@supabase/auth-js 2.80.1-canary.1 → 2.80.1-canary.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (65) hide show
  1. package/README.md +37 -19
  2. package/dist/main/AuthAdminApi.js +2 -4
  3. package/dist/main/AuthAdminApi.js.map +1 -1
  4. package/dist/main/AuthClient.js +2 -4
  5. package/dist/main/AuthClient.js.map +1 -1
  6. package/dist/main/GoTrueAdminApi.d.ts +48 -1
  7. package/dist/main/GoTrueAdminApi.d.ts.map +1 -1
  8. package/dist/main/GoTrueAdminApi.js +162 -12
  9. package/dist/main/GoTrueAdminApi.js.map +1 -1
  10. package/dist/main/GoTrueClient.d.ts +58 -2
  11. package/dist/main/GoTrueClient.d.ts.map +1 -1
  12. package/dist/main/GoTrueClient.js +293 -156
  13. package/dist/main/GoTrueClient.js.map +1 -1
  14. package/dist/main/index.js +7 -23
  15. package/dist/main/index.js.map +1 -1
  16. package/dist/main/lib/error-codes.d.ts +1 -1
  17. package/dist/main/lib/fetch.js +2 -12
  18. package/dist/main/lib/fetch.js.map +1 -1
  19. package/dist/main/lib/helpers.d.ts +11 -0
  20. package/dist/main/lib/helpers.d.ts.map +1 -1
  21. package/dist/main/lib/helpers.js +39 -42
  22. package/dist/main/lib/helpers.js.map +1 -1
  23. package/dist/main/lib/types.d.ts +283 -2
  24. package/dist/main/lib/types.d.ts.map +1 -1
  25. package/dist/main/lib/types.js.map +1 -1
  26. package/dist/main/lib/version.d.ts +1 -1
  27. package/dist/main/lib/version.js +1 -1
  28. package/dist/main/lib/webauthn.d.ts +7 -5
  29. package/dist/main/lib/webauthn.d.ts.map +1 -1
  30. package/dist/main/lib/webauthn.js +5 -15
  31. package/dist/main/lib/webauthn.js.map +1 -1
  32. package/dist/module/GoTrueAdminApi.d.ts +48 -1
  33. package/dist/module/GoTrueAdminApi.d.ts.map +1 -1
  34. package/dist/module/GoTrueAdminApi.js +161 -11
  35. package/dist/module/GoTrueAdminApi.js.map +1 -1
  36. package/dist/module/GoTrueClient.d.ts +58 -2
  37. package/dist/module/GoTrueClient.d.ts.map +1 -1
  38. package/dist/module/GoTrueClient.js +292 -153
  39. package/dist/module/GoTrueClient.js.map +1 -1
  40. package/dist/module/lib/error-codes.d.ts +1 -1
  41. package/dist/module/lib/fetch.js +1 -11
  42. package/dist/module/lib/fetch.js.map +1 -1
  43. package/dist/module/lib/helpers.d.ts +11 -0
  44. package/dist/module/lib/helpers.d.ts.map +1 -1
  45. package/dist/module/lib/helpers.js +38 -9
  46. package/dist/module/lib/helpers.js.map +1 -1
  47. package/dist/module/lib/types.d.ts +283 -2
  48. package/dist/module/lib/types.d.ts.map +1 -1
  49. package/dist/module/lib/types.js.map +1 -1
  50. package/dist/module/lib/version.d.ts +1 -1
  51. package/dist/module/lib/version.js +1 -1
  52. package/dist/module/lib/webauthn.d.ts +7 -5
  53. package/dist/module/lib/webauthn.d.ts.map +1 -1
  54. package/dist/module/lib/webauthn.js +3 -13
  55. package/dist/module/lib/webauthn.js.map +1 -1
  56. package/dist/tsconfig.module.tsbuildinfo +1 -0
  57. package/dist/tsconfig.tsbuildinfo +1 -0
  58. package/package.json +12 -13
  59. package/src/GoTrueAdminApi.ts +186 -0
  60. package/src/GoTrueClient.ts +378 -150
  61. package/src/lib/error-codes.ts +1 -1
  62. package/src/lib/helpers.ts +46 -8
  63. package/src/lib/types.ts +307 -1
  64. package/src/lib/version.ts +1 -1
  65. package/src/lib/webauthn.ts +12 -8
package/dist/main/GoTrueClient.js CHANGED
@@ -1,9 +1,7 @@
1
1
  "use strict";
2
- var __importDefault = (this && this.__importDefault) || function (mod) {
3
- return (mod && mod.__esModule) ? mod : { "default": mod };
4
- };
5
2
  Object.defineProperty(exports, "__esModule", { value: true });
6
- const GoTrueAdminApi_1 = __importDefault(require("./GoTrueAdminApi"));
3
+ const tslib_1 = require("tslib");
4
+ const GoTrueAdminApi_1 = tslib_1.__importDefault(require("./GoTrueAdminApi"));
7
5
  const constants_1 = require("./lib/constants");
8
6
  const errors_1 = require("./lib/errors");
9
7
  const fetch_1 = require("./lib/fetch");
@@ -26,6 +24,7 @@ const DEFAULT_OPTIONS = {
26
24
  flowType: 'implicit',
27
25
  debug: false,
28
26
  hasCustomAuthorizationHeader: false,
27
+ throwOnError: false,
29
28
  };
30
29
  async function lockNoOp(name, acquireTimeout, fn) {
31
30
  return await fn();
@@ -61,7 +60,7 @@ class GoTrueClient {
61
60
  * Create a new client for use in the browser.
62
61
  */
63
62
  constructor(options) {
64
- var _a, _b;
63
+ var _a, _b, _c;
65
64
  /**
66
65
  * @experimental
67
66
  */
@@ -88,18 +87,22 @@ class GoTrueClient {
88
87
  */
89
88
  this.broadcastChannel = null;
90
89
  this.logger = console.log;
91
- this.instanceID = GoTrueClient.nextInstanceID;
92
- GoTrueClient.nextInstanceID += 1;
93
- if (this.instanceID > 0 && (0, helpers_1.isBrowser)()) {
94
- console.warn('Multiple GoTrueClient instances detected in the same browser context. It is not an error, but this should be avoided as it may produce undefined behavior when used concurrently under the same storage key.');
95
- }
96
90
  const settings = Object.assign(Object.assign({}, DEFAULT_OPTIONS), options);
91
+ this.storageKey = settings.storageKey;
92
+ this.instanceID = (_a = GoTrueClient.nextInstanceID[this.storageKey]) !== null && _a !== void 0 ? _a : 0;
93
+ GoTrueClient.nextInstanceID[this.storageKey] = this.instanceID + 1;
97
94
  this.logDebugMessages = !!settings.debug;
98
95
  if (typeof settings.debug === 'function') {
99
96
  this.logger = settings.debug;
100
97
  }
98
+ if (this.instanceID > 0 && (0, helpers_1.isBrowser)()) {
99
+ const message = `${this._logPrefix()} Multiple GoTrueClient instances detected in the same browser context. It is not an error, but this should be avoided as it may produce undefined behavior when used concurrently under the same storage key.`;
100
+ console.warn(message);
101
+ if (this.logDebugMessages) {
102
+ console.trace(message);
103
+ }
104
+ }
101
105
  this.persistSession = settings.persistSession;
102
- this.storageKey = settings.storageKey;
103
106
  this.autoRefreshToken = settings.autoRefreshToken;
104
107
  this.admin = new GoTrueAdminApi_1.default({
105
108
  url: settings.url,
@@ -113,10 +116,11 @@ class GoTrueClient {
113
116
  this.detectSessionInUrl = settings.detectSessionInUrl;
114
117
  this.flowType = settings.flowType;
115
118
  this.hasCustomAuthorizationHeader = settings.hasCustomAuthorizationHeader;
119
+ this.throwOnError = settings.throwOnError;
116
120
  if (settings.lock) {
117
121
  this.lock = settings.lock;
118
122
  }
119
- else if ((0, helpers_1.isBrowser)() && ((_a = globalThis === null || globalThis === void 0 ? void 0 : globalThis.navigator) === null || _a === void 0 ? void 0 : _a.locks)) {
123
+ else if ((0, helpers_1.isBrowser)() && ((_b = globalThis === null || globalThis === void 0 ? void 0 : globalThis.navigator) === null || _b === void 0 ? void 0 : _b.locks)) {
120
124
  this.lock = locks_1.navigatorLock;
121
125
  }
122
126
  else {
@@ -136,6 +140,11 @@ class GoTrueClient {
136
140
  getAuthenticatorAssuranceLevel: this._getAuthenticatorAssuranceLevel.bind(this),
137
141
  webauthn: new webauthn_1.WebAuthnApi(this),
138
142
  };
143
+ this.oauth = {
144
+ getAuthorizationDetails: this._getAuthorizationDetails.bind(this),
145
+ approveAuthorization: this._approveAuthorization.bind(this),
146
+ denyAuthorization: this._denyAuthorization.bind(this),
147
+ };
139
148
  if (this.persistSession) {
140
149
  if (settings.storage) {
141
150
  this.storage = settings.storage;
@@ -164,16 +173,37 @@ class GoTrueClient {
164
173
  catch (e) {
165
174
  console.error('Failed to create a new BroadcastChannel, multi-tab state changes will not be available', e);
166
175
  }
167
- (_b = this.broadcastChannel) === null || _b === void 0 ? void 0 : _b.addEventListener('message', async (event) => {
176
+ (_c = this.broadcastChannel) === null || _c === void 0 ? void 0 : _c.addEventListener('message', async (event) => {
168
177
  this._debug('received broadcast notification from other tab or client', event);
169
178
  await this._notifyAllSubscribers(event.data.event, event.data.session, false); // broadcast = false so we don't get an endless loop of messages
170
179
  });
171
180
  }
172
181
  this.initialize();
173
182
  }
183
+ /**
184
+ * Returns whether error throwing mode is enabled for this client.
185
+ */
186
+ isThrowOnErrorEnabled() {
187
+ return this.throwOnError;
188
+ }
189
+ /**
190
+ * Centralizes return handling with optional error throwing. When `throwOnError` is enabled
191
+ * and the provided result contains a non-nullish error, the error is thrown instead of
192
+ * being returned. This ensures consistent behavior across all public API methods.
193
+ */
194
+ _returnResult(result) {
195
+ if (this.throwOnError && result && result.error) {
196
+ throw result.error;
197
+ }
198
+ return result;
199
+ }
200
+ _logPrefix() {
201
+ return ('GoTrueClient@' +
202
+ `${this.storageKey}:${this.instanceID} (${version_1.version}) ${new Date().toISOString()}`);
203
+ }
174
204
  _debug(...args) {
175
205
  if (this.logDebugMessages) {
176
- this.logger(`GoTrueClient@${this.instanceID} (${version_1.version}) ${new Date().toISOString()}`, ...args);
206
+ this.logger(this._logPrefix(), ...args);
177
207
  }
178
208
  return this;
179
209
  }
@@ -202,13 +232,16 @@ class GoTrueClient {
202
232
  async _initialize() {
203
233
  var _a;
204
234
  try {
205
- const params = (0, helpers_1.parseParametersFromURL)(window.location.href);
235
+ let params = {};
206
236
  let callbackUrlType = 'none';
207
- if (this._isImplicitGrantCallback(params)) {
208
- callbackUrlType = 'implicit';
209
- }
210
- else if (await this._isPKCECallback(params)) {
211
- callbackUrlType = 'pkce';
237
+ if ((0, helpers_1.isBrowser)()) {
238
+ params = (0, helpers_1.parseParametersFromURL)(window.location.href);
239
+ if (this._isImplicitGrantCallback(params)) {
240
+ callbackUrlType = 'implicit';
241
+ }
242
+ else if (await this._isPKCECallback(params)) {
243
+ callbackUrlType = 'pkce';
244
+ }
212
245
  }
213
246
  /**
214
247
  * Attempt to get the session from the URL only if these conditions are fulfilled
@@ -252,11 +285,11 @@ class GoTrueClient {
252
285
  }
253
286
  catch (error) {
254
287
  if ((0, errors_1.isAuthError)(error)) {
255
- return { error };
288
+ return this._returnResult({ error });
256
289
  }
257
- return {
290
+ return this._returnResult({
258
291
  error: new errors_1.AuthUnknownError('Unexpected error during initialization', error),
259
- };
292
+ });
260
293
  }
261
294
  finally {
262
295
  await this._handleVisibilityChange();
@@ -281,7 +314,7 @@ class GoTrueClient {
281
314
  });
282
315
  const { data, error } = res;
283
316
  if (error || !data) {
284
- return { data: { user: null, session: null }, error: error };
317
+ return this._returnResult({ data: { user: null, session: null }, error: error });
285
318
  }
286
319
  const session = data.session;
287
320
  const user = data.user;
@@ -289,11 +322,11 @@ class GoTrueClient {
289
322
  await this._saveSession(data.session);
290
323
  await this._notifyAllSubscribers('SIGNED_IN', session);
291
324
  }
292
- return { data: { user, session }, error: null };
325
+ return this._returnResult({ data: { user, session }, error: null });
293
326
  }
294
327
  catch (error) {
295
328
  if ((0, errors_1.isAuthError)(error)) {
296
- return { data: { user: null, session: null }, error };
329
+ return this._returnResult({ data: { user: null, session: null }, error });
297
330
  }
298
331
  throw error;
299
332
  }
@@ -353,7 +386,7 @@ class GoTrueClient {
353
386
  }
354
387
  const { data, error } = res;
355
388
  if (error || !data) {
356
- return { data: { user: null, session: null }, error: error };
389
+ return this._returnResult({ data: { user: null, session: null }, error: error });
357
390
  }
358
391
  const session = data.session;
359
392
  const user = data.user;
@@ -361,11 +394,11 @@ class GoTrueClient {
361
394
  await this._saveSession(data.session);
362
395
  await this._notifyAllSubscribers('SIGNED_IN', session);
363
396
  }
364
- return { data: { user, session }, error: null };
397
+ return this._returnResult({ data: { user, session }, error: null });
365
398
  }
366
399
  catch (error) {
367
400
  if ((0, errors_1.isAuthError)(error)) {
368
- return { data: { user: null, session: null }, error };
401
+ return this._returnResult({ data: { user: null, session: null }, error });
369
402
  }
370
403
  throw error;
371
404
  }
@@ -410,23 +443,24 @@ class GoTrueClient {
410
443
  }
411
444
  const { data, error } = res;
412
445
  if (error) {
413
- return { data: { user: null, session: null }, error };
446
+ return this._returnResult({ data: { user: null, session: null }, error });
414
447
  }
415
448
  else if (!data || !data.session || !data.user) {
416
- return { data: { user: null, session: null }, error: new errors_1.AuthInvalidTokenResponseError() };
449
+ const invalidTokenError = new errors_1.AuthInvalidTokenResponseError();
450
+ return this._returnResult({ data: { user: null, session: null }, error: invalidTokenError });
417
451
  }
418
452
  if (data.session) {
419
453
  await this._saveSession(data.session);
420
454
  await this._notifyAllSubscribers('SIGNED_IN', data.session);
421
455
  }
422
- return {
456
+ return this._returnResult({
423
457
  data: Object.assign({ user: data.user, session: data.session }, (data.weak_password ? { weakPassword: data.weak_password } : null)),
424
458
  error,
425
- };
459
+ });
426
460
  }
427
461
  catch (error) {
428
462
  if ((0, errors_1.isAuthError)(error)) {
429
- return { data: { user: null, session: null }, error };
463
+ return this._returnResult({ data: { user: null, session: null }, error });
430
464
  }
431
465
  throw error;
432
466
  }
@@ -558,20 +592,18 @@ class GoTrueClient {
558
592
  throw error;
559
593
  }
560
594
  if (!data || !data.session || !data.user) {
561
- return {
562
- data: { user: null, session: null },
563
- error: new errors_1.AuthInvalidTokenResponseError(),
564
- };
595
+ const invalidTokenError = new errors_1.AuthInvalidTokenResponseError();
596
+ return this._returnResult({ data: { user: null, session: null }, error: invalidTokenError });
565
597
  }
566
598
  if (data.session) {
567
599
  await this._saveSession(data.session);
568
600
  await this._notifyAllSubscribers('SIGNED_IN', data.session);
569
601
  }
570
- return { data: Object.assign({}, data), error };
602
+ return this._returnResult({ data: Object.assign({}, data), error });
571
603
  }
572
604
  catch (error) {
573
605
  if ((0, errors_1.isAuthError)(error)) {
574
- return { data: { user: null, session: null }, error };
606
+ return this._returnResult({ data: { user: null, session: null }, error });
575
607
  }
576
608
  throw error;
577
609
  }
@@ -698,20 +730,18 @@ class GoTrueClient {
698
730
  throw error;
699
731
  }
700
732
  if (!data || !data.session || !data.user) {
701
- return {
702
- data: { user: null, session: null },
703
- error: new errors_1.AuthInvalidTokenResponseError(),
704
- };
733
+ const invalidTokenError = new errors_1.AuthInvalidTokenResponseError();
734
+ return this._returnResult({ data: { user: null, session: null }, error: invalidTokenError });
705
735
  }
706
736
  if (data.session) {
707
737
  await this._saveSession(data.session);
708
738
  await this._notifyAllSubscribers('SIGNED_IN', data.session);
709
739
  }
710
- return { data: Object.assign({}, data), error };
740
+ return this._returnResult({ data: Object.assign({}, data), error });
711
741
  }
712
742
  catch (error) {
713
743
  if ((0, errors_1.isAuthError)(error)) {
714
- return { data: { user: null, session: null }, error };
744
+ return this._returnResult({ data: { user: null, session: null }, error });
715
745
  }
716
746
  throw error;
717
747
  }
@@ -733,20 +763,24 @@ class GoTrueClient {
733
763
  throw error;
734
764
  }
735
765
  if (!data || !data.session || !data.user) {
736
- return {
766
+ const invalidTokenError = new errors_1.AuthInvalidTokenResponseError();
767
+ return this._returnResult({
737
768
  data: { user: null, session: null, redirectType: null },
738
- error: new errors_1.AuthInvalidTokenResponseError(),
739
- };
769
+ error: invalidTokenError,
770
+ });
740
771
  }
741
772
  if (data.session) {
742
773
  await this._saveSession(data.session);
743
774
  await this._notifyAllSubscribers('SIGNED_IN', data.session);
744
775
  }
745
- return { data: Object.assign(Object.assign({}, data), { redirectType: redirectType !== null && redirectType !== void 0 ? redirectType : null }), error };
776
+ return this._returnResult({ data: Object.assign(Object.assign({}, data), { redirectType: redirectType !== null && redirectType !== void 0 ? redirectType : null }), error });
746
777
  }
747
778
  catch (error) {
748
779
  if ((0, errors_1.isAuthError)(error)) {
749
- return { data: { user: null, session: null, redirectType: null }, error };
780
+ return this._returnResult({
781
+ data: { user: null, session: null, redirectType: null },
782
+ error,
783
+ });
750
784
  }
751
785
  throw error;
752
786
  }
@@ -771,23 +805,21 @@ class GoTrueClient {
771
805
  });
772
806
  const { data, error } = res;
773
807
  if (error) {
774
- return { data: { user: null, session: null }, error };
808
+ return this._returnResult({ data: { user: null, session: null }, error });
775
809
  }
776
810
  else if (!data || !data.session || !data.user) {
777
- return {
778
- data: { user: null, session: null },
779
- error: new errors_1.AuthInvalidTokenResponseError(),
780
- };
811
+ const invalidTokenError = new errors_1.AuthInvalidTokenResponseError();
812
+ return this._returnResult({ data: { user: null, session: null }, error: invalidTokenError });
781
813
  }
782
814
  if (data.session) {
783
815
  await this._saveSession(data.session);
784
816
  await this._notifyAllSubscribers('SIGNED_IN', data.session);
785
817
  }
786
- return { data, error };
818
+ return this._returnResult({ data, error });
787
819
  }
788
820
  catch (error) {
789
821
  if ((0, errors_1.isAuthError)(error)) {
790
- return { data: { user: null, session: null }, error };
822
+ return this._returnResult({ data: { user: null, session: null }, error });
791
823
  }
792
824
  throw error;
793
825
  }
@@ -832,7 +864,7 @@ class GoTrueClient {
832
864
  },
833
865
  redirectTo: options === null || options === void 0 ? void 0 : options.emailRedirectTo,
834
866
  });
835
- return { data: { user: null, session: null }, error };
867
+ return this._returnResult({ data: { user: null, session: null }, error });
836
868
  }
837
869
  if ('phone' in credentials) {
838
870
  const { phone, options } = credentials;
@@ -846,13 +878,16 @@ class GoTrueClient {
846
878
  channel: (_e = options === null || options === void 0 ? void 0 : options.channel) !== null && _e !== void 0 ? _e : 'sms',
847
879
  },
848
880
  });
849
- return { data: { user: null, session: null, messageId: data === null || data === void 0 ? void 0 : data.message_id }, error };
881
+ return this._returnResult({
882
+ data: { user: null, session: null, messageId: data === null || data === void 0 ? void 0 : data.message_id },
883
+ error,
884
+ });
850
885
  }
851
886
  throw new errors_1.AuthInvalidCredentialsError('You must provide either an email or phone number.');
852
887
  }
853
888
  catch (error) {
854
889
  if ((0, errors_1.isAuthError)(error)) {
855
- return { data: { user: null, session: null }, error };
890
+ return this._returnResult({ data: { user: null, session: null }, error });
856
891
  }
857
892
  throw error;
858
893
  }
@@ -879,7 +914,8 @@ class GoTrueClient {
879
914
  throw error;
880
915
  }
881
916
  if (!data) {
882
- throw new Error('An error occurred on token verification.');
917
+ const tokenVerificationError = new Error('An error occurred on token verification.');
918
+ throw tokenVerificationError;
883
919
  }
884
920
  const session = data.session;
885
921
  const user = data.user;
@@ -887,11 +923,11 @@ class GoTrueClient {
887
923
  await this._saveSession(session);
888
924
  await this._notifyAllSubscribers(params.type == 'recovery' ? 'PASSWORD_RECOVERY' : 'SIGNED_IN', session);
889
925
  }
890
- return { data: { user, session }, error: null };
926
+ return this._returnResult({ data: { user, session }, error: null });
891
927
  }
892
928
  catch (error) {
893
929
  if ((0, errors_1.isAuthError)(error)) {
894
- return { data: { user: null, session: null }, error };
930
+ return this._returnResult({ data: { user: null, session: null }, error });
895
931
  }
896
932
  throw error;
897
933
  }
@@ -919,17 +955,18 @@ class GoTrueClient {
919
955
  ;
920
956
  [codeChallenge, codeChallengeMethod] = await (0, helpers_1.getCodeChallengeAndMethod)(this.storage, this.storageKey);
921
957
  }
922
- return await (0, fetch_1._request)(this.fetch, 'POST', `${this.url}/sso`, {
958
+ const result = await (0, fetch_1._request)(this.fetch, 'POST', `${this.url}/sso`, {
923
959
  body: Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({}, ('providerId' in params ? { provider_id: params.providerId } : null)), ('domain' in params ? { domain: params.domain } : null)), { redirect_to: (_b = (_a = params.options) === null || _a === void 0 ? void 0 : _a.redirectTo) !== null && _b !== void 0 ? _b : undefined }), (((_c = params === null || params === void 0 ? void 0 : params.options) === null || _c === void 0 ? void 0 : _c.captchaToken)
924
960
  ? { gotrue_meta_security: { captcha_token: params.options.captchaToken } }
925
961
  : null)), { skip_http_redirect: true, code_challenge: codeChallenge, code_challenge_method: codeChallengeMethod }),
926
962
  headers: this.headers,
927
963
  xform: fetch_1._ssoResponse,
928
964
  });
965
+ return this._returnResult(result);
929
966
  }
930
967
  catch (error) {
931
968
  if ((0, errors_1.isAuthError)(error)) {
932
- return { data: null, error };
969
+ return this._returnResult({ data: null, error });
933
970
  }
934
971
  throw error;
935
972
  }
@@ -956,12 +993,12 @@ class GoTrueClient {
956
993
  headers: this.headers,
957
994
  jwt: session.access_token,
958
995
  });
959
- return { data: { user: null, session: null }, error };
996
+ return this._returnResult({ data: { user: null, session: null }, error });
960
997
  });
961
998
  }
962
999
  catch (error) {
963
1000
  if ((0, errors_1.isAuthError)(error)) {
964
- return { data: { user: null, session: null }, error };
1001
+ return this._returnResult({ data: { user: null, session: null }, error });
965
1002
  }
966
1003
  throw error;
967
1004
  }
@@ -983,7 +1020,7 @@ class GoTrueClient {
983
1020
  },
984
1021
  redirectTo: options === null || options === void 0 ? void 0 : options.emailRedirectTo,
985
1022
  });
986
- return { data: { user: null, session: null }, error };
1023
+ return this._returnResult({ data: { user: null, session: null }, error });
987
1024
  }
988
1025
  else if ('phone' in credentials) {
989
1026
  const { phone, type, options } = credentials;
@@ -995,13 +1032,16 @@ class GoTrueClient {
995
1032
  gotrue_meta_security: { captcha_token: options === null || options === void 0 ? void 0 : options.captchaToken },
996
1033
  },
997
1034
  });
998
- return { data: { user: null, session: null, messageId: data === null || data === void 0 ? void 0 : data.message_id }, error };
1035
+ return this._returnResult({
1036
+ data: { user: null, session: null, messageId: data === null || data === void 0 ? void 0 : data.message_id },
1037
+ error,
1038
+ });
999
1039
  }
1000
1040
  throw new errors_1.AuthInvalidCredentialsError('You must provide either an email or phone number and a type');
1001
1041
  }
1002
1042
  catch (error) {
1003
1043
  if ((0, errors_1.isAuthError)(error)) {
1004
- return { data: { user: null, session: null }, error };
1044
+ return this._returnResult({ data: { user: null, session: null }, error });
1005
1045
  }
1006
1046
  throw error;
1007
1047
  }
@@ -1144,28 +1184,25 @@ class GoTrueClient {
1144
1184
  currentSession.user = (0, helpers_1.userNotAvailableProxy)();
1145
1185
  }
1146
1186
  }
1147
- if (this.storage.isServer && currentSession.user) {
1148
- let suppressWarning = this.suppressGetSessionWarning;
1149
- const proxySession = new Proxy(currentSession, {
1150
- get: (target, prop, receiver) => {
1151
- if (!suppressWarning && prop === 'user') {
1152
- // only show warning when the user object is being accessed from the server
1153
- console.warn('Using the user object as returned from supabase.auth.getSession() or from some supabase.auth.onAuthStateChange() events could be insecure! This value comes directly from the storage medium (usually cookies on the server) and may not be authentic. Use supabase.auth.getUser() instead which authenticates the data by contacting the Supabase Auth server.');
1154
- suppressWarning = true; // keeps this proxy instance from logging additional warnings
1155
- this.suppressGetSessionWarning = true; // keeps this client's future proxy instances from warning
1156
- }
1157
- return Reflect.get(target, prop, receiver);
1158
- },
1159
- });
1160
- currentSession = proxySession;
1187
+ // Wrap the user object with a warning proxy on the server
1188
+ // This warns when properties of the user are accessed, not when session.user itself is accessed
1189
+ if (this.storage.isServer &&
1190
+ currentSession.user &&
1191
+ !currentSession.user.__isUserNotAvailableProxy) {
1192
+ const suppressWarningRef = { value: this.suppressGetSessionWarning };
1193
+ currentSession.user = (0, helpers_1.insecureUserWarningProxy)(currentSession.user, suppressWarningRef);
1194
+ // Update the client-level suppression flag when the proxy suppresses the warning
1195
+ if (suppressWarningRef.value) {
1196
+ this.suppressGetSessionWarning = true;
1197
+ }
1161
1198
  }
1162
1199
  return { data: { session: currentSession }, error: null };
1163
1200
  }
1164
1201
  const { data: session, error } = await this._callRefreshToken(currentSession.refresh_token);
1165
1202
  if (error) {
1166
- return { data: { session: null }, error };
1203
+ return this._returnResult({ data: { session: null }, error });
1167
1204
  }
1168
- return { data: { session }, error: null };
1205
+ return this._returnResult({ data: { session }, error: null });
1169
1206
  }
1170
1207
  finally {
1171
1208
  this._debug('#__loadSession()', 'end');
@@ -1222,7 +1259,7 @@ class GoTrueClient {
1222
1259
  await this._removeSession();
1223
1260
  await (0, helpers_1.removeItemAsync)(this.storage, `${this.storageKey}-code-verifier`);
1224
1261
  }
1225
- return { data: { user: null }, error };
1262
+ return this._returnResult({ data: { user: null }, error });
1226
1263
  }
1227
1264
  throw error;
1228
1265
  }
@@ -1260,17 +1297,18 @@ class GoTrueClient {
1260
1297
  jwt: session.access_token,
1261
1298
  xform: fetch_1._userResponse,
1262
1299
  });
1263
- if (userError)
1300
+ if (userError) {
1264
1301
  throw userError;
1302
+ }
1265
1303
  session.user = data.user;
1266
1304
  await this._saveSession(session);
1267
1305
  await this._notifyAllSubscribers('USER_UPDATED', session);
1268
- return { data: { user: session.user }, error: null };
1306
+ return this._returnResult({ data: { user: session.user }, error: null });
1269
1307
  });
1270
1308
  }
1271
1309
  catch (error) {
1272
1310
  if ((0, errors_1.isAuthError)(error)) {
1273
- return { data: { user: null }, error };
1311
+ return this._returnResult({ data: { user: null }, error });
1274
1312
  }
1275
1313
  throw error;
1276
1314
  }
@@ -1303,7 +1341,7 @@ class GoTrueClient {
1303
1341
  if (hasExpired) {
1304
1342
  const { data: refreshedSession, error } = await this._callRefreshToken(currentSession.refresh_token);
1305
1343
  if (error) {
1306
- return { data: { user: null, session: null }, error: error };
1344
+ return this._returnResult({ data: { user: null, session: null }, error: error });
1307
1345
  }
1308
1346
  if (!refreshedSession) {
1309
1347
  return { data: { user: null, session: null }, error: null };
@@ -1326,11 +1364,11 @@ class GoTrueClient {
1326
1364
  await this._saveSession(session);
1327
1365
  await this._notifyAllSubscribers('SIGNED_IN', session);
1328
1366
  }
1329
- return { data: { user: session.user, session }, error: null };
1367
+ return this._returnResult({ data: { user: session.user, session }, error: null });
1330
1368
  }
1331
1369
  catch (error) {
1332
1370
  if ((0, errors_1.isAuthError)(error)) {
1333
- return { data: { session: null, user: null }, error };
1371
+ return this._returnResult({ data: { session: null, user: null }, error });
1334
1372
  }
1335
1373
  throw error;
1336
1374
  }
@@ -1363,17 +1401,17 @@ class GoTrueClient {
1363
1401
  }
1364
1402
  const { data: session, error } = await this._callRefreshToken(currentSession.refresh_token);
1365
1403
  if (error) {
1366
- return { data: { user: null, session: null }, error: error };
1404
+ return this._returnResult({ data: { user: null, session: null }, error: error });
1367
1405
  }
1368
1406
  if (!session) {
1369
- return { data: { user: null, session: null }, error: null };
1407
+ return this._returnResult({ data: { user: null, session: null }, error: null });
1370
1408
  }
1371
- return { data: { user: session.user, session }, error: null };
1409
+ return this._returnResult({ data: { user: session.user, session }, error: null });
1372
1410
  });
1373
1411
  }
1374
1412
  catch (error) {
1375
1413
  if ((0, errors_1.isAuthError)(error)) {
1376
- return { data: { user: null, session: null }, error };
1414
+ return this._returnResult({ data: { user: null, session: null }, error });
1377
1415
  }
1378
1416
  throw error;
1379
1417
  }
@@ -1459,11 +1497,11 @@ class GoTrueClient {
1459
1497
  // Remove tokens from URL
1460
1498
  window.location.hash = '';
1461
1499
  this._debug('#_getSessionFromURL()', 'clearing window.location.hash');
1462
- return { data: { session, redirectType: params.type }, error: null };
1500
+ return this._returnResult({ data: { session, redirectType: params.type }, error: null });
1463
1501
  }
1464
1502
  catch (error) {
1465
1503
  if ((0, errors_1.isAuthError)(error)) {
1466
- return { data: { session: null, redirectType: null }, error };
1504
+ return this._returnResult({ data: { session: null, redirectType: null }, error });
1467
1505
  }
1468
1506
  throw error;
1469
1507
  }
@@ -1500,7 +1538,7 @@ class GoTrueClient {
1500
1538
  var _a;
1501
1539
  const { data, error: sessionError } = result;
1502
1540
  if (sessionError) {
1503
- return { error: sessionError };
1541
+ return this._returnResult({ error: sessionError });
1504
1542
  }
1505
1543
  const accessToken = (_a = data.session) === null || _a === void 0 ? void 0 : _a.access_token;
1506
1544
  if (accessToken) {
@@ -1510,7 +1548,7 @@ class GoTrueClient {
1510
1548
  // ignore 401s since an invalid or expired JWT should sign out the current session
1511
1549
  if (!((0, errors_1.isAuthApiError)(error) &&
1512
1550
  (error.status === 404 || error.status === 401 || error.status === 403))) {
1513
- return { error };
1551
+ return this._returnResult({ error });
1514
1552
  }
1515
1553
  }
1516
1554
  }
@@ -1518,13 +1556,9 @@ class GoTrueClient {
1518
1556
  await this._removeSession();
1519
1557
  await (0, helpers_1.removeItemAsync)(this.storage, `${this.storageKey}-code-verifier`);
1520
1558
  }
1521
- return { error: null };
1559
+ return this._returnResult({ error: null });
1522
1560
  });
1523
1561
  }
1524
- /**
1525
- * Receive a notification every time an auth event happens.
1526
- * @param callback A callback function to be invoked when an auth event happens.
1527
- */
1528
1562
  onAuthStateChange(callback) {
1529
1563
  const id = (0, helpers_1.uuid)();
1530
1564
  const subscription = {
@@ -1591,7 +1625,7 @@ class GoTrueClient {
1591
1625
  }
1592
1626
  catch (error) {
1593
1627
  if ((0, errors_1.isAuthError)(error)) {
1594
- return { data: null, error };
1628
+ return this._returnResult({ data: null, error });
1595
1629
  }
1596
1630
  throw error;
1597
1631
  }
@@ -1605,11 +1639,11 @@ class GoTrueClient {
1605
1639
  const { data, error } = await this.getUser();
1606
1640
  if (error)
1607
1641
  throw error;
1608
- return { data: { identities: (_a = data.user.identities) !== null && _a !== void 0 ? _a : [] }, error: null };
1642
+ return this._returnResult({ data: { identities: (_a = data.user.identities) !== null && _a !== void 0 ? _a : [] }, error: null });
1609
1643
  }
1610
1644
  catch (error) {
1611
1645
  if ((0, errors_1.isAuthError)(error)) {
1612
- return { data: null, error };
1646
+ return this._returnResult({ data: null, error });
1613
1647
  }
1614
1648
  throw error;
1615
1649
  }
@@ -1644,11 +1678,14 @@ class GoTrueClient {
1644
1678
  if ((0, helpers_1.isBrowser)() && !((_a = credentials.options) === null || _a === void 0 ? void 0 : _a.skipBrowserRedirect)) {
1645
1679
  window.location.assign(data === null || data === void 0 ? void 0 : data.url);
1646
1680
  }
1647
- return { data: { provider: credentials.provider, url: data === null || data === void 0 ? void 0 : data.url }, error: null };
1681
+ return this._returnResult({
1682
+ data: { provider: credentials.provider, url: data === null || data === void 0 ? void 0 : data.url },
1683
+ error: null,
1684
+ });
1648
1685
  }
1649
1686
  catch (error) {
1650
1687
  if ((0, errors_1.isAuthError)(error)) {
1651
- return { data: { provider: credentials.provider, url: null }, error };
1688
+ return this._returnResult({ data: { provider: credentials.provider, url: null }, error });
1652
1689
  }
1653
1690
  throw error;
1654
1691
  }
@@ -1676,23 +1713,23 @@ class GoTrueClient {
1676
1713
  });
1677
1714
  const { data, error } = res;
1678
1715
  if (error) {
1679
- return { data: { user: null, session: null }, error };
1716
+ return this._returnResult({ data: { user: null, session: null }, error });
1680
1717
  }
1681
1718
  else if (!data || !data.session || !data.user) {
1682
- return {
1719
+ return this._returnResult({
1683
1720
  data: { user: null, session: null },
1684
1721
  error: new errors_1.AuthInvalidTokenResponseError(),
1685
- };
1722
+ });
1686
1723
  }
1687
1724
  if (data.session) {
1688
1725
  await this._saveSession(data.session);
1689
1726
  await this._notifyAllSubscribers('USER_UPDATED', data.session);
1690
1727
  }
1691
- return { data, error };
1728
+ return this._returnResult({ data, error });
1692
1729
  }
1693
1730
  catch (error) {
1694
1731
  if ((0, errors_1.isAuthError)(error)) {
1695
- return { data: { user: null, session: null }, error };
1732
+ return this._returnResult({ data: { user: null, session: null }, error });
1696
1733
  }
1697
1734
  throw error;
1698
1735
  }
@@ -1717,7 +1754,7 @@ class GoTrueClient {
1717
1754
  }
1718
1755
  catch (error) {
1719
1756
  if ((0, errors_1.isAuthError)(error)) {
1720
- return { data: null, error };
1757
+ return this._returnResult({ data: null, error });
1721
1758
  }
1722
1759
  throw error;
1723
1760
  }
@@ -1753,7 +1790,7 @@ class GoTrueClient {
1753
1790
  catch (error) {
1754
1791
  this._debug(debugName, 'error', error);
1755
1792
  if ((0, errors_1.isAuthError)(error)) {
1756
- return { data: { session: null, user: null }, error };
1793
+ return this._returnResult({ data: { session: null, user: null }, error });
1757
1794
  }
1758
1795
  throw error;
1759
1796
  }
@@ -2238,7 +2275,7 @@ class GoTrueClient {
2238
2275
  var _a;
2239
2276
  const { data: sessionData, error: sessionError } = result;
2240
2277
  if (sessionError) {
2241
- return { data: null, error: sessionError };
2278
+ return this._returnResult({ data: null, error: sessionError });
2242
2279
  }
2243
2280
  return await (0, fetch_1._request)(this.fetch, 'DELETE', `${this.url}/factors/${params.factorId}`, {
2244
2281
  headers: this.headers,
@@ -2248,7 +2285,7 @@ class GoTrueClient {
2248
2285
  }
2249
2286
  catch (error) {
2250
2287
  if ((0, errors_1.isAuthError)(error)) {
2251
- return { data: null, error };
2288
+ return this._returnResult({ data: null, error });
2252
2289
  }
2253
2290
  throw error;
2254
2291
  }
@@ -2259,7 +2296,7 @@ class GoTrueClient {
2259
2296
  var _a, _b;
2260
2297
  const { data: sessionData, error: sessionError } = result;
2261
2298
  if (sessionError) {
2262
- return { data: null, error: sessionError };
2299
+ return this._returnResult({ data: null, error: sessionError });
2263
2300
  }
2264
2301
  const body = Object.assign({ friendly_name: params.friendlyName, factor_type: params.factorType }, (params.factorType === 'phone'
2265
2302
  ? { phone: params.phone }
@@ -2272,17 +2309,17 @@ class GoTrueClient {
2272
2309
  jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
2273
2310
  }));
2274
2311
  if (error) {
2275
- return { data: null, error };
2312
+ return this._returnResult({ data: null, error });
2276
2313
  }
2277
2314
  if (params.factorType === 'totp' && data.type === 'totp' && ((_b = data === null || data === void 0 ? void 0 : data.totp) === null || _b === void 0 ? void 0 : _b.qr_code)) {
2278
2315
  data.totp.qr_code = `data:image/svg+xml;utf-8,${data.totp.qr_code}`;
2279
2316
  }
2280
- return { data, error: null };
2317
+ return this._returnResult({ data, error: null });
2281
2318
  });
2282
2319
  }
2283
2320
  catch (error) {
2284
2321
  if ((0, errors_1.isAuthError)(error)) {
2285
- return { data: null, error };
2322
+ return this._returnResult({ data: null, error });
2286
2323
  }
2287
2324
  throw error;
2288
2325
  }
@@ -2294,7 +2331,7 @@ class GoTrueClient {
2294
2331
  var _a;
2295
2332
  const { data: sessionData, error: sessionError } = result;
2296
2333
  if (sessionError) {
2297
- return { data: null, error: sessionError };
2334
+ return this._returnResult({ data: null, error: sessionError });
2298
2335
  }
2299
2336
  const body = Object.assign({ challenge_id: params.challengeId }, ('webauthn' in params
2300
2337
  ? {
@@ -2309,16 +2346,16 @@ class GoTrueClient {
2309
2346
  jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
2310
2347
  });
2311
2348
  if (error) {
2312
- return { data: null, error };
2349
+ return this._returnResult({ data: null, error });
2313
2350
  }
2314
2351
  await this._saveSession(Object.assign({ expires_at: Math.round(Date.now() / 1000) + data.expires_in }, data));
2315
2352
  await this._notifyAllSubscribers('MFA_CHALLENGE_VERIFIED', data);
2316
- return { data, error };
2353
+ return this._returnResult({ data, error });
2317
2354
  });
2318
2355
  }
2319
2356
  catch (error) {
2320
2357
  if ((0, errors_1.isAuthError)(error)) {
2321
- return { data: null, error };
2358
+ return this._returnResult({ data: null, error });
2322
2359
  }
2323
2360
  throw error;
2324
2361
  }
@@ -2331,7 +2368,7 @@ class GoTrueClient {
2331
2368
  var _a;
2332
2369
  const { data: sessionData, error: sessionError } = result;
2333
2370
  if (sessionError) {
2334
- return { data: null, error: sessionError };
2371
+ return this._returnResult({ data: null, error: sessionError });
2335
2372
  }
2336
2373
  const response = (await (0, fetch_1._request)(this.fetch, 'POST', `${this.url}/factors/${params.factorId}/challenge`, {
2337
2374
  body: params,
@@ -2361,7 +2398,7 @@ class GoTrueClient {
2361
2398
  }
2362
2399
  catch (error) {
2363
2400
  if ((0, errors_1.isAuthError)(error)) {
2364
- return { data: null, error };
2401
+ return this._returnResult({ data: null, error });
2365
2402
  }
2366
2403
  throw error;
2367
2404
  }
@@ -2377,7 +2414,7 @@ class GoTrueClient {
2377
2414
  factorId: params.factorId,
2378
2415
  });
2379
2416
  if (challengeError) {
2380
- return { data: null, error: challengeError };
2417
+ return this._returnResult({ data: null, error: challengeError });
2381
2418
  }
2382
2419
  return await this._verify({
2383
2420
  factorId: params.factorId,
@@ -2418,33 +2455,133 @@ class GoTrueClient {
2418
2455
  * {@see GoTrueMFAApi#getAuthenticatorAssuranceLevel}
2419
2456
  */
2420
2457
  async _getAuthenticatorAssuranceLevel() {
2421
- return this._acquireLock(-1, async () => {
2458
+ var _a, _b;
2459
+ const { data: { session }, error: sessionError, } = await this.getSession();
2460
+ if (sessionError) {
2461
+ return this._returnResult({ data: null, error: sessionError });
2462
+ }
2463
+ if (!session) {
2464
+ return {
2465
+ data: { currentLevel: null, nextLevel: null, currentAuthenticationMethods: [] },
2466
+ error: null,
2467
+ };
2468
+ }
2469
+ const { payload } = (0, helpers_1.decodeJWT)(session.access_token);
2470
+ let currentLevel = null;
2471
+ if (payload.aal) {
2472
+ currentLevel = payload.aal;
2473
+ }
2474
+ let nextLevel = currentLevel;
2475
+ const verifiedFactors = (_b = (_a = session.user.factors) === null || _a === void 0 ? void 0 : _a.filter((factor) => factor.status === 'verified')) !== null && _b !== void 0 ? _b : [];
2476
+ if (verifiedFactors.length > 0) {
2477
+ nextLevel = 'aal2';
2478
+ }
2479
+ const currentAuthenticationMethods = payload.amr || [];
2480
+ return { data: { currentLevel, nextLevel, currentAuthenticationMethods }, error: null };
2481
+ }
2482
+ /**
2483
+ * Retrieves details about an OAuth authorization request.
2484
+ * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
2485
+ *
2486
+ * Returns authorization details including client info, scopes, and user information.
2487
+ * If the API returns a redirect_uri, it means consent was already given - the caller
2488
+ * should handle the redirect manually if needed.
2489
+ */
2490
+ async _getAuthorizationDetails(authorizationId) {
2491
+ try {
2422
2492
  return await this._useSession(async (result) => {
2423
- var _a, _b;
2424
2493
  const { data: { session }, error: sessionError, } = result;
2425
2494
  if (sessionError) {
2426
- return { data: null, error: sessionError };
2495
+ return this._returnResult({ data: null, error: sessionError });
2427
2496
  }
2428
2497
  if (!session) {
2429
- return {
2430
- data: { currentLevel: null, nextLevel: null, currentAuthenticationMethods: [] },
2431
- error: null,
2432
- };
2433
- }
2434
- const { payload } = (0, helpers_1.decodeJWT)(session.access_token);
2435
- let currentLevel = null;
2436
- if (payload.aal) {
2437
- currentLevel = payload.aal;
2438
- }
2439
- let nextLevel = currentLevel;
2440
- const verifiedFactors = (_b = (_a = session.user.factors) === null || _a === void 0 ? void 0 : _a.filter((factor) => factor.status === 'verified')) !== null && _b !== void 0 ? _b : [];
2441
- if (verifiedFactors.length > 0) {
2442
- nextLevel = 'aal2';
2443
- }
2444
- const currentAuthenticationMethods = payload.amr || [];
2445
- return { data: { currentLevel, nextLevel, currentAuthenticationMethods }, error: null };
2498
+ return this._returnResult({ data: null, error: new errors_1.AuthSessionMissingError() });
2499
+ }
2500
+ return await (0, fetch_1._request)(this.fetch, 'GET', `${this.url}/oauth/authorizations/${authorizationId}`, {
2501
+ headers: this.headers,
2502
+ jwt: session.access_token,
2503
+ xform: (data) => ({ data, error: null }),
2504
+ });
2446
2505
  });
2447
- });
2506
+ }
2507
+ catch (error) {
2508
+ if ((0, errors_1.isAuthError)(error)) {
2509
+ return this._returnResult({ data: null, error });
2510
+ }
2511
+ throw error;
2512
+ }
2513
+ }
2514
+ /**
2515
+ * Approves an OAuth authorization request.
2516
+ * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
2517
+ */
2518
+ async _approveAuthorization(authorizationId, options) {
2519
+ try {
2520
+ return await this._useSession(async (result) => {
2521
+ const { data: { session }, error: sessionError, } = result;
2522
+ if (sessionError) {
2523
+ return this._returnResult({ data: null, error: sessionError });
2524
+ }
2525
+ if (!session) {
2526
+ return this._returnResult({ data: null, error: new errors_1.AuthSessionMissingError() });
2527
+ }
2528
+ const response = await (0, fetch_1._request)(this.fetch, 'POST', `${this.url}/oauth/authorizations/${authorizationId}/consent`, {
2529
+ headers: this.headers,
2530
+ jwt: session.access_token,
2531
+ body: { action: 'approve' },
2532
+ xform: (data) => ({ data, error: null }),
2533
+ });
2534
+ if (response.data && response.data.redirect_url) {
2535
+ // Automatically redirect in browser unless skipBrowserRedirect is true
2536
+ if ((0, helpers_1.isBrowser)() && !(options === null || options === void 0 ? void 0 : options.skipBrowserRedirect)) {
2537
+ window.location.assign(response.data.redirect_url);
2538
+ }
2539
+ }
2540
+ return response;
2541
+ });
2542
+ }
2543
+ catch (error) {
2544
+ if ((0, errors_1.isAuthError)(error)) {
2545
+ return this._returnResult({ data: null, error });
2546
+ }
2547
+ throw error;
2548
+ }
2549
+ }
2550
+ /**
2551
+ * Denies an OAuth authorization request.
2552
+ * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
2553
+ */
2554
+ async _denyAuthorization(authorizationId, options) {
2555
+ try {
2556
+ return await this._useSession(async (result) => {
2557
+ const { data: { session }, error: sessionError, } = result;
2558
+ if (sessionError) {
2559
+ return this._returnResult({ data: null, error: sessionError });
2560
+ }
2561
+ if (!session) {
2562
+ return this._returnResult({ data: null, error: new errors_1.AuthSessionMissingError() });
2563
+ }
2564
+ const response = await (0, fetch_1._request)(this.fetch, 'POST', `${this.url}/oauth/authorizations/${authorizationId}/consent`, {
2565
+ headers: this.headers,
2566
+ jwt: session.access_token,
2567
+ body: { action: 'deny' },
2568
+ xform: (data) => ({ data, error: null }),
2569
+ });
2570
+ if (response.data && response.data.redirect_url) {
2571
+ // Automatically redirect in browser unless skipBrowserRedirect is true
2572
+ if ((0, helpers_1.isBrowser)() && !(options === null || options === void 0 ? void 0 : options.skipBrowserRedirect)) {
2573
+ window.location.assign(response.data.redirect_url);
2574
+ }
2575
+ }
2576
+ return response;
2577
+ });
2578
+ }
2579
+ catch (error) {
2580
+ if ((0, errors_1.isAuthError)(error)) {
2581
+ return this._returnResult({ data: null, error });
2582
+ }
2583
+ throw error;
2584
+ }
2448
2585
  }
2449
2586
  async fetchJwk(kid, jwks = { keys: [] }) {
2450
2587
  // try fetching from the supplied jwks
@@ -2500,7 +2637,7 @@ class GoTrueClient {
2500
2637
  if (!token) {
2501
2638
  const { data, error } = await this.getSession();
2502
2639
  if (error || !data.session) {
2503
- return { data: null, error };
2640
+ return this._returnResult({ data: null, error });
2504
2641
  }
2505
2642
  token = data.session.access_token;
2506
2643
  }
@@ -2553,12 +2690,12 @@ class GoTrueClient {
2553
2690
  }
2554
2691
  catch (error) {
2555
2692
  if ((0, errors_1.isAuthError)(error)) {
2556
- return { data: null, error };
2693
+ return this._returnResult({ data: null, error });
2557
2694
  }
2558
2695
  throw error;
2559
2696
  }
2560
2697
  }
2561
2698
  }
2562
- GoTrueClient.nextInstanceID = 0;
2699
+ GoTrueClient.nextInstanceID = {};
2563
2700
  exports.default = GoTrueClient;
2564
2701
  //# sourceMappingURL=GoTrueClient.js.map