From 54c959d18e8ada653de1eadcec0a80f31a81c2e3 Mon Sep 17 00:00:00 2001
From: HolgerHatGarKeineNode
 <123783602+HolgerHatGarKeineNode@users.noreply.github.com>
Date: Fri, 12 Jun 2026 01:14:01 +0200
Subject: [PATCH] Return the signed event to the app via custom scheme, not a
 browser page
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

A signer-owned Custom Tab never reliably displayed the browser handoff
page, so the token never returned. The Nostr launcher now uses the app's
custom scheme as the callback (einundzwanzig://signed/{k1}/): Amber opens
it directly after signing and the app exchanges the event for a token via
/api/mobile/token — no browser handoff in the loop.
---
 app/Http/Controllers/MobileAuthController.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/MobileAuthController.php b/app/Http/Controllers/MobileAuthController.php
index 6ca30f8..9547ace 100644
--- a/app/Http/Controllers/MobileAuthController.php
+++ b/app/Http/Controllers/MobileAuthController.php
@@ -158,9 +158,15 @@ final class MobileAuthController extends Controller
         // encodeURIComponent(JSON.stringify(event)) — the exact encoding
         // Amber accepts. Building it server-side produced subtly different
         // percent-encoding that Amber rejected as malformed.
+        //
+        // The callback is the app's custom scheme, not a portal URL: the
+        // signer opens it directly after signing, so the app receives the
+        // signed event and exchanges it for a token via /api/mobile/token —
+        // no browser handoff page (which a signer-owned Custom Tab failed to
+        // display reliably).
         return view('auth.mobile-nostr-launch', [
             'k1' => $k1,
-            'callbackUrl' => url('/auth/mobile/signed/'.$k1.'/'),
+            'callbackUrl' => 'einundzwanzig://signed/'.$k1.'/',
         ]);
     }