fix: Properly configure SDK to be distributed as ESM

package.json

@@ -2,6 +2,7 @@
   "name": "@auth0/nextjs-auth0",
   "version": "4.4.0",
   "description": "Auth0 Next.js SDK",
+  "type": "module",
   "scripts": {
     "build": "tsc",
     "build:watch": "tsc -w",
@@ -60,19 +61,19 @@
   },
   "exports": {
     ".": {
-      "import": "./dist/client/index.js"
+      "default": "./dist/client/index.js"
     },
     "./server": {
-      "import": "./dist/server/index.js"
+      "default": "./dist/server/index.js"
     },
     "./errors": {
-      "import": "./dist/errors/index.js"
+      "default": "./dist/errors/index.js"
     },
     "./types": {
-      "import": "./dist/types/index.d.ts"
+      "default": "./dist/types/index.d.ts"
     },
     "./testing": {
-      "import": "./dist/testing/index.js"
+      "default": "./dist/testing/index.js"
     }
   },
   "dependencies": {

src/client/helpers/get-access-token.ts

@@ -1,4 +1,4 @@
-import { AccessTokenError } from "../../errors";
+import { AccessTokenError } from "../../errors/index.js";
 
 export async function getAccessToken() {
   const tokenRes = await fetch(

src/client/hooks/use-user.ts

@@ -2,7 +2,7 @@
 
 import useSWR from "swr";
 
-import type { User } from "../../types";
+import type { User } from "../../types/index.js";
 
 export function useUser() {
   const { data, error, isLoading } = useSWR<User, Error, string>(

src/client/index.ts

@@ -1,3 +1,3 @@
-export { useUser } from "./hooks/use-user";
-export { getAccessToken } from "./helpers/get-access-token";
-export { Auth0Provider } from "./providers/auth0-provider";
+export { useUser } from "./hooks/use-user.js";
+export { getAccessToken } from "./helpers/get-access-token.js";
+export { Auth0Provider } from "./providers/auth0-provider.js";

src/client/providers/auth0-provider.tsx

@@ -3,7 +3,7 @@
 import React from "react";
 import { SWRConfig } from "swr";
 
-import { User } from "../../types";
+import { User } from "../../types/index.js";
 
 export function Auth0Provider({
   user,

src/server/auth-client.test.ts

@@ -1,15 +1,15 @@
-import { NextRequest, NextResponse } from "next/server";
+import { NextRequest, NextResponse } from "next/server.js";
 import * as jose from "jose";
 import * as oauth from "oauth4webapi";
 import { describe, expect, it, vi } from "vitest";
 
-import { generateSecret } from "../test/utils";
-import { SessionData } from "../types";
-import { AuthClient } from "./auth-client";
-import { decrypt, encrypt } from "./cookies";
-import { StatefulSessionStore } from "./session/stateful-session-store";
-import { StatelessSessionStore } from "./session/stateless-session-store";
-import { TransactionState, TransactionStore } from "./transaction-store";
+import { generateSecret } from "../test/utils.js";
+import { SessionData } from "../types/index.js";
+import { AuthClient } from "./auth-client.js";
+import { decrypt, encrypt } from "./cookies.js";
+import { StatefulSessionStore } from "./session/stateful-session-store.js";
+import { StatelessSessionStore } from "./session/stateless-session-store.js";
+import { TransactionState, TransactionStore } from "./transaction-store.js";
 
 describe("Authentication Client", async () => {
   const DEFAULT = {

src/server/auth-client.ts

@@ -1,8 +1,8 @@
-import { NextResponse, type NextRequest } from "next/server";
+import { NextResponse, type NextRequest } from "next/server.js";
 import * as jose from "jose";
 import * as oauth from "oauth4webapi";
 
-import packageJson from "../../package.json";
+import packageJson from "../../package.json" with { type: "json" };
 import {
   AccessTokenError,
   AccessTokenErrorCode,
@@ -16,7 +16,7 @@ import {
   MissingStateError,
   OAuth2Error,
   SdkError
-} from "../errors";
+} from "../errors/index.js";
 import {
   AuthorizationParameters,
   ConnectionTokenSet,
@@ -25,16 +25,16 @@ import {
   SessionData,
   StartInteractiveLoginOptions,
   TokenSet
-} from "../types";
+} from "../types/index.js";
 import {
   ensureNoLeadingSlash,
   ensureTrailingSlash,
   removeTrailingSlash
-} from "../utils/pathUtils";
-import { toSafeRedirect } from "../utils/url-helpers";
-import { AbstractSessionStore } from "./session/abstract-session-store";
-import { TransactionState, TransactionStore } from "./transaction-store";
-import { filterClaims } from "./user";
+} from "../utils/pathUtils.js";
+import { toSafeRedirect } from "../utils/url-helpers.js";
+import { AbstractSessionStore } from "./session/abstract-session-store.js";
+import { TransactionState, TransactionStore } from "./transaction-store.js";
+import { filterClaims } from "./user.js";
 
 export type BeforeSessionSavedHook = (
   session: SessionData,

src/server/chunked-cookies.test.ts

@@ -7,7 +7,7 @@ import {
   RequestCookies,
   ResponseCookies,
   setChunkedCookie
-} from "./cookies";
+} from "./cookies.js";
 
 // Create mock implementation for RequestCookies and ResponseCookies
 const createMocks = () => {

src/server/client.ts

@@ -1,39 +1,39 @@
 import type { IncomingMessage, ServerResponse } from "node:http";
-import { cookies } from "next/headers";
-import { NextRequest, NextResponse } from "next/server";
-import { NextApiRequest, NextApiResponse } from "next/types";
+import { cookies } from "next/headers.js";
+import { NextRequest, NextResponse } from "next/server.js";
+import { NextApiRequest, NextApiResponse } from "next/types.js";
 
 import {
   AccessTokenError,
   AccessTokenErrorCode,
   AccessTokenForConnectionError,
   AccessTokenForConnectionErrorCode,
-} from "../errors";
+} from "../errors/index.js";
 import {
   AuthorizationParameters,
   AccessTokenForConnectionOptions,
   SessionData,
   SessionDataStore,
   StartInteractiveLoginOptions
-} from "../types";
+} from "../types/index.js";
 import {
   AuthClient,
   BeforeSessionSavedHook,
   OnCallbackHook,
   RoutesOptions
-} from "./auth-client";
-import { RequestCookies, ResponseCookies } from "./cookies";
+} from "./auth-client.js";
+import { RequestCookies, ResponseCookies } from "./cookies.js";
 import {
   AbstractSessionStore,
   SessionConfiguration,
   SessionCookieOptions
-} from "./session/abstract-session-store";
-import { StatefulSessionStore } from "./session/stateful-session-store";
-import { StatelessSessionStore } from "./session/stateless-session-store";
+} from "./session/abstract-session-store.js";
+import { StatefulSessionStore } from "./session/stateful-session-store.js";
+import { StatelessSessionStore } from "./session/stateless-session-store.js";
 import {
   TransactionCookieOptions,
   TransactionStore
-} from "./transaction-store";
+} from "./transaction-store.js";
 
 export interface Auth0ClientOptions {
   // authorization server configuration

src/server/cookies.test.ts

@@ -1,7 +1,7 @@
 import { describe, expect, it } from "vitest";
 
-import { generateSecret } from "../test/utils";
-import { decrypt, encrypt } from "./cookies";
+import { generateSecret } from "../test/utils.js";
+import { decrypt, encrypt } from "./cookies.js";
 
 describe("encrypt/decrypt", async () => {
   const secret = await generateSecret(32);

src/server/cookies.ts

@@ -3,7 +3,7 @@ import {
   RequestCookies,
   ResponseCookies
 } from "@edge-runtime/cookies";
-import hkdf from "@panva/hkdf";
+import { hkdf } from "@panva/hkdf";
 import * as jose from "jose";
 
 const ENC = "A256GCM";

src/server/index.ts

@@ -1,7 +1,7 @@
-export { Auth0Client } from "./client";
+export { Auth0Client } from "./client.js";
 
-export { AuthClient } from "./auth-client";
+export { AuthClient } from "./auth-client.js";
 
-export { TransactionStore } from "./transaction-store";
+export { TransactionStore } from "./transaction-store.js";
 
-export { AbstractSessionStore } from "./session/abstract-session-store";
+export { AbstractSessionStore } from "./session/abstract-session-store.js";

src/server/session/abstract-session-store.ts

@@ -1,10 +1,10 @@
-import type { SessionData, SessionDataStore } from "../../types";
+import type { SessionData, SessionDataStore } from "../../types/index.js";
 import {
   CookieOptions,
   ReadonlyRequestCookies,
   RequestCookies,
   ResponseCookies
-} from "../cookies";
+} from "../cookies.js";
 
 export interface SessionCookieOptions {
   /**

src/server/session/normalize-session.ts

@@ -1,6 +1,6 @@
 import { JWTDecryptResult } from "jose";
 
-import { SessionData } from "../../types";
+import { SessionData } from "../../types/index.js";
 
 export const LEGACY_COOKIE_NAME = "appSession";
 

src/server/session/stateful-session-store.test.ts

@@ -1,16 +1,17 @@
 import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
 
-import { generateSecret } from "../../test/utils";
-import { SessionData } from "../../types";
+import { generateSecret } from "../../test/utils.js";
+import { SessionData } from "../../types/index.js";
 import {
   decrypt,
   encrypt,
   RequestCookies,
   ResponseCookies,
   sign
-} from "../cookies";
-import { LEGACY_COOKIE_NAME, LegacySessionPayload } from "./normalize-session";
-import { StatefulSessionStore } from "./stateful-session-store";
+} from "../cookies.js";
+import { LEGACY_COOKIE_NAME, LegacySessionPayload } from "./normalize-session.js";
+import { StatefulSessionStore } from "./stateful-session-store.js";
+
 
 describe("Stateful Session Store", async () => {
   describe("get", async () => {

src/server/session/stateful-session-store.ts

@@ -1,13 +1,13 @@
-import { SessionData, SessionDataStore } from "../../types";
-import * as cookies from "../cookies";
+import { SessionData, SessionDataStore } from "../../types/index.js";
+import * as cookies from "../cookies.js";
 import {
   AbstractSessionStore,
   SessionCookieOptions
-} from "./abstract-session-store";
+} from "./abstract-session-store.js";
 import {
   LEGACY_COOKIE_NAME,
   normalizeStatefulSession
-} from "./normalize-session";
+} from "./normalize-session.js";
 
 // the value of the stateful session cookie containing a unique session ID to identify
 // the current session

src/server/session/stateless-session-store.test.ts

@@ -1,10 +1,10 @@
 import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
 
-import { generateSecret } from "../../test/utils";
-import { SessionData } from "../../types";
-import { decrypt, encrypt, RequestCookies, ResponseCookies } from "../cookies";
-import { LEGACY_COOKIE_NAME, LegacySession } from "./normalize-session";
-import { StatelessSessionStore } from "./stateless-session-store";
+import { generateSecret } from "../../test/utils.js";
+import { SessionData } from "../../types/index.js";
+import { decrypt, encrypt, RequestCookies, ResponseCookies } from "../cookies.js";
+import { LEGACY_COOKIE_NAME, LegacySession } from "./normalize-session.js";
+import { StatelessSessionStore } from "./stateless-session-store.js";
 
 describe("Stateless Session Store", async () => {
   describe("get", async () => {

src/server/session/stateless-session-store.ts

@@ -1,17 +1,17 @@
-import { CookieOptions, ConnectionTokenSet, SessionData } from "../../types";
+import { CookieOptions, ConnectionTokenSet, SessionData } from "../../types/index.js";
 
 import type { JWTPayload } from "jose";
 
-import * as cookies from "../cookies";
+import * as cookies from "../cookies.js";
 import {
   AbstractSessionStore,
   SessionCookieOptions
-} from "./abstract-session-store";
+} from "./abstract-session-store.js";
 import {
   LEGACY_COOKIE_NAME,
   LegacySessionPayload,
   normalizeStatelessSession
-} from "./normalize-session";
+} from "./normalize-session.js";
 
 interface StatelessSessionStoreOptions {
   secret: string;

src/server/transaction-store.test.ts

@@ -1,9 +1,9 @@
 import * as oauth from "oauth4webapi";
 import { describe, expect, it } from "vitest";
 
-import { generateSecret } from "../test/utils";
-import { decrypt, encrypt, RequestCookies, ResponseCookies } from "./cookies";
-import { TransactionState, TransactionStore } from "./transaction-store";
+import { generateSecret } from "../test/utils.js";
+import { decrypt, encrypt, RequestCookies, ResponseCookies } from "./cookies.js";
+import { TransactionState, TransactionStore } from "./transaction-store.js";
 
 describe("Transaction Store", async () => {
   describe("get", async () => {

src/server/transaction-store.ts

@@ -1,6 +1,6 @@
 import type * as jose from "jose";
 
-import * as cookies from "./cookies";
+import * as cookies from "./cookies.js";
 
 const TRANSACTION_COOKIE_PREFIX = "__txn_";
 

src/server/user.test.ts

@@ -1,6 +1,6 @@
 import { describe, expect, it } from "vitest";
 
-import { filterClaims } from "./user";
+import { filterClaims } from "./user.js";
 
 describe("filterClaims", async () => {
   it("should return only the allowed claims", () => {

src/server/user.ts

@@ -1,4 +1,4 @@
-import type { User } from "../types";
+import type { User } from "../types/index.js";
 
 const DEFAULT_ALLOWED_CLAIMS = [
   "sub",

src/testing/generate-session-cookie.test.ts

@@ -1,12 +1,12 @@
 import { describe, expect, it } from "vitest";
 
-import { decrypt } from "../server/cookies";
-import { generateSecret } from "../test/utils";
-import { SessionData } from "../types";
+import { decrypt } from "../server/cookies.js";
+import { generateSecret } from "../test/utils.js";
+import { SessionData } from "../types/index.js";
 import {
   generateSessionCookie,
   GenerateSessionCookieConfig
-} from "./generate-session-cookie";
+} from "./generate-session-cookie.js";
 
 describe("generateSessionCookie", async () => {
   it("should use the session data provided", async () => {

src/testing/generate-session-cookie.ts

@@ -1,5 +1,5 @@
-import { encrypt } from "../server/cookies";
-import { SessionData } from "../types";
+import { encrypt } from "../server/cookies.js";
+import { SessionData } from "../types/index.js";
 
 export type GenerateSessionCookieConfig = {
   /**

src/testing/index.ts

@@ -1,4 +1,4 @@
 export {
   GenerateSessionCookieConfig,
   generateSessionCookie
-} from "./generate-session-cookie";
+} from "./generate-session-cookie.js";