diff --git a/packages/auth-express/src/index.ts b/packages/auth-express/src/index.ts index e30b699c9..d6e652ebe 100644 --- a/packages/auth-express/src/index.ts +++ b/packages/auth-express/src/index.ts @@ -413,7 +413,11 @@ export class ExpressAuth { } const verifier = req.cookies[this.options.pkceVerifierCookieName]; if (!verifier) { - throw new PKCEError("no pkce verifier cookie found"); + // End user verified email from a different user agent than sign-up. + // This is fine, but the application will need to detect this and + // inform the end user that they will need to initiate a new sign up + // attempt to complete the flow. + return next(); } const isSignUp = searchParams.get("isSignUp") === "true"; const tokenData = await (await this.core).getToken(code, verifier); @@ -498,8 +502,13 @@ export class ExpressAuth { throw new PKCEError("no verification_token in response"); } if (!verifier) { - throw new PKCEError("no pkce verifier cookie found"); + // End user verified email from a different user agent than sign-up. + // This is fine, but the application will need to detect this and + // inform the end user that they will need to initiate a new sign up + // attempt to complete the flow. + return next(); } + const tokenData = await ( await this.core ).verifyEmailPasswordSignup(verificationToken, verifier); diff --git a/packages/auth-nextjs/src/shared.ts b/packages/auth-nextjs/src/shared.ts index e085bcf07..01283dc45 100644 --- a/packages/auth-nextjs/src/shared.ts +++ b/packages/auth-nextjs/src/shared.ts @@ -53,7 +53,7 @@ export interface CreateAuthRouteHandlers { ): Promise; onEmailVerify( params: ParamsOrError< - { tokenData: TokenData }, + { tokenData: TokenData | null }, { verificationToken?: string } >, req: NextRequest, @@ -357,10 +357,14 @@ export abstract class NextAuth extends NextAuthHelpers { ); } if (!verifier) { + // End user verified email from a different user agent than + // sign-up. This is fine, but the application will need to detect + // this and inform the end user that they will need to initiate a + // new sign up attempt to complete the flow. return onEmailVerify( { - error: new PKCEError("no pkce verifier cookie found"), - verificationToken, + error: null, + tokenData: null, }, req, ); @@ -560,9 +564,16 @@ export abstract class NextAuth extends NextAuthHelpers { this.options.pkceVerifierCookieName, )?.value; if (!verifier) { + // End user verified email from a different user agent than + // sign-up. This is fine, but the application will need to detect + // this and inform the end user that they will need to initiate a + // new sign up attempt to complete the flow. return onBuiltinUICallback( { - error: new PKCEError("no pkce verifier cookie found"), + error: null, + tokenData: null, + provider: null, + isSignUp: false, }, req, ); diff --git a/packages/auth-remix/src/server.ts b/packages/auth-remix/src/server.ts index d55941ccb..32e48686e 100644 --- a/packages/auth-remix/src/server.ts +++ b/packages/auth-remix/src/server.ts @@ -86,7 +86,7 @@ export interface CreateAuthRouteHandlers { ): Promise; onEmailVerify( params: ParamsOrError< - { tokenData: TokenData }, + { tokenData: TokenData | null }, { verificationToken?: string } >, ): Promise; @@ -358,8 +358,15 @@ export class RemixServerAuth extends RemixClientAuth { parseCookies(req)[this.options.pkceVerifierCookieName]; if (!verifier) { + // End user verified email from a different user agent than + // sign-up. This is fine, but the application will need to detect + // this and inform the end user that they will need to initiate a + // new sign up attempt to complete the flow. return cbCall(onBuiltinUICallback, { - error: new PKCEError("no pkce verifier cookie found"), + error: null, + tokenData: null, + provider: null, + isSignUp: false, }); } const isSignUp = searchParams.get("isSignUp") === "true"; @@ -422,9 +429,13 @@ export class RemixServerAuth extends RemixClientAuth { }); } if (!verifier) { + // End user verified email from a different user agent than + // sign-up. This is fine, but the application will need to detect + // this and inform the end user that they will need to initiate a + // new sign up attempt to complete the flow. return cbCall(onEmailVerify, { - error: new PKCEError("no pkce verifier cookie found"), - verificationToken, + error: null, + tokenData: null, }); } let tokenData: TokenData; diff --git a/packages/auth-sveltekit/src/server.ts b/packages/auth-sveltekit/src/server.ts index 253e98c1d..b35ed0517 100644 --- a/packages/auth-sveltekit/src/server.ts +++ b/packages/auth-sveltekit/src/server.ts @@ -63,7 +63,7 @@ export interface AuthRouteHandlers { ) => Promise; onEmailVerify?: ( params: ParamsOrError< - { tokenData: TokenData }, + { tokenData: TokenData | null }, { verificationToken?: string } >, ) => Promise; @@ -597,8 +597,15 @@ async function handleAuthRoutes( const verifier = cookies.get(config.pkceVerifierCookieName); if (!verifier) { + // End user verified email from a different user agent than sign-up. + // This is fine, but the application will need to detect this and inform + // the end user that they will need to initiate a new sign up attempt to + // complete the flow. return onBuiltinUICallback({ - error: new PKCEError("no pkce verifier cookie found"), + error: null, + tokenData: null, + provider: null, + isSignUp: false, }); } const isSignUp = searchParams.get("isSignUp") === "true"; @@ -653,9 +660,13 @@ async function handleAuthRoutes( }); } if (!verifier) { + // End user verified email from a different user agent than sign-up. + // This is fine, but the application will need to detect this and inform + // the end user that they will need to initiate a new sign up attempt to + // complete the flow. return onEmailVerify({ - error: new PKCEError("no pkce verifier cookie found"), - verificationToken, + error: null, + tokenData: null, }); } let tokenData: TokenData;