Update library for latest version of remix / v3 features

package.json

@@ -23,16 +23,17 @@
     "format": "prettier --write \"{src,__tests__}/**/*.{js,ts,tsx}\""
   },
   "dependencies": {
-    "@workos-inc/node": "^7.31.0",
+    "@workos-inc/node": "^7.41.0",
     "iron-session": "^8.0.1",
     "jose": "^5.2.3"
   },
   "peerDependencies": {
-    "@remix-run/node": "^2.4.1",
+    "@remix-run/node": "^2.16.0",
     "react": "^18.0 || ^19.0.0",
     "react-dom": "^18.0 || ^19.0.0"
   },
   "devDependencies": {
+    "@remix-run/node": "^2.16.0",
     "@testing-library/jest-dom": "^6.6.3",
     "@testing-library/react": "^16.2.0",
     "@types/jest": "^29.5.14",

src/authkit-callback-route.spec.ts

@@ -1,4 +1,3 @@
-import type { LoaderFunction } from '@remix-run/node';
 import { getWorkOS } from './workos.js';
 import { authLoader } from './authkit-callback-route.js';
 import {
@@ -7,6 +6,8 @@ import {
   assertIsResponse,
 } from './test-utils/test-helpers.js';
 import { configureSessionStorage } from './sessionStorage.js';
+import { isDataWithResponseInit } from './utils.js';
+import { DataWithResponseInit } from './interfaces.js';
 
 // Mock dependencies
 const fakeWorkosInstance = {
@@ -21,7 +22,7 @@ jest.mock('./workos.js', () => ({
 }));
 
 describe('authLoader', () => {
-  let loader: LoaderFunction;
+  let loader: ReturnType<typeof authLoader>;
   let request: Request;
   const workos = getWorkOS();
   const authenticateWithCode = jest.mocked(workos.userManagement.authenticateWithCode);
@@ -58,17 +59,19 @@ describe('authLoader', () => {
     it('should handle authentication failure', async () => {
       authenticateWithCode.mockRejectedValue(new Error('Auth failed'));
       request = createRequestWithSearchParams(request, { code: 'invalid-code' });
-      const response = (await loader({ request, params: {}, context: {} })) as Response;
+      const response = (await loader({ request, params: {}, context: {} })) as DataWithResponseInit<unknown>;
+      expect(isDataWithResponseInit(response)).toBeTruthy();
 
-      expect(response.status).toBe(500);
+      expect(response?.init?.status).toBe(500);
     });
 
     it('should handle authentication failure with string error', async () => {
       authenticateWithCode.mockRejectedValue('Auth failed');
       request = createRequestWithSearchParams(request, { code: 'invalid-code' });
-      const response = (await loader({ request, params: {}, context: {} })) as Response;
+      const response = (await loader({ request, params: {}, context: {} })) as DataWithResponseInit<unknown>;
+      expect(isDataWithResponseInit(response)).toBeTruthy();
 
-      expect(response.status).toBe(500);
+      expect(response?.init?.status).toBe(500);
     });
   });
 

src/authkit-callback-route.ts

@@ -1,4 +1,4 @@
-import { LoaderFunctionArgs, json, redirect } from '@remix-run/node';
+import { LoaderFunctionArgs, data, redirect } from '@remix-run/node';
 import { getConfig } from './config.js';
 import { HandleAuthOptions } from './interfaces.js';
 import { encryptSession } from './session.js';
@@ -86,7 +86,7 @@ export function authLoader(options: HandleAuthOptions = {}) {
     }
 
     function errorResponse() {
-      return json(
+      return data(
         {
           error: {
             message: 'Something went wrong',

src/interfaces.ts

@@ -1,6 +1,8 @@
-import type { SessionStorage, SessionIdStorageStrategy } from '@remix-run/node';
+import type { SessionStorage, SessionIdStorageStrategy, data } from '@remix-run/node';
 import type { OauthTokens, User } from '@workos-inc/node';
 
+export type DataWithResponseInit<T> = ReturnType<typeof data<T>>;
+
 export interface HandleAuthOptions {
   returnPathname?: string;
   onSuccess?: (data: AuthLoaderSuccessData) => void | Promise<void>;

src/session.spec.ts

@@ -1,4 +1,4 @@
-import { LoaderFunctionArgs, Session as RemixSession, redirect } from '@remix-run/node';
+import { LoaderFunctionArgs, Session as ReactRouterSession, redirect } from '@remix-run/node';
 import { AuthenticationResponse } from '@workos-inc/node';
 import * as ironSession from 'iron-session';
 import * as jose from 'jose';
@@ -40,6 +40,23 @@ const getSessionStorage = jest.mocked(getSessionStorageMock);
 const configureSessionStorage = jest.mocked(configureSessionStorageMock);
 const jwtVerify = jest.mocked(jose.jwtVerify);
 
+function getHeaderValue(headers: HeadersInit | undefined, name: string): string | null {
+  if (!headers) {
+    return null;
+  }
+
+  if (headers instanceof Headers) {
+    return headers.get(name);
+  }
+
+  if (Array.isArray(headers)) {
+    const pair = headers.find(([key]) => key.toLowerCase() === name.toLowerCase());
+    return pair?.[1] ?? null;
+  }
+
+  return headers[name] ?? null;
+}
+
 jest.mock('jose', () => ({
   createRemoteJWKSet: jest.fn(),
   jwtVerify: jest.fn(),
@@ -55,7 +72,7 @@ jest.mock('iron-session', () => ({
 
 describe('session', () => {
   // eslint-disable-next-line @typescript-eslint/no-explicit-any
-  const createMockSession = (overrides?: Record<string, any>): RemixSession =>
+  const createMockSession = (overrides?: Record<string, any>): ReactRouterSession =>
     ({
       has: jest.fn(),
       get: jest.fn(),
@@ -65,7 +82,7 @@ describe('session', () => {
       id: 'test-session-id',
       data: {},
       ...overrides,
-    }) satisfies RemixSession;
+    }) satisfies ReactRouterSession;
 
   const createMockRequest = (cookie = 'test-cookie', url = 'http://example.com./some-path') =>
     new Request(url, {
@@ -111,8 +128,10 @@ describe('session', () => {
           profilePictureUrl: 'https://example.com/avatar.jpg',
           firstName: 'Test',
           lastName: 'User',
+          externalId: null,
           createdAt: '2021-01-01T00:00:00Z',
           updatedAt: '2021-01-01T00:00:00Z',
+          lastSignInAt: '2021-01-01T00:00:00Z',
         },
         impersonator: undefined,
         headers: {},
@@ -190,7 +209,7 @@ describe('session', () => {
       // Execute
       const response = await terminateSession(createMockRequest());
 
-      // Assert response is instance of Remix Response
+      // Assert response is instance of Response
       expect(response instanceof Response).toBe(true);
       expect(response.status).toBe(302);
       expect(response.headers.get('Location')).toBe('https://auth.workos.com/logout/test-session-id');
@@ -222,8 +241,7 @@ describe('session', () => {
       });
 
       it('should return unauthorized data when no session exists', async () => {
-        const response = await authkitLoader(createLoaderArgs(createMockRequest()));
-        const data = await response.json();
+        const { data } = await authkitLoader(createLoaderArgs(createMockRequest()));
 
         expect(data).toEqual({
           user: null,
@@ -256,11 +274,14 @@ describe('session', () => {
         });
         const customLoader = jest.fn().mockReturnValue(redirectResponse);
 
-        const response = await authkitLoader(createLoaderArgs(createMockRequest()), customLoader);
-
-        expect(response.status).toBe(302);
-        expect(response.headers.get('Location')).toBe('/dashboard');
-        expect(response.headers.get('X-Redirect-Reason')).toBe('test');
+        try {
+          await authkitLoader(createLoaderArgs(createMockRequest()), customLoader);
+        } catch (response: unknown) {
+          assertIsResponse(response);
+          expect(response.status).toBe(302);
+          expect(response.headers.get('Location')).toEqual('/dashboard');
+          expect(response.headers.get('X-Redirect-Reason')).toEqual('test');
+        }
       });
     });
 
@@ -303,8 +324,7 @@ describe('session', () => {
       });
 
       it('should return authorized data with session claims', async () => {
-        const response = await authkitLoader(createLoaderArgs(createMockRequest()));
-        const data = await response.json();
+        const { data } = await authkitLoader(createLoaderArgs(createMockRequest()));
 
         expect(data).toEqual({
           user: mockSessionData.user,
@@ -325,8 +345,7 @@ describe('session', () => {
           metadata: { key: 'value' },
         });
 
-        const response = await authkitLoader(createLoaderArgs(createMockRequest()), customLoader);
-        const data = await response.json();
+        const { data } = await authkitLoader(createLoaderArgs(createMockRequest()), customLoader);
 
         expect(data).toEqual(
           expect.objectContaining({
@@ -349,12 +368,11 @@ describe('session', () => {
           }),
         );
 
-        const response = await authkitLoader(createLoaderArgs(createMockRequest()), customLoader);
+        const { data, init } = await authkitLoader(createLoaderArgs(createMockRequest()), customLoader);
 
-        expect(response.headers.get('Custom-Header')).toBe('test-header');
-        expect(response.headers.get('Content-Type')).toBe('application/json; charset=utf-8');
+        expect(getHeaderValue(init?.headers, 'Custom-Header')).toBe('test-header');
+        expect(getHeaderValue(init?.headers, 'Content-Type')).toBe('application/json; charset=utf-8');
 
-        const data = await response.json();
         expect(data).toEqual(
           expect.objectContaining({
             customData: 'test-value',
@@ -437,8 +455,7 @@ describe('session', () => {
       });
 
       it('should refresh session when access token is invalid', async () => {
-        const response = await authkitLoader(createLoaderArgs(createMockRequest()));
-        const data = await response.json();
+        const { data, init } = await authkitLoader(createLoaderArgs(createMockRequest()));
 
         // Verify the refresh token flow was triggered
         expect(authenticateWithRefreshToken).toHaveBeenCalledWith({
@@ -459,7 +476,7 @@ describe('session', () => {
         );
 
         // Verify cookie was set
-        expect(response.headers.get('Set-Cookie')).toBe('new-session-cookie');
+        expect(getHeaderValue(init?.headers, 'Set-Cookie')).toBe('new-session-cookie');
       });
 
       it('should redirect to root when refresh fails', async () => {