@alteran/astro 0.6.3 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. package/README.md +11 -0
  2. package/index.js +8 -0
  3. package/migrations/0009_oauth_session_state.sql +31 -0
  4. package/migrations/meta/0009_snapshot.json +749 -0
  5. package/migrations/meta/_journal.json +7 -0
  6. package/package.json +2 -1
  7. package/src/db/account.ts +134 -1
  8. package/src/db/schema.ts +31 -0
  9. package/src/lib/appview/proxy.ts +11 -8
  10. package/src/lib/auth.ts +34 -3
  11. package/src/lib/jwt.ts +4 -0
  12. package/src/lib/oauth/as-keys.ts +29 -0
  13. package/src/lib/oauth/clients.ts +453 -24
  14. package/src/lib/oauth/consent.ts +180 -0
  15. package/src/lib/oauth/dpop.ts +39 -5
  16. package/src/lib/oauth/resource.ts +93 -21
  17. package/src/lib/oauth/store.ts +64 -7
  18. package/src/lib/refresh-session.ts +16 -0
  19. package/src/lib/session-tokens.ts +33 -5
  20. package/src/lib/token-cleanup.ts +4 -2
  21. package/src/lib/util.ts +0 -1
  22. package/src/pages/.well-known/oauth-authorization-server.ts +16 -3
  23. package/src/pages/.well-known/oauth-protected-resource.ts +8 -4
  24. package/src/pages/oauth/authorize.ts +31 -52
  25. package/src/pages/oauth/consent.ts +163 -66
  26. package/src/pages/oauth/jwks.ts +15 -0
  27. package/src/pages/oauth/par.ts +34 -56
  28. package/src/pages/oauth/revoke.ts +75 -0
  29. package/src/pages/oauth/token.ts +148 -89
  30. package/src/pages/xrpc/[...nsid].ts +7 -6
  31. package/src/pages/xrpc/app.bsky.actor.getPreferences.ts +3 -4
  32. package/src/pages/xrpc/app.bsky.actor.putPreferences.ts +3 -4
  33. package/src/pages/xrpc/app.bsky.unspecced.getAgeAssuranceState.ts +3 -4
  34. package/src/pages/xrpc/chat.bsky.convo.getLog.ts +3 -4
  35. package/src/pages/xrpc/chat.bsky.convo.listConvos.ts +3 -4
  36. package/src/pages/xrpc/com.atproto.identity.getRecommendedDidCredentials.ts +3 -4
  37. package/src/pages/xrpc/com.atproto.identity.requestPlcOperationSignature.ts +3 -4
  38. package/src/pages/xrpc/com.atproto.identity.signPlcOperation.ts +3 -4
  39. package/src/pages/xrpc/com.atproto.identity.submitPlcOperation.ts +3 -4
  40. package/src/pages/xrpc/com.atproto.repo.listMissingBlobs.ts +3 -4
  41. package/src/pages/xrpc/com.atproto.server.checkAccountStatus.ts +3 -4
  42. package/src/pages/xrpc/com.atproto.server.deleteSession.ts +28 -9
  43. package/src/pages/xrpc/com.atproto.server.getSession.ts +3 -4
  44. package/types/env.d.ts +1 -0
package/migrations/meta/0009_snapshot.json ADDED
@@ -0,0 +1,749 @@
1
+ {
2
+ "version": "6",
3
+ "dialect": "sqlite",
4
+ "id": "730102dd-3a0d-4793-9f74-1f21a2eeefbc",
5
+ "prevId": "b281d3aa-91ce-4288-8af7-f17f349958c4",
6
+ "tables": {
7
+ "account": {
8
+ "name": "account",
9
+ "columns": {
10
+ "did": {
11
+ "name": "did",
12
+ "type": "text",
13
+ "primaryKey": true,
14
+ "notNull": true,
15
+ "autoincrement": false
16
+ },
17
+ "handle": {
18
+ "name": "handle",
19
+ "type": "text",
20
+ "primaryKey": false,
21
+ "notNull": true,
22
+ "autoincrement": false
23
+ },
24
+ "password_scrypt": {
25
+ "name": "password_scrypt",
26
+ "type": "text",
27
+ "primaryKey": false,
28
+ "notNull": false,
29
+ "autoincrement": false
30
+ },
31
+ "email": {
32
+ "name": "email",
33
+ "type": "text",
34
+ "primaryKey": false,
35
+ "notNull": false,
36
+ "autoincrement": false
37
+ },
38
+ "created_at": {
39
+ "name": "created_at",
40
+ "type": "integer",
41
+ "primaryKey": false,
42
+ "notNull": true,
43
+ "autoincrement": false
44
+ },
45
+ "updated_at": {
46
+ "name": "updated_at",
47
+ "type": "integer",
48
+ "primaryKey": false,
49
+ "notNull": true,
50
+ "autoincrement": false
51
+ }
52
+ },
53
+ "indexes": {
54
+ "account_handle_unique": {
55
+ "name": "account_handle_unique",
56
+ "columns": [
57
+ "handle"
58
+ ],
59
+ "isUnique": true
60
+ }
61
+ },
62
+ "foreignKeys": {},
63
+ "compositePrimaryKeys": {},
64
+ "uniqueConstraints": {},
65
+ "checkConstraints": {}
66
+ },
67
+ "account_state": {
68
+ "name": "account_state",
69
+ "columns": {
70
+ "did": {
71
+ "name": "did",
72
+ "type": "text",
73
+ "primaryKey": true,
74
+ "notNull": true,
75
+ "autoincrement": false
76
+ },
77
+ "active": {
78
+ "name": "active",
79
+ "type": "integer",
80
+ "primaryKey": false,
81
+ "notNull": true,
82
+ "autoincrement": false,
83
+ "default": false
84
+ },
85
+ "status": {
86
+ "name": "status",
87
+ "type": "text",
88
+ "primaryKey": false,
89
+ "notNull": false,
90
+ "autoincrement": false
91
+ },
92
+ "suspended_until": {
93
+ "name": "suspended_until",
94
+ "type": "integer",
95
+ "primaryKey": false,
96
+ "notNull": false,
97
+ "autoincrement": false
98
+ },
99
+ "created_at": {
100
+ "name": "created_at",
101
+ "type": "integer",
102
+ "primaryKey": false,
103
+ "notNull": true,
104
+ "autoincrement": false
105
+ }
106
+ },
107
+ "indexes": {},
108
+ "foreignKeys": {},
109
+ "compositePrimaryKeys": {},
110
+ "uniqueConstraints": {},
111
+ "checkConstraints": {}
112
+ },
113
+ "blob_quota": {
114
+ "name": "blob_quota",
115
+ "columns": {
116
+ "did": {
117
+ "name": "did",
118
+ "type": "text",
119
+ "primaryKey": true,
120
+ "notNull": true,
121
+ "autoincrement": false
122
+ },
123
+ "total_bytes": {
124
+ "name": "total_bytes",
125
+ "type": "integer",
126
+ "primaryKey": false,
127
+ "notNull": true,
128
+ "autoincrement": false,
129
+ "default": 0
130
+ },
131
+ "blob_count": {
132
+ "name": "blob_count",
133
+ "type": "integer",
134
+ "primaryKey": false,
135
+ "notNull": true,
136
+ "autoincrement": false,
137
+ "default": 0
138
+ },
139
+ "updated_at": {
140
+ "name": "updated_at",
141
+ "type": "integer",
142
+ "primaryKey": false,
143
+ "notNull": true,
144
+ "autoincrement": false
145
+ }
146
+ },
147
+ "indexes": {},
148
+ "foreignKeys": {},
149
+ "compositePrimaryKeys": {},
150
+ "uniqueConstraints": {},
151
+ "checkConstraints": {}
152
+ },
153
+ "blob": {
154
+ "name": "blob",
155
+ "columns": {
156
+ "cid": {
157
+ "name": "cid",
158
+ "type": "text",
159
+ "primaryKey": true,
160
+ "notNull": true,
161
+ "autoincrement": false
162
+ },
163
+ "did": {
164
+ "name": "did",
165
+ "type": "text",
166
+ "primaryKey": false,
167
+ "notNull": true,
168
+ "autoincrement": false
169
+ },
170
+ "key": {
171
+ "name": "key",
172
+ "type": "text",
173
+ "primaryKey": false,
174
+ "notNull": true,
175
+ "autoincrement": false
176
+ },
177
+ "mime": {
178
+ "name": "mime",
179
+ "type": "text",
180
+ "primaryKey": false,
181
+ "notNull": true,
182
+ "autoincrement": false
183
+ },
184
+ "size": {
185
+ "name": "size",
186
+ "type": "integer",
187
+ "primaryKey": false,
188
+ "notNull": true,
189
+ "autoincrement": false
190
+ }
191
+ },
192
+ "indexes": {},
193
+ "foreignKeys": {},
194
+ "compositePrimaryKeys": {},
195
+ "uniqueConstraints": {},
196
+ "checkConstraints": {}
197
+ },
198
+ "blob_usage": {
199
+ "name": "blob_usage",
200
+ "columns": {
201
+ "record_uri": {
202
+ "name": "record_uri",
203
+ "type": "text",
204
+ "primaryKey": false,
205
+ "notNull": true,
206
+ "autoincrement": false
207
+ },
208
+ "key": {
209
+ "name": "key",
210
+ "type": "text",
211
+ "primaryKey": false,
212
+ "notNull": true,
213
+ "autoincrement": false
214
+ }
215
+ },
216
+ "indexes": {
217
+ "blob_usage_record_uri_idx": {
218
+ "name": "blob_usage_record_uri_idx",
219
+ "columns": [
220
+ "record_uri"
221
+ ],
222
+ "isUnique": false
223
+ }
224
+ },
225
+ "foreignKeys": {},
226
+ "compositePrimaryKeys": {
227
+ "blob_usage_record_uri_key_pk": {
228
+ "columns": [
229
+ "record_uri",
230
+ "key"
231
+ ],
232
+ "name": "blob_usage_record_uri_key_pk"
233
+ }
234
+ },
235
+ "uniqueConstraints": {},
236
+ "checkConstraints": {}
237
+ },
238
+ "blockstore": {
239
+ "name": "blockstore",
240
+ "columns": {
241
+ "cid": {
242
+ "name": "cid",
243
+ "type": "text",
244
+ "primaryKey": true,
245
+ "notNull": true,
246
+ "autoincrement": false
247
+ },
248
+ "bytes": {
249
+ "name": "bytes",
250
+ "type": "text",
251
+ "primaryKey": false,
252
+ "notNull": false,
253
+ "autoincrement": false
254
+ }
255
+ },
256
+ "indexes": {},
257
+ "foreignKeys": {},
258
+ "compositePrimaryKeys": {},
259
+ "uniqueConstraints": {},
260
+ "checkConstraints": {}
261
+ },
262
+ "commit_log": {
263
+ "name": "commit_log",
264
+ "columns": {
265
+ "seq": {
266
+ "name": "seq",
267
+ "type": "integer",
268
+ "primaryKey": true,
269
+ "notNull": true,
270
+ "autoincrement": false
271
+ },
272
+ "cid": {
273
+ "name": "cid",
274
+ "type": "text",
275
+ "primaryKey": false,
276
+ "notNull": true,
277
+ "autoincrement": false
278
+ },
279
+ "rev": {
280
+ "name": "rev",
281
+ "type": "text",
282
+ "primaryKey": false,
283
+ "notNull": true,
284
+ "autoincrement": false
285
+ },
286
+ "data": {
287
+ "name": "data",
288
+ "type": "text",
289
+ "primaryKey": false,
290
+ "notNull": true,
291
+ "autoincrement": false
292
+ },
293
+ "sig": {
294
+ "name": "sig",
295
+ "type": "text",
296
+ "primaryKey": false,
297
+ "notNull": true,
298
+ "autoincrement": false
299
+ },
300
+ "ts": {
301
+ "name": "ts",
302
+ "type": "integer",
303
+ "primaryKey": false,
304
+ "notNull": true,
305
+ "autoincrement": false
306
+ }
307
+ },
308
+ "indexes": {
309
+ "commit_log_seq_idx": {
310
+ "name": "commit_log_seq_idx",
311
+ "columns": [
312
+ "seq"
313
+ ],
314
+ "isUnique": false
315
+ }
316
+ },
317
+ "foreignKeys": {},
318
+ "compositePrimaryKeys": {},
319
+ "uniqueConstraints": {},
320
+ "checkConstraints": {}
321
+ },
322
+ "login_attempts": {
323
+ "name": "login_attempts",
324
+ "columns": {
325
+ "ip": {
326
+ "name": "ip",
327
+ "type": "text",
328
+ "primaryKey": true,
329
+ "notNull": true,
330
+ "autoincrement": false
331
+ },
332
+ "attempts": {
333
+ "name": "attempts",
334
+ "type": "integer",
335
+ "primaryKey": false,
336
+ "notNull": true,
337
+ "autoincrement": false,
338
+ "default": 0
339
+ },
340
+ "locked_until": {
341
+ "name": "locked_until",
342
+ "type": "integer",
343
+ "primaryKey": false,
344
+ "notNull": false,
345
+ "autoincrement": false
346
+ },
347
+ "last_attempt": {
348
+ "name": "last_attempt",
349
+ "type": "integer",
350
+ "primaryKey": false,
351
+ "notNull": true,
352
+ "autoincrement": false
353
+ }
354
+ },
355
+ "indexes": {},
356
+ "foreignKeys": {},
357
+ "compositePrimaryKeys": {},
358
+ "uniqueConstraints": {},
359
+ "checkConstraints": {}
360
+ },
361
+ "oauth_session": {
362
+ "name": "oauth_session",
363
+ "columns": {
364
+ "id": {
365
+ "name": "id",
366
+ "type": "text",
367
+ "primaryKey": true,
368
+ "notNull": true,
369
+ "autoincrement": false
370
+ },
371
+ "did": {
372
+ "name": "did",
373
+ "type": "text",
374
+ "primaryKey": false,
375
+ "notNull": true,
376
+ "autoincrement": false
377
+ },
378
+ "client_id": {
379
+ "name": "client_id",
380
+ "type": "text",
381
+ "primaryKey": false,
382
+ "notNull": true,
383
+ "autoincrement": false
384
+ },
385
+ "client_auth_method": {
386
+ "name": "client_auth_method",
387
+ "type": "text",
388
+ "primaryKey": false,
389
+ "notNull": true,
390
+ "autoincrement": false
391
+ },
392
+ "client_auth_key_id": {
393
+ "name": "client_auth_key_id",
394
+ "type": "text",
395
+ "primaryKey": false,
396
+ "notNull": false,
397
+ "autoincrement": false
398
+ },
399
+ "dpop_jkt": {
400
+ "name": "dpop_jkt",
401
+ "type": "text",
402
+ "primaryKey": false,
403
+ "notNull": true,
404
+ "autoincrement": false
405
+ },
406
+ "scope": {
407
+ "name": "scope",
408
+ "type": "text",
409
+ "primaryKey": false,
410
+ "notNull": true,
411
+ "autoincrement": false
412
+ },
413
+ "current_refresh_token_id": {
414
+ "name": "current_refresh_token_id",
415
+ "type": "text",
416
+ "primaryKey": false,
417
+ "notNull": true,
418
+ "autoincrement": false
419
+ },
420
+ "access_jti": {
421
+ "name": "access_jti",
422
+ "type": "text",
423
+ "primaryKey": false,
424
+ "notNull": true,
425
+ "autoincrement": false
426
+ },
427
+ "created_at": {
428
+ "name": "created_at",
429
+ "type": "integer",
430
+ "primaryKey": false,
431
+ "notNull": true,
432
+ "autoincrement": false
433
+ },
434
+ "updated_at": {
435
+ "name": "updated_at",
436
+ "type": "integer",
437
+ "primaryKey": false,
438
+ "notNull": true,
439
+ "autoincrement": false
440
+ },
441
+ "expires_at": {
442
+ "name": "expires_at",
443
+ "type": "integer",
444
+ "primaryKey": false,
445
+ "notNull": true,
446
+ "autoincrement": false
447
+ },
448
+ "revoked_at": {
449
+ "name": "revoked_at",
450
+ "type": "integer",
451
+ "primaryKey": false,
452
+ "notNull": false,
453
+ "autoincrement": false
454
+ }
455
+ },
456
+ "indexes": {
457
+ "oauth_session_client_idx": {
458
+ "name": "oauth_session_client_idx",
459
+ "columns": [
460
+ "client_id"
461
+ ],
462
+ "isUnique": false
463
+ },
464
+ "oauth_session_current_refresh_idx": {
465
+ "name": "oauth_session_current_refresh_idx",
466
+ "columns": [
467
+ "current_refresh_token_id"
468
+ ],
469
+ "isUnique": false
470
+ },
471
+ "oauth_session_access_jti_idx": {
472
+ "name": "oauth_session_access_jti_idx",
473
+ "columns": [
474
+ "access_jti"
475
+ ],
476
+ "isUnique": false
477
+ }
478
+ },
479
+ "foreignKeys": {},
480
+ "compositePrimaryKeys": {},
481
+ "uniqueConstraints": {},
482
+ "checkConstraints": {}
483
+ },
484
+ "record": {
485
+ "name": "record",
486
+ "columns": {
487
+ "uri": {
488
+ "name": "uri",
489
+ "type": "text",
490
+ "primaryKey": true,
491
+ "notNull": true,
492
+ "autoincrement": false
493
+ },
494
+ "did": {
495
+ "name": "did",
496
+ "type": "text",
497
+ "primaryKey": false,
498
+ "notNull": true,
499
+ "autoincrement": false
500
+ },
501
+ "cid": {
502
+ "name": "cid",
503
+ "type": "text",
504
+ "primaryKey": false,
505
+ "notNull": true,
506
+ "autoincrement": false
507
+ },
508
+ "json": {
509
+ "name": "json",
510
+ "type": "text",
511
+ "primaryKey": false,
512
+ "notNull": true,
513
+ "autoincrement": false
514
+ },
515
+ "created_at": {
516
+ "name": "created_at",
517
+ "type": "integer",
518
+ "primaryKey": false,
519
+ "notNull": false,
520
+ "autoincrement": false,
521
+ "default": 0
522
+ }
523
+ },
524
+ "indexes": {
525
+ "record_did_idx": {
526
+ "name": "record_did_idx",
527
+ "columns": [
528
+ "did"
529
+ ],
530
+ "isUnique": false
531
+ },
532
+ "record_cid_idx": {
533
+ "name": "record_cid_idx",
534
+ "columns": [
535
+ "cid"
536
+ ],
537
+ "isUnique": false
538
+ }
539
+ },
540
+ "foreignKeys": {},
541
+ "compositePrimaryKeys": {},
542
+ "uniqueConstraints": {},
543
+ "checkConstraints": {}
544
+ },
545
+ "refresh_token": {
546
+ "name": "refresh_token",
547
+ "columns": {
548
+ "id": {
549
+ "name": "id",
550
+ "type": "text",
551
+ "primaryKey": true,
552
+ "notNull": true,
553
+ "autoincrement": false
554
+ },
555
+ "did": {
556
+ "name": "did",
557
+ "type": "text",
558
+ "primaryKey": false,
559
+ "notNull": true,
560
+ "autoincrement": false
561
+ },
562
+ "expires_at": {
563
+ "name": "expires_at",
564
+ "type": "integer",
565
+ "primaryKey": false,
566
+ "notNull": true,
567
+ "autoincrement": false
568
+ },
569
+ "app_password_name": {
570
+ "name": "app_password_name",
571
+ "type": "text",
572
+ "primaryKey": false,
573
+ "notNull": false,
574
+ "autoincrement": false
575
+ },
576
+ "next_id": {
577
+ "name": "next_id",
578
+ "type": "text",
579
+ "primaryKey": false,
580
+ "notNull": false,
581
+ "autoincrement": false
582
+ },
583
+ "token_kind": {
584
+ "name": "token_kind",
585
+ "type": "text",
586
+ "primaryKey": false,
587
+ "notNull": true,
588
+ "autoincrement": false,
589
+ "default": "'legacy'"
590
+ },
591
+ "oauth_session_id": {
592
+ "name": "oauth_session_id",
593
+ "type": "text",
594
+ "primaryKey": false,
595
+ "notNull": false,
596
+ "autoincrement": false
597
+ },
598
+ "client_id": {
599
+ "name": "client_id",
600
+ "type": "text",
601
+ "primaryKey": false,
602
+ "notNull": false,
603
+ "autoincrement": false
604
+ },
605
+ "client_auth_method": {
606
+ "name": "client_auth_method",
607
+ "type": "text",
608
+ "primaryKey": false,
609
+ "notNull": false,
610
+ "autoincrement": false
611
+ },
612
+ "client_auth_key_id": {
613
+ "name": "client_auth_key_id",
614
+ "type": "text",
615
+ "primaryKey": false,
616
+ "notNull": false,
617
+ "autoincrement": false
618
+ },
619
+ "dpop_jkt": {
620
+ "name": "dpop_jkt",
621
+ "type": "text",
622
+ "primaryKey": false,
623
+ "notNull": false,
624
+ "autoincrement": false
625
+ },
626
+ "oauth_scope": {
627
+ "name": "oauth_scope",
628
+ "type": "text",
629
+ "primaryKey": false,
630
+ "notNull": false,
631
+ "autoincrement": false
632
+ },
633
+ "access_jti": {
634
+ "name": "access_jti",
635
+ "type": "text",
636
+ "primaryKey": false,
637
+ "notNull": false,
638
+ "autoincrement": false
639
+ },
640
+ "revoked_at": {
641
+ "name": "revoked_at",
642
+ "type": "integer",
643
+ "primaryKey": false,
644
+ "notNull": false,
645
+ "autoincrement": false
646
+ }
647
+ },
648
+ "indexes": {
649
+ "refresh_token_did_idx": {
650
+ "name": "refresh_token_did_idx",
651
+ "columns": [
652
+ "did"
653
+ ],
654
+ "isUnique": false
655
+ },
656
+ "refresh_token_oauth_session_idx": {
657
+ "name": "refresh_token_oauth_session_idx",
658
+ "columns": [
659
+ "oauth_session_id"
660
+ ],
661
+ "isUnique": false
662
+ },
663
+ "refresh_token_access_jti_idx": {
664
+ "name": "refresh_token_access_jti_idx",
665
+ "columns": [
666
+ "access_jti"
667
+ ],
668
+ "isUnique": false
669
+ }
670
+ },
671
+ "foreignKeys": {},
672
+ "compositePrimaryKeys": {},
673
+ "uniqueConstraints": {},
674
+ "checkConstraints": {}
675
+ },
676
+ "repo_root": {
677
+ "name": "repo_root",
678
+ "columns": {
679
+ "did": {
680
+ "name": "did",
681
+ "type": "text",
682
+ "primaryKey": true,
683
+ "notNull": true,
684
+ "autoincrement": false
685
+ },
686
+ "commit_cid": {
687
+ "name": "commit_cid",
688
+ "type": "text",
689
+ "primaryKey": false,
690
+ "notNull": true,
691
+ "autoincrement": false
692
+ },
693
+ "rev": {
694
+ "name": "rev",
695
+ "type": "text",
696
+ "primaryKey": false,
697
+ "notNull": true,
698
+ "autoincrement": false
699
+ }
700
+ },
701
+ "indexes": {},
702
+ "foreignKeys": {},
703
+ "compositePrimaryKeys": {},
704
+ "uniqueConstraints": {},
705
+ "checkConstraints": {}
706
+ },
707
+ "secret": {
708
+ "name": "secret",
709
+ "columns": {
710
+ "key": {
711
+ "name": "key",
712
+ "type": "text",
713
+ "primaryKey": true,
714
+ "notNull": true,
715
+ "autoincrement": false
716
+ },
717
+ "value": {
718
+ "name": "value",
719
+ "type": "text",
720
+ "primaryKey": false,
721
+ "notNull": true,
722
+ "autoincrement": false
723
+ },
724
+ "updated_at": {
725
+ "name": "updated_at",
726
+ "type": "integer",
727
+ "primaryKey": false,
728
+ "notNull": true,
729
+ "autoincrement": false
730
+ }
731
+ },
732
+ "indexes": {},
733
+ "foreignKeys": {},
734
+ "compositePrimaryKeys": {},
735
+ "uniqueConstraints": {},
736
+ "checkConstraints": {}
737
+ }
738
+ },
739
+ "views": {},
740
+ "enums": {},
741
+ "_meta": {
742
+ "schemas": {},
743
+ "tables": {},
744
+ "columns": {}
745
+ },
746
+ "internal": {
747
+ "indexes": {}
748
+ }
749
+ }