chore(release): bump package version(s) [skip ci]

fix: improve logger (#4970 )
* fix: add debug warning, only show warnings once * fix: prefer `debug` for details * remove url * test: fix tests * Update docs/docs/errors.md Co-authored-by: Thang Vu <31528554+ThangHuuVu@users.noreply.github.com> * Update callback.ts Co-authored-by: Thang Vu <31528554+ThangHuuVu@users.noreply.github.com>
2026-05-01 10:55:20 +00:00 · 2022-07-21 16:35:03 +02:00 · 2022-07-21 16:00:16 +02:00 · 2022-07-21 13:59:46 +02:00 · 2022-07-20 03:18:02 +02:00 · 2022-07-20 03:08:03 +02:00
106 changed files with 2719 additions and 2465 deletions
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1,4 +1,11 @@
-/types/ @balazsorban44 @lluia
-/docs/ @balazsorban44 @ndom91
-/adapters/ @balazsorban44 @ndom91
-/__tests__/ @lluia
+# Learn how to add code owners here:
+# https://help.github.com/en/articles/about-code-owners
+
+*                     @balazsorban44
+.github               @ThangHuuVu
+/apps/                @lluia @ndom91 @ThangHuuVu
+/docs/                @lluia @ndom91
+/packages/            @ThangHuuVu
+/packages/adapter-*/  @ndom91
+/**/*test*            @lluia
+/**/*type*            @lluia
--- a/.github/pr-labeler.yml
+++ b/.github/pr-labeler.yml
@@ -10,7 +10,7 @@ providers:

 adapters:
  - packages/next-auth/src/adapters.ts
-  - packages/*-adapter/**
+  - packages/adapter-*/**

 dgraph:
  - packages/adapter-dgraph/**
--- a/.github/version-pr/action.yml
+++ b/.github/version-pr/action.yml
@@ -4,5 +4,5 @@ outputs:
  version:
    description: "npm package version"
 runs:
-  using: "node12"
+  using: "node16"
  main: "index.js"
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -21,7 +21,7 @@ jobs:
      - name: Install pnpm
        uses: pnpm/action-setup@v2.2.1
        with:
-          version: 6.32.8
+          version: 7.5.1
      - name: Setup Node
        uses: actions/setup-node@v3
        with:
@@ -55,7 +55,7 @@ jobs:
      - name: Install pnpm
        uses: pnpm/action-setup@v2.2.1
        with:
-          version: 6.32.8
+          version: 7.5.1
      - name: Setup Node
        uses: actions/setup-node@v3
        with:
@@ -85,7 +85,7 @@ jobs:
      - name: Install pnpm
        uses: pnpm/action-setup@v2.2.1
        with:
-          version: 6.32.8
+          version: 7.5.1
      - name: Setup Node
        uses: actions/setup-node@v3
        with:
@@ -108,7 +108,11 @@ jobs:
      - name: Comment version on PR
        uses: NejcZdovc/comment-pr@v1
        with:
-          message: "🎉 Experimental release [published on npm](https://www.npmjs.com/package/next-auth/v/${{ env.VERSION }})!\n\n```sh\nnpm i next-auth@${{ env.VERSION }}\n```\n```sh\nyarn add next-auth@${{ env.VERSION }}\n```"
+          message:
+            "🎉 Experimental release [published 📦️ on npm](https://npmjs.com/package/next-auth/v/${{ env.VERSION }})!\n \
+            ```sh\npnpm add next-auth@${{ env.VERSION }}\n```\n \
+            ```sh\nyarn add next-auth@${{ env.VERSION }}\n```\n \
+            ```sh\nnpm i next-auth@${{ env.VERSION }}\n```"
        env:
          VERSION: ${{ steps.determine-version.outputs.version }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.gitignore
+++ b/.gitignore
@@ -44,6 +44,7 @@ packages/next-auth/middleware.js
 # Development app
 apps/dev/src/css
 apps/dev/prisma/migrations
+apps/dev/typeorm

 # VS
 /.vs/slnx.sqlite-journal
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -17,7 +17,7 @@ Anyone can be a contributor. Either you found a typo, or you have an awesome fea
 - The latest changes are always in `main`, so please make your Pull Request against that branch.
 - Pull Requests should be raised for any change
 - Pull Requests need approval of a [core contributor](https://next-auth.js.org/contributors#core-team) before merging
- We use ESLint/Prettier for linting/formatting, so please run `yarn lint:fix` before committing to make resolving conflicts easier (VSCode users, check out [this ESLint extension](https://marketplace.visualstudio.com/items?itemName=dbaeumer.vscode-eslint) and [this Prettier extension](https://marketplace.visualstudio.com/items?itemName=esbenp.prettier-vscode) to fix lint and formatting issues in development)
+- We use ESLint/Prettier for linting/formatting, so please run `pnpm lint:fix` before committing to make resolving conflicts easier (VSCode users, check out [this ESLint extension](https://marketplace.visualstudio.com/items?itemName=dbaeumer.vscode-eslint) and [this Prettier extension](https://marketplace.visualstudio.com/items?itemName=esbenp.prettier-vscode) to fix lint and formatting issues in development)
 - We encourage you to test your changes, and if you have the opportunity, please make those tests part of the Pull Request
 - If you add new functionality, please provide the corresponding documentation as well and make it part of the Pull Request

@@ -37,7 +37,7 @@ cd next-auth
 1. Install packages. Developing requires Node.js v16:

 ```sh
-yarn
+pnpm install
 ```

 3. Populate `.env.local`:
@@ -55,7 +55,7 @@ cp .env.local.example .env.local
 4. Start the developer application/server:

 ```sh
-yarn dev:app
+pnpm dev
 ```
 Your developer application will be available on `http://localhost:3000`

@@ -65,7 +65,7 @@ If you need an example project to link to, you can use [next-auth-example](https

 #### Hot reloading

-When running `yarn dev:app`, you start a Next.js developer server on `http://localhost:3000`, which includes hot reloading out of the box. Make changes on any of the files in `src` and see the changes immediately.
+When running `pnpm dev`, you start a Next.js developer server on `http://localhost:3000`, which includes hot reloading out-of-the-box. Make changes on any of the files in `src` and see the changes immediately.

 > NOTE: When working on CSS, you will have to manually refresh the page after changes. The reason for this is our pages using CSS are server-side rendered (using API routes). (Improving this through a PR is very welcome!)

@@ -75,7 +75,7 @@ When running `yarn dev:app`, you start a Next.js developer server on `http://loc

 If you think your custom provider might be useful to others, we encourage you to open a PR and add it to the built-in list so others can discover it much more easily! You only need to add two changes:

-1. Add your config: [`src/providers/{provider}.js`](https://github.com/nextauthjs/next-auth/tree/main/src/providers) (Make sure you use a named default export, like `export default function YourProvider`!)
+1. Add your config: [`src/providers/{provider}.js`](https://github.com/nextauthjs/next-auth/tree/main/packages/next-auth/src/providers) (Make sure you use a named default export, like `export default function YourProvider`!)
 2. Add provider documentation: [`www/docs/providers/{provider}.md`](https://github.com/nextauthjs/next-auth/tree/main/www/docs/providers)

 That's it! 🎉 Others will be able to discover this provider much more easily now!
@@ -88,13 +88,13 @@ If you would like to contribute to an existing database adapter or help create a

 #### Testing

-Tests can be run with `yarn test`.
+Tests can be run with `pnpm test`.

 Automated tests are currently crude and limited in functionality, but improvements are in development.

 ## For maintainers

-We use [a custom script](https://github.com/nextauthjs/next-auth/tree/main/scripts/index.ts) together with [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0) to automate releases. This makes the maintenance process easier and less error-prone. Please study the "Conventional Commits" site to understand how to write a good commit message.
+We use [a custom script](https://github.com/nextauthjs/next-auth/blob/main/scripts/release/index.ts) together with [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0) to automate releases. This makes the maintenance process easier and less error-prone. Please study the "Conventional Commits" site to understand how to write a good commit message.

 When accepting Pull Requests, make sure the following:

@@ -103,9 +103,9 @@ When accepting Pull Requests, make sure the following:
 - Rewrite the commit message to conform to the `Conventional Commits` style.
  - Using `fix` releases a patch (x.x.1)
  - Using `feat` releases a minor (x.1.x)
-  - Using `feat` when `BREAKING CHANGE` is present in the commit messgae releases a major (1.x.x)
+  - Using `feat` when `BREAKING CHANGE` is present in the commit message releases a major (1.x.x)
 - Optionally link issues the PR will resolve (You can add "close" in front of the issue numbers to close the issues automatically, when the PR is merged. `semantic-release` will also comment back to connected issues and PRs, notifying the users that a feature is added/bug fixed, etc.)

 ### Skipping a release

-If a commit contains `[skip release]` in their message will be excluded from the commit analysis and won't participate in the release type determination. This is useful, if the PR being merged should not trigger a new `npm` release.
+If a commit contains `[skip release]` in their message, it will be excluded from the commit analysis and won't participate in the release type determination. This is useful, if the PR being merged should not trigger a new `npm` release.
--- a/apps/dev/.env.local.example
+++ b/apps/dev/.env.local.example
@@ -47,6 +47,5 @@ EMAIL_FROM=user@gmail.com
 # MongoDB:  DATABASE_URL=mongodb://nextauth:password@127.0.0.1:27017/nextauth?synchronize=true
 DATABASE_URL=

-BOXYHQSAML_ISSUER="https://jackson-demo.boxyhq.com"
-BOXYHQSAML_ID="tenant=boxyhq.com&product=saml-demo.boxyhq.com"
-BOXYHQSAML_SECRET="dummy"
+WIKIMEDIA_ID=
+WIKIMEDIA_SECRET=
--- a/apps/dev/middleware.ts
+++ b/apps/dev/middleware.ts
@@ -30,12 +30,11 @@ export const config = { matcher: ["/middleware-protected"] }
 // export default withAuth(
 //   function middleware(req, ev) {
 //     console.log(req, ev)
-//     return undefined // NOTE: `NextMiddleware` should allow returning `void`
 //   },
 //   {
 //     callbacks: {
 //       authorized: ({ token }) => token.name === "Balázs Orbán",
-//     }
+//     },
 //   }
 // )

--- a/apps/dev/package.json
+++ b/apps/dev/package.json
@@ -16,21 +16,25 @@
  },
  "license": "ISC",
  "dependencies": {
-    "@next-auth/fauna-adapter": "^1",
-    "@next-auth/prisma-adapter": "^1",
+    "@next-auth/fauna-adapter": "workspace:*",
+    "@next-auth/prisma-adapter": "workspace:*",
+    "@next-auth/typeorm-legacy-adapter": "workspace:*",
    "@prisma/client": "^3",
    "faunadb": "^4",
-    "next": "12.1.7-canary.51",
+    "next": "12.2.0",
    "nodemailer": "^6",
    "react": "^18",
    "react-dom": "^18"
  },
  "devDependencies": {
-    "@types/react": "^18",
-    "@types/react-dom": "^18",
+    "@types/react": "^18.0.15",
+    "@types/react-dom": "^18.0.6",
    "concurrently": "^7",
    "cpx": "^1.5.0",
    "fake-smtp-server": "^0.8.0",
-    "prisma": "^3"
+    "pg": "^8.7.3",
+    "prisma": "^3",
+    "sqlite3": "^5.0.8",
+    "typeorm": "0.3.7"
  }
 }
--- a/apps/dev/pages/api/auth/[...nextauth].ts
+++ b/apps/dev/pages/api/auth/[...nextauth].ts
@@ -1,221 +1,134 @@
-import NextAuth, { NextAuthOptions } from "next-auth"
-// import EmailProvider from "next-auth/providers/email"
-import GitHubProvider from "next-auth/providers/github"
-import Auth0Provider from "next-auth/providers/auth0"
-import KeycloakProvider from "next-auth/providers/keycloak"
-import TwitterProvider, {
-  TwitterLegacy as TwitterLegacyProvider,
-} from "next-auth/providers/twitter"
-import CredentialsProvider from "next-auth/providers/credentials"
-import IDS4Provider from "next-auth/providers/identity-server4"
-import Twitch from "next-auth/providers/twitch"
-import GoogleProvider from "next-auth/providers/google"
-import FacebookProvider from "next-auth/providers/facebook"
-import FoursquareProvider from "next-auth/providers/foursquare"
-// import FreshbooksProvider from "next-auth/providers/freshbooks"
-import GitlabProvider from "next-auth/providers/gitlab"
-import InstagramProvider from "next-auth/providers/instagram"
-import LineProvider from "next-auth/providers/line"
-import LinkedInProvider from "next-auth/providers/linkedin"
-import MailchimpProvider from "next-auth/providers/mailchimp"
-import DiscordProvider from "next-auth/providers/discord"
-import AzureADProvider from "next-auth/providers/azure-ad"
-import SpotifyProvider from "next-auth/providers/spotify"
-import CognitoProvider from "next-auth/providers/cognito"
-import SlackProvider from "next-auth/providers/slack"
-import Okta from "next-auth/providers/okta"
+import NextAuth from "next-auth"
+import type { NextAuthOptions } from "next-auth"
+
+// Providers
+import Apple from "next-auth/providers/apple"
+import Auth0 from "next-auth/providers/auth0"
+import AzureAD from "next-auth/providers/azure-ad"
 import AzureB2C from "next-auth/providers/azure-ad-b2c"
-import OsuProvider from "next-auth/providers/osu"
-import AppleProvider from "next-auth/providers/apple"
-import PatreonProvider from "next-auth/providers/patreon"
-import TraktProvider from "next-auth/providers/trakt"
-import WorkOSProvider from "next-auth/providers/workos"
-import BoxyHQSAMLProvider from "next-auth/providers/boxyhq-saml"
+import BoxyHQSAML from "next-auth/providers/boxyhq-saml"
+import Cognito from "next-auth/providers/cognito"
+import Credentials from "next-auth/providers/credentials"
+import Discord from "next-auth/providers/discord"
+import DuendeIDS6 from "next-auth/providers/duende-identity-server6"
+import Email from "next-auth/providers/email"
+import Facebook from "next-auth/providers/facebook"
+import Foursquare from "next-auth/providers/foursquare"
+import Freshbooks from "next-auth/providers/freshbooks"
+import GitHub from "next-auth/providers/github"
+import Gitlab from "next-auth/providers/gitlab"
+import Google from "next-auth/providers/google"
+import IDS4 from "next-auth/providers/identity-server4"
+import Instagram from "next-auth/providers/instagram"
+import Keycloak from "next-auth/providers/keycloak"
+import Line from "next-auth/providers/line"
+import LinkedIn from "next-auth/providers/linkedin"
+import Mailchimp from "next-auth/providers/mailchimp"
+import Okta from "next-auth/providers/okta"
+import Osu from "next-auth/providers/osu"
+import Patreon from "next-auth/providers/patreon"
+import Slack from "next-auth/providers/slack"
+import Spotify from "next-auth/providers/spotify"
+import Trakt from "next-auth/providers/trakt"
+import Twitch from "next-auth/providers/twitch"
+import Twitter, { TwitterLegacy } from "next-auth/providers/twitter"
+import Vk from "next-auth/providers/vk"
+import Wikimedia from "next-auth/providers/wikimedia"
+import WorkOS from "next-auth/providers/workos"

-// import { PrismaAdapter } from "@next-auth/prisma-adapter"
-// import { PrismaClient } from "@prisma/client"
-// const prisma = new PrismaClient()
-// const adapter = PrismaAdapter(prisma)
+// Adapters
+import { PrismaClient } from "@prisma/client"
+import { PrismaAdapter } from "@next-auth/prisma-adapter"
+import { Client as FaunaClient } from "faunadb"
+import { FaunaAdapter } from "@next-auth/fauna-adapter"
+import { TypeORMLegacyAdapter } from "@next-auth/typeorm-legacy-adapter"

-// import { Client as FaunaClient } from "faunadb"
-// import { FaunaAdapter } from "@next-auth/fauna-adapter"
-
-// const client = new FaunaClient({
-//   secret: process.env.FAUNA_SECRET,
-//   domain: process.env.FAUNA_DOMAIN,
-// })
-// const adapter = FaunaAdapter(client)
-export const authOptions: NextAuthOptions = {
-  // adapter: {
-  //   getUserByEmail: (email) => ({ id: "1", email, emailVerified: null }),
-  //   createVerificationToken: (token) => token,
-  // } as any,
-  providers: [
-    // E-mail
-    // Start fake e-mail server with `npm run start:email`
-    // EmailProvider({
-    //   server: {
-    //     host: "127.0.0.1",
-    //     auth: null,
-    //     secure: false,
-    //     port: 1025,
-    //     tls: { rejectUnauthorized: false },
-    //   },
-    // }),
-    // Credentials
-    CredentialsProvider({
-      name: "Credentials",
-      credentials: {
-        password: { label: "Password", type: "password" },
-      },
-      async authorize(credentials) {
-        if (credentials.password === "pw") {
-          return {
-            name: "Fill Murray",
-            email: "bill@fillmurray.com",
-            image: "https://www.fillmurray.com/64/64",
-          }
-        }
-        return null
-      },
-    }),
-    // OAuth 1
-    // TwitterLegacyProvider({
-    //   clientId: process.env.TWITTER_LEGACY_ID,
-    //   clientSecret: process.env.TWITTER_LEGACY_SECRET,
-    // }),
-    // OAuth 2 / OIDC
-    TwitterProvider({
-      // Opt-in to the new Twitter API for now. Should be default in the future.
-      version: "2.0",
-      clientId: process.env.TWITTER_ID,
-      clientSecret: process.env.TWITTER_SECRET,
-    }),
-    GitHubProvider({
-      clientId: process.env.GITHUB_ID,
-      clientSecret: process.env.GITHUB_SECRET,
-    }),
-    Auth0Provider({
-      clientId: process.env.AUTH0_ID,
-      clientSecret: process.env.AUTH0_SECRET,
-      issuer: process.env.AUTH0_ISSUER,
-    }),
-    KeycloakProvider({
-      clientId: process.env.KEYCLOAK_ID,
-      clientSecret: process.env.KEYCLOAK_SECRET,
-      issuer: process.env.KEYCLOAK_ISSUER,
-    }),
-    Twitch({
-      clientId: process.env.TWITCH_ID,
-      clientSecret: process.env.TWITCH_SECRET,
-    }),
-    GoogleProvider({
-      clientId: process.env.GOOGLE_ID,
-      clientSecret: process.env.GOOGLE_SECRET,
-    }),
-    FacebookProvider({
-      clientId: process.env.FACEBOOK_ID,
-      clientSecret: process.env.FACEBOOK_SECRET,
-    }),
-    FoursquareProvider({
-      clientId: process.env.FOURSQUARE_ID,
-      clientSecret: process.env.FOURSQUARE_SECRET,
-    }),
-    // FreshbooksProvider({
-    //   clientId: process.env.FRESHBOOKS_ID,
-    //   clientSecret: process.env.FRESHBOOKS_SECRET,
-    // }),
-    GitlabProvider({
-      clientId: process.env.GITLAB_ID,
-      clientSecret: process.env.GITLAB_SECRET,
-    }),
-    InstagramProvider({
-      clientId: process.env.INSTAGRAM_ID,
-      clientSecret: process.env.INSTAGRAM_SECRET,
-    }),
-    LineProvider({
-      clientId: process.env.LINE_ID,
-      clientSecret: process.env.LINE_SECRET,
-    }),
-    LinkedInProvider({
-      clientId: process.env.LINKEDIN_ID,
-      clientSecret: process.env.LINKEDIN_SECRET,
-    }),
-    MailchimpProvider({
-      clientId: process.env.MAILCHIMP_ID,
-      clientSecret: process.env.MAILCHIMP_SECRET,
-    }),
-    IDS4Provider({
-      clientId: process.env.IDS4_ID,
-      clientSecret: process.env.IDS4_SECRET,
-      issuer: process.env.IDS4_ISSUER,
-    }),
-    DiscordProvider({
-      clientId: process.env.DISCORD_ID,
-      clientSecret: process.env.DISCORD_SECRET,
-    }),
-    AzureADProvider({
-      clientId: process.env.AZURE_AD_CLIENT_ID,
-      clientSecret: process.env.AZURE_AD_CLIENT_SECRET,
-      tenantId: process.env.AZURE_AD_TENANT_ID,
-      profilePhotoSize: 48,
-    }),
-    SpotifyProvider({
-      clientId: process.env.SPOTIFY_ID,
-      clientSecret: process.env.SPOTIFY_SECRET,
-    }),
-    CognitoProvider({
-      clientId: process.env.COGNITO_ID,
-      clientSecret: process.env.COGNITO_SECRET,
-      issuer: process.env.COGNITO_ISSUER,
-    }),
-    Okta({
-      clientId: process.env.OKTA_ID,
-      clientSecret: process.env.OKTA_SECRET,
-      issuer: process.env.OKTA_ISSUER,
-    }),
-    SlackProvider({
-      clientId: process.env.SLACK_ID,
-      clientSecret: process.env.SLACK_SECRET,
-    }),
-    AzureB2C({
-      clientId: process.env.AZURE_B2C_ID,
-      clientSecret: process.env.AZURE_B2C_SECRET,
-      tenantId: process.env.AZURE_B2C_TENANT_ID,
-      primaryUserFlow: process.env.AZURE_B2C_PRIMARY_USER_FLOW,
-    }),
-    OsuProvider({
-      clientId: process.env.OSU_CLIENT_ID,
-      clientSecret: process.env.OSU_CLIENT_SECRET,
-    }),
-    AppleProvider({
-      clientId: process.env.APPLE_ID,
-      clientSecret: process.env.APPLE_SECRET,
-    }),
-    PatreonProvider({
-      clientId: process.env.PATREON_ID,
-      clientSecret: process.env.PATREON_SECRET,
-    }),
-    TraktProvider({
-      clientId: process.env.TRAKT_ID,
-      clientSecret: process.env.TRAKT_SECRET,
-    }),
-    WorkOSProvider({
-      clientId: process.env.WORKOS_ID,
-      clientSecret: process.env.WORKOS_SECRET,
-    }),
-    BoxyHQSAMLProvider({
-      issuer: process.env.BOXYHQSAML_ISSUER,
-      clientId: process.env.BOXYHQSAML_ID,
-      clientSecret: process.env.BOXYHQSAML_SECRET,
-    }),
-  ],
-  debug: true,
-  theme: {
-    colorScheme: "auto",
-    logo: "https://next-auth.js.org/img/logo/logo-sm.png",
-    brandColor: "#1786fb",
+// Add an adapter you want to test here.
+const adapters = {
+  prisma() {
+    const client = globalThis.prisma || new PrismaClient()
+    if (process.env.NODE_ENV !== "production") globalThis.prisma = client
+    return PrismaAdapter(client)
+  },
+  typeorm() {
+    return TypeORMLegacyAdapter({
+      type: "sqlite",
+      name: "next-auth-test-memory",
+      database: "./typeorm/dev.db",
+      synchronize: true,
+    })
+  },
+  fauna() {
+    const client =
+      globalThis.fauna ||
+      new FaunaClient({
+        secret: process.env.FAUNA_SECRET,
+        domain: process.env.FAUNA_DOMAIN,
+      })
+    if (process.env.NODE_ENV !== "production") global.fauna = client
+    return FaunaAdapter(client)
+  },
+  noop() {
+    return undefined
  },
 }

+export const authOptions: NextAuthOptions = {
+  adapter: adapters.noop(),
+  debug: true,
+  theme: {
+    logo: "https://next-auth.js.org/img/logo/logo-sm.png",
+    brandColor: "#1786fb",
+  },
+  providers: [
+    Credentials({
+      credentials: { password: { label: "Password", type: "password" } },
+      async authorize(credentials) {
+        if (credentials.password !== "pw") return null
+        return { name: "Fill Murray", email: "bill@fillmurray.com", image: "https://www.fillmurray.com/64/64" }
+      },
+    }),
+    Apple({ clientId: process.env.APPLE_ID, clientSecret: process.env.APPLE_SECRET }),
+    Auth0({ clientId: process.env.AUTH0_ID, clientSecret: process.env.AUTH0_SECRET, issuer: process.env.AUTH0_ISSUER }),
+    AzureAD({ clientId: process.env.AZURE_AD_CLIENT_ID, clientSecret: process.env.AZURE_AD_CLIENT_SECRET, tenantId: process.env.AZURE_AD_TENANT_ID }),
+    AzureB2C({ clientId: process.env.AZURE_B2C_ID, clientSecret: process.env.AZURE_B2C_SECRET, issuer: process.env.AZURE_B2C_ISSUER }),
+    BoxyHQSAML({ issuer: "https://jackson-demo.boxyhq.com", clientId: "tenant=boxyhq.com&product=saml-demo.boxyhq.com", clientSecret: "dummy" }),
+    Cognito({ clientId: process.env.COGNITO_ID, clientSecret: process.env.COGNITO_SECRET, issuer: process.env.COGNITO_ISSUER }),
+    Discord({ clientId: process.env.DISCORD_ID, clientSecret: process.env.DISCORD_SECRET }),
+    DuendeIDS6({ clientId: "interactive.confidential", clientSecret: "secret", issuer: "https://demo.duendesoftware.com" }),
+    Facebook({ clientId: process.env.FACEBOOK_ID, clientSecret: process.env.FACEBOOK_SECRET }),
+    Foursquare({ clientId: process.env.FOURSQUARE_ID, clientSecret: process.env.FOURSQUARE_SECRET }),
+    Freshbooks({ clientId: process.env.FRESHBOOKS_ID, clientSecret: process.env.FRESHBOOKS_SECRET }),
+    GitHub({ clientId: process.env.GITHUB_ID, clientSecret: process.env.GITHUB_SECRET }),
+    Gitlab({ clientId: process.env.GITLAB_ID, clientSecret: process.env.GITLAB_SECRET }),
+    Google({ clientId: process.env.GOOGLE_ID, clientSecret: process.env.GOOGLE_SECRET }),
+    IDS4({ clientId: process.env.IDS4_ID, clientSecret: process.env.IDS4_SECRET, issuer: process.env.IDS4_ISSUER }),
+    Instagram({ clientId: process.env.INSTAGRAM_ID, clientSecret: process.env.INSTAGRAM_SECRET }),
+    Keycloak({ clientId: process.env.KEYCLOAK_ID, clientSecret: process.env.KEYCLOAK_SECRET, issuer: process.env.KEYCLOAK_ISSUER }),
+    Line({ clientId: process.env.LINE_ID, clientSecret: process.env.LINE_SECRET }),
+    LinkedIn({ clientId: process.env.LINKEDIN_ID, clientSecret: process.env.LINKEDIN_SECRET }),
+    Mailchimp({ clientId: process.env.MAILCHIMP_ID, clientSecret: process.env.MAILCHIMP_SECRET }),
+    Okta({ clientId: process.env.OKTA_ID, clientSecret: process.env.OKTA_SECRET, issuer: process.env.OKTA_ISSUER }),
+    Osu({ clientId: process.env.OSU_CLIENT_ID, clientSecret: process.env.OSU_CLIENT_SECRET }),
+    Patreon({ clientId: process.env.PATREON_ID, clientSecret: process.env.PATREON_SECRET }),
+    Slack({ clientId: process.env.SLACK_ID, clientSecret: process.env.SLACK_SECRET }),
+    Spotify({ clientId: process.env.SPOTIFY_ID, clientSecret: process.env.SPOTIFY_SECRET }),
+    Trakt({ clientId: process.env.TRAKT_ID, clientSecret: process.env.TRAKT_SECRET }),
+    Twitch({ clientId: process.env.TWITCH_ID, clientSecret: process.env.TWITCH_SECRET }),
+    Twitter({ version: "2.0", clientId: process.env.TWITTER_ID, clientSecret: process.env.TWITTER_SECRET }),
+    TwitterLegacy({ clientId: process.env.TWITTER_LEGACY_ID, clientSecret: process.env.TWITTER_LEGACY_SECRET }),
+    Vk({ clientId: process.env.VK_ID, clientSecret: process.env.VK_SECRET }),
+    Wikimedia({ clientId: process.env.WIKIMEDIA_ID, clientSecret: process.env.WIKIMEDIA_SECRET }),
+    WorkOS({ clientId: process.env.WORKOS_ID, clientSecret: process.env.WORKOS_SECRET }),
+  ],
+}
+
+if (authOptions.adapter) {
+  authOptions.providers.unshift(
+    // NOTE: You can start a fake e-mail server with `pnpm email`
+    // and then go to `http://localhost:1080` in the browser
+    Email({ server: "smtp://127.0.0.1:1025?tls.rejectUnauthorized=false" })
+  )
+}
+
 export default NextAuth(authOptions)
--- a/apps/dev/pages/api/examples/jwt.js
+++ b/apps/dev/pages/api/examples/jwt.js
@@ -2,6 +2,6 @@
 import { getToken } from "next-auth/jwt"

 export default async (req, res) => {
-  const token = await getToken({ req, secret: process.env.SECRET })
+  const token = await getToken({ req })
  res.send(JSON.stringify(token, null, 2))
 }
--- a/apps/example-nextjs/middleware.ts
+++ b/apps/example-nextjs/middleware.ts
@@ -3,9 +3,14 @@ import { withAuth } from "next-auth/middleware"
 // More on how NextAuth.js middleware works: https://next-auth.js.org/configuration/nextjs#middleware
 export default withAuth({
  callbacks: {
-    authorized: ({ req, token }) =>
-      // /admin requires admin role, but /me only requires the user to be logged in.
-      req.nextUrl.pathname !== "/admin" || token?.userRole === "admin",
+    authorized({ req, token }) {
+      // `/admin` requires admin role
+      if (req.nextUrl.pathname === "/admin") {
+        return token?.userRole === "admin"
+      }
+      // `/me` only requires the user to be logged in
+      return !!token
+    },
  },
 })

--- a/apps/example-nextjs/package.json
+++ b/apps/example-nextjs/package.json
@@ -1,19 +1,15 @@
 {
-  "name": "next-auth-example",
-  "version": "0.0.0",
  "private": true,
-  "description": "An example project for NextAuth.js",
+  "description": "An example project for NextAuth.js with Next.js",
  "repository": "https://github.com/nextauthjs/next-auth-example.git",
  "bugs": {
    "url": "https://github.com/nextauthjs/next-auth/issues"
  },
  "homepage": "https://next-auth-example.vercel.app",
-  "main": "",
  "scripts": {
    "dev": "next",
    "build": "next build",
-    "start": "next start",
-    "types": "tsc --noEmit"
+    "start": "next start"
  },
  "author": "Iain Collins <me@iaincollins.com>",
  "contributors": [
@@ -21,20 +17,16 @@
    "Nico Domino <yo@ndo.dev>",
    "Lluis Agusti <hi@llu.lu>"
  ],
-  "license": "ISC",
  "dependencies": {
-    "next": "12.1.7-canary.51",
+    "next": "latest",
    "next-auth": "latest",
    "nodemailer": "^6",
-    "react": "^18",
-    "react-dom": "^18"
+    "react": "^18.2.0",
+    "react-dom": "^18.2.0"
  },
  "devDependencies": {
    "@types/node": "^17",
-    "@types/react": "^18",
+    "@types/react": "^18.0.15",
    "typescript": "^4"
-  },
-  "prettier": {
-    "semi": false
  }
 }
--- a/apps/example-nextjs/pages/_app.tsx
+++ b/apps/example-nextjs/pages/_app.tsx
@@ -1,7 +1,8 @@
 import { SessionProvider } from "next-auth/react"
-import type { AppProps } from "next/app"
 import "./styles.css"

+import type { AppProps } from "next/app"
+
 // Use of the <SessionProvider> is mandatory to allow components that call
 // `useSession()` anywhere in your application to access the `session` object.
 export default function App({ Component, pageProps }: AppProps) {
--- a/apps/example-nextjs/pages/api/examples/jwt.ts
+++ b/apps/example-nextjs/pages/api/examples/jwt.ts
@@ -1,10 +1,14 @@
 // This is an example of how to read a JSON Web Token from an API route
 import { getToken } from "next-auth/jwt"
+
 import type { NextApiRequest, NextApiResponse } from "next"

-const secret = process.env.NEXTAUTH_SECRET
-
-export default async (req: NextApiRequest, res: NextApiResponse) => {
-  const token = await getToken({ req, secret })
+export default async function handler(
+  req: NextApiRequest,
+  res: NextApiResponse
+) {
+  // If you don't have the NEXTAUTH_SECRET environment variable set,
+  // you will have to pass your secret as `secret` to `getToken`
+  const token = await getToken({ req })
  res.send(JSON.stringify(token, null, 2))
 }
--- a/apps/example-nextjs/pages/api/examples/protected.ts
+++ b/apps/example-nextjs/pages/api/examples/protected.ts
@@ -1,19 +1,23 @@
 // This is an example of to protect an API route
 import { unstable_getServerSession } from "next-auth/next"
+import { authOptions } from "../auth/[...nextauth]"
+
 import type { NextApiRequest, NextApiResponse } from "next"

-export default async (req: NextApiRequest, res: NextApiResponse) => {
+export default async function handler(
+  req: NextApiRequest,
+  res: NextApiResponse
+) {
  const session = await unstable_getServerSession(req, res, authOptions)

  if (session) {
-    res.send({
+    return res.send({
      content:
        "This is protected content. You can access this content because you are signed in.",
    })
-  } else {
-    res.send({
-      error:
-        "You must be signed in to view the protected content on this page.",
-    })
  }
+
+  res.send({
+    error: "You must be signed in to view the protected content on this page.",
+  })
 }
--- a/apps/example-nextjs/pages/api/examples/session.ts
+++ b/apps/example-nextjs/pages/api/examples/session.ts
@@ -1,8 +1,13 @@
 // This is an example of how to access a session from an API route
-import { getSession } from "next-auth/react"
+import { unstable_getServerSession } from "next-auth"
+import { authOptions } from "../auth/[...nextauth]"
+
 import type { NextApiRequest, NextApiResponse } from "next"

-export default async (req: NextApiRequest, res: NextApiResponse) => {
-  const session = await getSession({ req })
+export default async function handler(
+  req: NextApiRequest,
+  res: NextApiResponse
+) {
+  const session = await unstable_getServerSession(req, res, authOptions)
  res.send(JSON.stringify(session, null, 2))
 }
--- a/apps/example-nextjs/pages/server.tsx
+++ b/apps/example-nextjs/pages/server.tsx
@@ -1,12 +1,13 @@
 import { unstable_getServerSession } from "next-auth/next"
 import { authOptions } from "./api/auth/[...nextauth]"
 import Layout from "../components/layout"
-import type { NextPageContext } from "next"

-export default function ServerSidePage({ session }) {
+import type { GetServerSidePropsContext } from "next"
+import type { Session } from "next-auth"
+
+export default function ServerSidePage({ session }: { session: Session }) {
  // As this page uses Server Side Rendering, the `session` will be already
  // populated on render without needing to go through a loading stage.
-
  return (
    <Layout>
      <h1>Server Side Rendering</h1>
@@ -28,15 +29,20 @@ export default function ServerSidePage({ session }) {
        The disadvantage of Server Side Rendering is that this page is slower to
        render.
      </p>
+      <pre>{JSON.stringify(session, null, 2)}</pre>
    </Layout>
  )
 }

 // Export the `session` prop to use sessions with Server Side Rendering
-export async function getServerSideProps(context: NextPageContext) {
+export async function getServerSideProps(context: GetServerSidePropsContext) {
  return {
    props: {
-      session: await unstable_getServerSession(context.req, context.res, authOptions),
+      session: await unstable_getServerSession(
+        context.req,
+        context.res,
+        authOptions
+      ),
    },
  }
 }
--- a/apps/playground-sveltekit/package.json
+++ b/apps/playground-sveltekit/package.json
@@ -21,7 +21,7 @@
    "eslint-plugin-svelte3": "^3.2.1",
    "prettier": "^2.5.1",
    "prettier-plugin-svelte": "^2.5.0",
-    "svelte": "^3.44.0",
+    "svelte": "^3.49.0",
    "svelte-check": "^2.2.6",
    "svelte-preprocess": "^4.10.1",
    "tslib": "^2.3.1",
--- a/apps/playground-sveltekit/yarn.lock
+++ b/apps/playground-sveltekit/yarn.lock
@@ -1232,10 +1232,10 @@ natural-compare@^1.4.0:
  resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7"
  integrity sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=

-next-auth@^4.5.0:
-  version "4.5.0"
-  resolved "https://registry.yarnpkg.com/next-auth/-/next-auth-4.5.0.tgz#2df57287fddc705b8971c88c60bad44a89ac6dd1"
-  integrity sha512-B6gYRIbqtj8nlDsx3y2Ruwp/mvZnItPs7VUULY43QYw+M9xtDPIM9EBZ3ryd/wNYA3MDteBJlzGm/ivseXcmJA==
+"next-auth@workspace:*":
+  version "4.9.0"
+  resolved "https://registry.yarnpkg.com/next-auth/-/next-auth-4.9.0.tgz#0d8cabcb22a976744131a2e68d5f08756f322593"
+  integrity sha512-/4S5dFeyNg2nXlD7g/Sh5A4WZWnUMDpEf8x/x+gzmAf5cAY2SjDM6sLk9u4XRmsndsxQpIMWDw03sUTAD+Yzog==
  dependencies:
    "@babel/runtime" "^7.16.3"
    "@panva/hkdf" "^1.0.1"
@@ -1617,10 +1617,10 @@ svelte-preprocess@^4.0.0, svelte-preprocess@^4.10.1:
    sorcery "^0.10.0"
    strip-indent "^3.0.0"

-svelte@^3.44.0:
-  version "3.46.4"
-  resolved "https://registry.yarnpkg.com/svelte/-/svelte-3.46.4.tgz#0c46bc4a3e20a2617a1b7dc43a722f9d6c084a38"
-  integrity sha512-qKJzw6DpA33CIa+C/rGp4AUdSfii0DOTCzj/2YpSKKayw5WGSS624Et9L1nU1k2OVRS9vaENQXp2CVZNU+xvIg==
+svelte@^3.49.0:
+  version "3.49.0"
+  resolved "https://registry.yarnpkg.com/svelte/-/svelte-3.49.0.tgz#5baee3c672306de1070c3b7888fc2204e36a4029"
+  integrity sha512-+lmjic1pApJWDfPCpUUTc1m8azDqYCG1JN9YEngrx/hUyIcFJo6VZhj0A1Ai0wqoHcEIuQy+e9tk+4uDgdtsFA==

 table@^6.0.9:
  version "6.8.0"
--- a/docs/docs/adapters/firebase.md
+++ b/docs/docs/adapters/firebase.md
@@ -5,18 +5,14 @@ title: Firebase

 # Firebase

-:::warning
-This adapter is still experimental and does not work with NextAuth.js 4 or newer. If you would like to help out upgrading it, please visit [this PR](https://github.com/nextauthjs/next-auth/pull/3873)
-:::
-
-This is the Firebase Adapter for [`next-auth`](https://next-auth.js.org). This package can only be used in conjunction with the primary `next-auth` package. It is not a standalone package.
+This is the Firebase (Firestore) Adapter for [`next-auth`](https://next-auth.js.org). This package can only be used in conjunction with the primary `next-auth` package. It is not a standalone package.

 ## Getting Started

 1. Install the necessary packages

 ```bash npm2yarn2pnpm
-npm install next-auth @next-auth/firebase-adapter@experimental
+npm install next-auth @next-auth/firebase-adapter
 ```

 2. Add this adapter to your `pages/api/auth/[...nextauth].js` next-auth configuration object.
@@ -24,14 +20,7 @@ npm install next-auth @next-auth/firebase-adapter@experimental
 ```javascript title="pages/api/auth/[...nextauth].js"
 import NextAuth from "next-auth"
 import GoogleProvider from "next-auth/providers/google"
-import { FirebaseAdapter } from "@next-auth/firebase-adapter"
-
-import firebase from "firebase/app"
-import "firebase/firestore"
-
-const firestore = (
-  firebase.apps[0] ?? firebase.initializeApp(/* your config */)
-).firestore()
+import { FirestoreAdapter } from "@next-auth/firebase-adapter"

 // For more information on each option (and a full list of options) go to
 // https://next-auth.js.org/configuration/options
@@ -43,9 +32,19 @@ export default NextAuth({
      clientSecret: process.env.GOOGLE_SECRET,
    }),
  ],
-  adapter: FirebaseAdapter(firestore),
-  ...
-})
+  adapter: FirestoreAdapter({
+    apiKey: process.env.FIREBASE_API_KEY,
+    appId: process.env.FIREBASE_APP_ID,
+    authDomain: process.env.FIREBASE_AUTH_DOMAIN,
+    databaseURL: process.env.FIREBASE_DATABASE_URL,
+    projectId: process.env.FIREBASE_PROJECT_ID,
+    storageBucket: process.env.FIREBASE_STORAGE_BUCKET,
+    messagingSenderId: process.env.FIREBASE_MESSAGING_SENDER_ID,
+    // Optional emulator config (see below for options)
+    emulator: {},
+  }),
+  // ...
+});
 ```

 ## Options
@@ -69,6 +68,21 @@ const firebaseConfig = {

 See [firebase.google.com/docs/web/setup](https://firebase.google.com/docs/web/setup) for more details.

+You can optionally pass in emulator options to automatically connect to your local Firebase emulator.
+
+```js
+FirestoreAdapter({
+  // ...
+  // Passing in an enable object will enable the emulator
+  emulator: {
+    // Optional host, defaults to `localhost`
+    host: 'localhost',
+  // Optional port, defaults to `3001`
+    port: 3001,
+  },
+}),
+```
+
 :::tip **From Firebase**

 **Caution**: We do not recommend manually modifying an app's Firebase config file or object. If you initialize an app with invalid or missing values for any of these required "Firebase options", then your end users may experience serious issues.
--- a/docs/docs/adapters/typeorm.md
+++ b/docs/docs/adapters/typeorm.md
@@ -5,18 +5,22 @@ title: TypeORM

 # TypeORM

-This Adapter is used to support SQL-flavored databases (like SQLite, MySQL, MSSQL, MariaDB, CockroachDB, etc.) through [TypeORM](https://typeorm.io), and mostly kept around for legacy reasons. (See the warning below.)
+This Adapter is used to support SQL-flavored databases (like SQLite, MySQL, MSSQL, MariaDB, CockroachDB, etc.) through [TypeORM](https://typeorm.io).

 :::note
 If you previously used this Adapter with MongoDB, check out the [MongoDB Adapter](/adapters/mongodb) instead.
 :::

-:::warning
+:::note
 In the future, we might split up this adapter to support single flavors of SQL for easier maintenance and reduced bundle size.
 :::

 ## Usage

+:::warning
+[`typeorm`](https://github.com/typeorm/typeorm) is still in active development and has not yet published a stable release. Because of this, you can expect breaking changes in minor versions. This adapter expects `typeorm@0.3.7` and is not validated against previous or future releases.
+:::
+
 To use this Adapter, you need to install the following packages:

 ```bash npm2yarn2pnpm
@@ -36,7 +40,7 @@ export default NextAuth({
 })
 ```

-`TypeORMLegacyAdapter` takes either a connection string, or a [`ConnectionOptions`](https://github.com/typeorm/typeorm/blob/master/docs/connection-options.md) object as its first parameter.
+`TypeORMLegacyAdapter` takes either a connection string, or a [`DataSourceOptions`](https://github.com/typeorm/typeorm/blob/master/docs/data-source-options.md) object as its first parameter.

 ## Custom models

@@ -217,9 +221,9 @@ For example, you can add the naming convention option to the connection object i
 import NextAuth from "next-auth"
 import { TypeORMLegacyAdapter } from "@next-auth/typeorm-legacy-adapter"
 import { SnakeNamingStrategy } from 'typeorm-naming-strategies'
-import { ConnectionOptions } from "typeorm"

-const connection: ConnectionOptions = {
+export default NextAuth({
+  adapter: TypeORMLegacyAdapter({
    type: "mysql",
    host: "localhost",
    port: 3306,
@@ -227,10 +231,7 @@ const connection: ConnectionOptions = {
    password: "test",
    database: "test",
    namingStrategy: new SnakeNamingStrategy()
-}
-
-export default NextAuth({
-  adapter: TypeORMLegacyAdapter(connection),
+  }),
  ...
 })
 ```
--- a/docs/docs/configuration/nextjs.md
+++ b/docs/docs/configuration/nextjs.md
@@ -8,7 +8,7 @@ This feature is experimental and may be removed or changed in the future.

 When calling from server-side i.e. in API routes or in `getServerSideProps`, we recommend using this function instead of `getSession` to retrieve the `session` object. This method is especially useful when you are using NextAuth.js with a database. This method can _drastically_ reduce response time when used over `getSession` server-side, due to avoiding an extra `fetch` to an API Route (this is generally [not recommended in Next.js](https://nextjs.org/docs/basic-features/data-fetching/get-server-side-props#getserversideprops-or-api-routes)). In addition, `unstable_getServerSession` will correctly update the cookie expiry time and update the session content if `callbacks.jwt` or `callbacks.session` changed something.

-Otherwise, if you only want to get the session token, see [`getToken`](tutorials/securing-pages-and-api-routes#using-gettoken).
+Otherwise, if you only want to get the session token, see [`getToken`](/tutorials/securing-pages-and-api-routes#using-gettoken).

 `unstable_getServerSession` requires passing the same object you would pass to `NextAuth` when initializing NextAuth.js. To do so, you can export your NextAuth.js options in the following way:

@@ -80,10 +80,11 @@ You can get the `withAuth` middleware function from `next-auth/middleware` eithe

 ### Prerequisites

-You must set the [`NEXTAUTH_SECRET`](/configuration/options#nextauth_secret) environment variable when using this middleware. If you are using the [`secret` option](/configuration/options#secret) this value must match.
+You must set the same secret in the middleware that you use in NextAuth. The easiest way is to set the [`NEXTAUTH_SECRET`](/configuration/options#nextauth_secret) environment variable. It will be picked up by both the [NextAuth config](/configuration/options#options), as well as the middleware config.

-**We strongly recommend** replacing the `secret` value completely with this `NEXTAUTH_SECRET` environment variable. This environment variable will be picked up by both the [NextAuth config](/configuration/options#options), as well as the middleware config.
+Alternatively, you can provide the secret using the [`secret`](#secret) option in the middleware config.

+**We strongly recommend** replacing the `secret` value completely with this `NEXTAUTH_SECRET` environment variable.

 ### Basic usage

@@ -149,6 +150,22 @@ See the documentation for the [pages option](/configuration/pages) for more info

 ---

+### `secret`
+
+- **Required**: _No_
+
+#### Description
+
+The same `secret` used in the [NextAuth config](/configuration/options#options).
+
+#### Example (default value)
+
+```js
+secret: process.env.NEXTAUTH_SECRET
+```
+
+---
+
 ### Advanced usage

 NextAuth.js Middleware is very flexible, there are multiple ways to use it.
@@ -160,13 +177,11 @@ If you do not define the options, NextAuth.js will use the default values for th
 #### wrap middleware

 ```ts title="middleware.ts"
-import type { NextRequest } from "next/server"
-import type { JWT } from "next-auth/jwt"
 import { withAuth } from "next-auth/middleware"

 export default withAuth(
-  // `withAuth` can augment your Request with the user's token.
-  function middleware(req: NextRequest & { nextauth: { token: JWT | null } }) {
+  // `withAuth` augments your `Request` with the user's token.
+  function middleware(req) {
    console.log(req.nextauth.token)
  },
  {
--- a/docs/docs/configuration/options.md
+++ b/docs/docs/configuration/options.md
@@ -13,19 +13,22 @@ When deploying to production, set the `NEXTAUTH_URL` environment variable to the
 NEXTAUTH_URL=https://example.com
 ```

-If your Next.js application uses a custom base path, specify the route to the API endpoint in full.
+If your Next.js application uses a custom base path, specify the route to the API endpoint in full. More informations about the usage of custom base path [here](/getting-started/client#custom-base-path).

 _e.g. `NEXTAUTH_URL=https://example.com/custom-route/api/auth`_

+:::tip
+When you're using a custom base path, you will need to pass the `basePath` page prop to the `<SessionProvider>`. More informations [here](/getting-started/client#custom-base-path).
+:::
+
 :::note
 Using [System Environment Variables](https://vercel.com/docs/concepts/projects/environment-variables#system-environment-variables) we automatically detect when you deploy to [Vercel](https://vercel.com) so you don't have to define this variable. Make sure **Automatically expose System Environment Variables** is checked in your Project Settings.
 :::

 ### NEXTAUTH_SECRET

-Used to encrypt the NextAuth.js JWT, and to hash [email verification tokens](/adapters/models#verification-token). This is the default value for the [`secret`](/configuration/options#secret) option. The `secret` option might be removed in the future in favor of this.
+Used to encrypt the NextAuth.js JWT, and to hash [email verification tokens](/adapters/models#verification-token). This is the default value for the `secret` option in [NextAuth](/configuration/options#secret) and [Middleware](/configuration/nextjs#secret).

-If you are using [Middleware](/configuration/nextjs#prerequisites) this environment variable must be set.

 ### NEXTAUTH_URL_INTERNAL

--- a/docs/docs/configuration/providers/oauth.md
+++ b/docs/docs/configuration/providers/oauth.md
@@ -350,7 +350,7 @@ providers: [

 ## Built-in providers

-NextAuth.js comes with a set of built-in providers. You can find them [here](https://github.com/nextauthjs/next-auth/tree/main/src/providers). Each built-in provider has its own documentation page:
+NextAuth.js comes with a set of built-in providers. You can find them [here](https://github.com/nextauthjs/next-auth/tree/main/packages/next-auth/src/providers). Each built-in provider has its own documentation page:

 <div className="provider-name-list">
 {Object.entries(require("../../../providers.json"))
--- a/docs/docs/contributors.md
+++ b/docs/docs/contributors.md
@@ -11,6 +11,7 @@ Without these people, the project could not have become one of the most used aut
 - [Balázs Orbán](https://github.com/balazsorban44) - **Lead Maintainer**
 - [Nico Domino](https://github.com/ndom91) - Maintainer (Documentation, Core)
 - [Lluis Agusti](https://github.com/lluia) - Maintainer (Documentation, Testing, TypeScript)
+- [Thang Huu Vu](https://github.com/ThangHuuVu) - Maintainer (Core, TypeScript)

 ## Special thanks

--- a/docs/docs/errors.md
+++ b/docs/docs/errors.md
@@ -61,17 +61,20 @@ There should also be further details logged when this occurs, such as the error

 ### Signin / Callback

-#### GET_AUTHORIZATION_URL_ERROR
-
-This error can occur when we cannot get the OAuth v1 request token and generate the authorization URL.
-
-Please double check your OAuth v1 provider settings, especially the OAuth token and OAuth token secret.
-
 #### SIGNIN_OAUTH_ERROR

-This error can occur in one of a few places, first during the redirect to the authorization URL of the provider. Next, in the signin flow while creating the PKCE code verifier. Finally, during the generation of the CSRF Token hash in the internal state during signin.
+This error occurs during the redirection to the authorization URL of the OAuth provider. Possible causes:

-Please check your OAuth provider settings and make sure your URLs and other options are correctly set on the provider side.
+1. Cookie handling
+Either PKCE code verifier or the generation of the CSRF token hash in the internal state failed.
+
+If set, check your [`cookies` configuration](/configuration/options#cookies), and make sure the browser is not blocking/restricting cookies.
+
+2. OAuth misconfiguration
+
+Please check your OAuth provider and make sure your URLs  and other options are correctly set.
+
+If you are using an OAuth v1 provider, check your OAuth v1 provider settings, especially the OAuth token and OAuth token secret.

 #### CALLBACK_OAUTH_ERROR

@@ -151,12 +154,6 @@ This error occurs when there was an issue deleting the session from the database

 ### Other

-#### SEND_VERIFICATION_EMAIL_ERROR
-
-This error occurs when the Email Authentication Provider is unable to send an email.
-
-Check your mail server configuration.
-
 #### MISSING_NEXTAUTH_API_ROUTE_ERROR

 This error happens when `[...nextauth].js` file is not found inside `pages/api/auth`.
--- a/docs/docs/faq.md
+++ b/docs/docs/faq.md
@@ -63,17 +63,32 @@ _If you use a custom credentials provider user accounts will not be persisted in

 <details>
 <summary>
-  <h3 style={{display:"inline-block"}}>Can I use NextAuth.js with a website that does not use Next.js?</h3>
+  <h3 style={{display:"inline-block"}}>Can I use NextAuth.js with a framework different than Next.js?</h3>
 </summary>
 <p>

-NextAuth.js is designed for use with Next.js and Serverless.
+NextAuth.js was originally designed for use with Next.js and Serverless. However, today you could use the NextAuth.js core with any other framework. Checkout the examples for <a href="https://github.com/nextauthjs/next-auth/tree/main/apps/example-gatsby" target="_blank">Gatsby</a> and <a href="https://github.com/nextauthjs/next-auth/tree/main/apps/playground-sveltekit" target="_blank">SvelteKit</a>. If you would add another integration with other frameworks, feel free to work on it and send a pull request. Make sure to check if there's any on-going work before open a new issue.

-If you are using a different framework for your website, you can create a website that handles sign in with Next.js and then access those sessions on a website that does not use Next.js as long as the websites are on the same domain.
+</p>
+</details>

-If you use NextAuth.js on a website with a different subdomain then the rest of your website (e.g. `auth.example.com` vs `www.example.com`) you will need to set a custom cookie domain policy for the Session Token cookie. (See also: [Cookies](/configuration/options#cookies))
+<details>
+<summary>
+  <h3 style={{display:"inline-block"}}>Can session generated by NextAuth.js be used by another website?</h3>
+</summary>
+<p>

-NextAuth.js does not currently support automatically signing into sites on different top level domains (e.g. `www.example.com` vs `www.example.org`) using a single session.
+**Same domain**: you can create a website that handles sign-in with NextAuth.js and then access those sessions on a website that does not use NextAuth.js as long as the websites are on the same domain.
+
+**Same root domain, different subdomains**: If you use NextAuth.js on a website with a different subdomain than the rest of your website (e.g. `auth.example.com` vs. `www.example.com`) you will need to set a custom cookie domain policy for the Session Token cookie. (See also: [Cookies](/configuration/options#cookies)).
+
+:::warning
+Changing the default cookies domain policy is advanced and can lead to security issues if done correctly. Make sure you're aware of the security implication before proceeding.
+:::
+
+A working example can be found at <a href="https://github.com/vercel/examples/tree/main/solutions/subdomain-auth" target="_blank">this example repo</a>.
+
+**Different root domains**: NextAuth.js does not currently support automatically signing into sites on different top-level domains (e.g. `www.example.com` vs. `www.example.org`) using a single session.

 </p>
 </details>
--- a/docs/docs/getting-started/client.md
+++ b/docs/docs/getting-started/client.md
@@ -148,13 +148,9 @@ Because of how `_app` is written, it won't unnecessarily contact the `/api/auth/

 More information can be found in the following [GitHub Issue](https://github.com/nextauthjs/next-auth/issues/1210).

-### NextAuth.js + React-Query
+### NextAuth.js + React Query

-There is also an alternative client-side API library based upon [`react-query`](https://www.npmjs.com/package/react-query) available under [`nextauthjs/react-query`](https://github.com/nextauthjs/react-query).
-
-If you use `react-query` in your project already, you can leverage it with NextAuth.js to handle the client-side session management for you as well. This replaces NextAuth.js's native `useSession` and `SessionProvider` from `next-auth/react`.
-
-See repository [`README`](https://github.com/nextauthjs/react-query) for more details.
+You can create your own session management solution using data fetching libraries like [React Query](https://tanstack.com/query/v4/docs/adapters/react-query) or [SWR](https://swr.vercel.app). You can use the [original implementation of `@next-auth/react-query`](https://github.com/nextauthjs/react-query) and look at the [`next-auth/react` source code](https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/react/index.tsx) as a starting point.

 ---

@@ -506,3 +502,29 @@ However, if it was set to `false`, it stops re-fetching the session and the comp
 :::note
 See [**the Next.js documentation**](https://nextjs.org/docs/advanced-features/custom-app) for more information on **\_app.js** in Next.js applications.
 :::
+
+### Custom base path
+When your Next.js application uses a custom base path, set the `NEXTAUTH_URL` environment variable to the route to the API endpoint in full - as in the example below and as explained [here](/configuration/options#nextauth_url).
+
+Also, make sure to pass the `basePath` page prop to the `<SessionProvider>` – as in the example below – so your custom base path is fully configured and used by NextAuth.js.
+
+#### Example
+In this example, the custom base path used is `/custom-route`.
+
+```
+NEXTAUTH_URL=https://example.com/custom-route/api/auth
+```
+
+```jsx title="pages/_app.js"
+import { SessionProvider } from "next-auth/react"
+export default function App({
+  Component,
+  pageProps: { session, ...pageProps },
+}) {
+  return (
+    <SessionProvider session={session} basePath="/custom-route/api/auth">
+      <Component {...pageProps} />
+    </SessionProvider>
+  )
+}
+```
--- a/docs/docs/providers/github.md
+++ b/docs/docs/providers/github.md
@@ -19,7 +19,7 @@ https://github.com/settings/apps

 The **GitHub Provider** comes with a set of default options:

- [GitHub Provider options](https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/providers/github.js)
+- [GitHub Provider options](https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/providers/github.ts)

 You can override any of the options to suit your own use case.

--- a/docs/docs/providers/wikimedia.md
+++ b/docs/docs/providers/wikimedia.md
@@ -0,0 +1,50 @@
+---
+id: wikimedia
+title: Wikimedia
+---
+
+## Documentation
+
+https://www.mediawiki.org/wiki/Extension:OAuth
+
+This provider also supports all Wikimedia projects:
+
+- Wikipedia
+- Wikidata
+- Wikibooks
+- Wiktionary
+- etc..
+
+Please be aware that Wikimedia accounts do not have to have an associated email address. So you may want to add check if the user has an email address before allowing them to login.
+
+## Configuration
+
+1. Go to and accept the Consumer Registration doc: https://meta.wikimedia.org/wiki/Special:OAuthConsumerRegistration
+2. Request a new OAuth 2.0 consumer to get the `clientId` and `clientSecret`: https://meta.wikimedia.org/wiki/Special:OAuthConsumerRegistration/propose/oauth2
+  2a. Add the following redirect URL into the console `http://<your-next-app-url>/api/auth/callback/wikimedia`
+  2b. Do not check the box next to `This consumer is only for [your username]`
+  2c. Unless you explicitly need a larger scope, feel free to select the radio button labelled `User identity verification only - no ability to read pages or act on the users behalf.`
+
+After registration, you can initally test your application only with your own Wikimedia account. You may have to wait several days for the application to be approved for it to be used by everyone.
+
+## Options
+
+The **Wikimedia Provider** comes with a set of default options:
+
+- [Wikimedia Provider options](https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/providers/wikimedia.ts)
+
+You can override any of the options to suit your own use case.
+
+## Example
+
+```js
+import WikimediaProvider from "next-auth/providers/wikimedia";
+...
+providers: [
+  WikimediaProvider({
+    clientId: process.env.WIKIMEDIA_CLIENT_ID,
+    clientSecret: process.env.WIKIMEDIA_CLIENT_SECRET
+  })
+]
+...
+```
--- a/docs/docs/tutorials/securing-pages-and-api-routes.md
+++ b/docs/docs/tutorials/securing-pages-and-api-routes.md
@@ -44,7 +44,7 @@ export default function Page() {

 With NextAuth.js 4.2.0 and Next.js 12, you can now protect your pages via the middleware pattern more easily. If you would like to protect all pages, you can create a `_middleware.js` file in your root `pages` directory which looks like this.

-```js title="/pages/_middleware.js"
+```js title="/middleware.js"
 export { default } from "next-auth/middleware"
 ```

@@ -61,8 +61,9 @@ You can protect server side rendered pages using the `unstable_getServerSession`
 You need to add this to every server rendered page you want to protect. Be aware, `unstable_getServerSession` takes slightly different arguments than the method it is replacing, `getSession`.

 ```js title="pages/server-side-example.js"
-import { useSession, unstable_getServerSession } from "next-auth/next"
+import { unstable_getServerSession } from "next-auth/next"
 import { authOptions } from "./api/auth/[...nextauth]"
+import { useSession } from "next-auth/react"

 export default function Page() {
  const { data: session } = useSession()
@@ -144,10 +145,9 @@ If you are using JSON Web Tokens you can use the `getToken()` helper to access t
 // This is an example of how to read a JSON Web Token from an API route
 import { getToken } from "next-auth/jwt"

-const secret = process.env.SECRET
-
 export default async (req, res) => {
-  const token = await getToken({ req, secret })
+  // If you don't have NEXTAUTH_SECRET set, you will have to pass your secret as `secret` to `getToken`
+  const token = await getToken({ req })
  if (token) {
    // Signed in
    console.log("JSON Web Token", JSON.stringify(token, null, 2))
--- a/docs/docs/warnings.md
+++ b/docs/docs/warnings.md
@@ -37,6 +37,12 @@ Twitter OAuth 2.0 is currently in beta as certain changes might still be necessa

 Some APIs are still experimental; they may be changed or removed in the future. Use at your own risk.

+#### DEBUG_ENABLED
+
+You have enabled the `debug` option. It is meant for development only, to help you catch issues in your authentication flow and you should consider removing this option when deploying to production. One way of only allowing debugging while not in production is to set `debug: process.env.NODE_ENV !== "production"`, so you can commit this without needing to change the value.
+
+If you want to log debug messages during production anyway, we recommend setting the [`logger` option](/configuration/options#logger) with proper sanitization of potentially sensitive user information.
+
 ## Adapter

 ### ADAPTER_TYPEORM_UPDATING_ENTITIES
--- a/docs/package.json
+++ b/docs/package.json
@@ -23,7 +23,7 @@
    "@docusaurus/preset-classic": "^2.0.0-beta.21",
    "@docusaurus/theme-common": "2.0.0-beta.21",
    "@mdx-js/react": "1.6.22",
-    "@sapphire/docusaurus-plugin-npm2yarn2pnpm": "^1.1.0",
+    "@sapphire/docusaurus-plugin-npm2yarn2pnpm": "1.1.3",
    "classnames": "^2.3.1",
    "mdx-mermaid": "^1.2.2",
    "mermaid": "^9.0.1",
--- a/docs/versioned_docs/version-v3/configuration/providers.md
+++ b/docs/versioned_docs/version-v3/configuration/providers.md
@@ -181,7 +181,7 @@ If you think your custom provider might be useful to others, we encourage you to

 You only need to add two changes:

-1. Add your config: [`src/providers/{provider}.js`](https://github.com/nextauthjs/next-auth/tree/main/src/providers)<br />
+1. Add your config: [`src/providers/{provider}.js`](https://github.com/nextauthjs/next-auth/tree/main/packages/next-auth/src/providers)<br />
   • make sure you use a named default export, like this: `export default function YourProvider`
 2. Add provider documentation: [`www/docs/providers/{provider}.md`](https://github.com/nextauthjs/next-auth/tree/ead715219a5d7a6e882a6ba27fa56b03954d062d/www/docs/providers)
 3. Add it to our [provider types](https://github.com/nextauthjs/next-auth/blob/ead715219a5d7a6e882a6ba27fa56b03954d062d/types/providers.d.ts) (for TS projects)<br />
--- a/docs/versioned_docs/version-v3/providers/duende-identity-server6.md
+++ b/docs/versioned_docs/version-v3/providers/duende-identity-server6.md
@@ -0,0 +1,53 @@
+---
+id: duende-identityserver6
+title: DuendeIdentityServer6
+---
+
+## Documentation
+
+https://docs.duendesoftware.com/identityserver/v6
+
+## Options
+
+The **DuendeIdentityServer6 Provider** comes with a set of default options:
+
+- [DuendeIdentityServer6 Provider options](https://github.com/nextauthjs/next-auth/tree/main/packages/next-auth/src/providers/duende-identity-server6.ts)
+
+You can override any of the options to suit your own use case.
+
+## Example
+
+```js
+import DuendeIDS6Provider from "next-auth/providers/duende-identity-server6"
+
+...
+providers: [
+  DuendeIDS6Provider({
+    clientId: process.env.DUENDE_IDS6_ID,
+    clientSecret: process.env.DUENDE_IDS6_SECRET,
+    issuer: process.env.DUENDE_IDS6_ISSUER,
+  })
+]
+...
+```
+
+## Demo IdentityServer
+
+The configuration below is for the demo server at https://demo.duendesoftware.com/
+
+If you want to try it out, you can copy and paste the configuration below.
+
+You can sign in to the demo service with either <b>bob/bob</b> or <b>alice/alice</b>.
+
+```js
+import DuendeIDS6Provider from "next-auth/providers/duende-identity-server6"
+...
+providers: [
+  DuendeIDS6Provider({
+    clientId: "interactive.confidential",
+    clientSecret: "secret",
+    issuer: "https://demo.duendesoftware.com",
+  })
+]
+...
+```
--- a/docs/versioned_docs/version-v3/providers/github.md
+++ b/docs/versioned_docs/version-v3/providers/github.md
@@ -15,7 +15,7 @@ https://github.com/settings/apps

 The **Github Provider** comes with a set of default options:

- [Github Provider options](https://github.com/nextauthjs/next-auth/blob/main/src/providers/github.js)
+- [Github Provider options](https://github.com/nextauthjs/next-auth/blob/main/src/providers/github.ts)

 You can override any of the options to suit your own use case.

--- a/docs/versioned_docs/version-v3/providers/identity-server4.md
+++ b/docs/versioned_docs/version-v3/providers/identity-server4.md
@@ -54,6 +54,6 @@ providers: [
    clientSecret: "secret",
    protection: "pkce"
  })
-}
+]
 ...
 ```
--- a/package.json
+++ b/package.json
@@ -11,16 +11,16 @@
    "test": "turbo run test --concurrency=1 --filter=!@next-auth/pouchdb-adapter --filter=!next-auth-* --filter=[HEAD^1]",
    "setup": "turbo run setup",
    "dev": "pnpm dev:app",
+    "email": "cd apps/dev && pnpm email",
    "dev:app": "turbo run dev --parallel --no-deps --no-cache --filter=next-auth-app",
    "dev:docs": "turbo run dev --parallel --no-deps --no-cache --filter=next-auth-docs",
    "version:pr": "node ./config/version-pr",
-    "release": "ts-node scripts/release"
+    "release": "release"
  },
  "devDependencies": {
    "@actions/core": "^1.6.0",
-    "@commitlint/parse": "16.0.0",
+    "@balazsorban/monorepo-release": "0.0.4",
    "@types/node": "^17.0.25",
-    "@types/semver": "7.3.9",
    "@typescript-eslint/eslint-plugin": "^5.10.2",
    "@typescript-eslint/parser": "^4.33.0",
    "eslint": "^7.32.0",
@@ -30,14 +30,10 @@
    "eslint-plugin-jest": "^25.3.0",
    "eslint-plugin-node": "^11.1.0",
    "eslint-plugin-promise": "^6.0.0",
-    "git-log-parser": "1.2.0",
    "husky": "^7.0.4",
    "prettier": "2.4.1",
    "pretty-quick": "^3.1.2",
-    "semver": "7.3.5",
-    "stream-to-array": "2.3.0",
-    "ts-node": "10.5.0",
-    "turbo": "^1.2.5",
+    "turbo": "1.3.1",
    "typescript": "^4.5.2"
  },
  "engines": {
@@ -46,7 +42,15 @@
  },
  "prettier": {
    "semi": false,
-    "singleQuote": false
+    "singleQuote": false,
+    "overrides": [
+      {
+        "files": "apps/dev/pages/api/auth/[...nextauth].ts",
+        "options": {
+          "printWidth": 150
+        }
+      }
+    ]
  },
  "eslintConfig": {
    "parser": "@typescript-eslint/parser",
@@ -97,7 +101,7 @@
    "**/tests",
    "**/__tests__"
  ],
-  "packageManager": "pnpm@6.32.8",
+  "packageManager": "pnpm@7.5.1",
  "funding": [
    {
      "type": "github",
--- a/packages/adapter-dgraph/package.json
+++ b/packages/adapter-dgraph/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@next-auth/dgraph-adapter",
-  "version": "1.0.3",
+  "version": "1.0.4",
  "description": "Dgraph adapter for next-auth.",
  "homepage": "https://next-auth.js.org",
  "repository": "https://github.com/nextauthjs/next-auth",
@@ -31,7 +31,7 @@
  },
  "peerDependencies": {
    "jsonwebtoken": "^8.5.1",
-    "next-auth": "workspace:*"
+    "next-auth": "^4"
  },
  "devDependencies": {
    "@next-auth/adapter-test": "workspace:^0.0.0",
@@ -50,4 +50,4 @@
  "jest": {
    "preset": "@next-auth/adapter-test/jest"
  }
-}
+}
--- a/packages/adapter-dynamodb/package.json
+++ b/packages/adapter-dynamodb/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@next-auth/dynamodb-adapter",
  "repository": "https://github.com/nextauthjs/next-auth",
-  "version": "1.0.3",
+  "version": "1.0.4",
  "description": "AWS DynamoDB adapter for next-auth.",
  "keywords": [
    "next-auth",
@@ -32,7 +32,7 @@
  "license": "ISC",
  "peerDependencies": {
    "@aws-sdk/lib-dynamodb": "^3.36.1",
-    "next-auth": "workspace:*"
+    "next-auth": "^4"
  },
  "devDependencies": {
    "@aws-sdk/client-dynamodb": "^3.36.1",
@@ -43,4 +43,4 @@
    "jest": "^27.4.3",
    "next-auth": "workspace:*"
  }
-}
+}
--- a/packages/adapter-fauna/package.json
+++ b/packages/adapter-fauna/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@next-auth/fauna-adapter",
-  "version": "1.0.3",
+  "version": "1.0.4",
  "description": "Fauna Adapter for NextAuth",
  "homepage": "https://next-auth.js.org",
  "repository": "https://github.com/nextauthjs/next-auth",
@@ -41,7 +41,7 @@
  },
  "peerDependencies": {
    "faunadb": "^4.3.0",
-    "next-auth": "workspace:*"
+    "next-auth": "^4"
  },
  "devDependencies": {
    "@fauna-labs/fauna-schema-migrate": "^2.1.3",
@@ -54,4 +54,4 @@
  "jest": {
    "preset": "@next-auth/adapter-test/jest"
  }
-}
+}
--- a/packages/adapter-firebase/README.md
+++ b/packages/adapter-firebase/README.md
@@ -32,14 +32,13 @@ npm install next-auth @next-auth/firebase-adapter
 ```js
 import NextAuth from "next-auth"
 import Providers from "next-auth/providers"
-import { FirebaseAdapter } from "@next-auth/firebase-adapter"
+import { FirestoreAdapter } from "@next-auth/firebase-adapter"

-import firebase from "firebase/app"
-import "firebase/firestore"
+import { initializeApp } from "firebase/app";
+import { getFirestore } from "firebase/firestore"

-const firestore = (
-  firebase.apps[0] ?? firebase.initializeApp(/* your config */)
-).firestore()
+const app = initializeApp({ projectId: "next-auth-test" });
+const firestore = getFirestore(app);

 // For more information on each option (and a full list of options) go to
 // https://next-auth.js.org/configuration/options
@@ -51,7 +50,7 @@ export default NextAuth({
      clientSecret: process.env.GOOGLE_SECRET,
    }),
  ],
-  adapter: FirebaseAdapter(firestore),
+  adapter: FirestoreAdapter(firestore),
  ...
 })
 ```
--- a/packages/adapter-firebase/jest.config.js
+++ b/packages/adapter-firebase/jest.config.js
@@ -1 +1 @@
-module.exports = require("@next-auth/adapter-test/jest.config")
+module.exports = require("@next-auth/adapter-test/jest/jest-preset")
--- a/packages/adapter-firebase/package.json
+++ b/packages/adapter-firebase/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@next-auth/firebase-adapter",
-  "version": "0.1.3",
+  "version": "1.0.1",
  "description": "Firebase adapter for next-auth.",
  "homepage": "https://next-auth.js.org",
  "repository": "https://github.com/nextauthjs/next-auth",
@@ -28,19 +28,19 @@
    "access": "public"
  },
  "scripts": {
-    "build:wip": "tsc",
-    "test:wip": "FIRESTORE_EMULATOR_HOST=localhost:8080 firebase emulators:exec --only firestore --project next-auth-test jest"
+    "build": "tsc",
+    "test": "FIRESTORE_EMULATOR_HOST=localhost:8080 firebase emulators:exec --only firestore --project next-auth-test jest"
  },
  "peerDependencies": {
-    "firebase": "^8.6.2",
-    "next-auth": "workspace:*"
+    "firebase": "^9.7.0",
+    "next-auth": "^4"
  },
  "devDependencies": {
    "@next-auth/adapter-test": "workspace:^0.0.0",
    "@next-auth/tsconfig": "workspace:^0.0.0",
-    "firebase": "^8.6.2",
-    "firebase-tools": "^9.11.0",
+    "firebase": "^9.7.0",
+    "firebase-tools": "^10.7.2",
    "jest": "^27.4.3",
    "next-auth": "workspace:*"
  }
-}
+}
--- a/packages/adapter-firebase/src/converter.ts
+++ b/packages/adapter-firebase/src/converter.ts
@@ -0,0 +1,58 @@
+import { Timestamp } from "firebase/firestore"
+import type {
+  FirestoreDataConverter,
+  QueryDocumentSnapshot,
+  WithFieldValue,
+} from "firebase/firestore"
+
+const isTimestamp = (value: unknown): value is Timestamp =>
+  typeof value === "object" && value !== null && value instanceof Timestamp
+
+interface GetConverterOptions {
+  excludeId?: boolean
+}
+
+export const getConverter = <Document extends Record<string, unknown>>(
+  options?: GetConverterOptions
+): FirestoreDataConverter<Document> => ({
+  // `PartialWithFieldValue` implicitly types `object` as `any`, so we want to explicitly type it
+  toFirestore(object: WithFieldValue<Document>) {
+    const document: Record<string, unknown> = {}
+
+    Object.keys(object).forEach((key) => {
+      if (object[key] !== undefined) {
+        document[key] = object[key]
+      }
+    })
+
+    return document
+  },
+  // We need to explicitly type `snapshot` since it uses `DocumentData` for generic type
+  fromFirestore(snapshot: QueryDocumentSnapshot<Document>) {
+    if (!snapshot.exists()) {
+      return snapshot
+    }
+
+    let document: Document = snapshot.data()
+
+    if (!options?.excludeId) {
+      document = {
+        ...document,
+        id: snapshot.id,
+      }
+    }
+
+    for (const key in document) {
+      const value = document[key]
+
+      if (isTimestamp(value)) {
+        document = {
+          ...document,
+          [key]: value.toDate(),
+        }
+      }
+    }
+
+    return document
+  },
+})
--- a/packages/adapter-firebase/src/index.ts
+++ b/packages/adapter-firebase/src/index.ts
@@ -1,283 +1,289 @@
-import type firebase from "firebase"
-import { createHash, randomBytes } from "crypto"
-import { Adapter } from "next-auth/adapters"
+import { initializeApp } from "firebase/app"
+import type { FirebaseOptions } from "firebase/app"
 import {
-  querySnapshotToObject,
-  docSnapshotToObject,
-  stripUndefined,
-} from "./utils"
-import { Profile, Session, User } from "next-auth"
+  addDoc,
+  collection,
+  deleteDoc,
+  doc,
+  getDoc,
+  getDocs,
+  getFirestore,
+  limit,
+  query,
+  runTransaction,
+  setDoc,
+  where,
+  connectFirestoreEmulator,
+} from "firebase/firestore"
+import type { Account } from "next-auth"
+import type {
+  Adapter,
+  AdapterSession,
+  AdapterUser,
+  VerificationToken,
+} from "next-auth/adapters"

-interface FirebaseVerificationRequest {
-  id: string
-  identifier: string
-  token: string
-  expires: Date
+import { getConverter } from "./converter"
+
+type IndexableObject = Record<string, unknown>
+
+export interface FirestoreAdapterOptions {
+  emulator?: {
+    host?: string
+    port?: number
+  }
 }

-export type FirebaseSession = Session & {
-  id: string
-  expires: Date
-}
+export function FirestoreAdapter({
+  emulator,
+  ...firebaseOptions
+}: FirebaseOptions & FirestoreAdapterOptions): Adapter {
+  const firebaseApp = initializeApp(firebaseOptions)
+  const db = getFirestore(firebaseApp)
+
+  if (emulator) {
+    connectFirestoreEmulator(
+      db,
+      emulator?.host ?? "localhost",
+      emulator?.port ?? 3001
+    )
+  }
+
+  const Users = collection(db, "users").withConverter(
+    getConverter<AdapterUser>()
+  )
+  const Sessions = collection(db, "sessions").withConverter(
+    getConverter<AdapterSession & IndexableObject>()
+  )
+  const Accounts = collection(db, "accounts").withConverter(
+    getConverter<Account>()
+  )
+  const VerificationTokens = collection(db, "verificationTokens").withConverter(
+    getConverter<VerificationToken & IndexableObject>({ excludeId: true })
+  )

-// @ts-expect-error
-export const FirebaseAdapter: Adapter<
-  firebase.firestore.Firestore,
-  never,
-  User & { id: string },
-  Profile,
-  FirebaseSession
-> = (client) => {
  return {
-    async getAdapter({ session, secret, ...appOptions }) {
-      const sessionMaxAge = session.maxAge * 1000 // default is 30 days
-      const sessionUpdateAge = session.updateAge * 1000 // default is 1 day
-      /**
-       * @todo Move this to core package
-       * @todo Use bcrypt or a more secure method
-       */
-      const hashToken = (token: string) =>
-        createHash("sha256").update(`${token}${secret}`).digest("hex")
+    async createUser(newUser) {
+      const userRef = await addDoc(Users, newUser)
+      const userSnapshot = await getDoc(userRef)

-      return {
-        displayName: "FIREBASE",
-        async createUser(profile) {
-          const userRef = await client.collection("users").add(
-            stripUndefined({
-              name: profile.name,
-              email: profile.email,
-              image: profile.image,
-              emailVerified: profile.emailVerified ?? null,
-            })
-          )
-          const snapshot = await userRef.get()
-          const user = docSnapshotToObject(snapshot)
-          return user
-        },
-
-        async getUser(id) {
-          const snapshot = await client.collection("users").doc(id).get()
-          const user = docSnapshotToObject(snapshot)
-          return user
-        },
-
-        async getUserByEmail(email) {
-          if (!email) return null
-
-          const snapshot = await client
-            .collection("users")
-            .where("email", "==", email)
-            .limit(1)
-            .get()
-
-          const user = querySnapshotToObject(snapshot)
-          return user
-        },
-
-        async getUserByProviderAccountId(providerId, providerAccountId) {
-          const accountSnapshot = await client
-            .collection("accounts")
-            .where("providerId", "==", providerId)
-            .where("providerAccountId", "==", providerAccountId)
-            .limit(1)
-            .get()
-
-          if (accountSnapshot.empty) return null
-
-          const userId = accountSnapshot.docs[0].data().userId
-
-          const userSnapshot = await client
-            .collection("users")
-            .doc(userId)
-            .get()
-
-          // eslint-disable-next-line @typescript-eslint/no-unnecessary-type-assertion
-          return { ...userSnapshot.data(), id: userSnapshot.id } as any
-        },
-
-        async updateUser(user) {
-          await client
-            .collection("users")
-            .doc(user.id)
-            .update(stripUndefined(user))
-
-          return user
-        },
-
-        async deleteUser(userId) {
-          await client.collection("users").doc(userId).delete()
-        },
-
-        async linkAccount(
-          userId,
-          providerId,
-          providerType,
-          providerAccountId,
-          refreshToken,
-          accessToken,
-          accessTokenExpires
-        ) {
-          const accountRef = await client.collection("accounts").add(
-            stripUndefined({
-              userId,
-              providerId,
-              providerType,
-              providerAccountId,
-              refreshToken,
-              accessToken,
-              accessTokenExpires,
-            })
-          )
-
-          const accountSnapshot = await accountRef.get()
-          const account = docSnapshotToObject(accountSnapshot)
-          return account
-        },
-
-        async unlinkAccount(userId, providerId, providerAccountId) {
-          const snapshot = await client
-            .collection("accounts")
-            .where("userId", "==", userId)
-            .where("providerId", "==", providerId)
-            .where("providerAccountId", "==", providerAccountId)
-            .limit(1)
-            .get()
-
-          const accountId = snapshot.docs[0].id
-
-          await client.collection("accounts").doc(accountId).delete()
-        },
-
-        async createSession(user) {
-          const sessionRef = await client.collection("sessions").add({
-            userId: user.id,
-            expires: new Date(Date.now() + sessionMaxAge),
-            sessionToken: randomBytes(32).toString("hex"),
-            accessToken: randomBytes(32).toString("hex"),
-          })
-          const snapshot = await sessionRef.get()
-          const session = docSnapshotToObject(snapshot)
-          return session
-        },
-
-        async getSession(sessionToken) {
-          const snapshot = await client
-            .collection("sessions")
-            .where("sessionToken", "==", sessionToken)
-            .limit(1)
-            .get()
-
-          const session = querySnapshotToObject<FirebaseSession>(snapshot)
-          if (!session) return null
-
-          // if the session has expired
-          if (session.expires < new Date()) {
-            // delete the session
-            await client.collection("sessions").doc(session.id).delete()
-            return null
-          }
-          // return already existing session
-          return session
-        },
-
-        async updateSession(session, force) {
-          if (
-            !force &&
-            Number(session.expires) - sessionMaxAge + sessionUpdateAge >
-              Date.now()
-          ) {
-            return null
-          }
-
-          // Update the item in the database
-          await client
-            .collection("sessions")
-            .doc(session.id)
-            .update({
-              expires: new Date(Date.now() + sessionMaxAge),
-            })
-
-          return session
-        },
-
-        async deleteSession(sessionToken) {
-          const snapshot = await client
-            .collection("sessions")
-            .where("sessionToken", "==", sessionToken)
-            .limit(1)
-            .get()
-
-          const session = querySnapshotToObject<FirebaseSession>(snapshot)
-          if (!session) return
-
-          await client.collection("sessions").doc(session.id).delete()
-        },
-
-        async createVerificationRequest(identifier, url, token, _, provider) {
-          const verificationRequestRef = await client
-            .collection("verificationRequests")
-            .add({
-              identifier,
-              token: hashToken(token),
-              expires: new Date(Date.now() + provider.maxAge * 1000),
-            })
-
-          // With the verificationCallback on a provider, you can send an email, or queue
-          // an email to be sent, or perform some other action (e.g. send a text message)
-          await provider.sendVerificationRequest({
-            identifier,
-            url,
-            token,
-            baseUrl: appOptions.baseUrl,
-            provider,
-          })
-
-          const snapshot = await verificationRequestRef.get()
-          return docSnapshotToObject<FirebaseVerificationRequest>(snapshot)
-        },
-
-        async getVerificationRequest(identifier, token) {
-          const snapshot = await client
-            .collection("verificationRequests")
-            .where("token", "==", hashToken(token))
-            .where("identifier", "==", identifier)
-            .limit(1)
-            .get()
-
-          const verificationRequest =
-            querySnapshotToObject<FirebaseVerificationRequest>(snapshot)
-          if (!verificationRequest) return null
-
-          if (verificationRequest.expires < new Date()) {
-            // Delete verification entry so it cannot be used again
-            await client
-              .collection("verificationRequests")
-              .doc(verificationRequest.id)
-              .delete()
-            return null
-          }
-          return verificationRequest
-        },
-
-        async deleteVerificationRequest(identifier, token) {
-          const snapshot = await client
-            .collection("verificationRequests")
-            .where("token", "==", hashToken(token))
-            .where("identifier", "==", identifier)
-            .limit(1)
-            .get()
-
-          const verificationRequest =
-            querySnapshotToObject<FirebaseVerificationRequest>(snapshot)
-
-          if (!verificationRequest) return null
-
-          await client
-            .collection("verificationRequests")
-            .doc(verificationRequest.id)
-            .delete()
-        },
+      if (userSnapshot.exists() && Users.converter) {
+        return Users.converter.fromFirestore(userSnapshot)
      }
+
+      throw new Error("[createUser] Failed to create user")
+    },
+    async getUser(id) {
+      const userSnapshot = await getDoc(doc(Users, id))
+
+      if (userSnapshot.exists() && Users.converter) {
+        return Users.converter.fromFirestore(userSnapshot)
+      }
+
+      return null
+    },
+    async getUserByEmail(email) {
+      const userQuery = query(Users, where("email", "==", email), limit(1))
+      const userSnapshots = await getDocs(userQuery)
+      const userSnpashot = userSnapshots.docs[0]
+
+      if (userSnpashot?.exists() && Users.converter) {
+        return Users.converter.fromFirestore(userSnpashot)
+      }
+
+      return null
+    },
+    async getUserByAccount({ provider, providerAccountId }) {
+      const accountQuery = query(
+        Accounts,
+        where("provider", "==", provider),
+        where("providerAccountId", "==", providerAccountId),
+        limit(1)
+      )
+      const accountSnapshots = await getDocs(accountQuery)
+      const accountSnapshot = accountSnapshots.docs[0]
+
+      if (accountSnapshot?.exists()) {
+        const { userId } = accountSnapshot.data()
+        const userDoc = await getDoc(doc(Users, userId))
+
+        if (userDoc.exists() && Users.converter) {
+          return Users.converter.fromFirestore(userDoc)
+        }
+      }
+
+      return null
+    },
+
+    async updateUser(partialUser) {
+      const userRef = doc(Users, partialUser.id)
+
+      await setDoc(userRef, partialUser, { merge: true })
+
+      const userSnapshot = await getDoc(userRef)
+
+      if (userSnapshot.exists() && Users.converter) {
+        return Users.converter.fromFirestore(userSnapshot)
+      }
+
+      throw new Error("[updateUser] Failed to update user")
+    },
+
+    async deleteUser(userId) {
+      const userRef = doc(Users, userId)
+      const accountsQuery = query(Accounts, where("userId", "==", userId))
+      const sessionsQuery = query(Sessions, where("userId", "==", userId))
+
+      // TODO: May be better to use events instead of transactions?
+      await runTransaction(db, async (transaction) => {
+        const accounts = await getDocs(accountsQuery)
+        const sessions = await getDocs(sessionsQuery)
+
+        transaction.delete(userRef)
+        accounts.forEach((account) => transaction.delete(account.ref))
+        sessions.forEach((session) => transaction.delete(session.ref))
+      })
+    },
+
+    async linkAccount(account) {
+      const accountRef = await addDoc(Accounts, account)
+      const accountSnapshot = await getDoc(accountRef)
+
+      if (accountSnapshot.exists() && Accounts.converter) {
+        return Accounts.converter.fromFirestore(accountSnapshot)
+      }
+    },
+
+    async unlinkAccount({ provider, providerAccountId }) {
+      const accountQuery = query(
+        Accounts,
+        where("provider", "==", provider),
+        where("providerAccountId", "==", providerAccountId),
+        limit(1)
+      )
+      const accountSnapshots = await getDocs(accountQuery)
+      const accountSnapshot = accountSnapshots.docs[0]
+
+      if (accountSnapshot?.exists()) {
+        await deleteDoc(accountSnapshot.ref)
+      }
+    },
+
+    async createSession(session) {
+      const sessionRef = await addDoc(Sessions, session)
+      const sessionSnapshot = await getDoc(sessionRef)
+
+      if (sessionSnapshot.exists() && Sessions.converter) {
+        return Sessions.converter.fromFirestore(sessionSnapshot)
+      }
+
+      throw new Error("[createSession] Failed to create session")
+    },
+
+    async getSessionAndUser(sessionToken) {
+      const sessionQuery = query(
+        Sessions,
+        where("sessionToken", "==", sessionToken),
+        limit(1)
+      )
+      const sessionSnapshots = await getDocs(sessionQuery)
+      const sessionSnapshot = sessionSnapshots.docs[0]
+
+      if (sessionSnapshot?.exists() && Sessions.converter) {
+        const session = Sessions.converter.fromFirestore(sessionSnapshot)
+        const userDoc = await getDoc(doc(Users, session.userId))
+
+        if (userDoc.exists() && Users.converter) {
+          const user = Users.converter.fromFirestore(userDoc)
+
+          return { session, user }
+        }
+      }
+
+      return null
+    },
+
+    async updateSession(partialSession) {
+      const sessionQuery = query(
+        Sessions,
+        where("sessionToken", "==", partialSession.sessionToken),
+        limit(1)
+      )
+      const sessionSnapshots = await getDocs(sessionQuery)
+      const sessionSnapshot = sessionSnapshots.docs[0]
+
+      if (sessionSnapshot?.exists()) {
+        await setDoc(sessionSnapshot.ref, partialSession, { merge: true })
+
+        const sessionDoc = await getDoc(sessionSnapshot.ref)
+
+        if (sessionDoc?.exists() && Sessions.converter) {
+          const session = Sessions.converter.fromFirestore(sessionDoc)
+
+          return session
+        }
+      }
+
+      return null
+    },
+
+    async deleteSession(sessionToken) {
+      const sessionQuery = query(
+        Sessions,
+        where("sessionToken", "==", sessionToken),
+        limit(1)
+      )
+      const sessionSnapshots = await getDocs(sessionQuery)
+      const sessionSnapshot = sessionSnapshots.docs[0]
+
+      if (sessionSnapshot?.exists()) {
+        await deleteDoc(sessionSnapshot.ref)
+      }
+    },
+
+    async createVerificationToken(verificationToken) {
+      const verificationTokenRef = await addDoc(
+        VerificationTokens,
+        verificationToken
+      )
+      const verificationTokenSnapshot = await getDoc(verificationTokenRef)
+
+      if (verificationTokenSnapshot.exists() && VerificationTokens.converter) {
+        const {
+          id,
+          ...verificationToken
+        } = VerificationTokens.converter.fromFirestore(
+          verificationTokenSnapshot
+        )
+
+        return verificationToken
+      }
+    },
+
+    async useVerificationToken({ identifier, token }) {
+      const verificationTokensQuery = query(
+        VerificationTokens,
+        where("identifier", "==", identifier),
+        where("token", "==", token),
+        limit(1)
+      )
+      const verificationTokenSnapshots = await getDocs(verificationTokensQuery)
+      const verificationTokenSnapshot = verificationTokenSnapshots.docs[0]
+
+      if (verificationTokenSnapshot?.exists() && VerificationTokens.converter) {
+        await deleteDoc(verificationTokenSnapshot.ref)
+
+        const {
+          id,
+          ...verificationToken
+        } = VerificationTokens.converter.fromFirestore(
+          verificationTokenSnapshot
+        )
+
+        return verificationToken
+      }
+
+      return null
    },
  }
 }
--- a/packages/adapter-firebase/src/utils.ts
+++ b/packages/adapter-firebase/src/utils.ts
@@ -1,40 +0,0 @@
-import type firebase from "firebase"
-
-/**
- * Takes in a snapshot and returns all of its `data()`,
- * as well as `id` and `createdAt` and `updatedAt` `Date`
- */
-export function docSnapshotToObject<T>(
-  snapshot: firebase.firestore.DocumentSnapshot<firebase.firestore.DocumentData>
-): T | null {
-  if (!snapshot.exists) {
-    return null
-  }
-  const data: any = snapshot.data()
-  if (data.expires) {
-    data.expires = data.expires.toDate()
-  }
-  return { id: snapshot.id, ...data }
-}
-
-export function querySnapshotToObject<T>(
-  snapshot: firebase.firestore.QuerySnapshot<firebase.firestore.DocumentData>
-): T | null {
-  if (snapshot.empty) {
-    return null
-  }
-  const doc = snapshot.docs[0]
-
-  const data: any = doc.data()
-  if (data.expires) {
-    data.expires = data.expires.toDate()
-  }
-  return { id: doc.id, ...data }
-}
-
-/** Firebase does not like `undefined` values */
-export function stripUndefined(obj: any) {
-  return Object.fromEntries(
-    Object.entries(obj).filter(([, value]) => typeof value !== "undefined")
-  )
-}
--- a/packages/adapter-firebase/tests/index.test.ts
+++ b/packages/adapter-firebase/tests/index.test.ts
@@ -1,67 +1,77 @@
 import { runBasicTests } from "@next-auth/adapter-test"
-import { FirebaseAdapter } from "../src"
-import { docSnapshotToObject, querySnapshotToObject } from "../src/utils"
+import { FirestoreAdapter } from "../src"

-import firebase from "firebase/app"
-import "firebase/firestore"
+import { getFirestore, connectFirestoreEmulator, terminate, collection, query, where, limit, getDocs, getDoc, doc } from "firebase/firestore"
+import { initializeApp } from "firebase/app";
+import { getConverter } from "../src/converter";
+import type { AdapterSession, AdapterUser, VerificationToken } from "next-auth/adapters";
+import type { Account } from "next-auth";

-const firestore = (
-  firebase.apps[0] ?? firebase.initializeApp({ projectId: "next-auth-test" })
-).firestore()
-firestore.useEmulator("localhost", 8080)
+const app = initializeApp({ projectId: "next-auth-test" });
+const firestore = getFirestore(app);
+
+connectFirestoreEmulator(firestore, 'localhost', 8080);
+
+type IndexableObject = Record<string, unknown>;
+
+const Users = collection(firestore, 'users').withConverter(getConverter<AdapterUser>());
+const Sessions = collection(firestore, 'sessions').withConverter(getConverter<AdapterSession & IndexableObject>());
+const Accounts = collection(firestore, 'accounts').withConverter(getConverter<Account>());
+const VerificationTokens = collection(firestore, 'verificationTokens').withConverter(getConverter<VerificationToken & IndexableObject>({ excludeId: true }));

 runBasicTests({
-  adapter: FirebaseAdapter(firestore),
+  adapter: FirestoreAdapter({ projectId: "next-auth-test" }),
  db: {
    async disconnect() {
-      await firestore.terminate()
+      await terminate(firestore);
    },
    async session(sessionToken) {
-      const snapshot = await firestore
-        .collection("sessions")
-        .where("sessionToken", "==", sessionToken)
-        .limit(1)
-        .get()
-      return querySnapshotToObject(snapshot)
-    },
-    async expireSession(sessionToken, expires) {
-      const snapshot = await firestore
-        .collection("sessions")
-        .where("sessionToken", "==", sessionToken)
-        .limit(1)
-        .get()
+      const snapshotQuery = query(Sessions, where("sessionToken", "==", sessionToken), limit(1));
+      const snapshots = await getDocs(snapshotQuery);
+      const snapshot = snapshots.docs[0];

-      if (snapshot.empty) {
-        console.error(sessionToken, expires)
-        throw new Error("Could not expire session")
+      if (snapshot?.exists() && Sessions.converter) {
+        const session = Sessions.converter.fromFirestore(snapshot);
+
+        return session;
      }

-      return await firestore
-        .collection("sessions")
-        .doc(snapshot.docs[0].id)
-        .update({ expires })
+      return null;
    },
    async user(id) {
-      const snapshot = await firestore.collection("users").doc(id).get()
-      return docSnapshotToObject(snapshot)
+      const snapshot = await getDoc(doc(Users, id));
+
+      if (snapshot?.exists() && Users.converter) {
+        const user = Users.converter.fromFirestore(snapshot);
+
+        return user;
+      }
+
+      return null;
    },
-    async account(providerId, providerAccountId) {
-      const snapshot = await firestore
-        .collection("accounts")
-        .where("providerId", "==", providerId)
-        .where("providerAccountId", "==", providerAccountId)
-        .limit(1)
-        .get()
-      return querySnapshotToObject(snapshot)
+    async account({ provider, providerAccountId }) {
+      const snapshotQuery = query(Accounts, where("provider", "==", provider), where("providerAccountId", "==", providerAccountId), limit(1));
+      const snapshots = await getDocs(snapshotQuery);
+      const snapshot = snapshots.docs[0];
+
+      if (snapshot?.exists() && Accounts.converter) {
+        const account = Accounts.converter.fromFirestore(snapshot);
+
+        return account;
+      }
+
+      return null;
    },
-    async verificationRequest(identifier, token) {
-      const snapshot = await firestore
-        .collection("verificationRequests")
-        .where("identifier", "==", identifier)
-        .where("token", "==", token)
-        .limit(1)
-        .get()
-      return querySnapshotToObject(snapshot)
+    async verificationToken({ identifier, token }) {
+      const snapshotQuery = query(VerificationTokens, where("identifier", "==", identifier), where("token", "==", token), limit(1));
+      const snapshots = await getDocs(snapshotQuery);
+      const snapshot = snapshots.docs[0];
+
+      if (snapshot?.exists() && VerificationTokens.converter) {
+        const verificationToken = VerificationTokens.converter.fromFirestore(snapshot);
+
+        return verificationToken;
+      }
    },
  },
 })
--- a/packages/adapter-firebase/tsconfig.json
+++ b/packages/adapter-firebase/tsconfig.json
@@ -1,8 +1,10 @@
 {
-  "extends": "@next-auth/tsconfig/base.json",
+  "extends": "@next-auth/tsconfig/adapters.json",
  "compilerOptions": {
    "rootDir": "src",
-    "outDir": "dist"
+    "outDir": "dist",
+    "strict": true,
+    "noUncheckedIndexedAccess": true
  },
  "exclude": ["tests", "dist", "jest.config.js"]
 }
--- a/packages/adapter-mikro-orm/package.json
+++ b/packages/adapter-mikro-orm/package.json
@@ -33,17 +33,21 @@
  ],
  "peerDependencies": {
    "@mikro-orm/core": "^5.0.2",
-    "next-auth": "workspace:*"
+    "next-auth": "^4"
  },
  "devDependencies": {
    "@mikro-orm/core": "^5.0.2",
    "@mikro-orm/sqlite": "^5.0.2",
    "@next-auth/adapter-test": "workspace:^0.0.0",
    "@next-auth/tsconfig": "workspace:^0.0.0",
+    "@types/uuid": "^8.3.3",
    "jest": "^27.4.3",
    "next-auth": "workspace:*"
  },
  "jest": {
    "preset": "@next-auth/adapter-test/jest"
+  },
+  "dependencies": {
+    "uuid": "^8.3.2"
  }
 }
--- a/packages/adapter-mongodb/package.json
+++ b/packages/adapter-mongodb/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@next-auth/mongodb-adapter",
-  "version": "1.0.3",
+  "version": "1.0.4",
  "description": "mongoDB adapter for next-auth.",
  "homepage": "https://next-auth.js.org",
  "repository": "https://github.com/nextauthjs/next-auth",
@@ -32,7 +32,7 @@
  ],
  "peerDependencies": {
    "mongodb": "^4.1.1",
-    "next-auth": "workspace:*"
+    "next-auth": "^4"
  },
  "devDependencies": {
    "@next-auth/adapter-test": "workspace:^0.0.0",
@@ -44,4 +44,4 @@
  "jest": {
    "preset": "@next-auth/adapter-test/jest"
  }
-}
+}
--- a/packages/adapter-neo4j/package.json
+++ b/packages/adapter-neo4j/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@next-auth/neo4j-adapter",
-  "version": "1.0.3",
+  "version": "1.0.4",
  "description": "neo4j adapter for next-auth.",
  "homepage": "https://next-auth.js.org",
  "repository": "https://github.com/nextauthjs/next-auth",
@@ -34,7 +34,7 @@
  ],
  "peerDependencies": {
    "neo4j-driver": "^4.0.0",
-    "next-auth": "workspace:*"
+    "next-auth": "^4"
  },
  "devDependencies": {
    "@next-auth/adapter-test": "workspace:^0.0.0",
@@ -50,4 +50,4 @@
  "jest": {
    "preset": "@next-auth/adapter-test/jest"
  }
-}
+}
--- a/packages/adapter-pouchdb/package.json
+++ b/packages/adapter-pouchdb/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@next-auth/pouchdb-adapter",
-  "version": "0.1.3",
+  "version": "0.1.4",
  "description": "PouchDB adapter for next-auth.",
  "homepage": "https://next-auth.js.org",
  "repository": "https://github.com/nextauthjs/next-auth",
@@ -30,7 +30,7 @@
    "dist"
  ],
  "peerDependencies": {
-    "next-auth": "workspace:*",
+    "next-auth": "^3",
    "pouchdb": "^7.2.2",
    "pouchdb-find": "^7.2.2"
  },
@@ -51,4 +51,4 @@
  "jest": {
    "preset": "@next-auth/adapter-test/jest"
  }
-}
+}
--- a/packages/adapter-prisma/package.json
+++ b/packages/adapter-prisma/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@next-auth/prisma-adapter",
-  "version": "1.0.3",
+  "version": "1.0.4",
  "description": "Prisma adapter for next-auth.",
  "homepage": "https://next-auth.js.org",
  "repository": "https://github.com/nextauthjs/next-auth",
@@ -37,7 +37,7 @@
  ],
  "peerDependencies": {
    "@prisma/client": ">=2.26.0 || >=3",
-    "next-auth": "workspace:*"
+    "next-auth": "^4"
  },
  "devDependencies": {
    "@next-auth/adapter-test": "workspace:^0.0.0",
@@ -51,4 +51,4 @@
  "jest": {
    "preset": "@next-auth/adapter-test/jest"
  }
-}
+}
--- a/packages/adapter-sequelize/package.json
+++ b/packages/adapter-sequelize/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@next-auth/sequelize-adapter",
-  "version": "1.0.4",
+  "version": "1.0.5",
  "description": "Sequelize adapter for next-auth.",
  "homepage": "https://next-auth.js.org",
  "repository": "https://github.com/nextauthjs/next-auth",
@@ -29,7 +29,7 @@
    "dist"
  ],
  "peerDependencies": {
-    "next-auth": "workspace:*",
+    "next-auth": "^4",
    "sequelize": "^6.6.5"
  },
  "devDependencies": {
--- a/packages/adapter-test/jest/jest-preset.js
+++ b/packages/adapter-test/jest/jest-preset.js
@@ -1,7 +1,13 @@
+const swcConfig = {
+  jsc: {
+    parser: { syntax: "typescript", decorators: true },
+    transform: { legacyDecorator: true, decoratorMetadata: true },
+  },
+}
 module.exports = {
  transform: {
-    ".(ts|tsx)$": "@swc/jest",
-    ".(js|jsx)$": "@swc/jest", // jest's default
+    ".(ts|tsx)$": ["@swc/jest", swcConfig],
+    ".(js|jsx)$": ["@swc/jest", swcConfig],
  },
  transformIgnorePatterns: ["[/\\\\]node_modules[/\\\\].+\\.(js|jsx)$"],
  moduleFileExtensions: ["ts", "tsx", "js", "jsx", "json", "node"],
--- a/packages/adapter-typeorm-legacy/package.json
+++ b/packages/adapter-typeorm-legacy/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@next-auth/typeorm-legacy-adapter",
-  "version": "1.0.3",
+  "version": "2.0.0",
  "description": "TypeORM (legacy) adapter for next-auth.",
  "homepage": "https://next-auth.js.org",
  "repository": "https://github.com/nextauthjs/next-auth",
@@ -37,24 +37,25 @@
    "sqlite": "tests/sqlite/test.sh"
  },
  "devDependencies": {
-    "@next-auth/adapter-test": "workspace:^0.0.0",
-    "@next-auth/tsconfig": "workspace:^0.0.0",
+    "@next-auth/adapter-test": "workspace:*",
+    "@next-auth/tsconfig": "workspace:*",
    "jest": "^27.4.3",
    "mssql": "^7.2.1",
    "mysql": "^2.18.1",
    "next-auth": "workspace:*",
-    "pg": "^8.7.1",
-    "sqlite3": "^5.0.2",
-    "typeorm": "^0.2.37",
-    "typeorm-naming-strategies": "^2.0.0"
+    "pg": "^8.7.3",
+    "sqlite3": "^5.0.8",
+    "typeorm": "0.3.7",
+    "typeorm-naming-strategies": "^4.1.0",
+    "typescript": "^4.7.4"
  },
  "peerDependencies": {
    "mssql": "^6.2.1 || 7",
    "mysql": "^2.18.1",
-    "next-auth": "workspace:*",
+    "next-auth": "^4",
    "pg": "^8.2.1",
    "sqlite3": "^5.0.2",
-    "typeorm": "^0.2.31"
+    "typeorm": "0.3.7"
  },
  "peerDependenciesMeta": {
    "mysql": {
--- a/packages/adapter-typeorm-legacy/src/index.ts
+++ b/packages/adapter-typeorm-legacy/src/index.ts
@@ -1,13 +1,8 @@
-import { Adapter, AdapterSession, AdapterUser } from "next-auth/adapters"
-import {
-  Connection,
-  ConnectionOptions,
-  EntityManager,
-  getConnectionManager,
-} from "typeorm"
-import { Account } from "next-auth"
+import type { Adapter, AdapterSession, AdapterUser } from "next-auth/adapters"
+import { DataSourceOptions, DataSource, EntityManager } from "typeorm"
+import type { Account } from "next-auth"
 import * as defaultEntities from "./entities"
-import { parseConnectionConfig, updateConnectionEntities } from "./utils"
+import { parseDataSourceConfig, updateConnectionEntities } from "./utils"

 export const entities = defaultEntities

@@ -17,43 +12,40 @@ export interface TypeORMLegacyAdapterOptions {
  entities?: Entities
 }

-let _connection: Connection
+let _dataSource: DataSource | undefined

 export async function getManager(options: {
-  connection: string | ConnectionOptions
+  dataSource: string | DataSourceOptions
  entities: Entities
 }): Promise<EntityManager> {
-  const { connection, entities } = options
+  const { dataSource, entities } = options

  const config = {
-    ...parseConnectionConfig(connection),
+    ...parseDataSourceConfig(dataSource),
    entities: Object.values(entities),
  }

-  const connectionManager = getConnectionManager()
+  if (!_dataSource) _dataSource = new DataSource(config)

-  if (connectionManager.has(config.name ?? "default")) {
-    _connection = connectionManager.get(config.name ?? "default")
+  const manager = _dataSource?.manager

-    if (_connection.isConnected) return _connection.manager
-
-    if (process.env.NODE_ENV !== "production") {
-      await updateConnectionEntities(_connection, config.entities)
-    }
-  } else {
-    _connection = await connectionManager.create(config).connect()
+  if (!manager.connection.isInitialized) {
+    await manager.connection.initialize()
  }

-  return _connection.manager
+  if (process.env.NODE_ENV !== "production") {
+    await updateConnectionEntities(_dataSource, config.entities)
+  }
+  return manager
 }

 export function TypeORMLegacyAdapter(
-  connection: string | ConnectionOptions,
+  dataSource: string | DataSourceOptions,
  options?: TypeORMLegacyAdapterOptions
 ): Adapter {
  const entities = options?.entities
  const c = {
-    connection,
+    dataSource,
    entities: {
      UserEntity: entities?.UserEntity ?? defaultEntities.UserEntity,
      SessionEntity: entities?.SessionEntity ?? defaultEntities.SessionEntity,
@@ -82,14 +74,14 @@ export function TypeORMLegacyAdapter(
    // @ts-expect-error
    async getUser(id) {
      const m = await getManager(c)
-      const user = await m.findOne("UserEntity", { id })
+      const user = await m.findOne("UserEntity", { where: { id } })
      if (!user) return null
      return { ...user }
    },
    // @ts-expect-error
    async getUserByEmail(email) {
      const m = await getManager(c)
-      const user = await m.findOne("UserEntity", { email })
+      const user = await m.findOne("UserEntity", { where: { email } })
      if (!user) return null
      return { ...user }
    },
@@ -97,8 +89,7 @@ export function TypeORMLegacyAdapter(
      const m = await getManager(c)
      const account = await m.findOne<Account & { user: AdapterUser }>(
        "AccountEntity",
-        provider_providerAccountId,
-        { relations: ["user"] }
+        { where: provider_providerAccountId, relations: ["user"] }
      )
      if (!account) return null
      return account.user ?? null
@@ -136,7 +127,7 @@ export function TypeORMLegacyAdapter(
      const m = await getManager(c)
      const sessionAndUser = await m.findOne<
        AdapterSession & { user: AdapterUser }
-      >("SessionEntity", { sessionToken }, { relations: ["user"] })
+      >("SessionEntity", { where: { sessionToken }, relations: ["user"] })

      if (!sessionAndUser) return null
      const { user, ...session } = sessionAndUser
@@ -162,10 +153,9 @@ export function TypeORMLegacyAdapter(
    // @ts-expect-error
    async useVerificationToken(identifier_token) {
      const m = await getManager(c)
-      const verificationToken = await m.findOne(
-        "VerificationTokenEntity",
-        identifier_token
-      )
+      const verificationToken = await m.findOne("VerificationTokenEntity", {
+        where: identifier_token,
+      })
      if (!verificationToken) {
        return null
      }
--- a/packages/adapter-typeorm-legacy/src/utils.ts
+++ b/packages/adapter-typeorm-legacy/src/utils.ts
@@ -1,10 +1,10 @@
-import { Connection, ConnectionOptions } from "typeorm"
+import type { DataSource, DataSourceOptions } from "typeorm"
 import * as defaultEntities from "./entities"

 /** Ensure configOrString is normalized to an object. */
-export function parseConnectionConfig(
-  configOrString: string | ConnectionOptions
-): ConnectionOptions {
+export function parseDataSourceConfig(
+  configOrString: string | DataSourceOptions
+): DataSourceOptions {
  if (typeof configOrString !== "string") {
    return {
      ...configOrString,
@@ -89,22 +89,22 @@ function entitiesChanged(
 }

 export async function updateConnectionEntities(
-  connection: Connection,
+  dataSource: DataSource,
  entities: any[]
 ) {
-  if (!entitiesChanged(connection.options.entities, entities)) return
+  if (!entitiesChanged(dataSource.entityMetadatas, entities)) return

  // @ts-expect-error
-  connection.options.entities = entities
+  dataSource.entityMetadatas = entities

  // @ts-expect-error
-  connection.buildMetadatas()
+  dataSource.buildMetadatas()

-  if (connection.options.synchronize !== false) {
+  if (dataSource.options.synchronize !== false) {
    console.warn(
      "[next-auth][warn][adapter_typeorm_updating_entities]",
      "\nhttps://next-auth.js.org/warnings#adapter_typeorm_updating_entities"
    )
-    await connection.synchronize()
+    await dataSource.synchronize()
  }
 }
--- a/packages/adapter-typeorm-legacy/tests/helpers.ts
+++ b/packages/adapter-typeorm-legacy/tests/helpers.ts
@@ -1,46 +1,49 @@
-import { ConnectionManager, ConnectionOptions } from "typeorm"
-import { TestOptions } from "@next-auth/adapter-test"
+import { DataSource } from "typeorm"
+import type { DataSourceOptions } from "typeorm"
+import type { TestOptions } from "@next-auth/adapter-test"
 import * as defaultEntities from "../src/entities"
-import { parseConnectionConfig } from "../src/utils"
+import { parseDataSourceConfig } from "../src/utils"

 export { defaultEntities }

+console.warn = jest.fn()
+
 /** Set up Test Database */
 export function db(
-  config: string | ConnectionOptions,
+  config: string | DataSourceOptions,
  entities: typeof defaultEntities = defaultEntities
 ): TestOptions["db"] {
-  const connection = new ConnectionManager().create({
-    ...parseConnectionConfig(config),
+  const connection = new DataSource({
+    ...parseDataSourceConfig(config),
    entities: Object.values(entities),
-  })
+  }).manager.connection

  const m = connection.manager
  return {
-    connect: async () => await connection.connect(),
-    disconnect: async () => await connection.close(),
+    connect: async () => await connection.initialize(),
+    disconnect: async () => await connection.destroy(),
    async user(id) {
-      const user = await m.findOne(entities.UserEntity, id)
+      const user = await m.findOne(entities.UserEntity, { where: { id } })
      return user ?? null
    },
    async account(provider_providerAccountId) {
-      const account = await m.findOne(
-        entities.AccountEntity,
-        provider_providerAccountId
-      )
+      const account = await m.findOne(entities.AccountEntity, {
+        where: provider_providerAccountId,
+      })
      return account ?? null
    },
    async session(sessionToken) {
-      const session = await m.findOne(entities.SessionEntity, { sessionToken })
+      const session = await m.findOne(entities.SessionEntity, {
+        where: { sessionToken },
+      })
      return session ?? null
    },
    async verificationToken(token_identifier) {
      const verificationToken = await m.findOne(
        entities.VerificationTokenEntity,
-        token_identifier
+        { where: token_identifier }
      )
      if (!verificationToken) return null
-      // @ts-expect-error
      const { id: _, ...rest } = verificationToken
      return rest
    },
--- a/packages/adapter-typeorm-legacy/tests/index.test.ts
+++ b/packages/adapter-typeorm-legacy/tests/index.test.ts
@@ -1,11 +1,9 @@
-// eslint-disable-next-line @typescript-eslint/prefer-ts-expect-error
-// @ts-ignore
-import { parseConnectionString } from "../src/lib/config"
+import { parseDataSourceConfig } from "../src/utils"

 const connectionString = "mysql://root:password@localhost:3306/next-auth"

 test("could parse connection string", () => {
-  expect(parseConnectionString(connectionString)).toEqual(
+  expect(parseDataSourceConfig(connectionString)).toEqual(
    expect.objectContaining({
      type: "mysql",
      host: "localhost",
--- a/packages/adapter-typeorm-legacy/tests/sqlite/index.test.ts
+++ b/packages/adapter-typeorm-legacy/tests/sqlite/index.test.ts
@@ -3,9 +3,9 @@ import { TypeORMLegacyAdapter } from "../../src"
 import { db } from "../helpers"
 import { SnakeNamingStrategy } from "typeorm-naming-strategies"

-import type { ConnectionOptions } from "typeorm"
+import type { DataSourceOptions } from "typeorm"

-const sqliteConfig: ConnectionOptions = {
+const sqliteConfig: DataSourceOptions = {
  type: "sqlite" as const,
  name: "next-auth-test-memory",
  database: "./tests/sqlite/dev.db",
--- a/packages/adapter-upstash-redis/package.json
+++ b/packages/adapter-upstash-redis/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@next-auth/upstash-redis-adapter",
-  "version": "3.0.0",
+  "version": "3.0.1",
  "description": "Upstash adapter for next-auth. It uses Upstash's connectionless (HTTP based) Redis client.",
  "homepage": "https://next-auth.js.org",
  "repository": "https://github.com/nextauthjs/next-auth",
@@ -31,7 +31,7 @@
  ],
  "peerDependencies": {
    "@upstash/redis": "^1.0.1",
-    "next-auth": "workspace:*"
+    "next-auth": "^4"
  },
  "devDependencies": {
    "@next-auth/adapter-test": "workspace:^0.0.0",
@@ -39,6 +39,7 @@
    "@types/uuid": "^8.3.3",
    "@upstash/redis": "^1.0.1",
    "dotenv": "^10.0.0",
+    "isomorphic-fetch": "3.0.0",
    "jest": "^27.4.3",
    "next-auth": "workspace:*"
  },
@@ -48,4 +49,4 @@
  "jest": {
    "preset": "@next-auth/adapter-test/jest"
  }
-}
+}
--- a/packages/adapter-upstash-redis/tests/index.test.ts
+++ b/packages/adapter-upstash-redis/tests/index.test.ts
@@ -1,3 +1,4 @@
+import "isomorphic-fetch"
 import { Redis } from "@upstash/redis"
 import { runBasicTests } from "@next-auth/adapter-test"
 import { hydrateDates, UpstashRedisAdapter } from "../src"
@@ -7,41 +8,42 @@ if (!process.env.UPSTASH_REDIS_URL || !process.env.UPSTASH_REDIS_KEY) {
  test("Skipping UpstashRedisAdapter tests, since required environment variables aren't available", () => {
    expect(true).toBe(true)
  })
-} else {
-  const client = new Redis({
-    url: process.env.UPSTASH_REDIS_URL,
-    token: process.env.UPSTASH_REDIS_KEY,
-  })
-
-  runBasicTests({
-    adapter: UpstashRedisAdapter(client, { baseKeyPrefix: "testApp:" }),
-    db: {
-      async user(id: string) {
-        const data = await client.get<object>(`testApp:user:${id}`)
-        if (!data) return null
-        return hydrateDates(data)
-      },
-      async account({ provider, providerAccountId }) {
-        const data = await client.get<object>(
-          `testApp:user:account:${provider}:${providerAccountId}`
-        )
-        if (!data) return null
-        return hydrateDates(data)
-      },
-      async session(sessionToken) {
-        const data = await client.get<object>(
-          `testApp:user:session:${sessionToken}`
-        )
-        if (!data) return null
-        return hydrateDates(data)
-      },
-      async verificationToken(where) {
-        const data = await client.get<object>(
-          `testApp:user:token:${where.identifier}`
-        )
-        if (!data) return null
-        return hydrateDates(data)
-      },
-    },
-  })
+  process.exit(0)
 }
+
+const client = new Redis({
+  url: process.env.UPSTASH_REDIS_URL,
+  token: process.env.UPSTASH_REDIS_KEY,
+})
+
+runBasicTests({
+  adapter: UpstashRedisAdapter(client, { baseKeyPrefix: "testApp:" }),
+  db: {
+    async user(id: string) {
+      const data = await client.get<object>(`testApp:user:${id}`)
+      if (!data) return null
+      return hydrateDates(data)
+    },
+    async account({ provider, providerAccountId }) {
+      const data = await client.get<object>(
+        `testApp:user:account:${provider}:${providerAccountId}`
+      )
+      if (!data) return null
+      return hydrateDates(data)
+    },
+    async session(sessionToken) {
+      const data = await client.get<object>(
+        `testApp:user:session:${sessionToken}`
+      )
+      if (!data) return null
+      return hydrateDates(data)
+    },
+    async verificationToken(where) {
+      const data = await client.get<object>(
+        `testApp:user:token:${where.identifier}`
+      )
+      if (!data) return null
+      return hydrateDates(data)
+    },
+  },
+})
--- a/packages/next-auth/package.json
+++ b/packages/next-auth/package.json
@@ -1,6 +1,6 @@
 {
  "name": "next-auth",
-  "version": "4.9.0",
+  "version": "4.10.2",
  "description": "Authentication for Next.js",
  "homepage": "https://next-auth.js.org",
  "repository": "https://github.com/nextauthjs/next-auth.git",
@@ -8,7 +8,8 @@
  "contributors": [
    "Balázs Orbán <info@balazsorban.com>",
    "Nico Domino <yo@ndo.dev>",
-    "Lluis Agusti <hi@llu.lu>"
+    "Lluis Agusti <hi@llu.lu>",
+    "Thang Huu Vu <thvu@hey.com>"
  ],
  "main": "index.js",
  "module": "index.js",
@@ -107,8 +108,8 @@
    "@types/node": "^17.0.42",
    "@types/nodemailer": "^6.4.4",
    "@types/oauth": "^0.9.1",
-    "@types/react": "^18.0.2",
-    "@types/react-dom": "^18.0.5",
+    "@types/react": "^18.0.15",
+    "@types/react-dom": "^18.0.6",
    "autoprefixer": "^10.4.7",
    "babel-plugin-jsx-pragmatic": "^1.0.2",
    "babel-preset-preact": "^2.0.0",
@@ -117,7 +118,7 @@
    "jest-environment-jsdom": "^28.1.1",
    "jest-watch-typeahead": "^1.1.0",
    "msw": "^0.42.3",
-    "next": "12.1.7-canary.51",
+    "next": "12.2.0",
    "postcss": "^8.4.14",
    "postcss-cli": "^9.1.0",
    "postcss-nested": "^5.0.6",
@@ -138,4 +139,4 @@
    "**/tests",
    "**/__tests__"
  ]
-}
+}
--- a/packages/next-auth/src/client/tests/csrf.test.js
+++ b/packages/next-auth/src/client/tests/csrf.test.js
@@ -79,7 +79,7 @@ test("when the fetch fails it'll throw a client fetch error", async () => {
  await waitFor(() => {
    expect(logger.error).toHaveBeenCalledTimes(1)
    expect(logger.error).toBeCalledWith("CLIENT_FETCH_ERROR", {
-      path: "csrf",
+      url: "/api/auth/csrf",
      error: new SyntaxError("Unexpected token s in JSON at position 0"),
    })
  })
--- a/packages/next-auth/src/client/tests/providers.test.js
+++ b/packages/next-auth/src/client/tests/providers.test.js
@@ -57,7 +57,7 @@ test("when failing to fetch the providers, it'll log the error", async () => {
  await waitFor(() => {
    expect(logger.error).toHaveBeenCalledTimes(1)
    expect(logger.error).toBeCalledWith("CLIENT_FETCH_ERROR", {
-      path: "providers",
+      url: "/api/auth/providers",
      error: new SyntaxError("Unexpected token s in JSON at position 0"),
    })
  })
--- a/packages/next-auth/src/client/tests/session.test.js
+++ b/packages/next-auth/src/client/tests/session.test.js
@@ -71,7 +71,7 @@ test("if there's an error fetching the session, it should log it", async () => {
  await waitFor(() => {
    expect(logger.error).toHaveBeenCalledTimes(1)
    expect(logger.error).toBeCalledWith("CLIENT_FETCH_ERROR", {
-      path: "session",
+      url: "/api/auth/session",
      error: new SyntaxError("Unexpected token S in JSON at position 0"),
    })
  })
--- a/packages/next-auth/src/client/tests/sign-in.test.js
+++ b/packages/next-auth/src/client/tests/sign-in.test.js
@@ -256,7 +256,7 @@ test("when it fails to fetch the providers, it redirected back to signin page",
    expect(logger.error).toHaveBeenCalledTimes(1)
    expect(logger.error).toBeCalledWith("CLIENT_FETCH_ERROR", {
      error: "Error when retrieving providers",
-      path: "providers",
+      url: "/api/auth/providers",
    })
  })
 })
--- a/packages/next-auth/src/client/_utils.ts
+++ b/packages/next-auth/src/client/_utils.ts
@@ -35,20 +35,17 @@ export async function fetchData<T = any>(
  logger: LoggerInstance,
  { ctx, req = ctx?.req }: CtxOrReq = {}
 ): Promise<T | null> {
+  const url = `${apiBaseUrl(__NEXTAUTH)}/${path}`
  try {
    const options = req?.headers.cookie
      ? { headers: { cookie: req.headers.cookie } }
      : {}
-    const res = await fetch(`${apiBaseUrl(__NEXTAUTH)}/${path}`, options)
+    const res = await fetch(url, options)
    const data = await res.json()
    if (!res.ok) throw data
    return Object.keys(data).length > 0 ? data : null // Return null if data empty
  } catch (error) {
-    logger.error("CLIENT_FETCH_ERROR", {
-      error: error as Error,
-      path,
-      ...(req ? { header: req.headers } : {}),
-    })
+    logger.error("CLIENT_FETCH_ERROR", { error: error as Error, url })
    return null
  }
 }
--- a/packages/next-auth/src/core/index.ts
+++ b/packages/next-auth/src/core/index.ts
@@ -90,8 +90,8 @@ export async function NextAuthHandler<

  const assertionResult = assertConfig({ options: userOptions, req })

-  if (typeof assertionResult === "string") {
-    logger.warn(assertionResult)
+  if (Array.isArray(assertionResult)) {
+    assertionResult.forEach(logger.warn)
  } else if (assertionResult instanceof Error) {
    // Bail out early if there's an error in the user config
    const { pages, theme } = userOptions
--- a/packages/next-auth/src/core/init.ts
+++ b/packages/next-auth/src/core/init.ts
@@ -3,7 +3,7 @@ import logger from "../utils/logger"
 import parseUrl from "../utils/parse-url"
 import { adapterErrorHandler, eventsErrorHandler } from "./errors"
 import parseProviders from "./lib/providers"
-import createSecret from "./lib/utils"
+import { createSecret } from "./lib/utils"
 import * as cookie from "./lib/cookie"
 import * as jwt from "../jwt"
 import { defaultCallbacks } from "./lib/default-callbacks"
--- a/packages/next-auth/src/core/lib/assert.ts
+++ b/packages/next-auth/src/core/lib/assert.ts
@@ -9,8 +9,9 @@ import {
 import parseUrl from "../../utils/parse-url"
 import { defaultCookies } from "./cookie"

-import type { NextAuthHandlerParams, RequestInternal } from ".."
+import type { RequestInternal } from ".."
 import type { WarningCode } from "../../utils/logger"
+import type { NextAuthOptions } from "../types"

 type ConfigError =
  | MissingAPIRoute
@@ -19,7 +20,7 @@ type ConfigError =
  | MissingAuthorize
  | MissingAdapter

-let twitterWarned = false
+let warned = false

 function isValidHttpUrl(url: string, baseUrl: string) {
  try {
@@ -37,13 +38,28 @@ function isValidHttpUrl(url: string, baseUrl: string) {
 *
 * REVIEW: Make some of these and corresponding docs less Next.js specific?
 */
-export function assertConfig(
-  params: NextAuthHandlerParams & {
-    req: RequestInternal
-  }
-): ConfigError | WarningCode | undefined {
+export function assertConfig(params: {
+  options: NextAuthOptions
+  req: RequestInternal
+}): ConfigError | WarningCode[] {
  const { options, req } = params

+  const warnings: WarningCode[] = []
+
+  if (!warned) {
+    if (!req.host) warnings.push("NEXTAUTH_URL")
+
+    // TODO: Make this throw an error in next major. This will also get rid of `NODE_ENV`
+    if (!options.secret && process.env.NODE_ENV !== "production")
+      warnings.push("NO_SECRET")
+
+    if (options.debug) warnings.push("DEBUG_ENABLED")
+  }
+
+  if (!options.secret && process.env.NODE_ENV === "production") {
+    return new MissingSecret("Please define a `secret` in production.")
+  }
+
  // req.query isn't defined when asserting `unstable_getServerSession` for example
  if (!req.query?.nextauth && !req.action) {
    return new MissingAPIRoute(
@@ -51,14 +67,6 @@ export function assertConfig(
    )
  }

-  if (!options.secret) {
-    if (process.env.NODE_ENV === "production") {
-      return new MissingSecret("Please define a `secret` in production.")
-    } else {
-      return "NO_SECRET"
-    }
-  }
-
  const callbackUrlParam = req.query?.callbackUrl as string | undefined

  const url = parseUrl(req.host)
@@ -69,9 +77,6 @@ export function assertConfig(
    )
  }

-  // This is below the callbackUrlParam check because it would obscure the error
-  if (!req.host) return "NEXTAUTH_URL"
-
  const { callbackUrl: defaultCallbackUrl } = defaultCookies(
    options.useSecureCookies ?? url.base.startsWith("https://")
  )
@@ -119,8 +124,10 @@ export function assertConfig(
    return new MissingAdapter("E-mail login requires an adapter.")
  }

-  if (!twitterWarned && hasTwitterOAuth2) {
-    twitterWarned = true
-    return "TWITTER_OAUTH_2_BETA"
+  if (!warned) {
+    if (hasTwitterOAuth2) warnings.push("TWITTER_OAUTH_2_BETA")
+    warned = true
  }
+
+  return warnings
 }
--- a/packages/next-auth/src/core/lib/email/signin.ts
+++ b/packages/next-auth/src/core/lib/email/signin.ts
@@ -9,9 +9,8 @@ import type { InternalOptions } from "../../types"
 export default async function email(
  identifier: string,
  options: InternalOptions<"email">
-) {
-  const { url, adapter, provider, logger, callbackUrl, theme } = options
-
+): Promise<string> {
+  const { url, adapter, provider, callbackUrl, theme } = options
  // Generate token
  const token =
    (await provider.generateVerificationToken?.()) ??
@@ -34,22 +33,18 @@ export default async function email(
  const params = new URLSearchParams({ callbackUrl, token, email: identifier })
  const _url = `${url}/callback/${provider.id}?${params}`

-  try {
-    // Send to user
-    await provider.sendVerificationRequest({
-      identifier,
-      token,
-      expires,
-      url: _url,
-      provider,
-      theme,
-    })
-  } catch (error) {
-    logger.error("SEND_VERIFICATION_EMAIL_ERROR", {
-      identifier,
-      url,
-      error: error as Error,
-    })
-    throw new Error("SEND_VERIFICATION_EMAIL_ERROR")
-  }
+  // Send to user
+  await provider.sendVerificationRequest({
+    identifier,
+    token,
+    expires,
+    url: _url,
+    provider,
+    theme,
+  })
+
+  return `${url}/verify-request?${new URLSearchParams({
+    provider: provider.id,
+    type: provider.type,
+  })}`
 }
--- a/packages/next-auth/src/core/lib/oauth/authorization-url.ts
+++ b/packages/next-auth/src/core/lib/oauth/authorization-url.ts
@@ -14,66 +14,63 @@ import type { Cookie } from "../cookie"
 *
 * [OAuth 2](https://www.oauth.com/oauth2-servers/authorization/the-authorization-request/) | [OAuth 1](https://oauth.net/core/1.0a/#auth_step2)
 */
-export default async function getAuthorizationUrl(params: {
+export default async function getAuthorizationUrl({
+  options,
+  query,
+}: {
  options: InternalOptions<"oauth">
  query: RequestInternal["query"]
 }) {
-  const { options, query } = params
  const { logger, provider } = options
-  try {
-    let params: any = {}
+  let params: any = {}

-    if (typeof provider.authorization === "string") {
-      const parsedUrl = new URL(provider.authorization)
-      const parsedParams = Object.fromEntries(parsedUrl.searchParams.entries())
-      params = { ...params, ...parsedParams }
-    } else {
-      params = { ...params, ...provider.authorization?.params }
-    }
-
-    params = { ...params, ...query }
-
-    // Handle OAuth v1.x
-    if (provider.version?.startsWith("1.")) {
-      const client = oAuth1Client(options)
-      const tokens = (await client.getOAuthRequestToken(params)) as any
-      const url = `${
-        // @ts-expect-error
-        provider.authorization?.url ?? provider.authorization
-      }?${new URLSearchParams({
-        oauth_token: tokens.oauth_token,
-        oauth_token_secret: tokens.oauth_token_secret,
-        ...tokens.params,
-      })}`
-
-      logger.debug("GET_AUTHORIZATION_URL", { url })
-      return { redirect: url }
-    }
-
-    const client = await openidClient(options)
-
-    const authorizationParams: AuthorizationParameters = params
-    const cookies: Cookie[] = []
-
-    const state = await createState(options)
-    if (state) {
-      authorizationParams.state = state.value
-      cookies.push(state.cookie)
-    }
-
-    const pkce = await createPKCE(options)
-    if (pkce) {
-      authorizationParams.code_challenge = pkce.code_challenge
-      authorizationParams.code_challenge_method = pkce.code_challenge_method
-      cookies.push(pkce.cookie)
-    }
-
-    const url = client.authorizationUrl(authorizationParams)
-
-    logger.debug("GET_AUTHORIZATION_URL", { url, cookies })
-    return { redirect: url, cookies }
-  } catch (error) {
-    logger.error("GET_AUTHORIZATION_URL_ERROR", error as Error)
-    throw error
+  if (typeof provider.authorization === "string") {
+    const parsedUrl = new URL(provider.authorization)
+    const parsedParams = Object.fromEntries(parsedUrl.searchParams.entries())
+    params = { ...params, ...parsedParams }
+  } else {
+    params = { ...params, ...provider.authorization?.params }
  }
+
+  params = { ...params, ...query }
+
+  // Handle OAuth v1.x
+  if (provider.version?.startsWith("1.")) {
+    const client = oAuth1Client(options)
+    const tokens = (await client.getOAuthRequestToken(params)) as any
+    const url = `${
+      // @ts-expect-error
+      provider.authorization?.url ?? provider.authorization
+    }?${new URLSearchParams({
+      oauth_token: tokens.oauth_token,
+      oauth_token_secret: tokens.oauth_token_secret,
+      ...tokens.params,
+    })}`
+
+    logger.debug("GET_AUTHORIZATION_URL", { url, provider })
+    return { redirect: url }
+  }
+
+  const client = await openidClient(options)
+
+  const authorizationParams: AuthorizationParameters = params
+  const cookies: Cookie[] = []
+
+  const state = await createState(options)
+  if (state) {
+    authorizationParams.state = state.value
+    cookies.push(state.cookie)
+  }
+
+  const pkce = await createPKCE(options)
+  if (pkce) {
+    authorizationParams.code_challenge = pkce.code_challenge
+    authorizationParams.code_challenge_method = pkce.code_challenge_method
+    cookies.push(pkce.cookie)
+  }
+
+  const url = client.authorizationUrl(authorizationParams)
+
+  logger.debug("GET_AUTHORIZATION_URL", { url, cookies, provider })
+  return { redirect: url, cookies }
 }
--- a/packages/next-auth/src/core/lib/oauth/callback.ts
+++ b/packages/next-auth/src/core/lib/oauth/callback.ts
@@ -28,9 +28,9 @@ export default async function oAuthCallback(params: {
    logger.error("OAUTH_CALLBACK_HANDLER_ERROR", {
      error,
      error_description: query?.error_description,
-      body,
      providerId: provider.id,
    })
+    logger.debug("OAUTH_CALLBACK_HANDLER_ERROR", { body })
    throw error
  }

@@ -199,10 +199,7 @@ async function getProfile({
    // all providers, so we return an empty object; the user should then be
    // redirected back to the sign up page. We log the error to help developers
    // who might be trying to debug this when configuring a new provider.
-    logger.error("OAUTH_PARSE_PROFILE_ERROR", {
-      error: error as Error,
-      OAuthProfile,
-    })
+    logger.error("OAUTH_PARSE_PROFILE_ERROR", error as Error)
    return {
      profile: null,
      account: null,
--- a/packages/next-auth/src/core/lib/utils.ts
+++ b/packages/next-auth/src/core/lib/utils.ts
@@ -28,7 +28,7 @@ export function hashToken(token: string, options: InternalOptions<"email">) {
 * If no secret option is specified then it creates one on the fly
 * based on options passed here. If options contains unique data, such as
 * OAuth provider secrets and database credentials it should be sufficent. If no secret provided in production, we throw an error. */
-export default function createSecret(params: {
+export function createSecret(params: {
  userOptions: NextAuthOptions
  url: InternalUrl
 }) {
@@ -36,6 +36,7 @@ export default function createSecret(params: {

  return (
    userOptions.secret ??
+    // TODO: Remove falling back to default secret, and error in dev if one isn't provided
    createHash("sha256")
      .update(JSON.stringify({ ...url, ...userOptions }))
      .digest("hex")
--- a/packages/next-auth/src/core/routes/signin.ts
+++ b/packages/next-auth/src/core/routes/signin.ts
@@ -26,7 +26,10 @@ export default async function signin(params: {
      const response = await getAuthorizationUrl({ options, query })
      return response
    } catch (error) {
-      logger.error("SIGNIN_OAUTH_ERROR", { error: error as Error, provider })
+      logger.error("SIGNIN_OAUTH_ERROR", {
+        error: error as Error,
+        providerId: provider.id,
+      })
      return { redirect: `${url}/error?error=OAuthSignin` }
    }
  } else if (provider.type === "email") {
@@ -79,18 +82,15 @@ export default async function signin(params: {
    }

    try {
-      await emailSignin(email, options)
+      const redirect = await emailSignin(email, options)
+      return { redirect }
    } catch (error) {
-      logger.error("SIGNIN_EMAIL_ERROR", error as Error)
+      logger.error("SIGNIN_EMAIL_ERROR", {
+        error: error as Error,
+        providerId: provider.id,
+      })
      return { redirect: `${url}/error?error=EmailSignin` }
    }
-
-    const params = new URLSearchParams({
-      provider: provider.id,
-      type: provider.type,
-    })
-
-    return { redirect: `${url}/verify-request?${params}` }
  }
  return { redirect: `${url}/signin` }
 }
--- a/packages/next-auth/src/core/types.ts
+++ b/packages/next-auth/src/core/types.ts
@@ -214,7 +214,7 @@ export interface NextAuthOptions {
 * [Pages](https://next-auth.js.org/configuration/pages)
 */
 export interface Theme {
-  colorScheme: "auto" | "dark" | "light"
+  colorScheme?: "auto" | "dark" | "light"
  logo?: string
  brandColor?: string
  buttonText?: string
--- a/packages/next-auth/src/next/middleware.ts
+++ b/packages/next-auth/src/next/middleware.ts
@@ -84,12 +84,22 @@ export interface NextAuthMiddlewareOptions {
     */
    authorized?: AuthorizedCallback
  }
+
+  /**
+   * The same `secret` used in the `NextAuth` configuration.
+   * Defaults to the `NEXTAUTH_SECRET` environment variable.
+   */
+  secret?: string
 }

+// TODO: `NextMiddleware` should allow returning `void`
+// Simplify when https://github.com/vercel/next.js/pull/38625 is merged.
+type NextMiddlewareResult = ReturnType<NextMiddleware> | void // eslint-disable-line @typescript-eslint/no-invalid-void-type
+
 async function handleMiddleware(
  req: NextRequest,
  options: NextAuthMiddlewareOptions | undefined,
-  onSuccess?: (token: JWT | null) => Promise<any>
+  onSuccess?: (token: JWT | null) => Promise<NextMiddlewareResult>
 ) {
  const signInPage = options?.pages?.signIn ?? "/api/auth/signin"
  const errorPage = options?.pages?.error ?? "/api/auth/error"
@@ -102,7 +112,8 @@ async function handleMiddleware(
    return
  }

-  if (!process.env.NEXTAUTH_SECRET) {
+  const secret = options?.secret ?? process.env.NEXTAUTH_SECRET
+  if (!secret) {
    console.error(
      `[next-auth][error][NO_SECRET]`,
      `\nhttps://next-auth.js.org/errors#no_secret`
@@ -118,6 +129,7 @@ async function handleMiddleware(
    req,
    decode: options?.jwt?.decode,
    cookieName: options?.cookies?.sessionToken?.name,
+    secret,
  })

  const isAuthorized =
@@ -135,12 +147,21 @@ async function handleMiddleware(
  return NextResponse.redirect(signInUrl)
 }

+export interface NextRequestWithAuth extends NextRequest {
+  nextauth: { token: JWT | null }
+}
+
+export type NextMiddlewareWithAuth = (
+  request: NextRequestWithAuth,
+  event: NextFetchEvent
+) => NextMiddlewareResult | Promise<NextMiddlewareResult>
+
 export type WithAuthArgs =
-  | [NextRequest]
-  | [NextRequest, NextFetchEvent]
-  | [NextRequest, NextAuthMiddlewareOptions]
-  | [NextMiddleware]
-  | [NextMiddleware, NextAuthMiddlewareOptions]
+  | [NextRequestWithAuth]
+  | [NextRequestWithAuth, NextFetchEvent]
+  | [NextRequestWithAuth, NextAuthMiddlewareOptions]
+  | [NextMiddlewareWithAuth]
+  | [NextMiddlewareWithAuth, NextAuthMiddlewareOptions]
  | [NextAuthMiddlewareOptions]
  | []

@@ -168,9 +189,9 @@ export function withAuth(...args: WithAuthArgs) {
  if (typeof args[0] === "function") {
    const middleware = args[0]
    const options = args[1] as NextAuthMiddlewareOptions | undefined
-    return async (...args: Parameters<NextMiddleware>) =>
+    return async (...args: Parameters<NextMiddlewareWithAuth>) =>
      await handleMiddleware(args[0], options, async (token) => {
-        ;(args[0] as any).nextauth = { token }
+        args[0].nextauth = { token }
        return await middleware(...args)
      })
  }
--- a/packages/next-auth/src/providers/azure-ad-b2c.ts
+++ b/packages/next-auth/src/providers/azure-ad-b2c.ts
@@ -19,16 +19,19 @@ export interface AzureB2CProfile extends Record<string, any> {

 export default function AzureADB2C<P extends AzureB2CProfile>(
  options: OAuthUserConfig<P> & {
-    primaryUserFlow: string
-    tenantId: string
+    primaryUserFlow?: string
+    tenantId?: string
  }
 ): OAuthConfig<P> {
  const { tenantId, primaryUserFlow } = options
+  const issuer =
+    options.issuer ??
+    `https://${tenantId}.b2clogin.com/${tenantId}.onmicrosoft.com/${primaryUserFlow}/v2.0`
  return {
    id: "azure-ad-b2c",
    name: "Azure Active Directory B2C",
    type: "oauth",
-    wellKnown: `https://${tenantId}.b2clogin.com/${tenantId}.onmicrosoft.com/${primaryUserFlow}/v2.0/.well-known/openid-configuration`,
+    wellKnown: `${issuer}/.well-known/openid-configuration`,
    idToken: true,
    profile(profile) {
      return {
--- a/packages/next-auth/src/providers/azure-ad.ts
+++ b/packages/next-auth/src/providers/azure-ad.ts
@@ -2,7 +2,7 @@ import type { OAuthConfig, OAuthUserConfig } from "."

 export interface AzureADProfile extends Record<string, any> {
  sub: string
-  nicname: string
+  nickname: string
  email: string
  picture: string
 }
--- a/packages/next-auth/src/providers/duende-identity-server6.ts
+++ b/packages/next-auth/src/providers/duende-identity-server6.ts
@@ -0,0 +1,31 @@
+import type { OAuthConfig, OAuthUserConfig } from "./oauth"
+
+export interface DuendeISUser extends Record<string, any> {
+  email: string
+  id: string
+  name: string
+  verified: boolean
+}
+
+export default function DuendeIdentityServer6<P extends DuendeISUser>(
+  options: OAuthUserConfig<P>
+): OAuthConfig<P> {
+  return {
+    id: "duende-identityserver6",
+    name: "DuendeIdentityServer6",
+    type: "oauth",
+    wellKnown: `${options.issuer}/.well-known/openid-configuration`,
+    authorization: { params: { scope: "openid profile email" } },
+    checks: ["pkce", "state"],
+    idToken: true,
+    profile(profile) {
+      return {
+        id: profile.sub,
+        name: profile.name,
+        email: profile.email,
+        image: null,
+      }
+    },
+    options,
+  }
+}
--- a/packages/next-auth/src/providers/email.ts
+++ b/packages/next-auth/src/providers/email.ts
@@ -1,7 +1,7 @@
 import { createTransport } from "nodemailer"

 import type { CommonProviderOptions } from "."
-import type { Options as SMTPConnectionOptions } from "nodemailer/lib/smtp-connection"
+import type { Options as SMTPTransportOptions } from "nodemailer/lib/smtp-transport"
 import type { Awaitable } from ".."
 import type { Theme } from "../core/types"

@@ -17,7 +17,7 @@ export interface SendVerificationRequestParams {
 export interface EmailConfig extends CommonProviderOptions {
  type: "email"
  // TODO: Make use of https://www.typescriptlang.org/docs/handbook/2/template-literal-types.html
-  server: string | SMTPConnectionOptions
+  server: string | SMTPTransportOptions
  /** @default "NextAuth <no-reply@example.com>" */
  from?: string
  /**
--- a/packages/next-auth/src/providers/github.js
+++ b/packages/next-auth/src/providers/github.js
@@ -1,44 +0,0 @@
-/** @type {import(".").OAuthProvider} */
-export default function GitHub(options) {
-  return {
-    id: "github",
-    name: "GitHub",
-    type: "oauth",
-    authorization: "https://github.com/login/oauth/authorize?scope=read:user+user:email",
-    token: "https://github.com/login/oauth/access_token",
-    userinfo: {
-      url: "https://api.github.com/user",
-      async request({ client, tokens }) {
-        // Get base profile
-        const profile = await client.userinfo(tokens)
-
-        // If user has email hidden, get their primary email from the GitHub API
-        if (!profile.email) {
-          const emails = await (
-            await fetch("https://api.github.com/user/emails", {
-              headers: { Authorization: `token ${tokens.access_token}` },
-            })
-          ).json()
-
-          if (emails?.length > 0) {
-            // Get primary email
-            profile.email = emails.find(email => email.primary)?.email;
-            // And if for some reason it doesn't exist, just use the first
-            if (!profile.email) profile.email = emails[0].email;
-          }
-        }
-
-        return profile
-      },
-    },
-    profile(profile) {
-      return {
-        id: profile.id.toString(),
-        name: profile.name || profile.login,
-        email: profile.email,
-        image: profile.avatar_url,
-      }
-    },
-    options,
-  }
-}
--- a/packages/next-auth/src/providers/github.ts
+++ b/packages/next-auth/src/providers/github.ts
@@ -0,0 +1,103 @@
+import type { OAuthConfig, OAuthUserConfig } from "."
+
+/** @see https://docs.github.com/en/rest/users/users#get-the-authenticated-user */
+export interface GithubProfile extends Record<string, any> {
+  login: string
+  id: number
+  node_id: string
+  avatar_url: string
+  gravatar_id: string | null
+  url: string
+  html_url: string
+  followers_url: string
+  following_url: string
+  gists_url: string
+  starred_url: string
+  subscriptions_url: string
+  organizations_url: string
+  repos_url: string
+  events_url: string
+  received_events_url: string
+  type: string
+  site_admin: boolean
+  name: string | null
+  company: string | null
+  blog: string | null
+  location: string | null
+  email: string | null
+  hireable: boolean | null
+  bio: string | null
+  twitter_username?: string | null
+  public_repos: number
+  public_gists: number
+  followers: number
+  following: number
+  created_at: string
+  updated_at: string
+  private_gists?: number
+  total_private_repos?: number
+  owned_private_repos?: number
+  disk_usage?: number
+  suspended_at?: string | null
+  collaborators?: number
+  two_factor_authentication: boolean
+  plan?: {
+    collaborators: number
+    name: string
+    space: number
+    private_repos: number
+  }
+}
+
+export interface GithubEmail extends Record<string, any> {
+  email: string
+  primary: boolean
+  verified: boolean
+  visibility: "public" | "private"
+}
+
+export default function Github<P extends GithubProfile>(
+  options: OAuthUserConfig<P>
+): OAuthConfig<P> {
+  return {
+    id: "github",
+    name: "GitHub",
+    type: "oauth",
+    authorization: {
+      url: "https://github.com/login/oauth/authorize",
+      params: { scope: "read:user user:email" },
+    },
+    token: "https://github.com/login/oauth/access_token",
+    userinfo: {
+      url: "https://api.github.com/user",
+      async request({ client, tokens }) {
+        // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+        const profile = await client.userinfo(tokens.access_token!)
+
+        if (!profile.email) {
+          // If the user does not have a public email, get another via the GitHub API
+          // See https://docs.github.com/en/rest/users/emails#list-public-email-addresses-for-the-authenticated-user
+          const res = await fetch("https://api.github.com/user/emails", {
+            headers: { Authorization: `token ${tokens.access_token}` },
+          })
+
+          if (res.ok) {
+            const emails: GithubEmail[] = await res.json()
+            profile.email = (emails.find((e) => e.primary) ?? emails[0]).email
+          }
+        }
+
+        return profile
+      },
+    },
+    profile(profile) {
+      return {
+        id: profile.id.toString(),
+        name: profile.name ?? profile.login,
+        email: profile.email,
+        image: profile.avatar_url,
+      }
+    },
+    options,
+  }
+}
--- a/packages/next-auth/src/providers/gitlab.js
+++ b/packages/next-auth/src/providers/gitlab.js
@@ -1,22 +0,0 @@
-/** @type {import("src/providers").OAuthProvider} */
-/** @type {import(".").OAuthProvider} */
-export default function GitLab(options) {
-  return {
-    id: "gitlab",
-    name: "GitLab",
-    type: "oauth",
-    authorization: "https://gitlab.com/oauth/authorize?scope=read_user",
-    token: "https://gitlab.com/oauth/token",
-    userinfo: "https://gitlab.com/api/v4/user",
-    checks: ["pkce", "state"],
-    profile(profile) {
-      return {
-        id: profile.id,
-        name: profile.username,
-        email: profile.email,
-        image: profile.avatar_url,
-      }
-    },
-    options,
-  }
-}
--- a/packages/next-auth/src/providers/gitlab.ts
+++ b/packages/next-auth/src/providers/gitlab.ts
@@ -0,0 +1,72 @@
+import type { OAuthConfig, OAuthUserConfig } from "."
+
+export interface GitLabProfile extends Record<string, any> {
+  id: number
+  username: string
+  email: string
+  name: string
+  state: string
+  avatar_url: string
+  web_url: string
+  created_at: string
+  bio: string
+  location?: string
+  public_email: string
+  skype: string
+  linkedin: string
+  twitter: string
+  website_url: string
+  organization: string
+  job_title: string
+  pronouns: string
+  bot: boolean
+  work_information?: string
+  followers: number
+  following: number
+  local_time: string
+  last_sign_in_at: string
+  confirmed_at: string
+  theme_id: number
+  last_activity_on: string
+  color_scheme_id: number
+  projects_limit: number
+  current_sign_in_at: string
+  identities: Array<{
+    provider: string
+    extern_uid: string
+  }>
+  can_create_group: boolean
+  can_create_project: boolean
+  two_factor_enabled: boolean
+  external: boolean
+  private_profile: boolean
+  commit_email: string
+  shared_runners_minutes_limit: number
+  extra_shared_runners_minutes_limit: number
+}
+
+export default function GitLab<P extends GitLabProfile>(
+  options: OAuthUserConfig<P>
+): OAuthConfig<P> {
+  return {
+    id: "gitlab",
+    name: "GitLab",
+    type: "oauth",
+    authorization: {
+      url: "https://gitlab.com/oauth/authorize",
+      params: { scope: "read_user" },
+    },
+    token: "https://gitlab.com/oauth/token",
+    userinfo: "https://gitlab.com/api/v4/user",
+    checks: ["pkce", "state"],
+    profile(profile) {
+      return {
+        id: profile.id.toString(),
+        name:  profile.name ?? profile.username,
+        email: profile.email,
+        image: profile.avatar_url,
+      }
+    },
+    options,
+  }
+}
--- a/packages/next-auth/src/providers/vk.js
+++ b/packages/next-auth/src/providers/vk.js
@@ -1,23 +0,0 @@
-/** @type {import(".").OAuthProvider} */
-export default function VK(options) {
-  const apiVersion = "5.126" // https://vk.com/dev/versions
-
-  return {
-    id: "vk",
-    name: "VK",
-    type: "oauth",
-    authorization: `https://oauth.vk.com/authorize?scope=email&v=${apiVersion}`,
-    token: `https://oauth.vk.com/access_token?v=${apiVersion}`,
-    userinfo: `https://api.vk.com/method/users.get?fields=photo_100&v=${apiVersion}`,
-    profile(result) {
-      const profile = result.response?.[0] ?? {}
-      return {
-        id: profile.id,
-        name: [profile.first_name, profile.last_name].filter(Boolean).join(" "),
-        email: profile.email,
-        image: profile.photo_100,
-      }
-    },
-    options,
-  }
-}
--- a/packages/next-auth/src/providers/vk.ts
+++ b/packages/next-auth/src/providers/vk.ts
@@ -0,0 +1,285 @@
+import type { OAuthConfig, OAuthUserConfig } from "."
+
+export interface VkProfile {
+  // https://dev.vk.com/reference/objects/user
+  response: Array<{
+    id: number
+    first_name: string
+    last_name: string
+    photo_100: string
+    can_access_closed: boolean
+    is_closed: boolean
+    deactivated?: string
+    sex?: 0 | 1 | 2
+    screen_name?: string
+    photo_50?: string
+    online?: 0 | 1
+    online_mobile?: 0 | 1
+    online_app?: number
+    verified?: 0 | 1
+    trending?: 0 | 1
+    friend_status?: 0 | 1 | 2 | 3
+    first_name_nom?: string
+    first_name_gen?: string
+    first_name_dat?: string
+    first_name_acc?: string
+    first_name_ins?: string
+    first_name_abl?: string
+    last_name_nom?: string
+    last_name_gen?: string
+    last_name_dat?: string
+    last_name_acc?: string
+    last_name_ins?: string
+    last_name_abl?: string
+    nickname?: string
+    maiden_name?: string
+    domain?: string
+    bdate?: string
+    city?: {
+      id: number
+      title: string
+    }
+    country?: {
+      id: number
+      title: string
+    }
+    timezone?: number
+    photo_200?: string
+    photo_max?: string
+    photo_200_orig?: string
+    photo_400_orig?: string
+    photo_max_orig?: string
+    photo_id?: string
+    has_photo?: 0 | 1
+    has_mobile?: 0 | 1
+    is_friend?: 0 | 1
+    can_post?: 0 | 1
+    can_see_all_posts?: 0 | 1
+    can_see_audio?: 0 | 1
+    connections?: {
+      facebook?: string
+      skype?: string
+      twitter?: string
+      livejournal?: string
+      instagram?: string
+    }
+    photo_400?: string
+    wall_default?: 'owner' | 'all'
+    interests?: string
+    books?: string
+    tv?: string
+    quotes?: string
+    about?: string
+    games?: string
+    movies?: string
+    activities?: string
+    music?: string
+    can_write_private_message?: 0 | 1
+    can_send_friend_request?: 0 | 1
+    contacts?: {
+      mobile_phone?: string
+      home_phone?: string
+    }
+    site?: string
+    status_audio?: {
+      access_key?: string
+      artist: string
+      id: number
+      owner_id: number
+      title: string
+      url?: string
+      duration: number
+      date?: number
+      album_id?: number
+      genre_id?: number
+      performer?: string
+    }
+    status?: string
+    last_seen?: {
+      platform?: 1 | 2 | 3 | 4 | 5 | 6 | 7
+      time?: number
+    }
+    exports?: {
+      facebook?: number
+      livejournal?: number
+      twitter?: number
+      instagram?: number
+    }
+    crop_photo?: {
+      photo: {
+        access_key?: string
+        album_id: number
+        date: number
+        height?: number
+        id: number
+        images?: Array<{
+          height?: number
+          type?: 's' | 'm' | 'x' | 'l' | 'o' | 'p' | 'q' | 'r' | 'y' | 'z' | 'w'
+          url?: string
+          width?: number
+        }>
+        lat?: number
+        long?: number
+        owner_id: number
+        photo_256?: string
+        can_comment?: 0 | 1
+        place?: string
+        post_id?: number
+        sizes?: Array<{
+          height: number
+          url: string
+          src?: string
+          type: 's' | 'm' | 'x' | 'o' | 'p' | 'q' | 'r' | 'k' | 'l' | 'y' | 'z' | 'c' | 'w' | 'a' | 'b' | 'e' | 'i' | 'd' | 'j' | 'temp' | 'h' | 'g' | 'n' | 'f' | 'max'
+          width: number
+        }>
+        text?: string
+        user_id?: number
+        width?: number
+        has_tags: boolean
+      }
+      crop: {
+        x: number
+        y: number
+        x2: number
+        y2: number
+      }
+      rect: {
+        x: number
+        y: number
+        x2: number
+        y2: number
+      }
+    }
+    followers_count?: number
+    blacklisted?: 0 | 1
+    blacklisted_by_me?: 0 | 1
+    is_favorite?: 0 | 1
+    is_hidden_from_feed?: 0 | 1
+    common_count?: number
+    occupation?: {
+      id?: number
+      name?: string
+      type?: 'work' | 'school' | 'university'
+    }
+    career?: {
+      group_id?: number
+      company?: string
+      country_id?: number
+      city_id?: number
+      city_name?: string
+      from?: number
+      until?: number
+      position?: string
+    }
+    military?: {
+      country_id: number
+      from?: number
+      unit: string
+      unit_id: number
+      until?: number
+    }
+    education?: {
+      university?: number
+      university_name?: string
+      faculty?: number
+      faculty_name?: string
+      graduation?: number
+    }
+    home_town?: string
+    relation?: 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
+    relation_partner?: {
+      deactivated?: string
+      first_name: string
+      hidden?: number
+      id: number
+      last_name: string
+      can_access_closed?: boolean
+      is_closed?: boolean
+    }
+    personal?: {
+      alcohol?: 1 | 2 | 3 | 4 | 5
+      inspired_by?: string
+      langs?: string[]
+      life_main?: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
+      people_main?: 1 | 2 | 3 | 4 | 5 | 6
+      political?: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
+      religion?: string
+      smoking?: 1 | 2 | 3 | 4 | 5
+    }
+    universities?: Array<{
+      chair?: number
+      chair_name?: string
+      city?: number
+      country?: number
+      education_form?: string
+      education_status?: string
+      faculty?: number
+      faculty_name?: string
+      graduation?: number
+      id?: number
+      name?: string
+      university_group_id?: number
+    }>
+    schools?: Array<{
+      city?: number
+      class?: string
+      country?: number
+      id?: string
+      name?: string
+      type?: number
+      type_str?: string
+      year_from?: number
+      year_graduated?: number
+      year_to?: number
+      speciality?: string
+    }>
+    relatives?: Array<{
+      id?: number
+      name?: string
+      type: 'parent' | 'child' | 'grandparent' | 'grandchild' | 'sibling'
+    }>
+    counters?: {
+      albums?: number
+      videos?: number
+      audios?: number
+      photos?: number
+      notes?: number
+      friends?: number
+      groups?: number
+      online_friends?: number
+      mutual_friends?: number
+      user_videos?: number
+      followers?: number
+      pages?: number
+    }
+    is_no_index?: 0 | 1
+  }>
+}
+
+export default function VK<
+  P extends Record<string, any> = VkProfile
+>(options: OAuthUserConfig<P>): OAuthConfig<P> {
+  const apiVersion = "5.131" // https://vk.com/dev/versions
+
+  return {
+    id: "vk",
+    name: "VK",
+    type: "oauth",
+    authorization: `https://oauth.vk.com/authorize?scope=email&v=${apiVersion}`,
+    client: {
+      token_endpoint_auth_method: "client_secret_post",
+    },
+    token: `https://oauth.vk.com/access_token?v=${apiVersion}`,
+    userinfo: `https://api.vk.com/method/users.get?fields=photo_100&v=${apiVersion}`,
+    profile(result: P) {
+      const profile = result.response?.[0] ?? {}
+      return {
+        id: profile.id,
+        name: [profile.first_name, profile.last_name].filter(Boolean).join(" "),
+        email: null,
+        image: profile.photo_100,
+      }
+    },
+    options,
+  }
+}
--- a/packages/next-auth/src/providers/wikimedia.ts
+++ b/packages/next-auth/src/providers/wikimedia.ts
@@ -0,0 +1,185 @@
+import type { OAuthConfig, OAuthUserConfig } from "."
+
+export type WikimediaGroup =
+  | "*"
+  | "user"
+  | "autoconfirmed"
+  | "extendedconfirmed"
+  | "bot"
+  | "sysop"
+  | "bureaucrat"
+  | "steward"
+  | "accountcreator"
+  | "import"
+  | "transwiki"
+  | "ipblock-exempt"
+  | "oversight"
+  | "rollbacker"
+  | "propertycreator"
+  | "wikidata-staff"
+  | "flood"
+  | "translationadmin"
+  | "confirmed"
+  | "flow-bot"
+  | "checkuser"
+
+export type WikimediaGrant =
+  | "basic"
+  | "blockusers"
+  | "checkuser"
+  | "createaccount"
+  | "delete"
+  | "editinterface"
+  | "editmycssjs"
+  | "editmyoptions"
+  | "editmywatchlist"
+  | "editpage"
+  | "editprotected"
+  | "editsiteconfig"
+  | "globalblock"
+  | "highvolume"
+  | "import"
+  | "mergehistory"
+  | "oath"
+  | "oversight"
+  | "patrol"
+  | "privateinfo"
+  | "protect"
+  | "rollback"
+  | "sendemail"
+  | "shortenurls"
+  | "uploadfile"
+  | "viewdeleted"
+  | "viewmywatchlist"
+
+export type WikimediaRight =
+  | "abusefilter-log"
+  | "apihighlimits"
+  | "applychangetags"
+  | "autoconfirmed"
+  | "autopatrol"
+  | "autoreview"
+  | "bigdelete"
+  | "block"
+  | "blockemail"
+  | "bot"
+  | "browsearchive"
+  | "changetags"
+  | "checkuser"
+  | "checkuser-log"
+  | "createaccount"
+  | "createpage"
+  | "createpagemainns"
+  | "createtalk"
+  | "delete"
+  | "delete-redirect"
+  | "deletedhistory"
+  | "deletedtext"
+  | "deletelogentry"
+  | "deleterevision"
+  | "edit"
+  | "edit-legal"
+  | "editinterface"
+  | "editmyoptions"
+  | "editmyusercss"
+  | "editmyuserjs"
+  | "editmyuserjson"
+  | "editmywatchlist"
+  | "editprotected"
+  | "editsemiprotected"
+  | "editsitecss"
+  | "editsitejs"
+  | "editsitejson"
+  | "editusercss"
+  | "edituserjs"
+  | "edituserjson"
+  | "globalblock"
+  | "import"
+  | "importupload"
+  | "ipblock-exempt"
+  | "item-merge"
+  | "item-redirect"
+  | "item-term"
+  | "markbotedits"
+  | "massmessage"
+  | "mergehistory"
+  | "minoredit"
+  | "move"
+  | "move-subpages"
+  | "movefile"
+  | "movestable"
+  | "mwoauth-authonlyprivate"
+  | "nominornewtalk"
+  | "noratelimit"
+  | "nuke"
+  | "patrol"
+  | "patrolmarks"
+  | "property-create"
+  | "property-term"
+  | "protect"
+  | "purge"
+  | "read"
+  | "reupload"
+  | "reupload-own"
+  | "reupload-shared"
+  | "rollback"
+  | "sendemail"
+  | "skipcaptcha"
+  | "suppressionlog"
+  | "tboverride"
+  | "templateeditor"
+  | "torunblocked"
+  | "transcode-reset"
+  | "translate"
+  | "undelete"
+  | "unwatchedpages"
+  | "upload"
+  | "upload_by_url"
+  | "viewmywatchlist"
+  | "viewsuppressed"
+  | "writeapi"
+
+export interface WikimediaProfile extends Record<string, any> {
+  sub: string
+  username: string
+  editcount: number
+  confirmed_email: boolean
+  blocked: boolean
+  registered: string
+  groups: WikimediaGroup[]
+  rights: WikimediaRight[]
+  grants: WikimediaGrant[]
+  realname: string
+  email: string
+}
+
+/**
+ * Wikimedia OAuth2 provider.
+ * All Wikimedia wikis are supported. Wikipedia, Wikidata, etc...
+ *
+ * (Register)[https://meta.wikimedia.org/wiki/Special:OAuthConsumerRegistration]
+ * (Documentation)[https://www.mediawiki.org/wiki/Extension:OAuth]
+ */
+export default function Wikimedia<P extends WikimediaProfile>(
+  options: OAuthUserConfig<P>
+): OAuthConfig<P> {
+  return {
+    id: "wikimedia",
+    name: "Wikimedia",
+    type: "oauth",
+    token: "https://meta.wikimedia.org/w/rest.php/oauth2/access_token",
+    userinfo: "https://meta.wikimedia.org/w/rest.php/oauth2/resource/profile",
+    authorization: {
+      url: "https://meta.wikimedia.org/w/rest.php/oauth2/authorize",
+      params: { scope: "" },
+    },
+    profile(profile) {
+      return {
+        id: profile.sub,
+        name: profile.username,
+        email: profile.email,
+      }
+    },
+    options,
+  }
+}
--- a/packages/next-auth/src/react/index.tsx
+++ b/packages/next-auth/src/react/index.tsx
@@ -175,7 +175,11 @@ export async function getProviders() {
 export async function signIn<
  P extends RedirectableProviderType | undefined = undefined
 >(
-  provider?: LiteralUnion<P extends RedirectableProviderType ? P | BuiltInProviderType : BuiltInProviderType>,
+  provider?: LiteralUnion<
+    P extends RedirectableProviderType
+      ? P | BuiltInProviderType
+      : BuiltInProviderType
+  >,
  options?: SignInOptions,
  authorizationParams?: SignInAuthorizationParams
 ): Promise<
@@ -224,6 +228,7 @@ export async function signIn<

  const data = await res.json()

+  // TODO: Do not redirect for Credentials and Email providers by default in next major
  if (redirect || !isSupportingReturn) {
    const url = data.url ?? callbackUrl
    window.location.href = url
--- a/packages/next-auth/src/utils/logger.ts
+++ b/packages/next-auth/src/utils/logger.ts
@@ -19,7 +19,11 @@ function hasErrorProperty(
  return !!(x as any)?.error
 }

-export type WarningCode = "NEXTAUTH_URL" | "NO_SECRET" | "TWITTER_OAUTH_2_BETA"
+export type WarningCode =
+  | "NEXTAUTH_URL"
+  | "NO_SECRET"
+  | "TWITTER_OAUTH_2_BETA"
+  | "DEBUG_ENABLED"

 /**
 * Override any of the methods, and the rest will use the default logger.
--- a/packages/next-auth/tsconfig.json
+++ b/packages/next-auth/tsconfig.json
@@ -15,7 +15,9 @@
    "skipDefaultLibCheck": true,
    "baseUrl": ".",
    "outDir": ".",
-    
+    "paths": {
+      "next": ["node_modules/next"]
+    }
  },
  "exclude": ["./*.js", "./*.d.ts", "config", "**/__tests__", "tests"]
 }
--- a/packages/tsconfig/package.json
+++ b/packages/tsconfig/package.json
@@ -1,5 +1,6 @@
 {
  "name": "@next-auth/tsconfig",
+  "private": true,
  "version": "0.0.0",
  "license": "MIT",
  "main": "index.js",
@@ -7,4 +8,4 @@
    "adapters.json",
    "base.json"
  ]
-}
+}
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
--- a/scripts/release/analyze.ts
+++ b/scripts/release/analyze.ts
@@ -1,173 +0,0 @@
-import type { Commit, GroupedCommits, PackageToRelease } from "./types"
-
-import { debug, pkgJson, execSync } from "./utils"
-import semver from "semver"
-import parseCommit from "@commitlint/parse"
-// @ts-ignore
-import gitLog from "git-log-parser"
-// @ts-ignore
-import streamToArray from "stream-to-array"
-
-export async function analyze(options: {
-  dryRun: boolean
-  packages: Record<string, string>
-  BREAKING_COMMIT_MSG: string
-  RELEASE_COMMIT_MSG: string
-  RELEASE_COMMIT_TYPES: string[]
-  SKIP_RELEASE_MSG: string
-}): Promise<PackageToRelease[]> {
-  const {
-    packages,
-    BREAKING_COMMIT_MSG,
-    RELEASE_COMMIT_MSG,
-    RELEASE_COMMIT_TYPES,
-    SKIP_RELEASE_MSG,
-  } = options
-
-  const packageFolders = Object.values(options.packages)
-
-  console.log("Identifying latest tag...")
-  const latestTag = execSync("git describe --tags --abbrev=0", {
-    stdio: "pipe",
-  })
-    .toString()
-    .trim()
-  console.log(`Latest tag identified: ${latestTag}`)
-
-  console.log()
-
-  console.log("Identifying commits since the latest tag...")
-
-  const range = `${latestTag}..HEAD`
-
-  // Get the commits since the latest tag
-  const commitsSinceLatestTag = await new Promise<Commit[]>(
-    (resolve, reject) => {
-      const stream = gitLog.parse({ _: range })
-      streamToArray(stream, (err: Error, arr: any[]) => {
-        if (err) return reject(err)
-
-        Promise.all(
-          arr.map(async (d) => {
-            const parsed = await parseCommit(d.subject)
-
-            return { ...d, parsed }
-          })
-        ).then((res) => resolve(res.filter(Boolean)))
-      })
-    }
-  )
-
-  console.log(commitsSinceLatestTag.length, `commits found since ${latestTag}`)
-  debug(
-    "Analyzing the following commits:",
-    commitsSinceLatestTag.map((c) => `  ${c.subject}`).join("\n")
-  )
-
-  const lastCommit = commitsSinceLatestTag[0]
-  if (lastCommit?.parsed.raw.includes(SKIP_RELEASE_MSG)) {
-    console.log(
-      `Last commit contained ${SKIP_RELEASE_MSG}, skipping release...`
-    )
-    return []
-  }
-  if (lastCommit?.parsed.raw === RELEASE_COMMIT_MSG) {
-    debug("Already released...")
-    return []
-  }
-
-  console.log()
-  console.log("Identifying commits that touched package code...")
-  function getChangedFiles(commitSha: string) {
-    return execSync(
-      `git diff-tree --no-commit-id --name-only -r ${commitSha}`,
-      { stdio: "pipe" }
-    )
-      .toString()
-      .trim()
-      .split("\n")
-  }
-  const packageCommits = commitsSinceLatestTag.filter(({ commit }) => {
-    const changedFiles = getChangedFiles(commit.short)
-    return packageFolders.some((packageFolder) =>
-      changedFiles.some((changedFile) => changedFile.startsWith(packageFolder))
-    )
-  })
-
-  console.log(packageCommits.length, "commits touched package code")
-
-  console.log()
-
-  console.log("Identifying packages that need a new release...")
-
-  const packagesNeedRelease: string[] = []
-  const grouppedPackages = packageCommits.reduce((acc, commit) => {
-    const changedFilesInCommit = getChangedFiles(commit.commit.short)
-
-    for (const [pkg, src] of Object.entries(packages)) {
-      if (
-        changedFilesInCommit.some((changedFile) => changedFile.startsWith(src))
-      ) {
-        if (!(pkg in acc)) {
-          acc[pkg] = { features: [], bugfixes: [], other: [], breaking: [] }
-        }
-        const { type } = commit.parsed
-        if (RELEASE_COMMIT_TYPES.includes(type)) {
-          if (!packagesNeedRelease.includes(pkg)) {
-            packagesNeedRelease.push(pkg)
-          }
-          if (type === "feat") {
-            acc[pkg].features.push(commit)
-            if (commit.body.includes(BREAKING_COMMIT_MSG)) {
-              const [, changesBody] = commit.body.split(BREAKING_COMMIT_MSG)
-              acc[pkg].breaking.push({
-                ...commit,
-                body: changesBody.trim(),
-              })
-            }
-          } else acc[pkg].bugfixes.push(commit)
-        } else {
-          acc[pkg].other.push(commit)
-        }
-      }
-    }
-    return acc
-  }, {} as Record<string, GroupedCommits>)
-
-  if (packagesNeedRelease.length) {
-    console.log(
-      packagesNeedRelease.length,
-      `new release(s) needed: ${packagesNeedRelease.join(", ")}`
-    )
-  } else {
-    console.log("No packages needed a new release, BYE!")
-
-    return []
-  }
-
-  console.log()
-
-  const packagesToRelease: PackageToRelease[] = []
-  for await (const pkgName of packagesNeedRelease) {
-    const commits = grouppedPackages[pkgName]
-    const releaseType: semver.ReleaseType = commits.breaking.length
-      ? "major" // 1.x.x
-      : commits.features.length
-      ? "minor" // x.1.x
-      : "patch" // x.x.1
-
-    const packageJson = await pkgJson.read(packages[pkgName])
-    const oldVersion = packageJson.version!
-    const newSemVer = semver.parse(semver.inc(oldVersion, releaseType))!
-
-    packagesToRelease.push({
-      name: pkgName,
-      oldVersion,
-      newVersion: `${newSemVer.major}.${newSemVer.minor}.${newSemVer.patch}`,
-      commits,
-      path: packages[pkgName],
-    })
-  }
-
-  return packagesToRelease
-}
--- a/scripts/release/config.ts
+++ b/scripts/release/config.ts
@@ -1,25 +0,0 @@
-export const config = {
-  releaseBranches: ["main"],
-  // TODO: Generate dynamically
-  packages: {
-    "next-auth": "packages/next-auth",
-    "@next-auth/dgraph-adapter": "packages/adapter-dgraph",
-    "@next-auth/fauna-adapter": "packages/adapter-fauna",
-    "@next-auth/mikro-orm-adapter": "packages/adapter-mikro-orm",
-    "@next-auth/neo4j-adapter": "packages/adapter-neo4j",
-    "@next-auth/prisma-adapter": "packages/adapter-prisma",
-    "@next-auth/upstash-redis-adapter": "packages/adapter-upstash-redis",
-    "@next-auth/dynamodb-adapter": "packages/adapter-dynamodb",
-    "@next-auth/firebase-adapter": "packages/adapter-firebase",
-    "@next-auth/mongodb-adapter": "packages/adapter-mongodb",
-    "@next-auth/pouchdb-adapter": "packages/adapter-pouchdb",
-    "@next-auth/sequelize-adapter": "packages/adapter-sequelize",
-    "@next-auth/typeorm-legacy-adapter": "packages/adapter-typeorm-legacy",
-  },
-  rootDir: process.cwd(),
-  RELEASE_COMMIT_MSG: "chore(release): bump version",
-  BREAKING_COMMIT_MSG: "BREAKING CHANGE",
-  SKIP_RELEASE_MSG: "[skip release]",
-  RELEASE_COMMIT_TYPES: ["feat", "fix"],
-  dryRun: !process.env.CI || !!process.env.DRY_RUN,
-}
--- a/scripts/release/index.ts
+++ b/scripts/release/index.ts
@@ -1,49 +0,0 @@
-import { config } from "./config"
-import { shouldSkip } from "./skip"
-import { verify as verify } from "./verify"
-import { analyze } from "./analyze"
-import { publish } from "./publish"
-import { debug } from "./utils"
-
-async function run() {
-  if (config.dryRun) {
-    console.log("\nPerforming dry run, no packages will be published!\n")
-  }
-
-  if (shouldSkip({ releaseBranches: config.releaseBranches })) {
-    return
-  }
-
-  if (config.dryRun) {
-    console.log("\nDry run, skip validation...\n")
-  } else {
-    await verify()
-  }
-
-  const packages = await analyze(config)
-
-  if (!packages.length) return
-
-  debug(
-    "Packages to release:",
-    packages
-      .map((p) =>
-        JSON.stringify(
-          {
-            ...p,
-            commits: `${p.commits.features.length} feature(s), ${p.commits.bugfixes.length} bugfixe(s), ${p.commits.other.length} othe(r) and ${p.commits.breaking.length} breaking change(s)`,
-          },
-          null,
-          2
-        )
-      )
-      .join("\n")
-  )
-
-  await publish({ ...config, packages })
-}
-
-run().catch((err) => {
-  console.log(err)
-  process.exit(1)
-})
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Balázs Orbán	6590993fdc	chore(release): bump package version(s) [skip ci]	2022-07-21 16:35:03 +02:00
Balázs Orbán	0ea96796b2	fix: improve `logger` (#4970 ) * fix: add debug warning, only show warnings once * fix: prefer `debug` for details * remove url * test: fix tests * Update docs/docs/errors.md Co-authored-by: Thang Vu <31528554+ThangHuuVu@users.noreply.github.com> * Update callback.ts Co-authored-by: Thang Vu <31528554+ThangHuuVu@users.noreply.github.com>	2022-07-21 16:00:16 +02:00
Misha Kaletsky	8ec940bd6a	docs: highlight archiving of next-auth/react-query (#4964 ) * docs: highlight archiving of next-auth/react-query project is read-only and author said users should just copy-paste the implementation: https://github.com/nextauthjs/react-query/issues/7#issuecomment-923099050 * Update docs/docs/getting-started/client.md Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update docs/docs/getting-started/client.md Co-authored-by: Balázs Orbán <info@balazsorban.com> Co-authored-by: Balázs Orbán <info@balazsorban.com>	2022-07-21 13:59:46 +02:00
Balázs Orbán	e3bcdf83f1	chore: update lock file	2022-07-20 03:18:02 +02:00
Balázs Orbán	4084297334	chore(release): extract release script to its own package	2022-07-20 03:08:03 +02:00
Balázs Orbán	c9827960b1	chore(release): read `packages` dynamically	2022-07-20 00:36:49 +02:00
Balázs Orbán	946a825865	chore: fix `adapters` PR auto-labeler	2022-07-19 23:55:03 +02:00
Balázs Orbán	c57d8c997e	fix(adapters): set correct peer dependency version of `next-auth` (#4950 ) * fix(adapters): set correct peer dependency version of `next-auth` * fix fauna peer dependency	2022-07-19 23:46:45 +02:00
Balázs Orbán	e2b92bf04f	chore: add newlines to PR comment	2022-07-19 17:45:55 +02:00
Balázs Orbán	8bff050e4e	chore(release): bump version [skip ci]	2022-07-19 17:30:40 +02:00
Thang Vu	1a79a1a612	docs: FAQ framework-agnostic & session sharing (#4962 ) Split a FAQ into two parts: Before: - Can I use NextAuth.js with a website that does not use Next.js? After: - Can I use NextAuth.js with a framework different than Next.js? - Can session generated by NextAuth.js be used by another website?	2022-07-19 17:29:54 +02:00
Balázs Orbán	b7065a602f	chore: correct Middleware logic in Next.js example	2022-07-19 17:16:51 +02:00
Balázs Orbán	61b92ec1b6	chore: revert type assertion	2022-07-19 16:57:16 +02:00
Balázs Orbán	282f7ab340	fix(ts): fix Middleware internal type	2022-07-19 16:46:13 +02:00
Balázs Orbán	4f56e414b0	chore: simplify dev app	2022-07-19 16:42:21 +02:00
Yoann Fleury	2725d07eb7	fix(providers): migrate GitLab provider to TS (#4929 )	2022-07-17 04:47:15 +02:00
Balázs Orbán	5a8b029523	docs: clarify `getToken` + `secret` in example ref #4954	2022-07-17 04:44:11 +02:00
Balázs Orbán	f62a985848	docs: clarify `getToken` and `secret` Ref: #4954	2022-07-17 04:39:47 +02:00
Balázs Orbán	edd6fb5989	Merge branch 'main' of github.com:nextauthjs/next-auth	2022-07-17 04:29:49 +02:00
Balázs Orbán	fb60554a62	chore(ts): explicitly set `next` path in `next-auth`	2022-07-17 04:29:44 +02:00
cobbvanth	9784dfb631	docs: Remove import of "useSession" from wrong location (#4952 ) This tutorial snipped erroneously imports useSession from "next-auth/next", when it actually resides in "next-auth/react".	2022-07-16 23:06:00 +02:00
Balázs Orbán	4ff836a8cf	test(providers): add fetch polyfill to redis test runs	2022-07-16 17:39:32 +02:00
Balázs Orbán	042955eaaa	fix(providers): allow `issuer` in Azure AD B2C	2022-07-16 14:20:31 +02:00
Balázs Orbán	82e107c0e7	chore: improve dev app DX	2022-07-16 14:19:33 +02:00
dependabot[bot]	f7050347e8	chore(deps-dev): bump svelte from 3.46.4 to 3.49.0 in /apps/playground-sveltekit (#4947 ) chore(deps-dev): bump svelte in /apps/playground-sveltekit Bumps [svelte](https://github.com/sveltejs/svelte) from 3.46.4 to 3.49.0. - [Release notes](https://github.com/sveltejs/svelte/releases) - [Changelog](https://github.com/sveltejs/svelte/blob/master/CHANGELOG.md) - [Commits](https://github.com/sveltejs/svelte/compare/v3.46.4...v3.49.0) --- updated-dependencies: - dependency-name: svelte dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-15 23:17:21 +02:00
Balázs Orbán	c56abbd745	chore: update CODEOWNERS (#4941 ) * chore: update codeowners * reorganize	2022-07-15 12:35:54 +02:00
Thang Vu	3f6d99e8df	chore: add Thang to contributor (#4944 )	2022-07-15 12:34:36 +02:00
Balázs Orbán	46eedee3c8	fix(ts): remove TS workaround for `withAuth` (#4926 ) * fix(ts): improve Middleware types * docs: remove TS workaround for Middleware * ignore lint * simplify	2022-07-15 04:39:15 +02:00
Balázs Orbán	bb664a27da	fix(providers): typo in GitHub provider scope (#4938 )	2022-07-15 04:38:42 +02:00
Balázs Orbán	a14fbea0b5	chore: add TODO comment for next major	2022-07-15 02:41:09 +02:00
Balázs Orbán	4705632c6b	chore: add TODO comment for next major version	2022-07-15 02:38:59 +02:00
Balázs Orbán	2296471f02	chore: add `pnpm` to experimental release comment	2022-07-15 02:20:06 +02:00
S. Suzuki	8853000fd5	fix(ts): `handleMiddleware` return type can be `NextMiddlewareResult` (#4818 ) Co-authored-by: Lluis Agusti <hi@llu.lu>	2022-07-14 00:20:19 +02:00
Balázs Orbán	70ffa6592f	chore(release): bump package version(s) [skip ci]	2022-07-13 14:16:44 +02:00
mshd	3666e438a3	refactor(providers): convert GitHub provider to TypeScript (#4908 ) * rewrite github provider in typescript * rename md js endings * Update packages/next-auth/src/providers/github.ts Co-authored-by: Balázs Orbán <info@balazsorban.com> * add eslint disable next line Co-authored-by: Balázs Orbán <info@balazsorban.com>	2022-07-13 14:07:24 +02:00
Aliaksei Tayanouski	cdf467eba1	fix(providers): fix VK provider and convert to TS (#3709 ) * renamed vk provider file extension to .ts * lint issue fix * vk provider fix * formatting fix * remove user_id from tokens * Update src/providers/vk.ts Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update src/providers/vk.ts Co-authored-by: Balázs Orbán <info@balazsorban.com> * user interface additions Co-authored-by: Balázs Orbán <info@balazsorban.com>	2022-07-13 14:04:55 +02:00
Balázs Orbán	374dc30f9f	chore: bump `pnpm` version requirement	2022-07-13 14:01:25 +02:00
Balázs Orbán	d9534d807d	chore: tweak release script	2022-07-13 13:59:45 +02:00
Balázs Orbán	f4c7401a5d	chore: fix release script text	2022-07-13 13:09:08 +02:00
Balázs Orbán	2baa0c30c1	chore: bump `turbo`	2022-07-13 13:08:58 +02:00
Sagar Gajare	839b9108ea	docs: provider link fixed (#4913 )	2022-07-13 01:39:13 +02:00
Juho Tapio	0bf955a63d	docs: a few typos in CONTRIBUTING.md (#4910 ) * docs: fixed a typo * docs: update link to scripts index * docks: more typos * docs: added a comma	2022-07-12 17:58:54 +02:00
Balázs Orbán	83a974d455	docs: update Middleware docs closes #4867	2022-07-12 17:19:23 +02:00
Nico Domino	8f54b8f729	docs: upgrade docusaurus-plugin-npm2yarn2pnpm (#4909 )	2022-07-12 16:52:21 +02:00
nkg	1b91282402	fix(ts): use correct type for `nodemailer` config in the EmailProvider (#4097 ) Co-authored-by: Thang Vu <31528554+ThangHuuVu@users.noreply.github.com>	2022-07-12 02:50:09 +02:00
Ryan Barr	c2a9ab3023	fix(providers): convert Discord Provider to TypeScript (#4170 ) * chore(providers): Add typings for Discord Provider * Update DiscordProfile interface to extend Record.	2022-07-12 02:43:56 +02:00
Chancellor Clark	5bd00f6ff1	feat(adapters): update Firebase adapter to use new API (#3873 ) Ports and refactors `@next-auth/firebase-adapter` to use the new Adapter API. Ported from this PR: nextauthjs/adapters#183 BREAKING CHANGE: - Renames `FirebaseAdapter` export to `FirestoreAdpater` - This adapter now requires firebase v9+	2022-07-12 01:45:06 +02:00
William Crutchfield	af3c2dd33d	fix(ts): typo in Azure Active Directory Provider (#4895 )	2022-07-11 18:24:09 +02:00
John Brunton	709edc5153	fix(adapters): use correct peer dependency in Sequelize adapter (#4880 )	2022-07-11 18:23:04 +02:00
Balázs Orbán	fa3ea37ebc	chore: comment out adapter in dev app	2022-07-11 18:20:53 +02:00
Yoann Fleury	6a364f0353	docs: update CONTRIBUTING for pnpm instead of yarn (#4888 ) * docs: update CONTRIBUTING for pnpm instead of yarn * dev:app -> dev Co-authored-by: Thang Vu <31528554+ThangHuuVu@users.noreply.github.com>	2022-07-11 10:38:30 +07:00
mshd	c22d613774	feat(providers): Add Wikimedia Oauth Provider (#4813 ) * Add Wikimedia Oauth Provider * add docs * Update wikimedia.md * Update wikimedia.md * Update wikimedia.md Co-authored-by: Nico Domino <yo@ndo.dev>	2022-07-10 19:38:01 +02:00
Nico Domino	9efafcd36c	chore: fix dev app URL parse error (#4887 )	2022-07-10 14:30:10 +02:00
Misha Kaletsky	e317b16cd2	docs: getToken link (#4884 ) fix(docs): getToken link without `/` it's considered a relative link so goes to https://next-auth.js.org/configuration/tutorials/securing-pages-and-api-routes#using-gettoken which doesn't exist.	2022-07-09 22:46:38 +02:00
Rudy Boutte	2edc79ed2b	fix(docs): options page link (#4876 )	2022-07-09 12:56:20 +02:00
Balázs Orbán	637dda9966	chore: tweak release script	2022-07-08 19:55:08 +02:00
Balázs Orbán	10bb32c479	chore(adapters): fix MikroORM adapter dependencies	2022-07-08 19:36:24 +02:00
Balázs Orbán	89e25568b1	chore: accept `--dry-run` flag in release script	2022-07-08 19:31:04 +02:00
Balázs Orbán	88ad25a16b	feat(adapters): update `typeorm` support (#4844 ) We haven't kept up with the recent TypeORM changes, and since they are still <1, it's likely that users kept upgrading, even if there were breaking changes. BREAKING CHANGE: [`typeorm`](https://github.com/typeorm/typeorm) is still in active development and has not yet published a stable release. Because of this, you can expect breaking changes in minor versions. This release of the adapter expects `typeorm@0.3.7` and is not validated against previous or future releases. Run `npm i typeorm@latest` and make sure to read the [release notes](https://github.com/typeorm/typeorm/releases) for breaking changes in TypeORM	2022-07-08 19:26:59 +02:00
Luiz Bett	c1f7ce3436	fix(ts): make `colorScheme` optional (#4868 ) Documentation says if it is not passed it will be "auto", but it is mandatory on this type.	2022-07-08 19:24:30 +02:00
sean-nicholas	c59a4e04d1	fix(middleware): allow `secret` as option in Middleware (#4846 ) * ✨ provide secret via config * 🐛 make secret optional * 📝 docs for middleware and env var * 📝 recommendation at the end of paragraph Co-authored-by: Balázs Orbán <info@balazsorban.com>	2022-07-07 14:14:21 +02:00
Joshua Grant	3c210d961b	feat(providers): add Duende IdentityServer 6 (#4850 ) * add duende identity server 6 provider * Update docs/versioned_docs/version-v3/providers/duende-identity-server6.md Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update docs/versioned_docs/version-v3/providers/duende-identity-server6.md Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update packages/next-auth/src/providers/duende-identity-server6.ts Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update packages/next-auth/src/providers/duende-identity-server6.ts Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update docs/versioned_docs/version-v3/providers/duende-identity-server6.md Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update apps/dev/pages/api/auth/[...nextauth].ts Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update docs/versioned_docs/version-v3/providers/duende-identity-server6.md Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update docs/versioned_docs/version-v3/providers/duende-identity-server6.md Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update packages/next-auth/src/providers/duende-identity-server6.ts Co-authored-by: Balázs Orbán <info@balazsorban.com> Co-authored-by: Joshua <joshua.grant@tempcover.com> Co-authored-by: Balázs Orbán <info@balazsorban.com>	2022-07-07 14:12:35 +02:00
Balázs Orbán	9457593038	chore: update Next.js example, bump dependencies	2022-07-07 11:31:17 +02:00
dependabot[bot]	5081d25f5c	chore(deps): bump next-auth in /apps/playground-sveltekit (#4859 ) Bumps [next-auth](https://github.com/nextauthjs/next-auth) from 4.5.0 to 4.9.0. - [Release notes](https://github.com/nextauthjs/next-auth/releases) - [Changelog](https://github.com/nextauthjs/next-auth/blob/main/CHANGELOG.md) - [Commits](https://github.com/nextauthjs/next-auth/compare/next-auth@v4.5.0...next-auth@v4.9.0) --- updated-dependencies: - dependency-name: next-auth dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-07 00:34:27 +02:00
Rudy Boutte	384edbab3b	docs: Added documentation on how to use a custom base path in NextAuth (#4858 )	2022-07-07 00:34:12 +02:00