From 4967c728032bd354207be4764e5fd611764adf06 Mon Sep 17 00:00:00 2001
From: Mario Esho <mario.esho@outlook.com>
Date: Fri, 19 Dec 2025 10:12:32 -0500
Subject: [PATCH] fix: replace instanceof checks with duck-typing for
 NextRequestHint compatibility

---
 src/server/client.ts | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/src/server/client.ts b/src/server/client.ts
index 82db7620..c385e5eb 100644
--- a/src/server/client.ts
+++ b/src/server/client.ts
@@ -933,8 +933,14 @@ export class Auth0Client {
         throw new Error("The session data is missing.");
       }
 
-      if (req instanceof NextRequest && res instanceof NextResponse) {
-        // middleware usage
+      // Check if req/res have the right structure for middleware usage
+      // (supports both NextRequest and NextRequestHint from server actions)
+      const isMiddlewareRequest = req.cookies && res.cookies &&
+          typeof req.cookies.get === 'function' &&
+          typeof res.cookies.set === 'function';
+
+      if (isMiddlewareRequest) {
+        // middleware usage (NextRequest or NextRequestHint)
         const existingSession = await this.getSession(req);
 
         if (!existingSession) {
@@ -1139,8 +1145,14 @@ export class Auth0Client {
     res?: PagesRouterResponse | NextResponse
   ) {
     if (req && res) {
-      if (req instanceof NextRequest && res instanceof NextResponse) {
-        // middleware usage
+      // Check if req/res have the right structure for middleware usage
+      // (supports both NextRequest and NextRequestHint from server actions)
+      const isMiddlewareRequest = req.cookies && res.cookies &&
+          typeof req.cookies.get === 'function' &&
+          typeof res.cookies.set === 'function';
+
+      if (isMiddlewareRequest) {
+        // middleware usage (NextRequest or NextRequestHint)
         await this.sessionStore.set(req.cookies, res.cookies, data);
       } else {
         // pages router usage