From 098f91721ba0a82f868547f92c3a3eda6056bf19 Mon Sep 17 00:00:00 2001
From: Dylan Staley <88163+dstaley@users.noreply.github.com>
Date: Tue, 8 Apr 2025 12:47:18 -0700
Subject: [PATCH 1/4] fix(clerk-js): Don't use ctx SSO url if routing is
 virtual

---
 .changeset/hot-cats-smell.md                 | 5 +++++
 packages/clerk-js/src/ui/common/redirects.ts | 4 ++--
 2 files changed, 7 insertions(+), 2 deletions(-)
 create mode 100644 .changeset/hot-cats-smell.md

diff --git a/.changeset/hot-cats-smell.md b/.changeset/hot-cats-smell.md
new file mode 100644
index 00000000000..ec9cbcbfa97
--- /dev/null
+++ b/.changeset/hot-cats-smell.md
@@ -0,0 +1,5 @@
+---
+'@clerk/clerk-js': patch
+---
+
+Fix issue where the SSO callback URL was incorrectly generated when using the transfer flow within a modal.
diff --git a/packages/clerk-js/src/ui/common/redirects.ts b/packages/clerk-js/src/ui/common/redirects.ts
index cf01cce2bb7..6140761e21d 100644
--- a/packages/clerk-js/src/ui/common/redirects.ts
+++ b/packages/clerk-js/src/ui/common/redirects.ts
@@ -54,12 +54,12 @@ export function buildSSOCallbackURL(
   ctx: Partial<SignInContextType | SignUpContextType>,
   baseUrl: string | undefined = '',
 ): string {
+  const { routing, authQueryString, path } = ctx;
   // If the context contains an SSO callback URL, use it instead of building a new one, as it likely contains the
   // combined flow path.
-  if ('ssoCallbackUrl' in ctx && ctx.ssoCallbackUrl) {
+  if ('ssoCallbackUrl' in ctx && ctx.ssoCallbackUrl && routing !== 'virtual') {
     return ctx.ssoCallbackUrl;
   }
-  const { routing, authQueryString, path } = ctx;
   return buildRedirectUrl({
     routing,
     baseUrl,

From 50a033429b02bf8ad224d6a4130ae49a306288b9 Mon Sep 17 00:00:00 2001
From: Dylan Staley <88163+dstaley@users.noreply.github.com>
Date: Tue, 8 Apr 2025 13:52:27 -0700
Subject: [PATCH 2/4] docs(clerk-js): Clarify why we check routing

---
 packages/clerk-js/src/ui/common/redirects.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/packages/clerk-js/src/ui/common/redirects.ts b/packages/clerk-js/src/ui/common/redirects.ts
index 6140761e21d..79fb531abca 100644
--- a/packages/clerk-js/src/ui/common/redirects.ts
+++ b/packages/clerk-js/src/ui/common/redirects.ts
@@ -56,7 +56,8 @@ export function buildSSOCallbackURL(
 ): string {
   const { routing, authQueryString, path } = ctx;
   // If the context contains an SSO callback URL, use it instead of building a new one, as it likely contains the
-  // combined flow path.
+  // combined flow path. However, if the routing is virtual, the callback URL from context will not have factored in
+  // baseUrl, so we fallback to buildRedirectUrl instead.
   if ('ssoCallbackUrl' in ctx && ctx.ssoCallbackUrl && routing !== 'virtual') {
     return ctx.ssoCallbackUrl;
   }

From e6cbe29bce22fb0152d7c8b5b0539cb594f6b657 Mon Sep 17 00:00:00 2001
From: Dylan Staley <88163+dstaley@users.noreply.github.com>
Date: Tue, 8 Apr 2025 14:21:27 -0700
Subject: [PATCH 3/4] fix: scope to combinedFlow

---
 packages/clerk-js/src/ui/common/redirects.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/clerk-js/src/ui/common/redirects.ts b/packages/clerk-js/src/ui/common/redirects.ts
index 79fb531abca..59636a9bb64 100644
--- a/packages/clerk-js/src/ui/common/redirects.ts
+++ b/packages/clerk-js/src/ui/common/redirects.ts
@@ -58,7 +58,7 @@ export function buildSSOCallbackURL(
   // If the context contains an SSO callback URL, use it instead of building a new one, as it likely contains the
   // combined flow path. However, if the routing is virtual, the callback URL from context will not have factored in
   // baseUrl, so we fallback to buildRedirectUrl instead.
-  if ('ssoCallbackUrl' in ctx && ctx.ssoCallbackUrl && routing !== 'virtual') {
+  if (ctx.ssoCallbackUrl && ctx.isCombinedFlow && routing !== 'virtual') {
     return ctx.ssoCallbackUrl;
   }
   return buildRedirectUrl({

From 13f7a8235c346ff52450c9b2806ce6c0dbb723c5 Mon Sep 17 00:00:00 2001
From: Dylan Staley <88163+dstaley@users.noreply.github.com>
Date: Tue, 8 Apr 2025 14:30:30 -0700
Subject: [PATCH 4/4] tests: pass isCombinedFlow

---
 .../clerk-js/src/ui/common/__tests__/redirects.test.ts | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/packages/clerk-js/src/ui/common/__tests__/redirects.test.ts b/packages/clerk-js/src/ui/common/__tests__/redirects.test.ts
index 10a23fdf420..11c706e8c65 100644
--- a/packages/clerk-js/src/ui/common/__tests__/redirects.test.ts
+++ b/packages/clerk-js/src/ui/common/__tests__/redirects.test.ts
@@ -209,8 +209,16 @@ describe('buildSSOCallbackURL(ctx, baseUrl)', () => {
     ).toBe('http://test.host/#/sso-callback?redirect_url=%2Ffoo');
 
     // Custom SSO callback URL in the context
-    expect(buildSSOCallbackURL({ ssoCallbackUrl: 'http://test.host/ctx-sso-callback' })).toBe(
+    expect(buildSSOCallbackURL({ isCombinedFlow: true, ssoCallbackUrl: 'http://test.host/ctx-sso-callback' })).toBe(
       'http://test.host/ctx-sso-callback',
     );
+    // Does not use SSO callback URL from context when routing is virtual
+    expect(
+      buildSSOCallbackURL({
+        isCombinedFlow: true,
+        ssoCallbackUrl: 'http://test.host/ctx-sso-callback',
+        routing: 'virtual',
+      }),
+    ).toBe('http://localhost/#/sso-callback');
   });
 });