I was just looking into the same today. It's a two-step process:

1. Generate the decryption key with an HKDF implementation, mimicking NextAuth by using: sha256, your secret, empty salt, and info string set to "NextAuth.js Generated Encryption Key"
2. Feed the generated key and raw jwe to a jwe library. The jwe library should be able to figure out what to do, so long as you provide the key.

Here's a go proof of concept

I'd be curious to hear from the maintainers if they're cool with folks depending on that info string :-)