@pollar/core 0.4.4 → 0.4.5

package/dist/index.mjs

@@ -659,47 +659,9 @@ var StateStatus = {
 };
 var PollarStateVar = {
   NETWORK: "network",
-  AUTHENTICATION: "authentication",
   TRANSACTION: "transaction"
 };
 var STATE_VAR_CODES = {
-  authentication: {
-    NONE: "NONE",
-    LOGOUT: "LOGOUT",
-    CREATE_SESSION_START: "CREATE_SESSION_START",
-    CREATE_SESSION_ERROR: "CREATE_SESSION_ERROR",
-    CREATE_SESSION_SUCCESS: "CREATE_SESSION_SUCCESS",
-    EMAIL_AUTH_START: "EMAIL_AUTH_START",
-    EMAIL_AUTH_START_ERROR: "EMAIL_AUTH_START_ERROR",
-    EMAIL_AUTH_START_SUCCESS: "EMAIL_AUTH_START_SUCCESS",
-    EMAIL_AUTH_CODE_ERROR: "EMAIL_AUTH_CODE_ERROR",
-    EMAIL_AUTH_CODE_SUCCESS: "EMAIL_AUTH_CODE_SUCCESS",
-    WALLET_AUTH_START: "WALLET_AUTH_START",
-    WALLET_AUTH_FREIGHTER_NOT_INSTALLED: "WALLET_AUTH_FREIGHTER_NOT_INSTALLED",
-    WALLET_AUTH_ALBEDO_NOT_INSTALLED: "WALLET_AUTH_ALBEDO_NOT_INSTALLED",
-    WALLET_AUTH_CONNECTED: "WALLET_AUTH_CONNECTED",
-    WALLET_AUTH_LOGIN_START: "WALLET_AUTH_LOGIN_START",
-    WALLET_AUTH_LOGIN_START_SUCCESS: "WALLET_AUTH_LOGIN_START_SUCCESS",
-    WALLET_AUTH_LOGIN_START_ERROR: "WALLET_AUTH_LOGIN_START_ERROR",
-    WALLET_AUTH_ERROR: "WALLET_AUTH_ERROR",
-    STREAM_POLL_START: "STREAM_POLL_START",
-    STREAM_POLL_EVENT: "STREAM_POLL_EVENT",
-    STREAM_POLL_READY: "STREAM_POLL_READY",
-    FETCH_SESSION_START: "FETCH_SESSION_START",
-    FETCH_SESSION_SUCCESS: "FETCH_SESSION_SUCCESS",
-    FETCH_SESSION_ERROR: "FETCH_SESSION_ERROR",
-    NO_RESTORED_SESSION: "NO_RESTORED_SESSION",
-    RESTORED_SESSION_SUCCESS: "RESTORED_SESSION_SUCCESS",
-    RESTORED_SESSION_ERROR: "RESTORED_SESSION_ERROR",
-    SESSION_STORED: "SESSION_STORED",
-    ERROR_ABORTED: "ABORTED",
-    ERROR_UNKNOWN: "ERROR_UNKNOWN"
-  },
-  walletAddress: {
-    NONE: "NONE",
-    REMOVED_ADDRESS: "REMOVED_ADDRESS",
-    UPDATED_ADDRESS: "UPDATED_ADDRESS"
-  },
   transaction: {
     NONE: "NONE",
     BUILD_TRANSACTION_ERROR_NO_WALLET: "BUILD_TRANSACTION_ERROR_NO_WALLET",
@@ -716,183 +678,23 @@ var STATE_VAR_CODES = {
   }
 };
 
-// src/client/helpers.ts
-var emitResponse = (state, response, success, errorCode, emitLog) => {
-  const isSuccess = !response.error && !!response.data && !!response.data?.success;
-  emitLog(
-    state,
-    isSuccess ? success.code : errorCode,
-    isSuccess ? "info" : "error",
-    isSuccess ? success.status || StateStatus.LOADING : StateStatus.ERROR,
-    isSuccess ? response.data : response.error
-  );
-  return isSuccess;
-};
-
-// src/wallets/FreighterAdapter.ts
-var import_freighter_api = __toESM(require_index_min());
-
-// src/wallets/types.ts
-var WalletType = /* @__PURE__ */ ((WalletType2) => {
-  WalletType2["FREIGHTER"] = "freighter";
-  WalletType2["ALBEDO"] = "albedo";
-  return WalletType2;
-})(WalletType || {});
-
-// src/wallets/FreighterAdapter.ts
-var FreighterAdapter = class {
-  constructor() {
-    this.type = "freighter" /* FREIGHTER */;
-  }
-  async isAvailable() {
-    try {
-      return await (0, import_freighter_api.isConnected)();
-    } catch {
-      return false;
-    }
-  }
-  async connect() {
-    const connected = await (0, import_freighter_api.isConnected)();
-    if (!connected) {
-      throw new Error("Freighter wallet is not installed");
-    }
-    const allowed = await (0, import_freighter_api.isAllowed)();
-    if (!allowed) {
-      await (0, import_freighter_api.setAllowed)();
-    }
-    const userInfo = await (0, import_freighter_api.getUserInfo)();
-    if (!userInfo?.publicKey) {
-      throw new Error("Failed to get user information from Freighter");
-    }
-    return { address: userInfo.publicKey, publicKey: userInfo.publicKey };
-  }
-  async disconnect() {
-  }
-  async getPublicKey() {
-    try {
-      const allowed = await (0, import_freighter_api.isAllowed)();
-      if (!allowed) return null;
-      const userInfo = await (0, import_freighter_api.getUserInfo)();
-      return userInfo?.publicKey ?? null;
-    } catch {
-      return null;
-    }
-  }
-  async getNetwork() {
-    return (0, import_freighter_api.getNetwork)();
-  }
-  async signTransaction(xdr, options) {
-    const result = await (0, import_freighter_api.signTransaction)(xdr, {
-      network: options?.network,
-      networkPassphrase: options?.networkPassphrase,
-      accountToSign: options?.accountToSign
-    });
-    if (!result || typeof result !== "string") {
-      throw new Error("Invalid response from Freighter");
-    }
-    return { signedTxXdr: result };
-  }
-  async signAuthEntry(entryXdr, options) {
-    const result = await (0, import_freighter_api.signAuthEntry)(entryXdr, { accountToSign: options?.accountToSign });
-    if (!result || typeof result !== "string") {
-      throw new Error("Invalid response from Freighter");
-    }
-    return { signedAuthEntry: result };
-  }
+// src/types.ts
+var AUTH_ERROR_CODES = {
+  SESSION_CREATE_FAILED: "SESSION_CREATE_FAILED",
+  EMAIL_SEND_FAILED: "EMAIL_SEND_FAILED",
+  EMAIL_VERIFY_FAILED: "EMAIL_VERIFY_FAILED",
+  EMAIL_CODE_EXPIRED: "EMAIL_CODE_EXPIRED",
+  EMAIL_CODE_INVALID: "EMAIL_CODE_INVALID",
+  AUTH_FAILED: "AUTH_FAILED",
+  WALLET_CONNECT_FAILED: "WALLET_CONNECT_FAILED",
+  WALLET_AUTH_FAILED: "WALLET_AUTH_FAILED",
+  UNEXPECTED_ERROR: "UNEXPECTED_ERROR"
 };
-
-// src/wallets/AlbedoAdapter.ts
-function openAlbedoPopup(url) {
-  const popup = window.open(url, "albedo", "width=420,height=720,resizable=yes,scrollbars=yes");
-  if (!popup) {
-    throw new Error("Failed to open Albedo popup (blocked by browser)");
-  }
-  return popup;
-}
-function waitForAlbedoPopup() {
-  return new Promise((resolve, reject) => {
-    const timeout = setTimeout(() => reject(new Error("Albedo response timeout")), 2 * 60 * 1e3);
-    function handler(event) {
-      if (event.origin !== window.location.origin || event.data?.type !== "ALBEDO_RESULT") return;
-      clearTimeout(timeout);
-      window.removeEventListener("message", handler);
-      resolve(event.data.payload);
-    }
-    window.addEventListener("message", handler);
-  });
-}
-function waitForAlbedoResult() {
-  return new Promise((resolve, reject) => {
-    const timeout = setTimeout(() => reject(new Error("Albedo response timeout")), 2 * 60 * 1e3);
-    const parseResult = () => {
-      const params = new URLSearchParams(window.location.search);
-      if (!params.has("pubkey") && !params.has("signed_envelope_xdr") && !params.has("signed_xdr")) return;
-      clearTimeout(timeout);
-      const result = {};
-      params.forEach((value, key) => {
-        result[key] = value;
-      });
-      window.history.replaceState({}, document.title, window.location.pathname);
-      resolve(result);
-    };
-    parseResult();
-    window.addEventListener("popstate", parseResult);
-  });
-}
-var AlbedoAdapter = class {
-  constructor() {
-    this.type = "albedo" /* ALBEDO */;
-  }
-  async isAvailable() {
-    return typeof window !== "undefined";
-  }
-  async connect() {
-    const url = new URL("https://albedo.link");
-    url.searchParams.set("intent", "public-key");
-    url.searchParams.set("app_name", "Pollar");
-    url.searchParams.set("network", "testnet");
-    url.searchParams.set("callback", `${window.location.origin}/albedo-callback`);
-    url.searchParams.set("origin", window.location.origin);
-    openAlbedoPopup(url.toString());
-    const result = await waitForAlbedoPopup();
-    if (!result.pubkey) {
-      throw new Error("Albedo connection rejected");
-    }
-    return { address: result.pubkey, publicKey: result.pubkey };
-  }
-  async disconnect() {
-  }
-  async getPublicKey() {
-    return null;
-  }
-  async getNetwork() {
-    throw new Error("Albedo does not expose network");
-  }
-  async signTransaction(xdr, _options) {
-    const url = new URL("https://albedo.link");
-    url.searchParams.set("intent", "tx");
-    url.searchParams.set("xdr", xdr);
-    url.searchParams.set("app_name", "Pollar");
-    url.searchParams.set("network", "testnet");
-    url.searchParams.set("callback", window.location.href);
-    url.searchParams.set("origin", window.location.origin);
-    window.location.href = url.toString();
-    const result = await waitForAlbedoResult();
-    if (!result.signed_envelope_xdr) throw new Error("Albedo signing rejected");
-    return { signedTxXdr: result.signed_envelope_xdr };
-  }
-  async signAuthEntry(entryXdr, _options) {
-    const url = new URL("https://albedo.link");
-    url.searchParams.set("intent", "sign-auth-entry");
-    url.searchParams.set("xdr", entryXdr);
-    url.searchParams.set("app_name", "Pollar");
-    url.searchParams.set("network", "testnet");
-    url.searchParams.set("callback", window.location.href);
-    url.searchParams.set("origin", window.location.origin);
-    window.location.href = url.toString();
-    const result = await waitForAlbedoResult();
-    if (!result.signed_xdr) throw new Error("Albedo auth entry signing rejected");
-    return { signedAuthEntry: result.signed_xdr };
+var PollarFlowError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.code = "INVALID_FLOW";
+    this.name = "PollarFlowError";
   }
 };
 
@@ -1107,194 +909,422 @@ async function streamUntilFound(api, clientSessionId, check, retryDelayMs = 200,
   }
 }
 
-// src/client/login.ts
-function withSignal(promise, signal) {
-  return Promise.race([
-    promise,
-    new Promise((_, reject) => {
-      if (signal.aborted) {
-        reject(new DOMException("Aborted", "AbortError"));
-        return;
-      }
-      signal.addEventListener("abort", () => reject(new DOMException("Aborted", "AbortError")), { once: true });
-    })
-  ]);
-}
-async function login(options, deps) {
-  const { api, basePath, apiKey, signal, emitState, storeSession, clearSession } = deps;
-  const oauthPopup = options.provider === "google" || options.provider === "github" ? window.open("about:blank", "_blank") : null;
-  emitState("authentication", STATE_VAR_CODES.authentication.CREATE_SESSION_START, "info", StateStatus.LOADING);
-  const createSessionResponse = await api.POST("/auth/session", { signal });
-  if (!emitResponse(
-    PollarStateVar.AUTHENTICATION,
-    createSessionResponse,
-    { code: STATE_VAR_CODES.authentication.CREATE_SESSION_SUCCESS },
-    STATE_VAR_CODES.authentication.CREATE_SESSION_ERROR,
-    emitState
-  )) {
-    oauthPopup?.close();
-    return;
-  }
-  const clientSessionId = createSessionResponse.data.content.clientSessionId;
-  switch (options.provider) {
-    case "email": {
-      emitState("authentication", STATE_VAR_CODES.authentication.EMAIL_AUTH_START, "info", StateStatus.LOADING, {
-        email: options.email
-      });
-      const emailRes = await api.POST(`/auth/email`, {
-        body: { clientSessionId, email: options.email },
-        signal
-      });
-      if (!emitResponse(
-        PollarStateVar.AUTHENTICATION,
-        emailRes,
-        { code: STATE_VAR_CODES.authentication.EMAIL_AUTH_START_SUCCESS },
-        STATE_VAR_CODES.authentication.EMAIL_AUTH_START_ERROR,
-        emitState
-      )) {
-        return;
-      }
-      break;
-    }
-    case "google":
-    case "github": {
-      const url = new URL(`${basePath}/auth/${options.provider}`);
-      url.searchParams.set("api_key", apiKey);
-      url.searchParams.set("client_session_id", clientSessionId);
-      url.searchParams.set("redirect_uri", window.location.origin);
-      if (oauthPopup) {
-        oauthPopup.location.href = url.toString();
-      } else {
-        window.open(url.toString(), "_blank");
-      }
-      break;
-    }
-    case "wallet": {
-      try {
-        emitState("authentication", STATE_VAR_CODES.authentication.WALLET_AUTH_START, "info", StateStatus.LOADING, {
-          adapter: options.type
-        });
-        const adapter = options.type === "freighter" /* FREIGHTER */ ? new FreighterAdapter() : new AlbedoAdapter();
-        const available = await withSignal(adapter.isAvailable(), signal);
-        if (!available) {
-          emitState(
-            "authentication",
-            options.type === "freighter" /* FREIGHTER */ ? STATE_VAR_CODES.authentication.WALLET_AUTH_FREIGHTER_NOT_INSTALLED : STATE_VAR_CODES.authentication.WALLET_AUTH_ALBEDO_NOT_INSTALLED,
-            "info",
-            StateStatus.LOADING,
-            {
-              type: options.type
-            }
-          );
-        }
-        const { publicKey } = await withSignal(adapter.connect(), signal);
-        emitState("authentication", STATE_VAR_CODES.authentication.WALLET_AUTH_CONNECTED, "info", StateStatus.LOADING, {
-          adapter: options.type,
-          publicKey
-        });
-        emitState("authentication", STATE_VAR_CODES.authentication.WALLET_AUTH_LOGIN_START, "info", StateStatus.LOADING, {
-          adapter: options.type,
-          publicKey
-        });
-        const emailRes = await api.POST(`/auth/wallet`, {
-          body: { clientSessionId, walletAddress: publicKey },
-          signal
-        });
-        if (!emitResponse(
-          PollarStateVar.AUTHENTICATION,
-          emailRes,
-          { code: STATE_VAR_CODES.authentication.WALLET_AUTH_LOGIN_START_SUCCESS },
-          STATE_VAR_CODES.authentication.WALLET_AUTH_LOGIN_START_ERROR,
-          emitState
-        )) {
-          return;
-        }
-      } catch (error2) {
-        emitState("authentication", STATE_VAR_CODES.authentication.WALLET_AUTH_ERROR, "error", StateStatus.ERROR, {
-          clientSessionId
-        });
-      }
-      break;
-    }
-  }
-  emitState("authentication", STATE_VAR_CODES.authentication.STREAM_POLL_START, "info", StateStatus.LOADING, {
-    clientSessionId
-  });
-  await streamUntilFound(
-    api,
-    clientSessionId,
-    (data2) => {
-      const status = data2?.status;
-      if (status === "READY") {
-        emitState("authentication", STATE_VAR_CODES.authentication.STREAM_POLL_READY, "info", StateStatus.LOADING);
-        return true;
-      }
-      emitState(
-        "authentication",
-        STATE_VAR_CODES.authentication.STREAM_POLL_EVENT + (status ? `/${status}` : ""),
-        "info",
-        StateStatus.LOADING,
-        data2
-      );
-      return false;
-    },
-    200,
-    signal
-  );
-  emitState("authentication", STATE_VAR_CODES.authentication.FETCH_SESSION_START, "info", StateStatus.LOADING);
-  const { data, error } = await api.POST(`/auth/login`, {
+// src/client/auth/authenticate.ts
+async function authenticate(clientSessionId, deps) {
+  const { api, signal, setAuthState, storeSession, clearSession } = deps;
+  setAuthState({ step: "authenticating" });
+  await streamUntilFound(api, clientSessionId, (data2) => data2?.status === "READY", 200, signal);
+  const { data, error } = await api.POST("/auth/login", {
     body: { clientSessionId },
     signal
   });
   if (data?.code === "SDK_LOGIN_SUCCESS" && isValidSession(data?.content)) {
-    emitState("authentication", STATE_VAR_CODES.authentication.FETCH_SESSION_SUCCESS, "info", StateStatus.SUCCESS);
     storeSession(data.content);
   } else {
-    emitState("authentication", STATE_VAR_CODES.authentication.FETCH_SESSION_ERROR, "error", StateStatus.ERROR, {
-      error,
-      data
+    setAuthState({
+      step: "error",
+      previousStep: "authenticating",
+      message: "Failed to load session",
+      errorCode: AUTH_ERROR_CODES.AUTH_FAILED
     });
     clearSession();
   }
 }
 
-// src/client/client.ts
-var isBrowser = typeof window !== "undefined" && typeof localStorage !== "undefined";
-function warnServerSide(method) {
-  console.warn(
-    `[PollarClient] ${method}() called server-side \u2014 browser APIs unavailable. Use PollarClient only in Client Components.`
-  );
+// src/client/auth/emailFlow.ts
+async function initEmailSession(deps) {
+  const { api, signal, setAuthState } = deps;
+  setAuthState({ step: "creating_session" });
+  const { data, error } = await api.POST("/auth/session", { signal });
+  if (error || !data?.success) {
+    setAuthState({
+      step: "error",
+      previousStep: "creating_session",
+      message: "Failed to create session",
+      errorCode: AUTH_ERROR_CODES.SESSION_CREATE_FAILED
+    });
+    return;
+  }
+  setAuthState({ step: "entering_email", clientSessionId: data.content.clientSessionId });
 }
-var PollarClient = class {
-  constructor(config) {
-    this._session = null;
-    this._stateListeners = /* @__PURE__ */ new Set();
-    this._state = {
-      network: [],
-      authentication: [],
-      transaction: []
-    };
-    this.apiKey = config.apiKey;
-    this.id = crypto.randomUUID();
-    this.basePath = `${config.baseUrl || "https://sdk.api.pollar.xyz"}/v1`;
-    this._api = createApiClient(this.basePath);
-    this._api.use({
-      onRequest({ request }) {
-        request.headers.set("x-pollar-api-key", config.apiKey);
-        return request;
-      }
+async function sendEmailCode(email, clientSessionId, deps) {
+  const { api, signal, setAuthState } = deps;
+  setAuthState({ step: "sending_email", email });
+  const { data, error } = await api.POST("/auth/email", {
+    body: { clientSessionId, email },
+    signal
+  });
+  if (error || !data?.success) {
+    setAuthState({
+      step: "error",
+      previousStep: "sending_email",
+      message: "Failed to send code",
+      errorCode: AUTH_ERROR_CODES.EMAIL_SEND_FAILED
     });
-    if (!isBrowser) {
-      warnServerSide("constructor");
-      this._session = null;
-      return;
-    }
-    console.info(`[PollarClient] Initialized \u2014 endpoint: ${this.basePath}`);
-    this._readStore();
-    window.addEventListener("storage", (e) => {
-      if (e.key === STORAGE_KEY) {
-        const prev = this._session;
-        console.info(`[PollarClient] Storage event \u2014 session ${this._session ? "updated" : prev ? "cleared" : "unchanged"}`);
+    return;
+  }
+  setAuthState({ step: "entering_code", clientSessionId, email });
+}
+async function verifyAndAuthenticate(code, clientSessionId, email, deps) {
+  const { api, signal, setAuthState } = deps;
+  setAuthState({ step: "verifying_email_code", clientSessionId, email });
+  const { data, error } = await api.POST("/auth/email/verify-code", {
+    body: { clientSessionId, code },
+    signal
+  });
+  if (data?.code === "SDK_EMAIL_CODE_VERIFIED") {
+    await authenticate(clientSessionId, deps);
+    return;
+  }
+  const errCode = error?.error ?? data?.code;
+  if (errCode === "SDK_EMAIL_CODE_EXPIRED") {
+    setAuthState({
+      step: "error",
+      previousStep: "verifying_email_code",
+      message: "Code expired \u2014 request a new one",
+      errorCode: AUTH_ERROR_CODES.EMAIL_CODE_EXPIRED,
+      clientSessionId,
+      email
+    });
+    return;
+  }
+  if (errCode === "INVALID_EMAIL_CODE" || errCode === "SDK_EMAIL_CODE_INVALID") {
+    setAuthState({
+      step: "error",
+      previousStep: "verifying_email_code",
+      message: "Invalid code \u2014 try again",
+      errorCode: AUTH_ERROR_CODES.EMAIL_CODE_INVALID,
+      clientSessionId,
+      email
+    });
+    return;
+  }
+  setAuthState({
+    step: "error",
+    previousStep: "verifying_email_code",
+    message: "Failed to verify code \u2014 try again",
+    errorCode: AUTH_ERROR_CODES.EMAIL_VERIFY_FAILED
+  });
+}
+
+// src/client/auth/oauthFlow.ts
+async function initOAuthSession(deps) {
+  const { api, signal, setAuthState } = deps;
+  setAuthState({ step: "creating_session" });
+  const { data, error } = await api.POST("/auth/session", { signal });
+  if (error || !data?.success) {
+    setAuthState({
+      step: "error",
+      previousStep: "creating_session",
+      message: "Failed to create session",
+      errorCode: AUTH_ERROR_CODES.SESSION_CREATE_FAILED
+    });
+    return null;
+  }
+  return data.content.clientSessionId;
+}
+async function loginOAuth(provider, deps) {
+  const { setAuthState, basePath, apiKey } = deps;
+  const popup = window.open("about:blank", "_blank");
+  const clientSessionId = await initOAuthSession(deps);
+  if (!clientSessionId) {
+    popup?.close();
+    return;
+  }
+  setAuthState({ step: "opening_oauth", provider });
+  const url = new URL(`${basePath}/auth/${provider}`);
+  url.searchParams.set("api_key", apiKey);
+  url.searchParams.set("client_session_id", clientSessionId);
+  url.searchParams.set("redirect_uri", window.location.origin);
+  if (popup) {
+    popup.location.href = url.toString();
+  } else {
+    window.open(url.toString(), "_blank");
+  }
+  await authenticate(clientSessionId, deps);
+}
+
+// src/wallets/FreighterAdapter.ts
+var import_freighter_api = __toESM(require_index_min());
+
+// src/wallets/types.ts
+var WalletType = /* @__PURE__ */ ((WalletType2) => {
+  WalletType2["FREIGHTER"] = "freighter";
+  WalletType2["ALBEDO"] = "albedo";
+  return WalletType2;
+})(WalletType || {});
+
+// src/wallets/FreighterAdapter.ts
+var FreighterAdapter = class {
+  constructor() {
+    this.type = "freighter" /* FREIGHTER */;
+  }
+  async isAvailable() {
+    try {
+      return await (0, import_freighter_api.isConnected)();
+    } catch {
+      return false;
+    }
+  }
+  async connect() {
+    const connected = await (0, import_freighter_api.isConnected)();
+    if (!connected) {
+      throw new Error("Freighter wallet is not installed");
+    }
+    const allowed = await (0, import_freighter_api.isAllowed)();
+    if (!allowed) {
+      await (0, import_freighter_api.setAllowed)();
+    }
+    const userInfo = await (0, import_freighter_api.getUserInfo)();
+    if (!userInfo?.publicKey) {
+      throw new Error("Failed to get user information from Freighter");
+    }
+    return { address: userInfo.publicKey, publicKey: userInfo.publicKey };
+  }
+  async disconnect() {
+  }
+  async getPublicKey() {
+    try {
+      const allowed = await (0, import_freighter_api.isAllowed)();
+      if (!allowed) return null;
+      const userInfo = await (0, import_freighter_api.getUserInfo)();
+      return userInfo?.publicKey ?? null;
+    } catch {
+      return null;
+    }
+  }
+  async getNetwork() {
+    return (0, import_freighter_api.getNetwork)();
+  }
+  async signTransaction(xdr, options) {
+    const result = await (0, import_freighter_api.signTransaction)(xdr, {
+      network: options?.network,
+      networkPassphrase: options?.networkPassphrase,
+      accountToSign: options?.accountToSign
+    });
+    if (!result || typeof result !== "string") {
+      throw new Error("Invalid response from Freighter");
+    }
+    return { signedTxXdr: result };
+  }
+  async signAuthEntry(entryXdr, options) {
+    const result = await (0, import_freighter_api.signAuthEntry)(entryXdr, { accountToSign: options?.accountToSign });
+    if (!result || typeof result !== "string") {
+      throw new Error("Invalid response from Freighter");
+    }
+    return { signedAuthEntry: result };
+  }
+};
+
+// src/wallets/AlbedoAdapter.ts
+function openAlbedoPopup(url) {
+  const popup = window.open(url, "albedo", "width=420,height=720,resizable=yes,scrollbars=yes");
+  if (!popup) {
+    throw new Error("Failed to open Albedo popup (blocked by browser)");
+  }
+  return popup;
+}
+function waitForAlbedoPopup() {
+  return new Promise((resolve, reject) => {
+    const timeout = setTimeout(() => reject(new Error("Albedo response timeout")), 2 * 60 * 1e3);
+    function handler(event) {
+      if (event.origin !== window.location.origin || event.data?.type !== "ALBEDO_RESULT") return;
+      clearTimeout(timeout);
+      window.removeEventListener("message", handler);
+      resolve(event.data.payload);
+    }
+    window.addEventListener("message", handler);
+  });
+}
+function waitForAlbedoResult() {
+  return new Promise((resolve, reject) => {
+    const timeout = setTimeout(() => reject(new Error("Albedo response timeout")), 2 * 60 * 1e3);
+    const parseResult = () => {
+      const params = new URLSearchParams(window.location.search);
+      if (!params.has("pubkey") && !params.has("signed_envelope_xdr") && !params.has("signed_xdr")) return;
+      clearTimeout(timeout);
+      const result = {};
+      params.forEach((value, key) => {
+        result[key] = value;
+      });
+      window.history.replaceState({}, document.title, window.location.pathname);
+      resolve(result);
+    };
+    parseResult();
+    window.addEventListener("popstate", parseResult);
+  });
+}
+var AlbedoAdapter = class {
+  constructor() {
+    this.type = "albedo" /* ALBEDO */;
+  }
+  async isAvailable() {
+    return typeof window !== "undefined";
+  }
+  async connect() {
+    const url = new URL("https://albedo.link");
+    url.searchParams.set("intent", "public-key");
+    url.searchParams.set("app_name", "Pollar");
+    url.searchParams.set("network", "testnet");
+    url.searchParams.set("callback", `${window.location.origin}/albedo-callback`);
+    url.searchParams.set("origin", window.location.origin);
+    openAlbedoPopup(url.toString());
+    const result = await waitForAlbedoPopup();
+    if (!result.pubkey) {
+      throw new Error("Albedo connection rejected");
+    }
+    return { address: result.pubkey, publicKey: result.pubkey };
+  }
+  async disconnect() {
+  }
+  async getPublicKey() {
+    return null;
+  }
+  async getNetwork() {
+    throw new Error("Albedo does not expose network");
+  }
+  async signTransaction(xdr, _options) {
+    const url = new URL("https://albedo.link");
+    url.searchParams.set("intent", "tx");
+    url.searchParams.set("xdr", xdr);
+    url.searchParams.set("app_name", "Pollar");
+    url.searchParams.set("network", "testnet");
+    url.searchParams.set("callback", window.location.href);
+    url.searchParams.set("origin", window.location.origin);
+    window.location.href = url.toString();
+    const result = await waitForAlbedoResult();
+    if (!result.signed_envelope_xdr) throw new Error("Albedo signing rejected");
+    return { signedTxXdr: result.signed_envelope_xdr };
+  }
+  async signAuthEntry(entryXdr, _options) {
+    const url = new URL("https://albedo.link");
+    url.searchParams.set("intent", "sign-auth-entry");
+    url.searchParams.set("xdr", entryXdr);
+    url.searchParams.set("app_name", "Pollar");
+    url.searchParams.set("network", "testnet");
+    url.searchParams.set("callback", window.location.href);
+    url.searchParams.set("origin", window.location.origin);
+    window.location.href = url.toString();
+    const result = await waitForAlbedoResult();
+    if (!result.signed_xdr) throw new Error("Albedo auth entry signing rejected");
+    return { signedAuthEntry: result.signed_xdr };
+  }
+};
+
+// src/client/auth/walletFlow.ts
+function withSignal(promise, signal) {
+  return Promise.race([
+    promise,
+    new Promise((_, reject) => {
+      if (signal.aborted) {
+        reject(new DOMException("Aborted", "AbortError"));
+        return;
+      }
+      signal.addEventListener("abort", () => reject(new DOMException("Aborted", "AbortError")), { once: true });
+    })
+  ]);
+}
+async function loginWallet(type, deps) {
+  const { api, signal, setAuthState } = deps;
+  setAuthState({ step: "creating_session" });
+  const { data, error } = await api.POST("/auth/session", { signal });
+  if (error || !data?.success) {
+    setAuthState({
+      step: "error",
+      previousStep: "creating_session",
+      message: "Failed to create session",
+      errorCode: AUTH_ERROR_CODES.SESSION_CREATE_FAILED
+    });
+    return;
+  }
+  const clientSessionId = data.content.clientSessionId;
+  try {
+    setAuthState({ step: "connecting_wallet", walletType: type });
+    const adapter = type === "freighter" /* FREIGHTER */ ? new FreighterAdapter() : new AlbedoAdapter();
+    const available = await withSignal(adapter.isAvailable(), signal);
+    if (!available) {
+      setAuthState({ step: "wallet_not_installed", walletType: type });
+      return;
+    }
+    const { publicKey } = await withSignal(adapter.connect(), signal);
+    setAuthState({ step: "authenticating_wallet" });
+    const { data: walletData, error: walletError } = await api.POST("/auth/wallet", {
+      body: { clientSessionId, walletAddress: publicKey },
+      signal
+    });
+    if (walletError || !walletData?.success) {
+      setAuthState({
+        step: "error",
+        previousStep: "authenticating_wallet",
+        message: "Wallet authentication failed",
+        errorCode: AUTH_ERROR_CODES.WALLET_AUTH_FAILED
+      });
+      return;
+    }
+  } catch {
+    setAuthState({
+      step: "error",
+      previousStep: "connecting_wallet",
+      message: "Wallet connection failed",
+      errorCode: AUTH_ERROR_CODES.WALLET_CONNECT_FAILED
+    });
+    return;
+  }
+  await authenticate(clientSessionId, deps);
+}
+
+// src/client/helpers.ts
+var emitResponse = (state, response, success, errorCode, emitLog) => {
+  const isSuccess = !response.error && !!response.data && !!response.data?.success;
+  emitLog(
+    state,
+    isSuccess ? success.code : errorCode,
+    isSuccess ? "info" : "error",
+    isSuccess ? success.status || StateStatus.LOADING : StateStatus.ERROR,
+    isSuccess ? response.data : response.error
+  );
+  return isSuccess;
+};
+
+// src/client/client.ts
+var isBrowser = typeof window !== "undefined" && typeof localStorage !== "undefined";
+function warnServerSide(method) {
+  console.warn(
+    `[PollarClient] ${method}() called server-side \u2014 browser APIs unavailable. Use PollarClient only in Client Components.`
+  );
+}
+var PollarClient = class {
+  constructor(config) {
+    this._session = null;
+    this._stateListeners = /* @__PURE__ */ new Set();
+    this._state = {
+      network: [],
+      transaction: []
+    };
+    this._authState = { step: "idle" };
+    this._authStateListeners = /* @__PURE__ */ new Set();
+    this._loginController = null;
+    this.apiKey = config.apiKey;
+    this.id = crypto.randomUUID();
+    this.basePath = `${config.baseUrl || "https://sdk.api.pollar.xyz"}/v1`;
+    this._api = createApiClient(this.basePath);
+    this._api.use({
+      onRequest({ request }) {
+        request.headers.set("x-pollar-api-key", config.apiKey);
+        return request;
+      }
+    });
+    if (!isBrowser) {
+      warnServerSide("constructor");
+      this._session = null;
+      return;
+    }
+    console.info(`[PollarClient] Initialized \u2014 endpoint: ${this.basePath}`);
+    this._readStore();
+    window.addEventListener("storage", (e) => {
+      if (e.key === STORAGE_KEY) {
+        const prev = this._session;
+        console.info(`[PollarClient] Storage event \u2014 session ${this._session ? "updated" : prev ? "cleared" : "unchanged"}`);
         this._readStore();
       }
     });
@@ -1302,87 +1332,129 @@ var PollarClient = class {
       network: "testnet"
     });
   }
+  // ─── Auth state ──────────────────────────────────────────────────────────────
   isAuthenticated() {
     return !!this._session?.wallet?.publicKey;
   }
-  getState() {
-    return { session: this._session };
+  getAuthState() {
+    return this._authState;
   }
-  getApi() {
-    return this._api;
+  onAuthStateChange(cb) {
+    this._authStateListeners.add(cb);
+    cb(this._authState);
+    return () => this._authStateListeners.delete(cb);
   }
+  // ─── Login (unified entry point) ─────────────────────────────────────────
   login(options) {
     if (!isBrowser) {
       warnServerSide("login");
-      return {
-        cancelLogin: () => {
+      return;
+    }
+    if (options.provider === "google" || options.provider === "github") {
+      this.loginOAuth(options.provider);
+    } else if (options.provider === "email") {
+      const { email } = options;
+      const controller = this._newController();
+      const deps = this._flowDeps(controller.signal);
+      initEmailSession(deps).then(() => {
+        if (this._authState.step === "entering_email") {
+          return sendEmailCode(email, this._authState.clientSessionId, deps);
         }
-      };
+      }).catch((err) => this._handleFlowError(err));
+    } else if (options.provider === "wallet") {
+      this.loginWallet(options.type);
     }
-    const controller = new AbortController();
-    console.info(`[PollarClient] Login started \u2014 provider: ${options.provider}`);
-    login(options, {
-      api: this._api,
-      basePath: this.basePath,
-      apiKey: this.apiKey,
-      signal: controller.signal,
-      emitState: this._emitState.bind(this),
-      storeSession: this._storeSession.bind(this),
-      clearSession: this._clearSession.bind(this)
-    }).catch((error) => {
-      if (error instanceof Error && error.name === "AbortError") {
-        console.info("[PollarClient] Login aborted by user");
-        this._emitState("authentication", STATE_VAR_CODES.authentication.ERROR_ABORTED, "error", StateStatus.ERROR);
-        return;
-      }
-      console.error("[PollarClient] Login failed with unexpected error", error);
-      this._emitState("authentication", STATE_VAR_CODES.authentication.ERROR_UNKNOWN, "error", StateStatus.ERROR, {
-        error
-      });
-    });
-    return { cancelLogin: () => controller.abort() };
   }
-  onStateChange(cb) {
-    this._stateListeners.add(cb);
-    for (const [, stateEntry] of Object.entries(this._state)) {
-      if (stateEntry.length >= 1) {
-        cb(stateEntry.at(-1));
-      }
+  // ─── Email OTP flow (3 steps) ─────────────────────────────────────────────
+  beginEmailLogin() {
+    if (!isBrowser) {
+      warnServerSide("beginEmailLogin");
+      return;
     }
-    return () => this._stateListeners.delete(cb);
+    const controller = this._newController();
+    initEmailSession(this._flowDeps(controller.signal)).catch((err) => this._handleFlowError(err));
+  }
+  sendEmailCode(email) {
+    if (!isBrowser) {
+      warnServerSide("sendEmailCode");
+      return;
+    }
+    if (this._authState.step !== "entering_email") {
+      throw new PollarFlowError(`sendEmailCode() requires step 'entering_email', current step is '${this._authState.step}'`);
+    }
+    const { clientSessionId } = this._authState;
+    const signal = this._loginController.signal;
+    sendEmailCode(email, clientSessionId, this._flowDeps(signal)).catch((err) => this._handleFlowError(err));
   }
-  async verifyEmailCode(clientSessionId, code) {
+  verifyEmailCode(code) {
     if (!isBrowser) {
       warnServerSide("verifyEmailCode");
       return;
     }
-    try {
-      const { error, data } = await this._api.POST("/auth/email/verify-code", {
-        body: { clientSessionId, code }
-      });
-      if (error || !data || data?.code !== "SDK_EMAIL_CODE_VERIFIED") {
-        this._emitState("authentication", STATE_VAR_CODES.authentication.EMAIL_AUTH_CODE_ERROR, "error", StateStatus.ERROR, {
-          data,
-          error
-        });
-        return;
-      }
-      this._emitState("authentication", STATE_VAR_CODES.authentication.EMAIL_AUTH_CODE_SUCCESS, "info", StateStatus.SUCCESS, {
-        data,
-        error
-      });
-    } catch (error) {
-      this._emitState(
-        "authentication",
-        STATE_VAR_CODES.authentication.WALLET_AUTH_ALBEDO_NOT_INSTALLED,
-        "error",
-        StateStatus.ERROR
-      );
+    const isRetryableError = this._authState.step === "error" && this._authState.clientSessionId != null && (this._authState.errorCode === AUTH_ERROR_CODES.EMAIL_CODE_INVALID || this._authState.errorCode === AUTH_ERROR_CODES.EMAIL_CODE_EXPIRED);
+    if (this._authState.step !== "entering_code" && !isRetryableError) {
+      throw new PollarFlowError(`verifyEmailCode() requires step 'entering_code', current step is '${this._authState.step}'`);
+    }
+    const state = this._authState;
+    const clientSessionId = state.step === "entering_code" ? state.clientSessionId : state.clientSessionId;
+    const email = state.step === "entering_code" ? state.email : state.email ?? "";
+    const controller = this._newController();
+    verifyAndAuthenticate(code, clientSessionId, email, this._flowDeps(controller.signal)).catch(
+      (err) => this._handleFlowError(err)
+    );
+  }
+  // ─── OAuth flow (single call) ─────────────────────────────────────────────
+  loginOAuth(provider) {
+    if (!isBrowser) {
+      warnServerSide("loginOAuth");
+      return;
+    }
+    const controller = this._newController();
+    loginOAuth(provider, {
+      ...this._flowDeps(controller.signal),
+      basePath: this.basePath,
+      apiKey: this.apiKey
+    }).catch((err) => this._handleFlowError(err));
+  }
+  // ─── Wallet flow (single call) ────────────────────────────────────────────
+  loginWallet(type) {
+    if (!isBrowser) {
+      warnServerSide("loginWallet");
+      return;
+    }
+    const controller = this._newController();
+    loginWallet(type, this._flowDeps(controller.signal)).catch((err) => this._handleFlowError(err));
+  }
+  // ─── Cancel ───────────────────────────────────────────────────────────────
+  cancelLogin() {
+    this._loginController?.abort();
+    this._loginController = null;
+    this._setAuthState({ step: "idle" });
+  }
+  // ─── Logout ───────────────────────────────────────────────────────────────
+  logout() {
+    if (!isBrowser) {
+      warnServerSide("logout");
+      return;
     }
+    console.info("[PollarClient] Logout requested");
+    this._clearSession();
+  }
+  // ─── General state (network / transaction) ────────────────────────────────
+  getApi() {
+    return this._api;
   }
   getNetwork() {
     return this._state.network.at(-1)?.data?.network === "public" ? "public" : "testnet";
   }
+  onStateChange(cb) {
+    this._stateListeners.add(cb);
+    for (const [, stateEntry] of Object.entries(this._state)) {
+      if (stateEntry.length >= 1) cb(stateEntry.at(-1));
+    }
+    return () => this._stateListeners.delete(cb);
+  }
+  // ─── Transactions ─────────────────────────────────────────────────────────
   async buildTx(operation, params, options) {
     if (!this._session?.wallet?.publicKey) {
       this._emitState("transaction", STATE_VAR_CODES.transaction.BUILD_TRANSACTION_ERROR_NO_WALLET, "error", StateStatus.ERROR);
@@ -1390,7 +1462,7 @@ var PollarClient = class {
     }
     const body = {
       network: this.getNetwork(),
-      publicKey: this._session?.wallet?.publicKey,
+      publicKey: this._session.wallet.publicKey,
       operation,
       params,
       options: options || {}
@@ -1398,102 +1470,100 @@ var PollarClient = class {
     try {
       this._emitState("transaction", STATE_VAR_CODES.transaction.BUILD_TRANSACTION_START, "info", StateStatus.LOADING);
       const response = await this._api.POST("/tx/build", { body });
-      if (!emitResponse(
+      emitResponse(
         PollarStateVar.TRANSACTION,
         response,
         { code: STATE_VAR_CODES.transaction.BUILD_TRANSACTION_SUCCESS, status: StateStatus.SUCCESS },
         STATE_VAR_CODES.transaction.BUILD_TRANSACTION_ERROR,
         this._emitState.bind(this)
-      )) {
-        return;
-      }
+      );
     } catch (error) {
       this._emitState("transaction", STATE_VAR_CODES.transaction.BUILD_TRANSACTION_ERROR, "error", StateStatus.ERROR, {
-        body,
         error
       });
-      return;
     }
   }
   async submitTx(signedXdr) {
-    const body = {
-      network: this.getNetwork(),
-      signedXdr
-    };
+    const body = { network: this.getNetwork(), signedXdr };
     try {
       this._emitState("transaction", STATE_VAR_CODES.transaction.SIGN_SEND_TRANSACTION_START, "info", StateStatus.LOADING);
       const response = await this._api.POST("/tx/sign-and-send", { body });
-      if (!emitResponse(
+      emitResponse(
         PollarStateVar.TRANSACTION,
         response,
         { code: STATE_VAR_CODES.transaction.SIGN_SEND_TRANSACTION_SUCCESS, status: StateStatus.SUCCESS },
         STATE_VAR_CODES.transaction.SIGN_SEND_TRANSACTION_ERROR,
         this._emitState.bind(this)
-      )) {
-        return;
-      }
+      );
     } catch (error) {
       this._emitState("transaction", STATE_VAR_CODES.transaction.SIGN_SEND_TRANSACTION_ERROR, "error", StateStatus.ERROR, {
-        body,
         error
       });
-      return;
     }
   }
-  logout() {
-    if (!isBrowser) {
-      warnServerSide("logout");
+  // ─── Private ──────────────────────────────────────────────────────────────
+  /** Creates a new AbortController, cancelling any existing flow first. */
+  _newController() {
+    this._loginController?.abort();
+    this._loginController = new AbortController();
+    return this._loginController;
+  }
+  /** Builds the deps object passed to flow functions via bind pattern. */
+  _flowDeps(signal) {
+    return {
+      api: this._api,
+      signal,
+      setAuthState: this._setAuthState.bind(this),
+      storeSession: this._storeSession.bind(this),
+      clearSession: this._clearSession.bind(this)
+    };
+  }
+  _handleFlowError(error) {
+    if (error instanceof Error && error.name === "AbortError") {
+      console.info("[PollarClient] Login cancelled");
+      this._setAuthState({ step: "idle" });
       return;
     }
-    console.info("[PollarClient] Logout requested");
-    this._clearSession();
+    console.error("[PollarClient] Unexpected error in auth flow", error);
+    this._setAuthState({
+      step: "error",
+      previousStep: this._authState.step,
+      message: "An unexpected error occurred",
+      errorCode: AUTH_ERROR_CODES.UNEXPECTED_ERROR
+    });
   }
   _readStore() {
     this._session = readStorage();
     if (this._session) {
-      this._emitState(
-        "authentication",
-        STATE_VAR_CODES.authentication.RESTORED_SESSION_SUCCESS,
-        "info",
-        StateStatus.SUCCESS,
-        this._session
-      );
+      this._authState = { step: "authenticated", session: this._session };
       console.info("[PollarClient] Session restored from storage");
     } else {
-      this._emitState("authentication", STATE_VAR_CODES.authentication.NO_RESTORED_SESSION, "info", StateStatus.NONE);
-      console.info("[PollarClient] Session NO restored from storage");
+      console.info("[PollarClient] No session in storage");
     }
   }
   _storeSession(session) {
     console.info(`[PollarClient] Session stored \u2014 user: ${session.userId ?? "anonymous"}`);
     this._session = session;
     writeStorage(session);
-    this._emitState(
-      "authentication",
-      STATE_VAR_CODES.authentication.SESSION_STORED,
-      "info",
-      StateStatus.SUCCESS,
-      this._session
-    );
+    this._setAuthState({ step: "authenticated", session });
   }
   _clearSession() {
     console.info("[PollarClient] Session cleared");
     this._session = null;
     removeStorage();
-    this._state = {
-      network: [],
-      authentication: [],
-      transaction: []
-    };
-    this._emitState("authentication", STATE_VAR_CODES.authentication.LOGOUT, "info", StateStatus.NONE);
+    this._state = { network: [], transaction: [] };
+    this._setAuthState({ step: "idle" });
+  }
+  _setAuthState(next) {
+    this._authState = next;
+    console.info(`[PollarClient] auth:${next.step}`);
+    for (const cb of this._authStateListeners) cb(next);
   }
   _emitState(fn, code, level, status, data) {
     const stateEntry = { var: fn, code, level, data, status, ts: Date.now() };
     this._state[fn].push(stateEntry);
     console[level](`[PollarClient] ${fn}:${code} \u2014 ${status}`);
-    for (const cb of this._stateListeners) {
-      cb(stateEntry);
-    }
+    for (const cb of this._stateListeners) cb(stateEntry);
   }
 };
 
@@ -1533,6 +1603,6 @@ var StellarClient = class {
   }
 };
 
-export { AlbedoAdapter, FreighterAdapter, PollarClient, PollarStateVar, STATE_VAR_CODES, StateStatus, StellarClient, WalletType, isValidSession };
+export { AUTH_ERROR_CODES, AlbedoAdapter, FreighterAdapter, PollarClient, PollarStateVar, STATE_VAR_CODES, StateStatus, StellarClient, WalletType, isValidSession };
 //# sourceMappingURL=index.mjs.map
 //# sourceMappingURL=index.mjs.map