@supabase/auth-js 2.79.1-canary.2 → 2.80.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. package/README.md +35 -17
  2. package/dist/main/AuthAdminApi.js +2 -4
  3. package/dist/main/AuthAdminApi.js.map +1 -1
  4. package/dist/main/AuthClient.js +2 -4
  5. package/dist/main/AuthClient.js.map +1 -1
  6. package/dist/main/GoTrueAdminApi.d.ts +7 -0
  7. package/dist/main/GoTrueAdminApi.d.ts.map +1 -1
  8. package/dist/main/GoTrueAdminApi.js +28 -15
  9. package/dist/main/GoTrueAdminApi.js.map +1 -1
  10. package/dist/main/GoTrueClient.d.ts +38 -1
  11. package/dist/main/GoTrueClient.d.ts.map +1 -1
  12. package/dist/main/GoTrueClient.js +293 -152
  13. package/dist/main/GoTrueClient.js.map +1 -1
  14. package/dist/main/index.js +7 -23
  15. package/dist/main/index.js.map +1 -1
  16. package/dist/main/lib/error-codes.d.ts +1 -1
  17. package/dist/main/lib/fetch.js +2 -12
  18. package/dist/main/lib/fetch.js.map +1 -1
  19. package/dist/main/lib/helpers.d.ts +11 -0
  20. package/dist/main/lib/helpers.d.ts.map +1 -1
  21. package/dist/main/lib/helpers.js +39 -42
  22. package/dist/main/lib/helpers.js.map +1 -1
  23. package/dist/main/lib/types.d.ts +145 -3
  24. package/dist/main/lib/types.d.ts.map +1 -1
  25. package/dist/main/lib/types.js.map +1 -1
  26. package/dist/main/lib/version.d.ts +1 -1
  27. package/dist/main/lib/version.d.ts.map +1 -1
  28. package/dist/main/lib/version.js +1 -1
  29. package/dist/main/lib/version.js.map +1 -1
  30. package/dist/main/lib/webauthn.js +3 -13
  31. package/dist/main/lib/webauthn.js.map +1 -1
  32. package/dist/module/GoTrueAdminApi.d.ts +7 -0
  33. package/dist/module/GoTrueAdminApi.d.ts.map +1 -1
  34. package/dist/module/GoTrueAdminApi.js +27 -14
  35. package/dist/module/GoTrueAdminApi.js.map +1 -1
  36. package/dist/module/GoTrueClient.d.ts +38 -1
  37. package/dist/module/GoTrueClient.d.ts.map +1 -1
  38. package/dist/module/GoTrueClient.js +292 -149
  39. package/dist/module/GoTrueClient.js.map +1 -1
  40. package/dist/module/lib/error-codes.d.ts +1 -1
  41. package/dist/module/lib/fetch.js +1 -11
  42. package/dist/module/lib/fetch.js.map +1 -1
  43. package/dist/module/lib/helpers.d.ts +11 -0
  44. package/dist/module/lib/helpers.d.ts.map +1 -1
  45. package/dist/module/lib/helpers.js +38 -9
  46. package/dist/module/lib/helpers.js.map +1 -1
  47. package/dist/module/lib/types.d.ts +145 -3
  48. package/dist/module/lib/types.d.ts.map +1 -1
  49. package/dist/module/lib/types.js.map +1 -1
  50. package/dist/module/lib/version.d.ts +1 -1
  51. package/dist/module/lib/version.d.ts.map +1 -1
  52. package/dist/module/lib/version.js +1 -1
  53. package/dist/module/lib/version.js.map +1 -1
  54. package/dist/module/lib/webauthn.js +1 -11
  55. package/dist/module/lib/webauthn.js.map +1 -1
  56. package/dist/tsconfig.module.tsbuildinfo +1 -0
  57. package/dist/tsconfig.tsbuildinfo +1 -0
  58. package/package.json +9 -10
  59. package/src/GoTrueAdminApi.ts +38 -15
  60. package/src/GoTrueClient.ts +356 -150
  61. package/src/lib/error-codes.ts +1 -1
  62. package/src/lib/helpers.ts +46 -8
  63. package/src/lib/types.ts +159 -2
  64. package/src/lib/version.ts +1 -1
package/dist/main/GoTrueClient.js CHANGED
@@ -1,9 +1,7 @@
1
1
  "use strict";
2
- var __importDefault = (this && this.__importDefault) || function (mod) {
3
- return (mod && mod.__esModule) ? mod : { "default": mod };
4
- };
5
2
  Object.defineProperty(exports, "__esModule", { value: true });
6
- const GoTrueAdminApi_1 = __importDefault(require("./GoTrueAdminApi"));
3
+ const tslib_1 = require("tslib");
4
+ const GoTrueAdminApi_1 = tslib_1.__importDefault(require("./GoTrueAdminApi"));
7
5
  const constants_1 = require("./lib/constants");
8
6
  const errors_1 = require("./lib/errors");
9
7
  const fetch_1 = require("./lib/fetch");
@@ -26,6 +24,7 @@ const DEFAULT_OPTIONS = {
26
24
  flowType: 'implicit',
27
25
  debug: false,
28
26
  hasCustomAuthorizationHeader: false,
27
+ throwOnError: false,
29
28
  };
30
29
  async function lockNoOp(name, acquireTimeout, fn) {
31
30
  return await fn();
@@ -61,7 +60,7 @@ class GoTrueClient {
61
60
  * Create a new client for use in the browser.
62
61
  */
63
62
  constructor(options) {
64
- var _a, _b;
63
+ var _a, _b, _c;
65
64
  /**
66
65
  * @experimental
67
66
  */
@@ -88,18 +87,22 @@ class GoTrueClient {
88
87
  */
89
88
  this.broadcastChannel = null;
90
89
  this.logger = console.log;
91
- this.instanceID = GoTrueClient.nextInstanceID;
92
- GoTrueClient.nextInstanceID += 1;
93
- if (this.instanceID > 0 && (0, helpers_1.isBrowser)()) {
94
- console.warn('Multiple GoTrueClient instances detected in the same browser context. It is not an error, but this should be avoided as it may produce undefined behavior when used concurrently under the same storage key.');
95
- }
96
90
  const settings = Object.assign(Object.assign({}, DEFAULT_OPTIONS), options);
91
+ this.storageKey = settings.storageKey;
92
+ this.instanceID = (_a = GoTrueClient.nextInstanceID[this.storageKey]) !== null && _a !== void 0 ? _a : 0;
93
+ GoTrueClient.nextInstanceID[this.storageKey] = this.instanceID + 1;
97
94
  this.logDebugMessages = !!settings.debug;
98
95
  if (typeof settings.debug === 'function') {
99
96
  this.logger = settings.debug;
100
97
  }
98
+ if (this.instanceID > 0 && (0, helpers_1.isBrowser)()) {
99
+ const message = `${this._logPrefix()} Multiple GoTrueClient instances detected in the same browser context. It is not an error, but this should be avoided as it may produce undefined behavior when used concurrently under the same storage key.`;
100
+ console.warn(message);
101
+ if (this.logDebugMessages) {
102
+ console.trace(message);
103
+ }
104
+ }
101
105
  this.persistSession = settings.persistSession;
102
- this.storageKey = settings.storageKey;
103
106
  this.autoRefreshToken = settings.autoRefreshToken;
104
107
  this.admin = new GoTrueAdminApi_1.default({
105
108
  url: settings.url,
@@ -113,10 +116,11 @@ class GoTrueClient {
113
116
  this.detectSessionInUrl = settings.detectSessionInUrl;
114
117
  this.flowType = settings.flowType;
115
118
  this.hasCustomAuthorizationHeader = settings.hasCustomAuthorizationHeader;
119
+ this.throwOnError = settings.throwOnError;
116
120
  if (settings.lock) {
117
121
  this.lock = settings.lock;
118
122
  }
119
- else if ((0, helpers_1.isBrowser)() && ((_a = globalThis === null || globalThis === void 0 ? void 0 : globalThis.navigator) === null || _a === void 0 ? void 0 : _a.locks)) {
123
+ else if ((0, helpers_1.isBrowser)() && ((_b = globalThis === null || globalThis === void 0 ? void 0 : globalThis.navigator) === null || _b === void 0 ? void 0 : _b.locks)) {
120
124
  this.lock = locks_1.navigatorLock;
121
125
  }
122
126
  else {
@@ -136,6 +140,11 @@ class GoTrueClient {
136
140
  getAuthenticatorAssuranceLevel: this._getAuthenticatorAssuranceLevel.bind(this),
137
141
  webauthn: new webauthn_1.WebAuthnApi(this),
138
142
  };
143
+ this.oauth = {
144
+ getAuthorizationDetails: this._getAuthorizationDetails.bind(this),
145
+ approveAuthorization: this._approveAuthorization.bind(this),
146
+ denyAuthorization: this._denyAuthorization.bind(this),
147
+ };
139
148
  if (this.persistSession) {
140
149
  if (settings.storage) {
141
150
  this.storage = settings.storage;
@@ -164,16 +173,37 @@ class GoTrueClient {
164
173
  catch (e) {
165
174
  console.error('Failed to create a new BroadcastChannel, multi-tab state changes will not be available', e);
166
175
  }
167
- (_b = this.broadcastChannel) === null || _b === void 0 ? void 0 : _b.addEventListener('message', async (event) => {
176
+ (_c = this.broadcastChannel) === null || _c === void 0 ? void 0 : _c.addEventListener('message', async (event) => {
168
177
  this._debug('received broadcast notification from other tab or client', event);
169
178
  await this._notifyAllSubscribers(event.data.event, event.data.session, false); // broadcast = false so we don't get an endless loop of messages
170
179
  });
171
180
  }
172
181
  this.initialize();
173
182
  }
183
+ /**
184
+ * Returns whether error throwing mode is enabled for this client.
185
+ */
186
+ isThrowOnErrorEnabled() {
187
+ return this.throwOnError;
188
+ }
189
+ /**
190
+ * Centralizes return handling with optional error throwing. When `throwOnError` is enabled
191
+ * and the provided result contains a non-nullish error, the error is thrown instead of
192
+ * being returned. This ensures consistent behavior across all public API methods.
193
+ */
194
+ _returnResult(result) {
195
+ if (this.throwOnError && result && result.error) {
196
+ throw result.error;
197
+ }
198
+ return result;
199
+ }
200
+ _logPrefix() {
201
+ return ('GoTrueClient@' +
202
+ `${this.storageKey}:${this.instanceID} (${version_1.version}) ${new Date().toISOString()}`);
203
+ }
174
204
  _debug(...args) {
175
205
  if (this.logDebugMessages) {
176
- this.logger(`GoTrueClient@${this.instanceID} (${version_1.version}) ${new Date().toISOString()}`, ...args);
206
+ this.logger(this._logPrefix(), ...args);
177
207
  }
178
208
  return this;
179
209
  }
@@ -202,13 +232,16 @@ class GoTrueClient {
202
232
  async _initialize() {
203
233
  var _a;
204
234
  try {
205
- const params = (0, helpers_1.parseParametersFromURL)(window.location.href);
235
+ let params = {};
206
236
  let callbackUrlType = 'none';
207
- if (this._isImplicitGrantCallback(params)) {
208
- callbackUrlType = 'implicit';
209
- }
210
- else if (await this._isPKCECallback(params)) {
211
- callbackUrlType = 'pkce';
237
+ if ((0, helpers_1.isBrowser)()) {
238
+ params = (0, helpers_1.parseParametersFromURL)(window.location.href);
239
+ if (this._isImplicitGrantCallback(params)) {
240
+ callbackUrlType = 'implicit';
241
+ }
242
+ else if (await this._isPKCECallback(params)) {
243
+ callbackUrlType = 'pkce';
244
+ }
212
245
  }
213
246
  /**
214
247
  * Attempt to get the session from the URL only if these conditions are fulfilled
@@ -252,11 +285,11 @@ class GoTrueClient {
252
285
  }
253
286
  catch (error) {
254
287
  if ((0, errors_1.isAuthError)(error)) {
255
- return { error };
288
+ return this._returnResult({ error });
256
289
  }
257
- return {
290
+ return this._returnResult({
258
291
  error: new errors_1.AuthUnknownError('Unexpected error during initialization', error),
259
- };
292
+ });
260
293
  }
261
294
  finally {
262
295
  await this._handleVisibilityChange();
@@ -281,7 +314,7 @@ class GoTrueClient {
281
314
  });
282
315
  const { data, error } = res;
283
316
  if (error || !data) {
284
- return { data: { user: null, session: null }, error: error };
317
+ return this._returnResult({ data: { user: null, session: null }, error: error });
285
318
  }
286
319
  const session = data.session;
287
320
  const user = data.user;
@@ -289,11 +322,11 @@ class GoTrueClient {
289
322
  await this._saveSession(data.session);
290
323
  await this._notifyAllSubscribers('SIGNED_IN', session);
291
324
  }
292
- return { data: { user, session }, error: null };
325
+ return this._returnResult({ data: { user, session }, error: null });
293
326
  }
294
327
  catch (error) {
295
328
  if ((0, errors_1.isAuthError)(error)) {
296
- return { data: { user: null, session: null }, error };
329
+ return this._returnResult({ data: { user: null, session: null }, error });
297
330
  }
298
331
  throw error;
299
332
  }
@@ -353,7 +386,7 @@ class GoTrueClient {
353
386
  }
354
387
  const { data, error } = res;
355
388
  if (error || !data) {
356
- return { data: { user: null, session: null }, error: error };
389
+ return this._returnResult({ data: { user: null, session: null }, error: error });
357
390
  }
358
391
  const session = data.session;
359
392
  const user = data.user;
@@ -361,11 +394,11 @@ class GoTrueClient {
361
394
  await this._saveSession(data.session);
362
395
  await this._notifyAllSubscribers('SIGNED_IN', session);
363
396
  }
364
- return { data: { user, session }, error: null };
397
+ return this._returnResult({ data: { user, session }, error: null });
365
398
  }
366
399
  catch (error) {
367
400
  if ((0, errors_1.isAuthError)(error)) {
368
- return { data: { user: null, session: null }, error };
401
+ return this._returnResult({ data: { user: null, session: null }, error });
369
402
  }
370
403
  throw error;
371
404
  }
@@ -410,23 +443,24 @@ class GoTrueClient {
410
443
  }
411
444
  const { data, error } = res;
412
445
  if (error) {
413
- return { data: { user: null, session: null }, error };
446
+ return this._returnResult({ data: { user: null, session: null }, error });
414
447
  }
415
448
  else if (!data || !data.session || !data.user) {
416
- return { data: { user: null, session: null }, error: new errors_1.AuthInvalidTokenResponseError() };
449
+ const invalidTokenError = new errors_1.AuthInvalidTokenResponseError();
450
+ return this._returnResult({ data: { user: null, session: null }, error: invalidTokenError });
417
451
  }
418
452
  if (data.session) {
419
453
  await this._saveSession(data.session);
420
454
  await this._notifyAllSubscribers('SIGNED_IN', data.session);
421
455
  }
422
- return {
456
+ return this._returnResult({
423
457
  data: Object.assign({ user: data.user, session: data.session }, (data.weak_password ? { weakPassword: data.weak_password } : null)),
424
458
  error,
425
- };
459
+ });
426
460
  }
427
461
  catch (error) {
428
462
  if ((0, errors_1.isAuthError)(error)) {
429
- return { data: { user: null, session: null }, error };
463
+ return this._returnResult({ data: { user: null, session: null }, error });
430
464
  }
431
465
  throw error;
432
466
  }
@@ -558,20 +592,18 @@ class GoTrueClient {
558
592
  throw error;
559
593
  }
560
594
  if (!data || !data.session || !data.user) {
561
- return {
562
- data: { user: null, session: null },
563
- error: new errors_1.AuthInvalidTokenResponseError(),
564
- };
595
+ const invalidTokenError = new errors_1.AuthInvalidTokenResponseError();
596
+ return this._returnResult({ data: { user: null, session: null }, error: invalidTokenError });
565
597
  }
566
598
  if (data.session) {
567
599
  await this._saveSession(data.session);
568
600
  await this._notifyAllSubscribers('SIGNED_IN', data.session);
569
601
  }
570
- return { data: Object.assign({}, data), error };
602
+ return this._returnResult({ data: Object.assign({}, data), error });
571
603
  }
572
604
  catch (error) {
573
605
  if ((0, errors_1.isAuthError)(error)) {
574
- return { data: { user: null, session: null }, error };
606
+ return this._returnResult({ data: { user: null, session: null }, error });
575
607
  }
576
608
  throw error;
577
609
  }
@@ -698,20 +730,18 @@ class GoTrueClient {
698
730
  throw error;
699
731
  }
700
732
  if (!data || !data.session || !data.user) {
701
- return {
702
- data: { user: null, session: null },
703
- error: new errors_1.AuthInvalidTokenResponseError(),
704
- };
733
+ const invalidTokenError = new errors_1.AuthInvalidTokenResponseError();
734
+ return this._returnResult({ data: { user: null, session: null }, error: invalidTokenError });
705
735
  }
706
736
  if (data.session) {
707
737
  await this._saveSession(data.session);
708
738
  await this._notifyAllSubscribers('SIGNED_IN', data.session);
709
739
  }
710
- return { data: Object.assign({}, data), error };
740
+ return this._returnResult({ data: Object.assign({}, data), error });
711
741
  }
712
742
  catch (error) {
713
743
  if ((0, errors_1.isAuthError)(error)) {
714
- return { data: { user: null, session: null }, error };
744
+ return this._returnResult({ data: { user: null, session: null }, error });
715
745
  }
716
746
  throw error;
717
747
  }
@@ -733,20 +763,24 @@ class GoTrueClient {
733
763
  throw error;
734
764
  }
735
765
  if (!data || !data.session || !data.user) {
736
- return {
766
+ const invalidTokenError = new errors_1.AuthInvalidTokenResponseError();
767
+ return this._returnResult({
737
768
  data: { user: null, session: null, redirectType: null },
738
- error: new errors_1.AuthInvalidTokenResponseError(),
739
- };
769
+ error: invalidTokenError,
770
+ });
740
771
  }
741
772
  if (data.session) {
742
773
  await this._saveSession(data.session);
743
774
  await this._notifyAllSubscribers('SIGNED_IN', data.session);
744
775
  }
745
- return { data: Object.assign(Object.assign({}, data), { redirectType: redirectType !== null && redirectType !== void 0 ? redirectType : null }), error };
776
+ return this._returnResult({ data: Object.assign(Object.assign({}, data), { redirectType: redirectType !== null && redirectType !== void 0 ? redirectType : null }), error });
746
777
  }
747
778
  catch (error) {
748
779
  if ((0, errors_1.isAuthError)(error)) {
749
- return { data: { user: null, session: null, redirectType: null }, error };
780
+ return this._returnResult({
781
+ data: { user: null, session: null, redirectType: null },
782
+ error,
783
+ });
750
784
  }
751
785
  throw error;
752
786
  }
@@ -771,23 +805,21 @@ class GoTrueClient {
771
805
  });
772
806
  const { data, error } = res;
773
807
  if (error) {
774
- return { data: { user: null, session: null }, error };
808
+ return this._returnResult({ data: { user: null, session: null }, error });
775
809
  }
776
810
  else if (!data || !data.session || !data.user) {
777
- return {
778
- data: { user: null, session: null },
779
- error: new errors_1.AuthInvalidTokenResponseError(),
780
- };
811
+ const invalidTokenError = new errors_1.AuthInvalidTokenResponseError();
812
+ return this._returnResult({ data: { user: null, session: null }, error: invalidTokenError });
781
813
  }
782
814
  if (data.session) {
783
815
  await this._saveSession(data.session);
784
816
  await this._notifyAllSubscribers('SIGNED_IN', data.session);
785
817
  }
786
- return { data, error };
818
+ return this._returnResult({ data, error });
787
819
  }
788
820
  catch (error) {
789
821
  if ((0, errors_1.isAuthError)(error)) {
790
- return { data: { user: null, session: null }, error };
822
+ return this._returnResult({ data: { user: null, session: null }, error });
791
823
  }
792
824
  throw error;
793
825
  }
@@ -832,7 +864,7 @@ class GoTrueClient {
832
864
  },
833
865
  redirectTo: options === null || options === void 0 ? void 0 : options.emailRedirectTo,
834
866
  });
835
- return { data: { user: null, session: null }, error };
867
+ return this._returnResult({ data: { user: null, session: null }, error });
836
868
  }
837
869
  if ('phone' in credentials) {
838
870
  const { phone, options } = credentials;
@@ -846,13 +878,16 @@ class GoTrueClient {
846
878
  channel: (_e = options === null || options === void 0 ? void 0 : options.channel) !== null && _e !== void 0 ? _e : 'sms',
847
879
  },
848
880
  });
849
- return { data: { user: null, session: null, messageId: data === null || data === void 0 ? void 0 : data.message_id }, error };
881
+ return this._returnResult({
882
+ data: { user: null, session: null, messageId: data === null || data === void 0 ? void 0 : data.message_id },
883
+ error,
884
+ });
850
885
  }
851
886
  throw new errors_1.AuthInvalidCredentialsError('You must provide either an email or phone number.');
852
887
  }
853
888
  catch (error) {
854
889
  if ((0, errors_1.isAuthError)(error)) {
855
- return { data: { user: null, session: null }, error };
890
+ return this._returnResult({ data: { user: null, session: null }, error });
856
891
  }
857
892
  throw error;
858
893
  }
@@ -879,7 +914,8 @@ class GoTrueClient {
879
914
  throw error;
880
915
  }
881
916
  if (!data) {
882
- throw new Error('An error occurred on token verification.');
917
+ const tokenVerificationError = new Error('An error occurred on token verification.');
918
+ throw tokenVerificationError;
883
919
  }
884
920
  const session = data.session;
885
921
  const user = data.user;
@@ -887,11 +923,11 @@ class GoTrueClient {
887
923
  await this._saveSession(session);
888
924
  await this._notifyAllSubscribers(params.type == 'recovery' ? 'PASSWORD_RECOVERY' : 'SIGNED_IN', session);
889
925
  }
890
- return { data: { user, session }, error: null };
926
+ return this._returnResult({ data: { user, session }, error: null });
891
927
  }
892
928
  catch (error) {
893
929
  if ((0, errors_1.isAuthError)(error)) {
894
- return { data: { user: null, session: null }, error };
930
+ return this._returnResult({ data: { user: null, session: null }, error });
895
931
  }
896
932
  throw error;
897
933
  }
@@ -919,17 +955,18 @@ class GoTrueClient {
919
955
  ;
920
956
  [codeChallenge, codeChallengeMethod] = await (0, helpers_1.getCodeChallengeAndMethod)(this.storage, this.storageKey);
921
957
  }
922
- return await (0, fetch_1._request)(this.fetch, 'POST', `${this.url}/sso`, {
958
+ const result = await (0, fetch_1._request)(this.fetch, 'POST', `${this.url}/sso`, {
923
959
  body: Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({}, ('providerId' in params ? { provider_id: params.providerId } : null)), ('domain' in params ? { domain: params.domain } : null)), { redirect_to: (_b = (_a = params.options) === null || _a === void 0 ? void 0 : _a.redirectTo) !== null && _b !== void 0 ? _b : undefined }), (((_c = params === null || params === void 0 ? void 0 : params.options) === null || _c === void 0 ? void 0 : _c.captchaToken)
924
960
  ? { gotrue_meta_security: { captcha_token: params.options.captchaToken } }
925
961
  : null)), { skip_http_redirect: true, code_challenge: codeChallenge, code_challenge_method: codeChallengeMethod }),
926
962
  headers: this.headers,
927
963
  xform: fetch_1._ssoResponse,
928
964
  });
965
+ return this._returnResult(result);
929
966
  }
930
967
  catch (error) {
931
968
  if ((0, errors_1.isAuthError)(error)) {
932
- return { data: null, error };
969
+ return this._returnResult({ data: null, error });
933
970
  }
934
971
  throw error;
935
972
  }
@@ -956,12 +993,12 @@ class GoTrueClient {
956
993
  headers: this.headers,
957
994
  jwt: session.access_token,
958
995
  });
959
- return { data: { user: null, session: null }, error };
996
+ return this._returnResult({ data: { user: null, session: null }, error });
960
997
  });
961
998
  }
962
999
  catch (error) {
963
1000
  if ((0, errors_1.isAuthError)(error)) {
964
- return { data: { user: null, session: null }, error };
1001
+ return this._returnResult({ data: { user: null, session: null }, error });
965
1002
  }
966
1003
  throw error;
967
1004
  }
@@ -983,7 +1020,7 @@ class GoTrueClient {
983
1020
  },
984
1021
  redirectTo: options === null || options === void 0 ? void 0 : options.emailRedirectTo,
985
1022
  });
986
- return { data: { user: null, session: null }, error };
1023
+ return this._returnResult({ data: { user: null, session: null }, error });
987
1024
  }
988
1025
  else if ('phone' in credentials) {
989
1026
  const { phone, type, options } = credentials;
@@ -995,13 +1032,16 @@ class GoTrueClient {
995
1032
  gotrue_meta_security: { captcha_token: options === null || options === void 0 ? void 0 : options.captchaToken },
996
1033
  },
997
1034
  });
998
- return { data: { user: null, session: null, messageId: data === null || data === void 0 ? void 0 : data.message_id }, error };
1035
+ return this._returnResult({
1036
+ data: { user: null, session: null, messageId: data === null || data === void 0 ? void 0 : data.message_id },
1037
+ error,
1038
+ });
999
1039
  }
1000
1040
  throw new errors_1.AuthInvalidCredentialsError('You must provide either an email or phone number and a type');
1001
1041
  }
1002
1042
  catch (error) {
1003
1043
  if ((0, errors_1.isAuthError)(error)) {
1004
- return { data: { user: null, session: null }, error };
1044
+ return this._returnResult({ data: { user: null, session: null }, error });
1005
1045
  }
1006
1046
  throw error;
1007
1047
  }
@@ -1144,28 +1184,25 @@ class GoTrueClient {
1144
1184
  currentSession.user = (0, helpers_1.userNotAvailableProxy)();
1145
1185
  }
1146
1186
  }
1147
- if (this.storage.isServer && currentSession.user) {
1148
- let suppressWarning = this.suppressGetSessionWarning;
1149
- const proxySession = new Proxy(currentSession, {
1150
- get: (target, prop, receiver) => {
1151
- if (!suppressWarning && prop === 'user') {
1152
- // only show warning when the user object is being accessed from the server
1153
- console.warn('Using the user object as returned from supabase.auth.getSession() or from some supabase.auth.onAuthStateChange() events could be insecure! This value comes directly from the storage medium (usually cookies on the server) and may not be authentic. Use supabase.auth.getUser() instead which authenticates the data by contacting the Supabase Auth server.');
1154
- suppressWarning = true; // keeps this proxy instance from logging additional warnings
1155
- this.suppressGetSessionWarning = true; // keeps this client's future proxy instances from warning
1156
- }
1157
- return Reflect.get(target, prop, receiver);
1158
- },
1159
- });
1160
- currentSession = proxySession;
1187
+ // Wrap the user object with a warning proxy on the server
1188
+ // This warns when properties of the user are accessed, not when session.user itself is accessed
1189
+ if (this.storage.isServer &&
1190
+ currentSession.user &&
1191
+ !currentSession.user.__isUserNotAvailableProxy) {
1192
+ const suppressWarningRef = { value: this.suppressGetSessionWarning };
1193
+ currentSession.user = (0, helpers_1.insecureUserWarningProxy)(currentSession.user, suppressWarningRef);
1194
+ // Update the client-level suppression flag when the proxy suppresses the warning
1195
+ if (suppressWarningRef.value) {
1196
+ this.suppressGetSessionWarning = true;
1197
+ }
1161
1198
  }
1162
1199
  return { data: { session: currentSession }, error: null };
1163
1200
  }
1164
1201
  const { data: session, error } = await this._callRefreshToken(currentSession.refresh_token);
1165
1202
  if (error) {
1166
- return { data: { session: null }, error };
1203
+ return this._returnResult({ data: { session: null }, error });
1167
1204
  }
1168
- return { data: { session }, error: null };
1205
+ return this._returnResult({ data: { session }, error: null });
1169
1206
  }
1170
1207
  finally {
1171
1208
  this._debug('#__loadSession()', 'end');
@@ -1222,7 +1259,7 @@ class GoTrueClient {
1222
1259
  await this._removeSession();
1223
1260
  await (0, helpers_1.removeItemAsync)(this.storage, `${this.storageKey}-code-verifier`);
1224
1261
  }
1225
- return { data: { user: null }, error };
1262
+ return this._returnResult({ data: { user: null }, error });
1226
1263
  }
1227
1264
  throw error;
1228
1265
  }
@@ -1260,17 +1297,18 @@ class GoTrueClient {
1260
1297
  jwt: session.access_token,
1261
1298
  xform: fetch_1._userResponse,
1262
1299
  });
1263
- if (userError)
1300
+ if (userError) {
1264
1301
  throw userError;
1302
+ }
1265
1303
  session.user = data.user;
1266
1304
  await this._saveSession(session);
1267
1305
  await this._notifyAllSubscribers('USER_UPDATED', session);
1268
- return { data: { user: session.user }, error: null };
1306
+ return this._returnResult({ data: { user: session.user }, error: null });
1269
1307
  });
1270
1308
  }
1271
1309
  catch (error) {
1272
1310
  if ((0, errors_1.isAuthError)(error)) {
1273
- return { data: { user: null }, error };
1311
+ return this._returnResult({ data: { user: null }, error });
1274
1312
  }
1275
1313
  throw error;
1276
1314
  }
@@ -1303,7 +1341,7 @@ class GoTrueClient {
1303
1341
  if (hasExpired) {
1304
1342
  const { data: refreshedSession, error } = await this._callRefreshToken(currentSession.refresh_token);
1305
1343
  if (error) {
1306
- return { data: { user: null, session: null }, error: error };
1344
+ return this._returnResult({ data: { user: null, session: null }, error: error });
1307
1345
  }
1308
1346
  if (!refreshedSession) {
1309
1347
  return { data: { user: null, session: null }, error: null };
@@ -1326,11 +1364,11 @@ class GoTrueClient {
1326
1364
  await this._saveSession(session);
1327
1365
  await this._notifyAllSubscribers('SIGNED_IN', session);
1328
1366
  }
1329
- return { data: { user: session.user, session }, error: null };
1367
+ return this._returnResult({ data: { user: session.user, session }, error: null });
1330
1368
  }
1331
1369
  catch (error) {
1332
1370
  if ((0, errors_1.isAuthError)(error)) {
1333
- return { data: { session: null, user: null }, error };
1371
+ return this._returnResult({ data: { session: null, user: null }, error });
1334
1372
  }
1335
1373
  throw error;
1336
1374
  }
@@ -1363,17 +1401,17 @@ class GoTrueClient {
1363
1401
  }
1364
1402
  const { data: session, error } = await this._callRefreshToken(currentSession.refresh_token);
1365
1403
  if (error) {
1366
- return { data: { user: null, session: null }, error: error };
1404
+ return this._returnResult({ data: { user: null, session: null }, error: error });
1367
1405
  }
1368
1406
  if (!session) {
1369
- return { data: { user: null, session: null }, error: null };
1407
+ return this._returnResult({ data: { user: null, session: null }, error: null });
1370
1408
  }
1371
- return { data: { user: session.user, session }, error: null };
1409
+ return this._returnResult({ data: { user: session.user, session }, error: null });
1372
1410
  });
1373
1411
  }
1374
1412
  catch (error) {
1375
1413
  if ((0, errors_1.isAuthError)(error)) {
1376
- return { data: { user: null, session: null }, error };
1414
+ return this._returnResult({ data: { user: null, session: null }, error });
1377
1415
  }
1378
1416
  throw error;
1379
1417
  }
@@ -1459,11 +1497,11 @@ class GoTrueClient {
1459
1497
  // Remove tokens from URL
1460
1498
  window.location.hash = '';
1461
1499
  this._debug('#_getSessionFromURL()', 'clearing window.location.hash');
1462
- return { data: { session, redirectType: params.type }, error: null };
1500
+ return this._returnResult({ data: { session, redirectType: params.type }, error: null });
1463
1501
  }
1464
1502
  catch (error) {
1465
1503
  if ((0, errors_1.isAuthError)(error)) {
1466
- return { data: { session: null, redirectType: null }, error };
1504
+ return this._returnResult({ data: { session: null, redirectType: null }, error });
1467
1505
  }
1468
1506
  throw error;
1469
1507
  }
@@ -1500,7 +1538,7 @@ class GoTrueClient {
1500
1538
  var _a;
1501
1539
  const { data, error: sessionError } = result;
1502
1540
  if (sessionError) {
1503
- return { error: sessionError };
1541
+ return this._returnResult({ error: sessionError });
1504
1542
  }
1505
1543
  const accessToken = (_a = data.session) === null || _a === void 0 ? void 0 : _a.access_token;
1506
1544
  if (accessToken) {
@@ -1510,7 +1548,7 @@ class GoTrueClient {
1510
1548
  // ignore 401s since an invalid or expired JWT should sign out the current session
1511
1549
  if (!((0, errors_1.isAuthApiError)(error) &&
1512
1550
  (error.status === 404 || error.status === 401 || error.status === 403))) {
1513
- return { error };
1551
+ return this._returnResult({ error });
1514
1552
  }
1515
1553
  }
1516
1554
  }
@@ -1518,7 +1556,7 @@ class GoTrueClient {
1518
1556
  await this._removeSession();
1519
1557
  await (0, helpers_1.removeItemAsync)(this.storage, `${this.storageKey}-code-verifier`);
1520
1558
  }
1521
- return { error: null };
1559
+ return this._returnResult({ error: null });
1522
1560
  });
1523
1561
  }
1524
1562
  onAuthStateChange(callback) {
@@ -1587,7 +1625,7 @@ class GoTrueClient {
1587
1625
  }
1588
1626
  catch (error) {
1589
1627
  if ((0, errors_1.isAuthError)(error)) {
1590
- return { data: null, error };
1628
+ return this._returnResult({ data: null, error });
1591
1629
  }
1592
1630
  throw error;
1593
1631
  }
@@ -1601,11 +1639,11 @@ class GoTrueClient {
1601
1639
  const { data, error } = await this.getUser();
1602
1640
  if (error)
1603
1641
  throw error;
1604
- return { data: { identities: (_a = data.user.identities) !== null && _a !== void 0 ? _a : [] }, error: null };
1642
+ return this._returnResult({ data: { identities: (_a = data.user.identities) !== null && _a !== void 0 ? _a : [] }, error: null });
1605
1643
  }
1606
1644
  catch (error) {
1607
1645
  if ((0, errors_1.isAuthError)(error)) {
1608
- return { data: null, error };
1646
+ return this._returnResult({ data: null, error });
1609
1647
  }
1610
1648
  throw error;
1611
1649
  }
@@ -1640,11 +1678,14 @@ class GoTrueClient {
1640
1678
  if ((0, helpers_1.isBrowser)() && !((_a = credentials.options) === null || _a === void 0 ? void 0 : _a.skipBrowserRedirect)) {
1641
1679
  window.location.assign(data === null || data === void 0 ? void 0 : data.url);
1642
1680
  }
1643
- return { data: { provider: credentials.provider, url: data === null || data === void 0 ? void 0 : data.url }, error: null };
1681
+ return this._returnResult({
1682
+ data: { provider: credentials.provider, url: data === null || data === void 0 ? void 0 : data.url },
1683
+ error: null,
1684
+ });
1644
1685
  }
1645
1686
  catch (error) {
1646
1687
  if ((0, errors_1.isAuthError)(error)) {
1647
- return { data: { provider: credentials.provider, url: null }, error };
1688
+ return this._returnResult({ data: { provider: credentials.provider, url: null }, error });
1648
1689
  }
1649
1690
  throw error;
1650
1691
  }
@@ -1672,23 +1713,23 @@ class GoTrueClient {
1672
1713
  });
1673
1714
  const { data, error } = res;
1674
1715
  if (error) {
1675
- return { data: { user: null, session: null }, error };
1716
+ return this._returnResult({ data: { user: null, session: null }, error });
1676
1717
  }
1677
1718
  else if (!data || !data.session || !data.user) {
1678
- return {
1719
+ return this._returnResult({
1679
1720
  data: { user: null, session: null },
1680
1721
  error: new errors_1.AuthInvalidTokenResponseError(),
1681
- };
1722
+ });
1682
1723
  }
1683
1724
  if (data.session) {
1684
1725
  await this._saveSession(data.session);
1685
1726
  await this._notifyAllSubscribers('USER_UPDATED', data.session);
1686
1727
  }
1687
- return { data, error };
1728
+ return this._returnResult({ data, error });
1688
1729
  }
1689
1730
  catch (error) {
1690
1731
  if ((0, errors_1.isAuthError)(error)) {
1691
- return { data: { user: null, session: null }, error };
1732
+ return this._returnResult({ data: { user: null, session: null }, error });
1692
1733
  }
1693
1734
  throw error;
1694
1735
  }
@@ -1713,7 +1754,7 @@ class GoTrueClient {
1713
1754
  }
1714
1755
  catch (error) {
1715
1756
  if ((0, errors_1.isAuthError)(error)) {
1716
- return { data: null, error };
1757
+ return this._returnResult({ data: null, error });
1717
1758
  }
1718
1759
  throw error;
1719
1760
  }
@@ -1749,7 +1790,7 @@ class GoTrueClient {
1749
1790
  catch (error) {
1750
1791
  this._debug(debugName, 'error', error);
1751
1792
  if ((0, errors_1.isAuthError)(error)) {
1752
- return { data: { session: null, user: null }, error };
1793
+ return this._returnResult({ data: { session: null, user: null }, error });
1753
1794
  }
1754
1795
  throw error;
1755
1796
  }
@@ -2234,7 +2275,7 @@ class GoTrueClient {
2234
2275
  var _a;
2235
2276
  const { data: sessionData, error: sessionError } = result;
2236
2277
  if (sessionError) {
2237
- return { data: null, error: sessionError };
2278
+ return this._returnResult({ data: null, error: sessionError });
2238
2279
  }
2239
2280
  return await (0, fetch_1._request)(this.fetch, 'DELETE', `${this.url}/factors/${params.factorId}`, {
2240
2281
  headers: this.headers,
@@ -2244,7 +2285,7 @@ class GoTrueClient {
2244
2285
  }
2245
2286
  catch (error) {
2246
2287
  if ((0, errors_1.isAuthError)(error)) {
2247
- return { data: null, error };
2288
+ return this._returnResult({ data: null, error });
2248
2289
  }
2249
2290
  throw error;
2250
2291
  }
@@ -2255,7 +2296,7 @@ class GoTrueClient {
2255
2296
  var _a, _b;
2256
2297
  const { data: sessionData, error: sessionError } = result;
2257
2298
  if (sessionError) {
2258
- return { data: null, error: sessionError };
2299
+ return this._returnResult({ data: null, error: sessionError });
2259
2300
  }
2260
2301
  const body = Object.assign({ friendly_name: params.friendlyName, factor_type: params.factorType }, (params.factorType === 'phone'
2261
2302
  ? { phone: params.phone }
@@ -2268,17 +2309,17 @@ class GoTrueClient {
2268
2309
  jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
2269
2310
  }));
2270
2311
  if (error) {
2271
- return { data: null, error };
2312
+ return this._returnResult({ data: null, error });
2272
2313
  }
2273
2314
  if (params.factorType === 'totp' && data.type === 'totp' && ((_b = data === null || data === void 0 ? void 0 : data.totp) === null || _b === void 0 ? void 0 : _b.qr_code)) {
2274
2315
  data.totp.qr_code = `data:image/svg+xml;utf-8,${data.totp.qr_code}`;
2275
2316
  }
2276
- return { data, error: null };
2317
+ return this._returnResult({ data, error: null });
2277
2318
  });
2278
2319
  }
2279
2320
  catch (error) {
2280
2321
  if ((0, errors_1.isAuthError)(error)) {
2281
- return { data: null, error };
2322
+ return this._returnResult({ data: null, error });
2282
2323
  }
2283
2324
  throw error;
2284
2325
  }
@@ -2290,7 +2331,7 @@ class GoTrueClient {
2290
2331
  var _a;
2291
2332
  const { data: sessionData, error: sessionError } = result;
2292
2333
  if (sessionError) {
2293
- return { data: null, error: sessionError };
2334
+ return this._returnResult({ data: null, error: sessionError });
2294
2335
  }
2295
2336
  const body = Object.assign({ challenge_id: params.challengeId }, ('webauthn' in params
2296
2337
  ? {
@@ -2305,16 +2346,16 @@ class GoTrueClient {
2305
2346
  jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
2306
2347
  });
2307
2348
  if (error) {
2308
- return { data: null, error };
2349
+ return this._returnResult({ data: null, error });
2309
2350
  }
2310
2351
  await this._saveSession(Object.assign({ expires_at: Math.round(Date.now() / 1000) + data.expires_in }, data));
2311
2352
  await this._notifyAllSubscribers('MFA_CHALLENGE_VERIFIED', data);
2312
- return { data, error };
2353
+ return this._returnResult({ data, error });
2313
2354
  });
2314
2355
  }
2315
2356
  catch (error) {
2316
2357
  if ((0, errors_1.isAuthError)(error)) {
2317
- return { data: null, error };
2358
+ return this._returnResult({ data: null, error });
2318
2359
  }
2319
2360
  throw error;
2320
2361
  }
@@ -2327,7 +2368,7 @@ class GoTrueClient {
2327
2368
  var _a;
2328
2369
  const { data: sessionData, error: sessionError } = result;
2329
2370
  if (sessionError) {
2330
- return { data: null, error: sessionError };
2371
+ return this._returnResult({ data: null, error: sessionError });
2331
2372
  }
2332
2373
  const response = (await (0, fetch_1._request)(this.fetch, 'POST', `${this.url}/factors/${params.factorId}/challenge`, {
2333
2374
  body: params,
@@ -2357,7 +2398,7 @@ class GoTrueClient {
2357
2398
  }
2358
2399
  catch (error) {
2359
2400
  if ((0, errors_1.isAuthError)(error)) {
2360
- return { data: null, error };
2401
+ return this._returnResult({ data: null, error });
2361
2402
  }
2362
2403
  throw error;
2363
2404
  }
@@ -2373,7 +2414,7 @@ class GoTrueClient {
2373
2414
  factorId: params.factorId,
2374
2415
  });
2375
2416
  if (challengeError) {
2376
- return { data: null, error: challengeError };
2417
+ return this._returnResult({ data: null, error: challengeError });
2377
2418
  }
2378
2419
  return await this._verify({
2379
2420
  factorId: params.factorId,
@@ -2414,33 +2455,133 @@ class GoTrueClient {
2414
2455
  * {@see GoTrueMFAApi#getAuthenticatorAssuranceLevel}
2415
2456
  */
2416
2457
  async _getAuthenticatorAssuranceLevel() {
2417
- return this._acquireLock(-1, async () => {
2458
+ var _a, _b;
2459
+ const { data: { session }, error: sessionError, } = await this.getSession();
2460
+ if (sessionError) {
2461
+ return this._returnResult({ data: null, error: sessionError });
2462
+ }
2463
+ if (!session) {
2464
+ return {
2465
+ data: { currentLevel: null, nextLevel: null, currentAuthenticationMethods: [] },
2466
+ error: null,
2467
+ };
2468
+ }
2469
+ const { payload } = (0, helpers_1.decodeJWT)(session.access_token);
2470
+ let currentLevel = null;
2471
+ if (payload.aal) {
2472
+ currentLevel = payload.aal;
2473
+ }
2474
+ let nextLevel = currentLevel;
2475
+ const verifiedFactors = (_b = (_a = session.user.factors) === null || _a === void 0 ? void 0 : _a.filter((factor) => factor.status === 'verified')) !== null && _b !== void 0 ? _b : [];
2476
+ if (verifiedFactors.length > 0) {
2477
+ nextLevel = 'aal2';
2478
+ }
2479
+ const currentAuthenticationMethods = payload.amr || [];
2480
+ return { data: { currentLevel, nextLevel, currentAuthenticationMethods }, error: null };
2481
+ }
2482
+ /**
2483
+ * Retrieves details about an OAuth authorization request.
2484
+ * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
2485
+ *
2486
+ * Returns authorization details including client info, scopes, and user information.
2487
+ * If the API returns a redirect_uri, it means consent was already given - the caller
2488
+ * should handle the redirect manually if needed.
2489
+ */
2490
+ async _getAuthorizationDetails(authorizationId) {
2491
+ try {
2418
2492
  return await this._useSession(async (result) => {
2419
- var _a, _b;
2420
2493
  const { data: { session }, error: sessionError, } = result;
2421
2494
  if (sessionError) {
2422
- return { data: null, error: sessionError };
2495
+ return this._returnResult({ data: null, error: sessionError });
2423
2496
  }
2424
2497
  if (!session) {
2425
- return {
2426
- data: { currentLevel: null, nextLevel: null, currentAuthenticationMethods: [] },
2427
- error: null,
2428
- };
2429
- }
2430
- const { payload } = (0, helpers_1.decodeJWT)(session.access_token);
2431
- let currentLevel = null;
2432
- if (payload.aal) {
2433
- currentLevel = payload.aal;
2434
- }
2435
- let nextLevel = currentLevel;
2436
- const verifiedFactors = (_b = (_a = session.user.factors) === null || _a === void 0 ? void 0 : _a.filter((factor) => factor.status === 'verified')) !== null && _b !== void 0 ? _b : [];
2437
- if (verifiedFactors.length > 0) {
2438
- nextLevel = 'aal2';
2439
- }
2440
- const currentAuthenticationMethods = payload.amr || [];
2441
- return { data: { currentLevel, nextLevel, currentAuthenticationMethods }, error: null };
2498
+ return this._returnResult({ data: null, error: new errors_1.AuthSessionMissingError() });
2499
+ }
2500
+ return await (0, fetch_1._request)(this.fetch, 'GET', `${this.url}/oauth/authorizations/${authorizationId}`, {
2501
+ headers: this.headers,
2502
+ jwt: session.access_token,
2503
+ xform: (data) => ({ data, error: null }),
2504
+ });
2442
2505
  });
2443
- });
2506
+ }
2507
+ catch (error) {
2508
+ if ((0, errors_1.isAuthError)(error)) {
2509
+ return this._returnResult({ data: null, error });
2510
+ }
2511
+ throw error;
2512
+ }
2513
+ }
2514
+ /**
2515
+ * Approves an OAuth authorization request.
2516
+ * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
2517
+ */
2518
+ async _approveAuthorization(authorizationId, options) {
2519
+ try {
2520
+ return await this._useSession(async (result) => {
2521
+ const { data: { session }, error: sessionError, } = result;
2522
+ if (sessionError) {
2523
+ return this._returnResult({ data: null, error: sessionError });
2524
+ }
2525
+ if (!session) {
2526
+ return this._returnResult({ data: null, error: new errors_1.AuthSessionMissingError() });
2527
+ }
2528
+ const response = await (0, fetch_1._request)(this.fetch, 'POST', `${this.url}/oauth/authorizations/${authorizationId}/consent`, {
2529
+ headers: this.headers,
2530
+ jwt: session.access_token,
2531
+ body: { action: 'approve' },
2532
+ xform: (data) => ({ data, error: null }),
2533
+ });
2534
+ if (response.data && response.data.redirect_url) {
2535
+ // Automatically redirect in browser unless skipBrowserRedirect is true
2536
+ if ((0, helpers_1.isBrowser)() && !(options === null || options === void 0 ? void 0 : options.skipBrowserRedirect)) {
2537
+ window.location.assign(response.data.redirect_url);
2538
+ }
2539
+ }
2540
+ return response;
2541
+ });
2542
+ }
2543
+ catch (error) {
2544
+ if ((0, errors_1.isAuthError)(error)) {
2545
+ return this._returnResult({ data: null, error });
2546
+ }
2547
+ throw error;
2548
+ }
2549
+ }
2550
+ /**
2551
+ * Denies an OAuth authorization request.
2552
+ * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
2553
+ */
2554
+ async _denyAuthorization(authorizationId, options) {
2555
+ try {
2556
+ return await this._useSession(async (result) => {
2557
+ const { data: { session }, error: sessionError, } = result;
2558
+ if (sessionError) {
2559
+ return this._returnResult({ data: null, error: sessionError });
2560
+ }
2561
+ if (!session) {
2562
+ return this._returnResult({ data: null, error: new errors_1.AuthSessionMissingError() });
2563
+ }
2564
+ const response = await (0, fetch_1._request)(this.fetch, 'POST', `${this.url}/oauth/authorizations/${authorizationId}/consent`, {
2565
+ headers: this.headers,
2566
+ jwt: session.access_token,
2567
+ body: { action: 'deny' },
2568
+ xform: (data) => ({ data, error: null }),
2569
+ });
2570
+ if (response.data && response.data.redirect_url) {
2571
+ // Automatically redirect in browser unless skipBrowserRedirect is true
2572
+ if ((0, helpers_1.isBrowser)() && !(options === null || options === void 0 ? void 0 : options.skipBrowserRedirect)) {
2573
+ window.location.assign(response.data.redirect_url);
2574
+ }
2575
+ }
2576
+ return response;
2577
+ });
2578
+ }
2579
+ catch (error) {
2580
+ if ((0, errors_1.isAuthError)(error)) {
2581
+ return this._returnResult({ data: null, error });
2582
+ }
2583
+ throw error;
2584
+ }
2444
2585
  }
2445
2586
  async fetchJwk(kid, jwks = { keys: [] }) {
2446
2587
  // try fetching from the supplied jwks
@@ -2496,7 +2637,7 @@ class GoTrueClient {
2496
2637
  if (!token) {
2497
2638
  const { data, error } = await this.getSession();
2498
2639
  if (error || !data.session) {
2499
- return { data: null, error };
2640
+ return this._returnResult({ data: null, error });
2500
2641
  }
2501
2642
  token = data.session.access_token;
2502
2643
  }
@@ -2549,12 +2690,12 @@ class GoTrueClient {
2549
2690
  }
2550
2691
  catch (error) {
2551
2692
  if ((0, errors_1.isAuthError)(error)) {
2552
- return { data: null, error };
2693
+ return this._returnResult({ data: null, error });
2553
2694
  }
2554
2695
  throw error;
2555
2696
  }
2556
2697
  }
2557
2698
  }
2558
- GoTrueClient.nextInstanceID = 0;
2699
+ GoTrueClient.nextInstanceID = {};
2559
2700
  exports.default = GoTrueClient;
2560
2701
  //# sourceMappingURL=GoTrueClient.js.map