@atproto/lex-password-session 0.0.15 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +18 -0
- package/dist/error.js +3 -8
- package/dist/error.js.map +1 -1
- package/dist/index.js +2 -5
- package/dist/index.js.map +1 -1
- package/dist/lexicons/com/atproto/server/createAccount.defs.js +22 -25
- package/dist/lexicons/com/atproto/server/createAccount.defs.js.map +1 -1
- package/dist/lexicons/com/atproto/server/createAccount.js +2 -6
- package/dist/lexicons/com/atproto/server/createAccount.js.map +1 -1
- package/dist/lexicons/com/atproto/server/createSession.defs.js +23 -26
- package/dist/lexicons/com/atproto/server/createSession.defs.js.map +1 -1
- package/dist/lexicons/com/atproto/server/createSession.js +2 -6
- package/dist/lexicons/com/atproto/server/createSession.js.map +1 -1
- package/dist/lexicons/com/atproto/server/deleteSession.defs.js +8 -11
- package/dist/lexicons/com/atproto/server/deleteSession.defs.js.map +1 -1
- package/dist/lexicons/com/atproto/server/deleteSession.js +2 -6
- package/dist/lexicons/com/atproto/server/deleteSession.js.map +1 -1
- package/dist/lexicons/com/atproto/server/getSession.defs.js +16 -19
- package/dist/lexicons/com/atproto/server/getSession.defs.js.map +1 -1
- package/dist/lexicons/com/atproto/server/getSession.js +2 -6
- package/dist/lexicons/com/atproto/server/getSession.js.map +1 -1
- package/dist/lexicons/com/atproto/server/refreshSession.defs.js +19 -22
- package/dist/lexicons/com/atproto/server/refreshSession.defs.js.map +1 -1
- package/dist/lexicons/com/atproto/server/refreshSession.js +2 -6
- package/dist/lexicons/com/atproto/server/refreshSession.js.map +1 -1
- package/dist/lexicons/com/atproto/server.js +5 -9
- package/dist/lexicons/com/atproto/server.js.map +1 -1
- package/dist/lexicons/com/atproto.js +1 -5
- package/dist/lexicons/com/atproto.js.map +1 -1
- package/dist/lexicons/com.js +1 -5
- package/dist/lexicons/com.js.map +1 -1
- package/dist/lexicons/index.js +1 -5
- package/dist/lexicons/index.js.map +1 -1
- package/dist/password-session.js +15 -20
- package/dist/password-session.js.map +1 -1
- package/dist/util.js +4 -8
- package/dist/util.js.map +1 -1
- package/package.json +9 -10
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,23 @@
|
|
|
1
1
|
# @atproto/lex-password-session
|
|
2
2
|
|
|
3
|
+
## 0.1.0
|
|
4
|
+
|
|
5
|
+
### Minor Changes
|
|
6
|
+
|
|
7
|
+
- [#4929](https://github.com/bluesky-social/atproto/pull/4929) [`f01c59f`](https://github.com/bluesky-social/atproto/commit/f01c59f5bd3f75fb8b47a9eecd4858b84033fb7c) Thanks [@devinivy](https://github.com/devinivy)! - **BREAKING:** Drop support for Node.js 18 and 20. Node.js 22 is now the minimum supported version. Docker images now use Node.js 24.
|
|
8
|
+
|
|
9
|
+
- [#4943](https://github.com/bluesky-social/atproto/pull/4943) [`c459153`](https://github.com/bluesky-social/atproto/commit/c459153395a30ce89e050892c8fab7dc98e019b9) Thanks [@devinivy](https://github.com/devinivy)! - **BREAKING:** Convert to pure ESM. All packages now ship `"type": "module"` with ES module output and Node16 module resolution.
|
|
10
|
+
|
|
11
|
+
Node.js 22's `require()` compatibility layer can still load these packages in CommonJS code.
|
|
12
|
+
|
|
13
|
+
- [#4930](https://github.com/bluesky-social/atproto/pull/4930) [`908bece`](https://github.com/bluesky-social/atproto/commit/908bece169258bff5ad121e5eec157d6ded6f705) Thanks [@devinivy](https://github.com/devinivy)! - Build with TypeScript 6.0.
|
|
14
|
+
|
|
15
|
+
### Patch Changes
|
|
16
|
+
|
|
17
|
+
- Updated dependencies [[`f01c59f`](https://github.com/bluesky-social/atproto/commit/f01c59f5bd3f75fb8b47a9eecd4858b84033fb7c), [`c459153`](https://github.com/bluesky-social/atproto/commit/c459153395a30ce89e050892c8fab7dc98e019b9), [`affb50c`](https://github.com/bluesky-social/atproto/commit/affb50c040b497a12631df99a6310f8e78cab557), [`908bece`](https://github.com/bluesky-social/atproto/commit/908bece169258bff5ad121e5eec157d6ded6f705)]:
|
|
18
|
+
- @atproto/lex-client@0.1.0
|
|
19
|
+
- @atproto/lex-schema@0.1.0
|
|
20
|
+
|
|
3
21
|
## 0.0.15
|
|
4
22
|
|
|
5
23
|
### Patch Changes
|
package/dist/error.js
CHANGED
|
@@ -1,7 +1,4 @@
|
|
|
1
|
-
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.LexAuthFactorError = void 0;
|
|
4
|
-
const lex_client_1 = require("@atproto/lex-client");
|
|
1
|
+
import { LexError } from '@atproto/lex-client';
|
|
5
2
|
/**
|
|
6
3
|
* Error thrown when two-factor authentication (2FA) is required.
|
|
7
4
|
*
|
|
@@ -38,9 +35,7 @@ const lex_client_1 = require("@atproto/lex-client");
|
|
|
38
35
|
*
|
|
39
36
|
* @extends LexError
|
|
40
37
|
*/
|
|
41
|
-
class LexAuthFactorError extends
|
|
42
|
-
cause;
|
|
43
|
-
name = 'LexAuthFactorError';
|
|
38
|
+
export class LexAuthFactorError extends LexError {
|
|
44
39
|
/**
|
|
45
40
|
* Creates a new LexAuthFactorError.
|
|
46
41
|
*
|
|
@@ -49,7 +44,7 @@ class LexAuthFactorError extends lex_client_1.LexError {
|
|
|
49
44
|
constructor(cause) {
|
|
50
45
|
super(cause.error, cause.message ?? 'Auth factor token required', { cause });
|
|
51
46
|
this.cause = cause;
|
|
47
|
+
this.name = 'LexAuthFactorError';
|
|
52
48
|
}
|
|
53
49
|
}
|
|
54
|
-
exports.LexAuthFactorError = LexAuthFactorError;
|
|
55
50
|
//# sourceMappingURL=error.js.map
|
package/dist/error.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"error.js","sourceRoot":"","sources":["../src/error.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"error.js","sourceRoot":"","sources":["../src/error.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAe,MAAM,qBAAqB,CAAA;AAE3D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AACH,MAAM,OAAO,kBAAmB,SAAQ,QAAQ;IAG9C;;;;OAIG;IACH,YAAqB,KAAkB;QACrC,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,KAAK,CAAC,OAAO,IAAI,4BAA4B,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;QADzD,UAAK,GAAL,KAAK,CAAa;QAPvC,SAAI,GAAG,oBAAoB,CAAA;IAS3B,CAAC;CACF","sourcesContent":["import { LexError, XrpcFailure } from '@atproto/lex-client'\n\n/**\n * Error thrown when two-factor authentication (2FA) is required.\n *\n * This error is thrown by {@link PasswordSession.login} when the server\n * requires an additional authentication factor (e.g., email code). Catch this\n * error to prompt the user for their 2FA code and retry the login with the\n * `authFactorToken` parameter.\n *\n * @example Handling 2FA requirement\n * ```ts\n * import { PasswordSession, LexAuthFactorError } from '@atproto/lex-password-session'\n *\n * try {\n * const session = await PasswordSession.login({\n * service: 'https://bsky.social',\n * identifier: 'alice.bsky.social',\n * password: 'xxxx-xxxx-xxxx-xxxx',\n * })\n * } catch (err) {\n * if (err instanceof LexAuthFactorError) {\n * // Prompt user for 2FA code\n * const token = await promptUser('Enter 2FA code from email:')\n *\n * // Retry with the 2FA token\n * const session = await PasswordSession.login({\n * service: 'https://bsky.social',\n * identifier: 'alice.bsky.social',\n * password: 'xxxx-xxxx-xxxx-xxxx',\n * authFactorToken: token,\n * })\n * }\n * }\n * ```\n *\n * @extends LexError\n */\nexport class LexAuthFactorError extends LexError {\n name = 'LexAuthFactorError'\n\n /**\n * Creates a new LexAuthFactorError.\n *\n * @param cause - The underlying XRPC failure response from the server\n */\n constructor(readonly cause: XrpcFailure) {\n super(cause.error, cause.message ?? 'Auth factor token required', { cause })\n }\n}\n"]}
|
package/dist/index.js
CHANGED
|
@@ -1,6 +1,3 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
const tslib_1 = require("tslib");
|
|
4
|
-
tslib_1.__exportStar(require("./error.js"), exports);
|
|
5
|
-
tslib_1.__exportStar(require("./password-session.js"), exports);
|
|
1
|
+
export * from './error.js';
|
|
2
|
+
export * from './password-session.js';
|
|
6
3
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAA;AAC1B,cAAc,uBAAuB,CAAA","sourcesContent":["export * from './error.js'\nexport * from './password-session.js'\n"]}
|
|
@@ -1,34 +1,31 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
exports.$output = exports.$input = exports.$params = exports.$lxm = exports.main = exports.$nsid = void 0;
|
|
7
|
-
const lex_schema_1 = require("@atproto/lex-schema");
|
|
4
|
+
import { l } from '@atproto/lex-schema';
|
|
8
5
|
const $nsid = 'com.atproto.server.createAccount';
|
|
9
|
-
|
|
6
|
+
export { $nsid };
|
|
10
7
|
/** Create an account. Implemented by PDS. */
|
|
11
8
|
const main =
|
|
12
9
|
/*#__PURE__*/
|
|
13
|
-
|
|
14
|
-
/*#__PURE__*/
|
|
15
|
-
/*#__PURE__*/
|
|
16
|
-
email: /*#__PURE__*/
|
|
17
|
-
handle: /*#__PURE__*/
|
|
18
|
-
did: /*#__PURE__*/
|
|
19
|
-
inviteCode: /*#__PURE__*/
|
|
20
|
-
verificationCode: /*#__PURE__*/
|
|
21
|
-
verificationPhone: /*#__PURE__*/
|
|
22
|
-
password: /*#__PURE__*/
|
|
23
|
-
recoveryKey: /*#__PURE__*/
|
|
24
|
-
plcOp: /*#__PURE__*/
|
|
10
|
+
l.procedure($nsid,
|
|
11
|
+
/*#__PURE__*/ l.params(),
|
|
12
|
+
/*#__PURE__*/ l.jsonPayload({
|
|
13
|
+
email: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),
|
|
14
|
+
handle: /*#__PURE__*/ l.string({ format: 'handle' }),
|
|
15
|
+
did: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string({ format: 'did' })),
|
|
16
|
+
inviteCode: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),
|
|
17
|
+
verificationCode: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),
|
|
18
|
+
verificationPhone: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),
|
|
19
|
+
password: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),
|
|
20
|
+
recoveryKey: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),
|
|
21
|
+
plcOp: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.lexMap()),
|
|
25
22
|
}),
|
|
26
|
-
/*#__PURE__*/
|
|
27
|
-
accessJwt: /*#__PURE__*/
|
|
28
|
-
refreshJwt: /*#__PURE__*/
|
|
29
|
-
handle: /*#__PURE__*/
|
|
30
|
-
did: /*#__PURE__*/
|
|
31
|
-
didDoc: /*#__PURE__*/
|
|
23
|
+
/*#__PURE__*/ l.jsonPayload({
|
|
24
|
+
accessJwt: /*#__PURE__*/ l.string(),
|
|
25
|
+
refreshJwt: /*#__PURE__*/ l.string(),
|
|
26
|
+
handle: /*#__PURE__*/ l.string({ format: 'handle' }),
|
|
27
|
+
did: /*#__PURE__*/ l.string({ format: 'did' }),
|
|
28
|
+
didDoc: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.lexMap()),
|
|
32
29
|
}), [
|
|
33
30
|
'InvalidHandle',
|
|
34
31
|
'InvalidPassword',
|
|
@@ -38,6 +35,6 @@ lex_schema_1.l.procedure($nsid,
|
|
|
38
35
|
'UnresolvableDid',
|
|
39
36
|
'IncompatibleDidDoc',
|
|
40
37
|
]);
|
|
41
|
-
|
|
42
|
-
|
|
38
|
+
export { main };
|
|
39
|
+
export const $lxm = /*#__PURE__*/ main.nsid, $params = /*#__PURE__*/ main.parameters, $input = /*#__PURE__*/ main.input, $output = /*#__PURE__*/ main.output;
|
|
43
40
|
//# sourceMappingURL=createAccount.defs.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"createAccount.defs.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/createAccount.defs.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"createAccount.defs.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/createAccount.defs.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,qBAAqB,CAAA;AAEvC,MAAM,KAAK,GAAG,kCAAkC,CAAA;AAEhD,OAAO,EAAE,KAAK,EAAE,CAAA;AAEhB,6CAA6C;AAC7C,MAAM,IAAI;AACR,aAAa;AACb,CAAC,CAAC,SAAS,CACT,KAAK;AACL,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE;AACxB,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC;IAC1B,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACzD,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;IACpD,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACxE,UAAU,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC9D,gBAAgB,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACpE,iBAAiB,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACrE,QAAQ,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC5D,WAAW,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC/D,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;CAC1D,CAAC;AACF,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC;IAC1B,SAAS,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE;IACnC,UAAU,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE;IACpC,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;IACpD,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAC9C,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;CAC3D,CAAC,EACF;IACE,eAAe;IACf,iBAAiB;IACjB,mBAAmB;IACnB,oBAAoB;IACpB,mBAAmB;IACnB,iBAAiB;IACjB,oBAAoB;CACrB,CACF,CAAA;AACH,OAAO,EAAE,IAAI,EAAE,CAAA;AAcf,MAAM,CAAC,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,EACzC,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,UAAU,EACvC,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,KAAK,EACjC,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,MAAM,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nimport { l } from '@atproto/lex-schema'\n\nconst $nsid = 'com.atproto.server.createAccount'\n\nexport { $nsid }\n\n/** Create an account. Implemented by PDS. */\nconst main =\n /*#__PURE__*/\n l.procedure(\n $nsid,\n /*#__PURE__*/ l.params(),\n /*#__PURE__*/ l.jsonPayload({\n email: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),\n handle: /*#__PURE__*/ l.string({ format: 'handle' }),\n did: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string({ format: 'did' })),\n inviteCode: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),\n verificationCode: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),\n verificationPhone: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),\n password: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),\n recoveryKey: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),\n plcOp: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.lexMap()),\n }),\n /*#__PURE__*/ l.jsonPayload({\n accessJwt: /*#__PURE__*/ l.string(),\n refreshJwt: /*#__PURE__*/ l.string(),\n handle: /*#__PURE__*/ l.string({ format: 'handle' }),\n did: /*#__PURE__*/ l.string({ format: 'did' }),\n didDoc: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.lexMap()),\n }),\n [\n 'InvalidHandle',\n 'InvalidPassword',\n 'InvalidInviteCode',\n 'HandleNotAvailable',\n 'UnsupportedDomain',\n 'UnresolvableDid',\n 'IncompatibleDidDoc',\n ],\n )\nexport { main }\n\nexport type $Params = l.InferMethodParams<typeof main>\nexport type $Input<B = l.BinaryData> = l.InferMethodInput<typeof main, B>\nexport type $InputBody<B = l.BinaryData> = l.InferMethodInputBody<\n typeof main,\n B\n>\nexport type $Output<B = l.BinaryData> = l.InferMethodOutput<typeof main, B>\nexport type $OutputBody<B = l.BinaryData> = l.InferMethodOutputBody<\n typeof main,\n B\n>\n\nexport const $lxm = /*#__PURE__*/ main.nsid,\n $params = /*#__PURE__*/ main.parameters,\n $input = /*#__PURE__*/ main.input,\n $output = /*#__PURE__*/ main.output\n"]}
|
|
@@ -1,10 +1,6 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
const tslib_1 = require("tslib");
|
|
8
|
-
tslib_1.__exportStar(require("./createAccount.defs.js"), exports);
|
|
9
|
-
exports.$defs = tslib_1.__importStar(require("./createAccount.defs.js"));
|
|
4
|
+
export * from './createAccount.defs.js';
|
|
5
|
+
export * as $defs from './createAccount.defs.js';
|
|
10
6
|
//# sourceMappingURL=createAccount.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"createAccount.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/createAccount.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"createAccount.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/createAccount.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,cAAc,yBAAyB,CAAA;AACvC,OAAO,KAAK,KAAK,MAAM,yBAAyB,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nexport * from './createAccount.defs.js'\nexport * as $defs from './createAccount.defs.js'\n"]}
|
|
@@ -1,36 +1,33 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
exports.$output = exports.$input = exports.$params = exports.$lxm = exports.main = exports.$nsid = void 0;
|
|
7
|
-
const lex_schema_1 = require("@atproto/lex-schema");
|
|
4
|
+
import { l } from '@atproto/lex-schema';
|
|
8
5
|
const $nsid = 'com.atproto.server.createSession';
|
|
9
|
-
|
|
6
|
+
export { $nsid };
|
|
10
7
|
/** Create an authentication session. */
|
|
11
8
|
const main =
|
|
12
9
|
/*#__PURE__*/
|
|
13
|
-
|
|
14
|
-
/*#__PURE__*/
|
|
15
|
-
/*#__PURE__*/
|
|
16
|
-
identifier: /*#__PURE__*/
|
|
17
|
-
password: /*#__PURE__*/
|
|
18
|
-
authFactorToken: /*#__PURE__*/
|
|
19
|
-
allowTakendown: /*#__PURE__*/
|
|
10
|
+
l.procedure($nsid,
|
|
11
|
+
/*#__PURE__*/ l.params(),
|
|
12
|
+
/*#__PURE__*/ l.jsonPayload({
|
|
13
|
+
identifier: /*#__PURE__*/ l.string(),
|
|
14
|
+
password: /*#__PURE__*/ l.string(),
|
|
15
|
+
authFactorToken: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),
|
|
16
|
+
allowTakendown: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),
|
|
20
17
|
}),
|
|
21
|
-
/*#__PURE__*/
|
|
22
|
-
accessJwt: /*#__PURE__*/
|
|
23
|
-
refreshJwt: /*#__PURE__*/
|
|
24
|
-
handle: /*#__PURE__*/
|
|
25
|
-
did: /*#__PURE__*/
|
|
26
|
-
didDoc: /*#__PURE__*/
|
|
27
|
-
email: /*#__PURE__*/
|
|
28
|
-
emailConfirmed: /*#__PURE__*/
|
|
29
|
-
emailAuthFactor: /*#__PURE__*/
|
|
30
|
-
active: /*#__PURE__*/
|
|
31
|
-
status: /*#__PURE__*/
|
|
32
|
-
/*#__PURE__*/
|
|
18
|
+
/*#__PURE__*/ l.jsonPayload({
|
|
19
|
+
accessJwt: /*#__PURE__*/ l.string(),
|
|
20
|
+
refreshJwt: /*#__PURE__*/ l.string(),
|
|
21
|
+
handle: /*#__PURE__*/ l.string({ format: 'handle' }),
|
|
22
|
+
did: /*#__PURE__*/ l.string({ format: 'did' }),
|
|
23
|
+
didDoc: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.lexMap()),
|
|
24
|
+
email: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),
|
|
25
|
+
emailConfirmed: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),
|
|
26
|
+
emailAuthFactor: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),
|
|
27
|
+
active: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),
|
|
28
|
+
status: /*#__PURE__*/ l.optional(
|
|
29
|
+
/*#__PURE__*/ l.string()),
|
|
33
30
|
}), ['AccountTakedown', 'AuthFactorTokenRequired']);
|
|
34
|
-
|
|
35
|
-
|
|
31
|
+
export { main };
|
|
32
|
+
export const $lxm = /*#__PURE__*/ main.nsid, $params = /*#__PURE__*/ main.parameters, $input = /*#__PURE__*/ main.input, $output = /*#__PURE__*/ main.output;
|
|
36
33
|
//# sourceMappingURL=createSession.defs.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"createSession.defs.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/createSession.defs.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"createSession.defs.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/createSession.defs.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,qBAAqB,CAAA;AAEvC,MAAM,KAAK,GAAG,kCAAkC,CAAA;AAEhD,OAAO,EAAE,KAAK,EAAE,CAAA;AAEhB,wCAAwC;AACxC,MAAM,IAAI;AACR,aAAa;AACb,CAAC,CAAC,SAAS,CACT,KAAK;AACL,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE;AACxB,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC;IAC1B,UAAU,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE;IACpC,QAAQ,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE;IAClC,eAAe,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACnE,cAAc,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;CACpE,CAAC;AACF,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC;IAC1B,SAAS,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE;IACnC,UAAU,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE;IACpC,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;IACpD,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAC9C,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC1D,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACzD,cAAc,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IACnE,eAAe,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IACpE,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IAC3D,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ;IAC9B,aAAa,CAAC,CAAC,CAAC,MAAM,EAElB,CACL;CACF,CAAC,EACF,CAAC,iBAAiB,EAAE,yBAAyB,CAAC,CAC/C,CAAA;AACH,OAAO,EAAE,IAAI,EAAE,CAAA;AAcf,MAAM,CAAC,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,EACzC,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,UAAU,EACvC,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,KAAK,EACjC,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,MAAM,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nimport { l } from '@atproto/lex-schema'\n\nconst $nsid = 'com.atproto.server.createSession'\n\nexport { $nsid }\n\n/** Create an authentication session. */\nconst main =\n /*#__PURE__*/\n l.procedure(\n $nsid,\n /*#__PURE__*/ l.params(),\n /*#__PURE__*/ l.jsonPayload({\n identifier: /*#__PURE__*/ l.string(),\n password: /*#__PURE__*/ l.string(),\n authFactorToken: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),\n allowTakendown: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),\n }),\n /*#__PURE__*/ l.jsonPayload({\n accessJwt: /*#__PURE__*/ l.string(),\n refreshJwt: /*#__PURE__*/ l.string(),\n handle: /*#__PURE__*/ l.string({ format: 'handle' }),\n did: /*#__PURE__*/ l.string({ format: 'did' }),\n didDoc: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.lexMap()),\n email: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),\n emailConfirmed: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),\n emailAuthFactor: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),\n active: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),\n status: /*#__PURE__*/ l.optional(\n /*#__PURE__*/ l.string<{\n knownValues: ['takendown', 'suspended', 'deactivated']\n }>(),\n ),\n }),\n ['AccountTakedown', 'AuthFactorTokenRequired'],\n )\nexport { main }\n\nexport type $Params = l.InferMethodParams<typeof main>\nexport type $Input<B = l.BinaryData> = l.InferMethodInput<typeof main, B>\nexport type $InputBody<B = l.BinaryData> = l.InferMethodInputBody<\n typeof main,\n B\n>\nexport type $Output<B = l.BinaryData> = l.InferMethodOutput<typeof main, B>\nexport type $OutputBody<B = l.BinaryData> = l.InferMethodOutputBody<\n typeof main,\n B\n>\n\nexport const $lxm = /*#__PURE__*/ main.nsid,\n $params = /*#__PURE__*/ main.parameters,\n $input = /*#__PURE__*/ main.input,\n $output = /*#__PURE__*/ main.output\n"]}
|
|
@@ -1,10 +1,6 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
const tslib_1 = require("tslib");
|
|
8
|
-
tslib_1.__exportStar(require("./createSession.defs.js"), exports);
|
|
9
|
-
exports.$defs = tslib_1.__importStar(require("./createSession.defs.js"));
|
|
4
|
+
export * from './createSession.defs.js';
|
|
5
|
+
export * as $defs from './createSession.defs.js';
|
|
10
6
|
//# sourceMappingURL=createSession.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"createSession.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/createSession.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"createSession.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/createSession.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,cAAc,yBAAyB,CAAA;AACvC,OAAO,KAAK,KAAK,MAAM,yBAAyB,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nexport * from './createSession.defs.js'\nexport * as $defs from './createSession.defs.js'\n"]}
|
|
@@ -1,19 +1,16 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
exports.$output = exports.$input = exports.$params = exports.$lxm = exports.main = exports.$nsid = void 0;
|
|
7
|
-
const lex_schema_1 = require("@atproto/lex-schema");
|
|
4
|
+
import { l } from '@atproto/lex-schema';
|
|
8
5
|
const $nsid = 'com.atproto.server.deleteSession';
|
|
9
|
-
|
|
6
|
+
export { $nsid };
|
|
10
7
|
/** Delete the current session. Requires auth using the 'refreshJwt' (not the 'accessJwt'). */
|
|
11
8
|
const main =
|
|
12
9
|
/*#__PURE__*/
|
|
13
|
-
|
|
14
|
-
/*#__PURE__*/
|
|
15
|
-
/*#__PURE__*/
|
|
16
|
-
/*#__PURE__*/
|
|
17
|
-
|
|
18
|
-
|
|
10
|
+
l.procedure($nsid,
|
|
11
|
+
/*#__PURE__*/ l.params(),
|
|
12
|
+
/*#__PURE__*/ l.payload(),
|
|
13
|
+
/*#__PURE__*/ l.payload(), ['InvalidToken', 'ExpiredToken']);
|
|
14
|
+
export { main };
|
|
15
|
+
export const $lxm = /*#__PURE__*/ main.nsid, $params = /*#__PURE__*/ main.parameters, $input = /*#__PURE__*/ main.input, $output = /*#__PURE__*/ main.output;
|
|
19
16
|
//# sourceMappingURL=deleteSession.defs.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"deleteSession.defs.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/deleteSession.defs.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"deleteSession.defs.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/deleteSession.defs.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,qBAAqB,CAAA;AAEvC,MAAM,KAAK,GAAG,kCAAkC,CAAA;AAEhD,OAAO,EAAE,KAAK,EAAE,CAAA;AAEhB,8FAA8F;AAC9F,MAAM,IAAI;AACR,aAAa;AACb,CAAC,CAAC,SAAS,CACT,KAAK;AACL,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE;AACxB,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE;AACzB,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,EACzB,CAAC,cAAc,EAAE,cAAc,CAAC,CACjC,CAAA;AACH,OAAO,EAAE,IAAI,EAAE,CAAA;AAcf,MAAM,CAAC,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,EACzC,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,UAAU,EACvC,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,KAAK,EACjC,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,MAAM,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nimport { l } from '@atproto/lex-schema'\n\nconst $nsid = 'com.atproto.server.deleteSession'\n\nexport { $nsid }\n\n/** Delete the current session. Requires auth using the 'refreshJwt' (not the 'accessJwt'). */\nconst main =\n /*#__PURE__*/\n l.procedure(\n $nsid,\n /*#__PURE__*/ l.params(),\n /*#__PURE__*/ l.payload(),\n /*#__PURE__*/ l.payload(),\n ['InvalidToken', 'ExpiredToken'],\n )\nexport { main }\n\nexport type $Params = l.InferMethodParams<typeof main>\nexport type $Input<B = l.BinaryData> = l.InferMethodInput<typeof main, B>\nexport type $InputBody<B = l.BinaryData> = l.InferMethodInputBody<\n typeof main,\n B\n>\nexport type $Output<B = l.BinaryData> = l.InferMethodOutput<typeof main, B>\nexport type $OutputBody<B = l.BinaryData> = l.InferMethodOutputBody<\n typeof main,\n B\n>\n\nexport const $lxm = /*#__PURE__*/ main.nsid,\n $params = /*#__PURE__*/ main.parameters,\n $input = /*#__PURE__*/ main.input,\n $output = /*#__PURE__*/ main.output\n"]}
|
|
@@ -1,10 +1,6 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
const tslib_1 = require("tslib");
|
|
8
|
-
tslib_1.__exportStar(require("./deleteSession.defs.js"), exports);
|
|
9
|
-
exports.$defs = tslib_1.__importStar(require("./deleteSession.defs.js"));
|
|
4
|
+
export * from './deleteSession.defs.js';
|
|
5
|
+
export * as $defs from './deleteSession.defs.js';
|
|
10
6
|
//# sourceMappingURL=deleteSession.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"deleteSession.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/deleteSession.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"deleteSession.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/deleteSession.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,cAAc,yBAAyB,CAAA;AACvC,OAAO,KAAK,KAAK,MAAM,yBAAyB,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nexport * from './deleteSession.defs.js'\nexport * as $defs from './deleteSession.defs.js'\n"]}
|
|
@@ -1,28 +1,25 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
exports.$output = exports.$params = exports.$lxm = exports.main = exports.$nsid = void 0;
|
|
7
|
-
const lex_schema_1 = require("@atproto/lex-schema");
|
|
4
|
+
import { l } from '@atproto/lex-schema';
|
|
8
5
|
const $nsid = 'com.atproto.server.getSession';
|
|
9
|
-
|
|
6
|
+
export { $nsid };
|
|
10
7
|
/** Get information about the current auth session. Requires auth. */
|
|
11
8
|
const main =
|
|
12
9
|
/*#__PURE__*/
|
|
13
|
-
|
|
14
|
-
/*#__PURE__*/
|
|
15
|
-
/*#__PURE__*/
|
|
16
|
-
handle: /*#__PURE__*/
|
|
17
|
-
did: /*#__PURE__*/
|
|
18
|
-
didDoc: /*#__PURE__*/
|
|
19
|
-
email: /*#__PURE__*/
|
|
20
|
-
emailConfirmed: /*#__PURE__*/
|
|
21
|
-
emailAuthFactor: /*#__PURE__*/
|
|
22
|
-
active: /*#__PURE__*/
|
|
23
|
-
status: /*#__PURE__*/
|
|
24
|
-
/*#__PURE__*/
|
|
10
|
+
l.query($nsid,
|
|
11
|
+
/*#__PURE__*/ l.params(),
|
|
12
|
+
/*#__PURE__*/ l.jsonPayload({
|
|
13
|
+
handle: /*#__PURE__*/ l.string({ format: 'handle' }),
|
|
14
|
+
did: /*#__PURE__*/ l.string({ format: 'did' }),
|
|
15
|
+
didDoc: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.lexMap()),
|
|
16
|
+
email: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),
|
|
17
|
+
emailConfirmed: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),
|
|
18
|
+
emailAuthFactor: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),
|
|
19
|
+
active: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),
|
|
20
|
+
status: /*#__PURE__*/ l.optional(
|
|
21
|
+
/*#__PURE__*/ l.string()),
|
|
25
22
|
}));
|
|
26
|
-
|
|
27
|
-
|
|
23
|
+
export { main };
|
|
24
|
+
export const $lxm = /*#__PURE__*/ main.nsid, $params = main.parameters, $output = main.output;
|
|
28
25
|
//# sourceMappingURL=getSession.defs.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getSession.defs.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/getSession.defs.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"getSession.defs.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/getSession.defs.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,qBAAqB,CAAA;AAEvC,MAAM,KAAK,GAAG,+BAA+B,CAAA;AAE7C,OAAO,EAAE,KAAK,EAAE,CAAA;AAEhB,qEAAqE;AACrE,MAAM,IAAI;AACR,aAAa;AACb,CAAC,CAAC,KAAK,CACL,KAAK;AACL,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE;AACxB,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC;IAC1B,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;IACpD,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAC9C,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC1D,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACzD,cAAc,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IACnE,eAAe,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IACpE,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IAC3D,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ;IAC9B,aAAa,CAAC,CAAC,CAAC,MAAM,EAElB,CACL;CACF,CAAC,CACH,CAAA;AACH,OAAO,EAAE,IAAI,EAAE,CAAA;AASf,MAAM,CAAC,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,EACzC,OAAO,GAAG,IAAI,CAAC,UAAU,EACzB,OAAO,GAAG,IAAI,CAAC,MAAM,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nimport { l } from '@atproto/lex-schema'\n\nconst $nsid = 'com.atproto.server.getSession'\n\nexport { $nsid }\n\n/** Get information about the current auth session. Requires auth. */\nconst main =\n /*#__PURE__*/\n l.query(\n $nsid,\n /*#__PURE__*/ l.params(),\n /*#__PURE__*/ l.jsonPayload({\n handle: /*#__PURE__*/ l.string({ format: 'handle' }),\n did: /*#__PURE__*/ l.string({ format: 'did' }),\n didDoc: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.lexMap()),\n email: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),\n emailConfirmed: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),\n emailAuthFactor: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),\n active: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),\n status: /*#__PURE__*/ l.optional(\n /*#__PURE__*/ l.string<{\n knownValues: ['takendown', 'suspended', 'deactivated']\n }>(),\n ),\n }),\n )\nexport { main }\n\nexport type $Params = l.InferMethodParams<typeof main>\nexport type $Output<B = l.BinaryData> = l.InferMethodOutput<typeof main, B>\nexport type $OutputBody<B = l.BinaryData> = l.InferMethodOutputBody<\n typeof main,\n B\n>\n\nexport const $lxm = /*#__PURE__*/ main.nsid,\n $params = main.parameters,\n $output = main.output\n"]}
|
|
@@ -1,10 +1,6 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
const tslib_1 = require("tslib");
|
|
8
|
-
tslib_1.__exportStar(require("./getSession.defs.js"), exports);
|
|
9
|
-
exports.$defs = tslib_1.__importStar(require("./getSession.defs.js"));
|
|
4
|
+
export * from './getSession.defs.js';
|
|
5
|
+
export * as $defs from './getSession.defs.js';
|
|
10
6
|
//# sourceMappingURL=getSession.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getSession.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/getSession.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"getSession.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/getSession.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,cAAc,sBAAsB,CAAA;AACpC,OAAO,KAAK,KAAK,MAAM,sBAAsB,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nexport * from './getSession.defs.js'\nexport * as $defs from './getSession.defs.js'\n"]}
|
|
@@ -1,31 +1,28 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
exports.$output = exports.$input = exports.$params = exports.$lxm = exports.main = exports.$nsid = void 0;
|
|
7
|
-
const lex_schema_1 = require("@atproto/lex-schema");
|
|
4
|
+
import { l } from '@atproto/lex-schema';
|
|
8
5
|
const $nsid = 'com.atproto.server.refreshSession';
|
|
9
|
-
|
|
6
|
+
export { $nsid };
|
|
10
7
|
/** Refresh an authentication session. Requires auth using the 'refreshJwt' (not the 'accessJwt'). */
|
|
11
8
|
const main =
|
|
12
9
|
/*#__PURE__*/
|
|
13
|
-
|
|
14
|
-
/*#__PURE__*/
|
|
15
|
-
/*#__PURE__*/
|
|
16
|
-
/*#__PURE__*/
|
|
17
|
-
accessJwt: /*#__PURE__*/
|
|
18
|
-
refreshJwt: /*#__PURE__*/
|
|
19
|
-
handle: /*#__PURE__*/
|
|
20
|
-
did: /*#__PURE__*/
|
|
21
|
-
didDoc: /*#__PURE__*/
|
|
22
|
-
email: /*#__PURE__*/
|
|
23
|
-
emailConfirmed: /*#__PURE__*/
|
|
24
|
-
emailAuthFactor: /*#__PURE__*/
|
|
25
|
-
active: /*#__PURE__*/
|
|
26
|
-
status: /*#__PURE__*/
|
|
27
|
-
/*#__PURE__*/
|
|
10
|
+
l.procedure($nsid,
|
|
11
|
+
/*#__PURE__*/ l.params(),
|
|
12
|
+
/*#__PURE__*/ l.payload(),
|
|
13
|
+
/*#__PURE__*/ l.jsonPayload({
|
|
14
|
+
accessJwt: /*#__PURE__*/ l.string(),
|
|
15
|
+
refreshJwt: /*#__PURE__*/ l.string(),
|
|
16
|
+
handle: /*#__PURE__*/ l.string({ format: 'handle' }),
|
|
17
|
+
did: /*#__PURE__*/ l.string({ format: 'did' }),
|
|
18
|
+
didDoc: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.lexMap()),
|
|
19
|
+
email: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),
|
|
20
|
+
emailConfirmed: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),
|
|
21
|
+
emailAuthFactor: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),
|
|
22
|
+
active: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),
|
|
23
|
+
status: /*#__PURE__*/ l.optional(
|
|
24
|
+
/*#__PURE__*/ l.string()),
|
|
28
25
|
}), ['AccountTakedown', 'InvalidToken', 'ExpiredToken']);
|
|
29
|
-
|
|
30
|
-
|
|
26
|
+
export { main };
|
|
27
|
+
export const $lxm = /*#__PURE__*/ main.nsid, $params = /*#__PURE__*/ main.parameters, $input = /*#__PURE__*/ main.input, $output = /*#__PURE__*/ main.output;
|
|
31
28
|
//# sourceMappingURL=refreshSession.defs.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"refreshSession.defs.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/refreshSession.defs.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"refreshSession.defs.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/refreshSession.defs.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,qBAAqB,CAAA;AAEvC,MAAM,KAAK,GAAG,mCAAmC,CAAA;AAEjD,OAAO,EAAE,KAAK,EAAE,CAAA;AAEhB,qGAAqG;AACrG,MAAM,IAAI;AACR,aAAa;AACb,CAAC,CAAC,SAAS,CACT,KAAK;AACL,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE;AACxB,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE;AACzB,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC;IAC1B,SAAS,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE;IACnC,UAAU,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE;IACpC,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;IACpD,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAC9C,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IAC1D,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACzD,cAAc,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IACnE,eAAe,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IACpE,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IAC3D,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ;IAC9B,aAAa,CAAC,CAAC,CAAC,MAAM,EAElB,CACL;CACF,CAAC,EACF,CAAC,iBAAiB,EAAE,cAAc,EAAE,cAAc,CAAC,CACpD,CAAA;AACH,OAAO,EAAE,IAAI,EAAE,CAAA;AAcf,MAAM,CAAC,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,EACzC,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,UAAU,EACvC,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,KAAK,EACjC,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,MAAM,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nimport { l } from '@atproto/lex-schema'\n\nconst $nsid = 'com.atproto.server.refreshSession'\n\nexport { $nsid }\n\n/** Refresh an authentication session. Requires auth using the 'refreshJwt' (not the 'accessJwt'). */\nconst main =\n /*#__PURE__*/\n l.procedure(\n $nsid,\n /*#__PURE__*/ l.params(),\n /*#__PURE__*/ l.payload(),\n /*#__PURE__*/ l.jsonPayload({\n accessJwt: /*#__PURE__*/ l.string(),\n refreshJwt: /*#__PURE__*/ l.string(),\n handle: /*#__PURE__*/ l.string({ format: 'handle' }),\n did: /*#__PURE__*/ l.string({ format: 'did' }),\n didDoc: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.lexMap()),\n email: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.string()),\n emailConfirmed: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),\n emailAuthFactor: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),\n active: /*#__PURE__*/ l.optional(/*#__PURE__*/ l.boolean()),\n status: /*#__PURE__*/ l.optional(\n /*#__PURE__*/ l.string<{\n knownValues: ['takendown', 'suspended', 'deactivated']\n }>(),\n ),\n }),\n ['AccountTakedown', 'InvalidToken', 'ExpiredToken'],\n )\nexport { main }\n\nexport type $Params = l.InferMethodParams<typeof main>\nexport type $Input<B = l.BinaryData> = l.InferMethodInput<typeof main, B>\nexport type $InputBody<B = l.BinaryData> = l.InferMethodInputBody<\n typeof main,\n B\n>\nexport type $Output<B = l.BinaryData> = l.InferMethodOutput<typeof main, B>\nexport type $OutputBody<B = l.BinaryData> = l.InferMethodOutputBody<\n typeof main,\n B\n>\n\nexport const $lxm = /*#__PURE__*/ main.nsid,\n $params = /*#__PURE__*/ main.parameters,\n $input = /*#__PURE__*/ main.input,\n $output = /*#__PURE__*/ main.output\n"]}
|
|
@@ -1,10 +1,6 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
const tslib_1 = require("tslib");
|
|
8
|
-
tslib_1.__exportStar(require("./refreshSession.defs.js"), exports);
|
|
9
|
-
exports.$defs = tslib_1.__importStar(require("./refreshSession.defs.js"));
|
|
4
|
+
export * from './refreshSession.defs.js';
|
|
5
|
+
export * as $defs from './refreshSession.defs.js';
|
|
10
6
|
//# sourceMappingURL=refreshSession.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"refreshSession.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/refreshSession.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"refreshSession.js","sourceRoot":"","sources":["../../../../../src/lexicons/com/atproto/server/refreshSession.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,cAAc,0BAA0B,CAAA;AACxC,OAAO,KAAK,KAAK,MAAM,0BAA0B,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nexport * from './refreshSession.defs.js'\nexport * as $defs from './refreshSession.defs.js'\n"]}
|
|
@@ -1,13 +1,9 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
exports.deleteSession = tslib_1.__importStar(require("./server/deleteSession.js"));
|
|
11
|
-
exports.getSession = tslib_1.__importStar(require("./server/getSession.js"));
|
|
12
|
-
exports.refreshSession = tslib_1.__importStar(require("./server/refreshSession.js"));
|
|
4
|
+
export * as createAccount from './server/createAccount.js';
|
|
5
|
+
export * as createSession from './server/createSession.js';
|
|
6
|
+
export * as deleteSession from './server/deleteSession.js';
|
|
7
|
+
export * as getSession from './server/getSession.js';
|
|
8
|
+
export * as refreshSession from './server/refreshSession.js';
|
|
13
9
|
//# sourceMappingURL=server.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.js","sourceRoot":"","sources":["../../../../src/lexicons/com/atproto/server.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"server.js","sourceRoot":"","sources":["../../../../src/lexicons/com/atproto/server.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,aAAa,MAAM,2BAA2B,CAAA;AAC1D,OAAO,KAAK,aAAa,MAAM,2BAA2B,CAAA;AAC1D,OAAO,KAAK,aAAa,MAAM,2BAA2B,CAAA;AAC1D,OAAO,KAAK,UAAU,MAAM,wBAAwB,CAAA;AACpD,OAAO,KAAK,cAAc,MAAM,4BAA4B,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nexport * as createAccount from './server/createAccount.js'\nexport * as createSession from './server/createSession.js'\nexport * as deleteSession from './server/deleteSession.js'\nexport * as getSession from './server/getSession.js'\nexport * as refreshSession from './server/refreshSession.js'\n"]}
|
|
@@ -1,9 +1,5 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
exports.server = void 0;
|
|
7
|
-
const tslib_1 = require("tslib");
|
|
8
|
-
exports.server = tslib_1.__importStar(require("./atproto/server.js"));
|
|
4
|
+
export * as server from './atproto/server.js';
|
|
9
5
|
//# sourceMappingURL=atproto.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"atproto.js","sourceRoot":"","sources":["../../../src/lexicons/com/atproto.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"atproto.js","sourceRoot":"","sources":["../../../src/lexicons/com/atproto.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,MAAM,MAAM,qBAAqB,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nexport * as server from './atproto/server.js'\n"]}
|
package/dist/lexicons/com.js
CHANGED
|
@@ -1,9 +1,5 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
exports.atproto = void 0;
|
|
7
|
-
const tslib_1 = require("tslib");
|
|
8
|
-
exports.atproto = tslib_1.__importStar(require("./com/atproto.js"));
|
|
4
|
+
export * as atproto from './com/atproto.js';
|
|
9
5
|
//# sourceMappingURL=com.js.map
|
package/dist/lexicons/com.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"com.js","sourceRoot":"","sources":["../../src/lexicons/com.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"com.js","sourceRoot":"","sources":["../../src/lexicons/com.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nexport * as atproto from './com/atproto.js'\n"]}
|
package/dist/lexicons/index.js
CHANGED
|
@@ -1,9 +1,5 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/*
|
|
3
2
|
* THIS FILE WAS GENERATED BY "@atproto/lex". DO NOT EDIT.
|
|
4
3
|
*/
|
|
5
|
-
|
|
6
|
-
exports.com = void 0;
|
|
7
|
-
const tslib_1 = require("tslib");
|
|
8
|
-
exports.com = tslib_1.__importStar(require("./com.js"));
|
|
4
|
+
export * as com from './com.js';
|
|
9
5
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/lexicons/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/lexicons/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,GAAG,MAAM,UAAU,CAAA","sourcesContent":["/*\n * THIS FILE WAS GENERATED BY \"@atproto/lex\". DO NOT EDIT.\n */\n\nexport * as com from './com.js'\n"]}
|
package/dist/password-session.js
CHANGED
|
@@ -1,10 +1,7 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
const error_js_1 = require("./error.js");
|
|
6
|
-
const index_js_1 = require("./lexicons/index.js");
|
|
7
|
-
const util_js_1 = require("./util.js");
|
|
1
|
+
import { buildAgent, xrpc, xrpcSafe, } from '@atproto/lex-client';
|
|
2
|
+
import { LexAuthFactorError } from './error.js';
|
|
3
|
+
import { com } from './lexicons/index.js';
|
|
4
|
+
import { extractPdsUrl, extractXrpcErrorCode } from './util.js';
|
|
8
5
|
/**
|
|
9
6
|
* Password-based authentication session for AT Protocol services.
|
|
10
7
|
*
|
|
@@ -43,8 +40,7 @@ const util_js_1 = require("./util.js");
|
|
|
43
40
|
*
|
|
44
41
|
* @implements {Agent}
|
|
45
42
|
*/
|
|
46
|
-
class PasswordSession {
|
|
47
|
-
options;
|
|
43
|
+
export class PasswordSession {
|
|
48
44
|
/**
|
|
49
45
|
* Internal {@link Agent} used for session management towards the
|
|
50
46
|
* authentication service only.
|
|
@@ -54,7 +50,7 @@ class PasswordSession {
|
|
|
54
50
|
#sessionPromise;
|
|
55
51
|
constructor(sessionData, options = {}) {
|
|
56
52
|
this.options = options;
|
|
57
|
-
this.#serviceAgent =
|
|
53
|
+
this.#serviceAgent = buildAgent({
|
|
58
54
|
service: sessionData.service,
|
|
59
55
|
fetch: options.fetch,
|
|
60
56
|
});
|
|
@@ -126,7 +122,7 @@ class PasswordSession {
|
|
|
126
122
|
});
|
|
127
123
|
const refreshNeeded = initialRes.status === 401 ||
|
|
128
124
|
(initialRes.status === 400 &&
|
|
129
|
-
(await
|
|
125
|
+
(await extractXrpcErrorCode(initialRes)) === 'ExpiredToken');
|
|
130
126
|
if (!refreshNeeded) {
|
|
131
127
|
return initialRes;
|
|
132
128
|
}
|
|
@@ -179,7 +175,7 @@ class PasswordSession {
|
|
|
179
175
|
*/
|
|
180
176
|
async refresh() {
|
|
181
177
|
this.#sessionPromise = this.#sessionPromise.then(async (sessionData) => {
|
|
182
|
-
const response = await
|
|
178
|
+
const response = await xrpcSafe(this.#serviceAgent, com.atproto.server.refreshSession.main, { headers: { Authorization: `Bearer ${sessionData.refreshJwt}` } });
|
|
183
179
|
if (!response.success && response.matchesSchemaErrors()) {
|
|
184
180
|
// Expected errors that indicate the session is no longer valid
|
|
185
181
|
await this.options.onDeleted?.call(this, sessionData);
|
|
@@ -200,7 +196,7 @@ class PasswordSession {
|
|
|
200
196
|
// We fetch them via getSession if missing, allowing to ensure that we are
|
|
201
197
|
// always talking with the right PDS.
|
|
202
198
|
if (data.emailConfirmed == null || data.didDoc == null) {
|
|
203
|
-
const extraData = await
|
|
199
|
+
const extraData = await xrpcSafe(this.#serviceAgent, com.atproto.server.getSession.main, { headers: { Authorization: `Bearer ${data.accessJwt}` } });
|
|
204
200
|
if (extraData.success && extraData.body.did === data.did) {
|
|
205
201
|
Object.assign(data, extraData.body);
|
|
206
202
|
}
|
|
@@ -232,7 +228,7 @@ class PasswordSession {
|
|
|
232
228
|
async logout() {
|
|
233
229
|
let reason = null;
|
|
234
230
|
this.#sessionPromise = this.#sessionPromise.then(async (sessionData) => {
|
|
235
|
-
const result = await
|
|
231
|
+
const result = await xrpcSafe(this.#serviceAgent, com.atproto.server.deleteSession.main, { headers: { Authorization: `Bearer ${sessionData.refreshJwt}` } });
|
|
236
232
|
if (result.success || result.matchesSchemaErrors()) {
|
|
237
233
|
await this.options.onDeleted?.call(this, sessionData);
|
|
238
234
|
// Update the session promise to a rejected state
|
|
@@ -286,7 +282,7 @@ class PasswordSession {
|
|
|
286
282
|
* ```
|
|
287
283
|
*/
|
|
288
284
|
static async createAccount(body, { service, headers, ...options }) {
|
|
289
|
-
const response = await
|
|
285
|
+
const response = await xrpc(buildAgent({ service, headers, fetch: options.fetch }), com.atproto.server.createAccount.main, { body });
|
|
290
286
|
const data = {
|
|
291
287
|
...response.body,
|
|
292
288
|
service: String(service),
|
|
@@ -370,14 +366,14 @@ class PasswordSession {
|
|
|
370
366
|
const { service, identifier, password, allowTakendown, authFactorToken, ...options } = typeof input === 'string' || input instanceof URL
|
|
371
367
|
? parseLoginUrl(input)
|
|
372
368
|
: input;
|
|
373
|
-
const xrpcAgent =
|
|
369
|
+
const xrpcAgent = buildAgent({
|
|
374
370
|
service,
|
|
375
371
|
fetch: options.fetch,
|
|
376
372
|
});
|
|
377
|
-
const response = await
|
|
373
|
+
const response = await xrpcSafe(xrpcAgent, com.atproto.server.createSession.main, { body: { identifier, password, allowTakendown, authFactorToken } });
|
|
378
374
|
if (!response.success) {
|
|
379
375
|
if (response.error === 'AuthFactorTokenRequired') {
|
|
380
|
-
throw new
|
|
376
|
+
throw new LexAuthFactorError(response);
|
|
381
377
|
}
|
|
382
378
|
throw response.reason;
|
|
383
379
|
}
|
|
@@ -419,9 +415,8 @@ class PasswordSession {
|
|
|
419
415
|
await agent.logout();
|
|
420
416
|
}
|
|
421
417
|
}
|
|
422
|
-
exports.PasswordSession = PasswordSession;
|
|
423
418
|
function fetchUrl(sessionData, path) {
|
|
424
|
-
const pdsUrl =
|
|
419
|
+
const pdsUrl = extractPdsUrl(sessionData.didDoc);
|
|
425
420
|
return new URL(path, pdsUrl ?? sessionData.service);
|
|
426
421
|
}
|
|
427
422
|
function parseLoginUrl(input) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"password-session.js","sourceRoot":"","sources":["../src/password-session.ts"],"names":[],"mappings":";;;AAAA,oDAM4B;AAC5B,yCAA+C;AAC/C,kDAAyC;AACzC,uCAA+D;AA0G/D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AACH,MAAa,eAAe;IAYL;IAXrB;;;OAGG;IACH,aAAa,CAAO;IAEpB,YAAY,CAAoB;IAChC,eAAe,CAAsB;IAErC,YACE,WAAwB,EACL,UAAkC,EAAE;QAApC,YAAO,GAAP,OAAO,CAA6B;QAEvD,IAAI,CAAC,aAAa,GAAG,IAAA,uBAAU,EAAC;YAC9B,OAAO,EAAE,WAAW,CAAC,OAAO;YAC5B,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC,CAAA;QAEF,IAAI,CAAC,YAAY,GAAG,WAAW,CAAA;QAC/B,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;IAC3D,CAAC;IAED;;;;OAIG;IACH,IAAI,GAAG;QACL,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAA;IACzB,CAAC;IAED;;;;OAIG;IACH,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAA;IAC5B,CAAC;IAED;;;;OAIG;IACH,IAAI,OAAO;QACT,IAAI,IAAI,CAAC,YAAY;YAAE,OAAO,IAAI,CAAC,YAAY,CAAA;QAC/C,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAA;IAC/B,CAAC;IAED;;;;;;OAMG;IACH,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,YAAY,KAAK,IAAI,CAAA;IACnC,CAAC;IAED;;;;;;;;;;;;;OAaG;IACH,KAAK,CAAC,YAAY,CAAC,IAAY,EAAE,IAAiB;QAChD,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACzC,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,SAAS,CAAC,uCAAuC,CAAC,CAAA;QAC9D,CAAC;QAED,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAA;QAC3C,MAAM,WAAW,GAAG,MAAM,cAAc,CAAA;QAExC,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,IAAI,UAAU,CAAC,KAAK,CAAA;QAEpD,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,CAAC,SAAS,EAAE,CAAC,CAAA;QAC/D,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,WAAW,EAAE,IAAI,CAAC,EAAE;YAC1D,GAAG,IAAI;YACP,OAAO;SACR,CAAC,CAAA;QAEF,MAAM,aAAa,GACjB,UAAU,CAAC,MAAM,KAAK,GAAG;YACzB,CAAC,UAAU,CAAC,MAAM,KAAK,GAAG;gBACxB,CAAC,MAAM,IAAA,8BAAoB,EAAC,UAAU,CAAC,CAAC,KAAK,cAAc,CAAC,CAAA;QAEhE,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,UAAU,CAAA;QACnB,CAAC;QAED,oEAAoE;QACpE,MAAM,iBAAiB,GACrB,IAAI,CAAC,eAAe,KAAK,cAAc;YACrC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE;YAChB,CAAC,CAAC,IAAI,CAAC,eAAe,CAAA;QAE1B,kDAAkD;QAClD,MAAM,cAAc,GAAG,MAAM,iBAAiB,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,CAAA;QACpE,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,OAAO,UAAU,CAAA;QACnB,CAAC;QAED,iDAAiD;QACjD,IAAI,cAAc,CAAC,SAAS,KAAK,WAAW,CAAC,SAAS,EAAE,CAAC;YACvD,OAAO,UAAU,CAAA;QACnB,CAAC;QAED,IAAI,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;YAC1B,OAAO,UAAU,CAAA;QACnB,CAAC;QAED,2EAA2E;QAC3E,yEAAyE;QACzE,yEAAyE;QACzE,wEAAwE;QACxE,IAAI,cAAc,IAAI,IAAI,EAAE,IAAI,YAAY,cAAc,EAAE,CAAC;YAC3D,OAAO,UAAU,CAAA;QACnB,CAAC;QAED,wEAAwE;QACxE,kEAAkE;QAClE,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;YACzB,MAAM,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,CAAA;QACjC,CAAC;QAED,uDAAuD;QACvD,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,cAAc,CAAC,SAAS,EAAE,CAAC,CAAA;QAClE,OAAO,KAAK,CAAC,QAAQ,CAAC,cAAc,EAAE,IAAI,CAAC,EAAE,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;IACpE,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,EAAE,WAAW,EAAE,EAAE;YACrE,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAQ,EAC7B,IAAI,CAAC,aAAa,EAClB,cAAG,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,EACtC,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,CAAC,UAAU,EAAE,EAAE,EAAE,CACnE,CAAA;YAED,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,QAAQ,CAAC,mBAAmB,EAAE,EAAE,CAAC;gBACxD,+DAA+D;gBAC/D,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;gBAErD,iDAAiD;gBACjD,IAAI,CAAC,YAAY,GAAG,IAAI,CAAA;gBACxB,MAAM,QAAQ,CAAA;YAChB,CAAC;YAED,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;gBACtB,oEAAoE;gBACpE,2CAA2C;gBAC3C,MAAM,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,IAAI,CAAC,IAAI,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAA;gBAErE,OAAO,WAAW,CAAA;YACpB,CAAC;YAED,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAA;YAE1B,kEAAkE;YAClE,qEAAqE;YACrE,yEAAyE;YACzE,0EAA0E;YAC1E,qCAAqC;YACrC,IAAI,IAAI,CAAC,cAAc,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC;gBACvD,MAAM,SAAS,GAAG,MAAM,IAAA,qBAAQ,EAC9B,IAAI,CAAC,aAAa,EAClB,cAAG,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,EAClC,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,SAAS,EAAE,EAAE,EAAE,CAC3D,CAAA;gBACD,IAAI,SAAS,CAAC,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,GAAG,KAAK,IAAI,CAAC,GAAG,EAAE,CAAC;oBACzD,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC,IAAI,CAAC,CAAA;gBACrC,CAAC;YACH,CAAC;YAED,MAAM,UAAU,GAAgB;gBAC9B,GAAG,IAAI;gBACP,OAAO,EAAE,WAAW,CAAC,OAAO;aAC7B,CAAA;YAED,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC,CAAA;YAEpD,OAAO,CAAC,IAAI,CAAC,YAAY,GAAG,UAAU,CAAC,CAAA;QACzC,CAAC,CAAC,CAAA;QAEF,OAAO,IAAI,CAAC,eAAe,CAAA;IAC7B,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,KAAK,CAAC,MAAM;QACV,IAAI,MAAM,GAAyB,IAAI,CAAA;QAEvC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,EAAE,WAAW,EAAE,EAAE;YACrE,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAQ,EAC3B,IAAI,CAAC,aAAa,EAClB,cAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,EACrC,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,CAAC,UAAU,EAAE,EAAE,EAAE,CACnE,CAAA;YAED,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,mBAAmB,EAAE,EAAE,CAAC;gBACnD,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;gBAErD,iDAAiD;gBACjD,IAAI,CAAC,YAAY,GAAG,IAAI,CAAA;gBACxB,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAA;YAC/B,CAAC;iBAAM,CAAC;gBACN,sEAAsE;gBACtE,MAAM,GAAG,MAAM,CAAA;gBAEf,mEAAmE;gBACnE,MAAM,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,IAAI,CAAC,IAAI,EAAE,WAAW,EAAE,MAAM,CAAC,CAAA;gBAEnE,sCAAsC;gBACtC,OAAO,WAAW,CAAA;YACpB,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAC9B,CAAC,QAAQ,EAAE,EAAE;YACX,kEAAkE;YAClE,2BAA2B;YAC3B,MAAM,MAAO,CAAA;QACf,CAAC,EACD,CAAC,IAAI,EAAE,EAAE;YACP,oBAAoB;QACtB,CAAC,CACF,CAAA;IACH,CAAC;IAED,KAAK,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC;QACzB,MAAM,IAAI,CAAC,MAAM,EAAE,CAAA;IACrB,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACH,MAAM,CAAC,KAAK,CAAC,aAAa,CACxB,IAAiD,EACjD,EACE,OAAO,EACP,OAAO,EACP,GAAG,OAAO,EAIX;QAED,MAAM,QAAQ,GAAG,MAAM,IAAA,iBAAI,EACzB,IAAA,uBAAU,EAAC,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,EACtD,cAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,EACrC,EAAE,IAAI,EAAE,CACT,CAAA;QAED,MAAM,IAAI,GAAgB;YACxB,GAAG,QAAQ,CAAC,IAAI;YAChB,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC;SACzB,CAAA;QAED,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAChD,MAAM,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QAC1C,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAsEG;IACH,MAAM,CAAC,KAAK,CAAC,KAAK,CAChB,KAAkC;QAElC,MAAM,EACJ,OAAO,EACP,UAAU,EACV,QAAQ,EACR,cAAc,EACd,eAAe,EACf,GAAG,OAAO,EACX,GACC,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,YAAY,GAAG;YAC/C,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC;YACtB,CAAC,CAAC,KAAK,CAAA;QAEX,MAAM,SAAS,GAAG,IAAA,uBAAU,EAAC;YAC3B,OAAO;YACP,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC,CAAA;QAEF,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAQ,EAC7B,SAAS,EACT,cAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,EACrC,EAAE,IAAI,EAAE,EAAE,UAAU,EAAE,QAAQ,EAAE,cAAc,EAAE,eAAe,EAAE,EAAE,CACpE,CAAA;QAED,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtB,IAAI,QAAQ,CAAC,KAAK,KAAK,yBAAyB,EAAE,CAAC;gBACjD,MAAM,IAAI,6BAAkB,CAAC,QAAQ,CAAC,CAAA;YACxC,CAAC;YACD,MAAM,QAAQ,CAAC,MAAM,CAAA;QACvB,CAAC;QAED,MAAM,IAAI,GAAgB;YACxB,GAAG,QAAQ,CAAC,IAAI;YAChB,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC;SACzB,CAAA;QAED,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAChD,MAAM,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QAC1C,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,MAAM,CAAC,KAAK,CAAC,MAAM,CACjB,IAAiB,EACjB,OAA+B;QAE/B,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAChD,MAAM,KAAK,CAAC,OAAO,EAAE,CAAA;QACrB,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,KAAK,CAAC,MAAM,CACjB,IAAiB,EACjB,OAAgC;QAEhC,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAChD,MAAM,KAAK,CAAC,MAAM,EAAE,CAAA;IACtB,CAAC;CACF;AA3dD,0CA2dC;AAED,SAAS,QAAQ,CAAC,WAAwB,EAAE,IAAY;IACtD,MAAM,MAAM,GAAG,IAAA,uBAAa,EAAC,WAAW,CAAC,MAAM,CAAC,CAAA;IAChD,OAAO,IAAI,GAAG,CAAC,IAAI,EAAE,MAAM,IAAI,WAAW,CAAC,OAAO,CAAC,CAAA;AACrD,CAAC;AAED,SAAS,aAAa,CAAC,KAAmB;IACxC,MAAM,GAAG,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAC9D,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;QACzB,MAAM,IAAI,SAAS,CAAC,wCAAwC,CAAC,CAAA;IAC/D,CAAC;IACD,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;QACb,MAAM,IAAI,SAAS,CAAC,oCAAoC,CAAC,CAAA;IAC3D,CAAC;IACD,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC;QACf,MAAM,IAAI,SAAS,CAAC,iDAAiD,CAAC,CAAA;IACxE,CAAC;IACD,IAAI,CAAC,GAAG,CAAC,QAAQ,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QACnC,MAAM,IAAI,SAAS,CAAC,mDAAmD,CAAC,CAAA;IAC1E,CAAC;IACD,OAAO;QACL,OAAO,EAAE,GAAG,CAAC,MAAM;QACnB,UAAU,EAAE,GAAG,CAAC,QAAQ;QACxB,QAAQ,EAAE,GAAG,CAAC,QAAQ;KACvB,CAAA;AACH,CAAC","sourcesContent":["import {\n Agent,\n XrpcFailure,\n buildAgent,\n xrpc,\n xrpcSafe,\n} from '@atproto/lex-client'\nimport { LexAuthFactorError } from './error.js'\nimport { com } from './lexicons/index.js'\nimport { extractPdsUrl, extractXrpcErrorCode } from './util.js'\n\n/**\n * Represents a failure response when refreshing a session.\n *\n * This type captures the possible error responses from\n * `com.atproto.server.refreshSession`, including both expected errors\n * (e.g., invalid/expired refresh token) and unexpected errors (e.g., network issues).\n */\nexport type RefreshFailure = XrpcFailure<\n typeof com.atproto.server.refreshSession.main\n>\n\n/**\n * Represents a failure response when deleting a session.\n *\n * This type captures the possible error responses from\n * `com.atproto.server.deleteSession`, including both expected errors\n * and unexpected errors (e.g., network issues, server unavailability).\n */\nexport type DeleteFailure = XrpcFailure<\n typeof com.atproto.server.deleteSession.main\n>\n\n/**\n * Persisted session data containing authentication credentials and service information.\n *\n * This type extends the response from `com.atproto.server.createSession` with the\n * service URL used for authentication. Store this data securely to resume sessions\n * later without re-authenticating.\n */\nexport type SessionData = com.atproto.server.createSession.$OutputBody & {\n service: string\n}\n\nexport type LoginOptions = PasswordSessionOptions & {\n service: string | URL\n identifier: string\n password: string\n allowTakendown?: boolean\n authFactorToken?: string\n}\n\nexport type PasswordSessionOptions = {\n /**\n * Custom fetch implementation to use for network requests\n */\n fetch?: typeof globalThis.fetch\n\n /**\n * Called whenever the session is successfully created/refreshed, and new\n * credentials have been obtained. Use this hook to persist the updated\n * session information.\n *\n * If this callback returns a promise, this function will never be called\n * again (on the same process) until the promise resolves.\n *\n * @note this function **must** not throw\n */\n onUpdated?: (this: PasswordSession, data: SessionData) => void | Promise<void>\n\n /**\n * Called whenever the session update fails due to an expected error, such as\n * a network issue or server unavailability. This function can be used to log\n * the error or notify the user, but should not assume that the session is\n * invalid.\n *\n * @note this function **must** not throw\n */\n onUpdateFailure?: (\n this: PasswordSession,\n data: SessionData,\n err: RefreshFailure,\n ) => void | Promise<void>\n\n /**\n * Called whenever the session is deleted, either due to an explicit logout or\n * because the refresh operation indicated that the session is no longer\n * valid. Use this hook to clean up any persisted session information and\n * update the application state accordingly.\n *\n * @note this function **must** not throw\n */\n onDeleted?: (this: PasswordSession, data: SessionData) => void | Promise<void>\n\n /**\n * Called whenever a session deletion fails due to an unexpected error, such\n * as a network issue or server unavailability. This function can be used to\n * log the error or notify the user. When this function is called, the session\n * might still be valid on the server. It is up to the implementation to\n * decide whether to retry the deletion or keep the session active. Ignoring\n * these errors is not recommended as it can lead to orphaned sessions on the\n * server, or security issues if the user believes they have logged out when a\n * bad actor is still using the session. The implementation should consider\n * keeping track of failed deletions and retrying them later, until they\n * succeed.\n *\n * @note this function **must** not throw\n */\n onDeleteFailure?: (\n this: PasswordSession,\n data: SessionData,\n err: DeleteFailure,\n ) => void | Promise<void>\n}\n\n/**\n * Password-based authentication session for AT Protocol services.\n *\n * This class provides session management for CLI tools, scripts, and bots that\n * need to authenticate with AT Protocol services using password credentials.\n * It implements the {@link Agent} interface, allowing it to be used directly\n * with AT Protocol clients.\n *\n * **Security Warning:** It is strongly recommended to use app passwords instead\n * of main account credentials. App passwords provide limited access and can be\n * revoked independently without compromising your main account. For browser-based\n * applications, use OAuth-based authentication instead.\n *\n * @example Basic usage with app password\n * ```ts\n * const session = await PasswordSession.login({\n * service: 'https://bsky.social',\n * identifier: 'alice.bsky.social',\n * password: 'xxxx-xxxx-xxxx-xxxx', // App password\n * onUpdated: (data) => saveToStorage(data),\n * onDeleted: (data) => clearStorage(data.did),\n * })\n *\n * const client = new Client(session)\n * // Use client to make authenticated requests\n * ```\n *\n * @example Resuming a persisted session\n * ```ts\n * const savedData = JSON.parse(fs.readFileSync('session.json', 'utf8'))\n * const session = await PasswordSession.resume(savedData, {\n * onUpdated: (data) => saveToStorage(data),\n * onDeleted: (data) => clearStorage(data.did),\n * })\n * ```\n *\n * @implements {Agent}\n */\nexport class PasswordSession implements Agent, AsyncDisposable {\n /**\n * Internal {@link Agent} used for session management towards the\n * authentication service only.\n */\n #serviceAgent: Agent\n\n #sessionData: null | SessionData\n #sessionPromise: Promise<SessionData>\n\n constructor(\n sessionData: SessionData,\n protected readonly options: PasswordSessionOptions = {},\n ) {\n this.#serviceAgent = buildAgent({\n service: sessionData.service,\n fetch: options.fetch,\n })\n\n this.#sessionData = sessionData\n this.#sessionPromise = Promise.resolve(this.#sessionData)\n }\n\n /**\n * The DID (Decentralized Identifier) of the authenticated account.\n *\n * @throws {Error} If the session has been destroyed (logged out).\n */\n get did() {\n return this.session.did\n }\n\n /**\n * The handle (username) of the authenticated account.\n *\n * @throws {Error} If the session has been destroyed (logged out).\n */\n get handle() {\n return this.session.handle\n }\n\n /**\n * The current session data containing authentication credentials.\n *\n * @throws {Error} If the session has been destroyed (logged out).\n */\n get session() {\n if (this.#sessionData) return this.#sessionData\n throw new Error('Logged out')\n }\n\n /**\n * Whether this session has been destroyed (logged out).\n *\n * Once destroyed, this session instance can no longer be used for\n * authenticated requests. Create a new session via {@link PasswordSession.login}\n * or {@link PasswordSession.resume}.\n */\n get destroyed(): boolean {\n return this.#sessionData === null\n }\n\n /**\n * Handles authenticated fetch requests to the user's PDS.\n *\n * This method implements the {@link Agent} interface and is called by\n * AT Protocol clients to make authenticated requests. It automatically:\n * - Adds the access token to request headers\n * - Detects expired tokens and triggers refresh\n * - Retries requests after successful token refresh\n *\n * @param path - The request path (will be resolved against the PDS URL)\n * @param init - Standard fetch RequestInit options (headers, body, etc.)\n * @returns The fetch Response from the PDS\n * @throws {TypeError} If an 'authorization' header is already set in init\n */\n async fetchHandler(path: string, init: RequestInit): Promise<Response> {\n const headers = new Headers(init.headers)\n if (headers.has('authorization')) {\n throw new TypeError(\"Unexpected 'authorization' header set\")\n }\n\n const sessionPromise = this.#sessionPromise\n const sessionData = await sessionPromise\n\n const fetch = this.options.fetch ?? globalThis.fetch\n\n headers.set('authorization', `Bearer ${sessionData.accessJwt}`)\n const initialRes = await fetch(fetchUrl(sessionData, path), {\n ...init,\n headers,\n })\n\n const refreshNeeded =\n initialRes.status === 401 ||\n (initialRes.status === 400 &&\n (await extractXrpcErrorCode(initialRes)) === 'ExpiredToken')\n\n if (!refreshNeeded) {\n return initialRes\n }\n\n // Refresh session (unless it was already refreshed in the meantime)\n const newSessionPromise =\n this.#sessionPromise === sessionPromise\n ? this.refresh()\n : this.#sessionPromise\n\n // Error should have been propagated through hooks\n const newSessionData = await newSessionPromise.catch((_err) => null)\n if (!newSessionData) {\n return initialRes\n }\n\n // refresh silently failed, no point in retrying.\n if (newSessionData.accessJwt === sessionData.accessJwt) {\n return initialRes\n }\n\n if (init?.signal?.aborted) {\n return initialRes\n }\n\n // The stream was already consumed. We cannot retry the request. A solution\n // would be to tee() the input stream but that would bufferize the entire\n // stream in memory which can lead to memory starvation. Instead, we will\n // return the original response and let the calling code handle retries.\n if (ReadableStream && init?.body instanceof ReadableStream) {\n return initialRes\n }\n\n // Make sure the initial request is cancelled to avoid leaking resources\n // (NodeJS 👀): https://undici.nodejs.org/#/?id=garbage-collection\n if (!initialRes.bodyUsed) {\n await initialRes.body?.cancel()\n }\n\n // Finally, retry the request with the new access token\n headers.set('authorization', `Bearer ${newSessionData.accessJwt}`)\n return fetch(fetchUrl(newSessionData, path), { ...init, headers })\n }\n\n /**\n * Refreshes the session by obtaining new access and refresh tokens.\n *\n * This method is automatically called by {@link fetchHandler} when the access\n * token expires. You can also call it manually to proactively refresh tokens.\n *\n * On success, the {@link PasswordSessionOptions.onUpdated} callback is invoked\n * with the new session data. On expected failures (invalid session), the\n * {@link PasswordSessionOptions.onDeleted} callback is invoked. On unexpected\n * failures (network issues), the {@link PasswordSessionOptions.onUpdateFailure}\n * callback is invoked and the existing session data is preserved.\n *\n * @returns The refreshed session data\n * @throws {RefreshFailure} If the session is no longer valid (triggers onDeleted)\n */\n async refresh(): Promise<SessionData> {\n this.#sessionPromise = this.#sessionPromise.then(async (sessionData) => {\n const response = await xrpcSafe(\n this.#serviceAgent,\n com.atproto.server.refreshSession.main,\n { headers: { Authorization: `Bearer ${sessionData.refreshJwt}` } },\n )\n\n if (!response.success && response.matchesSchemaErrors()) {\n // Expected errors that indicate the session is no longer valid\n await this.options.onDeleted?.call(this, sessionData)\n\n // Update the session promise to a rejected state\n this.#sessionData = null\n throw response\n }\n\n if (!response.success) {\n // We failed to refresh the token, assume the session might still be\n // valid by returning the existing session.\n await this.options.onUpdateFailure?.call(this, sessionData, response)\n\n return sessionData\n }\n\n const data = response.body\n\n // Historically, refreshSession did not return all the fields from\n // getSession. In particular, emailConfirmed and didDoc were missing.\n // Similarly, some servers might not return the didDoc in refreshSession.\n // We fetch them via getSession if missing, allowing to ensure that we are\n // always talking with the right PDS.\n if (data.emailConfirmed == null || data.didDoc == null) {\n const extraData = await xrpcSafe(\n this.#serviceAgent,\n com.atproto.server.getSession.main,\n { headers: { Authorization: `Bearer ${data.accessJwt}` } },\n )\n if (extraData.success && extraData.body.did === data.did) {\n Object.assign(data, extraData.body)\n }\n }\n\n const newSession: SessionData = {\n ...data,\n service: sessionData.service,\n }\n\n await this.options.onUpdated?.call(this, newSession)\n\n return (this.#sessionData = newSession)\n })\n\n return this.#sessionPromise\n }\n\n /**\n * Logs out by deleting the session on the server.\n *\n * This method invalidates both the access and refresh tokens on the server,\n * preventing any further use of this session. After successful logout, the\n * session is marked as destroyed and the {@link PasswordSessionOptions.onDeleted}\n * callback is invoked.\n *\n * If the logout request fails due to network issues or server unavailability,\n * the {@link PasswordSessionOptions.onDeleteFailure} callback is invoked and\n * the session remains active locally. In this case, you should retry the\n * logout later to ensure the session is properly invalidated on the server.\n *\n * @throws {DeleteFailure} If the logout request fails due to unexpected errors\n */\n async logout(): Promise<void> {\n let reason: DeleteFailure | null = null\n\n this.#sessionPromise = this.#sessionPromise.then(async (sessionData) => {\n const result = await xrpcSafe(\n this.#serviceAgent,\n com.atproto.server.deleteSession.main,\n { headers: { Authorization: `Bearer ${sessionData.refreshJwt}` } },\n )\n\n if (result.success || result.matchesSchemaErrors()) {\n await this.options.onDeleted?.call(this, sessionData)\n\n // Update the session promise to a rejected state\n this.#sessionData = null\n throw new Error('Logged out')\n } else {\n // Capture the reason for the failure to re-throw in the outer promise\n reason = result\n\n // An unknown/unexpected error occurred (network, server down, etc)\n await this.options.onDeleteFailure?.call(this, sessionData, result)\n\n // Keep the session in an active state\n return sessionData\n }\n })\n\n return this.#sessionPromise.then(\n (_session) => {\n // If the promise above resolved, then logout failed. Re-throw the\n // reason captured earlier.\n throw reason!\n },\n (_err) => {\n // Successful logout\n },\n )\n }\n\n async [Symbol.asyncDispose]() {\n await this.logout()\n }\n\n /**\n * Creates a new account and returns an authenticated session.\n *\n * This static method registers a new account on the specified service and\n * automatically creates an authenticated session for it.\n *\n * @param body - Account creation parameters (handle, email, password, etc.)\n * @param options - Session options including the service URL\n * @returns A new PasswordSession for the created account\n * @throws If account creation fails (e.g., handle taken, invalid invite code)\n *\n * @example\n * ```ts\n * const session = await PasswordSession.createAccount(\n * {\n * handle: 'alice.bsky.social',\n * email: 'alice@example.com',\n * password: 'secure-password',\n * },\n * {\n * service: 'https://bsky.social',\n * onUpdated: (data) => saveToStorage(data),\n * }\n * )\n * ```\n */\n static async createAccount(\n body: com.atproto.server.createAccount.$InputBody,\n {\n service,\n headers,\n ...options\n }: PasswordSessionOptions & {\n headers?: HeadersInit\n service: string | URL\n },\n ): Promise<PasswordSession> {\n const response = await xrpc(\n buildAgent({ service, headers, fetch: options.fetch }),\n com.atproto.server.createAccount.main,\n { body },\n )\n\n const data: SessionData = {\n ...response.body,\n service: String(service),\n }\n\n const agent = new PasswordSession(data, options)\n await options.onUpdated?.call(agent, data)\n return agent\n }\n\n /**\n * Creates a new authenticated session using password credentials.\n *\n * This static method authenticates with the specified service and returns\n * a new PasswordSession instance that can be used for authenticated requests.\n *\n * **Security Warning:** It is strongly recommended to use app passwords instead\n * of main account credentials. App passwords can be created in your account\n * settings and provide limited access that can be revoked independently. For\n * browser-based applications, use OAuth-based authentication instead.\n *\n * @param options - Login options including service URL, identifier, and password\n * @param options.service - The AT Protocol service URL (e.g., 'https://bsky.social')\n * @param options.identifier - The user's handle or DID\n * @param options.password - The user's password or app password\n * @param options.allowTakendown - If true, allow login to takendown accounts\n * @param options.authFactorToken - 2FA token if required by the server\n * @returns A new authenticated PasswordSession\n * @throws {LexAuthFactorError} If the server requires a 2FA token\n * @throws If authentication fails (invalid credentials, etc.)\n *\n * **Basic login with app password in script**\n * @example\n * ```ts\n * // .env\n * // APP_PASSWORD_CREDENTIALS=\"https://<handle>:<app-password>@<pds-hosting-provider>\"\n *\n * // Make sure to dispose (or logout) the session when done to avoid leaking\n * // resources and leaving orphaned sessions on the server\n * await using session = await PasswordSession.login(process.env.APP_PASSWORD_CREDENTIALS)\n *\n * // Use session to make authenticated requests\n * ```\n *\n * **Basic login with user password (not recommended!!!)**\n * @example\n * ```ts\n * const session = await PasswordSession.login({\n * service: 'https://bsky.social',\n * identifier: 'alice.bsky.social',\n * password: 'xxxx',\n * onUpdated: (data) => saveToStorage(data),\n * onDeleted: (data) => clearStorage(data.did),\n * })\n *\n * // Next time, use resume with the persisted session data to avoid storing\n * // user credentials.\n * ```\n *\n * **Handling 2FA requirement**\n * @example\n * ```ts\n * try {\n * const session = await PasswordSession.login({\n * service: 'https://bsky.social',\n * identifier: 'alice.bsky.social',\n * password: 'xxxx',\n * })\n * } catch (err) {\n * if (err instanceof LexAuthFactorError) {\n * const token = await promptUser('Enter 2FA code:')\n * const session = await PasswordSession.login({\n * service: 'https://bsky.social',\n * identifier: 'alice.bsky.social',\n * password: 'xxxx',\n * authFactorToken: token,\n * })\n * }\n * }\n * ```\n */\n static async login(\n input: string | URL | LoginOptions,\n ): Promise<PasswordSession> {\n const {\n service,\n identifier,\n password,\n allowTakendown,\n authFactorToken,\n ...options\n } =\n typeof input === 'string' || input instanceof URL\n ? parseLoginUrl(input)\n : input\n\n const xrpcAgent = buildAgent({\n service,\n fetch: options.fetch,\n })\n\n const response = await xrpcSafe(\n xrpcAgent,\n com.atproto.server.createSession.main,\n { body: { identifier, password, allowTakendown, authFactorToken } },\n )\n\n if (!response.success) {\n if (response.error === 'AuthFactorTokenRequired') {\n throw new LexAuthFactorError(response)\n }\n throw response.reason\n }\n\n const data: SessionData = {\n ...response.body,\n service: String(service),\n }\n\n const agent = new PasswordSession(data, options)\n await options.onUpdated?.call(agent, data)\n return agent\n }\n\n /**\n * Resume an existing session, ensuring it is still valid by refreshing it.\n * Any error thrown here indicates that the session is definitely no longer\n * valid. Network errors will be propagated through the\n * {@link PasswordSessionOptions.onUpdateFailure} hook, and not re-thrown\n * here. This means that a resolved promise does not necessarily indicate a\n * valid session, only that it's refresh did not definitively fail.\n *\n * This is the same as calling {@link PasswordSession.refresh} after\n * constructing the {@link PasswordSession} manually.\n *\n * @throws If, and only if, the session is definitely no longer valid.\n */\n static async resume(\n data: SessionData,\n options: PasswordSessionOptions,\n ): Promise<PasswordSession> {\n const agent = new PasswordSession(data, options)\n await agent.refresh()\n return agent\n }\n\n /**\n * Delete a session without having to {@link resume resume()} it first, or\n * provide hooks.\n *\n * @throws In case of unexpected error (network issue, server down, etc)\n * meaning that the session may still be valid.\n */\n static async delete(\n data: SessionData,\n options?: PasswordSessionOptions,\n ): Promise<void> {\n const agent = new PasswordSession(data, options)\n await agent.logout()\n }\n}\n\nfunction fetchUrl(sessionData: SessionData, path: string): URL {\n const pdsUrl = extractPdsUrl(sessionData.didDoc)\n return new URL(path, pdsUrl ?? sessionData.service)\n}\n\nfunction parseLoginUrl(input: string | URL): LoginOptions {\n const url = typeof input === 'string' ? new URL(input) : input\n if (url.pathname !== '/') {\n throw new TypeError('Invalid login URL: unexpected pathname')\n }\n if (url.hash) {\n throw new TypeError('Invalid login URL: unexpected hash')\n }\n if (url.search) {\n throw new TypeError('Invalid login URL: unexpected search parameters')\n }\n if (!url.username || !url.password) {\n throw new TypeError('Invalid login URL: missing identifier or password')\n }\n return {\n service: url.origin,\n identifier: url.username,\n password: url.password,\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"password-session.js","sourceRoot":"","sources":["../src/password-session.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,UAAU,EACV,IAAI,EACJ,QAAQ,GACT,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAA;AAC/C,OAAO,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAA;AACzC,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAA;AA0G/D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AACH,MAAM,OAAO,eAAe;IAC1B;;;OAGG;IACH,aAAa,CAAO;IAEpB,YAAY,CAAoB;IAChC,eAAe,CAAsB;IAErC,YACE,WAAwB,EACL,UAAkC,EAAE;QAApC,YAAO,GAAP,OAAO,CAA6B;QAEvD,IAAI,CAAC,aAAa,GAAG,UAAU,CAAC;YAC9B,OAAO,EAAE,WAAW,CAAC,OAAO;YAC5B,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC,CAAA;QAEF,IAAI,CAAC,YAAY,GAAG,WAAW,CAAA;QAC/B,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;IAC3D,CAAC;IAED;;;;OAIG;IACH,IAAI,GAAG;QACL,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAA;IACzB,CAAC;IAED;;;;OAIG;IACH,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAA;IAC5B,CAAC;IAED;;;;OAIG;IACH,IAAI,OAAO;QACT,IAAI,IAAI,CAAC,YAAY;YAAE,OAAO,IAAI,CAAC,YAAY,CAAA;QAC/C,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAA;IAC/B,CAAC;IAED;;;;;;OAMG;IACH,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,YAAY,KAAK,IAAI,CAAA;IACnC,CAAC;IAED;;;;;;;;;;;;;OAaG;IACH,KAAK,CAAC,YAAY,CAAC,IAAY,EAAE,IAAiB;QAChD,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACzC,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,SAAS,CAAC,uCAAuC,CAAC,CAAA;QAC9D,CAAC;QAED,MAAM,cAAc,GAAG,IAAI,CAAC,eAAe,CAAA;QAC3C,MAAM,WAAW,GAAG,MAAM,cAAc,CAAA;QAExC,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,IAAI,UAAU,CAAC,KAAK,CAAA;QAEpD,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,CAAC,SAAS,EAAE,CAAC,CAAA;QAC/D,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,WAAW,EAAE,IAAI,CAAC,EAAE;YAC1D,GAAG,IAAI;YACP,OAAO;SACR,CAAC,CAAA;QAEF,MAAM,aAAa,GACjB,UAAU,CAAC,MAAM,KAAK,GAAG;YACzB,CAAC,UAAU,CAAC,MAAM,KAAK,GAAG;gBACxB,CAAC,MAAM,oBAAoB,CAAC,UAAU,CAAC,CAAC,KAAK,cAAc,CAAC,CAAA;QAEhE,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,UAAU,CAAA;QACnB,CAAC;QAED,oEAAoE;QACpE,MAAM,iBAAiB,GACrB,IAAI,CAAC,eAAe,KAAK,cAAc;YACrC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE;YAChB,CAAC,CAAC,IAAI,CAAC,eAAe,CAAA;QAE1B,kDAAkD;QAClD,MAAM,cAAc,GAAG,MAAM,iBAAiB,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,CAAA;QACpE,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,OAAO,UAAU,CAAA;QACnB,CAAC;QAED,iDAAiD;QACjD,IAAI,cAAc,CAAC,SAAS,KAAK,WAAW,CAAC,SAAS,EAAE,CAAC;YACvD,OAAO,UAAU,CAAA;QACnB,CAAC;QAED,IAAI,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;YAC1B,OAAO,UAAU,CAAA;QACnB,CAAC;QAED,2EAA2E;QAC3E,yEAAyE;QACzE,yEAAyE;QACzE,wEAAwE;QACxE,IAAI,cAAc,IAAI,IAAI,EAAE,IAAI,YAAY,cAAc,EAAE,CAAC;YAC3D,OAAO,UAAU,CAAA;QACnB,CAAC;QAED,wEAAwE;QACxE,kEAAkE;QAClE,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;YACzB,MAAM,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,CAAA;QACjC,CAAC;QAED,uDAAuD;QACvD,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,cAAc,CAAC,SAAS,EAAE,CAAC,CAAA;QAClE,OAAO,KAAK,CAAC,QAAQ,CAAC,cAAc,EAAE,IAAI,CAAC,EAAE,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;IACpE,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,EAAE,WAAW,EAAE,EAAE;YACrE,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAC7B,IAAI,CAAC,aAAa,EAClB,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,EACtC,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,CAAC,UAAU,EAAE,EAAE,EAAE,CACnE,CAAA;YAED,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,QAAQ,CAAC,mBAAmB,EAAE,EAAE,CAAC;gBACxD,+DAA+D;gBAC/D,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;gBAErD,iDAAiD;gBACjD,IAAI,CAAC,YAAY,GAAG,IAAI,CAAA;gBACxB,MAAM,QAAQ,CAAA;YAChB,CAAC;YAED,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;gBACtB,oEAAoE;gBACpE,2CAA2C;gBAC3C,MAAM,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,IAAI,CAAC,IAAI,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAA;gBAErE,OAAO,WAAW,CAAA;YACpB,CAAC;YAED,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAA;YAE1B,kEAAkE;YAClE,qEAAqE;YACrE,yEAAyE;YACzE,0EAA0E;YAC1E,qCAAqC;YACrC,IAAI,IAAI,CAAC,cAAc,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC;gBACvD,MAAM,SAAS,GAAG,MAAM,QAAQ,CAC9B,IAAI,CAAC,aAAa,EAClB,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,EAClC,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,SAAS,EAAE,EAAE,EAAE,CAC3D,CAAA;gBACD,IAAI,SAAS,CAAC,OAAO,IAAI,SAAS,CAAC,IAAI,CAAC,GAAG,KAAK,IAAI,CAAC,GAAG,EAAE,CAAC;oBACzD,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC,IAAI,CAAC,CAAA;gBACrC,CAAC;YACH,CAAC;YAED,MAAM,UAAU,GAAgB;gBAC9B,GAAG,IAAI;gBACP,OAAO,EAAE,WAAW,CAAC,OAAO;aAC7B,CAAA;YAED,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC,CAAA;YAEpD,OAAO,CAAC,IAAI,CAAC,YAAY,GAAG,UAAU,CAAC,CAAA;QACzC,CAAC,CAAC,CAAA;QAEF,OAAO,IAAI,CAAC,eAAe,CAAA;IAC7B,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,KAAK,CAAC,MAAM;QACV,IAAI,MAAM,GAAyB,IAAI,CAAA;QAEvC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,EAAE,WAAW,EAAE,EAAE;YACrE,MAAM,MAAM,GAAG,MAAM,QAAQ,CAC3B,IAAI,CAAC,aAAa,EAClB,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,EACrC,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,CAAC,UAAU,EAAE,EAAE,EAAE,CACnE,CAAA;YAED,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,mBAAmB,EAAE,EAAE,CAAC;gBACnD,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;gBAErD,iDAAiD;gBACjD,IAAI,CAAC,YAAY,GAAG,IAAI,CAAA;gBACxB,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAA;YAC/B,CAAC;iBAAM,CAAC;gBACN,sEAAsE;gBACtE,MAAM,GAAG,MAAM,CAAA;gBAEf,mEAAmE;gBACnE,MAAM,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,IAAI,CAAC,IAAI,EAAE,WAAW,EAAE,MAAM,CAAC,CAAA;gBAEnE,sCAAsC;gBACtC,OAAO,WAAW,CAAA;YACpB,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAC9B,CAAC,QAAQ,EAAE,EAAE;YACX,kEAAkE;YAClE,2BAA2B;YAC3B,MAAM,MAAO,CAAA;QACf,CAAC,EACD,CAAC,IAAI,EAAE,EAAE;YACP,oBAAoB;QACtB,CAAC,CACF,CAAA;IACH,CAAC;IAED,KAAK,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC;QACzB,MAAM,IAAI,CAAC,MAAM,EAAE,CAAA;IACrB,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACH,MAAM,CAAC,KAAK,CAAC,aAAa,CACxB,IAAiD,EACjD,EACE,OAAO,EACP,OAAO,EACP,GAAG,OAAO,EAIX;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CACzB,UAAU,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,EACtD,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,EACrC,EAAE,IAAI,EAAE,CACT,CAAA;QAED,MAAM,IAAI,GAAgB;YACxB,GAAG,QAAQ,CAAC,IAAI;YAChB,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC;SACzB,CAAA;QAED,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAChD,MAAM,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QAC1C,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAsEG;IACH,MAAM,CAAC,KAAK,CAAC,KAAK,CAChB,KAAkC;QAElC,MAAM,EACJ,OAAO,EACP,UAAU,EACV,QAAQ,EACR,cAAc,EACd,eAAe,EACf,GAAG,OAAO,EACX,GACC,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,YAAY,GAAG;YAC/C,CAAC,CAAC,aAAa,CAAC,KAAK,CAAC;YACtB,CAAC,CAAC,KAAK,CAAA;QAEX,MAAM,SAAS,GAAG,UAAU,CAAC;YAC3B,OAAO;YACP,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC,CAAA;QAEF,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAC7B,SAAS,EACT,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,EACrC,EAAE,IAAI,EAAE,EAAE,UAAU,EAAE,QAAQ,EAAE,cAAc,EAAE,eAAe,EAAE,EAAE,CACpE,CAAA;QAED,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtB,IAAI,QAAQ,CAAC,KAAK,KAAK,yBAAyB,EAAE,CAAC;gBACjD,MAAM,IAAI,kBAAkB,CAAC,QAAQ,CAAC,CAAA;YACxC,CAAC;YACD,MAAM,QAAQ,CAAC,MAAM,CAAA;QACvB,CAAC;QAED,MAAM,IAAI,GAAgB;YACxB,GAAG,QAAQ,CAAC,IAAI;YAChB,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC;SACzB,CAAA;QAED,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAChD,MAAM,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QAC1C,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,MAAM,CAAC,KAAK,CAAC,MAAM,CACjB,IAAiB,EACjB,OAA+B;QAE/B,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAChD,MAAM,KAAK,CAAC,OAAO,EAAE,CAAA;QACrB,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,KAAK,CAAC,MAAM,CACjB,IAAiB,EACjB,OAAgC;QAEhC,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAChD,MAAM,KAAK,CAAC,MAAM,EAAE,CAAA;IACtB,CAAC;CACF;AAED,SAAS,QAAQ,CAAC,WAAwB,EAAE,IAAY;IACtD,MAAM,MAAM,GAAG,aAAa,CAAC,WAAW,CAAC,MAAM,CAAC,CAAA;IAChD,OAAO,IAAI,GAAG,CAAC,IAAI,EAAE,MAAM,IAAI,WAAW,CAAC,OAAO,CAAC,CAAA;AACrD,CAAC;AAED,SAAS,aAAa,CAAC,KAAmB;IACxC,MAAM,GAAG,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAC9D,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;QACzB,MAAM,IAAI,SAAS,CAAC,wCAAwC,CAAC,CAAA;IAC/D,CAAC;IACD,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;QACb,MAAM,IAAI,SAAS,CAAC,oCAAoC,CAAC,CAAA;IAC3D,CAAC;IACD,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC;QACf,MAAM,IAAI,SAAS,CAAC,iDAAiD,CAAC,CAAA;IACxE,CAAC;IACD,IAAI,CAAC,GAAG,CAAC,QAAQ,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QACnC,MAAM,IAAI,SAAS,CAAC,mDAAmD,CAAC,CAAA;IAC1E,CAAC;IACD,OAAO;QACL,OAAO,EAAE,GAAG,CAAC,MAAM;QACnB,UAAU,EAAE,GAAG,CAAC,QAAQ;QACxB,QAAQ,EAAE,GAAG,CAAC,QAAQ;KACvB,CAAA;AACH,CAAC","sourcesContent":["import {\n Agent,\n XrpcFailure,\n buildAgent,\n xrpc,\n xrpcSafe,\n} from '@atproto/lex-client'\nimport { LexAuthFactorError } from './error.js'\nimport { com } from './lexicons/index.js'\nimport { extractPdsUrl, extractXrpcErrorCode } from './util.js'\n\n/**\n * Represents a failure response when refreshing a session.\n *\n * This type captures the possible error responses from\n * `com.atproto.server.refreshSession`, including both expected errors\n * (e.g., invalid/expired refresh token) and unexpected errors (e.g., network issues).\n */\nexport type RefreshFailure = XrpcFailure<\n typeof com.atproto.server.refreshSession.main\n>\n\n/**\n * Represents a failure response when deleting a session.\n *\n * This type captures the possible error responses from\n * `com.atproto.server.deleteSession`, including both expected errors\n * and unexpected errors (e.g., network issues, server unavailability).\n */\nexport type DeleteFailure = XrpcFailure<\n typeof com.atproto.server.deleteSession.main\n>\n\n/**\n * Persisted session data containing authentication credentials and service information.\n *\n * This type extends the response from `com.atproto.server.createSession` with the\n * service URL used for authentication. Store this data securely to resume sessions\n * later without re-authenticating.\n */\nexport type SessionData = com.atproto.server.createSession.$OutputBody & {\n service: string\n}\n\nexport type LoginOptions = PasswordSessionOptions & {\n service: string | URL\n identifier: string\n password: string\n allowTakendown?: boolean\n authFactorToken?: string\n}\n\nexport type PasswordSessionOptions = {\n /**\n * Custom fetch implementation to use for network requests\n */\n fetch?: typeof globalThis.fetch\n\n /**\n * Called whenever the session is successfully created/refreshed, and new\n * credentials have been obtained. Use this hook to persist the updated\n * session information.\n *\n * If this callback returns a promise, this function will never be called\n * again (on the same process) until the promise resolves.\n *\n * @note this function **must** not throw\n */\n onUpdated?: (this: PasswordSession, data: SessionData) => void | Promise<void>\n\n /**\n * Called whenever the session update fails due to an expected error, such as\n * a network issue or server unavailability. This function can be used to log\n * the error or notify the user, but should not assume that the session is\n * invalid.\n *\n * @note this function **must** not throw\n */\n onUpdateFailure?: (\n this: PasswordSession,\n data: SessionData,\n err: RefreshFailure,\n ) => void | Promise<void>\n\n /**\n * Called whenever the session is deleted, either due to an explicit logout or\n * because the refresh operation indicated that the session is no longer\n * valid. Use this hook to clean up any persisted session information and\n * update the application state accordingly.\n *\n * @note this function **must** not throw\n */\n onDeleted?: (this: PasswordSession, data: SessionData) => void | Promise<void>\n\n /**\n * Called whenever a session deletion fails due to an unexpected error, such\n * as a network issue or server unavailability. This function can be used to\n * log the error or notify the user. When this function is called, the session\n * might still be valid on the server. It is up to the implementation to\n * decide whether to retry the deletion or keep the session active. Ignoring\n * these errors is not recommended as it can lead to orphaned sessions on the\n * server, or security issues if the user believes they have logged out when a\n * bad actor is still using the session. The implementation should consider\n * keeping track of failed deletions and retrying them later, until they\n * succeed.\n *\n * @note this function **must** not throw\n */\n onDeleteFailure?: (\n this: PasswordSession,\n data: SessionData,\n err: DeleteFailure,\n ) => void | Promise<void>\n}\n\n/**\n * Password-based authentication session for AT Protocol services.\n *\n * This class provides session management for CLI tools, scripts, and bots that\n * need to authenticate with AT Protocol services using password credentials.\n * It implements the {@link Agent} interface, allowing it to be used directly\n * with AT Protocol clients.\n *\n * **Security Warning:** It is strongly recommended to use app passwords instead\n * of main account credentials. App passwords provide limited access and can be\n * revoked independently without compromising your main account. For browser-based\n * applications, use OAuth-based authentication instead.\n *\n * @example Basic usage with app password\n * ```ts\n * const session = await PasswordSession.login({\n * service: 'https://bsky.social',\n * identifier: 'alice.bsky.social',\n * password: 'xxxx-xxxx-xxxx-xxxx', // App password\n * onUpdated: (data) => saveToStorage(data),\n * onDeleted: (data) => clearStorage(data.did),\n * })\n *\n * const client = new Client(session)\n * // Use client to make authenticated requests\n * ```\n *\n * @example Resuming a persisted session\n * ```ts\n * const savedData = JSON.parse(fs.readFileSync('session.json', 'utf8'))\n * const session = await PasswordSession.resume(savedData, {\n * onUpdated: (data) => saveToStorage(data),\n * onDeleted: (data) => clearStorage(data.did),\n * })\n * ```\n *\n * @implements {Agent}\n */\nexport class PasswordSession implements Agent, AsyncDisposable {\n /**\n * Internal {@link Agent} used for session management towards the\n * authentication service only.\n */\n #serviceAgent: Agent\n\n #sessionData: null | SessionData\n #sessionPromise: Promise<SessionData>\n\n constructor(\n sessionData: SessionData,\n protected readonly options: PasswordSessionOptions = {},\n ) {\n this.#serviceAgent = buildAgent({\n service: sessionData.service,\n fetch: options.fetch,\n })\n\n this.#sessionData = sessionData\n this.#sessionPromise = Promise.resolve(this.#sessionData)\n }\n\n /**\n * The DID (Decentralized Identifier) of the authenticated account.\n *\n * @throws {Error} If the session has been destroyed (logged out).\n */\n get did() {\n return this.session.did\n }\n\n /**\n * The handle (username) of the authenticated account.\n *\n * @throws {Error} If the session has been destroyed (logged out).\n */\n get handle() {\n return this.session.handle\n }\n\n /**\n * The current session data containing authentication credentials.\n *\n * @throws {Error} If the session has been destroyed (logged out).\n */\n get session() {\n if (this.#sessionData) return this.#sessionData\n throw new Error('Logged out')\n }\n\n /**\n * Whether this session has been destroyed (logged out).\n *\n * Once destroyed, this session instance can no longer be used for\n * authenticated requests. Create a new session via {@link PasswordSession.login}\n * or {@link PasswordSession.resume}.\n */\n get destroyed(): boolean {\n return this.#sessionData === null\n }\n\n /**\n * Handles authenticated fetch requests to the user's PDS.\n *\n * This method implements the {@link Agent} interface and is called by\n * AT Protocol clients to make authenticated requests. It automatically:\n * - Adds the access token to request headers\n * - Detects expired tokens and triggers refresh\n * - Retries requests after successful token refresh\n *\n * @param path - The request path (will be resolved against the PDS URL)\n * @param init - Standard fetch RequestInit options (headers, body, etc.)\n * @returns The fetch Response from the PDS\n * @throws {TypeError} If an 'authorization' header is already set in init\n */\n async fetchHandler(path: string, init: RequestInit): Promise<Response> {\n const headers = new Headers(init.headers)\n if (headers.has('authorization')) {\n throw new TypeError(\"Unexpected 'authorization' header set\")\n }\n\n const sessionPromise = this.#sessionPromise\n const sessionData = await sessionPromise\n\n const fetch = this.options.fetch ?? globalThis.fetch\n\n headers.set('authorization', `Bearer ${sessionData.accessJwt}`)\n const initialRes = await fetch(fetchUrl(sessionData, path), {\n ...init,\n headers,\n })\n\n const refreshNeeded =\n initialRes.status === 401 ||\n (initialRes.status === 400 &&\n (await extractXrpcErrorCode(initialRes)) === 'ExpiredToken')\n\n if (!refreshNeeded) {\n return initialRes\n }\n\n // Refresh session (unless it was already refreshed in the meantime)\n const newSessionPromise =\n this.#sessionPromise === sessionPromise\n ? this.refresh()\n : this.#sessionPromise\n\n // Error should have been propagated through hooks\n const newSessionData = await newSessionPromise.catch((_err) => null)\n if (!newSessionData) {\n return initialRes\n }\n\n // refresh silently failed, no point in retrying.\n if (newSessionData.accessJwt === sessionData.accessJwt) {\n return initialRes\n }\n\n if (init?.signal?.aborted) {\n return initialRes\n }\n\n // The stream was already consumed. We cannot retry the request. A solution\n // would be to tee() the input stream but that would bufferize the entire\n // stream in memory which can lead to memory starvation. Instead, we will\n // return the original response and let the calling code handle retries.\n if (ReadableStream && init?.body instanceof ReadableStream) {\n return initialRes\n }\n\n // Make sure the initial request is cancelled to avoid leaking resources\n // (NodeJS 👀): https://undici.nodejs.org/#/?id=garbage-collection\n if (!initialRes.bodyUsed) {\n await initialRes.body?.cancel()\n }\n\n // Finally, retry the request with the new access token\n headers.set('authorization', `Bearer ${newSessionData.accessJwt}`)\n return fetch(fetchUrl(newSessionData, path), { ...init, headers })\n }\n\n /**\n * Refreshes the session by obtaining new access and refresh tokens.\n *\n * This method is automatically called by {@link fetchHandler} when the access\n * token expires. You can also call it manually to proactively refresh tokens.\n *\n * On success, the {@link PasswordSessionOptions.onUpdated} callback is invoked\n * with the new session data. On expected failures (invalid session), the\n * {@link PasswordSessionOptions.onDeleted} callback is invoked. On unexpected\n * failures (network issues), the {@link PasswordSessionOptions.onUpdateFailure}\n * callback is invoked and the existing session data is preserved.\n *\n * @returns The refreshed session data\n * @throws {RefreshFailure} If the session is no longer valid (triggers onDeleted)\n */\n async refresh(): Promise<SessionData> {\n this.#sessionPromise = this.#sessionPromise.then(async (sessionData) => {\n const response = await xrpcSafe(\n this.#serviceAgent,\n com.atproto.server.refreshSession.main,\n { headers: { Authorization: `Bearer ${sessionData.refreshJwt}` } },\n )\n\n if (!response.success && response.matchesSchemaErrors()) {\n // Expected errors that indicate the session is no longer valid\n await this.options.onDeleted?.call(this, sessionData)\n\n // Update the session promise to a rejected state\n this.#sessionData = null\n throw response\n }\n\n if (!response.success) {\n // We failed to refresh the token, assume the session might still be\n // valid by returning the existing session.\n await this.options.onUpdateFailure?.call(this, sessionData, response)\n\n return sessionData\n }\n\n const data = response.body\n\n // Historically, refreshSession did not return all the fields from\n // getSession. In particular, emailConfirmed and didDoc were missing.\n // Similarly, some servers might not return the didDoc in refreshSession.\n // We fetch them via getSession if missing, allowing to ensure that we are\n // always talking with the right PDS.\n if (data.emailConfirmed == null || data.didDoc == null) {\n const extraData = await xrpcSafe(\n this.#serviceAgent,\n com.atproto.server.getSession.main,\n { headers: { Authorization: `Bearer ${data.accessJwt}` } },\n )\n if (extraData.success && extraData.body.did === data.did) {\n Object.assign(data, extraData.body)\n }\n }\n\n const newSession: SessionData = {\n ...data,\n service: sessionData.service,\n }\n\n await this.options.onUpdated?.call(this, newSession)\n\n return (this.#sessionData = newSession)\n })\n\n return this.#sessionPromise\n }\n\n /**\n * Logs out by deleting the session on the server.\n *\n * This method invalidates both the access and refresh tokens on the server,\n * preventing any further use of this session. After successful logout, the\n * session is marked as destroyed and the {@link PasswordSessionOptions.onDeleted}\n * callback is invoked.\n *\n * If the logout request fails due to network issues or server unavailability,\n * the {@link PasswordSessionOptions.onDeleteFailure} callback is invoked and\n * the session remains active locally. In this case, you should retry the\n * logout later to ensure the session is properly invalidated on the server.\n *\n * @throws {DeleteFailure} If the logout request fails due to unexpected errors\n */\n async logout(): Promise<void> {\n let reason: DeleteFailure | null = null\n\n this.#sessionPromise = this.#sessionPromise.then(async (sessionData) => {\n const result = await xrpcSafe(\n this.#serviceAgent,\n com.atproto.server.deleteSession.main,\n { headers: { Authorization: `Bearer ${sessionData.refreshJwt}` } },\n )\n\n if (result.success || result.matchesSchemaErrors()) {\n await this.options.onDeleted?.call(this, sessionData)\n\n // Update the session promise to a rejected state\n this.#sessionData = null\n throw new Error('Logged out')\n } else {\n // Capture the reason for the failure to re-throw in the outer promise\n reason = result\n\n // An unknown/unexpected error occurred (network, server down, etc)\n await this.options.onDeleteFailure?.call(this, sessionData, result)\n\n // Keep the session in an active state\n return sessionData\n }\n })\n\n return this.#sessionPromise.then(\n (_session) => {\n // If the promise above resolved, then logout failed. Re-throw the\n // reason captured earlier.\n throw reason!\n },\n (_err) => {\n // Successful logout\n },\n )\n }\n\n async [Symbol.asyncDispose]() {\n await this.logout()\n }\n\n /**\n * Creates a new account and returns an authenticated session.\n *\n * This static method registers a new account on the specified service and\n * automatically creates an authenticated session for it.\n *\n * @param body - Account creation parameters (handle, email, password, etc.)\n * @param options - Session options including the service URL\n * @returns A new PasswordSession for the created account\n * @throws If account creation fails (e.g., handle taken, invalid invite code)\n *\n * @example\n * ```ts\n * const session = await PasswordSession.createAccount(\n * {\n * handle: 'alice.bsky.social',\n * email: 'alice@example.com',\n * password: 'secure-password',\n * },\n * {\n * service: 'https://bsky.social',\n * onUpdated: (data) => saveToStorage(data),\n * }\n * )\n * ```\n */\n static async createAccount(\n body: com.atproto.server.createAccount.$InputBody,\n {\n service,\n headers,\n ...options\n }: PasswordSessionOptions & {\n headers?: HeadersInit\n service: string | URL\n },\n ): Promise<PasswordSession> {\n const response = await xrpc(\n buildAgent({ service, headers, fetch: options.fetch }),\n com.atproto.server.createAccount.main,\n { body },\n )\n\n const data: SessionData = {\n ...response.body,\n service: String(service),\n }\n\n const agent = new PasswordSession(data, options)\n await options.onUpdated?.call(agent, data)\n return agent\n }\n\n /**\n * Creates a new authenticated session using password credentials.\n *\n * This static method authenticates with the specified service and returns\n * a new PasswordSession instance that can be used for authenticated requests.\n *\n * **Security Warning:** It is strongly recommended to use app passwords instead\n * of main account credentials. App passwords can be created in your account\n * settings and provide limited access that can be revoked independently. For\n * browser-based applications, use OAuth-based authentication instead.\n *\n * @param options - Login options including service URL, identifier, and password\n * @param options.service - The AT Protocol service URL (e.g., 'https://bsky.social')\n * @param options.identifier - The user's handle or DID\n * @param options.password - The user's password or app password\n * @param options.allowTakendown - If true, allow login to takendown accounts\n * @param options.authFactorToken - 2FA token if required by the server\n * @returns A new authenticated PasswordSession\n * @throws {LexAuthFactorError} If the server requires a 2FA token\n * @throws If authentication fails (invalid credentials, etc.)\n *\n * **Basic login with app password in script**\n * @example\n * ```ts\n * // .env\n * // APP_PASSWORD_CREDENTIALS=\"https://<handle>:<app-password>@<pds-hosting-provider>\"\n *\n * // Make sure to dispose (or logout) the session when done to avoid leaking\n * // resources and leaving orphaned sessions on the server\n * await using session = await PasswordSession.login(process.env.APP_PASSWORD_CREDENTIALS)\n *\n * // Use session to make authenticated requests\n * ```\n *\n * **Basic login with user password (not recommended!!!)**\n * @example\n * ```ts\n * const session = await PasswordSession.login({\n * service: 'https://bsky.social',\n * identifier: 'alice.bsky.social',\n * password: 'xxxx',\n * onUpdated: (data) => saveToStorage(data),\n * onDeleted: (data) => clearStorage(data.did),\n * })\n *\n * // Next time, use resume with the persisted session data to avoid storing\n * // user credentials.\n * ```\n *\n * **Handling 2FA requirement**\n * @example\n * ```ts\n * try {\n * const session = await PasswordSession.login({\n * service: 'https://bsky.social',\n * identifier: 'alice.bsky.social',\n * password: 'xxxx',\n * })\n * } catch (err) {\n * if (err instanceof LexAuthFactorError) {\n * const token = await promptUser('Enter 2FA code:')\n * const session = await PasswordSession.login({\n * service: 'https://bsky.social',\n * identifier: 'alice.bsky.social',\n * password: 'xxxx',\n * authFactorToken: token,\n * })\n * }\n * }\n * ```\n */\n static async login(\n input: string | URL | LoginOptions,\n ): Promise<PasswordSession> {\n const {\n service,\n identifier,\n password,\n allowTakendown,\n authFactorToken,\n ...options\n } =\n typeof input === 'string' || input instanceof URL\n ? parseLoginUrl(input)\n : input\n\n const xrpcAgent = buildAgent({\n service,\n fetch: options.fetch,\n })\n\n const response = await xrpcSafe(\n xrpcAgent,\n com.atproto.server.createSession.main,\n { body: { identifier, password, allowTakendown, authFactorToken } },\n )\n\n if (!response.success) {\n if (response.error === 'AuthFactorTokenRequired') {\n throw new LexAuthFactorError(response)\n }\n throw response.reason\n }\n\n const data: SessionData = {\n ...response.body,\n service: String(service),\n }\n\n const agent = new PasswordSession(data, options)\n await options.onUpdated?.call(agent, data)\n return agent\n }\n\n /**\n * Resume an existing session, ensuring it is still valid by refreshing it.\n * Any error thrown here indicates that the session is definitely no longer\n * valid. Network errors will be propagated through the\n * {@link PasswordSessionOptions.onUpdateFailure} hook, and not re-thrown\n * here. This means that a resolved promise does not necessarily indicate a\n * valid session, only that it's refresh did not definitively fail.\n *\n * This is the same as calling {@link PasswordSession.refresh} after\n * constructing the {@link PasswordSession} manually.\n *\n * @throws If, and only if, the session is definitely no longer valid.\n */\n static async resume(\n data: SessionData,\n options: PasswordSessionOptions,\n ): Promise<PasswordSession> {\n const agent = new PasswordSession(data, options)\n await agent.refresh()\n return agent\n }\n\n /**\n * Delete a session without having to {@link resume resume()} it first, or\n * provide hooks.\n *\n * @throws In case of unexpected error (network issue, server down, etc)\n * meaning that the session may still be valid.\n */\n static async delete(\n data: SessionData,\n options?: PasswordSessionOptions,\n ): Promise<void> {\n const agent = new PasswordSession(data, options)\n await agent.logout()\n }\n}\n\nfunction fetchUrl(sessionData: SessionData, path: string): URL {\n const pdsUrl = extractPdsUrl(sessionData.didDoc)\n return new URL(path, pdsUrl ?? sessionData.service)\n}\n\nfunction parseLoginUrl(input: string | URL): LoginOptions {\n const url = typeof input === 'string' ? new URL(input) : input\n if (url.pathname !== '/') {\n throw new TypeError('Invalid login URL: unexpected pathname')\n }\n if (url.hash) {\n throw new TypeError('Invalid login URL: unexpected hash')\n }\n if (url.search) {\n throw new TypeError('Invalid login URL: unexpected search parameters')\n }\n if (!url.username || !url.password) {\n throw new TypeError('Invalid login URL: missing identifier or password')\n }\n return {\n service: url.origin,\n identifier: url.username,\n password: url.password,\n }\n}\n"]}
|
package/dist/util.js
CHANGED
|
@@ -1,13 +1,9 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
exports.extractXrpcErrorCode = extractXrpcErrorCode;
|
|
4
|
-
exports.extractPdsUrl = extractPdsUrl;
|
|
5
|
-
const lex_schema_1 = require("@atproto/lex-schema");
|
|
6
|
-
async function extractXrpcErrorCode(response) {
|
|
1
|
+
import { lexErrorDataSchema } from '@atproto/lex-schema';
|
|
2
|
+
export async function extractXrpcErrorCode(response) {
|
|
7
3
|
const json = await peekJson(response, 10 * 1024); // Avoid reading large bodies
|
|
8
4
|
if (json === undefined)
|
|
9
5
|
return null;
|
|
10
|
-
if (!
|
|
6
|
+
if (!lexErrorDataSchema.matches(json))
|
|
11
7
|
return null;
|
|
12
8
|
return json.error;
|
|
13
9
|
}
|
|
@@ -33,7 +29,7 @@ function extractLength({ headers }) {
|
|
|
33
29
|
function extractType({ headers }) {
|
|
34
30
|
return headers.get('Content-Type')?.split(';')[0]?.trim().toLowerCase();
|
|
35
31
|
}
|
|
36
|
-
function extractPdsUrl(didDoc) {
|
|
32
|
+
export function extractPdsUrl(didDoc) {
|
|
37
33
|
const pdsService = ifArray(didDoc?.service)?.find((service) => ifString(service?.id)?.endsWith('#atproto_pds'));
|
|
38
34
|
const pdsEndpoint = ifString(pdsService?.serviceEndpoint);
|
|
39
35
|
return pdsEndpoint && URL.canParse(pdsEndpoint) ? pdsEndpoint : null;
|
package/dist/util.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAA;AAExD,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,QAAkB;IAElB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,EAAE,GAAG,IAAI,CAAC,CAAA,CAAC,6BAA6B;IAC9E,IAAI,IAAI,KAAK,SAAS;QAAE,OAAO,IAAI,CAAA;IACnC,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAA;IAClD,OAAO,IAAI,CAAC,KAAK,CAAA;AACnB,CAAC;AAED,KAAK,UAAU,QAAQ,CACrB,QAAkB,EAClB,OAAO,GAAG,QAAQ;IAElB,MAAM,IAAI,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAA;IAClC,IAAI,IAAI,KAAK,kBAAkB;QAAE,OAAO,SAAS,CAAA;IACjD,MAAM,MAAM,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAA;IACtC,IAAI,MAAM,IAAI,IAAI,IAAI,MAAM,GAAG,OAAO;QAAE,OAAO,SAAS,CAAA;IAExD,IAAI,CAAC;QACH,OAAO,CAAC,MAAM,QAAQ,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,CAAsB,CAAA;IAC7D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAA;IAClB,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,EAAE,OAAO,EAAY;IAC1C,OAAO,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC;QAClC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QACvC,CAAC,CAAC,SAAS,CAAA;AACf,CAAC;AAED,SAAS,WAAW,CAAC,EAAE,OAAO,EAAY;IACxC,OAAO,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;AACzE,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,MAAe;IAC3C,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAC5D,QAAQ,CAAE,OAAe,EAAE,EAAE,CAAC,EAAE,QAAQ,CAAC,cAAc,CAAC,CACzD,CAAA;IACD,MAAM,WAAW,GAAG,QAAQ,CAAE,UAAkB,EAAE,eAAe,CAAC,CAAA;IAClE,OAAO,WAAW,IAAI,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAA;AACtE,CAAC;AAED,MAAM,QAAQ,GAAG,CAAI,CAAI,EAAE,EAAE,CAC3B,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAIvB,CAAA;AAEjB,MAAM,OAAO,GAAG,CAAI,CAAI,EAAE,EAAE,CAC1B,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAIlB,CAAA","sourcesContent":["import { LexMap, LexValue } from '@atproto/lex-client'\nimport { lexErrorDataSchema } from '@atproto/lex-schema'\n\nexport async function extractXrpcErrorCode(\n response: Response,\n): Promise<string | null> {\n const json = await peekJson(response, 10 * 1024) // Avoid reading large bodies\n if (json === undefined) return null\n if (!lexErrorDataSchema.matches(json)) return null\n return json.error\n}\n\nasync function peekJson(\n response: Response,\n maxSize = Infinity,\n): Promise<undefined | LexValue> {\n const type = extractType(response)\n if (type !== 'application/json') return undefined\n const length = extractLength(response)\n if (length != null && length > maxSize) return undefined\n\n try {\n return (await response.clone().json()) as Promise<LexValue>\n } catch {\n return undefined\n }\n}\n\nfunction extractLength({ headers }: Response) {\n return headers.get('Content-Length')\n ? Number(headers.get('Content-Length'))\n : undefined\n}\n\nfunction extractType({ headers }: Response) {\n return headers.get('Content-Type')?.split(';')[0]?.trim().toLowerCase()\n}\n\nexport function extractPdsUrl(didDoc?: LexMap): string | null {\n const pdsService = ifArray(didDoc?.service)?.find((service) =>\n ifString((service as any)?.id)?.endsWith('#atproto_pds'),\n )\n const pdsEndpoint = ifString((pdsService as any)?.serviceEndpoint)\n return pdsEndpoint && URL.canParse(pdsEndpoint) ? pdsEndpoint : null\n}\n\nconst ifString = <T>(v: T) =>\n (typeof v === 'string' ? v : undefined) as unknown extends T\n ? undefined | string\n : T extends string\n ? string\n : undefined\n\nconst ifArray = <T>(v: T) =>\n (Array.isArray(v) ? v : undefined) as unknown extends T\n ? undefined | unknown[]\n : T extends unknown[]\n ? Extract<T, unknown[]>\n : undefined\n"]}
|
package/package.json
CHANGED
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@atproto/lex-password-session",
|
|
3
|
-
"version": "0.0
|
|
3
|
+
"version": "0.1.0",
|
|
4
|
+
"engines": {
|
|
5
|
+
"node": ">=22"
|
|
6
|
+
},
|
|
4
7
|
"license": "MIT",
|
|
5
8
|
"description": "Password based client authentication for AT Lexicons",
|
|
6
9
|
"keywords": [
|
|
@@ -23,26 +26,22 @@
|
|
|
23
26
|
"./CHANGELOG.md"
|
|
24
27
|
],
|
|
25
28
|
"sideEffects": false,
|
|
26
|
-
"type": "
|
|
27
|
-
"main": "./dist/index.js",
|
|
28
|
-
"types": "./dist/index.d.ts",
|
|
29
|
+
"type": "module",
|
|
29
30
|
"exports": {
|
|
30
31
|
".": {
|
|
31
32
|
"types": "./dist/index.d.ts",
|
|
32
|
-
"browser": "./dist/index.js",
|
|
33
|
-
"import": "./dist/index.js",
|
|
34
33
|
"default": "./dist/index.js"
|
|
35
34
|
}
|
|
36
35
|
},
|
|
37
36
|
"dependencies": {
|
|
38
37
|
"tslib": "^2.8.1",
|
|
39
|
-
"@atproto/lex-client": "^0.0
|
|
40
|
-
"@atproto/lex-schema": "^0.0
|
|
38
|
+
"@atproto/lex-client": "^0.1.0",
|
|
39
|
+
"@atproto/lex-schema": "^0.1.0"
|
|
41
40
|
},
|
|
42
41
|
"devDependencies": {
|
|
43
42
|
"vitest": "^4.0.16",
|
|
44
|
-
"@atproto/lex-builder": "^0.0
|
|
45
|
-
"@atproto/lex-server": "^0.0
|
|
43
|
+
"@atproto/lex-builder": "^0.1.0",
|
|
44
|
+
"@atproto/lex-server": "^0.1.0"
|
|
46
45
|
},
|
|
47
46
|
"scripts": {
|
|
48
47
|
"prebuild": "node ./scripts/lex-build.mjs",
|