Clear auth params from URL parameters when redirectCallback fails

__tests__/auth-provider.test.tsx

@@ -225,7 +225,7 @@ describe('Auth0Provider', () => {
     });
   });
 
-  it('should handle redirect callback errors', async () => {
+  it('should handle redirect callback errors and clear the url', async () => {
     window.history.pushState(
       {},
       document.title,
@@ -244,6 +244,7 @@ describe('Auth0Provider', () => {
       expect(() => {
         throw result.current.error;
       }).toThrowError('__test_error__');
+      expect(window.location.href).toBe('https://www.example.com/');
     });
   });
 

src/auth0-provider.tsx

@@ -157,19 +157,21 @@ const Auth0Provider = (opts: Auth0ProviderOptions) => {
     }
     didInitialise.current = true;
     (async (): Promise<void> => {
+      let appState: AppState | undefined
+      let user: User | undefined;
       try {
-        let user: User | undefined;
         if (hasAuthParams() && !skipRedirectCallback) {
-          const { appState } = await client.handleRedirectCallback();
+          appState = (await client.handleRedirectCallback()).appState;
           user = await client.getUser();
-          onRedirectCallback(appState, user);
         } else {
           await client.checkSession();
           user = await client.getUser();
         }
         dispatch({ type: 'INITIALISED', user });
       } catch (error) {
         handleError(loginError(error));
+      } finally {
+        onRedirectCallback(appState, user);
       }
     })();
   }, [client, onRedirectCallback, skipRedirectCallback, handleError]);