feat(nextjs,react): Add HandleSSOCallback component #7678
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| --- | ||
| '@clerk/nextjs': minor | ||
| '@clerk/react': minor | ||
| --- | ||
|
|
||
| Add `HandleSSOCallback` component which handles the SSO callback during custom flows, including support for sign-in-or-up. |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,177 @@ | ||
| import type { SetActiveNavigate } from '@clerk/shared/types'; | ||
| import { useEffect, useRef, type ReactNode } from 'react'; | ||
| import { useClerk, useSignIn, useSignUp } from '../hooks'; | ||
|
|
||
| export interface HandleSSOCallbackProps { | ||
| /** | ||
| * Called when the SSO callback is complete and a session has been created. | ||
| */ | ||
| navigateToApp: (...params: Parameters<SetActiveNavigate>) => void; | ||
| /** | ||
| * Called when a sign-in requires additional verification, or a sign-up is transfered to a sign-in that requires | ||
| * additional verification. | ||
| */ | ||
| navigateToSignIn: () => void; | ||
| /** | ||
| * Called when a sign-in is transfered to a sign-up that requires additional verification. | ||
| */ | ||
| navigateToSignUp: () => void; | ||
| /** | ||
| * Can be provided to render a custom component while the SSO callback is being processed. This component should, at | ||
| * a minimum, render a `<div id='clerk-captcha'></div>` element to handle captchas. | ||
| */ | ||
| render?: () => ReactNode; | ||
| } | ||
|
|
||
| /** | ||
| * Use this component when building custom UI to handle the SSO callback and navigate to the appropriate page based on | ||
| * the status of the sign-in or sign-up. By default, this component might render a captcha element to handle captchas | ||
| * when required by the Clerk API. | ||
| * | ||
| * @example | ||
| * ```tsx | ||
| * import { HandleSSOCallback } from '@clerk/react'; | ||
| * import { useNavigate } from 'react-router'; | ||
| * | ||
| * export default function Page() { | ||
| * const navigate = useNavigate(); | ||
| * | ||
| * return ( | ||
| * <HandleSSOCallback | ||
| * navigateToApp={({ session, decorateUrl }) => { | ||
| * if (session?.currentTask) { | ||
| * const destination = decorateUrl(`/onboarding/${session?.currentTask.key}`); | ||
| * if (destination.startsWith('http')) { | ||
| * window.location.href = destination; | ||
| * return; | ||
| * } | ||
| * navigate(destination); | ||
| * return; | ||
| * } | ||
| * | ||
| * const destination = decorateUrl('/dashboard'); | ||
| * if (destination.startsWith('http')) { | ||
| * window.location.href = destination; | ||
| * return; | ||
| * } | ||
| * navigate(destination); | ||
| * }} | ||
| * navigateToSignIn={() => { | ||
| * navigate('/sign-in'); | ||
| * }} | ||
| * navigateToSignUp={() => { | ||
| * navigate('/sign-up'); | ||
| * }} | ||
| * /> | ||
| * ); | ||
| * } | ||
| * ``` | ||
| */ | ||
| export function HandleSSOCallback(props: HandleSSOCallbackProps): ReactNode { | ||
| const { navigateToApp, navigateToSignIn, navigateToSignUp, render } = props; | ||
| const clerk = useClerk(); | ||
| const { signIn } = useSignIn(); | ||
| const { signUp } = useSignUp(); | ||
| const hasRun = useRef(false); | ||
|
|
||
| useEffect(() => { | ||
| (async () => { | ||
| if (!clerk.loaded || hasRun.current) { | ||
| return; | ||
| } | ||
| // Prevent re-running this effect if the page is re-rendered during session activation (such as on Next.js). | ||
| hasRun.current = true; | ||
|
|
||
| // If this was a sign-in, and it's complete, there's nothing else to do. | ||
| // Note: We perform a cast | ||
| if ((signIn.status as string) === 'complete') { | ||
| await signIn.finalize({ | ||
| navigate: async (...params) => { | ||
| navigateToApp(...params); | ||
| }, | ||
| }); | ||
| return; | ||
| } | ||
|
|
||
| // If the sign-up used an existing account, transfer it to a sign-in. | ||
| if (signUp.isTransferable) { | ||
| await signIn.create({ transfer: true }); | ||
| if (signIn.status === 'complete') { | ||
| await signIn.finalize({ | ||
| navigate: async (...params) => { | ||
| navigateToApp(...params); | ||
| }, | ||
| }); | ||
| return; | ||
| } | ||
| // The sign-in requires additional verification, so we need to navigate to the sign-in page. | ||
| return navigateToSignIn(); | ||
| } | ||
|
|
||
| if ( | ||
|
Member
There was a problem hiding this comment. Just double checking - this navigates away unless ALL factors are
Member
Author
There was a problem hiding this comment. This is directly copy and pasted from our existing |
||
| signIn.status === 'needs_first_factor' && | ||
| !signIn.supportedFirstFactors?.every(f => f.strategy === 'enterprise_sso') | ||
| ) { | ||
| // The sign-in requires the use of a configured first factor, so navigate to the sign-in page. | ||
| return navigateToSignIn(); | ||
| } | ||
|
|
||
| // If the sign-in used an external account not associated with an existing user, create a sign-up. | ||
| if (signIn.isTransferable) { | ||
| await signUp.create({ transfer: true }); | ||
| if (signUp.status === 'complete') { | ||
| await signUp.finalize({ | ||
| navigate: async (...params) => { | ||
| navigateToApp(...params); | ||
| }, | ||
| }); | ||
| return; | ||
| } | ||
| return navigateToSignUp(); | ||
| } | ||
|
|
||
| if (signUp.status === 'complete') { | ||
| await signUp.finalize({ | ||
| navigate: async (...params) => { | ||
| navigateToApp(...params); | ||
| }, | ||
| }); | ||
| return; | ||
| } | ||
|
|
||
| if (signIn.status === 'needs_second_factor' || signIn.status === 'needs_new_password') { | ||
| // The sign-in requires a MFA token or a new password, so navigate to the sign-in page. | ||
| return navigateToSignIn(); | ||
| } | ||
|
|
||
| // The external account used to sign-in or sign-up was already associated with an existing user and active | ||
| // session on this client, so activate the session and navigate to the application. | ||
| if (signIn.existingSession || signUp.existingSession) { | ||
| const sessionId = signIn.existingSession?.sessionId || signUp.existingSession?.sessionId; | ||
| if (sessionId) { | ||
| // Because we're activating a session that's not the result of a sign-in or sign-up, we need to use the | ||
| // Clerk `setActive` API instead of the `finalize` API. | ||
| await clerk.setActive({ | ||
| session: sessionId, | ||
| navigate: async (...params) => { | ||
| return navigateToApp(...params); | ||
| }, | ||
| }); | ||
| return; | ||
| } | ||
| } | ||
| })(); | ||
| }, [clerk, signIn, signUp]); | ||
|
Member
There was a problem hiding this comment. Navigate callbacks missing from deps array - intentional?
Member
Author
There was a problem hiding this comment. Yes they're omitted since we're trying to avoid re-running this effect. We want to run this effect once once Clerk is loaded. |
||
|
|
||
| if (render) { | ||
| return render(); | ||
| } | ||
|
|
||
| return ( | ||
| <div> | ||
| {/* Because a sign-in transferred to a sign-up might require captcha verification, make sure to render the | ||
| captcha element. */} | ||
|
Comment on lines
+174
to
+175
Member
There was a problem hiding this comment. should we allow children for them to render a spinner here possibly?
Member
Author
There was a problem hiding this comment. I went with the
Member
There was a problem hiding this comment. to date we've used children, so I might lean towards children for now. We've yet to introduce a render prop but possibly in the future.
Member
Author
There was a problem hiding this comment. stepping back do we even need either? This renders a div and the captcha (possibly). wouldn't folks probably write code that looks like this? In this situation I don't think they'd want to put their Spinner as a child of |
||
| <div id='clerk-captcha'></div> | ||
| </div> | ||
| ); | ||
|
Comment on lines
71
to
178
Contributor
There was a problem hiding this comment. 🧩 Analysis chain🏁 Script executed: #!/bin/bash
# Find tests that cover HandleSSOCallback
rg -n "HandleSSOCallback" --type ts --type tsx --type js --type jsx -g "*test*" -g "*spec*"Repository: clerk/javascript Length of output: 87 🏁 Script executed: #!/bin/bash
# Find tests that cover HandleSSOCallback
rg -n "HandleSSOCallback" | grep -E "(test|spec)\.(ts|tsx|js|jsx)"Repository: clerk/javascript Length of output: 42 🏁 Script executed: #!/bin/bash
# Search for HandleSSOCallback references in the codebase
rg "HandleSSOCallback" --max-count 20Repository: clerk/javascript Length of output: 636 🏁 Script executed: #!/bin/bash
# Find test files in packages/react
find packages/react -type f \( -name "*.test.*" -o -name "*.spec.*" \) | head -20Repository: clerk/javascript Length of output: 1322 🏁 Script executed: #!/bin/bash
# Check for HandleSSOCallback test file
find packages/react -name "*HandleSSOCallback*test*" -o -name "*HandleSSOCallback*spec*"Repository: clerk/javascript Length of output: 42 🏁 Script executed: #!/bin/bash
# Search for HandleSSOCallback in all test files
find packages/react -path "*__tests__*" -type f \( -name "*.test.*" -o -name "*.spec.*" \) -exec grep -l "HandleSSOCallback" {} \;Repository: clerk/javascript Length of output: 42 🏁 Script executed: #!/bin/bash
# Check if HandleSSOCallback.tsx was modified in this PR
git diff --name-only | grep -i handlessocallbackRepository: clerk/javascript Length of output: 42 🏁 Script executed: #!/bin/bash
# Check the overall git status and what files were modified
git diff --name-only | head -20Repository: clerk/javascript Length of output: 42 🏁 Script executed: #!/bin/bash
# Check recent git history for HandleSSOCallback
git log --oneline --all -n 50 | head -20Repository: clerk/javascript Length of output: 1527 🏁 Script executed: #!/bin/bash
# Check if there are any references to HandleSSOCallback in existing test files
rg "HandleSSOCallback" packages/react/src/components/__tests__/Repository: clerk/javascript Length of output: 42 🏁 Script executed: #!/bin/bash
# Check the HandleSSOCallback.tsx file to understand its context
head -20 packages/react/src/components/HandleSSOCallback.tsxRepository: clerk/javascript Length of output: 899 🏁 Script executed: #!/bin/bash
# Check the git history for HandleSSOCallback specifically
git log --all --oneline -- packages/react/src/components/HandleSSOCallback.tsx | head -10Repository: clerk/javascript Length of output: 93 🏁 Script executed: #!/bin/bash
# Check what changed in the recent commit for HandleSSOCallback
git show 9cf07019 --stat | grep -A 10 HandleSSOCallbackRepository: clerk/javascript Length of output: 741 🏁 Script executed: #!/bin/bash
# Check if tests were added for HandleSSOCallback in the same commit
git show 9cf07019 | grep -A 5 -B 5 "HandleSSOCallback.*test"Repository: clerk/javascript Length of output: 42 🏁 Script executed: #!/bin/bash
# List all files added in commit 9cf07019
git show 9cf07019 --name-only | grep -E "(test|spec)"Repository: clerk/javascript Length of output: 35882 🏁 Script executed: #!/bin/bash
# Specifically search for HandleSSOCallback in packages/react test directory
rg "HandleSSOCallback" packages/react/src/components/__tests__/Repository: clerk/javascript Length of output: 42 Add tests for HandleSSOCallback component. No test coverage found for this component. Add tests covering the sign-in/sign-up transfer branches and completion paths as required by coding guidelines. 🤖 Prompt for AI Agents
Member
There was a problem hiding this comment. CodeRabbit flagged this too - no test coverage for this component
Member
There was a problem hiding this comment. Is this something e2e tests are better suited for?
Member
Author
There was a problem hiding this comment. given the number of permutations I actually think a unit test with mocks might be better. I'll add that! |
||
| } | ||
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// Note: We perform a cast- comment is cut off (i think?), should it explain why?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
whoops 😬