fix(nextjs): Propagate treatPendingAsSignedOut to auth from clerkMiddleware (#6477)

Author: LauraBeatris

.changeset/tricky-planets-cry.md

@@ -0,0 +1,19 @@
+---
+'@clerk/nextjs': patch
+---
+
+Propagate `treatPendingAsSignedOut` to `auth` from `clerkMiddleware`
+
+```ts
+export default clerkMiddleware(async (auth, req) => {
+  // If the session has a `pending` status, `userId` will be `null` by default, treated as a signed-out state
+  const { userId } = await auth()
+})
+```
+
+```ts
+export default clerkMiddleware(async (auth, req) => {
+  // If the session has a `pending` status, `userId` will be defined, treated as a signed-in state
+  const { userId } = await auth({ treatPendingAsSignedOut: false })
+})
+```

packages/nextjs/src/server/clerkMiddleware.ts

@@ -1,11 +1,13 @@
 import type { AuthObject, ClerkClient } from '@clerk/backend';
 import type {
+  AuthenticatedState,
   AuthenticateRequestOptions,
   ClerkRequest,
   RedirectFun,
   RequestState,
   SignedInAuthObject,
   SignedOutAuthObject,
+  UnauthenticatedState,
 } from '@clerk/backend/internal';
 import {
   AuthStatus,
@@ -214,7 +216,7 @@ export const clerkMiddleware = ((...args: unknown[]): NextMiddleware | NextMiddl
       const redirectToSignUp = createMiddlewareRedirectToSignUp(clerkRequest);
       const protect = await createMiddlewareProtect(clerkRequest, authObject, redirectToSignIn);
 
-      const authHandler = createMiddlewareAuthHandler(authObject, redirectToSignIn, redirectToSignUp);
+      const authHandler = createMiddlewareAuthHandler(requestState, redirectToSignIn, redirectToSignUp);
       authHandler.protect = protect;
 
       let handlerResult: Response = NextResponse.next();
@@ -427,14 +429,18 @@ const createMiddlewareProtect = (
  * - For machine tokens: validates token type and returns appropriate auth object
  */
 const createMiddlewareAuthHandler = (
-  rawAuthObject: AuthObject,
+  requestState: AuthenticatedState<'session_token'> | UnauthenticatedState<'session_token'>,
   redirectToSignIn: RedirectFun<Response>,
   redirectToSignUp: RedirectFun<Response>,
 ): ClerkMiddlewareAuth => {
   const authHandler = async (options?: GetAuthOptions) => {
+    const rawAuthObject = requestState.toAuth({ treatPendingAsSignedOut: options?.treatPendingAsSignedOut });
     const acceptsToken = options?.acceptsToken ?? TokenType.SessionToken;
 
-    const authObject = getAuthObjectForAcceptedToken({ authObject: rawAuthObject, acceptsToken });
+    const authObject = getAuthObjectForAcceptedToken({
+      authObject: rawAuthObject,
+      acceptsToken,
+    });
 
     if (authObject.tokenType === TokenType.SessionToken && isTokenTypeAccepted(TokenType.SessionToken, acceptsToken)) {
       return Object.assign(authObject, {