npm - @atcute/oauth-browser-client - Versions diffs - 2.0.2 → 3.0.0 - Mend

@atcute/oauth-browser-client 2.0.2 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (85) hide show

package/README.md +100 -244
package/dist/agents/exchange.d.ts +2 -1
package/dist/agents/exchange.d.ts.map +1 -1
package/dist/agents/exchange.js +3 -4
package/dist/agents/exchange.js.map +1 -1
package/dist/agents/server-agent.d.ts +5 -5
package/dist/agents/server-agent.d.ts.map +1 -1
package/dist/agents/server-agent.js +5 -9
package/dist/agents/server-agent.js.map +1 -1
package/dist/agents/sessions.d.ts.map +1 -1
package/dist/agents/sessions.js +16 -1
package/dist/agents/sessions.js.map +1 -1
package/dist/agents/user-agent.js +2 -2
package/dist/agents/user-agent.js.map +1 -1
package/dist/dpop.d.ts +2 -4
package/dist/dpop.d.ts.map +1 -1
package/dist/dpop.js +6 -79
package/dist/dpop.js.map +1 -1
package/dist/environment.d.ts +3 -3
package/dist/environment.d.ts.map +1 -1
package/dist/environment.js.map +1 -1
package/dist/index.d.ts +3 -11
package/dist/index.d.ts.map +1 -1
package/dist/index.js +1 -11
package/dist/index.js.map +1 -1
package/dist/resolvers.d.ts +92 -4
package/dist/resolvers.d.ts.map +1 -1
package/dist/resolvers.js +7 -7
package/dist/resolvers.js.map +1 -1
package/dist/store/db.d.ts +49 -6
package/dist/store/db.d.ts.map +1 -1
package/dist/types/client-assertion.d.ts +2 -3
package/dist/types/client-assertion.d.ts.map +1 -1
package/dist/types/server.d.ts +2 -56
package/dist/types/server.d.ts.map +1 -1
package/dist/types/token.d.ts +8 -20
package/dist/types/token.d.ts.map +1 -1
package/dist/utils/dpop-key.d.ts +10 -0
package/dist/utils/dpop-key.d.ts.map +1 -0
package/dist/utils/dpop-key.js +13 -0
package/dist/utils/dpop-key.js.map +1 -0
package/dist/utils/runtime.d.ts +0 -6
package/dist/utils/runtime.d.ts.map +1 -1
package/dist/utils/runtime.js +0 -16
package/dist/utils/runtime.js.map +1 -1
package/lib/agents/exchange.ts +10 -11
package/lib/agents/server-agent.ts +14 -17
package/lib/agents/sessions.ts +23 -2
package/lib/agents/user-agent.ts +2 -2
package/lib/dpop.ts +7 -108
package/lib/environment.ts +3 -3
package/lib/index.ts +12 -12
package/lib/resolvers.ts +15 -13
package/lib/store/db.ts +6 -6
package/lib/types/client-assertion.ts +2 -4
package/lib/types/server.ts +2 -57
package/lib/types/token.ts +10 -24
package/lib/utils/dpop-key.ts +24 -0
package/lib/utils/runtime.ts +0 -22
package/package.json +12 -8
package/dist/types/client.d.ts +0 -38
package/dist/types/client.d.ts.map +0 -1
package/dist/types/client.js +0 -2
package/dist/types/client.js.map +0 -1
package/dist/types/dpop.d.ts +0 -10
package/dist/types/dpop.d.ts.map +0 -1
package/dist/types/dpop.js +0 -2
package/dist/types/dpop.js.map +0 -1
package/dist/types/identity.d.ts +0 -6
package/dist/types/identity.d.ts.map +0 -1
package/dist/types/identity.js +0 -2
package/dist/types/identity.js.map +0 -1
package/dist/types/par.d.ts +0 -5
package/dist/types/par.d.ts.map +0 -1
package/dist/types/par.js +0 -2
package/dist/types/par.js.map +0 -1
package/dist/utils/identity-resolver.d.ts +0 -7
package/dist/utils/identity-resolver.d.ts.map +0 -1
package/dist/utils/identity-resolver.js +0 -8
package/dist/utils/identity-resolver.js.map +0 -1
package/lib/types/client.ts +0 -82
package/lib/types/dpop.ts +0 -9
package/lib/types/identity.ts +0 -12
package/lib/types/par.ts +0 -4
package/lib/utils/identity-resolver.ts +0 -12

package/README.md CHANGED Viewed

@@ -1,32 +1,47 @@
 # @atcute/oauth-browser-client
-minimal OAuth browser client implementation for AT Protocol.
-- **only the bare minimum**: enough code to get authentication reasonably working, with only one
-  happy path is supported (only ES256 keys for DPoP. PKCE and DPoP-bound PAR is required.)
-- **does not use IndexedDB**: makes the library work under Safari's lockdown mode, and has less
-  maintenance headache overall, but it also means this is "less secure" (it won't be able to use
-  non-exportable keys as recommended by [DPoP specification][idb-dpop-spec].)
-- **not well-tested**: it has been used in personal projects and by friends for quite some time, but
-  hasn't seen any use outside of that. using the [reference implementation][oauth-atproto-lib] is
-  recommended if you are unsure about the implications presented here.
-[idb-dpop-spec]: https://datatracker.ietf.org/doc/html/rfc9449#section-2-4
-[oauth-atproto-lib]: https://npm.im/@atproto/oauth-client-browser
+minimal OAuth browser client for AT Protocol.
+```sh
+npm install @atcute/oauth-browser-client
+```
+## client metadata
+your app needs an OAuth client metadata document hosted at a public URL. this tells authorization
+servers about your app:
+```json
+{
+	"client_id": "https://example.com/oauth-client-metadata.json",
+	"client_name": "My App",
+	"client_uri": "https://example.com",
+	"redirect_uris": ["https://example.com/oauth/callback"],
+	"scope": "atproto transition:generic",
+	"grant_types": ["authorization_code", "refresh_token"],
+	"response_types": ["code"],
+	"token_endpoint_auth_method": "none",
+	"application_type": "web",
+	"dpop_bound_access_tokens": true
+}
+```
+the `client_id` must be the URL where this document is hosted. see the
+[OAuth client metadata spec](https://docs.bsky.app/docs/advanced-guides/oauth-client#client-metadata)
+for all available fields.
 ## usage
-### setup
+### configuration
-initialize the client by importing and calling `configureOAuth` with the client ID and redirect URL,
-along with the resolvers that will be used to resolve and verify account details. this call should
-be placed before any other calls you make with this library.
+call `configureOAuth` before using any other functions from this library:
 ```ts
-import { configureOAuth, defaultIdentityResolver } from '@atcute/oauth-browser-client';
+import { configureOAuth } from '@atcute/oauth-browser-client';
 import {
 	CompositeDidDocumentResolver,
+	LocalActorResolver,
 	PlcDidDocumentResolver,
 	WebDidDocumentResolver,
 	XrpcHandleResolver,
@@ -37,16 +52,10 @@ configureOAuth({
 		client_id: 'https://example.com/oauth-client-metadata.json',
 		redirect_uri: 'https://example.com/oauth/callback',
 	},
-	identityResolver: defaultIdentityResolver({
-		// AT Protocol handles resolve via DNS TXT record or HTTP well-known endpoints.
-		// since web apps lack direct DNS access and face CORS restrictions, we're using
-		// Bluesky's AppView for this example.
-		//
-		// NOTE: Bluesky may log handle resolutions and requester info per their privacy
-		// policy. consider the privacy implications of this arrangement and change this
-		// setup if unsuitable for your use case.
-		handleResolver: new XrpcHandleResolver({ serviceUrl: 'https://public.api.bsky.app' }),
+	identityResolver: new LocalActorResolver({
+		handleResolver: new XrpcHandleResolver({
+			serviceUrl: 'https://public.api.bsky.app',
+		}),
 		didDocumentResolver: new CompositeDidDocumentResolver({
 			methods: {
 				plc: new PlcDidDocumentResolver(),
@@ -57,104 +66,63 @@ configureOAuth({
 });
 ```
-### starting an authorization flow
+> [!NOTE]
+> this example uses Bluesky's AppView for handle resolution since web apps lack direct DNS access.
+> Bluesky may log handle resolutions per their privacy policy - consider the implications for your
+> use case.
-we can start authorization by calling `createAuthorizationUrl` with the intended account's
-identifier or service along with the scope of the authorization, which should either match the one
-in your client metadata, or a reduced set of it.
+### starting authorization
 ```ts
 import { createAuthorizationUrl } from '@atcute/oauth-browser-client';
 const authUrl = await createAuthorizationUrl({
 	target: { type: 'account', identifier: 'mary.my.id' },
-	//   or { type: 'pds', serviceUrl: 'https://bsky.social' }
 	scope: 'atproto transition:generic transition:chat.bsky',
 });
-// recommended to wait for the browser to persist local storage before proceeding
-await sleep(200);
-// redirect the user to sign in and authorize the app
+await sleep(200); // let browser persist local storage
 window.location.assign(authUrl);
-// if this is on an async function, ideally the function should never ever resolve.
-// the only way it should resolve at this point is if the user aborted the authorization
-// by returning back to this page (thanks to back-forward page caching)
-await new Promise((_resolve, reject) => {
-	const listener = () => {
-		reject(new Error(`user aborted the login request`));
-	};
-	window.addEventListener('pageshow', listener, { once: true });
-});
 ```
 ### finalizing authorization
-once the user has been redirected to your redirect URL, we can call `finalizeAuthorization` with the
-parameters that have been provided.
+on your redirect URL, extract the parameters and finalize:
 ```ts
-import { XRPC } from '@atcute/client';
+import { Client } from '@atcute/client';
 import { OAuthUserAgent, finalizeAuthorization } from '@atcute/oauth-browser-client';
-// `createAuthorizationUrl` asks for the server to redirect here with the
-// parameters assigned in the hash, not the search string.
+// server redirects with params in hash, not search string
 const params = new URLSearchParams(location.hash.slice(1));
-// this is optional, but after retrieving the parameters, we should ideally
-// scrub it from history to prevent this authorization state to be replayed,
-// just for good measure.
+// scrub params from URL to prevent replay
 history.replaceState(null, '', location.pathname + location.search);
-// you'd be given a session object that you can then pass to OAuthUserAgent!
-const session = await finalizeAuthorization(params);
-// now you can start making requests!
+const { session } = await finalizeAuthorization(params);
 const agent = new OAuthUserAgent(session);
+const rpc = new Client({ handler: agent });
-// pass it onto the XRPC so you can make RPC calls with the PDS.
-{
-	const rpc = new XRPC({ handler: agent });
-	const { data } = await rpc.get('com.atproto.identity.resolveHandle', {
-		params: {
-			handle: 'mary.my.id',
-		},
-	});
-}
-// or, use it directly!
-{
-	const response = await agent.handle('/xrpc/com.atproto.identity.resolveHandle?handle=mary.my.id');
-}
+const { data } = await rpc.get('com.atproto.identity.resolveHandle', {
+	params: { handle: 'mary.my.id' },
+});
 ```
-the `session` object returned by `finalizeAuthorization` should not be stored anywhere else, as it
-is already persisted in the internal database. you are expected to keep track of who's signed in and
-who was last signed in for your own UI, as the sessions stored by the database is not guaranteed to
-be permanent (mostly if they don't come with a refresh token.)
-### resuming existing sessions
+the session is persisted internally - don't store it elsewhere. track signed-in DIDs yourself for
+your UI, as sessions without refresh tokens may expire.
-you can resume existing sessions by calling `getSession` with the DID identifier you intend to
-resume.
+### resuming sessions
 ```ts
-import { XRPC } from '@atcute/client';
 import { OAuthUserAgent, getSession } from '@atcute/oauth-browser-client';
-const session = await getSession('did:plc:ia76kvnndjutgedggx2ibrem', { allowStale: true });
+const session = await getSession('did:plc:ia76kvnndjutgedggx2ibrem', {
+	allowStale: true,
+});
 const agent = new OAuthUserAgent(session);
-const rpc = new XRPC({ handler: agent });
 ```
-### removing sessions
-you can manually remove sessions via `deleteStoredSession`, but ideally, you should revoke the token
-first before doing so.
+### signing out
 ```ts
 import { OAuthUserAgent, deleteStoredSession, getSession } from '@atcute/oauth-browser-client';
@@ -164,49 +132,39 @@ const did = 'did:plc:ia76kvnndjutgedggx2ibrem';
 try {
 	const session = await getSession(did, { allowStale: true });
 	const agent = new OAuthUserAgent(session);
 	await agent.signOut();
-} catch (err) {
-	// `signOut` also deletes the session, we only serve as fallback if it fails.
-	deleteStoredSession(did);
+} catch {
+	deleteStoredSession(did); // fallback if signOut fails
 }
 ```
-## confidential client mode (optional)
+## confidential client mode
-by default, `@atcute/oauth-browser-client` operates as a **public client**, resulting in shorter
-session lifetimes by authorization servers as it's deemed to be unable to securely store
-credentials.
+by default, this library operates as a **public client** with shorter session lifetimes. for
+longer-lived sessions, set up a [client assertion backend][client-assertion-backend] to enable
+**confidential client mode**.
-if you want longer-lived sessions and better security controls, you can enable **confidential client
-mode** by setting up a [client assertion backend](client-assertion-backend).
+[client-assertion-backend]:
+	https://github.com/bluesky-social/proposals/tree/main/0010-client-assertion-backend
-[client-assertion-backend]: https://github.com/bluesky-social/proposals/tree/main/0010-client-assertion-backend
-### setup
-configure the client with a function to fetch client assertions from your backend:
+add `fetchClientAssertion` to your config. the backend API is entirely up to you - this is just one
+example:
 ```ts
-import { configureOAuth } from '@atcute/oauth-browser-client';
 configureOAuth({
 	// ... existing config
-	async fetchClientAssertion({ jkt, aud, createDpopProof }) {
-		const dpop = await createDpopProof('https://example.com/api/client-assertion');
+	async fetchClientAssertion({ aud, createDpopProof }) {
+		const htu = 'https://example.com/api/client-assertion';
+		const dpop = await createDpopProof(htu);
-		const response = await fetch('https://example.com/api/client-assertion', {
+		const response = await fetch(htu, {
 			method: 'POST',
-			headers: {
-				dpop: dpop,
-				'content-type': 'application/json',
-			},
-			body: JSON.stringify({ jkt, aud }),
+			headers: { dpop, 'content-type': 'application/json' },
+			body: JSON.stringify({ aud }),
 		});
 		const data = await response.json();
 		return {
 			client_assertion_type: 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
 			client_assertion: data.assertion,
@@ -215,127 +173,41 @@ configureOAuth({
 });
 ```
-the backend API is completely up to you—there's no standardized spec. design it however works best
-for your infrastructure (authentication, request format, error handling, etc.)
+your backend validates the dpop proof and signs a client assertion jwt containing `iss`, `sub` (both
+your client id), `aud` (authorization server), `exp`, `jti` (unique nonce), and `cnf: { jkt }` (the
+allowed key thumbprint derived from the proof).
-your backend needs to validate the incoming DPoP proof and sign a client assertion JWT with the
-following interface:
+update your client metadata for confidential mode - replace `token_endpoint_auth_method` with
+`private_key_jwt`, add `token_endpoint_auth_signing_alg: "ES256"`, and add a `jwks_uri` pointing to
+your public keys.
-```ts
-interface ClientAssertionJwt {
-	/** your client ID */
-	iss: string;
-	/** also your client ID */
-	sub: string;
-	/** the authorization server receiving this token */
-	aud: string;
-	/** when this token expires  */
-	exp: number;
-	/** unique nonce */
-	jti: string;
-	/** asserts that this jkt is allowed */
-	cnf: { jkt: string };
-}
-```
+## local development with Vite
-you're able to use the `jkt` to refuse assertions when necessary (suspicious activity, compromised
-code, etc.)
-### client metadata updates
-your OAuth client metadata document must also be updated for confidential clients:
-```json
-{
-	"client_id": "https://example.com/oauth-client-metadata.json",
-	"client_name": "My App",
-	"redirect_uris": ["https://example.com/oauth/callback"],
-	"scope": "atproto transition:generic",
-	"token_endpoint_auth_method": "private_key_jwt",
-	"token_endpoint_auth_signing_alg": "ES256",
-	"jwks_uri": "https://example.com/oauth-jwks.json"
-}
-```
-the `jwks_uri` should expose the public keys used to sign client assertions. it should return a JSON
-Web Key Set (JWKS) document:
-```json
-{
-	"keys": [
-		{
-			"kty": "EC",
-			"crv": "P-256",
-			"x": "base64url-encoded-x-coordinate",
-			"y": "base64url-encoded-y-coordinate",
-			"use": "sig",
-			"kid": "key-identifier",
-			"alg": "ES256"
-		}
-	]
-}
-```
-the public keys in the JWKS must correspond to the private keys your backend uses to sign client
-assertions. multiple keys can be listed to support key rotation.
-## additional guide
-### configuring your Vite project
-you might want to configure the server options in your Vite config so you'll never end up visiting
-your app in `localhost`, which is specifically forbidden by AT Protocol's OAuth, let's change it so
-it'll always use `127.0.0.1`:
+AT Protocol OAuth forbids `localhost` - use `127.0.0.1` instead:
 ```ts
-/// vite.config.ts
+// vite.config.ts
 import { defineConfig } from 'vite';
+import metadata from './public/oauth-client-metadata.json' with { type: 'json' };
 const SERVER_HOST = '127.0.0.1';
 const SERVER_PORT = 12520;
 export default defineConfig({
-	server: {
-		host: SERVER_HOST,
-		port: SERVER_PORT,
-	},
-});
-```
-additionally, to make it easier to develop locally and deploy to production, you should consider
-adding a plugin that'll inject the necessary values for you through environment variables:
-```ts
-/// vite.config.ts
-import metadata from './public/oauth-client-metadata.json' with { type: 'json' };
-export default defineConfig({
-	// ...
+	server: { host: SERVER_HOST, port: SERVER_PORT },
 	plugins: [
-		// injects OAuth-related environment variables
 		{
 			config(_conf, { command }) {
 				if (command === 'build') {
 					process.env.VITE_OAUTH_CLIENT_ID = metadata.client_id;
 					process.env.VITE_OAUTH_REDIRECT_URI = metadata.redirect_uris[0];
 				} else {
-					const redirectUri = (() => {
-						const url = new URL(metadata.redirect_uris[0]);
-						return `http://${SERVER_HOST}:${SERVER_PORT}${url.pathname}`;
-					})();
-					const clientId =
-						`http://localhost` +
-						`?redirect_uri=${encodeURIComponent(redirectUri)}` +
+					const redirectUri = `http://${SERVER_HOST}:${SERVER_PORT}${new URL(metadata.redirect_uris[0]).pathname}`;
+					process.env.VITE_OAUTH_CLIENT_ID =
+						`http://localhost?redirect_uri=${encodeURIComponent(redirectUri)}` +
 						`&scope=${encodeURIComponent(metadata.scope)}`;
-					process.env.VITE_DEV_SERVER_PORT = '' + SERVER_PORT;
-					process.env.VITE_OAUTH_CLIENT_ID = clientId;
 					process.env.VITE_OAUTH_REDIRECT_URI = redirectUri;
 				}
-				process.env.VITE_CLIENT_URI = metadata.client_uri;
 				process.env.VITE_OAUTH_SCOPE = metadata.scope;
 			},
 		},
@@ -343,25 +215,7 @@ export default defineConfig({
 });
 ```
-we'll augment the type declarations to get type-checking on it:
-```ts
-/// src/vite-env.d.ts
-interface ImportMetaEnv {
-	readonly VITE_DEV_SERVER_PORT?: string;
-	readonly VITE_CLIENT_URI: string;
-	readonly VITE_OAUTH_CLIENT_ID: string;
-	readonly VITE_OAUTH_REDIRECT_URI: string;
-	readonly VITE_OAUTH_SCOPE: string;
-}
-interface ImportMeta {
-	readonly env: ImportMetaEnv;
-}
-```
-et voilà! you can now use this to configure the client.
+then use environment variables in your code:
 ```ts
 configureOAuth({
@@ -371,13 +225,15 @@ configureOAuth({
 	},
 	// ...
 });
-// ... later during sign-in process
-const authUrl = await createAuthorizationUrl({
-	// ...
-	scope: import.meta.env.VITE_OAUTH_SCOPE,
-});
 ```
-adjust the code here as necessary, the plugin adds more environment variables than what is actually
-needed, you can remove them if you don't think you'd need it.
+## caveats
+- **minimal implementation**: only ES256 DPoP keys, requires PKCE and DPoP-bound PAR
+- **no IndexedDB**: works in Safari lockdown mode but can't use non-exportable keys as [recommended
+  by DPoP spec][dpop-spec]
+- **limited testing**: works in personal projects but consider the [reference
+  implementation][oauth-atproto-lib] for production
+[dpop-spec]: https://datatracker.ietf.org/doc/html/rfc9449#section-2-4
+[oauth-atproto-lib]: https://npm.im/@atproto/oauth-client-browser

package/dist/agents/exchange.d.ts CHANGED Viewed

@@ -1,4 +1,5 @@
 import type { ActorIdentifier } from '@atcute/lexicons';
+import type { OAuthPrompt } from '@atcute/oauth-types';
 import type { Session } from '../types/token.js';
 export type AuthorizeTargetOptions = {
     type: 'account';
@@ -11,7 +12,7 @@ export interface AuthorizeOptions {
     target: AuthorizeTargetOptions;
     scope: string;
     state?: unknown;
-    prompt?: 'none' | 'login' | 'consent' | 'select_account';
+    prompt?: OAuthPrompt | (string & {});
     display?: 'page' | 'popup' | 'touch' | 'wap';
     locale?: string;
 }

package/dist/agents/exchange.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"exchange.d.ts","sourceRoot":"","sources":["../../lib/agents/exchange.ts"],"names":[],"mappings":"~~AAEA~~,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;~~AAOxD~~,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;~~AAOjD~~,MAAM,MAAM,sBAAsB,GAC/B;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,UAAU,EAAE,eAAe,CAAA;CAAE,GAChD;IAAE,IAAI,EAAE,KAAK,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,CAAC;AAEvC,MAAM,WAAW,gBAAgB;IAChC,MAAM,EAAE,sBAAsB,CAAC;IAC/B,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,MAAM,CAAC,EAAE,~~MAAM~~,GAAG,~~OAAO~~,~~GAAG~~,~~SAAS,~~GAAG,~~gBAAgB~~,CAAC;~~IACzD~~,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,OAAO,GAAG,KAAK,CAAC;IAC7C,MAAM,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,6CAwDlC,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,qBAAqB;;;EA8CjC,CAAC"}
1	+ {"version":3,"file":"exchange.d.ts","sourceRoot":"","sources":["../../lib/agents/exchange.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAExD,OAAO,KAAK,EAAoC,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAOzF,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAKjD,MAAM,MAAM,sBAAsB,GAC/B;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,UAAU,EAAE,eAAe,CAAA;CAAE,GAChD;IAAE,IAAI,EAAE,KAAK,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,CAAC;AAEvC,MAAM,WAAW,gBAAgB;IAChC,MAAM,EAAE,sBAAsB,CAAC;IAC/B,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,MAAM,CAAC,EAAE,WAAW,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IACrC,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,OAAO,GAAG,KAAK,CAAC;IAC7C,MAAM,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,6CAwDlC,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,qBAAqB;;;EA8CjC,CAAC"}

package/dist/agents/exchange.js CHANGED Viewed

@@ -1,8 +1,7 @@
+import { generateDpopKey, generatePkce } from '@atcute/oauth-crypto';
 import { nanoid } from 'nanoid';
-import { createES256Key } from '../dpop.js';
 import { CLIENT_ID, database, REDIRECT_URI } from '../environment.js';
 import { AuthorizationError, LoginError } from '../errors.js';
-import { generatePKCE } from '../utils/runtime.js';
 import { resolveFromIdentifier, resolveFromService } from '../resolvers.js';
 import { OAuthServerAgent } from './server-agent.js';
 import { storeSession } from './sessions.js';
@@ -30,8 +29,8 @@ export const createAuthorizationUrl = async (options) => {
             : identity.did
         : undefined;
     const sid = nanoid(24);
-    const pkce = await generatePKCE();
-    const dpopKey = await createES256Key();
+    const pkce = await generatePkce();
+    const dpopKey = await generateDpopKey(['ES256']);
     const params = {
         display: reqs.display,
         ui_locales: reqs.locale,

package/dist/agents/exchange.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"exchange.js","sourceRoot":"","sources":["../../lib/agents/exchange.ts"],"names":[],"mappings":"~~AAAA~~,OAAO,EAAE,~~MAAM~~,EAAE,MAAM,~~QAAQ~~,CAAC;~~AAIhC~~,OAAO,EAAE,~~cAAc~~,EAAE,MAAM,~~YAAY~~,CAAC;~~AAC5C~~,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;~~AAI9D~~,OAAO,EAAE,~~YAAY,EAAE,MAAM,~~qBAAqB,~~CAAC;AAEnD,OAAO,~~EAAE,~~qBAAqB,EAAE,~~kBAAkB,EAAE,MAAM,iBAAiB,CAAC;~~AAC5E~~,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAe7C;;;;GAIG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,KAAK,EAAE,OAAyB,EAAgB,EAAE,CAAC;IACxF,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,GAAG,IAAI,EAAE,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;IAEzD,IAAI,~~QAAgF~~,CAAC;~~IACrF~~,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;QACrB,KAAK,SAAS,EAAE,CAAC;YAChB,QAAQ,GAAG,MAAM,qBAAqB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YAC1D,MAAM;QACP,CAAC;QACD,KAAK,KAAK,EAAE,CAAC;YACZ,QAAQ,GAAG,MAAM,kBAAkB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QACxD,CAAC;IACF,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,QAAQ,CAAC;IACxC,MAAM,SAAS,GAAG,QAAQ;QACzB,CAAC,CAAC,QAAQ,CAAC,MAAM,KAAK,gBAAgB;YACrC,CAAC,CAAC,QAAQ,CAAC,MAAM;YACjB,CAAC,CAAC,QAAQ,CAAC,GAAG;QACf,CAAC,CAAC,SAAS,CAAC;IAEb,MAAM,GAAG,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAEvB,MAAM,IAAI,GAAG,MAAM,YAAY,EAAE,CAAC;IAClC,MAAM,OAAO,GAAG,MAAM,~~cAAc~~,~~EAAE~~,CAAC;~~IAEvC~~,MAAM,MAAM,GAAG;QACd,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,UAAU,EAAE,IAAI,CAAC,MAAM;QACvB,MAAM,EAAE,IAAI,CAAC,MAAM;QAEnB,YAAY,EAAE,YAAY;QAC1B,cAAc,EAAE,IAAI,CAAC,SAAS;QAC9B,qBAAqB,EAAE,IAAI,CAAC,MAAM;QAClC,KAAK,EAAE,GAAG;QACV,UAAU,EAAE,SAAS;QACrB,aAAa,EAAE,UAAU;QACzB,aAAa,EAAE,MAAM;QACrB,KAAK,EAAE,KAAK;KACiC,CAAC;IAE/C,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE;QACxB,OAAO,EAAE,OAAO;QAChB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,KAAK,EAAE,KAAK;KACZ,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACvD,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,8BAA8B,EAAE,MAAM,CAAC,CAAC;IAE9E,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAC;IACzD,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;IACjD,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;IAE9D,OAAO,OAAO,CAAC;AAAA,CACf,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EAAE,MAAuB,EAAE,EAAE,CAAC;IACvE,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAChC,MAAM,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAChC,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAElC,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,UAAU,CAAC,oBAAoB,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACxC,IAAI,MAAM,EAAE,CAAC;QACZ,kCAAkC;QAClC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACP,MAAM,IAAI,UAAU,CAAC,wBAAwB,CAAC,CAAC;IAChD,CAAC;IAED,IAAI,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,KAAK,CAAC,CAAC;IACxE,CAAC;IACD,IAAI,CAAC,IAAI,EAAE,CAAC;QACX,MAAM,IAAI,UAAU,CAAC,wBAAwB,CAAC,CAAC;IAChD,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;IAC/B,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;IACjC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,IAAI,CAAC;IAEnC,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;QACrB,MAAM,IAAI,UAAU,CAAC,0BAA0B,CAAC,CAAC;IAClD,CAAC;SAAM,IAAI,MAAM,KAAK,QAAQ,CAAC,MAAM,EAAE,CAAC;QACvC,MAAM,IAAI,UAAU,CAAC,iBAAiB,CAAC,CAAC;IACzC,CAAC;IAED,iCAAiC;IACjC,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACvD,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAEzE,kBAAkB;IAClB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;IACrB,MAAM,OAAO,GAAY,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;IAElD,MAAM,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;IAEjC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAAA,CAC1B,CAAC"}
1	+ {"version":3,"file":"exchange.js","sourceRoot":"","sources":["../../lib/agents/exchange.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAGrE,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAEhC,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC9D,OAAO,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAG5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAe7C;;;;GAIG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,KAAK,EAAE,OAAyB,EAAgB,EAAE,CAAC;IACxF,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,GAAG,IAAI,EAAE,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;IAEzD,IAAI,QAAkF,CAAC;IACvF,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;QACrB,KAAK,SAAS,EAAE,CAAC;YAChB,QAAQ,GAAG,MAAM,qBAAqB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YAC1D,MAAM;QACP,CAAC;QACD,KAAK,KAAK,EAAE,CAAC;YACZ,QAAQ,GAAG,MAAM,kBAAkB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QACxD,CAAC;IACF,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,QAAQ,CAAC;IACxC,MAAM,SAAS,GAAG,QAAQ;QACzB,CAAC,CAAC,QAAQ,CAAC,MAAM,KAAK,gBAAgB;YACrC,CAAC,CAAC,QAAQ,CAAC,MAAM;YACjB,CAAC,CAAC,QAAQ,CAAC,GAAG;QACf,CAAC,CAAC,SAAS,CAAC;IAEb,MAAM,GAAG,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAEvB,MAAM,IAAI,GAAG,MAAM,YAAY,EAAE,CAAC;IAClC,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IAEjD,MAAM,MAAM,GAAG;QACd,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,UAAU,EAAE,IAAI,CAAC,MAAM;QACvB,MAAM,EAAE,IAAI,CAAC,MAAM;QAEnB,YAAY,EAAE,YAAY;QAC1B,cAAc,EAAE,IAAI,CAAC,SAAS;QAC9B,qBAAqB,EAAE,IAAI,CAAC,MAAM;QAClC,KAAK,EAAE,GAAG;QACV,UAAU,EAAE,SAAS;QACrB,aAAa,EAAE,UAAU;QACzB,aAAa,EAAE,MAAM;QACrB,KAAK,EAAE,KAAK;KACiC,CAAC;IAE/C,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE;QACxB,OAAO,EAAE,OAAO;QAChB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,KAAK,EAAE,KAAK;KACZ,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACvD,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,8BAA8B,EAAE,MAAM,CAAC,CAAC;IAE9E,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAC;IACzD,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;IACjD,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;IAE9D,OAAO,OAAO,CAAC;AAAA,CACf,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EAAE,MAAuB,EAAE,EAAE,CAAC;IACvE,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAChC,MAAM,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAChC,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAElC,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,UAAU,CAAC,oBAAoB,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACxC,IAAI,MAAM,EAAE,CAAC;QACZ,kCAAkC;QAClC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACP,MAAM,IAAI,UAAU,CAAC,wBAAwB,CAAC,CAAC;IAChD,CAAC;IAED,IAAI,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,KAAK,CAAC,CAAC;IACxE,CAAC;IACD,IAAI,CAAC,IAAI,EAAE,CAAC;QACX,MAAM,IAAI,UAAU,CAAC,wBAAwB,CAAC,CAAC;IAChD,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;IAC/B,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;IACjC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,IAAI,CAAC;IAEnC,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;QACrB,MAAM,IAAI,UAAU,CAAC,0BAA0B,CAAC,CAAC;IAClD,CAAC;SAAM,IAAI,MAAM,KAAK,QAAQ,CAAC,MAAM,EAAE,CAAC;QACvC,MAAM,IAAI,UAAU,CAAC,iBAAiB,CAAC,CAAC;IACzC,CAAC;IAED,iCAAiC;IACjC,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACvD,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAEzE,kBAAkB;IAClB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;IACrB,MAAM,OAAO,GAAY,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;IAElD,MAAM,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;IAEjC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAAA,CAC1B,CAAC"}

package/dist/agents/server-agent.d.ts CHANGED Viewed

@@ -1,13 +1,13 @@
 import type { Did } from '@atcute/lexicons';
-import type { DPoPKey } from '../types/dpop.js';
-import type { OAuthParResponse } from '../types/par.js';
+import { type DpopPrivateJwk } from '@atcute/oauth-crypto';
+import type { AtprotoOAuthTokenResponse, OAuthParResponse } from '@atcute/oauth-types';
 import type { PersistedAuthorizationServerMetadata } from '../types/server.js';
-import type { ExchangeInfo, OAuthTokenResponse, TokenInfo } from '../types/token.js';
+import type { ExchangeInfo, TokenInfo } from '../types/token.js';
 export declare class OAuthServerAgent {
     #private;
-    constructor(metadata: PersistedAuthorizationServerMetadata, dpopKey: DPoPKey);
+    constructor(metadata: PersistedAuthorizationServerMetadata, dpopKey: DpopPrivateJwk);
     request(endpoint: 'pushed_authorization_request', payload: Record<string, unknown>): Promise<OAuthParResponse>;
-    request(endpoint: 'token', payload: Record<string, unknown>): Promise<OAuthTokenResponse>;
+    request(endpoint: 'token', payload: Record<string, unknown>): Promise<AtprotoOAuthTokenResponse>;
     request(endpoint: 'revocation', payload: Record<string, unknown>): Promise<any>;
     request(endpoint: 'introspection', payload: Record<string, unknown>): Promise<any>;
     revoke(token: string): Promise<void>;

package/dist/agents/server-agent.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"server-agent.d.ts","sourceRoot":"","sources":["../../lib/agents/server-agent.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;~~AAM5C~~,OAAO,KAAK,~~EAAE~~,~~OAAO,~~EAAE,MAAM,~~kBAAkB~~,CAAC;~~AAChD~~,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,~~iBAAiB~~,CAAC;~~AACxD~~,OAAO,KAAK,EAAE,oCAAoC,EAAE,MAAM,oBAAoB,CAAC;AAC/E,OAAO,KAAK,EAAE,YAAY,EAAE,~~kBAAkB,EAAE,~~SAAS,EAAE,MAAM,mBAAmB,CAAC;~~AAIrF~~,qBAAa,gBAAgB;;IAK5B,YAAY,QAAQ,EAAE,oCAAoC,EAAE,OAAO,EAAE,~~OAAO~~,~~EAI3E~~;IAEK,OAAO,CACZ,QAAQ,EAAE,8BAA8B,EACxC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC9B,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACvB,OAAO,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,~~kBAAkB~~,CAAC,CAAC;~~IAC1F~~,OAAO,CAAC,QAAQ,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IAChF,OAAO,CAAC,QAAQ,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;~~IA+CnF~~,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAIzC;IAEK,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,YAAY,CAAC;QAAC,KAAK,EAAE,SAAS,CAAA;KAAE,CAAC,CAcrG;IAEK,OAAO,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE;QAAE,GAAG,EAAE,GAAG,CAAC;QAAC,KAAK,EAAE,SAAS,CAAA;KAAE,GAAG,OAAO,CAAC,SAAS,CAAC,CAqBhF;~~CAmDD~~"}
1	+ {"version":3,"file":"server-agent.d.ts","sourceRoot":"","sources":["../../lib/agents/server-agent.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAyB,KAAK,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAClF,OAAO,KAAK,EAAE,yBAAyB,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAMvF,OAAO,KAAK,EAAE,oCAAoC,EAAE,MAAM,oBAAoB,CAAC;AAC/E,OAAO,KAAK,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAIjE,qBAAa,gBAAgB;;IAK5B,YAAY,QAAQ,EAAE,oCAAoC,EAAE,OAAO,EAAE,cAAc,EAIlF;IAEK,OAAO,CACZ,QAAQ,EAAE,8BAA8B,EACxC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC9B,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACvB,OAAO,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAAC;IACjG,OAAO,CAAC,QAAQ,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IAChF,OAAO,CAAC,QAAQ,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IA0CnF,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAIzC;IAEK,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,YAAY,CAAC;QAAC,KAAK,EAAE,SAAS,CAAA;KAAE,CAAC,CAcrG;IAEK,OAAO,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE;QAAE,GAAG,EAAE,GAAG,CAAC;QAAC,KAAK,EAAE,SAAS,CAAA;KAAE,GAAG,OAAO,CAAC,SAAS,CAAC,CAqBhF;CAqDD"}

package/dist/agents/server-agent.js CHANGED Viewed

@@ -1,4 +1,5 @@
-import { createDPoPFetch, createDPoPSignage } from '../dpop.js';
+import { createDpopProofSigner } from '@atcute/oauth-crypto';
+import { createDPoPFetch } from '../dpop.js';
 import { CLIENT_ID, fetchClientAssertion, REDIRECT_URI } from '../environment.js';
 import { FetchResponseError, OAuthResponseError, TokenRefreshError } from '../errors.js';
 import { resolveFromIdentifier } from '../resolvers.js';
@@ -20,16 +21,11 @@ export class OAuthServerAgent {
         }
         if ((endpoint === 'token' || endpoint === 'pushed_authorization_request') &&
             fetchClientAssertion !== undefined) {
-            const jkt = this.#dpopKey.jkt;
-            if (jkt === undefined) {
-                throw new Error(`DPoP key missing jkt field`);
-            }
+            const sign = createDpopProofSigner(this.#dpopKey);
             const assertion = await fetchClientAssertion({
-                jkt: jkt,
                 aud: this.#metadata.issuer,
-                createDpopProof: async (url) => {
-                    const sign = createDPoPSignage(this.#dpopKey);
-                    return await sign('POST', url, undefined, undefined);
+                createDpopProof: async (url, nonce) => {
+                    return await sign('POST', url, nonce, undefined);
                 },
             });
             payload = { ...payload, ...assertion };

package/dist/agents/server-agent.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"server-agent.js","sourceRoot":"","sources":["../../lib/agents/server-agent.ts"],"names":[],"mappings":"~~AAEA~~,OAAO,EAAE,~~eAAe~~,EAAE,~~iBAAiB~~,EAAE,MAAM,YAAY,CAAC;~~AAChE~~,OAAO,EAAE,SAAS,EAAE,oBAAoB,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAClF,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AACzF,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;~~AAKxD~~,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACxC,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAE1D,MAAM,OAAO,gBAAgB;IAC5B,MAAM,CAAe;IACrB,SAAS,CAAuC;IAChD,QAAQ,~~CAAU~~;~~IAElB~~,YAAY,QAA8C,EAAE,~~OAAgB~~,EAAE;~~QAC7E~~,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,IAAI,CAAC,MAAM,GAAG,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAAA,CAC7C;IASD,KAAK,CAAC,OAAO,CAAC,QAAgB,EAAE,OAAgC,EAAgB;QAC/E,MAAM,GAAG,GAAwB,IAAI,CAAC,SAAiB,CAAC,GAAG,QAAQ,WAAW,CAAC,CAAC;QAChF,IAAI,CAAC,GAAG,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,mBAAmB,QAAQ,EAAE,CAAC,CAAC;QAChD,CAAC;QAED,IACC,CAAC,QAAQ,KAAK,OAAO,IAAI,QAAQ,KAAK,8BAA8B,CAAC;YACrE,oBAAoB,KAAK,SAAS,EACjC,CAAC;YACF,MAAM,~~GAAG,GAAG,~~IAAI,~~CAAC,QAAQ,CAAC,~~GAAG,~~CAAC;YAC9B~~,~~IAAI,GAAG,KAAK,SAAS,EAAE,~~CAAC~~;gBACvB~~,~~MAAM,~~IAAI,~~KAAK,~~CAAC,~~4BAA4B~~,CAAC,CAAC;~~YAC/C~~,~~CAAC;YAED,~~MAAM,SAAS,GAAG,MAAM,oBAAoB,CAAC;gBAC5C,GAAG,EAAE,~~GAAG;gBACR,GAAG,EAAE,~~IAAI,CAAC,SAAS,CAAC,MAAM;gBAC1B,eAAe,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,~~CAAC;oBAC/B~~,~~MAAM,IAAI,GAAG,iBAAiB,~~CAAC~~,IAAI,CAAC,QAAQ,CAAC,CAAC~~;~~oBAC9C~~,OAAO,MAAM,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,~~SAAS~~,EAAE,SAAS,CAAC,CAAC;gBAAA,~~CACrD~~;aACD,CAAC,CAAC;YAEH,OAAO,GAAG,EAAE,GAAG,OAAO,EAAE,GAAG,SAAS,EAAE,CAAC;QACxC,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE;YACvC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;SAC1D,CAAC,CAAC;QAEH,IAAI,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,kBAAkB,EAAE,CAAC;YACjE,MAAM,IAAI,kBAAkB,CAAC,QAAQ,EAAE,CAAC,EAAE,yBAAyB,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEnC,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC;QACb,CAAC;aAAM,CAAC;YACP,MAAM,IAAI,kBAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC9C,CAAC;IAAA,CACD;IAED,KAAK,CAAC,MAAM,CAAC,KAAa,EAAiB;QAC1C,IAAI,CAAC;YACJ,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QACpD,CAAC;QAAC,MAAM,CAAC,CAAA,CAAC;IAAA,CACV;IAED,KAAK,CAAC,YAAY,CAAC,IAAY,EAAE,QAAiB,EAAqD;QACtG,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YAC5C,UAAU,EAAE,oBAAoB;YAChC,YAAY,EAAE,YAAY;YAC1B,IAAI,EAAE,IAAI;YACV,aAAa,EAAE,QAAQ;SACvB,CAAC,CAAC;QAEH,IAAI,CAAC;YACJ,OAAO,MAAM,IAAI,CAAC,wBAAwB,CAAC,QAAQ,CAAC,CAAC;QACtD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;YACzC,MAAM,GAAG,CAAC;QACX,CAAC;IAAA,CACD;IAED,KAAK,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,KAAK,EAAkC,EAAsB;QACjF,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,IAAI,iBAAiB,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAC;QAChE,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YAC5C,UAAU,EAAE,eAAe;YAC3B,aAAa,EAAE,KAAK,CAAC,OAAO;SAC5B,CAAC,CAAC;QAEH,IAAI,CAAC;YACJ,IAAI,GAAG,KAAK,QAAQ,CAAC,GAAG,EAAE,CAAC;gBAC1B,MAAM,IAAI,iBAAiB,CAAC,GAAG,EAAE,uCAAuC,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC;YACzF,CAAC;YAED,OAAO,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;YAEzC,MAAM,GAAG,CAAC;QACX,CAAC;IAAA,CACD;IAED,qBAAqB,CAAC,~~GAAuB~~,EAAa;~~QACzD~~,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,SAAS,CAAC,qCAAqC,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;YAChB,MAAM,IAAI,SAAS,CAAC,uCAAuC,CAAC,CAAC;QAC9D,CAAC;QACD,IAAI,GAAG,CAAC,UAAU,KAAK,MAAM,EAAE,CAAC;YAC/B,MAAM,IAAI,SAAS,CAAC,0CAA0C,CAAC,CAAC;QACjE,CAAC;QAED,OAAO;YACN,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,OAAO,EAAE,GAAG,CAAC,aAAa;YAC1B,MAAM,EAAE,GAAG,CAAC,YAAY;YACxB,IAAI,EAAE,GAAG,CAAC,UAAU;YACpB,UAAU,EAAE,OAAO,GAAG,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS;SAChG,CAAC;IAAA,CACF;IAED,KAAK,CAAC,wBAAwB,~~CAAC~~,~~GAAuB~~,~~EAAqD~~;~~QAC1G~~,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC;QACpB,IAAI,CAAC,GAAG,EAAE,CAAC;YACV,MAAM,IAAI,SAAS,CAAC,qCAAqC,CAAC,CAAC;QAC5D,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC9C,MAAM,QAAQ,GAAG,MAAM,qBAAqB,CAAC,GAAU,CAAC,CAAC;QAEzD,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,KAAK,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;YACxD,MAAM,IAAI,SAAS,CAAC,wBAAwB,QAAQ,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACzE,CAAC;QAED,OAAO;YACN,KAAK,EAAE,KAAK;YACZ,IAAI,EAAE;gBACL,GAAG,EAAE,GAAU;gBACf,GAAG,EAAE,QAAQ,CAAC,QAAQ,CAAC,GAAG;gBAC1B,MAAM,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE;oBAC/B,QAAQ;oBACR,wBAAwB;oBACxB,wBAAwB;oBACxB,uCAAuC;oBACvC,qBAAqB;oBACrB,gBAAgB;iBAChB,CAAC;aACF;SACD,CAAC;IAAA,CACF;CACD"}
1	+ {"version":3,"file":"server-agent.js","sourceRoot":"","sources":["../../lib/agents/server-agent.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,qBAAqB,EAAuB,MAAM,sBAAsB,CAAC;AAGlF,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,oBAAoB,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAClF,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AACzF,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AAGxD,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACxC,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAE1D,MAAM,OAAO,gBAAgB;IAC5B,MAAM,CAAe;IACrB,SAAS,CAAuC;IAChD,QAAQ,CAAiB;IAEzB,YAAY,QAA8C,EAAE,OAAuB,EAAE;QACpF,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,IAAI,CAAC,MAAM,GAAG,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAAA,CAC7C;IASD,KAAK,CAAC,OAAO,CAAC,QAAgB,EAAE,OAAgC,EAAgB;QAC/E,MAAM,GAAG,GAAwB,IAAI,CAAC,SAAiB,CAAC,GAAG,QAAQ,WAAW,CAAC,CAAC;QAChF,IAAI,CAAC,GAAG,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,mBAAmB,QAAQ,EAAE,CAAC,CAAC;QAChD,CAAC;QAED,IACC,CAAC,QAAQ,KAAK,OAAO,IAAI,QAAQ,KAAK,8BAA8B,CAAC;YACrE,oBAAoB,KAAK,SAAS,EACjC,CAAC;YACF,MAAM,IAAI,GAAG,qBAAqB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAElD,MAAM,SAAS,GAAG,MAAM,oBAAoB,CAAC;gBAC5C,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM;gBAC1B,eAAe,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC;oBACtC,OAAO,MAAM,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC;gBAAA,CACjD;aACD,CAAC,CAAC;YAEH,OAAO,GAAG,EAAE,GAAG,OAAO,EAAE,GAAG,SAAS,EAAE,CAAC;QACxC,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE;YACvC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;SAC1D,CAAC,CAAC;QAEH,IAAI,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,kBAAkB,EAAE,CAAC;YACjE,MAAM,IAAI,kBAAkB,CAAC,QAAQ,EAAE,CAAC,EAAE,yBAAyB,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEnC,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC;QACb,CAAC;aAAM,CAAC;YACP,MAAM,IAAI,kBAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC9C,CAAC;IAAA,CACD;IAED,KAAK,CAAC,MAAM,CAAC,KAAa,EAAiB;QAC1C,IAAI,CAAC;YACJ,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QACpD,CAAC;QAAC,MAAM,CAAC,CAAA,CAAC;IAAA,CACV;IAED,KAAK,CAAC,YAAY,CAAC,IAAY,EAAE,QAAiB,EAAqD;QACtG,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YAC5C,UAAU,EAAE,oBAAoB;YAChC,YAAY,EAAE,YAAY;YAC1B,IAAI,EAAE,IAAI;YACV,aAAa,EAAE,QAAQ;SACvB,CAAC,CAAC;QAEH,IAAI,CAAC;YACJ,OAAO,MAAM,IAAI,CAAC,wBAAwB,CAAC,QAAQ,CAAC,CAAC;QACtD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;YACzC,MAAM,GAAG,CAAC;QACX,CAAC;IAAA,CACD;IAED,KAAK,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,KAAK,EAAkC,EAAsB;QACjF,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,IAAI,iBAAiB,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAC;QAChE,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YAC5C,UAAU,EAAE,eAAe;YAC3B,aAAa,EAAE,KAAK,CAAC,OAAO;SAC5B,CAAC,CAAC;QAEH,IAAI,CAAC;YACJ,IAAI,GAAG,KAAK,QAAQ,CAAC,GAAG,EAAE,CAAC;gBAC1B,MAAM,IAAI,iBAAiB,CAAC,GAAG,EAAE,uCAAuC,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC;YACzF,CAAC;YAED,OAAO,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;YAEzC,MAAM,GAAG,CAAC;QACX,CAAC;IAAA,CACD;IAED,qBAAqB,CAAC,GAA8B,EAAa;QAChE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,SAAS,CAAC,qCAAqC,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;YAChB,MAAM,IAAI,SAAS,CAAC,uCAAuC,CAAC,CAAC;QAC9D,CAAC;QACD,IAAI,GAAG,CAAC,UAAU,KAAK,MAAM,EAAE,CAAC;YAC/B,MAAM,IAAI,SAAS,CAAC,0CAA0C,CAAC,CAAC;QACjE,CAAC;QAED,OAAO;YACN,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,OAAO,EAAE,GAAG,CAAC,aAAa;YAC1B,MAAM,EAAE,GAAG,CAAC,YAAY;YACxB,IAAI,EAAE,GAAG,CAAC,UAAU;YACpB,UAAU,EAAE,OAAO,GAAG,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS;SAChG,CAAC;IAAA,CACF;IAED,KAAK,CAAC,wBAAwB,CAC7B,GAA8B,EACsB;QACpD,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC;QACpB,IAAI,CAAC,GAAG,EAAE,CAAC;YACV,MAAM,IAAI,SAAS,CAAC,qCAAqC,CAAC,CAAC;QAC5D,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC9C,MAAM,QAAQ,GAAG,MAAM,qBAAqB,CAAC,GAAU,CAAC,CAAC;QAEzD,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,KAAK,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;YACxD,MAAM,IAAI,SAAS,CAAC,wBAAwB,QAAQ,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACzE,CAAC;QAED,OAAO;YACN,KAAK,EAAE,KAAK;YACZ,IAAI,EAAE;gBACL,GAAG,EAAE,GAAU;gBACf,GAAG,EAAE,QAAQ,CAAC,QAAQ,CAAC,GAAG;gBAC1B,MAAM,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE;oBAC/B,QAAQ;oBACR,wBAAwB;oBACxB,wBAAwB;oBACxB,uCAAuC;oBACvC,qBAAqB;oBACrB,gBAAgB;iBAChB,CAAC;aACF;SACD,CAAC;IAAA,CACF;CACD"}

package/dist/agents/sessions.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"sessions.d.ts","sourceRoot":"","sources":["../../lib/agents/sessions.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,~~EAAE~~,OAAO,EAAE,MAAM,mBAAmB,CAAC;~~AAKjD~~,MAAM,WAAW,iBAAiB;IACjC,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,OAAO,CAAC;CACrB;AAKD,eAAO,MAAM,UAAU,+FAuEtB,CAAC;AAEF,eAAO,MAAM,YAAY,wEAOxB,CAAC;AAEF,eAAO,MAAM,mBAAmB,0CAE/B,CAAC;AAEF,eAAO,MAAM,kBAAkB,mCAE9B,CAAC"}
1	+ {"version":3,"file":"sessions.d.ts","sourceRoot":"","sources":["../../lib/agents/sessions.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAc,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAM7D,MAAM,WAAW,iBAAiB;IACjC,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,OAAO,CAAC;CACrB;AAKD,eAAO,MAAM,UAAU,+FAuEtB,CAAC;AAEF,eAAO,MAAM,YAAY,wEAOxB,CAAC;AAEF,eAAO,MAAM,mBAAmB,0CAE/B,CAAC;AAEF,eAAO,MAAM,kBAAkB,mCAE9B,CAAC"}