@rehers/rehers-roleplay-sdk 2.5.7 → 3.1.0

package/LICENSE

@@ -0,0 +1,202 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

package/NOTICE

@@ -0,0 +1,5 @@
+Seamless Roleplay SDK
+Copyright 2026 Scriptify, Inc.
+
+This product is licensed under the Apache License, Version 2.0.
+See the LICENSE file for the full license text.

package/README.md

@@ -17,8 +17,8 @@ Add this once, above all your routes. It initializes the SDK for the logged-in S
 Production flow:
 
 1. Your backend requests a short-lived `userToken` from `POST /api/seamless/auth/user-token`
-2. Your frontend receives that `userToken`
-3. You pass `userToken` into the SDK
+2. Your frontend provides a `getUserToken()` callback that calls your backend route
+3. The SDK calls `getUserToken()` on startup and before the iframe session expires
 
 The browser should not mint sessions from raw identity fields in production.
 
@@ -26,11 +26,18 @@ The browser should not mint sessions from raw identity fields in production.
 import { SeamlessRoleplayProvider } from "@rehers/rehers-roleplay-sdk/react";
 
 function App() {
-  const userToken = useRoleplayUserToken(); // fetched from your backend
+  async function getUserToken() {
+    const tokenRes = await fetch("/api/roleplay/user-token", {
+      method: "POST",
+      credentials: "include",
+    }).then((r) => r.json());
+
+    return tokenRes.userToken;
+  }
 
   return (
     <SeamlessRoleplayProvider
-      userToken={userToken}
+      getUserToken={getUserToken}
       onReady={() => console.log("Roleplay SDK ready")}
       onError={(err) => console.error("Roleplay SDK error", err)}
     >
@@ -55,7 +62,9 @@ const tokenRes = await fetch("/api/roleplay/user-token", {
 const userToken = tokenRes.userToken;
 ```
 
-That's the only setup. Everything below just works.
+The SDK owns session refresh timing and will call `getUserToken()` again before
+the embedded app session expires. That's the only setup. Everything below just
+works.
 
 ---
 
@@ -221,7 +230,14 @@ import "@rehers/rehers-roleplay-sdk";
 
 // Initialize once
 SeamlessRoleplay.init({
-  userToken: "...",
+  getUserToken: async () => {
+    const res = await fetch("/api/roleplay/user-token", {
+      method: "POST",
+      credentials: "include",
+    });
+    const data = await res.json();
+    return data.userToken;
+  },
   onReady() { console.log("ready"); },
 });
 

package/index.d.ts

@@ -1,6 +1,12 @@
+export type SeamlessRoleplayUserTokenProvider = () => string | Promise<string>;
+
 interface SeamlessRoleplayInitBase {
-  /** Short-lived signed JWT minted by your backend for the signed-in user */
-  userToken: string;
+  /**
+   * Returns a fresh short-lived signed user JWT minted by your backend for the
+   * currently signed-in Seamless user. The SDK calls this on startup and before
+   * its iframe session expires.
+   */
+  getUserToken: SeamlessRoleplayUserTokenProvider;
   /** Override the app origin — where the iframe loads from (for dev/testing only) */
   origin?: string;
   /** Called when the SDK session is ready */
@@ -64,18 +70,32 @@ export interface AddToScenarioOptions {
 }
 
 export interface SeamlessRoleplaySDK {
-  /** Initialize the SDK with a short-lived user token. */
+  /** Initialize the SDK with a host-provided user token callback. */
   init(options: SeamlessRoleplayInitOptions): void;
   /** Open the roleplay modal for a contact (dialog mode). */
   open(data: SeamlessRoleplayOpenData): void;
   /** Mount the full Roleplay app into a container. */
-  mount(container: HTMLElement): void;
+  mount(
+    container: HTMLElement,
+    options?: {
+      /** Called if the embedded app closes itself. */
+      onClose?: () => void;
+      /** Called if the embedded app reports an error. */
+      onError?: (error: { code: string; message: string }) => void;
+    }
+  ): void;
   /** Open the add-to-scenario dialog for bulk contact import. */
   addToScenario(options: AddToScenarioOptions): void;
   /** Close the active dialog. Does not affect mount. */
   close(): void;
   /** Unmount the mounted embed. Does not affect dialogs. */
   unmount(): void;
+  /**
+   * Force a session re-resolution — e.g. after the user completes payment in
+   * another tab. Re-fetches and broadcasts the session to any mounted embed or
+   * open dialog. (The SDK also auto-recovers when the tab is refocused.)
+   */
+  reauth(): void;
   /** Destroy the SDK — clears state, timers, and DOM (both mount and dialogs). */
   destroy(): void;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rehers/rehers-roleplay-sdk",
-  "version": "2.5.7",
+  "version": "3.1.0",
   "sideEffects": true,
   "description": "Seamless Roleplay SDK — embed roleplay call sessions via a modal + iframe",
   "main": "roleplay-sdk.js",
@@ -19,7 +19,9 @@
     "roleplay-sdk.js",
     "index.d.ts",
     "react.js",
-    "react.d.ts"
+    "react.d.ts",
+    "LICENSE",
+    "NOTICE"
   ],
   "peerDependencies": {
     "react": ">=18.0.0",
@@ -30,7 +32,7 @@
     "react-dom": { "optional": true }
   },
   "keywords": ["seamless", "roleplay", "sdk", "sales", "training", "react"],
-  "license": "UNLICENSED",
+  "license": "Apache-2.0",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/rehers/seamless-frontend-independent.git"

package/react.d.ts

@@ -8,12 +8,12 @@ interface SeamlessRoleplayContextValue {
         code: string;
         message: string;
     } | null;
-    sdk: SeamlessRoleplaySDK;
+    sdk: SeamlessRoleplaySDK | null;
 }
 export type SeamlessRoleplayProviderProps = SeamlessRoleplayInitOptions & {
     children: ReactNode;
 };
-export declare function SeamlessRoleplayProvider({ userToken, origin, onReady, onError, children, }: SeamlessRoleplayProviderProps): import("react/jsx-runtime").JSX.Element;
+export declare function SeamlessRoleplayProvider({ getUserToken, origin, onReady, onError, children, }: SeamlessRoleplayProviderProps): import("react/jsx-runtime").JSX.Element;
 export declare function useSeamlessRoleplay(): SeamlessRoleplayContextValue;
 export interface RoleplayDialogProps {
     open: boolean;
@@ -33,8 +33,15 @@ export declare function RoleplayDialog({ open: isOpen, name, domain, company, ti
 export interface RoleplayEmbedProps {
     className?: string;
     style?: React.CSSProperties;
+    /** Called if the embedded app reports an error */
+    onError?: (error: {
+        code: string;
+        message: string;
+    }) => void;
+    /** Called if the embedded app closes itself */
+    onClose?: () => void;
 }
-export declare function RoleplayEmbed({ className, style }: RoleplayEmbedProps): import("react/jsx-runtime").JSX.Element;
+export declare function RoleplayEmbed({ className, style, onError, onClose }: RoleplayEmbedProps): import("react/jsx-runtime").JSX.Element;
 export interface AddToScenarioDialogProps {
     open: boolean;
     contacts: AddToScenarioContact[];

package/react.js

@@ -12,23 +12,56 @@ function useCallbackRef(cb) {
     });
     return ref;
 }
-// ── SDK singleton access ────────────────────────────────────────────
-function getSDK() {
-    if (typeof window !== "undefined" && window.SeamlessRoleplay) {
-        return window.SeamlessRoleplay;
-    }
-    throw new Error("[SeamlessRoleplay/React] Could not find SeamlessRoleplay SDK. " +
-        'Make sure "@rehers/rehers-roleplay-sdk" is installed and loaded before the React wrapper.');
-}
 const SeamlessRoleplayContext = createContext(null);
 let providerMountCount = 0;
-export function SeamlessRoleplayProvider({ userToken, origin, onReady, onError, children, }) {
+export function SeamlessRoleplayProvider({ getUserToken, origin, onReady, onError, children, }) {
     const [state, setState] = useState({ isReady: false, error: null });
     const mountedRef = useRef(false);
     const onReadyRef = useCallbackRef(onReady);
     const onErrorRef = useCallbackRef(onError);
-    const sdk = useMemo(() => getSDK(), []);
+    const getUserTokenRef = useCallbackRef(getUserToken);
+    const [sdk, setSdk] = useState(null);
+    // Resolve the SDK on the CLIENT only. `window` is absent during SSR, and an
+    // async <script> tag may not have executed at first render — so we never call
+    // getSDK() during render (that would throw and break SSR/hydration). Poll
+    // briefly for an async load, and surface a clear error if it never appears.
+    useEffect(() => {
+        let cancelled = false;
+        const resolve = () => {
+            if (typeof window !== "undefined" && window.SeamlessRoleplay) {
+                if (!cancelled)
+                    setSdk(window.SeamlessRoleplay);
+                return true;
+            }
+            return false;
+        };
+        if (resolve())
+            return;
+        const poll = setInterval(() => {
+            if (resolve())
+                clearInterval(poll);
+        }, 50);
+        const giveUp = setTimeout(() => {
+            clearInterval(poll);
+            if (!cancelled && !(typeof window !== "undefined" && window.SeamlessRoleplay)) {
+                setState({
+                    isReady: false,
+                    error: {
+                        code: "SDK_NOT_LOADED",
+                        message: "@rehers/rehers-roleplay-sdk was not found on window. Make sure it is installed and loaded before the React wrapper.",
+                    },
+                });
+            }
+        }, 10000);
+        return () => {
+            cancelled = true;
+            clearInterval(poll);
+            clearTimeout(giveUp);
+        };
+    }, []);
     useEffect(() => {
+        if (!sdk)
+            return;
         providerMountCount++;
         if (providerMountCount > 1 && process.env.NODE_ENV !== "production") {
             console.warn("[SeamlessRoleplay/React] Multiple SeamlessRoleplayProvider instances detected. " +
@@ -37,7 +70,15 @@ export function SeamlessRoleplayProvider({ userToken, origin, onReady, onError,
         mountedRef.current = true;
         setState({ isReady: false, error: null });
         const initOptions = {
-            userToken,
+            // Ref-guarded so an inline `getUserToken` prop (the common, default way to
+            // write it) does NOT re-init the SDK on every parent render. init runs
+            // once per SDK/origin, not once per render.
+            getUserToken: () => {
+                const fn = getUserTokenRef.current;
+                if (!fn)
+                    return Promise.reject(new Error("getUserToken is not available"));
+                return fn();
+            },
             origin,
             onReady: () => {
                 var _a;
@@ -60,7 +101,7 @@ export function SeamlessRoleplayProvider({ userToken, origin, onReady, onError,
             providerMountCount--;
             sdk.destroy();
         };
-    }, [sdk, userToken, origin]);
+    }, [sdk, origin]);
     const contextValue = useMemo(() => ({ ...state, sdk }), [state, sdk]);
     return (_jsx(SeamlessRoleplayContext.Provider, { value: contextValue, children: children }));
 }
@@ -77,18 +118,26 @@ export function RoleplayDialog({ open: isOpen, name, domain, company, title, com
     const onCloseRef = useCallbackRef(onClose);
     const onErrorRef = useCallbackRef(onError);
     const isOpenRef = useRef(false);
+    // Keep the latest contact data in a ref so changing a field while the dialog
+    // is open does NOT re-run the effect and tear down / restart the live call.
+    // The dialog opens once per open-transition; data is read at open time.
+    const dataRef = useRef({ name, domain, company, title, companyDescription, liUrl });
+    useLayoutEffect(() => {
+        dataRef.current = { name, domain, company, title, companyDescription, liUrl };
+    });
     useEffect(() => {
-        if (!isReady)
+        if (!isReady || !sdk)
             return;
         if (isOpen) {
             isOpenRef.current = true;
+            const d = dataRef.current;
             sdk.open({
-                name,
-                domain,
-                company,
-                title,
-                companyDescription,
-                liUrl,
+                name: d.name,
+                domain: d.domain,
+                company: d.company,
+                title: d.title,
+                companyDescription: d.companyDescription,
+                liUrl: d.liUrl,
                 onClose: () => {
                     var _a;
                     isOpenRef.current = false;
@@ -107,16 +156,21 @@ export function RoleplayDialog({ open: isOpen, name, domain, company, title, com
                 sdk.close();
             }
         };
-    }, [isReady, isOpen, name, domain, company, title, companyDescription, liUrl, sdk]);
+    }, [isReady, isOpen, sdk]);
     return null;
 }
-export function RoleplayEmbed({ className, style }) {
+export function RoleplayEmbed({ className, style, onError, onClose }) {
     const { isReady, sdk } = useSeamlessRoleplay();
     const containerRef = useRef(null);
+    const onErrorRef = useCallbackRef(onError);
+    const onCloseRef = useCallbackRef(onClose);
     useEffect(() => {
-        if (!isReady || !containerRef.current)
+        if (!isReady || !sdk || !containerRef.current)
             return;
-        sdk.mount(containerRef.current);
+        sdk.mount(containerRef.current, {
+            onError: (e) => { var _a; return (_a = onErrorRef.current) === null || _a === void 0 ? void 0 : _a.call(onErrorRef, e); },
+            onClose: () => { var _a; return (_a = onCloseRef.current) === null || _a === void 0 ? void 0 : _a.call(onCloseRef); },
+        });
         return () => {
             sdk.unmount();
         };
@@ -134,7 +188,7 @@ export function AddToScenarioDialog({ open: isOpen, contacts, onComplete, onClos
         contactsRef.current = contacts;
     });
     useEffect(() => {
-        if (!isReady)
+        if (!isReady || !sdk)
             return;
         if (isOpen) {
             isOpenRef.current = true;

package/roleplay-sdk.js

@@ -1,10 +1,10 @@
 /**
- * SeamlessRoleplay SDK v2
+ * SeamlessRoleplay SDK v3
  *
  * User-token auth model. No build step required.
  *
  * Usage:
- *   SeamlessRoleplay.init({ userToken: 'jwt...' });
+ *   SeamlessRoleplay.init({ getUserToken: async () => 'jwt...' });
  *   SeamlessRoleplay.open({ name: '...', domain: '...', company: '...', title: '...' });
  */
 (function () {
@@ -16,16 +16,22 @@
   var SDK_LOG_PREFIX = "[SeamlessRoleplay]";
 
   // ── Auth state ────────────────────────────────────────────────────
-  var userToken = null;
+  var getUserToken = null;
+  var latestUserToken = null;
+  var userTokenRequest = null;
   var paymentLink = null;
   var appOrigin = null;
 
   var sessionToken = null;
   var sessionExpiresAt = 0; // epoch ms
+  var sessionRefreshBufferMs = 30000;
   var refreshTimer = null;
+  var refreshRetryDelayMs = 5000;
   var fetchingSession = null; // single-flight Promise
   var activeSessionXhr = null;
   var activeInitVersion = 0;
+  var sessionRefreshExpiredNotified = false;
+  var visibilityListener = null;
 
   var initCallbacks = { onReady: null, onError: null };
   var initCalled = false;
@@ -47,6 +53,11 @@
   var dialogListener = null;
   var dialogCloseTeardownTimer = null;
 
+  // ── Dialog accessibility state ────────────────────────────────────
+  var dialogPreviousFocus = null; // element to restore focus to on close
+  var dialogKeydownListener = null; // Escape handler
+  var dialogInertedSiblings = null; // background nodes hidden while modal is open
+
   // ── Safe logging ──────────────────────────────────────────────────
 
   function logError(method, err) {
@@ -69,6 +80,31 @@
     return DEFAULT_API_ORIGIN;
   }
 
+  // The app origin is used BOTH as the iframe src and as the postMessage target
+  // for the session JWT, so an untrusted override would exfiltrate the token.
+  // Only allow the production app domain (apex/subdomains, https) or localhost.
+  function isAllowedAppOrigin(origin) {
+    try {
+      var u = new URL(origin);
+      if (
+        u.protocol === "https:" &&
+        (u.hostname === "roleplaywithseamless.ai" ||
+          u.hostname.endsWith(".roleplaywithseamless.ai"))
+      ) {
+        return true;
+      }
+      if (
+        (u.protocol === "http:" || u.protocol === "https:") &&
+        (u.hostname === "localhost" || u.hostname === "127.0.0.1")
+      ) {
+        return true;
+      }
+      return false;
+    } catch (_) {
+      return false;
+    }
+  }
+
   function buildIframeSrc(path) {
     var targetPath = path || "/embed/roleplay-call";
     var url = new URL(targetPath, getOrigin());
@@ -89,6 +125,16 @@
     }
   }
 
+  function normalizeToken(value) {
+    if (typeof value !== "string") return null;
+    var trimmed = value.trim();
+    return trimmed ? trimmed : null;
+  }
+
+  function makeError(code, message) {
+    return { code: code, message: message };
+  }
+
   // ── Session management ────────────────────────────────────────────
 
   function clearSessionRequest() {
@@ -101,88 +147,262 @@
     fetchingSession = null;
   }
 
-  function fetchSession() {
+  function resolveUserToken() {
+    if (typeof getUserToken !== "function") {
+      return Promise.reject(
+        makeError("INVALID_INIT", "requires { getUserToken }")
+      );
+    }
+
+    if (userTokenRequest) return userTokenRequest;
+
+    userTokenRequest = Promise.resolve()
+      .then(function () {
+        return getUserToken();
+      })
+      .then(
+        function (value) {
+          userTokenRequest = null;
+          var token = normalizeToken(value);
+          if (!token) {
+            throw makeError(
+              "USER_TOKEN_ERROR",
+              "getUserToken() did not return a valid userToken"
+            );
+          }
+          latestUserToken = token;
+          return token;
+        },
+        function (err) {
+          userTokenRequest = null;
+          throw makeError(
+            (err && err.code) || "USER_TOKEN_ERROR",
+            (err && err.message) || "Failed to get a fresh userToken"
+          );
+        }
+      );
+
+    return userTokenRequest;
+  }
+
+  function dispatchRefreshToTarget(targetIframe) {
+    if (!sessionToken) return;
+    sendMsg(targetIframe, {
+      type: "seamless-session-refresh",
+      sessionToken: sessionToken,
+    });
+  }
+
+  function broadcastSessionRefresh() {
+    if (mountIframe) dispatchRefreshToTarget(mountIframe);
+    if (dialogIframe) dispatchRefreshToTarget(dialogIframe);
+  }
+
+  function notifySessionRefreshFailed(err) {
+    var error = {
+      code: "SESSION_REFRESH_FAILED",
+      message:
+        (err && err.message) ||
+        "Failed to refresh the SDK session before it expired",
+    };
+
+    try {
+      if (initCallbacks.onError) initCallbacks.onError(error);
+    } catch (_) {}
+    try {
+      if (mountCallbacks.onError) mountCallbacks.onError(error);
+    } catch (_) {}
+    try {
+      if (dialogCallbacks.onError) dialogCallbacks.onError(error);
+    } catch (_) {}
+    try {
+      if (dialogAddToScenarioCallbacks.onError) {
+        dialogAddToScenarioCallbacks.onError(error);
+      }
+    } catch (_) {}
+  }
+
+  function computeRefreshBuffer(ttlMs) {
+    if (!Number.isFinite(ttlMs) || ttlMs <= 0) return 30000;
+    return Math.min(30000, Math.max(1000, Math.floor(ttlMs * 0.1)));
+  }
+
+  function computeRefreshDelay(ttlMs) {
+    if (!Number.isFinite(ttlMs) || ttlMs <= 0) return 5000;
+
+    var eightyPercent = Math.floor(ttlMs * 0.8);
+    var oneMinuteBeforeExpiry = ttlMs - 60000;
+    var target =
+      oneMinuteBeforeExpiry > 0
+        ? Math.min(eightyPercent, oneMinuteBeforeExpiry)
+        : Math.floor(ttlMs * 0.5);
+
+    return Math.max(target, 1000);
+  }
+
+  function scheduleRefreshRetry(err) {
+    if (!initCalled || !sessionExpiresAt) return;
+    if (refreshTimer) clearTimeout(refreshTimer);
+
+    var remainingMs = sessionExpiresAt - Date.now();
+
+    // The token has expired: a fresh one is now most needed, so DO NOT give up.
+    // Notify the host once that a refresh missed the window, then keep retrying
+    // with capped backoff until the session is restored (or the SDK is
+    // destroyed / re-initialized). Previously this returned here permanently,
+    // so one post-expiry failure killed refresh forever.
+    if (remainingMs <= 0 && !sessionRefreshExpiredNotified) {
+      sessionRefreshExpiredNotified = true;
+      notifySessionRefreshFailed(err);
+    }
+
+    var delay = Math.max(1000, refreshRetryDelayMs);
+    refreshRetryDelayMs = Math.min(refreshRetryDelayMs * 2, 60000);
+
+    refreshTimer = setTimeout(function () {
+      fetchSession({ broadcastRefresh: true }).catch(scheduleRefreshRetry);
+    }, delay);
+  }
+
+  // Re-resolve the session when the tab becomes visible again. Background tabs
+  // throttle timers, so a long-lived session can lapse while hidden; and a user
+  // who was in trial mode may have completed payment in another tab. Either way,
+  // refreshing on foreground recovers a mounted embed without a page reload.
+  function handleVisibilityChange() {
+    try {
+      if (typeof document !== "undefined" && document.visibilityState !== "visible") {
+        return;
+      }
+      if (!initCalled) return;
+      var needsRefresh =
+        !sessionToken || Date.now() >= sessionExpiresAt - sessionRefreshBufferMs;
+      if (needsRefresh) {
+        fetchSession({ broadcastRefresh: true }).catch(function () {});
+      }
+    } catch (e) {
+      logError("handleVisibilityChange", e);
+    }
+  }
+
+  function fetchSession(options) {
+    options = options || {};
     var requestInitVersion = activeInitVersion;
 
     if (fetchingSession && fetchingSession.initVersion === requestInitVersion) {
+      if (options.broadcastRefresh) {
+        return fetchingSession.promise.then(function (result) {
+          if (
+            requestInitVersion === activeInitVersion &&
+            result &&
+            result.sessionToken
+          ) {
+            broadcastSessionRefresh();
+          }
+          return result;
+        });
+      }
       return fetchingSession.promise;
     }
 
-    var requestPromise = new Promise(function (resolve, reject) {
-      var url = getApiOrigin() + "/api/sdk/session";
-      var body = { userToken: userToken };
+    var requestPromise = resolveUserToken().then(function (freshUserToken) {
+      if (requestInitVersion !== activeInitVersion) {
+        throw makeError("ABORTED", "Stale session request ignored");
+      }
 
-      var xhr = new XMLHttpRequest();
-      activeSessionXhr = xhr;
-      xhr.open("POST", url, true);
-      xhr.setRequestHeader("Content-Type", "application/json");
-      xhr.withCredentials = false;
-      xhr.timeout = SESSION_TIMEOUT_MS;
+      return new Promise(function (resolve, reject) {
+        var url = getApiOrigin() + "/api/sdk/session";
+        var body = { userToken: freshUserToken };
 
-      function cleanupRequest() {
-        if (activeSessionXhr === xhr) {
-          activeSessionXhr = null;
-        }
-        if (fetchingSession && fetchingSession.promise === requestPromise) {
-          fetchingSession = null;
+        var xhr = new XMLHttpRequest();
+        activeSessionXhr = xhr;
+        xhr.open("POST", url, true);
+        xhr.setRequestHeader("Content-Type", "application/json");
+        xhr.withCredentials = false;
+        xhr.timeout = SESSION_TIMEOUT_MS;
+
+        function cleanupRequest() {
+          if (activeSessionXhr === xhr) {
+            activeSessionXhr = null;
+          }
+          if (fetchingSession && fetchingSession.promise === requestPromise) {
+            fetchingSession = null;
+          }
         }
-      }
 
-      xhr.onload = function () {
-        cleanupRequest();
+        xhr.onload = function () {
+          cleanupRequest();
 
-        if (requestInitVersion !== activeInitVersion) {
-          reject({ code: "ABORTED", message: "Stale session response ignored" });
-          return;
-        }
+          if (requestInitVersion !== activeInitVersion) {
+            reject({ code: "ABORTED", message: "Stale session response ignored" });
+            return;
+          }
 
-        var data;
-        try {
-          data = JSON.parse(xhr.responseText);
-        } catch (e) {
-          reject({ code: "PARSE_ERROR", message: "Invalid response from session endpoint" });
-          return;
-        }
+          var data;
+          try {
+            data = JSON.parse(xhr.responseText);
+          } catch (e) {
+            reject({ code: "PARSE_ERROR", message: "Invalid response from session endpoint" });
+            return;
+          }
 
-        if (xhr.status === 200 && data.sessionToken) {
-          sessionToken = data.sessionToken;
-          var ttl = (data.expiresIn || 3600) * 1000;
-          sessionExpiresAt = Date.now() + ttl;
-          scheduleRefresh(ttl);
-          resolve({ sessionToken: sessionToken });
-          return;
-        }
+          if (xhr.status === 200 && data.sessionToken) {
+            sessionToken = data.sessionToken;
+            var ttl = (data.expiresIn || 3600) * 1000;
+            sessionRefreshBufferMs = computeRefreshBuffer(ttl);
+            sessionExpiresAt = Date.now() + ttl;
+            refreshRetryDelayMs = 5000;
+            sessionRefreshExpiredNotified = false;
+            scheduleRefresh(ttl);
+            if (options.broadcastRefresh) broadcastSessionRefresh();
+            resolve({ sessionToken: sessionToken });
+            return;
+          }
 
-        if (data.error === "USER_NOT_FOUND") {
-          // Trial mode — not a fatal error
-          sessionToken = null;
-          if (data.paymentLink) paymentLink = data.paymentLink;
-          resolve({ trialMode: true });
-          return;
-        }
+          if (data.error === "USER_NOT_FOUND") {
+            // Trial mode — not a fatal error
+            sessionToken = null;
+            sessionExpiresAt = 0;
+            refreshRetryDelayMs = 5000;
+            sessionRefreshExpiredNotified = false;
+            if (refreshTimer) {
+              clearTimeout(refreshTimer);
+              refreshTimer = null;
+            }
+            if (data.paymentLink) paymentLink = data.paymentLink;
+            resolve({ trialMode: true });
+            return;
+          }
 
-        reject({
-          code: data.error || "SESSION_ERROR",
-          message: data.message || "Failed to create session (HTTP " + xhr.status + ")",
-        });
-      };
+          reject({
+            code: data.error || "SESSION_ERROR",
+            message: data.message || "Failed to create session (HTTP " + xhr.status + ")",
+          });
+        };
 
-      xhr.onerror = function () {
-        cleanupRequest();
-        reject({ code: "NETWORK_ERROR", message: "Network error contacting session endpoint" });
-      };
+        xhr.onerror = function () {
+          cleanupRequest();
+          reject({ code: "NETWORK_ERROR", message: "Network error contacting session endpoint" });
+        };
 
-      xhr.ontimeout = function () {
-        cleanupRequest();
-        reject({ code: "TIMEOUT", message: "Session request timed out after " + SESSION_TIMEOUT_MS + "ms" });
-      };
+        xhr.ontimeout = function () {
+          cleanupRequest();
+          reject({ code: "TIMEOUT", message: "Session request timed out after " + SESSION_TIMEOUT_MS + "ms" });
+        };
 
-      xhr.onabort = function () {
-        cleanupRequest();
-        reject({ code: "ABORTED", message: "Session request was aborted" });
-      };
+        xhr.onabort = function () {
+          cleanupRequest();
+          reject({ code: "ABORTED", message: "Session request was aborted" });
+        };
 
-      xhr.send(JSON.stringify(body));
+        xhr.send(JSON.stringify(body));
+      });
+    });
+
+    requestPromise = requestPromise.catch(function (err) {
+      if (fetchingSession && fetchingSession.promise === requestPromise) {
+        fetchingSession = null;
+      }
+      throw err;
     });
 
     fetchingSession = {
@@ -194,7 +414,7 @@
   }
 
   function getSessionToken() {
-    if (sessionToken && Date.now() < sessionExpiresAt - 30000) {
+    if (sessionToken && Date.now() < sessionExpiresAt - sessionRefreshBufferMs) {
       return Promise.resolve(sessionToken);
     }
     return fetchSession().then(function (result) {
@@ -204,35 +424,41 @@
 
   function scheduleRefresh(ttlMs) {
     if (refreshTimer) clearTimeout(refreshTimer);
-    var delay = Math.max(ttlMs * 0.8, 5000);
+    var delay = computeRefreshDelay(ttlMs);
     refreshTimer = setTimeout(function () {
-      fetchSession().catch(function () {
-        // Silent — next open() will retry
-      });
+      fetchSession({ broadcastRefresh: true }).catch(scheduleRefreshRetry);
     }, delay);
   }
 
   // ── Teardown (dialog only — mount is independent) ─────────────────
 
   function teardownDialog() {
-    try {
-      if (dialogCloseTeardownTimer) {
-        clearTimeout(dialogCloseTeardownTimer);
-        dialogCloseTeardownTimer = null;
-      }
+    if (dialogCloseTeardownTimer) {
+      clearTimeout(dialogCloseTeardownTimer);
+      dialogCloseTeardownTimer = null;
+    }
 
+    // Remove the listener FIRST, in its own try, so a DOM exception below can
+    // never skip it (which would leak listeners across many open/close cycles).
+    if (dialogListener) {
+      try {
+        window.removeEventListener("message", dialogListener);
+      } catch (_) {}
+      dialogListener = null;
+    }
+
+    try {
       if (dialogOverlay && dialogOverlay.parentNode) {
         dialogOverlay.parentNode.removeChild(dialogOverlay);
       }
-      dialogOverlay = null;
-
-      if (dialogListener) {
-        window.removeEventListener("message", dialogListener);
-        dialogListener = null;
-      }
     } catch (e) {
       logError("teardownDialog", e);
     }
+    dialogOverlay = null;
+
+    // Restore focus to where it was, un-hide/un-inert the background, drop the
+    // Escape handler. Safe no-op if accessibility was never set up.
+    teardownDialogAccessibility();
 
     dialogIframe = null;
     dialogContactData = null;
@@ -243,14 +469,18 @@
   }
 
   function teardownMount() {
+    // Remove the listener FIRST so a DOM exception below can't leak it.
+    if (mountListener) {
+      try {
+        window.removeEventListener("message", mountListener);
+      } catch (_) {}
+      mountListener = null;
+    }
+
     try {
       if (mountIframe && mountIframe.parentNode) {
         mountIframe.parentNode.removeChild(mountIframe);
       }
-      if (mountListener) {
-        window.removeEventListener("message", mountListener);
-        mountListener = null;
-      }
     } catch (e) {
       logError("teardownMount", e);
     }
@@ -260,6 +490,128 @@
     mountCallbacks = { onClose: null, onError: null };
   }
 
+  // ── Dialog accessibility ──────────────────────────────────────────
+  // The dialog is a modal over the host page, so it follows the ARIA dialog
+  // pattern: labelled role="dialog" aria-modal, focus moved in on open and
+  // restored on close, background hidden from assistive tech + made inert, Tab
+  // focus trapped via edge sentinels, and Escape to close. NOTE: the content is
+  // a cross-origin iframe, so the parent cannot observe keystrokes while focus
+  // is INSIDE it — Escape works from the dialog chrome, and the embedded app
+  // forwards Escape from within the iframe for full coverage.
+
+  function hideBackgroundFromAssistiveTech(overlayEl) {
+    dialogInertedSiblings = [];
+    if (typeof document === "undefined" || !document.body) return;
+    var children = document.body.children;
+    for (var i = 0; i < children.length; i++) {
+      var el = children[i];
+      if (el === overlayEl) continue;
+      dialogInertedSiblings.push({
+        el: el,
+        ariaHidden: el.getAttribute("aria-hidden"),
+        wasInert: el.hasAttribute("inert"),
+      });
+      el.setAttribute("aria-hidden", "true");
+      try {
+        el.inert = true;
+      } catch (_) {}
+    }
+  }
+
+  function restoreBackgroundFromAssistiveTech() {
+    if (!dialogInertedSiblings) return;
+    for (var i = 0; i < dialogInertedSiblings.length; i++) {
+      var rec = dialogInertedSiblings[i];
+      try {
+        if (rec.ariaHidden === null) rec.el.removeAttribute("aria-hidden");
+        else rec.el.setAttribute("aria-hidden", rec.ariaHidden);
+        if (!rec.wasInert) rec.el.inert = false;
+      } catch (_) {}
+    }
+    dialogInertedSiblings = null;
+  }
+
+  function makeFocusSentinel() {
+    var s = document.createElement("div");
+    s.tabIndex = 0;
+    s.setAttribute("aria-hidden", "true");
+    var st = s.style;
+    st.position = "absolute";
+    st.width = "1px";
+    st.height = "1px";
+    st.padding = "0";
+    st.margin = "-1px";
+    st.overflow = "hidden";
+    st.border = "0";
+    st.clip = "rect(0 0 0 0)";
+    return s;
+  }
+
+  function setupDialogAccessibility(overlayEl, closeBtn, labelText) {
+    try {
+      overlayEl.setAttribute("role", "dialog");
+      overlayEl.setAttribute("aria-modal", "true");
+      if (labelText) overlayEl.setAttribute("aria-label", labelText);
+      if (closeBtn) closeBtn.setAttribute("aria-label", "Close");
+
+      dialogPreviousFocus =
+        document.activeElement && document.activeElement.focus
+          ? document.activeElement
+          : null;
+
+      hideBackgroundFromAssistiveTech(overlayEl);
+
+      // Edge sentinels wrap Tab focus back into the dialog. This works across
+      // the cross-origin iframe boundary (focus exiting the iframe lands on the
+      // trailing sentinel in the parent), where a keydown-based trap cannot.
+      var lead = makeFocusSentinel();
+      var trail = makeFocusSentinel();
+      lead.addEventListener("focus", function () {
+        var f = overlayEl.querySelector("iframe");
+        if (f) f.focus();
+        else if (closeBtn) closeBtn.focus();
+      });
+      trail.addEventListener("focus", function () {
+        if (closeBtn) closeBtn.focus();
+      });
+      overlayEl.insertBefore(lead, overlayEl.firstChild);
+      overlayEl.appendChild(trail);
+
+      if (closeBtn) {
+        try {
+          closeBtn.focus();
+        } catch (_) {}
+      }
+
+      dialogKeydownListener = function (e) {
+        if (e.key === "Escape" || e.keyCode === 27) {
+          e.stopPropagation();
+          closeDialog();
+        }
+      };
+      document.addEventListener("keydown", dialogKeydownListener, true);
+    } catch (e) {
+      logError("setupDialogAccessibility", e);
+    }
+  }
+
+  function teardownDialogAccessibility() {
+    if (dialogKeydownListener) {
+      try {
+        document.removeEventListener("keydown", dialogKeydownListener, true);
+      } catch (_) {}
+      dialogKeydownListener = null;
+    }
+    restoreBackgroundFromAssistiveTech();
+    var toRestore = dialogPreviousFocus;
+    dialogPreviousFocus = null;
+    if (toRestore && toRestore.focus) {
+      try {
+        toRestore.focus();
+      } catch (_) {}
+    }
+  }
+
   // ── Message dispatch ──────────────────────────────────────────────
 
   function dispatchInitToTarget(targetIframe, contactData, atsContacts) {
@@ -451,17 +803,17 @@
 
   var SeamlessRoleplay = {
     /**
-     * Initialize the SDK with a short-lived user token.
+     * Initialize the SDK with a host-provided user token callback.
      */
     init: function (opts) {
       try {
         var initVersion = activeInitVersion + 1;
-        var hasUserToken = !!(opts && opts.userToken && String(opts.userToken).trim());
+        var hasUserTokenProvider = !!(opts && typeof opts.getUserToken === "function");
 
-        if (!opts || !hasUserToken) {
+        if (!opts || !hasUserTokenProvider) {
           var error = {
             code: "INVALID_INIT",
-            message: "requires { userToken }",
+            message: "requires { getUserToken }",
           };
           logError("init", error.message);
           if (opts && typeof opts.onError === "function") {
@@ -479,14 +831,37 @@
         clearSessionRequest();
         sessionToken = null;
         sessionExpiresAt = 0;
+        sessionRefreshBufferMs = 30000;
+        refreshRetryDelayMs = 5000;
         paymentLink = null;
-
-        userToken = opts.userToken || null;
-        appOrigin = opts.origin || null;
+        latestUserToken = null;
+        userTokenRequest = null;
+
+        getUserToken = opts.getUserToken;
+        if (opts.origin) {
+          if (isAllowedAppOrigin(opts.origin)) {
+            appOrigin = opts.origin;
+          } else {
+            appOrigin = null;
+            logError("init", "Ignoring untrusted origin override: " + opts.origin);
+          }
+        } else {
+          appOrigin = null;
+        }
         initCallbacks.onReady = opts.onReady || null;
         initCallbacks.onError = opts.onError || null;
         initCalled = true;
 
+        // Re-resolve the session when the tab is refocused (recovers throttled
+        // refresh timers and trial->paid transitions). Re-armed on every init().
+        if (typeof document !== "undefined" && document.addEventListener) {
+          if (visibilityListener) {
+            document.removeEventListener("visibilitychange", visibilityListener);
+          }
+          visibilityListener = handleVisibilityChange;
+          document.addEventListener("visibilitychange", visibilityListener);
+        }
+
         // Fetch session immediately
         fetchSession()
           .then(function (result) {
@@ -601,6 +976,7 @@
         dialogOverlay = el;
         dialogIframe = iframeEl;
         document.body.appendChild(dialogOverlay);
+        setupDialogAccessibility(el, closeBtn, "Roleplay call");
       } catch (e) {
         logError("open", e);
         teardownDialog();
@@ -613,7 +989,7 @@
     /**
      * Mount the full Roleplay app into a container element.
      */
-    mount: function (container) {
+    mount: function (container, opts) {
       try {
         if (!initCalled) {
           logError("mount", "init() must be called first");
@@ -627,7 +1003,10 @@
         // Tear down any existing mount (re-mount)
         if (mountIframe) teardownMount();
 
-        mountCallbacks = { onClose: null, onError: null };
+        mountCallbacks = {
+          onClose: (opts && opts.onClose) || null,
+          onError: (opts && opts.onError) || null,
+        };
         mountContainer = container;
 
         // Listen for messages
@@ -764,6 +1143,7 @@
         dialogOverlay = el;
         dialogIframe = iframeEl;
         document.body.appendChild(dialogOverlay);
+        setupDialogAccessibility(el, closeBtn, "Add contacts to scenario");
       } catch (e) {
         logError("addToScenario", e);
         teardownDialog();
@@ -796,6 +1176,28 @@
       }
     },
 
+    /**
+     * Force a session re-resolution — e.g. after the user completes payment in
+     * another tab. Re-fetches the session and broadcasts it to any mounted embed
+     * or open dialog, recovering trial->paid without a page reload.
+     */
+    reauth: function () {
+      try {
+        if (!initCalled) {
+          logError("reauth", "init() must be called first");
+          return;
+        }
+        refreshRetryDelayMs = 5000;
+        sessionRefreshExpiredNotified = false;
+        fetchSession({ broadcastRefresh: true }).catch(function (err) {
+          if (err && err.code === "ABORTED") return;
+          scheduleRefreshRetry(err);
+        });
+      } catch (e) {
+        logError("reauth", e);
+      }
+    },
+
     /**
      * Destroy the SDK — clears state, timers, and DOM (both mount and dialogs).
      */
@@ -806,13 +1208,22 @@
           clearTimeout(refreshTimer);
           refreshTimer = null;
         }
+        if (visibilityListener && typeof document !== "undefined") {
+          document.removeEventListener("visibilitychange", visibilityListener);
+          visibilityListener = null;
+        }
+        sessionRefreshExpiredNotified = false;
         clearSessionRequest();
         teardownDialog();
         teardownMount();
-        userToken = null;
+        getUserToken = null;
+        latestUserToken = null;
+        userTokenRequest = null;
         paymentLink = null;
         sessionToken = null;
         sessionExpiresAt = 0;
+        sessionRefreshBufferMs = 30000;
+        refreshRetryDelayMs = 5000;
         initCallbacks = { onReady: null, onError: null };
         initCalled = false;
       } catch (e) {