@series-inc/rundot-game-sdk 5.2.0 → 5.3.0-beta.0

package/dist/{SandboxHost-OSPEPZ37.js → SandboxHost-2VX2B4AS.js}

@@ -1,4 +1,4 @@
-import { MockAdsApi, MockLifecycleApi, MockAnalyticsApi, getSandboxConfig, createMockStorageApi, MockAvatarApi, MockNavigationApi, MockNotificationsApi, MockPopupsApi, SandboxProfileApi, MockDeviceApi, MockEnvironmentApi, MockSystemApi, MockCdnApi, MockTimeApi, MockAiApi, MockHapticsApi, MockFeaturesApi, MockLoggingApi, MockIapApi, MockSocialApi, initializeRoomsApi, MockPreloaderApi, MockSharedAssetsApi, RundotGameRoom, getCloudRunUrl, buildFunctionsBaseUrl } from './chunk-4ROGEXJO.js';
+import { MockAdsApi, MockLifecycleApi, MockAnalyticsApi, getSandboxConfig, createMockStorageApi, MockAvatarApi, MockNavigationApi, MockNotificationsApi, MockPopupsApi, SandboxProfileApi, MockDeviceApi, MockEnvironmentApi, MockSystemApi, MockCdnApi, MockTimeApi, MockAiApi, MockHapticsApi, MockFeaturesApi, MockLoggingApi, MockIapApi, MockSocialApi, initializeRoomsApi, MockPreloaderApi, MockSharedAssetsApi, RundotGameRoom, getCloudRunUrl, buildFunctionsBaseUrl } from './chunk-DHC4VLMR.js';
 import './chunk-CJU2J3S6.js';
 
 // src/firebase/localSandboxIdentity.ts
@@ -23,6 +23,7 @@ var APP_NAME = "rundot-game-sandbox";
 var firebaseClientPromise = null;
 var cachedClient = null;
 var LOCAL_TEST_PASSWORD = "rundot-game-dev-password";
+var cliRecoveryPromise = null;
 async function getFirebaseClient() {
   if (cachedClient) {
     return cachedClient;
@@ -30,8 +31,54 @@ async function getFirebaseClient() {
   if (!firebaseClientPromise) {
     firebaseClientPromise = initializeFirebaseClient();
   }
-  cachedClient = await firebaseClientPromise;
-  return cachedClient;
+  try {
+    cachedClient = await firebaseClientPromise;
+    return cachedClient;
+  } catch (error) {
+    firebaseClientPromise = null;
+    throw error;
+  }
+}
+async function exchangeRefreshToken(refreshToken, apiKey) {
+  const response = await fetch(
+    `https://securetoken.googleapis.com/v1/token?key=${apiKey}`,
+    {
+      method: "POST",
+      headers: { "Content-Type": "application/x-www-form-urlencoded" },
+      body: `grant_type=refresh_token&refresh_token=${encodeURIComponent(refreshToken)}`
+    }
+  );
+  if (!response.ok) {
+    const text = await response.text();
+    throw new Error(`[RUN.game SDK] Refresh token exchange failed (${response.status}): ${text}`);
+  }
+  const data = await response.json();
+  const idToken = data.id_token;
+  if (typeof idToken !== "string" || idToken.length === 0) {
+    throw new Error("[RUN.game SDK] Refresh token exchange: response missing id_token");
+  }
+  return { idToken };
+}
+async function exchangeForCustomToken(idToken, cloudRunBaseUrl, playerId) {
+  const url = `${cloudRunBaseUrl}/v1/sandbox-auth/exchange`;
+  const response = await fetch(url, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      "Authorization": `Bearer ${idToken}`
+    },
+    body: JSON.stringify(playerId ? { playerId } : {})
+  });
+  if (!response.ok) {
+    const text = await response.text();
+    throw new Error(`[RUN.game SDK] Custom token exchange failed (${response.status}): ${text}`);
+  }
+  const data = await response.json();
+  const customToken = data.customToken;
+  if (typeof customToken !== "string" || customToken.length === 0) {
+    throw new Error("[RUN.game SDK] Custom token exchange: response missing customToken");
+  }
+  return customToken;
 }
 async function initializeFirebaseClient() {
   const config = getSandboxConfig();
@@ -41,6 +88,7 @@ async function initializeFirebaseClient() {
       "[Run.game SDK] Cannot initialize Firebase: Sandbox config not available. Make sure the Vite plugin is configured correctly."
     );
   }
+  const isLocalMode = config.target === "local";
   console.log("[RUN.game SDK] Importing Firebase modules...");
   const [
     firebaseApp,
@@ -51,9 +99,35 @@ async function initializeFirebaseClient() {
     import('firebase/auth'),
     import('firebase/firestore')
   ]);
-  const { initializeApp, getApps, getApp } = firebaseApp;
-  const { getAuth, GoogleAuthProvider, signInWithPopup, signInWithRedirect, getRedirectResult, signInWithEmailAndPassword, createUserWithEmailAndPassword, browserLocalPersistence, setPersistence, connectAuthEmulator } = firebaseAuth;
-  const { getFirestore, connectFirestoreEmulator, doc, collection, getDoc, setDoc, updateDoc, deleteDoc, addDoc, query, where, orderBy, limit, onSnapshot, serverTimestamp, deleteField } = firebaseFirestore;
+  const { initializeApp, getApps } = firebaseApp;
+  const {
+    getAuth,
+    signInWithEmailAndPassword,
+    createUserWithEmailAndPassword,
+    signInWithCustomToken,
+    browserLocalPersistence,
+    browserSessionPersistence,
+    setPersistence,
+    connectAuthEmulator
+  } = firebaseAuth;
+  const {
+    getFirestore,
+    connectFirestoreEmulator,
+    doc,
+    collection,
+    getDoc,
+    setDoc,
+    updateDoc,
+    deleteDoc,
+    addDoc,
+    query,
+    where,
+    orderBy,
+    limit,
+    onSnapshot,
+    serverTimestamp,
+    deleteField
+  } = firebaseFirestore;
   console.log("[RUN.game SDK] Firebase modules imported");
   console.log("[RUN.game SDK] Getting/creating Firebase app...");
   const existingApps = getApps();
@@ -63,7 +137,6 @@ async function initializeFirebaseClient() {
   console.log("[RUN.game SDK] Getting auth...");
   const auth = getAuth(app);
   console.log("[RUN.game SDK] Auth ready");
-  const isLocalMode = config.target === "local";
   if (isLocalMode && config.authEmulatorHost) {
     console.log("[RUN.game SDK] Connecting to Auth emulator:", config.authEmulatorHost);
     try {
@@ -75,9 +148,10 @@ async function initializeFirebaseClient() {
   } else {
     console.log("[RUN.game SDK] Using real Firebase Auth (target:", config.target, ")");
   }
-  console.log("[RUN.game SDK] Setting persistence...");
+  const persistence = isLocalMode ? browserLocalPersistence : browserSessionPersistence;
+  console.log("[RUN.game SDK] Setting persistence:", isLocalMode ? "local (IndexedDB)" : "session (per-tab)");
   try {
-    await setPersistence(auth, browserLocalPersistence);
+    await setPersistence(auth, persistence);
     console.log("[RUN.game SDK] Persistence set");
   } catch (e) {
     console.log("[RUN.game SDK] Persistence error:", e);
@@ -95,26 +169,61 @@ async function initializeFirebaseClient() {
     }, 3e3);
   });
   console.log("[RUN.game SDK] Auth state restored, user:", initialUser?.uid ?? "none");
-  const googleProvider = new GoogleAuthProvider();
-  if (!initialUser) {
-    console.log("[RUN.game SDK] No persisted user, checking for redirect result...");
+  if (isLocalMode && !initialUser) {
+    let localPlayerId = "player1";
     try {
-      const redirectResult = await getRedirectResult(auth);
-      if (redirectResult?.user) {
-        console.log("[RUN.game SDK] Sign-in redirect completed successfully, user:", redirectResult.user.uid);
-      } else {
-        console.log("[RUN.game SDK] No redirect result (normal page load or redirect state lost)");
+      const stored = localStorage.getItem("rundot-game-sandbox-selected-player");
+      if (stored && /^player\d+$/.test(stored.trim().toLowerCase())) {
+        localPlayerId = stored.trim().toLowerCase();
       }
+    } catch {
+    }
+    const email = buildLocalSandboxEmail(normalizeLocalSandboxPlayerId(localPlayerId));
+    console.log("[RUN.game SDK] Local auto-sign-in as", localPlayerId, "(", email, ")");
+    try {
+      await signInWithEmailAndPassword(auth, email, LOCAL_TEST_PASSWORD);
     } catch (error) {
-      console.error("[RUN.game SDK] Redirect sign-in error:", error);
+      const authError = error;
+      if (authError.code === "auth/user-not-found" || authError.code === "auth/invalid-credential") {
+        console.log("[RUN.game SDK] Local test user not found, creating:", email);
+        await createUserWithEmailAndPassword(auth, email, LOCAL_TEST_PASSWORD);
+      } else {
+        console.warn("[RUN.game SDK] Local auto-sign-in failed (emulator may not be ready):", error);
+      }
     }
-  } else {
-    console.log("[RUN.game SDK] User already restored from persistence, skipping redirect check");
+    console.log("[RUN.game SDK] Local auto-sign-in complete. User:", auth.currentUser?.uid ?? "none");
+  }
+  let manualSignout = false;
+  try {
+    manualSignout = sessionStorage.getItem("rundot-game-sandbox-manual-signout") === "true";
+  } catch {
+  }
+  if (!isLocalMode && !initialUser && manualSignout) {
+    console.log('[RUN.game SDK] Skipping CLI auto-auth: developer manually signed out. Click "Sign in" in the toolbar to re-enable.');
+  } else if (!isLocalMode && !initialUser) {
+    const { cliRefreshToken, cliApiKey } = config;
+    if (!cliRefreshToken || !cliApiKey) {
+      throw new Error(
+        "[RUN.game SDK] No auth session and no CLI token. Run `rundot login --env <env>` and restart."
+      );
+    }
+    console.log("[RUN.game SDK] Bootstrapping auth from CLI refresh token...");
+    const { idToken } = await exchangeRefreshToken(cliRefreshToken, cliApiKey);
+    const cloudRunBase = config.cloudRunUrl || "/__rundotcloudrun";
+    let bootstrapPlayerId;
+    try {
+      const stored = sessionStorage.getItem("rundot-game-sandbox-active-player");
+      if (stored) bootstrapPlayerId = stored;
+    } catch {
+    }
+    const customToken = await exchangeForCustomToken(idToken, cloudRunBase, bootstrapPlayerId);
+    await signInWithCustomToken(auth, customToken);
+    console.log("[RUN.game SDK] CLI auth bootstrap successful. User:", auth.currentUser?.uid, "Player:", bootstrapPlayerId || "default");
   }
   console.log("[RUN.game SDK] Current auth state:", auth.currentUser ? `signed in as ${auth.currentUser.uid}` : "not signed in");
   console.log("[RUN.game SDK] Getting Firestore...");
   const firestore = getFirestore(app);
-  if (config.target === "local" && config.firestoreEmulatorHost) {
+  if (isLocalMode && config.firestoreEmulatorHost) {
     console.log("[RUN.game SDK] Connecting to Firestore emulator:", config.firestoreEmulatorHost);
     try {
       const [host, port] = config.firestoreEmulatorHost.split(":");
@@ -136,15 +245,6 @@ async function initializeFirebaseClient() {
     getProfileId() {
       return auth.currentUser?.uid ?? null;
     },
-    async signInWithGoogle() {
-      if (isLocalMode) {
-        return this.signInWithLocalPlayer("player1");
-      }
-      console.log("[RUN.game SDK] Signing in with Google popup...");
-      const result = await signInWithPopup(auth, googleProvider);
-      console.log("[RUN.game SDK] Sign-in successful, user:", result.user.uid);
-      return result;
-    },
     async signInWithLocalPlayer(playerId) {
       if (!isLocalMode) {
         throw new Error("[Run.game SDK] signInWithLocalPlayer is only available in local (emulator) mode.");
@@ -185,21 +285,78 @@ async function initializeFirebaseClient() {
       const user = auth.currentUser;
       console.log("[RUN.game SDK] getIdTokenOrThrow: currentUser =", user ? user.uid : null);
       if (!user) {
-        throw new Error(
-          "[Run.game SDK] Not signed in. Click the Run.game Sandbox toolbar to sign in."
-        );
+        const hint = isLocalMode ? "Click the Run.game Sandbox toolbar to sign in." : "Run `rundot login --env <env>` and restart the dev server.";
+        throw new Error(`[RUN.game SDK] Not signed in. ${hint}`);
       }
-      console.log("[RUN.game SDK] getIdTokenOrThrow: Forcing token refresh...");
       try {
+        console.log("[RUN.game SDK] getIdTokenOrThrow: Forcing token refresh...");
         const token = await user.getIdToken(true);
         console.log("[RUN.game SDK] getIdTokenOrThrow: Got fresh token, length:", token?.length);
         return token;
-      } catch (error) {
-        console.error("[RUN.game SDK] getIdTokenOrThrow: Token refresh failed:", error);
-        console.log("[RUN.game SDK] getIdTokenOrThrow: Signing out stale session...");
-        await auth.signOut();
+      } catch (refreshError) {
+        const sandboxConfig = getSandboxConfig();
+        if (sandboxConfig?.target === "local") {
+          const currentEmail = user.email;
+          if (currentEmail) {
+            console.warn("[RUN.game SDK] Token refresh failed (local), re-authenticating as", currentEmail, "...", refreshError);
+            try {
+              await signInWithEmailAndPassword(auth, currentEmail, LOCAL_TEST_PASSWORD);
+              const freshUser = auth.currentUser;
+              if (freshUser) {
+                const token = await freshUser.getIdToken(true);
+                console.log("[RUN.game SDK] Local re-auth successful, fresh token length:", token?.length);
+                return token;
+              }
+            } catch (reAuthError) {
+              console.error("[RUN.game SDK] Local re-auth failed:", reAuthError);
+            }
+          }
+          console.warn("[RUN.game SDK] Local recovery failed, signing out as last resort");
+          await auth.signOut();
+          throw new Error(
+            "[RUN.game SDK] Session expired. Please sign in again via the Run.game toolbar."
+          );
+        }
+        console.warn("[RUN.game SDK] Token refresh failed, attempting CLI recovery...", refreshError);
+        const recoveryRefreshToken = sandboxConfig?.cliRefreshToken;
+        const recoveryApiKey = sandboxConfig?.cliApiKey;
+        if (recoveryRefreshToken && recoveryApiKey) {
+          if (cliRecoveryPromise) {
+            return cliRecoveryPromise;
+          }
+          cliRecoveryPromise = (async () => {
+            try {
+              const { idToken } = await exchangeRefreshToken(
+                recoveryRefreshToken,
+                recoveryApiKey
+              );
+              const cloudRunBase = sandboxConfig.cloudRunUrl || "/__rundotcloudrun";
+              let activePlayerId;
+              try {
+                const stored = sessionStorage.getItem("rundot-game-sandbox-active-player");
+                if (stored) activePlayerId = stored;
+              } catch {
+              }
+              const customToken = await exchangeForCustomToken(idToken, cloudRunBase, activePlayerId);
+              await signInWithCustomToken(auth, customToken);
+              const recoveredUser = auth.currentUser;
+              if (!recoveredUser) {
+                throw new Error("[RUN.game SDK] CLI recovery: signInWithCustomToken succeeded but currentUser is null");
+              }
+              console.log("[RUN.game SDK] CLI recovery successful. Player:", activePlayerId || "default");
+              return await recoveredUser.getIdToken(true);
+            } finally {
+              cliRecoveryPromise = null;
+            }
+          })();
+          try {
+            return await cliRecoveryPromise;
+          } catch (recoveryError) {
+            console.error("[RUN.game SDK] CLI recovery failed:", recoveryError);
+          }
+        }
         throw new Error(
-          "[Run.game SDK] Session expired. Please sign in again via the Run.game toolbar."
+          "[RUN.game SDK] Session expired and recovery failed. Run `rundot login --env <env>` and restart."
         );
       }
     },
@@ -1575,10 +1732,13 @@ var SandboxHost = class {
   setupSandboxSignIn() {
     if (typeof window === "undefined") return;
     const broadcastAuthState = (user) => {
+      const isCliAuth = user?.providerData?.length === 0;
+      const authSource = isCliAuth ? "cli" : "local";
       window.dispatchEvent(
         new CustomEvent("rundot-game-auth-state-changed", {
           detail: {
             signedIn: user !== null,
+            source: authSource,
             user: user ? {
               uid: user.uid,
               email: user.email,
@@ -1641,18 +1801,27 @@ var SandboxHost = class {
     };
     window.addEventListener("rundot-game-check-auth-state", checkAuthHandler);
     this.cleanupFunctions.push(() => window.removeEventListener("rundot-game-check-auth-state", checkAuthHandler));
-    window.__RUNDOT_GAME_SANDBOX_SIGN_IN__ = () => {
-      if (this.client) {
-        return this.client.signInWithGoogle().then(() => console.log("[RUN.game SDK] Google sign-in successful")).catch((error) => {
-          console.error("[RUN.game SDK] Google sign-in failed:", error);
-          throw error;
-        });
+    window.__RUNDOT_GAME_SANDBOX_SWITCH_PLAYER__ = async (playerId) => {
+      const sandboxConfig = getSandboxConfig();
+      if (!sandboxConfig?.cliRefreshToken || !sandboxConfig?.cliApiKey) {
+        throw new Error("[RUN.game SDK] Player switching requires CLI auth (dev/staging only).");
       }
-      if (!this.clientReady) {
-        throw new Error("[RUN.game SDK] Firebase not configured.");
-      }
-      console.warn("[RUN.game SDK] Firebase client still initializing, please wait a moment...");
-      throw new Error("[RUN.game SDK] Firebase client still initializing. Please wait a moment and try again.");
+      console.log("[RUN.game SDK] Switching to player:", playerId ?? "(default)");
+      const { idToken } = await exchangeRefreshToken(
+        sandboxConfig.cliRefreshToken,
+        sandboxConfig.cliApiKey
+      );
+      const cloudRunBase = sandboxConfig.cloudRunUrl || "/__rundotcloudrun";
+      const customToken = await exchangeForCustomToken(
+        idToken,
+        cloudRunBase,
+        playerId
+        // undefined = real profile, 'player1' = synthetic
+      );
+      const { signInWithCustomToken } = await import('firebase/auth');
+      const client = await getFirebaseClient();
+      await signInWithCustomToken(client.auth, customToken);
+      window.location.reload();
     };
     window.__RUNDOT_GAME_SANDBOX_SIGN_IN_AS__ = (playerId) => {
       if (this.client) {
@@ -1678,7 +1847,7 @@ var SandboxHost = class {
       }
     };
     this.cleanupFunctions.push(() => {
-      delete window.__RUNDOT_GAME_SANDBOX_SIGN_IN__;
+      delete window.__RUNDOT_GAME_SANDBOX_SWITCH_PLAYER__;
       delete window.__RUNDOT_GAME_SANDBOX_SIGN_IN_AS__;
       delete window.__RUNDOT_GAME_SANDBOX_SIGN_OUT__;
     });
@@ -2172,5 +2341,5 @@ var SandboxHost = class {
 };
 
 export { SandboxHost };
-//# sourceMappingURL=SandboxHost-OSPEPZ37.js.map
-//# sourceMappingURL=SandboxHost-OSPEPZ37.js.map
+//# sourceMappingURL=SandboxHost-2VX2B4AS.js.map
+//# sourceMappingURL=SandboxHost-2VX2B4AS.js.map