From a99887a1e2d9c96e3e016c58c1908115f2026f66 Mon Sep 17 00:00:00 2001
From: Steve Hobbs <steve.hobbs.mail@gmail.com>
Date: Thu, 17 Dec 2020 13:36:01 +0000
Subject: [PATCH] Remove the nonce check in handleRedirectCallback

---
 src/Auth0Client.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Auth0Client.ts b/src/Auth0Client.ts
index 66d76e501..a79945486 100644
--- a/src/Auth0Client.ts
+++ b/src/Auth0Client.ts
@@ -497,8 +497,8 @@ export default class Auth0Client {
 
     const transaction = this.transactionManager.get();
 
-    // Transaction should have a `code_verifier` to do PKCE and a `nonce` for CSRF protection
-    if (!transaction || !transaction.code_verifier || !transaction.nonce) {
+    // Transaction should have a `code_verifier` to do PKCE for CSRF protection
+    if (!transaction || !transaction.code_verifier) {
       throw new Error('Invalid state');
     }