@pooflabs/web 0.0.47-rc.2 → 0.0.47-rc.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{index-C26G4SZ4.esm.js → index-BvKCGGWr.esm.js} +2 -2
- package/dist/{index-C26G4SZ4.esm.js.map → index-BvKCGGWr.esm.js.map} +1 -1
- package/dist/{index-BUuISZtf.esm.js → index-CEvNSK3V.esm.js} +46 -4
- package/dist/{index-BUuISZtf.esm.js.map → index-CEvNSK3V.esm.js.map} +1 -1
- package/dist/{index-CKyr2iF2.js → index-CndOSIiA.js} +2 -2
- package/dist/{index-CKyr2iF2.js.map → index-CndOSIiA.js.map} +1 -1
- package/dist/{index-DvYAMJCz.js → index-iAYwyWYE.js} +46 -4
- package/dist/{index-DvYAMJCz.js.map → index-iAYwyWYE.js.map} +1 -1
- package/dist/index.esm.js +1 -1
- package/dist/index.js +1 -1
- package/package.json +1 -1
|
@@ -13277,14 +13277,29 @@ function loginViaPopup() {
|
|
|
13277
13277
|
}
|
|
13278
13278
|
};
|
|
13279
13279
|
window.addEventListener('message', onMessage);
|
|
13280
|
-
// Poll for popup closed without completing auth
|
|
13280
|
+
// Poll for popup closed without completing auth.
|
|
13281
|
+
// Also check localStorage directly on each tick — storage events may not fire
|
|
13282
|
+
// if the popup closes too quickly after writing (browser tears down the context
|
|
13283
|
+
// before dispatching the event to other browsing contexts).
|
|
13281
13284
|
const pollInterval = setInterval(() => {
|
|
13282
13285
|
try {
|
|
13286
|
+
// Check localStorage directly for completion signal
|
|
13287
|
+
try {
|
|
13288
|
+
const stored = localStorage.getItem(AUTH_COMPLETE_KEY);
|
|
13289
|
+
if (stored) {
|
|
13290
|
+
const data = JSON.parse(stored);
|
|
13291
|
+
if (data.address) {
|
|
13292
|
+
complete(data.address);
|
|
13293
|
+
return;
|
|
13294
|
+
}
|
|
13295
|
+
}
|
|
13296
|
+
}
|
|
13297
|
+
catch (_a) { }
|
|
13283
13298
|
if (popup.closed && !resolved) {
|
|
13284
13299
|
fail(new Error('User cancelled login'));
|
|
13285
13300
|
}
|
|
13286
13301
|
}
|
|
13287
|
-
catch (
|
|
13302
|
+
catch (_b) { }
|
|
13288
13303
|
}, POPUP_POLL_INTERVAL_MS);
|
|
13289
13304
|
// Safety timeout
|
|
13290
13305
|
const timeout = setTimeout(() => {
|
|
@@ -13302,6 +13317,24 @@ function loginViaPopup() {
|
|
|
13302
13317
|
const VALID_PROVIDERS = ['injected', 'google', 'apple', 'deeplink'];
|
|
13303
13318
|
// Storage key for preserving the original path before OAuth redirect
|
|
13304
13319
|
const PHANTOM_ORIGINAL_PATH_KEY = 'phantom_oauth_original_path';
|
|
13320
|
+
// Cookie name for storing the return origin when using an OAuth redirect proxy
|
|
13321
|
+
const AUTH_RETURN_COOKIE = 'tarobase_auth_return';
|
|
13322
|
+
/**
|
|
13323
|
+
* Store the current origin in a cookie on the parent domain so an OAuth redirect
|
|
13324
|
+
* proxy page can relay back to this app after the OAuth flow completes.
|
|
13325
|
+
*/
|
|
13326
|
+
function storeReturnOrigin() {
|
|
13327
|
+
if (typeof window === 'undefined' || typeof document === 'undefined')
|
|
13328
|
+
return;
|
|
13329
|
+
const origin = window.location.origin;
|
|
13330
|
+
// Derive parent domain (e.g., foo-preview.poof.new → .poof.new)
|
|
13331
|
+
const parts = window.location.hostname.split('.');
|
|
13332
|
+
const domain = parts.length >= 2 ? '.' + parts.slice(-2).join('.') : window.location.hostname;
|
|
13333
|
+
try {
|
|
13334
|
+
document.cookie = `${AUTH_RETURN_COOKIE}=${encodeURIComponent(origin)}; domain=${domain}; path=/; max-age=300; SameSite=None; Secure`;
|
|
13335
|
+
}
|
|
13336
|
+
catch (_a) { }
|
|
13337
|
+
}
|
|
13305
13338
|
/**
|
|
13306
13339
|
* Check if the current URL contains Phantom OAuth callback parameters.
|
|
13307
13340
|
* Phantom uses various params like phantom_encryption_public_key, data, nonce for deeplink callbacks,
|
|
@@ -13425,6 +13458,15 @@ function getEffectiveRedirectUrl(configuredRedirectUrl) {
|
|
|
13425
13458
|
}
|
|
13426
13459
|
// If explicitly configured, use that
|
|
13427
13460
|
if (configuredRedirectUrl) {
|
|
13461
|
+
// If redirecting to a different origin (proxy), store a cookie so the
|
|
13462
|
+
// proxy page knows where to relay the OAuth params back to
|
|
13463
|
+
try {
|
|
13464
|
+
const redirectOrigin = new URL(configuredRedirectUrl).origin;
|
|
13465
|
+
if (redirectOrigin !== window.location.origin) {
|
|
13466
|
+
storeReturnOrigin();
|
|
13467
|
+
}
|
|
13468
|
+
}
|
|
13469
|
+
catch (_a) { }
|
|
13428
13470
|
return configuredRedirectUrl;
|
|
13429
13471
|
}
|
|
13430
13472
|
// Default to origin (base URL) - this is safer than using the full href
|
|
@@ -13451,7 +13493,7 @@ async function loadDependencies() {
|
|
|
13451
13493
|
const [reactModule, reactDomModule, phantomModule] = await Promise.all([
|
|
13452
13494
|
import('react'),
|
|
13453
13495
|
import('react-dom/client'),
|
|
13454
|
-
Promise.resolve().then(function () { return require('./index-
|
|
13496
|
+
Promise.resolve().then(function () { return require('./index-CndOSIiA.js'); })
|
|
13455
13497
|
]);
|
|
13456
13498
|
// Extract default export from ESM module namespace
|
|
13457
13499
|
// Dynamic import() returns { default: Module, ...exports }, not the module directly
|
|
@@ -34876,4 +34918,4 @@ exports.signSessionCreateMessage = signSessionCreateMessage;
|
|
|
34876
34918
|
exports.signTransaction = signTransaction;
|
|
34877
34919
|
exports.subscribe = subscribe;
|
|
34878
34920
|
exports.useAuth = useAuth;
|
|
34879
|
-
//# sourceMappingURL=index-
|
|
34921
|
+
//# sourceMappingURL=index-iAYwyWYE.js.map
|