Set state parameter for OIDC authentication

[tmarback]

Is your feature request related to a problem? Please describe

Tried using the app for a cluster with OIDC authentication, but found that the login gets an error every time, (as far as I can tell) due to the state parameter being omitted; while technically it is optional according to the OIDC specification, some providers (like Okta) make it required for security reasons.

Describe the solution you'd like

In theory, the recommended way to use state would be to randomly generate it for each auth request, then later match on the callback. Given that this app doesn't directly handle the callback, maybe add an extra field next to the Code box on the OIDC form with a generated passphrase, pass that as state, then have the redirect website show whatever state it received in a box next to the code? Then the user can check if it matches (if they want to).

Though if that would be too much effort for what it's worth, just having something (that isn't an empty string) on the state parameter would at least make it work with state-required providers.

Describe alternatives you've considered

N/A

Additional context

N/A