npm - @pollar/core - Versions diffs - 0.9.0-rc.1 → 0.9.0-rc.3 - Mend

@pollar/core 0.9.0-rc.1 → 0.9.0-rc.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/dist/index.js CHANGED Viewed

@@ -1173,7 +1173,7 @@ function defaultStorage(options = {}) {
 }
 // src/version.ts
-var POLLAR_CORE_VERSION = "0.9.0-rc.1" ;
+var POLLAR_CORE_VERSION = "0.9.0-rc.3" ;
 // src/visibility/noop.ts
 function createNoopVisibilityProvider() {
@@ -1345,7 +1345,10 @@ function openAlbedoPopup(url) {
 }
 function waitForAlbedoPopup() {
   return new Promise((resolve, reject) => {
-    const timeout = setTimeout(() => reject(new Error("Albedo response timeout")), 2 * 60 * 1e3);
+    const timeout = setTimeout(() => {
+      window.removeEventListener("message", handler);
+      reject(new Error("Albedo response timeout"));
+    }, 2 * 60 * 1e3);
     function handler(event) {
       if (event.origin !== window.location.origin || event.data?.type !== "ALBEDO_RESULT") return;
       clearTimeout(timeout);
@@ -1355,24 +1358,6 @@ function waitForAlbedoPopup() {
     window.addEventListener("message", handler);
   });
 }
-function waitForAlbedoResult() {
-  return new Promise((resolve, reject) => {
-    const timeout = setTimeout(() => reject(new Error("Albedo response timeout")), 2 * 60 * 1e3);
-    const parseResult = () => {
-      const params = new URLSearchParams(window.location.search);
-      if (!params.has("pubkey") && !params.has("signed_envelope_xdr") && !params.has("signed_xdr")) return;
-      clearTimeout(timeout);
-      const result = {};
-      params.forEach((value, key) => {
-        result[key] = value;
-      });
-      window.history.replaceState({}, document.title, window.location.pathname);
-      resolve(result);
-    };
-    parseResult();
-    window.addEventListener("popstate", parseResult);
-  });
-}
 var AlbedoAdapter = class {
   /**
    * Network used for `connect` and `signAuthEntry` (which carry no per-call
@@ -1414,10 +1399,10 @@ var AlbedoAdapter = class {
     url.searchParams.set("xdr", xdr);
     url.searchParams.set("app_name", "Pollar");
     url.searchParams.set("network", albedoNetwork(options, this.network));
-    url.searchParams.set("callback", window.location.href);
+    url.searchParams.set("callback", `${window.location.origin}/albedo-callback`);
     url.searchParams.set("origin", window.location.origin);
-    window.location.href = url.toString();
-    const result = await waitForAlbedoResult();
+    openAlbedoPopup(url.toString());
+    const result = await waitForAlbedoPopup();
     if (!result.signed_envelope_xdr) throw new Error("Albedo signing rejected");
     return { signedTxXdr: result.signed_envelope_xdr };
   }
@@ -1427,10 +1412,10 @@ var AlbedoAdapter = class {
     url.searchParams.set("xdr", entryXdr);
     url.searchParams.set("app_name", "Pollar");
     url.searchParams.set("network", this.network);
-    url.searchParams.set("callback", window.location.href);
+    url.searchParams.set("callback", `${window.location.origin}/albedo-callback`);
     url.searchParams.set("origin", window.location.origin);
-    window.location.href = url.toString();
-    const result = await waitForAlbedoResult();
+    openAlbedoPopup(url.toString());
+    const result = await waitForAlbedoPopup();
     if (!result.signed_xdr) throw new Error("Albedo auth entry signing rejected");
     return { signedAuthEntry: result.signed_xdr };
   }
@@ -1513,8 +1498,8 @@ function isValidSession(value, logger = console) {
     return false;
   }
   const w = wallet;
-  if (w["type"] !== "custodial" && w["type"] !== "smart" && w["type"] !== "external") {
-    logger.debug("[PollarClient:session] Invalid session \u2014 wallet.type must be custodial|smart|external");
+  if (w["type"] !== "internal" && w["type"] !== "smart" && w["type"] !== "external") {
+    logger.debug("[PollarClient:session] Invalid session \u2014 wallet.type must be internal|smart|external");
     return false;
   }
   if (w["address"] !== null && !isBoundedString(w["address"], MAX_WALLET_PUBLIC_KEY)) {
@@ -1545,6 +1530,9 @@ async function readStorage(storage, apiKeyHash, logger = console) {
       if (w && w["address"] == null && typeof w["publicKey"] === "string") {
         w["address"] = w["publicKey"];
       }
+      if (w && w["type"] === "custodial") {
+        w["type"] = "internal";
+      }
     }
     if (!isValidSession(session, logger)) {
       await storage.remove(sessionStorageKey(apiKeyHash));
@@ -1645,16 +1633,12 @@ async function streamUntilFound(api, clientSessionId, check, retryDelayMs = 200,
     }
     const reader = data.getReader();
     const decoder = new TextDecoder();
-    let streamDone = false;
     let sawAnyChunk = false;
     try {
       while (true) {
         throwIfAborted(signal);
         const { done, value } = await reader.read();
-        if (done) {
-          streamDone = true;
-          break;
-        }
+        if (done) break;
         sawAnyChunk = true;
         const chunk = decoder.decode(value);
         for (const message of chunk.split("\n\n").filter(Boolean)) {
@@ -1682,8 +1666,7 @@ async function streamUntilFound(api, clientSessionId, check, retryDelayMs = 200,
     }
     if (sawAnyChunk) backoff = retryDelayMs;
     else backoff = Math.min(backoff * 2, MAX_BACKOFF_MS);
-    const delay = streamDone ? backoff : 0;
-    if (delay) await sleep(delay);
+    await sleep(backoff);
   }
 }
 async function pollUntilFound(baseUrl, clientSessionId, check, intervalMs = 500, signal, logger = console) {
@@ -1763,17 +1746,18 @@ async function authenticate(clientSessionId, deps, expectedWallet) {
     signal
   });
   if (data?.code === "SDK_LOGIN_SUCCESS" && isValidSession(data?.content, logger)) {
-    if (expectedWallet && data.content.data.providers.wallet?.address !== expectedWallet) {
+    const sessionWallet = data.content.data?.providers?.wallet?.address;
+    if (expectedWallet && sessionWallet !== expectedWallet) {
       setAuthState({
         step: "error",
         previousStep: "authenticating",
         message: "Wallet mismatch: session wallet does not match connected wallet",
         errorCode: AUTH_ERROR_CODES.WALLET_AUTH_FAILED
       });
-      clearSession();
+      await clearSession();
       return;
     }
-    storeSession(data.content);
+    await storeSession(data.content);
   } else {
     setAuthState({
       step: "error",
@@ -1781,7 +1765,7 @@ async function authenticate(clientSessionId, deps, expectedWallet) {
       message: "Failed to load session",
       errorCode: AUTH_ERROR_CODES.AUTH_FAILED
     });
-    clearSession();
+    await clearSession();
   }
 }
@@ -1910,7 +1894,7 @@ async function loginOAuth(provider, deps) {
 }
 // src/client/auth/passkeyFlow.ts
-async function loginSmartWallet(deps) {
+async function smartWalletFlow(deps, mode) {
   const { api, signal, setAuthState, passkey } = deps;
   if (!passkey) {
     setAuthState({
@@ -1933,7 +1917,7 @@ async function loginSmartWallet(deps) {
       return failPasskey(setAuthState, "Failed to start passkey");
     }
     setAuthState({ step: "creating_passkey" });
-    const ceremony = await passkey({ challenge });
+    const ceremony = await passkey({ challenge, mode });
     const response = ceremony.response;
     if (ceremony.kind === "register") {
       setAuthState({ step: "deploying_smart_account" });
@@ -2097,7 +2081,7 @@ var PollarClient = class {
     this._visibilityProvider = config.visibilityProvider ?? defaultVisibilityProvider();
     this._maxIdleMs = config.maxIdleMs;
     this._openAuthUrl = config.openAuthUrl ?? defaultWebOAuthOpener;
-    this._oauthRedirectUri = config.oauthRedirectUri ?? (isBrowser ? window.location.origin : "");
+    this._oauthRedirectUri = config.oauthRedirectUri ?? (isBrowser ? window.location?.origin ?? "" : "");
     this._api = createApiClient(this.basePath);
     this._wireMiddlewares();
     this._networkState = { step: "connected", network: config.stellarNetwork ?? "testnet" };
@@ -2526,9 +2510,10 @@ var PollarClient = class {
     loginWallet(type, this._flowDeps(controller.signal)).catch((err) => this._handleFlowError(err));
   }
   /**
-   * "Smart Wallet" login: runs the passkey (WebAuthn) ceremony and, for a new
-   * user, creates a sponsored smart-account C-address. Requires the `passkey`
-   * ceremony to be configured (e.g. via `@pollar/react`).
+   * "Smart Wallet" login: runs the passkey (WebAuthn) `get()` ceremony for a
+   * returning user and signs them in. Use {@link createSmartWallet} for a new
+   * user. Requires the `passkey` ceremony to be configured (e.g. via
+   * `@pollar/react`).
    */
   loginSmartWallet() {
     if (!isClientRuntime) {
@@ -2536,7 +2521,21 @@ var PollarClient = class {
       return;
     }
     const controller = this._newController();
-    loginSmartWallet(this._flowDeps(controller.signal)).catch((err) => this._handleFlowError(err));
+    smartWalletFlow(this._flowDeps(controller.signal), "login").catch((err) => this._handleFlowError(err));
+  }
+  /**
+   * "Smart Wallet" registration: runs the passkey (WebAuthn) `create()` ceremony
+   * for a new user and deploys a sponsored smart-account C-address. Use
+   * {@link loginSmartWallet} for a returning user. Requires the `passkey`
+   * ceremony to be configured (e.g. via `@pollar/react`).
+   */
+  createSmartWallet() {
+    if (!isClientRuntime) {
+      warnServerSide("createSmartWallet");
+      return;
+    }
+    const controller = this._newController();
+    smartWalletFlow(this._flowDeps(controller.signal), "register").catch((err) => this._handleFlowError(err));
   }
   // ─── Cancel ───────────────────────────────────────────────────────────────
   cancelLogin() {
@@ -2776,6 +2775,54 @@ var PollarClient = class {
       this._setEnabledAssetsState({ step: "error", message: "Failed to load assets" });
     }
   }
+  /**
+   * Establishes (omit `limit`) or removes (`limit: '0'`) a trustline for an asset.
+   *
+   * Routing mirrors how the platform pays for the reserve:
+   *  - **Sponsored custodial** (`opts.sponsored` true, internal wallet) → the
+   *    server orchestrates a sponsored `changeTrust`: the app's wallets cover the
+   *    0.5 XLM reserve and the fee, so the user pays nothing. Pass the asset's
+   *    `sponsored` flag (from {@link refreshAssets}) straight through.
+   *  - **Self-paid** (external/adapter wallet, sponsorship disabled, or a custom
+   *    asset not configured in the app) → a plain `change_trust` transaction the
+   *    user's own wallet signs and pays for, via {@link runTx}.
+   *
+   * Does not refresh on its own — callers should `refreshAssets()` afterwards.
+   */
+  async setTrustline(asset, opts) {
+    const limit = opts?.limit;
+    const walletType = this._session?.wallet?.type;
+    if (!this._session?.wallet?.address) {
+      return { status: "error", details: "No wallet connected" };
+    }
+    if (walletType === "smart") {
+      return { status: "error", details: "Trustlines do not apply to smart wallets" };
+    }
+    if (opts?.sponsored && !this._walletAdapter && walletType === "internal") {
+      try {
+        const { data, error } = await this._api.POST("/wallet/assets/trustline", {
+          body: { code: asset.code, issuer: asset.issuer, ...limit !== void 0 && { limit } }
+        });
+        if (!error && data?.success) {
+          if (data.content) this._setEnabledAssetsState({ step: "loaded", data: data.content });
+          return { status: "success" };
+        }
+        const details = error?.details ?? error?.code;
+        return { status: "error", ...details && { details } };
+      } catch (err) {
+        const details = err instanceof Error ? err.message : void 0;
+        return { status: "error", ...details && { details } };
+      }
+    }
+    return this.runTx("change_trust", {
+      asset: {
+        type: asset.code.length <= 4 ? "credit_alphanum4" : "credit_alphanum12",
+        code: asset.code,
+        issuer: asset.issuer
+      },
+      ...limit !== void 0 && { limit }
+    });
+  }
   // ─── Transactions ─────────────────────────────────────────────────────────
   /**
    * Builds an unsigned XDR. Drives `_setTransactionState` for modal-style UIs
@@ -3411,6 +3458,9 @@ var PollarClient = class {
       void this._resume();
     } else {
       this._log.info("[PollarClient] No session in storage");
+      if (this._authState.step !== "idle") {
+        await this._clearSession();
+      }
     }
   }
   /**
@@ -3457,8 +3507,11 @@ var PollarClient = class {
       user: session.user,
       // The wire response still carries the legacy `publicKey` alias (kept for
       // older SDKs); the persisted session standardizes on `address` only.
+      // The wire also still emits the legacy type `'custodial'` (unchanged for
+      // SDKs ≤0.8.x); we remap it to `'internal'` here so the SDK surface and
+      // persisted session speak one vocabulary while the wire stays compatible.
       wallet: {
-        type: w.type,
+        type: w.type === "custodial" ? "internal" : w.type,
         address: w.address ?? w.publicKey ?? null,
         ...w.existsOnStellar !== void 0 ? { existsOnStellar: w.existsOnStellar } : {},
         ...w.createdAt !== void 0 ? { createdAt: w.createdAt } : {},