handle session creation at the end of linking / finish OIDC flow

2025-08-25 12:37:50 +00:00 · 2024-12-13 16:31:51 +01:00
parent 9e03daeeef
commit 9c782dfed9
1 changed files with 35 additions and 26 deletions
--- a/apps/login/src/app/(login)/idp/[provider]/success/page.tsx
+++ b/apps/login/src/app/(login)/idp/[provider]/success/page.tsx
@@ -1,7 +1,7 @@
 import { Alert, AlertType } from "@/components/alert";
 import { DynamicTheme } from "@/components/dynamic-theme";
-import { IdpSignin } from "@/components/idp-signin";
 import { idpTypeToIdentityProviderType, PROVIDER_MAPPING } from "@/lib/idp";
+import { createNewSessionForIdp } from "@/lib/server/session";
 import {
  addIDPLink,
  createUser,
@@ -13,6 +13,7 @@ import {
 import { AutoLinkingOption } from "@zitadel/proto/zitadel/idp/v2/idp_pb";
 import { BrandingSettings } from "@zitadel/proto/zitadel/settings/v2/branding_settings_pb";
 import { getLocale, getTranslations } from "next-intl/server";
+import { redirect } from "next/navigation";

 async function loginFailed(branding?: BrandingSettings) {
  const locale = getLocale();
@@ -50,24 +51,42 @@ export default async function Page(props: {

  const { idpInformation, userId } = intent;

+  async function continueWithSession(
+    idpIntentId: string,
+    idpIntentToken: string,
+  ) {
+    const sessionRedirectResponse = await createNewSessionForIdp({
+      userId,
+      idpIntent: {
+        idpIntentId,
+        idpIntentToken,
+      },
+      authRequestId,
+    });
+
+    if (
+      !sessionRedirectResponse ||
+      (sessionRedirectResponse &&
+        "error" in sessionRedirectResponse &&
+        sessionRedirectResponse?.error)
+    ) {
+      return loginFailed(branding);
+    }
+
+    if (
+      sessionRedirectResponse &&
+      "redirect" in sessionRedirectResponse &&
+      sessionRedirectResponse?.redirect
+    ) {
+      return redirect(sessionRedirectResponse.redirect);
+    }
+  }
+
  // sign in user. If user should be linked continue
  if (userId && !link) {
    // TODO: update user if idp.options.isAutoUpdate is true

-    return (
-      <DynamicTheme branding={branding}>
-        <div className="flex flex-col items-center space-y-4">
-          <h1>{t("loginSuccess.title")}</h1>
-          <div>{t("loginSuccess.description")}</div>
-
-          <IdpSignin
-            userId={userId}
-            idpIntent={{ idpIntentId: id, idpIntentToken: token }}
-            authRequestId={authRequestId}
-          />
-        </div>
-      </DynamicTheme>
-    );
+    await continueWithSession(id, token);
  }

  if (!idpInformation) {
@@ -134,17 +153,7 @@ export default async function Page(props: {
        );
      });

-      if (idpLink) {
-        return (
-          // TODO: possibily login user now
-          <DynamicTheme branding={branding}>
-            <div className="flex flex-col items-center space-y-4">
-              <h1>{t("linkingSuccess.title")}</h1>
-              <div>{t("linkingSuccess.description")}</div>
-            </div>
-          </DynamicTheme>
-        );
-      }
+      await continueWithSession(id, token);
    }
  }