From 9383f929652381b3dd9fa39ba78a81b2bf52bd4f Mon Sep 17 00:00:00 2001
From: SpencerJung <jjy1123jsy6618@gmail.com>
Date: Wed, 27 May 2026 17:06:42 +0900
Subject: [PATCH] fix(examples): handle OAuth access_denied in auth-headless
 example

When a user cancels GitHub OAuth login, the callback URL contains
	error=access_denied. The authProvider's check method now detects
this and returns a user-friendly error message instead of a generic
401 Unauthorized response.

Closes #7407
---
 examples/auth-headless/src/App.tsx | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/examples/auth-headless/src/App.tsx b/examples/auth-headless/src/App.tsx
index 96c0c686dc7a8..b3cc0c152ae97 100644
--- a/examples/auth-headless/src/App.tsx
+++ b/examples/auth-headless/src/App.tsx
@@ -119,6 +119,20 @@ const App: React.FC = () => {
       return { error };
     },
     check: async () => {
+      const urlParams = new URLSearchParams(window.location.search);
+      const error = urlParams.get("error");
+
+      if (error === "access_denied") {
+        return {
+          authenticated: false,
+          redirectTo: "/login",
+          error: {
+            message: "Login cancelled by user",
+            name: "Authorization denied",
+          },
+        };
+      }
+
       return localStorage.getItem("email")
         ? { authenticated: true }
         : {