v1.4.0 (#10)

## Enhancements
* Plugin Icon
* Editor Toolbar Button for Settings Quick Access
* ThirdwebEditor Module for editor-only functionality
* External OAuth Browser
* Per-provider OAuth settings config
* Ecosystem Wallets Added
* Phone Option to OTP auth methods
* JWT, Auth Endpoint, and Guest Sign In methods
* Discord, Farcaster, Telegram, Line, X, and Coinbase OAuth methods
* InApp / Ecosystem Wallets to child structs
* Examples updated to match changed structs / functions
* External OAuth Complete screen 
* Static accessors to all Runtime settings

## Fixes
* Google Auth on mobile via external OAuth

## Removals
* Private Key functionality (Superseded by guest login)
* Secret Key runtime setting - Safer to enforce client + bundle

Author: dirtycajunrice

Content/Defaults/WBP_Thirdweb_OAuthOverlay.uasset

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:1e311209aa3b935090618546f4430113a75864b9455e23b9b9476765c84031a9
-size 87144306
+oid sha256:e01bbd3d866be1ee38b9d2a685a5121433166ff3e6217cd3a9501daf5cb1c741
+size 88139448

Content/Examples/Widgets/BP_Thirdweb_OTPVerifyModal.uasset

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:aca4fd5d371de5f1ff3ebd022a6beeb16fb707c875c565fbf63e5abec2c7d280
-size 60426152
+oid sha256:147b9d574fa190f37049726141b07b51190fc9d31db7ea9b52d65b0b7b4a6d5e
+size 61070584

Content/Examples/Widgets/WBP_Thirdweb_Guest.uasset

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:f10835df3845840eb8041ac7def2a215fd0057f82c4104e5497062c3614aa9af
-size 60292464
+oid sha256:920ef0f96003a52d98c7df57c1cccc63ca7b634051fcbf157de6c352faf73d06
+size 60929776

Content/Examples/Widgets/WBP_Thirdweb_InApp.uasset

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:8c2c127fd260c182a027a33f8e15c2ca71f158338ea56bccf9f150b95174dc2e
-size 92429216
+oid sha256:9fda3a500ad6a00d54943bfaf4cf393cba1a045babc8e1c342e60e2e54c686fb
+size 93468634

Content/Examples/Widgets/WBP_Thirdweb_PrivateKey.uasset

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:9618e0028b7b79a8b60098a338d656f6b8d7b1cddaafff615d3879d101d90c35
-size 93394062
+oid sha256:180f39bb699712903d2bb1c45956a675e4d0b82ab957273a9ec7a7b4d03b6896
+size 94435570

Content/Examples/Widgets/WBP_Thirdweb_Smart.uasset

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:d8a4cbcd505ab63d93e027978e17f5807152ee526c53e3632bd7bae188fdfcb3
-size 121257384
+oid sha256:b93633b9a8401b92da3d2d9f3022fdbf4b774f95b3f720d1a57d33d45ab0d6bf
+size 122544136

Content/Examples/Widgets/WBP_Thirdweb_UI.uasset

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:503601925637c00032b1ffd2b943baa624de58643a8155153eeb5224123958b6
-size 91595106
+oid sha256:499e450d8a5c79255d7f2f41b059a82f003c47735affb2f76e9f470900b69348
+size 93015574

Content/ThirdwebMacroLibrary.uasset

@@ -23,7 +23,7 @@ void UAsyncTaskThirdwebLoginWithOAuth::Activate()
 	Browser->Authenticate(Wallet);
 }
 
-UAsyncTaskThirdwebLoginWithOAuth* UAsyncTaskThirdwebLoginWithOAuth::LoginWithOAuth(UObject* WorldContextObject, const FWalletHandle& Wallet)
+UAsyncTaskThirdwebLoginWithOAuth* UAsyncTaskThirdwebLoginWithOAuth::LoginWithOAuth(UObject* WorldContextObject, const FInAppWalletHandle& Wallet)
 {
 	if (!WorldContextObject)
 	{

Resources/EditorToolbarButtonIcon.svg

@@ -3,10 +3,12 @@
 #include "Browser/ThirdwebOAuthBrowserUserWidget.h"
 
 #include "ThirdwebLog.h"
+#include "ThirdwebRuntimeSettings.h"
 
 #include "Blueprint/WidgetTree.h"
 
 #include "Browser/ThirdwebOAuthBrowserWidget.h"
+#include "Browser/ThirdwebOAuthExternalBrowser.h"
 
 #include "Components/Button.h"
 #include "Components/Overlay.h"
@@ -36,12 +38,18 @@ TSharedRef<SWidget> UThirdwebOAuthBrowserUserWidget::RebuildWidget()
 		Browser = WidgetTree->ConstructWidget<UThirdwebOAuthBrowserWidget>(UThirdwebOAuthBrowserWidget::StaticClass(), TEXT("ThirdwebOauthBrowser"));
 		Browser->OnUrlChanged.AddUObject(this, &ThisClass::HandleUrlChanged);
 		Browser->OnPageLoaded.AddUObject(this, &ThisClass::HandlePageLoaded);
+		Browser->OnBeforePopup.AddUObject(this, &ThisClass::HandleOnBeforePopup);
 		UPanelSlot* PanelSlot = RootWidget->AddChild(Browser);
 		if (UOverlaySlot* RootWidgetSlot = Cast<UOverlaySlot>(PanelSlot))
 		{
 			RootWidgetSlot->SetHorizontalAlignment(HAlign_Fill);
 			RootWidgetSlot->SetVerticalAlignment(VAlign_Fill);
 		}
+
+		// Construct External browser
+		ExternalBrowser = NewObject<UThirdwebOAuthExternalBrowser>(this);
+		ExternalBrowser->OnAuthenticated.BindUObject(this, &ThisClass::HandleAuthenticated);
+		ExternalBrowser->OnError.BindUObject(this, &ThisClass::HandleError);
 	}
 
 	return Super::RebuildWidget();
@@ -60,25 +68,30 @@ void UThirdwebOAuthBrowserUserWidget::OnWidgetRebuilt()
 	SetVisible(false);
 }
 
-void UThirdwebOAuthBrowserUserWidget::Authenticate(const FWalletHandle& InAppWallet)
+void UThirdwebOAuthBrowserUserWidget::Authenticate(const FInAppWalletHandle& InAppWallet)
 {
+	// Validate Wallet
 	if (!InAppWallet.IsValid())
 	{
 		TW_LOG(Error, TEXT("OAuthBrowserUserWidget::Authenticate::Wallet invalid"));
-		return OnError.Broadcast(TEXT("Invalid Wallet"));
+		return HandleError(TEXT("Invalid Wallet"));
 	}
 	Wallet = InAppWallet;
+	
+	// Get Login URL
+	FString Link;
+	if (FString Error; !Wallet.FetchOAuthLoginURL(Browser->DummyUrl, Link, Error))
+	{
+		return HandleError(Error);
+	}
+	TW_LOG(Verbose, TEXT("OAuthBrowserUserWidget::Authenticate::Authenticating against %s"), *Link);
 
-	if (Browser)
+	// Check Browser Type
+	if (UThirdwebRuntimeSettings::IsExternalOAuthBackend(Wallet.GetOAuthProvider()))
 	{
-		FString Error;
-		if (FString Link; Wallet.FetchOAuthLoginURL(Browser->DummyUrl, Link, Error))
-		{
-			TW_LOG(Verbose, TEXT("OAuthBrowserUserWidget::Authenticate::Authenticating against %s"), *Link);
-			return Browser->Authenticate(Link);
-		}
-		OnError.Broadcast(Error);
+		return ExternalBrowser->Authenticate(Link);
 	}
+	return Browser->Authenticate(Link);
 }
 
 
@@ -89,10 +102,19 @@ bool UThirdwebOAuthBrowserUserWidget::IsBlank() const
 	return Url.IsEmpty() || Url.StartsWith(BackendUrlPrefix);
 }
 
+FString UThirdwebOAuthBrowserUserWidget::GetUrl() const
+{
+	if (Browser)
+	{
+		return Browser->GetUrl();
+	}
+	return TEXT("");
+}
+
 void UThirdwebOAuthBrowserUserWidget::HandleUrlChanged(const FString& Url)
 {
 	TW_LOG(Verbose, TEXT("OAuthBrowserUserWidget::HandleUrlChanged::%s"), *Url);
-	if (Url.IsEmpty() || Url.StartsWith(BackendUrlPrefix))
+	if (Url.IsEmpty() || (Url.StartsWith(BackendUrlPrefix) && !Url.StartsWith(BackendUrlPrefix + TEXT("sdk/oauth"))))
 	{
 		return SetVisible(false);
 	}
@@ -102,9 +124,9 @@ void UThirdwebOAuthBrowserUserWidget::HandleUrlChanged(const FString& Url)
 		FString Left, Right;
 		if (Url.Split(TEXT("authResult="), &Left, &Right, ESearchCase::IgnoreCase))
 		{
-			return OnAuthenticated.Broadcast(Right);
+			return HandleAuthenticated(Right);
 		}
-		return OnError.Broadcast(TEXT("Failed to match AuthResult in url"));
+		return HandleError(TEXT("Failed to match AuthResult in url"));
 	}
 	bShouldBeVisible = true;
 }
@@ -117,6 +139,32 @@ void UThirdwebOAuthBrowserUserWidget::HandlePageLoaded(const FString& Url)
 	}
 }
 
+void UThirdwebOAuthBrowserUserWidget::HandleOnBeforePopup(const FString& Url, const FString& Frame)
+{
+
+	if (UPanelWidget* RootWidget = Cast<UPanelWidget>(GetRootWidget()))
+	{
+		// Construct browser widget
+		UThirdwebOAuthBrowserWidget* Popup = WidgetTree->ConstructWidget<UThirdwebOAuthBrowserWidget>(UThirdwebOAuthBrowserWidget::StaticClass(), TEXT("ThirdwebOAuthBrowserPopUp"));
+		Popup->OnUrlChanged.AddUObject(this, &ThisClass::HandleUrlChanged);
+		Popup->OnPageLoaded.AddUObject(this, &ThisClass::HandlePageLoaded);
+		Popup->OnBeforePopup.AddUObject(this, &ThisClass::HandleOnBeforePopup);
+		RootWidget->AddChild(Popup);
+		Popup->LoadUrl(Url);
+	}
+	return OnPopup.Broadcast(Url, Frame);
+}
+
+void UThirdwebOAuthBrowserUserWidget::HandleAuthenticated(const FString& AuthResult)
+{
+	OnAuthenticated.Broadcast(AuthResult);
+}
+
+void UThirdwebOAuthBrowserUserWidget::HandleError(const FString& Error)
+{
+	OnError.Broadcast(Error);
+}
+
 void UThirdwebOAuthBrowserUserWidget::SetVisible(const bool bVisible)
 {
 	// Mobile webview needs to be visible to work

Resources/Icon128.png

@@ -21,7 +21,7 @@
 		return; \
 	}
 
-const FString UThirdwebOAuthBrowserWidget::DummyUrl = TEXT("about:blank");
+const FString UThirdwebOAuthBrowserWidget::DummyUrl = TEXT("http://localhost:8789/callback");
 
 bool UThirdwebOAuthBrowserWidget::IsPageLoaded() const
 {
@@ -66,7 +66,7 @@ void UThirdwebOAuthBrowserWidget::Authenticate(const FString& OAuthLoginUrl)
 {
 #if WITH_CEF
 	ENSURE_VALID_BROWSER("Authenticate")
-	TW_LOG(Verbose, TEXT("OAuthBrowserWidget::Authenticate::Loading %s"), *OAuthLoginUrl);
+	TW_LOG(Log, TEXT("OAuthBrowserWidget::Authenticate::Loading %s"), *OAuthLoginUrl);
 	Browser->LoadURL(OAuthLoginUrl);
 #endif
 }
@@ -75,24 +75,105 @@ void UThirdwebOAuthBrowserWidget::HandleUrlChanged(const FText& InUrl)
 {
 #if WITH_CEF
 	ENSURE_VALID_BROWSER("HandleUrlChanged")
-	FString Url = InUrl.ToString();
-	TW_LOG(Verbose, TEXT("UThirdwebOAuthBrowserWidget::HandleUrlChanged:%s"), *Url);
-	if (Url.IsEmpty())
+	if (IsInGameThread())
 	{
-		Url = Browser->GetUrl();
+		FString Url = InUrl.ToString();
+        if (Url.IsEmpty())
+        {
+        	Url = Browser->GetUrl();
+        }
+        TW_LOG(Log, TEXT("ThirdwebOAuthBrowserWidget::HandleUrlChanged:%s"), *Url);
+		OnUrlChanged.Broadcast(FGenericPlatformHttp::UrlDecode(Url));
 	}
-	TW_LOG(Verbose, TEXT("UThirdwebOAuthBrowserWidget::HandleUrlChanged:%s"), *Url);
-	// Ensure this code runs on the game thread
-	AsyncTask(ENamedThreads::GameThread, [&, Url]() { if (IsInGameThread()) OnUrlChanged.Broadcast(FGenericPlatformHttp::UrlDecode(Url)); });
+	else
+	{
+		// Retry on the GameThread.
+		TWeakObjectPtr<UThirdwebOAuthBrowserWidget> WeakThis = this;
+		FFunctionGraphTask::CreateAndDispatchWhenReady([WeakThis, InUrl]()
+		{
+			if (WeakThis.IsValid())
+			{
+				WeakThis->HandleUrlChanged(InUrl);
+			}
+		}, TStatId(), nullptr, ENamedThreads::GameThread);
+	}
+	
 #endif
 }
 
 void UThirdwebOAuthBrowserWidget::HandleOnLoadComplete()
 {
 #if WITH_CEF
 	ENSURE_VALID_BROWSER("HandleOnLoadComplete")
-	FString Url = Browser->GetUrl();
-	AsyncTask(ENamedThreads::GameThread, [&, Url]() { if (IsInGameThread()) OnPageLoaded.Broadcast(FGenericPlatformHttp::UrlDecode(Url)); });
+	if (IsInGameThread())
+	{
+		TW_LOG(Log, TEXT("ThirdwebOAuthBrowserWidget::HandleOnLoadComplete:%s"), *Browser->GetUrl());
+		OnPageLoaded.Broadcast(FGenericPlatformHttp::UrlDecode(Browser->GetUrl()));
+	}
+	else
+	{
+		// Retry on the GameThread.
+		TWeakObjectPtr<UThirdwebOAuthBrowserWidget> WeakThis = this;
+		FFunctionGraphTask::CreateAndDispatchWhenReady([WeakThis]()
+		{
+			if (WeakThis.IsValid())
+			{
+				WeakThis->HandleOnLoadComplete();
+			}
+		}, TStatId(), nullptr, ENamedThreads::GameThread);
+	}
+#endif
+}
+
+bool UThirdwebOAuthBrowserWidget::HandleOnBeforePopup(FString URL, FString Frame)
+{
+	TW_LOG(Log, TEXT("ThirdwebOAuthBrowserWidget::HandleOnBeforePopup::%s | %s"), *URL, *Frame)
+	if (OnBeforePopup.IsBound())
+	{
+		if (IsInGameThread())
+		{
+			OnBeforePopup.Broadcast(URL, Frame);
+		}
+		else
+		{
+			// Retry on the GameThread.
+			TWeakObjectPtr<UThirdwebOAuthBrowserWidget> WeakThis = this;
+			FFunctionGraphTask::CreateAndDispatchWhenReady([WeakThis, URL, Frame]()
+			{
+				if (WeakThis.IsValid())
+				{
+					WeakThis->HandleOnBeforePopup(URL, Frame);
+				}
+			}, TStatId(), nullptr, ENamedThreads::GameThread);
+		}
+		return true;
+	}
+	return false;
+}
+
+bool UThirdwebOAuthBrowserWidget::HandleOnCreateWindow(const TWeakPtr<IWebBrowserWindow>& Window, const TWeakPtr<IWebBrowserPopupFeatures>& Features)
+{
+	TW_LOG(Error, TEXT("ThirdwebOAuthBrowserWidget::HandleOnLoadError"))
+	return false;
+}
+
+void UThirdwebOAuthBrowserWidget::HandleOnLoadError()
+{
+	TW_LOG(Error, TEXT("ThirdwebOAuthBrowserWidget::HandleOnLoadError"))
+}
+
+bool UThirdwebOAuthBrowserWidget::HandleOnCloseWindow(const TWeakPtr<IWebBrowserWindow>& Window)
+{
+	TW_LOG(Log, TEXT("ThirdwebOAuthBrowserWidget::HandleOnCloseWindow"))
+	RemoveFromParent();
+	return true;
+}
+
+void UThirdwebOAuthBrowserWidget::LoadUrl(const FString& Url)
+{
+#if WITH_CEF
+	ENSURE_VALID_BROWSER("LoadUrl")
+	Browser->LoadURL(Url);
 #endif
 }
 
@@ -104,15 +185,21 @@ TSharedRef<SWidget> UThirdwebOAuthBrowserWidget::RebuildWidget()
 		Browser = SNew(SWebBrowser)
 			.InitialURL(InitialUrl)
 			.ShowControls(false)
+			.ShowAddressBar(false)
+			// .PopupMenuMethod(EPopupMethod::UseCurrentWindow)
 			.SupportsTransparency(bSupportsTransparency)
 			.ShowInitialThrobber(bShowInitialThrobber)
+			.OnCreateWindow(BIND_UOBJECT_DELEGATE(FOnCreateWindowDelegate ,HandleOnCreateWindow))
+			.OnLoadError(BIND_UOBJECT_DELEGATE(FSimpleDelegate, HandleOnLoadError))
+			.OnUrlChanged(BIND_UOBJECT_DELEGATE(FOnTextChanged, HandleUrlChanged))
 			.OnLoadCompleted(BIND_UOBJECT_DELEGATE(FSimpleDelegate, HandleOnLoadComplete))
-			.OnUrlChanged(BIND_UOBJECT_DELEGATE(FOnTextChanged, HandleUrlChanged));
+			.OnCloseWindow(BIND_UOBJECT_DELEGATE(FOnCloseWindowDelegate, HandleOnCloseWindow))
+			.OnBeforePopup(BIND_UOBJECT_DELEGATE(FOnBeforePopupDelegate, HandleOnBeforePopup));
 
 		return Browser.ToSharedRef();
 	}
 #endif
-	return SNew(SBox).HAlign(HAlign_Center).VAlign(VAlign_Center)
+	return SNew(SBox).HAlign(HAlign_Fill).VAlign(VAlign_Fill)
 		[
 			SNew(STextBlock).Text(NSLOCTEXT("Thirdweb", "Thirdweb OAuth Browser", "Thirdweb OAuth Browser"))
 		];