Add SIWE login async task and improve OAuth browser flow (#37)

Introduces UAsyncTaskThirdwebLoginWithSiwe for high-level SIWE login
handling, including browser widget orchestration and authentication
flow. Refactors OAuth browser and external browser classes to support
SIWE, corrects parameter order and provider string casing, and improves
resource cleanup and thread safety. Increases HTTP request timeout to 15
seconds and updates relevant delegate signatures and logic for SIWE
payload/signature handling.

Closes BLD-445

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Release Notes

* **New Features**
* Added Sign-In with Ethereum (SIWE) in-app login functionality with
browser-based authentication flow.

* **Improvements**
* Enhanced authentication session management with improved cleanup and
resource handling.
  * Improved thread safety for authentication callbacks.
  * Increased HTTP request timeout duration for better reliability.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

Author: 0xFirekeeper

Source/Thirdweb/Private/AsyncTasks/Wallets/InApp/AsyncTaskThirdwebLoginWithSiwe.cpp

@@ -0,0 +1,82 @@
+// Copyright (c) 2025 Thirdweb. All Rights Reserved.
+
+#include "AsyncTasks/Wallets/InApp/AsyncTaskThirdwebLoginWithSiwe.h"
+
+#include "Async/TaskGraphInterfaces.h"
+#include "Blueprint/UserWidget.h"
+#include "Browser/ThirdwebOAuthBrowserUserWidget.h"
+#include "Engine/World.h"
+#include "Kismet/GameplayStatics.h"
+#include "ThirdwebLog.h"
+
+void UAsyncTaskThirdwebLoginWithSiwe::Activate()
+{
+	Browser->OnSiweComplete.AddDynamic(this, &ThisClass::HandleSiweComplete);
+	Browser->OnError.AddDynamic(this, &ThisClass::HandleFailed);
+	Browser->AddToViewport(10000);
+	Browser->Authenticate(Wallet);
+}
+
+UAsyncTaskThirdwebLoginWithSiwe* UAsyncTaskThirdwebLoginWithSiwe::LoginWithSiwe(UObject* WorldContextObject, const FInAppWalletHandle& Wallet)
+{
+	if (!WorldContextObject)
+	{
+		return nullptr;
+	}
+	NEW_TASK
+	Task->Wallet = Wallet;
+	Task->Browser = CreateWidget<UThirdwebOAuthBrowserUserWidget>(UGameplayStatics::GetGameInstance(WorldContextObject),
+	                                                              UThirdwebOAuthBrowserUserWidget::StaticClass());
+	Task->RegisterWithGameInstance(WorldContextObject);
+	return Task;
+}
+
+void UAsyncTaskThirdwebLoginWithSiwe::HandleSiweComplete(const FString& Payload, const FString& Signature)
+{
+	if (IsInGameThread())
+	{
+		Success.Broadcast(Payload, Signature);
+		Browser->RemoveFromParent();
+		SetReadyToDestroy();
+	}
+	else
+	{
+		// Retry on the GameThread.
+		TWeakObjectPtr<UAsyncTaskThirdwebLoginWithSiwe> WeakThis = this;
+		FFunctionGraphTask::CreateAndDispatchWhenReady([WeakThis, Payload, Signature]()
+		                                               {
+			                                               if (WeakThis.IsValid())
+			                                               {
+				                                               WeakThis->HandleSiweComplete(Payload, Signature);
+			                                               }
+		                                               },
+		                                               TStatId(),
+		                                               nullptr,
+		                                               ENamedThreads::GameThread);
+	}
+}
+
+void UAsyncTaskThirdwebLoginWithSiwe::HandleFailed(const FString& Error)
+{
+	if (IsInGameThread())
+	{
+		Browser->RemoveFromParent();
+		Failed.Broadcast(Error);
+		SetReadyToDestroy();
+	}
+	else
+	{
+		// Retry on the GameThread.
+		TWeakObjectPtr<UAsyncTaskThirdwebLoginWithSiwe> WeakThis = this;
+		FFunctionGraphTask::CreateAndDispatchWhenReady([WeakThis, Error]()
+		                                               {
+			                                               if (WeakThis.IsValid())
+			                                               {
+				                                               WeakThis->HandleFailed(Error);
+			                                               }
+		                                               },
+		                                               TStatId(),
+		                                               nullptr,
+		                                               ENamedThreads::GameThread);
+	}
+}

Source/Thirdweb/Private/Browser/ThirdwebOAuthBrowserUserWidget.cpp

@@ -2,13 +2,14 @@
 
 #include "Browser/ThirdwebOAuthBrowserUserWidget.h"
 
-#include "ThirdwebLog.h"
-#include "ThirdwebRuntimeSettings.h"
+#include "Async/TaskGraphInterfaces.h"
 #include "Blueprint/WidgetTree.h"
 #include "Browser/ThirdwebOAuthExternalBrowser.h"
 #include "Components/Overlay.h"
 #include "Components/OverlaySlot.h"
 #include "Components/PanelWidget.h"
+#include "ThirdwebLog.h"
+#include "ThirdwebRuntimeSettings.h"
 
 #if PLATFORM_ANDROID
 #include "Android/AndroidApplication.h"
@@ -70,7 +71,7 @@ void UThirdwebOAuthBrowserUserWidget::BeginDestroy()
 FString UThirdwebOAuthBrowserUserWidget::GetDummyUrl()
 {
 #if PLATFORM_ANDROID
-	return UThirdwebRuntimeSettings::GetAppUri();
+  return UThirdwebRuntimeSettings::GetAppUri();
 #else
 	return DummyUrl;
 #endif
@@ -88,8 +89,8 @@ void UThirdwebOAuthBrowserUserWidget::Authenticate(const FInAppWalletHandle& InA
 	TW_LOG(VeryVerbose, TEXT("OAuthBrowserUserWidget::Authenticate::Wallet Type::%s"), Wallet.GetSourceString());
 	if (Wallet == FInAppWalletHandle::Siwe)
 	{
-		TW_LOG(VeryVerbose, TEXT("OAuthBrowserUserWidget::Authenticate::Authenticating against SIWE"));
-		ExternalBrowser->Authenticate(TEXT("SIWE"));
+		TW_LOG(VeryVerbose, TEXT("OAuthBrowserUserWidget::Authenticate::" "Authenticating against %s"), Wallet.GetSourceString());
+		ExternalBrowser->Authenticate(Wallet.GetSourceString());
 		return;
 	}
 
@@ -102,17 +103,21 @@ void UThirdwebOAuthBrowserUserWidget::Authenticate(const FInAppWalletHandle& InA
 	TW_LOG(VeryVerbose, TEXT("OAuthBrowserUserWidget::Authenticate::Authenticating against %s"), *Link);
 
 #if PLATFORM_ANDROID
-	if (JNIEnv *Env = FAndroidApplication::GetJavaEnv())
-	{
-		jstring JUrl = Env->NewStringUTF(TCHAR_TO_UTF8(*Link));
-		jclass JClass = FAndroidApplication::FindJavaClass("com/thirdweb/unrealengine/ThirdwebActivity");
-		static jmethodID JLaunchUrl = FJavaWrapper::FindStaticMethod(Env, JClass, "startActivity", "(Landroid/app/Activity;Ljava/lang/String;)V", false);
-		ThirdwebUtils::Internal::Android::CallJniStaticVoidMethod(Env, JClass, JLaunchUrl, FJavaWrapper::GameActivityThis, JUrl);
-		TW_LOG(Verbose, TEXT("OAuthBrowserUserWidget::Authenticate::Opening CustomTabs"));
-		return;
-	}
-	TW_LOG(Error, TEXT("OAuthBrowserUserWidget::Authenticate::No JNIEnv found"));
-	return;
+  if (JNIEnv *Env = FAndroidApplication::GetJavaEnv()) {
+    jstring JUrl = Env->NewStringUTF(TCHAR_TO_UTF8(*Link));
+    jclass JClass = FAndroidApplication::FindJavaClass(
+        "com/thirdweb/unrealengine/ThirdwebActivity");
+    static jmethodID JLaunchUrl = FJavaWrapper::FindStaticMethod(
+        Env, JClass, "startActivity",
+        "(Landroid/app/Activity;Ljava/lang/String;)V", false);
+    ThirdwebUtils::Internal::Android::CallJniStaticVoidMethod(
+        Env, JClass, JLaunchUrl, FJavaWrapper::GameActivityThis, JUrl);
+    TW_LOG(Verbose,
+           TEXT("OAuthBrowserUserWidget::Authenticate::Opening CustomTabs"));
+    return;
+  }
+  TW_LOG(Error, TEXT("OAuthBrowserUserWidget::Authenticate::No JNIEnv found"));
+  return;
 #endif
 
 	return ExternalBrowser->Authenticate(Link);
@@ -156,9 +161,27 @@ void UThirdwebOAuthBrowserUserWidget::HandleAuthenticated(const FString& AuthRes
 	OnAuthenticated.Broadcast(AuthResult);
 }
 
-void UThirdwebOAuthBrowserUserWidget::HandleSiweComplete(const FString& Signature, const FString& Payload)
+void UThirdwebOAuthBrowserUserWidget::HandleSiweComplete(const FString& Payload, const FString& Signature)
 {
-	OnSiweComplete.Broadcast(Signature, Payload);
+	if (IsInGameThread())
+	{
+		OnSiweComplete.Broadcast(Payload, Signature);
+	}
+	else
+	{
+		// Dispatch to game thread
+		TWeakObjectPtr<UThirdwebOAuthBrowserUserWidget> WeakThis = this;
+		FFunctionGraphTask::CreateAndDispatchWhenReady([WeakThis, Payload, Signature]()
+		                                               {
+			                                               if (WeakThis.IsValid())
+			                                               {
+				                                               WeakThis->OnSiweComplete.Broadcast(Payload, Signature);
+			                                               }
+		                                               },
+		                                               TStatId(),
+		                                               nullptr,
+		                                               ENamedThreads::GameThread);
+	}
 }
 
 void UThirdwebOAuthBrowserUserWidget::HandleError(const FString& Error)
@@ -167,16 +190,18 @@ void UThirdwebOAuthBrowserUserWidget::HandleError(const FString& Error)
 }
 
 #if PLATFORM_ANDROID
-void UThirdwebOAuthBrowserUserWidget::HandleDeepLink(const FString &Url)
-{
-	TW_LOG(VeryVerbose, TEXT("UThirdwebOAuthBrowserUserWidget::HandleDeepLink::%s"), *Url);
-	HandleUrlChanged(Url);
+void UThirdwebOAuthBrowserUserWidget::HandleDeepLink(const FString &Url) {
+  TW_LOG(VeryVerbose,
+         TEXT("UThirdwebOAuthBrowserUserWidget::HandleDeepLink::%s"), *Url);
+  HandleUrlChanged(Url);
 }
 
-void UThirdwebOAuthBrowserUserWidget::HandleCustomTabsDismissed(const FString &Url)
-{
-	TW_LOG(VeryVerbose, TEXT("UThirdwebOAuthBrowserUserWidget::HandleCustomTabsDismissed::%s"), *Url);
-	HandleUrlChanged(Url);
+void UThirdwebOAuthBrowserUserWidget::HandleCustomTabsDismissed(
+    const FString &Url) {
+  TW_LOG(VeryVerbose,
+         TEXT("UThirdwebOAuthBrowserUserWidget::HandleCustomTabsDismissed::%s"),
+         *Url);
+  HandleUrlChanged(Url);
 }
 #endif
 
@@ -188,7 +213,7 @@ void UThirdwebOAuthBrowserUserWidget::SetVisible(const bool bVisible)
 		if (bCollapseWhenBlank)
 		{
 #if PLATFORM_IOS | PLATFORM_ANDROID
-			SetRenderOpacity(1.0f);
+      SetRenderOpacity(1.0f);
 #else
 			SetVisibility(ESlateVisibility::Visible);
 #endif
@@ -200,7 +225,7 @@ void UThirdwebOAuthBrowserUserWidget::SetVisible(const bool bVisible)
 		if (bCollapseWhenBlank)
 		{
 #if PLATFORM_IOS | PLATFORM_ANDROID
-			SetRenderOpacity(0.01f);
+      SetRenderOpacity(0.01f);
 #else
 			SetVisibility(ESlateVisibility::Collapsed);
 #endif