@supabase/auth-js 2.80.1-canary.1 → 2.80.1-canary.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +37 -19
- package/dist/main/AuthAdminApi.js +2 -4
- package/dist/main/AuthAdminApi.js.map +1 -1
- package/dist/main/AuthClient.js +2 -4
- package/dist/main/AuthClient.js.map +1 -1
- package/dist/main/GoTrueAdminApi.d.ts +48 -1
- package/dist/main/GoTrueAdminApi.d.ts.map +1 -1
- package/dist/main/GoTrueAdminApi.js +162 -12
- package/dist/main/GoTrueAdminApi.js.map +1 -1
- package/dist/main/GoTrueClient.d.ts +58 -2
- package/dist/main/GoTrueClient.d.ts.map +1 -1
- package/dist/main/GoTrueClient.js +293 -156
- package/dist/main/GoTrueClient.js.map +1 -1
- package/dist/main/index.js +7 -23
- package/dist/main/index.js.map +1 -1
- package/dist/main/lib/error-codes.d.ts +1 -1
- package/dist/main/lib/fetch.js +2 -12
- package/dist/main/lib/fetch.js.map +1 -1
- package/dist/main/lib/helpers.d.ts +11 -0
- package/dist/main/lib/helpers.d.ts.map +1 -1
- package/dist/main/lib/helpers.js +39 -42
- package/dist/main/lib/helpers.js.map +1 -1
- package/dist/main/lib/types.d.ts +283 -2
- package/dist/main/lib/types.d.ts.map +1 -1
- package/dist/main/lib/types.js.map +1 -1
- package/dist/main/lib/version.d.ts +1 -1
- package/dist/main/lib/version.js +1 -1
- package/dist/main/lib/webauthn.d.ts +7 -5
- package/dist/main/lib/webauthn.d.ts.map +1 -1
- package/dist/main/lib/webauthn.js +5 -15
- package/dist/main/lib/webauthn.js.map +1 -1
- package/dist/module/GoTrueAdminApi.d.ts +48 -1
- package/dist/module/GoTrueAdminApi.d.ts.map +1 -1
- package/dist/module/GoTrueAdminApi.js +161 -11
- package/dist/module/GoTrueAdminApi.js.map +1 -1
- package/dist/module/GoTrueClient.d.ts +58 -2
- package/dist/module/GoTrueClient.d.ts.map +1 -1
- package/dist/module/GoTrueClient.js +292 -153
- package/dist/module/GoTrueClient.js.map +1 -1
- package/dist/module/lib/error-codes.d.ts +1 -1
- package/dist/module/lib/fetch.js +1 -11
- package/dist/module/lib/fetch.js.map +1 -1
- package/dist/module/lib/helpers.d.ts +11 -0
- package/dist/module/lib/helpers.d.ts.map +1 -1
- package/dist/module/lib/helpers.js +38 -9
- package/dist/module/lib/helpers.js.map +1 -1
- package/dist/module/lib/types.d.ts +283 -2
- package/dist/module/lib/types.d.ts.map +1 -1
- package/dist/module/lib/types.js.map +1 -1
- package/dist/module/lib/version.d.ts +1 -1
- package/dist/module/lib/version.js +1 -1
- package/dist/module/lib/webauthn.d.ts +7 -5
- package/dist/module/lib/webauthn.d.ts.map +1 -1
- package/dist/module/lib/webauthn.js +3 -13
- package/dist/module/lib/webauthn.js.map +1 -1
- package/dist/tsconfig.module.tsbuildinfo +1 -0
- package/dist/tsconfig.tsbuildinfo +1 -0
- package/package.json +12 -13
- package/src/GoTrueAdminApi.ts +186 -0
- package/src/GoTrueClient.ts +378 -150
- package/src/lib/error-codes.ts +1 -1
- package/src/lib/helpers.ts +46 -8
- package/src/lib/types.ts +307 -1
- package/src/lib/version.ts +1 -1
- package/src/lib/webauthn.ts +12 -8
|
@@ -2,7 +2,7 @@ import GoTrueAdminApi from './GoTrueAdminApi';
|
|
|
2
2
|
import { AUTO_REFRESH_TICK_DURATION_MS, AUTO_REFRESH_TICK_THRESHOLD, DEFAULT_HEADERS, EXPIRY_MARGIN_MS, GOTRUE_URL, JWKS_TTL, STORAGE_KEY, } from './lib/constants';
|
|
3
3
|
import { AuthImplicitGrantRedirectError, AuthInvalidCredentialsError, AuthInvalidJwtError, AuthInvalidTokenResponseError, AuthPKCEGrantCodeExchangeError, AuthSessionMissingError, AuthUnknownError, isAuthApiError, isAuthError, isAuthImplicitGrantRedirectError, isAuthRetryableFetchError, isAuthSessionMissingError, } from './lib/errors';
|
|
4
4
|
import { _request, _sessionResponse, _sessionResponsePassword, _ssoResponse, _userResponse, } from './lib/fetch';
|
|
5
|
-
import { decodeJWT, deepClone, Deferred, getAlgorithm, getCodeChallengeAndMethod, getItemAsync, isBrowser, parseParametersFromURL, removeItemAsync, resolveFetch, retryable, setItemAsync, sleep, supportsLocalStorage, userNotAvailableProxy, uuid, validateExp, } from './lib/helpers';
|
|
5
|
+
import { decodeJWT, deepClone, Deferred, getAlgorithm, getCodeChallengeAndMethod, getItemAsync, insecureUserWarningProxy, isBrowser, parseParametersFromURL, removeItemAsync, resolveFetch, retryable, setItemAsync, sleep, supportsLocalStorage, userNotAvailableProxy, uuid, validateExp, } from './lib/helpers';
|
|
6
6
|
import { memoryLocalStorageAdapter } from './lib/local-storage';
|
|
7
7
|
import { LockAcquireTimeoutError, navigatorLock } from './lib/locks';
|
|
8
8
|
import { polyfillGlobalThis } from './lib/polyfills';
|
|
@@ -21,6 +21,7 @@ const DEFAULT_OPTIONS = {
|
|
|
21
21
|
flowType: 'implicit',
|
|
22
22
|
debug: false,
|
|
23
23
|
hasCustomAuthorizationHeader: false,
|
|
24
|
+
throwOnError: false,
|
|
24
25
|
};
|
|
25
26
|
async function lockNoOp(name, acquireTimeout, fn) {
|
|
26
27
|
return await fn();
|
|
@@ -56,7 +57,7 @@ class GoTrueClient {
|
|
|
56
57
|
* Create a new client for use in the browser.
|
|
57
58
|
*/
|
|
58
59
|
constructor(options) {
|
|
59
|
-
var _a, _b;
|
|
60
|
+
var _a, _b, _c;
|
|
60
61
|
/**
|
|
61
62
|
* @experimental
|
|
62
63
|
*/
|
|
@@ -83,18 +84,22 @@ class GoTrueClient {
|
|
|
83
84
|
*/
|
|
84
85
|
this.broadcastChannel = null;
|
|
85
86
|
this.logger = console.log;
|
|
86
|
-
this.instanceID = GoTrueClient.nextInstanceID;
|
|
87
|
-
GoTrueClient.nextInstanceID += 1;
|
|
88
|
-
if (this.instanceID > 0 && isBrowser()) {
|
|
89
|
-
console.warn('Multiple GoTrueClient instances detected in the same browser context. It is not an error, but this should be avoided as it may produce undefined behavior when used concurrently under the same storage key.');
|
|
90
|
-
}
|
|
91
87
|
const settings = Object.assign(Object.assign({}, DEFAULT_OPTIONS), options);
|
|
88
|
+
this.storageKey = settings.storageKey;
|
|
89
|
+
this.instanceID = (_a = GoTrueClient.nextInstanceID[this.storageKey]) !== null && _a !== void 0 ? _a : 0;
|
|
90
|
+
GoTrueClient.nextInstanceID[this.storageKey] = this.instanceID + 1;
|
|
92
91
|
this.logDebugMessages = !!settings.debug;
|
|
93
92
|
if (typeof settings.debug === 'function') {
|
|
94
93
|
this.logger = settings.debug;
|
|
95
94
|
}
|
|
95
|
+
if (this.instanceID > 0 && isBrowser()) {
|
|
96
|
+
const message = `${this._logPrefix()} Multiple GoTrueClient instances detected in the same browser context. It is not an error, but this should be avoided as it may produce undefined behavior when used concurrently under the same storage key.`;
|
|
97
|
+
console.warn(message);
|
|
98
|
+
if (this.logDebugMessages) {
|
|
99
|
+
console.trace(message);
|
|
100
|
+
}
|
|
101
|
+
}
|
|
96
102
|
this.persistSession = settings.persistSession;
|
|
97
|
-
this.storageKey = settings.storageKey;
|
|
98
103
|
this.autoRefreshToken = settings.autoRefreshToken;
|
|
99
104
|
this.admin = new GoTrueAdminApi({
|
|
100
105
|
url: settings.url,
|
|
@@ -108,10 +113,11 @@ class GoTrueClient {
|
|
|
108
113
|
this.detectSessionInUrl = settings.detectSessionInUrl;
|
|
109
114
|
this.flowType = settings.flowType;
|
|
110
115
|
this.hasCustomAuthorizationHeader = settings.hasCustomAuthorizationHeader;
|
|
116
|
+
this.throwOnError = settings.throwOnError;
|
|
111
117
|
if (settings.lock) {
|
|
112
118
|
this.lock = settings.lock;
|
|
113
119
|
}
|
|
114
|
-
else if (isBrowser() && ((
|
|
120
|
+
else if (isBrowser() && ((_b = globalThis === null || globalThis === void 0 ? void 0 : globalThis.navigator) === null || _b === void 0 ? void 0 : _b.locks)) {
|
|
115
121
|
this.lock = navigatorLock;
|
|
116
122
|
}
|
|
117
123
|
else {
|
|
@@ -131,6 +137,11 @@ class GoTrueClient {
|
|
|
131
137
|
getAuthenticatorAssuranceLevel: this._getAuthenticatorAssuranceLevel.bind(this),
|
|
132
138
|
webauthn: new WebAuthnApi(this),
|
|
133
139
|
};
|
|
140
|
+
this.oauth = {
|
|
141
|
+
getAuthorizationDetails: this._getAuthorizationDetails.bind(this),
|
|
142
|
+
approveAuthorization: this._approveAuthorization.bind(this),
|
|
143
|
+
denyAuthorization: this._denyAuthorization.bind(this),
|
|
144
|
+
};
|
|
134
145
|
if (this.persistSession) {
|
|
135
146
|
if (settings.storage) {
|
|
136
147
|
this.storage = settings.storage;
|
|
@@ -159,16 +170,37 @@ class GoTrueClient {
|
|
|
159
170
|
catch (e) {
|
|
160
171
|
console.error('Failed to create a new BroadcastChannel, multi-tab state changes will not be available', e);
|
|
161
172
|
}
|
|
162
|
-
(
|
|
173
|
+
(_c = this.broadcastChannel) === null || _c === void 0 ? void 0 : _c.addEventListener('message', async (event) => {
|
|
163
174
|
this._debug('received broadcast notification from other tab or client', event);
|
|
164
175
|
await this._notifyAllSubscribers(event.data.event, event.data.session, false); // broadcast = false so we don't get an endless loop of messages
|
|
165
176
|
});
|
|
166
177
|
}
|
|
167
178
|
this.initialize();
|
|
168
179
|
}
|
|
180
|
+
/**
|
|
181
|
+
* Returns whether error throwing mode is enabled for this client.
|
|
182
|
+
*/
|
|
183
|
+
isThrowOnErrorEnabled() {
|
|
184
|
+
return this.throwOnError;
|
|
185
|
+
}
|
|
186
|
+
/**
|
|
187
|
+
* Centralizes return handling with optional error throwing. When `throwOnError` is enabled
|
|
188
|
+
* and the provided result contains a non-nullish error, the error is thrown instead of
|
|
189
|
+
* being returned. This ensures consistent behavior across all public API methods.
|
|
190
|
+
*/
|
|
191
|
+
_returnResult(result) {
|
|
192
|
+
if (this.throwOnError && result && result.error) {
|
|
193
|
+
throw result.error;
|
|
194
|
+
}
|
|
195
|
+
return result;
|
|
196
|
+
}
|
|
197
|
+
_logPrefix() {
|
|
198
|
+
return ('GoTrueClient@' +
|
|
199
|
+
`${this.storageKey}:${this.instanceID} (${version}) ${new Date().toISOString()}`);
|
|
200
|
+
}
|
|
169
201
|
_debug(...args) {
|
|
170
202
|
if (this.logDebugMessages) {
|
|
171
|
-
this.logger(
|
|
203
|
+
this.logger(this._logPrefix(), ...args);
|
|
172
204
|
}
|
|
173
205
|
return this;
|
|
174
206
|
}
|
|
@@ -197,13 +229,16 @@ class GoTrueClient {
|
|
|
197
229
|
async _initialize() {
|
|
198
230
|
var _a;
|
|
199
231
|
try {
|
|
200
|
-
|
|
232
|
+
let params = {};
|
|
201
233
|
let callbackUrlType = 'none';
|
|
202
|
-
if (
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
206
|
-
|
|
234
|
+
if (isBrowser()) {
|
|
235
|
+
params = parseParametersFromURL(window.location.href);
|
|
236
|
+
if (this._isImplicitGrantCallback(params)) {
|
|
237
|
+
callbackUrlType = 'implicit';
|
|
238
|
+
}
|
|
239
|
+
else if (await this._isPKCECallback(params)) {
|
|
240
|
+
callbackUrlType = 'pkce';
|
|
241
|
+
}
|
|
207
242
|
}
|
|
208
243
|
/**
|
|
209
244
|
* Attempt to get the session from the URL only if these conditions are fulfilled
|
|
@@ -247,11 +282,11 @@ class GoTrueClient {
|
|
|
247
282
|
}
|
|
248
283
|
catch (error) {
|
|
249
284
|
if (isAuthError(error)) {
|
|
250
|
-
return { error };
|
|
285
|
+
return this._returnResult({ error });
|
|
251
286
|
}
|
|
252
|
-
return {
|
|
287
|
+
return this._returnResult({
|
|
253
288
|
error: new AuthUnknownError('Unexpected error during initialization', error),
|
|
254
|
-
};
|
|
289
|
+
});
|
|
255
290
|
}
|
|
256
291
|
finally {
|
|
257
292
|
await this._handleVisibilityChange();
|
|
@@ -276,7 +311,7 @@ class GoTrueClient {
|
|
|
276
311
|
});
|
|
277
312
|
const { data, error } = res;
|
|
278
313
|
if (error || !data) {
|
|
279
|
-
return { data: { user: null, session: null }, error: error };
|
|
314
|
+
return this._returnResult({ data: { user: null, session: null }, error: error });
|
|
280
315
|
}
|
|
281
316
|
const session = data.session;
|
|
282
317
|
const user = data.user;
|
|
@@ -284,11 +319,11 @@ class GoTrueClient {
|
|
|
284
319
|
await this._saveSession(data.session);
|
|
285
320
|
await this._notifyAllSubscribers('SIGNED_IN', session);
|
|
286
321
|
}
|
|
287
|
-
return { data: { user, session }, error: null };
|
|
322
|
+
return this._returnResult({ data: { user, session }, error: null });
|
|
288
323
|
}
|
|
289
324
|
catch (error) {
|
|
290
325
|
if (isAuthError(error)) {
|
|
291
|
-
return { data: { user: null, session: null }, error };
|
|
326
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
292
327
|
}
|
|
293
328
|
throw error;
|
|
294
329
|
}
|
|
@@ -348,7 +383,7 @@ class GoTrueClient {
|
|
|
348
383
|
}
|
|
349
384
|
const { data, error } = res;
|
|
350
385
|
if (error || !data) {
|
|
351
|
-
return { data: { user: null, session: null }, error: error };
|
|
386
|
+
return this._returnResult({ data: { user: null, session: null }, error: error });
|
|
352
387
|
}
|
|
353
388
|
const session = data.session;
|
|
354
389
|
const user = data.user;
|
|
@@ -356,11 +391,11 @@ class GoTrueClient {
|
|
|
356
391
|
await this._saveSession(data.session);
|
|
357
392
|
await this._notifyAllSubscribers('SIGNED_IN', session);
|
|
358
393
|
}
|
|
359
|
-
return { data: { user, session }, error: null };
|
|
394
|
+
return this._returnResult({ data: { user, session }, error: null });
|
|
360
395
|
}
|
|
361
396
|
catch (error) {
|
|
362
397
|
if (isAuthError(error)) {
|
|
363
|
-
return { data: { user: null, session: null }, error };
|
|
398
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
364
399
|
}
|
|
365
400
|
throw error;
|
|
366
401
|
}
|
|
@@ -405,23 +440,24 @@ class GoTrueClient {
|
|
|
405
440
|
}
|
|
406
441
|
const { data, error } = res;
|
|
407
442
|
if (error) {
|
|
408
|
-
return { data: { user: null, session: null }, error };
|
|
443
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
409
444
|
}
|
|
410
445
|
else if (!data || !data.session || !data.user) {
|
|
411
|
-
|
|
446
|
+
const invalidTokenError = new AuthInvalidTokenResponseError();
|
|
447
|
+
return this._returnResult({ data: { user: null, session: null }, error: invalidTokenError });
|
|
412
448
|
}
|
|
413
449
|
if (data.session) {
|
|
414
450
|
await this._saveSession(data.session);
|
|
415
451
|
await this._notifyAllSubscribers('SIGNED_IN', data.session);
|
|
416
452
|
}
|
|
417
|
-
return {
|
|
453
|
+
return this._returnResult({
|
|
418
454
|
data: Object.assign({ user: data.user, session: data.session }, (data.weak_password ? { weakPassword: data.weak_password } : null)),
|
|
419
455
|
error,
|
|
420
|
-
};
|
|
456
|
+
});
|
|
421
457
|
}
|
|
422
458
|
catch (error) {
|
|
423
459
|
if (isAuthError(error)) {
|
|
424
|
-
return { data: { user: null, session: null }, error };
|
|
460
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
425
461
|
}
|
|
426
462
|
throw error;
|
|
427
463
|
}
|
|
@@ -553,20 +589,18 @@ class GoTrueClient {
|
|
|
553
589
|
throw error;
|
|
554
590
|
}
|
|
555
591
|
if (!data || !data.session || !data.user) {
|
|
556
|
-
|
|
557
|
-
|
|
558
|
-
error: new AuthInvalidTokenResponseError(),
|
|
559
|
-
};
|
|
592
|
+
const invalidTokenError = new AuthInvalidTokenResponseError();
|
|
593
|
+
return this._returnResult({ data: { user: null, session: null }, error: invalidTokenError });
|
|
560
594
|
}
|
|
561
595
|
if (data.session) {
|
|
562
596
|
await this._saveSession(data.session);
|
|
563
597
|
await this._notifyAllSubscribers('SIGNED_IN', data.session);
|
|
564
598
|
}
|
|
565
|
-
return { data: Object.assign({}, data), error };
|
|
599
|
+
return this._returnResult({ data: Object.assign({}, data), error });
|
|
566
600
|
}
|
|
567
601
|
catch (error) {
|
|
568
602
|
if (isAuthError(error)) {
|
|
569
|
-
return { data: { user: null, session: null }, error };
|
|
603
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
570
604
|
}
|
|
571
605
|
throw error;
|
|
572
606
|
}
|
|
@@ -693,20 +727,18 @@ class GoTrueClient {
|
|
|
693
727
|
throw error;
|
|
694
728
|
}
|
|
695
729
|
if (!data || !data.session || !data.user) {
|
|
696
|
-
|
|
697
|
-
|
|
698
|
-
error: new AuthInvalidTokenResponseError(),
|
|
699
|
-
};
|
|
730
|
+
const invalidTokenError = new AuthInvalidTokenResponseError();
|
|
731
|
+
return this._returnResult({ data: { user: null, session: null }, error: invalidTokenError });
|
|
700
732
|
}
|
|
701
733
|
if (data.session) {
|
|
702
734
|
await this._saveSession(data.session);
|
|
703
735
|
await this._notifyAllSubscribers('SIGNED_IN', data.session);
|
|
704
736
|
}
|
|
705
|
-
return { data: Object.assign({}, data), error };
|
|
737
|
+
return this._returnResult({ data: Object.assign({}, data), error });
|
|
706
738
|
}
|
|
707
739
|
catch (error) {
|
|
708
740
|
if (isAuthError(error)) {
|
|
709
|
-
return { data: { user: null, session: null }, error };
|
|
741
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
710
742
|
}
|
|
711
743
|
throw error;
|
|
712
744
|
}
|
|
@@ -728,20 +760,24 @@ class GoTrueClient {
|
|
|
728
760
|
throw error;
|
|
729
761
|
}
|
|
730
762
|
if (!data || !data.session || !data.user) {
|
|
731
|
-
|
|
763
|
+
const invalidTokenError = new AuthInvalidTokenResponseError();
|
|
764
|
+
return this._returnResult({
|
|
732
765
|
data: { user: null, session: null, redirectType: null },
|
|
733
|
-
error:
|
|
734
|
-
};
|
|
766
|
+
error: invalidTokenError,
|
|
767
|
+
});
|
|
735
768
|
}
|
|
736
769
|
if (data.session) {
|
|
737
770
|
await this._saveSession(data.session);
|
|
738
771
|
await this._notifyAllSubscribers('SIGNED_IN', data.session);
|
|
739
772
|
}
|
|
740
|
-
return { data: Object.assign(Object.assign({}, data), { redirectType: redirectType !== null && redirectType !== void 0 ? redirectType : null }), error };
|
|
773
|
+
return this._returnResult({ data: Object.assign(Object.assign({}, data), { redirectType: redirectType !== null && redirectType !== void 0 ? redirectType : null }), error });
|
|
741
774
|
}
|
|
742
775
|
catch (error) {
|
|
743
776
|
if (isAuthError(error)) {
|
|
744
|
-
return {
|
|
777
|
+
return this._returnResult({
|
|
778
|
+
data: { user: null, session: null, redirectType: null },
|
|
779
|
+
error,
|
|
780
|
+
});
|
|
745
781
|
}
|
|
746
782
|
throw error;
|
|
747
783
|
}
|
|
@@ -766,23 +802,21 @@ class GoTrueClient {
|
|
|
766
802
|
});
|
|
767
803
|
const { data, error } = res;
|
|
768
804
|
if (error) {
|
|
769
|
-
return { data: { user: null, session: null }, error };
|
|
805
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
770
806
|
}
|
|
771
807
|
else if (!data || !data.session || !data.user) {
|
|
772
|
-
|
|
773
|
-
|
|
774
|
-
error: new AuthInvalidTokenResponseError(),
|
|
775
|
-
};
|
|
808
|
+
const invalidTokenError = new AuthInvalidTokenResponseError();
|
|
809
|
+
return this._returnResult({ data: { user: null, session: null }, error: invalidTokenError });
|
|
776
810
|
}
|
|
777
811
|
if (data.session) {
|
|
778
812
|
await this._saveSession(data.session);
|
|
779
813
|
await this._notifyAllSubscribers('SIGNED_IN', data.session);
|
|
780
814
|
}
|
|
781
|
-
return { data, error };
|
|
815
|
+
return this._returnResult({ data, error });
|
|
782
816
|
}
|
|
783
817
|
catch (error) {
|
|
784
818
|
if (isAuthError(error)) {
|
|
785
|
-
return { data: { user: null, session: null }, error };
|
|
819
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
786
820
|
}
|
|
787
821
|
throw error;
|
|
788
822
|
}
|
|
@@ -827,7 +861,7 @@ class GoTrueClient {
|
|
|
827
861
|
},
|
|
828
862
|
redirectTo: options === null || options === void 0 ? void 0 : options.emailRedirectTo,
|
|
829
863
|
});
|
|
830
|
-
return { data: { user: null, session: null }, error };
|
|
864
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
831
865
|
}
|
|
832
866
|
if ('phone' in credentials) {
|
|
833
867
|
const { phone, options } = credentials;
|
|
@@ -841,13 +875,16 @@ class GoTrueClient {
|
|
|
841
875
|
channel: (_e = options === null || options === void 0 ? void 0 : options.channel) !== null && _e !== void 0 ? _e : 'sms',
|
|
842
876
|
},
|
|
843
877
|
});
|
|
844
|
-
return {
|
|
878
|
+
return this._returnResult({
|
|
879
|
+
data: { user: null, session: null, messageId: data === null || data === void 0 ? void 0 : data.message_id },
|
|
880
|
+
error,
|
|
881
|
+
});
|
|
845
882
|
}
|
|
846
883
|
throw new AuthInvalidCredentialsError('You must provide either an email or phone number.');
|
|
847
884
|
}
|
|
848
885
|
catch (error) {
|
|
849
886
|
if (isAuthError(error)) {
|
|
850
|
-
return { data: { user: null, session: null }, error };
|
|
887
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
851
888
|
}
|
|
852
889
|
throw error;
|
|
853
890
|
}
|
|
@@ -874,7 +911,8 @@ class GoTrueClient {
|
|
|
874
911
|
throw error;
|
|
875
912
|
}
|
|
876
913
|
if (!data) {
|
|
877
|
-
|
|
914
|
+
const tokenVerificationError = new Error('An error occurred on token verification.');
|
|
915
|
+
throw tokenVerificationError;
|
|
878
916
|
}
|
|
879
917
|
const session = data.session;
|
|
880
918
|
const user = data.user;
|
|
@@ -882,11 +920,11 @@ class GoTrueClient {
|
|
|
882
920
|
await this._saveSession(session);
|
|
883
921
|
await this._notifyAllSubscribers(params.type == 'recovery' ? 'PASSWORD_RECOVERY' : 'SIGNED_IN', session);
|
|
884
922
|
}
|
|
885
|
-
return { data: { user, session }, error: null };
|
|
923
|
+
return this._returnResult({ data: { user, session }, error: null });
|
|
886
924
|
}
|
|
887
925
|
catch (error) {
|
|
888
926
|
if (isAuthError(error)) {
|
|
889
|
-
return { data: { user: null, session: null }, error };
|
|
927
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
890
928
|
}
|
|
891
929
|
throw error;
|
|
892
930
|
}
|
|
@@ -914,17 +952,18 @@ class GoTrueClient {
|
|
|
914
952
|
;
|
|
915
953
|
[codeChallenge, codeChallengeMethod] = await getCodeChallengeAndMethod(this.storage, this.storageKey);
|
|
916
954
|
}
|
|
917
|
-
|
|
955
|
+
const result = await _request(this.fetch, 'POST', `${this.url}/sso`, {
|
|
918
956
|
body: Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({}, ('providerId' in params ? { provider_id: params.providerId } : null)), ('domain' in params ? { domain: params.domain } : null)), { redirect_to: (_b = (_a = params.options) === null || _a === void 0 ? void 0 : _a.redirectTo) !== null && _b !== void 0 ? _b : undefined }), (((_c = params === null || params === void 0 ? void 0 : params.options) === null || _c === void 0 ? void 0 : _c.captchaToken)
|
|
919
957
|
? { gotrue_meta_security: { captcha_token: params.options.captchaToken } }
|
|
920
958
|
: null)), { skip_http_redirect: true, code_challenge: codeChallenge, code_challenge_method: codeChallengeMethod }),
|
|
921
959
|
headers: this.headers,
|
|
922
960
|
xform: _ssoResponse,
|
|
923
961
|
});
|
|
962
|
+
return this._returnResult(result);
|
|
924
963
|
}
|
|
925
964
|
catch (error) {
|
|
926
965
|
if (isAuthError(error)) {
|
|
927
|
-
return { data: null, error };
|
|
966
|
+
return this._returnResult({ data: null, error });
|
|
928
967
|
}
|
|
929
968
|
throw error;
|
|
930
969
|
}
|
|
@@ -951,12 +990,12 @@ class GoTrueClient {
|
|
|
951
990
|
headers: this.headers,
|
|
952
991
|
jwt: session.access_token,
|
|
953
992
|
});
|
|
954
|
-
return { data: { user: null, session: null }, error };
|
|
993
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
955
994
|
});
|
|
956
995
|
}
|
|
957
996
|
catch (error) {
|
|
958
997
|
if (isAuthError(error)) {
|
|
959
|
-
return { data: { user: null, session: null }, error };
|
|
998
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
960
999
|
}
|
|
961
1000
|
throw error;
|
|
962
1001
|
}
|
|
@@ -978,7 +1017,7 @@ class GoTrueClient {
|
|
|
978
1017
|
},
|
|
979
1018
|
redirectTo: options === null || options === void 0 ? void 0 : options.emailRedirectTo,
|
|
980
1019
|
});
|
|
981
|
-
return { data: { user: null, session: null }, error };
|
|
1020
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
982
1021
|
}
|
|
983
1022
|
else if ('phone' in credentials) {
|
|
984
1023
|
const { phone, type, options } = credentials;
|
|
@@ -990,13 +1029,16 @@ class GoTrueClient {
|
|
|
990
1029
|
gotrue_meta_security: { captcha_token: options === null || options === void 0 ? void 0 : options.captchaToken },
|
|
991
1030
|
},
|
|
992
1031
|
});
|
|
993
|
-
return {
|
|
1032
|
+
return this._returnResult({
|
|
1033
|
+
data: { user: null, session: null, messageId: data === null || data === void 0 ? void 0 : data.message_id },
|
|
1034
|
+
error,
|
|
1035
|
+
});
|
|
994
1036
|
}
|
|
995
1037
|
throw new AuthInvalidCredentialsError('You must provide either an email or phone number and a type');
|
|
996
1038
|
}
|
|
997
1039
|
catch (error) {
|
|
998
1040
|
if (isAuthError(error)) {
|
|
999
|
-
return { data: { user: null, session: null }, error };
|
|
1041
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
1000
1042
|
}
|
|
1001
1043
|
throw error;
|
|
1002
1044
|
}
|
|
@@ -1139,28 +1181,25 @@ class GoTrueClient {
|
|
|
1139
1181
|
currentSession.user = userNotAvailableProxy();
|
|
1140
1182
|
}
|
|
1141
1183
|
}
|
|
1142
|
-
|
|
1143
|
-
|
|
1144
|
-
|
|
1145
|
-
|
|
1146
|
-
|
|
1147
|
-
|
|
1148
|
-
|
|
1149
|
-
|
|
1150
|
-
|
|
1151
|
-
|
|
1152
|
-
|
|
1153
|
-
},
|
|
1154
|
-
});
|
|
1155
|
-
currentSession = proxySession;
|
|
1184
|
+
// Wrap the user object with a warning proxy on the server
|
|
1185
|
+
// This warns when properties of the user are accessed, not when session.user itself is accessed
|
|
1186
|
+
if (this.storage.isServer &&
|
|
1187
|
+
currentSession.user &&
|
|
1188
|
+
!currentSession.user.__isUserNotAvailableProxy) {
|
|
1189
|
+
const suppressWarningRef = { value: this.suppressGetSessionWarning };
|
|
1190
|
+
currentSession.user = insecureUserWarningProxy(currentSession.user, suppressWarningRef);
|
|
1191
|
+
// Update the client-level suppression flag when the proxy suppresses the warning
|
|
1192
|
+
if (suppressWarningRef.value) {
|
|
1193
|
+
this.suppressGetSessionWarning = true;
|
|
1194
|
+
}
|
|
1156
1195
|
}
|
|
1157
1196
|
return { data: { session: currentSession }, error: null };
|
|
1158
1197
|
}
|
|
1159
1198
|
const { data: session, error } = await this._callRefreshToken(currentSession.refresh_token);
|
|
1160
1199
|
if (error) {
|
|
1161
|
-
return { data: { session: null }, error };
|
|
1200
|
+
return this._returnResult({ data: { session: null }, error });
|
|
1162
1201
|
}
|
|
1163
|
-
return { data: { session }, error: null };
|
|
1202
|
+
return this._returnResult({ data: { session }, error: null });
|
|
1164
1203
|
}
|
|
1165
1204
|
finally {
|
|
1166
1205
|
this._debug('#__loadSession()', 'end');
|
|
@@ -1217,7 +1256,7 @@ class GoTrueClient {
|
|
|
1217
1256
|
await this._removeSession();
|
|
1218
1257
|
await removeItemAsync(this.storage, `${this.storageKey}-code-verifier`);
|
|
1219
1258
|
}
|
|
1220
|
-
return { data: { user: null }, error };
|
|
1259
|
+
return this._returnResult({ data: { user: null }, error });
|
|
1221
1260
|
}
|
|
1222
1261
|
throw error;
|
|
1223
1262
|
}
|
|
@@ -1255,17 +1294,18 @@ class GoTrueClient {
|
|
|
1255
1294
|
jwt: session.access_token,
|
|
1256
1295
|
xform: _userResponse,
|
|
1257
1296
|
});
|
|
1258
|
-
if (userError)
|
|
1297
|
+
if (userError) {
|
|
1259
1298
|
throw userError;
|
|
1299
|
+
}
|
|
1260
1300
|
session.user = data.user;
|
|
1261
1301
|
await this._saveSession(session);
|
|
1262
1302
|
await this._notifyAllSubscribers('USER_UPDATED', session);
|
|
1263
|
-
return { data: { user: session.user }, error: null };
|
|
1303
|
+
return this._returnResult({ data: { user: session.user }, error: null });
|
|
1264
1304
|
});
|
|
1265
1305
|
}
|
|
1266
1306
|
catch (error) {
|
|
1267
1307
|
if (isAuthError(error)) {
|
|
1268
|
-
return { data: { user: null }, error };
|
|
1308
|
+
return this._returnResult({ data: { user: null }, error });
|
|
1269
1309
|
}
|
|
1270
1310
|
throw error;
|
|
1271
1311
|
}
|
|
@@ -1298,7 +1338,7 @@ class GoTrueClient {
|
|
|
1298
1338
|
if (hasExpired) {
|
|
1299
1339
|
const { data: refreshedSession, error } = await this._callRefreshToken(currentSession.refresh_token);
|
|
1300
1340
|
if (error) {
|
|
1301
|
-
return { data: { user: null, session: null }, error: error };
|
|
1341
|
+
return this._returnResult({ data: { user: null, session: null }, error: error });
|
|
1302
1342
|
}
|
|
1303
1343
|
if (!refreshedSession) {
|
|
1304
1344
|
return { data: { user: null, session: null }, error: null };
|
|
@@ -1321,11 +1361,11 @@ class GoTrueClient {
|
|
|
1321
1361
|
await this._saveSession(session);
|
|
1322
1362
|
await this._notifyAllSubscribers('SIGNED_IN', session);
|
|
1323
1363
|
}
|
|
1324
|
-
return { data: { user: session.user, session }, error: null };
|
|
1364
|
+
return this._returnResult({ data: { user: session.user, session }, error: null });
|
|
1325
1365
|
}
|
|
1326
1366
|
catch (error) {
|
|
1327
1367
|
if (isAuthError(error)) {
|
|
1328
|
-
return { data: { session: null, user: null }, error };
|
|
1368
|
+
return this._returnResult({ data: { session: null, user: null }, error });
|
|
1329
1369
|
}
|
|
1330
1370
|
throw error;
|
|
1331
1371
|
}
|
|
@@ -1358,17 +1398,17 @@ class GoTrueClient {
|
|
|
1358
1398
|
}
|
|
1359
1399
|
const { data: session, error } = await this._callRefreshToken(currentSession.refresh_token);
|
|
1360
1400
|
if (error) {
|
|
1361
|
-
return { data: { user: null, session: null }, error: error };
|
|
1401
|
+
return this._returnResult({ data: { user: null, session: null }, error: error });
|
|
1362
1402
|
}
|
|
1363
1403
|
if (!session) {
|
|
1364
|
-
return { data: { user: null, session: null }, error: null };
|
|
1404
|
+
return this._returnResult({ data: { user: null, session: null }, error: null });
|
|
1365
1405
|
}
|
|
1366
|
-
return { data: { user: session.user, session }, error: null };
|
|
1406
|
+
return this._returnResult({ data: { user: session.user, session }, error: null });
|
|
1367
1407
|
});
|
|
1368
1408
|
}
|
|
1369
1409
|
catch (error) {
|
|
1370
1410
|
if (isAuthError(error)) {
|
|
1371
|
-
return { data: { user: null, session: null }, error };
|
|
1411
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
1372
1412
|
}
|
|
1373
1413
|
throw error;
|
|
1374
1414
|
}
|
|
@@ -1454,11 +1494,11 @@ class GoTrueClient {
|
|
|
1454
1494
|
// Remove tokens from URL
|
|
1455
1495
|
window.location.hash = '';
|
|
1456
1496
|
this._debug('#_getSessionFromURL()', 'clearing window.location.hash');
|
|
1457
|
-
return { data: { session, redirectType: params.type }, error: null };
|
|
1497
|
+
return this._returnResult({ data: { session, redirectType: params.type }, error: null });
|
|
1458
1498
|
}
|
|
1459
1499
|
catch (error) {
|
|
1460
1500
|
if (isAuthError(error)) {
|
|
1461
|
-
return { data: { session: null, redirectType: null }, error };
|
|
1501
|
+
return this._returnResult({ data: { session: null, redirectType: null }, error });
|
|
1462
1502
|
}
|
|
1463
1503
|
throw error;
|
|
1464
1504
|
}
|
|
@@ -1495,7 +1535,7 @@ class GoTrueClient {
|
|
|
1495
1535
|
var _a;
|
|
1496
1536
|
const { data, error: sessionError } = result;
|
|
1497
1537
|
if (sessionError) {
|
|
1498
|
-
return { error: sessionError };
|
|
1538
|
+
return this._returnResult({ error: sessionError });
|
|
1499
1539
|
}
|
|
1500
1540
|
const accessToken = (_a = data.session) === null || _a === void 0 ? void 0 : _a.access_token;
|
|
1501
1541
|
if (accessToken) {
|
|
@@ -1505,7 +1545,7 @@ class GoTrueClient {
|
|
|
1505
1545
|
// ignore 401s since an invalid or expired JWT should sign out the current session
|
|
1506
1546
|
if (!(isAuthApiError(error) &&
|
|
1507
1547
|
(error.status === 404 || error.status === 401 || error.status === 403))) {
|
|
1508
|
-
return { error };
|
|
1548
|
+
return this._returnResult({ error });
|
|
1509
1549
|
}
|
|
1510
1550
|
}
|
|
1511
1551
|
}
|
|
@@ -1513,13 +1553,9 @@ class GoTrueClient {
|
|
|
1513
1553
|
await this._removeSession();
|
|
1514
1554
|
await removeItemAsync(this.storage, `${this.storageKey}-code-verifier`);
|
|
1515
1555
|
}
|
|
1516
|
-
return { error: null };
|
|
1556
|
+
return this._returnResult({ error: null });
|
|
1517
1557
|
});
|
|
1518
1558
|
}
|
|
1519
|
-
/**
|
|
1520
|
-
* Receive a notification every time an auth event happens.
|
|
1521
|
-
* @param callback A callback function to be invoked when an auth event happens.
|
|
1522
|
-
*/
|
|
1523
1559
|
onAuthStateChange(callback) {
|
|
1524
1560
|
const id = uuid();
|
|
1525
1561
|
const subscription = {
|
|
@@ -1586,7 +1622,7 @@ class GoTrueClient {
|
|
|
1586
1622
|
}
|
|
1587
1623
|
catch (error) {
|
|
1588
1624
|
if (isAuthError(error)) {
|
|
1589
|
-
return { data: null, error };
|
|
1625
|
+
return this._returnResult({ data: null, error });
|
|
1590
1626
|
}
|
|
1591
1627
|
throw error;
|
|
1592
1628
|
}
|
|
@@ -1600,11 +1636,11 @@ class GoTrueClient {
|
|
|
1600
1636
|
const { data, error } = await this.getUser();
|
|
1601
1637
|
if (error)
|
|
1602
1638
|
throw error;
|
|
1603
|
-
return { data: { identities: (_a = data.user.identities) !== null && _a !== void 0 ? _a : [] }, error: null };
|
|
1639
|
+
return this._returnResult({ data: { identities: (_a = data.user.identities) !== null && _a !== void 0 ? _a : [] }, error: null });
|
|
1604
1640
|
}
|
|
1605
1641
|
catch (error) {
|
|
1606
1642
|
if (isAuthError(error)) {
|
|
1607
|
-
return { data: null, error };
|
|
1643
|
+
return this._returnResult({ data: null, error });
|
|
1608
1644
|
}
|
|
1609
1645
|
throw error;
|
|
1610
1646
|
}
|
|
@@ -1639,11 +1675,14 @@ class GoTrueClient {
|
|
|
1639
1675
|
if (isBrowser() && !((_a = credentials.options) === null || _a === void 0 ? void 0 : _a.skipBrowserRedirect)) {
|
|
1640
1676
|
window.location.assign(data === null || data === void 0 ? void 0 : data.url);
|
|
1641
1677
|
}
|
|
1642
|
-
return {
|
|
1678
|
+
return this._returnResult({
|
|
1679
|
+
data: { provider: credentials.provider, url: data === null || data === void 0 ? void 0 : data.url },
|
|
1680
|
+
error: null,
|
|
1681
|
+
});
|
|
1643
1682
|
}
|
|
1644
1683
|
catch (error) {
|
|
1645
1684
|
if (isAuthError(error)) {
|
|
1646
|
-
return { data: { provider: credentials.provider, url: null }, error };
|
|
1685
|
+
return this._returnResult({ data: { provider: credentials.provider, url: null }, error });
|
|
1647
1686
|
}
|
|
1648
1687
|
throw error;
|
|
1649
1688
|
}
|
|
@@ -1671,23 +1710,23 @@ class GoTrueClient {
|
|
|
1671
1710
|
});
|
|
1672
1711
|
const { data, error } = res;
|
|
1673
1712
|
if (error) {
|
|
1674
|
-
return { data: { user: null, session: null }, error };
|
|
1713
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
1675
1714
|
}
|
|
1676
1715
|
else if (!data || !data.session || !data.user) {
|
|
1677
|
-
return {
|
|
1716
|
+
return this._returnResult({
|
|
1678
1717
|
data: { user: null, session: null },
|
|
1679
1718
|
error: new AuthInvalidTokenResponseError(),
|
|
1680
|
-
};
|
|
1719
|
+
});
|
|
1681
1720
|
}
|
|
1682
1721
|
if (data.session) {
|
|
1683
1722
|
await this._saveSession(data.session);
|
|
1684
1723
|
await this._notifyAllSubscribers('USER_UPDATED', data.session);
|
|
1685
1724
|
}
|
|
1686
|
-
return { data, error };
|
|
1725
|
+
return this._returnResult({ data, error });
|
|
1687
1726
|
}
|
|
1688
1727
|
catch (error) {
|
|
1689
1728
|
if (isAuthError(error)) {
|
|
1690
|
-
return { data: { user: null, session: null }, error };
|
|
1729
|
+
return this._returnResult({ data: { user: null, session: null }, error });
|
|
1691
1730
|
}
|
|
1692
1731
|
throw error;
|
|
1693
1732
|
}
|
|
@@ -1712,7 +1751,7 @@ class GoTrueClient {
|
|
|
1712
1751
|
}
|
|
1713
1752
|
catch (error) {
|
|
1714
1753
|
if (isAuthError(error)) {
|
|
1715
|
-
return { data: null, error };
|
|
1754
|
+
return this._returnResult({ data: null, error });
|
|
1716
1755
|
}
|
|
1717
1756
|
throw error;
|
|
1718
1757
|
}
|
|
@@ -1748,7 +1787,7 @@ class GoTrueClient {
|
|
|
1748
1787
|
catch (error) {
|
|
1749
1788
|
this._debug(debugName, 'error', error);
|
|
1750
1789
|
if (isAuthError(error)) {
|
|
1751
|
-
return { data: { session: null, user: null }, error };
|
|
1790
|
+
return this._returnResult({ data: { session: null, user: null }, error });
|
|
1752
1791
|
}
|
|
1753
1792
|
throw error;
|
|
1754
1793
|
}
|
|
@@ -2233,7 +2272,7 @@ class GoTrueClient {
|
|
|
2233
2272
|
var _a;
|
|
2234
2273
|
const { data: sessionData, error: sessionError } = result;
|
|
2235
2274
|
if (sessionError) {
|
|
2236
|
-
return { data: null, error: sessionError };
|
|
2275
|
+
return this._returnResult({ data: null, error: sessionError });
|
|
2237
2276
|
}
|
|
2238
2277
|
return await _request(this.fetch, 'DELETE', `${this.url}/factors/${params.factorId}`, {
|
|
2239
2278
|
headers: this.headers,
|
|
@@ -2243,7 +2282,7 @@ class GoTrueClient {
|
|
|
2243
2282
|
}
|
|
2244
2283
|
catch (error) {
|
|
2245
2284
|
if (isAuthError(error)) {
|
|
2246
|
-
return { data: null, error };
|
|
2285
|
+
return this._returnResult({ data: null, error });
|
|
2247
2286
|
}
|
|
2248
2287
|
throw error;
|
|
2249
2288
|
}
|
|
@@ -2254,7 +2293,7 @@ class GoTrueClient {
|
|
|
2254
2293
|
var _a, _b;
|
|
2255
2294
|
const { data: sessionData, error: sessionError } = result;
|
|
2256
2295
|
if (sessionError) {
|
|
2257
|
-
return { data: null, error: sessionError };
|
|
2296
|
+
return this._returnResult({ data: null, error: sessionError });
|
|
2258
2297
|
}
|
|
2259
2298
|
const body = Object.assign({ friendly_name: params.friendlyName, factor_type: params.factorType }, (params.factorType === 'phone'
|
|
2260
2299
|
? { phone: params.phone }
|
|
@@ -2267,17 +2306,17 @@ class GoTrueClient {
|
|
|
2267
2306
|
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
2268
2307
|
}));
|
|
2269
2308
|
if (error) {
|
|
2270
|
-
return { data: null, error };
|
|
2309
|
+
return this._returnResult({ data: null, error });
|
|
2271
2310
|
}
|
|
2272
2311
|
if (params.factorType === 'totp' && data.type === 'totp' && ((_b = data === null || data === void 0 ? void 0 : data.totp) === null || _b === void 0 ? void 0 : _b.qr_code)) {
|
|
2273
2312
|
data.totp.qr_code = `data:image/svg+xml;utf-8,${data.totp.qr_code}`;
|
|
2274
2313
|
}
|
|
2275
|
-
return { data, error: null };
|
|
2314
|
+
return this._returnResult({ data, error: null });
|
|
2276
2315
|
});
|
|
2277
2316
|
}
|
|
2278
2317
|
catch (error) {
|
|
2279
2318
|
if (isAuthError(error)) {
|
|
2280
|
-
return { data: null, error };
|
|
2319
|
+
return this._returnResult({ data: null, error });
|
|
2281
2320
|
}
|
|
2282
2321
|
throw error;
|
|
2283
2322
|
}
|
|
@@ -2289,7 +2328,7 @@ class GoTrueClient {
|
|
|
2289
2328
|
var _a;
|
|
2290
2329
|
const { data: sessionData, error: sessionError } = result;
|
|
2291
2330
|
if (sessionError) {
|
|
2292
|
-
return { data: null, error: sessionError };
|
|
2331
|
+
return this._returnResult({ data: null, error: sessionError });
|
|
2293
2332
|
}
|
|
2294
2333
|
const body = Object.assign({ challenge_id: params.challengeId }, ('webauthn' in params
|
|
2295
2334
|
? {
|
|
@@ -2304,16 +2343,16 @@ class GoTrueClient {
|
|
|
2304
2343
|
jwt: (_a = sessionData === null || sessionData === void 0 ? void 0 : sessionData.session) === null || _a === void 0 ? void 0 : _a.access_token,
|
|
2305
2344
|
});
|
|
2306
2345
|
if (error) {
|
|
2307
|
-
return { data: null, error };
|
|
2346
|
+
return this._returnResult({ data: null, error });
|
|
2308
2347
|
}
|
|
2309
2348
|
await this._saveSession(Object.assign({ expires_at: Math.round(Date.now() / 1000) + data.expires_in }, data));
|
|
2310
2349
|
await this._notifyAllSubscribers('MFA_CHALLENGE_VERIFIED', data);
|
|
2311
|
-
return { data, error };
|
|
2350
|
+
return this._returnResult({ data, error });
|
|
2312
2351
|
});
|
|
2313
2352
|
}
|
|
2314
2353
|
catch (error) {
|
|
2315
2354
|
if (isAuthError(error)) {
|
|
2316
|
-
return { data: null, error };
|
|
2355
|
+
return this._returnResult({ data: null, error });
|
|
2317
2356
|
}
|
|
2318
2357
|
throw error;
|
|
2319
2358
|
}
|
|
@@ -2326,7 +2365,7 @@ class GoTrueClient {
|
|
|
2326
2365
|
var _a;
|
|
2327
2366
|
const { data: sessionData, error: sessionError } = result;
|
|
2328
2367
|
if (sessionError) {
|
|
2329
|
-
return { data: null, error: sessionError };
|
|
2368
|
+
return this._returnResult({ data: null, error: sessionError });
|
|
2330
2369
|
}
|
|
2331
2370
|
const response = (await _request(this.fetch, 'POST', `${this.url}/factors/${params.factorId}/challenge`, {
|
|
2332
2371
|
body: params,
|
|
@@ -2356,7 +2395,7 @@ class GoTrueClient {
|
|
|
2356
2395
|
}
|
|
2357
2396
|
catch (error) {
|
|
2358
2397
|
if (isAuthError(error)) {
|
|
2359
|
-
return { data: null, error };
|
|
2398
|
+
return this._returnResult({ data: null, error });
|
|
2360
2399
|
}
|
|
2361
2400
|
throw error;
|
|
2362
2401
|
}
|
|
@@ -2372,7 +2411,7 @@ class GoTrueClient {
|
|
|
2372
2411
|
factorId: params.factorId,
|
|
2373
2412
|
});
|
|
2374
2413
|
if (challengeError) {
|
|
2375
|
-
return { data: null, error: challengeError };
|
|
2414
|
+
return this._returnResult({ data: null, error: challengeError });
|
|
2376
2415
|
}
|
|
2377
2416
|
return await this._verify({
|
|
2378
2417
|
factorId: params.factorId,
|
|
@@ -2413,33 +2452,133 @@ class GoTrueClient {
|
|
|
2413
2452
|
* {@see GoTrueMFAApi#getAuthenticatorAssuranceLevel}
|
|
2414
2453
|
*/
|
|
2415
2454
|
async _getAuthenticatorAssuranceLevel() {
|
|
2416
|
-
|
|
2455
|
+
var _a, _b;
|
|
2456
|
+
const { data: { session }, error: sessionError, } = await this.getSession();
|
|
2457
|
+
if (sessionError) {
|
|
2458
|
+
return this._returnResult({ data: null, error: sessionError });
|
|
2459
|
+
}
|
|
2460
|
+
if (!session) {
|
|
2461
|
+
return {
|
|
2462
|
+
data: { currentLevel: null, nextLevel: null, currentAuthenticationMethods: [] },
|
|
2463
|
+
error: null,
|
|
2464
|
+
};
|
|
2465
|
+
}
|
|
2466
|
+
const { payload } = decodeJWT(session.access_token);
|
|
2467
|
+
let currentLevel = null;
|
|
2468
|
+
if (payload.aal) {
|
|
2469
|
+
currentLevel = payload.aal;
|
|
2470
|
+
}
|
|
2471
|
+
let nextLevel = currentLevel;
|
|
2472
|
+
const verifiedFactors = (_b = (_a = session.user.factors) === null || _a === void 0 ? void 0 : _a.filter((factor) => factor.status === 'verified')) !== null && _b !== void 0 ? _b : [];
|
|
2473
|
+
if (verifiedFactors.length > 0) {
|
|
2474
|
+
nextLevel = 'aal2';
|
|
2475
|
+
}
|
|
2476
|
+
const currentAuthenticationMethods = payload.amr || [];
|
|
2477
|
+
return { data: { currentLevel, nextLevel, currentAuthenticationMethods }, error: null };
|
|
2478
|
+
}
|
|
2479
|
+
/**
|
|
2480
|
+
* Retrieves details about an OAuth authorization request.
|
|
2481
|
+
* Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
|
|
2482
|
+
*
|
|
2483
|
+
* Returns authorization details including client info, scopes, and user information.
|
|
2484
|
+
* If the API returns a redirect_uri, it means consent was already given - the caller
|
|
2485
|
+
* should handle the redirect manually if needed.
|
|
2486
|
+
*/
|
|
2487
|
+
async _getAuthorizationDetails(authorizationId) {
|
|
2488
|
+
try {
|
|
2417
2489
|
return await this._useSession(async (result) => {
|
|
2418
|
-
var _a, _b;
|
|
2419
2490
|
const { data: { session }, error: sessionError, } = result;
|
|
2420
2491
|
if (sessionError) {
|
|
2421
|
-
return { data: null, error: sessionError };
|
|
2492
|
+
return this._returnResult({ data: null, error: sessionError });
|
|
2422
2493
|
}
|
|
2423
2494
|
if (!session) {
|
|
2424
|
-
return {
|
|
2425
|
-
|
|
2426
|
-
|
|
2427
|
-
|
|
2428
|
-
|
|
2429
|
-
|
|
2430
|
-
|
|
2431
|
-
if (payload.aal) {
|
|
2432
|
-
currentLevel = payload.aal;
|
|
2433
|
-
}
|
|
2434
|
-
let nextLevel = currentLevel;
|
|
2435
|
-
const verifiedFactors = (_b = (_a = session.user.factors) === null || _a === void 0 ? void 0 : _a.filter((factor) => factor.status === 'verified')) !== null && _b !== void 0 ? _b : [];
|
|
2436
|
-
if (verifiedFactors.length > 0) {
|
|
2437
|
-
nextLevel = 'aal2';
|
|
2438
|
-
}
|
|
2439
|
-
const currentAuthenticationMethods = payload.amr || [];
|
|
2440
|
-
return { data: { currentLevel, nextLevel, currentAuthenticationMethods }, error: null };
|
|
2495
|
+
return this._returnResult({ data: null, error: new AuthSessionMissingError() });
|
|
2496
|
+
}
|
|
2497
|
+
return await _request(this.fetch, 'GET', `${this.url}/oauth/authorizations/${authorizationId}`, {
|
|
2498
|
+
headers: this.headers,
|
|
2499
|
+
jwt: session.access_token,
|
|
2500
|
+
xform: (data) => ({ data, error: null }),
|
|
2501
|
+
});
|
|
2441
2502
|
});
|
|
2442
|
-
}
|
|
2503
|
+
}
|
|
2504
|
+
catch (error) {
|
|
2505
|
+
if (isAuthError(error)) {
|
|
2506
|
+
return this._returnResult({ data: null, error });
|
|
2507
|
+
}
|
|
2508
|
+
throw error;
|
|
2509
|
+
}
|
|
2510
|
+
}
|
|
2511
|
+
/**
|
|
2512
|
+
* Approves an OAuth authorization request.
|
|
2513
|
+
* Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
|
|
2514
|
+
*/
|
|
2515
|
+
async _approveAuthorization(authorizationId, options) {
|
|
2516
|
+
try {
|
|
2517
|
+
return await this._useSession(async (result) => {
|
|
2518
|
+
const { data: { session }, error: sessionError, } = result;
|
|
2519
|
+
if (sessionError) {
|
|
2520
|
+
return this._returnResult({ data: null, error: sessionError });
|
|
2521
|
+
}
|
|
2522
|
+
if (!session) {
|
|
2523
|
+
return this._returnResult({ data: null, error: new AuthSessionMissingError() });
|
|
2524
|
+
}
|
|
2525
|
+
const response = await _request(this.fetch, 'POST', `${this.url}/oauth/authorizations/${authorizationId}/consent`, {
|
|
2526
|
+
headers: this.headers,
|
|
2527
|
+
jwt: session.access_token,
|
|
2528
|
+
body: { action: 'approve' },
|
|
2529
|
+
xform: (data) => ({ data, error: null }),
|
|
2530
|
+
});
|
|
2531
|
+
if (response.data && response.data.redirect_url) {
|
|
2532
|
+
// Automatically redirect in browser unless skipBrowserRedirect is true
|
|
2533
|
+
if (isBrowser() && !(options === null || options === void 0 ? void 0 : options.skipBrowserRedirect)) {
|
|
2534
|
+
window.location.assign(response.data.redirect_url);
|
|
2535
|
+
}
|
|
2536
|
+
}
|
|
2537
|
+
return response;
|
|
2538
|
+
});
|
|
2539
|
+
}
|
|
2540
|
+
catch (error) {
|
|
2541
|
+
if (isAuthError(error)) {
|
|
2542
|
+
return this._returnResult({ data: null, error });
|
|
2543
|
+
}
|
|
2544
|
+
throw error;
|
|
2545
|
+
}
|
|
2546
|
+
}
|
|
2547
|
+
/**
|
|
2548
|
+
* Denies an OAuth authorization request.
|
|
2549
|
+
* Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
|
|
2550
|
+
*/
|
|
2551
|
+
async _denyAuthorization(authorizationId, options) {
|
|
2552
|
+
try {
|
|
2553
|
+
return await this._useSession(async (result) => {
|
|
2554
|
+
const { data: { session }, error: sessionError, } = result;
|
|
2555
|
+
if (sessionError) {
|
|
2556
|
+
return this._returnResult({ data: null, error: sessionError });
|
|
2557
|
+
}
|
|
2558
|
+
if (!session) {
|
|
2559
|
+
return this._returnResult({ data: null, error: new AuthSessionMissingError() });
|
|
2560
|
+
}
|
|
2561
|
+
const response = await _request(this.fetch, 'POST', `${this.url}/oauth/authorizations/${authorizationId}/consent`, {
|
|
2562
|
+
headers: this.headers,
|
|
2563
|
+
jwt: session.access_token,
|
|
2564
|
+
body: { action: 'deny' },
|
|
2565
|
+
xform: (data) => ({ data, error: null }),
|
|
2566
|
+
});
|
|
2567
|
+
if (response.data && response.data.redirect_url) {
|
|
2568
|
+
// Automatically redirect in browser unless skipBrowserRedirect is true
|
|
2569
|
+
if (isBrowser() && !(options === null || options === void 0 ? void 0 : options.skipBrowserRedirect)) {
|
|
2570
|
+
window.location.assign(response.data.redirect_url);
|
|
2571
|
+
}
|
|
2572
|
+
}
|
|
2573
|
+
return response;
|
|
2574
|
+
});
|
|
2575
|
+
}
|
|
2576
|
+
catch (error) {
|
|
2577
|
+
if (isAuthError(error)) {
|
|
2578
|
+
return this._returnResult({ data: null, error });
|
|
2579
|
+
}
|
|
2580
|
+
throw error;
|
|
2581
|
+
}
|
|
2443
2582
|
}
|
|
2444
2583
|
async fetchJwk(kid, jwks = { keys: [] }) {
|
|
2445
2584
|
// try fetching from the supplied jwks
|
|
@@ -2495,7 +2634,7 @@ class GoTrueClient {
|
|
|
2495
2634
|
if (!token) {
|
|
2496
2635
|
const { data, error } = await this.getSession();
|
|
2497
2636
|
if (error || !data.session) {
|
|
2498
|
-
return { data: null, error };
|
|
2637
|
+
return this._returnResult({ data: null, error });
|
|
2499
2638
|
}
|
|
2500
2639
|
token = data.session.access_token;
|
|
2501
2640
|
}
|
|
@@ -2548,12 +2687,12 @@ class GoTrueClient {
|
|
|
2548
2687
|
}
|
|
2549
2688
|
catch (error) {
|
|
2550
2689
|
if (isAuthError(error)) {
|
|
2551
|
-
return { data: null, error };
|
|
2690
|
+
return this._returnResult({ data: null, error });
|
|
2552
2691
|
}
|
|
2553
2692
|
throw error;
|
|
2554
2693
|
}
|
|
2555
2694
|
}
|
|
2556
2695
|
}
|
|
2557
|
-
GoTrueClient.nextInstanceID =
|
|
2696
|
+
GoTrueClient.nextInstanceID = {};
|
|
2558
2697
|
export default GoTrueClient;
|
|
2559
2698
|
//# sourceMappingURL=GoTrueClient.js.map
|