+-----------------+     request with     +------------+
|        |        |   state identifier   |            |
|        |        |       as token       |            |
|    .-<-+->------|--------------------->|------.     |
|   _|_           |                      |      |     |
|  /   \ stored   |                      |      |     |
|  \___/ state    |                      |      |     |
|    |            |                      |      |     |
|    '->-+-<------|<---------------------|------'     |
|        |        |     response with    |            |
|        v        |   token echoed back  |            |
+-----------------+                      +------------+
      Client                                 Server