fix(ui): Correctly display IP redirect URIs in OAuth consent

[wobsoriano]

Description

The OAuth consent screen used hostname.split('.').slice(-2).join('.') to derive the display domain from redirect_uri, which rendered http://127.0.0.1:3000/... as "0.1" and broke the same way for any IP literal. This replaces getRootDomain with getRedirectDisplay, a small classifier that returns one of ip, hostname, or invalid. IP literals now render in full (127.0.0.1, [::1], [2001:db8::1]), hostnames keep the existing root-domain extraction, and invalid or host-less URLs fall back to empty. IPv6 literals are re-bracketed for display, and WHATWG URL normalization means expanded forms like [0:0:0:0:0:0:0:1] render as [::1].

Checklist

• pnpm test runs as expected.
• pnpm build runs as expected.
• (If applicable) JSDoc comments have been added or updated for any package exports
• (If applicable) Documentation has been updated

Type of change

• 🐛 Bug fix
• 🌟 New feature
• 🔨 Breaking change
• 📖 Refactoring / dependency upgrade / documentation
• other:

[changeset-bot]

🦋 Changeset detected

Latest commit: 17108ff

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages

Name	Type
@clerk/ui	Patch
@clerk/chrome-extension	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
clerk-js-sandbox	Ready	Preview, Comment	Apr 16, 2026 8:21pm

[pkg-pr-new]

Open in StackBlitz

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@8342

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@8342

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@8342

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@8342

@clerk/dev-cli

npm i https://pkg.pr.new/@clerk/dev-cli@8342

@clerk/expo

npm i https://pkg.pr.new/@clerk/expo@8342

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@8342

@clerk/express

npm i https://pkg.pr.new/@clerk/express@8342

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@8342

@clerk/hono

npm i https://pkg.pr.new/@clerk/hono@8342

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@8342

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@8342

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@8342

@clerk/react

npm i https://pkg.pr.new/@clerk/react@8342

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@8342

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@8342

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@8342

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@8342

@clerk/ui

npm i https://pkg.pr.new/@clerk/ui@8342

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@8342

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@8342

commit: 17108ff

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: bebaa04b-41b7-42ba-a190-3e6e8bf036c1

📥 Commits

Reviewing files that changed from the base of the PR and between b5e7c98 and 17108ff.

📒 Files selected for processing (4)

• .changeset/small-jars-invite.md
• packages/ui/src/components/OAuthConsent/OAuthConsent.tsx
• packages/ui/src/components/OAuthConsent/__tests__/utils.test.ts
• packages/ui/src/components/OAuthConsent/utils.ts

✅ Files skipped from review due to trivial changes (1)

• .changeset/small-jars-invite.md

🚧 Files skipped from review as they are similar to previous changes (1)

• packages/ui/src/components/OAuthConsent/OAuthConsent.tsx

---

📝 Walkthrough

Walkthrough

The OAuth consent UI now uses a new utility, getRedirectDisplay, in place of the previous getRootDomain. getRedirectDisplay parses a redirect URL and returns a normalized display string: bare IPv4, bracketed IPv6, or a derived root domain (last two labels) for hostnames, returning an empty string for invalid inputs. The OAuthConsent component assigns domainAction from this display output for warning and redirect notice text. Unit tests for getRedirectDisplay were added covering IPv4, IPv6, hostnames, and invalid cases. No exported API surface changes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'fix(ui): Correctly display IP redirect URIs in OAuth consent' accurately describes the main change—fixing how IP addresses are displayed in the OAuth consent screen.
Description check	✅ Passed	The description is detailed and directly related to the changeset, explaining the problem with the previous implementation, the solution, and expected behavior for IP and hostname rendering.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}