@atcute/oauth-browser-client 1.0.12 → 1.0.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/dpop.js +20 -4
- package/dist/dpop.js.map +1 -1
- package/dist/store/db.js +23 -3
- package/dist/store/db.js.map +1 -1
- package/dist/types/store.d.ts +1 -0
- package/lib/dpop.ts +22 -5
- package/lib/store/db.ts +28 -2
- package/lib/types/store.ts +1 -0
- package/package.json +3 -3
package/README.md
CHANGED
|
@@ -377,7 +377,7 @@ const resolveHandleViaDoH = async (handle: string): Promise<At.DID> => {
|
|
|
377
377
|
// ensure there is no other entry starting with "did="
|
|
378
378
|
for (let j = i + 1; j < answers.length; j++) {
|
|
379
379
|
if (answers[j].startsWith(PREFIX)) {
|
|
380
|
-
|
|
380
|
+
throw new ResolverError(`handle returned multiple did values`);
|
|
381
381
|
}
|
|
382
382
|
}
|
|
383
383
|
|
package/dist/dpop.js
CHANGED
|
@@ -56,15 +56,31 @@ export const createDPoPFetch = (issuer, dpopKey, isAuthServer) => {
|
|
|
56
56
|
}
|
|
57
57
|
// Get our persisted nonce value for this origin
|
|
58
58
|
let initNonce;
|
|
59
|
+
let expiredOrMissing = false;
|
|
59
60
|
try {
|
|
60
|
-
|
|
61
|
+
const [nonce, lapsed] = nonces.getWithLapsed(origin);
|
|
62
|
+
initNonce = nonce;
|
|
63
|
+
// The problem with DPoP nonces is that we don't have insight as to when
|
|
64
|
+
// they'll expire, either we have a nonce value or we don't.
|
|
65
|
+
//
|
|
66
|
+
// Which is very unfortunate, if the client makes multiple requests at the
|
|
67
|
+
// same time, there's a chance that all of them will fail due to the nonce
|
|
68
|
+
// value having expired.
|
|
69
|
+
//
|
|
70
|
+
// To make this less painful, if it's been over 3 minutes since we last
|
|
71
|
+
// had a nonce value, or we never had one to begin with, we'll let this
|
|
72
|
+
// request through and defer everyone else until we get a possibly fresh
|
|
73
|
+
// nonce value.
|
|
74
|
+
//
|
|
75
|
+
// 3 minutes being the DPoP nonce expiration time set by the reference PDS
|
|
76
|
+
// implementation.
|
|
77
|
+
expiredOrMissing = lapsed > 3 * 60 * 1_000;
|
|
61
78
|
}
|
|
62
79
|
catch {
|
|
63
80
|
// Ignore read errors, we'll just act like we're missing a nonce.
|
|
64
81
|
}
|
|
65
|
-
if (
|
|
66
|
-
//
|
|
67
|
-
// up with multiple failing requests.
|
|
82
|
+
if (expiredOrMissing) {
|
|
83
|
+
// Defer everyone else until this request finishes.
|
|
68
84
|
pending.set(origin, (deferred = Promise.withResolvers()));
|
|
69
85
|
}
|
|
70
86
|
let nextNonce;
|
package/dist/dpop.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dpop.js","sourceRoot":"","sources":["../lib/dpop.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAEhG,MAAM,SAAS,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAW,CAAC;AAElE,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,IAAsB,EAAE;IAC1D,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;IAElF,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IACpE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,GAAG,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IAEvG,OAAO;QACN,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,WAAW,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;QACrC,GAAG,EAAE,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;KAC7F,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,MAAc,EAAE,OAAgB,EAAE,EAAE;IACrE,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC;IACjC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAE3G,MAAM,gBAAgB,GAAG,CACxB,MAAc,EACd,GAAW,EACX,KAAyB,EACzB,GAAuB,EACtB,EAAE;QACH,MAAM,OAAO,GAAG;YACf,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;YACnC,GAAG,EAAE,WAAW,EAAE;YAClB,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,GAAG;YACR,KAAK,EAAE,KAAK;YACZ,GAAG,EAAE,GAAG;SACR,CAAC;QAEF,OAAO,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAC7D,CAAC,CAAC;IAEF,OAAO,KAAK,EAAE,MAAc,EAAE,GAAW,EAAE,KAAyB,EAAE,GAAuB,EAAE,EAAE;QAChG,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;QAEhE,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CACtC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAC5C,MAAM,UAAU,EAChB,OAAO,CAAC,MAAM,CAAC,YAAY,GAAG,GAAG,GAAG,aAAa,CAAC,CAClD,CAAC;QAEF,MAAM,eAAe,GAAG,WAAW,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;QAE5D,OAAO,YAAY,GAAG,GAAG,GAAG,aAAa,GAAG,GAAG,GAAG,eAAe,CAAC;IACnE,CAAC,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,MAAc,EAAE,OAAgB,EAAE,YAAsB,EAAgB,EAAE;IACzG,MAAM,MAAM,GAAG,QAAQ,CAAC,UAAU,CAAC;IACnC,MAAM,OAAO,GAAG,QAAQ,CAAC,YAAY,CAAC;IAEtC,MAAM,IAAI,GAAG,iBAAiB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEhD,OAAO,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAY,IAAI,IAAI,IAAI,IAAI,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAErG,MAAM,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACjE,MAAM,GAAG,GAAG,mBAAmB,EAAE,UAAU,CAAC,OAAO,CAAC;YACnD,CAAC,CAAC,MAAM,QAAQ,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC9C,CAAC,CAAC,SAAS,CAAC;QAEb,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;QAChC,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAEhC,uEAAuE;QACvE,wEAAwE;QACxE,kBAAkB;QAClB,IAAI,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,QAAQ,EAAE,CAAC;YACd,MAAM,QAAQ,CAAC,OAAO,CAAC;YACvB,QAAQ,GAAG,SAAS,CAAC;QACtB,CAAC;QAED,gDAAgD;QAChD,IAAI,SAA6B,CAAC;QAClC,IAAI,CAAC;YACJ,
|
|
1
|
+
{"version":3,"file":"dpop.js","sourceRoot":"","sources":["../lib/dpop.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAEhG,MAAM,SAAS,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAW,CAAC;AAElE,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,IAAsB,EAAE;IAC1D,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;IAElF,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IACpE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,GAAG,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IAEvG,OAAO;QACN,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,WAAW,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;QACrC,GAAG,EAAE,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;KAC7F,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,MAAc,EAAE,OAAgB,EAAE,EAAE;IACrE,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC;IACjC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAE3G,MAAM,gBAAgB,GAAG,CACxB,MAAc,EACd,GAAW,EACX,KAAyB,EACzB,GAAuB,EACtB,EAAE;QACH,MAAM,OAAO,GAAG;YACf,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;YACnC,GAAG,EAAE,WAAW,EAAE;YAClB,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,GAAG;YACR,KAAK,EAAE,KAAK;YACZ,GAAG,EAAE,GAAG;SACR,CAAC;QAEF,OAAO,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAC7D,CAAC,CAAC;IAEF,OAAO,KAAK,EAAE,MAAc,EAAE,GAAW,EAAE,KAAyB,EAAE,GAAuB,EAAE,EAAE;QAChG,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;QAEhE,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CACtC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAC5C,MAAM,UAAU,EAChB,OAAO,CAAC,MAAM,CAAC,YAAY,GAAG,GAAG,GAAG,aAAa,CAAC,CAClD,CAAC;QAEF,MAAM,eAAe,GAAG,WAAW,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;QAE5D,OAAO,YAAY,GAAG,GAAG,GAAG,aAAa,GAAG,GAAG,GAAG,eAAe,CAAC;IACnE,CAAC,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,MAAc,EAAE,OAAgB,EAAE,YAAsB,EAAgB,EAAE;IACzG,MAAM,MAAM,GAAG,QAAQ,CAAC,UAAU,CAAC;IACnC,MAAM,OAAO,GAAG,QAAQ,CAAC,YAAY,CAAC;IAEtC,MAAM,IAAI,GAAG,iBAAiB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEhD,OAAO,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAY,IAAI,IAAI,IAAI,IAAI,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAErG,MAAM,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACjE,MAAM,GAAG,GAAG,mBAAmB,EAAE,UAAU,CAAC,OAAO,CAAC;YACnD,CAAC,CAAC,MAAM,QAAQ,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC9C,CAAC,CAAC,SAAS,CAAC;QAEb,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;QAChC,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAEhC,uEAAuE;QACvE,wEAAwE;QACxE,kBAAkB;QAClB,IAAI,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACnC,IAAI,QAAQ,EAAE,CAAC;YACd,MAAM,QAAQ,CAAC,OAAO,CAAC;YACvB,QAAQ,GAAG,SAAS,CAAC;QACtB,CAAC;QAED,gDAAgD;QAChD,IAAI,SAA6B,CAAC;QAClC,IAAI,gBAAgB,GAAG,KAAK,CAAC;QAC7B,IAAI,CAAC;YACJ,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;YAErD,SAAS,GAAG,KAAK,CAAC;YAElB,wEAAwE;YACxE,4DAA4D;YAC5D,EAAE;YACF,0EAA0E;YAC1E,0EAA0E;YAC1E,wBAAwB;YACxB,EAAE;YACF,uEAAuE;YACvE,uEAAuE;YACvE,wEAAwE;YACxE,eAAe;YACf,EAAE;YACF,0EAA0E;YAC1E,kBAAkB;YAClB,gBAAgB,GAAG,MAAM,GAAG,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;YACR,iEAAiE;QAClE,CAAC;QAED,IAAI,gBAAgB,EAAE,CAAC;YACtB,mDAAmD;YACnD,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC;QAC3D,CAAC;QAED,IAAI,SAAwB,CAAC;QAC7B,IAAI,CAAC;YACJ,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;YAC1D,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YAEvC,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAC;YAE1C,SAAS,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YACnD,IAAI,SAAS,KAAK,IAAI,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;gBACnD,yEAAyE;gBACzE,gDAAgD;gBAEhD,OAAO,YAAY,CAAC;YACrB,CAAC;YAED,4CAA4C;YAC5C,IAAI,CAAC;gBACJ,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YAC/B,CAAC;YAAC,MAAM,CAAC;gBACR,sBAAsB;YACvB,CAAC;YAED,MAAM,WAAW,GAAG,MAAM,mBAAmB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;YAC1E,IAAI,CAAC,WAAW,EAAE,CAAC;gBAClB,6DAA6D;gBAE7D,OAAO,YAAY,CAAC;YACrB,CAAC;YAED,IAAI,KAAK,KAAK,OAAO,IAAI,IAAI,EAAE,IAAI,YAAY,cAAc,EAAE,CAAC;gBAC/D,2EAA2E;gBAC3E,wEAAwE;gBACxE,2EAA2E;gBAC3E,6EAA6E;gBAE7E,OAAO,YAAY,CAAC;YACrB,CAAC;QACF,CAAC;gBAAS,CAAC;YACV,oCAAoC;YACpC,IAAI,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;gBACvB,QAAQ,CAAC,OAAO,EAAE,CAAC;YACpB,CAAC;QACF,CAAC;QAED,yEAAyE;QACzE,yDAAyD;QACzD,CAAC;YACA,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;YAC1D,MAAM,WAAW,GAAG,IAAI,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YAC7C,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YAE3C,OAAO,MAAM,KAAK,CAAC,WAAW,CAAC,CAAC;QACjC,CAAC;IACF,CAAC,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,mBAAmB,GAAG,KAAK,EAAE,QAAkB,EAAE,YAAsB,EAAoB,EAAE;IAClG,0DAA0D;IAC1D,iFAAiF;IACjF,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,KAAK,EAAE,CAAC;QAC1D,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC7B,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YACzD,IAAI,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjC,OAAO,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAC,CAAC;YACnD,CAAC;QACF,CAAC;IACF,CAAC;IAED,iFAAiF;IACjF,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;QACzD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,kBAAkB,EAAE,CAAC;YAC5F,IAAI,CAAC;gBACJ,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,CAAC;gBAC3C,OAAO,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,EAAE,CAAC,OAAO,CAAC,KAAK,gBAAgB,CAAC;YACzE,CAAC;YAAC,MAAM,CAAC;gBACR,kEAAkE;gBAClE,OAAO,KAAK,CAAC;YACd,CAAC;QACF,CAAC;IACF,CAAC;IAED,OAAO,KAAK,CAAC;AACd,CAAC,CAAC"}
|
package/dist/store/db.js
CHANGED
|
@@ -11,7 +11,7 @@ const parse = (raw) => {
|
|
|
11
11
|
export const createOAuthDatabase = ({ name }) => {
|
|
12
12
|
const controller = new AbortController();
|
|
13
13
|
const signal = controller.signal;
|
|
14
|
-
const createStore = (subname, expiresAt) => {
|
|
14
|
+
const createStore = (subname, expiresAt, persistUpdatedAt = false) => {
|
|
15
15
|
let store;
|
|
16
16
|
const storageKey = `${name}:${subname}`;
|
|
17
17
|
const persist = () => store && localStorage.setItem(storageKey, JSON.stringify(store));
|
|
@@ -75,11 +75,28 @@ export const createOAuthDatabase = ({ name }) => {
|
|
|
75
75
|
}
|
|
76
76
|
return item.value;
|
|
77
77
|
},
|
|
78
|
+
getWithLapsed(key) {
|
|
79
|
+
read();
|
|
80
|
+
const item = store[key];
|
|
81
|
+
const now = Date.now();
|
|
82
|
+
if (!item) {
|
|
83
|
+
return [undefined, Infinity];
|
|
84
|
+
}
|
|
85
|
+
const updatedAt = item.updatedAt;
|
|
86
|
+
if (updatedAt === undefined) {
|
|
87
|
+
return [item.value, Infinity];
|
|
88
|
+
}
|
|
89
|
+
if (now > updatedAt) {
|
|
90
|
+
return [undefined, now - updatedAt];
|
|
91
|
+
}
|
|
92
|
+
return [item.value, 0];
|
|
93
|
+
},
|
|
78
94
|
set(key, value) {
|
|
79
95
|
read();
|
|
80
96
|
const item = {
|
|
81
|
-
expiresAt: expiresAt(value),
|
|
82
97
|
value: value,
|
|
98
|
+
expiresAt: expiresAt(value),
|
|
99
|
+
updatedAt: persistUpdatedAt ? Date.now() : undefined,
|
|
83
100
|
};
|
|
84
101
|
store[key] = item;
|
|
85
102
|
persist();
|
|
@@ -108,7 +125,10 @@ export const createOAuthDatabase = ({ name }) => {
|
|
|
108
125
|
return token.expires_at ?? null;
|
|
109
126
|
}),
|
|
110
127
|
states: createStore('states', (_item) => Date.now() + 10 * 60 * 1_000), // 10 minutes
|
|
111
|
-
|
|
128
|
+
// The reference PDS have nonces that expire after 3 minutes, while other
|
|
129
|
+
// implementations can have varying expiration times.
|
|
130
|
+
// Stored for 24 hours.
|
|
131
|
+
dpopNonces: createStore('dpopNonces', (_item) => Date.now() + 24 * 60 * 60 * 1_000, true),
|
|
112
132
|
inflightDpop: new Map(),
|
|
113
133
|
};
|
|
114
134
|
};
|
package/dist/store/db.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"db.js","sourceRoot":"","sources":["../../lib/store/db.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"db.js","sourceRoot":"","sources":["../../lib/store/db.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAmC5C,MAAM,KAAK,GAAG,CAAC,GAAkB,EAAE,EAAE;IACpC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QACjB,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,IAAI,MAAM,IAAI,IAAI,EAAE,CAAC;YACpB,OAAO,MAAM,CAAC;QACf,CAAC;IACF,CAAC;IAED,OAAO,EAAE,CAAC;AACX,CAAC,CAAC;AAIF,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,EAAE,IAAI,EAAwB,EAAE,EAAE;IACrE,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;IAEjC,MAAM,WAAW,GAAG,CACnB,OAAU,EACV,SAAsD,EACtD,gBAAgB,GAAG,KAAK,EAC4B,EAAE;QACtD,IAAI,KAAU,CAAC;QAEf,MAAM,UAAU,GAAG,GAAG,IAAI,IAAI,OAAO,EAAE,CAAC;QAExC,MAAM,OAAO,GAAG,GAAG,EAAE,CAAC,KAAK,IAAI,YAAY,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;QACvF,MAAM,IAAI,GAAG,GAAG,EAAE;YACjB,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;YACjC,CAAC;YAED,OAAO,CAAC,KAAK,KAAK,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC5D,CAAC,CAAC;QAEF,CAAC;YACA,MAAM,QAAQ,GAAG,CAAC,EAAgB,EAAE,EAAE;gBACrC,IAAI,EAAE,CAAC,GAAG,KAAK,UAAU,EAAE,CAAC;oBAC3B,KAAK,GAAG,SAAS,CAAC;gBACnB,CAAC;YACF,CAAC,CAAC;YAEF,UAAU,CAAC,gBAAgB,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,CAAC;YACA,MAAM,OAAO,GAAG,KAAK,EAAE,IAAwB,EAAE,EAAE;gBAClD,IAAI,CAAC,IAAI,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;oBAC7B,OAAO;gBACR,CAAC;gBAED,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC;gBAC5D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;oBACpB,OAAO;gBACR,CAAC;gBAED,IAAI,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBACrB,IAAI,OAAO,GAAG,KAAK,CAAC;gBAEpB,IAAI,EAAE,CAAC;gBAEP,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;oBACzB,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC;oBACxB,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;oBAEjC,IAAI,SAAS,KAAK,IAAI,IAAI,GAAG,GAAG,SAAS,EAAE,CAAC;wBAC3C,OAAO,GAAG,IAAI,CAAC;wBACf,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC;oBACnB,CAAC;gBACF,CAAC;gBAED,IAAI,OAAO,EAAE,CAAC;oBACb,OAAO,EAAE,CAAC;gBACX,CAAC;YACF,CAAC,CAAC;YAEF,IAAI,KAAK,EAAE,CAAC;gBACX,KAAK,CAAC,OAAO,CAAC,GAAG,UAAU,UAAU,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,OAAO,CAAC,CAAC;YACxE,CAAC;iBAAM,CAAC;gBACP,OAAO,CAAC,IAAI,CAAC,CAAC;YACf,CAAC;QACF,CAAC;QAED,OAAO;YACN,GAAG,CAAC,GAAG;gBACN,IAAI,EAAE,CAAC;gBAEP,MAAM,IAAI,GAAmC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACxD,IAAI,CAAC,IAAI,EAAE,CAAC;oBACX,OAAO;gBACR,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;gBACjC,IAAI,SAAS,KAAK,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,EAAE,CAAC;oBAClD,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC;oBAClB,OAAO,EAAE,CAAC;oBAEV,OAAO;gBACR,CAAC;gBAED,OAAO,IAAI,CAAC,KAAK,CAAC;YACnB,CAAC;YACD,aAAa,CAAC,GAAG;gBAChB,IAAI,EAAE,CAAC;gBAEP,MAAM,IAAI,GAAmC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACxD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBACvB,IAAI,CAAC,IAAI,EAAE,CAAC;oBACX,OAAO,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;gBAC9B,CAAC;gBAED,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;gBACjC,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;oBAC7B,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;gBAC/B,CAAC;gBACD,IAAI,GAAG,GAAG,SAAS,EAAE,CAAC;oBACrB,OAAO,CAAC,SAAS,EAAE,GAAG,GAAG,SAAS,CAAC,CAAC;gBACrC,CAAC;gBAED,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;YACxB,CAAC;YACD,GAAG,CAAC,GAAG,EAAE,KAAK;gBACb,IAAI,EAAE,CAAC;gBAEP,MAAM,IAAI,GAAmC;oBAC5C,KAAK,EAAE,KAAK;oBACZ,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC;oBAC3B,SAAS,EAAE,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS;iBACpD,CAAC;gBAEF,KAAK,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;gBAClB,OAAO,EAAE,CAAC;YACX,CAAC;YACD,MAAM,CAAC,GAAG;gBACT,IAAI,EAAE,CAAC;gBAEP,IAAI,KAAK,CAAC,GAAG,CAAC,KAAK,SAAS,EAAE,CAAC;oBAC9B,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC;oBAClB,OAAO,EAAE,CAAC;gBACX,CAAC;YACF,CAAC;YACD,IAAI;gBACH,IAAI,EAAE,CAAC;gBAEP,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC3B,CAAC;SACD,CAAC;IACH,CAAC,CAAC;IAEF,OAAO;QACN,OAAO,EAAE,GAAG,EAAE;YACb,UAAU,CAAC,KAAK,EAAE,CAAC;QACpB,CAAC;QAED,QAAQ,EAAE,WAAW,CAAC,UAAU,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE;YAC/C,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;gBACnB,OAAO,IAAI,CAAC;YACb,CAAC;YAED,OAAO,KAAK,CAAC,UAAU,IAAI,IAAI,CAAC;QACjC,CAAC,CAAC;QACF,MAAM,EAAE,WAAW,CAAC,QAAQ,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,KAAK,CAAC,EAAE,aAAa;QAErF,yEAAyE;QACzE,qDAAqD;QACrD,uBAAuB;QACvB,UAAU,EAAE,WAAW,CAAC,YAAY,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,KAAK,EAAE,IAAI,CAAC;QACzF,YAAY,EAAE,IAAI,GAAG,EAAsC;KAC3D,CAAC;AACH,CAAC,CAAC"}
|
package/dist/types/store.d.ts
CHANGED
package/lib/dpop.ts
CHANGED
|
@@ -84,16 +84,33 @@ export const createDPoPFetch = (issuer: string, dpopKey: DPoPKey, isAuthServer?:
|
|
|
84
84
|
|
|
85
85
|
// Get our persisted nonce value for this origin
|
|
86
86
|
let initNonce: string | undefined;
|
|
87
|
+
let expiredOrMissing = false;
|
|
87
88
|
try {
|
|
88
|
-
|
|
89
|
+
const [nonce, lapsed] = nonces.getWithLapsed(origin);
|
|
90
|
+
|
|
91
|
+
initNonce = nonce;
|
|
92
|
+
|
|
93
|
+
// The problem with DPoP nonces is that we don't have insight as to when
|
|
94
|
+
// they'll expire, either we have a nonce value or we don't.
|
|
95
|
+
//
|
|
96
|
+
// Which is very unfortunate, if the client makes multiple requests at the
|
|
97
|
+
// same time, there's a chance that all of them will fail due to the nonce
|
|
98
|
+
// value having expired.
|
|
99
|
+
//
|
|
100
|
+
// To make this less painful, if it's been over 3 minutes since we last
|
|
101
|
+
// had a nonce value, or we never had one to begin with, we'll let this
|
|
102
|
+
// request through and defer everyone else until we get a possibly fresh
|
|
103
|
+
// nonce value.
|
|
104
|
+
//
|
|
105
|
+
// 3 minutes being the DPoP nonce expiration time set by the reference PDS
|
|
106
|
+
// implementation.
|
|
107
|
+
expiredOrMissing = lapsed > 3 * 60 * 1_000;
|
|
89
108
|
} catch {
|
|
90
109
|
// Ignore read errors, we'll just act like we're missing a nonce.
|
|
91
110
|
}
|
|
92
111
|
|
|
93
|
-
if (
|
|
94
|
-
//
|
|
95
|
-
// up with multiple failing requests.
|
|
96
|
-
|
|
112
|
+
if (expiredOrMissing) {
|
|
113
|
+
// Defer everyone else until this request finishes.
|
|
97
114
|
pending.set(origin, (deferred = Promise.withResolvers()));
|
|
98
115
|
}
|
|
99
116
|
|
package/lib/store/db.ts
CHANGED
|
@@ -13,6 +13,7 @@ export interface OAuthDatabaseOptions {
|
|
|
13
13
|
interface SchemaItem<T> {
|
|
14
14
|
value: T;
|
|
15
15
|
expiresAt: number | null;
|
|
16
|
+
updatedAt?: number;
|
|
16
17
|
}
|
|
17
18
|
|
|
18
19
|
interface Schema {
|
|
@@ -58,6 +59,7 @@ export const createOAuthDatabase = ({ name }: OAuthDatabaseOptions) => {
|
|
|
58
59
|
const createStore = <N extends keyof Schema>(
|
|
59
60
|
subname: N,
|
|
60
61
|
expiresAt: (item: Schema[N]['value']) => null | number,
|
|
62
|
+
persistUpdatedAt = false,
|
|
61
63
|
): SimpleStore<Schema[N]['key'], Schema[N]['value']> => {
|
|
62
64
|
let store: any;
|
|
63
65
|
|
|
@@ -139,12 +141,32 @@ export const createOAuthDatabase = ({ name }: OAuthDatabaseOptions) => {
|
|
|
139
141
|
|
|
140
142
|
return item.value;
|
|
141
143
|
},
|
|
144
|
+
getWithLapsed(key) {
|
|
145
|
+
read();
|
|
146
|
+
|
|
147
|
+
const item: SchemaItem<Schema[N]['value']> = store[key];
|
|
148
|
+
const now = Date.now();
|
|
149
|
+
if (!item) {
|
|
150
|
+
return [undefined, Infinity];
|
|
151
|
+
}
|
|
152
|
+
|
|
153
|
+
const updatedAt = item.updatedAt;
|
|
154
|
+
if (updatedAt === undefined) {
|
|
155
|
+
return [item.value, Infinity];
|
|
156
|
+
}
|
|
157
|
+
if (now > updatedAt) {
|
|
158
|
+
return [undefined, now - updatedAt];
|
|
159
|
+
}
|
|
160
|
+
|
|
161
|
+
return [item.value, 0];
|
|
162
|
+
},
|
|
142
163
|
set(key, value) {
|
|
143
164
|
read();
|
|
144
165
|
|
|
145
166
|
const item: SchemaItem<Schema[N]['value']> = {
|
|
146
|
-
expiresAt: expiresAt(value),
|
|
147
167
|
value: value,
|
|
168
|
+
expiresAt: expiresAt(value),
|
|
169
|
+
updatedAt: persistUpdatedAt ? Date.now() : undefined,
|
|
148
170
|
};
|
|
149
171
|
|
|
150
172
|
store[key] = item;
|
|
@@ -179,7 +201,11 @@ export const createOAuthDatabase = ({ name }: OAuthDatabaseOptions) => {
|
|
|
179
201
|
return token.expires_at ?? null;
|
|
180
202
|
}),
|
|
181
203
|
states: createStore('states', (_item) => Date.now() + 10 * 60 * 1_000), // 10 minutes
|
|
182
|
-
|
|
204
|
+
|
|
205
|
+
// The reference PDS have nonces that expire after 3 minutes, while other
|
|
206
|
+
// implementations can have varying expiration times.
|
|
207
|
+
// Stored for 24 hours.
|
|
208
|
+
dpopNonces: createStore('dpopNonces', (_item) => Date.now() + 24 * 60 * 60 * 1_000, true),
|
|
183
209
|
inflightDpop: new Map<string, PromiseWithResolvers<void>>(),
|
|
184
210
|
};
|
|
185
211
|
};
|
package/lib/types/store.ts
CHANGED
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"type": "module",
|
|
3
3
|
"name": "@atcute/oauth-browser-client",
|
|
4
|
-
"version": "1.0.
|
|
4
|
+
"version": "1.0.14",
|
|
5
5
|
"description": "minimal OAuth browser client implementation for AT Protocol",
|
|
6
6
|
"license": "MIT",
|
|
7
7
|
"repository": {
|
|
@@ -19,10 +19,10 @@
|
|
|
19
19
|
},
|
|
20
20
|
"sideEffects": false,
|
|
21
21
|
"dependencies": {
|
|
22
|
-
"@atcute/client": "^2.0.
|
|
22
|
+
"@atcute/client": "^2.0.8"
|
|
23
23
|
},
|
|
24
24
|
"devDependencies": {
|
|
25
|
-
"@types/bun": "^1.1
|
|
25
|
+
"@types/bun": "^1.2.1"
|
|
26
26
|
},
|
|
27
27
|
"scripts": {
|
|
28
28
|
"build": "tsc --project tsconfig.build.json",
|