Adding (ignored) oauth2 state parameter.

lib/swagger-oauth.js

@@ -140,6 +140,9 @@ function handleLogin() {
         scopes.push(scope);
     }
 
+    // Implicit auth recommends a state parameter.
+    var state = Math.random ();
+
     window.enabledScopes=scopes;
 
     redirect_uri = redirectUrl;
@@ -148,6 +151,7 @@ function handleLogin() {
     url += '&realm=' + encodeURIComponent(realm);
     url += '&client_id=' + encodeURIComponent(clientId);
     url += '&scope=' + encodeURIComponent(scopes);
+    url += '&state=' + encodeURIComponent(state);
 
     window.open(url);
   });