State is irrelevant
From the docs
Your unique token, generated by your application. This is an OAuth 2.0 opaque value, used to avoid CSRF attacks. This value is echoed back in the response. We strongly recommend you use this.
State is whatever you want it to be, for you to generate a token for yourself to use, it’s totally irrelevant