supabase · grdsdev · Oct 29, 2025 · Oct 29, 2025
@@ -118,129 +118,6 @@ extension ErrorCode {
 }
 
 public enum AuthError: LocalizedError, Equatable {
-  @available(
-    *,
-    deprecated,
-    message:
-      "Error used to be thrown when no exp claim was found in JWT during setSession(accessToken:refreshToken:) method."
-  )
-  case missingExpClaim
-
-  @available(
-    *,
-    deprecated,
-    message:
-      "Error used to be thrown when provided JWT wasn't valid during setSession(accessToken:refreshToken:) method."
-  )
-  case malformedJWT
-
-  @available(*, deprecated, renamed: "sessionMissing")
-  public static var sessionNotFound: AuthError { .sessionMissing }
-
-  /// Error thrown during PKCE flow.
-  @available(
-    *,
-    deprecated,
-    renamed: "pkceGrantCodeExchange",
-    message: "Error was grouped in `pkceGrantCodeExchange`, please use it instead of `pkce`."
-  )
-  public static func pkce(_ reason: PKCEFailureReason) -> AuthError {
-    switch reason {
-    case .codeVerifierNotFound:
-      .pkceGrantCodeExchange(message: "A code verifier wasn't found in PKCE flow.")
-    case .invalidPKCEFlowURL:
-      .pkceGrantCodeExchange(message: "Not a valid PKCE flow url.")
-    }
-  }
-
-  @available(*, deprecated, message: "Use `pkceGrantCodeExchange` instead.")
-  public enum PKCEFailureReason: Sendable {
-    /// Code verifier not found in the URL.
-    case codeVerifierNotFound
-
-    /// Not a valid PKCE flow URL.
-    case invalidPKCEFlowURL
-  }
-
-  @available(*, deprecated, renamed: "implicitGrantRedirect")
-  public static var invalidImplicitGrantFlowURL: AuthError {
-    .implicitGrantRedirect(message: "Not a valid implicit grant flow url.")
-  }
-
-  @available(
-    *,
-    deprecated,
-    message:
-      "This error is never thrown, if you depend on it, you can remove the logic as it never happens."
-  )
-  case missingURL
-
-  @available(
-    *,
-    deprecated,
-    message:
-      "Error used to be thrown on methods which required a valid redirect scheme, such as signInWithOAuth. This is now considered a programming error an a assertion is triggered in case redirect scheme isn't provided."
-  )
-  case invalidRedirectScheme
-
-  @available(
-    *,
-    deprecated,
-    renamed: "api(message:errorCode:underlyingData:underlyingResponse:)"
-  )
-  public static func api(_ error: APIError) -> AuthError {
-    let message = error.msg ?? error.error ?? error.errorDescription ?? "Unexpected API error."
-    if let weakPassword = error.weakPassword {
-      return .weakPassword(message: message, reasons: weakPassword.reasons)
-    }
-
-    return .api(
-      message: message,
-      errorCode: .unknown,
-      underlyingData: (try? AuthClient.Configuration.jsonEncoder.encode(error)) ?? Data(),
-      underlyingResponse: HTTPURLResponse(
-        url: defaultAuthURL,
-        statusCode: error.code ?? 500,
-        httpVersion: nil,
-        headerFields: nil
-      )!
-    )
-  }
-
-  /// An error returned by the API.
-  @available(
-    *,
-    deprecated,
-    renamed: "api(message:errorCode:underlyingData:underlyingResponse:)"
-  )
-  public struct APIError: Error, Codable, Sendable, Equatable {
-    /// A basic message describing the problem with the request. Usually missing if
-    /// ``AuthError/APIError/error`` is present.
-    public var msg: String?
-
-    /// The HTTP status code. Usually missing if ``AuthError/APIError/error`` is present.
-    public var code: Int?
-
-    /// Certain responses will contain this property with the provided values.
-    ///
-    /// Usually one of these:
-    ///   - `invalid_request`
-    ///   - `unauthorized_client`
-    ///   - `access_denied`
-    ///   - `server_error`
-    ///   - `temporarily_unavailable`
-    ///   - `unsupported_otp_type`
-    public var error: String?
-
-    /// Certain responses that have an ``AuthError/APIError/error`` property may have this property
-    /// which describes the error.
-    public var errorDescription: String?
-
-    /// Only returned when signing up if the password used is too weak. Inspect the
-    /// ``WeakPassword/reasons`` and ``AuthError/APIError/msg`` property to identify the causes.
-    public var weakPassword: WeakPassword?
-  }
-
   /// Error thrown when a session is required to proceed, but none was found, either thrown by the client, or returned by the server.
   case sessionMissing
 
@@ -274,11 +151,6 @@ public enum AuthError: LocalizedError, Equatable {
       let .implicitGrantRedirect(message),
       let .jwtVerificationFailed(message):
       message
-    // Deprecated cases
-    case .missingExpClaim: "Missing expiration claim in the access token."
-    case .malformedJWT: "A malformed JWT received."
-    case .invalidRedirectScheme: "Invalid redirect scheme."
-    case .missingURL: "Missing URL."
     }
   }
 
@@ -289,8 +161,6 @@ public enum AuthError: LocalizedError, Equatable {
     case let .api(_, errorCode, _, _): errorCode
     case .pkceGrantCodeExchange, .implicitGrantRedirect: .unknown
     case .jwtVerificationFailed: .invalidJWT
-    // Deprecated cases
-    case .missingExpClaim, .malformedJWT, .invalidRedirectScheme, .missingURL: .unknown
     }
   }
 

@@ -11,31 +11,12 @@ public enum AuthChangeEvent: String, Sendable {
   case mfaChallengeVerified = "MFA_CHALLENGE_VERIFIED"
 }
 
-@available(
-  *,
-  deprecated,
-  message: "Access to UserCredentials will be removed on the next major release."
-)
-public struct UserCredentials: Codable, Hashable, Sendable {
-  public var email: String?
-  public var password: String?
-  public var phone: String?
-  public var refreshToken: String?
-  public var gotrueMetaSecurity: AuthMetaSecurity?
-
-  public init(
-    email: String? = nil,
-    password: String? = nil,
-    phone: String? = nil,
-    refreshToken: String? = nil,
-    gotrueMetaSecurity: AuthMetaSecurity? = nil
-  ) {
-    self.email = email
-    self.password = password
-    self.phone = phone
-    self.refreshToken = refreshToken
-    self.gotrueMetaSecurity = gotrueMetaSecurity
-  }
+struct UserCredentials: Codable, Hashable, Sendable {
+  var email: String?
+  var password: String?
+  var phone: String?
+  var refreshToken: String?
+  var gotrueMetaSecurity: AuthMetaSecurity?
 }
 
 struct SignUpRequest: Codable, Hashable, Sendable {
@@ -479,9 +460,6 @@ public struct UserAttributes: Codable, Hashable, Sendable {
   /// Note: Call ``AuthClient/reauthenticate()`` to obtain the nonce first.
   public var nonce: String?
 
-  /// An email change token.
-  @available(*, deprecated, message: "This is an old field, stop relying on it.")
-  public var emailChangeToken: String?
   /// A custom data object to store the user's metadata. This maps to the `auth.users.user_metadata`
   /// column. The `data` should be a JSON object that includes user-specific info, such as their
   /// first and last name.
@@ -495,14 +473,12 @@ public struct UserAttributes: Codable, Hashable, Sendable {
     phone: String? = nil,
     password: String? = nil,
     nonce: String? = nil,
-    emailChangeToken: String? = nil,
     data: [String: AnyJSON]? = nil
   ) {
     self.email = email
     self.phone = phone
     self.password = password
     self.nonce = nonce
-    self.emailChangeToken = emailChangeToken
     self.data = data
   }
 }