Internal server error when setting multiple header values

[TheCallSign]

Hi,

I've been debugging an issue we've been having using nextauth routes. The api routes (/api/auth/[...nextauth]) served by the nextauth library were all responding with an HTTP error 500. I've narrowed down the issue to nextauth setting two cookies, which in turn sets the header set-cookie to contain two values in the header object returned to API Gateway (see source).

AWS API Gateway v1 requires headers with multiple values to be set in multiValueHeaders key and rejects multi value headers that are set in headers.

I would write a patch myself but I am struggling to test the changes to the respective bridge function.

Please let me know if I have missed something.

[ofhouse]

Hi, thanks for digging down on this.

Since the last 2 releases we use a custom fork of now-node-bridge to provide a better customization for API Gateway (Located here: https://github.com/dealmore/terraform-aws-next-js/blob/main/packages/node-bridge/src/bridge.ts).

But since it only passes the headers like the Vercel version the bug is present there as well (L238).

I will take a deeper look later today, we should be able to reproduce the behavior in our unit and e2e tests.

[ofhouse]

Fix is now released in v0.6.0.