Using middleware results in INVALID_CALLBACK_URL_ERROR

Environment

System: OS: macOS 12.4 CPU: (8) x64 Intel® Core™ i7-1068NG7 CPU @ 2.30GHz Memory: 348.10 MB / 32.00 GB Shell: 5.8.1 - /bin/zsh Binaries: Node: 16.13.2 - ~/.nvm/versions/node/v16.13.2/bin/node Yarn: 1.22.19 - /usr/local/bin/yarn npm: 8.1.2 - ~/.nvm/versions/node/v16.13.2/bin/npm Browsers: Chrome: 102.0.5005.61 Firefox: 101.0 Safari: 15.5 npmPackages: next: ^12.0.11-canary.4 => 12.1.6 next-auth: latest => 4.4.0 react: ^17.0.2 => 17.0.2

Reproduction URL

https://github.com/nextauthjs/next-auth-example

Describe the issue

Using next-auth middleware with the latest version of Next (currently 12.1.6) doesn’t work.

The callbackUrl of withAuth is a relative URL. However, v12.0.9 of Next added “Enforce absolute URLs in Edge Runtime PR”

Navigating to a page that is protected by middleware results in the user being redirected to http://localhost:3000/api/auth/signin?callbackUrl=%2Fadmin and an error message in the browser:

How to reproduce

Steps to reproduce:

1. Clone the next-auth-example repository
2. Add a NEXTAUTH_SECRET in .env.local
3. Start the dev server
4. Go to localhost:3000 and click Admin

Result: Server error. The server log shows https://next-auth.js.org/errors#invalid_callback_url_error Invalid callback URL. Received: /admin InvalidCallbackUrl: Invalid callback URL. Received: /admin

Expected behavior

There should be a login form and no server errors.