chore(release): bump package version(s) [skip ci]

Fixes #6226

.github/ISSUE_TEMPLATE/1_bug_framework.yml

@@ -1,6 +1,6 @@
 name: Bug report
 description: Report an issue so we can improve
-labels: [triage]
+labels: [triage, bug]
 body:
   - type: markdown
     attributes:

.github/ISSUE_TEMPLATE/2_bug_provider.yml

@@ -1,6 +1,6 @@
 name: Bug report (Provider)
 description: Create a provider-specific report
-labels: [triage, providers]
+labels: [triage, bug, providers]
 body:
   - type: markdown
     attributes:

.github/ISSUE_TEMPLATE/3_bug_adapter.yml

@@ -1,6 +1,6 @@
 name: Bug report (Adapter)
 description: Create an adapter-specific report
-labels: [triage, adapters]
+labels: [triage, bug, adapters]
 body:
   - type: markdown
     attributes:

.github/version-pr/action.yml

@@ -4,5 +4,5 @@ outputs:
   version:
     description: "npm package version"
 runs:
-  using: "node16"
+  using: "node20"
   main: "index.js"

.github/workflows/release.yml

@@ -119,22 +119,21 @@ jobs:
         uses: actions/checkout@v3
         with:
           fetch-depth: 0
-          token: ${{ secrets.GH_PAT_CLASSIC }}
+          # Please upvote https://github.com/orgs/community/discussions/13836
+          token: ${{ secrets.GH_PAT }}
       - name: Install pnpm
         uses: pnpm/action-setup@v2.2.4
       - name: Setup Node
         uses: actions/setup-node@v3
         with:
-          node-version: 18
           cache: "pnpm"
       - name: Install dependencies
         run: pnpm install
       - name: Publish to npm and GitHub
         run: pnpm release
         env:
-          # Use GH_PAT when this is fixed:
-          # https://github.com/github/roadmap/issues/622
-          GITHUB_TOKEN: ${{ secrets.GH_PAT_CLASSIC }}
+          # Please upvote https://github.com/orgs/community/discussions/13836
+          GITHUB_TOKEN: ${{ secrets.GH_PAT }}
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
   release-pr:
     name: Publish PR

.github/workflows/triage.yml

@@ -14,10 +14,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Nissuer
-        uses: balazsorban44/nissuer@1.3.5
+        uses: balazsorban44/nissuer@1.5.0
         with:
           label-area-prefix: ""
           label-area-section: "[Provider|Adapter] type(.*)### Environment"
           label-comments: '{ "incomplete": ".github/invalid-reproduction.md" }'
           reproduction-link-section: "### Reproduction URL(.*)### Describe the issue"
           reproduction-invalid-label: "invalid reproduction"
+          reproduction-issue-labels: "bug"

apps/dev/nextjs-v4/.env.local.example

@@ -1,61 +0,0 @@
-# Rename file to .env.local (or .env) and populate values
-# to be able to run the dev app
-
-NEXTAUTH_URL=http://localhost:3000
-
-# You can use `openssl rand -hex 32` or 
-# https://generate-secret.vercel.app/32 to generate a secret.
-# Note: Changing a secret may invalidate existing sessions
-# and/or verification tokens.
-NEXTAUTH_SECRET=secret
-
-AUTH0_ID=
-AUTH0_SECRET=
-AUTH0_ISSUER=
-
-DESCOPE_ID=
-DESCOPE_SECRET=
-
-KEYCLOAK_ID=
-KEYCLOAK_SECRET=
-KEYCLOAK_ISSUER=
-
-IDS4_ID=
-IDS4_SECRET=
-IDS4_ISSUER=
-
-GITHUB_ID=
-GITHUB_SECRET=
-
-TWITCH_ID=
-TWITCH_SECRET=
-
-TWITTER_ID=
-TWITTER_SECRET=
-
-LINE_ID=
-LINE_SECRET=
-
-TRAKT_ID=
-TRAKT_SECRET=
-
-# Example configuration for a Gmail account (will need SMTP enabled)
-EMAIL_SERVER=smtps://user@gmail.com:password@smtp.gmail.com:465
-EMAIL_FROM=user@gmail.com
-
-# Note: If using with Prisma adapter, you need to use a `.env`
-# file rather than a `.env.local` file to configure env vars.
-# Postgres: DATABASE_URL=postgres://nextauth:password@127.0.0.1:5432/nextauth?synchronize=true
-# MySQL:    DATABASE_URL=mysql://nextauth:password@127.0.0.1:3306/nextauth?synchronize=true
-# MongoDB:  DATABASE_URL=mongodb://nextauth:password@127.0.0.1:27017/nextauth?synchronize=true
-DATABASE_URL=
-
-WIKIMEDIA_ID=
-WIKIMEDIA_SECRET=
-
-# Supabase Example Configuration
-# Supabase Example Configuration
-# NEXT_PUBLIC_SUPABASE_URL=http://localhost:54321
-# SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6InNlcnZpY2Vfcm9sZSJ9.vI9obAHOGyVVKa3pD--kJlyxp-Z2zV9UUMAhKpNLAcU
-# SUPABASE_JWT_SECRET=super-secret-jwt-token-with-at-least-32-characters-long
-# NEXT_PUBLIC_SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24ifQ.625_WdcF3KHqz5amU0x2X5WWHP-OEs_4qj0ssLNHzTs

apps/dev/nextjs-v4/.vscode/settings.json

@@ -1,4 +0,0 @@
-{
-  "typescript.tsdk": "../../node_modules/.pnpm/typescript@4.8.4/node_modules/typescript/lib",
-  "typescript.enablePromptUseWorkspaceTsdk": true
-}

apps/dev/nextjs-v4/README.md

@@ -1,6 +0,0 @@
-# NextAuth.js Development App
-
-This folder contains a Next.js app using NextAuth.js for local development. See the following section on how to start:
-
-[Setting up local environment
-](https://github.com/nextauthjs/.github/blob/main/CONTRIBUTING.md#setting-up-local-environment)

apps/dev/nextjs-v4/app/api/auth/[...nextauth]/route.ts

@@ -1,14 +0,0 @@
-import NextAuth, { type NextAuthOptions } from "next-auth"
-import GitHub from "next-auth/providers/github"
-
-export const authOptions: NextAuthOptions = {
-  providers: [
-    GitHub({
-      clientId: process.env.GITHUB_ID,
-      clientSecret: process.env.GITHUB_SECRET,
-    }),
-  ],
-}
-
-const handler = NextAuth(authOptions)
-export { handler as GET, handler as POST }

apps/dev/nextjs-v4/app/layout.tsx

@@ -1,12 +0,0 @@
-export default function RootLayout({
-  children,
-}: {
-  children: React.ReactNode
-}) {
-  return (
-    <html>
-      <head></head>
-      <body>{children}</body>
-    </html>
-  )
-}

apps/dev/nextjs-v4/app/server-component/page.tsx

@@ -1,6 +0,0 @@
-import { getServerSession } from "next-auth/next"
-
-export default async function Page() {
-  const session = await getServerSession()
-  return <pre>{JSON.stringify(session, null, 2)}</pre>
-}

apps/dev/nextjs-v4/components/access-denied.js

@@ -1,20 +0,0 @@
-import { signIn } from "next-auth/react"
-
-export default function AccessDenied() {
-  return (
-    <>
-      <h1>Access Denied</h1>
-      <p>
-        <a
-          href="/api/auth/signin"
-          onClick={(e) => {
-            e.preventDefault()
-            signIn()
-          }}
-        >
-          You must be signed in to view this page
-        </a>
-      </p>
-    </>
-  )
-}

apps/dev/nextjs-v4/components/footer.js

@@ -1,28 +0,0 @@
-import Link from "next/link"
-import styles from "./footer.module.css"
-import packageJSON from "package.json"
-
-export default function Footer() {
-  return (
-    <footer className={styles.footer}>
-      <hr />
-      <ul className={styles.navItems}>
-        <li className={styles.navItem}>
-          <a href="https://next-auth.js.org">Documentation</a>
-        </li>
-        <li className={styles.navItem}>
-          <a href="https://www.npmjs.com/package/next-auth">NPM</a>
-        </li>
-        <li className={styles.navItem}>
-          <a href="https://github.com/nextauthjs/next-auth-example">GitHub</a>
-        </li>
-        <li className={styles.navItem}>
-          <Link href="/policy">Policy</Link>
-        </li>
-        <li className={styles.navItem}>
-          <em>{packageJSON.version}</em>
-        </li>
-      </ul>
-    </footer>
-  )
-}

apps/dev/nextjs-v4/components/footer.module.css

@@ -1,14 +0,0 @@
-.footer {
-  margin-top: 2rem;
-}
-
-.navItems {
-  margin-bottom: 1rem;
-  padding: 0;
-  list-style: none;
-}
-
-.navItem {
-  display: inline-block;
-  margin-right: 1rem;
-}

apps/dev/nextjs-v4/components/header.js

@@ -1,103 +0,0 @@
-import Link from "next/link"
-import { signIn, signOut, useSession } from "next-auth/react"
-import styles from "./header.module.css"
-
-// The approach used in this component shows how to built a sign in and sign out
-// component that works on pages which support both client and server side
-// rendering, and avoids any flash incorrect content on initial page load.
-export default function Header() {
-  const { data: session, status } = useSession()
-
-  return (
-    <header>
-      <noscript>
-        <style>{".nojs-show { opacity: 1; top: 0; }"}</style>
-      </noscript>
-      <div className={styles.signedInStatus}>
-        <p
-          className={`nojs-show ${
-            !session && status === "loading" ? styles.loading : styles.loaded
-          }`}
-        >
-          {!session && (
-            <>
-              <span className={styles.notSignedInText}>
-                You are not signed in
-              </span>
-              <a
-                href="/api/auth/signin"
-                className={styles.buttonPrimary}
-                onClick={(e) => {
-                  e.preventDefault()
-                  signIn()
-                }}
-              >
-                Sign in
-              </a>
-            </>
-          )}
-          {session && (
-            <>
-              {session.user.image && (
-                <img src={session.user.image} className={styles.avatar} />
-              )}
-              <span className={styles.signedInText}>
-                <small>Signed in as</small>
-                <br />
-                <strong>{session.user.email} </strong>
-                {session.user.name ? `(${session.user.name})` : null}
-              </span>
-              <a
-                href="/api/auth/signout"
-                className={styles.button}
-                onClick={(e) => {
-                  e.preventDefault()
-                  signOut()
-                }}
-              >
-                Sign out
-              </a>
-            </>
-          )}
-        </p>
-      </div>
-      <nav>
-        <ul className={styles.navItems}>
-          <li className={styles.navItem}>
-            <Link href="/">Home</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/client">Client</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/server">Server</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/protected">Protected</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/protected-ssr">Protected(SSR)</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/api-example">API</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/credentials">Credentials</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/email">Email</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/middleware-protected">Middleware protected</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/supabase-client-rls">Supabase RLS</Link>
-          </li>
-          <li className={styles.navItem}>
-            <Link href="/supabase-ssr">Supabase RLS(SSR)</Link>
-          </li>
-        </ul>
-      </nav>
-    </header>
-  )
-}

apps/dev/nextjs-v4/components/header.module.css

@@ -1,92 +0,0 @@
-/* Set min-height to avoid page reflow while session loading */
-.signedInStatus {
-  display: block;
-  min-height: 4rem;
-  width: 100%;
-}
-
-.loading,
-.loaded {
-  position: relative;
-  top: 0;
-  opacity: 1;
-  overflow: hidden;
-  border-radius: 0 0 .6rem .6rem;
-  padding: .6rem 1rem;
-  margin: 0;
-  background-color: rgba(0,0,0,.05);
-  transition: all 0.2s ease-in;
-}
-
-.loading {
-  top: -2rem;
-  opacity: 0;
-}
-
-.signedInText,
-.notSignedInText {
-  position: absolute;
-  padding-top: .8rem;
-  left: 1rem;
-  right: 6.5rem;
-  white-space: nowrap;
-  text-overflow: ellipsis;
-  overflow: hidden;
-  display: inherit;  
-  z-index: 1;
-  line-height: 1.3rem;
-}
-
-.signedInText {
-  padding-top: 0rem;
-  left: 4.6rem;
-}
-
-.avatar {
-  border-radius: 2rem;
-  float: left;
-  height: 2.8rem;
-  width: 2.8rem;
-  background-color: white;
-  background-size: cover;
-  background-repeat: no-repeat;
-}
-
-.button,
-.buttonPrimary {
-  float: right;
-  margin-right: -.4rem;
-  font-weight: 500;
-  border-radius: .3rem;
-  cursor: pointer;
-  font-size: 1rem;
-  line-height: 1.4rem;
-  padding: .7rem .8rem;
-  position: relative;
-  z-index: 10;
-  background-color: transparent;
-  color: #555;
-}
-
-.buttonPrimary {
-  background-color: #346df1;
-  border-color: #346df1;
-  color: #fff;
-  text-decoration: none;
-  padding: .7rem 1.4rem;
-}
-
-.buttonPrimary:hover {
-  box-shadow: inset 0 0 5rem rgba(0,0,0,0.2)
-}
-
-.navItems {
-  margin-bottom: 2rem;
-  padding: 0;
-  list-style: none;
-}
-
-.navItem {
-  display: inline-block;
-  margin-right: 1rem;
-}

apps/dev/nextjs-v4/components/layout.js

@@ -1,14 +0,0 @@
-import Header from 'components/header'
-import Footer from 'components/footer'
-
-export default function Layout ({ children }) {
-  return (
-    <>
-      <Header />
-      <main>
-        {children}
-      </main>
-      <Footer />
-    </>
-  )
-}

apps/dev/nextjs-v4/middleware.ts

@@ -1,45 +0,0 @@
-export { default } from "next-auth/middleware"
-
-export const config = { matcher: ["/middleware-protected"] }
-
-// Other ways to use this middleware
-
-// import withAuth from "next-auth/middleware"
-// import { withAuth } from "next-auth/middleware"
-
-// export function middleware(req, ev) {
-//   return withAuth(req)
-// }
-
-// export function middleware(req, ev) {
-//   return withAuth(req, ev)
-// }
-
-// export function middleware(req, ev) {
-//   return withAuth(req, {
-//     callbacks: {
-//       authorized: ({ token }) => !!token,
-//     },
-//   })
-// }
-
-// export default withAuth(function middleware(req, ev) {
-//   console.log(req.nextauth.token)
-// })
-
-// export default withAuth(
-//   function middleware(req, ev) {
-//     console.log(req, ev)
-//   },
-//   {
-//     callbacks: {
-//       authorized: ({ token }) => token.name === "Balázs Orbán",
-//     },
-//   }
-// )
-
-// export default withAuth({
-//   callbacks: {
-//     authorized: ({ token }) => !!token,
-//   },
-// })

apps/dev/nextjs-v4/next-env.d.ts

@@ -1,6 +0,0 @@
-/// <reference types="next" />
-/// <reference types="next/image-types/global" />
-/// <reference types="next/navigation-types/compat/navigation" />
-
-// NOTE: This file should not be edited
-// see https://nextjs.org/docs/basic-features/typescript for more information.

apps/dev/nextjs-v4/next.config.js

@@ -1,9 +0,0 @@
-/** @type {import("next").NextConfig} */
-module.exports = {
-  webpack(config) {
-    config.experiments = { ...config.experiments, topLevelAwait: true }
-    return config
-  },
-  experimental: { appDir: true },
-  typescript: { ignoreBuildErrors: true },
-}

apps/dev/nextjs-v4/package.json

@@ -1,40 +0,0 @@
-{
-  "name": "next-auth-app-v4",
-  "version": "1.0.0",
-  "description": "NextAuth.js Developer app",
-  "private": true,
-  "scripts": {
-    "clean": "rm -rf .next",
-    "dev": "next dev",
-    "lint": "next lint",
-    "build": "next build",
-    "start": "next start",
-    "email": "fake-smtp-server",
-    "start:email": "pnpm email"
-  },
-  "license": "ISC",
-  "dependencies": {
-    "@auth/fauna-adapter": "workspace:*",
-    "@auth/prisma-adapter": "workspace:*",
-    "@auth/supabase-adapter": "workspace:*",
-    "@auth/typeorm-adapter": "workspace:*",
-    "@prisma/client": "^3",
-    "@supabase/supabase-js": "^2.0.5",
-    "faunadb": "^4",
-    "next": "13.3.0",
-    "next-auth": "workspace:*",
-    "nodemailer": "^6",
-    "react": "^18",
-    "react-dom": "^18"
-  },
-  "devDependencies": {
-    "@types/jsonwebtoken": "^8.5.5",
-    "@types/react": "^18.0.37",
-    "@types/react-dom": "^18.0.6",
-    "fake-smtp-server": "^0.8.0",
-    "pg": "^8.7.3",
-    "prisma": "^3",
-    "sqlite3": "^5.0.8",
-    "typeorm": "0.3.7"
-  }
-}

apps/dev/nextjs-v4/pages/_app.js

@@ -1,10 +0,0 @@
-import { SessionProvider } from "next-auth/react"
-import "./styles.css"
-
-export default function App({ Component, pageProps }) {
-  return (
-    <SessionProvider session={pageProps.session}>
-      <Component {...pageProps} />
-    </SessionProvider>
-  )
-}

apps/dev/nextjs-v4/pages/api-example.js

@@ -1,17 +0,0 @@
-import Layout from '../components/layout'
-
-export default function Page () {
-  return (
-    <Layout>
-      <h1>API Example</h1>
-      <p>The examples below show responses from the example API endpoints.</p>
-      <p><em>You must be signed in to see responses.</em></p>
-      <h2>Session</h2>
-      <p>/api/examples/session</p>
-      <iframe src='/api/examples/session' />
-      <h2>JSON Web Token</h2>
-      <p>/api/examples/jwt</p>
-      <iframe src='/api/examples/jwt' />
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/api/auth-old/[...nextauth].ts

@@ -1,217 +0,0 @@
-import NextAuth, { NextAuthOptions } from "next-auth"
-
-// Providers
-import Apple from "next-auth/providers/apple"
-import Auth0 from "next-auth/providers/auth0"
-import AzureAD from "next-auth/providers/azure-ad"
-import AzureB2C from "next-auth/providers/azure-ad-b2c"
-import BoxyHQSAML from "next-auth/providers/boxyhq-saml"
-// import Cognito from "next-auth/providers/cognito"
-import Credentials from "next-auth/providers/credentials"
-import Discord from "next-auth/providers/discord"
-import DuendeIDS6 from "next-auth/providers/duende-identity-server6"
-// import Email from "next-auth/providers/email"
-import Facebook from "next-auth/providers/facebook"
-import Foursquare from "next-auth/providers/foursquare"
-import Freshbooks from "next-auth/providers/freshbooks"
-import GitHub from "next-auth/providers/github"
-import Gitlab from "next-auth/providers/gitlab"
-import Google from "next-auth/providers/google"
-// import IDS4 from "next-auth/providers/identity-server4"
-import Instagram from "next-auth/providers/instagram"
-// import Keycloak from "next-auth/providers/keycloak"
-import Line from "next-auth/providers/line"
-import LinkedIn from "next-auth/providers/linkedin"
-import Mailchimp from "next-auth/providers/mailchimp"
-// import Okta from "next-auth/providers/okta"
-import Osu from "next-auth/providers/osu"
-import Patreon from "next-auth/providers/patreon"
-import Slack from "next-auth/providers/slack"
-import Spotify from "next-auth/providers/spotify"
-import Trakt from "next-auth/providers/trakt"
-import Twitch from "next-auth/providers/twitch"
-import Twitter from "next-auth/providers/twitter"
-import Vk from "next-auth/providers/vk"
-import Wikimedia from "next-auth/providers/wikimedia"
-import WorkOS from "next-auth/providers/workos"
-
-// // Prisma
-// import { PrismaClient } from "@prisma/client"
-// import { PrismaAdapter } from "@auth/prisma-adapter"
-// const client = globalThis.prisma || new PrismaClient()
-// if (process.env.NODE_ENV !== "production") globalThis.prisma = client
-// const adapter = PrismaAdapter(client)
-
-// // Fauna
-// import { Client as FaunaClient } from "faunadb"
-// import { FaunaAdapter } from "@auth/fauna-adapter"
-// const opts = { secret: process.env.FAUNA_SECRET, domain: process.env.FAUNA_DOMAIN }
-// const client = globalThis.fauna || new FaunaClient(opts)
-// if (process.env.NODE_ENV !== "production") globalThis.fauna = client
-// const adapter = FaunaAdapter(client)
-
-// // TypeORM
-// import { TypeORMAdapter } from "@auth/typeorm-adapter"
-// const adapter = TypeORMAdapter({
-//   type: "sqlite",
-//   name: "next-auth-test-memory",
-//   database: "./typeorm/dev.db",
-//   synchronize: true,
-// })
-
-// // Supabase
-// import { SupabaseAdapter } from "@auth/supabase-adapter"
-// const adapter = SupabaseAdapter({
-//   url: process.env.NEXT_PUBLIC_SUPABASE_URL,
-//   secret: process.env.SUPABASE_SERVICE_ROLE_KEY,
-// })
-
-export const authOptions: NextAuthOptions = {
-  // adapter,
-  // debug: process.env.NODE_ENV !== "production",
-  theme: {
-    logo: "https://next-auth.js.org/img/logo/logo-sm.png",
-    brandColor: "#1786fb",
-  },
-  providers: [
-    Credentials({
-      credentials: { password: { label: "Password", type: "password" } },
-      async authorize(credentials) {
-        if (credentials.password !== "pw") return null
-        return {
-          name: "Fill Murray",
-          email: "bill@fillmurray.com",
-          image: "https://www.fillmurray.com/64/64",
-          id: "1",
-          foo: "",
-        }
-      },
-    }),
-    Apple({
-      clientId: process.env.APPLE_ID,
-      clientSecret: process.env.APPLE_SECRET,
-    }),
-    Auth0({
-      clientId: process.env.AUTH0_ID,
-      clientSecret: process.env.AUTH0_SECRET,
-      issuer: process.env.AUTH0_ISSUER,
-    }),
-    AzureAD({
-      clientId: process.env.AZURE_AD_CLIENT_ID,
-      clientSecret: process.env.AZURE_AD_CLIENT_SECRET,
-      tenantId: process.env.AZURE_AD_TENANT_ID,
-    }),
-    AzureB2C({
-      clientId: process.env.AZURE_B2C_ID,
-      clientSecret: process.env.AZURE_B2C_SECRET,
-      issuer: process.env.AZURE_B2C_ISSUER,
-    }),
-    BoxyHQSAML({
-      issuer: "https://jackson-demo.boxyhq.com",
-      clientId: "tenant=boxyhq.com&product=saml-demo.boxyhq.com",
-      clientSecret: "dummy",
-    }),
-    // Cognito({ clientId: process.env.COGNITO_ID, clientSecret: process.env.COGNITO_SECRET, issuer: process.env.COGNITO_ISSUER }),
-    Discord({
-      clientId: process.env.DISCORD_ID,
-      clientSecret: process.env.DISCORD_SECRET,
-    }),
-    DuendeIDS6({
-      clientId: "interactive.confidential",
-      clientSecret: "secret",
-      issuer: "https://demo.duendesoftware.com",
-    }),
-    Facebook({
-      clientId: process.env.FACEBOOK_ID,
-      clientSecret: process.env.FACEBOOK_SECRET,
-    }),
-    Foursquare({
-      clientId: process.env.FOURSQUARE_ID,
-      clientSecret: process.env.FOURSQUARE_SECRET,
-    }),
-    Freshbooks({
-      clientId: process.env.FRESHBOOKS_ID,
-      clientSecret: process.env.FRESHBOOKS_SECRET,
-    }),
-    GitHub({
-      clientId: process.env.GITHUB_ID,
-      clientSecret: process.env.GITHUB_SECRET,
-    }),
-    Gitlab({
-      clientId: process.env.GITLAB_ID,
-      clientSecret: process.env.GITLAB_SECRET,
-    }),
-    Google({
-      clientId: process.env.GOOGLE_ID,
-      clientSecret: process.env.GOOGLE_SECRET,
-    }),
-    // IDS4({ clientId: process.env.IDS4_ID, clientSecret: process.env.IDS4_SECRET, issuer: process.env.IDS4_ISSUER }),
-    Instagram({
-      clientId: process.env.INSTAGRAM_ID,
-      clientSecret: process.env.INSTAGRAM_SECRET,
-    }),
-    // Keycloak({ clientId: process.env.KEYCLOAK_ID, clientSecret: process.env.KEYCLOAK_SECRET, issuer: process.env.KEYCLOAK_ISSUER }),
-    Line({
-      clientId: process.env.LINE_ID,
-      clientSecret: process.env.LINE_SECRET,
-    }),
-    LinkedIn({
-      clientId: process.env.LINKEDIN_ID,
-      clientSecret: process.env.LINKEDIN_SECRET,
-    }),
-    Mailchimp({
-      clientId: process.env.MAILCHIMP_ID,
-      clientSecret: process.env.MAILCHIMP_SECRET,
-    }),
-    // Okta({ clientId: process.env.OKTA_ID, clientSecret: process.env.OKTA_SECRET, issuer: process.env.OKTA_ISSUER }),
-    Osu({
-      clientId: process.env.OSU_CLIENT_ID,
-      clientSecret: process.env.OSU_CLIENT_SECRET,
-    }),
-    Patreon({
-      clientId: process.env.PATREON_ID,
-      clientSecret: process.env.PATREON_SECRET,
-    }),
-    Slack({
-      clientId: process.env.SLACK_ID,
-      clientSecret: process.env.SLACK_SECRET,
-    }),
-    Spotify({
-      clientId: process.env.SPOTIFY_ID,
-      clientSecret: process.env.SPOTIFY_SECRET,
-    }),
-    Trakt({
-      clientId: process.env.TRAKT_ID,
-      clientSecret: process.env.TRAKT_SECRET,
-    }),
-    Twitch({
-      clientId: process.env.TWITCH_ID,
-      clientSecret: process.env.TWITCH_SECRET,
-    }),
-    Twitter({
-      clientId: process.env.TWITTER_ID,
-      clientSecret: process.env.TWITTER_SECRET,
-    }),
-    // TwitterLegacy({ clientId: process.env.TWITTER_LEGACY_ID, clientSecret: process.env.TWITTER_LEGACY_SECRET }),
-    Vk({ clientId: process.env.VK_ID, clientSecret: process.env.VK_SECRET }),
-    Wikimedia({
-      clientId: process.env.WIKIMEDIA_ID,
-      clientSecret: process.env.WIKIMEDIA_SECRET,
-    }),
-    WorkOS({
-      clientId: process.env.WORKOS_ID,
-      clientSecret: process.env.WORKOS_SECRET,
-    }),
-  ],
-}
-
-if (authOptions.adapter) {
-  // TODO:
-  // authOptions.providers.unshift(
-  //   // NOTE: You can start a fake e-mail server with `pnpm email`
-  //   // and then go to `http://localhost:1080` in the browser
-  //   Email({ server: "smtp://127.0.0.1:1025?tls.rejectUnauthorized=false" })
-  // )
-}
-
-export default NextAuth(authOptions)

apps/dev/nextjs-v4/pages/api/examples/jwt.js

@@ -1,7 +0,0 @@
-// This is an example of how to read a JSON Web Token from an API route
-import { getToken } from "next-auth/jwt"
-
-export default async (req, res) => {
-  const token = await getToken({ req })
-  res.send(JSON.stringify(token, null, 2))
-}

apps/dev/nextjs-v4/pages/api/examples/protected.js

@@ -1,19 +0,0 @@
-// This is an example of to protect an API route
-import { getServerSession } from "next-auth/next"
-import { authOptions } from "../auth/[...nextauth]"
-
-export default async (req, res) => {
-  const session = await getServerSession(req, res, authOptions)
-
-  if (session) {
-    res.send({
-      content:
-        "This is protected content. You can access this content because you are signed in.",
-      session,
-    })
-  } else {
-    res.send({
-      error: "You must be sign in to view the protected content on this page.",
-    })
-  }
-}

apps/dev/nextjs-v4/pages/api/examples/session.js

@@ -1,8 +0,0 @@
-// This is an example of how to access a session from an API route
-import { getServerSession } from "next-auth/next"
-import { authOptions } from "../auth/[...nextauth]"
-
-export default async (req, res) => {
-  const session = await getServerSession(req, res, authOptions)
-  res.json(session)
-}

apps/dev/nextjs-v4/pages/api/examples/supabase-rls.js

@@ -1,30 +0,0 @@
-// This is an example of how to query data from Supabase with RLS.
-// Learn more about Row Levele Security (RLS): https://supabase.com/docs/guides/auth/row-level-security
-import { getServerSession } from "next-auth/next"
-import { authOptions } from "../auth/[...nextauth]"
-import { createClient } from "@supabase/supabase-js"
-
-export default async (req, res) => {
-  const session = await getServerSession(req, res, authOptions)
-
-  if (!session)
-    return res.send(JSON.stringify({ error: "No session!" }, null, 2))
-
-  const { supabaseAccessToken } = session
-
-  const supabase = createClient(
-    process.env.NEXT_PUBLIC_SUPABASE_URL,
-    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
-    {
-      global: {
-        headers: {
-          Authorization: `Bearer ${supabaseAccessToken}`,
-        },
-      },
-    }
-  )
-  // Now you can query with RLS enabled.
-  const { data, error } = await supabase.from("users").select("*")
-
-  res.send(JSON.stringify({ supabaseAccessToken, data, error }, null, 2))
-}

apps/dev/nextjs-v4/pages/client.js

@@ -1,22 +0,0 @@
-import Layout from '../components/layout'
-
-export default function Page () {
-  return (
-    <Layout>
-      <h1>Client Side Rendering</h1>
-      <p>
-        This page uses the <strong>useSession()</strong> React Hook in the <strong>&lt;/Header&gt;</strong> component.
-      </p>
-      <p>
-        The <strong>useSession()</strong> React Hook easy to use and allows pages to render very quickly.
-      </p>
-      <p>
-        The advantage of this approach is that session state is shared between pages by using the <strong>Provider</strong> in <strong>_app.js</strong> so
-        that navigation between pages using <strong>useSession()</strong> is very fast.
-      </p>
-      <p>
-        The disadvantage of <strong>useSession()</strong> is that it requires client side JavaScript.
-      </p>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/credentials.js

@@ -1,67 +0,0 @@
-// eslint-disable-next-line no-use-before-define
-import * as React from "react"
-import { signIn, signOut, useSession } from "next-auth/react"
-import Layout from "components/layout"
-
-export default function Page() {
-  const [response, setResponse] = React.useState(null)
-  const handleLogin = (options) => async () => {
-    if (options.redirect) {
-      return signIn("credentials", options)
-    }
-    const response = await signIn("credentials", options)
-    setResponse(response)
-  }
-
-  const handleLogout = (options) => async () => {
-    if (options.redirect) {
-      return signOut(options)
-    }
-    const response = await signOut(options)
-    setResponse(response)
-  }
-
-  const { data: session } = useSession()
-
-  if (session) {
-    return (
-      <Layout>
-        <h1>Test different flows for Credentials logout</h1>
-        <span className="spacing">Default:</span>
-        <button onClick={handleLogout({ redirect: true })}>Logout</button>
-        <br />
-        <span className="spacing">No redirect:</span>
-        <button onClick={handleLogout({ redirect: false })}>Logout</button>
-        <br />
-        <p>Response:</p>
-        <pre style={{ background: "#eee", padding: 16 }}>
-          {JSON.stringify(response, null, 2)}
-        </pre>
-      </Layout>
-    )
-  }
-
-  return (
-    <Layout>
-      <h1>Test different flows for Credentials login</h1>
-      <span className="spacing">Default:</span>
-      <button onClick={handleLogin({ redirect: true, password: "password" })}>
-        Login
-      </button>
-      <br />
-      <span className="spacing">No redirect:</span>
-      <button onClick={handleLogin({ redirect: false, password: "password" })}>
-        Login
-      </button>
-      <br />
-      <span className="spacing">No redirect, wrong password:</span>
-      <button onClick={handleLogin({ redirect: false, password: "" })}>
-        Login
-      </button>
-      <p>Response:</p>
-      <pre style={{ background: "#eee", padding: 16 }}>
-        {JSON.stringify(response, null, 2)}
-      </pre>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/email.js

@@ -1,80 +0,0 @@
-// eslint-disable-next-line no-use-before-define
-import * as React from "react"
-import { signIn, signOut, useSession } from "next-auth/react"
-import Layout from "components/layout"
-
-export default function Page() {
-  const [response, setResponse] = React.useState(null)
-  const [email, setEmail] = React.useState("")
-
-  const handleChange = (event) => {
-    setEmail(event.target.value)
-  }
-
-  const handleLogin = (options) => async (event) => {
-    event.preventDefault()
-
-    if (options.redirect) {
-      return signIn("email", options)
-    }
-    const response = await signIn("email", options)
-    setResponse(response)
-  }
-
-  const handleLogout = (options) => async (event) => {
-    if (options.redirect) {
-      return signOut(options)
-    }
-    const response = await signOut(options)
-    setResponse(response)
-  }
-
-  const { data: session } = useSession()
-
-  if (session) {
-    return (
-      <Layout>
-        <h1>Test different flows for Email logout</h1>
-        <span className="spacing">Default:</span>
-        <button onClick={handleLogout({ redirect: true })}>Logout</button>
-        <br />
-        <span className="spacing">No redirect:</span>
-        <button onClick={handleLogout({ redirect: false })}>Logout</button>
-        <br />
-        <p>Response:</p>
-        <pre style={{ background: "#eee", padding: 16 }}>
-          {JSON.stringify(response, null, 2)}
-        </pre>
-      </Layout>
-    )
-  }
-
-  return (
-    <Layout>
-      <h1>Test different flows for Email login</h1>
-      <label className="spacing">
-        Email address:{" "}
-        <input
-          type="text"
-          id="email"
-          name="email"
-          value={email}
-          onChange={handleChange}
-        />
-      </label>
-      <br />
-      <form onSubmit={handleLogin({ redirect: true, email })}>
-        <span className="spacing">Default:</span>
-        <button type="submit">Sign in with Email</button>
-      </form>
-      <form onSubmit={handleLogin({ redirect: false, email })}>
-        <span className="spacing">No redirect:</span>
-        <button type="submit">Sign in with Email</button>
-      </form>
-      <p>Response:</p>
-      <pre style={{ background: "#eee", padding: 16 }}>
-        {JSON.stringify(response, null, 2)}
-      </pre>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/index.js

@@ -1,12 +0,0 @@
-import Layout from 'components/layout'
-
-export default function Page () {
-  return (
-    <Layout>
-      <h1>NextAuth.js Example</h1>
-      <p>
-        This is an example site to demonstrate how to use <a href='https://next-auth.js.org'>NextAuth.js</a> for authentication.
-      </p>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/middleware-protected/index.js

@@ -1,9 +0,0 @@
-import Layout from "components/layout"
-
-export default function Page() {
-  return (
-    <Layout>
-      <h1>Page protected by Middleware</h1>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/policy.js

@@ -1,30 +0,0 @@
-import Layout from '../components/layout'
-
-export default function Page () {
-  return (
-    <Layout>
-      <p>
-        This is an example site to demonstrate how to use <a href='https://next-auth.js.org'>NextAuth.js</a> for authentication.
-      </p>
-      <h2>Terms of Service</h2>
-      <p>
-        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-        SOFTWARE.
-      </p>
-      <h2>Privacy Policy</h2>
-      <p>
-        This site uses JSON Web Tokens and an in-memory database which resets every ~2 hours.
-      </p>
-      <p>
-        Data provided to this site is exclusively used to support signing in
-        and is not passed to any third party services, other than via SMTP or OAuth for the
-        purposes of authentication.
-      </p>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/protected-ssr.js

@@ -1,48 +0,0 @@
-// This is an example of how to protect content using server rendering
-import { getServerSession } from "next-auth/next"
-import { authOptions } from "./api/auth/[...nextauth]"
-import Layout from "../components/layout"
-import AccessDenied from "../components/access-denied"
-
-export default function Page({ content, session }) {
-  // If no session exists, display access denied message
-  if (!session) {
-    return (
-      <Layout>
-        <AccessDenied />
-      </Layout>
-    )
-  }
-
-  // If session exists, display content
-  return (
-    <Layout>
-      <h1>Protected Page</h1>
-      <p>
-        <strong>{content}</strong>
-      </p>
-    </Layout>
-  )
-}
-
-export async function getServerSideProps(context) {
-  const session = await getServerSession(context.req, context.res, authOptions)
-  let content = null
-
-  if (session) {
-    const hostname = process.env.NEXTAUTH_URL || "http://localhost:3000"
-    const options = { headers: { cookie: context.req.headers.cookie } }
-    const res = await fetch(`${hostname}/api/examples/protected`, options)
-    const json = await res.json()
-    if (json.content) {
-      content = json.content
-    }
-  }
-
-  return {
-    props: {
-      session,
-      content,
-    },
-  }
-}

apps/dev/nextjs-v4/pages/protected.js

@@ -1,35 +0,0 @@
-import { useState, useEffect } from "react"
-import { useSession } from "next-auth/react"
-import Layout from "../components/layout"
-
-export default function Page() {
-  const { status } = useSession({
-    required: true,
-  })
-  const [content, setContent] = useState()
-
-  // Fetch content from protected route
-  useEffect(() => {
-    if (status === "loading") return
-    const fetchData = async () => {
-      const res = await fetch("/api/examples/protected")
-      const json = await res.json()
-      if (json.content) {
-        setContent(json.content)
-      }
-    }
-    fetchData()
-  }, [status])
-
-  if (status === "loading") return <Layout>Loading...</Layout>
-
-  // If session exists, display content
-  return (
-    <Layout>
-      <h1>Protected Page</h1>
-      <p>
-        <strong>{content}</strong>
-      </p>
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/server.js

@@ -1,46 +0,0 @@
-import { getServerSession } from "next-auth/next"
-import Layout from "../components/layout"
-import { authOptions } from "./api/auth/[...nextauth]"
-
-export default function Page() {
-  // As this page uses Server Side Rendering, the `session` will be already
-  // populated on render without needing to go through a loading stage.
-  // This is possible because of the shared context configured in `_app.js` that
-  // is used by `useSession()`.
-
-  return (
-    <Layout>
-      <h1>Server Side Rendering</h1>
-      <p>
-        This page uses the <strong>getServerSession()</strong> method in{" "}
-        <strong>getServerSideProps()</strong>.
-      </p>
-      <p>
-        Using <strong>getServerSession()</strong> in{" "}
-        <strong>getServerSideProps()</strong> is currently the recommended
-        approach, although the API may still change, if you need to support
-        Server Side Rendering with authentication.
-      </p>
-      <p>
-        Using <strong>getSession()</strong> is still recommended on the client.
-      </p>
-      <p>
-        The advantage of Server Side Rendering is this page does not require
-        client side JavaScript.
-      </p>
-      <p>
-        The disadvantage of Server Side Rendering is that this page is slower to
-        render.
-      </p>
-    </Layout>
-  )
-}
-
-// Export the `session` prop to use sessions with Server Side Rendering
-export async function getServerSideProps(context) {
-  return {
-    props: {
-      session: await getServerSession(context.req, context.res, authOptions),
-    },
-  }
-}

apps/dev/nextjs-v4/pages/styles.css

@@ -1,32 +0,0 @@
-body {
-  font-family: ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont,
-    "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif,
-    "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";
-  padding: 0 1rem 1rem 1rem;
-  max-width: 680px;
-  margin: 0 auto;
-  background: #fff;
-  color: var(--color-text);
-}
-
-li,
-p {
-  line-height: 1.5rem;
-}
-
-a {
-  font-weight: 500;
-}
-
-hr {
-  border: 1px solid #ddd;
-}
-
-iframe {
-  background: #ccc;
-  border: 1px solid #ccc;
-  height: 10rem;
-  width: 100%;
-  border-radius: .5rem;
-  filter: invert(1);
-}

apps/dev/nextjs-v4/pages/supabase-client-rls.js

@@ -1,49 +0,0 @@
-import Layout from "../components/layout"
-import { useState, useEffect } from "react"
-import { useSession } from "next-auth/react"
-import { createClient } from "@supabase/supabase-js"
-
-export default function Page() {
-  const { data: session } = useSession()
-  const [data, setData] = useState(null)
-
-  useEffect(() => {
-    if (session) {
-      console.log(session)
-      // User is logged in, let's fetch their data.
-      const { supabaseAccessToken } = session
-      const supabase = createClient(
-        process.env.NEXT_PUBLIC_SUPABASE_URL,
-        process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
-        {
-          global: {
-            headers: { Authorization: `Bearer ${supabaseAccessToken}` },
-          },
-        }
-      )
-      // Fetch data with RLS enabled.
-      supabase
-        .from("users")
-        .select("*")
-        .then(({ data }) => setData(data))
-    }
-  }, [session])
-
-  return (
-    <Layout>
-      <h1>Fetch Data from Supabase with RLS</h1>
-      <h2>Client-side data fetching with RLS:</h2>
-      <pre>{JSON.stringify(data, null, 2)}</pre>
-      <h2>API Example</h2>
-      <p>
-        You can also use Supabase in API routes. See the code in the
-        `/pages/api/examples/supabase-rls.js` file.
-      </p>
-      <p>
-        <em>You must be signed in to see responses.</em>
-      </p>
-      <p>/api/examples/supabase-rls</p>
-      <iframe src="/api/examples/supabase-rls" />
-    </Layout>
-  )
-}

apps/dev/nextjs-v4/pages/supabase-ssr.js

@@ -1,64 +0,0 @@
-// This is an example of how to protect content using server rendering
-// and fetching data from Supabase with RLS enabled.
-import { getServerSession } from "next-auth/next"
-import { authOptions } from "./api/auth/[...nextauth]"
-import { createClient } from "@supabase/supabase-js"
-import Layout from "../components/layout"
-import AccessDenied from "../components/access-denied"
-
-export default function Page({ data, session }) {
-  // If no session exists, display access denied message
-  if (!session) {
-    return (
-      <Layout>
-        <AccessDenied />
-      </Layout>
-    )
-  }
-
-  // If session exists, display content
-  return (
-    <Layout>
-      <h1>Protected Page</h1>
-      <p>Data fetched during SSR from Supabase with RSL enabled:</p>
-      <pre>{JSON.stringify(data, null, 2)}</pre>
-    </Layout>
-  )
-}
-
-export async function getServerSideProps(context) {
-  const session = await getServerSession(context.req, context.res, authOptions)
-
-  if (!session)
-    return {
-      props: {
-        session,
-        data: null,
-        error: "No session",
-      },
-    }
-
-  const { supabaseAccessToken } = session
-
-  const supabase = createClient(
-    process.env.NEXT_PUBLIC_SUPABASE_URL,
-    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
-    {
-      global: {
-        headers: {
-          Authorization: `Bearer ${supabaseAccessToken}`,
-        },
-      },
-    }
-  )
-  // Now you can query with RLS enabled.
-  const { data, error } = await supabase.from("users").select("*")
-
-  return {
-    props: {
-      session,
-      data,
-      error,
-    },
-  }
-}

apps/dev/nextjs-v4/prisma/migrations/20230325081057_test/migration.sql

@@ -1,60 +0,0 @@
--- CreateTable
-CREATE TABLE "Account" (
-    "id" TEXT NOT NULL PRIMARY KEY,
-    "userId" TEXT NOT NULL,
-    "type" TEXT NOT NULL,
-    "provider" TEXT NOT NULL,
-    "providerAccountId" TEXT NOT NULL,
-    "refresh_token" TEXT,
-    "access_token" TEXT,
-    "expires_at" INTEGER,
-    "token_type" TEXT,
-    "scope" TEXT,
-    "id_token" TEXT,
-    "session_state" TEXT,
-    "oauth_token_secret" TEXT,
-    "oauth_token" TEXT,
-    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    "updatedAt" DATETIME NOT NULL,
-    CONSTRAINT "Account_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
-);
-
--- CreateTable
-CREATE TABLE "Session" (
-    "id" TEXT NOT NULL PRIMARY KEY,
-    "sessionToken" TEXT NOT NULL,
-    "userId" TEXT NOT NULL,
-    "expires" DATETIME NOT NULL,
-    CONSTRAINT "Session_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
-);
-
--- CreateTable
-CREATE TABLE "User" (
-    "id" TEXT NOT NULL PRIMARY KEY,
-    "name" TEXT,
-    "email" TEXT,
-    "emailVerified" DATETIME,
-    "image" TEXT
-);
-
--- CreateTable
-CREATE TABLE "VerificationToken" (
-    "identifier" TEXT NOT NULL,
-    "token" TEXT NOT NULL,
-    "expires" DATETIME NOT NULL
-);
-
--- CreateIndex
-CREATE UNIQUE INDEX "Account_provider_providerAccountId_key" ON "Account"("provider", "providerAccountId");
-
--- CreateIndex
-CREATE UNIQUE INDEX "Session_sessionToken_key" ON "Session"("sessionToken");
-
--- CreateIndex
-CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
-
--- CreateIndex
-CREATE UNIQUE INDEX "VerificationToken_token_key" ON "VerificationToken"("token");
-
--- CreateIndex
-CREATE UNIQUE INDEX "VerificationToken_identifier_token_key" ON "VerificationToken"("identifier", "token");

apps/dev/nextjs-v4/prisma/migrations/migration_lock.toml

@@ -1,3 +0,0 @@
-# Please do not edit this file manually
-# It should be added in your version-control system (i.e. Git)
-provider = "sqlite"

apps/dev/nextjs-v4/prisma/schema.prisma

@@ -1,57 +0,0 @@
-datasource db {
-  provider = "sqlite"
-  url      = "file:./dev.db"
-}
-
-generator client {
-  provider = "prisma-client-js"
-}
-
-model Account {
-  id                 String  @id @default(cuid())
-  userId             String
-  type               String
-  provider           String
-  providerAccountId  String
-  refresh_token      String?
-  access_token       String?
-  expires_at         Int?
-  token_type         String?
-  scope              String?
-  id_token           String?
-  session_state      String?
-  oauth_token_secret String?
-  oauth_token        String?
-
-  createdAt DateTime @default(now())
-  updatedAt DateTime @updatedAt
-  user      User     @relation(fields: [userId], references: [id])
-
-  @@unique([provider, providerAccountId])
-}
-
-model Session {
-  id           String   @id @default(cuid())
-  sessionToken String   @unique
-  userId       String
-  expires      DateTime
-  user         User     @relation(fields: [userId], references: [id])
-}
-
-model User {
-  id            String    @id @default(cuid())
-  name          String?
-  email         String?   @unique
-  emailVerified DateTime?
-  image         String?
-  accounts      Account[]
-  sessions      Session[]
-}
-
-model VerificationToken {
-  identifier String
-  token      String   @unique
-  expires    DateTime
-
-  @@unique([identifier, token])
-}

apps/dev/nextjs-v4/tsconfig.json

@@ -1,39 +0,0 @@
-{
-  "compilerOptions": {
-    "target": "esnext",
-    "lib": [
-      "dom",
-      "dom.iterable",
-      "esnext"
-    ],
-    "allowJs": true,
-    "skipLibCheck": true,
-    "strict": false,
-    "forceConsistentCasingInFileNames": true,
-    "noEmit": true,
-    "esModuleInterop": true,
-    "module": "esnext",
-    "moduleResolution": "node",
-    "resolveJsonModule": true,
-    "isolatedModules": true,
-    "incremental": true,
-    "jsx": "preserve",
-    "baseUrl": ".",
-    "plugins": [
-      {
-        "name": "next"
-      }
-    ],
-    "strictNullChecks": true
-  },
-  "include": [
-    "next-env.d.ts",
-    "**/*.ts",
-    "**/*.tsx",
-    ".next/types/**/*.ts"
-  ],
-  "exclude": [
-    "node_modules",
-    "jest.config.js"
-  ]
-}

apps/dev/nextjs-v4/types/nextauth.d.ts

@@ -1,20 +0,0 @@
-// eslint-disable-next-line @typescript-eslint/no-unused-vars
-import NextAuth from "next-auth"
-
-declare module "next-auth" {
-  /**
-   * Returned by `useSession`, `getSession` and received as a prop on the `SessionProvider` React Context
-   */
-  interface Session {
-    // A JWT which can be used as Authorization header with supabase-js for RLS.
-    supabaseAccessToken?: string
-    user: {
-      /** The user's postal address. */
-      address: string
-    } & User
-  }
-
-  interface User {
-    foo: string
-  }
-}

apps/dev/nextjs/package.json

@@ -25,7 +25,6 @@
     "@supabase/supabase-js": "^2.0.5",
     "faunadb": "^4",
     "next": "13.4.0",
-    "next-auth": "workspace:*",
     "nodemailer": "^6",
     "react": "^18",
     "react-dom": "^18"
@@ -41,6 +40,6 @@
     "pg": "^8.7.3",
     "prisma": "^3",
     "sqlite3": "^5.0.8",
-    "typeorm": "0.3.7"
+    "typeorm": "0.3.17"
   }
 }

apps/examples/nextjs/auth.ts

@@ -85,7 +85,7 @@ export const config = {
     Box({ clientId: process.env.AUTH_BOX_ID, clientSecret: process.env.AUTH_BOX_SECRET }),
     BoxyHQSAML({ clientId: process.env.AUTH_BOXYHQ_ID, clientSecret: process.env.AUTH_BOXYHQ_SECRET, issuer: process.env.AUTH_BOXYHQ_ISSUER }),
     Bungie({ clientId: process.env.AUTH_BUNGIE_ID, clientSecret: process.env.AUTH_BUNGIE_SECRET }),
-    Cognito({ clientId: process.env.AUTH_COGNITO_ID, clientSecret: process.env.AUTH_COGNITO_SECRET }),
+    Cognito({ clientId: process.env.AUTH_COGNITO_ID, clientSecret: process.env.AUTH_COGNITO_SECRET, issuer: process.env.AUTH_COGNITO_ISSUER }),
     Coinbase({ clientId: process.env.AUTH_COINBASE_ID, clientSecret: process.env.AUTH_COINBASE_SECRET }),
     Discord({ clientId: process.env.AUTH_DISCORD_ID, clientSecret: process.env.AUTH_DISCORD_SECRET }),
     Dropbox({ clientId: process.env.AUTH_DROPBOX_ID, clientSecret: process.env.AUTH_DROPBOX_SECRET }),
@@ -182,6 +182,7 @@ declare global {
       AUTH_BUNGIE_ID: string
       AUTH_BUNGIE_SECRET: string
       AUTH_COGNITO_ID: string
+      AUTH_COGNITO_ISSUER: string
       AUTH_COGNITO_SECRET: string
       AUTH_COINBASE_ID: string
       AUTH_COINBASE_SECRET: string

docs/docs/concepts/faq.md

@@ -114,61 +114,9 @@ Yes! Check out the [TypeScript docs](/getting-started/typescript)
 
 ---
 
-## Databases
+## Session strategies
 
-<details>
-<summary>
-  <h3 style={{display: "inline-block"}}>What databases are supported by Auth.js?</h3>
-</summary>
-<p>
-
-Auth.js can be used with MySQL, Postgres, MongoDB, SQLite and compatible databases (e.g. MariaDB, Amazon Aurora, Amazon DocumentDB…) or with no database.
-
-It also provides an Adapter API which allows you to connect it to any database.
-
-</p>
-</details>
-
-<details>
-<summary>
-  <h3 style={{display: "inline-block"}}>What does Auth.js use databases for?</h3>
-</summary>
-<p>
-
-Databases in Auth.js are used for persisting users, OAuth accounts, email sign-in tokens and sessions.
-
-Specifying a database is optional if you don't need to persist user data or support email sign-in. If you don't specify a database then JSON Web Tokens will be enabled for session storage and used to store session data.
-
-If you are using a database with Auth.js, you can still explicitly enable JSON Web Tokens for sessions (instead of using database sessions).
-
-</p>
-</details>
-
-<details>
-<summary>
-  <h3 style={{display: "inline-block"}}>Should I use a database?</h3>
-</summary>
-<p>
-
-- Using Auth.js without a database works well for internal tools - where you need to control who can sign in, but when you do not need to create user accounts for them in your application.
-
-- Using Auth.js with a database is usually a better approach for a consumer-facing application where you need to persist accounts (e.g. for billing, to contact customers, etc).
-
-</p>
-</details>
-
-<details>
-<summary>
-  <h3 style={{display: "inline-block"}}>What database should I use?</h3>
-</summary>
-<p>
-
-Managed database solutions for MySQL, Postgres and MongoDB (and compatible databases) are well supported by cloud providers such as Amazon, Google, Microsoft and Atlas.
-
-If you are deploying directly to a particular cloud platform you may also want to consider serverless database offerings they have (e.g. [Amazon Aurora Serverless on AWS](https://aws.amazon.com/rds/aurora/serverless/)).
-
-</p>
-</details>
+Check out the [Session strategies page](/concepts/session-strategies) to learn more.
 
 ---
 
@@ -257,99 +205,3 @@ Ultimately if your request is not accepted or is not actively in development, yo
 </p>
 </details>
 
----
-
-## JSON Web Tokens
-
-<details>
-<summary>
-  <h3>Does Auth.js use JSON Web Tokens?</h3>
-</summary>
-<p>
-
-Auth.js by default uses JSON Web Tokens for saving the user's session. However, if you use a [database adapter](/guides/adapters/using-a-database-adapter), the database will be used to persist the user's session. You can force the usage of JWT when using a database [through the configuration options](/reference/configuration/auth-config#session). Since v4 all our JWTs are now encrypted by default with A256GCM.
-
-</p>
-</details>
-
-<details>
-<summary>
-  <h3>What are the advantages of JSON Web Tokens?</h3>
-</summary>
-<p>
-
-JSON Web Tokens can be used for session tokens, but are also used for lots of other things, such as sending signed objects between services in authentication flows.
-
-- Advantages of using a JWT as a session token include that they do not require a database to store sessions, this can be faster and cheaper to run and easier to scale.
-
-- JSON Web Tokens in Auth.js are secured using cryptographic encryption (JWE) to store the included information directly in a JWT session token. You may then use the token to pass information between services and APIs on the same domain without having to contact a database to verify the included information.
-
-- You can use JWT to securely store information you do not mind the client knowing even without encryption, as the JWT is stored in a server-readable-only cookie so data in the JWT is not accessible to third-party JavaScript running on your site.
-
-</p>
-</details>
-
-<details>
-<summary>
-  <h3>What are the disadvantages of JSON Web Tokens?</h3>
-</summary>
-<p>
-
-- It's difficult to invalidate a JSON Web Token - doing so requires maintaining a server-side blocklist of the tokens (at least until they expire) and checking every token against the list every time a token is presented.
-
-  Shorter session expiry times are used when using JSON Web Tokens as session tokens to allow sessions to be invalidated sooner and simplify this problem.
-
-  Auth.js client includes advanced features to mitigate the downsides of using shorter session expiry times on the user experience, including automatic session token rotation, optionally sending keep-alive messages to prevent short-lived sessions from expiring if there is a window or tab opened, background re-validation, and automatic tab/window syncing that keeps sessions in sync across windows any time session state changes or a window or tab gains or loses focus.
-
-- As with database session tokens, JSON Web Tokens are limited in the amount of data you can store in them. There is typically a limit of around 4096 bytes per cookie, though the exact limit varies between browsers, proxies and hosting services. If you want to support most browsers, then do not exceed 4096 bytes per cookie. If you want to save more data, you will need to persist your sessions in a database (Source: [browsercookielimits.iain.guru](http://browsercookielimits.iain.guru/))
-
-  The more data you try to store in a token and the more other cookies you set, the closer you will come to this limit. Auth.js uses cookie chunking so that cookies over the 4kb limit get split and reassembled upon parsing. However, since this data needs to be transmitted on every request, in case you wish to store more than ~4 KB of data you're probably at the point where you want to store a unique ID in the token and persist the data elsewhere (e.g. in a server-side key/value store).
-
-- Data stored in an encrypted JSON Web Token (JWE) may be compromised at some point.
-
-  Even if appropriately configured, information stored in an encrypted JWT should not be assumed to be impossible to decrypt at some point - e.g. due to the discovery of a defect or advances in technology.
-
-  Avoid storing any data in a token that might be problematic if it were to be decrypted in the future.
-
-- If you do not explicitly specify a secret for Auth.js, existing sessions will be invalidated any time your Auth.js configuration changes, as Auth.js will default to an auto-generated secret. Since v4 this only impacts development and generating a secret is required in production.
-
-</p>
-</details>
-
-<details>
-<summary>
-  <h3>Are JSON Web Tokens secure?</h3>
-</summary>
-<p>
-
-By default, tokens are encrypted (JWE).
-
-You can specify other valid algorithms - [as specified in RFC 7518](https://tools.ietf.org/html/rfc7517) - with either a secret (for symmetric encryption) or a public/private key pair (for asymmetric encryption).
-
-Using explicit public/private keys for signing is strongly recommended.
-
-</p>
-</details>
-
-<details>
-<summary>
-  <h3>What signing and encryption standards does Auth.js support?</h3>
-</summary>
-<p>
-
-Auth.js includes a largely complete implementation of JSON Object Signing and Encryption (JOSE):
-
-- [RFC 7515 - JSON Web Signature (JWS)](https://tools.ietf.org/html/rfc7515)
-- [RFC 7516 - JSON Web Encryption (JWE)](https://tools.ietf.org/html/rfc7516)
-- [RFC 7517 - JSON Web Key (JWK)](https://tools.ietf.org/html/rfc7517)
-- [RFC 7518 - JSON Web Algorithms (JWA)](https://tools.ietf.org/html/rfc7518)
-- [RFC 7519 - JSON Web Token (JWT)](https://tools.ietf.org/html/rfc7519)
-
-This incorporates support for:
-
-- [RFC 7638 - JSON Web Key Thumbprint](https://tools.ietf.org/html/rfc7638)
-- [RFC 7787 - JSON JWS Unencoded Payload Option](https://tools.ietf.org/html/rfc7797)
-- [RFC 8037 - CFRG Elliptic Curve ECDH and Signatures](https://tools.ietf.org/html/rfc8037)
-
-</p>
-</details>

docs/docs/concepts/session-strategies.md

@@ -0,0 +1,49 @@
+---
+title: Session strategies
+---
+
+When a user logs into your application, you usually want them to not need to log in for some time. This is called a session. Auth.js libraries support different session strategies, which are described below.
+
+:::note
+Both strategies have advantages and disadvantages which you have to evaluate based on your requirements
+:::
+
+Check out the [`session.strategy`](/reference/core#session) option to see how you can configure the session strategy of your Auth.js library.
+
+## JWT
+
+Auth.js libraries can create sessions using [JSON Web Tokens (JWT)](https://datatracker.ietf.org/doc/html/rfc7519). This is the default session strategy for Auth.js libraries. When a user signs in, a JWT is created in a `HttpOnly` cookie. Making the cookie HttpOnly prevents JavaScript from accessing it client-side (`document.cookie`), which makes it harder for attackers to steal the value. In addition, the JWT is encrypted with a secret key only known to the server. So even if an attacker were to steal the JWT from the cookie, they would not be able to decrypt it. Combined with a short expiration time, this makes JWTs a secure way to create sessions.
+
+When a user signs out, the JWT is deleted from the cookies, and the session is destroyed.
+
+### Advantages
+
+- JWTs as a session do not require a database to store sessions, this can be faster and cheaper to run and easier to scale.
+- Retrieving a JWT session can always run on the Edge.
+- Using this strategy requires fewer resources as you don't need to manage an extra database/service.
+- You may then use the created token to pass information between services and APIs on the same domain without having to contact a database to verify the included information.
+- You can use JWT to securely store information without exposing it to third-party JavaScript running on your site.
+
+### Disadvantages
+
+- Expiring a JSON Web Token before its encoded expiry is not possible - doing so requires maintaining a server-side blocklist of invalidated tokens (at least until they truly expire) and checking every token against the list every time a token is presented. Auth.js **will** destroy the cookie, but if the user has the JWT saved elsewhere, it will be valid (the server will accept it) until it expires. (Shorter session expiry times are used when using JSON Web Tokens as session tokens to allow sessions to be invalidated sooner and simplify this problem.)
+- Auth.js clients enable advanced features to mitigate the downsides of using shorter session expiry times on the user experience, including automatic session token rotation, optionally sending keep-alive messages (session polling) to prevent short-lived sessions from expiring if there is a window or tab open, background re-validation, and automatic tab/window syncing that keeps sessions in sync across windows any time session state changes or a window or tab gains or loses focus.
+- As with database session tokens, JSON Web Tokens are limited in the amount of data you can store in them. There is typically a limit of around 4096 bytes per cookie, though the exact limit varies between browsers. The more data you try to store in a token and the more other cookies you set, the closer you will come to this limit. Auth.js libraries implement session cookie chunking so that cookies over the 4kb limit will get split and reassembled upon parsing. However since this data needs to be transmitted on every request, you need to be aware of how much data you want to transfer using this technique.
+- Even if appropriately configured, information stored in an encrypted JWT should not be assumed to be impossible to decrypt at some point - e.g. due to the discovery of a defect or advances in technology. Data stored in an encrypted JSON Web Token (JWE) _may_ be compromised at some point. The recommendation is to generate a [secret](/reference/core#secret) with high entropy.
+
+## Database
+
+Alternatively, to a JWT session strategy, Auth.js libraries also support database sessions. In this case, instead of saving a JWT with user data after signing in, Auth.js libraries will create a session in your database. A session ID is then saved in a `HttpOnly` cookie. This is similar to the JWT session strategy, but instead of saving the user data in the cookie, it only stores an obscure value pointing to the session in the database. So whenever you will try to access the user session, you will query the database for the data.
+
+When a user signs out, the session is deleted from the database, and the session ID is deleted from the cookies.
+
+### Advantages
+
+- Database sessions can be at any time modified server-side, so you can implement features that might be more difficult - but not impossible - using the JWT strategy, etc.: "sign out everywhere", or limiting concurrent logins
+- Auth.js has no opinion on the type of database you are using, we have a big list of [official database adapters](/reference/adapters), but you can [implement your own](guides/adapters/creating-a-database-adapter) as well
+
+### Disadvantages
+
+- Database sessions need a roundtrip to your database, so they might be slower on scale unless your connections/databases are accommodated for it
+- Many database adapters are not yet compatible with the Edge, which would allow faster and cheaper session retrieval
+- Setting up a database takes more effort and requires extra services to manage compared to the stateless JWT strategy

docs/docs/contributors.md

@@ -5,7 +5,7 @@ displayed_sidebar: null
 
 ## Core team
 
-Without these people, the project could not have become one of the most used authentication library in its category.
+Without these people, the project could not have become one of the most used authentication libraries in its category.
 
 - [Balázs Orbán](https://github.com/balazsorban44) - **Lead Maintainer**
 - [Thang Vu](https://github.com/ThangHuuVu) - Maintainer (Core)
@@ -14,8 +14,9 @@ Without these people, the project could not have become one of the most used aut
 
 ## Special thanks
 
-Special thanks to Lori Karikari for creating most of the original provider configurations to Fredrik Pettersen for creating the original Prisma Adapter, to Gerald Nolan for adding support for Sign in with Apple, and to Jefferson Bledsoe for working on original testing automations.
+Special thanks to Filip Skokan for their feedback and high-quality OAuth libraries that we build on, Lori Karikari for creating most of the original provider configurations, Fredrik Pettersen for creating the original Prisma Adapter, Gerald Nolan for adding support for Sign in with Apple, and Jefferson Bledsoe for working on original testing automation.
 
+- [Filip Skokan](https://github.com/panva)
 - [Lori Karikari](https://github.com/LoriKarikari)
 - [Fredrik Pettersen](https://github.com/Fumler)
 - [Gerald Nolan](https://github.com/geraldnolan)
@@ -25,7 +26,7 @@ Special thanks to Lori Karikari for creating most of the original provider confi
 
 Auth.js as it exists today has been possible thanks to the work of many individual contributors.
 
-Thank you to the [dozens of individual contributors](https://github.com/nextauthjs/next-auth/graphs/contributors) who have help shaped Auth.js.
+Thank you to the [dozens of individual contributors](https://github.com/nextauthjs/next-auth/graphs/contributors) who have helped shape Auth.js.
 
 ## Open Collective
 
@@ -35,8 +36,10 @@ More information can be found at: https://opencollective.com/nextauth
 
 ## History
 
-- Auth.js was originally developed by <a href="https://github.com/iaincollins">Iain Collins</a> in 2016 for Next.js.
+- NextAuth.js was originally developed by <a href="https://github.com/iaincollins">Iain Collins</a> in 2016 for Next.js.
 
-- In 2020, Auth.js was rebuilt from the ground up to support Serverless, with support for MySQL, Postgres and MongoDB, JSON Web Tokens and built in support for over a dozen authentication providers.
+- In 2020, NextAuth.js was rebuilt from the ground up to support Serverless, with support for MySQL, Postgres and MongoDB, JSON Web Tokens and built-in support for over a dozen authentication providers.
 
-- In 2021, efforts have started to move Auth.js to other frameworks and to support as many databases and providers as possible.
+- In 2021, efforts have started to move NextAuth.js to other frameworks and to support as many databases and providers as possible.
+
+- In 2022, Auth.js was born which separated the core authentication logic from the Next.js framework and added support for any new frameworks.

docs/docs/getting-started/introduction.md

@@ -17,7 +17,7 @@ Continue to our tutorials to see how to use Auth.js for authentication:
 - [Setup with magic links](/getting-started/email-tutorial)
 - [Integrating with external auth](/getting-started/credentials-tutorial)
 
-### Battery included
+### Features
 
 - Built in support for 60+ popular services (Google, Facebook, Auth0, Apple…)
 - Built-in email/password-less/magic link

docs/docs/getting-started/oauth-tutorial.mdx

@@ -36,10 +36,6 @@ This tutorial assumes you have a Next.js application set up. If you don't, you c
 npm install next-auth
 ```
 
-:::info
-We are working on a new release of `next-auth` that will make it easier to set up Auth.js with Next.js. You can follow the development [on this PR](https://github.com/nextauthjs/next-auth/pull/7443)
-:::
-
 ### Creating the server config
 
 Create the following [API route](https://nextjs.org/docs/api-routes/dynamic-api-routes#catch-all-api-routes) file. This route contains the necessary configuration for NextAuth.js, as well as the dynamic route handler:
@@ -286,23 +282,24 @@ You can use the `$page.data.session` variable from anywhere on your page. Learn
 To protect your API Routes (blocking unauthorized access to resources), you can use `locals.getSessions()` just like in the layouts file to know whether a session exists or not:
 
 ```ts title="routes/api/movies/+server.ts"
-import { json, error } from "@sveltejs/kit";
-import type { RequestEvent } from "./$types";
+import { json, error } from "@sveltejs/kit"
+import type { RequestEvent } from "./$types"
 
 export async function GET({ locals }: RequestEvent) {
   const session = await locals.getSession()
   if (!session?.user) {
-    throw error(401, "You must sign in to view movies.");
+    throw error(401, "You must sign in to view movies.")
   }
 
   return json({
     movies: [
       { title: "Alien vs Predator", id: 1 },
       { title: "Reservoir Dogs", id: 2 },
-    ]
+    ],
   })
 }
 ```
+
   </TabItem>
   <TabItem value="solidstart" label="SolidStart">
 TODO: SolidStart
@@ -451,7 +448,6 @@ Great! We're now ready to run our application locally. Start the Svelte app by r
 npm run vite dev
 ```
 
-
   </TabItem>
   <TabItem value="solidstart" label="SolidStart">
 TODO SolidStart

docs/docs/guides/adapters/creating-a-database-adapter.md

@@ -2,19 +2,16 @@
 title: Creating a database adapter
 ---
 
-Using a custom adapter you can connect to any database back-end or even several different databases. Official adapters created and maintained by our community can be found in the [adapters](https://github.com/nextauthjs/next-auth/tree/main/packages) packages. Feel free to add a custom adapter from your project to the repository, or even become a maintainer of a certain adapter. Custom adapters can still be created and used in a project without being added to the repository.
+Custom adapters allow you to integrate with any (even multiple) database/back-end service, even if we don't have an [official package](https://github.com/nextauthjs/next-auth/tree/main/packages) available yet. The only requirement is that your database can support the [models](/reference/adapters#models) that Auth.js expects.
 
-## How to create an adapter
-
-For more information about the data these methods need to manage see [models](/reference/adapters#models).
-
-_See the code below for practical example._
+_See the code below for a practical example._
 
 ### Example code
 
 ```ts
-/** @return { import("next-auth/adapters").Adapter } */
-export default function MyAdapter(client, options = {}) {
+import type { Adapter } from '@auth/core/adapters'
+
+export function MyAdapter(client, options = {}): Adapter {
   return {
     async createUser(user) {
       return
@@ -64,7 +61,7 @@ export default function MyAdapter(client, options = {}) {
 
 ### Required methods
 
-These methods are required for all sign in flows:
+These methods are required for all sign-in flows:
 
 - `createUser`
 - `getUser`
@@ -77,7 +74,7 @@ These methods are required for all sign in flows:
 - `deleteSession`
 - `updateUser`
 
-These methods are required to support email / passwordless sign in:
+These methods are required to support email / passwordless sign-in:
 
 - `createVerificationToken`
 - `useVerificationToken`
@@ -88,3 +85,8 @@ These methods will be required in a future release, but are not yet invoked:
 
 - `deleteUser`
 - `unlinkAccount`
+
+### Useful resources
+
+- [Official adapters' source code](https://github.com/nextauthjs/next-auth/tree/main/packages)
+- [`Adapter` interface](/reference/core/adapters#adapter)

docs/docs/guides/adapters/using-a-database-adapter.md

@@ -5,7 +5,7 @@ title: Using a database adapter
 An **Adapter** in Auth.js connects your application to whatever database or backend system you want to use to store data for users, their accounts, sessions, etc. Adapters are optional, unless you need to persist user information in your own database, or you want to implement certain flows. The [Email Provider](/getting-started/email-tutorial) requires an adapter to be able to save [Verification Tokens](/reference/adapters#verification-token).
 
 :::tip
-When using a database, you can still use JWT for session handling for fast access. See the [`session.strategy`](/reference/configuration/auth-config#session) option. Read about the trade-offs of JWT in the [FAQ](/concepts/faq#json-web-tokens).
+When using a database, you can still use JWT for session handling for fast access. Learn more about [`session strategies`](/concepts/session-strategies) and their trade-offs.
 :::
 
 We have a list of official adapters that are distributed as their own packages under the `@auth/{name}-adapter` namespace. Their source code is available in their various adapters package directories at [`nextauthjs/next-auth`](https://github.com/nextauthjs/next-auth/tree/main/packages):

docs/docs/reference/adapters/index.md

@@ -213,3 +213,7 @@ Auth.js / NextAuth.js uses `camelCase` for its database rows while respecting th
 ## TypeScript
 
 Check out the [`@auth/core/adapters` API Reference](/reference/core/adapters) documentation.
+
+## Create a custom adapter
+
+If you are using a database that we don't have an official adapter for, you can check out the [Creating a database adapter](/guides/adapters/creating-a-database-adapter) guide.

docs/docs/reference/index.md

@@ -6,10 +6,11 @@ This section of the documentation contains the API reference for all the officia
 
 ## Roadmap
 
-Here are the _state_ of planned and released packages under the `@auth/*` scope. This is not an exhaustive list, but the set of packages that we would like to focus on, to begin with.
+Here are the _state_ of planned and released packages under the `@auth/*` and `@next-auth/*` scope, as well as `next-auth`. This is not an exhaustive list, but the set of packages that we would like to focus on, to begin with.
 
 |        Feature         |  Status  |
 | ---------------------- | -------- |
+| `next-auth`            | Release (stable). See [docs](https://next-auth.js.org) |
 | `@auth/*-adapter`      | Released (stable). Fully compatible with `next-auth` and all `@auth/*` libraries.   |
 | `@next-auth/*-adapter` | Maintenance has stopped. Update to `@auth/*-adapter`. See above.  |
 | `@auth/core`           | Released (experimental). |

docs/docusaurus.config.js

@@ -30,14 +30,28 @@ function typedocAdapter(name) {
       entryPoints: [`../packages/adapter-${slug}/src/index.ts`],
       tsconfig: `../packages/adapter-${slug}/tsconfig.json`,
       out: `reference/adapter/${slug}`,
-      sidebar: {
-        indexLabel: name,
-      },
       ...typedocConfig,
     },
   ]
 }
 
+function typedocFramework(pkgDir, entrypoints) {
+  const id = pkgDir.replace("frameworks-", "")
+  return [
+    "docusaurus-plugin-typedoc",
+    {
+      ...typedocConfig,
+      id: id,
+      plugin: [require.resolve("./typedoc-mdn-links")],
+      watch: process.env.TYPEDOC_WATCH,
+      entryPoints: entrypoints.map((e) => `../packages/${pkgDir}/src/${e}`),
+      tsconfig: `../packages/${pkgDir}/tsconfig.json`,
+      out: `reference/${id === "next-auth" ? "nextjs" : id}`,
+      skipIndexPage: true,
+    },
+  ]
+}
+
 /** @type {import("@docusaurus/types").Config} */
 const docusaurusConfig = {
   markdown: {
@@ -225,12 +239,15 @@ const docusaurusConfig = {
            */
           editUrl({ docPath }) {
             // TODO: support other packages, fix directory links like "providers"
+            const base = "https://github.com/nextauthjs/next-auth/edit/main/packages"
             if (docPath.includes("reference/core")) {
               const file = docPath.split("reference/core/")[1].replace(".md", ".ts").replace("_", "/")
-              const base = `https://github.com/nextauthjs/next-auth/edit/main/packages/core/src/${file}`
-              return base
+              return `${base}/core/src/${file}`
+            } else if (docPath.includes("reference/adapter/")) {
+              const file = docPath.split("reference/adapter/")[1].replace("index.md", "src/index.ts")
+              return `${base}/adapter-${file}`
             }
-            return "https://github.com/nextauthjs/next-auth/edit/main/docs"
+            return `https://github.com/nextauthjs/next-auth/edit/main/docs/docs/${docPath}`
           },
           lastVersion: "current",
           showLastUpdateAuthor: true,
@@ -241,6 +258,11 @@ const docusaurusConfig = {
               label: "experimental",
             },
           },
+          async sidebarItemsGenerator({ defaultSidebarItemsGenerator, ...args }) {
+            const sidebarItems = await defaultSidebarItemsGenerator(args)
+            const sidebarIdsToOmit = ["reference/core/index", "reference/sveltekit/index", "reference/solidstart/index"]
+            return sidebarItems.filter((sidebarItem) => !sidebarIdsToOmit.includes(sidebarItem.id))
+          },
         },
         theme: {
           customCss: require.resolve("./src/css/index.css"),
@@ -249,36 +271,8 @@ const docusaurusConfig = {
     ],
   ],
   plugins: [
-    [
-      "docusaurus-plugin-typedoc",
-      {
-        ...typedocConfig,
-        id: "core",
-        plugin: [require.resolve("./typedoc-mdn-links")],
-        watch: process.env.TYPEDOC_WATCH,
-        entryPoints: ["index.ts", "adapters.ts", "errors.ts", "jwt.ts", "types.ts"].map((e) => `${coreSrc}/${e}`).concat(providers),
-        tsconfig: "../packages/core/tsconfig.json",
-        out: "reference/core",
-        sidebar: {
-          indexLabel: "index",
-        },
-      },
-    ],
-    [
-      "docusaurus-plugin-typedoc",
-      {
-        ...typedocConfig,
-        id: "sveltekit",
-        plugin: [require.resolve("./typedoc-mdn-links")],
-        watch: process.env.TYPEDOC_WATCH,
-        entryPoints: ["index.ts", "client.ts"].map((e) => `../packages/frameworks-sveltekit/src/lib/${e}`),
-        tsconfig: "../packages/frameworks-sveltekit/tsconfig.json",
-        out: "reference/sveltekit",
-        sidebar: {
-          indexLabel: "index",
-        },
-      },
-    ],
+    typedocFramework("core", ["index.ts", "adapters.ts", "errors.ts", "jwt.ts", "types.ts"]),
+    typedocFramework("frameworks-sveltekit", ["lib/index.ts", "lib/client.ts"]),
     ...(process.env.TYPEDOC_SKIP_ADAPTERS
       ? []
       : [

docs/package.json

@@ -34,9 +34,9 @@
     "@docusaurus/theme-common": "2.4.1",
     "@docusaurus/theme-mermaid": "2.4.1",
     "@docusaurus/types": "2.4.1",
-    "docusaurus-plugin-typedoc": "1.0.0-next.5",
+    "docusaurus-plugin-typedoc": "1.0.0-next.13",
     "typedoc": "^0.24.8",
-    "typedoc-plugin-markdown": "4.0.0-next.6"
+    "typedoc-plugin-markdown": "4.0.0-next.16"
   },
   "browserslist": {
     "production": [

docs/typedoc.json

@@ -3,14 +3,15 @@
   "cleanOutputDir": true,
   "disableSources": true,
   "excludeExternals": true,
+  "excludeGroups": true,
   "excludeInternal": true,
   "excludeNotDocumented": true,
   "excludePrivate": true,
   "excludeProtected": true,
-  "hideHierarchy": true,
   "gitRevision": "main",
-  "groupByReflections": false,
   "hideBreadcrumbs": true,
+  "hideHierarchy": true,
+  "hideKindPrefix": true,
   "hideGenerator": true,
   "kindSortOrder": [
     "Function",
@@ -36,8 +37,9 @@
     "GetSignature",
     "SetSignature"
   ],
+  "outputFileStrategy": "modules",
   "readme": "none",
-  "reflectionsWithOwnFile": "none",
+  "skipErrorChecking": true,
   "sort": [
     "kind",
     "static-first",

docs/vercel.json

@@ -67,6 +67,16 @@
       "has": [{ "type": "host", "value": "solid-start.authjs.dev" }],
       "destination": "https://authjs.dev/reference/solid-start"
     },
+    {
+      "source": "/:path(.*)",
+      "has": [{ "type": "host", "value": "nextjs.authjs.dev" }],
+      "destination": "https://authjs.dev/reference/nextjs"
+    },
+    {
+      "source": "/v5",
+      "has": [{ "type": "host", "value": "nextjs.authjs.dev" }],
+      "destination": "https://authjs.dev/guides/upgrade-to-v5"
+    },
     {
       "source": "/:path(.*)",
       "has": [{ "type": "host", "value": "errors.authjs.dev" }],

package.json

@@ -26,9 +26,9 @@
   },
   "devDependencies": {
     "@actions/core": "^1.10.0",
-    "@balazsorban/monorepo-release": "0.1.8",
+    "@balazsorban/monorepo-release": "0.2.4",
     "@types/jest": "^28.1.3",
-    "@types/node": "^17.0.25",
+    "@types/node": "^18.15.11",
     "@typescript-eslint/eslint-plugin": "5.47.0",
     "@typescript-eslint/parser": "5.47.0",
     "eslint": "8.30.0",
@@ -47,7 +47,7 @@
     "typescript": "5.2.2"
   },
   "engines": {
-    "node": "^16.13.0 || ^18.12.0"
+    "node": "^18.18.0 || ^20.8.0"
   },
   "packageManager": "pnpm@8.7.1",
   "funding": [
@@ -62,7 +62,7 @@
   ],
   "pnpm": {
     "patchedDependencies": {
-      "@balazsorban/monorepo-release@0.1.8": "patches/@balazsorban__monorepo-release@0.1.8.patch"
+      "@balazsorban/monorepo-release@0.2.4": "patches/@balazsorban__monorepo-release@0.2.4.patch"
     }
   },
   "eslintIgnore": [

packages/adapter-azure-tables/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/azure-tables-adapter",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "Azure Tables Storage adapter for next-auth.",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",

packages/adapter-d1/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/d1-adapter",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "A Cloudflare D1 adapter for Auth.js",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -49,7 +49,7 @@
     "@auth/tsconfig": "workspace:*",
     "@cloudflare/workers-types": "^4.20230321.0",
     "@miniflare/d1": "^2.12.2",
-    "better-sqlite3": "^7.0.0",
+    "better-sqlite3": "^8.6.0",
     "jest": "^29.3.0"
   },
   "jest": {

packages/adapter-dgraph/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/dgraph-adapter",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "Dgraph adapter for Auth.js",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -57,4 +57,4 @@
   "jest": {
     "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-drizzle/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/drizzle-adapter",
-  "version": "0.3.2",
+  "version": "0.3.3",
   "description": "Drizzle adapter for Auth.js.",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -52,9 +52,9 @@
     "@auth/tsconfig": "workspace:*",
     "@types/better-sqlite3": "^7.6.4",
     "@types/uuid": "^8.3.3",
-    "better-sqlite3": "^8.4.0",
+    "better-sqlite3": "^8.6.0",
     "drizzle-kit": "^0.19.5",
-    "drizzle-orm": "^0.27.0",
+    "drizzle-orm": "^0.28.6",
     "jest": "^27.4.3",
     "mysql2": "^3.2.0",
     "postgres": "^3.3.4"
@@ -62,4 +62,4 @@
   "jest": {
     "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-dynamodb/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@auth/dynamodb-adapter",
   "repository": "https://github.com/nextauthjs/next-auth",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "description": "AWS DynamoDB adapter for next-auth.",
   "keywords": [
     "next-auth",

packages/adapter-edgedb/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/edgedb-adapter",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "EdgeDB adapter for next-auth.",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -57,4 +57,4 @@
   "jest": {
     "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-fauna/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/fauna-adapter",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "Fauna Adapter for Auth.js",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -59,4 +59,4 @@
   "jest": {
     "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-firebase/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/firebase-adapter",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "Firebase adapter for Auth.js",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -54,4 +54,4 @@
     "firebase-tools": "^11.16.1",
     "jest": "^29.3.1"
   }
-}
+}

packages/adapter-kysely/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/kysely-adapter",
-  "version": "0.1.1",
+  "version": "0.1.2",
   "description": "Kysely adapter for Auth.js",
   "homepage": "https://authjs.dev/reference/adapter/kysely",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -44,7 +44,7 @@
     "@auth/tsconfig": "workspace:*",
     "@types/better-sqlite3": "^7.6.3",
     "@types/pg": "^8.6.5",
-    "better-sqlite3": "^8.2.0",
+    "better-sqlite3": "^8.6.0",
     "jest": "^27.4.3",
     "kysely": "^0.24.2",
     "mysql2": "^3.2.0",
@@ -53,4 +53,4 @@
   "jest": {
     "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-mikro-orm/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/mikro-orm-adapter",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "MikroORM adapter for Auth.js",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -56,4 +56,4 @@
   "jest": {
     "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-mongodb/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/mongodb-adapter",
-  "version": "2.0.0",
+  "version": "2.0.1",
   "description": "MongoDB adapter for Auth.js",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",

packages/adapter-neo4j/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/neo4j-adapter",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "neo4j adapter for Auth.js",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -56,4 +56,4 @@
   "jest": {
     "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-pg/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/pg-adapter",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "Postgres adapter for next-auth.",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",

packages/adapter-pouchdb/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/pouchdb-adapter",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "PouchDB adapter for next-auth.",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -56,4 +56,4 @@
   "jest": {
     "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-prisma/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/prisma-adapter",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "description": "Prisma adapter for Auth.js",
   "homepage": "https://authjs.dev/reference/adapter/prisma",
   "repository": "https://github.com/nextauthjs/next-auth",

packages/adapter-sequelize/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/sequelize-adapter",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "description": "Sequelize adapter for Auth.js",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",

packages/adapter-supabase/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/supabase-adapter",
-  "version": "0.1.2",
+  "version": "0.1.4",
   "description": "Supabase adapter for Auth.js",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -50,4 +50,4 @@
   "jest": {
     "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-supabase/src/index.ts

@@ -260,7 +260,7 @@ export interface SupabaseAdapterOptions {
  * For example, given the following public schema:
  *
  * ```sql
- * // Note: This table contains user data. Users should only be able to view and update their own data.
+ * -- Note: This table contains user data. Users should only be able to view and update their own data.
  * create table users (
  *   -- UUID from next_auth.users
  *   id uuid not null primary key,
@@ -276,7 +276,7 @@ export interface SupabaseAdapterOptions {
  * create policy "Can view own user data." on users for select using (next_auth.uid() = id);
  * create policy "Can update own user data." on users for update using (next_auth.uid() = id);
  *
- * // This trigger automatically creates a user entry when a new user signs up via NextAuth.
+ * -- This trigger automatically creates a user entry when a new user signs up via NextAuth.
  * create function public.handle_new_user()
  * returns trigger as $$
  * begin

packages/adapter-surrealdb/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/surrealdb-adapter",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "SurrealDB adapter for next-auth.",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",

packages/adapter-typeorm/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/typeorm-adapter",
-  "version": "1.0.2",
+  "version": "1.0.4",
   "description": "TypeORM adapter for Auth.js.",
   "homepage": "https://authjs.dev/reference/adapter/typeorm",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -57,13 +57,13 @@
     "mysql": "^2.18.1",
     "pg": "^8.7.3",
     "sqlite3": "^5.0.8",
-    "typeorm": "0.3.15",
+    "typeorm": "0.3.17",
     "typeorm-naming-strategies": "^4.1.0",
     "typescript": "5.2.2"
   },
   "peerDependencies": {
-    "mssql": "^6.2.1 || 7",
-    "mysql": "^2.18.1",
+    "mssql": "^6.2.1 || ^7 || ^8 || ^9",
+    "mysql": "^2.18.1 || ^3",
     "pg": "^8.2.1",
     "sqlite3": "^5.0.2",
     "typeorm": "^0.3.7"

packages/adapter-upstash-redis/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/upstash-redis-adapter",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "description": "Upstash adapter for Auth.js.",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -49,11 +49,9 @@
     "@types/uuid": "^8.3.3",
     "@upstash/redis": "^1.0.1",
     "dotenv": "^10.0.0",
-    "isomorphic-fetch": "3.0.0",
-    "jest": "^27.4.3",
-    "next-auth": "workspace:*"
+    "jest": "^27.4.3"
   },
   "jest": {
     "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-upstash-redis/tests/index.test.ts

@@ -1,4 +1,3 @@
-import "isomorphic-fetch"
 import { Redis } from "@upstash/redis"
 import { runBasicTests } from "@auth/adapter-test"
 import { hydrateDates, UpstashRedisAdapter } from "../src"

packages/adapter-xata/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/xata-adapter",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "Xata adapter for Auth.js",
   "homepage": "https://authjs.dev",
   "repository": "https://github.com/nextauthjs/next-auth",
@@ -52,4 +52,4 @@
   "jest": {
     "preset": "@auth/adapter-test/jest"
   }
-}
+}

packages/adapter-xata/tests/index.test.ts

@@ -1,4 +1,3 @@
-import "isomorphic-fetch"
 import { runBasicTests } from "@auth/adapter-test"
 import "dotenv/config"
 import { XataClient } from "../src/xata"

packages/core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/core",
-  "version": "0.15.2",
+  "version": "0.16.1",
   "description": "Authentication for the Web.",
   "keywords": [
     "authentication",

packages/core/src/index.ts

@@ -149,6 +149,7 @@ export async function Auth(
     response.headers.delete("Location")
     response.headers.set("Content-Type", "application/json")
     return new Response(JSON.stringify({ url: redirect }), {
+      status: internalResponse.status,
       headers: response.headers,
     })
   }

packages/core/src/lib/index.ts

@@ -136,10 +136,7 @@ export async function AuthInternal<
     switch (action) {
       case "signin":
         if ((csrfDisabled || options.csrfTokenVerified) && options.provider) {
-          const signin = await routes.signin(
-            request,
-            options
-          )
+          const signin = await routes.signin(request, options)
           if (signin.cookies) cookies.push(...signin.cookies)
           return { ...signin, cookies }
         }
@@ -177,7 +174,7 @@ export async function AuthInternal<
         }
         break
       case "session": {
-        if (options.csrfTokenVerified) {
+        if (options.csrfTokenVerified || csrfDisabled) {
           const session = await routes.session({
             options,
             sessionStore,

packages/core/src/providers/linkedin.ts

@@ -8,17 +8,22 @@
  *
  * @module providers/linkedin
  */
-import type { OAuthConfig, OAuthUserConfig } from "./index.js"
+import type { OIDCConfig, OIDCUserConfig } from "./index.js"
 
-export interface LinkedInProfile {
-  sub: string
-  name: string
-  email: string
-  picture: string
+/** @see https://learn.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/sign-in-with-linkedin-v2#response-body-schema */
+export interface LinkedInProfile extends Record<string, any> {
+  sub: string,
+  name: string,
+  given_name: string,
+  family_name: string,
+  picture: string,
+  locale: string,
+  email: string,
+  email_verified: boolean
 }
 
 /**
- * Add Linkedin login to your page.
+ * Add LinkedIn login to your page.
  *
  * ### Setup
  *
@@ -30,27 +35,27 @@ export interface LinkedInProfile {
  * #### Configuration
  *```js
  * import Auth from "@auth/core"
- * import Linkedin from "@auth/core/providers/linkedin"
+ * import LinkedIn from "@auth/core/providers/linkedin"
  *
  * const request = new Request(origin)
  * const response = await Auth(request, {
- *   providers: [Linkedin({ clientId: LINKEDIN_CLIENT_ID, clientSecret: LINKEDIN_CLIENT_SECRET })],
+ *   providers: [LinkedIn({ clientId: LINKEDIN_CLIENT_ID, clientSecret: LINKEDIN_CLIENT_SECRET })],
  * })
  * ```
  *
  * ### Resources
  *
- *  - [Linkedin OAuth documentation](https://docs.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow)
- *  - [Linkedin app console](https://www.linkedin.com/developers/apps/)
+ *  - [LinkedIn OAuth documentation](https://docs.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow)
+ *  - [LinkedIn app console](https://www.linkedin.com/developers/apps/)
  *
  * ### Notes
  *
- * By default, Auth.js assumes that the Linkedin provider is
- * based on the [OAuth 2](https://www.rfc-editor.org/rfc/rfc6749.html) specification.
+ * By default, Auth.js assumes that the LinkedIn provider is
+ * based on the [OIDC](https://openid.net/specs/openid-connect-core-1_0.html) specification.
  *
  * :::tip
  *
- * The Linkedin provider comes with a [default configuration](https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/linkedin.ts).
+ * The LinkedIn provider comes with a [default configuration](https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/linkedin.ts).
  * To override the defaults for your use case, check out [customizing a built-in OAuth provider](https://authjs.dev/guides/providers/custom-provider#override-default-options).
  *
  * :::
@@ -66,14 +71,22 @@ export interface LinkedInProfile {
  * :::
  */
 export default function LinkedIn<P extends LinkedInProfile>(
-  options: OAuthUserConfig<P>
-): OAuthConfig<P> {
+  options: OIDCUserConfig<P>
+): OIDCConfig<P> {
   return {
     id: "linkedin",
     name: "LinkedIn",
     type: "oidc",
-    client: {
-      token_endpoint_auth_method: "client_secret_post",
+    client: { token_endpoint_auth_method: "client_secret_post" },
+    issuer: "https://www.linkedin.com",
+    jwks_endpoint: "https://www.linkedin.com/oauth/openid/jwks",
+    async profile(profile) {
+      return {
+        id: profile.sub,
+        name: profile.name,
+        email: profile.email,
+        image: profile.picture
+      }
     },
     style: {
       logo: "/linkedin.svg",

packages/frameworks-solid-start/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@auth/solid-start",
   "description": "Authentication for SolidStart.",
-  "version": "0.1.1",
+  "version": "0.1.2",
   "type": "module",
   "files": [
     "client.*",
@@ -31,7 +31,6 @@
     "@auth/core": "workspace:*",
     "@solidjs/meta": "^0.28.0",
     "@types/node": "^18.7.14",
-    "next-auth": "workspace:*",
     "solid-js": "^1.5.7",
     "solid-start": "^0.2.14",
     "tsup": "^6.5.0",
@@ -50,4 +49,4 @@
   "author": "OrJDev <orjdeveloper@gmail.com>",
   "repository": "https://github.com/nextauthjs/next-auth",
   "license": "ISC"
-}
+}

packages/frameworks-solid-start/src/client.ts

@@ -1,14 +1,35 @@
-import type {
-  LiteralUnion,
-  SignInOptions,
-  SignInAuthorizationParams,
-  SignOutParams,
-} from "next-auth/react"
 import type {
   BuiltInProviderType,
   RedirectableProviderType,
 } from "@auth/core/providers"
 
+type LiteralUnion<T extends U, U = string> = T | (U & Record<never, never>)
+
+interface SignInOptions extends Record<string, unknown> {
+  /**
+   * Specify to which URL the user will be redirected after signing in. Defaults to the page URL the sign-in is initiated from.
+   *
+   * [Documentation](https://next-auth.js.org/getting-started/client#specifying-a-callbackurl)
+   */
+  callbackUrl?: string
+  /** [Documentation](https://next-auth.js.org/getting-started/client#using-the-redirect-false-option) */
+  redirect?: boolean
+}
+
+interface SignOutParams<R extends boolean = true> {
+  /** [Documentation](https://next-auth.js.org/getting-started/client#specifying-a-callbackurl-1) */
+  callbackUrl?: string
+  /** [Documentation](https://next-auth.js.org/getting-started/client#using-the-redirect-false-option-1 */
+  redirect?: R
+}
+
+/** Match `inputType` of `new URLSearchParams(inputType)` */
+export type SignInAuthorizationParams =
+  | string
+  | string[][]
+  | Record<string, string>
+  | URLSearchParams
+
 /**
  * Client-side method to initiate a signin flow
  * or send the user to the signin page listing all possible providers.

packages/frameworks-sveltekit/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auth/sveltekit",
-  "version": "0.3.7",
+  "version": "0.3.9",
   "description": "Authentication for SvelteKit.",
   "keywords": [
     "authentication",
@@ -36,7 +36,6 @@
     "@sveltejs/adapter-auto": "^1.0.0",
     "@sveltejs/kit": "^1.0.0",
     "@sveltejs/package": "^1.0.0",
-    "next-auth": "workspace:*",
     "svelte": "^3.54.0",
     "svelte-check": "^2.9.2",
     "tslib": "^2.4.1",

packages/frameworks-sveltekit/src/lib/client.ts

@@ -1,14 +1,35 @@
-import type {
-  LiteralUnion,
-  SignInOptions,
-  SignInAuthorizationParams,
-  SignOutParams,
-} from "next-auth/react"
 import type {
   BuiltInProviderType,
   RedirectableProviderType,
 } from "@auth/core/providers"
-import { base } from "$app/paths";
+import { base } from "$app/paths"
+
+type LiteralUnion<T extends U, U = string> = T | (U & Record<never, never>)
+
+interface SignInOptions extends Record<string, unknown> {
+  /**
+   * Specify to which URL the user will be redirected after signing in. Defaults to the page URL the sign-in is initiated from.
+   *
+   * [Documentation](https://next-auth.js.org/getting-started/client#specifying-a-callbackurl)
+   */
+  callbackUrl?: string
+  /** [Documentation](https://next-auth.js.org/getting-started/client#using-the-redirect-false-option) */
+  redirect?: boolean
+}
+
+interface SignOutParams<R extends boolean = true> {
+  /** [Documentation](https://next-auth.js.org/getting-started/client#specifying-a-callbackurl-1) */
+  callbackUrl?: string
+  /** [Documentation](https://next-auth.js.org/getting-started/client#using-the-redirect-false-option-1 */
+  redirect?: R
+}
+
+/** Match `inputType` of `new URLSearchParams(inputType)` */
+export type SignInAuthorizationParams =
+  | string
+  | string[][]
+  | Record<string, string>
+  | URLSearchParams
 
 /**
  * Client-side method to initiate a signin flow

packages/next-auth/package.json

@@ -37,7 +37,7 @@
     "./providers/*": "./providers/*.js"
   },
   "scripts": {
-    "build": "pnpm clean && pnpm build:js && pnpm build:css",
+    "build": "echo 'Check out the v4 branch'; exit 0",
     "build:js": "pnpm clean && pnpm generate-providers && pnpm tsc --project tsconfig.json && babel --config-file ./config/babel.config.js src --out-dir . --extensions \".tsx,.ts,.js,.jsx\"",
     "clean": "rm -rf coverage client css utils providers core jwt react next index.d.ts index.js adapters.d.ts middleware.d.ts middleware.js",
     "build:css": "postcss --config config/postcss.config.js src/**/*.css --base src --dir . && node config/wrap-css.js",

packages/next-auth/provider-logos/apple-dark.svg

@@ -1,4 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="4 32 376.4 449.4" width="32" height="32">
-  <title>Apple icon</title>
-  <path fill="#fff" d="M318.7 268.7c-.2-36.7 16.4-64.4 50-84.8-18.8-26.9-47.2-41.7-84.7-44.6-35.5-2.8-74.3 20.7-88.5 20.7-15 0-49.4-19.7-76.4-19.7C63.3 141.2 4 184.8 4 273.5q0 39.3 14.4 81.2c12.8 36.7 59 126.7 107.2 125.2 25.2-.6 43-17.9 75.8-17.9 31.8 0 48.3 17.9 76.4 17.9 48.6-.7 90.4-82.5 102.6-119.3-65.2-30.7-61.7-90-61.7-91.9zm-56.6-164.2c27.3-32.4 24.8-61.9 24-72.5-24.1 1.4-52 16.4-67.9 34.9-17.5 19.8-27.8 44.3-25.6 71.9 26.1 2 49.9-11.4 69.5-34.3z"/>
-</svg>

packages/next-auth/provider-logos/apple.svg

@@ -1,4 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="4 32 376.4 449.4" width="32" height="32">
-  <title>Apple icon</title>
-  <path d="M318.7 268.7c-.2-36.7 16.4-64.4 50-84.8-18.8-26.9-47.2-41.7-84.7-44.6-35.5-2.8-74.3 20.7-88.5 20.7-15 0-49.4-19.7-76.4-19.7C63.3 141.2 4 184.8 4 273.5q0 39.3 14.4 81.2c12.8 36.7 59 126.7 107.2 125.2 25.2-.6 43-17.9 75.8-17.9 31.8 0 48.3 17.9 76.4 17.9 48.6-.7 90.4-82.5 102.6-119.3-65.2-30.7-61.7-90-61.7-91.9zm-56.6-164.2c27.3-32.4 24.8-61.9 24-72.5-24.1 1.4-52 16.4-67.9 34.9-17.5 19.8-27.8 44.3-25.6 71.9 26.1 2 49.9-11.4 69.5-34.3z"/>
-</svg>

packages/next-auth/provider-logos/atlassian-dark.svg

@@ -1,8 +0,0 @@
-<svg viewBox="0.29136862699701993 -41.138268758326056 145.22149045698177 186.73799623391153" xmlns="http://www.w3.org/2000/svg" width="32" height="32">
-  <linearGradient id="a" gradientTransform="matrix(1 0 0 -1 0 228)" gradientUnits="userSpaceOnUse" x1="62.57" x2="25.03" y1="150.13" y2="85.11">
-    <stop offset="0" stop-color="#0052cc"/>
-    <stop offset=".92" stop-color="#2684ff"/>
-  </linearGradient>
-  <path d="M43 67a4.14 4.14 0 0 0-5.79-.78A4.29 4.29 0 0 0 36 67.73L.45 138.85a4.25 4.25 0 0 0 1.9 5.7 4.18 4.18 0 0 0 1.9.45h49.53a4.08 4.08 0 0 0 3.8-2.35C68.27 120.57 61.79 87 43 67z" fill="url(#a)"/>
-  <path d="M69.13 2.28a93.82 93.82 0 0 0-5.48 92.61l23.88 47.76a4.25 4.25 0 0 0 3.8 2.35h49.52a4.24 4.24 0 0 0 4.25-4.25 4.31 4.31 0 0 0-.44-1.9L76.36 2.26a4 4 0 0 0-7.23 0z" fill="#2684ff"/>
-</svg>

packages/next-auth/provider-logos/atlassian.svg

@@ -1,4 +0,0 @@
-<svg viewBox="0.29136862699701993 -41.138268758326056 145.22149045698177 186.73799623391153" xmlns="http://www.w3.org/2000/svg" width="32" height="32">
-  <path d="M43 67a4.14 4.14 0 0 0-5.79-.78A4.29 4.29 0 0 0 36 67.73L.45 138.85a4.25 4.25 0 0 0 1.9 5.7 4.18 4.18 0 0 0 1.9.45h49.53a4.08 4.08 0 0 0 3.8-2.35C68.27 120.57 61.79 87 43 67z" fill="#fff"/>
-  <path d="M69.13 2.28a93.82 93.82 0 0 0-5.48 92.61l23.88 47.76a4.25 4.25 0 0 0 3.8 2.35h49.52a4.24 4.24 0 0 0 4.25-4.25 4.31 4.31 0 0 0-.44-1.9L76.36 2.26a4 4 0 0 0-7.23 0z" fill="#fff"/>
-</svg>

packages/next-auth/provider-logos/auth0-dark.svg

@@ -1,12 +0,0 @@
-<svg width="32" height="32" viewBox="0 0 41 45" fill="none" xmlns="http://www.w3.org/2000/svg">
-  <g clip-path="url(#clip0)">
-    <path d="M35.3018 0H20.5L25.0737 14.076H39.8755L27.9009 22.4701L32.4746 36.6253C40.1827 31.081 42.7027 22.6883 39.8755 14.076L35.3018 0Z" fill="white"/>
-    <path d="M1.12504 14.076H15.9268L20.5005 0H5.69875L1.12504 14.076C-1.70213 22.6898 0.8178 31.081 8.52592 36.6253L13.0996 22.4701L1.12504 14.076Z" fill="white"/>
-    <path d="M8.52539 36.6251L20.5 44.9998L32.4746 36.6251L20.5 28.1084L8.52539 36.6251Z" fill="white"/>
-  </g>
-  <defs>
-    <clipPath id="clip0">
-      <rect width="41" height="45" fill="none"/>
-    </clipPath>
-  </defs>
-</svg>