Sessions.authenticateJwt should return JWTNullResponse

Question

Sessions.authenticateJwt should return JWTNullResponse

Closed this issue 6 months ago · 4 comments

According to the design of JWTResponse (here) we assumed that when authentication fails for Sessions.authenticateJwt, we'd get a JWTNullResponse.

However, the implementation returns a plain null in that case, as you can see here: JWTNullResponse

This isn't really a big issue we can check for null instead of JWTNullResponse, but it creates confusion around the API contract and we propose that we either:

A) address the implementation by making authenticateJwt return StytchResult<JWTResponse> instead of the nullable StytchResult<JWTResponse?> and the line above corrected to

else -> StytchResult.Success(JWTNullResponse)

or

B) remove JWTNullResponse so that consumer never expects that in the result.

Answer 1 · 2024-03-04T14:57:05.000Z

Yep, this looks like a regression. It should be option A, returning a JWTNullResponse. If you want to make a PR, I can get that merged in, otherwise I'll pick it up in this coming cycle. Thanks for catching this!

Answer 2 · 2024-03-04T15:26:50.000Z

Great, thanks, PR here: #23

Answer 3 · 2024-03-04T19:23:17.000Z

Fixed in #23
This will go out with the 2.3.0 release which is expected to land in the next hour or two (related PR).

Answer 4 · 2024-03-04T19:23:34.000Z

Thanks for your contribution, @cosmin-marginean!