Skip to content

fix(clerk-js): Fix stale SignIn object on authenticateWithRedirect for enterprise custom flows #5124

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(clerk-js): Fix stale SignIn object on authenticateWithRedirect for enterprise custom flows #5124

wants to merge 1 commit into from

Conversation

LauraBeatris
Copy link
Member

@LauraBeatris LauraBeatris commented Feb 10, 2025
edited
Loading

Description

Resolves ORGS-540

Currently, authenticateWithRedirect always uses the existing SignIn for saml or enterprise_sso strategy, even if the identifier gets changed by the user in a custom flow, which leads to an issue where FAPI queries the wrong enterprise connection:

CleanShot.2025-02-10.at.16.20.39.mp4

Our SignInStart component always creates a new SignIn; therefore, the flow above works smoothly:

javascript/packages/clerk-js/src/ui/components/SignIn/SignInStart.tsx

Lines 299 to 312 in e182055

const res = await safePasswordSignInForEnterpriseSSOInstance(signIn.create(buildSignInParams(fields)), fields);
switch (res.status) {
case 'needs_identifier':
// Check if we need to initiate an enterprise sso flow
if (res.supportedFirstFactors?.some(ff => ff.strategy === 'saml' || ff.strategy === 'enterprise_sso')) {
await authenticateWithEnterpriseSSO();
}
break;
case 'needs_first_factor':
if (res.supportedFirstFactors?.every(ff => ff.strategy === 'enterprise_sso')) {
await authenticateWithEnterpriseSSO();
break;
}

With fix

This PR introduces a new continueSignIn option for signIn.authenticateWithRedirect, which defaults to false, therefore it'll create a new SignIn object on every call.

Within SignInStart, we pass continueSignIn as false in order to reuse the current SignIn created, in order to avoid calling signIn.create twice.

CleanShot.2025-02-10.at.16.21.32.mp4

Checklist

  • pnpm test runs as expected.
  • pnpm build runs as expected.
  • (If applicable) JSDoc comments have been added or updated for any package exports
  • (If applicable) Documentation has been updated

Type of change

  • 🐛 Bug fix
  • 🌟 New feature
  • 🔨 Breaking change
  • 📖 Refactoring / dependency upgrade / documentation
  • other:

@LauraBeatris LauraBeatris self-assigned this Feb 10, 2025
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Feb 10, 2025
edited
Loading

🦋 Changeset detected

Latest commit: 73eb240

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages
Name Type
@clerk/clerk-js Patch
@clerk/chrome-extension Patch
@clerk/clerk-expo Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@vercel Vercel
Copy link

vercel bot commented Feb 10, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
clerk-js-sandbox ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 10, 2025 9:24pm

@LauraBeatris LauraBeatris changed the title fix(clerk-js): Create fresh SignIn on authenticateWithRedirect call fix(clerk-js): Create fresh SignIn on authenticateWithRedirect call for custom flows Feb 10, 2025
@LauraBeatris LauraBeatris force-pushed the laura/fix-custom-flow-sso branch from c23830e to 076a6d5 Compare February 10, 2025 20:02
@LauraBeatris LauraBeatris force-pushed the laura/fix-custom-flow-sso branch from 076a6d5 to 6406084 Compare February 10, 2025 20:27
@LauraBeatris LauraBeatris changed the title fix(clerk-js): Create fresh SignIn on authenticateWithRedirect call for custom flows fix(clerk-js): Fix stale SignIn object on authenticateWithRedirect for custom flows Feb 10, 2025
@LauraBeatris LauraBeatris force-pushed the laura/fix-custom-flow-sso branch 4 times, most recently from d6ae989 to c6ca8d8 Compare February 10, 2025 20:42
@LauraBeatris LauraBeatris force-pushed the laura/fix-custom-flow-sso branch from c6ca8d8 to 3219cf7 Compare February 10, 2025 21:02
@LauraBeatris LauraBeatris marked this pull request as ready for review February 10, 2025 21:11
@LauraBeatris LauraBeatris requested a review from a team February 10, 2025 21:11
@LauraBeatris LauraBeatris force-pushed the laura/fix-custom-flow-sso branch from 3219cf7 to ceb00c4 Compare February 10, 2025 21:12
@LauraBeatris LauraBeatris marked this pull request as draft February 10, 2025 21:20
@LauraBeatris LauraBeatris force-pushed the laura/fix-custom-flow-sso branch from ceb00c4 to 73eb240 Compare February 10, 2025 21:22
@LauraBeatris LauraBeatris marked this pull request as ready for review February 10, 2025 21:35
@LauraBeatris LauraBeatris changed the title fix(clerk-js): Fix stale SignIn object on authenticateWithRedirect for custom flows fix(clerk-js): Fix stale SignIn object on authenticateWithRedirect for enterprise custom flows Feb 10, 2025
@LauraBeatris LauraBeatris mentioned this pull request Feb 17, 2025
Closed
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@LauraBeatris LauraBeatris

Labels
clerk-js types
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@LauraBeatris @clerk-cookie