@oxyhq/services 5.24.0 → 5.25.0

package/lib/commonjs/web/WebOxyContext.js

@@ -14,12 +14,13 @@ var _jsxRuntime = require("react/jsx-runtime");
 /**
  * Web-Only Oxy Context
  * Clean implementation with ZERO React Native dependencies
+ * Uses CrossDomainAuth for proper SSO flow
  */
 
 const WebOxyContext = /*#__PURE__*/(0, _react.createContext)(null);
 /**
  * Web-only Oxy Provider
- * Minimal, clean implementation for web apps
+ * Uses CrossDomainAuth for automatic SSO with FedCM/Popup/Redirect fallback
  */
 function WebOxyProvider({
   children,
@@ -31,21 +32,22 @@ function WebOxyProvider({
     baseURL,
     authWebUrl
   }));
+  const [crossDomainAuth] = (0, _react.useState)(() => (0, _index.createCrossDomainAuth)(oxyServices));
   const [user, setUser] = (0, _react.useState)(null);
   const [isLoading, setIsLoading] = (0, _react.useState)(true);
   const [error, setError] = (0, _react.useState)(null);
   const [queryClient] = (0, _react.useState)(() => (0, _queryClient.createQueryClient)());
   const isAuthenticated = !!user;
 
-  // Initialize - check for existing session
+  // Initialize - handle callbacks, restore session, try silent sign-in
   (0, _react.useEffect)(() => {
     let mounted = true;
     const initAuth = async () => {
       try {
-        // Try to get current user (will use existing auth token if available)
-        const currentUser = await oxyServices.getCurrentUser();
-        if (mounted && currentUser) {
-          setUser(currentUser);
+        // Complete initialization: handles callbacks, restores session, tries silent sign-in
+        const session = await crossDomainAuth.initialize();
+        if (mounted && session?.user) {
+          setUser(session.user);
         }
       } catch (err) {
         // No active session - this is fine
@@ -60,7 +62,7 @@ function WebOxyProvider({
     return () => {
       mounted = false;
     };
-  }, [oxyServices]);
+  }, [crossDomainAuth]);
 
   // Notify parent of auth state changes
   (0, _react.useEffect)(() => {
@@ -70,59 +72,30 @@ function WebOxyProvider({
     setError(null);
     setIsLoading(true);
     try {
-      // Open popup to auth.oxy.so
-      const popup = window.open(`${authWebUrl || 'https://auth.oxy.so'}/login?origin=${encodeURIComponent(window.location.origin)}`, 'oxy-auth', 'width=500,height=700,popup=yes');
-      if (!popup) {
-        throw new Error('Popup blocked. Please allow popups for this site.');
-      }
-
-      // Listen for message from popup
-      const handleMessage = async event => {
-        if (event.origin !== (authWebUrl || 'https://auth.oxy.so')) {
-          return;
-        }
-        if (event.data.type === 'oxy-auth-success') {
-          const {
-            accessToken,
-            user: authUser
-          } = event.data;
-
-          // Store the access token for API requests
-          if (typeof window !== 'undefined' && accessToken) {
-            localStorage.setItem('oxy-access-token', accessToken);
-          }
-          setUser(authUser);
-          setIsLoading(false);
-          window.removeEventListener('message', handleMessage);
-          popup.close();
-        } else if (event.data.type === 'oxy-auth-error') {
-          setError(event.data.error || 'Authentication failed');
-          setIsLoading(false);
-          window.removeEventListener('message', handleMessage);
-          popup.close();
+      // Sign in with automatic method selection (FedCM → Popup → Redirect)
+      const session = await crossDomainAuth.signIn({
+        method: 'auto',
+        // Automatic fallback
+        onMethodSelected: method => {
+          console.log('[WebOxy] Using auth method:', method);
         }
-      };
-      window.addEventListener('message', handleMessage);
-
-      // Check if popup was closed
-      const checkClosed = setInterval(() => {
-        if (popup.closed) {
-          clearInterval(checkClosed);
-          window.removeEventListener('message', handleMessage);
-          setIsLoading(false);
-        }
-      }, 500);
+      });
+      if (session?.user) {
+        setUser(session.user);
+      }
     } catch (err) {
       console.error('[WebOxy] Sign in error:', err);
       setError(err instanceof Error ? err.message : 'Sign in failed');
+    } finally {
       setIsLoading(false);
     }
-  }, [authWebUrl]);
+  }, [crossDomainAuth]);
   const signOut = (0, _react.useCallback)(async () => {
     setError(null);
     try {
-      // Clear stored token
+      // Clear stored session
       if (typeof window !== 'undefined') {
+        localStorage.removeItem('oxy-session');
         localStorage.removeItem('oxy-access-token');
       }
       setUser(null);

package/lib/commonjs/web/WebOxyContext.js.map

@@ -1 +1 @@
-{"version":3,"names":["_react","require","_index","_reactQuery","_queryClient","_jsxRuntime","WebOxyContext","createContext","WebOxyProvider","children","baseURL","authWebUrl","onAuthStateChange","oxyServices","useState","OxyServices","user","setUser","isLoading","setIsLoading","error","setError","queryClient","createQueryClient","isAuthenticated","useEffect","mounted","initAuth","currentUser","getCurrentUser","err","console","log","signIn","useCallback","popup","window","open","encodeURIComponent","location","origin","Error","handleMessage","event","data","type","accessToken","authUser","localStorage","setItem","removeEventListener","close","addEventListener","checkClosed","setInterval","closed","clearInterval","message","signOut","removeItem","contextValue","jsx","QueryClientProvider","client","Provider","value","useWebOxy","context","useContext","useAuth","isReady"],"sourceRoot":"../../../src","sources":["web/WebOxyContext.tsx"],"mappings":";;;;;;;;AAKA,IAAAA,MAAA,GAAAC,OAAA;AAQA,IAAAC,MAAA,GAAAD,OAAA;AAEA,IAAAE,WAAA,GAAAF,OAAA;AACA,IAAAG,YAAA,GAAAH,OAAA;AAA4D,IAAAI,WAAA,GAAAJ,OAAA;AAhB5D;AACA;AACA;AACA;;AA+BA,MAAMK,aAAa,gBAAG,IAAAC,oBAAa,EAA4B,IAAI,CAAC;AASpE;AACA;AACA;AACA;AACO,SAASC,cAAcA,CAAC;EAC7BC,QAAQ;EACRC,OAAO;EACPC,UAAU;EACVC;AACmB,CAAC,EAAE;EACtB,MAAM,CAACC,WAAW,CAAC,GAAG,IAAAC,eAAQ,EAAC,MAAM,IAAIC,kBAAW,CAAC;IAAEL,OAAO;IAAEC;EAAW,CAAC,CAAC,CAAC;EAC9E,MAAM,CAACK,IAAI,EAAEC,OAAO,CAAC,GAAG,IAAAH,eAAQ,EAAc,IAAI,CAAC;EACnD,MAAM,CAACI,SAAS,EAAEC,YAAY,CAAC,GAAG,IAAAL,eAAQ,EAAC,IAAI,CAAC;EAChD,MAAM,CAACM,KAAK,EAAEC,QAAQ,CAAC,GAAG,IAAAP,eAAQ,EAAgB,IAAI,CAAC;EACvD,MAAM,CAACQ,WAAW,CAAC,GAAG,IAAAR,eAAQ,EAAC,MAAM,IAAAS,8BAAiB,EAAC,CAAC,CAAC;EAEzD,MAAMC,eAAe,GAAG,CAAC,CAACR,IAAI;;EAE9B;EACA,IAAAS,gBAAS,EAAC,MAAM;IACd,IAAIC,OAAO,GAAG,IAAI;IAElB,MAAMC,QAAQ,GAAG,MAAAA,CAAA,KAAY;MAC3B,IAAI;QACF;QACA,MAAMC,WAAW,GAAG,MAAMf,WAAW,CAACgB,cAAc,CAAC,CAAC;QAEtD,IAAIH,OAAO,IAAIE,WAAW,EAAE;UAC1BX,OAAO,CAACW,WAAW,CAAC;QACtB;MACF,CAAC,CAAC,OAAOE,GAAG,EAAE;QACZ;QACAC,OAAO,CAACC,GAAG,CAAC,4BAA4B,CAAC;MAC3C,CAAC,SAAS;QACR,IAAIN,OAAO,EAAE;UACXP,YAAY,CAAC,KAAK,CAAC;QACrB;MACF;IACF,CAAC;IAEDQ,QAAQ,CAAC,CAAC;IAEV,OAAO,MAAM;MACXD,OAAO,GAAG,KAAK;IACjB,CAAC;EACH,CAAC,EAAE,CAACb,WAAW,CAAC,CAAC;;EAEjB;EACA,IAAAY,gBAAS,EAAC,MAAM;IACdb,iBAAiB,GAAGI,IAAI,CAAC;EAC3B,CAAC,EAAE,CAACA,IAAI,EAAEJ,iBAAiB,CAAC,CAAC;EAE7B,MAAMqB,MAAM,GAAG,IAAAC,kBAAW,EAAC,YAAY;IACrCb,QAAQ,CAAC,IAAI,CAAC;IACdF,YAAY,CAAC,IAAI,CAAC;IAElB,IAAI;MACF;MACA,MAAMgB,KAAK,GAAGC,MAAM,CAACC,IAAI,CACvB,GAAG1B,UAAU,IAAI,qBAAqB,iBAAiB2B,kBAAkB,CAACF,MAAM,CAACG,QAAQ,CAACC,MAAM,CAAC,EAAE,EACnG,UAAU,EACV,gCACF,CAAC;MAED,IAAI,CAACL,KAAK,EAAE;QACV,MAAM,IAAIM,KAAK,CAAC,mDAAmD,CAAC;MACtE;;MAEA;MACA,MAAMC,aAAa,GAAG,MAAOC,KAAmB,IAAK;QACnD,IAAIA,KAAK,CAACH,MAAM,MAAM7B,UAAU,IAAI,qBAAqB,CAAC,EAAE;UAC1D;QACF;QAEA,IAAIgC,KAAK,CAACC,IAAI,CAACC,IAAI,KAAK,kBAAkB,EAAE;UAC1C,MAAM;YAAEC,WAAW;YAAE9B,IAAI,EAAE+B;UAAS,CAAC,GAAGJ,KAAK,CAACC,IAAI;;UAElD;UACA,IAAI,OAAOR,MAAM,KAAK,WAAW,IAAIU,WAAW,EAAE;YAChDE,YAAY,CAACC,OAAO,CAAC,kBAAkB,EAAEH,WAAW,CAAC;UACvD;UAEA7B,OAAO,CAAC8B,QAAQ,CAAC;UACjB5B,YAAY,CAAC,KAAK,CAAC;UAEnBiB,MAAM,CAACc,mBAAmB,CAAC,SAAS,EAAER,aAAa,CAAC;UACpDP,KAAK,CAACgB,KAAK,CAAC,CAAC;QACf,CAAC,MAAM,IAAIR,KAAK,CAACC,IAAI,CAACC,IAAI,KAAK,gBAAgB,EAAE;UAC/CxB,QAAQ,CAACsB,KAAK,CAACC,IAAI,CAACxB,KAAK,IAAI,uBAAuB,CAAC;UACrDD,YAAY,CAAC,KAAK,CAAC;UACnBiB,MAAM,CAACc,mBAAmB,CAAC,SAAS,EAAER,aAAa,CAAC;UACpDP,KAAK,CAACgB,KAAK,CAAC,CAAC;QACf;MACF,CAAC;MAEDf,MAAM,CAACgB,gBAAgB,CAAC,SAAS,EAAEV,aAAa,CAAC;;MAEjD;MACA,MAAMW,WAAW,GAAGC,WAAW,CAAC,MAAM;QACpC,IAAInB,KAAK,CAACoB,MAAM,EAAE;UAChBC,aAAa,CAACH,WAAW,CAAC;UAC1BjB,MAAM,CAACc,mBAAmB,CAAC,SAAS,EAAER,aAAa,CAAC;UACpDvB,YAAY,CAAC,KAAK,CAAC;QACrB;MACF,CAAC,EAAE,GAAG,CAAC;IACT,CAAC,CAAC,OAAOW,GAAG,EAAE;MACZC,OAAO,CAACX,KAAK,CAAC,yBAAyB,EAAEU,GAAG,CAAC;MAC7CT,QAAQ,CAACS,GAAG,YAAYW,KAAK,GAAGX,GAAG,CAAC2B,OAAO,GAAG,gBAAgB,CAAC;MAC/DtC,YAAY,CAAC,KAAK,CAAC;IACrB;EACF,CAAC,EAAE,CAACR,UAAU,CAAC,CAAC;EAEhB,MAAM+C,OAAO,GAAG,IAAAxB,kBAAW,EAAC,YAAY;IACtCb,QAAQ,CAAC,IAAI,CAAC;IAEd,IAAI;MACF;MACA,IAAI,OAAOe,MAAM,KAAK,WAAW,EAAE;QACjCY,YAAY,CAACW,UAAU,CAAC,kBAAkB,CAAC;MAC7C;MAEA1C,OAAO,CAAC,IAAI,CAAC;IACf,CAAC,CAAC,OAAOa,GAAG,EAAE;MACZC,OAAO,CAACX,KAAK,CAAC,0BAA0B,EAAEU,GAAG,CAAC;MAC9CT,QAAQ,CAACS,GAAG,YAAYW,KAAK,GAAGX,GAAG,CAAC2B,OAAO,GAAG,iBAAiB,CAAC;IAClE;EACF,CAAC,EAAE,EAAE,CAAC;EAEN,MAAMG,YAAgC,GAAG;IACvC5C,IAAI;IACJQ,eAAe;IACfN,SAAS;IACTE,KAAK;IACLa,MAAM;IACNyB,OAAO;IACP7C;EACF,CAAC;EAED,oBACE,IAAAR,WAAA,CAAAwD,GAAA,EAAC1D,WAAA,CAAA2D,mBAAmB;IAACC,MAAM,EAAEzC,WAAY;IAAAb,QAAA,eACvC,IAAAJ,WAAA,CAAAwD,GAAA,EAACvD,aAAa,CAAC0D,QAAQ;MAACC,KAAK,EAAEL,YAAa;MAAAnD,QAAA,EACzCA;IAAQ,CACa;EAAC,CACN,CAAC;AAE1B;AAEO,SAASyD,SAASA,CAAA,EAAG;EAC1B,MAAMC,OAAO,GAAG,IAAAC,iBAAU,EAAC9D,aAAa,CAAC;EACzC,IAAI,CAAC6D,OAAO,EAAE;IACZ,MAAM,IAAI1B,KAAK,CAAC,8CAA8C,CAAC;EACjE;EACA,OAAO0B,OAAO;AAChB;AAEO,SAASE,OAAOA,CAAA,EAAG;EACxB,MAAM;IAAErD,IAAI;IAAEQ,eAAe;IAAEN,SAAS;IAAEE,KAAK;IAAEa,MAAM;IAAEyB,OAAO;IAAE7C;EAAY,CAAC,GAAGqD,SAAS,CAAC,CAAC;EAE7F,OAAO;IACLlD,IAAI;IACJQ,eAAe;IACfN,SAAS;IACToD,OAAO,EAAE,CAACpD,SAAS;IACnBE,KAAK;IACLa,MAAM;IACNyB,OAAO;IACP7C;EACF,CAAC;AACH","ignoreList":[]}
+{"version":3,"names":["_react","require","_index","_reactQuery","_queryClient","_jsxRuntime","WebOxyContext","createContext","WebOxyProvider","children","baseURL","authWebUrl","onAuthStateChange","oxyServices","useState","OxyServices","crossDomainAuth","createCrossDomainAuth","user","setUser","isLoading","setIsLoading","error","setError","queryClient","createQueryClient","isAuthenticated","useEffect","mounted","initAuth","session","initialize","err","console","log","signIn","useCallback","method","onMethodSelected","Error","message","signOut","window","localStorage","removeItem","contextValue","jsx","QueryClientProvider","client","Provider","value","useWebOxy","context","useContext","useAuth","isReady"],"sourceRoot":"../../../src","sources":["web/WebOxyContext.tsx"],"mappings":";;;;;;;;AAMA,IAAAA,MAAA,GAAAC,OAAA;AAQA,IAAAC,MAAA,GAAAD,OAAA;AAGA,IAAAE,WAAA,GAAAF,OAAA;AACA,IAAAG,YAAA,GAAAH,OAAA;AAA4D,IAAAI,WAAA,GAAAJ,OAAA;AAlB5D;AACA;AACA;AACA;AACA;;AAgCA,MAAMK,aAAa,gBAAG,IAAAC,oBAAa,EAA4B,IAAI,CAAC;AASpE;AACA;AACA;AACA;AACO,SAASC,cAAcA,CAAC;EAC7BC,QAAQ;EACRC,OAAO;EACPC,UAAU;EACVC;AACmB,CAAC,EAAE;EACtB,MAAM,CAACC,WAAW,CAAC,GAAG,IAAAC,eAAQ,EAAC,MAAM,IAAIC,kBAAW,CAAC;IAAEL,OAAO;IAAEC;EAAW,CAAC,CAAC,CAAC;EAC9E,MAAM,CAACK,eAAe,CAAC,GAAG,IAAAF,eAAQ,EAAC,MAAM,IAAAG,4BAAqB,EAACJ,WAAW,CAAC,CAAC;EAC5E,MAAM,CAACK,IAAI,EAAEC,OAAO,CAAC,GAAG,IAAAL,eAAQ,EAAyB,IAAI,CAAC;EAC9D,MAAM,CAACM,SAAS,EAAEC,YAAY,CAAC,GAAG,IAAAP,eAAQ,EAAC,IAAI,CAAC;EAChD,MAAM,CAACQ,KAAK,EAAEC,QAAQ,CAAC,GAAG,IAAAT,eAAQ,EAAgB,IAAI,CAAC;EACvD,MAAM,CAACU,WAAW,CAAC,GAAG,IAAAV,eAAQ,EAAC,MAAM,IAAAW,8BAAiB,EAAC,CAAC,CAAC;EAEzD,MAAMC,eAAe,GAAG,CAAC,CAACR,IAAI;;EAE9B;EACA,IAAAS,gBAAS,EAAC,MAAM;IACd,IAAIC,OAAO,GAAG,IAAI;IAElB,MAAMC,QAAQ,GAAG,MAAAA,CAAA,KAAY;MAC3B,IAAI;QACF;QACA,MAAMC,OAAO,GAAG,MAAMd,eAAe,CAACe,UAAU,CAAC,CAAC;QAElD,IAAIH,OAAO,IAAIE,OAAO,EAAEZ,IAAI,EAAE;UAC5BC,OAAO,CAACW,OAAO,CAACZ,IAAI,CAAC;QACvB;MACF,CAAC,CAAC,OAAOc,GAAG,EAAE;QACZ;QACAC,OAAO,CAACC,GAAG,CAAC,4BAA4B,CAAC;MAC3C,CAAC,SAAS;QACR,IAAIN,OAAO,EAAE;UACXP,YAAY,CAAC,KAAK,CAAC;QACrB;MACF;IACF,CAAC;IAEDQ,QAAQ,CAAC,CAAC;IAEV,OAAO,MAAM;MACXD,OAAO,GAAG,KAAK;IACjB,CAAC;EACH,CAAC,EAAE,CAACZ,eAAe,CAAC,CAAC;;EAErB;EACA,IAAAW,gBAAS,EAAC,MAAM;IACdf,iBAAiB,GAAGM,IAAI,CAAC;EAC3B,CAAC,EAAE,CAACA,IAAI,EAAEN,iBAAiB,CAAC,CAAC;EAE7B,MAAMuB,MAAM,GAAG,IAAAC,kBAAW,EAAC,YAAY;IACrCb,QAAQ,CAAC,IAAI,CAAC;IACdF,YAAY,CAAC,IAAI,CAAC;IAElB,IAAI;MACF;MACA,MAAMS,OAAO,GAAG,MAAMd,eAAe,CAACmB,MAAM,CAAC;QAC3CE,MAAM,EAAE,MAAM;QAAE;QAChBC,gBAAgB,EAAGD,MAAM,IAAK;UAC5BJ,OAAO,CAACC,GAAG,CAAC,6BAA6B,EAAEG,MAAM,CAAC;QACpD;MACF,CAAC,CAAC;MAEF,IAAIP,OAAO,EAAEZ,IAAI,EAAE;QACjBC,OAAO,CAACW,OAAO,CAACZ,IAAI,CAAC;MACvB;IACF,CAAC,CAAC,OAAOc,GAAG,EAAE;MACZC,OAAO,CAACX,KAAK,CAAC,yBAAyB,EAAEU,GAAG,CAAC;MAC7CT,QAAQ,CAACS,GAAG,YAAYO,KAAK,GAAGP,GAAG,CAACQ,OAAO,GAAG,gBAAgB,CAAC;IACjE,CAAC,SAAS;MACRnB,YAAY,CAAC,KAAK,CAAC;IACrB;EACF,CAAC,EAAE,CAACL,eAAe,CAAC,CAAC;EAErB,MAAMyB,OAAO,GAAG,IAAAL,kBAAW,EAAC,YAAY;IACtCb,QAAQ,CAAC,IAAI,CAAC;IAEd,IAAI;MACF;MACA,IAAI,OAAOmB,MAAM,KAAK,WAAW,EAAE;QACjCC,YAAY,CAACC,UAAU,CAAC,aAAa,CAAC;QACtCD,YAAY,CAACC,UAAU,CAAC,kBAAkB,CAAC;MAC7C;MAEAzB,OAAO,CAAC,IAAI,CAAC;IACf,CAAC,CAAC,OAAOa,GAAG,EAAE;MACZC,OAAO,CAACX,KAAK,CAAC,0BAA0B,EAAEU,GAAG,CAAC;MAC9CT,QAAQ,CAACS,GAAG,YAAYO,KAAK,GAAGP,GAAG,CAACQ,OAAO,GAAG,iBAAiB,CAAC;IAClE;EACF,CAAC,EAAE,EAAE,CAAC;EAEN,MAAMK,YAAgC,GAAG;IACvC3B,IAAI;IACJQ,eAAe;IACfN,SAAS;IACTE,KAAK;IACLa,MAAM;IACNM,OAAO;IACP5B;EACF,CAAC;EAED,oBACE,IAAAR,WAAA,CAAAyC,GAAA,EAAC3C,WAAA,CAAA4C,mBAAmB;IAACC,MAAM,EAAExB,WAAY;IAAAf,QAAA,eACvC,IAAAJ,WAAA,CAAAyC,GAAA,EAACxC,aAAa,CAAC2C,QAAQ;MAACC,KAAK,EAAEL,YAAa;MAAApC,QAAA,EACzCA;IAAQ,CACa;EAAC,CACN,CAAC;AAE1B;AAEO,SAAS0C,SAASA,CAAA,EAAG;EAC1B,MAAMC,OAAO,GAAG,IAAAC,iBAAU,EAAC/C,aAAa,CAAC;EACzC,IAAI,CAAC8C,OAAO,EAAE;IACZ,MAAM,IAAIb,KAAK,CAAC,8CAA8C,CAAC;EACjE;EACA,OAAOa,OAAO;AAChB;AAEO,SAASE,OAAOA,CAAA,EAAG;EACxB,MAAM;IAAEpC,IAAI;IAAEQ,eAAe;IAAEN,SAAS;IAAEE,KAAK;IAAEa,MAAM;IAAEM,OAAO;IAAE5B;EAAY,CAAC,GAAGsC,SAAS,CAAC,CAAC;EAE7F,OAAO;IACLjC,IAAI;IACJQ,eAAe;IACfN,SAAS;IACTmC,OAAO,EAAE,CAACnC,SAAS;IACnBE,KAAK;IACLa,MAAM;IACNM,OAAO;IACP5B;EACF,CAAC;AACH","ignoreList":[]}

package/lib/module/web/WebOxyContext.js

@@ -3,17 +3,18 @@
 /**
  * Web-Only Oxy Context
  * Clean implementation with ZERO React Native dependencies
+ * Uses CrossDomainAuth for proper SSO flow
  */
 
 import { createContext, useCallback, useContext, useEffect, useState } from 'react';
-import { OxyServices } from "../core/index.js";
+import { OxyServices, createCrossDomainAuth } from "../core/index.js";
 import { QueryClientProvider } from '@tanstack/react-query';
 import { createQueryClient } from "../ui/hooks/queryClient.js";
 import { jsx as _jsx } from "react/jsx-runtime";
 const WebOxyContext = /*#__PURE__*/createContext(null);
 /**
  * Web-only Oxy Provider
- * Minimal, clean implementation for web apps
+ * Uses CrossDomainAuth for automatic SSO with FedCM/Popup/Redirect fallback
  */
 export function WebOxyProvider({
   children,
@@ -25,21 +26,22 @@ export function WebOxyProvider({
     baseURL,
     authWebUrl
   }));
+  const [crossDomainAuth] = useState(() => createCrossDomainAuth(oxyServices));
   const [user, setUser] = useState(null);
   const [isLoading, setIsLoading] = useState(true);
   const [error, setError] = useState(null);
   const [queryClient] = useState(() => createQueryClient());
   const isAuthenticated = !!user;
 
-  // Initialize - check for existing session
+  // Initialize - handle callbacks, restore session, try silent sign-in
   useEffect(() => {
     let mounted = true;
     const initAuth = async () => {
       try {
-        // Try to get current user (will use existing auth token if available)
-        const currentUser = await oxyServices.getCurrentUser();
-        if (mounted && currentUser) {
-          setUser(currentUser);
+        // Complete initialization: handles callbacks, restores session, tries silent sign-in
+        const session = await crossDomainAuth.initialize();
+        if (mounted && session?.user) {
+          setUser(session.user);
         }
       } catch (err) {
         // No active session - this is fine
@@ -54,7 +56,7 @@ export function WebOxyProvider({
     return () => {
       mounted = false;
     };
-  }, [oxyServices]);
+  }, [crossDomainAuth]);
 
   // Notify parent of auth state changes
   useEffect(() => {
@@ -64,59 +66,30 @@ export function WebOxyProvider({
     setError(null);
     setIsLoading(true);
     try {
-      // Open popup to auth.oxy.so
-      const popup = window.open(`${authWebUrl || 'https://auth.oxy.so'}/login?origin=${encodeURIComponent(window.location.origin)}`, 'oxy-auth', 'width=500,height=700,popup=yes');
-      if (!popup) {
-        throw new Error('Popup blocked. Please allow popups for this site.');
-      }
-
-      // Listen for message from popup
-      const handleMessage = async event => {
-        if (event.origin !== (authWebUrl || 'https://auth.oxy.so')) {
-          return;
-        }
-        if (event.data.type === 'oxy-auth-success') {
-          const {
-            accessToken,
-            user: authUser
-          } = event.data;
-
-          // Store the access token for API requests
-          if (typeof window !== 'undefined' && accessToken) {
-            localStorage.setItem('oxy-access-token', accessToken);
-          }
-          setUser(authUser);
-          setIsLoading(false);
-          window.removeEventListener('message', handleMessage);
-          popup.close();
-        } else if (event.data.type === 'oxy-auth-error') {
-          setError(event.data.error || 'Authentication failed');
-          setIsLoading(false);
-          window.removeEventListener('message', handleMessage);
-          popup.close();
+      // Sign in with automatic method selection (FedCM → Popup → Redirect)
+      const session = await crossDomainAuth.signIn({
+        method: 'auto',
+        // Automatic fallback
+        onMethodSelected: method => {
+          console.log('[WebOxy] Using auth method:', method);
         }
-      };
-      window.addEventListener('message', handleMessage);
-
-      // Check if popup was closed
-      const checkClosed = setInterval(() => {
-        if (popup.closed) {
-          clearInterval(checkClosed);
-          window.removeEventListener('message', handleMessage);
-          setIsLoading(false);
-        }
-      }, 500);
+      });
+      if (session?.user) {
+        setUser(session.user);
+      }
     } catch (err) {
       console.error('[WebOxy] Sign in error:', err);
       setError(err instanceof Error ? err.message : 'Sign in failed');
+    } finally {
       setIsLoading(false);
     }
-  }, [authWebUrl]);
+  }, [crossDomainAuth]);
   const signOut = useCallback(async () => {
     setError(null);
     try {
-      // Clear stored token
+      // Clear stored session
       if (typeof window !== 'undefined') {
+        localStorage.removeItem('oxy-session');
         localStorage.removeItem('oxy-access-token');
       }
       setUser(null);

package/lib/module/web/WebOxyContext.js.map

@@ -1 +1 @@
-{"version":3,"names":["createContext","useCallback","useContext","useEffect","useState","OxyServices","QueryClientProvider","createQueryClient","jsx","_jsx","WebOxyContext","WebOxyProvider","children","baseURL","authWebUrl","onAuthStateChange","oxyServices","user","setUser","isLoading","setIsLoading","error","setError","queryClient","isAuthenticated","mounted","initAuth","currentUser","getCurrentUser","err","console","log","signIn","popup","window","open","encodeURIComponent","location","origin","Error","handleMessage","event","data","type","accessToken","authUser","localStorage","setItem","removeEventListener","close","addEventListener","checkClosed","setInterval","closed","clearInterval","message","signOut","removeItem","contextValue","client","Provider","value","useWebOxy","context","useAuth","isReady"],"sourceRoot":"../../../src","sources":["web/WebOxyContext.tsx"],"mappings":";;AAAA;AACA;AACA;AACA;;AAEA,SACEA,aAAa,EACbC,WAAW,EACXC,UAAU,EACVC,SAAS,EACTC,QAAQ,QAEH,OAAO;AACd,SAASC,WAAW,QAAQ,kBAAS;AAErC,SAASC,mBAAmB,QAAQ,uBAAuB;AAC3D,SAASC,iBAAiB,QAAQ,4BAAyB;AAAC,SAAAC,GAAA,IAAAC,IAAA;AAkB5D,MAAMC,aAAa,gBAAGV,aAAa,CAA4B,IAAI,CAAC;AASpE;AACA;AACA;AACA;AACA,OAAO,SAASW,cAAcA,CAAC;EAC7BC,QAAQ;EACRC,OAAO;EACPC,UAAU;EACVC;AACmB,CAAC,EAAE;EACtB,MAAM,CAACC,WAAW,CAAC,GAAGZ,QAAQ,CAAC,MAAM,IAAIC,WAAW,CAAC;IAAEQ,OAAO;IAAEC;EAAW,CAAC,CAAC,CAAC;EAC9E,MAAM,CAACG,IAAI,EAAEC,OAAO,CAAC,GAAGd,QAAQ,CAAc,IAAI,CAAC;EACnD,MAAM,CAACe,SAAS,EAAEC,YAAY,CAAC,GAAGhB,QAAQ,CAAC,IAAI,CAAC;EAChD,MAAM,CAACiB,KAAK,EAAEC,QAAQ,CAAC,GAAGlB,QAAQ,CAAgB,IAAI,CAAC;EACvD,MAAM,CAACmB,WAAW,CAAC,GAAGnB,QAAQ,CAAC,MAAMG,iBAAiB,CAAC,CAAC,CAAC;EAEzD,MAAMiB,eAAe,GAAG,CAAC,CAACP,IAAI;;EAE9B;EACAd,SAAS,CAAC,MAAM;IACd,IAAIsB,OAAO,GAAG,IAAI;IAElB,MAAMC,QAAQ,GAAG,MAAAA,CAAA,KAAY;MAC3B,IAAI;QACF;QACA,MAAMC,WAAW,GAAG,MAAMX,WAAW,CAACY,cAAc,CAAC,CAAC;QAEtD,IAAIH,OAAO,IAAIE,WAAW,EAAE;UAC1BT,OAAO,CAACS,WAAW,CAAC;QACtB;MACF,CAAC,CAAC,OAAOE,GAAG,EAAE;QACZ;QACAC,OAAO,CAACC,GAAG,CAAC,4BAA4B,CAAC;MAC3C,CAAC,SAAS;QACR,IAAIN,OAAO,EAAE;UACXL,YAAY,CAAC,KAAK,CAAC;QACrB;MACF;IACF,CAAC;IAEDM,QAAQ,CAAC,CAAC;IAEV,OAAO,MAAM;MACXD,OAAO,GAAG,KAAK;IACjB,CAAC;EACH,CAAC,EAAE,CAACT,WAAW,CAAC,CAAC;;EAEjB;EACAb,SAAS,CAAC,MAAM;IACdY,iBAAiB,GAAGE,IAAI,CAAC;EAC3B,CAAC,EAAE,CAACA,IAAI,EAAEF,iBAAiB,CAAC,CAAC;EAE7B,MAAMiB,MAAM,GAAG/B,WAAW,CAAC,YAAY;IACrCqB,QAAQ,CAAC,IAAI,CAAC;IACdF,YAAY,CAAC,IAAI,CAAC;IAElB,IAAI;MACF;MACA,MAAMa,KAAK,GAAGC,MAAM,CAACC,IAAI,CACvB,GAAGrB,UAAU,IAAI,qBAAqB,iBAAiBsB,kBAAkB,CAACF,MAAM,CAACG,QAAQ,CAACC,MAAM,CAAC,EAAE,EACnG,UAAU,EACV,gCACF,CAAC;MAED,IAAI,CAACL,KAAK,EAAE;QACV,MAAM,IAAIM,KAAK,CAAC,mDAAmD,CAAC;MACtE;;MAEA;MACA,MAAMC,aAAa,GAAG,MAAOC,KAAmB,IAAK;QACnD,IAAIA,KAAK,CAACH,MAAM,MAAMxB,UAAU,IAAI,qBAAqB,CAAC,EAAE;UAC1D;QACF;QAEA,IAAI2B,KAAK,CAACC,IAAI,CAACC,IAAI,KAAK,kBAAkB,EAAE;UAC1C,MAAM;YAAEC,WAAW;YAAE3B,IAAI,EAAE4B;UAAS,CAAC,GAAGJ,KAAK,CAACC,IAAI;;UAElD;UACA,IAAI,OAAOR,MAAM,KAAK,WAAW,IAAIU,WAAW,EAAE;YAChDE,YAAY,CAACC,OAAO,CAAC,kBAAkB,EAAEH,WAAW,CAAC;UACvD;UAEA1B,OAAO,CAAC2B,QAAQ,CAAC;UACjBzB,YAAY,CAAC,KAAK,CAAC;UAEnBc,MAAM,CAACc,mBAAmB,CAAC,SAAS,EAAER,aAAa,CAAC;UACpDP,KAAK,CAACgB,KAAK,CAAC,CAAC;QACf,CAAC,MAAM,IAAIR,KAAK,CAACC,IAAI,CAACC,IAAI,KAAK,gBAAgB,EAAE;UAC/CrB,QAAQ,CAACmB,KAAK,CAACC,IAAI,CAACrB,KAAK,IAAI,uBAAuB,CAAC;UACrDD,YAAY,CAAC,KAAK,CAAC;UACnBc,MAAM,CAACc,mBAAmB,CAAC,SAAS,EAAER,aAAa,CAAC;UACpDP,KAAK,CAACgB,KAAK,CAAC,CAAC;QACf;MACF,CAAC;MAEDf,MAAM,CAACgB,gBAAgB,CAAC,SAAS,EAAEV,aAAa,CAAC;;MAEjD;MACA,MAAMW,WAAW,GAAGC,WAAW,CAAC,MAAM;QACpC,IAAInB,KAAK,CAACoB,MAAM,EAAE;UAChBC,aAAa,CAACH,WAAW,CAAC;UAC1BjB,MAAM,CAACc,mBAAmB,CAAC,SAAS,EAAER,aAAa,CAAC;UACpDpB,YAAY,CAAC,KAAK,CAAC;QACrB;MACF,CAAC,EAAE,GAAG,CAAC;IACT,CAAC,CAAC,OAAOS,GAAG,EAAE;MACZC,OAAO,CAACT,KAAK,CAAC,yBAAyB,EAAEQ,GAAG,CAAC;MAC7CP,QAAQ,CAACO,GAAG,YAAYU,KAAK,GAAGV,GAAG,CAAC0B,OAAO,GAAG,gBAAgB,CAAC;MAC/DnC,YAAY,CAAC,KAAK,CAAC;IACrB;EACF,CAAC,EAAE,CAACN,UAAU,CAAC,CAAC;EAEhB,MAAM0C,OAAO,GAAGvD,WAAW,CAAC,YAAY;IACtCqB,QAAQ,CAAC,IAAI,CAAC;IAEd,IAAI;MACF;MACA,IAAI,OAAOY,MAAM,KAAK,WAAW,EAAE;QACjCY,YAAY,CAACW,UAAU,CAAC,kBAAkB,CAAC;MAC7C;MAEAvC,OAAO,CAAC,IAAI,CAAC;IACf,CAAC,CAAC,OAAOW,GAAG,EAAE;MACZC,OAAO,CAACT,KAAK,CAAC,0BAA0B,EAAEQ,GAAG,CAAC;MAC9CP,QAAQ,CAACO,GAAG,YAAYU,KAAK,GAAGV,GAAG,CAAC0B,OAAO,GAAG,iBAAiB,CAAC;IAClE;EACF,CAAC,EAAE,EAAE,CAAC;EAEN,MAAMG,YAAgC,GAAG;IACvCzC,IAAI;IACJO,eAAe;IACfL,SAAS;IACTE,KAAK;IACLW,MAAM;IACNwB,OAAO;IACPxC;EACF,CAAC;EAED,oBACEP,IAAA,CAACH,mBAAmB;IAACqD,MAAM,EAAEpC,WAAY;IAAAX,QAAA,eACvCH,IAAA,CAACC,aAAa,CAACkD,QAAQ;MAACC,KAAK,EAAEH,YAAa;MAAA9C,QAAA,EACzCA;IAAQ,CACa;EAAC,CACN,CAAC;AAE1B;AAEA,OAAO,SAASkD,SAASA,CAAA,EAAG;EAC1B,MAAMC,OAAO,GAAG7D,UAAU,CAACQ,aAAa,CAAC;EACzC,IAAI,CAACqD,OAAO,EAAE;IACZ,MAAM,IAAIxB,KAAK,CAAC,8CAA8C,CAAC;EACjE;EACA,OAAOwB,OAAO;AAChB;AAEA,OAAO,SAASC,OAAOA,CAAA,EAAG;EACxB,MAAM;IAAE/C,IAAI;IAAEO,eAAe;IAAEL,SAAS;IAAEE,KAAK;IAAEW,MAAM;IAAEwB,OAAO;IAAExC;EAAY,CAAC,GAAG8C,SAAS,CAAC,CAAC;EAE7F,OAAO;IACL7C,IAAI;IACJO,eAAe;IACfL,SAAS;IACT8C,OAAO,EAAE,CAAC9C,SAAS;IACnBE,KAAK;IACLW,MAAM;IACNwB,OAAO;IACPxC;EACF,CAAC;AACH","ignoreList":[]}
+{"version":3,"names":["createContext","useCallback","useContext","useEffect","useState","OxyServices","createCrossDomainAuth","QueryClientProvider","createQueryClient","jsx","_jsx","WebOxyContext","WebOxyProvider","children","baseURL","authWebUrl","onAuthStateChange","oxyServices","crossDomainAuth","user","setUser","isLoading","setIsLoading","error","setError","queryClient","isAuthenticated","mounted","initAuth","session","initialize","err","console","log","signIn","method","onMethodSelected","Error","message","signOut","window","localStorage","removeItem","contextValue","client","Provider","value","useWebOxy","context","useAuth","isReady"],"sourceRoot":"../../../src","sources":["web/WebOxyContext.tsx"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;;AAEA,SACEA,aAAa,EACbC,WAAW,EACXC,UAAU,EACVC,SAAS,EACTC,QAAQ,QAEH,OAAO;AACd,SAASC,WAAW,EAAEC,qBAAqB,QAAQ,kBAAS;AAG5D,SAASC,mBAAmB,QAAQ,uBAAuB;AAC3D,SAASC,iBAAiB,QAAQ,4BAAyB;AAAC,SAAAC,GAAA,IAAAC,IAAA;AAkB5D,MAAMC,aAAa,gBAAGX,aAAa,CAA4B,IAAI,CAAC;AASpE;AACA;AACA;AACA;AACA,OAAO,SAASY,cAAcA,CAAC;EAC7BC,QAAQ;EACRC,OAAO;EACPC,UAAU;EACVC;AACmB,CAAC,EAAE;EACtB,MAAM,CAACC,WAAW,CAAC,GAAGb,QAAQ,CAAC,MAAM,IAAIC,WAAW,CAAC;IAAES,OAAO;IAAEC;EAAW,CAAC,CAAC,CAAC;EAC9E,MAAM,CAACG,eAAe,CAAC,GAAGd,QAAQ,CAAC,MAAME,qBAAqB,CAACW,WAAW,CAAC,CAAC;EAC5E,MAAM,CAACE,IAAI,EAAEC,OAAO,CAAC,GAAGhB,QAAQ,CAAyB,IAAI,CAAC;EAC9D,MAAM,CAACiB,SAAS,EAAEC,YAAY,CAAC,GAAGlB,QAAQ,CAAC,IAAI,CAAC;EAChD,MAAM,CAACmB,KAAK,EAAEC,QAAQ,CAAC,GAAGpB,QAAQ,CAAgB,IAAI,CAAC;EACvD,MAAM,CAACqB,WAAW,CAAC,GAAGrB,QAAQ,CAAC,MAAMI,iBAAiB,CAAC,CAAC,CAAC;EAEzD,MAAMkB,eAAe,GAAG,CAAC,CAACP,IAAI;;EAE9B;EACAhB,SAAS,CAAC,MAAM;IACd,IAAIwB,OAAO,GAAG,IAAI;IAElB,MAAMC,QAAQ,GAAG,MAAAA,CAAA,KAAY;MAC3B,IAAI;QACF;QACA,MAAMC,OAAO,GAAG,MAAMX,eAAe,CAACY,UAAU,CAAC,CAAC;QAElD,IAAIH,OAAO,IAAIE,OAAO,EAAEV,IAAI,EAAE;UAC5BC,OAAO,CAACS,OAAO,CAACV,IAAI,CAAC;QACvB;MACF,CAAC,CAAC,OAAOY,GAAG,EAAE;QACZ;QACAC,OAAO,CAACC,GAAG,CAAC,4BAA4B,CAAC;MAC3C,CAAC,SAAS;QACR,IAAIN,OAAO,EAAE;UACXL,YAAY,CAAC,KAAK,CAAC;QACrB;MACF;IACF,CAAC;IAEDM,QAAQ,CAAC,CAAC;IAEV,OAAO,MAAM;MACXD,OAAO,GAAG,KAAK;IACjB,CAAC;EACH,CAAC,EAAE,CAACT,eAAe,CAAC,CAAC;;EAErB;EACAf,SAAS,CAAC,MAAM;IACda,iBAAiB,GAAGG,IAAI,CAAC;EAC3B,CAAC,EAAE,CAACA,IAAI,EAAEH,iBAAiB,CAAC,CAAC;EAE7B,MAAMkB,MAAM,GAAGjC,WAAW,CAAC,YAAY;IACrCuB,QAAQ,CAAC,IAAI,CAAC;IACdF,YAAY,CAAC,IAAI,CAAC;IAElB,IAAI;MACF;MACA,MAAMO,OAAO,GAAG,MAAMX,eAAe,CAACgB,MAAM,CAAC;QAC3CC,MAAM,EAAE,MAAM;QAAE;QAChBC,gBAAgB,EAAGD,MAAM,IAAK;UAC5BH,OAAO,CAACC,GAAG,CAAC,6BAA6B,EAAEE,MAAM,CAAC;QACpD;MACF,CAAC,CAAC;MAEF,IAAIN,OAAO,EAAEV,IAAI,EAAE;QACjBC,OAAO,CAACS,OAAO,CAACV,IAAI,CAAC;MACvB;IACF,CAAC,CAAC,OAAOY,GAAG,EAAE;MACZC,OAAO,CAACT,KAAK,CAAC,yBAAyB,EAAEQ,GAAG,CAAC;MAC7CP,QAAQ,CAACO,GAAG,YAAYM,KAAK,GAAGN,GAAG,CAACO,OAAO,GAAG,gBAAgB,CAAC;IACjE,CAAC,SAAS;MACRhB,YAAY,CAAC,KAAK,CAAC;IACrB;EACF,CAAC,EAAE,CAACJ,eAAe,CAAC,CAAC;EAErB,MAAMqB,OAAO,GAAGtC,WAAW,CAAC,YAAY;IACtCuB,QAAQ,CAAC,IAAI,CAAC;IAEd,IAAI;MACF;MACA,IAAI,OAAOgB,MAAM,KAAK,WAAW,EAAE;QACjCC,YAAY,CAACC,UAAU,CAAC,aAAa,CAAC;QACtCD,YAAY,CAACC,UAAU,CAAC,kBAAkB,CAAC;MAC7C;MAEAtB,OAAO,CAAC,IAAI,CAAC;IACf,CAAC,CAAC,OAAOW,GAAG,EAAE;MACZC,OAAO,CAACT,KAAK,CAAC,0BAA0B,EAAEQ,GAAG,CAAC;MAC9CP,QAAQ,CAACO,GAAG,YAAYM,KAAK,GAAGN,GAAG,CAACO,OAAO,GAAG,iBAAiB,CAAC;IAClE;EACF,CAAC,EAAE,EAAE,CAAC;EAEN,MAAMK,YAAgC,GAAG;IACvCxB,IAAI;IACJO,eAAe;IACfL,SAAS;IACTE,KAAK;IACLW,MAAM;IACNK,OAAO;IACPtB;EACF,CAAC;EAED,oBACEP,IAAA,CAACH,mBAAmB;IAACqC,MAAM,EAAEnB,WAAY;IAAAZ,QAAA,eACvCH,IAAA,CAACC,aAAa,CAACkC,QAAQ;MAACC,KAAK,EAAEH,YAAa;MAAA9B,QAAA,EACzCA;IAAQ,CACa;EAAC,CACN,CAAC;AAE1B;AAEA,OAAO,SAASkC,SAASA,CAAA,EAAG;EAC1B,MAAMC,OAAO,GAAG9C,UAAU,CAACS,aAAa,CAAC;EACzC,IAAI,CAACqC,OAAO,EAAE;IACZ,MAAM,IAAIX,KAAK,CAAC,8CAA8C,CAAC;EACjE;EACA,OAAOW,OAAO;AAChB;AAEA,OAAO,SAASC,OAAOA,CAAA,EAAG;EACxB,MAAM;IAAE9B,IAAI;IAAEO,eAAe;IAAEL,SAAS;IAAEE,KAAK;IAAEW,MAAM;IAAEK,OAAO;IAAEtB;EAAY,CAAC,GAAG8B,SAAS,CAAC,CAAC;EAE7F,OAAO;IACL5B,IAAI;IACJO,eAAe;IACfL,SAAS;IACT6B,OAAO,EAAE,CAAC7B,SAAS;IACnBE,KAAK;IACLW,MAAM;IACNK,OAAO;IACPtB;EACF,CAAC;AACH","ignoreList":[]}

package/lib/typescript/commonjs/web/WebOxyContext.d.ts

@@ -1,12 +1,13 @@
 /**
  * Web-Only Oxy Context
  * Clean implementation with ZERO React Native dependencies
+ * Uses CrossDomainAuth for proper SSO flow
  */
 import { type ReactNode } from 'react';
 import { OxyServices } from '../core';
-import type { User } from '../models/interfaces';
+import type { MinimalUserData } from '../models/session';
 export interface WebAuthState {
-    user: User | null;
+    user: MinimalUserData | null;
     isAuthenticated: boolean;
     isLoading: boolean;
     error: string | null;
@@ -22,16 +23,16 @@ export interface WebOxyProviderProps {
     children: ReactNode;
     baseURL: string;
     authWebUrl?: string;
-    onAuthStateChange?: (user: User | null) => void;
+    onAuthStateChange?: (user: MinimalUserData | null) => void;
 }
 /**
  * Web-only Oxy Provider
- * Minimal, clean implementation for web apps
+ * Uses CrossDomainAuth for automatic SSO with FedCM/Popup/Redirect fallback
  */
 export declare function WebOxyProvider({ children, baseURL, authWebUrl, onAuthStateChange, }: WebOxyProviderProps): import("react/jsx-runtime").JSX.Element;
 export declare function useWebOxy(): WebOxyContextValue;
 export declare function useAuth(): {
-    user: User | null;
+    user: MinimalUserData | null;
     isAuthenticated: boolean;
     isLoading: boolean;
     isReady: boolean;

package/lib/typescript/commonjs/web/WebOxyContext.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"WebOxyContext.d.ts","sourceRoot":"","sources":["../../../../src/web/WebOxyContext.tsx"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAML,KAAK,SAAS,EACf,MAAM,OAAO,CAAC;AACf,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AACtC,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAIjD,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAClB,eAAe,EAAE,OAAO,CAAC;IACzB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAED,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9B;AAED,MAAM,WAAW,kBAAmB,SAAQ,YAAY,EAAE,cAAc;IACtE,WAAW,EAAE,WAAW,CAAC;CAC1B;AAID,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,KAAK,IAAI,CAAC;CACjD;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAAC,EAC7B,QAAQ,EACR,OAAO,EACP,UAAU,EACV,iBAAiB,GAClB,EAAE,mBAAmB,2CAwIrB;AAED,wBAAgB,SAAS,uBAMxB;AAED,wBAAgB,OAAO;;;;;;kBA5KP,OAAO,CAAC,IAAI,CAAC;mBACZ,OAAO,CAAC,IAAI,CAAC;;EAwL7B"}
+{"version":3,"file":"WebOxyContext.d.ts","sourceRoot":"","sources":["../../../../src/web/WebOxyContext.tsx"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAML,KAAK,SAAS,EACf,MAAM,OAAO,CAAC;AACf,OAAO,EAAE,WAAW,EAAyB,MAAM,SAAS,CAAC;AAE7D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAIzD,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,eAAe,GAAG,IAAI,CAAC;IAC7B,eAAe,EAAE,OAAO,CAAC;IACzB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAED,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9B;AAED,MAAM,WAAW,kBAAmB,SAAQ,YAAY,EAAE,cAAc;IACtE,WAAW,EAAE,WAAW,CAAC;CAC1B;AAID,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,CAAC,IAAI,EAAE,eAAe,GAAG,IAAI,KAAK,IAAI,CAAC;CAC5D;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAAC,EAC7B,QAAQ,EACR,OAAO,EACP,UAAU,EACV,iBAAiB,GAClB,EAAE,mBAAmB,2CAsGrB;AAED,wBAAgB,SAAS,uBAMxB;AAED,wBAAgB,OAAO;;;;;;kBA1IP,OAAO,CAAC,IAAI,CAAC;mBACZ,OAAO,CAAC,IAAI,CAAC;;EAsJ7B"}

package/lib/typescript/commonjs/web/index.d.ts

@@ -34,7 +34,7 @@ export type { CrossDomainAuthOptions, DeviceFingerprint, StoredDeviceInfo, } fro
 export { WebOxyProvider, useWebOxy, useAuth } from './WebOxyContext';
 export type { WebOxyProviderProps, WebAuthState, WebAuthActions, WebOxyContextValue } from './WebOxyContext';
 export type { User, ApiError, Notification, FileMetadata, AssetUploadProgress, PaymentMethod, KarmaLeaderboardEntry, KarmaRule, Transaction, DeviceSession, } from '../models/interfaces';
-export type { ClientSession } from '../models/session';
+export type { ClientSession, MinimalUserData } from '../models/session';
 export { SUPPORTED_LANGUAGES, getLanguageMetadata, getLanguageName, getNativeLanguageName, normalizeLanguageCode, } from '../utils/languageUtils';
 export type { LanguageMetadata } from '../utils/languageUtils';
 import { WebOxyProvider } from './WebOxyContext';

package/lib/typescript/commonjs/web/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/web/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAIH,OAAO,EACL,WAAW,EACX,sBAAsB,EACtB,6BAA6B,EAC7B,aAAa,EACb,SAAS,EACT,eAAe,EACf,qBAAqB,EACrB,aAAa,GACd,MAAM,SAAS,CAAC;AAEjB,YAAY,EACV,sBAAsB,EACtB,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,SAAS,CAAC;AAGjB,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AACrE,YAAY,EAAE,mBAAmB,EAAE,YAAY,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAI7G,YAAY,EACV,IAAI,EACJ,QAAQ,EACR,YAAY,EACZ,YAAY,EACZ,mBAAmB,EACnB,aAAa,EACb,qBAAqB,EACrB,SAAS,EACT,WAAW,EACX,aAAa,GACd,MAAM,sBAAsB,CAAC;AAG9B,YAAY,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAGvD,OAAO,EACL,mBAAmB,EACnB,mBAAmB,EACnB,eAAe,EACf,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,wBAAwB,CAAC;AAEhC,YAAY,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAG/D,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACjD,eAAe,cAAc,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/web/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAIH,OAAO,EACL,WAAW,EACX,sBAAsB,EACtB,6BAA6B,EAC7B,aAAa,EACb,SAAS,EACT,eAAe,EACf,qBAAqB,EACrB,aAAa,GACd,MAAM,SAAS,CAAC;AAEjB,YAAY,EACV,sBAAsB,EACtB,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,SAAS,CAAC;AAGjB,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AACrE,YAAY,EAAE,mBAAmB,EAAE,YAAY,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAI7G,YAAY,EACV,IAAI,EACJ,QAAQ,EACR,YAAY,EACZ,YAAY,EACZ,mBAAmB,EACnB,aAAa,EACb,qBAAqB,EACrB,SAAS,EACT,WAAW,EACX,aAAa,GACd,MAAM,sBAAsB,CAAC;AAG9B,YAAY,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAGxE,OAAO,EACL,mBAAmB,EACnB,mBAAmB,EACnB,eAAe,EACf,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,wBAAwB,CAAC;AAEhC,YAAY,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAG/D,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACjD,eAAe,cAAc,CAAC"}

package/lib/typescript/module/web/WebOxyContext.d.ts

@@ -1,12 +1,13 @@
 /**
  * Web-Only Oxy Context
  * Clean implementation with ZERO React Native dependencies
+ * Uses CrossDomainAuth for proper SSO flow
  */
 import { type ReactNode } from 'react';
 import { OxyServices } from '../core';
-import type { User } from '../models/interfaces';
+import type { MinimalUserData } from '../models/session';
 export interface WebAuthState {
-    user: User | null;
+    user: MinimalUserData | null;
     isAuthenticated: boolean;
     isLoading: boolean;
     error: string | null;
@@ -22,16 +23,16 @@ export interface WebOxyProviderProps {
     children: ReactNode;
     baseURL: string;
     authWebUrl?: string;
-    onAuthStateChange?: (user: User | null) => void;
+    onAuthStateChange?: (user: MinimalUserData | null) => void;
 }
 /**
  * Web-only Oxy Provider
- * Minimal, clean implementation for web apps
+ * Uses CrossDomainAuth for automatic SSO with FedCM/Popup/Redirect fallback
  */
 export declare function WebOxyProvider({ children, baseURL, authWebUrl, onAuthStateChange, }: WebOxyProviderProps): import("react/jsx-runtime").JSX.Element;
 export declare function useWebOxy(): WebOxyContextValue;
 export declare function useAuth(): {
-    user: User | null;
+    user: MinimalUserData | null;
     isAuthenticated: boolean;
     isLoading: boolean;
     isReady: boolean;

package/lib/typescript/module/web/WebOxyContext.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"WebOxyContext.d.ts","sourceRoot":"","sources":["../../../../src/web/WebOxyContext.tsx"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAML,KAAK,SAAS,EACf,MAAM,OAAO,CAAC;AACf,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AACtC,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAC;AAIjD,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAClB,eAAe,EAAE,OAAO,CAAC;IACzB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAED,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9B;AAED,MAAM,WAAW,kBAAmB,SAAQ,YAAY,EAAE,cAAc;IACtE,WAAW,EAAE,WAAW,CAAC;CAC1B;AAID,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,KAAK,IAAI,CAAC;CACjD;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAAC,EAC7B,QAAQ,EACR,OAAO,EACP,UAAU,EACV,iBAAiB,GAClB,EAAE,mBAAmB,2CAwIrB;AAED,wBAAgB,SAAS,uBAMxB;AAED,wBAAgB,OAAO;;;;;;kBA5KP,OAAO,CAAC,IAAI,CAAC;mBACZ,OAAO,CAAC,IAAI,CAAC;;EAwL7B"}
+{"version":3,"file":"WebOxyContext.d.ts","sourceRoot":"","sources":["../../../../src/web/WebOxyContext.tsx"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAML,KAAK,SAAS,EACf,MAAM,OAAO,CAAC;AACf,OAAO,EAAE,WAAW,EAAyB,MAAM,SAAS,CAAC;AAE7D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAIzD,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,eAAe,GAAG,IAAI,CAAC;IAC7B,eAAe,EAAE,OAAO,CAAC;IACzB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAED,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9B;AAED,MAAM,WAAW,kBAAmB,SAAQ,YAAY,EAAE,cAAc;IACtE,WAAW,EAAE,WAAW,CAAC;CAC1B;AAID,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,CAAC,IAAI,EAAE,eAAe,GAAG,IAAI,KAAK,IAAI,CAAC;CAC5D;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAAC,EAC7B,QAAQ,EACR,OAAO,EACP,UAAU,EACV,iBAAiB,GAClB,EAAE,mBAAmB,2CAsGrB;AAED,wBAAgB,SAAS,uBAMxB;AAED,wBAAgB,OAAO;;;;;;kBA1IP,OAAO,CAAC,IAAI,CAAC;mBACZ,OAAO,CAAC,IAAI,CAAC;;EAsJ7B"}

package/lib/typescript/module/web/index.d.ts

@@ -34,7 +34,7 @@ export type { CrossDomainAuthOptions, DeviceFingerprint, StoredDeviceInfo, } fro
 export { WebOxyProvider, useWebOxy, useAuth } from './WebOxyContext';
 export type { WebOxyProviderProps, WebAuthState, WebAuthActions, WebOxyContextValue } from './WebOxyContext';
 export type { User, ApiError, Notification, FileMetadata, AssetUploadProgress, PaymentMethod, KarmaLeaderboardEntry, KarmaRule, Transaction, DeviceSession, } from '../models/interfaces';
-export type { ClientSession } from '../models/session';
+export type { ClientSession, MinimalUserData } from '../models/session';
 export { SUPPORTED_LANGUAGES, getLanguageMetadata, getLanguageName, getNativeLanguageName, normalizeLanguageCode, } from '../utils/languageUtils';
 export type { LanguageMetadata } from '../utils/languageUtils';
 import { WebOxyProvider } from './WebOxyContext';

package/lib/typescript/module/web/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/web/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAIH,OAAO,EACL,WAAW,EACX,sBAAsB,EACtB,6BAA6B,EAC7B,aAAa,EACb,SAAS,EACT,eAAe,EACf,qBAAqB,EACrB,aAAa,GACd,MAAM,SAAS,CAAC;AAEjB,YAAY,EACV,sBAAsB,EACtB,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,SAAS,CAAC;AAGjB,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AACrE,YAAY,EAAE,mBAAmB,EAAE,YAAY,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAI7G,YAAY,EACV,IAAI,EACJ,QAAQ,EACR,YAAY,EACZ,YAAY,EACZ,mBAAmB,EACnB,aAAa,EACb,qBAAqB,EACrB,SAAS,EACT,WAAW,EACX,aAAa,GACd,MAAM,sBAAsB,CAAC;AAG9B,YAAY,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAGvD,OAAO,EACL,mBAAmB,EACnB,mBAAmB,EACnB,eAAe,EACf,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,wBAAwB,CAAC;AAEhC,YAAY,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAG/D,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACjD,eAAe,cAAc,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/web/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAIH,OAAO,EACL,WAAW,EACX,sBAAsB,EACtB,6BAA6B,EAC7B,aAAa,EACb,SAAS,EACT,eAAe,EACf,qBAAqB,EACrB,aAAa,GACd,MAAM,SAAS,CAAC;AAEjB,YAAY,EACV,sBAAsB,EACtB,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,SAAS,CAAC;AAGjB,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AACrE,YAAY,EAAE,mBAAmB,EAAE,YAAY,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAI7G,YAAY,EACV,IAAI,EACJ,QAAQ,EACR,YAAY,EACZ,YAAY,EACZ,mBAAmB,EACnB,aAAa,EACb,qBAAqB,EACrB,SAAS,EACT,WAAW,EACX,aAAa,GACd,MAAM,sBAAsB,CAAC;AAG9B,YAAY,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAGxE,OAAO,EACL,mBAAmB,EACnB,mBAAmB,EACnB,eAAe,EACf,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,wBAAwB,CAAC;AAEhC,YAAY,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAG/D,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACjD,eAAe,cAAc,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@oxyhq/services",
-  "version": "5.24.0",
+  "version": "5.25.0",
   "description": "Reusable OxyHQ module to handle authentication, user management, karma system, device-based session management and more 🚀",
   "main": "lib/commonjs/index.js",
   "module": "lib/module/index.js",

package/src/web/WebOxyContext.tsx

@@ -1,6 +1,7 @@
 /**
  * Web-Only Oxy Context
  * Clean implementation with ZERO React Native dependencies
+ * Uses CrossDomainAuth for proper SSO flow
  */
 
 import {
@@ -11,13 +12,14 @@ import {
   useState,
   type ReactNode,
 } from 'react';
-import { OxyServices } from '../core';
+import { OxyServices, createCrossDomainAuth } from '../core';
 import type { User } from '../models/interfaces';
+import type { MinimalUserData } from '../models/session';
 import { QueryClientProvider } from '@tanstack/react-query';
 import { createQueryClient } from '../ui/hooks/queryClient';
 
 export interface WebAuthState {
-  user: User | null;
+  user: MinimalUserData | null;
   isAuthenticated: boolean;
   isLoading: boolean;
   error: string | null;
@@ -38,12 +40,12 @@ export interface WebOxyProviderProps {
   children: ReactNode;
   baseURL: string;
   authWebUrl?: string;
-  onAuthStateChange?: (user: User | null) => void;
+  onAuthStateChange?: (user: MinimalUserData | null) => void;
 }
 
 /**
  * Web-only Oxy Provider
- * Minimal, clean implementation for web apps
+ * Uses CrossDomainAuth for automatic SSO with FedCM/Popup/Redirect fallback
  */
 export function WebOxyProvider({
   children,
@@ -52,24 +54,25 @@ export function WebOxyProvider({
   onAuthStateChange,
 }: WebOxyProviderProps) {
   const [oxyServices] = useState(() => new OxyServices({ baseURL, authWebUrl }));
-  const [user, setUser] = useState<User | null>(null);
+  const [crossDomainAuth] = useState(() => createCrossDomainAuth(oxyServices));
+  const [user, setUser] = useState<MinimalUserData | null>(null);
   const [isLoading, setIsLoading] = useState(true);
   const [error, setError] = useState<string | null>(null);
   const [queryClient] = useState(() => createQueryClient());
 
   const isAuthenticated = !!user;
 
-  // Initialize - check for existing session
+  // Initialize - handle callbacks, restore session, try silent sign-in
   useEffect(() => {
     let mounted = true;
 
     const initAuth = async () => {
       try {
-        // Try to get current user (will use existing auth token if available)
-        const currentUser = await oxyServices.getCurrentUser();
+        // Complete initialization: handles callbacks, restores session, tries silent sign-in
+        const session = await crossDomainAuth.initialize();
 
-        if (mounted && currentUser) {
-          setUser(currentUser);
+        if (mounted && session?.user) {
+          setUser(session.user);
         }
       } catch (err) {
         // No active session - this is fine
@@ -86,7 +89,7 @@ export function WebOxyProvider({
     return () => {
       mounted = false;
     };
-  }, [oxyServices]);
+  }, [crossDomainAuth]);
 
   // Notify parent of auth state changes
   useEffect(() => {
@@ -98,67 +101,32 @@ export function WebOxyProvider({
     setIsLoading(true);
 
     try {
-      // Open popup to auth.oxy.so
-      const popup = window.open(
-        `${authWebUrl || 'https://auth.oxy.so'}/login?origin=${encodeURIComponent(window.location.origin)}`,
-        'oxy-auth',
-        'width=500,height=700,popup=yes'
-      );
-
-      if (!popup) {
-        throw new Error('Popup blocked. Please allow popups for this site.');
+      // Sign in with automatic method selection (FedCM → Popup → Redirect)
+      const session = await crossDomainAuth.signIn({
+        method: 'auto', // Automatic fallback
+        onMethodSelected: (method) => {
+          console.log('[WebOxy] Using auth method:', method);
+        },
+      });
+
+      if (session?.user) {
+        setUser(session.user);
       }
-
-      // Listen for message from popup
-      const handleMessage = async (event: MessageEvent) => {
-        if (event.origin !== (authWebUrl || 'https://auth.oxy.so')) {
-          return;
-        }
-
-        if (event.data.type === 'oxy-auth-success') {
-          const { accessToken, user: authUser } = event.data;
-
-          // Store the access token for API requests
-          if (typeof window !== 'undefined' && accessToken) {
-            localStorage.setItem('oxy-access-token', accessToken);
-          }
-
-          setUser(authUser);
-          setIsLoading(false);
-
-          window.removeEventListener('message', handleMessage);
-          popup.close();
-        } else if (event.data.type === 'oxy-auth-error') {
-          setError(event.data.error || 'Authentication failed');
-          setIsLoading(false);
-          window.removeEventListener('message', handleMessage);
-          popup.close();
-        }
-      };
-
-      window.addEventListener('message', handleMessage);
-
-      // Check if popup was closed
-      const checkClosed = setInterval(() => {
-        if (popup.closed) {
-          clearInterval(checkClosed);
-          window.removeEventListener('message', handleMessage);
-          setIsLoading(false);
-        }
-      }, 500);
     } catch (err) {
       console.error('[WebOxy] Sign in error:', err);
       setError(err instanceof Error ? err.message : 'Sign in failed');
+    } finally {
       setIsLoading(false);
     }
-  }, [authWebUrl]);
+  }, [crossDomainAuth]);
 
   const signOut = useCallback(async () => {
     setError(null);
 
     try {
-      // Clear stored token
+      // Clear stored session
       if (typeof window !== 'undefined') {
+        localStorage.removeItem('oxy-session');
         localStorage.removeItem('oxy-access-token');
       }
 

package/src/web/index.ts

@@ -69,7 +69,7 @@ export type {
 } from '../models/interfaces';
 
 // Re-export session types
-export type { ClientSession } from '../models/session';
+export type { ClientSession, MinimalUserData } from '../models/session';
 
 // ==================== Utilities ====================
 export {