=BB=E6=8E=89AuthState=E5=B7=A5=E5=85=B7?=
 =?UTF-8?q?=E7=B1=BB?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/main/java/me/zhyd/oauth/request/AuthRequest.java | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/main/java/me/zhyd/oauth/request/AuthRequest.java b/src/main/java/me/zhyd/oauth/request/AuthRequest.java
index 7b838e7..3d66f2c 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthRequest.java
@@ -15,6 +15,9 @@ public interface AuthRequest {
 
     /**
      * 返回认证url，可自行跳转页面
+     * <p>
+     * 不建议使用该方式获取授权地址，不带{@code state}的授权地址，容易受到csrf攻击。
+     * 建议使用{@link AuthDefaultRequest#authorize(String)}方法生成授权地址，在回调方法中对{@code state}进行校验
      *
      * @return 返回授权地址
      */
-- 
GitLab