diff --git a/src/GoTrueClient.ts b/src/GoTrueClient.ts index b01b16e0..2faf0f12 100644 --- a/src/GoTrueClient.ts +++ b/src/GoTrueClient.ts @@ -1423,14 +1423,29 @@ export default class GoTrueClient { > { try { if (!isBrowser()) throw new AuthImplicitGrantRedirectError('No browser detected.') + + const params = parseParametersFromURL(window.location.href) + + // If there's an error in the URL, it doesn't matter what flow it is, we just return the error. + if (params.error || params.error_description || params.error_code) { + // The error class returned implies that the redirect is from an implicit grant flow + // but it could also be from a redirect error from a PKCE flow. + throw new AuthImplicitGrantRedirectError( + params.error_description || 'Error in URL with unspecified error_description', + { + error: params.error || 'unspecified_error', + code: params.error_code || 'unspecified_code', + } + ) + } + + // Checks for mismatches between the flowType initialised in the client and the URL parameters if (this.flowType === 'implicit' && !this._isImplicitGrantFlow()) { throw new AuthImplicitGrantRedirectError('Not a valid implicit grant flow url.') } else if (this.flowType == 'pkce' && !isPKCEFlow) { throw new AuthPKCEGrantCodeExchangeError('Not a valid PKCE flow url.') } - const params = parseParametersFromURL(window.location.href) - if (isPKCEFlow) { if (!params.code) throw new AuthPKCEGrantCodeExchangeError('No code detected.') const { data, error } = await this._exchangeCodeForSession(params.code) @@ -1444,16 +1459,6 @@ export default class GoTrueClient { return { data: { session: data.session, redirectType: null }, error: null } } - if (params.error || params.error_description || params.error_code) { - throw new AuthImplicitGrantRedirectError( - params.error_description || 'Error in URL with unspecified error_description', - { - error: params.error || 'unspecified_error', - code: params.error_code || 'unspecified_code', - } - ) - } - const { provider_token, provider_refresh_token,