|
1 | 1 | import type { AuthObject, ClerkClient } from '@clerk/backend'; |
2 | 2 | import type { |
| 3 | + AuthenticatedState, |
3 | 4 | AuthenticateRequestOptions, |
4 | 5 | ClerkRequest, |
5 | 6 | RedirectFun, |
6 | 7 | RequestState, |
7 | 8 | SignedInAuthObject, |
8 | 9 | SignedOutAuthObject, |
| 10 | + UnauthenticatedState, |
9 | 11 | } from '@clerk/backend/internal'; |
10 | 12 | import { |
11 | 13 | AuthStatus, |
@@ -214,7 +216,7 @@ export const clerkMiddleware = ((...args: unknown[]): NextMiddleware | NextMiddl |
214 | 216 | const redirectToSignUp = createMiddlewareRedirectToSignUp(clerkRequest); |
215 | 217 | const protect = await createMiddlewareProtect(clerkRequest, authObject, redirectToSignIn); |
216 | 218 |
|
217 | | - const authHandler = createMiddlewareAuthHandler(authObject, redirectToSignIn, redirectToSignUp); |
| 219 | + const authHandler = createMiddlewareAuthHandler(requestState, redirectToSignIn, redirectToSignUp); |
218 | 220 | authHandler.protect = protect; |
219 | 221 |
|
220 | 222 | let handlerResult: Response = NextResponse.next(); |
@@ -427,14 +429,18 @@ const createMiddlewareProtect = ( |
427 | 429 | * - For machine tokens: validates token type and returns appropriate auth object |
428 | 430 | */ |
429 | 431 | const createMiddlewareAuthHandler = ( |
430 | | - rawAuthObject: AuthObject, |
| 432 | + requestState: AuthenticatedState<'session_token'> | UnauthenticatedState<'session_token'>, |
431 | 433 | redirectToSignIn: RedirectFun<Response>, |
432 | 434 | redirectToSignUp: RedirectFun<Response>, |
433 | 435 | ): ClerkMiddlewareAuth => { |
434 | 436 | const authHandler = async (options?: GetAuthOptions) => { |
| 437 | + const rawAuthObject = requestState.toAuth({ treatPendingAsSignedOut: options?.treatPendingAsSignedOut }); |
435 | 438 | const acceptsToken = options?.acceptsToken ?? TokenType.SessionToken; |
436 | 439 |
|
437 | | - const authObject = getAuthObjectForAcceptedToken({ authObject: rawAuthObject, acceptsToken }); |
| 440 | + const authObject = getAuthObjectForAcceptedToken({ |
| 441 | + authObject: rawAuthObject, |
| 442 | + acceptsToken, |
| 443 | + }); |
438 | 444 |
|
439 | 445 | if (authObject.tokenType === TokenType.SessionToken && isTokenTypeAccepted(TokenType.SessionToken, acceptsToken)) { |
440 | 446 | return Object.assign(authObject, { |
|
0 commit comments