integrate-sdk 0.8.7 → 0.8.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/dist/adapters/auto-routes.js +49 -16
  2. package/dist/adapters/base-handler.d.ts +2 -0
  3. package/dist/adapters/base-handler.d.ts.map +1 -1
  4. package/dist/adapters/index.js +49 -16
  5. package/dist/adapters/nextjs.js +49 -16
  6. package/dist/adapters/node.js +49 -16
  7. package/dist/adapters/session-detector.js +49 -16
  8. package/dist/adapters/svelte-kit.js +49 -16
  9. package/dist/adapters/tanstack-start.js +49 -16
  10. package/dist/index.js +49 -16
  11. package/dist/oauth.js +49 -16
  12. package/dist/server.js +49 -16
  13. package/dist/src/adapters/base-handler.d.ts +2 -0
  14. package/dist/src/adapters/base-handler.d.ts.map +1 -1
  15. package/dist/src/oauth/manager.d.ts.map +1 -1
  16. package/dist/src/server.d.ts +4 -2
  17. package/dist/src/server.d.ts.map +1 -1
  18. package/package.json +1 -1
package/dist/adapters/auto-routes.js CHANGED
@@ -1079,7 +1079,8 @@ class OAuthManager {
1079
1079
  codeChallenge,
1080
1080
  codeChallengeMethod: "S256",
1081
1081
  redirectUri,
1082
- codeVerifier: this.apiBaseUrl ? codeVerifier : undefined
1082
+ codeVerifier: this.apiBaseUrl ? codeVerifier : undefined,
1083
+ frontendOrigin: this.apiBaseUrl && typeof window !== "undefined" ? window.location.origin : undefined
1083
1084
  })
1084
1085
  });
1085
1086
  if (!response.ok) {
@@ -6384,16 +6385,16 @@ function cleanupExpiredCodeVerifiers() {
6384
6385
  }
6385
6386
  }
6386
6387
  }
6387
- function storeCodeVerifier(state, codeVerifier, provider) {
6388
+ function storeCodeVerifier(state, codeVerifier, provider, frontendOrigin) {
6388
6389
  const expiresAt = Date.now() + 5 * 60 * 1000;
6389
- codeVerifierStorage.set(state, { codeVerifier, provider, expiresAt });
6390
+ codeVerifierStorage.set(state, { codeVerifier, provider, frontendOrigin, expiresAt });
6390
6391
  cleanupExpiredCodeVerifiers();
6391
6392
  }
6392
6393
  function getCodeVerifier(state) {
6393
6394
  cleanupExpiredCodeVerifiers();
6394
6395
  const entry = codeVerifierStorage.get(state);
6395
6396
  if (entry && entry.expiresAt >= Date.now()) {
6396
- return { codeVerifier: entry.codeVerifier, provider: entry.provider };
6397
+ return { codeVerifier: entry.codeVerifier, provider: entry.provider, frontendOrigin: entry.frontendOrigin };
6397
6398
  }
6398
6399
  if (entry) {
6399
6400
  codeVerifierStorage.delete(state);
@@ -6580,9 +6581,14 @@ function createMCPServer(config) {
6580
6581
  } catch {}
6581
6582
  }
6582
6583
  const codeVerifierEntry = getCodeVerifier(state);
6584
+ if (codeVerifierEntry) {
6585
+ console.log("[OAuth Backend Callback] Found codeVerifier, using backend redirect flow");
6586
+ } else {
6587
+ console.log("[OAuth Backend Callback] No codeVerifier found, using frontend redirect flow");
6588
+ }
6583
6589
  if (codeVerifierEntry) {
6584
6590
  try {
6585
- const { codeVerifier, provider } = codeVerifierEntry;
6591
+ const { codeVerifier, provider, frontendOrigin: storedFrontendOrigin } = codeVerifierEntry;
6586
6592
  const { OAuthHandler } = await Promise.resolve().then(() => exports_base_handler);
6587
6593
  const oauthHandler = new OAuthHandler({
6588
6594
  providers,
@@ -6599,15 +6605,19 @@ function createMCPServer(config) {
6599
6605
  state
6600
6606
  });
6601
6607
  if (!frontendOrigin) {
6602
- const referer = request.headers.get("referer") || request.headers.get("referrer");
6603
- if (referer) {
6604
- try {
6605
- const refererUrl = new URL(referer);
6606
- frontendOrigin = refererUrl.origin;
6607
- } catch {}
6608
- }
6609
- if (!frontendOrigin) {
6610
- throw new Error("Could not determine frontend origin for redirect");
6608
+ if (storedFrontendOrigin) {
6609
+ frontendOrigin = storedFrontendOrigin;
6610
+ } else {
6611
+ const referer = request.headers.get("referer") || request.headers.get("referrer");
6612
+ if (referer) {
6613
+ try {
6614
+ const refererUrl = new URL(referer);
6615
+ frontendOrigin = refererUrl.origin;
6616
+ } catch {}
6617
+ }
6618
+ if (!frontendOrigin) {
6619
+ throw new Error("Could not determine frontend origin for redirect. Please ensure frontendOrigin is provided in the authorize request when using apiBaseUrl.");
6620
+ }
6611
6621
  }
6612
6622
  }
6613
6623
  const frontendUrl = new URL(returnUrl, frontendOrigin);
@@ -6627,7 +6637,27 @@ function createMCPServer(config) {
6627
6637
  return Response.redirect(new URL(`${errorRedirectUrl}?error=${encodeURIComponent(error2.message || "Failed to exchange token")}`, request.url));
6628
6638
  }
6629
6639
  } else {
6630
- const targetUrl = new URL(returnUrl, request.url);
6640
+ let targetOrigin = frontendOrigin;
6641
+ if (!targetOrigin) {
6642
+ try {
6643
+ const returnUrlObj = new URL(returnUrl);
6644
+ targetOrigin = returnUrlObj.origin;
6645
+ returnUrl = returnUrlObj.pathname + returnUrlObj.search;
6646
+ } catch {
6647
+ const referer = request.headers.get("referer") || request.headers.get("referrer");
6648
+ if (referer) {
6649
+ try {
6650
+ const refererUrl = new URL(referer);
6651
+ targetOrigin = refererUrl.origin;
6652
+ } catch {}
6653
+ }
6654
+ }
6655
+ }
6656
+ if (!targetOrigin) {
6657
+ console.warn("[OAuth] Could not determine frontend origin for redirect. Using request origin as fallback.");
6658
+ targetOrigin = new URL(request.url).origin;
6659
+ }
6660
+ const targetUrl = new URL(returnUrl, targetOrigin);
6631
6661
  targetUrl.hash = `oauth_callback=${encodeURIComponent(JSON.stringify({ code, state }))}`;
6632
6662
  return Response.redirect(targetUrl);
6633
6663
  }
@@ -7200,10 +7230,13 @@ class OAuthHandler {
7200
7230
  if (authorizeRequest.codeVerifier) {
7201
7231
  try {
7202
7232
  const { storeCodeVerifier: storeCodeVerifier2 } = await Promise.resolve().then(() => (init_server(), exports_server));
7203
- storeCodeVerifier2(authorizeRequest.state, authorizeRequest.codeVerifier, authorizeRequest.provider);
7233
+ storeCodeVerifier2(authorizeRequest.state, authorizeRequest.codeVerifier, authorizeRequest.provider, authorizeRequest.frontendOrigin);
7234
+ console.log("[OAuth] Stored codeVerifier for state:", authorizeRequest.state.substring(0, 20) + "...", "frontendOrigin:", authorizeRequest.frontendOrigin);
7204
7235
  } catch (error) {
7205
7236
  console.warn("[OAuth] Failed to store codeVerifier:", error);
7206
7237
  }
7238
+ } else {
7239
+ console.log("[OAuth] No codeVerifier provided in authorize request");
7207
7240
  }
7208
7241
  if (webRequest) {
7209
7242
  try {
package/dist/adapters/base-handler.d.ts CHANGED
@@ -101,6 +101,8 @@ export interface AuthorizeRequest {
101
101
  redirectUri?: string;
102
102
  /** Optional codeVerifier for backend redirect flow (when apiBaseUrl is set) */
103
103
  codeVerifier?: string;
104
+ /** Optional frontend origin for backend redirect flow (when apiBaseUrl is set) */
105
+ frontendOrigin?: string;
104
106
  }
105
107
  /**
106
108
  * Response from authorize endpoint
package/dist/adapters/base-handler.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"base-handler.d.ts","sourceRoot":"","sources":["../../../src/adapters/base-handler.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAO3D;;;GAGG;AACH,MAAM,WAAW,kBAAkB;IACjC,uCAAuC;IACvC,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE;QACxB,iDAAiD;QACjD,QAAQ,EAAE,MAAM,CAAC;QACjB,qDAAqD;QACrD,YAAY,EAAE,MAAM,CAAC;QACrB,qCAAqC;QACrC,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,8CAA8C;QAC9C,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,kFAAkF;QAClF,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;KAC9B,CAAC,CAAC;IACH;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;;;;;;;;;;;OAcG;IACH,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,OAAO,CAAC,UAAU,GAAG,SAAS,CAAC,GAAG,UAAU,GAAG,SAAS,CAAC;IACnG;;;;;;;;;;;;;;;;;;OAkBG;IACH,gBAAgB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,OAAO,CAAC,EAAE,UAAU,KAAK,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;IAClH;;;;;;;;;;;;;;;;;;OAkBG;IACH,mBAAmB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,UAAU,KAAK,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;CACxF;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,+EAA+E;IAC/E,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,gBAAgB,EAAE,MAAM,CAAC;IACzB,0DAA0D;IAC1D,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,+DAA+D;IAC/D,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,UAAU,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC;AAED;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,KAAK,CAAC;QACb,IAAI,EAAE,MAAM,GAAG,OAAO,GAAG,UAAU,CAAC;QACpC,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;KACxB,CAAC,CAAC;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5C,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC;AAED;;;;GAIG;AACH,qBAAa,YAAY;IAIX,OAAO,CAAC,MAAM;IAH1B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAS;gBAEb,MAAM,EAAE,kBAAkB;IAW9C;;OAEG;IACH,OAAO,CAAC,UAAU;IAalB;;;;;;;;;;OAUG;IACG,eAAe,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAwHtF;;;;;;;;;;OAUG;IACG,cAAc,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,GAAG,OAAO,CAAC,gBAAgB,CAAC;IA4GnF;;;;;;;;;OASG;IACG,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IA4BlF;;;;;;;;;;;OAWG;IACG,gBAAgB,CAAC,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,kBAAkB,CAAC;IA2D1H;;;;;;;;;OASG;IACG,cAAc,CAAC,OAAO,EAAE,eAAe,EAAE,UAAU,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,gBAAgB,CAAC;CAiDrG"}
1
+ {"version":3,"file":"base-handler.d.ts","sourceRoot":"","sources":["../../../src/adapters/base-handler.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAO3D;;;GAGG;AACH,MAAM,WAAW,kBAAkB;IACjC,uCAAuC;IACvC,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE;QACxB,iDAAiD;QACjD,QAAQ,EAAE,MAAM,CAAC;QACjB,qDAAqD;QACrD,YAAY,EAAE,MAAM,CAAC;QACrB,qCAAqC;QACrC,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,8CAA8C;QAC9C,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,kFAAkF;QAClF,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;KAC9B,CAAC,CAAC;IACH;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;;;;;;;;;;;OAcG;IACH,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,OAAO,CAAC,UAAU,GAAG,SAAS,CAAC,GAAG,UAAU,GAAG,SAAS,CAAC;IACnG;;;;;;;;;;;;;;;;;;OAkBG;IACH,gBAAgB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,OAAO,CAAC,EAAE,UAAU,KAAK,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;IAClH;;;;;;;;;;;;;;;;;;OAkBG;IACH,mBAAmB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,UAAU,KAAK,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;CACxF;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,+EAA+E;IAC/E,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,kFAAkF;IAClF,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,gBAAgB,EAAE,MAAM,CAAC;IACzB,0DAA0D;IAC1D,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,+DAA+D;IAC/D,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,UAAU,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC;AAED;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,KAAK,CAAC;QACb,IAAI,EAAE,MAAM,GAAG,OAAO,GAAG,UAAU,CAAC;QACpC,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;KACxB,CAAC,CAAC;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5C,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC;AAED;;;;GAIG;AACH,qBAAa,YAAY;IAIX,OAAO,CAAC,MAAM;IAH1B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAS;gBAEb,MAAM,EAAE,kBAAkB;IAW9C;;OAEG;IACH,OAAO,CAAC,UAAU;IAalB;;;;;;;;;;OAUG;IACG,eAAe,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,GAAG,OAAO,CAAC,iBAAiB,CAAC;IA2HtF;;;;;;;;;;OAUG;IACG,cAAc,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,GAAG,OAAO,CAAC,gBAAgB,CAAC;IA4GnF;;;;;;;;;OASG;IACG,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IA4BlF;;;;;;;;;;;OAWG;IACG,gBAAgB,CAAC,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,kBAAkB,CAAC;IA2D1H;;;;;;;;;OASG;IACG,cAAc,CAAC,OAAO,EAAE,eAAe,EAAE,UAAU,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,gBAAgB,CAAC;CAiDrG"}
package/dist/adapters/index.js CHANGED
@@ -1079,7 +1079,8 @@ class OAuthManager {
1079
1079
  codeChallenge,
1080
1080
  codeChallengeMethod: "S256",
1081
1081
  redirectUri,
1082
- codeVerifier: this.apiBaseUrl ? codeVerifier : undefined
1082
+ codeVerifier: this.apiBaseUrl ? codeVerifier : undefined,
1083
+ frontendOrigin: this.apiBaseUrl && typeof window !== "undefined" ? window.location.origin : undefined
1083
1084
  })
1084
1085
  });
1085
1086
  if (!response.ok) {
@@ -6384,16 +6385,16 @@ function cleanupExpiredCodeVerifiers() {
6384
6385
  }
6385
6386
  }
6386
6387
  }
6387
- function storeCodeVerifier(state, codeVerifier, provider) {
6388
+ function storeCodeVerifier(state, codeVerifier, provider, frontendOrigin) {
6388
6389
  const expiresAt = Date.now() + 5 * 60 * 1000;
6389
- codeVerifierStorage.set(state, { codeVerifier, provider, expiresAt });
6390
+ codeVerifierStorage.set(state, { codeVerifier, provider, frontendOrigin, expiresAt });
6390
6391
  cleanupExpiredCodeVerifiers();
6391
6392
  }
6392
6393
  function getCodeVerifier(state) {
6393
6394
  cleanupExpiredCodeVerifiers();
6394
6395
  const entry = codeVerifierStorage.get(state);
6395
6396
  if (entry && entry.expiresAt >= Date.now()) {
6396
- return { codeVerifier: entry.codeVerifier, provider: entry.provider };
6397
+ return { codeVerifier: entry.codeVerifier, provider: entry.provider, frontendOrigin: entry.frontendOrigin };
6397
6398
  }
6398
6399
  if (entry) {
6399
6400
  codeVerifierStorage.delete(state);
@@ -6580,9 +6581,14 @@ function createMCPServer(config) {
6580
6581
  } catch {}
6581
6582
  }
6582
6583
  const codeVerifierEntry = getCodeVerifier(state);
6584
+ if (codeVerifierEntry) {
6585
+ console.log("[OAuth Backend Callback] Found codeVerifier, using backend redirect flow");
6586
+ } else {
6587
+ console.log("[OAuth Backend Callback] No codeVerifier found, using frontend redirect flow");
6588
+ }
6583
6589
  if (codeVerifierEntry) {
6584
6590
  try {
6585
- const { codeVerifier, provider } = codeVerifierEntry;
6591
+ const { codeVerifier, provider, frontendOrigin: storedFrontendOrigin } = codeVerifierEntry;
6586
6592
  const { OAuthHandler } = await Promise.resolve().then(() => exports_base_handler);
6587
6593
  const oauthHandler = new OAuthHandler({
6588
6594
  providers,
@@ -6599,15 +6605,19 @@ function createMCPServer(config) {
6599
6605
  state
6600
6606
  });
6601
6607
  if (!frontendOrigin) {
6602
- const referer = request.headers.get("referer") || request.headers.get("referrer");
6603
- if (referer) {
6604
- try {
6605
- const refererUrl = new URL(referer);
6606
- frontendOrigin = refererUrl.origin;
6607
- } catch {}
6608
- }
6609
- if (!frontendOrigin) {
6610
- throw new Error("Could not determine frontend origin for redirect");
6608
+ if (storedFrontendOrigin) {
6609
+ frontendOrigin = storedFrontendOrigin;
6610
+ } else {
6611
+ const referer = request.headers.get("referer") || request.headers.get("referrer");
6612
+ if (referer) {
6613
+ try {
6614
+ const refererUrl = new URL(referer);
6615
+ frontendOrigin = refererUrl.origin;
6616
+ } catch {}
6617
+ }
6618
+ if (!frontendOrigin) {
6619
+ throw new Error("Could not determine frontend origin for redirect. Please ensure frontendOrigin is provided in the authorize request when using apiBaseUrl.");
6620
+ }
6611
6621
  }
6612
6622
  }
6613
6623
  const frontendUrl = new URL(returnUrl, frontendOrigin);
@@ -6627,7 +6637,27 @@ function createMCPServer(config) {
6627
6637
  return Response.redirect(new URL(`${errorRedirectUrl}?error=${encodeURIComponent(error2.message || "Failed to exchange token")}`, request.url));
6628
6638
  }
6629
6639
  } else {
6630
- const targetUrl = new URL(returnUrl, request.url);
6640
+ let targetOrigin = frontendOrigin;
6641
+ if (!targetOrigin) {
6642
+ try {
6643
+ const returnUrlObj = new URL(returnUrl);
6644
+ targetOrigin = returnUrlObj.origin;
6645
+ returnUrl = returnUrlObj.pathname + returnUrlObj.search;
6646
+ } catch {
6647
+ const referer = request.headers.get("referer") || request.headers.get("referrer");
6648
+ if (referer) {
6649
+ try {
6650
+ const refererUrl = new URL(referer);
6651
+ targetOrigin = refererUrl.origin;
6652
+ } catch {}
6653
+ }
6654
+ }
6655
+ }
6656
+ if (!targetOrigin) {
6657
+ console.warn("[OAuth] Could not determine frontend origin for redirect. Using request origin as fallback.");
6658
+ targetOrigin = new URL(request.url).origin;
6659
+ }
6660
+ const targetUrl = new URL(returnUrl, targetOrigin);
6631
6661
  targetUrl.hash = `oauth_callback=${encodeURIComponent(JSON.stringify({ code, state }))}`;
6632
6662
  return Response.redirect(targetUrl);
6633
6663
  }
@@ -7200,10 +7230,13 @@ class OAuthHandler {
7200
7230
  if (authorizeRequest.codeVerifier) {
7201
7231
  try {
7202
7232
  const { storeCodeVerifier: storeCodeVerifier2 } = await Promise.resolve().then(() => (init_server(), exports_server));
7203
- storeCodeVerifier2(authorizeRequest.state, authorizeRequest.codeVerifier, authorizeRequest.provider);
7233
+ storeCodeVerifier2(authorizeRequest.state, authorizeRequest.codeVerifier, authorizeRequest.provider, authorizeRequest.frontendOrigin);
7234
+ console.log("[OAuth] Stored codeVerifier for state:", authorizeRequest.state.substring(0, 20) + "...", "frontendOrigin:", authorizeRequest.frontendOrigin);
7204
7235
  } catch (error) {
7205
7236
  console.warn("[OAuth] Failed to store codeVerifier:", error);
7206
7237
  }
7238
+ } else {
7239
+ console.log("[OAuth] No codeVerifier provided in authorize request");
7207
7240
  }
7208
7241
  if (webRequest) {
7209
7242
  try {
package/dist/adapters/nextjs.js CHANGED
@@ -1079,7 +1079,8 @@ class OAuthManager {
1079
1079
  codeChallenge,
1080
1080
  codeChallengeMethod: "S256",
1081
1081
  redirectUri,
1082
- codeVerifier: this.apiBaseUrl ? codeVerifier : undefined
1082
+ codeVerifier: this.apiBaseUrl ? codeVerifier : undefined,
1083
+ frontendOrigin: this.apiBaseUrl && typeof window !== "undefined" ? window.location.origin : undefined
1083
1084
  })
1084
1085
  });
1085
1086
  if (!response.ok) {
@@ -6384,16 +6385,16 @@ function cleanupExpiredCodeVerifiers() {
6384
6385
  }
6385
6386
  }
6386
6387
  }
6387
- function storeCodeVerifier(state, codeVerifier, provider) {
6388
+ function storeCodeVerifier(state, codeVerifier, provider, frontendOrigin) {
6388
6389
  const expiresAt = Date.now() + 5 * 60 * 1000;
6389
- codeVerifierStorage.set(state, { codeVerifier, provider, expiresAt });
6390
+ codeVerifierStorage.set(state, { codeVerifier, provider, frontendOrigin, expiresAt });
6390
6391
  cleanupExpiredCodeVerifiers();
6391
6392
  }
6392
6393
  function getCodeVerifier(state) {
6393
6394
  cleanupExpiredCodeVerifiers();
6394
6395
  const entry = codeVerifierStorage.get(state);
6395
6396
  if (entry && entry.expiresAt >= Date.now()) {
6396
- return { codeVerifier: entry.codeVerifier, provider: entry.provider };
6397
+ return { codeVerifier: entry.codeVerifier, provider: entry.provider, frontendOrigin: entry.frontendOrigin };
6397
6398
  }
6398
6399
  if (entry) {
6399
6400
  codeVerifierStorage.delete(state);
@@ -6580,9 +6581,14 @@ function createMCPServer(config) {
6580
6581
  } catch {}
6581
6582
  }
6582
6583
  const codeVerifierEntry = getCodeVerifier(state);
6584
+ if (codeVerifierEntry) {
6585
+ console.log("[OAuth Backend Callback] Found codeVerifier, using backend redirect flow");
6586
+ } else {
6587
+ console.log("[OAuth Backend Callback] No codeVerifier found, using frontend redirect flow");
6588
+ }
6583
6589
  if (codeVerifierEntry) {
6584
6590
  try {
6585
- const { codeVerifier, provider } = codeVerifierEntry;
6591
+ const { codeVerifier, provider, frontendOrigin: storedFrontendOrigin } = codeVerifierEntry;
6586
6592
  const { OAuthHandler } = await Promise.resolve().then(() => exports_base_handler);
6587
6593
  const oauthHandler = new OAuthHandler({
6588
6594
  providers,
@@ -6599,15 +6605,19 @@ function createMCPServer(config) {
6599
6605
  state
6600
6606
  });
6601
6607
  if (!frontendOrigin) {
6602
- const referer = request.headers.get("referer") || request.headers.get("referrer");
6603
- if (referer) {
6604
- try {
6605
- const refererUrl = new URL(referer);
6606
- frontendOrigin = refererUrl.origin;
6607
- } catch {}
6608
- }
6609
- if (!frontendOrigin) {
6610
- throw new Error("Could not determine frontend origin for redirect");
6608
+ if (storedFrontendOrigin) {
6609
+ frontendOrigin = storedFrontendOrigin;
6610
+ } else {
6611
+ const referer = request.headers.get("referer") || request.headers.get("referrer");
6612
+ if (referer) {
6613
+ try {
6614
+ const refererUrl = new URL(referer);
6615
+ frontendOrigin = refererUrl.origin;
6616
+ } catch {}
6617
+ }
6618
+ if (!frontendOrigin) {
6619
+ throw new Error("Could not determine frontend origin for redirect. Please ensure frontendOrigin is provided in the authorize request when using apiBaseUrl.");
6620
+ }
6611
6621
  }
6612
6622
  }
6613
6623
  const frontendUrl = new URL(returnUrl, frontendOrigin);
@@ -6627,7 +6637,27 @@ function createMCPServer(config) {
6627
6637
  return Response.redirect(new URL(`${errorRedirectUrl}?error=${encodeURIComponent(error2.message || "Failed to exchange token")}`, request.url));
6628
6638
  }
6629
6639
  } else {
6630
- const targetUrl = new URL(returnUrl, request.url);
6640
+ let targetOrigin = frontendOrigin;
6641
+ if (!targetOrigin) {
6642
+ try {
6643
+ const returnUrlObj = new URL(returnUrl);
6644
+ targetOrigin = returnUrlObj.origin;
6645
+ returnUrl = returnUrlObj.pathname + returnUrlObj.search;
6646
+ } catch {
6647
+ const referer = request.headers.get("referer") || request.headers.get("referrer");
6648
+ if (referer) {
6649
+ try {
6650
+ const refererUrl = new URL(referer);
6651
+ targetOrigin = refererUrl.origin;
6652
+ } catch {}
6653
+ }
6654
+ }
6655
+ }
6656
+ if (!targetOrigin) {
6657
+ console.warn("[OAuth] Could not determine frontend origin for redirect. Using request origin as fallback.");
6658
+ targetOrigin = new URL(request.url).origin;
6659
+ }
6660
+ const targetUrl = new URL(returnUrl, targetOrigin);
6631
6661
  targetUrl.hash = `oauth_callback=${encodeURIComponent(JSON.stringify({ code, state }))}`;
6632
6662
  return Response.redirect(targetUrl);
6633
6663
  }
@@ -7200,10 +7230,13 @@ class OAuthHandler {
7200
7230
  if (authorizeRequest.codeVerifier) {
7201
7231
  try {
7202
7232
  const { storeCodeVerifier: storeCodeVerifier2 } = await Promise.resolve().then(() => (init_server(), exports_server));
7203
- storeCodeVerifier2(authorizeRequest.state, authorizeRequest.codeVerifier, authorizeRequest.provider);
7233
+ storeCodeVerifier2(authorizeRequest.state, authorizeRequest.codeVerifier, authorizeRequest.provider, authorizeRequest.frontendOrigin);
7234
+ console.log("[OAuth] Stored codeVerifier for state:", authorizeRequest.state.substring(0, 20) + "...", "frontendOrigin:", authorizeRequest.frontendOrigin);
7204
7235
  } catch (error) {
7205
7236
  console.warn("[OAuth] Failed to store codeVerifier:", error);
7206
7237
  }
7238
+ } else {
7239
+ console.log("[OAuth] No codeVerifier provided in authorize request");
7207
7240
  }
7208
7241
  if (webRequest) {
7209
7242
  try {
package/dist/adapters/node.js CHANGED
@@ -1079,7 +1079,8 @@ class OAuthManager {
1079
1079
  codeChallenge,
1080
1080
  codeChallengeMethod: "S256",
1081
1081
  redirectUri,
1082
- codeVerifier: this.apiBaseUrl ? codeVerifier : undefined
1082
+ codeVerifier: this.apiBaseUrl ? codeVerifier : undefined,
1083
+ frontendOrigin: this.apiBaseUrl && typeof window !== "undefined" ? window.location.origin : undefined
1083
1084
  })
1084
1085
  });
1085
1086
  if (!response.ok) {
@@ -6384,16 +6385,16 @@ function cleanupExpiredCodeVerifiers() {
6384
6385
  }
6385
6386
  }
6386
6387
  }
6387
- function storeCodeVerifier(state, codeVerifier, provider) {
6388
+ function storeCodeVerifier(state, codeVerifier, provider, frontendOrigin) {
6388
6389
  const expiresAt = Date.now() + 5 * 60 * 1000;
6389
- codeVerifierStorage.set(state, { codeVerifier, provider, expiresAt });
6390
+ codeVerifierStorage.set(state, { codeVerifier, provider, frontendOrigin, expiresAt });
6390
6391
  cleanupExpiredCodeVerifiers();
6391
6392
  }
6392
6393
  function getCodeVerifier(state) {
6393
6394
  cleanupExpiredCodeVerifiers();
6394
6395
  const entry = codeVerifierStorage.get(state);
6395
6396
  if (entry && entry.expiresAt >= Date.now()) {
6396
- return { codeVerifier: entry.codeVerifier, provider: entry.provider };
6397
+ return { codeVerifier: entry.codeVerifier, provider: entry.provider, frontendOrigin: entry.frontendOrigin };
6397
6398
  }
6398
6399
  if (entry) {
6399
6400
  codeVerifierStorage.delete(state);
@@ -6580,9 +6581,14 @@ function createMCPServer(config) {
6580
6581
  } catch {}
6581
6582
  }
6582
6583
  const codeVerifierEntry = getCodeVerifier(state);
6584
+ if (codeVerifierEntry) {
6585
+ console.log("[OAuth Backend Callback] Found codeVerifier, using backend redirect flow");
6586
+ } else {
6587
+ console.log("[OAuth Backend Callback] No codeVerifier found, using frontend redirect flow");
6588
+ }
6583
6589
  if (codeVerifierEntry) {
6584
6590
  try {
6585
- const { codeVerifier, provider } = codeVerifierEntry;
6591
+ const { codeVerifier, provider, frontendOrigin: storedFrontendOrigin } = codeVerifierEntry;
6586
6592
  const { OAuthHandler } = await Promise.resolve().then(() => exports_base_handler);
6587
6593
  const oauthHandler = new OAuthHandler({
6588
6594
  providers,
@@ -6599,15 +6605,19 @@ function createMCPServer(config) {
6599
6605
  state
6600
6606
  });
6601
6607
  if (!frontendOrigin) {
6602
- const referer = request.headers.get("referer") || request.headers.get("referrer");
6603
- if (referer) {
6604
- try {
6605
- const refererUrl = new URL(referer);
6606
- frontendOrigin = refererUrl.origin;
6607
- } catch {}
6608
- }
6609
- if (!frontendOrigin) {
6610
- throw new Error("Could not determine frontend origin for redirect");
6608
+ if (storedFrontendOrigin) {
6609
+ frontendOrigin = storedFrontendOrigin;
6610
+ } else {
6611
+ const referer = request.headers.get("referer") || request.headers.get("referrer");
6612
+ if (referer) {
6613
+ try {
6614
+ const refererUrl = new URL(referer);
6615
+ frontendOrigin = refererUrl.origin;
6616
+ } catch {}
6617
+ }
6618
+ if (!frontendOrigin) {
6619
+ throw new Error("Could not determine frontend origin for redirect. Please ensure frontendOrigin is provided in the authorize request when using apiBaseUrl.");
6620
+ }
6611
6621
  }
6612
6622
  }
6613
6623
  const frontendUrl = new URL(returnUrl, frontendOrigin);
@@ -6627,7 +6637,27 @@ function createMCPServer(config) {
6627
6637
  return Response.redirect(new URL(`${errorRedirectUrl}?error=${encodeURIComponent(error2.message || "Failed to exchange token")}`, request.url));
6628
6638
  }
6629
6639
  } else {
6630
- const targetUrl = new URL(returnUrl, request.url);
6640
+ let targetOrigin = frontendOrigin;
6641
+ if (!targetOrigin) {
6642
+ try {
6643
+ const returnUrlObj = new URL(returnUrl);
6644
+ targetOrigin = returnUrlObj.origin;
6645
+ returnUrl = returnUrlObj.pathname + returnUrlObj.search;
6646
+ } catch {
6647
+ const referer = request.headers.get("referer") || request.headers.get("referrer");
6648
+ if (referer) {
6649
+ try {
6650
+ const refererUrl = new URL(referer);
6651
+ targetOrigin = refererUrl.origin;
6652
+ } catch {}
6653
+ }
6654
+ }
6655
+ }
6656
+ if (!targetOrigin) {
6657
+ console.warn("[OAuth] Could not determine frontend origin for redirect. Using request origin as fallback.");
6658
+ targetOrigin = new URL(request.url).origin;
6659
+ }
6660
+ const targetUrl = new URL(returnUrl, targetOrigin);
6631
6661
  targetUrl.hash = `oauth_callback=${encodeURIComponent(JSON.stringify({ code, state }))}`;
6632
6662
  return Response.redirect(targetUrl);
6633
6663
  }
@@ -7200,10 +7230,13 @@ class OAuthHandler {
7200
7230
  if (authorizeRequest.codeVerifier) {
7201
7231
  try {
7202
7232
  const { storeCodeVerifier: storeCodeVerifier2 } = await Promise.resolve().then(() => (init_server(), exports_server));
7203
- storeCodeVerifier2(authorizeRequest.state, authorizeRequest.codeVerifier, authorizeRequest.provider);
7233
+ storeCodeVerifier2(authorizeRequest.state, authorizeRequest.codeVerifier, authorizeRequest.provider, authorizeRequest.frontendOrigin);
7234
+ console.log("[OAuth] Stored codeVerifier for state:", authorizeRequest.state.substring(0, 20) + "...", "frontendOrigin:", authorizeRequest.frontendOrigin);
7204
7235
  } catch (error) {
7205
7236
  console.warn("[OAuth] Failed to store codeVerifier:", error);
7206
7237
  }
7238
+ } else {
7239
+ console.log("[OAuth] No codeVerifier provided in authorize request");
7207
7240
  }
7208
7241
  if (webRequest) {
7209
7242
  try {
package/dist/adapters/session-detector.js CHANGED
@@ -1079,7 +1079,8 @@ class OAuthManager {
1079
1079
  codeChallenge,
1080
1080
  codeChallengeMethod: "S256",
1081
1081
  redirectUri,
1082
- codeVerifier: this.apiBaseUrl ? codeVerifier : undefined
1082
+ codeVerifier: this.apiBaseUrl ? codeVerifier : undefined,
1083
+ frontendOrigin: this.apiBaseUrl && typeof window !== "undefined" ? window.location.origin : undefined
1083
1084
  })
1084
1085
  });
1085
1086
  if (!response.ok) {
@@ -6384,16 +6385,16 @@ function cleanupExpiredCodeVerifiers() {
6384
6385
  }
6385
6386
  }
6386
6387
  }
6387
- function storeCodeVerifier(state, codeVerifier, provider) {
6388
+ function storeCodeVerifier(state, codeVerifier, provider, frontendOrigin) {
6388
6389
  const expiresAt = Date.now() + 5 * 60 * 1000;
6389
- codeVerifierStorage.set(state, { codeVerifier, provider, expiresAt });
6390
+ codeVerifierStorage.set(state, { codeVerifier, provider, frontendOrigin, expiresAt });
6390
6391
  cleanupExpiredCodeVerifiers();
6391
6392
  }
6392
6393
  function getCodeVerifier(state) {
6393
6394
  cleanupExpiredCodeVerifiers();
6394
6395
  const entry = codeVerifierStorage.get(state);
6395
6396
  if (entry && entry.expiresAt >= Date.now()) {
6396
- return { codeVerifier: entry.codeVerifier, provider: entry.provider };
6397
+ return { codeVerifier: entry.codeVerifier, provider: entry.provider, frontendOrigin: entry.frontendOrigin };
6397
6398
  }
6398
6399
  if (entry) {
6399
6400
  codeVerifierStorage.delete(state);
@@ -6580,9 +6581,14 @@ function createMCPServer(config) {
6580
6581
  } catch {}
6581
6582
  }
6582
6583
  const codeVerifierEntry = getCodeVerifier(state);
6584
+ if (codeVerifierEntry) {
6585
+ console.log("[OAuth Backend Callback] Found codeVerifier, using backend redirect flow");
6586
+ } else {
6587
+ console.log("[OAuth Backend Callback] No codeVerifier found, using frontend redirect flow");
6588
+ }
6583
6589
  if (codeVerifierEntry) {
6584
6590
  try {
6585
- const { codeVerifier, provider } = codeVerifierEntry;
6591
+ const { codeVerifier, provider, frontendOrigin: storedFrontendOrigin } = codeVerifierEntry;
6586
6592
  const { OAuthHandler } = await Promise.resolve().then(() => exports_base_handler);
6587
6593
  const oauthHandler = new OAuthHandler({
6588
6594
  providers,
@@ -6599,15 +6605,19 @@ function createMCPServer(config) {
6599
6605
  state
6600
6606
  });
6601
6607
  if (!frontendOrigin) {
6602
- const referer = request.headers.get("referer") || request.headers.get("referrer");
6603
- if (referer) {
6604
- try {
6605
- const refererUrl = new URL(referer);
6606
- frontendOrigin = refererUrl.origin;
6607
- } catch {}
6608
- }
6609
- if (!frontendOrigin) {
6610
- throw new Error("Could not determine frontend origin for redirect");
6608
+ if (storedFrontendOrigin) {
6609
+ frontendOrigin = storedFrontendOrigin;
6610
+ } else {
6611
+ const referer = request.headers.get("referer") || request.headers.get("referrer");
6612
+ if (referer) {
6613
+ try {
6614
+ const refererUrl = new URL(referer);
6615
+ frontendOrigin = refererUrl.origin;
6616
+ } catch {}
6617
+ }
6618
+ if (!frontendOrigin) {
6619
+ throw new Error("Could not determine frontend origin for redirect. Please ensure frontendOrigin is provided in the authorize request when using apiBaseUrl.");
6620
+ }
6611
6621
  }
6612
6622
  }
6613
6623
  const frontendUrl = new URL(returnUrl, frontendOrigin);
@@ -6627,7 +6637,27 @@ function createMCPServer(config) {
6627
6637
  return Response.redirect(new URL(`${errorRedirectUrl}?error=${encodeURIComponent(error2.message || "Failed to exchange token")}`, request.url));
6628
6638
  }
6629
6639
  } else {
6630
- const targetUrl = new URL(returnUrl, request.url);
6640
+ let targetOrigin = frontendOrigin;
6641
+ if (!targetOrigin) {
6642
+ try {
6643
+ const returnUrlObj = new URL(returnUrl);
6644
+ targetOrigin = returnUrlObj.origin;
6645
+ returnUrl = returnUrlObj.pathname + returnUrlObj.search;
6646
+ } catch {
6647
+ const referer = request.headers.get("referer") || request.headers.get("referrer");
6648
+ if (referer) {
6649
+ try {
6650
+ const refererUrl = new URL(referer);
6651
+ targetOrigin = refererUrl.origin;
6652
+ } catch {}
6653
+ }
6654
+ }
6655
+ }
6656
+ if (!targetOrigin) {
6657
+ console.warn("[OAuth] Could not determine frontend origin for redirect. Using request origin as fallback.");
6658
+ targetOrigin = new URL(request.url).origin;
6659
+ }
6660
+ const targetUrl = new URL(returnUrl, targetOrigin);
6631
6661
  targetUrl.hash = `oauth_callback=${encodeURIComponent(JSON.stringify({ code, state }))}`;
6632
6662
  return Response.redirect(targetUrl);
6633
6663
  }
@@ -7200,10 +7230,13 @@ class OAuthHandler {
7200
7230
  if (authorizeRequest.codeVerifier) {
7201
7231
  try {
7202
7232
  const { storeCodeVerifier: storeCodeVerifier2 } = await Promise.resolve().then(() => (init_server(), exports_server));
7203
- storeCodeVerifier2(authorizeRequest.state, authorizeRequest.codeVerifier, authorizeRequest.provider);
7233
+ storeCodeVerifier2(authorizeRequest.state, authorizeRequest.codeVerifier, authorizeRequest.provider, authorizeRequest.frontendOrigin);
7234
+ console.log("[OAuth] Stored codeVerifier for state:", authorizeRequest.state.substring(0, 20) + "...", "frontendOrigin:", authorizeRequest.frontendOrigin);
7204
7235
  } catch (error) {
7205
7236
  console.warn("[OAuth] Failed to store codeVerifier:", error);
7206
7237
  }
7238
+ } else {
7239
+ console.log("[OAuth] No codeVerifier provided in authorize request");
7207
7240
  }
7208
7241
  if (webRequest) {
7209
7242
  try {