@pooflabs/web 0.0.88 → 0.0.89-rc1

package/dist/{index-CvNX4W0l.js → index-DIO6OzTK.js}

@@ -1,8 +1,8 @@
 'use strict';
 
-var index_native = require('./index.native-FMbSnE7i.js');
+var index_native = require('./index.native-DGACm1O5.js');
 
 var bufferExports = index_native.requireBuffer();
 
 exports.bufferExports = bufferExports;
-//# sourceMappingURL=index-CvNX4W0l.js.map
+//# sourceMappingURL=index-DIO6OzTK.js.map

package/dist/index-DIO6OzTK.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index-DIO6OzTK.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;"}

package/dist/{index-CJRFnq6O.esm.js → index-DqaHVIzZ.esm.js}

@@ -13009,6 +13009,21 @@ async function login$1(options) {
     if (loginResult) {
         // Store which auth method was used so we restore the right provider on reload
         setStoredAuthMethod(currentAuthMethod);
+        // If this top-level tab was opened solely to perform the wallet connect for
+        // an embedded preview (?poofConnect — see openTopLevelForConnect in the
+        // phantom provider), close it now that the session is established. The
+        // session reflects back into the preview's iframe via same-origin storage.
+        try {
+            if (typeof window !== 'undefined'
+                && window.top === window.self
+                && new URLSearchParams(window.location.search).get('poofConnect') === '1') {
+                setTimeout(() => { try {
+                    window.close();
+                }
+                catch ( /* noop */_a) { /* noop */ } }, 400);
+            }
+        }
+        catch ( /* noop */_a) { /* noop */ }
         return Object.assign(Object.assign({}, loginResult), { provider: currentAuthProvider });
     }
     return null;
@@ -15660,6 +15675,27 @@ function shouldBreakOutOfIframe(provider) {
     // exactly the iframe-without-provider case we need to escape.
     return provider === 'deeplink' && isInIframe();
 }
+// In a cross-origin iframe (e.g. the poof.new build-page preview) on mobile,
+// Mobile Wallet Adapter can't run: its localhost association handshake needs
+// Chrome's Local Network Access, which is denied to cross-origin sub-frames.
+// So open the app's own URL TOP-LEVEL (a new tab / Custom Tab), where MWA works
+// natively; the connect happens there and the session — written to same-origin
+// storage — reflects back into this iframe (awaitTopLevelConnect picks it up).
+// Must be called synchronously inside a user-gesture handler so window.open
+// isn't popup-blocked. Returns true if the tab was opened.
+function openTopLevelForConnect() {
+    if (typeof window === 'undefined' || !isInIframe())
+        return false;
+    try {
+        const url = new URL(window.location.href);
+        url.searchParams.set('poofConnect', '1');
+        const w = window.open(url.toString(), '_blank');
+        return !!w;
+    }
+    catch (_a) {
+        return false;
+    }
+}
 // Dynamically import React and Phantom SDK - only when needed
 let React$1;
 let ReactDOM$1;
@@ -15680,7 +15716,7 @@ async function loadDependencies() {
         const [reactModule, reactDomModule, phantomModule] = await Promise.all([
             import('react'),
             import('react-dom/client'),
-            import('./index-BfsQaxom.esm.js')
+            import('./index-C_t7524U.esm.js')
         ]);
         // Extract default export from ESM module namespace
         // Dynamic import() returns { default: Module, ...exports }, not the module directly
@@ -16063,26 +16099,19 @@ class PhantomWalletProvider {
             const handleWalletClick = async (options) => {
                 walletClickedRef.current = true;
                 setShowWalletModal(false);
-                // If we're in an iframe and the user chose deeplink, Phantom's SDK
-                // will navigate *this* iframe to phantom.app/ul/browse/..., which
-                // Android App Links won't intercept and phantom.app won't let be
-                // framed. Escape to top-level first so the wallet browser can
-                // inject its provider and the normal injected flow takes over
-                // on the user's next connect tap.
+                // Cross-origin preview iframe + deeplink: the old approach navigated
+                // the top frame to this URL, but in a TWA that lands out-of-scope and
+                // shows a chrome-error ("bad page"). Instead, open the app TOP-LEVEL
+                // in a new tab where the wallet connect works natively; the session
+                // reflects back into this iframe (see openTopLevelForConnect /
+                // awaitTopLevelConnect).
                 if (shouldBreakOutOfIframe(options === null || options === void 0 ? void 0 : options.provider)) {
-                    try {
-                        // Same-site navigation (*.poof.new → *.poof.new) plus the
-                        // iframe's allow-top-navigation-by-user-activation sandbox
-                        // token make this go through.
-                        window.top.location.href = window.location.href;
+                    if (openTopLevelForConnect()) {
+                        that.awaitTopLevelConnect();
                         return;
                     }
-                    catch (_a) {
-                        // Top-nav blocked (no sandbox grant, cross-origin top, etc.).
-                        // Fall through to the normal deeplink path — at least the
-                        // user gets the original broken-ish behavior instead of a
-                        // silently-dead button.
-                    }
+                    // Popup blocked — fall through to the original deeplink path
+                    // (better a broken-ish button than a silently-dead one).
                 }
                 try {
                     if (options === null || options === void 0 ? void 0 : options.walletId) {
@@ -16128,6 +16157,14 @@ class PhantomWalletProvider {
                 that.loginInProgress = false;
                 walletClickedRef.current = true;
                 setShowWalletModal(false);
+                // Cross-origin preview iframe (e.g. poof.new build page) on mobile:
+                // MWA can't run here (Chrome denies Local Network Access to sub-frames,
+                // and its localhost handshake fails). Open the app top-level for the
+                // connect; the session reflects back into this iframe.
+                if (isInIframe() && openTopLevelForConnect()) {
+                    that.awaitTopLevelConnect();
+                    return;
+                }
                 if (that.onSwitchToMWA) {
                     try {
                         const mwaProvider = await that.onSwitchToMWA();
@@ -16640,6 +16677,54 @@ class PhantomWalletProvider {
         }
         return null;
     }
+    // When connect is delegated to a top-level tab (openTopLevelForConnect — used
+    // for the cross-origin preview iframe on mobile, where MWA can't run), the
+    // actual connect happens in that tab and writes the session to same-origin
+    // storage. This watches for that session to appear and resolves the in-flight
+    // login() with it. It listens for `storage` events and visibility regain (the
+    // user returning from the tab), with a polling fallback and a hard timeout.
+    awaitTopLevelConnect() {
+        if (typeof window === 'undefined')
+            return;
+        let done = false;
+        const cleanup = () => {
+            clearInterval(poll);
+            clearTimeout(timeout);
+            window.removeEventListener('storage', onChange);
+            document.removeEventListener('visibilitychange', onVisible);
+        };
+        const tryResolve = async () => {
+            if (done)
+                return;
+            try {
+                const user = await this.restoreSession();
+                if (user && this.pendingLogin) {
+                    done = true;
+                    cleanup();
+                    this.pendingLogin.resolve(user);
+                    this.pendingLogin = null;
+                    this.loginInProgress = false;
+                }
+            }
+            catch (_a) {
+                // not ready yet — keep waiting
+            }
+        };
+        const onChange = () => { void tryResolve(); };
+        const onVisible = () => { if (document.visibilityState === 'visible')
+            void tryResolve(); };
+        const poll = setInterval(() => { void tryResolve(); }, 1500);
+        const timeout = setTimeout(() => {
+            cleanup();
+            if (!done && this.pendingLogin) {
+                this.pendingLogin.reject(new Error('Wallet connection timed out'));
+                this.pendingLogin = null;
+                this.loginInProgress = false;
+            }
+        }, 180000);
+        window.addEventListener('storage', onChange);
+        document.addEventListener('visibilitychange', onVisible);
+    }
     async address() {
         var _a, _b, _c, _d;
         await this.ensureReady();
@@ -21773,7 +21858,7 @@ async function registerMobileWalletAdapter(config) {
     if (typeof window === 'undefined')
         return;
     try {
-        const walletStandardMobile = await import('./index.browser-CMijwVwX.esm.js');
+        const walletStandardMobile = await import('./index.browser-K7sgUCDX.esm.js');
         const registerMwa = walletStandardMobile.registerMwa || ((_a = walletStandardMobile.default) === null || _a === void 0 ? void 0 : _a.registerMwa);
         if (!registerMwa) {
             console.warn('[SolanaMobileWallet] registerMwa not found in @solana-mobile/wallet-standard-mobile');
@@ -21912,7 +21997,7 @@ class SolanaMobileWalletProvider {
     async ensureWallet() {
         if (this.wallet)
             return this.wallet;
-        const mod = await import('./index.browser-CMijwVwX.esm.js');
+        const mod = await import('./index.browser-K7sgUCDX.esm.js');
         const chain = mapChainToWalletStandard(this.cluster);
         this.wallet = new mod.LocalSolanaMobileWalletAdapterWallet({
             appIdentity: this.appIdentity,
@@ -23102,4 +23187,4 @@ class PrivyExpoProvider {
 }
 
 export { genAuthNonce as $, count as A, aggregate as B, subscribe as C, useAuth as D, deserializeTransaction as E, getIdToken as F, setPlatform as G, getPlatform as H, PrivyWalletProvider as I, DEFAULT_TEST_ADDRESS as J, isMobileWalletAvailable as K, registerMobileWalletAdapter as L, MockAuthProvider as M, PrivyExpoProvider as N, OffchainAuthProvider as O, PhantomWalletProvider as P, InsufficientBalanceError as Q, ReactNativeSessionManager as R, SolanaMobileWalletProvider as S, ServerSessionManager as T, buildSetDocumentsTransaction as U, clearCache as V, WebSessionManager as W, closeAllSubscriptions as X, convertRemainingAccounts as Y, createSessionWithPrivy as Z, createSessionWithSignature as _, base58 as a, genSolanaMessage as a0, getCachedData as a1, getMany as a2, reconnectWithNewAuth as a3, refreshSession as a4, signSessionCreateMessage as a5, bufferExports as b, commonjsRequire as c, getCurrentUser as d, onAuthLoadingChanged as e, getAuthLoading as f, getDefaultExportFromCjs$1 as g, logout as h, init as i, getConfig as j, getAuthProvider as k, login as l, get as m, setMany as n, onAuthStateChanged as o, setFile as p, getFiles as q, require$$0 as r, set as s, runQuery as t, runQueryMany as u, runExpression as v, runExpressionMany as w, signMessage as x, signTransaction as y, signAndSubmitTransaction as z };
-//# sourceMappingURL=index-CJRFnq6O.esm.js.map
+//# sourceMappingURL=index-DqaHVIzZ.esm.js.map