Closed steveharrison closed 1 year ago
Thanks for the report.
Interesting case, caused by the specifics of the Next.js Edge Runtime. Was able to reproduce, and work around by doing this trick:
// Mock window
globalThis.window = {
crypto,
setTimeout,
};
// Must use dynamic import
const verifierPromise = import("aws-jwt-verify").then(({ CognitoJwtVerifier}) => CognitoJwtVerifier.create({
userPoolId: ".........",
clientId: ".........",
tokenUse: "id",
}));
export async function middleware(request: NextRequest) {
const verifier = await verifierPromise;
const payload = await verifier.verify(
"jwt"
);
console.log(payload);
return NextResponse.next();
}
I think we can solve this on our side by not explicitly using the window
symbol in our calls, browser don't need that anyway. E.g. we can do crypto.subtle
instead of window.crypto.subtle
. Then you don't need the above trick.
So we'll treat this as a bug report.
This solution worked for me in dev mode, but when deployed on Vercel, the same error occurred as without the fix
Perhaps instead of:
globalThis.window = {
crypto,
setTimeout,
};
Do:
var window = globalThis;
Or maybe:
var window = global;
Just guessing! Not sure about the specifics of Vercel's edge runtime.
Or edit node_modules/aws-jwt-verify/dist/esm/node-web-compat-web.js
and remove all references of window
. Change window.setTimeout.bind(window)
to setTimeout.bind(undefined)
Looking over https://edge-runtime.vercel.sh/features/available-apis and appears that globalThis
is defined, but maybe "frozen" and can't be updated
Maybe try something like this that uses Object.setPrototypeOf()
let window = {
crypto,
setTimeout,
};
Object.setPrototypeOf(window, globalThis)
Fixed in v3.4.0
I get the following error trying to import this library into the Next.js Edge Runtime, used by their Middleware feature:
This is my code in
middleware.ts
:This is because the
node-web-compat-web
compatibility layer is being used, but this isn't a true web environment sowindow
is not available. All of the methods that this library needs, likecrypto
andsetTimeout
are available in this environment, just not onwindow
. More info on the Next.js Edge Runtime here: https://nextjs.org/docs/api-reference/edge-runtime.Any ideas on how to get this library working in this environment?
Versions aws-jwt-verify: 3.3.0 Next.js: 13.1.2 Node: 16.17.0
Neither, using it in Next.js Edge Runtime (https://nextjs.org/docs/api-reference/edge-runtime).