botschat 0.1.10 → 0.1.13

package/packages/web/src/firebase.ts

@@ -7,14 +7,24 @@
  *   VITE_FIREBASE_API_KEY=AIzaSy...
  *   VITE_FIREBASE_AUTH_DOMAIN=your-project.firebaseapp.com
  *   VITE_FIREBASE_PROJECT_ID=your-project-id
+ *
+ * For Capacitor iOS/Android, also set:
+ *   VITE_GOOGLE_IOS_CLIENT_ID=xxx.apps.googleusercontent.com
+ *   VITE_GOOGLE_WEB_CLIENT_ID=xxx.apps.googleusercontent.com
  */
 
+import { Capacitor } from "@capacitor/core";
 import { initializeApp, type FirebaseApp } from "firebase/app";
 import {
   getAuth,
   GoogleAuthProvider,
   GithubAuthProvider,
+  OAuthProvider,
   signInWithPopup,
+  signInWithCredential,
+  indexedDBLocalPersistence,
+  inMemoryPersistence,
+  setPersistence,
   type Auth,
 } from "firebase/auth";
 
@@ -22,6 +32,8 @@ const firebaseConfig = {
   apiKey: import.meta.env.VITE_FIREBASE_API_KEY as string,
   authDomain: import.meta.env.VITE_FIREBASE_AUTH_DOMAIN as string,
   projectId: import.meta.env.VITE_FIREBASE_PROJECT_ID as string,
+  messagingSenderId: import.meta.env.VITE_FIREBASE_MESSAGING_SENDER_ID as string,
+  appId: import.meta.env.VITE_FIREBASE_APP_ID as string,
 };
 
 let app: FirebaseApp | null = null;
@@ -32,6 +44,14 @@ export function isFirebaseConfigured(): boolean {
   return !!(firebaseConfig.apiKey && firebaseConfig.authDomain && firebaseConfig.projectId);
 }
 
+/** Ensure the Firebase app is initialized (for FCM, independent of OAuth). */
+export function ensureFirebaseApp(): FirebaseApp | null {
+  if (app) return app;
+  if (!isFirebaseConfigured()) return null;
+  app = initializeApp(firebaseConfig);
+  return app;
+}
+
 function getFirebaseAuth(): Auth {
   if (!auth) {
     if (!isFirebaseConfigured()) {
@@ -39,6 +59,12 @@ function getFirebaseAuth(): Auth {
     }
     app = initializeApp(firebaseConfig);
     auth = getAuth(app);
+
+    // In Capacitor native, WKWebView's IndexedDB can hang Firebase Auth.
+    // Use in-memory persistence to avoid this.
+    if (Capacitor.isNativePlatform()) {
+      setPersistence(auth, inMemoryPersistence).catch(() => {});
+    }
   }
   return auth;
 }
@@ -48,13 +74,121 @@ export type FirebaseSignInResult = {
   email: string;
   displayName: string | null;
   photoURL: string | null;
-  provider: "google" | "github";
+  provider: "google" | "github" | "apple";
 };
 
+// ---------------------------------------------------------------------------
+// Native Google Sign-In via @capgo/capacitor-social-login
+// ---------------------------------------------------------------------------
+
+let _socialLoginInitialized = false;
+
+/** Race a promise against a timeout. */
+function withTimeout<T>(promise: Promise<T>, ms: number, label: string): Promise<T> {
+  return new Promise<T>((resolve, reject) => {
+    const timer = setTimeout(() => reject(new Error(`${label} timed out after ${ms}ms`)), ms);
+    promise.then(
+      (v) => { clearTimeout(timer); resolve(v); },
+      (e) => { clearTimeout(timer); reject(e); },
+    );
+  });
+}
+
 /**
- * Sign in with Google via popup and return the Firebase ID token.
+ * Initialize the native social login plugin (called once).
+ * On web (non-Capacitor) this is a no-op.
+ */
+async function ensureNativeGoogleInit(): Promise<void> {
+  if (!Capacitor.isNativePlatform() || _socialLoginInitialized) return;
+
+  const { SocialLogin } = await import("@capgo/capacitor-social-login");
+
+  const iosClientId = import.meta.env.VITE_GOOGLE_IOS_CLIENT_ID as string | undefined;
+  const webClientId = import.meta.env.VITE_GOOGLE_WEB_CLIENT_ID as string | undefined;
+  const platform = Capacitor.getPlatform();
+
+  console.log("[NativeGoogleSignIn] initialize: platform =", platform, "iOSClientId =", iosClientId?.substring(0, 20) + "...", "webClientId =", webClientId?.substring(0, 20) + "...");
+
+  await withTimeout(
+    SocialLogin.initialize({
+      google: {
+        webClientId: webClientId || undefined,
+        iOSClientId: iosClientId || undefined,
+        iOSServerClientId: webClientId || undefined,
+      },
+    }),
+    10000,
+    "SocialLogin.initialize",
+  );
+
+  _socialLoginInitialized = true;
+  console.log("[NativeGoogleSignIn] initialized OK");
+}
+
+/**
+ * Perform native Google Sign-In on iOS/Android, then exchange the Google
+ * credential for a Firebase ID token via `signInWithCredential`.
+ */
+async function nativeGoogleSignIn(): Promise<FirebaseSignInResult> {
+  console.log("[NativeGoogleSignIn] Step 1: ensureNativeGoogleInit");
+  await ensureNativeGoogleInit();
+
+  console.log("[NativeGoogleSignIn] Step 2: calling SocialLogin.login()");
+  const { SocialLogin } = await import("@capgo/capacitor-social-login");
+
+  // SocialLogin.login() opens native Google UI — user picks account.
+  // No timeout here because user interaction takes variable time.
+  const res = await SocialLogin.login({
+    provider: "google",
+    options: { scopes: ["email", "profile"] },
+  });
+
+  console.log("[NativeGoogleSignIn] Step 3: SocialLogin.login() returned, responseType =", res?.result?.responseType);
+
+  const googleResult = res.result;
+
+  // Narrow the union: online mode returns idToken + profile, offline returns serverAuthCode
+  if (googleResult.responseType !== "online") {
+    throw new Error(`Google Sign-In returned '${googleResult.responseType}' response; expected 'online'. Full result: ${JSON.stringify(res)}`);
+  }
+
+  const googleIdToken = googleResult.idToken;
+  console.log("[NativeGoogleSignIn] Step 4: idToken present =", !!googleIdToken, ", length =", googleIdToken?.length ?? 0);
+
+  if (!googleIdToken) {
+    throw new Error("Google Sign-In did not return an idToken. Ensure Web Client ID (iOSServerClientId) is correct.");
+  }
+
+  // Send the Google ID token directly to the backend — backend now verifies
+  // both Firebase ID tokens and native Google ID tokens.
+  // (Firebase signInWithCredential hangs in WKWebView on real devices.)
+  console.log("[NativeGoogleSignIn] Step 5: Skipping Firebase client, sending Google ID token directly to backend");
+
+  return {
+    idToken: googleIdToken,
+    email: googleResult.profile.email ?? "",
+    displayName: googleResult.profile.name ?? null,
+    photoURL: googleResult.profile.imageUrl ?? null,
+    provider: "google",
+  };
+}
+
+// ---------------------------------------------------------------------------
+// Public API
+// ---------------------------------------------------------------------------
+
+/**
+ * Sign in with Google.
+ * - Web: Firebase popup
+ * - Native (iOS/Android): Native Google Sign-In → Firebase credential
  */
 export async function signInWithGoogle(): Promise<FirebaseSignInResult> {
+  // Native: use @capgo/capacitor-social-login + Firebase signInWithCredential
+  if (Capacitor.isNativePlatform()) {
+    return nativeGoogleSignIn();
+  }
+
+  // Web: use Firebase popup (works fine in browsers)
   const firebaseAuth = getFirebaseAuth();
   const provider = new GoogleAuthProvider();
   provider.addScope("email");
@@ -73,7 +207,10 @@ export async function signInWithGoogle(): Promise<FirebaseSignInResult> {
 }
 
 /**
- * Sign in with GitHub via popup and return the Firebase ID token.
+ * Sign in with GitHub.
+ * - Web: Firebase popup
+ * - Native: Firebase popup (GitHub OAuth works in WKWebView with some config)
+ *   TODO: Implement native GitHub OAuth if popup doesn't work on native.
  */
 export async function signInWithGitHub(): Promise<FirebaseSignInResult> {
   const firebaseAuth = getFirebaseAuth();
@@ -91,3 +228,78 @@ export async function signInWithGitHub(): Promise<FirebaseSignInResult> {
     provider: "github",
   };
 }
+
+// ---------------------------------------------------------------------------
+// Apple Sign-In
+// ---------------------------------------------------------------------------
+
+/**
+ * Native Apple Sign-In on iOS via @capgo/capacitor-social-login,
+ * then exchange for Firebase credential.
+ */
+async function nativeAppleSignIn(): Promise<FirebaseSignInResult> {
+  console.log("[NativeAppleSignIn] Step 1: initializing");
+  const { SocialLogin } = await import("@capgo/capacitor-social-login");
+
+  if (!_socialLoginInitialized) {
+    await withTimeout(
+      SocialLogin.initialize({ apple: {} }),
+      10000,
+      "SocialLogin.initialize(apple)",
+    );
+    _socialLoginInitialized = true;
+  }
+
+  console.log("[NativeAppleSignIn] Step 2: calling SocialLogin.login()");
+  const res = await SocialLogin.login({
+    provider: "apple",
+    options: { scopes: ["email", "name"] },
+  });
+
+  console.log("[NativeAppleSignIn] Step 3: SocialLogin.login() returned", JSON.stringify(res).substring(0, 200));
+
+  const appleResult = res.result as any;
+  const appleIdToken = appleResult.idToken;
+  if (!appleIdToken) {
+    throw new Error("Apple Sign-In did not return an idToken");
+  }
+
+  // Send the Apple ID token directly to the backend — skip Firebase client
+  // (signInWithCredential hangs in WKWebView on real devices, same as Google)
+  console.log("[NativeAppleSignIn] Step 4: Skipping Firebase client, sending Apple ID token directly to backend");
+
+  return {
+    idToken: appleIdToken,
+    email: appleResult.profile?.email ?? appleResult.email ?? "",
+    displayName: appleResult.profile?.name ?? appleResult.fullName?.givenName ?? null,
+    photoURL: null,
+    provider: "apple",
+  };
+}
+
+/**
+ * Sign in with Apple.
+ * - Web: Firebase popup with Apple OAuthProvider
+ * - Native iOS: Native Apple Sign-In via @capgo/capacitor-social-login → Firebase credential
+ */
+export async function signInWithApple(): Promise<FirebaseSignInResult> {
+  if (Capacitor.isNativePlatform()) {
+    return nativeAppleSignIn();
+  }
+
+  const firebaseAuth = getFirebaseAuth();
+  const provider = new OAuthProvider("apple.com");
+  provider.addScope("email");
+  provider.addScope("name");
+
+  const result = await signInWithPopup(firebaseAuth, provider);
+  const idToken = await result.user.getIdToken();
+
+  return {
+    idToken,
+    email: result.user.email ?? "",
+    displayName: result.user.displayName,
+    photoURL: result.user.photoURL,
+    provider: "apple",
+  };
+}

package/packages/web/src/foreground.ts

@@ -0,0 +1,51 @@
+/**
+ * Foreground/background detection — notifies the ConnectionDO via WebSocket
+ * so it knows whether to send push notifications.
+ */
+
+import { Capacitor } from "@capacitor/core";
+import type { BotsChatWSClient } from "./ws";
+import { dlog } from "./debug-log";
+
+export function setupForegroundDetection(wsClient: BotsChatWSClient): () => void {
+  const notifyForeground = () => {
+    wsClient.send({ type: "foreground.enter" });
+    dlog.info("Foreground", "Entered foreground");
+  };
+
+  const notifyBackground = () => {
+    wsClient.send({ type: "foreground.leave" });
+    dlog.info("Foreground", "Entered background");
+  };
+
+  if (Capacitor.isNativePlatform()) {
+    let cleanup: (() => void) | null = null;
+
+    import("@capacitor/app").then(({ App }) => {
+      const handle = App.addListener("appStateChange", ({ isActive }) => {
+        if (isActive) notifyForeground();
+        else notifyBackground();
+      });
+      cleanup = () => handle.then((h) => h.remove());
+    });
+
+    // Report initial foreground state once WS is connected
+    notifyForeground();
+
+    return () => cleanup?.();
+  }
+
+  // Web: Use Page Visibility API
+  const handleVisibilityChange = () => {
+    if (document.hidden) notifyBackground();
+    else notifyForeground();
+  };
+
+  document.addEventListener("visibilitychange", handleVisibilityChange);
+
+  if (!document.hidden) notifyForeground();
+
+  return () => {
+    document.removeEventListener("visibilitychange", handleVisibilityChange);
+  };
+}

package/packages/web/src/index.css

@@ -186,8 +186,9 @@ code:not(pre code) {
   outline-offset: 1px;
 }
 
-/* Transitions for theme switching */
-body, .theme-transition {
+/* Transitions for theme switching — only on opt-in elements, NOT on body
+   (body transitions cause visible jitter during keyboard/layout changes on iOS) */
+.theme-transition {
   transition: background-color 0.15s ease, color 0.15s ease, border-color 0.15s ease;
 }
 
@@ -209,6 +210,13 @@ body, .theme-transition {
   }
 }
 
+/* Prevent long URLs, passwords, and inline code from overflowing message width */
+.prose a,
+.prose code:not(pre code) {
+  overflow-wrap: break-word;
+  word-break: break-all;
+}
+
 /* Mobile screen transition */
 .mobile-screen-enter {
   animation: slideInRight 0.2s ease-out;

package/packages/web/src/main.tsx

@@ -1,19 +1,41 @@
 import React from "react";
 import ReactDOM from "react-dom/client";
+import { Capacitor } from "@capacitor/core";
 import App from "./App";
 import "./index.css";
 import { initAnalytics } from "./analytics";
 
 initAnalytics();
 
+// ---- Capacitor native platform setup ----
+if (Capacitor.isNativePlatform()) {
+  // Configure status bar and keyboard for native app
+  import("@capacitor/status-bar").then(({ StatusBar, Style }) => {
+    const isDark = document.documentElement.getAttribute("data-theme") !== "light";
+    StatusBar.setStyle({ style: isDark ? Style.Dark : Style.Light }).catch(() => {});
+    StatusBar.setOverlaysWebView({ overlay: true }).catch(() => {});
+  });
+  import("@capacitor/keyboard").then(({ Keyboard }) => {
+    Keyboard.setAccessoryBarVisible({ isVisible: true }).catch(() => {});
+    // Write keyboard height to CSS variable so MobileLayout can shrink accordingly.
+    // This works with Keyboard.resize = "none" to avoid body-resize jitter.
+    Keyboard.addListener("keyboardWillShow", (info) => {
+      document.documentElement.style.setProperty("--keyboard-height", `${info.keyboardHeight}px`);
+    });
+    Keyboard.addListener("keyboardWillHide", () => {
+      document.documentElement.style.setProperty("--keyboard-height", "0px");
+    });
+  });
+}
+
 ReactDOM.createRoot(document.getElementById("root")!).render(
   <React.StrictMode>
     <App />
   </React.StrictMode>,
 );
 
-// Register service worker for PWA support (standalone mode on mobile)
-if ("serviceWorker" in navigator) {
+// Register service worker for PWA support — skip in Capacitor (native has its own caching)
+if (!Capacitor.isNativePlatform() && "serviceWorker" in navigator) {
   window.addEventListener("load", () => {
     navigator.serviceWorker.register("/sw.js").catch(() => {
       // SW registration failed — non-critical, app still works

package/packages/web/src/push.ts

@@ -0,0 +1,205 @@
+/**
+ * Push notification initialization for Web (FCM) and Native (Capacitor).
+ *
+ * - Web: Firebase Cloud Messaging + Service Worker
+ * - iOS/Android: @capacitor/push-notifications
+ *
+ * For E2E encrypted messages, the E2E key is synced to IndexedDB so the
+ * Service Worker (web) or native handler can decrypt before showing.
+ */
+
+import { Capacitor } from "@capacitor/core";
+import { pushApi } from "./api";
+import { dlog } from "./debug-log";
+import { E2eService } from "./e2e";
+
+let initialized = false;
+
+// ---- IndexedDB helpers for SW E2E key sync ----
+
+const IDB_NAME = "botschat-sw";
+const IDB_STORE = "keys";
+const IDB_KEY = "e2e_key";
+
+function openDB(): Promise<IDBDatabase> {
+  return new Promise((resolve, reject) => {
+    const req = indexedDB.open(IDB_NAME, 1);
+    req.onupgradeneeded = () => {
+      req.result.createObjectStore(IDB_STORE);
+    };
+    req.onsuccess = () => resolve(req.result);
+    req.onerror = () => reject(req.error);
+  });
+}
+
+/** Sync the current E2E key to IndexedDB so the Service Worker can decrypt. */
+export async function syncE2eKeyToSW(): Promise<void> {
+  try {
+    const db = await openDB();
+    const tx = db.transaction(IDB_STORE, "readwrite");
+    const store = tx.objectStore(IDB_STORE);
+
+    // Read the cached key from localStorage (base64-encoded Uint8Array)
+    const cachedKeyB64 = localStorage.getItem("botschat_e2e_key_cache");
+    if (cachedKeyB64) {
+      // Decode base64 to Uint8Array and store in IDB
+      const binary = atob(cachedKeyB64);
+      const key = new Uint8Array(binary.length);
+      for (let i = 0; i < binary.length; i++) {
+        key[i] = binary.charCodeAt(i);
+      }
+      store.put(key, IDB_KEY);
+    } else {
+      store.delete(IDB_KEY);
+    }
+
+    await new Promise<void>((resolve, reject) => {
+      tx.oncomplete = () => resolve();
+      tx.onerror = () => reject(tx.error);
+    });
+  } catch (err) {
+    dlog.warn("Push", "Failed to sync E2E key to SW IndexedDB", err);
+  }
+}
+
+/** Clear the E2E key from SW IndexedDB (call on logout or key clear). */
+export async function clearE2eKeyFromSW(): Promise<void> {
+  try {
+    const db = await openDB();
+    const tx = db.transaction(IDB_STORE, "readwrite");
+    tx.objectStore(IDB_STORE).delete(IDB_KEY);
+    await new Promise<void>((resolve, reject) => {
+      tx.oncomplete = () => resolve();
+      tx.onerror = () => reject(tx.error);
+    });
+  } catch {
+    // Ignore — best effort
+  }
+}
+
+// ---- Push initialization ----
+
+export async function initPushNotifications(): Promise<void> {
+  if (initialized) return;
+
+  // Sync E2E key so push notifications can be decrypted
+  await syncE2eKeyToSW();
+
+  // Subscribe to E2E key changes to keep SW in sync
+  E2eService.subscribe(() => {
+    syncE2eKeyToSW().catch(() => {});
+  });
+
+  if (Capacitor.isNativePlatform()) {
+    await initNativePush();
+  } else {
+    await initWebPush();
+  }
+
+  initialized = true;
+}
+
+// ---- Web Push (Firebase Cloud Messaging) ----
+
+async function initWebPush(): Promise<void> {
+  try {
+    if (!("Notification" in self)) {
+      dlog.warn("Push", "Notifications not supported in this browser");
+      return;
+    }
+
+    const permission = await Notification.requestPermission();
+    if (permission !== "granted") {
+      dlog.warn("Push", "Notification permission denied");
+      return;
+    }
+
+    const { getMessaging, getToken, onMessage } = await import("firebase/messaging");
+    const { ensureFirebaseApp } = await import("./firebase");
+
+    const firebaseApp = ensureFirebaseApp();
+    if (!firebaseApp) {
+      dlog.warn("Push", "Firebase not configured (missing env vars)");
+      return;
+    }
+
+    const messaging = getMessaging(firebaseApp);
+
+    // Get service worker registration
+    const registration = await navigator.serviceWorker.getRegistration();
+    if (!registration) {
+      dlog.warn("Push", "No service worker registration found");
+      return;
+    }
+
+    const vapidKey = import.meta.env.VITE_FIREBASE_VAPID_KEY as string;
+    if (!vapidKey) {
+      dlog.warn("Push", "VITE_FIREBASE_VAPID_KEY not set — skipping web push");
+      return;
+    }
+
+    const fcmToken = await getToken(messaging, {
+      vapidKey,
+      serviceWorkerRegistration: registration,
+    });
+
+    if (fcmToken) {
+      dlog.info("Push", `FCM token obtained (${fcmToken.slice(0, 20)}...)`);
+      await pushApi.register(fcmToken, "web");
+      dlog.info("Push", "Token registered with backend");
+    }
+
+    // Suppress foreground notifications (WS already delivers the message)
+    onMessage(messaging, (_payload) => {
+      dlog.info("Push", "Foreground FCM message received (suppressed)");
+    });
+  } catch (err) {
+    dlog.error("Push", "Web push init failed", err);
+  }
+}
+
+// ---- Native Push (Capacitor) ----
+
+async function initNativePush(): Promise<void> {
+  try {
+    const { PushNotifications } = await import("@capacitor/push-notifications");
+
+    const permResult = await PushNotifications.requestPermissions();
+    if (permResult.receive !== "granted") {
+      dlog.warn("Push", "Native push permission denied");
+      return;
+    }
+
+    await PushNotifications.register();
+
+    PushNotifications.addListener("registration", async (token) => {
+      dlog.info("Push", `Native push token: ${token.value.slice(0, 20)}...`);
+      const platform = Capacitor.getPlatform() as "ios" | "android";
+      await pushApi.register(token.value, platform);
+      dlog.info("Push", "Native token registered with backend");
+    });
+
+    PushNotifications.addListener("registrationError", (error) => {
+      dlog.error("Push", "Native push registration failed", error);
+    });
+
+    // Data-only messages arrive here in foreground — suppress (WS handles it)
+    PushNotifications.addListener("pushNotificationReceived", (_notification) => {
+      dlog.info("Push", "Foreground native notification (suppressed)");
+    });
+
+    // User tapped a notification (app was in background)
+    PushNotifications.addListener("pushNotificationActionPerformed", (action) => {
+      dlog.info("Push", "Notification tapped", action);
+      // TODO: navigate to specific session from action.notification.data
+    });
+  } catch (err) {
+    dlog.error("Push", "Native push init failed", err);
+  }
+}
+
+/** Unregister push token (call on logout). */
+export async function unregisterPush(): Promise<void> {
+  initialized = false;
+  await clearE2eKeyFromSW();
+}

package/packages/web/src/ws.ts

@@ -1,5 +1,6 @@
 /** WebSocket client for connecting to the BotsChat ConnectionDO. */
 
+import { Capacitor } from "@capacitor/core";
 import { dlog } from "./debug-log";
 import { E2eService } from "./e2e";
 import { getToken, tryRefreshAccessToken } from "./api";
@@ -33,10 +34,16 @@ export class BotsChatWSClient {
 
   connect(): void {
     this.intentionalClose = false;
-    const protocol = window.location.protocol === "https:" ? "wss:" : "ws:";
-    // Token is NOT included in the URL to avoid leaking it in logs/history.
-    // Authentication is handled via the "auth" message after connection.
-    const url = `${protocol}//${window.location.host}/api/ws/${this.opts.userId}/${this.opts.sessionId}`;
+
+    // In Capacitor (native app), WebView runs from capacitor:// so we must
+    // use the full production WebSocket URL.
+    let url: string;
+    if (Capacitor.isNativePlatform()) {
+      url = `wss://console.botschat.app/api/ws/${this.opts.userId}/${this.opts.sessionId}`;
+    } else {
+      const protocol = window.location.protocol === "https:" ? "wss:" : "ws:";
+      url = `${protocol}//${window.location.host}/api/ws/${this.opts.userId}/${this.opts.sessionId}`;
+    }
 
     dlog.info("WS", `Connecting to ${url}`);
     this.ws = new WebSocket(url);
@@ -164,14 +171,19 @@ export class BotsChatWSClient {
       // E2E Encryption for user messages
       if (msg.type === "user.message" && E2eService.hasKey() && typeof msg.text === "string") {
           try {
-              const { ciphertext, messageId } = await E2eService.encrypt(msg.text);
+              // Use the existing messageId as contextId for encryption nonce,
+              // so decryption on the plugin side uses the same ID.
+              const existingId = (msg.messageId as string) || undefined;
+              const { ciphertext, messageId } = await E2eService.encrypt(msg.text, existingId);
               msg.text = ciphertext;
-              msg.messageId = messageId;
+              // Only set messageId if we didn't have one — preserve the original
+              // so message IDs stay consistent between local state and server.
+              if (!existingId) {
+                msg.messageId = messageId;
+              }
               msg.encrypted = true;
           } catch (err) {
               dlog.error("E2E", "Encryption failed", err);
-              // Fail? or send as plaintext?
-              // Security first: if key exists but encrypt fails, abort.
               return; 
           }
       }