Merge pull request #1157 from nextcloud/enh/noid/state-mismatch-debug

Add warning log with more data when there is a state mismatch

Author: julien-nc

lib/Controller/LoginController.php

@@ -328,16 +328,23 @@ public function code(string $state = '', string $code = '', string $scope = '',
 			return $this->build403TemplateResponse($message, Http::STATUS_BAD_REQUEST, [], false);
 		}
 
-		if ($this->session->get(self::STATE) !== $state) {
-			$this->logger->debug('state does not match');
+		$storedState = $this->session->get(self::STATE);
+
+		if ($storedState !== $state) {
+			$this->logger->warning('state does not match', [
+				'got' => $state,
+				'expected' => $storedState,
+				'state_exists_in_session' => $this->session->exists(self::STATE),
+			]);
 
 			$message = $this->l10n->t('The received state does not match the expected value.');
 			if ($this->isDebugModeEnabled()) {
 				$responseData = [
 					'error' => 'invalid_state',
 					'error_description' => $message,
 					'got' => $state,
-					'expected' => $this->session->get(self::STATE),
+					'expected' => $storedState,
+					'state_exists_in_session' => $this->session->exists(self::STATE),
 				];
 				return new JSONResponse($responseData, Http::STATUS_FORBIDDEN);
 			}