@atproto/oauth-client-browser 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE.txt +7 -0
- package/dist/browser-oauth-client.d.ts +58 -0
- package/dist/browser-oauth-client.d.ts.map +1 -0
- package/dist/browser-oauth-client.js +353 -0
- package/dist/browser-oauth-client.js.map +1 -0
- package/dist/browser-oauth-database.d.ts +61 -0
- package/dist/browser-oauth-database.d.ts.map +1 -0
- package/dist/browser-oauth-database.js +175 -0
- package/dist/browser-oauth-database.js.map +1 -0
- package/dist/browser-runtime-implementation.d.ts +10 -0
- package/dist/browser-runtime-implementation.d.ts.map +1 -0
- package/dist/browser-runtime-implementation.js +56 -0
- package/dist/browser-runtime-implementation.js.map +1 -0
- package/dist/disposable-polyfill/index.d.ts +1 -0
- package/dist/disposable-polyfill/index.d.ts.map +1 -0
- package/dist/disposable-polyfill/index.js +11 -0
- package/dist/disposable-polyfill/index.js.map +1 -0
- package/dist/errors.d.ts +9 -0
- package/dist/errors.d.ts.map +1 -0
- package/dist/errors.js +20 -0
- package/dist/errors.js.map +1 -0
- package/dist/index.d.ts +11 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +31 -0
- package/dist/index.js.map +1 -0
- package/dist/indexed-db/db-index.d.ts +12 -0
- package/dist/indexed-db/db-index.d.ts.map +1 -0
- package/dist/indexed-db/db-index.js +49 -0
- package/dist/indexed-db/db-index.js.map +1 -0
- package/dist/indexed-db/db-object-store.d.ts +17 -0
- package/dist/indexed-db/db-object-store.d.ts.map +1 -0
- package/dist/indexed-db/db-object-store.js +47 -0
- package/dist/indexed-db/db-object-store.js.map +1 -0
- package/dist/indexed-db/db-transaction.d.ts +13 -0
- package/dist/indexed-db/db-transaction.d.ts.map +1 -0
- package/dist/indexed-db/db-transaction.js +60 -0
- package/dist/indexed-db/db-transaction.js.map +1 -0
- package/dist/indexed-db/db.d.ts +17 -0
- package/dist/indexed-db/db.d.ts.map +1 -0
- package/dist/indexed-db/db.js +114 -0
- package/dist/indexed-db/db.js.map +1 -0
- package/dist/indexed-db/index.d.ts +6 -0
- package/dist/indexed-db/index.d.ts.map +1 -0
- package/dist/indexed-db/index.js +22 -0
- package/dist/indexed-db/index.js.map +1 -0
- package/dist/indexed-db/schema.d.ts +3 -0
- package/dist/indexed-db/schema.d.ts.map +1 -0
- package/dist/indexed-db/schema.js +3 -0
- package/dist/indexed-db/schema.js.map +1 -0
- package/dist/indexed-db/util.d.ts +2 -0
- package/dist/indexed-db/util.d.ts.map +1 -0
- package/dist/indexed-db/util.js +24 -0
- package/dist/indexed-db/util.js.map +1 -0
- package/dist/indexed-db-store.d.ts +18 -0
- package/dist/indexed-db-store.d.ts.map +1 -0
- package/dist/indexed-db-store.js +68 -0
- package/dist/indexed-db-store.js.map +1 -0
- package/dist/util.d.ts +18 -0
- package/dist/util.d.ts.map +1 -0
- package/dist/util.js +19 -0
- package/dist/util.js.map +1 -0
- package/package.json +72 -0
package/LICENSE.txt
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
Dual MIT/Apache-2.0 License
|
2
|
+
|
3
|
+
Copyright (c) 2022-2024 Bluesky PBC, and Contributors
|
4
|
+
|
5
|
+
Except as otherwise noted in individual files, this software is licensed under the MIT license (<http://opensource.org/licenses/MIT>), or the Apache License, Version 2.0 (<http://www.apache.org/licenses/LICENSE-2.0>).
|
6
|
+
|
7
|
+
Downstream projects and end users may chose either license individually, or both together, at their discretion. The motivation for this dual-licensing is the additional software patent assurance provided by Apache 2.0.
|
@@ -0,0 +1,58 @@
|
|
1
|
+
/// <reference types="node" />
|
2
|
+
import { HandleResolver } from '@atproto-labs/handle-resolver';
|
3
|
+
import { AuthorizeOptions, OAuthAgent, OAuthClient, Session, TokenSet } from '@atproto/oauth-client';
|
4
|
+
import { OAuthClientId, OAuthClientMetadataInput, OAuthResponseMode } from '@atproto/oauth-types';
|
5
|
+
import { DatabaseStore } from './browser-oauth-database.js';
|
6
|
+
export type BrowserOAuthClientOptions = {
|
7
|
+
clientMetadata?: OAuthClientMetadataInput;
|
8
|
+
handleResolver?: HandleResolver | string | URL;
|
9
|
+
responseMode?: OAuthResponseMode;
|
10
|
+
plcDirectoryUrl?: string | URL;
|
11
|
+
crypto?: typeof globalThis.crypto;
|
12
|
+
fetch?: typeof globalThis.fetch;
|
13
|
+
};
|
14
|
+
type EventDetails = {
|
15
|
+
updated: TokenSet;
|
16
|
+
deleted: {
|
17
|
+
sub: string;
|
18
|
+
};
|
19
|
+
};
|
20
|
+
type CustomEventListener<T extends keyof EventDetails = keyof EventDetails> = (event: CustomEvent<EventDetails[T]>) => void;
|
21
|
+
type WrappedSessionStore = Disposable & DatabaseStore<Session>;
|
22
|
+
export type BrowserOAuthClientLoadOptions = Omit<BrowserOAuthClientOptions, 'clientMetadata'> & {
|
23
|
+
clientId: OAuthClientId;
|
24
|
+
signal?: AbortSignal;
|
25
|
+
};
|
26
|
+
export declare class BrowserOAuthClient extends OAuthClient {
|
27
|
+
static load({ clientId, ...options }: BrowserOAuthClientLoadOptions): Promise<BrowserOAuthClient>;
|
28
|
+
readonly sessionStore: WrappedSessionStore;
|
29
|
+
private readonly eventTarget;
|
30
|
+
private readonly database;
|
31
|
+
constructor({ clientMetadata, handleResolver, responseMode, plcDirectoryUrl, crypto, fetch, }?: BrowserOAuthClientOptions);
|
32
|
+
addEventListener<T extends keyof EventDetails>(type: T, callback: CustomEventListener<T> | null, options?: AddEventListenerOptions | boolean): void;
|
33
|
+
removeEventListener(type: string, callback: CustomEventListener | null, options?: EventListenerOptions | boolean): void;
|
34
|
+
restoreAll(): Promise<{
|
35
|
+
[k: string]: OAuthAgent;
|
36
|
+
}>;
|
37
|
+
init(sub?: string, refresh?: boolean): Promise<{
|
38
|
+
agent: OAuthAgent;
|
39
|
+
state: string | null;
|
40
|
+
} | {
|
41
|
+
agent: OAuthAgent;
|
42
|
+
} | undefined>;
|
43
|
+
signIn(input: string, options?: AuthorizeOptions & {
|
44
|
+
signal?: AbortSignal;
|
45
|
+
}): Promise<OAuthAgent>;
|
46
|
+
signInRedirect(input: string, options?: AuthorizeOptions): Promise<never>;
|
47
|
+
signInPopup(input: string, options?: Omit<AuthorizeOptions, 'state'> & {
|
48
|
+
signal?: AbortSignal;
|
49
|
+
}): Promise<OAuthAgent>;
|
50
|
+
private readCallbackParams;
|
51
|
+
signInCallback(): Promise<{
|
52
|
+
agent: OAuthAgent;
|
53
|
+
state: string | null;
|
54
|
+
} | null>;
|
55
|
+
[Symbol.asyncDispose](): Promise<void>;
|
56
|
+
}
|
57
|
+
export {};
|
58
|
+
//# sourceMappingURL=browser-oauth-client.d.ts.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"browser-oauth-client.d.ts","sourceRoot":"","sources":["../src/browser-oauth-client.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAA;AAC9D,OAAO,EACL,gBAAgB,EAChB,UAAU,EAEV,WAAW,EACX,OAAO,EACP,QAAQ,EACT,MAAM,uBAAuB,CAAA;AAC9B,OAAO,EACL,aAAa,EACb,wBAAwB,EACxB,iBAAiB,EAKlB,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAEL,aAAa,EACd,MAAM,6BAA6B,CAAA;AAKpC,MAAM,MAAM,yBAAyB,GAAG;IACtC,cAAc,CAAC,EAAE,wBAAwB,CAAA;IACzC,cAAc,CAAC,EAAE,cAAc,GAAG,MAAM,GAAG,GAAG,CAAA;IAC9C,YAAY,CAAC,EAAE,iBAAiB,CAAA;IAChC,eAAe,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;IAE9B,MAAM,CAAC,EAAE,OAAO,UAAU,CAAC,MAAM,CAAA;IACjC,KAAK,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAA;CAChC,CAAA;AAED,KAAK,YAAY,GAAG;IAClB,OAAO,EAAE,QAAQ,CAAA;IACjB,OAAO,EAAE;QAAE,GAAG,EAAE,MAAM,CAAA;KAAE,CAAA;CACzB,CAAA;AAED,KAAK,mBAAmB,CAAC,CAAC,SAAS,MAAM,YAAY,GAAG,MAAM,YAAY,IAAI,CAC5E,KAAK,EAAE,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,KAChC,IAAI,CAAA;AA8BT,KAAK,mBAAmB,GAAG,UAAU,GAAG,aAAa,CAAC,OAAO,CAAC,CAAA;AA6C9D,MAAM,MAAM,6BAA6B,GAAG,IAAI,CAC9C,yBAAyB,EACzB,gBAAgB,CACjB,GAAG;IACF,QAAQ,EAAE,aAAa,CAAA;IACvB,MAAM,CAAC,EAAE,WAAW,CAAA;CACrB,CAAA;AAED,qBAAa,kBAAmB,SAAQ,WAAW;WACpC,IAAI,CAAC,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE,EAAE,6BAA6B;IAsCzE,QAAQ,CAAC,YAAY,EAAE,mBAAmB,CAAA;IAE1C,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAa;IACzC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAsB;gBAEnC,EACV,cAAc,EACd,cAAsC,EAEtC,YAAyB,EACzB,eAAyC,EACzC,MAA0B,EAC1B,KAAwB,GACzB,GAAE,yBAA8B;IAyCjC,gBAAgB,CAAC,CAAC,SAAS,MAAM,YAAY,EAC3C,IAAI,EAAE,CAAC,EACP,QAAQ,EAAE,mBAAmB,CAAC,CAAC,CAAC,GAAG,IAAI,EACvC,OAAO,CAAC,EAAE,uBAAuB,GAAG,OAAO;IAK7C,mBAAmB,CACjB,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,mBAAmB,GAAG,IAAI,EACpC,OAAO,CAAC,EAAE,oBAAoB,GAAG,OAAO;IASpC,UAAU;;;IASV,IAAI,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO;;;;;;IAUpC,MAAM,CACV,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,gBAAgB,GAAG;QAAE,MAAM,CAAC,EAAE,WAAW,CAAA;KAAE;IASjD,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB;IAWxD,WAAW,CACf,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,IAAI,CAAC,gBAAgB,EAAE,OAAO,CAAC,GAAG;QAAE,MAAM,CAAC,EAAE,WAAW,CAAA;KAAE,GACnE,OAAO,CAAC,UAAU,CAAC;IA+EtB,OAAO,CAAC,kBAAkB;IAuBpB,cAAc;;;;IAwFd,CAAC,MAAM,CAAC,YAAY,CAAC;CAK5B"}
|
@@ -0,0 +1,353 @@
|
|
1
|
+
"use strict";
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
3
|
+
exports.BrowserOAuthClient = void 0;
|
4
|
+
const oauth_client_1 = require("@atproto/oauth-client");
|
5
|
+
const oauth_types_1 = require("@atproto/oauth-types");
|
6
|
+
const browser_oauth_database_js_1 = require("./browser-oauth-database.js");
|
7
|
+
const browser_runtime_implementation_js_1 = require("./browser-runtime-implementation.js");
|
8
|
+
const errors_js_1 = require("./errors.js");
|
9
|
+
const util_js_1 = require("./util.js");
|
10
|
+
const initEvent = (type, detail) => new CustomEvent(type, { detail, cancelable: false, bubbles: false });
|
11
|
+
const NAMESPACE = `@@atproto/oauth-client-browser`;
|
12
|
+
//- Popup channel
|
13
|
+
const POPUP_CHANNEL_NAME = `${NAMESPACE}(popup-channel)`;
|
14
|
+
const POPUP_STATE_PREFIX = `${NAMESPACE}(popup-state):`;
|
15
|
+
//- Deleted channel
|
16
|
+
const deletedChannel = new BroadcastChannel(`${NAMESPACE}(deleted-channel)`);
|
17
|
+
const wrapSessionStore = (dbStore, eventTarget) => {
|
18
|
+
const store = {
|
19
|
+
getKeys: async () => {
|
20
|
+
return dbStore.getKeys();
|
21
|
+
},
|
22
|
+
get: async (sub) => {
|
23
|
+
return dbStore.get(sub);
|
24
|
+
},
|
25
|
+
set: async (sub, session) => {
|
26
|
+
await dbStore.set(sub, session);
|
27
|
+
eventTarget.dispatchEvent(initEvent('updated', session.tokenSet));
|
28
|
+
},
|
29
|
+
del: async (sub) => {
|
30
|
+
await dbStore.del(sub);
|
31
|
+
deletedChannel.postMessage(sub);
|
32
|
+
eventTarget.dispatchEvent(initEvent('deleted', { sub }));
|
33
|
+
},
|
34
|
+
clear: async () => {
|
35
|
+
await dbStore.clear?.();
|
36
|
+
},
|
37
|
+
[Symbol.dispose]: () => {
|
38
|
+
deletedChannel.removeEventListener('message', onMessage);
|
39
|
+
},
|
40
|
+
};
|
41
|
+
const onMessage = (event) => {
|
42
|
+
// Listen for "deleted" events from other windows. The content will already
|
43
|
+
// have been deleted from the store so we only need to notify the listeners.
|
44
|
+
if (event.source !== window) {
|
45
|
+
const sub = event.data;
|
46
|
+
eventTarget.dispatchEvent(initEvent('deleted', { sub }));
|
47
|
+
}
|
48
|
+
};
|
49
|
+
deletedChannel.addEventListener('message', onMessage);
|
50
|
+
return store;
|
51
|
+
};
|
52
|
+
class BrowserOAuthClient extends oauth_client_1.OAuthClient {
|
53
|
+
static async load({ clientId, ...options }) {
|
54
|
+
if ((0, oauth_types_1.isOAuthClientIdLoopback)(clientId)) {
|
55
|
+
return new BrowserOAuthClient({
|
56
|
+
clientMetadata: (0, oauth_types_1.atprotoLoopbackClientMetadata)(clientId),
|
57
|
+
...options,
|
58
|
+
});
|
59
|
+
}
|
60
|
+
else if ((0, oauth_types_1.isOAuthClientIdDiscoverable)(clientId)) {
|
61
|
+
const fetch = options?.fetch ?? globalThis.fetch;
|
62
|
+
const request = new Request(clientId, {
|
63
|
+
redirect: 'error',
|
64
|
+
signal: options.signal,
|
65
|
+
});
|
66
|
+
const response = await fetch(request);
|
67
|
+
if (response.status !== 200) {
|
68
|
+
throw new TypeError(`Failed to fetch client metadata: ${response.status}`);
|
69
|
+
}
|
70
|
+
const mime = response.headers.get('content-type')?.split(';')[0].trim();
|
71
|
+
if (mime !== 'application/json') {
|
72
|
+
throw new TypeError(`Invalid content type: ${mime}`);
|
73
|
+
}
|
74
|
+
const json = await response.json();
|
75
|
+
options.signal?.throwIfAborted();
|
76
|
+
return new BrowserOAuthClient({
|
77
|
+
clientMetadata: oauth_types_1.oauthClientMetadataSchema.parse(json),
|
78
|
+
...options,
|
79
|
+
});
|
80
|
+
}
|
81
|
+
else {
|
82
|
+
throw new TypeError(`Invalid client id: ${clientId}`);
|
83
|
+
}
|
84
|
+
}
|
85
|
+
constructor({ clientMetadata, handleResolver = 'https://bsky.social',
|
86
|
+
// "fragment" is safer as it is not sent to the server
|
87
|
+
responseMode = 'fragment', plcDirectoryUrl = 'https://plc.directory', crypto = globalThis.crypto, fetch = globalThis.fetch, } = {}) {
|
88
|
+
const database = new browser_oauth_database_js_1.BrowserOAuthDatabase();
|
89
|
+
const eventTarget = new EventTarget();
|
90
|
+
const sessionStore = wrapSessionStore(database.getSessionStore(), eventTarget);
|
91
|
+
super({
|
92
|
+
clientMetadata: clientMetadata == null
|
93
|
+
? (0, oauth_types_1.atprotoLoopbackClientMetadata)((0, util_js_1.buildLoopbackClientId)(window.location))
|
94
|
+
: clientMetadata,
|
95
|
+
responseMode,
|
96
|
+
fetch,
|
97
|
+
runtimeImplementation: new browser_runtime_implementation_js_1.BrowserRuntimeImplementation(crypto),
|
98
|
+
plcDirectoryUrl,
|
99
|
+
handleResolver,
|
100
|
+
sessionStore,
|
101
|
+
stateStore: database.getStateStore(),
|
102
|
+
didCache: database.getDidCache(),
|
103
|
+
handleCache: database.getHandleCache(),
|
104
|
+
dpopNonceCache: database.getDpopNonceCache(),
|
105
|
+
authorizationServerMetadataCache: database.getAuthorizationServerMetadataCache(),
|
106
|
+
protectedResourceMetadataCache: database.getProtectedResourceMetadataCache(),
|
107
|
+
});
|
108
|
+
Object.defineProperty(this, "sessionStore", {
|
109
|
+
enumerable: true,
|
110
|
+
configurable: true,
|
111
|
+
writable: true,
|
112
|
+
value: void 0
|
113
|
+
});
|
114
|
+
Object.defineProperty(this, "eventTarget", {
|
115
|
+
enumerable: true,
|
116
|
+
configurable: true,
|
117
|
+
writable: true,
|
118
|
+
value: void 0
|
119
|
+
});
|
120
|
+
Object.defineProperty(this, "database", {
|
121
|
+
enumerable: true,
|
122
|
+
configurable: true,
|
123
|
+
writable: true,
|
124
|
+
value: void 0
|
125
|
+
});
|
126
|
+
this.sessionStore = sessionStore;
|
127
|
+
this.eventTarget = eventTarget;
|
128
|
+
this.database = database;
|
129
|
+
fixLocation(this.clientMetadata);
|
130
|
+
}
|
131
|
+
addEventListener(type, callback, options) {
|
132
|
+
this.eventTarget.addEventListener(type, callback, options);
|
133
|
+
}
|
134
|
+
removeEventListener(type, callback, options) {
|
135
|
+
this.eventTarget.removeEventListener(type, callback, options);
|
136
|
+
}
|
137
|
+
async restoreAll() {
|
138
|
+
const subs = await this.sessionStore.getKeys();
|
139
|
+
return Object.fromEntries(await Promise.all(subs.map(async (sub) => [sub, await this.restore(sub, false)])));
|
140
|
+
}
|
141
|
+
async init(sub, refresh) {
|
142
|
+
const signInResult = await this.signInCallback();
|
143
|
+
if (signInResult) {
|
144
|
+
return signInResult;
|
145
|
+
}
|
146
|
+
else if (sub) {
|
147
|
+
const agent = await this.restore(sub, refresh);
|
148
|
+
return { agent };
|
149
|
+
}
|
150
|
+
}
|
151
|
+
async signIn(input, options) {
|
152
|
+
if (options?.display === 'popup') {
|
153
|
+
return this.signInPopup(input, options);
|
154
|
+
}
|
155
|
+
else {
|
156
|
+
return this.signInRedirect(input, options);
|
157
|
+
}
|
158
|
+
}
|
159
|
+
async signInRedirect(input, options) {
|
160
|
+
const url = await this.authorize(input, options);
|
161
|
+
window.location.href = url.href;
|
162
|
+
// back-forward cache
|
163
|
+
return new Promise((resolve, reject) => {
|
164
|
+
setTimeout(() => reject(new Error('User navigated back')), 5e3);
|
165
|
+
});
|
166
|
+
}
|
167
|
+
async signInPopup(input, options) {
|
168
|
+
// Open new window asap to prevent popup busting by browsers
|
169
|
+
const popupFeatures = 'width=600,height=600,menubar=no,toolbar=no';
|
170
|
+
let popup = window.open('about:blank', '_blank', popupFeatures);
|
171
|
+
const stateKey = `${Math.random().toString(36).slice(2)}`;
|
172
|
+
const url = await this.authorize(input, {
|
173
|
+
...options,
|
174
|
+
state: `${POPUP_STATE_PREFIX}${stateKey}`,
|
175
|
+
display: options?.display ?? 'popup',
|
176
|
+
});
|
177
|
+
options?.signal?.throwIfAborted();
|
178
|
+
if (popup) {
|
179
|
+
popup.window.location.href = url.href;
|
180
|
+
}
|
181
|
+
else {
|
182
|
+
popup = window.open(url.href, '_blank', popupFeatures);
|
183
|
+
}
|
184
|
+
popup?.focus();
|
185
|
+
return new Promise((resolve, reject) => {
|
186
|
+
const popupChannel = new BroadcastChannel(POPUP_CHANNEL_NAME);
|
187
|
+
const cleanup = () => {
|
188
|
+
clearTimeout(timeout);
|
189
|
+
popupChannel.removeEventListener('message', onMessage);
|
190
|
+
popupChannel.close();
|
191
|
+
options?.signal?.removeEventListener('abort', cancel);
|
192
|
+
popup?.close();
|
193
|
+
};
|
194
|
+
const cancel = () => {
|
195
|
+
// @TODO: Store fact that the request was cancelled, allowing any
|
196
|
+
// callback (e.g. in the popup) to revoke the session or credentials.
|
197
|
+
reject(new Error(options?.signal?.aborted ? 'Aborted' : 'Timeout'));
|
198
|
+
cleanup();
|
199
|
+
};
|
200
|
+
options?.signal?.addEventListener('abort', cancel);
|
201
|
+
const timeout = setTimeout(cancel, 5 * 60e3);
|
202
|
+
const onMessage = async ({ data }) => {
|
203
|
+
if (data.key !== stateKey)
|
204
|
+
return;
|
205
|
+
if (!('result' in data))
|
206
|
+
return;
|
207
|
+
// Send acknowledgment to popup window
|
208
|
+
popupChannel.postMessage({ key: stateKey, ack: true });
|
209
|
+
cleanup();
|
210
|
+
const { result } = data;
|
211
|
+
if (result.status === 'fulfilled') {
|
212
|
+
const sub = result.value;
|
213
|
+
try {
|
214
|
+
options?.signal?.throwIfAborted();
|
215
|
+
resolve(await this.restore(sub));
|
216
|
+
}
|
217
|
+
catch (err) {
|
218
|
+
reject(err);
|
219
|
+
void this.revoke(sub);
|
220
|
+
}
|
221
|
+
}
|
222
|
+
else {
|
223
|
+
const { message, params } = result.reason;
|
224
|
+
reject(new oauth_client_1.OAuthCallbackError(new URLSearchParams(params), message));
|
225
|
+
}
|
226
|
+
};
|
227
|
+
popupChannel.addEventListener('message', onMessage);
|
228
|
+
});
|
229
|
+
}
|
230
|
+
readCallbackParams() {
|
231
|
+
const params = this.responseMode === 'fragment'
|
232
|
+
? new URLSearchParams(location.hash.slice(1))
|
233
|
+
: new URLSearchParams(location.search);
|
234
|
+
// Only if the current URL contains a valid oauth response params
|
235
|
+
if (!params.has('state') || !(params.has('code') || params.has('error'))) {
|
236
|
+
return null;
|
237
|
+
}
|
238
|
+
const matchesLocation = (url) => location.origin === url.origin && location.pathname === url.pathname;
|
239
|
+
const redirectUrls = this.clientMetadata.redirect_uris.map((uri) => new URL(uri));
|
240
|
+
// Only if the current URL is one of the redirect_uris
|
241
|
+
if (!redirectUrls.some(matchesLocation))
|
242
|
+
return null;
|
243
|
+
return params;
|
244
|
+
}
|
245
|
+
async signInCallback() {
|
246
|
+
const params = this.readCallbackParams();
|
247
|
+
// Not a (valid) OAuth redirect
|
248
|
+
if (!params)
|
249
|
+
return null;
|
250
|
+
// Replace the current history entry without the params (this will prevent
|
251
|
+
// the following code to run again if the user refreshes the page)
|
252
|
+
history.replaceState(null, '', location.pathname);
|
253
|
+
const sendResult = (message) => {
|
254
|
+
const popupChannel = new BroadcastChannel(POPUP_CHANNEL_NAME);
|
255
|
+
return new Promise((resolve) => {
|
256
|
+
const cleanup = (result) => {
|
257
|
+
clearTimeout(timer);
|
258
|
+
popupChannel.removeEventListener('message', onMessage);
|
259
|
+
popupChannel.close();
|
260
|
+
resolve(result);
|
261
|
+
};
|
262
|
+
const onTimeout = () => {
|
263
|
+
cleanup(false);
|
264
|
+
};
|
265
|
+
const onMessage = ({ data }) => {
|
266
|
+
if ('ack' in data && message.key === data.key)
|
267
|
+
cleanup(true);
|
268
|
+
};
|
269
|
+
popupChannel.addEventListener('message', onMessage);
|
270
|
+
popupChannel.postMessage(message);
|
271
|
+
// Receiving of "ack" should be very fast, giving it 500 ms anyway
|
272
|
+
const timer = setTimeout(onTimeout, 500);
|
273
|
+
});
|
274
|
+
};
|
275
|
+
return this.callback(params)
|
276
|
+
.then(async (result) => {
|
277
|
+
if (result.state?.startsWith(POPUP_STATE_PREFIX)) {
|
278
|
+
const receivedByParent = await sendResult({
|
279
|
+
key: result.state.slice(POPUP_STATE_PREFIX.length),
|
280
|
+
result: {
|
281
|
+
status: 'fulfilled',
|
282
|
+
value: result.agent.sub,
|
283
|
+
},
|
284
|
+
});
|
285
|
+
// Revoke the credentials if the parent window was closed
|
286
|
+
if (!receivedByParent)
|
287
|
+
await result.agent.signOut();
|
288
|
+
throw new errors_js_1.LoginContinuedInParentWindowError(); // signInPopup
|
289
|
+
}
|
290
|
+
return result;
|
291
|
+
})
|
292
|
+
.catch(async (err) => {
|
293
|
+
if (err instanceof oauth_client_1.OAuthCallbackError &&
|
294
|
+
err.state?.startsWith(POPUP_STATE_PREFIX)) {
|
295
|
+
await sendResult({
|
296
|
+
key: err.state.slice(POPUP_STATE_PREFIX.length),
|
297
|
+
result: {
|
298
|
+
status: 'rejected',
|
299
|
+
reason: {
|
300
|
+
message: err.message,
|
301
|
+
params: Array.from(err.params.entries()),
|
302
|
+
},
|
303
|
+
},
|
304
|
+
});
|
305
|
+
throw new errors_js_1.LoginContinuedInParentWindowError(); // signInPopup
|
306
|
+
}
|
307
|
+
// Most probable cause at this point is that the "state" parameter is
|
308
|
+
// invalid.
|
309
|
+
throw err;
|
310
|
+
})
|
311
|
+
.catch((err) => {
|
312
|
+
if (err instanceof errors_js_1.LoginContinuedInParentWindowError) {
|
313
|
+
// parent will also try to close the popup
|
314
|
+
window.close();
|
315
|
+
}
|
316
|
+
throw err;
|
317
|
+
});
|
318
|
+
}
|
319
|
+
async [Symbol.asyncDispose]() {
|
320
|
+
// TODO This should be implemented using a DisposableStack
|
321
|
+
await this.sessionStore[Symbol.dispose]();
|
322
|
+
await this.database[Symbol.asyncDispose]();
|
323
|
+
}
|
324
|
+
}
|
325
|
+
exports.BrowserOAuthClient = BrowserOAuthClient;
|
326
|
+
/**
|
327
|
+
* Since "localhost" is often used either in IP mode or in hostname mode,
|
328
|
+
* and because the redirect uris must use the IP mode, we need to make sure
|
329
|
+
* that the current location url is not using "localhost".
|
330
|
+
*
|
331
|
+
* This is required for the IndexedDB to work properly. Indeed, the IndexedDB
|
332
|
+
* is shared by origin, so we must ensure to be on the same origin as the
|
333
|
+
* redirect uris.
|
334
|
+
*/
|
335
|
+
function fixLocation(clientMetadata) {
|
336
|
+
if (clientMetadata.client_id !== 'http://localhost/')
|
337
|
+
return;
|
338
|
+
if (window.location.hostname !== 'localhost')
|
339
|
+
return;
|
340
|
+
const locationUrl = new URL(window.location.href);
|
341
|
+
for (const uri of clientMetadata.redirect_uris) {
|
342
|
+
const url = new URL(uri);
|
343
|
+
if (url.port === locationUrl.port &&
|
344
|
+
url.protocol === locationUrl.protocol &&
|
345
|
+
(url.hostname === '127.0.0.1' || url.hostname === '[::1]')) {
|
346
|
+
window.location.hostname = url.hostname;
|
347
|
+
// Prevent APP from loading on the wrong hostname
|
348
|
+
throw new Error('Redirecting to loopback IP...');
|
349
|
+
}
|
350
|
+
}
|
351
|
+
throw new Error(`Please use the loopback IP address instead of ${locationUrl}`);
|
352
|
+
}
|
353
|
+
//# sourceMappingURL=browser-oauth-client.js.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"browser-oauth-client.js","sourceRoot":"","sources":["../src/browser-oauth-client.ts"],"names":[],"mappings":";;;AACA,wDAO8B;AAC9B,sDAQ6B;AAE7B,2EAGoC;AACpC,2FAAkF;AAClF,2CAA+D;AAC/D,uCAAiD;AAqBjD,MAAM,SAAS,GAAG,CAChB,IAAO,EACP,MAAuB,EACvB,EAAE,CAAC,IAAI,WAAW,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAA;AAEzE,MAAM,SAAS,GAAG,gCAAgC,CAAA;AAElD,iBAAiB;AAEjB,MAAM,kBAAkB,GAAG,GAAG,SAAS,iBAAiB,CAAA;AACxD,MAAM,kBAAkB,GAAG,GAAG,SAAS,gBAAgB,CAAA;AAcvD,mBAAmB;AAEnB,MAAM,cAAc,GAAG,IAAI,gBAAgB,CAAC,GAAG,SAAS,mBAAmB,CAAC,CAAA;AAG5E,MAAM,gBAAgB,GAAG,CACvB,OAA+B,EAC/B,WAAwB,EACxB,EAAE;IACF,MAAM,KAAK,GAAwB;QACjC,OAAO,EAAE,KAAK,IAAI,EAAE;YAClB,OAAO,OAAO,CAAC,OAAO,EAAE,CAAA;QAC1B,CAAC;QACD,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;YACjB,OAAO,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QACzB,CAAC;QACD,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE;YAC1B,MAAM,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;YAE/B,WAAW,CAAC,aAAa,CAAC,SAAS,CAAC,SAAS,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAA;QACnE,CAAC;QACD,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;YACjB,MAAM,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;YACtB,cAAc,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;YAE/B,WAAW,CAAC,aAAa,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,CAAA;QAC1D,CAAC;QACD,KAAK,EAAE,KAAK,IAAI,EAAE;YAChB,MAAM,OAAO,CAAC,KAAK,EAAE,EAAE,CAAA;QACzB,CAAC;QACD,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE;YACrB,cAAc,CAAC,mBAAmB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;QAC1D,CAAC;KACF,CAAA;IAED,MAAM,SAAS,GAAG,CAAC,KAA2B,EAAE,EAAE;QAChD,2EAA2E;QAC3E,4EAA4E;QAC5E,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAC5B,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAA;YACtB,WAAW,CAAC,aAAa,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,CAAA;QAC1D,CAAC;IACH,CAAC,CAAA;IAED,cAAc,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;IAErD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAUD,MAAa,kBAAmB,SAAQ,0BAAW;IACjD,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAiC;QACvE,IAAI,IAAA,qCAAuB,EAAC,QAAQ,CAAC,EAAE,CAAC;YACtC,OAAO,IAAI,kBAAkB,CAAC;gBAC5B,cAAc,EAAE,IAAA,2CAA6B,EAAC,QAAQ,CAAC;gBACvD,GAAG,OAAO;aACX,CAAC,CAAA;QACJ,CAAC;aAAM,IAAI,IAAA,yCAA2B,EAAC,QAAQ,CAAC,EAAE,CAAC;YACjD,MAAM,KAAK,GAAG,OAAO,EAAE,KAAK,IAAI,UAAU,CAAC,KAAK,CAAA;YAChD,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,QAAQ,EAAE;gBACpC,QAAQ,EAAE,OAAO;gBACjB,MAAM,EAAE,OAAO,CAAC,MAAM;aACvB,CAAC,CAAA;YACF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAA;YAErC,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,MAAM,IAAI,SAAS,CACjB,oCAAoC,QAAQ,CAAC,MAAM,EAAE,CACtD,CAAA;YACH,CAAC;YAED,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;YACvE,IAAI,IAAI,KAAK,kBAAkB,EAAE,CAAC;gBAChC,MAAM,IAAI,SAAS,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAA;YACtD,CAAC;YAED,MAAM,IAAI,GAAY,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAA;YAE3C,OAAO,CAAC,MAAM,EAAE,cAAc,EAAE,CAAA;YAEhC,OAAO,IAAI,kBAAkB,CAAC;gBAC5B,cAAc,EAAE,uCAAyB,CAAC,KAAK,CAAC,IAAI,CAAC;gBACrD,GAAG,OAAO;aACX,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,SAAS,CAAC,sBAAsB,QAAQ,EAAE,CAAC,CAAA;QACvD,CAAC;IACH,CAAC;IAOD,YAAY,EACV,cAAc,EACd,cAAc,GAAG,qBAAqB;IACtC,sDAAsD;IACtD,YAAY,GAAG,UAAU,EACzB,eAAe,GAAG,uBAAuB,EACzC,MAAM,GAAG,UAAU,CAAC,MAAM,EAC1B,KAAK,GAAG,UAAU,CAAC,KAAK,MACK,EAAE;QAC/B,MAAM,QAAQ,GAAG,IAAI,gDAAoB,EAAE,CAAA;QAE3C,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAA;QACrC,MAAM,YAAY,GAAG,gBAAgB,CACnC,QAAQ,CAAC,eAAe,EAAE,EAC1B,WAAW,CACZ,CAAA;QAED,KAAK,CAAC;YACJ,cAAc,EACZ,cAAc,IAAI,IAAI;gBACpB,CAAC,CAAC,IAAA,2CAA6B,EAC3B,IAAA,+BAAqB,EAAC,MAAM,CAAC,QAAQ,CAAC,CACvC;gBACH,CAAC,CAAC,cAAc;YACpB,YAAY;YACZ,KAAK;YACL,qBAAqB,EAAE,IAAI,gEAA4B,CAAC,MAAM,CAAC;YAC/D,eAAe;YACf,cAAc;YACd,YAAY;YACZ,UAAU,EAAE,QAAQ,CAAC,aAAa,EAAE;YAEpC,QAAQ,EAAE,QAAQ,CAAC,WAAW,EAAE;YAChC,WAAW,EAAE,QAAQ,CAAC,cAAc,EAAE;YACtC,cAAc,EAAE,QAAQ,CAAC,iBAAiB,EAAE;YAC5C,gCAAgC,EAC9B,QAAQ,CAAC,mCAAmC,EAAE;YAChD,8BAA8B,EAC5B,QAAQ,CAAC,iCAAiC,EAAE;SAC/C,CAAC,CAAA;QA5CK;;;;;WAAiC;QAEzB;;;;;WAAwB;QACxB;;;;;WAA8B;QA2C7C,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAEhC,IAAI,CAAC,WAAW,GAAG,WAAW,CAAA;QAC9B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAA;QAExB,WAAW,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IAClC,CAAC;IAED,gBAAgB,CACd,IAAO,EACP,QAAuC,EACvC,OAA2C;QAE3C,IAAI,CAAC,WAAW,CAAC,gBAAgB,CAAC,IAAI,EAAE,QAAyB,EAAE,OAAO,CAAC,CAAA;IAC7E,CAAC;IAED,mBAAmB,CACjB,IAAY,EACZ,QAAoC,EACpC,OAAwC;QAExC,IAAI,CAAC,WAAW,CAAC,mBAAmB,CAClC,IAAI,EACJ,QAAyB,EACzB,OAAO,CACR,CAAA;IACH,CAAC;IAED,KAAK,CAAC,UAAU;QACd,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAA;QAC9C,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,OAAO,CAAC,GAAG,CACf,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,EAAE,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,CAAU,CAAC,CACxE,CACF,CAAA;IACH,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,GAAY,EAAE,OAAiB;QACxC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;QAChD,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,YAAY,CAAA;QACrB,CAAC;aAAM,IAAI,GAAG,EAAE,CAAC;YACf,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;YAC9C,OAAO,EAAE,KAAK,EAAE,CAAA;QAClB,CAAC;IACH,CAAC;IAED,KAAK,CAAC,MAAM,CACV,KAAa,EACb,OAAqD;QAErD,IAAI,OAAO,EAAE,OAAO,KAAK,OAAO,EAAE,CAAC;YACjC,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QACzC,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QAC5C,CAAC;IACH,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,KAAa,EAAE,OAA0B;QAC5D,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QAEhD,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAA;QAE/B,qBAAqB;QACrB,OAAO,IAAI,OAAO,CAAQ,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC5C,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC,EAAE,GAAG,CAAC,CAAA;QACjE,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,WAAW,CACf,KAAa,EACb,OAAoE;QAEpE,4DAA4D;QAC5D,MAAM,aAAa,GAAG,4CAA4C,CAAA;QAClE,IAAI,KAAK,GAAkB,MAAM,CAAC,IAAI,CACpC,aAAa,EACb,QAAQ,EACR,aAAa,CACd,CAAA;QAED,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAA;QAEzD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE;YACtC,GAAG,OAAO;YACV,KAAK,EAAE,GAAG,kBAAkB,GAAG,QAAQ,EAAE;YACzC,OAAO,EAAE,OAAO,EAAE,OAAO,IAAI,OAAO;SACrC,CAAC,CAAA;QAEF,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,CAAA;QAEjC,IAAI,KAAK,EAAE,CAAC;YACV,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAA;QACvC,CAAC;aAAM,CAAC;YACN,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAA;QACxD,CAAC;QAED,KAAK,EAAE,KAAK,EAAE,CAAA;QAEd,OAAO,IAAI,OAAO,CAAa,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACjD,MAAM,YAAY,GAAG,IAAI,gBAAgB,CAAC,kBAAkB,CAAC,CAAA;YAE7D,MAAM,OAAO,GAAG,GAAG,EAAE;gBACnB,YAAY,CAAC,OAAO,CAAC,CAAA;gBACrB,YAAY,CAAC,mBAAmB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;gBACtD,YAAY,CAAC,KAAK,EAAE,CAAA;gBACpB,OAAO,EAAE,MAAM,EAAE,mBAAmB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;gBACrD,KAAK,EAAE,KAAK,EAAE,CAAA;YAChB,CAAC,CAAA;YAED,MAAM,MAAM,GAAG,GAAG,EAAE;gBAClB,iEAAiE;gBACjE,qEAAqE;gBAErE,MAAM,CAAC,IAAI,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAA;gBACnE,OAAO,EAAE,CAAA;YACX,CAAC,CAAA;YAED,OAAO,EAAE,MAAM,EAAE,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;YAElD,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC,CAAA;YAE5C,MAAM,SAAS,GAAG,KAAK,EAAE,EAAE,IAAI,EAAkC,EAAE,EAAE;gBACnE,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ;oBAAE,OAAM;gBACjC,IAAI,CAAC,CAAC,QAAQ,IAAI,IAAI,CAAC;oBAAE,OAAM;gBAE/B,sCAAsC;gBACtC,YAAY,CAAC,WAAW,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAA;gBAEtD,OAAO,EAAE,CAAA;gBAET,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAA;gBACvB,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;oBAClC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAA;oBACxB,IAAI,CAAC;wBACH,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,CAAA;wBACjC,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;oBAClC,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,MAAM,CAAC,GAAG,CAAC,CAAA;wBACX,KAAK,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;oBACvB,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAA;oBACzC,MAAM,CAAC,IAAI,iCAAkB,CAAC,IAAI,eAAe,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,CAAC,CAAA;gBACtE,CAAC;YACH,CAAC,CAAA;YAED,YAAY,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;QACrD,CAAC,CAAC,CAAA;IACJ,CAAC;IAEO,kBAAkB;QACxB,MAAM,MAAM,GACV,IAAI,CAAC,YAAY,KAAK,UAAU;YAC9B,CAAC,CAAC,IAAI,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC7C,CAAC,CAAC,IAAI,eAAe,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;QAE1C,iEAAiE;QACjE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YACzE,OAAO,IAAI,CAAA;QACb,CAAC;QAED,MAAM,eAAe,GAAG,CAAC,GAAQ,EAAE,EAAE,CACnC,QAAQ,CAAC,MAAM,KAAK,GAAG,CAAC,MAAM,IAAI,QAAQ,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,CAAA;QACtE,MAAM,YAAY,GAAG,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,GAAG,CACxD,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CACtB,CAAA;QAED,sDAAsD;QACtD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,eAAe,CAAC;YAAE,OAAO,IAAI,CAAA;QAEpD,OAAO,MAAM,CAAA;IACf,CAAC;IAED,KAAK,CAAC,cAAc;QAClB,MAAM,MAAM,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAA;QAExC,+BAA+B;QAC/B,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAA;QAExB,0EAA0E;QAC1E,kEAAkE;QAClE,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAA;QAEjD,MAAM,UAAU,GAAG,CAAC,OAA+B,EAAE,EAAE;YACrD,MAAM,YAAY,GAAG,IAAI,gBAAgB,CAAC,kBAAkB,CAAC,CAAA;YAE7D,OAAO,IAAI,OAAO,CAAU,CAAC,OAAO,EAAE,EAAE;gBACtC,MAAM,OAAO,GAAG,CAAC,MAAe,EAAE,EAAE;oBAClC,YAAY,CAAC,KAAK,CAAC,CAAA;oBACnB,YAAY,CAAC,mBAAmB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;oBACtD,YAAY,CAAC,KAAK,EAAE,CAAA;oBACpB,OAAO,CAAC,MAAM,CAAC,CAAA;gBACjB,CAAC,CAAA;gBAED,MAAM,SAAS,GAAG,GAAG,EAAE;oBACrB,OAAO,CAAC,KAAK,CAAC,CAAA;gBAChB,CAAC,CAAA;gBAED,MAAM,SAAS,GAAG,CAAC,EAAE,IAAI,EAAkC,EAAE,EAAE;oBAC7D,IAAI,KAAK,IAAI,IAAI,IAAI,OAAO,CAAC,GAAG,KAAK,IAAI,CAAC,GAAG;wBAAE,OAAO,CAAC,IAAI,CAAC,CAAA;gBAC9D,CAAC,CAAA;gBAED,YAAY,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;gBACnD,YAAY,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;gBACjC,kEAAkE;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;YAC1C,CAAC,CAAC,CAAA;QACJ,CAAC,CAAA;QAED,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;aACzB,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;YACrB,IAAI,MAAM,CAAC,KAAK,EAAE,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACjD,MAAM,gBAAgB,GAAG,MAAM,UAAU,CAAC;oBACxC,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,MAAM,CAAC;oBAClD,MAAM,EAAE;wBACN,MAAM,EAAE,WAAW;wBACnB,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG;qBACxB;iBACF,CAAC,CAAA;gBAEF,yDAAyD;gBACzD,IAAI,CAAC,gBAAgB;oBAAE,MAAM,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,CAAA;gBAEnD,MAAM,IAAI,6CAAiC,EAAE,CAAA,CAAC,cAAc;YAC9D,CAAC;YAED,OAAO,MAAM,CAAA;QACf,CAAC,CAAC;aACD,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;YACnB,IACE,GAAG,YAAY,iCAAkB;gBACjC,GAAG,CAAC,KAAK,EAAE,UAAU,CAAC,kBAAkB,CAAC,EACzC,CAAC;gBACD,MAAM,UAAU,CAAC;oBACf,GAAG,EAAE,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,MAAM,CAAC;oBAC/C,MAAM,EAAE;wBACN,MAAM,EAAE,UAAU;wBAClB,MAAM,EAAE;4BACN,OAAO,EAAE,GAAG,CAAC,OAAO;4BACpB,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;yBACzC;qBACF;iBACF,CAAC,CAAA;gBAEF,MAAM,IAAI,6CAAiC,EAAE,CAAA,CAAC,cAAc;YAC9D,CAAC;YAED,qEAAqE;YACrE,WAAW;YACX,MAAM,GAAG,CAAA;QACX,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACb,IAAI,GAAG,YAAY,6CAAiC,EAAE,CAAC;gBACrD,0CAA0C;gBAC1C,MAAM,CAAC,KAAK,EAAE,CAAA;YAChB,CAAC;YAED,MAAM,GAAG,CAAA;QACX,CAAC,CAAC,CAAA;IACN,CAAC;IAED,KAAK,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC;QACzB,0DAA0D;QAC1D,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAA;QACzC,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,CAAA;IAC5C,CAAC;CACF;AAhWD,gDAgWC;AAED;;;;;;;;GAQG;AACH,SAAS,WAAW,CAAC,cAAwC;IAC3D,IAAI,cAAc,CAAC,SAAS,KAAK,mBAAmB;QAAE,OAAM;IAC5D,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,KAAK,WAAW;QAAE,OAAM;IAEpD,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;IAEjD,KAAK,MAAM,GAAG,IAAI,cAAc,CAAC,aAAa,EAAE,CAAC;QAC/C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;QACxB,IACE,GAAG,CAAC,IAAI,KAAK,WAAW,CAAC,IAAI;YAC7B,GAAG,CAAC,QAAQ,KAAK,WAAW,CAAC,QAAQ;YACrC,CAAC,GAAG,CAAC,QAAQ,KAAK,WAAW,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,CAAC,EAC1D,CAAC;YACD,MAAM,CAAC,QAAQ,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAA;YAEvC,iDAAiD;YACjD,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;QAClD,CAAC;IACH,CAAC;IAED,MAAM,IAAI,KAAK,CACb,iDAAiD,WAAW,EAAE,CAC/D,CAAA;AACH,CAAC"}
|
@@ -0,0 +1,61 @@
|
|
1
|
+
import { ResolvedHandle } from '@atproto-labs/handle-resolver';
|
2
|
+
import { SimpleStore, Value } from '@atproto-labs/simple-store';
|
3
|
+
import { DidDocument } from '@atproto/did';
|
4
|
+
import { InternalStateData, Session, TokenSet } from '@atproto/oauth-client';
|
5
|
+
import { OAuthAuthorizationServerMetadata, OAuthProtectedResourceMetadata } from '@atproto/oauth-types';
|
6
|
+
import { DBObjectStore } from './indexed-db/index.js';
|
7
|
+
type Item<V> = {
|
8
|
+
value: V;
|
9
|
+
expiresAt?: string;
|
10
|
+
};
|
11
|
+
type EncodedKey = {
|
12
|
+
keyId: string;
|
13
|
+
keyPair: CryptoKeyPair;
|
14
|
+
};
|
15
|
+
export type Schema = {
|
16
|
+
state: Item<{
|
17
|
+
dpopKey: EncodedKey;
|
18
|
+
iss: string;
|
19
|
+
nonce: string;
|
20
|
+
verifier?: string;
|
21
|
+
appState?: string;
|
22
|
+
}>;
|
23
|
+
session: Item<{
|
24
|
+
dpopKey: EncodedKey;
|
25
|
+
tokenSet: TokenSet;
|
26
|
+
}>;
|
27
|
+
didCache: Item<DidDocument>;
|
28
|
+
dpopNonceCache: Item<string>;
|
29
|
+
handleCache: Item<ResolvedHandle>;
|
30
|
+
authorizationServerMetadataCache: Item<OAuthAuthorizationServerMetadata>;
|
31
|
+
protectedResourceMetadataCache: Item<OAuthProtectedResourceMetadata>;
|
32
|
+
};
|
33
|
+
export type DatabaseStore<V extends Value> = SimpleStore<string, V> & {
|
34
|
+
getKeys: () => Promise<string[]>;
|
35
|
+
};
|
36
|
+
export type BrowserOAuthDatabaseOptions = {
|
37
|
+
name?: string;
|
38
|
+
durability?: 'strict' | 'relaxed';
|
39
|
+
cleanupInterval?: number;
|
40
|
+
};
|
41
|
+
export declare class BrowserOAuthDatabase {
|
42
|
+
#private;
|
43
|
+
constructor(options?: BrowserOAuthDatabaseOptions);
|
44
|
+
protected run<N extends keyof Schema, R>(storeName: N, mode: 'readonly' | 'readwrite', fn: (s: DBObjectStore<Schema[N]>) => R | Promise<R>): Promise<R>;
|
45
|
+
protected createStore<N extends keyof Schema, V extends Value>(name: N, { encode, decode, expiresAt, }: {
|
46
|
+
encode: (value: V) => Schema[N]['value'] | PromiseLike<Schema[N]['value']>;
|
47
|
+
decode: (encoded: Schema[N]['value']) => V | PromiseLike<V>;
|
48
|
+
expiresAt: (value: V) => null | Date;
|
49
|
+
}): DatabaseStore<V>;
|
50
|
+
getSessionStore(): DatabaseStore<Session>;
|
51
|
+
getStateStore(): DatabaseStore<InternalStateData>;
|
52
|
+
getDpopNonceCache(): undefined | DatabaseStore<string>;
|
53
|
+
getDidCache(): undefined | DatabaseStore<DidDocument>;
|
54
|
+
getHandleCache(): undefined | DatabaseStore<ResolvedHandle>;
|
55
|
+
getAuthorizationServerMetadataCache(): undefined | DatabaseStore<OAuthAuthorizationServerMetadata>;
|
56
|
+
getProtectedResourceMetadataCache(): undefined | DatabaseStore<OAuthProtectedResourceMetadata>;
|
57
|
+
cleanup(): Promise<void>;
|
58
|
+
[Symbol.asyncDispose](): Promise<void>;
|
59
|
+
}
|
60
|
+
export {};
|
61
|
+
//# sourceMappingURL=browser-oauth-database.d.ts.map
|
@@ -0,0 +1 @@
|
|
1
|
+
{"version":3,"file":"browser-oauth-database.d.ts","sourceRoot":"","sources":["../src/browser-oauth-database.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAA;AAC9D,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,4BAA4B,CAAA;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AAG1C,OAAO,EAAE,iBAAiB,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAA;AAC5E,OAAO,EACL,gCAAgC,EAChC,8BAA8B,EAC/B,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAM,aAAa,EAAE,MAAM,uBAAuB,CAAA;AAGzD,KAAK,IAAI,CAAC,CAAC,IAAI;IACb,KAAK,EAAE,CAAC,CAAA;IACR,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB,CAAA;AAED,KAAK,UAAU,GAAG;IAChB,KAAK,EAAE,MAAM,CAAA;IACb,OAAO,EAAE,aAAa,CAAA;CACvB,CAAA;AAgBD,MAAM,MAAM,MAAM,GAAG;IACnB,KAAK,EAAE,IAAI,CAAC;QACV,OAAO,EAAE,UAAU,CAAA;QAEnB,GAAG,EAAE,MAAM,CAAA;QACX,KAAK,EAAE,MAAM,CAAA;QACb,QAAQ,CAAC,EAAE,MAAM,CAAA;QACjB,QAAQ,CAAC,EAAE,MAAM,CAAA;KAClB,CAAC,CAAA;IACF,OAAO,EAAE,IAAI,CAAC;QACZ,OAAO,EAAE,UAAU,CAAA;QAEnB,QAAQ,EAAE,QAAQ,CAAA;KACnB,CAAC,CAAA;IAEF,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,CAAA;IAC3B,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,CAAA;IAC5B,WAAW,EAAE,IAAI,CAAC,cAAc,CAAC,CAAA;IACjC,gCAAgC,EAAE,IAAI,CAAC,gCAAgC,CAAC,CAAA;IACxE,8BAA8B,EAAE,IAAI,CAAC,8BAA8B,CAAC,CAAA;CACrE,CAAA;AAED,MAAM,MAAM,aAAa,CAAC,CAAC,SAAS,KAAK,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG;IACpE,OAAO,EAAE,MAAM,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;CACjC,CAAA;AAaD,MAAM,MAAM,2BAA2B,GAAG;IACxC,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,UAAU,CAAC,EAAE,QAAQ,GAAG,SAAS,CAAA;IACjC,eAAe,CAAC,EAAE,MAAM,CAAA;CACzB,CAAA;AAED,qBAAa,oBAAoB;;gBAInB,OAAO,CAAC,EAAE,2BAA2B;cAmBjC,GAAG,CAAC,CAAC,SAAS,MAAM,MAAM,EAAE,CAAC,EAC3C,SAAS,EAAE,CAAC,EACZ,IAAI,EAAE,UAAU,GAAG,WAAW,EAC9B,EAAE,EAAE,CAAC,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,GAClD,OAAO,CAAC,CAAC,CAAC;IAOb,SAAS,CAAC,WAAW,CAAC,CAAC,SAAS,MAAM,MAAM,EAAE,CAAC,SAAS,KAAK,EAC3D,IAAI,EAAE,CAAC,EACP,EACE,MAAM,EACN,MAAM,EACN,SAAS,GACV,EAAE;QACD,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAA;QAC1E,MAAM,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;QAC3D,SAAS,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,IAAI,GAAG,IAAI,CAAA;KACrC,GACA,aAAa,CAAC,CAAC,CAAC;IA4CnB,eAAe,IAAI,aAAa,CAAC,OAAO,CAAC;IAiBzC,aAAa,IAAI,aAAa,CAAC,iBAAiB,CAAC;IAcjD,iBAAiB,IAAI,SAAS,GAAG,aAAa,CAAC,MAAM,CAAC;IAQtD,WAAW,IAAI,SAAS,GAAG,aAAa,CAAC,WAAW,CAAC;IAQrD,cAAc,IAAI,SAAS,GAAG,aAAa,CAAC,cAAc,CAAC;IAQ3D,mCAAmC,IAC/B,SAAS,GACT,aAAa,CAAC,gCAAgC,CAAC;IAQnD,iCAAiC,IAC7B,SAAS,GACT,aAAa,CAAC,8BAA8B,CAAC;IAQ3C,OAAO;IAaP,CAAC,MAAM,CAAC,YAAY,CAAC;CAQ5B"}
|