parity(auth): correct OAuth 2.1 authorization consent response types [from supabase-js]

[grdsdev]

SDK Parity: C# implementation needed

A change was made in supabase-js that needs to be implemented in this repository for SDK parity.

Reference Implementation (supabase-js)

• Commit: 5d29d9b
• PR: #2088
• Module: auth
• Type: bug-fix

What Changed

The OAuth 2.1 authorization consent flow types were corrected. The response properly distinguishes between:

1. Consent-needed: includes client details, user info, scopes, redirect_uri
2. Already-consented: only includes redirect_url

Code Reference

type OAuthAuthorizationDetails = {
  client: OAuthAuthorizationClient
  scopes: OAuthScope[]
  user: User
  redirect_uri: string
}

type OAuthRedirect = {
  redirect_url: string
}

Implementation Guidance

Expected API Surface (C#)

public class OAuthAuthorizationDetails
{
    public OAuthAuthorizationClient Client { get; set; }
    public List<OAuthScope> Scopes { get; set; }
    public User User { get; set; }
    public string RedirectUri { get; set; }
}

public class OAuthRedirect
{
    public string RedirectUrl { get; set; }
}

Key Behaviors to Match

• Distinguish between consent-needed and already-consented responses
• PascalCase naming per C# conventions
• Proper JSON deserialization for both variants

Acceptance Criteria

• OAuth authorization response types correctly model both variants
• Proper deserialization of both response types
• Unit tests cover both flows
• Documentation updated

Context

• supabase-js version: v2.95.3
• Parity tracking: This issue was auto-generated by SDK parity analysis
• Related parity issues: SDK-695 (dart), SDK-696 (py), SDK-697 (swift)

---

Generated with Claude Code /sync-sdk-parity