@pooflabs/web 0.0.88 → 0.0.89-rc1

package/dist/{index-Lm0k5Hwv.js → index-Bu0P9-rk.js}

@@ -13030,6 +13030,21 @@ async function login$1(options) {
     if (loginResult) {
         // Store which auth method was used so we restore the right provider on reload
         setStoredAuthMethod(currentAuthMethod);
+        // If this top-level tab was opened solely to perform the wallet connect for
+        // an embedded preview (?poofConnect — see openTopLevelForConnect in the
+        // phantom provider), close it now that the session is established. The
+        // session reflects back into the preview's iframe via same-origin storage.
+        try {
+            if (typeof window !== 'undefined'
+                && window.top === window.self
+                && new URLSearchParams(window.location.search).get('poofConnect') === '1') {
+                setTimeout(() => { try {
+                    window.close();
+                }
+                catch ( /* noop */_a) { /* noop */ } }, 400);
+            }
+        }
+        catch ( /* noop */_a) { /* noop */ }
         return Object.assign(Object.assign({}, loginResult), { provider: currentAuthProvider });
     }
     return null;
@@ -15681,6 +15696,27 @@ function shouldBreakOutOfIframe(provider) {
     // exactly the iframe-without-provider case we need to escape.
     return provider === 'deeplink' && isInIframe();
 }
+// In a cross-origin iframe (e.g. the poof.new build-page preview) on mobile,
+// Mobile Wallet Adapter can't run: its localhost association handshake needs
+// Chrome's Local Network Access, which is denied to cross-origin sub-frames.
+// So open the app's own URL TOP-LEVEL (a new tab / Custom Tab), where MWA works
+// natively; the connect happens there and the session — written to same-origin
+// storage — reflects back into this iframe (awaitTopLevelConnect picks it up).
+// Must be called synchronously inside a user-gesture handler so window.open
+// isn't popup-blocked. Returns true if the tab was opened.
+function openTopLevelForConnect() {
+    if (typeof window === 'undefined' || !isInIframe())
+        return false;
+    try {
+        const url = new URL(window.location.href);
+        url.searchParams.set('poofConnect', '1');
+        const w = window.open(url.toString(), '_blank');
+        return !!w;
+    }
+    catch (_a) {
+        return false;
+    }
+}
 // Dynamically import React and Phantom SDK - only when needed
 let React$1;
 let ReactDOM$1;
@@ -15701,7 +15737,7 @@ async function loadDependencies() {
         const [reactModule, reactDomModule, phantomModule] = await Promise.all([
             import('react'),
             import('react-dom/client'),
-            Promise.resolve().then(function () { return require('./index-CTtGbOzo.js'); })
+            Promise.resolve().then(function () { return require('./index-CaP3L422.js'); })
         ]);
         // Extract default export from ESM module namespace
         // Dynamic import() returns { default: Module, ...exports }, not the module directly
@@ -16084,26 +16120,19 @@ class PhantomWalletProvider {
             const handleWalletClick = async (options) => {
                 walletClickedRef.current = true;
                 setShowWalletModal(false);
-                // If we're in an iframe and the user chose deeplink, Phantom's SDK
-                // will navigate *this* iframe to phantom.app/ul/browse/..., which
-                // Android App Links won't intercept and phantom.app won't let be
-                // framed. Escape to top-level first so the wallet browser can
-                // inject its provider and the normal injected flow takes over
-                // on the user's next connect tap.
+                // Cross-origin preview iframe + deeplink: the old approach navigated
+                // the top frame to this URL, but in a TWA that lands out-of-scope and
+                // shows a chrome-error ("bad page"). Instead, open the app TOP-LEVEL
+                // in a new tab where the wallet connect works natively; the session
+                // reflects back into this iframe (see openTopLevelForConnect /
+                // awaitTopLevelConnect).
                 if (shouldBreakOutOfIframe(options === null || options === void 0 ? void 0 : options.provider)) {
-                    try {
-                        // Same-site navigation (*.poof.new → *.poof.new) plus the
-                        // iframe's allow-top-navigation-by-user-activation sandbox
-                        // token make this go through.
-                        window.top.location.href = window.location.href;
+                    if (openTopLevelForConnect()) {
+                        that.awaitTopLevelConnect();
                         return;
                     }
-                    catch (_a) {
-                        // Top-nav blocked (no sandbox grant, cross-origin top, etc.).
-                        // Fall through to the normal deeplink path — at least the
-                        // user gets the original broken-ish behavior instead of a
-                        // silently-dead button.
-                    }
+                    // Popup blocked — fall through to the original deeplink path
+                    // (better a broken-ish button than a silently-dead one).
                 }
                 try {
                     if (options === null || options === void 0 ? void 0 : options.walletId) {
@@ -16149,6 +16178,14 @@ class PhantomWalletProvider {
                 that.loginInProgress = false;
                 walletClickedRef.current = true;
                 setShowWalletModal(false);
+                // Cross-origin preview iframe (e.g. poof.new build page) on mobile:
+                // MWA can't run here (Chrome denies Local Network Access to sub-frames,
+                // and its localhost handshake fails). Open the app top-level for the
+                // connect; the session reflects back into this iframe.
+                if (isInIframe() && openTopLevelForConnect()) {
+                    that.awaitTopLevelConnect();
+                    return;
+                }
                 if (that.onSwitchToMWA) {
                     try {
                         const mwaProvider = await that.onSwitchToMWA();
@@ -16661,6 +16698,54 @@ class PhantomWalletProvider {
         }
         return null;
     }
+    // When connect is delegated to a top-level tab (openTopLevelForConnect — used
+    // for the cross-origin preview iframe on mobile, where MWA can't run), the
+    // actual connect happens in that tab and writes the session to same-origin
+    // storage. This watches for that session to appear and resolves the in-flight
+    // login() with it. It listens for `storage` events and visibility regain (the
+    // user returning from the tab), with a polling fallback and a hard timeout.
+    awaitTopLevelConnect() {
+        if (typeof window === 'undefined')
+            return;
+        let done = false;
+        const cleanup = () => {
+            clearInterval(poll);
+            clearTimeout(timeout);
+            window.removeEventListener('storage', onChange);
+            document.removeEventListener('visibilitychange', onVisible);
+        };
+        const tryResolve = async () => {
+            if (done)
+                return;
+            try {
+                const user = await this.restoreSession();
+                if (user && this.pendingLogin) {
+                    done = true;
+                    cleanup();
+                    this.pendingLogin.resolve(user);
+                    this.pendingLogin = null;
+                    this.loginInProgress = false;
+                }
+            }
+            catch (_a) {
+                // not ready yet — keep waiting
+            }
+        };
+        const onChange = () => { void tryResolve(); };
+        const onVisible = () => { if (document.visibilityState === 'visible')
+            void tryResolve(); };
+        const poll = setInterval(() => { void tryResolve(); }, 1500);
+        const timeout = setTimeout(() => {
+            cleanup();
+            if (!done && this.pendingLogin) {
+                this.pendingLogin.reject(new Error('Wallet connection timed out'));
+                this.pendingLogin = null;
+                this.loginInProgress = false;
+            }
+        }, 180000);
+        window.addEventListener('storage', onChange);
+        document.addEventListener('visibilitychange', onVisible);
+    }
     async address() {
         var _a, _b, _c, _d;
         await this.ensureReady();
@@ -21794,7 +21879,7 @@ async function registerMobileWalletAdapter(config) {
     if (typeof window === 'undefined')
         return;
     try {
-        const walletStandardMobile = await Promise.resolve().then(function () { return require('./index.browser-BxKN5pIs.js'); });
+        const walletStandardMobile = await Promise.resolve().then(function () { return require('./index.browser-D2cnbAmp.js'); });
         const registerMwa = walletStandardMobile.registerMwa || ((_a = walletStandardMobile.default) === null || _a === void 0 ? void 0 : _a.registerMwa);
         if (!registerMwa) {
             console.warn('[SolanaMobileWallet] registerMwa not found in @solana-mobile/wallet-standard-mobile');
@@ -21933,7 +22018,7 @@ class SolanaMobileWalletProvider {
     async ensureWallet() {
         if (this.wallet)
             return this.wallet;
-        const mod = await Promise.resolve().then(function () { return require('./index.browser-BxKN5pIs.js'); });
+        const mod = await Promise.resolve().then(function () { return require('./index.browser-D2cnbAmp.js'); });
         const chain = mapChainToWalletStandard(this.cluster);
         this.wallet = new mod.LocalSolanaMobileWalletAdapterWallet({
             appIdentity: this.appIdentity,
@@ -23182,4 +23267,4 @@ exports.signSessionCreateMessage = signSessionCreateMessage;
 exports.signTransaction = signTransaction;
 exports.subscribe = subscribe;
 exports.useAuth = useAuth;
-//# sourceMappingURL=index-Lm0k5Hwv.js.map
+//# sourceMappingURL=index-Bu0P9-rk.js.map