## [21.0.0] - 2024-10-07

-   Added OAuth2Provider recipe
-   Added a way to run CI on unmerged PRs
-   Added support for FDIs: 3.1 and 4.0. Required by: auth-react >=0.48.0 and web-js>=0.14.0
-   The `networkInterceptor` now also gets a new `params` prop in the request config.
-   Adds `customFramework` util functions to minimize code required in custom frameworks like remix, astro etc.
-   Replicates `fastify` types based on requirement for the SDK instead of using the original module.
-   Improved type definitions for `TypeProvider`

### Breaking change

-   Changes type of value in formField object to be `unknown` instead of `string` to add support for accepting any type of value in form fields.
-   Only supporting CDI 5.2, Compatible with Core version >= 9.3
-   Removed the `overwriteSessionDuringSignInUp` option.
-   Added a new `shouldTryLinkingWithSessionUser` to sign in/up related APIs (and the related recipe functions)
    -   This will default to false on the API
    -   This will be set to true in function calls if you pass a session, otherwise it is set to false
    -   By setting this to true you can enable MFA flows (trying to connect to the session user)
    -   If set to false, the sign-in/up will be considered a first-factor
    -   Changed APIs:
        -   `EmailPassword.signInPOST`
        -   `EmailPassword.signUpPOST`
        -   `ThirdParty.signInUpPOST`
        -   `Passwordless.createCodePOST`
        -   `Passwordless.consumeCodePOST`
        -   `Passwordless.resendCodePOST`
    -   Changed functions:
        -   `EmailPassword.signIn`
        -   `EmailPassword.signUp`
        -   `ThirdParty.signInUp`
        -   `ThirdPary.manuallyCreateOrUpdateUser`
        -   `Passwordless.createCode`
        -   `Passwordless.consumeCode`
-   We no longer try to load the session if `shouldTryLinkingWithSessionUser` is set to false.
-   Changed the return type of `getOpenIdConfiguration` and `getOpenIdDiscoveryConfigurationGET`, and added the following props:
    -   authorization_endpoint
    -   token_endpoint
    -   userinfo_endpoint
    -   revocation_endpoint
    -   token_introspection_endpoint
    -   end_session_endpoint
    -   subject_types_supported
    -   id_token_signing_alg_values_supported
    -   response_types_supported
-   Exposing the OpenId recipe separately and remove it from the Session recipe
    -   This means that we removed `override.openIdFeature` from the Session recipe configuration
-   Removed `getJWKS` from the OpenId recipe, as it is already exposed by the JWT recipe
-   We now automatically initialize the OpenId and JWT recipes even if you do not use the Session recipe
-   `getAppDirRequestHandler` for `nextjs` will no longer accept a Response object.

### Migration

#### Separating the OpenId recipe from Session recipe

If you used to use the `openIdFeature` in the Session recipe, you should now use the OpenId recipe directly instead:

Before:

```tsx
import SuperTokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";

SuperTokens.init({
    appInfo: {
        apiDomain: "...",
        appName: "...",
        websiteDomain: "...",
    },
    recipeList: [
        Session.init({
            override: {
                openIdFeature: {
                    jwtFeature: {
                        functions: originalImplementation => ({
                            ...originalImplementation,
                            getJWKS: async (input) => {
                                console.log("getJWKS called");
                                return originalImplementation.getJWKS(input);
                            },
                        })
                    },
                    functions: originalImplementation => ({
                        ...originalImplementation,
                        getOpenIdDiscoveryConfiguration: async (input) => ({
                            issuer: "your issuer",
                            jwks_uri: "https://your.api.domain/auth/jwt/jwks.json",
                            status: "OK"
                        }),
                    })
                }
            }
        });
    ],
});
```

After:

```tsx
import SuperTokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";
import OpenId from "supertokens-node/recipe/openid";
import JWT from "supertokens-node/recipe/jwt";

SuperTokens.init({
    appInfo: {
        apiDomain: "...",
        appName: "...",
        websiteDomain: "...",
    },
    recipeList: [
        Session.init(),
        JWT.init({
            override: {
                functions: originalImplementation => ({
                    ...originalImplementation,
                    getJWKS: async (input) => {
                        console.log("getJWKS called");
                        return originalImplementation.getJWKS(input);
                    },
                })
            }
        }),
        OpenId.init({
            override: {
                functions: originalImplementation => ({
                    ...originalImplementation,
                    getOpenIdDiscoveryConfiguration: async (input) => ({
                        issuer: "your issuer",
                        jwks_uri: "https://your.api.domain/auth/jwt/jwks.json",
                        status: "OK"
                    }),
                })
            }
        });
    ],
});
```

#### Using updated `getAppDirRequestHandler` for next.js

Before:

```ts
import { getAppDirRequestHandler } from "supertokens-node/nextjs";
import { NextResponse } from "next/server";

const handleCall = getAppDirRequestHandler(NextResponse);
```

After:

```ts
import { getAppDirRequestHandler } from "supertokens-node/nextjs";

const handleCall = getAppDirRequestHandler();
```