From 9c782dfed96971e4959e067aab8e132b73cf13c7 Mon Sep 17 00:00:00 2001
From: Max Peintner <peintnerm@gmail.com>
Date: Fri, 13 Dec 2024 16:31:51 +0100
Subject: [PATCH] handle session creation at the end of linking / finish OIDC
 flow

---
 .../(login)/idp/[provider]/success/page.tsx   | 61 +++++++++++--------
 1 file changed, 35 insertions(+), 26 deletions(-)

diff --git a/apps/login/src/app/(login)/idp/[provider]/success/page.tsx b/apps/login/src/app/(login)/idp/[provider]/success/page.tsx
index b536456c23..c9353a6462 100644
--- a/apps/login/src/app/(login)/idp/[provider]/success/page.tsx
+++ b/apps/login/src/app/(login)/idp/[provider]/success/page.tsx
@@ -1,7 +1,7 @@
 import { Alert, AlertType } from "@/components/alert";
 import { DynamicTheme } from "@/components/dynamic-theme";
-import { IdpSignin } from "@/components/idp-signin";
 import { idpTypeToIdentityProviderType, PROVIDER_MAPPING } from "@/lib/idp";
+import { createNewSessionForIdp } from "@/lib/server/session";
 import {
   addIDPLink,
   createUser,
@@ -13,6 +13,7 @@ import {
 import { AutoLinkingOption } from "@zitadel/proto/zitadel/idp/v2/idp_pb";
 import { BrandingSettings } from "@zitadel/proto/zitadel/settings/v2/branding_settings_pb";
 import { getLocale, getTranslations } from "next-intl/server";
+import { redirect } from "next/navigation";
 
 async function loginFailed(branding?: BrandingSettings) {
   const locale = getLocale();
@@ -50,24 +51,42 @@ export default async function Page(props: {
 
   const { idpInformation, userId } = intent;
 
+  async function continueWithSession(
+    idpIntentId: string,
+    idpIntentToken: string,
+  ) {
+    const sessionRedirectResponse = await createNewSessionForIdp({
+      userId,
+      idpIntent: {
+        idpIntentId,
+        idpIntentToken,
+      },
+      authRequestId,
+    });
+
+    if (
+      !sessionRedirectResponse ||
+      (sessionRedirectResponse &&
+        "error" in sessionRedirectResponse &&
+        sessionRedirectResponse?.error)
+    ) {
+      return loginFailed(branding);
+    }
+
+    if (
+      sessionRedirectResponse &&
+      "redirect" in sessionRedirectResponse &&
+      sessionRedirectResponse?.redirect
+    ) {
+      return redirect(sessionRedirectResponse.redirect);
+    }
+  }
+
   // sign in user. If user should be linked continue
   if (userId && !link) {
     // TODO: update user if idp.options.isAutoUpdate is true
 
-    return (
-      <DynamicTheme branding={branding}>
-        <div className="flex flex-col items-center space-y-4">
-          <h1>{t("loginSuccess.title")}</h1>
-          <div>{t("loginSuccess.description")}</div>
-
-          <IdpSignin
-            userId={userId}
-            idpIntent={{ idpIntentId: id, idpIntentToken: token }}
-            authRequestId={authRequestId}
-          />
-        </div>
-      </DynamicTheme>
-    );
+    await continueWithSession(id, token);
   }
 
   if (!idpInformation) {
@@ -134,17 +153,7 @@ export default async function Page(props: {
         );
       });
 
-      if (idpLink) {
-        return (
-          // TODO: possibily login user now
-          <DynamicTheme branding={branding}>
-            <div className="flex flex-col items-center space-y-4">
-              <h1>{t("linkingSuccess.title")}</h1>
-              <div>{t("linkingSuccess.description")}</div>
-            </div>
-          </DynamicTheme>
-        );
-      }
+      await continueWithSession(id, token);
     }
   }