# File lib/googleauth/web_user_authorizer.rb, line 229
      def self.validate_callback_state state, request
        raise Signet::AuthorizationError, MISSING_AUTH_CODE_ERROR if state[AUTH_CODE_KEY].nil?
        if state[ERROR_CODE_KEY]
          raise Signet::AuthorizationError,
                format(AUTHORIZATION_ERROR, state[ERROR_CODE_KEY])
        elsif request.session[XSRF_KEY] != state[SESSION_ID_KEY]
          raise Signet::AuthorizationError, INVALID_STATE_TOKEN_ERROR
        end
      end