@hfunlabs/hypurr-connect 0.1.25 → 0.1.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -126,7 +126,7 @@ interface HypurrConnectConfig {
126
126
  isTestnet?: boolean; // Use testnet endpoints (default: false)
127
127
  telegram: {
128
128
  authHubUrl?: string; // Auth hub URL (default: https://auth.hypurr.fun/login)
129
- returnTo?: string | (() => string); // Callback URL (default: current page)
129
+ redirectUri?: string | (() => string); // OAuth redirect URI (default: current page)
130
130
  scope?: string | string[]; // Requested JWT scopes
131
131
  };
132
132
  }
@@ -148,15 +148,15 @@ for generated protobuf service clients.
148
148
 
149
149
  1. User clicks "Telegram" in the `LoginModal`.
150
150
  2. The SDK opens the configured auth hub in a popup with `client_id`,
151
- `return_to`, `state`, requested `scope`, `code_challenge`, and
152
- `code_challenge_method=S256`.
153
- 3. The auth hub performs Telegram login and redirects back to `return_to` with
151
+ `redirect_uri`, `return_to`, `state`, requested `scope`, `code_challenge`,
152
+ and `code_challenge_method=S256`.
153
+ 3. The auth hub performs Telegram login and redirects back to `redirect_uri` with
154
154
  either a legacy scoped JWT or an authorization code.
155
155
  4. The popup callback page posts `{ token, state }` or `{ code, state }` to the
156
156
  opener with `postMessage` and closes.
157
157
  5. The opener validates `state`. Legacy tokens are stored directly; auth codes
158
158
  are exchanged at the OAuth metadata `token_endpoint` with the stored PKCE
159
- verifier.
159
+ verifier and the original callback URL as `redirect_uri`.
160
160
  6. The SDK calls the Hypurr gRPC backend with `Authorization: Bearer <jwt>`
161
161
  metadata.
162
162
  7. An `ExchangeClient` is created with `GrpcExchangeTransport`; exchange
@@ -164,8 +164,8 @@ for generated protobuf service clients.
164
164
  8. The JWT session is persisted in localStorage (`hypurr-connect-tg-jwt`).
165
165
 
166
166
  If the popup is blocked, the SDK falls back to a full-page redirect. The
167
- default `returnTo` is the current page with auth query params removed; custom
168
- `returnTo` URLs should load the app and mount `HypurrConnectProvider` so the
167
+ default `redirectUri` is the current page with auth query params removed; custom
168
+ `redirectUri` URLs should load the app and mount `HypurrConnectProvider` so the
169
169
  popup callback bridge can run.
170
170
 
171
171
  ### EOA Wallet Login
package/dist/index.d.ts CHANGED
@@ -27,8 +27,8 @@ interface HypurrConnectConfig {
27
27
  telegram?: {
28
28
  /** Auth hub login URL. Defaults to https://auth.hypurr.fun/login. */
29
29
  authHubUrl?: string;
30
- /** Optional callback URL. Defaults to the current page without auth query params. */
31
- returnTo?: string | (() => string);
30
+ /** Optional OAuth redirect URI. Defaults to the current page without auth query params. */
31
+ redirectUri?: string | (() => string);
32
32
  /** Requested hub scopes. Defaults to the scopes required by this SDK. */
33
33
  scope?: string | string[];
34
34
  /** @deprecated Telegram login is handled by the auth hub; this option is ignored. */
package/dist/index.js CHANGED
@@ -315,7 +315,7 @@ var TELEGRAM_STORAGE_KEY = "hypurr-connect-tg-jwt";
315
315
  var LEGACY_TELEGRAM_STORAGE_KEY = "hypurr-connect-tg-user";
316
316
  var TELEGRAM_AUTH_STATE_KEY = "hypurr-connect-auth-state";
317
317
  var TELEGRAM_AUTH_CODE_VERIFIER_PREFIX = "hypurr-connect-auth-code-verifier:";
318
- var TELEGRAM_AUTH_RETURN_TO_PREFIX = "hypurr-connect-auth-return-to:";
318
+ var TELEGRAM_AUTH_REDIRECT_URI_PREFIX = "hypurr-connect-auth-redirect-uri:";
319
319
  var TELEGRAM_AUTH_MESSAGE = "hypurr-connect:telegram-auth";
320
320
  var DEFAULT_AUTH_HUB_URL = "https://auth.hypurr.fun/login";
321
321
  var DEFAULT_MEDIA_URL = "https://media.hypurr.fun";
@@ -448,7 +448,7 @@ function withExpectedFrom(transaction, address) {
448
448
  }
449
449
  return transaction.from ? transaction : { ...transaction, from: address };
450
450
  }
451
- function currentReturnTo() {
451
+ function currentRedirectUri() {
452
452
  const url = new URL(window.location.href);
453
453
  for (const param of [
454
454
  "code",
@@ -525,23 +525,23 @@ function normalizeClientId(clientId) {
525
525
  function codeVerifierStorageKey(state) {
526
526
  return `${TELEGRAM_AUTH_CODE_VERIFIER_PREFIX}${state}`;
527
527
  }
528
- function returnToStorageKey(state) {
529
- return `${TELEGRAM_AUTH_RETURN_TO_PREFIX}${state}`;
528
+ function redirectUriStorageKey(state) {
529
+ return `${TELEGRAM_AUTH_REDIRECT_URI_PREFIX}${state}`;
530
530
  }
531
- function storeTelegramAuthSession(state, codeVerifier, returnTo) {
531
+ function storeTelegramAuthSession(state, codeVerifier, redirectUri) {
532
532
  const previousState = sessionStorage.getItem(TELEGRAM_AUTH_STATE_KEY);
533
533
  if (previousState) {
534
534
  sessionStorage.removeItem(codeVerifierStorageKey(previousState));
535
- sessionStorage.removeItem(returnToStorageKey(previousState));
535
+ sessionStorage.removeItem(redirectUriStorageKey(previousState));
536
536
  }
537
537
  sessionStorage.setItem(TELEGRAM_AUTH_STATE_KEY, state);
538
538
  sessionStorage.setItem(codeVerifierStorageKey(state), codeVerifier);
539
- sessionStorage.setItem(returnToStorageKey(state), returnTo);
539
+ sessionStorage.setItem(redirectUriStorageKey(state), redirectUri);
540
540
  }
541
541
  function clearTelegramAuthSession(state) {
542
542
  sessionStorage.removeItem(TELEGRAM_AUTH_STATE_KEY);
543
543
  sessionStorage.removeItem(codeVerifierStorageKey(state));
544
- sessionStorage.removeItem(returnToStorageKey(state));
544
+ sessionStorage.removeItem(redirectUriStorageKey(state));
545
545
  }
546
546
  function takeTelegramAuthSession(state) {
547
547
  const expectedState = sessionStorage.getItem(TELEGRAM_AUTH_STATE_KEY);
@@ -549,17 +549,17 @@ function takeTelegramAuthSession(state) {
549
549
  if (!expectedState || state !== expectedState) {
550
550
  if (expectedState) {
551
551
  sessionStorage.removeItem(codeVerifierStorageKey(expectedState));
552
- sessionStorage.removeItem(returnToStorageKey(expectedState));
552
+ sessionStorage.removeItem(redirectUriStorageKey(expectedState));
553
553
  }
554
554
  return null;
555
555
  }
556
556
  const codeVerifierKey = codeVerifierStorageKey(state);
557
- const returnToKey = returnToStorageKey(state);
557
+ const redirectUriKey = redirectUriStorageKey(state);
558
558
  const codeVerifier = sessionStorage.getItem(codeVerifierKey);
559
- const returnTo = sessionStorage.getItem(returnToKey);
559
+ const redirectUri = sessionStorage.getItem(redirectUriKey);
560
560
  sessionStorage.removeItem(codeVerifierKey);
561
- sessionStorage.removeItem(returnToKey);
562
- return { codeVerifier, returnTo };
561
+ sessionStorage.removeItem(redirectUriKey);
562
+ return { codeVerifier, redirectUri };
563
563
  }
564
564
  function fallbackAuthTokenUrl(authHubUrl) {
565
565
  const url = new URL(authHubUrl || DEFAULT_AUTH_HUB_URL);
@@ -623,14 +623,14 @@ async function exchangeTelegramAuthCode({
623
623
  clientId,
624
624
  code,
625
625
  codeVerifier,
626
- returnTo
626
+ redirectUri
627
627
  }) {
628
628
  const body = new URLSearchParams({
629
629
  client_id: clientId,
630
630
  code,
631
631
  code_verifier: codeVerifier,
632
632
  grant_type: "authorization_code",
633
- return_to: returnTo
633
+ redirect_uri: redirectUri
634
634
  });
635
635
  const response = await fetch(await resolveAuthTokenUrl(authHubUrl), {
636
636
  method: "POST",
@@ -749,7 +749,7 @@ function HypurrConnectProvider({
749
749
  clientId: normalizeClientId(config.clientId),
750
750
  code: callback.code,
751
751
  codeVerifier: authSession.codeVerifier,
752
- returnTo: authSession.returnTo || currentReturnTo()
752
+ redirectUri: authSession.redirectUri || currentRedirectUri()
753
753
  }).then(acceptTelegramToken).catch(
754
754
  (err) => setTgError(err instanceof Error ? err.message : String(err))
755
755
  ).finally(() => setTgLoading(false));
@@ -1548,9 +1548,9 @@ function HypurrConnectProvider({
1548
1548
  const loginTelegram = useCallback(() => {
1549
1549
  const state = randomState();
1550
1550
  const codeVerifier = randomCodeVerifier();
1551
- const configuredReturnTo = config.telegram?.returnTo;
1552
- const returnTo = typeof configuredReturnTo === "function" ? configuredReturnTo() : configuredReturnTo || currentReturnTo();
1553
- storeTelegramAuthSession(state, codeVerifier, returnTo);
1551
+ const configuredRedirectUri = config.telegram?.redirectUri;
1552
+ const redirectUri = typeof configuredRedirectUri === "function" ? configuredRedirectUri() : configuredRedirectUri || currentRedirectUri();
1553
+ storeTelegramAuthSession(state, codeVerifier, redirectUri);
1554
1554
  const width = 520;
1555
1555
  const height = 720;
1556
1556
  const left = window.screenX + Math.max(0, (window.outerWidth - width) / 2);
@@ -1576,7 +1576,8 @@ function HypurrConnectProvider({
1576
1576
  "client_id",
1577
1577
  normalizeClientId(config.clientId)
1578
1578
  );
1579
- authUrl.searchParams.set("return_to", returnTo);
1579
+ authUrl.searchParams.set("redirect_uri", redirectUri);
1580
+ authUrl.searchParams.set("return_to", redirectUri);
1580
1581
  authUrl.searchParams.set("state", state);
1581
1582
  authUrl.searchParams.set(
1582
1583
  "scope",
@@ -1602,7 +1603,7 @@ function HypurrConnectProvider({
1602
1603
  }, [
1603
1604
  config.clientId,
1604
1605
  config.telegram?.authHubUrl,
1605
- config.telegram?.returnTo,
1606
+ config.telegram?.redirectUri,
1606
1607
  config.telegram?.scope
1607
1608
  ]);
1608
1609
  const connectEoa = useCallback(