@atproto/oauth-client-browser 0.3.39 → 0.3.41
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE.txt +1 -1
- package/dist/browser-oauth-client.d.ts +4 -2
- package/dist/browser-oauth-client.d.ts.map +1 -1
- package/dist/browser-oauth-client.js +44 -30
- package/dist/browser-oauth-client.js.map +1 -1
- package/dist/browser-oauth-database.d.ts +6 -10
- package/dist/browser-oauth-database.d.ts.map +1 -1
- package/dist/browser-oauth-database.js.map +1 -1
- package/dist/util.d.ts +0 -14
- package/dist/util.d.ts.map +1 -1
- package/dist/util.js.map +1 -1
- package/package.json +9 -9
package/LICENSE.txt
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Dual MIT/Apache-2.0 License
|
|
2
2
|
|
|
3
|
-
Copyright (c) 2022-
|
|
3
|
+
Copyright (c) 2022-2026 Bluesky Social PBC, and Contributors
|
|
4
4
|
|
|
5
5
|
Except as otherwise noted in individual files, this software is licensed under the MIT license (<http://opensource.org/licenses/MIT>), or the Apache License, Version 2.0 (<http://www.apache.org/licenses/LICENSE-2.0>).
|
|
6
6
|
|
|
@@ -10,9 +10,10 @@ export type BrowserOAuthClientLoadOptions = Simplify<{
|
|
|
10
10
|
clientId: string;
|
|
11
11
|
signal?: AbortSignal;
|
|
12
12
|
} & Omit<BrowserOAuthClientOptions, 'clientMetadata'>>;
|
|
13
|
-
export declare class BrowserOAuthClient extends OAuthClient implements
|
|
13
|
+
export declare class BrowserOAuthClient extends OAuthClient implements AsyncDisposable {
|
|
14
14
|
static load({ clientId, ...options }: BrowserOAuthClientLoadOptions): Promise<BrowserOAuthClient>;
|
|
15
|
-
readonly
|
|
15
|
+
private readonly ac;
|
|
16
|
+
private readonly database;
|
|
16
17
|
constructor({ clientMetadata, responseMode, ...options }: BrowserOAuthClientOptions);
|
|
17
18
|
/**
|
|
18
19
|
* This method will automatically restore any existing session, or attempt to
|
|
@@ -48,6 +49,7 @@ export declare class BrowserOAuthClient extends OAuthClient implements Disposabl
|
|
|
48
49
|
session: OAuthSession;
|
|
49
50
|
state: string | null;
|
|
50
51
|
}>;
|
|
52
|
+
[Symbol.asyncDispose](): Promise<void>;
|
|
51
53
|
dispose(): void;
|
|
52
54
|
}
|
|
53
55
|
//# sourceMappingURL=browser-oauth-client.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"browser-oauth-client.d.ts","sourceRoot":"","sources":["../src/browser-oauth-client.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAEhB,KAAK,EAEL,WAAW,EACX,kBAAkB,EAClB,YAAY,EAEb,MAAM,uBAAuB,CAAA;AAC9B,OAAO,EACL,wBAAwB,EACxB,iBAAiB,EAIlB,MAAM,sBAAsB,CAAA;AAI7B,OAAO,
|
|
1
|
+
{"version":3,"file":"browser-oauth-client.d.ts","sourceRoot":"","sources":["../src/browser-oauth-client.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAEhB,KAAK,EAEL,WAAW,EACX,kBAAkB,EAClB,YAAY,EAEb,MAAM,uBAAuB,CAAA;AAC9B,OAAO,EACL,wBAAwB,EACxB,iBAAiB,EAIlB,MAAM,sBAAsB,CAAA;AAI7B,OAAO,EAAE,QAAQ,EAAyB,MAAM,WAAW,CAAA;AAE3D,MAAM,MAAM,yBAAyB,GAAG,QAAQ,CAC9C;IACE,cAAc,CAAC,EAAE,QAAQ,CAAC,wBAAwB,CAAC,CAAA;IACnD,YAAY,CAAC,EAAE,OAAO,CAAC,iBAAiB,EAAE,WAAW,CAAC,CAAA;IACtD,KAAK,CAAC,EAAE,KAAK,CAAA;CACd,GAAG,IAAI,CACN,kBAAkB,EAEhB,gBAAgB,GAChB,cAAc,GACd,QAAQ,GACR,OAAO,GAEP,uBAAuB,GACvB,cAAc,GACd,YAAY,GACZ,UAAU,GACV,aAAa,GACb,gBAAgB,GAChB,kCAAkC,GAClC,gCAAgC,CACnC,CACF,CAAA;AAkCD,MAAM,MAAM,6BAA6B,GAAG,QAAQ,CAClD;IACE,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,CAAC,EAAE,WAAW,CAAA;CACrB,GAAG,IAAI,CAAC,yBAAyB,EAAE,gBAAgB,CAAC,CACtD,CAAA;AAID,qBAAa,kBAAmB,SAAQ,WAAY,YAAW,eAAe;WAC/D,IAAI,CAAC,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAE,EAAE,6BAA6B;IAgBzE,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAwB;IAE3C,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAsB;gBAEnC,EACV,cAEC,EAED,YAAyB,EACzB,GAAG,OAAO,EACX,EAAE,yBAAyB;IA6E5B;;;;;;;;;;;;OAYG;IACG,IAAI,CAAC,OAAO,CAAC,EAAE,OAAO,GAAG,OAAO,CAElC;QAAE,OAAO,EAAE,YAAY,CAAC;QAAC,KAAK,CAAC,EAAE,KAAK,CAAA;KAAE,GAExC;QAAE,OAAO,EAAE,YAAY,CAAC;QAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,GAE/C,SAAS,CACZ;IAYK,WAAW,CAAC,OAAO,CAAC,EAAE,OAAO;;;IAiB7B,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,YAAY,CAAC;IAM9D,MAAM,CAAC,GAAG,EAAE,MAAM;IAKlB,MAAM,CACV,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,YAAY,CAAC;IAQlB,cAAc,CAClB,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,KAAK,CAAC;IAqBX,WAAW,CACf,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,IAAI,CAAC,gBAAgB,EAAE,OAAO,CAAC,GACxC,OAAO,CAAC,YAAY,CAAC;IA+EjB,eAAe;IAcf,kBAAkB,IAAI,eAAe,GAAG,IAAI;IActC,YAAY,CACvB,MAAM,yBAA4B,EAClC,WAAW,gPAAyB,GACnC,OAAO,CAAC;QACT,OAAO,EAAE,YAAY,CAAA;QACrB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;KACrB,CAAC;IA0FI,CAAC,MAAM,CAAC,YAAY,CAAC;IAQ3B,OAAO;CAGR"}
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var _a;
|
|
3
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
3
|
exports.BrowserOAuthClient = void 0;
|
|
5
4
|
const oauth_client_1 = require("@atproto/oauth-client");
|
|
@@ -12,7 +11,8 @@ const NAMESPACE = `@@atproto/oauth-client-browser`;
|
|
|
12
11
|
//- Popup channel
|
|
13
12
|
const POPUP_CHANNEL_NAME = `${NAMESPACE}(popup-channel)`;
|
|
14
13
|
const POPUP_STATE_PREFIX = `${NAMESPACE}(popup-state):`;
|
|
15
|
-
const syncChannel = new BroadcastChannel(`${NAMESPACE}(synchronization-channel)`);
|
|
14
|
+
const syncChannel = new BroadcastChannel(`${NAMESPACE}(synchronization-channel:2)`);
|
|
15
|
+
const runtimeImplementation = new browser_runtime_implementation_js_1.BrowserRuntimeImplementation();
|
|
16
16
|
class BrowserOAuthClient extends oauth_client_1.OAuthClient {
|
|
17
17
|
static async load({ clientId, ...options }) {
|
|
18
18
|
if (clientId.startsWith('http:')) {
|
|
@@ -47,7 +47,7 @@ class BrowserOAuthClient extends oauth_client_1.OAuthClient {
|
|
|
47
47
|
clientMetadata,
|
|
48
48
|
responseMode,
|
|
49
49
|
keyset: undefined,
|
|
50
|
-
runtimeImplementation
|
|
50
|
+
runtimeImplementation,
|
|
51
51
|
sessionStore: database.getSessionStore(),
|
|
52
52
|
stateStore: database.getStateStore(),
|
|
53
53
|
didCache: database.getDidCache(),
|
|
@@ -55,39 +55,46 @@ class BrowserOAuthClient extends oauth_client_1.OAuthClient {
|
|
|
55
55
|
dpopNonceCache: database.getDpopNonceCache(),
|
|
56
56
|
authorizationServerMetadataCache: database.getAuthorizationServerMetadataCache(),
|
|
57
57
|
protectedResourceMetadataCache: database.getProtectedResourceMetadataCache(),
|
|
58
|
+
onDelete: async (sub, cause) => {
|
|
59
|
+
if (localStorage.getItem(`${NAMESPACE}(sub)`) === sub) {
|
|
60
|
+
localStorage.removeItem(`${NAMESPACE}(sub)`);
|
|
61
|
+
}
|
|
62
|
+
syncChannel.postMessage({
|
|
63
|
+
name: 'onDelete',
|
|
64
|
+
args: [sub, cause],
|
|
65
|
+
});
|
|
66
|
+
return options.onDelete?.call(null, sub, cause);
|
|
67
|
+
},
|
|
68
|
+
onUpdate: async (sub, session) => {
|
|
69
|
+
syncChannel.postMessage({
|
|
70
|
+
name: 'onUpdate',
|
|
71
|
+
args: [sub, session],
|
|
72
|
+
});
|
|
73
|
+
return options.onUpdate?.call(null, sub, session);
|
|
74
|
+
},
|
|
58
75
|
});
|
|
59
|
-
Object.defineProperty(this,
|
|
76
|
+
Object.defineProperty(this, "ac", {
|
|
60
77
|
enumerable: true,
|
|
61
78
|
configurable: true,
|
|
62
79
|
writable: true,
|
|
63
|
-
value:
|
|
64
|
-
});
|
|
65
|
-
// @TODO replace with AsyncDisposableStack once they are standardized
|
|
66
|
-
const ac = new AbortController();
|
|
67
|
-
const { signal } = ac;
|
|
68
|
-
this[Symbol.dispose] = () => ac.abort();
|
|
69
|
-
signal.addEventListener('abort', () => database[Symbol.asyncDispose](), {
|
|
70
|
-
once: true,
|
|
80
|
+
value: new AbortController()
|
|
71
81
|
});
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
82
|
+
Object.defineProperty(this, "database", {
|
|
83
|
+
enumerable: true,
|
|
84
|
+
configurable: true,
|
|
85
|
+
writable: true,
|
|
86
|
+
value: void 0
|
|
77
87
|
});
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
// Notify other tabs when a session is deleted or updated
|
|
82
|
-
syncChannel.postMessage([type, detail]);
|
|
83
|
-
});
|
|
84
|
-
}
|
|
88
|
+
this.database = database;
|
|
89
|
+
const { signal } = this.ac;
|
|
90
|
+
// Trigger hooks when an event is emitted in another tab
|
|
85
91
|
syncChannel.addEventListener('message', (event) => {
|
|
86
|
-
if (event.source
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
92
|
+
if (event.source === window)
|
|
93
|
+
return;
|
|
94
|
+
const { name, args } = event.data;
|
|
95
|
+
const hook = options[name];
|
|
96
|
+
// @ts-expect-error TS has a hard time matching the args with the hook
|
|
97
|
+
void hook?.(...args);
|
|
91
98
|
},
|
|
92
99
|
// Remove the listener when the client is disposed
|
|
93
100
|
{ signal });
|
|
@@ -320,12 +327,19 @@ class BrowserOAuthClient extends oauth_client_1.OAuthClient {
|
|
|
320
327
|
throw err;
|
|
321
328
|
});
|
|
322
329
|
}
|
|
330
|
+
async [Symbol.asyncDispose]() {
|
|
331
|
+
try {
|
|
332
|
+
this.ac.abort();
|
|
333
|
+
}
|
|
334
|
+
finally {
|
|
335
|
+
await this.database[Symbol.asyncDispose]();
|
|
336
|
+
}
|
|
337
|
+
}
|
|
323
338
|
dispose() {
|
|
324
339
|
this[Symbol.dispose]();
|
|
325
340
|
}
|
|
326
341
|
}
|
|
327
342
|
exports.BrowserOAuthClient = BrowserOAuthClient;
|
|
328
|
-
_a = Symbol.dispose;
|
|
329
343
|
/**
|
|
330
344
|
* Since "localhost" is often used either in IP mode or in hostname mode,
|
|
331
345
|
* and because the redirect uris must use the IP mode, we need to make sure
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"browser-oauth-client.js","sourceRoot":"","sources":["../src/browser-oauth-client.ts"],"names":[],"mappings":";;;;AAAA,wDAS8B;AAC9B,sDAM6B;AAC7B,2EAAkE;AAClE,2FAAkF;AAClF,2CAA+D;AAC/D,uCAIkB;AA0BlB,MAAM,SAAS,GAAG,gCAAgC,CAAA;AAElD,iBAAiB;AAEjB,MAAM,kBAAkB,GAAG,GAAG,SAAS,iBAAiB,CAAA;AACxD,MAAM,kBAAkB,GAAG,GAAG,SAAS,gBAAgB,CAAA;AAoBvD,MAAM,WAAW,GACf,IAAI,gBAAgB,CAAC,GAAG,SAAS,2BAA2B,CAAC,CAAA;AAS/D,MAAa,kBAAmB,SAAQ,0BAAW;IACjD,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAiC;QACvE,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YACjC,MAAM,cAAc,GAAG,IAAA,2CAA6B,EAAC,QAAQ,CAAC,CAAA;YAC9D,OAAO,IAAI,kBAAkB,CAAC,EAAE,cAAc,EAAE,GAAG,OAAO,EAAE,CAAC,CAAA;QAC/D,CAAC;aAAM,IAAI,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzC,IAAA,6CAA+B,EAAC,QAAQ,CAAC,CAAA;YACzC,MAAM,cAAc,GAAG,MAAM,0BAAW,CAAC,aAAa,CAAC;gBACrD,QAAQ;gBACR,GAAG,OAAO;aACX,CAAC,CAAA;YACF,OAAO,IAAI,kBAAkB,CAAC,EAAE,GAAG,OAAO,EAAE,cAAc,EAAE,CAAC,CAAA;QAC/D,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,SAAS,CAAC,sBAAsB,QAAQ,EAAE,CAAC,CAAA;QACvD,CAAC;IACH,CAAC;IAID,YAAY,EACV,cAAc,GAAG,IAAA,2CAA6B,EAC5C,IAAA,+BAAqB,EAAC,MAAM,CAAC,QAAQ,CAAC,CACvC;IACD,mFAAmF;IACnF,YAAY,GAAG,UAAU,EACzB,GAAG,OAAO,EACgB;QAC1B,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAA;QAC9C,CAAC;QAED,IAAI,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;YAClD,0EAA0E;YAC1E,MAAM,IAAI,SAAS,CAAC,0BAA0B,YAAY,EAAE,CAAC,CAAA;QAC/D,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,gDAAoB,EAAE,CAAA;QAE3C,KAAK,CAAC;YACJ,GAAG,OAAO;YAEV,cAAc;YACd,YAAY;YACZ,MAAM,EAAE,SAAS;YAEjB,qBAAqB,EAAE,IAAI,gEAA4B,EAAE;YAEzD,YAAY,EAAE,QAAQ,CAAC,eAAe,EAAE;YACxC,UAAU,EAAE,QAAQ,CAAC,aAAa,EAAE;YAEpC,QAAQ,EAAE,QAAQ,CAAC,WAAW,EAAE;YAChC,WAAW,EAAE,QAAQ,CAAC,cAAc,EAAE;YACtC,cAAc,EAAE,QAAQ,CAAC,iBAAiB,EAAE;YAC5C,gCAAgC,EAC9B,QAAQ,CAAC,mCAAmC,EAAE;YAChD,8BAA8B,EAC5B,QAAQ,CAAC,iCAAiC,EAAE;SAC/C,CAAC,CAAA;QAxCK;;;;;WAA4B;QA0CnC,qEAAqE;QACrE,MAAM,EAAE,GAAG,IAAI,eAAe,EAAE,CAAA;QAChC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,CAAA;QACrB,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,CAAA;QAEvC,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,EAAE;YACtE,IAAI,EAAE,IAAI;SACX,CAAC,CAAA;QAEF,oCAAoC;QAEpC,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE;YACvD,IAAI,YAAY,CAAC,OAAO,CAAC,GAAG,SAAS,OAAO,CAAC,KAAK,GAAG,EAAE,CAAC;gBACtD,YAAY,CAAC,UAAU,CAAC,GAAG,SAAS,OAAO,CAAC,CAAA;YAC9C,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,sCAAsC;QAEtC,KAAK,MAAM,IAAI,IAAI,CAAC,SAAS,EAAE,SAAS,CAAU,EAAE,CAAC;YACnD,IAAI,CAAC,aAAa,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE;gBACvD,yDAAyD;gBACzD,WAAW,CAAC,WAAW,CAAC,CAAC,IAAI,EAAE,MAAM,CAAuB,CAAC,CAAA;YAC/D,CAAC,CAAC,CAAA;QACJ,CAAC;QAED,WAAW,CAAC,gBAAgB,CAC1B,SAAS,EACT,CAAC,KAAK,EAAE,EAAE;YACR,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC5B,+DAA+D;gBAC/D,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAA;gBACjC,IAAI,CAAC,mBAAmB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;YACxC,CAAC;QACH,CAAC;QACD,kDAAkD;QAClD,EAAE,MAAM,EAAE,CACX,CAAA;IACH,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,IAAI,CAAC,OAAiB;QAQ1B,4EAA4E;QAC5E,wDAAwD;QACxD,MAAM,MAAM,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAA;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,WAAW,GAAG,IAAI,CAAC,eAAe,EAAE,CAAA;YAC1C,IAAI,WAAW;gBAAE,OAAO,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,WAAW,CAAC,CAAA;QAChE,CAAC;QAED,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;IAClC,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAiB;QACjC,yEAAyE;QACzE,4EAA4E;QAC5E,MAAM,WAAW,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;QAEtC,MAAM,GAAG,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,SAAS,OAAO,CAAC,CAAA;QACrD,IAAI,GAAG,EAAE,CAAC;YACR,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;gBAChD,OAAO,EAAE,OAAO,EAAE,CAAA;YACpB,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,YAAY,CAAC,UAAU,CAAC,GAAG,SAAS,OAAO,CAAC,CAAA;gBAC5C,MAAM,GAAG,CAAA;YACX,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAW,EAAE,OAAiB;QAC1C,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QACjD,YAAY,CAAC,OAAO,CAAC,GAAG,SAAS,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAA;QACtD,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,YAAY,CAAC,UAAU,CAAC,GAAG,SAAS,OAAO,CAAC,CAAA;QAC5C,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;IAC1B,CAAC;IAED,KAAK,CAAC,MAAM,CACV,KAAa,EACb,OAA0B;QAE1B,IAAI,OAAO,EAAE,OAAO,KAAK,OAAO,EAAE,CAAC;YACjC,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QACzC,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QAC5C,CAAC;IACH,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,KAAa,EACb,OAA0B;QAE1B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QAEhD,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAA;QAE/B,qBAAqB;QACrB,OAAO,IAAI,OAAO,CAAQ,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC5C,UAAU,CACR,CAAC,GAAU,EAAE,EAAE;gBACb,iEAAiE;gBACjE,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,CACzB,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EACjB,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,cAAc,CAAC,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CACtD,CAAA;YACH,CAAC,EACD,GAAG,EACH,IAAI,KAAK,CAAC,qBAAqB,CAAC,CACjC,CAAA;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,WAAW,CACf,KAAa,EACb,OAAyC;QAEzC,4DAA4D;QAC5D,MAAM,aAAa,GAAG,4CAA4C,CAAA;QAClE,IAAI,KAAK,GAAkB,MAAM,CAAC,IAAI,CACpC,aAAa,EACb,QAAQ,EACR,aAAa,CACd,CAAA;QAED,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAA;QAEzD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE;YACtC,GAAG,OAAO;YACV,KAAK,EAAE,GAAG,kBAAkB,GAAG,QAAQ,EAAE;YACzC,OAAO,EAAE,OAAO,EAAE,OAAO,IAAI,OAAO;SACrC,CAAC,CAAA;QAEF,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,CAAA;QAEjC,IAAI,KAAK,EAAE,CAAC;YACV,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAA;QACvC,CAAC;aAAM,CAAC;YACN,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAA;QACxD,CAAC;QAED,KAAK,EAAE,KAAK,EAAE,CAAA;QAEd,OAAO,IAAI,OAAO,CAAe,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACnD,MAAM,YAAY,GAAG,IAAI,gBAAgB,CAAC,kBAAkB,CAAC,CAAA;YAE7D,MAAM,OAAO,GAAG,GAAG,EAAE;gBACnB,YAAY,CAAC,OAAO,CAAC,CAAA;gBACrB,YAAY,CAAC,mBAAmB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;gBACtD,YAAY,CAAC,KAAK,EAAE,CAAA;gBACpB,OAAO,EAAE,MAAM,EAAE,mBAAmB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;gBACrD,KAAK,EAAE,KAAK,EAAE,CAAA;YAChB,CAAC,CAAA;YAED,MAAM,MAAM,GAAG,GAAG,EAAE;gBAClB,gEAAgE;gBAChE,qEAAqE;gBAErE,MAAM,CAAC,IAAI,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAA;gBACnE,OAAO,EAAE,CAAA;YACX,CAAC,CAAA;YAED,OAAO,EAAE,MAAM,EAAE,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;YAElD,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC,CAAA;YAE5C,MAAM,SAAS,GAAG,KAAK,EAAE,EAAE,IAAI,EAAkC,EAAE,EAAE;gBACnE,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ;oBAAE,OAAM;gBACjC,IAAI,CAAC,CAAC,QAAQ,IAAI,IAAI,CAAC;oBAAE,OAAM;gBAE/B,sCAAsC;gBACtC,YAAY,CAAC,WAAW,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAA;gBAEtD,OAAO,EAAE,CAAA;gBAET,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAA;gBACvB,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;oBAClC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAA;oBACxB,IAAI,CAAC;wBACH,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,CAAA;wBACjC,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAA;oBACzC,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,MAAM,CAAC,GAAG,CAAC,CAAA;wBACX,KAAK,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;oBACvB,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAA;oBACzC,MAAM,CAAC,IAAI,iCAAkB,CAAC,IAAI,eAAe,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,CAAC,CAAA;gBACtE,CAAC;YACH,CAAC,CAAA;YAED,YAAY,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;QACrD,CAAC,CAAC,CAAA;IACJ,CAAC;IAEM,eAAe;QACpB,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,cAAc,CAAC,aAAa,EAAE,CAAC;YACpD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;YACxB,IACE,QAAQ,CAAC,MAAM,KAAK,GAAG,CAAC,MAAM;gBAC9B,QAAQ,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,EAClC,CAAC;gBACD,OAAO,GAAG,CAAA;YACZ,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAEM,kBAAkB;QACvB,MAAM,MAAM,GACV,IAAI,CAAC,YAAY,KAAK,UAAU;YAC9B,CAAC,CAAC,IAAI,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC7C,CAAC,CAAC,IAAI,eAAe,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;QAE1C,iEAAiE;QACjE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YACzE,OAAO,IAAI,CAAA;QACb,CAAC;QAED,OAAO,MAAM,CAAA;IACf,CAAC;IAEM,KAAK,CAAC,YAAY,CACvB,MAAM,GAAG,IAAI,CAAC,kBAAkB,EAAE,EAClC,WAAW,GAAG,IAAI,CAAC,eAAe,EAAE;QAKpC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,SAAS,CAAC,+CAA+C,CAAC,CAAA;QACtE,CAAC;QAED,0EAA0E;QAC1E,kEAAkE;QAClE,IAAI,IAAI,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;YACrC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,QAAQ,CAAC,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAA;QACrE,CAAC;aAAM,IAAI,IAAI,CAAC,YAAY,KAAK,OAAO,EAAE,CAAC;YACzC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAA;QACnD,CAAC;QAED,wEAAwE;QACxE,MAAM,eAAe,GAAG,CAAC,OAA+B,EAAE,EAAE;YAC1D,MAAM,YAAY,GAAG,IAAI,gBAAgB,CAAC,kBAAkB,CAAC,CAAA;YAE7D,OAAO,IAAI,OAAO,CAAU,CAAC,OAAO,EAAE,EAAE;gBACtC,MAAM,OAAO,GAAG,CAAC,MAAe,EAAE,EAAE;oBAClC,YAAY,CAAC,KAAK,CAAC,CAAA;oBACnB,YAAY,CAAC,mBAAmB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;oBACtD,YAAY,CAAC,KAAK,EAAE,CAAA;oBACpB,OAAO,CAAC,MAAM,CAAC,CAAA;gBACjB,CAAC,CAAA;gBAED,MAAM,SAAS,GAAG,CAAC,EAAE,IAAI,EAAkC,EAAE,EAAE;oBAC7D,IAAI,KAAK,IAAI,IAAI,IAAI,OAAO,CAAC,GAAG,KAAK,IAAI,CAAC,GAAG;wBAAE,OAAO,CAAC,IAAI,CAAC,CAAA;gBAC9D,CAAC,CAAA;gBAED,YAAY,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;gBACnD,YAAY,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;gBACjC,kEAAkE;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,EAAE,GAAG,EAAE,KAAK,CAAC,CAAA;YAC/C,CAAC,CAAC,CAAA;QACJ,CAAC,CAAA;QAED,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC;aACxD,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;YACrB,IAAI,MAAM,CAAC,KAAK,EAAE,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACjD,MAAM,gBAAgB,GAAG,MAAM,eAAe,CAAC;oBAC7C,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,MAAM,CAAC;oBAClD,MAAM,EAAE;wBACN,MAAM,EAAE,WAAW;wBACnB,KAAK,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG;qBAC1B;iBACF,CAAC,CAAA;gBAEF,yDAAyD;gBACzD,IAAI,CAAC,gBAAgB;oBAAE,MAAM,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,CAAA;gBAErD,MAAM,IAAI,6CAAiC,EAAE,CAAA,CAAC,cAAc;YAC9D,CAAC;YAED,YAAY,CAAC,OAAO,CAAC,GAAG,SAAS,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YAE7D,OAAO,MAAM,CAAA;QACf,CAAC,CAAC;aACD,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;YACnB,IACE,GAAG,YAAY,iCAAkB;gBACjC,GAAG,CAAC,KAAK,EAAE,UAAU,CAAC,kBAAkB,CAAC,EACzC,CAAC;gBACD,MAAM,eAAe,CAAC;oBACpB,GAAG,EAAE,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,MAAM,CAAC;oBAC/C,MAAM,EAAE;wBACN,MAAM,EAAE,UAAU;wBAClB,MAAM,EAAE;4BACN,OAAO,EAAE,GAAG,CAAC,OAAO;4BACpB,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;yBACzC;qBACF;iBACF,CAAC,CAAA;gBAEF,MAAM,IAAI,6CAAiC,EAAE,CAAA,CAAC,cAAc;YAC9D,CAAC;YAED,qEAAqE;YACrE,WAAW;YACX,MAAM,GAAG,CAAA;QACX,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACb,IAAI,GAAG,YAAY,6CAAiC,EAAE,CAAC;gBACrD,0CAA0C;gBAC1C,MAAM,CAAC,KAAK,EAAE,CAAA;YAChB,CAAC;YAED,MAAM,GAAG,CAAA;QACX,CAAC,CAAC,CAAA;IACN,CAAC;IAED,OAAO;QACL,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAA;IACxB,CAAC;CACF;AAnZD,gDAmZC;KAlYW,MAAM,CAAC,OAAO;AAoY1B;;;;;;;;GAQG;AACH,SAAS,WAAW,CAAC,cAA8B;IACjD,IAAI,CAAC,IAAA,qCAAuB,EAAC,cAAc,CAAC,SAAS,CAAC;QAAE,OAAM;IAC9D,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,KAAK,WAAW;QAAE,OAAM;IAEpD,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;IAEjD,KAAK,MAAM,GAAG,IAAI,cAAc,CAAC,aAAa,EAAE,CAAC;QAC/C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;QACxB,IACE,CAAC,GAAG,CAAC,QAAQ,KAAK,WAAW,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,CAAC;YAC1D,CAAC,CAAC,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,KAAK,WAAW,CAAC,IAAI,CAAC;YAC5C,GAAG,CAAC,QAAQ,KAAK,WAAW,CAAC,QAAQ;YACrC,GAAG,CAAC,QAAQ,KAAK,WAAW,CAAC,QAAQ,EACrC,CAAC;YACD,GAAG,CAAC,IAAI,GAAG,WAAW,CAAC,IAAI,CAAA;YAC3B,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAA;YAE/B,qCAAqC;YACrC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;QAClD,CAAC;IACH,CAAC;IAED,MAAM,IAAI,KAAK,CACb,iDAAiD,WAAW,EAAE,CAC/D,CAAA;AACH,CAAC","sourcesContent":["import {\n AuthorizeOptions,\n ClientMetadata,\n Fetch,\n OAuthCallbackError,\n OAuthClient,\n OAuthClientOptions,\n OAuthSession,\n SessionEventMap,\n} from '@atproto/oauth-client'\nimport {\n OAuthClientMetadataInput,\n OAuthResponseMode,\n assertOAuthDiscoverableClientId,\n atprotoLoopbackClientMetadata,\n isOAuthClientIdLoopback,\n} from '@atproto/oauth-types'\nimport { BrowserOAuthDatabase } from './browser-oauth-database.js'\nimport { BrowserRuntimeImplementation } from './browser-runtime-implementation.js'\nimport { LoginContinuedInParentWindowError } from './errors.js'\nimport {\n Simplify,\n TypedBroadcastChannel,\n buildLoopbackClientId,\n} from './util.js'\n\nexport type BrowserOAuthClientOptions = Simplify<\n {\n clientMetadata?: Readonly<OAuthClientMetadataInput>\n responseMode?: Exclude<OAuthResponseMode, 'form_post'>\n fetch?: Fetch\n } & Omit<\n OAuthClientOptions,\n // Overridden by this lib\n | 'clientMetadata'\n | 'responseMode'\n | 'keyset'\n | 'fetch'\n // Provided by this lib\n | 'runtimeImplementation'\n | 'sessionStore'\n | 'stateStore'\n | 'didCache'\n | 'handleCache'\n | 'dpopNonceCache'\n | 'authorizationServerMetadataCache'\n | 'protectedResourceMetadataCache'\n >\n>\n\nconst NAMESPACE = `@@atproto/oauth-client-browser`\n\n//- Popup channel\n\nconst POPUP_CHANNEL_NAME = `${NAMESPACE}(popup-channel)`\nconst POPUP_STATE_PREFIX = `${NAMESPACE}(popup-state):`\n\ntype PopupChannelResultData = {\n key: string\n result: PromiseRejectedResult | PromiseFulfilledResult<string>\n}\n\ntype PopupChannelAckData = {\n key: string\n ack: true\n}\n\ntype PopupChannelData = PopupChannelResultData | PopupChannelAckData\n\n//- State synchronization channel\n\ntype SyncChannelMessage = {\n [K in keyof SessionEventMap]: [K, SessionEventMap[K]]\n}[keyof SessionEventMap]\n\nconst syncChannel: TypedBroadcastChannel<SyncChannelMessage> =\n new BroadcastChannel(`${NAMESPACE}(synchronization-channel)`)\n\nexport type BrowserOAuthClientLoadOptions = Simplify<\n {\n clientId: string\n signal?: AbortSignal\n } & Omit<BrowserOAuthClientOptions, 'clientMetadata'>\n>\n\nexport class BrowserOAuthClient extends OAuthClient implements Disposable {\n static async load({ clientId, ...options }: BrowserOAuthClientLoadOptions) {\n if (clientId.startsWith('http:')) {\n const clientMetadata = atprotoLoopbackClientMetadata(clientId)\n return new BrowserOAuthClient({ clientMetadata, ...options })\n } else if (clientId.startsWith('https:')) {\n assertOAuthDiscoverableClientId(clientId)\n const clientMetadata = await OAuthClient.fetchMetadata({\n clientId,\n ...options,\n })\n return new BrowserOAuthClient({ ...options, clientMetadata })\n } else {\n throw new TypeError(`Invalid client id: ${clientId}`)\n }\n }\n\n readonly [Symbol.dispose]: () => void\n\n constructor({\n clientMetadata = atprotoLoopbackClientMetadata(\n buildLoopbackClientId(window.location),\n ),\n // \"fragment\" is a safer default as the query params will not be sent to the server\n responseMode = 'fragment',\n ...options\n }: BrowserOAuthClientOptions) {\n if (!globalThis.crypto?.subtle) {\n throw new Error('WebCrypto API is required')\n }\n\n if (!['query', 'fragment'].includes(responseMode)) {\n // Make sure \"form_post\" is not used as it is not supported in the browser\n throw new TypeError(`Invalid response mode: ${responseMode}`)\n }\n\n const database = new BrowserOAuthDatabase()\n\n super({\n ...options,\n\n clientMetadata,\n responseMode,\n keyset: undefined,\n\n runtimeImplementation: new BrowserRuntimeImplementation(),\n\n sessionStore: database.getSessionStore(),\n stateStore: database.getStateStore(),\n\n didCache: database.getDidCache(),\n handleCache: database.getHandleCache(),\n dpopNonceCache: database.getDpopNonceCache(),\n authorizationServerMetadataCache:\n database.getAuthorizationServerMetadataCache(),\n protectedResourceMetadataCache:\n database.getProtectedResourceMetadataCache(),\n })\n\n // @TODO replace with AsyncDisposableStack once they are standardized\n const ac = new AbortController()\n const { signal } = ac\n this[Symbol.dispose] = () => ac.abort()\n\n signal.addEventListener('abort', () => database[Symbol.asyncDispose](), {\n once: true,\n })\n\n // Keep track of the current session\n\n this.addEventListener('deleted', ({ detail: { sub } }) => {\n if (localStorage.getItem(`${NAMESPACE}(sub)`) === sub) {\n localStorage.removeItem(`${NAMESPACE}(sub)`)\n }\n })\n\n // Session synchronization across tabs\n\n for (const type of ['deleted', 'updated'] as const) {\n this.sessionGetter.addEventListener(type, ({ detail }) => {\n // Notify other tabs when a session is deleted or updated\n syncChannel.postMessage([type, detail] as SyncChannelMessage)\n })\n }\n\n syncChannel.addEventListener(\n 'message',\n (event) => {\n if (event.source !== window) {\n // Trigger listeners when an event is received from another tab\n const [type, detail] = event.data\n this.dispatchCustomEvent(type, detail)\n }\n },\n // Remove the listener when the client is disposed\n { signal },\n )\n }\n\n /**\n * This method will automatically restore any existing session, or attempt to\n * process login callback if the URL contains oauth parameters.\n *\n * Use {@link BrowserOAuthClient.initCallback} instead of this method if you\n * want to force a login callback. This can be esp. useful if you are using\n * this lib from a framework that has some kind of URL manipulation (like a\n * client side router).\n *\n * Use {@link BrowserOAuthClient.initRestore} instead of this method if you\n * want to only restore existing sessions, and bypass the automatic processing\n * of login callbacks.\n */\n async init(refresh?: boolean): Promise<\n // Session restored\n | { session: OAuthSession; state?: never }\n // Login callback processed\n | { session: OAuthSession; state: string | null }\n // No session or callback\n | undefined\n > {\n // If the URL currently contains oauth query parameters (\"state\" + \"code\" or\n // \"state\" + \"error\"), let's automatically process them.\n const params = this.readCallbackParams()\n if (params) {\n const redirectUri = this.findRedirectUrl()\n if (redirectUri) return this.initCallback(params, redirectUri)\n }\n\n return this.initRestore(refresh)\n }\n\n async initRestore(refresh?: boolean) {\n // @NOTE Fixing the location should not be needed from callback endpoints\n // since callback endpoint are required to use IP based URLs (for localhost)\n await fixLocation(this.clientMetadata)\n\n const sub = localStorage.getItem(`${NAMESPACE}(sub)`)\n if (sub) {\n try {\n const session = await this.restore(sub, refresh)\n return { session }\n } catch (err) {\n localStorage.removeItem(`${NAMESPACE}(sub)`)\n throw err\n }\n }\n }\n\n async restore(sub: string, refresh?: boolean): Promise<OAuthSession> {\n const session = await super.restore(sub, refresh)\n localStorage.setItem(`${NAMESPACE}(sub)`, session.sub)\n return session\n }\n\n async revoke(sub: string) {\n localStorage.removeItem(`${NAMESPACE}(sub)`)\n return super.revoke(sub)\n }\n\n async signIn(\n input: string,\n options?: AuthorizeOptions,\n ): Promise<OAuthSession> {\n if (options?.display === 'popup') {\n return this.signInPopup(input, options)\n } else {\n return this.signInRedirect(input, options)\n }\n }\n\n async signInRedirect(\n input: string,\n options?: AuthorizeOptions,\n ): Promise<never> {\n const url = await this.authorize(input, options)\n\n window.location.href = url.href\n\n // back-forward cache\n return new Promise<never>((resolve, reject) => {\n setTimeout(\n (err: Error) => {\n // Take the opportunity to proactively cancel the pending request\n this.abortRequest(url).then(\n () => reject(err),\n (reason) => reject(new AggregateError([err, reason])),\n )\n },\n 5e3,\n new Error('User navigated back'),\n )\n })\n }\n\n async signInPopup(\n input: string,\n options?: Omit<AuthorizeOptions, 'state'>,\n ): Promise<OAuthSession> {\n // Open new window asap to prevent popup busting by browsers\n const popupFeatures = 'width=600,height=600,menubar=no,toolbar=no'\n let popup: Window | null = window.open(\n 'about:blank',\n '_blank',\n popupFeatures,\n )\n\n const stateKey = `${Math.random().toString(36).slice(2)}`\n\n const url = await this.authorize(input, {\n ...options,\n state: `${POPUP_STATE_PREFIX}${stateKey}`,\n display: options?.display ?? 'popup',\n })\n\n options?.signal?.throwIfAborted()\n\n if (popup) {\n popup.window.location.href = url.href\n } else {\n popup = window.open(url.href, '_blank', popupFeatures)\n }\n\n popup?.focus()\n\n return new Promise<OAuthSession>((resolve, reject) => {\n const popupChannel = new BroadcastChannel(POPUP_CHANNEL_NAME)\n\n const cleanup = () => {\n clearTimeout(timeout)\n popupChannel.removeEventListener('message', onMessage)\n popupChannel.close()\n options?.signal?.removeEventListener('abort', cancel)\n popup?.close()\n }\n\n const cancel = () => {\n // @TODO Store fact that the request was cancelled, allowing any\n // callback (e.g. in the popup) to revoke the session or credentials.\n\n reject(new Error(options?.signal?.aborted ? 'Aborted' : 'Timeout'))\n cleanup()\n }\n\n options?.signal?.addEventListener('abort', cancel)\n\n const timeout = setTimeout(cancel, 5 * 60e3)\n\n const onMessage = async ({ data }: MessageEvent<PopupChannelData>) => {\n if (data.key !== stateKey) return\n if (!('result' in data)) return\n\n // Send acknowledgment to popup window\n popupChannel.postMessage({ key: stateKey, ack: true })\n\n cleanup()\n\n const { result } = data\n if (result.status === 'fulfilled') {\n const sub = result.value\n try {\n options?.signal?.throwIfAborted()\n resolve(await this.restore(sub, false))\n } catch (err) {\n reject(err)\n void this.revoke(sub)\n }\n } else {\n const { message, params } = result.reason\n reject(new OAuthCallbackError(new URLSearchParams(params), message))\n }\n }\n\n popupChannel.addEventListener('message', onMessage)\n })\n }\n\n public findRedirectUrl() {\n for (const uri of this.clientMetadata.redirect_uris) {\n const url = new URL(uri)\n if (\n location.origin === url.origin &&\n location.pathname === url.pathname\n ) {\n return uri\n }\n }\n\n return undefined\n }\n\n public readCallbackParams(): URLSearchParams | null {\n const params =\n this.responseMode === 'fragment'\n ? new URLSearchParams(location.hash.slice(1))\n : new URLSearchParams(location.search)\n\n // Only if the current URL contains a valid oauth response params\n if (!params.has('state') || !(params.has('code') || params.has('error'))) {\n return null\n }\n\n return params\n }\n\n public async initCallback(\n params = this.readCallbackParams(),\n redirectUri = this.findRedirectUrl(),\n ): Promise<{\n session: OAuthSession\n state: string | null\n }> {\n if (!params) {\n throw new TypeError('No OAuth callback parameters found in the URL')\n }\n\n // Replace the current history entry without the params (this will prevent\n // the following code to run again if the user refreshes the page)\n if (this.responseMode === 'fragment') {\n history.replaceState(null, '', location.pathname + location.search)\n } else if (this.responseMode === 'query') {\n history.replaceState(null, '', location.pathname)\n }\n\n // Utility function to send the result of the popup to the parent window\n const sendPopupResult = (message: PopupChannelResultData) => {\n const popupChannel = new BroadcastChannel(POPUP_CHANNEL_NAME)\n\n return new Promise<boolean>((resolve) => {\n const cleanup = (result: boolean) => {\n clearTimeout(timer)\n popupChannel.removeEventListener('message', onMessage)\n popupChannel.close()\n resolve(result)\n }\n\n const onMessage = ({ data }: MessageEvent<PopupChannelData>) => {\n if ('ack' in data && message.key === data.key) cleanup(true)\n }\n\n popupChannel.addEventListener('message', onMessage)\n popupChannel.postMessage(message)\n // Receiving of \"ack\" should be very fast, giving it 500 ms anyway\n const timer = setTimeout(cleanup, 500, false)\n })\n }\n\n return this.callback(params, { redirect_uri: redirectUri })\n .then(async (result) => {\n if (result.state?.startsWith(POPUP_STATE_PREFIX)) {\n const receivedByParent = await sendPopupResult({\n key: result.state.slice(POPUP_STATE_PREFIX.length),\n result: {\n status: 'fulfilled',\n value: result.session.sub,\n },\n })\n\n // Revoke the credentials if the parent window was closed\n if (!receivedByParent) await result.session.signOut()\n\n throw new LoginContinuedInParentWindowError() // signInPopup\n }\n\n localStorage.setItem(`${NAMESPACE}(sub)`, result.session.sub)\n\n return result\n })\n .catch(async (err) => {\n if (\n err instanceof OAuthCallbackError &&\n err.state?.startsWith(POPUP_STATE_PREFIX)\n ) {\n await sendPopupResult({\n key: err.state.slice(POPUP_STATE_PREFIX.length),\n result: {\n status: 'rejected',\n reason: {\n message: err.message,\n params: Array.from(err.params.entries()),\n },\n },\n })\n\n throw new LoginContinuedInParentWindowError() // signInPopup\n }\n\n // Most probable cause at this point is that the \"state\" parameter is\n // invalid.\n throw err\n })\n .catch((err) => {\n if (err instanceof LoginContinuedInParentWindowError) {\n // parent will also try to close the popup\n window.close()\n }\n\n throw err\n })\n }\n\n dispose() {\n this[Symbol.dispose]()\n }\n}\n\n/**\n * Since \"localhost\" is often used either in IP mode or in hostname mode,\n * and because the redirect uris must use the IP mode, we need to make sure\n * that the current location url is not using \"localhost\".\n *\n * This is required for the IndexedDB to work properly. Indeed, the IndexedDB\n * is shared by origin, so we must ensure to be on the same origin as the\n * redirect uris.\n */\nfunction fixLocation(clientMetadata: ClientMetadata) {\n if (!isOAuthClientIdLoopback(clientMetadata.client_id)) return\n if (window.location.hostname !== 'localhost') return\n\n const locationUrl = new URL(window.location.href)\n\n for (const uri of clientMetadata.redirect_uris) {\n const url = new URL(uri)\n if (\n (url.hostname === '127.0.0.1' || url.hostname === '[::1]') &&\n (!url.port || url.port === locationUrl.port) &&\n url.protocol === locationUrl.protocol &&\n url.pathname === locationUrl.pathname\n ) {\n url.port = locationUrl.port\n window.location.href = url.href\n\n // Prevent init() on the wrong origin\n throw new Error('Redirecting to loopback IP...')\n }\n }\n\n throw new Error(\n `Please use the loopback IP address instead of ${locationUrl}`,\n )\n}\n"]}
|
|
1
|
+
{"version":3,"file":"browser-oauth-client.js","sourceRoot":"","sources":["../src/browser-oauth-client.ts"],"names":[],"mappings":";;;AAAA,wDAS8B;AAC9B,sDAM6B;AAC7B,2EAAkE;AAClE,2FAAkF;AAClF,2CAA+D;AAC/D,uCAA2D;AA0B3D,MAAM,SAAS,GAAG,gCAAgC,CAAA;AAElD,iBAAiB;AAEjB,MAAM,kBAAkB,GAAG,GAAG,SAAS,iBAAiB,CAAA;AACxD,MAAM,kBAAkB,GAAG,GAAG,SAAS,gBAAgB,CAAA;AAuBvD,MAAM,WAAW,GAAG,IAAI,gBAAgB,CACtC,GAAG,SAAS,6BAA6B,CAC1C,CAAA;AASD,MAAM,qBAAqB,GAAG,IAAI,gEAA4B,EAAE,CAAA;AAEhE,MAAa,kBAAmB,SAAQ,0BAAW;IACjD,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,GAAG,OAAO,EAAiC;QACvE,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YACjC,MAAM,cAAc,GAAG,IAAA,2CAA6B,EAAC,QAAQ,CAAC,CAAA;YAC9D,OAAO,IAAI,kBAAkB,CAAC,EAAE,cAAc,EAAE,GAAG,OAAO,EAAE,CAAC,CAAA;QAC/D,CAAC;aAAM,IAAI,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzC,IAAA,6CAA+B,EAAC,QAAQ,CAAC,CAAA;YACzC,MAAM,cAAc,GAAG,MAAM,0BAAW,CAAC,aAAa,CAAC;gBACrD,QAAQ;gBACR,GAAG,OAAO;aACX,CAAC,CAAA;YACF,OAAO,IAAI,kBAAkB,CAAC,EAAE,GAAG,OAAO,EAAE,cAAc,EAAE,CAAC,CAAA;QAC/D,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,SAAS,CAAC,sBAAsB,QAAQ,EAAE,CAAC,CAAA;QACvD,CAAC;IACH,CAAC;IAMD,YAAY,EACV,cAAc,GAAG,IAAA,2CAA6B,EAC5C,IAAA,+BAAqB,EAAC,MAAM,CAAC,QAAQ,CAAC,CACvC;IACD,mFAAmF;IACnF,YAAY,GAAG,UAAU,EACzB,GAAG,OAAO,EACgB;QAC1B,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAA;QAC9C,CAAC;QAED,IAAI,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;YAClD,0EAA0E;YAC1E,MAAM,IAAI,SAAS,CAAC,0BAA0B,YAAY,EAAE,CAAC,CAAA;QAC/D,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,gDAAoB,EAAE,CAAA;QAE3C,KAAK,CAAC;YACJ,GAAG,OAAO;YAEV,cAAc;YACd,YAAY;YACZ,MAAM,EAAE,SAAS;YAEjB,qBAAqB;YAErB,YAAY,EAAE,QAAQ,CAAC,eAAe,EAAE;YACxC,UAAU,EAAE,QAAQ,CAAC,aAAa,EAAE;YAEpC,QAAQ,EAAE,QAAQ,CAAC,WAAW,EAAE;YAChC,WAAW,EAAE,QAAQ,CAAC,cAAc,EAAE;YACtC,cAAc,EAAE,QAAQ,CAAC,iBAAiB,EAAE;YAC5C,gCAAgC,EAC9B,QAAQ,CAAC,mCAAmC,EAAE;YAChD,8BAA8B,EAC5B,QAAQ,CAAC,iCAAiC,EAAE;YAE9C,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE;gBAC7B,IAAI,YAAY,CAAC,OAAO,CAAC,GAAG,SAAS,OAAO,CAAC,KAAK,GAAG,EAAE,CAAC;oBACtD,YAAY,CAAC,UAAU,CAAC,GAAG,SAAS,OAAO,CAAC,CAAA;gBAC9C,CAAC;gBAED,WAAW,CAAC,WAAW,CAAC;oBACtB,IAAI,EAAE,UAAU;oBAChB,IAAI,EAAE,CAAC,GAAG,EAAE,KAAK,CAAC;iBACU,CAAC,CAAA;gBAE/B,OAAO,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,KAAK,CAAC,CAAA;YACjD,CAAC;YAED,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE;gBAC/B,WAAW,CAAC,WAAW,CAAC;oBACtB,IAAI,EAAE,UAAU;oBAChB,IAAI,EAAE,CAAC,GAAG,EAAE,OAAO,CAAC;iBACQ,CAAC,CAAA;gBAE/B,OAAO,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,CAAC,CAAA;YACnD,CAAC;SACF,CAAC,CAAA;QAhEa;;;;mBAAK,IAAI,eAAe,EAAE;WAAA;QAE1B;;;;;WAA8B;QAgE7C,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAA;QAExB,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,CAAA;QAE1B,wDAAwD;QACxD,WAAW,CAAC,gBAAgB,CAC1B,SAAS,EACT,CAAC,KAAK,EAAE,EAAE;YACR,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM;gBAAE,OAAM;YAEnC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC,IAA0B,CAAA;YAEvD,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;YAE1B,sEAAsE;YACtE,KAAK,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC,CAAA;QACtB,CAAC;QACD,kDAAkD;QAClD,EAAE,MAAM,EAAE,CACX,CAAA;IACH,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,IAAI,CAAC,OAAiB;QAQ1B,4EAA4E;QAC5E,wDAAwD;QACxD,MAAM,MAAM,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAA;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,WAAW,GAAG,IAAI,CAAC,eAAe,EAAE,CAAA;YAC1C,IAAI,WAAW;gBAAE,OAAO,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,WAAW,CAAC,CAAA;QAChE,CAAC;QAED,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;IAClC,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAiB;QACjC,yEAAyE;QACzE,4EAA4E;QAC5E,MAAM,WAAW,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;QAEtC,MAAM,GAAG,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,SAAS,OAAO,CAAC,CAAA;QACrD,IAAI,GAAG,EAAE,CAAC;YACR,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;gBAChD,OAAO,EAAE,OAAO,EAAE,CAAA;YACpB,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,YAAY,CAAC,UAAU,CAAC,GAAG,SAAS,OAAO,CAAC,CAAA;gBAC5C,MAAM,GAAG,CAAA;YACX,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAW,EAAE,OAAiB;QAC1C,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QACjD,YAAY,CAAC,OAAO,CAAC,GAAG,SAAS,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAA;QACtD,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,YAAY,CAAC,UAAU,CAAC,GAAG,SAAS,OAAO,CAAC,CAAA;QAC5C,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;IAC1B,CAAC;IAED,KAAK,CAAC,MAAM,CACV,KAAa,EACb,OAA0B;QAE1B,IAAI,OAAO,EAAE,OAAO,KAAK,OAAO,EAAE,CAAC;YACjC,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QACzC,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QAC5C,CAAC;IACH,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,KAAa,EACb,OAA0B;QAE1B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QAEhD,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAA;QAE/B,qBAAqB;QACrB,OAAO,IAAI,OAAO,CAAQ,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC5C,UAAU,CACR,CAAC,GAAU,EAAE,EAAE;gBACb,iEAAiE;gBACjE,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,CACzB,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EACjB,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,cAAc,CAAC,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CACtD,CAAA;YACH,CAAC,EACD,GAAG,EACH,IAAI,KAAK,CAAC,qBAAqB,CAAC,CACjC,CAAA;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,WAAW,CACf,KAAa,EACb,OAAyC;QAEzC,4DAA4D;QAC5D,MAAM,aAAa,GAAG,4CAA4C,CAAA;QAClE,IAAI,KAAK,GAAkB,MAAM,CAAC,IAAI,CACpC,aAAa,EACb,QAAQ,EACR,aAAa,CACd,CAAA;QAED,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAA;QAEzD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE;YACtC,GAAG,OAAO;YACV,KAAK,EAAE,GAAG,kBAAkB,GAAG,QAAQ,EAAE;YACzC,OAAO,EAAE,OAAO,EAAE,OAAO,IAAI,OAAO;SACrC,CAAC,CAAA;QAEF,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,CAAA;QAEjC,IAAI,KAAK,EAAE,CAAC;YACV,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAA;QACvC,CAAC;aAAM,CAAC;YACN,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAA;QACxD,CAAC;QAED,KAAK,EAAE,KAAK,EAAE,CAAA;QAEd,OAAO,IAAI,OAAO,CAAe,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACnD,MAAM,YAAY,GAAG,IAAI,gBAAgB,CAAC,kBAAkB,CAAC,CAAA;YAE7D,MAAM,OAAO,GAAG,GAAG,EAAE;gBACnB,YAAY,CAAC,OAAO,CAAC,CAAA;gBACrB,YAAY,CAAC,mBAAmB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;gBACtD,YAAY,CAAC,KAAK,EAAE,CAAA;gBACpB,OAAO,EAAE,MAAM,EAAE,mBAAmB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;gBACrD,KAAK,EAAE,KAAK,EAAE,CAAA;YAChB,CAAC,CAAA;YAED,MAAM,MAAM,GAAG,GAAG,EAAE;gBAClB,gEAAgE;gBAChE,qEAAqE;gBAErE,MAAM,CAAC,IAAI,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAA;gBACnE,OAAO,EAAE,CAAA;YACX,CAAC,CAAA;YAED,OAAO,EAAE,MAAM,EAAE,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;YAElD,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC,CAAA;YAE5C,MAAM,SAAS,GAAG,KAAK,EAAE,EAAE,IAAI,EAAkC,EAAE,EAAE;gBACnE,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ;oBAAE,OAAM;gBACjC,IAAI,CAAC,CAAC,QAAQ,IAAI,IAAI,CAAC;oBAAE,OAAM;gBAE/B,sCAAsC;gBACtC,YAAY,CAAC,WAAW,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAA;gBAEtD,OAAO,EAAE,CAAA;gBAET,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAA;gBACvB,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;oBAClC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAA;oBACxB,IAAI,CAAC;wBACH,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,CAAA;wBACjC,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAA;oBACzC,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,MAAM,CAAC,GAAG,CAAC,CAAA;wBACX,KAAK,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;oBACvB,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAA;oBACzC,MAAM,CAAC,IAAI,iCAAkB,CAAC,IAAI,eAAe,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,CAAC,CAAA;gBACtE,CAAC;YACH,CAAC,CAAA;YAED,YAAY,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;QACrD,CAAC,CAAC,CAAA;IACJ,CAAC;IAEM,eAAe;QACpB,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,cAAc,CAAC,aAAa,EAAE,CAAC;YACpD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;YACxB,IACE,QAAQ,CAAC,MAAM,KAAK,GAAG,CAAC,MAAM;gBAC9B,QAAQ,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,EAClC,CAAC;gBACD,OAAO,GAAG,CAAA;YACZ,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAEM,kBAAkB;QACvB,MAAM,MAAM,GACV,IAAI,CAAC,YAAY,KAAK,UAAU;YAC9B,CAAC,CAAC,IAAI,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC7C,CAAC,CAAC,IAAI,eAAe,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;QAE1C,iEAAiE;QACjE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YACzE,OAAO,IAAI,CAAA;QACb,CAAC;QAED,OAAO,MAAM,CAAA;IACf,CAAC;IAEM,KAAK,CAAC,YAAY,CACvB,MAAM,GAAG,IAAI,CAAC,kBAAkB,EAAE,EAClC,WAAW,GAAG,IAAI,CAAC,eAAe,EAAE;QAKpC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,SAAS,CAAC,+CAA+C,CAAC,CAAA;QACtE,CAAC;QAED,0EAA0E;QAC1E,kEAAkE;QAClE,IAAI,IAAI,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;YACrC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,QAAQ,CAAC,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAA;QACrE,CAAC;aAAM,IAAI,IAAI,CAAC,YAAY,KAAK,OAAO,EAAE,CAAC;YACzC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAA;QACnD,CAAC;QAED,wEAAwE;QACxE,MAAM,eAAe,GAAG,CAAC,OAA+B,EAAE,EAAE;YAC1D,MAAM,YAAY,GAAG,IAAI,gBAAgB,CAAC,kBAAkB,CAAC,CAAA;YAE7D,OAAO,IAAI,OAAO,CAAU,CAAC,OAAO,EAAE,EAAE;gBACtC,MAAM,OAAO,GAAG,CAAC,MAAe,EAAE,EAAE;oBAClC,YAAY,CAAC,KAAK,CAAC,CAAA;oBACnB,YAAY,CAAC,mBAAmB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;oBACtD,YAAY,CAAC,KAAK,EAAE,CAAA;oBACpB,OAAO,CAAC,MAAM,CAAC,CAAA;gBACjB,CAAC,CAAA;gBAED,MAAM,SAAS,GAAG,CAAC,EAAE,IAAI,EAAkC,EAAE,EAAE;oBAC7D,IAAI,KAAK,IAAI,IAAI,IAAI,OAAO,CAAC,GAAG,KAAK,IAAI,CAAC,GAAG;wBAAE,OAAO,CAAC,IAAI,CAAC,CAAA;gBAC9D,CAAC,CAAA;gBAED,YAAY,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;gBACnD,YAAY,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;gBACjC,kEAAkE;gBAClE,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,EAAE,GAAG,EAAE,KAAK,CAAC,CAAA;YAC/C,CAAC,CAAC,CAAA;QACJ,CAAC,CAAA;QAED,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC;aACxD,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;YACrB,IAAI,MAAM,CAAC,KAAK,EAAE,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACjD,MAAM,gBAAgB,GAAG,MAAM,eAAe,CAAC;oBAC7C,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,MAAM,CAAC;oBAClD,MAAM,EAAE;wBACN,MAAM,EAAE,WAAW;wBACnB,KAAK,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG;qBAC1B;iBACF,CAAC,CAAA;gBAEF,yDAAyD;gBACzD,IAAI,CAAC,gBAAgB;oBAAE,MAAM,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,CAAA;gBAErD,MAAM,IAAI,6CAAiC,EAAE,CAAA,CAAC,cAAc;YAC9D,CAAC;YAED,YAAY,CAAC,OAAO,CAAC,GAAG,SAAS,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YAE7D,OAAO,MAAM,CAAA;QACf,CAAC,CAAC;aACD,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;YACnB,IACE,GAAG,YAAY,iCAAkB;gBACjC,GAAG,CAAC,KAAK,EAAE,UAAU,CAAC,kBAAkB,CAAC,EACzC,CAAC;gBACD,MAAM,eAAe,CAAC;oBACpB,GAAG,EAAE,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,MAAM,CAAC;oBAC/C,MAAM,EAAE;wBACN,MAAM,EAAE,UAAU;wBAClB,MAAM,EAAE;4BACN,OAAO,EAAE,GAAG,CAAC,OAAO;4BACpB,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;yBACzC;qBACF;iBACF,CAAC,CAAA;gBAEF,MAAM,IAAI,6CAAiC,EAAE,CAAA,CAAC,cAAc;YAC9D,CAAC;YAED,qEAAqE;YACrE,WAAW;YACX,MAAM,GAAG,CAAA;QACX,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACb,IAAI,GAAG,YAAY,6CAAiC,EAAE,CAAC;gBACrD,0CAA0C;gBAC1C,MAAM,CAAC,KAAK,EAAE,CAAA;YAChB,CAAC;YAED,MAAM,GAAG,CAAA;QACX,CAAC,CAAC,CAAA;IACN,CAAC;IAED,KAAK,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC;QACzB,IAAI,CAAC;YACH,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAA;QACjB,CAAC;gBAAS,CAAC;YACT,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,CAAA;QAC5C,CAAC;IACH,CAAC;IAED,OAAO;QACL,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAA;IACxB,CAAC;CACF;AAjaD,gDAiaC;AAED;;;;;;;;GAQG;AACH,SAAS,WAAW,CAAC,cAA8B;IACjD,IAAI,CAAC,IAAA,qCAAuB,EAAC,cAAc,CAAC,SAAS,CAAC;QAAE,OAAM;IAC9D,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,KAAK,WAAW;QAAE,OAAM;IAEpD,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;IAEjD,KAAK,MAAM,GAAG,IAAI,cAAc,CAAC,aAAa,EAAE,CAAC;QAC/C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;QACxB,IACE,CAAC,GAAG,CAAC,QAAQ,KAAK,WAAW,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,CAAC;YAC1D,CAAC,CAAC,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,KAAK,WAAW,CAAC,IAAI,CAAC;YAC5C,GAAG,CAAC,QAAQ,KAAK,WAAW,CAAC,QAAQ;YACrC,GAAG,CAAC,QAAQ,KAAK,WAAW,CAAC,QAAQ,EACrC,CAAC;YACD,GAAG,CAAC,IAAI,GAAG,WAAW,CAAC,IAAI,CAAA;YAC3B,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAA;YAE/B,qCAAqC;YACrC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;QAClD,CAAC;IACH,CAAC;IAED,MAAM,IAAI,KAAK,CACb,iDAAiD,WAAW,EAAE,CAC/D,CAAA;AACH,CAAC","sourcesContent":["import {\n AuthorizeOptions,\n ClientMetadata,\n Fetch,\n OAuthCallbackError,\n OAuthClient,\n OAuthClientOptions,\n OAuthSession,\n SessionHooks,\n} from '@atproto/oauth-client'\nimport {\n OAuthClientMetadataInput,\n OAuthResponseMode,\n assertOAuthDiscoverableClientId,\n atprotoLoopbackClientMetadata,\n isOAuthClientIdLoopback,\n} from '@atproto/oauth-types'\nimport { BrowserOAuthDatabase } from './browser-oauth-database.js'\nimport { BrowserRuntimeImplementation } from './browser-runtime-implementation.js'\nimport { LoginContinuedInParentWindowError } from './errors.js'\nimport { Simplify, buildLoopbackClientId } from './util.js'\n\nexport type BrowserOAuthClientOptions = Simplify<\n {\n clientMetadata?: Readonly<OAuthClientMetadataInput>\n responseMode?: Exclude<OAuthResponseMode, 'form_post'>\n fetch?: Fetch\n } & Omit<\n OAuthClientOptions,\n // Overridden by this lib\n | 'clientMetadata'\n | 'responseMode'\n | 'keyset'\n | 'fetch'\n // Provided by this lib\n | 'runtimeImplementation'\n | 'sessionStore'\n | 'stateStore'\n | 'didCache'\n | 'handleCache'\n | 'dpopNonceCache'\n | 'authorizationServerMetadataCache'\n | 'protectedResourceMetadataCache'\n >\n>\n\nconst NAMESPACE = `@@atproto/oauth-client-browser`\n\n//- Popup channel\n\nconst POPUP_CHANNEL_NAME = `${NAMESPACE}(popup-channel)`\nconst POPUP_STATE_PREFIX = `${NAMESPACE}(popup-state):`\n\ntype PopupChannelResultData = {\n key: string\n result: PromiseRejectedResult | PromiseFulfilledResult<string>\n}\n\ntype PopupChannelAckData = {\n key: string\n ack: true\n}\n\ntype PopupChannelData = PopupChannelResultData | PopupChannelAckData\n\n//- State synchronization channel\n\ntype SyncChannelMessage = {\n [K in keyof SessionHooks & string]: {\n name: K\n args: Parameters<NonNullable<SessionHooks[K]>>\n }\n}[keyof SessionHooks]\n\nconst syncChannel = new BroadcastChannel(\n `${NAMESPACE}(synchronization-channel:2)`,\n)\n\nexport type BrowserOAuthClientLoadOptions = Simplify<\n {\n clientId: string\n signal?: AbortSignal\n } & Omit<BrowserOAuthClientOptions, 'clientMetadata'>\n>\n\nconst runtimeImplementation = new BrowserRuntimeImplementation()\n\nexport class BrowserOAuthClient extends OAuthClient implements AsyncDisposable {\n static async load({ clientId, ...options }: BrowserOAuthClientLoadOptions) {\n if (clientId.startsWith('http:')) {\n const clientMetadata = atprotoLoopbackClientMetadata(clientId)\n return new BrowserOAuthClient({ clientMetadata, ...options })\n } else if (clientId.startsWith('https:')) {\n assertOAuthDiscoverableClientId(clientId)\n const clientMetadata = await OAuthClient.fetchMetadata({\n clientId,\n ...options,\n })\n return new BrowserOAuthClient({ ...options, clientMetadata })\n } else {\n throw new TypeError(`Invalid client id: ${clientId}`)\n }\n }\n\n private readonly ac = new AbortController()\n\n private readonly database: BrowserOAuthDatabase\n\n constructor({\n clientMetadata = atprotoLoopbackClientMetadata(\n buildLoopbackClientId(window.location),\n ),\n // \"fragment\" is a safer default as the query params will not be sent to the server\n responseMode = 'fragment',\n ...options\n }: BrowserOAuthClientOptions) {\n if (!globalThis.crypto?.subtle) {\n throw new Error('WebCrypto API is required')\n }\n\n if (!['query', 'fragment'].includes(responseMode)) {\n // Make sure \"form_post\" is not used as it is not supported in the browser\n throw new TypeError(`Invalid response mode: ${responseMode}`)\n }\n\n const database = new BrowserOAuthDatabase()\n\n super({\n ...options,\n\n clientMetadata,\n responseMode,\n keyset: undefined,\n\n runtimeImplementation,\n\n sessionStore: database.getSessionStore(),\n stateStore: database.getStateStore(),\n\n didCache: database.getDidCache(),\n handleCache: database.getHandleCache(),\n dpopNonceCache: database.getDpopNonceCache(),\n authorizationServerMetadataCache:\n database.getAuthorizationServerMetadataCache(),\n protectedResourceMetadataCache:\n database.getProtectedResourceMetadataCache(),\n\n onDelete: async (sub, cause) => {\n if (localStorage.getItem(`${NAMESPACE}(sub)`) === sub) {\n localStorage.removeItem(`${NAMESPACE}(sub)`)\n }\n\n syncChannel.postMessage({\n name: 'onDelete',\n args: [sub, cause],\n } satisfies SyncChannelMessage)\n\n return options.onDelete?.call(null, sub, cause)\n },\n\n onUpdate: async (sub, session) => {\n syncChannel.postMessage({\n name: 'onUpdate',\n args: [sub, session],\n } satisfies SyncChannelMessage)\n\n return options.onUpdate?.call(null, sub, session)\n },\n })\n\n this.database = database\n\n const { signal } = this.ac\n\n // Trigger hooks when an event is emitted in another tab\n syncChannel.addEventListener(\n 'message',\n (event) => {\n if (event.source === window) return\n\n const { name, args } = event.data as SyncChannelMessage\n\n const hook = options[name]\n\n // @ts-expect-error TS has a hard time matching the args with the hook\n void hook?.(...args)\n },\n // Remove the listener when the client is disposed\n { signal },\n )\n }\n\n /**\n * This method will automatically restore any existing session, or attempt to\n * process login callback if the URL contains oauth parameters.\n *\n * Use {@link BrowserOAuthClient.initCallback} instead of this method if you\n * want to force a login callback. This can be esp. useful if you are using\n * this lib from a framework that has some kind of URL manipulation (like a\n * client side router).\n *\n * Use {@link BrowserOAuthClient.initRestore} instead of this method if you\n * want to only restore existing sessions, and bypass the automatic processing\n * of login callbacks.\n */\n async init(refresh?: boolean): Promise<\n // Session restored\n | { session: OAuthSession; state?: never }\n // Login callback processed\n | { session: OAuthSession; state: string | null }\n // No session or callback\n | undefined\n > {\n // If the URL currently contains oauth query parameters (\"state\" + \"code\" or\n // \"state\" + \"error\"), let's automatically process them.\n const params = this.readCallbackParams()\n if (params) {\n const redirectUri = this.findRedirectUrl()\n if (redirectUri) return this.initCallback(params, redirectUri)\n }\n\n return this.initRestore(refresh)\n }\n\n async initRestore(refresh?: boolean) {\n // @NOTE Fixing the location should not be needed from callback endpoints\n // since callback endpoint are required to use IP based URLs (for localhost)\n await fixLocation(this.clientMetadata)\n\n const sub = localStorage.getItem(`${NAMESPACE}(sub)`)\n if (sub) {\n try {\n const session = await this.restore(sub, refresh)\n return { session }\n } catch (err) {\n localStorage.removeItem(`${NAMESPACE}(sub)`)\n throw err\n }\n }\n }\n\n async restore(sub: string, refresh?: boolean): Promise<OAuthSession> {\n const session = await super.restore(sub, refresh)\n localStorage.setItem(`${NAMESPACE}(sub)`, session.sub)\n return session\n }\n\n async revoke(sub: string) {\n localStorage.removeItem(`${NAMESPACE}(sub)`)\n return super.revoke(sub)\n }\n\n async signIn(\n input: string,\n options?: AuthorizeOptions,\n ): Promise<OAuthSession> {\n if (options?.display === 'popup') {\n return this.signInPopup(input, options)\n } else {\n return this.signInRedirect(input, options)\n }\n }\n\n async signInRedirect(\n input: string,\n options?: AuthorizeOptions,\n ): Promise<never> {\n const url = await this.authorize(input, options)\n\n window.location.href = url.href\n\n // back-forward cache\n return new Promise<never>((resolve, reject) => {\n setTimeout(\n (err: Error) => {\n // Take the opportunity to proactively cancel the pending request\n this.abortRequest(url).then(\n () => reject(err),\n (reason) => reject(new AggregateError([err, reason])),\n )\n },\n 5e3,\n new Error('User navigated back'),\n )\n })\n }\n\n async signInPopup(\n input: string,\n options?: Omit<AuthorizeOptions, 'state'>,\n ): Promise<OAuthSession> {\n // Open new window asap to prevent popup busting by browsers\n const popupFeatures = 'width=600,height=600,menubar=no,toolbar=no'\n let popup: Window | null = window.open(\n 'about:blank',\n '_blank',\n popupFeatures,\n )\n\n const stateKey = `${Math.random().toString(36).slice(2)}`\n\n const url = await this.authorize(input, {\n ...options,\n state: `${POPUP_STATE_PREFIX}${stateKey}`,\n display: options?.display ?? 'popup',\n })\n\n options?.signal?.throwIfAborted()\n\n if (popup) {\n popup.window.location.href = url.href\n } else {\n popup = window.open(url.href, '_blank', popupFeatures)\n }\n\n popup?.focus()\n\n return new Promise<OAuthSession>((resolve, reject) => {\n const popupChannel = new BroadcastChannel(POPUP_CHANNEL_NAME)\n\n const cleanup = () => {\n clearTimeout(timeout)\n popupChannel.removeEventListener('message', onMessage)\n popupChannel.close()\n options?.signal?.removeEventListener('abort', cancel)\n popup?.close()\n }\n\n const cancel = () => {\n // @TODO Store fact that the request was cancelled, allowing any\n // callback (e.g. in the popup) to revoke the session or credentials.\n\n reject(new Error(options?.signal?.aborted ? 'Aborted' : 'Timeout'))\n cleanup()\n }\n\n options?.signal?.addEventListener('abort', cancel)\n\n const timeout = setTimeout(cancel, 5 * 60e3)\n\n const onMessage = async ({ data }: MessageEvent<PopupChannelData>) => {\n if (data.key !== stateKey) return\n if (!('result' in data)) return\n\n // Send acknowledgment to popup window\n popupChannel.postMessage({ key: stateKey, ack: true })\n\n cleanup()\n\n const { result } = data\n if (result.status === 'fulfilled') {\n const sub = result.value\n try {\n options?.signal?.throwIfAborted()\n resolve(await this.restore(sub, false))\n } catch (err) {\n reject(err)\n void this.revoke(sub)\n }\n } else {\n const { message, params } = result.reason\n reject(new OAuthCallbackError(new URLSearchParams(params), message))\n }\n }\n\n popupChannel.addEventListener('message', onMessage)\n })\n }\n\n public findRedirectUrl() {\n for (const uri of this.clientMetadata.redirect_uris) {\n const url = new URL(uri)\n if (\n location.origin === url.origin &&\n location.pathname === url.pathname\n ) {\n return uri\n }\n }\n\n return undefined\n }\n\n public readCallbackParams(): URLSearchParams | null {\n const params =\n this.responseMode === 'fragment'\n ? new URLSearchParams(location.hash.slice(1))\n : new URLSearchParams(location.search)\n\n // Only if the current URL contains a valid oauth response params\n if (!params.has('state') || !(params.has('code') || params.has('error'))) {\n return null\n }\n\n return params\n }\n\n public async initCallback(\n params = this.readCallbackParams(),\n redirectUri = this.findRedirectUrl(),\n ): Promise<{\n session: OAuthSession\n state: string | null\n }> {\n if (!params) {\n throw new TypeError('No OAuth callback parameters found in the URL')\n }\n\n // Replace the current history entry without the params (this will prevent\n // the following code to run again if the user refreshes the page)\n if (this.responseMode === 'fragment') {\n history.replaceState(null, '', location.pathname + location.search)\n } else if (this.responseMode === 'query') {\n history.replaceState(null, '', location.pathname)\n }\n\n // Utility function to send the result of the popup to the parent window\n const sendPopupResult = (message: PopupChannelResultData) => {\n const popupChannel = new BroadcastChannel(POPUP_CHANNEL_NAME)\n\n return new Promise<boolean>((resolve) => {\n const cleanup = (result: boolean) => {\n clearTimeout(timer)\n popupChannel.removeEventListener('message', onMessage)\n popupChannel.close()\n resolve(result)\n }\n\n const onMessage = ({ data }: MessageEvent<PopupChannelData>) => {\n if ('ack' in data && message.key === data.key) cleanup(true)\n }\n\n popupChannel.addEventListener('message', onMessage)\n popupChannel.postMessage(message)\n // Receiving of \"ack\" should be very fast, giving it 500 ms anyway\n const timer = setTimeout(cleanup, 500, false)\n })\n }\n\n return this.callback(params, { redirect_uri: redirectUri })\n .then(async (result) => {\n if (result.state?.startsWith(POPUP_STATE_PREFIX)) {\n const receivedByParent = await sendPopupResult({\n key: result.state.slice(POPUP_STATE_PREFIX.length),\n result: {\n status: 'fulfilled',\n value: result.session.sub,\n },\n })\n\n // Revoke the credentials if the parent window was closed\n if (!receivedByParent) await result.session.signOut()\n\n throw new LoginContinuedInParentWindowError() // signInPopup\n }\n\n localStorage.setItem(`${NAMESPACE}(sub)`, result.session.sub)\n\n return result\n })\n .catch(async (err) => {\n if (\n err instanceof OAuthCallbackError &&\n err.state?.startsWith(POPUP_STATE_PREFIX)\n ) {\n await sendPopupResult({\n key: err.state.slice(POPUP_STATE_PREFIX.length),\n result: {\n status: 'rejected',\n reason: {\n message: err.message,\n params: Array.from(err.params.entries()),\n },\n },\n })\n\n throw new LoginContinuedInParentWindowError() // signInPopup\n }\n\n // Most probable cause at this point is that the \"state\" parameter is\n // invalid.\n throw err\n })\n .catch((err) => {\n if (err instanceof LoginContinuedInParentWindowError) {\n // parent will also try to close the popup\n window.close()\n }\n\n throw err\n })\n }\n\n async [Symbol.asyncDispose]() {\n try {\n this.ac.abort()\n } finally {\n await this.database[Symbol.asyncDispose]()\n }\n }\n\n dispose() {\n this[Symbol.dispose]()\n }\n}\n\n/**\n * Since \"localhost\" is often used either in IP mode or in hostname mode,\n * and because the redirect uris must use the IP mode, we need to make sure\n * that the current location url is not using \"localhost\".\n *\n * This is required for the IndexedDB to work properly. Indeed, the IndexedDB\n * is shared by origin, so we must ensure to be on the same origin as the\n * redirect uris.\n */\nfunction fixLocation(clientMetadata: ClientMetadata) {\n if (!isOAuthClientIdLoopback(clientMetadata.client_id)) return\n if (window.location.hostname !== 'localhost') return\n\n const locationUrl = new URL(window.location.href)\n\n for (const uri of clientMetadata.redirect_uris) {\n const url = new URL(uri)\n if (\n (url.hostname === '127.0.0.1' || url.hostname === '[::1]') &&\n (!url.port || url.port === locationUrl.port) &&\n url.protocol === locationUrl.protocol &&\n url.pathname === locationUrl.pathname\n ) {\n url.port = locationUrl.port\n window.location.href = url.href\n\n // Prevent init() on the wrong origin\n throw new Error('Redirecting to loopback IP...')\n }\n }\n\n throw new Error(\n `Please use the loopback IP address instead of ${locationUrl}`,\n )\n}\n"]}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { DidDocument } from '@atproto/did';
|
|
2
|
-
import { InternalStateData, Session
|
|
2
|
+
import { InternalStateData, Session } from '@atproto/oauth-client';
|
|
3
3
|
import { OAuthAuthorizationServerMetadata, OAuthProtectedResourceMetadata } from '@atproto/oauth-types';
|
|
4
4
|
import { ResolvedHandle } from '@atproto-labs/handle-resolver';
|
|
5
5
|
import { SimpleStore, Value } from '@atproto-labs/simple-store';
|
|
@@ -13,15 +13,11 @@ type EncodedKey = {
|
|
|
13
13
|
keyPair: CryptoKeyPair;
|
|
14
14
|
};
|
|
15
15
|
export type Schema = {
|
|
16
|
-
state: Item<{
|
|
16
|
+
state: Item<Omit<InternalStateData, 'dpopKey'> & {
|
|
17
17
|
dpopKey: EncodedKey;
|
|
18
|
-
iss: string;
|
|
19
|
-
verifier?: string;
|
|
20
|
-
appState?: string;
|
|
21
18
|
}>;
|
|
22
|
-
session: Item<{
|
|
19
|
+
session: Item<Omit<Session, 'dpopKey'> & {
|
|
23
20
|
dpopKey: EncodedKey;
|
|
24
|
-
tokenSet: TokenSet;
|
|
25
21
|
}>;
|
|
26
22
|
didCache: Item<DidDocument>;
|
|
27
23
|
dpopNonceCache: Item<string>;
|
|
@@ -46,9 +42,9 @@ export declare class BrowserOAuthDatabase {
|
|
|
46
42
|
}): DatabaseStore<V>;
|
|
47
43
|
getSessionStore(): DatabaseStore<Session>;
|
|
48
44
|
getStateStore(): DatabaseStore<InternalStateData>;
|
|
49
|
-
getDpopNonceCache():
|
|
50
|
-
getDidCache():
|
|
51
|
-
getHandleCache():
|
|
45
|
+
getDpopNonceCache(): DatabaseStore<string>;
|
|
46
|
+
getDidCache(): DatabaseStore<DidDocument>;
|
|
47
|
+
getHandleCache(): DatabaseStore<ResolvedHandle>;
|
|
52
48
|
getAuthorizationServerMetadataCache(): undefined | DatabaseStore<OAuthAuthorizationServerMetadata>;
|
|
53
49
|
getProtectedResourceMetadataCache(): undefined | DatabaseStore<OAuthProtectedResourceMetadata>;
|
|
54
50
|
cleanup(): Promise<void>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"browser-oauth-database.d.ts","sourceRoot":"","sources":["../src/browser-oauth-database.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AAG1C,OAAO,EAAE,iBAAiB,EAAE,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"browser-oauth-database.d.ts","sourceRoot":"","sources":["../src/browser-oauth-database.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AAG1C,OAAO,EAAE,iBAAiB,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAClE,OAAO,EACL,gCAAgC,EAChC,8BAA8B,EAC/B,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAA;AAC9D,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,4BAA4B,CAAA;AAC/D,OAAO,EAAM,aAAa,EAAE,MAAM,uBAAuB,CAAA;AAGzD,KAAK,IAAI,CAAC,CAAC,IAAI;IACb,KAAK,EAAE,CAAC,CAAA;IACR,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB,CAAA;AAED,KAAK,UAAU,GAAG;IAChB,KAAK,EAAE,MAAM,CAAA;IACb,OAAO,EAAE,aAAa,CAAA;CACvB,CAAA;AAgBD,MAAM,MAAM,MAAM,GAAG;IACnB,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,SAAS,CAAC,GAAG;QAAE,OAAO,EAAE,UAAU,CAAA;KAAE,CAAC,CAAA;IACzE,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,GAAG;QAAE,OAAO,EAAE,UAAU,CAAA;KAAE,CAAC,CAAA;IACjE,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,CAAA;IAC3B,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,CAAA;IAC5B,WAAW,EAAE,IAAI,CAAC,cAAc,CAAC,CAAA;IACjC,gCAAgC,EAAE,IAAI,CAAC,gCAAgC,CAAC,CAAA;IACxE,8BAA8B,EAAE,IAAI,CAAC,8BAA8B,CAAC,CAAA;CACrE,CAAA;AAED,MAAM,MAAM,aAAa,CAAC,CAAC,SAAS,KAAK,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC,CAAA;AAanE,MAAM,MAAM,2BAA2B,GAAG;IACxC,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,UAAU,CAAC,EAAE,QAAQ,GAAG,SAAS,CAAA;IACjC,eAAe,CAAC,EAAE,MAAM,CAAA;CACzB,CAAA;AAED,qBAAa,oBAAoB;;gBAInB,OAAO,CAAC,EAAE,2BAA2B;cAmBjC,GAAG,CAAC,CAAC,SAAS,MAAM,MAAM,EAAE,CAAC,EAC3C,SAAS,EAAE,CAAC,EACZ,IAAI,EAAE,UAAU,GAAG,WAAW,EAC9B,EAAE,EAAE,CAAC,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,GAClD,OAAO,CAAC,CAAC,CAAC;IAOb,SAAS,CAAC,WAAW,CAAC,CAAC,SAAS,MAAM,MAAM,EAAE,CAAC,SAAS,KAAK,EAC3D,IAAI,EAAE,CAAC,EACP,EACE,MAAM,EACN,MAAM,EACN,SAAS,GACV,EAAE;QACD,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAA;QAC1E,MAAM,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;QAC3D,SAAS,EAAE,CAAC,KAAK,EAAE,CAAC,KAAK,IAAI,GAAG,IAAI,CAAA;KACrC,GACA,aAAa,CAAC,CAAC,CAAC;IAqCnB,eAAe,IAAI,aAAa,CAAC,OAAO,CAAC;IAiBzC,aAAa,IAAI,aAAa,CAAC,iBAAiB,CAAC;IAcjD,iBAAiB,IAAI,aAAa,CAAC,MAAM,CAAC;IAQ1C,WAAW,IAAI,aAAa,CAAC,WAAW,CAAC;IAQzC,cAAc,IAAI,aAAa,CAAC,cAAc,CAAC;IAQ/C,mCAAmC,IAC/B,SAAS,GACT,aAAa,CAAC,gCAAgC,CAAC;IAQnD,iCAAiC,IAC7B,SAAS,GACT,aAAa,CAAC,8BAA8B,CAAC;IAQ3C,OAAO;IAaP,CAAC,MAAM,CAAC,YAAY,CAAC;CAc5B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"browser-oauth-database.js","sourceRoot":"","sources":["../src/browser-oauth-database.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAEA,0DAAqD;AAQrD,oDAAyD;AAazD,SAAS,SAAS,CAAC,GAAQ;IACzB,IAAI,CAAC,CAAC,GAAG,YAAY,4BAAY,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;IACvC,CAAC;IACD,OAAO;QACL,KAAK,EAAE,GAAG,CAAC,GAAG;QACd,OAAO,EAAE,GAAG,CAAC,aAAa;KAC3B,CAAA;AACH,CAAC;AAED,KAAK,UAAU,SAAS,CAAC,OAAmB;IAC1C,OAAO,4BAAY,CAAC,WAAW,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,CAAA;AACjE,CAAC;AAyBD,MAAM,MAAM,GAA6B;IACvC,OAAO;IACP,SAAS;IAET,UAAU;IACV,gBAAgB;IAChB,aAAa;IACb,kCAAkC;IAClC,gCAAgC;CACjC,CAAA;AAQD,MAAa,oBAAoB;IAI/B,YAAY,OAAqC;QAHjD,kDAA+B;QAC/B,wDAAiD;QAG/C,uBAAA,IAAI,mCAAc,aAAE,CAAC,IAAI,CACvB,OAAO,EAAE,IAAI,IAAI,uBAAuB,EACxC;YACE,CAAC,EAAE,EAAE,EAAE;gBACL,KAAK,MAAM,IAAI,IAAI,MAAM,EAAE,CAAC;oBAC1B,MAAM,KAAK,GAAG,EAAE,CAAC,iBAAiB,CAAC,IAAI,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;oBACjE,KAAK,CAAC,WAAW,CAAC,WAAW,EAAE,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAA;gBAChE,CAAC;YACH,CAAC;SACF,EACD,EAAE,UAAU,EAAE,OAAO,EAAE,UAAU,IAAI,QAAQ,EAAE,CAChD,MAAA,CAAA;QAED,uBAAA,IAAI,yCAAoB,WAAW,CAAC,GAAG,EAAE;YACvC,KAAK,IAAI,CAAC,OAAO,EAAE,CAAA;QACrB,CAAC,EAAE,OAAO,EAAE,eAAe,IAAI,IAAI,CAAC,MAAA,CAAA;IACtC,CAAC;IAES,KAAK,CAAC,GAAG,CACjB,SAAY,EACZ,IAA8B,EAC9B,EAAmD;QAEnD,MAAM,EAAE,GAAG,MAAM,uBAAA,IAAI,uCAAW,CAAA;QAChC,OAAO,MAAM,EAAE,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CACpD,EAAE,CAAC,EAAE,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,CAC9B,CAAA;IACH,CAAC;IAES,WAAW,CACnB,IAAO,EACP,EACE,MAAM,EACN,MAAM,EACN,SAAS,GAKV;QAED,OAAO;YACL,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBACjB,qBAAqB;gBACrB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAA;gBAExE,YAAY;gBACZ,IAAI,IAAI,KAAK,SAAS;oBAAE,OAAO,SAAS,CAAA;gBAExC,mBAAmB;gBACnB,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;oBACpE,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;oBAC/D,OAAO,SAAS,CAAA;gBAClB,CAAC;gBAED,+BAA+B;gBAC/B,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAC3B,CAAC;YAED,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE;gBACxB,6BAA6B;gBAC7B,MAAM,IAAI,GAAG;oBACX,KAAK,EAAE,MAAM,MAAM,CAAC,KAAK,CAAC;oBAC1B,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,EAAE,WAAW,EAAE;iBAC9B,CAAA;gBAEd,oBAAoB;gBACpB,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAA;YACpE,CAAC;YAED,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBACjB,SAAS;gBACT,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;YACjE,CAAC;SACF,CAAA;IACH,CAAC;IAED,eAAe;QACb,OAAO,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE;YACjC,SAAS,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAC1B,QAAQ,CAAC,aAAa,IAAI,QAAQ,CAAC,UAAU,IAAI,IAAI;gBACnD,CAAC,CAAC,IAAI;gBACN,CAAC,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC;YACnC,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC;gBACpC,GAAG,OAAO;gBACV,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC;aAC5B,CAAC;YACF,MAAM,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC;gBAC1C,GAAG,OAAO;gBACV,OAAO,EAAE,MAAM,SAAS,CAAC,OAAO,CAAC;aAClC,CAAC;SACH,CAAC,CAAA;IACJ,CAAC;IAED,aAAa;QACX,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE;YAC/B,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;YACvD,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC;gBACpC,GAAG,OAAO;gBACV,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC;aAC5B,CAAC;YACF,MAAM,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC;gBAC1C,GAAG,OAAO;gBACV,OAAO,EAAE,MAAM,SAAS,CAAC,OAAO,CAAC;aAClC,CAAC;SACH,CAAC,CAAA;IACJ,CAAC;IAED,iBAAiB;QACf,OAAO,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE;YACxC,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;YACnD,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK;YACxB,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO;SAC7B,CAAC,CAAA;IACJ,CAAC;IAED,WAAW;QACT,OAAO,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE;YAClC,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAClD,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK;YACxB,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO;SAC7B,CAAC,CAAA;IACJ,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,WAAW,CAAC,aAAa,EAAE;YACrC,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAClD,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK;YACxB,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO;SAC7B,CAAC,CAAA;IACJ,CAAC;IAED,mCAAmC;QAGjC,OAAO,IAAI,CAAC,WAAW,CAAC,kCAAkC,EAAE;YAC1D,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAClD,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK;YACxB,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO;SAC7B,CAAC,CAAA;IACJ,CAAC;IAED,iCAAiC;QAG/B,OAAO,IAAI,CAAC,WAAW,CAAC,gCAAgC,EAAE;YACxD,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAClD,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK;YACxB,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO;SAC7B,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,OAAO;QACX,MAAM,EAAE,GAAG,MAAM,uBAAA,IAAI,uCAAW,CAAA;QAEhC,KAAK,MAAM,IAAI,IAAI,MAAM,EAAE,CAAC;YAC1B,MAAM,EAAE,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,EAAE,EAAE,CAC/C,EAAE;iBACC,WAAW,CAAC,IAAI,CAAC;iBACjB,KAAK,CAAC,WAAW,CAAC;iBAClB,SAAS,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CACjD,CAAA;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,0GAAC,MAAM,CAAC,YAAY,EAAC;QACzB,aAAa,CAAC,uBAAA,IAAI,6CAAiB,CAAC,CAAA;QACpC,uBAAA,IAAI,yCAAoB,SAAS,MAAA,CAAA;QAEjC,MAAM,SAAS,GAAG,uBAAA,IAAI,uCAAW,CAAA;QACjC,uBAAA,IAAI,mCAAc,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC,MAAA,CAAA;QAEzE,sCAAsC;QACtC,uBAAA,IAAI,uCAAW,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;QAEjC,iDAAiD;QACjD,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;QAC5C,IAAI,EAAE;YAAE,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IACxE,CAAC;CACF;AAxLD,oDAwLC","sourcesContent":["import { DidDocument } from '@atproto/did'\nimport { Key } from '@atproto/jwk'\nimport { WebcryptoKey } from '@atproto/jwk-webcrypto'\nimport { InternalStateData, Session, TokenSet } from '@atproto/oauth-client'\nimport {\n OAuthAuthorizationServerMetadata,\n OAuthProtectedResourceMetadata,\n} from '@atproto/oauth-types'\nimport { ResolvedHandle } from '@atproto-labs/handle-resolver'\nimport { SimpleStore, Value } from '@atproto-labs/simple-store'\nimport { DB, DBObjectStore } from './indexed-db/index.js'\nimport { TupleUnion } from './util.js'\n\ntype Item<V> = {\n value: V\n expiresAt?: string // ISO Date\n}\n\ntype EncodedKey = {\n keyId: string\n keyPair: CryptoKeyPair\n}\n\nfunction encodeKey(key: Key): EncodedKey {\n if (!(key instanceof WebcryptoKey) || !key.kid) {\n throw new Error('Invalid key object')\n }\n return {\n keyId: key.kid,\n keyPair: key.cryptoKeyPair,\n }\n}\n\nasync function decodeKey(encoded: EncodedKey): Promise<Key> {\n return WebcryptoKey.fromKeypair(encoded.keyPair, encoded.keyId)\n}\n\nexport type Schema = {\n state: Item<{\n dpopKey: EncodedKey\n\n iss: string\n verifier?: string\n appState?: string\n }>\n session: Item<{\n dpopKey: EncodedKey\n\n tokenSet: TokenSet\n }>\n\n didCache: Item<DidDocument>\n dpopNonceCache: Item<string>\n handleCache: Item<ResolvedHandle>\n authorizationServerMetadataCache: Item<OAuthAuthorizationServerMetadata>\n protectedResourceMetadataCache: Item<OAuthProtectedResourceMetadata>\n}\n\nexport type DatabaseStore<V extends Value> = SimpleStore<string, V>\n\nconst STORES: TupleUnion<keyof Schema> = [\n 'state',\n 'session',\n\n 'didCache',\n 'dpopNonceCache',\n 'handleCache',\n 'authorizationServerMetadataCache',\n 'protectedResourceMetadataCache',\n]\n\nexport type BrowserOAuthDatabaseOptions = {\n name?: string\n durability?: 'strict' | 'relaxed'\n cleanupInterval?: number\n}\n\nexport class BrowserOAuthDatabase {\n #dbPromise: Promise<DB<Schema>>\n #cleanupInterval?: ReturnType<typeof setInterval>\n\n constructor(options?: BrowserOAuthDatabaseOptions) {\n this.#dbPromise = DB.open<Schema>(\n options?.name ?? '@atproto-oauth-client',\n [\n (db) => {\n for (const name of STORES) {\n const store = db.createObjectStore(name, { autoIncrement: true })\n store.createIndex('expiresAt', 'expiresAt', { unique: false })\n }\n },\n ],\n { durability: options?.durability ?? 'strict' },\n )\n\n this.#cleanupInterval = setInterval(() => {\n void this.cleanup()\n }, options?.cleanupInterval ?? 30e3)\n }\n\n protected async run<N extends keyof Schema, R>(\n storeName: N,\n mode: 'readonly' | 'readwrite',\n fn: (s: DBObjectStore<Schema[N]>) => R | Promise<R>,\n ): Promise<R> {\n const db = await this.#dbPromise\n return await db.transaction([storeName], mode, (tx) =>\n fn(tx.objectStore(storeName)),\n )\n }\n\n protected createStore<N extends keyof Schema, V extends Value>(\n name: N,\n {\n encode,\n decode,\n expiresAt,\n }: {\n encode: (value: V) => Schema[N]['value'] | PromiseLike<Schema[N]['value']>\n decode: (encoded: Schema[N]['value']) => V | PromiseLike<V>\n expiresAt: (value: V) => null | Date\n },\n ): DatabaseStore<V> {\n return {\n get: async (key) => {\n // Find item in store\n const item = await this.run(name, 'readonly', (store) => store.get(key))\n\n // Not found\n if (item === undefined) return undefined\n\n // Too old (delete)\n if (item.expiresAt != null && new Date(item.expiresAt) < new Date()) {\n await this.run(name, 'readwrite', (store) => store.delete(key))\n return undefined\n }\n\n // Item found and valid. Decode\n return decode(item.value)\n },\n\n set: async (key, value) => {\n // Create encoded item record\n const item = {\n value: await encode(value),\n expiresAt: expiresAt(value)?.toISOString(),\n } as Schema[N]\n\n // Store item record\n await this.run(name, 'readwrite', (store) => store.put(item, key))\n },\n\n del: async (key) => {\n // Delete\n await this.run(name, 'readwrite', (store) => store.delete(key))\n },\n }\n }\n\n getSessionStore(): DatabaseStore<Session> {\n return this.createStore('session', {\n expiresAt: ({ tokenSet }) =>\n tokenSet.refresh_token || tokenSet.expires_at == null\n ? null\n : new Date(tokenSet.expires_at),\n encode: ({ dpopKey, ...session }) => ({\n ...session,\n dpopKey: encodeKey(dpopKey),\n }),\n decode: async ({ dpopKey, ...encoded }) => ({\n ...encoded,\n dpopKey: await decodeKey(dpopKey),\n }),\n })\n }\n\n getStateStore(): DatabaseStore<InternalStateData> {\n return this.createStore('state', {\n expiresAt: (_value) => new Date(Date.now() + 10 * 60e3),\n encode: ({ dpopKey, ...session }) => ({\n ...session,\n dpopKey: encodeKey(dpopKey),\n }),\n decode: async ({ dpopKey, ...encoded }) => ({\n ...encoded,\n dpopKey: await decodeKey(dpopKey),\n }),\n })\n }\n\n getDpopNonceCache(): undefined | DatabaseStore<string> {\n return this.createStore('dpopNonceCache', {\n expiresAt: (_value) => new Date(Date.now() + 600e3),\n encode: (value) => value,\n decode: (encoded) => encoded,\n })\n }\n\n getDidCache(): undefined | DatabaseStore<DidDocument> {\n return this.createStore('didCache', {\n expiresAt: (_value) => new Date(Date.now() + 60e3),\n encode: (value) => value,\n decode: (encoded) => encoded,\n })\n }\n\n getHandleCache(): undefined | DatabaseStore<ResolvedHandle> {\n return this.createStore('handleCache', {\n expiresAt: (_value) => new Date(Date.now() + 60e3),\n encode: (value) => value,\n decode: (encoded) => encoded,\n })\n }\n\n getAuthorizationServerMetadataCache():\n | undefined\n | DatabaseStore<OAuthAuthorizationServerMetadata> {\n return this.createStore('authorizationServerMetadataCache', {\n expiresAt: (_value) => new Date(Date.now() + 60e3),\n encode: (value) => value,\n decode: (encoded) => encoded,\n })\n }\n\n getProtectedResourceMetadataCache():\n | undefined\n | DatabaseStore<OAuthProtectedResourceMetadata> {\n return this.createStore('protectedResourceMetadataCache', {\n expiresAt: (_value) => new Date(Date.now() + 60e3),\n encode: (value) => value,\n decode: (encoded) => encoded,\n })\n }\n\n async cleanup() {\n const db = await this.#dbPromise\n\n for (const name of STORES) {\n await db.transaction([name], 'readwrite', (tx) =>\n tx\n .objectStore(name)\n .index('expiresAt')\n .deleteAll(IDBKeyRange.upperBound(Date.now())),\n )\n }\n }\n\n async [Symbol.asyncDispose]() {\n clearInterval(this.#cleanupInterval)\n this.#cleanupInterval = undefined\n\n const dbPromise = this.#dbPromise\n this.#dbPromise = Promise.reject(new Error('Database has been disposed'))\n\n // Avoid \"unhandled promise rejection\"\n this.#dbPromise.catch(() => null)\n\n // Spec recommends not to throw errors in dispose\n const db = await dbPromise.catch(() => null)\n if (db) await (db[Symbol.asyncDispose] || db[Symbol.dispose]).call(db)\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"browser-oauth-database.js","sourceRoot":"","sources":["../src/browser-oauth-database.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAEA,0DAAqD;AAQrD,oDAAyD;AAazD,SAAS,SAAS,CAAC,GAAQ;IACzB,IAAI,CAAC,CAAC,GAAG,YAAY,4BAAY,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;IACvC,CAAC;IACD,OAAO;QACL,KAAK,EAAE,GAAG,CAAC,GAAG;QACd,OAAO,EAAE,GAAG,CAAC,aAAa;KAC3B,CAAA;AACH,CAAC;AAED,KAAK,UAAU,SAAS,CAAC,OAAmB;IAC1C,OAAO,4BAAY,CAAC,WAAW,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,CAAA;AACjE,CAAC;AAcD,MAAM,MAAM,GAA6B;IACvC,OAAO;IACP,SAAS;IAET,UAAU;IACV,gBAAgB;IAChB,aAAa;IACb,kCAAkC;IAClC,gCAAgC;CACjC,CAAA;AAQD,MAAa,oBAAoB;IAI/B,YAAY,OAAqC;QAHjD,kDAA+B;QAC/B,wDAAiD;QAG/C,uBAAA,IAAI,mCAAc,aAAE,CAAC,IAAI,CACvB,OAAO,EAAE,IAAI,IAAI,uBAAuB,EACxC;YACE,CAAC,EAAE,EAAE,EAAE;gBACL,KAAK,MAAM,IAAI,IAAI,MAAM,EAAE,CAAC;oBAC1B,MAAM,KAAK,GAAG,EAAE,CAAC,iBAAiB,CAAC,IAAI,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;oBACjE,KAAK,CAAC,WAAW,CAAC,WAAW,EAAE,WAAW,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAA;gBAChE,CAAC;YACH,CAAC;SACF,EACD,EAAE,UAAU,EAAE,OAAO,EAAE,UAAU,IAAI,QAAQ,EAAE,CAChD,MAAA,CAAA;QAED,uBAAA,IAAI,yCAAoB,WAAW,CAAC,GAAG,EAAE;YACvC,KAAK,IAAI,CAAC,OAAO,EAAE,CAAA;QACrB,CAAC,EAAE,OAAO,EAAE,eAAe,IAAI,IAAI,CAAC,MAAA,CAAA;IACtC,CAAC;IAES,KAAK,CAAC,GAAG,CACjB,SAAY,EACZ,IAA8B,EAC9B,EAAmD;QAEnD,MAAM,EAAE,GAAG,MAAM,uBAAA,IAAI,uCAAW,CAAA;QAChC,OAAO,MAAM,EAAE,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CACpD,EAAE,CAAC,EAAE,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,CAC9B,CAAA;IACH,CAAC;IAES,WAAW,CACnB,IAAO,EACP,EACE,MAAM,EACN,MAAM,EACN,SAAS,GAKV;QAED,OAAO;YACL,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBACjB,qBAAqB;gBACrB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAA;gBAExE,YAAY;gBACZ,IAAI,IAAI,KAAK,SAAS;oBAAE,OAAO,SAAS,CAAA;gBAExC,mBAAmB;gBACnB,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;oBACpE,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;oBAC/D,OAAO,SAAS,CAAA;gBAClB,CAAC;gBAED,+BAA+B;gBAC/B,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAC3B,CAAC;YAED,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE;gBACxB,6BAA6B;gBAC7B,MAAM,IAAI,GAAG;oBACX,KAAK,EAAE,MAAM,MAAM,CAAC,KAAK,CAAC;oBAC1B,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,EAAE,WAAW,EAAE;iBAC9B,CAAA;gBAEd,oBAAoB;gBACpB,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAA;YACpE,CAAC;YAED,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBACjB,SAAS;gBACT,MAAM,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;YACjE,CAAC;SACF,CAAA;IACH,CAAC;IAED,eAAe;QACb,OAAO,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE;YACjC,SAAS,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAC1B,QAAQ,CAAC,aAAa,IAAI,QAAQ,CAAC,UAAU,IAAI,IAAI;gBACnD,CAAC,CAAC,IAAI;gBACN,CAAC,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC;YACnC,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC;gBACpC,GAAG,OAAO;gBACV,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC;aAC5B,CAAC;YACF,MAAM,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC;gBAC1C,GAAG,OAAO;gBACV,OAAO,EAAE,MAAM,SAAS,CAAC,OAAO,CAAC;aAClC,CAAC;SACH,CAAC,CAAA;IACJ,CAAC;IAED,aAAa;QACX,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE;YAC/B,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;YACvD,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC;gBACpC,GAAG,OAAO;gBACV,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC;aAC5B,CAAC;YACF,MAAM,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,EAAE,EAAE,CAAC,CAAC;gBAC1C,GAAG,OAAO;gBACV,OAAO,EAAE,MAAM,SAAS,CAAC,OAAO,CAAC;aAClC,CAAC;SACH,CAAC,CAAA;IACJ,CAAC;IAED,iBAAiB;QACf,OAAO,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE;YACxC,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;YACnD,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK;YACxB,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO;SAC7B,CAAC,CAAA;IACJ,CAAC;IAED,WAAW;QACT,OAAO,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE;YAClC,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAClD,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK;YACxB,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO;SAC7B,CAAC,CAAA;IACJ,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,WAAW,CAAC,aAAa,EAAE;YACrC,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAClD,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK;YACxB,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO;SAC7B,CAAC,CAAA;IACJ,CAAC;IAED,mCAAmC;QAGjC,OAAO,IAAI,CAAC,WAAW,CAAC,kCAAkC,EAAE;YAC1D,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAClD,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK;YACxB,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO;SAC7B,CAAC,CAAA;IACJ,CAAC;IAED,iCAAiC;QAG/B,OAAO,IAAI,CAAC,WAAW,CAAC,gCAAgC,EAAE;YACxD,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;YAClD,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK;YACxB,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO;SAC7B,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,OAAO;QACX,MAAM,EAAE,GAAG,MAAM,uBAAA,IAAI,uCAAW,CAAA;QAEhC,KAAK,MAAM,IAAI,IAAI,MAAM,EAAE,CAAC;YAC1B,MAAM,EAAE,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,EAAE,EAAE,CAC/C,EAAE;iBACC,WAAW,CAAC,IAAI,CAAC;iBACjB,KAAK,CAAC,WAAW,CAAC;iBAClB,SAAS,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CACjD,CAAA;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,0GAAC,MAAM,CAAC,YAAY,EAAC;QACzB,aAAa,CAAC,uBAAA,IAAI,6CAAiB,CAAC,CAAA;QACpC,uBAAA,IAAI,yCAAoB,SAAS,MAAA,CAAA;QAEjC,MAAM,SAAS,GAAG,uBAAA,IAAI,uCAAW,CAAA;QACjC,uBAAA,IAAI,mCAAc,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC,MAAA,CAAA;QAEzE,sCAAsC;QACtC,uBAAA,IAAI,uCAAW,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;QAEjC,iDAAiD;QACjD,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;QAC5C,IAAI,EAAE;YAAE,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IACxE,CAAC;CACF;AAxLD,oDAwLC","sourcesContent":["import { DidDocument } from '@atproto/did'\nimport { Key } from '@atproto/jwk'\nimport { WebcryptoKey } from '@atproto/jwk-webcrypto'\nimport { InternalStateData, Session } from '@atproto/oauth-client'\nimport {\n OAuthAuthorizationServerMetadata,\n OAuthProtectedResourceMetadata,\n} from '@atproto/oauth-types'\nimport { ResolvedHandle } from '@atproto-labs/handle-resolver'\nimport { SimpleStore, Value } from '@atproto-labs/simple-store'\nimport { DB, DBObjectStore } from './indexed-db/index.js'\nimport { TupleUnion } from './util.js'\n\ntype Item<V> = {\n value: V\n expiresAt?: string // ISO Date\n}\n\ntype EncodedKey = {\n keyId: string\n keyPair: CryptoKeyPair\n}\n\nfunction encodeKey(key: Key): EncodedKey {\n if (!(key instanceof WebcryptoKey) || !key.kid) {\n throw new Error('Invalid key object')\n }\n return {\n keyId: key.kid,\n keyPair: key.cryptoKeyPair,\n }\n}\n\nasync function decodeKey(encoded: EncodedKey): Promise<Key> {\n return WebcryptoKey.fromKeypair(encoded.keyPair, encoded.keyId)\n}\n\nexport type Schema = {\n state: Item<Omit<InternalStateData, 'dpopKey'> & { dpopKey: EncodedKey }>\n session: Item<Omit<Session, 'dpopKey'> & { dpopKey: EncodedKey }>\n didCache: Item<DidDocument>\n dpopNonceCache: Item<string>\n handleCache: Item<ResolvedHandle>\n authorizationServerMetadataCache: Item<OAuthAuthorizationServerMetadata>\n protectedResourceMetadataCache: Item<OAuthProtectedResourceMetadata>\n}\n\nexport type DatabaseStore<V extends Value> = SimpleStore<string, V>\n\nconst STORES: TupleUnion<keyof Schema> = [\n 'state',\n 'session',\n\n 'didCache',\n 'dpopNonceCache',\n 'handleCache',\n 'authorizationServerMetadataCache',\n 'protectedResourceMetadataCache',\n]\n\nexport type BrowserOAuthDatabaseOptions = {\n name?: string\n durability?: 'strict' | 'relaxed'\n cleanupInterval?: number\n}\n\nexport class BrowserOAuthDatabase {\n #dbPromise: Promise<DB<Schema>>\n #cleanupInterval?: ReturnType<typeof setInterval>\n\n constructor(options?: BrowserOAuthDatabaseOptions) {\n this.#dbPromise = DB.open<Schema>(\n options?.name ?? '@atproto-oauth-client',\n [\n (db) => {\n for (const name of STORES) {\n const store = db.createObjectStore(name, { autoIncrement: true })\n store.createIndex('expiresAt', 'expiresAt', { unique: false })\n }\n },\n ],\n { durability: options?.durability ?? 'strict' },\n )\n\n this.#cleanupInterval = setInterval(() => {\n void this.cleanup()\n }, options?.cleanupInterval ?? 30e3)\n }\n\n protected async run<N extends keyof Schema, R>(\n storeName: N,\n mode: 'readonly' | 'readwrite',\n fn: (s: DBObjectStore<Schema[N]>) => R | Promise<R>,\n ): Promise<R> {\n const db = await this.#dbPromise\n return await db.transaction([storeName], mode, (tx) =>\n fn(tx.objectStore(storeName)),\n )\n }\n\n protected createStore<N extends keyof Schema, V extends Value>(\n name: N,\n {\n encode,\n decode,\n expiresAt,\n }: {\n encode: (value: V) => Schema[N]['value'] | PromiseLike<Schema[N]['value']>\n decode: (encoded: Schema[N]['value']) => V | PromiseLike<V>\n expiresAt: (value: V) => null | Date\n },\n ): DatabaseStore<V> {\n return {\n get: async (key) => {\n // Find item in store\n const item = await this.run(name, 'readonly', (store) => store.get(key))\n\n // Not found\n if (item === undefined) return undefined\n\n // Too old (delete)\n if (item.expiresAt != null && new Date(item.expiresAt) < new Date()) {\n await this.run(name, 'readwrite', (store) => store.delete(key))\n return undefined\n }\n\n // Item found and valid. Decode\n return decode(item.value)\n },\n\n set: async (key, value) => {\n // Create encoded item record\n const item = {\n value: await encode(value),\n expiresAt: expiresAt(value)?.toISOString(),\n } as Schema[N]\n\n // Store item record\n await this.run(name, 'readwrite', (store) => store.put(item, key))\n },\n\n del: async (key) => {\n // Delete\n await this.run(name, 'readwrite', (store) => store.delete(key))\n },\n }\n }\n\n getSessionStore(): DatabaseStore<Session> {\n return this.createStore('session', {\n expiresAt: ({ tokenSet }) =>\n tokenSet.refresh_token || tokenSet.expires_at == null\n ? null\n : new Date(tokenSet.expires_at),\n encode: ({ dpopKey, ...session }) => ({\n ...session,\n dpopKey: encodeKey(dpopKey),\n }),\n decode: async ({ dpopKey, ...encoded }) => ({\n ...encoded,\n dpopKey: await decodeKey(dpopKey),\n }),\n })\n }\n\n getStateStore(): DatabaseStore<InternalStateData> {\n return this.createStore('state', {\n expiresAt: (_value) => new Date(Date.now() + 10 * 60e3),\n encode: ({ dpopKey, ...session }) => ({\n ...session,\n dpopKey: encodeKey(dpopKey),\n }),\n decode: async ({ dpopKey, ...encoded }) => ({\n ...encoded,\n dpopKey: await decodeKey(dpopKey),\n }),\n })\n }\n\n getDpopNonceCache(): DatabaseStore<string> {\n return this.createStore('dpopNonceCache', {\n expiresAt: (_value) => new Date(Date.now() + 600e3),\n encode: (value) => value,\n decode: (encoded) => encoded,\n })\n }\n\n getDidCache(): DatabaseStore<DidDocument> {\n return this.createStore('didCache', {\n expiresAt: (_value) => new Date(Date.now() + 60e3),\n encode: (value) => value,\n decode: (encoded) => encoded,\n })\n }\n\n getHandleCache(): DatabaseStore<ResolvedHandle> {\n return this.createStore('handleCache', {\n expiresAt: (_value) => new Date(Date.now() + 60e3),\n encode: (value) => value,\n decode: (encoded) => encoded,\n })\n }\n\n getAuthorizationServerMetadataCache():\n | undefined\n | DatabaseStore<OAuthAuthorizationServerMetadata> {\n return this.createStore('authorizationServerMetadataCache', {\n expiresAt: (_value) => new Date(Date.now() + 60e3),\n encode: (value) => value,\n decode: (encoded) => encoded,\n })\n }\n\n getProtectedResourceMetadataCache():\n | undefined\n | DatabaseStore<OAuthProtectedResourceMetadata> {\n return this.createStore('protectedResourceMetadataCache', {\n expiresAt: (_value) => new Date(Date.now() + 60e3),\n encode: (value) => value,\n decode: (encoded) => encoded,\n })\n }\n\n async cleanup() {\n const db = await this.#dbPromise\n\n for (const name of STORES) {\n await db.transaction([name], 'readwrite', (tx) =>\n tx\n .objectStore(name)\n .index('expiresAt')\n .deleteAll(IDBKeyRange.upperBound(Date.now())),\n )\n }\n }\n\n async [Symbol.asyncDispose]() {\n clearInterval(this.#cleanupInterval)\n this.#cleanupInterval = undefined\n\n const dbPromise = this.#dbPromise\n this.#dbPromise = Promise.reject(new Error('Database has been disposed'))\n\n // Avoid \"unhandled promise rejection\"\n this.#dbPromise.catch(() => null)\n\n // Spec recommends not to throw errors in dispose\n const db = await dbPromise.catch(() => null)\n if (db) await (db[Symbol.asyncDispose] || db[Symbol.dispose]).call(db)\n }\n}\n"]}
|
package/dist/util.d.ts
CHANGED
|
@@ -15,18 +15,4 @@ export declare function buildLoopbackClientId(location: {
|
|
|
15
15
|
pathname: string;
|
|
16
16
|
port: string;
|
|
17
17
|
}, localhost?: string): string;
|
|
18
|
-
interface TypedBroadcastChannelEventMap<T> {
|
|
19
|
-
message: MessageEvent<T>;
|
|
20
|
-
messageerror: MessageEvent<T>;
|
|
21
|
-
}
|
|
22
|
-
export interface TypedBroadcastChannel<T> extends EventTarget {
|
|
23
|
-
readonly name: string;
|
|
24
|
-
close(): void;
|
|
25
|
-
postMessage(message: T): void;
|
|
26
|
-
addEventListener<K extends keyof TypedBroadcastChannelEventMap<T>>(type: K, listener: (this: BroadcastChannel, ev: TypedBroadcastChannelEventMap<T>[K]) => any, options?: boolean | AddEventListenerOptions): void;
|
|
27
|
-
addEventListener(type: string, listener: EventListenerOrEventListenerObject, options?: boolean | AddEventListenerOptions): void;
|
|
28
|
-
removeEventListener<K extends keyof TypedBroadcastChannelEventMap<T>>(type: K, listener: (this: BroadcastChannel, ev: TypedBroadcastChannelEventMap<T>[K]) => any, options?: boolean | EventListenerOptions): void;
|
|
29
|
-
removeEventListener(type: string, listener: EventListenerOrEventListenerObject, options?: boolean | EventListenerOptions): void;
|
|
30
|
-
}
|
|
31
|
-
export {};
|
|
32
18
|
//# sourceMappingURL=util.d.ts.map
|
package/dist/util.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,QAAQ,CAAC,CAAC,IAAI;KAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CAAE,GAAG,WAAW,CAAC,OAAO,CAAC,CAAA;AACzE,MAAM,MAAM,UAAU,CAAC,CAAC,SAAS,MAAM,EAAE,CAAC,SAAS,GAAG,EAAE,GAAG,EAAE,IAAI;KAC9D,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,SAAS,KAAK,GACjC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GACT,UAAU,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;CACzC,CAAC,CAAC,CAAC,CAAA;AAEJ;;;;;GAKG;AACH,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE;IACR,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,IAAI,EAAE,MAAM,CAAA;CACb,EACD,SAAS,SAAc,GACtB,MAAM,CAUR
|
|
1
|
+
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,QAAQ,CAAC,CAAC,IAAI;KAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CAAE,GAAG,WAAW,CAAC,OAAO,CAAC,CAAA;AACzE,MAAM,MAAM,UAAU,CAAC,CAAC,SAAS,MAAM,EAAE,CAAC,SAAS,GAAG,EAAE,GAAG,EAAE,IAAI;KAC9D,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,SAAS,KAAK,GACjC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GACT,UAAU,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;CACzC,CAAC,CAAC,CAAC,CAAA;AAEJ;;;;;GAKG;AACH,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE;IACR,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,IAAI,EAAE,MAAM,CAAA;CACb,EACD,SAAS,SAAc,GACtB,MAAM,CAUR"}
|
package/dist/util.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":";;AAeA,sDAiBC;AAhCD,sDAAqD;AASrD;;;;;GAKG;AACH,SAAgB,qBAAqB,CACnC,QAIC,EACD,SAAS,GAAG,WAAW;IAEvB,IAAI,CAAC,IAAA,4BAAc,EAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,SAAS,CAAC,iCAAiC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAA;IAC3E,CAAC;IAED,MAAM,WAAW,GAAG,UAAU,QAAQ,CAAC,QAAQ,KAAK,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,GAAG,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,GAAG,QAAQ,CAAC,QAAQ,EAAE,CAAA;IAE7M,OAAO,mBACL,QAAQ,CAAC,QAAQ,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,QAC5C,iBAAiB,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAA;AACpD,CAAC","sourcesContent":["import { isLoopbackHost } from '@atproto/oauth-types'\n\nexport type Simplify<T> = { [K in keyof T]: T[K] } & NonNullable<unknown>\nexport type TupleUnion<U extends string, R extends any[] = []> = {\n [S in U]: Exclude<U, S> extends never\n ? [...R, S]\n : TupleUnion<Exclude<U, S>, [...R, S]>\n}[U]\n\n/**\n * @example\n * ```ts\n * const clientId = buildLoopbackClientId(window.location)\n * ```\n */\nexport function buildLoopbackClientId(\n location: {\n hostname: string\n pathname: string\n port: string\n },\n localhost = '127.0.0.1',\n): string {\n if (!isLoopbackHost(location.hostname)) {\n throw new TypeError(`Expected a loopback host, got ${location.hostname}`)\n }\n\n const redirectUri = `http://${location.hostname === 'localhost' ? localhost : location.hostname}${location.port && !location.port.startsWith(':') ? `:${location.port}` : location.port}${location.pathname}`\n\n return `http://localhost${\n location.pathname === '/' ? '' : location.pathname\n }?redirect_uri=${encodeURIComponent(redirectUri)}`\n}\n
|
|
1
|
+
{"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":";;AAeA,sDAiBC;AAhCD,sDAAqD;AASrD;;;;;GAKG;AACH,SAAgB,qBAAqB,CACnC,QAIC,EACD,SAAS,GAAG,WAAW;IAEvB,IAAI,CAAC,IAAA,4BAAc,EAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,SAAS,CAAC,iCAAiC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAA;IAC3E,CAAC;IAED,MAAM,WAAW,GAAG,UAAU,QAAQ,CAAC,QAAQ,KAAK,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,GAAG,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,GAAG,QAAQ,CAAC,QAAQ,EAAE,CAAA;IAE7M,OAAO,mBACL,QAAQ,CAAC,QAAQ,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,QAC5C,iBAAiB,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAA;AACpD,CAAC","sourcesContent":["import { isLoopbackHost } from '@atproto/oauth-types'\n\nexport type Simplify<T> = { [K in keyof T]: T[K] } & NonNullable<unknown>\nexport type TupleUnion<U extends string, R extends any[] = []> = {\n [S in U]: Exclude<U, S> extends never\n ? [...R, S]\n : TupleUnion<Exclude<U, S>, [...R, S]>\n}[U]\n\n/**\n * @example\n * ```ts\n * const clientId = buildLoopbackClientId(window.location)\n * ```\n */\nexport function buildLoopbackClientId(\n location: {\n hostname: string\n pathname: string\n port: string\n },\n localhost = '127.0.0.1',\n): string {\n if (!isLoopbackHost(location.hostname)) {\n throw new TypeError(`Expected a loopback host, got ${location.hostname}`)\n }\n\n const redirectUri = `http://${location.hostname === 'localhost' ? localhost : location.hostname}${location.port && !location.port.startsWith(':') ? `:${location.port}` : location.port}${location.pathname}`\n\n return `http://localhost${\n location.pathname === '/' ? '' : location.pathname\n }?redirect_uri=${encodeURIComponent(redirectUri)}`\n}\n"]}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@atproto/oauth-client-browser",
|
|
3
|
-
"version": "0.3.
|
|
3
|
+
"version": "0.3.41",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"description": "ATPROTO OAuth client for the browser (relies on WebCrypto & Indexed DB)",
|
|
6
6
|
"keywords": [
|
|
@@ -32,14 +32,14 @@
|
|
|
32
32
|
],
|
|
33
33
|
"dependencies": {
|
|
34
34
|
"core-js": "^3",
|
|
35
|
-
"@atproto-labs/did-resolver": "0.2.
|
|
36
|
-
"@atproto-labs/handle-resolver": "0.3.
|
|
37
|
-
"@atproto-labs/simple-store": "0.3.0",
|
|
38
|
-
"@atproto/did": "0.
|
|
39
|
-
"@atproto/jwk": "0.6.0",
|
|
40
|
-
"@atproto/jwk-webcrypto": "0.2.0",
|
|
41
|
-
"@atproto/oauth-client": "0.
|
|
42
|
-
"@atproto/oauth-types": "0.6.
|
|
35
|
+
"@atproto-labs/did-resolver": "^0.2.6",
|
|
36
|
+
"@atproto-labs/handle-resolver": "^0.3.6",
|
|
37
|
+
"@atproto-labs/simple-store": "^0.3.0",
|
|
38
|
+
"@atproto/did": "^0.3.0",
|
|
39
|
+
"@atproto/jwk": "^0.6.0",
|
|
40
|
+
"@atproto/jwk-webcrypto": "^0.2.0",
|
|
41
|
+
"@atproto/oauth-client": "^0.6.0",
|
|
42
|
+
"@atproto/oauth-types": "^0.6.3"
|
|
43
43
|
},
|
|
44
44
|
"devDependencies": {
|
|
45
45
|
"typescript": "^5.6.3"
|