Merge branch 'main' into feat/custom-profile-and-access-token-routes

Author: eliw00d

pnpm-lock.yaml

@@ -713,6 +713,26 @@ ykwV8CV22wKDubrDje1vchfTL/ygX6p27RKpJm8eAH7k3EwVeg3NDfNVzQ==
       expect(client["sessionStore"].set).toHaveBeenCalledTimes(1);
     });
 
+    it("should save session with plain Request and NextResponse", async () => {
+      vi.spyOn(client["sessionStore"], "set").mockImplementation(
+        async (_reqCookies, resCookies) => {
+          resCookies.set("appSession", "updated_session_value");
+        }
+      );
+
+      const req = new Request("https://myapp.test/api/update", {
+        method: "POST",
+        headers: { cookie: "appSession=mock_session_cookie" }
+      });
+      const res = NextResponse.next();
+
+      await (client as any).saveToSession(mockSession, req as any, res as any);
+
+      expect(res.cookies.get("appSession")?.value).toBe(
+        "updated_session_value"
+      );
+    });
+
     it("should create fetcher successfully with plain Request", async () => {
       vi.spyOn(client, "getSession").mockResolvedValue(mockSession);
 

src/server/client.test.ts

@@ -1139,9 +1139,10 @@ export class Auth0Client {
     res?: PagesRouterResponse | NextResponse
   ) {
     if (req && res) {
-      if (req instanceof NextRequest && res instanceof NextResponse) {
+      if (isRequest(req) && res instanceof NextResponse) {
         // middleware usage
-        await this.sessionStore.set(req.cookies, res.cookies, data);
+        const nextReq = toNextRequest(req);
+        await this.sessionStore.set(nextReq.cookies, res.cookies, data);
       } else {
         // pages router usage
         const resHeaders = new Headers();

src/server/client.ts

@@ -31,9 +31,8 @@ describe("encrypt/decrypt", async () => {
     const maxAge = 60 * 60; // 1 hour in seconds
     const expiration = Math.floor(Date.now() / 1000 + maxAge);
     const encrypted = await encrypt(payload, secret, expiration);
-    await expect(() =>
-      decrypt(encrypted, incorrectSecret)
-    ).rejects.toThrowError();
+    const decrypted = await decrypt(encrypted, incorrectSecret);
+    expect(decrypted).toBeNull();
   });
 
   it("should fail to decrypt when expired", async () => {