1 files changed, 14 insertions, 2 deletions

diff --git a/indieauth/src/lib.rs b/indieauth/src/lib.rs
index 741eb81..bbabe1f 100644
--- a/indieauth/src/lib.rs
+++ b/indieauth/src/lib.rs
@@ -28,10 +28,14 @@ pub use self::scopes::{Scope, Scopes};
 mod pkce;
 pub use self::pkce::{PKCEMethod, PKCEVerifier, PKCEChallenge};
 
+// Re-export rand crate just to be sure.
+pub use rand;
+
 /// Authentication methods supported by the introspection endpoint.
 /// Note that authentication at the introspection endpoint is
 /// mandatory.
 #[derive(Copy, Clone, Debug, Serialize, Deserialize)]
+#[non_exhaustive]
 pub enum IntrospectionEndpointAuthMethod {
     /// `Authorization` header with a `Bearer` token.
     Bearer,
@@ -58,6 +62,7 @@ pub enum IntrospectionEndpointAuthMethod {
 /// disturbing anyone.
 #[derive(Copy, Clone, Debug, Serialize, Deserialize)]
 #[serde(rename_all = "snake_case")]
+#[non_exhaustive]
 pub enum RevocationEndpointAuthMethod {
     /// No authentication is required to access an endpoint declaring
     /// this value.
@@ -263,12 +268,19 @@ pub struct State(String);
 impl State {
     /// Generate a random state string of 128 bytes in length.
     pub fn new() -> Self {
+        Self::from_rng(&mut rand::thread_rng())
+    }
+
+    /// Generate a random state string of 128 bytes in length, using
+    /// the provided random number generator.
+    pub fn from_rng(rng: &mut (impl rand::CryptoRng + rand::Rng)) -> Self {
         use rand::{Rng, distributions::Alphanumeric};
-        let bytes = rand::thread_rng()
-            .sample_iter(&Alphanumeric)
+
+        let bytes = rng.sample_iter(&Alphanumeric)
             .take(128)
             .collect::<Vec<u8>>();
         Self(String::from_utf8(bytes).unwrap())
+
     }
 }
 impl AsRef<str> for State {