From a4975af628c464d568d0f788fb51e4f233b2872e Mon Sep 17 00:00:00 2001
From: Dmitry Patsura <talk@dmtry.me>
Date: Thu, 13 Jun 2019 13:51:12 +0300
Subject: [PATCH] [OAuth2] Feature: Improve messages for Exceptions

---
 src/OAuth2/Exception/InvalidState.php | 2 +-
 src/OAuth2/Exception/UnknownState.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/OAuth2/Exception/InvalidState.php b/src/OAuth2/Exception/InvalidState.php
index ad7b11df1..d7a2447dd 100644
--- a/src/OAuth2/Exception/InvalidState.php
+++ b/src/OAuth2/Exception/InvalidState.php
@@ -8,7 +8,7 @@
 
 class InvalidState extends \SocialConnect\Provider\Exception\AuthFailed
 {
-    public function __construct($message = 'Invalid state')
+    public function __construct($message = 'State parameter inside Request is not similar to value from Session, possible CSRF attack')
     {
         parent::__construct($message);
     }
diff --git a/src/OAuth2/Exception/UnknownState.php b/src/OAuth2/Exception/UnknownState.php
index f698a2f70..bf2f9c3b1 100644
--- a/src/OAuth2/Exception/UnknownState.php
+++ b/src/OAuth2/Exception/UnknownState.php
@@ -8,7 +8,7 @@
 
 class UnknownState extends \SocialConnect\Provider\Exception\AuthFailed
 {
-    public function __construct($message = 'Unknown state')
+    public function __construct($message = 'There is no state parameter inside redirect from OAuth provider')
     {
         parent::__construct($message);
     }