@atproto/oauth-client-node 0.3.16 → 0.4.0-next.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -1
- package/dist/index.js +5 -21
- package/dist/index.js.map +1 -1
- package/dist/node-dpop-store.js +3 -6
- package/dist/node-dpop-store.js.map +1 -1
- package/dist/node-oauth-client.js +12 -16
- package/dist/node-oauth-client.js.map +1 -1
- package/dist/util.d.ts.map +1 -1
- package/dist/util.js +1 -2
- package/dist/util.js.map +1 -1
- package/package.json +13 -15
package/README.md
CHANGED
|
@@ -263,7 +263,8 @@ after a short period of time (one hour should be more than enough).
|
|
|
263
263
|
#### `requestLock`
|
|
264
264
|
|
|
265
265
|
When multiple instances of the client are running, this lock will prevent
|
|
266
|
-
concurrent refreshes of the same session.
|
|
266
|
+
concurrent refreshes of the same session. If the lock fails to be acquired an
|
|
267
|
+
error should be thrown.
|
|
267
268
|
|
|
268
269
|
Here is an example implementation based on [`redlock`](https://www.npmjs.com/package/redlock):
|
|
269
270
|
|
package/dist/index.js
CHANGED
|
@@ -1,22 +1,6 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
-
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
-
};
|
|
16
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
__exportStar(require("@atproto-labs/handle-resolver-node"), exports);
|
|
18
|
-
__exportStar(require("@atproto/jwk-webcrypto"), exports);
|
|
19
|
-
__exportStar(require("@atproto/oauth-client"), exports);
|
|
20
|
-
__exportStar(require("@atproto/jwk-jose"), exports);
|
|
21
|
-
__exportStar(require("./node-oauth-client.js"), exports);
|
|
1
|
+
export * from '@atproto-labs/handle-resolver-node';
|
|
2
|
+
export * from '@atproto/jwk-webcrypto';
|
|
3
|
+
export * from '@atproto/oauth-client';
|
|
4
|
+
export * from '@atproto/jwk-jose';
|
|
5
|
+
export * from './node-oauth-client.js';
|
|
22
6
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,oCAAoC,CAAA;AAClD,cAAc,wBAAwB,CAAA;AACtC,cAAc,uBAAuB,CAAA;AACrC,cAAc,mBAAmB,CAAA;AAEjC,cAAc,wBAAwB,CAAA","sourcesContent":["export * from '@atproto-labs/handle-resolver-node'\nexport * from '@atproto/jwk-webcrypto'\nexport * from '@atproto/oauth-client'\nexport * from '@atproto/jwk-jose'\n\nexport * from './node-oauth-client.js'\n"]}
|
package/dist/node-dpop-store.js
CHANGED
|
@@ -1,12 +1,9 @@
|
|
|
1
|
-
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.toDpopKeyStore = toDpopKeyStore;
|
|
4
|
-
const jwk_jose_1 = require("@atproto/jwk-jose");
|
|
1
|
+
import { JoseKey } from '@atproto/jwk-jose';
|
|
5
2
|
/**
|
|
6
3
|
* Utility function that allows to simplify the store interface by exposing a
|
|
7
4
|
* JWK (JSON) instead of a Key instance.
|
|
8
5
|
*/
|
|
9
|
-
function toDpopKeyStore(store) {
|
|
6
|
+
export function toDpopKeyStore(store) {
|
|
10
7
|
return {
|
|
11
8
|
async set(sub, { dpopKey, ...data }) {
|
|
12
9
|
const dpopJwk = dpopKey.privateJwk;
|
|
@@ -19,7 +16,7 @@ function toDpopKeyStore(store) {
|
|
|
19
16
|
if (!result)
|
|
20
17
|
return undefined;
|
|
21
18
|
const { dpopJwk, ...data } = result;
|
|
22
|
-
const dpopKey = await
|
|
19
|
+
const dpopKey = await JoseKey.fromJWK(dpopJwk);
|
|
23
20
|
return { ...data, dpopKey };
|
|
24
21
|
},
|
|
25
22
|
del: store.del.bind(store),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"node-dpop-store.js","sourceRoot":"","sources":["../src/node-dpop-store.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"node-dpop-store.js","sourceRoot":"","sources":["../src/node-dpop-store.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAA;AAQ3C;;;GAGG;AACH,MAAM,UAAU,cAAc,CAG5B,KAAwC;IACxC,OAAO;QACL,KAAK,CAAC,GAAG,CAAC,GAAM,EAAE,EAAE,OAAO,EAAE,GAAG,IAAI,EAAK;YACvC,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAA;YAClC,IAAI,CAAC,OAAO;gBAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAA;YAE7D,MAAM,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;QAC5C,CAAC;QAED,KAAK,CAAC,GAAG,CAAC,GAAM;YACd,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;YACnC,IAAI,CAAC,MAAM;gBAAE,OAAO,SAAS,CAAA;YAE7B,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,EAAE,GAAG,MAAM,CAAA;YACnC,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;YAC9C,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAkB,CAAA;QAC7C,CAAC;QAED,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC;QAC1B,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC;KAChC,CAAA;AACH,CAAC","sourcesContent":["import { Jwk, Key } from '@atproto/jwk'\nimport { JoseKey } from '@atproto/jwk-jose'\nimport { InternalStateData, Session } from '@atproto/oauth-client'\nimport { SimpleStore } from '@atproto-labs/simple-store'\n\ntype ToDpopJwkValue<V extends { dpopKey: Key }> = Omit<V, 'dpopKey'> & {\n dpopJwk: Jwk\n}\n\n/**\n * Utility function that allows to simplify the store interface by exposing a\n * JWK (JSON) instead of a Key instance.\n */\nexport function toDpopKeyStore<\n K extends string,\n V extends { dpopKey: Key; dpopJwk?: never },\n>(store: SimpleStore<K, ToDpopJwkValue<V>>): SimpleStore<K, V> {\n return {\n async set(sub: K, { dpopKey, ...data }: V) {\n const dpopJwk = dpopKey.privateJwk\n if (!dpopJwk) throw new Error('Private DPoP JWK is missing.')\n\n await store.set(sub, { ...data, dpopJwk })\n },\n\n async get(sub: K) {\n const result = await store.get(sub)\n if (!result) return undefined\n\n const { dpopJwk, ...data } = result\n const dpopKey = await JoseKey.fromJWK(dpopJwk)\n return { ...data, dpopKey } as unknown as V\n },\n\n del: store.del.bind(store),\n clear: store.clear?.bind(store),\n }\n}\n\nexport type NodeSavedState = ToDpopJwkValue<InternalStateData>\nexport type NodeSavedStateStore = SimpleStore<string, NodeSavedState>\n\nexport type NodeSavedSession = ToDpopJwkValue<Session>\nexport type NodeSavedSessionStore = SimpleStore<string, NodeSavedSession>\n"]}
|
|
@@ -1,20 +1,17 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
const node_dpop_store_js_1 = require("./node-dpop-store.js");
|
|
9
|
-
class NodeOAuthClient extends oauth_client_1.OAuthClient {
|
|
10
|
-
constructor({ requestLock = undefined, fallbackNameservers = undefined, fetch, responseMode = 'query', stateStore, sessionStore, handleResolver = new handle_resolver_node_1.AtprotoHandleResolverNode({
|
|
1
|
+
import { createHash, randomBytes } from 'node:crypto';
|
|
2
|
+
import { JoseKey } from '@atproto/jwk-jose';
|
|
3
|
+
import { OAuthClient, } from '@atproto/oauth-client';
|
|
4
|
+
import { AtprotoHandleResolverNode, } from '@atproto-labs/handle-resolver-node';
|
|
5
|
+
import { toDpopKeyStore, } from './node-dpop-store.js';
|
|
6
|
+
export class NodeOAuthClient extends OAuthClient {
|
|
7
|
+
constructor({ requestLock = undefined, fallbackNameservers = undefined, fetch, responseMode = 'query', stateStore, sessionStore, handleResolver = new AtprotoHandleResolverNode({
|
|
11
8
|
fetch,
|
|
12
9
|
fallbackNameservers,
|
|
13
10
|
}), runtimeImplementation = {
|
|
14
11
|
requestLock,
|
|
15
|
-
createKey: (algs) =>
|
|
16
|
-
getRandomValues:
|
|
17
|
-
digest: (bytes, algorithm) =>
|
|
12
|
+
createKey: (algs) => JoseKey.generate(algs),
|
|
13
|
+
getRandomValues: randomBytes,
|
|
14
|
+
digest: (bytes, algorithm) => createHash(algorithm.name).update(bytes).digest(),
|
|
18
15
|
}, ...options }) {
|
|
19
16
|
if (!runtimeImplementation.requestLock) {
|
|
20
17
|
// Ok if only one instance of the client is running at a time.
|
|
@@ -26,10 +23,9 @@ class NodeOAuthClient extends oauth_client_1.OAuthClient {
|
|
|
26
23
|
responseMode,
|
|
27
24
|
handleResolver,
|
|
28
25
|
runtimeImplementation,
|
|
29
|
-
stateStore:
|
|
30
|
-
sessionStore:
|
|
26
|
+
stateStore: toDpopKeyStore(stateStore),
|
|
27
|
+
sessionStore: toDpopKeyStore(sessionStore),
|
|
31
28
|
});
|
|
32
29
|
}
|
|
33
30
|
}
|
|
34
|
-
exports.NodeOAuthClient = NodeOAuthClient;
|
|
35
31
|
//# sourceMappingURL=node-oauth-client.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"node-oauth-client.js","sourceRoot":"","sources":["../src/node-oauth-client.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"node-oauth-client.js","sourceRoot":"","sources":["../src/node-oauth-client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AACrD,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAA;AAC3C,OAAO,EAEL,WAAW,GAKZ,MAAM,uBAAuB,CAAA;AAE9B,OAAO,EACL,yBAAyB,GAE1B,MAAM,oCAAoC,CAAA;AAC3C,OAAO,EAGL,cAAc,GACf,MAAM,sBAAsB,CAAA;AAqC7B,MAAM,OAAO,eAAgB,SAAQ,WAAW;IAC9C,YAAY,EACV,WAAW,GAAG,SAAS,EACvB,mBAAmB,GAAG,SAAS,EAE/B,KAAK,EACL,YAAY,GAAG,OAAO,EAEtB,UAAU,EACV,YAAY,EAEZ,cAAc,GAAG,IAAI,yBAAyB,CAAC;QAC7C,KAAK;QACL,mBAAmB;KACpB,CAAC,EAEF,qBAAqB,GAAG;QACtB,WAAW;QACX,SAAS,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;QAC3C,eAAe,EAAE,WAAW;QAC5B,MAAM,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE,CAC3B,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE;KACpD,EAED,GAAG,OAAO,EACa;QACvB,IAAI,CAAC,qBAAqB,CAAC,WAAW,EAAE,CAAC;YACvC,8DAA8D;YAC9D,OAAO,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAA;QAC5E,CAAC;QAED,KAAK,CAAC;YACJ,GAAG,OAAO;YAEV,KAAK;YACL,YAAY;YACZ,cAAc;YACd,qBAAqB;YAErB,UAAU,EAAE,cAAc,CAAC,UAAU,CAAC;YACtC,YAAY,EAAE,cAAc,CAAC,YAAY,CAAC;SAC3C,CAAC,CAAA;IACJ,CAAC;CACF","sourcesContent":["import { createHash, randomBytes } from 'node:crypto'\nimport { JoseKey } from '@atproto/jwk-jose'\nimport {\n HandleResolver,\n OAuthClient,\n OAuthClientFetchMetadataOptions,\n OAuthClientOptions,\n RuntimeImplementation,\n RuntimeLock,\n} from '@atproto/oauth-client'\nimport { OAuthResponseMode } from '@atproto/oauth-types'\nimport {\n AtprotoHandleResolverNode,\n AtprotoHandleResolverNodeOptions,\n} from '@atproto-labs/handle-resolver-node'\nimport {\n NodeSavedSessionStore,\n NodeSavedStateStore,\n toDpopKeyStore,\n} from './node-dpop-store.js'\nimport { Override } from './util.js'\n\nexport type * from './node-dpop-store.js'\nexport type { OAuthClientOptions, OAuthResponseMode, RuntimeLock }\n\nexport type NodeOAuthClientOptions = Override<\n OAuthClientOptions,\n {\n responseMode?: Exclude<OAuthResponseMode, 'fragment'>\n\n stateStore: NodeSavedStateStore\n sessionStore: NodeSavedSessionStore\n\n /**\n * Used to build a {@link NodeOAuthClientOptions.handleResolver} if none is\n * provided.\n */\n fallbackNameservers?: AtprotoHandleResolverNodeOptions['fallbackNameservers']\n\n handleResolver?: HandleResolver | string | URL\n\n /**\n * Used to build a {@link NodeOAuthClientOptions.runtimeImplementation} if\n * none is provided. Pass in `requestLocalLock` from `@atproto/oauth-client`\n * to mute warning.\n */\n requestLock?: RuntimeLock\n\n runtimeImplementation?: RuntimeImplementation\n }\n>\n\nexport type NodeOAuthClientFromMetadataOptions =\n OAuthClientFetchMetadataOptions &\n Omit<NodeOAuthClientOptions, 'clientMetadata'>\n\nexport class NodeOAuthClient extends OAuthClient {\n constructor({\n requestLock = undefined,\n fallbackNameservers = undefined,\n\n fetch,\n responseMode = 'query',\n\n stateStore,\n sessionStore,\n\n handleResolver = new AtprotoHandleResolverNode({\n fetch,\n fallbackNameservers,\n }),\n\n runtimeImplementation = {\n requestLock,\n createKey: (algs) => JoseKey.generate(algs),\n getRandomValues: randomBytes,\n digest: (bytes, algorithm) =>\n createHash(algorithm.name).update(bytes).digest(),\n },\n\n ...options\n }: NodeOAuthClientOptions) {\n if (!runtimeImplementation.requestLock) {\n // Ok if only one instance of the client is running at a time.\n console.warn('No lock mechanism provided. Credentials might get revoked.')\n }\n\n super({\n ...options,\n\n fetch,\n responseMode,\n handleResolver,\n runtimeImplementation,\n\n stateStore: toDpopKeyStore(stateStore),\n sessionStore: toDpopKeyStore(sessionStore),\n })\n }\n}\n"]}
|
package/dist/util.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,QAAQ,CAAC,CAAC,IAAI;KAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CAAE,GAAG,EAAE,CAAA;AACvD,MAAM,MAAM,QAAQ,CAAC,CAAC,EAAE,CAAC,IAAI,QAAQ,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAA"}
|
package/dist/util.js
CHANGED
package/dist/util.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":"","sourcesContent":["
|
|
1
|
+
{"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":"","sourcesContent":["export type Simplify<T> = { [K in keyof T]: T[K] } & {}\nexport type Override<T, V> = Simplify<V & Omit<T, keyof V>>\n"]}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@atproto/oauth-client-node",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.4.0-next.0",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"description": "ATPROTO OAuth client for the NodeJS",
|
|
6
6
|
"keywords": [
|
|
@@ -15,9 +15,7 @@
|
|
|
15
15
|
"url": "https://github.com/bluesky-social/atproto",
|
|
16
16
|
"directory": "packages/oauth/oauth-client-node"
|
|
17
17
|
},
|
|
18
|
-
"type": "
|
|
19
|
-
"main": "dist/index.js",
|
|
20
|
-
"types": "dist/index.d.ts",
|
|
18
|
+
"type": "module",
|
|
21
19
|
"exports": {
|
|
22
20
|
".": {
|
|
23
21
|
"types": "./dist/index.d.ts",
|
|
@@ -25,24 +23,24 @@
|
|
|
25
23
|
}
|
|
26
24
|
},
|
|
27
25
|
"engines": {
|
|
28
|
-
"node": ">=
|
|
26
|
+
"node": ">=22"
|
|
29
27
|
},
|
|
30
28
|
"files": [
|
|
31
29
|
"dist"
|
|
32
30
|
],
|
|
33
31
|
"dependencies": {
|
|
34
|
-
"@atproto-labs/did-resolver": "0.
|
|
35
|
-
"@atproto-labs/
|
|
36
|
-
"@atproto
|
|
37
|
-
"@atproto/
|
|
38
|
-
"@atproto/jwk": "0.
|
|
39
|
-
"@atproto/
|
|
40
|
-
"@atproto/
|
|
41
|
-
"@atproto/
|
|
42
|
-
"@atproto/
|
|
32
|
+
"@atproto-labs/did-resolver": "^0.3.0-next.0",
|
|
33
|
+
"@atproto-labs/simple-store": "^0.4.0-next.0",
|
|
34
|
+
"@atproto/did": "^0.4.0-next.0",
|
|
35
|
+
"@atproto/jwk": "^0.7.0-next.0",
|
|
36
|
+
"@atproto/jwk-webcrypto": "^0.3.0-next.0",
|
|
37
|
+
"@atproto/oauth-types": "^0.7.0-next.0",
|
|
38
|
+
"@atproto/oauth-client": "^0.7.0-next.0",
|
|
39
|
+
"@atproto/jwk-jose": "^0.2.0-next.0",
|
|
40
|
+
"@atproto-labs/handle-resolver-node": "^0.2.0-next.0"
|
|
43
41
|
},
|
|
44
42
|
"devDependencies": {
|
|
45
|
-
"typescript": "^
|
|
43
|
+
"typescript": "^6.0.3"
|
|
46
44
|
},
|
|
47
45
|
"scripts": {
|
|
48
46
|
"build": "tsc --build tsconfig.build.json"
|