From 0ecc3b8e8689334bef34d1d25fb212f8be7a1017 Mon Sep 17 00:00:00 2001 From: Laura Beatris <48022589+LauraBeatris@users.noreply.github.com> Date: Wed, 14 May 2025 15:40:58 -0300 Subject: [PATCH 1/6] Include `oidcPrompt` on sign-in/sign-up types --- packages/types/src/clerk.ts | 8 ++++++++ packages/types/src/factors.ts | 1 + packages/types/src/redirects.ts | 5 +++++ 3 files changed, 14 insertions(+) diff --git a/packages/types/src/clerk.ts b/packages/types/src/clerk.ts index 1d02f89dd0a..06c398470c9 100644 --- a/packages/types/src/clerk.ts +++ b/packages/types/src/clerk.ts @@ -1117,6 +1117,10 @@ export type SignInProps = RoutingOptions & { * Control whether OAuth flows use redirects or popups. */ oauthFlow?: 'auto' | 'redirect' | 'popup'; + /** + * Optional for `oauth_` or `enterprise_sso` strategies. The value to pass to the [OIDC prompt parameter](https://openid.net/specs/openid-connect-core-1_0.html#:~:text=prompt,reauthentication%20and%20consent.) in the generated OAuth redirect URL. + */ + oidcPrompt?: string; } & TransferableOption & SignUpForceRedirectUrl & SignUpFallbackRedirectUrl & @@ -1254,6 +1258,10 @@ export type SignUpProps = RoutingOptions & { * Control whether OAuth flows use redirects or popups. */ oauthFlow?: 'auto' | 'redirect' | 'popup'; + /** + * Optional for `oauth_` or `enterprise_sso` strategies. The value to pass to the [OIDC prompt parameter](https://openid.net/specs/openid-connect-core-1_0.html#:~:text=prompt,reauthentication%20and%20consent.) in the generated OAuth redirect URL. + */ + oidcPrompt?: string; } & SignInFallbackRedirectUrl & SignInForceRedirectUrl & LegacyRedirectProps & diff --git a/packages/types/src/factors.ts b/packages/types/src/factors.ts index 20fde2931a2..7505beac359 100644 --- a/packages/types/src/factors.ts +++ b/packages/types/src/factors.ts @@ -116,6 +116,7 @@ export type SamlConfig = SamlFactor & { export type EnterpriseSSOConfig = EnterpriseSSOFactor & { redirectUrl: string; actionCompleteRedirectUrl: string; + oidcPrompt?: string; }; export type PhoneCodeSecondFactorConfig = { diff --git a/packages/types/src/redirects.ts b/packages/types/src/redirects.ts index d9ab3b4da75..a960e7e40fd 100644 --- a/packages/types/src/redirects.ts +++ b/packages/types/src/redirects.ts @@ -81,6 +81,11 @@ export type AuthenticateWithRedirectParams = { * Whether the user has accepted the legal requirements. */ legalAccepted?: boolean; + + /** + * Optional for `oauth_` or `enterprise_sso` strategies. The value to pass to the [OIDC prompt parameter](https://openid.net/specs/openid-connect-core-1_0.html#:~:text=prompt,reauthentication%20and%20consent.) in the generated OAuth redirect URL. + */ + oidcPrompt?: string; }; export type AuthenticateWithPopupParams = AuthenticateWithRedirectParams & { popup: Window | null }; From f651282230d7e5affc35d213240233c940755af3 Mon Sep 17 00:00:00 2001 From: Laura Beatris <48022589+LauraBeatris@users.noreply.github.com> Date: Wed, 14 May 2025 15:41:34 -0300 Subject: [PATCH 2/6] Include `oidcPrompt` on `authenticateWithRedirect` method --- packages/clerk-js/src/core/resources/SignIn.ts | 5 ++++- packages/clerk-js/src/core/resources/SignUp.ts | 2 ++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/packages/clerk-js/src/core/resources/SignIn.ts b/packages/clerk-js/src/core/resources/SignIn.ts index 473fb61d638..3bab7e51413 100644 --- a/packages/clerk-js/src/core/resources/SignIn.ts +++ b/packages/clerk-js/src/core/resources/SignIn.ts @@ -148,6 +148,7 @@ export class SignIn extends BaseResource implements SignInResource { config = { redirectUrl: factor.redirectUrl, actionCompleteRedirectUrl: factor.actionCompleteRedirectUrl, + oidcPrompt: factor.oidcPrompt, } as EnterpriseSSOConfig; break; default: @@ -231,7 +232,7 @@ export class SignIn extends BaseResource implements SignInResource { params: AuthenticateWithRedirectParams, navigateCallback: (url: URL | string) => void, ): Promise => { - const { strategy, redirectUrl, redirectUrlComplete, identifier } = params || {}; + const { strategy, redirectUrl, redirectUrlComplete, identifier, oidcPrompt } = params || {}; const { firstFactorVerification } = (strategy === 'saml' || strategy === 'enterprise_sso') && this.id @@ -239,12 +240,14 @@ export class SignIn extends BaseResource implements SignInResource { strategy, redirectUrl: SignIn.clerk.buildUrlWithAuth(redirectUrl), actionCompleteRedirectUrl: redirectUrlComplete, + oidcPrompt, }) : await this.create({ strategy, identifier, redirectUrl: SignIn.clerk.buildUrlWithAuth(redirectUrl), actionCompleteRedirectUrl: redirectUrlComplete, + oidcPrompt, }); const { status, externalVerificationRedirectURL } = firstFactorVerification; diff --git a/packages/clerk-js/src/core/resources/SignUp.ts b/packages/clerk-js/src/core/resources/SignUp.ts index 2f767b573ae..78db8f0b78e 100644 --- a/packages/clerk-js/src/core/resources/SignUp.ts +++ b/packages/clerk-js/src/core/resources/SignUp.ts @@ -306,6 +306,7 @@ export class SignUp extends BaseResource implements SignUpResource { unsafeMetadata, emailAddress, legalAccepted, + oidcPrompt, } = params; const authenticateFn = () => { @@ -316,6 +317,7 @@ export class SignUp extends BaseResource implements SignUpResource { unsafeMetadata, emailAddress, legalAccepted, + oidcPrompt, }; return continueSignUp && this.id ? this.update(authParams) : this.create(authParams); }; From 70266140e2b902d872e0f0812ede4c62065776a0 Mon Sep 17 00:00:00 2001 From: Laura Beatris <48022589+LauraBeatris@users.noreply.github.com> Date: Wed, 14 May 2025 15:42:25 -0300 Subject: [PATCH 3/6] Include `oidcPrompt` as `SignIn` component prop --- .../clerk-js/src/ui/components/SignIn/SignInSocialButtons.tsx | 4 ++-- packages/clerk-js/src/ui/components/SignIn/SignInStart.tsx | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/packages/clerk-js/src/ui/components/SignIn/SignInSocialButtons.tsx b/packages/clerk-js/src/ui/components/SignIn/SignInSocialButtons.tsx index a44748c0388..353631c5260 100644 --- a/packages/clerk-js/src/ui/components/SignIn/SignInSocialButtons.tsx +++ b/packages/clerk-js/src/ui/components/SignIn/SignInSocialButtons.tsx @@ -45,12 +45,12 @@ export const SignInSocialButtons = React.memo((props: SignInSocialButtonsProps) }, 500); return signIn - .authenticateWithPopup({ strategy, redirectUrl, redirectUrlComplete, popup }) + .authenticateWithPopup({ strategy, redirectUrl, redirectUrlComplete, popup, oidcPrompt: ctx.oidcPrompt }) .catch(err => handleError(err, [], card.setError)); } return signIn - .authenticateWithRedirect({ strategy, redirectUrl, redirectUrlComplete }) + .authenticateWithRedirect({ strategy, redirectUrl, redirectUrlComplete, oidcPrompt: ctx.oidcPrompt }) .catch(err => handleError(err, [], card.setError)); }} web3Callback={strategy => { diff --git a/packages/clerk-js/src/ui/components/SignIn/SignInStart.tsx b/packages/clerk-js/src/ui/components/SignIn/SignInStart.tsx index fe2941e6012..4a9e366a085 100644 --- a/packages/clerk-js/src/ui/components/SignIn/SignInStart.tsx +++ b/packages/clerk-js/src/ui/components/SignIn/SignInStart.tsx @@ -387,6 +387,7 @@ function SignInStartInternal(): JSX.Element { strategy: 'enterprise_sso', redirectUrl, redirectUrlComplete, + oidcPrompt: ctx.oidcPrompt, }); }; From 88a63b1d99e32870826dde904c7d661a3c5b5c41 Mon Sep 17 00:00:00 2001 From: Laura Beatris <48022589+LauraBeatris@users.noreply.github.com> Date: Wed, 14 May 2025 15:42:35 -0300 Subject: [PATCH 4/6] Include `oidcPrompt` as `SignUp` component prop --- packages/clerk-js/src/ui/components/SignUp/SignUpContinue.tsx | 2 ++ .../clerk-js/src/ui/components/SignUp/SignUpSocialButtons.tsx | 2 ++ packages/clerk-js/src/ui/components/SignUp/SignUpStart.tsx | 1 + packages/clerk-js/src/utils/completeSignUpFlow.ts | 3 +++ 4 files changed, 8 insertions(+) diff --git a/packages/clerk-js/src/ui/components/SignUp/SignUpContinue.tsx b/packages/clerk-js/src/ui/components/SignUp/SignUpContinue.tsx index da9ab825cb0..dad4feceedf 100644 --- a/packages/clerk-js/src/ui/components/SignUp/SignUpContinue.tsx +++ b/packages/clerk-js/src/ui/components/SignUp/SignUpContinue.tsx @@ -46,6 +46,7 @@ function SignUpContinueInternal() { const [activeCommIdentifierType, setActiveCommIdentifierType] = React.useState( getInitialActiveIdentifier(attributes, userSettings.signUp.progressive), ); + const ctx = useSignUpContext(); // TODO: This form should be shared between SignUpStart and SignUpContinue const formState = { @@ -179,6 +180,7 @@ function SignUpContinueInternal() { verifyPhonePath: './verify-phone-number', handleComplete: () => clerk.setActive({ session: res.createdSessionId, redirectUrl: afterSignUpUrl }), navigate, + oidcPrompt: ctx.oidcPrompt, }), ) .catch(err => handleError(err, fieldsToSubmit, card.setError)) diff --git a/packages/clerk-js/src/ui/components/SignUp/SignUpSocialButtons.tsx b/packages/clerk-js/src/ui/components/SignUp/SignUpSocialButtons.tsx index 05e58c33b86..95d14c32627 100644 --- a/packages/clerk-js/src/ui/components/SignUp/SignUpSocialButtons.tsx +++ b/packages/clerk-js/src/ui/components/SignUp/SignUpSocialButtons.tsx @@ -52,6 +52,7 @@ export const SignUpSocialButtons = React.memo((props: SignUpSocialButtonsProps) continueSignUp, unsafeMetadata: ctx.unsafeMetadata, legalAccepted: props.legalAccepted, + oidcPrompt: ctx.oidcPrompt, }) .catch(err => handleError(err, [], card.setError)); } @@ -64,6 +65,7 @@ export const SignUpSocialButtons = React.memo((props: SignUpSocialButtonsProps) strategy, unsafeMetadata: ctx.unsafeMetadata, legalAccepted: props.legalAccepted, + oidcPrompt: ctx.oidcPrompt, }) .catch(err => handleError(err, [], card.setError)); }} diff --git a/packages/clerk-js/src/ui/components/SignUp/SignUpStart.tsx b/packages/clerk-js/src/ui/components/SignUp/SignUpStart.tsx index 674a512fa85..dbda77b9ab0 100644 --- a/packages/clerk-js/src/ui/components/SignUp/SignUpStart.tsx +++ b/packages/clerk-js/src/ui/components/SignUp/SignUpStart.tsx @@ -273,6 +273,7 @@ function SignUpStartInternal(): JSX.Element { navigate, redirectUrl, redirectUrlComplete, + oidcPrompt: ctx.oidcPrompt, }), ) .catch(err => handleError(err, fieldsToSubmit, card.setError)) diff --git a/packages/clerk-js/src/utils/completeSignUpFlow.ts b/packages/clerk-js/src/utils/completeSignUpFlow.ts index b18f34940d1..e918b4ab5c7 100644 --- a/packages/clerk-js/src/utils/completeSignUpFlow.ts +++ b/packages/clerk-js/src/utils/completeSignUpFlow.ts @@ -9,6 +9,7 @@ type CompleteSignUpFlowProps = { handleComplete?: () => Promise; redirectUrl?: string; redirectUrlComplete?: string; + oidcPrompt?: string; }; export const completeSignUpFlow = ({ @@ -20,6 +21,7 @@ export const completeSignUpFlow = ({ handleComplete, redirectUrl = '', redirectUrlComplete = '', + oidcPrompt, }: CompleteSignUpFlowProps): Promise | undefined => { if (signUp.status === 'complete') { return handleComplete && handleComplete(); @@ -30,6 +32,7 @@ export const completeSignUpFlow = ({ redirectUrl, redirectUrlComplete, continueSignUp: true, + oidcPrompt, }); } From 2a52afd1ce611704474860c7758dc903faa0941f Mon Sep 17 00:00:00 2001 From: Laura Beatris <48022589+LauraBeatris@users.noreply.github.com> Date: Wed, 14 May 2025 15:50:19 -0300 Subject: [PATCH 5/6] Add changeset --- .changeset/dirty-keys-heal.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 .changeset/dirty-keys-heal.md diff --git a/.changeset/dirty-keys-heal.md b/.changeset/dirty-keys-heal.md new file mode 100644 index 00000000000..18e8416f0af --- /dev/null +++ b/.changeset/dirty-keys-heal.md @@ -0,0 +1,15 @@ +--- +'@clerk/clerk-js': patch +'@clerk/types': patch +--- + +Add `oidcPrompt` prop to `SignIn` and `SignUp` components and `authenticateWithRedirect` method to control the OIDC authentication prompt behavior during Enterprise SSO flows + +```tsx + + +``` + +```ts +signUp.authenticateWithRedirect({ redirectUrl: '/sso-callback', oidcPrompt: 'select_account' }) +``` From 221127c4435d65d440b166ee1a08cb25a061a1dd Mon Sep 17 00:00:00 2001 From: Laura Beatris <48022589+LauraBeatris@users.noreply.github.com> Date: Wed, 14 May 2025 16:08:49 -0300 Subject: [PATCH 6/6] Bump max size on bundlwatch --- packages/clerk-js/bundlewatch.config.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/clerk-js/bundlewatch.config.json b/packages/clerk-js/bundlewatch.config.json index 3343fe85673..da68e3c7076 100644 --- a/packages/clerk-js/bundlewatch.config.json +++ b/packages/clerk-js/bundlewatch.config.json @@ -1,8 +1,8 @@ { "files": [ - { "path": "./dist/clerk.js", "maxSize": "595.7kB" }, + { "path": "./dist/clerk.js", "maxSize": "598KB" }, { "path": "./dist/clerk.browser.js", "maxSize": "68.5KB" }, - { "path": "./dist/clerk.legacy.browser.js", "maxSize": "110KB" }, + { "path": "./dist/clerk.legacy.browser.js", "maxSize": "113KB" }, { "path": "./dist/clerk.headless*.js", "maxSize": "52KB" }, { "path": "./dist/ui-common*.js", "maxSize": "105.1KB" }, { "path": "./dist/vendors*.js", "maxSize": "39.5KB" }, @@ -13,7 +13,7 @@ { "path": "./dist/organizationswitcher*.js", "maxSize": "5KB" }, { "path": "./dist/organizationlist*.js", "maxSize": "5.5KB" }, { "path": "./dist/signin*.js", "maxSize": "14KB" }, - { "path": "./dist/signup*.js", "maxSize": "7.4KB" }, + { "path": "./dist/signup*.js", "maxSize": "7.7KB" }, { "path": "./dist/userbutton*.js", "maxSize": "5KB" }, { "path": "./dist/userprofile*.js", "maxSize": "16.5KB" }, { "path": "./dist/userverification*.js", "maxSize": "5KB" },