Allow default rack session to be set in JWT mode

lib/rodauth/features/omniauth_base.rb

@@ -171,7 +171,8 @@ def set_omniauth_jwt_session
       yield
     ensure
       session.transform_keys!(&:to_sym) unless scope.opts[:sessions_convert_symbols]
-      request.env["rack.session"] = rack_session
+      request.env.delete("rack.session")
+      request.env["rack.session"] = rack_session if rack_session
     end
 
     # Makes the Rodauth instance accessible inside OmniAuth strategies

test/omniauth_base_test.rb

@@ -344,16 +344,9 @@
   end
 
   it "returns authorize URL when using JSON" do
-    redirect_strategy = Class.new do
-      include OmniAuth::Strategy
-      def request_phase
-        redirect "/external/auth"
-      end
-    end
-
     rodauth do
       enable :omniauth_base, :json
-      omniauth_provider redirect_strategy, name: "developer"
+      omniauth_provider RedirectStrategy, name: "developer"
       check_csrf? false
     end
     roda(json: true) do |r|
@@ -367,16 +360,9 @@ def request_phase
   end
 
   it "returns error type when using JSON" do
-    redirect_strategy = Class.new do
-      include OmniAuth::Strategy
-      def request_phase
-        redirect "/external/auth"
-      end
-    end
-
     rodauth do
       enable :omniauth_base, :json
-      omniauth_provider redirect_strategy, name: "developer"
+      omniauth_provider RedirectStrategy, name: "developer"
       omniauth_before_callback_phase do
         omniauth_strategy.fail!(:some_error, KeyError.new("foo"))
       end
@@ -395,17 +381,10 @@ def request_phase
 
   [:plugin, :rack].each do |sessions|
     it "stores OmniAuth data in JWT token when using #{sessions} sessions" do
-      redirect_strategy = Class.new do
-        include OmniAuth::Strategy
-        def request_phase
-          redirect "/external/auth"
-        end
-      end
-
       rodauth do
         enable :omniauth_base, :jwt
         jwt_secret "secret"
-        omniauth_provider redirect_strategy, name: "developer"
+        omniauth_provider RedirectStrategy, name: "developer"
         check_csrf? false
       end
       roda(json: true, sessions: sessions) do |r|
@@ -446,6 +425,32 @@ def request_phase
     assert_equal '{"foo":"bar"}', page.html
   end
 
+  it "allow default rack session in JWT mode" do
+    rodauth do
+      enable :omniauth_base, :jwt, :login
+      jwt_secret "secret"
+      omniauth_provider RedirectStrategy, name: "developer"
+    end
+    roda(json: true, sessions: false) do |r|
+      r.rodauth
+      r.post "auth/developer/callback" do
+        Rack::Request.new(env).session.inspect
+      end
+    end
+
+    page.driver.get "/auth/developer", {}, { "CONTENT_TYPE" => "application/json", "HTTP_ACCEPT" => "application/json" }
+
+    jwt_token = page.response_headers["Authorization"]
+
+    page.driver.post "/auth/developer/callback", {}, {
+      "CONTENT_TYPE" => "application/json",
+      "HTTP_ACCEPT" => "application/json",
+      "HTTP_AUTHORIZATION" => jwt_token,
+    }
+
+    assert_equal "{}", page.html
+  end
+
   it "inherits omniauth providers on subclassing" do
     rodauth do
       enable :omniauth_base

test/test_helper.rb

@@ -101,3 +101,11 @@ def logout
     Capybara.reset_sessions!
   end
 end
+
+class RedirectStrategy
+  include OmniAuth::Strategy
+
+  def request_phase
+    redirect "/external/auth"
+  end
+end