@hfunlabs/hypurr-connect 0.1.25 → 0.1.26
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -7
- package/dist/index.d.ts +2 -2
- package/dist/index.js +22 -21
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
- package/src/HypurrConnectProvider.tsx +28 -26
- package/src/types.ts +2 -2
package/README.md
CHANGED
|
@@ -126,7 +126,7 @@ interface HypurrConnectConfig {
|
|
|
126
126
|
isTestnet?: boolean; // Use testnet endpoints (default: false)
|
|
127
127
|
telegram: {
|
|
128
128
|
authHubUrl?: string; // Auth hub URL (default: https://auth.hypurr.fun/login)
|
|
129
|
-
|
|
129
|
+
redirectUri?: string | (() => string); // OAuth redirect URI (default: current page)
|
|
130
130
|
scope?: string | string[]; // Requested JWT scopes
|
|
131
131
|
};
|
|
132
132
|
}
|
|
@@ -148,15 +148,15 @@ for generated protobuf service clients.
|
|
|
148
148
|
|
|
149
149
|
1. User clicks "Telegram" in the `LoginModal`.
|
|
150
150
|
2. The SDK opens the configured auth hub in a popup with `client_id`,
|
|
151
|
-
`return_to`, `state`, requested `scope`, `code_challenge`,
|
|
152
|
-
`code_challenge_method=S256`.
|
|
153
|
-
3. The auth hub performs Telegram login and redirects back to `
|
|
151
|
+
`redirect_uri`, `return_to`, `state`, requested `scope`, `code_challenge`,
|
|
152
|
+
and `code_challenge_method=S256`.
|
|
153
|
+
3. The auth hub performs Telegram login and redirects back to `redirect_uri` with
|
|
154
154
|
either a legacy scoped JWT or an authorization code.
|
|
155
155
|
4. The popup callback page posts `{ token, state }` or `{ code, state }` to the
|
|
156
156
|
opener with `postMessage` and closes.
|
|
157
157
|
5. The opener validates `state`. Legacy tokens are stored directly; auth codes
|
|
158
158
|
are exchanged at the OAuth metadata `token_endpoint` with the stored PKCE
|
|
159
|
-
verifier
|
|
159
|
+
verifier and the original callback URL as `redirect_uri`.
|
|
160
160
|
6. The SDK calls the Hypurr gRPC backend with `Authorization: Bearer <jwt>`
|
|
161
161
|
metadata.
|
|
162
162
|
7. An `ExchangeClient` is created with `GrpcExchangeTransport`; exchange
|
|
@@ -164,8 +164,8 @@ for generated protobuf service clients.
|
|
|
164
164
|
8. The JWT session is persisted in localStorage (`hypurr-connect-tg-jwt`).
|
|
165
165
|
|
|
166
166
|
If the popup is blocked, the SDK falls back to a full-page redirect. The
|
|
167
|
-
default `
|
|
168
|
-
`
|
|
167
|
+
default `redirectUri` is the current page with auth query params removed; custom
|
|
168
|
+
`redirectUri` URLs should load the app and mount `HypurrConnectProvider` so the
|
|
169
169
|
popup callback bridge can run.
|
|
170
170
|
|
|
171
171
|
### EOA Wallet Login
|
package/dist/index.d.ts
CHANGED
|
@@ -27,8 +27,8 @@ interface HypurrConnectConfig {
|
|
|
27
27
|
telegram?: {
|
|
28
28
|
/** Auth hub login URL. Defaults to https://auth.hypurr.fun/login. */
|
|
29
29
|
authHubUrl?: string;
|
|
30
|
-
/** Optional
|
|
31
|
-
|
|
30
|
+
/** Optional OAuth redirect URI. Defaults to the current page without auth query params. */
|
|
31
|
+
redirectUri?: string | (() => string);
|
|
32
32
|
/** Requested hub scopes. Defaults to the scopes required by this SDK. */
|
|
33
33
|
scope?: string | string[];
|
|
34
34
|
/** @deprecated Telegram login is handled by the auth hub; this option is ignored. */
|
package/dist/index.js
CHANGED
|
@@ -315,7 +315,7 @@ var TELEGRAM_STORAGE_KEY = "hypurr-connect-tg-jwt";
|
|
|
315
315
|
var LEGACY_TELEGRAM_STORAGE_KEY = "hypurr-connect-tg-user";
|
|
316
316
|
var TELEGRAM_AUTH_STATE_KEY = "hypurr-connect-auth-state";
|
|
317
317
|
var TELEGRAM_AUTH_CODE_VERIFIER_PREFIX = "hypurr-connect-auth-code-verifier:";
|
|
318
|
-
var
|
|
318
|
+
var TELEGRAM_AUTH_REDIRECT_URI_PREFIX = "hypurr-connect-auth-redirect-uri:";
|
|
319
319
|
var TELEGRAM_AUTH_MESSAGE = "hypurr-connect:telegram-auth";
|
|
320
320
|
var DEFAULT_AUTH_HUB_URL = "https://auth.hypurr.fun/login";
|
|
321
321
|
var DEFAULT_MEDIA_URL = "https://media.hypurr.fun";
|
|
@@ -448,7 +448,7 @@ function withExpectedFrom(transaction, address) {
|
|
|
448
448
|
}
|
|
449
449
|
return transaction.from ? transaction : { ...transaction, from: address };
|
|
450
450
|
}
|
|
451
|
-
function
|
|
451
|
+
function currentRedirectUri() {
|
|
452
452
|
const url = new URL(window.location.href);
|
|
453
453
|
for (const param of [
|
|
454
454
|
"code",
|
|
@@ -525,23 +525,23 @@ function normalizeClientId(clientId) {
|
|
|
525
525
|
function codeVerifierStorageKey(state) {
|
|
526
526
|
return `${TELEGRAM_AUTH_CODE_VERIFIER_PREFIX}${state}`;
|
|
527
527
|
}
|
|
528
|
-
function
|
|
529
|
-
return `${
|
|
528
|
+
function redirectUriStorageKey(state) {
|
|
529
|
+
return `${TELEGRAM_AUTH_REDIRECT_URI_PREFIX}${state}`;
|
|
530
530
|
}
|
|
531
|
-
function storeTelegramAuthSession(state, codeVerifier,
|
|
531
|
+
function storeTelegramAuthSession(state, codeVerifier, redirectUri) {
|
|
532
532
|
const previousState = sessionStorage.getItem(TELEGRAM_AUTH_STATE_KEY);
|
|
533
533
|
if (previousState) {
|
|
534
534
|
sessionStorage.removeItem(codeVerifierStorageKey(previousState));
|
|
535
|
-
sessionStorage.removeItem(
|
|
535
|
+
sessionStorage.removeItem(redirectUriStorageKey(previousState));
|
|
536
536
|
}
|
|
537
537
|
sessionStorage.setItem(TELEGRAM_AUTH_STATE_KEY, state);
|
|
538
538
|
sessionStorage.setItem(codeVerifierStorageKey(state), codeVerifier);
|
|
539
|
-
sessionStorage.setItem(
|
|
539
|
+
sessionStorage.setItem(redirectUriStorageKey(state), redirectUri);
|
|
540
540
|
}
|
|
541
541
|
function clearTelegramAuthSession(state) {
|
|
542
542
|
sessionStorage.removeItem(TELEGRAM_AUTH_STATE_KEY);
|
|
543
543
|
sessionStorage.removeItem(codeVerifierStorageKey(state));
|
|
544
|
-
sessionStorage.removeItem(
|
|
544
|
+
sessionStorage.removeItem(redirectUriStorageKey(state));
|
|
545
545
|
}
|
|
546
546
|
function takeTelegramAuthSession(state) {
|
|
547
547
|
const expectedState = sessionStorage.getItem(TELEGRAM_AUTH_STATE_KEY);
|
|
@@ -549,17 +549,17 @@ function takeTelegramAuthSession(state) {
|
|
|
549
549
|
if (!expectedState || state !== expectedState) {
|
|
550
550
|
if (expectedState) {
|
|
551
551
|
sessionStorage.removeItem(codeVerifierStorageKey(expectedState));
|
|
552
|
-
sessionStorage.removeItem(
|
|
552
|
+
sessionStorage.removeItem(redirectUriStorageKey(expectedState));
|
|
553
553
|
}
|
|
554
554
|
return null;
|
|
555
555
|
}
|
|
556
556
|
const codeVerifierKey = codeVerifierStorageKey(state);
|
|
557
|
-
const
|
|
557
|
+
const redirectUriKey = redirectUriStorageKey(state);
|
|
558
558
|
const codeVerifier = sessionStorage.getItem(codeVerifierKey);
|
|
559
|
-
const
|
|
559
|
+
const redirectUri = sessionStorage.getItem(redirectUriKey);
|
|
560
560
|
sessionStorage.removeItem(codeVerifierKey);
|
|
561
|
-
sessionStorage.removeItem(
|
|
562
|
-
return { codeVerifier,
|
|
561
|
+
sessionStorage.removeItem(redirectUriKey);
|
|
562
|
+
return { codeVerifier, redirectUri };
|
|
563
563
|
}
|
|
564
564
|
function fallbackAuthTokenUrl(authHubUrl) {
|
|
565
565
|
const url = new URL(authHubUrl || DEFAULT_AUTH_HUB_URL);
|
|
@@ -623,14 +623,14 @@ async function exchangeTelegramAuthCode({
|
|
|
623
623
|
clientId,
|
|
624
624
|
code,
|
|
625
625
|
codeVerifier,
|
|
626
|
-
|
|
626
|
+
redirectUri
|
|
627
627
|
}) {
|
|
628
628
|
const body = new URLSearchParams({
|
|
629
629
|
client_id: clientId,
|
|
630
630
|
code,
|
|
631
631
|
code_verifier: codeVerifier,
|
|
632
632
|
grant_type: "authorization_code",
|
|
633
|
-
|
|
633
|
+
redirect_uri: redirectUri
|
|
634
634
|
});
|
|
635
635
|
const response = await fetch(await resolveAuthTokenUrl(authHubUrl), {
|
|
636
636
|
method: "POST",
|
|
@@ -749,7 +749,7 @@ function HypurrConnectProvider({
|
|
|
749
749
|
clientId: normalizeClientId(config.clientId),
|
|
750
750
|
code: callback.code,
|
|
751
751
|
codeVerifier: authSession.codeVerifier,
|
|
752
|
-
|
|
752
|
+
redirectUri: authSession.redirectUri || currentRedirectUri()
|
|
753
753
|
}).then(acceptTelegramToken).catch(
|
|
754
754
|
(err) => setTgError(err instanceof Error ? err.message : String(err))
|
|
755
755
|
).finally(() => setTgLoading(false));
|
|
@@ -1548,9 +1548,9 @@ function HypurrConnectProvider({
|
|
|
1548
1548
|
const loginTelegram = useCallback(() => {
|
|
1549
1549
|
const state = randomState();
|
|
1550
1550
|
const codeVerifier = randomCodeVerifier();
|
|
1551
|
-
const
|
|
1552
|
-
const
|
|
1553
|
-
storeTelegramAuthSession(state, codeVerifier,
|
|
1551
|
+
const configuredRedirectUri = config.telegram?.redirectUri;
|
|
1552
|
+
const redirectUri = typeof configuredRedirectUri === "function" ? configuredRedirectUri() : configuredRedirectUri || currentRedirectUri();
|
|
1553
|
+
storeTelegramAuthSession(state, codeVerifier, redirectUri);
|
|
1554
1554
|
const width = 520;
|
|
1555
1555
|
const height = 720;
|
|
1556
1556
|
const left = window.screenX + Math.max(0, (window.outerWidth - width) / 2);
|
|
@@ -1576,7 +1576,8 @@ function HypurrConnectProvider({
|
|
|
1576
1576
|
"client_id",
|
|
1577
1577
|
normalizeClientId(config.clientId)
|
|
1578
1578
|
);
|
|
1579
|
-
authUrl.searchParams.set("
|
|
1579
|
+
authUrl.searchParams.set("redirect_uri", redirectUri);
|
|
1580
|
+
authUrl.searchParams.set("return_to", redirectUri);
|
|
1580
1581
|
authUrl.searchParams.set("state", state);
|
|
1581
1582
|
authUrl.searchParams.set(
|
|
1582
1583
|
"scope",
|
|
@@ -1602,7 +1603,7 @@ function HypurrConnectProvider({
|
|
|
1602
1603
|
}, [
|
|
1603
1604
|
config.clientId,
|
|
1604
1605
|
config.telegram?.authHubUrl,
|
|
1605
|
-
config.telegram?.
|
|
1606
|
+
config.telegram?.redirectUri,
|
|
1606
1607
|
config.telegram?.scope
|
|
1607
1608
|
]);
|
|
1608
1609
|
const connectEoa = useCallback(
|