fix: reset Core 3 OAuth retry state

[jacekradko]

Fixes SDK-75.

Summary

• Create a fresh Core 3 sign-in attempt when retrying OAuth SSO after an abandoned provider redirect.
• Reset async resource fetch status when restoring a pending task from BFCache.
• Add regression coverage for retrying GitHub after abandoning a Google OAuth redirect.

Root cause

signIn.__internal_future.sso() reused an existing sign-in resource when it already had an id. After a user backed out of an OAuth provider (e.g. pressed the browser back button on Google's consent screen), the resource still held the previous provider's externalVerificationRedirectURL, so a later click on a different provider (e.g. GitHub) navigated back to the original provider's consent screen. Additionally, when the page was restored from BFCache, the resource's fetch status remained fetching, leaving subsequent attempts stuck.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
clerk-js-sandbox	Ready	Preview, Comment	May 6, 2026 10:09pm

[changeset-bot]

🦋 Changeset detected

Latest commit: ab7de70

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages

Name	Type
@clerk/clerk-js	Patch
@clerk/chrome-extension	Patch
@clerk/expo	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: d8b36f50-65eb-4e24-97de-a89c0a396921

📥 Commits

Reviewing files that changed from the base of the PR and between d2d1a49 and ab7de70.

📒 Files selected for processing (1)

• .changeset/curly-cameras-laugh.md

✅ Files skipped from review due to trivial changes (1)

• .changeset/curly-cameras-laugh.md

---

📝 Walkthrough

Walkthrough

Adds a patch release entry for @clerk/clerk-js and implements two functional changes: SignIn.sso now uses wrapped popup routes for redirectUrl and actionCompleteRedirectUrl when using a popup and broadens the condition that triggers _create (no resource id, non-enterprise_sso strategy, or unverified first-factor). runAsyncResourceTask now registers a pageshow listener to reset fetch status to idle when a page is restored from BFCache and ensures listener cleanup. Tests were added/updated to cover the OAuth retry popup flow and BFCache fetch status reset.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'fix: reset Core 3 OAuth retry state' clearly and concisely summarizes the main changes: resetting OAuth retry state and fetch status when retrying after abandoned redirects and BFCache restoration.
Description check	✅ Passed	The description provides relevant context about the changes, including the root cause analysis, the specific issues being fixed (OAuth provider redirect handling and BFCache fetch status), and test coverage additions.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[pkg-pr-new]

Open in StackBlitz

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@8494

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@8494

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@8494

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@8494

@clerk/dev-cli

npm i https://pkg.pr.new/@clerk/dev-cli@8494

@clerk/expo

npm i https://pkg.pr.new/@clerk/expo@8494

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@8494

@clerk/express

npm i https://pkg.pr.new/@clerk/express@8494

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@8494

@clerk/hono

npm i https://pkg.pr.new/@clerk/hono@8494

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@8494

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@8494

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@8494

@clerk/react

npm i https://pkg.pr.new/@clerk/react@8494

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@8494

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@8494

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@8494

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@8494

@clerk/ui

npm i https://pkg.pr.new/@clerk/ui@8494

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@8494

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@8494

commit: ab7de70