@kennofizet/apphub-frontend 0.1.8 → 0.1.9

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kennofizet/apphub-frontend",
-  "version": "0.1.8",
+  "version": "0.1.9",
   "description": "App Hub Vue 3 UI — Windows-style desktop shell and modular apps (App Store default).",
   "main": "./src/index.js",
   "module": "./src/index.js",

package/src/index.js

@@ -1,509 +1,449 @@
-import './modules/desktop/styles/desktop.css'
-import './modules/desktop/styles/theme.css'
-import { reactive } from 'vue'
-import { createAppHubApi } from './api/index.js'
-import { createCoreApi } from './api/coreApi.js'
-import { createZoneContextState } from './composables/createZoneContext.js'
-import { APPHUB_ZONE_CONTEXT_KEY } from './composables/useAppHubZoneContext.js'
-import { createAppStoreState, provideAppStore } from './modules/app-store/index.js'
-import { AppHubDesktop } from './modules/desktop/index.js'
-import { AppHubRunner } from './modules/runner/index.js'
-import { getAppHubStore, registerAppHubStore, APPHUB_MODULE_STORE_KEY } from './moduleStore.js'
-import {
-  createWindowManagerState,
-  provideWindowManager,
-} from './modules/window-manager/index.js'
-import {
-  evaluateOriginSafety,
-  parseDevUserFromBootstrap,
-  parseOriginsFromBootstrap,
-} from './utils/originSafety.js'
-import { loadDevFriendlyOriginsPreference } from './utils/devOriginSettings.js'
-import {
-  bootstrapResponseFromCache,
-  loadBootstrapCache,
-  saveBootstrapCache,
-} from './utils/bootstrapCache.js'
-import {
-  apphubDebug,
-  describeHostApi,
-  describeStore,
-} from './utils/apphubDebug.js'
-
-const bootstrapInflight = new WeakMap()
-
-function buildPublicOptions(options = {}) {
-  const origins = Array.isArray(options.allowedRuntimeOrigins)
-    ? options.allowedRuntimeOrigins.filter((o) => typeof o === 'string')
-    : []
-
-  return {
-    language: options.language || 'vi',
-    theme: options.theme ?? 'auto',
-    themeToggle: options.themeToggle,
-    openAppStoreOnMount: options.openAppStoreOnMount !== false,
-    allowedRuntimeOrigins: origins,
-    coreUrl: options.coreUrl || '',
-    backendUrl: (options.backendUrl || '').replace(/\/$/, ''),
-    hasToken: !!(options.token),
-    allowSameOriginEmbed: options.allowSameOriginEmbed === true,
-    allowUnsafeOrigin: options.allowUnsafeOrigin === true,
-    hubOrigin: typeof options.hubOrigin === 'string' ? options.hubOrigin.trim() : '',
-    runtimePublicUrl: typeof options.runtimePublicUrl === 'string' ? options.runtimePublicUrl.trim() : '',
-    enforceDedicatedHubOrigin: options.enforceDedicatedHubOrigin !== false,
-    enforceIsolatedHostedRuntime: options.enforceIsolatedHostedRuntime !== false,
-    allowSameOriginHostedRuntime: options.allowSameOriginHostedRuntime === true,
-    hostedSandboxSameOrigin: options.hostedSandboxSameOrigin === true,
-    enforceDevFriendlyOrigins: typeof options.enforceDevFriendlyOrigins === 'boolean'
-      ? options.enforceDevFriendlyOrigins
-      : true,
-    isDevUser: options.isDevUser === true,
-    serverHubPublicUrl: typeof options.serverHubPublicUrl === 'string' ? options.serverHubPublicUrl.trim() : '',
-    serverFrontendOrigin: typeof options.serverFrontendOrigin === 'string' ? options.serverFrontendOrigin.trim() : '',
-    serverRuntimePublicUrl: typeof options.serverRuntimePublicUrl === 'string' ? options.serverRuntimePublicUrl.trim() : '',
-    serverOriginsAuto: options.serverOriginsAuto === true,
-    serverOriginsResolved: options.serverOriginsResolved === true,
-    originBootstrapLoading: options.originBootstrapLoading === true,
-    originBlocked: false,
-    originCheckPending: false,
-    originBlockReason: null,
-    originBlockParentOrigin: null,
-    originBlockExpectedHubOrigin: null,
-    originBlockExpectedRuntimeOrigin: null,
-  }
-}
-
-/** @param {Record<string, unknown>} target */
-function applyOriginSafety(target, sourceOptions = {}) {
-  const check = evaluateOriginSafety({ ...target, ...sourceOptions })
-  target.originBootstrapLoading = check.loading === true
-  target.originCheckPending = check.pending === true
-  target.originBlocked = !check.safe && check.loading !== true
-  target.originBlockReason = check.reason
-  target.originBlockParentOrigin = check.parentOrigin
-  target.originBlockExpectedHubOrigin = check.expectedHubOrigin
-  target.originBlockExpectedRuntimeOrigin = check.expectedRuntimeOrigin
-  return check
-}
-
-function parseUserFromBootstrap(resp) {
-  const data = resp?.data?.data ?? resp?.data ?? {}
-  const user = data.user
-  if (!user || user.id == null) return null
-  return {
-    id: user.id,
-    name: user.name ?? String(user.id),
-  }
-}
-
-function applyBootstrapOrigins(store, bootstrapResponse, { fromCache = false } = {}) {
-  const {
-    hubPublicUrl,
-    frontendOrigin,
-    runtimePublicUrl,
-    originsAuto,
-  } = parseOriginsFromBootstrap(bootstrapResponse)
-
-  store.options.isDevUser = parseDevUserFromBootstrap(bootstrapResponse)
-  store.options.serverOriginsAuto = originsAuto
-
-  if (!store.options.isDevUser) {
-    store.options.enforceDevFriendlyOrigins = true
-  } else {
-    store.options.enforceDevFriendlyOrigins = loadDevFriendlyOriginsPreference()
-  }
-
-  if (hubPublicUrl) {
-    store.options.serverHubPublicUrl = hubPublicUrl
-  }
-  if (frontendOrigin) {
-    store.options.serverFrontendOrigin = frontendOrigin
-  }
-  if (runtimePublicUrl) {
-    store.options.serverRuntimePublicUrl = runtimePublicUrl
-    if (!store.options.runtimePublicUrl) store.options.runtimePublicUrl = runtimePublicUrl
-  }
-
-  store.options.serverOriginsResolved = true
-
-  if (!fromCache) {
-    saveBootstrapCache(store.credentials.backendUrl, bootstrapResponse)
-  }
-
-  const user = parseUserFromBootstrap(bootstrapResponse)
-  if (user && store.zoneContext?.state) {
-    store.zoneContext.state.user.id = user.id
-    store.zoneContext.state.user.name = user.name
-  }
-
-  // Reconcile while originBootstrapLoading may still be true so enableModuleApi runs
-  // after disableModuleServices (wasLoading must be captured before clearing the flag).
-  reconcileOriginSafety(store)
-  store.options.originBootstrapLoading = false
-  applyOriginSafety(store.options)
-  apphubDebug('bootstrap', 'applyBootstrapOrigins done', describeStore(store))
-}
-
-function applyCachedBootstrapIfAny(store) {
-  const cached = loadBootstrapCache(store.credentials.backendUrl)
-  if (!cached) return false
-  applyBootstrapOrigins(store, bootstrapResponseFromCache(cached), { fromCache: true })
-  return true
-}
-
-async function fetchBootstrapSession(store) {
-  let promise = bootstrapInflight.get(store)
-  if (promise) return promise
-
-  promise = (async () => {
-    apphubDebug('bootstrap', 'fetchBootstrapSession start', describeStore(store))
-    syncApi(store)
-    if (!store.facade?.bootstrap) {
-      apphubDebug('bootstrap', 'fetchBootstrapSession abort — no bootstrap fn', describeStore(store))
-      return
-    }
-
-    const res = await store.facade.bootstrap()
-    apphubDebug('bootstrap', 'fetchBootstrapSession bootstrap response', {
-      ...describeStore(store),
-      hasResponse: !!res,
-    })
-    if (res) applyBootstrapOrigins(store, res)
-  })().catch((err) => {
-    apphubDebug('bootstrap', 'fetchBootstrapSession failed', {
-      ...describeStore(store),
-      error: err?.message ?? String(err),
-    })
-    store.options.originBootstrapLoading = false
-    if (!store.options.serverOriginsResolved) {
-      reconcileOriginSafety(store)
-    }
-  }).finally(() => {
-    bootstrapInflight.delete(store)
-  })
-
-  bootstrapInflight.set(store, promise)
-  return promise
-}
-
-function startBootstrapSession(store) {
-  const { backendUrl, token } = store.credentials
-  apphubDebug('bootstrap', 'startBootstrapSession', {
-    ...describeStore(store),
-    hasBackendUrl: !!backendUrl,
-    hasToken: !!token,
-  })
-  if (!backendUrl || !token) {
-    store.options.originBootstrapLoading = false
-    reconcileOriginSafety(store)
-    return Promise.resolve()
-  }
-
-  syncApi(store)
-  applyOriginSafety(store.options)
-
-  const hadCache = applyCachedBootstrapIfAny(store)
-  apphubDebug('bootstrap', 'startBootstrapSession after cache', {
-    hadCache,
-    ...describeStore(store),
-  })
-  if (!hadCache && !store.options.originBlocked) {
-    store.options.originBootstrapLoading = true
-    store.options.originBlocked = false
-    applyOriginSafety(store.options)
-    disableModuleServices(store, 'startBootstrapSession:no-cache')
-  }
-
-  return fetchBootstrapSession(store)
-}
-
-function reconcileOriginSafety(store) {
-  const wasBlocked = store.options.originBlocked === true
-  const wasLoading = store.options.originBootstrapLoading === true
-  applyOriginSafety(store.options)
-
-  let action = 'noop'
-  if (store.options.originBootstrapLoading) {
-    disableModuleServices(store, 'reconcileOriginSafety:loading')
-    action = 'disable:loading'
-  } else if (store.options.originBlocked && !wasBlocked) {
-    disableModuleServices(store, 'reconcileOriginSafety:blocked')
-    action = 'disable:blocked'
-  } else if (!store.options.originBlocked && (wasBlocked || wasLoading)) {
-    enableModuleApi(store)
-    action = 'enable'
-  }
-
-  apphubDebug('origin', 'reconcileOriginSafety', {
-    wasLoading,
-    wasBlocked,
-    action,
-    ...describeStore(store),
-  })
-}
-
-function disableModuleServices(store, reason = 'unknown') {
-  store.facade.setImpl(null)
-  store.coreApi = null
-  apphubDebug('api', 'disableModuleServices', { reason, ...describeStore(store) })
-}
-
-/** Window manager + app store — required even when origin is blocked (AppHubDesktop setup). */
-function ensureModuleInfrastructure(vueApp, store) {
-  ensureZoneContext(vueApp, store)
-  ensureModuleState(vueApp, store)
-}
-
-function enableModuleApi(store) {
-  syncApi(store)
-  syncZoneContext(store)
-  apphubDebug('api', 'enableModuleApi', describeStore(store))
-}
-
-function enableModuleServices(vueApp, store) {
-  ensureModuleInfrastructure(vueApp, store)
-  enableModuleApi(store)
-}
-
-function buildCredentials(options = {}) {
-  return {
-    coreUrl: options.coreUrl || '',
-    backendUrl: options.backendUrl || '',
-    token: options.token || '',
-    hostAccessSecret: options.hostAccessSecret || '',
-  }
-}
-
-function createApiFacade() {
-  let impl = null
-  return {
-    setImpl(next) {
-      impl = next
-    },
-    hasImpl() {
-      return impl != null
-    },
-    bootstrap: (...args) => impl?.bootstrap?.(...args),
-    apps: (...args) => impl?.apps?.(...args),
-    launch: (...args) => impl?.launch?.(...args),
-    ping: (...args) => impl?.ping?.(...args),
-    verifyLaunchToken: (...args) => impl?.verifyLaunchToken?.(...args),
-    usage: (...args) => impl?.usage?.(...args),
-    devApps: (...args) => impl?.devApps?.(...args),
-    devInspectBundle: (...args) => impl?.devInspectBundle?.(...args),
-    devDisableApp: (...args) => impl?.devDisableApp?.(...args),
-    devSetAppStatus: (...args) => impl?.devSetAppStatus?.(...args),
-    registerApp: (...args) => impl?.registerApp?.(...args),
-    appVersions: (...args) => impl?.appVersions?.(...args),
-    integrationDocs: (...args) => impl?.integrationDocs?.(...args),
-    integrationDocsInternal: (...args) => impl?.integrationDocsInternal?.(...args),
-    grantBridgeScope: (...args) => impl?.grantBridgeScope?.(...args),
-    bridgeUser: (...args) => impl?.bridgeUser?.(...args),
-    bridgeDesktopMessage: (...args) => impl?.bridgeDesktopMessage?.(...args),
-  }
-}
-
-function credentialsUnchanged(prev, next) {
-  return prev.backendUrl === next.backendUrl
-    && prev.token === next.token
-    && prev.coreUrl === next.coreUrl
-    && prev.hostAccessSecret === next.hostAccessSecret
-}
-
-function applyModuleOptions(store, options = {}) {
-  const prevCredentials = { ...store.credentials }
-  const nextCredentials = buildCredentials(options)
-  Object.assign(store.credentials, nextCredentials)
-  const credsUnchanged = credentialsUnchanged(prevCredentials, nextCredentials)
-
-  const nextPublic = buildPublicOptions({ ...options, token: options.token ?? store.credentials.token })
-  Object.assign(store.options, {
-    language: nextPublic.language,
-    theme: nextPublic.theme,
-    themeToggle: nextPublic.themeToggle,
-    openAppStoreOnMount: nextPublic.openAppStoreOnMount,
-    allowedRuntimeOrigins: nextPublic.allowedRuntimeOrigins,
-    coreUrl: nextPublic.coreUrl,
-    backendUrl: nextPublic.backendUrl,
-    hasToken: nextPublic.hasToken,
-    allowSameOriginEmbed: nextPublic.allowSameOriginEmbed,
-    allowUnsafeOrigin: nextPublic.allowUnsafeOrigin,
-    hubOrigin: nextPublic.hubOrigin,
-    runtimePublicUrl: nextPublic.runtimePublicUrl,
-    enforceDedicatedHubOrigin: nextPublic.enforceDedicatedHubOrigin,
-    enforceIsolatedHostedRuntime: nextPublic.enforceIsolatedHostedRuntime,
-    allowSameOriginHostedRuntime: nextPublic.allowSameOriginHostedRuntime,
-    hostedSandboxSameOrigin: nextPublic.hostedSandboxSameOrigin,
-    enforceDevFriendlyOrigins: nextPublic.enforceDevFriendlyOrigins,
-  })
-  applyOriginSafety(store.options, options)
-  const branch = !store.credentials.backendUrl || !store.credentials.token
-    ? 'no-credentials'
-    : (credsUnchanged ? 'creds-unchanged' : 'start-bootstrap')
-  apphubDebug('install', 'applyModuleOptions', {
-    branch,
-    credsUnchanged,
-    ...describeStore(store),
-  })
-  if (store.credentials.backendUrl && store.credentials.token) {
-    if (credsUnchanged) {
-      reconcileOriginSafety(store)
-    } else {
-      void startBootstrapSession(store)
-    }
-  } else {
-    reconcileOriginSafety(store)
-  }
-}
-
-function syncApi(store) {
-  const { credentials, facade, zoneContext } = store
-  const api = credentials.backendUrl && credentials.token
-    ? createAppHubApi(credentials.backendUrl, credentials.token, {
-        hostAccessSecret: credentials.hostAccessSecret,
-        getZoneHeaderId: () => zoneContext?.getZoneHeaderId?.() ?? null,
-      })
-    : null
-  facade.setImpl(api)
-  apphubDebug('api', 'syncApi', {
-    implSet: api != null,
-    ...describeStore(store),
-  })
-}
-
-function syncCoreApi(store) {
-  const { credentials } = store
-  store.coreApi = credentials.coreUrl && credentials.token
-    ? createCoreApi(credentials.coreUrl, credentials.token)
-    : null
-}
-
-function ensureZoneContext(app, store) {
-  if (store.zoneContext) return
-  store.zoneContext = createZoneContextState(
-    () => store.coreApi,
-    () => store.facade,
-    {
-      ensureBootstrapSession: () => fetchBootstrapSession(store),
-    },
-  )
-  app.provide(APPHUB_ZONE_CONTEXT_KEY, store.zoneContext)
-}
-
-function syncZoneContext(store) {
-  syncCoreApi(store)
-  if (store.zoneContext) {
-    store.zoneContext.refresh({ skipBootstrap: true })
-  }
-}
-
-function ensureModuleState(app, store) {
-  if (store.windowManager && store.appStore) {
-    return
-  }
-
-  store.windowManager = createWindowManagerState()
-  store.appStore = createAppStoreState()
-  provideWindowManager(app, store.windowManager)
-  provideAppStore(app, store.appStore)
-}
-
-/**
- * Install App Hub — Windows desktop shell + modular apps (App Store default).
- * Returns host API facade — keep in host app code, not publisher apps.
- */
-export function installAppHubModule(vueApp, options = {}) {
-  let store = getAppHubStore(vueApp)
-
-  if (store) {
-    vueApp.provide('apphubHostApp', vueApp)
-    vueApp.provide(APPHUB_MODULE_STORE_KEY, store)
-    apphubDebug('install', 'installAppHubModule re-install', {
-      appUid: vueApp._uid ?? null,
-      hasToken: !!(options.token),
-      theme: options.theme,
-      language: options.language,
-    })
-    applyModuleOptions(store, options)
-    ensureModuleInfrastructure(vueApp, store)
-    reconcileOriginSafety(store)
-    return store.facade
-  }
-
-  apphubDebug('install', 'installAppHubModule first install', {
-    appUid: vueApp._uid ?? null,
-    hasToken: !!(options.token),
-    backendUrl: options.backendUrl ? '(set)' : '(empty)',
-  })
-
-  const facade = createApiFacade()
-  const moduleOptions = reactive(buildPublicOptions(options))
-  applyOriginSafety(moduleOptions, options)
-  const credentials = buildCredentials(options)
-
-  store = {
-    app: vueApp,
-    facade,
-    options: moduleOptions,
-    credentials,
-    coreApi: null,
-    zoneContext: null,
-    windowManager: null,
-    appStore: null,
-  }
-  registerAppHubStore(vueApp, store)
-
-  vueApp.provide('apphubOptions', moduleOptions)
-  vueApp.provide('apphubHostApp', vueApp)
-  vueApp.provide(APPHUB_MODULE_STORE_KEY, store)
-  vueApp.component('AppHubDesktop', AppHubDesktop)
-  vueApp.component('AppHubRunner', AppHubRunner)
-
-  ensureModuleInfrastructure(vueApp, store)
-  void startBootstrapSession(store)
-
-  return facade
-}
-
-/** Whether installAppHubModule has been called for this Vue app instance. */
-export function isAppHubModuleInstalled(vueApp) {
-  return vueApp != null && getAppHubStore(vueApp) != null
-}
-
-export { useAppHubHostApi, useAppHubModuleStore } from './composables/useAppHubHostApi.js'
-export { useAppHubZoneContext } from './composables/useAppHubZoneContext.js'
-export { createAppHubApi } from './api/index.js'
-export { createCoreApi } from './api/coreApi.js'
-export { AppHubDesktop } from './modules/desktop/index.js'
-export {
-  createDesktopNotificationsState,
-  useDesktopNotifications,
-  AppHubDesktopNotifications,
-  parseApiError,
-} from './modules/notifications/index.js'
-export { AppHubRunner } from './modules/runner/index.js'
-export { resolveLang } from './i18n/resolveLang.js'
-export { resolveTheme, normalizeTheme, isThemeLocked } from './i18n/resolveTheme.js'
-export { t } from './i18n/index.js'
-export {
-  evaluateOriginSafety,
-  isEmbeddedFrame,
-  isLocalDevOrigin,
-  parseOriginsFromBootstrap,
-  resolveEffectiveOrigins,
-  ORIGIN_UNSAFE_SAME_ORIGIN_EMBED,
-  ORIGIN_UNSAFE_NOT_CONFIGURED,
-  ORIGIN_UNSAFE_WRONG_ORIGIN,
-  ORIGIN_UNSAFE_RUNTIME_NOT_CONFIGURED,
-  ORIGIN_UNSAFE_RUNTIME_SAME_ORIGIN,
-  resolveRuntimeApiBase,
-} from './utils/originSafety.js'
-
-/** True when installAppHubModule blocked due to unsafe same-origin embed. */
-export function isAppHubOriginBlocked(vueApp) {
-  const store = getAppHubStore(vueApp)
-  return store?.options?.originBlocked === true
-}
-export * from './modules/app-store/index.js'
-export * from './modules/window-manager/index.js'
-export * from './modules/runner/index.js'
+import './modules/desktop/styles/desktop.css'
+import './modules/desktop/styles/theme.css'
+import { reactive } from 'vue'
+import { createAppHubApi } from './api/index.js'
+import { createCoreApi } from './api/coreApi.js'
+import { createZoneContextState } from './composables/createZoneContext.js'
+import { APPHUB_ZONE_CONTEXT_KEY } from './composables/useAppHubZoneContext.js'
+import { createAppStoreState, provideAppStore } from './modules/app-store/index.js'
+import { AppHubDesktop } from './modules/desktop/index.js'
+import { AppHubRunner } from './modules/runner/index.js'
+import { getAppHubStore, registerAppHubStore, APPHUB_MODULE_STORE_KEY } from './moduleStore.js'
+import {
+  createWindowManagerState,
+  provideWindowManager,
+} from './modules/window-manager/index.js'
+import {
+  evaluateOriginSafety,
+  parseDevUserFromBootstrap,
+  parseOriginsFromBootstrap,
+} from './utils/originSafety.js'
+import { loadDevFriendlyOriginsPreference } from './utils/devOriginSettings.js'
+import {
+  bootstrapResponseFromCache,
+  loadBootstrapCache,
+  saveBootstrapCache,
+} from './utils/bootstrapCache.js'
+
+const bootstrapInflight = new WeakMap()
+
+function buildPublicOptions(options = {}) {
+  const origins = Array.isArray(options.allowedRuntimeOrigins)
+    ? options.allowedRuntimeOrigins.filter((o) => typeof o === 'string')
+    : []
+
+  return {
+    language: options.language || 'vi',
+    theme: options.theme ?? 'auto',
+    themeToggle: options.themeToggle,
+    openAppStoreOnMount: options.openAppStoreOnMount !== false,
+    allowedRuntimeOrigins: origins,
+    coreUrl: options.coreUrl || '',
+    backendUrl: (options.backendUrl || '').replace(/\/$/, ''),
+    hasToken: !!(options.token),
+    allowSameOriginEmbed: options.allowSameOriginEmbed === true,
+    allowUnsafeOrigin: options.allowUnsafeOrigin === true,
+    hubOrigin: typeof options.hubOrigin === 'string' ? options.hubOrigin.trim() : '',
+    runtimePublicUrl: typeof options.runtimePublicUrl === 'string' ? options.runtimePublicUrl.trim() : '',
+    enforceDedicatedHubOrigin: options.enforceDedicatedHubOrigin !== false,
+    enforceIsolatedHostedRuntime: options.enforceIsolatedHostedRuntime !== false,
+    allowSameOriginHostedRuntime: options.allowSameOriginHostedRuntime === true,
+    hostedSandboxSameOrigin: options.hostedSandboxSameOrigin === true,
+    enforceDevFriendlyOrigins: typeof options.enforceDevFriendlyOrigins === 'boolean'
+      ? options.enforceDevFriendlyOrigins
+      : true,
+    isDevUser: options.isDevUser === true,
+    serverHubPublicUrl: typeof options.serverHubPublicUrl === 'string' ? options.serverHubPublicUrl.trim() : '',
+    serverFrontendOrigin: typeof options.serverFrontendOrigin === 'string' ? options.serverFrontendOrigin.trim() : '',
+    serverRuntimePublicUrl: typeof options.serverRuntimePublicUrl === 'string' ? options.serverRuntimePublicUrl.trim() : '',
+    serverOriginsAuto: options.serverOriginsAuto === true,
+    serverOriginsResolved: options.serverOriginsResolved === true,
+    originBootstrapLoading: options.originBootstrapLoading === true,
+    originBlocked: false,
+    originCheckPending: false,
+    originBlockReason: null,
+    originBlockParentOrigin: null,
+    originBlockExpectedHubOrigin: null,
+    originBlockExpectedRuntimeOrigin: null,
+  }
+}
+
+/** @param {Record<string, unknown>} target */
+function applyOriginSafety(target, sourceOptions = {}) {
+  const check = evaluateOriginSafety({ ...target, ...sourceOptions })
+  target.originBootstrapLoading = check.loading === true
+  target.originCheckPending = check.pending === true
+  target.originBlocked = !check.safe && check.loading !== true
+  target.originBlockReason = check.reason
+  target.originBlockParentOrigin = check.parentOrigin
+  target.originBlockExpectedHubOrigin = check.expectedHubOrigin
+  target.originBlockExpectedRuntimeOrigin = check.expectedRuntimeOrigin
+  return check
+}
+
+function parseUserFromBootstrap(resp) {
+  const data = resp?.data?.data ?? resp?.data ?? {}
+  const user = data.user
+  if (!user || user.id == null) return null
+  return {
+    id: user.id,
+    name: user.name ?? String(user.id),
+  }
+}
+
+function applyBootstrapOrigins(store, bootstrapResponse, { fromCache = false } = {}) {
+  const {
+    hubPublicUrl,
+    frontendOrigin,
+    runtimePublicUrl,
+    originsAuto,
+  } = parseOriginsFromBootstrap(bootstrapResponse)
+
+  store.options.isDevUser = parseDevUserFromBootstrap(bootstrapResponse)
+  store.options.serverOriginsAuto = originsAuto
+
+  if (!store.options.isDevUser) {
+    store.options.enforceDevFriendlyOrigins = true
+  } else {
+    store.options.enforceDevFriendlyOrigins = loadDevFriendlyOriginsPreference()
+  }
+
+  if (hubPublicUrl) {
+    store.options.serverHubPublicUrl = hubPublicUrl
+  }
+  if (frontendOrigin) {
+    store.options.serverFrontendOrigin = frontendOrigin
+  }
+  if (runtimePublicUrl) {
+    store.options.serverRuntimePublicUrl = runtimePublicUrl
+    if (!store.options.runtimePublicUrl) store.options.runtimePublicUrl = runtimePublicUrl
+  }
+
+  store.options.serverOriginsResolved = true
+
+  if (!fromCache) {
+    saveBootstrapCache(store.credentials.backendUrl, bootstrapResponse)
+  }
+
+  const user = parseUserFromBootstrap(bootstrapResponse)
+  if (user && store.zoneContext?.state) {
+    store.zoneContext.state.user.id = user.id
+    store.zoneContext.state.user.name = user.name
+  }
+
+  // Reconcile while originBootstrapLoading may still be true so enableModuleApi runs
+  // after disableModuleServices (wasLoading must be captured before clearing the flag).
+  reconcileOriginSafety(store)
+  store.options.originBootstrapLoading = false
+  applyOriginSafety(store.options)
+}
+
+function applyCachedBootstrapIfAny(store) {
+  const cached = loadBootstrapCache(store.credentials.backendUrl)
+  if (!cached) return false
+  applyBootstrapOrigins(store, bootstrapResponseFromCache(cached), { fromCache: true })
+  return true
+}
+
+async function fetchBootstrapSession(store) {
+  let promise = bootstrapInflight.get(store)
+  if (promise) return promise
+
+  promise = (async () => {
+    syncApi(store)
+    if (!store.facade?.bootstrap) return
+
+    const res = await store.facade.bootstrap()
+    if (res) applyBootstrapOrigins(store, res)
+  })().catch(() => {
+    store.options.originBootstrapLoading = false
+    if (!store.options.serverOriginsResolved) {
+      reconcileOriginSafety(store)
+    }
+  }).finally(() => {
+    bootstrapInflight.delete(store)
+  })
+
+  bootstrapInflight.set(store, promise)
+  return promise
+}
+
+function startBootstrapSession(store) {
+  const { backendUrl, token } = store.credentials
+  if (!backendUrl || !token) {
+    store.options.originBootstrapLoading = false
+    reconcileOriginSafety(store)
+    return Promise.resolve()
+  }
+
+  syncApi(store)
+  applyOriginSafety(store.options)
+
+  const hadCache = applyCachedBootstrapIfAny(store)
+  if (!hadCache && !store.options.originBlocked) {
+    store.options.originBootstrapLoading = true
+    store.options.originBlocked = false
+    applyOriginSafety(store.options)
+    disableModuleServices(store)
+  }
+
+  return fetchBootstrapSession(store)
+}
+
+function reconcileOriginSafety(store) {
+  const wasBlocked = store.options.originBlocked === true
+  const wasLoading = store.options.originBootstrapLoading === true
+  applyOriginSafety(store.options)
+
+  if (store.options.originBootstrapLoading) {
+    disableModuleServices(store)
+    return
+  }
+
+  if (store.options.originBlocked && !wasBlocked) {
+    disableModuleServices(store)
+  } else if (!store.options.originBlocked && (wasBlocked || wasLoading)) {
+    enableModuleApi(store)
+  }
+}
+
+function disableModuleServices(store) {
+  store.facade.setImpl(null)
+  store.coreApi = null
+}
+
+/** Window manager + app store — required even when origin is blocked (AppHubDesktop setup). */
+function ensureModuleInfrastructure(vueApp, store) {
+  ensureZoneContext(vueApp, store)
+  ensureModuleState(vueApp, store)
+}
+
+function enableModuleApi(store) {
+  syncApi(store)
+  syncZoneContext(store)
+}
+
+function enableModuleServices(vueApp, store) {
+  ensureModuleInfrastructure(vueApp, store)
+  enableModuleApi(store)
+}
+
+function buildCredentials(options = {}) {
+  return {
+    coreUrl: options.coreUrl || '',
+    backendUrl: options.backendUrl || '',
+    token: options.token || '',
+    hostAccessSecret: options.hostAccessSecret || '',
+  }
+}
+
+function createApiFacade() {
+  let impl = null
+  return {
+    setImpl(next) {
+      impl = next
+    },
+    hasImpl() {
+      return impl != null
+    },
+    bootstrap: (...args) => impl?.bootstrap?.(...args),
+    apps: (...args) => impl?.apps?.(...args),
+    launch: (...args) => impl?.launch?.(...args),
+    ping: (...args) => impl?.ping?.(...args),
+    verifyLaunchToken: (...args) => impl?.verifyLaunchToken?.(...args),
+    usage: (...args) => impl?.usage?.(...args),
+    devApps: (...args) => impl?.devApps?.(...args),
+    devInspectBundle: (...args) => impl?.devInspectBundle?.(...args),
+    devDisableApp: (...args) => impl?.devDisableApp?.(...args),
+    devSetAppStatus: (...args) => impl?.devSetAppStatus?.(...args),
+    registerApp: (...args) => impl?.registerApp?.(...args),
+    appVersions: (...args) => impl?.appVersions?.(...args),
+    integrationDocs: (...args) => impl?.integrationDocs?.(...args),
+    integrationDocsInternal: (...args) => impl?.integrationDocsInternal?.(...args),
+    grantBridgeScope: (...args) => impl?.grantBridgeScope?.(...args),
+    bridgeUser: (...args) => impl?.bridgeUser?.(...args),
+    bridgeDesktopMessage: (...args) => impl?.bridgeDesktopMessage?.(...args),
+  }
+}
+
+function credentialsUnchanged(prev, next) {
+  return prev.backendUrl === next.backendUrl
+    && prev.token === next.token
+    && prev.coreUrl === next.coreUrl
+    && prev.hostAccessSecret === next.hostAccessSecret
+}
+
+function applyModuleOptions(store, options = {}) {
+  const prevCredentials = { ...store.credentials }
+  const nextCredentials = buildCredentials(options)
+  Object.assign(store.credentials, nextCredentials)
+  const credsUnchanged = credentialsUnchanged(prevCredentials, nextCredentials)
+
+  const nextPublic = buildPublicOptions({ ...options, token: options.token ?? store.credentials.token })
+  Object.assign(store.options, {
+    language: nextPublic.language,
+    theme: nextPublic.theme,
+    themeToggle: nextPublic.themeToggle,
+    openAppStoreOnMount: nextPublic.openAppStoreOnMount,
+    allowedRuntimeOrigins: nextPublic.allowedRuntimeOrigins,
+    coreUrl: nextPublic.coreUrl,
+    backendUrl: nextPublic.backendUrl,
+    hasToken: nextPublic.hasToken,
+    allowSameOriginEmbed: nextPublic.allowSameOriginEmbed,
+    allowUnsafeOrigin: nextPublic.allowUnsafeOrigin,
+    hubOrigin: nextPublic.hubOrigin,
+    runtimePublicUrl: nextPublic.runtimePublicUrl,
+    enforceDedicatedHubOrigin: nextPublic.enforceDedicatedHubOrigin,
+    enforceIsolatedHostedRuntime: nextPublic.enforceIsolatedHostedRuntime,
+    allowSameOriginHostedRuntime: nextPublic.allowSameOriginHostedRuntime,
+    hostedSandboxSameOrigin: nextPublic.hostedSandboxSameOrigin,
+    enforceDevFriendlyOrigins: nextPublic.enforceDevFriendlyOrigins,
+  })
+  applyOriginSafety(store.options, options)
+  if (store.credentials.backendUrl && store.credentials.token) {
+    if (credsUnchanged) {
+      reconcileOriginSafety(store)
+    } else {
+      void startBootstrapSession(store)
+    }
+  } else {
+    reconcileOriginSafety(store)
+  }
+}
+
+function syncApi(store) {
+  const { credentials, facade, zoneContext } = store
+  const api = credentials.backendUrl && credentials.token
+    ? createAppHubApi(credentials.backendUrl, credentials.token, {
+        hostAccessSecret: credentials.hostAccessSecret,
+        getZoneHeaderId: () => zoneContext?.getZoneHeaderId?.() ?? null,
+      })
+    : null
+  facade.setImpl(api)
+}
+
+function syncCoreApi(store) {
+  const { credentials } = store
+  store.coreApi = credentials.coreUrl && credentials.token
+    ? createCoreApi(credentials.coreUrl, credentials.token)
+    : null
+}
+
+function ensureZoneContext(app, store) {
+  if (store.zoneContext) return
+  store.zoneContext = createZoneContextState(
+    () => store.coreApi,
+    () => store.facade,
+    {
+      ensureBootstrapSession: () => fetchBootstrapSession(store),
+    },
+  )
+  app.provide(APPHUB_ZONE_CONTEXT_KEY, store.zoneContext)
+}
+
+function syncZoneContext(store) {
+  syncCoreApi(store)
+  if (store.zoneContext) {
+    store.zoneContext.refresh({ skipBootstrap: true })
+  }
+}
+
+function ensureModuleState(app, store) {
+  if (store.windowManager && store.appStore) {
+    return
+  }
+
+  store.windowManager = createWindowManagerState()
+  store.appStore = createAppStoreState()
+  provideWindowManager(app, store.windowManager)
+  provideAppStore(app, store.appStore)
+}
+
+/**
+ * Install App Hub — Windows desktop shell + modular apps (App Store default).
+ * Returns host API facade — keep in host app code, not publisher apps.
+ */
+export function installAppHubModule(vueApp, options = {}) {
+  let store = getAppHubStore(vueApp)
+
+  if (store) {
+    vueApp.provide('apphubHostApp', vueApp)
+    vueApp.provide(APPHUB_MODULE_STORE_KEY, store)
+    applyModuleOptions(store, options)
+    ensureModuleInfrastructure(vueApp, store)
+    reconcileOriginSafety(store)
+    return store.facade
+  }
+
+  const facade = createApiFacade()
+  const moduleOptions = reactive(buildPublicOptions(options))
+  applyOriginSafety(moduleOptions, options)
+  const credentials = buildCredentials(options)
+
+  store = {
+    app: vueApp,
+    facade,
+    options: moduleOptions,
+    credentials,
+    coreApi: null,
+    zoneContext: null,
+    windowManager: null,
+    appStore: null,
+  }
+  registerAppHubStore(vueApp, store)
+
+  vueApp.provide('apphubOptions', moduleOptions)
+  vueApp.provide('apphubHostApp', vueApp)
+  vueApp.provide(APPHUB_MODULE_STORE_KEY, store)
+  vueApp.component('AppHubDesktop', AppHubDesktop)
+  vueApp.component('AppHubRunner', AppHubRunner)
+
+  ensureModuleInfrastructure(vueApp, store)
+  void startBootstrapSession(store)
+
+  return facade
+}
+
+/** Whether installAppHubModule has been called for this Vue app instance. */
+export function isAppHubModuleInstalled(vueApp) {
+  return vueApp != null && getAppHubStore(vueApp) != null
+}
+
+export { useAppHubHostApi, useAppHubModuleStore } from './composables/useAppHubHostApi.js'
+export { useAppHubZoneContext } from './composables/useAppHubZoneContext.js'
+export { createAppHubApi } from './api/index.js'
+export { createCoreApi } from './api/coreApi.js'
+export { AppHubDesktop } from './modules/desktop/index.js'
+export {
+  createDesktopNotificationsState,
+  useDesktopNotifications,
+  AppHubDesktopNotifications,
+  parseApiError,
+} from './modules/notifications/index.js'
+export { AppHubRunner } from './modules/runner/index.js'
+export { resolveLang } from './i18n/resolveLang.js'
+export { resolveTheme, normalizeTheme, isThemeLocked } from './i18n/resolveTheme.js'
+export { t } from './i18n/index.js'
+export {
+  evaluateOriginSafety,
+  isEmbeddedFrame,
+  isLocalDevOrigin,
+  parseOriginsFromBootstrap,
+  resolveEffectiveOrigins,
+  ORIGIN_UNSAFE_SAME_ORIGIN_EMBED,
+  ORIGIN_UNSAFE_NOT_CONFIGURED,
+  ORIGIN_UNSAFE_WRONG_ORIGIN,
+  ORIGIN_UNSAFE_RUNTIME_NOT_CONFIGURED,
+  ORIGIN_UNSAFE_RUNTIME_SAME_ORIGIN,
+  resolveRuntimeApiBase,
+} from './utils/originSafety.js'
+
+/** True when installAppHubModule blocked due to unsafe same-origin embed. */
+export function isAppHubOriginBlocked(vueApp) {
+  const store = getAppHubStore(vueApp)
+  return store?.options?.originBlocked === true
+}
+export * from './modules/app-store/index.js'
+export * from './modules/window-manager/index.js'
+export * from './modules/runner/index.js'
+

package/src/modules/app-store/components/AppHubAppStoreApp.vue

@@ -109,7 +109,6 @@ import { resolveLang } from '../../../i18n/resolveLang.js'
 import { CATALOG_MODE_STORE } from '../constants/catalogModes.js'
 import { useCatalogInfiniteScroll } from '../composables/useCatalogInfiniteScroll.js'
 import { useAppStore } from '../composables/useAppStore.js'
-import { apphubDebug, describeHostApi } from '../../../utils/apphubDebug.js'
 import AppHubAppStoreCard from './AppHubAppStoreCard.vue'
 import AppHubAppStoreSettingsPanel from './AppHubAppStoreSettingsPanel.vue'
 
@@ -160,20 +159,8 @@ function hostApiOptions() {
   }
 }
 
-async function reloadCatalog(source = 'manual') {
-  const api = hostApi
-  const opts = hostApiOptions()
-  apphubDebug('app-store', 'reloadCatalog', {
-    source,
-    storeFromInject: !!hubStore,
-    ...describeHostApi(api),
-    backendReady: opts.backendReady,
-    originBootstrapLoading: moduleOptions?.originBootstrapLoading,
-    originBlocked: moduleOptions?.originBlocked,
-    catalogLoaded: catalog.loaded,
-    catalogError: catalog.error,
-  })
-  await appStore.loadCatalog(api, opts)
+async function reloadCatalog() {
+  await appStore.loadCatalog(hostApi, hostApiOptions())
 }
 
 async function loadMore() {
@@ -204,28 +191,21 @@ async function onUninstall(app) {
 }
 
 onMounted(() => {
-  if (!catalog.loaded) reloadCatalog('onMounted')
+  if (!catalog.loaded) reloadCatalog()
 })
 
 watch(
   () => moduleOptions?.hasToken,
   (hasToken) => {
-    if (hasToken && !catalog.loaded) reloadCatalog('watch:hasToken')
+    if (hasToken && !catalog.loaded) reloadCatalog()
   },
 )
 
 watch(
   () => moduleOptions?.originBootstrapLoading,
   (loading, wasLoading) => {
-    apphubDebug('app-store', 'watch originBootstrapLoading', {
-      loading,
-      wasLoading,
-      originBlocked: moduleOptions?.originBlocked,
-      catalogLoaded: catalog.loaded,
-      catalogError: catalog.error,
-    })
     if (wasLoading && !loading && !moduleOptions?.originBlocked) {
-      if (!catalog.loaded || catalog.error === 'no_api') reloadCatalog('watch:bootstrap-done')
+      if (!catalog.loaded || catalog.error === 'no_api') reloadCatalog()
     }
   },
 )
@@ -233,7 +213,7 @@ watch(
 watch(
   () => [zone?.state?.selectedZoneId, zone?.state?.viewAllZones],
   () => {
-    if (moduleOptions?.hasToken) reloadCatalog('watch:zone')
+    if (moduleOptions?.hasToken) reloadCatalog()
   },
 )
 </script>

package/src/modules/app-store/composables/useAppStore.js

@@ -1,7 +1,6 @@
 import { computed, inject, reactive } from 'vue'
 import { CATALOG_MODE_DRAFT, CATALOG_MODE_STORE } from '../constants/catalogModes.js'
 import { normalizeCatalogList } from '../utils/normalizeCatalogApp.js'
-import { apphubDebug, describeHostApi } from '../../../utils/apphubDebug.js'
 
 const APP_STORE_KEY = 'apphubAppStore'
 
@@ -109,20 +108,7 @@ export function createAppStoreState(options = {}) {
     const append = options.append === true
     const backendReady = options.backendReady !== false
 
-    apphubDebug('catalog', 'loadCatalog called', {
-      mode,
-      append,
-      backendReady,
-      ...describeHostApi(hostApi),
-    })
-
     if (!backendReady || !hostApiReady(hostApi)) {
-      apphubDebug('catalog', 'loadCatalog → no_api (not ready)', {
-        mode,
-        append,
-        backendReady,
-        ...describeHostApi(hostApi),
-      })
       if (!append) {
         bucket.items = []
         bucket.error = 'no_api'
@@ -151,16 +137,8 @@ export function createAppStoreState(options = {}) {
       }
 
       const res = await hostApi.apps(params)
-      apphubDebug('catalog', 'loadCatalog apps() response', {
-        mode,
-        append,
-        ...describeHostApi(hostApi),
-        resUndefined: res === undefined,
-        resNull: res === null,
-      })
       if (res === undefined || res === null) {
         if (!append) {
-          apphubDebug('catalog', 'loadCatalog → no_api (undefined response)', { mode })
           bucket.items = []
           bucket.error = 'no_api'
           bucket.loaded = false

package/src/utils/apphubDebug.js

@@ -1,47 +0,0 @@
-/** Temporary diagnostics — filter console with `[apphub:debug]`. Disable: localStorage.setItem('apphub:debug','0') */
-export function isAppHubDebugEnabled() {
-  try {
-    if (typeof localStorage !== 'undefined' && localStorage.getItem('apphub:debug') === '0') {
-      return false
-    }
-    if (typeof window !== 'undefined' && window.__APPHUB_DEBUG__ === false) {
-      return false
-    }
-  } catch {
-    /* ignore */
-  }
-  return true
-}
-
-export function apphubDebug(scope, message, data) {
-  if (!isAppHubDebugEnabled()) return
-  const payload = data !== undefined ? { ts: Date.now(), ...data } : { ts: Date.now() }
-  console.info(`[apphub:debug] ${scope}: ${message}`, payload)
-}
-
-export function describeHostApi(hostApi) {
-  if (!hostApi) return { hostApi: null }
-  return {
-    hasImpl: typeof hostApi.hasImpl === 'function' ? hostApi.hasImpl() : null,
-    hasAppsFn: typeof hostApi.apps === 'function',
-  }
-}
-
-export function describeStore(store) {
-  if (!store) return { store: null }
-  return {
-    hasImpl: store.facade?.hasImpl?.() ?? null,
-    originBootstrapLoading: store.options?.originBootstrapLoading ?? null,
-    originBlocked: store.options?.originBlocked ?? null,
-    originBlockReason: store.options?.originBlockReason ?? null,
-    hasToken: store.options?.hasToken ?? null,
-    backendUrl: store.credentials?.backendUrl ? '(set)' : '(empty)',
-    token: store.credentials?.token ? `(len ${store.credentials.token.length})` : '(empty)',
-    serverOriginsResolved: store.options?.serverOriginsResolved ?? null,
-  }
-}
-
-export function describeApp(app) {
-  if (!app) return { app: null }
-  return { appUid: app._uid ?? null }
-}