Store the organization id in credentials #5002
Conversation
dosubot
bot
added
the
size:L
hannesrudolph
added
the
Issue/PR - Triage
| @@ -454,6 +481,12 @@ export class AuthService extends EventEmitter<AuthServiceEvents> { | |||
| const formData = new URLSearchParams() | |||
| formData.append("_is_native", "1") | |||
|
|
|||
| // Only add organization_id if not null (personal accounts) | |||
| const organizationId = this.getStoredOrganizationId() | |||
There was a problem hiding this comment.
If I am reading https://clerk.com/docs/reference/frontend-api/tag/Sessions#operation/createSessionToken!path=organization_id&t=request correctly (I have not poked around and actually tested this) there are actually 3 cases to consider:
- Have an org id:
organization_id=THE_ORG_ID. - Have a personal account:
organization_id=. - Don't know if you have an org id (old style credentials): don't send an
organization_idparam at all.
|
|
||
| if (storedOrgId !== null) { | ||
| // User is in organization context - fetch user's memberships and filter | ||
| const orgMemberships = await this.clerkGetOrganizationMemberships() |
There was a problem hiding this comment.
We could more simply just fetch https://clerk.com/docs/reference/frontend-api/tag/Organization#operation/getOrganization but I assume we plan to have a feature that would benefit from the role "soon enough" that it's worth continuing to fetch the memberships.
| @@ -505,23 +538,37 @@ export class AuthService extends EventEmitter<AuthServiceEvents> { | |||
|
|
|||
| userInfo.picture = userData.image_url | |||
|
|
|||
| // Fetch organization memberships separately | |||
| // Fetch organization info separately - but only populate if user is in organization context | |||
There was a problem hiding this comment.
I think this is: Fetch organization info if user is in organization context? (That is: we don't fetch if we're not in org context, which is great).
| userInfo.organizationName = organization.name | ||
| userInfo.organizationRole = primaryOrgMembership.role | ||
| userInfo.organizationImageUrl = organization.image_url | ||
| const storedOrgId = this.getStoredOrganizationId() |
There was a problem hiding this comment.
Similar comment to the fetch, but for different reasons: 3 cases again:
- Already have an org id; makes sense to refresh org info.
- Definitely a personal account: obviously don't fetch anything more.
- Old credential / don't know yet: need to fetch organization info.
(Actually, there is another option here: we could parse the session JWT and look at the o claim and get the org id that way without another call. https://clerk.com/docs/backend-requests/resources/session-tokens#default-claims But that would mean adding all that code. (Maybe worth thinking about in the medium-long term as an alternative to fetching org memberships: I believe most of what we're likely to be interested is in there.)
Important
Add handling and storage of organization IDs in authentication process in
AuthServiceandCloudService.organizationIdtoauthCredentialsSchemainAuthService.ts.handleCallback()to acceptorganizationIdand store it in credentials.getStoredOrganizationId()to retrieve stored organization ID.clerkCreateSessionToken()to includeorganization_idif present.fetchUserInfo()to log organization context if applicable.handleAuthCallback()to passorganizationIdtoAuthService.hasStoredOrganizationId()andgetStoredOrganizationId()to interface withAuthService.AuthService.spec.tsto test handling oforganizationIdin credentials.CloudService.test.tsto test new methods for organization ID handling.handleUri.tsto parse and passorganizationIdin auth callback.MdmService.tsto check organization compliance using stored organization ID.This description was created by
for 9eba5b4. You can customize this summary. It will automatically update as commits are pushed.