Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cannot modify JWT to refresh access_token #12454

Open
rhufsky opened this issue Jan 1, 2025 · 0 comments
Open

Cannot modify JWT to refresh access_token #12454

rhufsky opened this issue Jan 1, 2025 · 0 comments
Labels
bug Something isn't working triage Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime.

Comments

@rhufsky
Copy link
Contributor

rhufsky commented Jan 1, 2025

Environment

  System:
    OS: macOS 15.1.1
    CPU: (8) arm64 Apple M1 Pro
    Memory: 176.09 MB / 16.00 GB
    Shell: 5.9 - /bin/zsh
  Binaries:
    Node: 22.12.0 - /opt/homebrew/opt/node@22/bin/node
    npm: 10.9.0 - /opt/homebrew/opt/node@22/bin/npm
    pnpm: 9.15.0 - /opt/homebrew/bin/pnpm
    bun: 1.1.40 - /opt/homebrew/bin/bun
  Browsers:
    Chrome: 131.0.6778.205
    Safari: 18.1.1
  npmPackages:
    next: 15.1.3 => 15.1.3 
    next-auth: ^5.0.0-beta.25 => 5.0.0-beta.25 
    react: ^19.0.0 => 19.0.0 

Reproduction URL

https://github.com/rhufsky/authdemo

Describe the issue

Cannot update JWT after initial creation at login time, shown by a simplified example. In the current state, it seems that I am unable to implement token refresh as described in https://authjs.dev/guides/refresh-token-rotation.

How to reproduce

Login and watch the jwt() callback. As a sample I create an arbitrary property status and set it to "INITIAL" at the first invocation of jwt().

When jwt() is invoked for a second time, it returns a token with status: "REFRESH".

The new value is never persisted, at the third invocation of jwt(), status is still "INITIAL".

    async jwt({ token, user, account, profile }) {
      console.log(token);
      if (account && profile && user) {
        console.log("INITIAL JWT");
        return {
          ...token,
          status: "INITIAL",
        };
      } else {
        console.log("SUBSQUENT JWT");

        return { ...token, status: "REFRESH" };
      }
    },

Expected behavior

After every invocation of jwt() the returned token should be persisted.

@rhufsky rhufsky added bug Something isn't working triage Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime. labels Jan 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working triage Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime.
Projects
None yet
Development

No branches or pull requests

1 participant