Add redirect guards for root sign-in / sign-up AIOs

This makes it so that it's not possible to access `/sign-in` or `/sign-up` within AIOs if you have a current task. It navigates to the task with the base URL according to the sign-in or sign-up context.

Author: LauraBeatris

packages/clerk-js/src/core/clerk.ts

@@ -1257,8 +1257,6 @@ export class Clerk implements ClerkInterface {
         }
       }
 
-      debugger;
-
       if (newSession?.status === 'pending') {
         await this.#handlePendingSession(newSession, onPendingSession);
         return;
@@ -1331,8 +1329,6 @@ export class Clerk implements ClerkInterface {
   };
 
   #handlePendingSession = async (session: PendingSessionResource, onPendingSession?: OnPendingSessionFn) => {
-    debugger;
-
     if (!this.environment) {
       return;
     }
@@ -1355,12 +1351,12 @@ export class Clerk implements ClerkInterface {
 
     if (currentSession.status === 'pending') {
       const tracker = createBeforeUnloadTracker(this.#options.standardBrowser);
+
       const onPendingSessionHook = this.#options['onPendingSession'] ?? onPendingSession;
       const taskUrls = this.#options['taskUrls'];
 
       await tracker.track(async () => {
         if (onPendingSessionHook) {
-          debugger;
           await onPendingSessionHook({ session: currentSession });
         } else if (taskUrls) {
           await this.navigate(taskUrls[session.currentTask.key]);

packages/clerk-js/src/core/sessionTasks.ts

@@ -12,20 +12,21 @@ interface NavigateToTaskOptions {
   options?: ClerkOptions;
 }
 
+export function buildTaskURL(task: SessionTask, opts: Pick<Parameters<typeof buildURL>[0], 'base'>) {
+  return buildURL(
+    {
+      base: opts.base,
+      hashPath: `/tasks/${INTERNAL_SESSION_TASK_ROUTE_BY_KEY[task.key]}`,
+    },
+    { stringify: true },
+  );
+}
+
 /**
  * @internal
  */
 export function navigateToTask(session: PendingSessionResource, { options, navigate, baseUrl }: NavigateToTaskOptions) {
   const currentTaskKey = session.currentTask.key;
 
-  return navigate(
-    options?.taskUrls?.[currentTaskKey] ??
-      buildURL(
-        {
-          base: baseUrl,
-          hashPath: `/tasks/${INTERNAL_SESSION_TASK_ROUTE_BY_KEY[currentTaskKey]}`,
-        },
-        { stringify: true },
-      ),
-  );
+  return navigate(options?.taskUrls?.[currentTaskKey] ?? buildTaskURL(session.currentTask, { base: baseUrl }));
 }

packages/clerk-js/src/ui/common/withRedirect.tsx

@@ -89,3 +89,57 @@ export const withRedirectToAfterSignUp = <P extends AvailableComponentProps>(Com
 
   return HOC;
 };
+
+export const withRedirectToSignInTask = <P extends AvailableComponentProps>(Component: ComponentType<P>) => {
+  const displayName = Component.displayName || Component.name || 'Component';
+  Component.displayName = displayName;
+
+  const HOC = (props: P) => {
+    const signInCtx = useSignInContext();
+
+    return withRedirect(
+      Component,
+      clerk => !!clerk.session?.currentTask,
+      ({ clerk }) => {
+        const currentTask = clerk.session?.currentTask;
+        if (!currentTask || !signInCtx?.taskUrl) {
+          return '';
+        }
+
+        return signInCtx?.taskUrl;
+      },
+      undefined,
+    )(props);
+  };
+
+  HOC.displayName = `withRedirectToAfterSignIn(${displayName})`;
+
+  return HOC;
+};
+
+export const withRedirectToSignUpTask = <P extends AvailableComponentProps>(Component: ComponentType<P>) => {
+  const displayName = Component.displayName || Component.name || 'Component';
+  Component.displayName = displayName;
+
+  const HOC = (props: P) => {
+    const signUpCtx = useSignUpContext();
+
+    return withRedirect(
+      Component,
+      clerk => !!clerk.session?.currentTask,
+      ({ clerk }) => {
+        const currentTask = clerk.session?.currentTask;
+        if (!currentTask || !signUpCtx?.taskUrl) {
+          return '';
+        }
+
+        return signUpCtx?.taskUrl;
+      },
+      undefined,
+    )(props);
+  };
+
+  HOC.displayName = `withRedirectToAfterSignIn(${displayName})`;
+
+  return HOC;
+};

packages/clerk-js/src/ui/components/SessionTasks/index.tsx

@@ -24,7 +24,10 @@ const SessionTasksStart = () => {
   useEffect(() => {
     // Simulates additional latency to avoid a abrupt UI transition when navigating to the next task
     const timeoutId = setTimeout(() => {
-      // TODO - call setActive?
+      const currentTaskKey = clerk.session?.currentTask?.key;
+      if (!currentTaskKey) return;
+
+      void navigate(`./${INTERNAL_SESSION_TASK_ROUTE_BY_KEY[currentTaskKey]}`);
     }, 500);
     return () => clearTimeout(timeoutId);
   }, [navigate, clerk, redirectUrlComplete]);

packages/clerk-js/src/ui/components/SignIn/SignInAccountSwitcher.tsx

@@ -5,7 +5,7 @@ import { Header } from '@/ui/elements/Header';
 import { PreviewButton } from '@/ui/elements/PreviewButton';
 import { UserPreview } from '@/ui/elements/UserPreview';
 
-import { withRedirectToAfterSignIn } from '../../common';
+import { withRedirectToAfterSignIn, withRedirectToSignInTask } from '../../common';
 import { useEnvironment, useSignInContext, useSignOutContext } from '../../contexts';
 import { Col, descriptors, Flow, localizationKeys } from '../../customizables';
 import { Add, SwitchArrowRight } from '../../icons';
@@ -125,4 +125,6 @@ const SignInAccountSwitcherInternal = () => {
     </Flow.Part>
   );
 };
-export const SignInAccountSwitcher = withRedirectToAfterSignIn(withCardStateProvider(SignInAccountSwitcherInternal));
+export const SignInAccountSwitcher = withRedirectToSignInTask(
+  withRedirectToAfterSignIn(withCardStateProvider(SignInAccountSwitcherInternal)),
+);

packages/clerk-js/src/ui/components/SignIn/SignInFactorOne.tsx

@@ -6,7 +6,7 @@ import { useCardState, withCardStateProvider } from '@/ui/elements/contexts';
 import { ErrorCard } from '@/ui/elements/ErrorCard';
 import { LoadingCard } from '@/ui/elements/LoadingCard';
 
-import { withRedirectToAfterSignIn } from '../../common';
+import { withRedirectToAfterSignIn, withRedirectToSignInTask } from '../../common';
 import { useCoreSignIn, useEnvironment } from '../../contexts';
 import { useAlternativeStrategies } from '../../hooks/useAlternativeStrategies';
 import { localizationKeys } from '../../localization';
@@ -251,4 +251,6 @@ function SignInFactorOneInternal(): JSX.Element {
   }
 }
 
-export const SignInFactorOne = withRedirectToAfterSignIn(withCardStateProvider(SignInFactorOneInternal));
+export const SignInFactorOne = withRedirectToSignInTask(
+  withRedirectToAfterSignIn(withCardStateProvider(SignInFactorOneInternal)),
+);

packages/clerk-js/src/ui/components/SignIn/SignInFactorTwo.tsx

@@ -4,7 +4,7 @@ import React from 'react';
 import { withCardStateProvider } from '@/ui/elements/contexts';
 import { LoadingCard } from '@/ui/elements/LoadingCard';
 
-import { withRedirectToAfterSignIn } from '../../common';
+import { withRedirectToAfterSignIn, withRedirectToSignInTask } from '../../common';
 import { useCoreSignIn } from '../../contexts';
 import { SignInFactorTwoAlternativeMethods } from './SignInFactorTwoAlternativeMethods';
 import { SignInFactorTwoBackupCodeCard } from './SignInFactorTwoBackupCodeCard';
@@ -82,4 +82,6 @@ function SignInFactorTwoInternal(): JSX.Element {
   }
 }
 
-export const SignInFactorTwo = withRedirectToAfterSignIn(withCardStateProvider(SignInFactorTwoInternal));
+export const SignInFactorTwo = withRedirectToSignInTask(
+  withRedirectToAfterSignIn(withCardStateProvider(SignInFactorTwoInternal)),
+);

packages/clerk-js/src/ui/components/SignIn/SignInSSOCallback.tsx

@@ -1,3 +1,3 @@
-import { SSOCallback, withRedirectToAfterSignIn } from '../../common';
+import { SSOCallback, withRedirectToAfterSignIn, withRedirectToSignInTask } from '../../common';
 
-export const SignInSSOCallback = withRedirectToAfterSignIn(SSOCallback);
+export const SignInSSOCallback = withRedirectToSignInTask(withRedirectToAfterSignIn(SSOCallback));

packages/clerk-js/src/ui/components/SignIn/SignInStart.tsx

@@ -30,6 +30,7 @@ import {
   getIdentifierControlDisplayValues,
   groupIdentifiers,
   withRedirectToAfterSignIn,
+  withRedirectToSignInTask,
 } from '../../common';
 import { useCoreSignIn, useEnvironment, useSignInContext } from '../../contexts';
 import { Col, descriptors, Flow, localizationKeys } from '../../customizables';
@@ -678,4 +679,6 @@ const InstantPasswordRow = ({ field }: { field?: FormControlState<'password'> })
   );
 };
 
-export const SignInStart = withRedirectToAfterSignIn(withCardStateProvider(SignInStartInternal));
+export const SignInStart = withRedirectToSignInTask(
+  withRedirectToAfterSignIn(withCardStateProvider(SignInStartInternal)),
+);

packages/clerk-js/src/ui/components/SignUp/SignUpSSOCallback.tsx

@@ -1,3 +1,8 @@
-import { SSOCallback, withRedirectToAfterSignUp } from '../../common';
+import {
+  SSOCallback,
+  withRedirectToAfterSignUp,
+  withRedirectToSignUpTask,
+  withRedirectToSignUpTask,
+} from '../../common';
 
-export const SignUpSSOCallback = withRedirectToAfterSignUp(SSOCallback);
+export const SignUpSSOCallback = withRedirectToSignUpTask(withRedirectToAfterSignUp(SSOCallback));