fix(clerk-expo): Trigger deep linking on SSO callback #4905
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
🦋 Changeset detectedLatest commit: 7d6cc6d The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
LauraBeatris
force-pushed
the
laura/orgs-466-deep-linking-is-not-working-for-sso-flows
branch
3 times, most recently
from
5342346 to
64f4e78
Compare
LauraBeatris
force-pushed
the
laura/orgs-466-deep-linking-is-not-working-for-sso-flows
branch
from
64f4e78 to
c122165
Compare
|
Will also apply to new hook from #4880 once it gets merged |
packages/expo/package.json
Outdated
| @@ -87,6 +88,7 @@ | |||
| "peerDependencies": { | |||
| "@clerk/expo-passkeys": ">=0.0.6", | |||
| "expo-auth-session": ">=5", | |||
| "expo-linking": ">=7", | |||
There was a problem hiding this comment.
We need to be careful with this, I believe any other expo-* package we have as peer is compatible with >= Expo 50 and expo-linking@7 seems too "new".
Link.openUrl() existed for Expo 50, we just need to find the correct major. Based on their changelog for expo 50, we can do
| "expo-linking": ">=7", | |
| "expo-linking": ">=6.2.2", |
There was a problem hiding this comment.
Great catch on this, thanks for the heads up!
| @@ -93,6 +97,7 @@ export function useOAuth(useOAuthParams: UseOAuthFlowParams) { | |||
|
|
|||
| if (status === 'complete') { | |||
| createdSessionId = signIn.createdSessionId!; | |||
| await Linking.openURL(url); | |||
There was a problem hiding this comment.
Thinking a bit more, if we trigger the deep linking here, it can cause a race condition with setActive, where it'll navigate to a page that expects the user to be authenticated but it might take some milliseconds for it to happen, causing flickering on the UI
The flow should be like the following:
- Create sign in, open web browser for
externalVerificationRedirectURL - Closes web browser once server responds with 301, deep links back to the current page
- Parse the rotating token nonce out of the URL
- Update sign-in, verify status, handle transfer flow if necessary
- Consumer page performs routing according to the sign-in status, this gives more freedom to deal with the progressive flow and it follows our current recommendation here: https://clerk.com/docs/custom-flows/error-handling
Description
Fixes deep linking behavior on SSO callback from the authorization server
Currently,
WebBrowser.openAuthSessionAsyncdoesn't trigger the deep linking once the authorization server responds with a 301 status to the URI scheme.Expo issue
Checklist
pnpm testruns as expected.pnpm buildruns as expected.Type of change