I'm running into an issue where the popup from the authenticate call is being blocked by Safari.

I believe this only happens for the pkce flow in browsers that support Crypto.subtle.

This happens because Safari expects popups to be opened synchronously as the user clicks the page. The async CryptoUtils.deriveChallenge call inside buildWebOptions is called before the popup is open, therefore resulting in the popup being blocked

@moberwasserlechner Sorry for re-opening but it's still happening here https://codesandbox.io/p/sandbox/wizardly-leaf-jqfjxw?file=%2Fsrc%2FApp.vue%3A8%2C58

Are we doing something wrong?