@atproto/oauth-client 0.1.2-rc.1 → 0.1.2-rc.3
Sign up to get free protection for your applications and to get access to all the features.
- package/CHANGELOG.md +0 -14
- package/README.md +4 -2
- package/dist/oauth-atp-agent.d.ts +1 -1
- package/dist/oauth-atp-agent.d.ts.map +1 -1
- package/dist/oauth-atp-agent.js +1 -2
- package/dist/oauth-atp-agent.js.map +1 -1
- package/dist/oauth-authorization-server-metadata-resolver.d.ts.map +1 -1
- package/dist/oauth-authorization-server-metadata-resolver.js +5 -0
- package/dist/oauth-authorization-server-metadata-resolver.js.map +1 -1
- package/dist/oauth-client.d.ts +1 -1
- package/dist/oauth-client.d.ts.map +1 -1
- package/dist/oauth-client.js +1 -10
- package/dist/oauth-client.js.map +1 -1
- package/dist/oauth-protected-resource-metadata-resolver.d.ts.map +1 -1
- package/dist/oauth-protected-resource-metadata-resolver.js +5 -4
- package/dist/oauth-protected-resource-metadata-resolver.js.map +1 -1
- package/dist/oauth-resolver.d.ts +21 -7
- package/dist/oauth-resolver.d.ts.map +1 -1
- package/dist/oauth-resolver.js +57 -17
- package/dist/oauth-resolver.js.map +1 -1
- package/dist/oauth-server-agent.d.ts.map +1 -1
- package/dist/oauth-server-agent.js +3 -1
- package/dist/oauth-server-agent.js.map +1 -1
- package/dist/oauth-server-factory.d.ts.map +1 -1
- package/dist/oauth-server-factory.js +1 -1
- package/dist/oauth-server-factory.js.map +1 -1
- package/dist/session-getter.js +1 -1
- package/dist/session-getter.js.map +1 -1
- package/package.json +10 -10
- package/src/oauth-atp-agent.ts +2 -3
- package/src/oauth-authorization-server-metadata-resolver.ts +8 -0
- package/src/oauth-client.ts +4 -10
- package/src/oauth-protected-resource-metadata-resolver.ts +9 -4
- package/src/oauth-resolver.ts +92 -33
- package/src/oauth-server-agent.ts +3 -1
- package/src/oauth-server-factory.ts +4 -1
- package/src/session-getter.ts +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,19 +1,5 @@
|
|
|
1
1
|
# @atproto/oauth-client
|
|
2
2
|
|
|
3
|
-
## 0.1.2-rc.1
|
|
4
|
-
|
|
5
|
-
### Patch Changes
|
|
6
|
-
|
|
7
|
-
- Misc fixes for confidential client usage
|
|
8
|
-
|
|
9
|
-
## 0.1.2-rc.0
|
|
10
|
-
|
|
11
|
-
### Patch Changes
|
|
12
|
-
|
|
13
|
-
- Updated dependencies [[`2ded0156b`](https://github.com/bluesky-social/atproto/commit/2ded0156b9adf33b9cce66583a375bff922d383b), [`2ded0156b`](https://github.com/bluesky-social/atproto/commit/2ded0156b9adf33b9cce66583a375bff922d383b)]:
|
|
14
|
-
- @atproto/xrpc@0.6.0-rc.0
|
|
15
|
-
- @atproto/api@0.13.0-rc.0
|
|
16
|
-
|
|
17
3
|
## 0.1.1
|
|
18
4
|
|
|
19
5
|
### Patch Changes
|
package/README.md
CHANGED
|
@@ -155,8 +155,10 @@ await agent.post({
|
|
|
155
155
|
text: 'Hello, world!',
|
|
156
156
|
})
|
|
157
157
|
|
|
158
|
-
|
|
159
|
-
|
|
158
|
+
if (agent instanceof AtpAgent) {
|
|
159
|
+
// revoke credentials on the server (causing sessionStore.del() to be called)
|
|
160
|
+
await agent.logout()
|
|
161
|
+
}
|
|
160
162
|
```
|
|
161
163
|
|
|
162
164
|
## Advances use-cases
|
|
@@ -3,7 +3,7 @@ import { OAuthAgent } from './oauth-agent.js';
|
|
|
3
3
|
export declare class OAuthAtpAgent extends Agent {
|
|
4
4
|
readonly oauthAgent: OAuthAgent;
|
|
5
5
|
constructor(oauthAgent: OAuthAgent);
|
|
6
|
-
clone():
|
|
6
|
+
clone(): OAuthAtpAgent;
|
|
7
7
|
get did(): string;
|
|
8
8
|
signOut(): Promise<void>;
|
|
9
9
|
refreshIfNeeded(): Promise<void>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-atp-agent.d.ts","sourceRoot":"","sources":["../src/oauth-atp-agent.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,cAAc,CAAA;AAIpC,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C,qBAAa,aAAc,SAAQ,KAAK;IAC1B,QAAQ,CAAC,UAAU,EAAE,UAAU;gBAAtB,UAAU,EAAE,UAAU;IAyB3C,KAAK,IAAI,
|
|
1
|
+
{"version":3,"file":"oauth-atp-agent.d.ts","sourceRoot":"","sources":["../src/oauth-atp-agent.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,cAAc,CAAA;AAIpC,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C,qBAAa,aAAc,SAAQ,KAAK;IAC1B,QAAQ,CAAC,UAAU,EAAE,UAAU;gBAAtB,UAAU,EAAE,UAAU;IAyB3C,KAAK,IAAI,aAAa;IAItB,IAAI,GAAG,IAAI,MAAM,CAEhB;IAEK,OAAO;IAIA,eAAe,IAAI,OAAO,CAAC,IAAI,CAAC;CAG9C"}
|
package/dist/oauth-atp-agent.js
CHANGED
|
@@ -35,8 +35,7 @@ class OAuthAtpAgent extends api_1.Agent {
|
|
|
35
35
|
});
|
|
36
36
|
}
|
|
37
37
|
clone() {
|
|
38
|
-
|
|
39
|
-
return this.copyInto(agent);
|
|
38
|
+
return this.copyInto(new OAuthAtpAgent(this.oauthAgent));
|
|
40
39
|
}
|
|
41
40
|
get did() {
|
|
42
41
|
return this.oauthAgent.sub;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-atp-agent.js","sourceRoot":"","sources":["../src/oauth-atp-agent.ts"],"names":[],"mappings":";;;AAAA,sCAAoC;AACpC,wCAAyC;AACzC,+CAAoE;AAIpE,MAAa,aAAc,SAAQ,WAAK;IACtC,YAAqB,UAAsB;QACzC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YACxB,IAAI,CAAC;gBACH,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;YACjD,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,KAAK,YAAY,kBAAU,EAAE,CAAC;oBAChC,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,GAAG,KAAK,CAAA;oBACrC,MAAM,IAAI,gBAAS,CAAC,UAAU,EAAE,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE;wBAC7D,KAAK;qBACN,CAAC,CAAA;gBACJ,CAAC;gBAED,IAAI,KAAK,YAAY,0BAAkB,EAAE,CAAC;oBACxC,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAA;oBAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAA;oBAC9D,MAAM,IAAI,gBAAS,CAAC,UAAU,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE;wBAC3D,KAAK;qBACN,CAAC,CAAA;gBACJ,CAAC;gBAED,MAAM,KAAK,CAAA;YACb,CAAC;QACH,CAAC,CAAC,CAAA;QAtBQ;;;;mBAAS,UAAU;WAAY;IAuB3C,CAAC;IAED,KAAK;QACH,
|
|
1
|
+
{"version":3,"file":"oauth-atp-agent.js","sourceRoot":"","sources":["../src/oauth-atp-agent.ts"],"names":[],"mappings":";;;AAAA,sCAAoC;AACpC,wCAAyC;AACzC,+CAAoE;AAIpE,MAAa,aAAc,SAAQ,WAAK;IACtC,YAAqB,UAAsB;QACzC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YACxB,IAAI,CAAC;gBACH,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;YACjD,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,KAAK,YAAY,kBAAU,EAAE,CAAC;oBAChC,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,GAAG,KAAK,CAAA;oBACrC,MAAM,IAAI,gBAAS,CAAC,UAAU,EAAE,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE;wBAC7D,KAAK;qBACN,CAAC,CAAA;gBACJ,CAAC;gBAED,IAAI,KAAK,YAAY,0BAAkB,EAAE,CAAC;oBACxC,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAA;oBAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAA;oBAC9D,MAAM,IAAI,gBAAS,CAAC,UAAU,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE;wBAC3D,KAAK;qBACN,CAAC,CAAA;gBACJ,CAAC;gBAED,MAAM,KAAK,CAAA;YACb,CAAC;QACH,CAAC,CAAC,CAAA;QAtBQ;;;;mBAAS,UAAU;WAAY;IAuB3C,CAAC;IAED,KAAK;QACH,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAA;IAC1D,CAAC;IAED,IAAI,GAAG;QACL,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,CAAA;IAC5B,CAAC;IAED,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAA;IACjC,CAAC;IAEM,KAAK,CAAC,eAAe;QAC1B,MAAM,IAAI,CAAC,UAAU,CAAC,eAAe,EAAE,CAAA;IACzC,CAAC;CACF;AAzCD,sCAyCC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-authorization-server-metadata-resolver.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-server-metadata-resolver.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,KAAK,EAEN,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,WAAW,EACZ,MAAM,4BAA4B,CAAA;AACnC,OAAO,EACL,gCAAgC,EAGjC,MAAM,sBAAsB,CAAA;AAG7B,YAAY,EAAE,gBAAgB,EAAE,gCAAgC,EAAE,CAAA;AAElE,MAAM,MAAM,gCAAgC,GAAG,WAAW,CACxD,MAAM,EACN,gCAAgC,CACjC,CAAA;AAED;;GAEG;AACH,qBAAa,wCAAyC,SAAQ,YAAY,CACxE,MAAM,EACN,gCAAgC,CACjC;IACC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAgB;gBAE1B,KAAK,EAAE,gCAAgC,EAAE,KAAK,CAAC,EAAE,KAAK;IAM5D,GAAG,CACP,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,gCAAgC,CAAC;YAI9B,aAAa;
|
|
1
|
+
{"version":3,"file":"oauth-authorization-server-metadata-resolver.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-server-metadata-resolver.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,KAAK,EAEN,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,WAAW,EACZ,MAAM,4BAA4B,CAAA;AACnC,OAAO,EACL,gCAAgC,EAGjC,MAAM,sBAAsB,CAAA;AAG7B,YAAY,EAAE,gBAAgB,EAAE,gCAAgC,EAAE,CAAA;AAElE,MAAM,MAAM,gCAAgC,GAAG,WAAW,CACxD,MAAM,EACN,gCAAgC,CACjC,CAAA;AAED;;GAEG;AACH,qBAAa,wCAAyC,SAAQ,YAAY,CACxE,MAAM,EACN,gCAAgC,CACjC;IACC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAgB;gBAE1B,KAAK,EAAE,gCAAgC,EAAE,KAAK,CAAC,EAAE,KAAK;IAM5D,GAAG,CACP,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,gCAAgC,CAAC;YAI9B,aAAa;CA0D5B"}
|
|
@@ -49,6 +49,11 @@ class OAuthAuthorizationServerMetadataResolver extends simple_store_1.CachedGett
|
|
|
49
49
|
if (metadata.issuer !== issuer) {
|
|
50
50
|
throw new TypeError(`Invalid issuer ${metadata.issuer}`);
|
|
51
51
|
}
|
|
52
|
+
// ATPROTO requires client_id_metadata_document
|
|
53
|
+
// http://drafts.aaronpk.com/draft-parecki-oauth-client-id-metadata-document/draft-parecki-oauth-client-id-metadata-document.html
|
|
54
|
+
if (metadata.client_id_metadata_document_supported !== true) {
|
|
55
|
+
throw new TypeError(`Authorization server "${issuer}" does not support client_id_metadata_document`);
|
|
56
|
+
}
|
|
52
57
|
return metadata;
|
|
53
58
|
}
|
|
54
59
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-authorization-server-metadata-resolver.js","sourceRoot":"","sources":["../src/oauth-authorization-server-metadata-resolver.ts"],"names":[],"mappings":";;;AAAA,+CAK4B;AAC5B,6DAImC;AACnC,sDAI6B;AAC7B,iCAAoC;AASpC;;GAEG;AACH,MAAa,wCAAyC,SAAQ,2BAG7D;IAGC,YAAY,KAAuC,EAAE,KAAa;QAChE,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,KAAK,CAAC,CAAA;QAH7D;;;;;WAAqB;QAKpC,IAAI,CAAC,KAAK,GAAG,IAAA,iBAAS,EAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAED,KAAK,CAAC,GAAG,CACP,MAAc,EACd,OAA0B;QAE1B,OAAO,KAAK,CAAC,GAAG,CAAC,yCAA2B,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,CAAA;IACtE,CAAC;IAEO,KAAK,CAAC,aAAa,CACzB,MAAc,EACd,OAA0B;QAE1B,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE,kBAAkB,CAAC,CAAC,CAAC,CAAA;QAC7D,IAAI,OAAO,EAAE,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,CAAC,CAAA;QAE9D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,yCAAyC,EAAE,MAAM,CAAC,CAAA;QACtE,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE;YAC/B,MAAM,EAAE,OAAO,EAAE,MAAM;YACvB,OAAO;YACP,QAAQ,EAAE,QAAQ,EAAE,0BAA0B;SAC/C,CAAC,CAAA;QAEF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;QAE1C,4DAA4D;QAC5D,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAA,kBAAU,EAAC,QAAQ,EAAE,KAAK,CAAC,CAAA;YACjC,MAAM,MAAM,0BAAkB,CAAC,IAAI,CACjC,QAAQ,EACR,0BAA0B,QAAQ,CAAC,MAAM,SAAS,GAAG,GAAG,EACxD,SAAS,EACT,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;QACH,CAAC;QAED,IAAI,IAAA,kBAAW,EAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,kBAAkB,EAAE,CAAC;YACzD,MAAM,IAAA,kBAAU,EAAC,QAAQ,EAAE,KAAK,CAAC,CAAA;YACjC,MAAM,MAAM,0BAAkB,CAAC,IAAI,CACjC,QAAQ,EACR,gCAAgC,GAAG,GAAG,EACtC,SAAS,EACT,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;QACH,CAAC;QAED,MAAM,QAAQ,GAAG,uDAAyC,CAAC,KAAK,CAC9D,MAAM,QAAQ,CAAC,IAAI,EAAE,CACtB,CAAA;QAED,uCAAuC;QACvC,6FAA6F;QAC7F,0DAA0D;QAC1D,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAC/B,MAAM,IAAI,SAAS,CAAC,kBAAkB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAA;QAC1D,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;CACF;
|
|
1
|
+
{"version":3,"file":"oauth-authorization-server-metadata-resolver.js","sourceRoot":"","sources":["../src/oauth-authorization-server-metadata-resolver.ts"],"names":[],"mappings":";;;AAAA,+CAK4B;AAC5B,6DAImC;AACnC,sDAI6B;AAC7B,iCAAoC;AASpC;;GAEG;AACH,MAAa,wCAAyC,SAAQ,2BAG7D;IAGC,YAAY,KAAuC,EAAE,KAAa;QAChE,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,KAAK,CAAC,CAAA;QAH7D;;;;;WAAqB;QAKpC,IAAI,CAAC,KAAK,GAAG,IAAA,iBAAS,EAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAED,KAAK,CAAC,GAAG,CACP,MAAc,EACd,OAA0B;QAE1B,OAAO,KAAK,CAAC,GAAG,CAAC,yCAA2B,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,CAAA;IACtE,CAAC;IAEO,KAAK,CAAC,aAAa,CACzB,MAAc,EACd,OAA0B;QAE1B,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE,kBAAkB,CAAC,CAAC,CAAC,CAAA;QAC7D,IAAI,OAAO,EAAE,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,CAAC,CAAA;QAE9D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,yCAAyC,EAAE,MAAM,CAAC,CAAA;QACtE,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE;YAC/B,MAAM,EAAE,OAAO,EAAE,MAAM;YACvB,OAAO;YACP,QAAQ,EAAE,QAAQ,EAAE,0BAA0B;SAC/C,CAAC,CAAA;QAEF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;QAE1C,4DAA4D;QAC5D,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAA,kBAAU,EAAC,QAAQ,EAAE,KAAK,CAAC,CAAA;YACjC,MAAM,MAAM,0BAAkB,CAAC,IAAI,CACjC,QAAQ,EACR,0BAA0B,QAAQ,CAAC,MAAM,SAAS,GAAG,GAAG,EACxD,SAAS,EACT,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;QACH,CAAC;QAED,IAAI,IAAA,kBAAW,EAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,kBAAkB,EAAE,CAAC;YACzD,MAAM,IAAA,kBAAU,EAAC,QAAQ,EAAE,KAAK,CAAC,CAAA;YACjC,MAAM,MAAM,0BAAkB,CAAC,IAAI,CACjC,QAAQ,EACR,gCAAgC,GAAG,GAAG,EACtC,SAAS,EACT,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;QACH,CAAC;QAED,MAAM,QAAQ,GAAG,uDAAyC,CAAC,KAAK,CAC9D,MAAM,QAAQ,CAAC,IAAI,EAAE,CACtB,CAAA;QAED,uCAAuC;QACvC,6FAA6F;QAC7F,0DAA0D;QAC1D,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAC/B,MAAM,IAAI,SAAS,CAAC,kBAAkB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAA;QAC1D,CAAC;QAED,+CAA+C;QAC/C,iIAAiI;QACjI,IAAI,QAAQ,CAAC,qCAAqC,KAAK,IAAI,EAAE,CAAC;YAC5D,MAAM,IAAI,SAAS,CACjB,yBAAyB,MAAM,gDAAgD,CAChF,CAAA;QACH,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;CACF;AA7ED,4FA6EC"}
|
package/dist/oauth-client.d.ts
CHANGED
|
@@ -185,7 +185,7 @@ export declare class OAuthClient extends CustomEventTarget<OAuthClientEventMap>
|
|
|
185
185
|
readonly stateStore: StateStore;
|
|
186
186
|
constructor({ fetch, stateStore, sessionStore, didCache, dpopNonceCache, handleCache, authorizationServerMetadataCache, protectedResourceMetadataCache, responseMode, clientMetadata, handleResolver, plcDirectoryUrl, runtimeImplementation, keyset, }: OAuthClientOptions);
|
|
187
187
|
get identityResolver(): IdentityResolver;
|
|
188
|
-
get didResolver(): import("@atproto-labs/did-resolver").DidResolver<"
|
|
188
|
+
get didResolver(): import("@atproto-labs/did-resolver").DidResolver<import("@atproto-labs/did-resolver").AtprotoIdentityDidMethods>;
|
|
189
189
|
get handleResolver(): HandleResolver;
|
|
190
190
|
get jwks(): {
|
|
191
191
|
readonly keys: readonly ({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-client.d.ts","sourceRoot":"","sources":["../src/oauth-client.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,QAAQ,EAGT,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EAGL,WAAW,EACX,cAAc,EACf,MAAM,+BAA+B,CAAA;AACtC,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAA;AAElE,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AAC1C,OAAO,EACL,yBAAyB,EACzB,mBAAmB,EACnB,wBAAwB,EAExB,iBAAiB,EAClB,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAA;AACpD,OAAO,EACL,gCAAgC,EAEjC,MAAM,mDAAmD,CAAA;AAE1D,OAAO,EAEL,8BAA8B,EAC/B,MAAM,iDAAiD,CAAA;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACnD,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAA;AAC1E,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;AAC9D,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAA;AACnE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EACL,eAAe,EACf,aAAa,EACb,YAAY,EACb,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EAAE,iBAAiB,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAChE,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;AAC7D,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAA;AAI7C,YAAY,EACV,gCAAgC,EAChC,QAAQ,EACR,cAAc,EACd,KAAK,EACL,WAAW,EACX,cAAc,EACd,iBAAiB,EACjB,GAAG,EACH,MAAM,EACN,mBAAmB,EACnB,wBAAwB,EACxB,iBAAiB,EACjB,8BAA8B,EAC9B,qBAAqB,EACrB,YAAY,EACZ,UAAU,GACX,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAE/B,YAAY,EAAE,iBAAiB,CAAA;IAC/B,cAAc,EAAE,QAAQ,CAAC,wBAAwB,CAAC,CAAA;IAClD,MAAM,CAAC,EAAE,MAAM,GAAG,QAAQ,CAAC,GAAG,GAAG,SAAS,GAAG,IAAI,GAAG,KAAK,CAAC,CAAA;IAG1D,UAAU,EAAE,UAAU,CAAA;IACtB,YAAY,EAAE,YAAY,CAAA;IAC1B,QAAQ,CAAC,EAAE,QAAQ,CAAA;IACnB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,gCAAgC,CAAC,EAAE,gCAAgC,CAAA;IACnE,8BAA8B,CAAC,EAAE,8BAA8B,CAAA;IAC/D,cAAc,CAAC,EAAE,cAAc,CAAA;IAG/B,cAAc,EAAE,cAAc,GAAG,GAAG,GAAG,MAAM,CAAA;IAC7C,eAAe,CAAC,EAAE,GAAG,GAAG,MAAM,CAAA;IAC9B,qBAAqB,EAAE,qBAAqB,CAAA;IAC5C,KAAK,CAAC,EAAE,KAAK,CAAA;CACd,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG,eAAe,CAAA;AAEjD,MAAM,MAAM,+BAA+B,GAAG;IAC5C,QAAQ,EAAE,yBAAyB,CAAA;IACnC,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,MAAM,CAAC,EAAE,WAAW,CAAA;CACrB,CAAA;AAED,qBAAa,WAAY,SAAQ,iBAAiB,CAAC,mBAAmB,CAAC;WACxD,aAAa,CAAC,EACzB,QAAQ,EACR,KAAwB,EACxB,MAAM,GACP,EAAE,+BAA+B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA6BlC,QAAQ,CAAC,cAAc,EAAE,cAAc,CAAA;IACvC,QAAQ,CAAC,YAAY,EAAE,iBAAiB,CAAA;IACxC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAA;IAGxB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAA;IACzB,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAA;IACrB,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAA;IACrC,QAAQ,CAAC,aAAa,EAAE,kBAAkB,CAAA;IAG1C,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAA;IACrC,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAA;gBAEnB,EACV,KAAwB,EAExB,UAAU,EACV,YAAY,EAEZ,QAAoB,EACpB,cAA+D,EAC/D,WAAuB,EACvB,gCAGE,EACF,8BAGE,EAEF,YAAY,EACZ,cAAc,EACd,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,MAAM,GACP,EAAE,kBAAkB;IA4DrB,IAAI,gBAAgB,qBAEnB;IAGD,IAAI,WAAW,
|
|
1
|
+
{"version":3,"file":"oauth-client.d.ts","sourceRoot":"","sources":["../src/oauth-client.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,QAAQ,EAGT,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EAGL,WAAW,EACX,cAAc,EACf,MAAM,+BAA+B,CAAA;AACtC,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAA;AAElE,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AAC1C,OAAO,EACL,yBAAyB,EACzB,mBAAmB,EACnB,wBAAwB,EAExB,iBAAiB,EAClB,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAA;AACpD,OAAO,EACL,gCAAgC,EAEjC,MAAM,mDAAmD,CAAA;AAE1D,OAAO,EAEL,8BAA8B,EAC/B,MAAM,iDAAiD,CAAA;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACnD,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAA;AAC1E,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;AAC9D,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAA;AACnE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EACL,eAAe,EACf,aAAa,EACb,YAAY,EACb,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EAAE,iBAAiB,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAChE,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;AAC7D,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAA;AAI7C,YAAY,EACV,gCAAgC,EAChC,QAAQ,EACR,cAAc,EACd,KAAK,EACL,WAAW,EACX,cAAc,EACd,iBAAiB,EACjB,GAAG,EACH,MAAM,EACN,mBAAmB,EACnB,wBAAwB,EACxB,iBAAiB,EACjB,8BAA8B,EAC9B,qBAAqB,EACrB,YAAY,EACZ,UAAU,GACX,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAE/B,YAAY,EAAE,iBAAiB,CAAA;IAC/B,cAAc,EAAE,QAAQ,CAAC,wBAAwB,CAAC,CAAA;IAClD,MAAM,CAAC,EAAE,MAAM,GAAG,QAAQ,CAAC,GAAG,GAAG,SAAS,GAAG,IAAI,GAAG,KAAK,CAAC,CAAA;IAG1D,UAAU,EAAE,UAAU,CAAA;IACtB,YAAY,EAAE,YAAY,CAAA;IAC1B,QAAQ,CAAC,EAAE,QAAQ,CAAA;IACnB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,gCAAgC,CAAC,EAAE,gCAAgC,CAAA;IACnE,8BAA8B,CAAC,EAAE,8BAA8B,CAAA;IAC/D,cAAc,CAAC,EAAE,cAAc,CAAA;IAG/B,cAAc,EAAE,cAAc,GAAG,GAAG,GAAG,MAAM,CAAA;IAC7C,eAAe,CAAC,EAAE,GAAG,GAAG,MAAM,CAAA;IAC9B,qBAAqB,EAAE,qBAAqB,CAAA;IAC5C,KAAK,CAAC,EAAE,KAAK,CAAA;CACd,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG,eAAe,CAAA;AAEjD,MAAM,MAAM,+BAA+B,GAAG;IAC5C,QAAQ,EAAE,yBAAyB,CAAA;IACnC,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,MAAM,CAAC,EAAE,WAAW,CAAA;CACrB,CAAA;AAED,qBAAa,WAAY,SAAQ,iBAAiB,CAAC,mBAAmB,CAAC;WACxD,aAAa,CAAC,EACzB,QAAQ,EACR,KAAwB,EACxB,MAAM,GACP,EAAE,+BAA+B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA6BlC,QAAQ,CAAC,cAAc,EAAE,cAAc,CAAA;IACvC,QAAQ,CAAC,YAAY,EAAE,iBAAiB,CAAA;IACxC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAA;IAGxB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAA;IACzB,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAA;IACrB,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAA;IACrC,QAAQ,CAAC,aAAa,EAAE,kBAAkB,CAAA;IAG1C,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAA;IACrC,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAA;gBAEnB,EACV,KAAwB,EAExB,UAAU,EACV,YAAY,EAEZ,QAAoB,EACpB,cAA+D,EAC/D,WAAuB,EACvB,gCAGE,EACF,8BAGE,EAEF,YAAY,EACZ,cAAc,EACd,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,MAAM,GACP,EAAE,kBAAkB;IA4DrB,IAAI,gBAAgB,qBAEnB;IAGD,IAAI,WAAW,qHAEd;IAGD,IAAI,cAAc,mBAEjB;IAED,IAAI,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAEP;IAEK,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC;IAgGxE;;;OAGG;IACG,YAAY,CAAC,YAAY,EAAE,GAAG;IAY9B,QAAQ,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC;QAC/C,KAAK,EAAE,aAAa,CAAA;QACpB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;KACrB,CAAC;IAuGF;;;;;OAKG;IACG,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,aAAa,CAAC;IAc/D,MAAM,CAAC,GAAG,EAAE,MAAM;IAiBxB,WAAW,CAAC,MAAM,EAAE,gBAAgB,EAAE,GAAG,EAAE,MAAM,GAAG,aAAa;CAUlE"}
|
package/dist/oauth-client.js
CHANGED
|
@@ -150,16 +150,7 @@ class OAuthClient extends util_js_1.CustomEventTarget {
|
|
|
150
150
|
// The server will enforce this, but let's catch it early
|
|
151
151
|
throw new TypeError('Invalid redirect_uri');
|
|
152
152
|
}
|
|
153
|
-
const
|
|
154
|
-
const { identity, metadata } = /^https?:\/\//.test(input)
|
|
155
|
-
? // Allow using an entryway url directly as login input (e.g. when the
|
|
156
|
-
// user forgot their handle, or when the handle does not resolve to a
|
|
157
|
-
// DID)
|
|
158
|
-
{
|
|
159
|
-
identity: undefined,
|
|
160
|
-
metadata: await this.oauthResolver.resolveMetadata(input, { signal }),
|
|
161
|
-
}
|
|
162
|
-
: await this.oauthResolver.resolve(input, { signal });
|
|
153
|
+
const { identity, metadata } = await this.oauthResolver.resolve(input, options);
|
|
163
154
|
const nonce = await this.runtime.generateNonce();
|
|
164
155
|
const pkce = await this.runtime.generatePKCE();
|
|
165
156
|
const dpopKey = await this.runtime.generateKey(metadata.dpop_signing_alg_values_supported || [constants_js_1.FALLBACK_ALG]);
|
package/dist/oauth-client.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-client.js","sourceRoot":"","sources":["../src/oauth-client.ts"],"names":[],"mappings":";;;AAAA,6DAImC;AAEnC,mEAKsC;AACtC,uEAAkE;AAClE,2EAAqE;AACrE,sCAA0C;AAC1C,sDAM6B;AAE7B,iDAA6C;AAC7C,4EAAmE;AACnE,qDAA6C;AAC7C,6DAAoD;AACpD,uHAG0D;AAC1D,uEAA8D;AAC9D,mHAGwD;AACxD,2DAAmD;AAEnD,uEAA8D;AAE9D,6CAAsC;AACtC,2DAI4B;AAG5B,uCAA6C;AAC7C,+EAAsE;AAoDtE,MAAa,WAAY,SAAQ,2BAAsC;IACrE,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,EACzB,QAAQ,EACR,KAAK,GAAG,UAAU,CAAC,KAAK,EACxB,MAAM,GAC0B;QAChC,MAAM,EAAE,cAAc,EAAE,CAAA;QAExB,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,QAAQ,EAAE;YACpC,QAAQ,EAAE,OAAO;YACjB,MAAM,EAAE,MAAM;SACf,CAAC,CAAA;QACF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAA;QAErC,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,CAAA;YACzB,MAAM,IAAI,SAAS,CAAC,oCAAoC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAA;QAC5E,CAAC;QAED,8IAA8I;QAC9I,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;QACvE,IAAI,IAAI,KAAK,kBAAkB,EAAE,CAAC;YAChC,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,CAAA;YACzB,MAAM,IAAI,SAAS,CAAC,yCAAyC,IAAI,EAAE,CAAC,CAAA;QACtE,CAAC;QAED,MAAM,IAAI,GAAY,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAA;QAE3C,MAAM,EAAE,cAAc,EAAE,CAAA;QAExB,OAAO,uCAAyB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAC9C,CAAC;IAiBD,YAAY,EACV,KAAK,GAAG,UAAU,CAAC,KAAK,EAExB,UAAU,EACV,YAAY,EAEZ,QAAQ,GAAG,SAAS,EACpB,cAAc,GAAG,IAAI,uCAAiB,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAC/D,WAAW,GAAG,SAAS,EACvB,gCAAgC,GAAG,IAAI,uCAAiB,CAAC;QACvD,GAAG,EAAE,IAAI;QACT,GAAG,EAAE,GAAG;KACT,CAAC,EACF,8BAA8B,GAAG,IAAI,uCAAiB,CAAC;QACrD,GAAG,EAAE,IAAI;QACT,GAAG,EAAE,GAAG;KACT,CAAC,EAEF,YAAY,EACZ,cAAc,EACd,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,MAAM,GACa;QACnB,KAAK,EAAE,CAAA;QAxCT,SAAS;QACA;;;;;WAA8B;QAC9B;;;;;WAA+B;QAC/B;;;;;WAAe;QAExB,WAAW;QACF;;;;;WAAgB;QAChB;;;;;WAAY;QACZ;;;;;WAA4B;QAC5B;;;;;WAAiC;QAE1C,SAAS;QACA;;;;;WAA4B;QAC5B;;;;;WAAsB;QA6B7B,IAAI,CAAC,MAAM,GAAG,MAAM;YAClB,CAAC,CAAC,MAAM,YAAY,YAAM;gBACxB,CAAC,CAAC,MAAM;gBACR,CAAC,CAAC,IAAI,YAAM,CAAC,MAAM,CAAC;YACtB,CAAC,CAAC,SAAS,CAAA;QACb,IAAI,CAAC,cAAc,GAAG,IAAA,oDAAsB,EAAC,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,CAAA;QACzE,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,IAAI,oBAAO,CAAC,qBAAqB,CAAC,CAAA;QACjD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAA;QAClB,IAAI,CAAC,aAAa,GAAG,IAAI,iCAAa,CACpC,IAAI,oCAAgB,CAClB,IAAI,gCAAiB,CACnB,IAAI,gCAAiB,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,EACjD,QAAQ,CACT,EACD,IAAI,sCAAoB,CACtB,uCAAqB,CAAC,IAAI,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,CAAC,EACrD,WAAW,CACZ,CACF,EACD,IAAI,sFAAsC,CACxC,8BAA8B,EAC9B,KAAK,CACN,EACD,IAAI,0FAAwC,CAC1C,gCAAgC,EAChC,KAAK,CACN,CACF,CAAA;QACD,IAAI,CAAC,aAAa,GAAG,IAAI,4CAAkB,CACzC,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,aAAa,EAClB,IAAI,CAAC,KAAK,EACV,IAAI,CAAC,MAAM,EACX,cAAc,CACf,CAAA;QAED,IAAI,CAAC,aAAa,GAAG,IAAI,iCAAa,CACpC,YAAY,EACZ,IAAI,CAAC,aAAa,EAClB,IAAI,CAAC,OAAO,CACb,CAAA;QACD,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;QAE5B,6BAA6B;QAC7B,KAAK,MAAM,IAAI,IAAI,CAAC,SAAS,EAAE,SAAS,CAAU,EAAE,CAAC;YACnD,IAAI,CAAC,aAAa,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,KAAK,EAAE,EAAE;gBAClD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,IAAI,EAAE,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;oBAClD,KAAK,CAAC,cAAc,EAAE,CAAA;gBACxB,CAAC;YACH,CAAC,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,wCAAwC;IACxC,IAAI,gBAAgB;QAClB,OAAO,IAAI,CAAC,aAAa,CAAC,gBAAgB,CAAA;IAC5C,CAAC;IAED,wCAAwC;IACxC,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,gBAAgB,CAAC,WAAW,CAAA;IAC1C,CAAC;IAED,wCAAwC;IACxC,IAAI,cAAc;QAChB,OAAO,IAAI,CAAC,gBAAgB,CAAC,cAAc,CAAA;IAC7C,CAAC;IAED,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,MAAM,EAAE,UAAU,IAAK,EAAE,IAAI,EAAE,EAAW,EAAY,CAAA;IACpE,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,KAAa,EAAE,OAA0B;QACvD,MAAM,WAAW,GACf,OAAO,EAAE,YAAY,IAAI,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,CAAC,CAAA;QAC/D,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7D,yDAAyD;YACzD,MAAM,IAAI,SAAS,CAAC,sBAAsB,CAAC,CAAA;QAC7C,CAAC;QAED,MAAM,MAAM,GAAG,OAAO,EAAE,MAAM,CAAA;QAC9B,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC;YACvD,CAAC,CAAC,qEAAqE;gBACrE,qEAAqE;gBACrE,OAAO;gBACP;oBACE,QAAQ,EAAE,SAAS;oBACnB,QAAQ,EAAE,MAAM,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,CAAC;iBACtE;YACH,CAAC,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;QAEvD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAA;QAChD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAA;QAC9C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAC5C,QAAQ,CAAC,iCAAiC,IAAI,CAAC,2BAAY,CAAC,CAC7D,CAAA;QAED,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAA;QAEhD,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,EAAE;YAC/B,GAAG,EAAE,QAAQ,CAAC,MAAM;YACpB,OAAO;YACP,KAAK;YACL,QAAQ,EAAE,IAAI,EAAE,QAAQ;YACxB,QAAQ,EAAE,OAAO,EAAE,KAAK;SACzB,CAAC,CAAA;QAEF,MAAM,UAAU,GAAG;YACjB,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS;YACxC,YAAY,EAAE,WAAW;YACzB,cAAc,EAAE,IAAI,EAAE,SAAS;YAC/B,qBAAqB,EAAE,IAAI,EAAE,MAAM;YACnC,KAAK;YACL,KAAK;YACL,UAAU,EAAE,QAAQ;gBAClB,CAAC,CAAC,KAAK,CAAC,wDAAwD;gBAChE,CAAC,CAAC,SAAS;YACb,aAAa,EAAE,IAAI,CAAC,YAAY;YAChC,aAAa;YACX,sDAAsD;YACtD,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAC7C,QAAQ,CAAC,0BAA0B,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,CAClD,IAAI,MAAM;YAEb,OAAO,EAAE,OAAO,EAAE,OAAO;YACzB,aAAa,EAAE,OAAO,EAAE,aAAa;YACrC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,sCAAsC;YACjE,MAAM,EAAE,OAAO,EAAE,MAAM;YACvB,KAAK,EAAE,OAAO,EAAE,KAAK;gBACnB,EAAE,KAAK,CAAC,GAAG,CAAC;iBACX,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC;iBACrD,IAAI,CAAC,GAAG,CAAC;YACZ,UAAU,EAAE,OAAO,EAAE,UAAU;SAChC,CAAA;QAED,IAAI,QAAQ,CAAC,qCAAqC,EAAE,CAAC;YACnD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;YACvE,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,OAAO,CACtC,8BAA8B,EAC9B,UAAU,CACX,CAAA;YAED,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAA;YACjE,gBAAgB,CAAC,YAAY,CAAC,GAAG,CAC/B,WAAW,EACX,IAAI,CAAC,cAAc,CAAC,SAAS,CAC9B,CAAA;YACD,gBAAgB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC,WAAW,CAAC,CAAA;YACzE,OAAO,gBAAgB,CAAA;QACzB,CAAC;aAAM,IAAI,QAAQ,CAAC,qCAAqC,EAAE,CAAC;YAC1D,MAAM,IAAI,KAAK,CACb,sFAAsF,CACvF,CAAA;QACH,CAAC;aAAM,CAAC;YACN,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAA;YACjE,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;gBACtD,IAAI,KAAK;oBAAE,gBAAgB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAA;YAClE,CAAC;YAED,oDAAoD;YACpD,MAAM,SAAS,GACb,gBAAgB,CAAC,QAAQ,CAAC,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAA;YACnE,IAAI,SAAS,GAAG,IAAI,EAAE,CAAC;gBACrB,OAAO,gBAAgB,CAAA;YACzB,CAAC;iBAAM,IAAI,CAAC,QAAQ,CAAC,qCAAqC,EAAE,CAAC;gBAC3D,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;YACvC,CAAC;QACH,CAAC;QAED,MAAM,IAAI,KAAK,CACb,6DAA6D,CAC9D,CAAA;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,YAAY,CAAC,YAAiB;QAClC,MAAM,UAAU,GAAG,YAAY,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;QAC/D,IAAI,CAAC,UAAU;YAAE,OAAM;QAEvB,2EAA2E;QAC3E,4EAA4E;QAC5E,uEAAuE;QACvE,8CAA8C;QAE9C,mEAAmE;IACrE,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,MAAuB;QAIpC,MAAM,WAAW,GAAG,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QAC1C,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;YACxB,8CAA8C;YAC9C,MAAM,IAAI,4CAAkB,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAA;QAC5D,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;QACrC,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QACtC,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QACtC,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QAEpC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,4CAAkB,CAAC,MAAM,EAAE,2BAA2B,CAAC,CAAA;QACnE,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QACvD,IAAI,SAAS,EAAE,CAAC;YACd,6BAA6B;YAC7B,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QACvC,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,4CAAkB,CAC1B,MAAM,EACN,kCAAkC,UAAU,GAAG,CAChD,CAAA;QACH,CAAC;QAED,IAAI,CAAC;YACH,IAAI,UAAU,IAAI,IAAI,EAAE,CAAC;gBACvB,MAAM,IAAI,4CAAkB,CAAC,MAAM,EAAE,SAAS,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAA;YACrE,CAAC;YAED,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,MAAM,IAAI,4CAAkB,CAC1B,MAAM,EACN,4BAA4B,EAC5B,SAAS,CAAC,QAAQ,CACnB,CAAA;YACH,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAChD,SAAS,CAAC,GAAG,EACb,SAAS,CAAC,OAAO,CAClB,CAAA;YAED,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;gBACxB,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;oBAClC,MAAM,IAAI,4CAAkB,CAC1B,MAAM,EACN,8BAA8B,EAC9B,SAAS,CAAC,QAAQ,CACnB,CAAA;gBACH,CAAC;gBACD,IAAI,MAAM,CAAC,cAAc,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;oBACjD,MAAM,IAAI,4CAAkB,CAC1B,MAAM,EACN,iBAAiB,EACjB,SAAS,CAAC,QAAQ,CACnB,CAAA;gBACH,CAAC;YACH,CAAC;iBAAM,IACL,MAAM,CAAC,cAAc,CAAC,8CAA8C,EACpE,CAAC;gBACD,MAAM,IAAI,4CAAkB,CAC1B,MAAM,EACN,+BAA+B,EAC/B,SAAS,CAAC,QAAQ,CACnB,CAAA;YACH,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,SAAS,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAA;YACzE,IAAI,CAAC;gBACH,IAAI,QAAQ,CAAC,QAAQ,EAAE,CAAC;oBACtB,MAAM,IAAI,CAAC,OAAO,CAAC,qBAAqB,CACtC,QAAQ,CAAC,QAAQ,EACjB,UAAU,EACV,SAAS,CAAC,KAAK,EACf,SAAS,EACT,QAAQ,CAAC,YAAY,CACtB,CAAA;gBACH,CAAC;gBAED,MAAM,EAAE,GAAG,EAAE,GAAG,QAAQ,CAAA;gBAExB,MAAM,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,GAAG,EAAE;oBACtC,OAAO,EAAE,SAAS,CAAC,OAAO;oBAC1B,QAAQ;iBACT,CAAC,CAAA;gBAEF,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;gBAE3C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,CAAC,QAAQ,IAAI,IAAI,EAAE,CAAA;YACrD,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAA;gBAE1C,MAAM,GAAG,CAAA;YACX,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,iEAAiE;YACjE,gCAAgC;YAChC,MAAM,4CAAkB,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAA;QAChE,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CAAC,GAAW,EAAE,OAAiB;QAC1C,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAC/D,GAAG,EACH,OAAO,CACR,CAAA;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,EAAE;YACxE,OAAO,EAAE,OAAO,KAAK,IAAI;YACzB,UAAU,EAAE,OAAO,KAAK,KAAK;SAC9B,CAAC,CAAA;QAEF,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IACtC,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAC/D,GAAG,EACH,KAAK,CACN,CAAA;QAED,0EAA0E;QAC1E,2EAA2E;QAC3E,QAAQ;QACR,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;YACzE,MAAM,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAA;QAC5C,CAAC;gBAAS,CAAC;YACT,MAAM,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,0CAAiB,CAAC,GAAG,CAAC,CAAC,CAAA;QACrE,CAAC;IACH,CAAC;IAED,WAAW,CAAC,MAAwB,EAAE,GAAW;QAC/C,MAAM,UAAU,GAAG,IAAI,2BAAU,CAC/B,MAAM,EACN,GAAG,EACH,IAAI,CAAC,aAAa,EAClB,IAAI,CAAC,KAAK,CACX,CAAA;QAED,OAAO,IAAI,kCAAa,CAAC,UAAU,CAAC,CAAA;IACtC,CAAC;CACF;AAraD,kCAqaC"}
|
|
1
|
+
{"version":3,"file":"oauth-client.js","sourceRoot":"","sources":["../src/oauth-client.ts"],"names":[],"mappings":";;;AAAA,6DAImC;AAEnC,mEAKsC;AACtC,uEAAkE;AAClE,2EAAqE;AACrE,sCAA0C;AAC1C,sDAM6B;AAE7B,iDAA6C;AAC7C,4EAAmE;AACnE,qDAA6C;AAC7C,6DAAoD;AACpD,uHAG0D;AAC1D,uEAA8D;AAC9D,mHAGwD;AACxD,2DAAmD;AAEnD,uEAA8D;AAE9D,6CAAsC;AACtC,2DAI4B;AAG5B,uCAA6C;AAC7C,+EAAsE;AAoDtE,MAAa,WAAY,SAAQ,2BAAsC;IACrE,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,EACzB,QAAQ,EACR,KAAK,GAAG,UAAU,CAAC,KAAK,EACxB,MAAM,GAC0B;QAChC,MAAM,EAAE,cAAc,EAAE,CAAA;QAExB,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,QAAQ,EAAE;YACpC,QAAQ,EAAE,OAAO;YACjB,MAAM,EAAE,MAAM;SACf,CAAC,CAAA;QACF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAA;QAErC,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,CAAA;YACzB,MAAM,IAAI,SAAS,CAAC,oCAAoC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAA;QAC5E,CAAC;QAED,8IAA8I;QAC9I,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;QACvE,IAAI,IAAI,KAAK,kBAAkB,EAAE,CAAC;YAChC,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,CAAA;YACzB,MAAM,IAAI,SAAS,CAAC,yCAAyC,IAAI,EAAE,CAAC,CAAA;QACtE,CAAC;QAED,MAAM,IAAI,GAAY,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAA;QAE3C,MAAM,EAAE,cAAc,EAAE,CAAA;QAExB,OAAO,uCAAyB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAC9C,CAAC;IAiBD,YAAY,EACV,KAAK,GAAG,UAAU,CAAC,KAAK,EAExB,UAAU,EACV,YAAY,EAEZ,QAAQ,GAAG,SAAS,EACpB,cAAc,GAAG,IAAI,uCAAiB,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAC/D,WAAW,GAAG,SAAS,EACvB,gCAAgC,GAAG,IAAI,uCAAiB,CAAC;QACvD,GAAG,EAAE,IAAI;QACT,GAAG,EAAE,GAAG;KACT,CAAC,EACF,8BAA8B,GAAG,IAAI,uCAAiB,CAAC;QACrD,GAAG,EAAE,IAAI;QACT,GAAG,EAAE,GAAG;KACT,CAAC,EAEF,YAAY,EACZ,cAAc,EACd,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,MAAM,GACa;QACnB,KAAK,EAAE,CAAA;QAxCT,SAAS;QACA;;;;;WAA8B;QAC9B;;;;;WAA+B;QAC/B;;;;;WAAe;QAExB,WAAW;QACF;;;;;WAAgB;QAChB;;;;;WAAY;QACZ;;;;;WAA4B;QAC5B;;;;;WAAiC;QAE1C,SAAS;QACA;;;;;WAA4B;QAC5B;;;;;WAAsB;QA6B7B,IAAI,CAAC,MAAM,GAAG,MAAM;YAClB,CAAC,CAAC,MAAM,YAAY,YAAM;gBACxB,CAAC,CAAC,MAAM;gBACR,CAAC,CAAC,IAAI,YAAM,CAAC,MAAM,CAAC;YACtB,CAAC,CAAC,SAAS,CAAA;QACb,IAAI,CAAC,cAAc,GAAG,IAAA,oDAAsB,EAAC,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,CAAA;QACzE,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAEhC,IAAI,CAAC,OAAO,GAAG,IAAI,oBAAO,CAAC,qBAAqB,CAAC,CAAA;QACjD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAA;QAClB,IAAI,CAAC,aAAa,GAAG,IAAI,iCAAa,CACpC,IAAI,oCAAgB,CAClB,IAAI,gCAAiB,CACnB,IAAI,gCAAiB,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,EACjD,QAAQ,CACT,EACD,IAAI,sCAAoB,CACtB,uCAAqB,CAAC,IAAI,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,CAAC,EACrD,WAAW,CACZ,CACF,EACD,IAAI,sFAAsC,CACxC,8BAA8B,EAC9B,KAAK,CACN,EACD,IAAI,0FAAwC,CAC1C,gCAAgC,EAChC,KAAK,CACN,CACF,CAAA;QACD,IAAI,CAAC,aAAa,GAAG,IAAI,4CAAkB,CACzC,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,aAAa,EAClB,IAAI,CAAC,KAAK,EACV,IAAI,CAAC,MAAM,EACX,cAAc,CACf,CAAA;QAED,IAAI,CAAC,aAAa,GAAG,IAAI,iCAAa,CACpC,YAAY,EACZ,IAAI,CAAC,aAAa,EAClB,IAAI,CAAC,OAAO,CACb,CAAA;QACD,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;QAE5B,6BAA6B;QAC7B,KAAK,MAAM,IAAI,IAAI,CAAC,SAAS,EAAE,SAAS,CAAU,EAAE,CAAC;YACnD,IAAI,CAAC,aAAa,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,KAAK,EAAE,EAAE;gBAClD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,IAAI,EAAE,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;oBAClD,KAAK,CAAC,cAAc,EAAE,CAAA;gBACxB,CAAC;YACH,CAAC,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,wCAAwC;IACxC,IAAI,gBAAgB;QAClB,OAAO,IAAI,CAAC,aAAa,CAAC,gBAAgB,CAAA;IAC5C,CAAC;IAED,wCAAwC;IACxC,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,gBAAgB,CAAC,WAAW,CAAA;IAC1C,CAAC;IAED,wCAAwC;IACxC,IAAI,cAAc;QAChB,OAAO,IAAI,CAAC,gBAAgB,CAAC,cAAc,CAAA;IAC7C,CAAC;IAED,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,MAAM,EAAE,UAAU,IAAK,EAAE,IAAI,EAAE,EAAW,EAAY,CAAA;IACpE,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,KAAa,EAAE,OAA0B;QACvD,MAAM,WAAW,GACf,OAAO,EAAE,YAAY,IAAI,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,CAAC,CAAA;QAC/D,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7D,yDAAyD;YACzD,MAAM,IAAI,SAAS,CAAC,sBAAsB,CAAC,CAAA;QAC7C,CAAC;QAED,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAC7D,KAAK,EACL,OAAO,CACR,CAAA;QAED,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAA;QAChD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAA;QAC9C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAC5C,QAAQ,CAAC,iCAAiC,IAAI,CAAC,2BAAY,CAAC,CAC7D,CAAA;QAED,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAA;QAEhD,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,EAAE;YAC/B,GAAG,EAAE,QAAQ,CAAC,MAAM;YACpB,OAAO;YACP,KAAK;YACL,QAAQ,EAAE,IAAI,EAAE,QAAQ;YACxB,QAAQ,EAAE,OAAO,EAAE,KAAK;SACzB,CAAC,CAAA;QAEF,MAAM,UAAU,GAAG;YACjB,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS;YACxC,YAAY,EAAE,WAAW;YACzB,cAAc,EAAE,IAAI,EAAE,SAAS;YAC/B,qBAAqB,EAAE,IAAI,EAAE,MAAM;YACnC,KAAK;YACL,KAAK;YACL,UAAU,EAAE,QAAQ;gBAClB,CAAC,CAAC,KAAK,CAAC,wDAAwD;gBAChE,CAAC,CAAC,SAAS;YACb,aAAa,EAAE,IAAI,CAAC,YAAY;YAChC,aAAa;YACX,sDAAsD;YACtD,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAC7C,QAAQ,CAAC,0BAA0B,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,CAClD,IAAI,MAAM;YAEb,OAAO,EAAE,OAAO,EAAE,OAAO;YACzB,aAAa,EAAE,OAAO,EAAE,aAAa;YACrC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,sCAAsC;YACjE,MAAM,EAAE,OAAO,EAAE,MAAM;YACvB,KAAK,EAAE,OAAO,EAAE,KAAK;gBACnB,EAAE,KAAK,CAAC,GAAG,CAAC;iBACX,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC;iBACrD,IAAI,CAAC,GAAG,CAAC;YACZ,UAAU,EAAE,OAAO,EAAE,UAAU;SAChC,CAAA;QAED,IAAI,QAAQ,CAAC,qCAAqC,EAAE,CAAC;YACnD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;YACvE,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,OAAO,CACtC,8BAA8B,EAC9B,UAAU,CACX,CAAA;YAED,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAA;YACjE,gBAAgB,CAAC,YAAY,CAAC,GAAG,CAC/B,WAAW,EACX,IAAI,CAAC,cAAc,CAAC,SAAS,CAC9B,CAAA;YACD,gBAAgB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC,WAAW,CAAC,CAAA;YACzE,OAAO,gBAAgB,CAAA;QACzB,CAAC;aAAM,IAAI,QAAQ,CAAC,qCAAqC,EAAE,CAAC;YAC1D,MAAM,IAAI,KAAK,CACb,sFAAsF,CACvF,CAAA;QACH,CAAC;aAAM,CAAC;YACN,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAA;YACjE,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;gBACtD,IAAI,KAAK;oBAAE,gBAAgB,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAA;YAClE,CAAC;YAED,oDAAoD;YACpD,MAAM,SAAS,GACb,gBAAgB,CAAC,QAAQ,CAAC,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAA;YACnE,IAAI,SAAS,GAAG,IAAI,EAAE,CAAC;gBACrB,OAAO,gBAAgB,CAAA;YACzB,CAAC;iBAAM,IAAI,CAAC,QAAQ,CAAC,qCAAqC,EAAE,CAAC;gBAC3D,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;YACvC,CAAC;QACH,CAAC;QAED,MAAM,IAAI,KAAK,CACb,6DAA6D,CAC9D,CAAA;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,YAAY,CAAC,YAAiB;QAClC,MAAM,UAAU,GAAG,YAAY,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;QAC/D,IAAI,CAAC,UAAU;YAAE,OAAM;QAEvB,2EAA2E;QAC3E,4EAA4E;QAC5E,uEAAuE;QACvE,8CAA8C;QAE9C,mEAAmE;IACrE,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,MAAuB;QAIpC,MAAM,WAAW,GAAG,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QAC1C,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;YACxB,8CAA8C;YAC9C,MAAM,IAAI,4CAAkB,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAA;QAC5D,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;QACrC,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QACtC,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QACtC,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QAEpC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,4CAAkB,CAAC,MAAM,EAAE,2BAA2B,CAAC,CAAA;QACnE,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QACvD,IAAI,SAAS,EAAE,CAAC;YACd,6BAA6B;YAC7B,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QACvC,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,4CAAkB,CAC1B,MAAM,EACN,kCAAkC,UAAU,GAAG,CAChD,CAAA;QACH,CAAC;QAED,IAAI,CAAC;YACH,IAAI,UAAU,IAAI,IAAI,EAAE,CAAC;gBACvB,MAAM,IAAI,4CAAkB,CAAC,MAAM,EAAE,SAAS,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAA;YACrE,CAAC;YAED,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,MAAM,IAAI,4CAAkB,CAC1B,MAAM,EACN,4BAA4B,EAC5B,SAAS,CAAC,QAAQ,CACnB,CAAA;YACH,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAChD,SAAS,CAAC,GAAG,EACb,SAAS,CAAC,OAAO,CAClB,CAAA;YAED,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;gBACxB,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;oBAClC,MAAM,IAAI,4CAAkB,CAC1B,MAAM,EACN,8BAA8B,EAC9B,SAAS,CAAC,QAAQ,CACnB,CAAA;gBACH,CAAC;gBACD,IAAI,MAAM,CAAC,cAAc,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;oBACjD,MAAM,IAAI,4CAAkB,CAC1B,MAAM,EACN,iBAAiB,EACjB,SAAS,CAAC,QAAQ,CACnB,CAAA;gBACH,CAAC;YACH,CAAC;iBAAM,IACL,MAAM,CAAC,cAAc,CAAC,8CAA8C,EACpE,CAAC;gBACD,MAAM,IAAI,4CAAkB,CAC1B,MAAM,EACN,+BAA+B,EAC/B,SAAS,CAAC,QAAQ,CACnB,CAAA;YACH,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,SAAS,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAA;YACzE,IAAI,CAAC;gBACH,IAAI,QAAQ,CAAC,QAAQ,EAAE,CAAC;oBACtB,MAAM,IAAI,CAAC,OAAO,CAAC,qBAAqB,CACtC,QAAQ,CAAC,QAAQ,EACjB,UAAU,EACV,SAAS,CAAC,KAAK,EACf,SAAS,EACT,QAAQ,CAAC,YAAY,CACtB,CAAA;gBACH,CAAC;gBAED,MAAM,EAAE,GAAG,EAAE,GAAG,QAAQ,CAAA;gBAExB,MAAM,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,GAAG,EAAE;oBACtC,OAAO,EAAE,SAAS,CAAC,OAAO;oBAC1B,QAAQ;iBACT,CAAC,CAAA;gBAEF,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;gBAE3C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,CAAC,QAAQ,IAAI,IAAI,EAAE,CAAA;YACrD,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAA;gBAE1C,MAAM,GAAG,CAAA;YACX,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,iEAAiE;YACjE,gCAAgC;YAChC,MAAM,4CAAkB,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAA;QAChE,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CAAC,GAAW,EAAE,OAAiB;QAC1C,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAC/D,GAAG,EACH,OAAO,CACR,CAAA;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,EAAE;YACxE,OAAO,EAAE,OAAO,KAAK,IAAI;YACzB,UAAU,EAAE,OAAO,KAAK,KAAK;SAC9B,CAAC,CAAA;QAEF,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IACtC,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAC/D,GAAG,EACH,KAAK,CACN,CAAA;QAED,0EAA0E;QAC1E,2EAA2E;QAC3E,QAAQ;QACR,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;YACzE,MAAM,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAA;QAC5C,CAAC;gBAAS,CAAC;YACT,MAAM,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,0CAAiB,CAAC,GAAG,CAAC,CAAC,CAAA;QACrE,CAAC;IACH,CAAC;IAED,WAAW,CAAC,MAAwB,EAAE,GAAW;QAC/C,MAAM,UAAU,GAAG,IAAI,2BAAU,CAC/B,MAAM,EACN,GAAG,EACH,IAAI,CAAC,aAAa,EAClB,IAAI,CAAC,KAAK,CACX,CAAA;QAED,OAAO,IAAI,kCAAa,CAAC,UAAU,CAAC,CAAA;IACtC,CAAC;CACF;AA/ZD,kCA+ZC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-protected-resource-metadata-resolver.d.ts","sourceRoot":"","sources":["../src/oauth-protected-resource-metadata-resolver.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,EAIN,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,WAAW,EACZ,MAAM,4BAA4B,CAAA;AACnC,OAAO,
|
|
1
|
+
{"version":3,"file":"oauth-protected-resource-metadata-resolver.d.ts","sourceRoot":"","sources":["../src/oauth-protected-resource-metadata-resolver.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,EAIN,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,WAAW,EACZ,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAEL,8BAA8B,EAE/B,MAAM,sBAAsB,CAAA;AAG7B,YAAY,EAAE,gBAAgB,EAAE,8BAA8B,EAAE,CAAA;AAEhE,MAAM,MAAM,8BAA8B,GAAG,WAAW,CACtD,MAAM,EACN,8BAA8B,CAC/B,CAAA;AAED;;GAEG;AACH,qBAAa,sCAAuC,SAAQ,YAAY,CACtE,MAAM,EACN,8BAA8B,CAC/B;IACC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAgB;gBAGpC,KAAK,EAAE,8BAA8B,EACrC,KAAK,GAAE,KAAwB;IAO3B,GAAG,CACP,QAAQ,EAAE,MAAM,GAAG,GAAG,EACtB,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,8BAA8B,CAAC;YAY5B,aAAa;CAgD5B"}
|
|
@@ -21,10 +21,11 @@ class OAuthProtectedResourceMetadataResolver extends simple_store_1.CachedGetter
|
|
|
21
21
|
}
|
|
22
22
|
async get(resource, options) {
|
|
23
23
|
const { protocol, origin } = new URL(resource);
|
|
24
|
-
if (protocol
|
|
25
|
-
|
|
24
|
+
if (protocol === 'https:' ||
|
|
25
|
+
(protocol === 'http:' && oauth_types_1.ALLOW_UNSECURE_ORIGINS)) {
|
|
26
|
+
return super.get(origin, options);
|
|
26
27
|
}
|
|
27
|
-
|
|
28
|
+
throw new TypeError(`Forbidden resource sercure protocol "${protocol}"`);
|
|
28
29
|
}
|
|
29
30
|
async fetchMetadata(origin, options) {
|
|
30
31
|
const headers = new Headers([['accept', 'application/json']]);
|
|
@@ -34,7 +35,7 @@ class OAuthProtectedResourceMetadataResolver extends simple_store_1.CachedGetter
|
|
|
34
35
|
const request = new Request(url, {
|
|
35
36
|
signal: options?.signal,
|
|
36
37
|
headers,
|
|
37
|
-
redirect: '
|
|
38
|
+
redirect: 'manual', // response must be 200 OK
|
|
38
39
|
});
|
|
39
40
|
const response = await this.fetch(request);
|
|
40
41
|
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-resource-metadata-05#section-3.2
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-protected-resource-metadata-resolver.js","sourceRoot":"","sources":["../src/oauth-protected-resource-metadata-resolver.ts"],"names":[],"mappings":";;;AAAA,+CAK4B;AAC5B,6DAImC;AACnC,
|
|
1
|
+
{"version":3,"file":"oauth-protected-resource-metadata-resolver.js","sourceRoot":"","sources":["../src/oauth-protected-resource-metadata-resolver.ts"],"names":[],"mappings":";;;AAAA,+CAK4B;AAC5B,6DAImC;AACnC,sDAI6B;AAC7B,iCAAoC;AASpC;;GAEG;AACH,MAAa,sCAAuC,SAAQ,2BAG3D;IAGC,YACE,KAAqC,EACrC,QAAe,UAAU,CAAC,KAAK;QAE/B,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,KAAK,CAAC,CAAA;QAN7D;;;;;WAAqB;QAQpC,IAAI,CAAC,KAAK,GAAG,IAAA,iBAAS,EAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAED,KAAK,CAAC,GAAG,CACP,QAAsB,EACtB,OAA0B;QAE1B,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAA;QAC9C,IACE,QAAQ,KAAK,QAAQ;YACrB,CAAC,QAAQ,KAAK,OAAO,IAAI,oCAAsB,CAAC,EAChD,CAAC;YACD,OAAO,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;QACnC,CAAC;QAED,MAAM,IAAI,SAAS,CAAC,wCAAwC,QAAQ,GAAG,CAAC,CAAA;IAC1E,CAAC;IAEO,KAAK,CAAC,aAAa,CACzB,MAAc,EACd,OAA0B;QAE1B,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE,kBAAkB,CAAC,CAAC,CAAC,CAAA;QAC7D,IAAI,OAAO,EAAE,OAAO;YAAE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,CAAC,CAAA;QAE9D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,uCAAuC,EAAE,MAAM,CAAC,CAAA;QACpE,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE;YAC/B,MAAM,EAAE,OAAO,EAAE,MAAM;YACvB,OAAO;YACP,QAAQ,EAAE,QAAQ,EAAE,0BAA0B;SAC/C,CAAC,CAAA;QAEF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;QAE1C,0FAA0F;QAC1F,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAA,kBAAU,EAAC,QAAQ,EAAE,KAAK,CAAC,CAAA;YACjC,MAAM,MAAM,0BAAkB,CAAC,IAAI,CACjC,QAAQ,EACR,0BAA0B,QAAQ,CAAC,MAAM,SAAS,GAAG,GAAG,EACxD,SAAS,EACT,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;QACH,CAAC;QAED,IAAI,IAAA,kBAAW,EAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,kBAAkB,EAAE,CAAC;YACzD,MAAM,IAAA,kBAAU,EAAC,QAAQ,EAAE,KAAK,CAAC,CAAA;YACjC,MAAM,MAAM,0BAAkB,CAAC,IAAI,CACjC,QAAQ,EACR,gCAAgC,GAAG,GAAG,EACtC,SAAS,EACT,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;QACH,CAAC;QAED,MAAM,QAAQ,GAAG,kDAAoC,CAAC,KAAK,CACzD,MAAM,QAAQ,CAAC,IAAI,EAAE,CACtB,CAAA;QAED,0FAA0F;QAC1F,IAAI,QAAQ,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;YACjC,MAAM,IAAI,SAAS,CAAC,kBAAkB,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAA;QAC5D,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;CACF;AA9ED,wFA8EC"}
|
package/dist/oauth-resolver.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { IdentityResolver, ResolvedIdentity, ResolveIdentityOptions } from '@atproto-labs/identity-resolver';
|
|
2
2
|
import { OAuthAuthorizationServerMetadata } from '@atproto/oauth-types';
|
|
3
3
|
import { GetCachedOptions, OAuthAuthorizationServerMetadataResolver } from './oauth-authorization-server-metadata-resolver.js';
|
|
4
4
|
import { OAuthProtectedResourceMetadataResolver } from './oauth-protected-resource-metadata-resolver.js';
|
|
@@ -9,9 +9,27 @@ export declare class OAuthResolver {
|
|
|
9
9
|
readonly protectedResourceMetadataResolver: OAuthProtectedResourceMetadataResolver;
|
|
10
10
|
readonly authorizationServerMetadataResolver: OAuthAuthorizationServerMetadataResolver;
|
|
11
11
|
constructor(identityResolver: IdentityResolver, protectedResourceMetadataResolver: OAuthProtectedResourceMetadataResolver, authorizationServerMetadataResolver: OAuthAuthorizationServerMetadataResolver);
|
|
12
|
+
/**
|
|
13
|
+
* @param input - A handle, DID, PDS URL or Entryway URL
|
|
14
|
+
*/
|
|
15
|
+
resolve(input: string, options?: ResolveOAuthOptions): Promise<{
|
|
16
|
+
identity?: ResolvedIdentity;
|
|
17
|
+
metadata: OAuthAuthorizationServerMetadata;
|
|
18
|
+
}>;
|
|
19
|
+
/**
|
|
20
|
+
* @note this method can be used to verify if a particular uri supports OAuth
|
|
21
|
+
* based sign-in (for compatibility with legacy implementation).
|
|
22
|
+
*/
|
|
23
|
+
resolveFromService(input: string, options?: ResolveOAuthOptions): Promise<{
|
|
24
|
+
metadata: OAuthAuthorizationServerMetadata;
|
|
25
|
+
}>;
|
|
26
|
+
resolveFromIdentity(input: string, options?: ResolveOAuthOptions): Promise<{
|
|
27
|
+
identity: ResolvedIdentity;
|
|
28
|
+
metadata: OAuthAuthorizationServerMetadata;
|
|
29
|
+
}>;
|
|
12
30
|
resolveIdentity(input: string, options?: ResolveIdentityOptions): Promise<ResolvedIdentity>;
|
|
13
|
-
|
|
14
|
-
|
|
31
|
+
getAuthorizationServerMetadata(issuer: string, options?: GetCachedOptions): Promise<OAuthAuthorizationServerMetadata>;
|
|
32
|
+
getResourceServerMetadata(pdsUrl: string | URL, options?: GetCachedOptions): Promise<{
|
|
15
33
|
issuer: string;
|
|
16
34
|
authorization_endpoint: string;
|
|
17
35
|
token_endpoint: string;
|
|
@@ -55,9 +73,5 @@ export declare class OAuthResolver {
|
|
|
55
73
|
protected_resources?: string[] | undefined;
|
|
56
74
|
client_id_metadata_document_supported?: boolean | undefined;
|
|
57
75
|
}>;
|
|
58
|
-
resolve(input: string, options?: ResolveOAuthOptions): Promise<{
|
|
59
|
-
identity: ResolvedIdentity;
|
|
60
|
-
metadata: OAuthAuthorizationServerMetadata;
|
|
61
|
-
}>;
|
|
62
76
|
}
|
|
63
77
|
//# sourceMappingURL=oauth-resolver.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-resolver.d.ts","sourceRoot":"","sources":["../src/oauth-resolver.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,
|
|
1
|
+
{"version":3,"file":"oauth-resolver.d.ts","sourceRoot":"","sources":["../src/oauth-resolver.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,sBAAsB,EACvB,MAAM,iCAAiC,CAAA;AACxC,OAAO,EACL,gCAAgC,EAEjC,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EACL,gBAAgB,EAChB,wCAAwC,EACzC,MAAM,mDAAmD,CAAA;AAC1D,OAAO,EAAE,sCAAsC,EAAE,MAAM,iDAAiD,CAAA;AAGxG,YAAY,EAAE,gBAAgB,EAAE,CAAA;AAChC,MAAM,MAAM,mBAAmB,GAAG,gBAAgB,GAAG,sBAAsB,CAAA;AAE3E,qBAAa,aAAa;IAEtB,QAAQ,CAAC,gBAAgB,EAAE,gBAAgB;IAC3C,QAAQ,CAAC,iCAAiC,EAAE,sCAAsC;IAClF,QAAQ,CAAC,mCAAmC,EAAE,wCAAwC;gBAF7E,gBAAgB,EAAE,gBAAgB,EAClC,iCAAiC,EAAE,sCAAsC,EACzE,mCAAmC,EAAE,wCAAwC;IAGxF;;OAEG;IACU,OAAO,CAClB,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,mBAAmB,GAC5B,OAAO,CAAC;QACT,QAAQ,CAAC,EAAE,gBAAgB,CAAA;QAC3B,QAAQ,EAAE,gCAAgC,CAAA;KAC3C,CAAC;IASF;;;OAGG;IACU,kBAAkB,CAC7B,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,mBAAmB,GAC5B,OAAO,CAAC;QACT,QAAQ,EAAE,gCAAgC,CAAA;KAC3C,CAAC;IA0BW,mBAAmB,CAC9B,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,mBAAmB,GAC5B,OAAO,CAAC;QACT,QAAQ,EAAE,gBAAgB,CAAA;QAC1B,QAAQ,EAAE,gCAAgC,CAAA;KAC3C,CAAC;IAUW,eAAe,CAC1B,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,sBAAsB,GAC/B,OAAO,CAAC,gBAAgB,CAAC;IAWf,8BAA8B,CACzC,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,gCAAgC,CAAC;IAW/B,yBAAyB,CACpC,MAAM,EAAE,MAAM,GAAG,GAAG,EACpB,OAAO,CAAC,EAAE,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2C7B"}
|
package/dist/oauth-resolver.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.OAuthResolver = void 0;
|
|
4
|
+
const oauth_types_1 = require("@atproto/oauth-types");
|
|
4
5
|
const oauth_resolver_error_js_1 = require("./oauth-resolver-error.js");
|
|
5
6
|
class OAuthResolver {
|
|
6
7
|
constructor(identityResolver, protectedResourceMetadataResolver, authorizationServerMetadataResolver) {
|
|
@@ -23,6 +24,50 @@ class OAuthResolver {
|
|
|
23
24
|
value: authorizationServerMetadataResolver
|
|
24
25
|
});
|
|
25
26
|
}
|
|
27
|
+
/**
|
|
28
|
+
* @param input - A handle, DID, PDS URL or Entryway URL
|
|
29
|
+
*/
|
|
30
|
+
async resolve(input, options) {
|
|
31
|
+
// Allow using an entryway, or PDS url, directly as login input (e.g.
|
|
32
|
+
// when the user forgot their handle, or when the handle does not
|
|
33
|
+
// resolve to a DID)
|
|
34
|
+
return /^https?:\/\//.test(input)
|
|
35
|
+
? this.resolveFromService(input, options)
|
|
36
|
+
: this.resolveFromIdentity(input, options);
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* @note this method can be used to verify if a particular uri supports OAuth
|
|
40
|
+
* based sign-in (for compatibility with legacy implementation).
|
|
41
|
+
*/
|
|
42
|
+
async resolveFromService(input, options) {
|
|
43
|
+
try {
|
|
44
|
+
// Assume first that input is a PDS URL (as required by ATPROTO)
|
|
45
|
+
const metadata = await this.getResourceServerMetadata(input, options);
|
|
46
|
+
return { metadata };
|
|
47
|
+
}
|
|
48
|
+
catch (err) {
|
|
49
|
+
if (!options?.signal?.aborted && err instanceof oauth_resolver_error_js_1.OAuthResolverError) {
|
|
50
|
+
try {
|
|
51
|
+
// Fallback to trying to fetch as an issuer (Entryway)
|
|
52
|
+
const result = oauth_types_1.oauthIssuerIdentifierSchema.safeParse(input);
|
|
53
|
+
if (result.success) {
|
|
54
|
+
const metadata = await this.getAuthorizationServerMetadata(result.data, options);
|
|
55
|
+
return { metadata };
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
catch {
|
|
59
|
+
// Fallback failed, throw original error
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
throw err;
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
async resolveFromIdentity(input, options) {
|
|
66
|
+
const identity = await this.resolveIdentity(input, options);
|
|
67
|
+
options?.signal?.throwIfAborted();
|
|
68
|
+
const metadata = await this.getResourceServerMetadata(identity.pds, options);
|
|
69
|
+
return { identity, metadata };
|
|
70
|
+
}
|
|
26
71
|
async resolveIdentity(input, options) {
|
|
27
72
|
try {
|
|
28
73
|
return await this.identityResolver.resolve(input, options);
|
|
@@ -31,7 +76,7 @@ class OAuthResolver {
|
|
|
31
76
|
throw oauth_resolver_error_js_1.OAuthResolverError.from(cause, `Failed to resolve identity: ${input}`);
|
|
32
77
|
}
|
|
33
78
|
}
|
|
34
|
-
async
|
|
79
|
+
async getAuthorizationServerMetadata(issuer, options) {
|
|
35
80
|
try {
|
|
36
81
|
return await this.authorizationServerMetadataResolver.get(issuer, options);
|
|
37
82
|
}
|
|
@@ -39,35 +84,30 @@ class OAuthResolver {
|
|
|
39
84
|
throw oauth_resolver_error_js_1.OAuthResolverError.from(cause, `Failed to resolve OAuth server metadata for issuer: ${issuer}`);
|
|
40
85
|
}
|
|
41
86
|
}
|
|
42
|
-
async
|
|
87
|
+
async getResourceServerMetadata(pdsUrl, options) {
|
|
43
88
|
try {
|
|
44
|
-
const rsMetadata = await this.protectedResourceMetadataResolver.get(
|
|
45
|
-
|
|
46
|
-
if (
|
|
47
|
-
throw new oauth_resolver_error_js_1.OAuthResolverError(
|
|
89
|
+
const rsMetadata = await this.protectedResourceMetadataResolver.get(pdsUrl, options);
|
|
90
|
+
// ATPROTO requires one, and only one, authorization server entry
|
|
91
|
+
if (rsMetadata.authorization_servers?.length !== 1) {
|
|
92
|
+
throw new oauth_resolver_error_js_1.OAuthResolverError(rsMetadata.authorization_servers?.length
|
|
93
|
+
? `Unable to determine authorization server for PDS: ${pdsUrl}`
|
|
94
|
+
: `No authorization servers found for PDS: ${pdsUrl}`);
|
|
48
95
|
}
|
|
96
|
+
const issuer = rsMetadata.authorization_servers[0];
|
|
49
97
|
options?.signal?.throwIfAborted();
|
|
50
|
-
const asMetadata = await this.
|
|
98
|
+
const asMetadata = await this.getAuthorizationServerMetadata(issuer, options);
|
|
51
99
|
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-resource-metadata-05#section-4
|
|
52
100
|
if (asMetadata.protected_resources) {
|
|
53
101
|
if (!asMetadata.protected_resources.includes(rsMetadata.resource)) {
|
|
54
|
-
throw new oauth_resolver_error_js_1.OAuthResolverError(`PDS "${
|
|
102
|
+
throw new oauth_resolver_error_js_1.OAuthResolverError(`PDS "${pdsUrl}" not protected by issuer "${issuer}"`);
|
|
55
103
|
}
|
|
56
104
|
}
|
|
57
105
|
return asMetadata;
|
|
58
106
|
}
|
|
59
107
|
catch (cause) {
|
|
60
|
-
|
|
61
|
-
throw oauth_resolver_error_js_1.OAuthResolverError.from(cause, `Failed to resolve OAuth server metadata for resource: ${pds}`);
|
|
108
|
+
throw oauth_resolver_error_js_1.OAuthResolverError.from(cause, `Failed to resolve OAuth server metadata for resource: ${pdsUrl}`);
|
|
62
109
|
}
|
|
63
110
|
}
|
|
64
|
-
async resolve(input, options) {
|
|
65
|
-
options?.signal?.throwIfAborted();
|
|
66
|
-
const identity = await this.resolveIdentity(input, options);
|
|
67
|
-
options?.signal?.throwIfAborted();
|
|
68
|
-
const metadata = await this.resolvePdsMetadata(identity.pds, options);
|
|
69
|
-
return { identity, metadata };
|
|
70
|
-
}
|
|
71
111
|
}
|
|
72
112
|
exports.OAuthResolver = OAuthResolver;
|
|
73
113
|
//# sourceMappingURL=oauth-resolver.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-resolver.js","sourceRoot":"","sources":["../src/oauth-resolver.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"oauth-resolver.js","sourceRoot":"","sources":["../src/oauth-resolver.ts"],"names":[],"mappings":";;;AAKA,sDAG6B;AAO7B,uEAA8D;AAK9D,MAAa,aAAa;IACxB,YACW,gBAAkC,EAClC,iCAAyE,EACzE,mCAA6E;QAFtF;;;;mBAAS,gBAAgB;WAAkB;QAC3C;;;;mBAAS,iCAAiC;WAAwC;QAClF;;;;mBAAS,mCAAmC;WAA0C;IACrF,CAAC;IAEJ;;OAEG;IACI,KAAK,CAAC,OAAO,CAClB,KAAa,EACb,OAA6B;QAK7B,qEAAqE;QACrE,iEAAiE;QACjE,oBAAoB;QACpB,OAAO,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC;YAC/B,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,KAAK,EAAE,OAAO,CAAC;YACzC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;IAC9C,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,kBAAkB,CAC7B,KAAa,EACb,OAA6B;QAI7B,IAAI,CAAC;YACH,gEAAgE;YAChE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;YACrE,OAAO,EAAE,QAAQ,EAAE,CAAA;QACrB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,IAAI,GAAG,YAAY,4CAAkB,EAAE,CAAC;gBACnE,IAAI,CAAC;oBACH,sDAAsD;oBACtD,MAAM,MAAM,GAAG,yCAA2B,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;oBAC3D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;wBACnB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,8BAA8B,CACxD,MAAM,CAAC,IAAI,EACX,OAAO,CACR,CAAA;wBACD,OAAO,EAAE,QAAQ,EAAE,CAAA;oBACrB,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,wCAAwC;gBAC1C,CAAC;YACH,CAAC;YAED,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,mBAAmB,CAC9B,KAAa,EACb,OAA6B;QAK7B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QAE3D,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,CAAA;QAEjC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QAE5E,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAA;IAC/B,CAAC;IAEM,KAAK,CAAC,eAAe,CAC1B,KAAa,EACb,OAAgC;QAEhC,IAAI,CAAC;YACH,OAAO,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QAC5D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,4CAAkB,CAAC,IAAI,CAC3B,KAAK,EACL,+BAA+B,KAAK,EAAE,CACvC,CAAA;QACH,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,8BAA8B,CACzC,MAAc,EACd,OAA0B;QAE1B,IAAI,CAAC;YACH,OAAO,MAAM,IAAI,CAAC,mCAAmC,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;QAC5E,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,4CAAkB,CAAC,IAAI,CAC3B,KAAK,EACL,uDAAuD,MAAM,EAAE,CAChE,CAAA;QACH,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,yBAAyB,CACpC,MAAoB,EACpB,OAA0B;QAE1B,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,iCAAiC,CAAC,GAAG,CACjE,MAAM,EACN,OAAO,CACR,CAAA;YAED,iEAAiE;YACjE,IAAI,UAAU,CAAC,qBAAqB,EAAE,MAAM,KAAK,CAAC,EAAE,CAAC;gBACnD,MAAM,IAAI,4CAAkB,CAC1B,UAAU,CAAC,qBAAqB,EAAE,MAAM;oBACtC,CAAC,CAAC,qDAAqD,MAAM,EAAE;oBAC/D,CAAC,CAAC,2CAA2C,MAAM,EAAE,CACxD,CAAA;YACH,CAAC;YAED,MAAM,MAAM,GAAG,UAAU,CAAC,qBAAsB,CAAC,CAAC,CAAE,CAAA;YAEpD,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,CAAA;YAEjC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,8BAA8B,CAC1D,MAAM,EACN,OAAO,CACR,CAAA;YAED,wFAAwF;YACxF,IAAI,UAAU,CAAC,mBAAmB,EAAE,CAAC;gBACnC,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAClE,MAAM,IAAI,4CAAkB,CAC1B,QAAQ,MAAM,8BAA8B,MAAM,GAAG,CACtD,CAAA;gBACH,CAAC;YACH,CAAC;YAED,OAAO,UAAU,CAAA;QACnB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,4CAAkB,CAAC,IAAI,CAC3B,KAAK,EACL,yDAAyD,MAAM,EAAE,CAClE,CAAA;QACH,CAAC;IACH,CAAC;CACF;AArJD,sCAqJC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-server-agent.d.ts","sourceRoot":"","sources":["../src/oauth-server-agent.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,IAAI,EAAiC,MAAM,qBAAqB,CAAA;AAChF,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AACxD,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACrD,OAAO,EAEL,gCAAgC,EAChC,yBAAyB,EACzB,iBAAiB,EACjB,gBAAgB,EAChB,kBAAkB,EAClB,cAAc,EAGf,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AAEnD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;AAG3C,MAAM,MAAM,QAAQ,GAAG;IACrB,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,CAAC,EAAE,MAAM,CAAA;IAEd,QAAQ,CAAC,EAAE,SAAS,CAAA;IACpB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,YAAY,EAAE,MAAM,CAAA;IACpB,UAAU,EAAE,cAAc,CAAA;IAC1B,eAAe;IACf,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG,WAAW,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;AAExD,qBAAa,gBAAgB;IAIzB,QAAQ,CAAC,OAAO,EAAE,GAAG;IACrB,QAAQ,CAAC,cAAc,EAAE,gCAAgC;IACzD,QAAQ,CAAC,cAAc,EAAE,cAAc;IACvC,QAAQ,CAAC,UAAU,EAAE,cAAc;IACnC,QAAQ,CAAC,aAAa,EAAE,aAAa;IACrC,QAAQ,CAAC,OAAO,EAAE,OAAO;IACzB,QAAQ,CAAC,MAAM,CAAC;IATlB,SAAS,CAAC,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,CAAA;gBAGxB,OAAO,EAAE,GAAG,EACZ,cAAc,EAAE,gCAAgC,EAChD,cAAc,EAAE,cAAc,EAC9B,UAAU,EAAE,cAAc,EAC1B,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,OAAO,EAChB,MAAM,CAAC,yBAAQ,EACxB,KAAK,CAAC,EAAE,KAAK;IAaT,MAAM,CAAC,KAAK,EAAE,MAAM;IAQpB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IAiBhE,OAAO,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IA6BpD;;;;;;;OAOG;YACW,oBAAoB;
|
|
1
|
+
{"version":3,"file":"oauth-server-agent.d.ts","sourceRoot":"","sources":["../src/oauth-server-agent.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,IAAI,EAAiC,MAAM,qBAAqB,CAAA;AAChF,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AACxD,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACrD,OAAO,EAEL,gCAAgC,EAChC,yBAAyB,EACzB,iBAAiB,EACjB,gBAAgB,EAChB,kBAAkB,EAClB,cAAc,EAGf,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AAEnD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;AAG3C,MAAM,MAAM,QAAQ,GAAG;IACrB,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,CAAC,EAAE,MAAM,CAAA;IAEd,QAAQ,CAAC,EAAE,SAAS,CAAA;IACpB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,YAAY,EAAE,MAAM,CAAA;IACpB,UAAU,EAAE,cAAc,CAAA;IAC1B,eAAe;IACf,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG,WAAW,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;AAExD,qBAAa,gBAAgB;IAIzB,QAAQ,CAAC,OAAO,EAAE,GAAG;IACrB,QAAQ,CAAC,cAAc,EAAE,gCAAgC;IACzD,QAAQ,CAAC,cAAc,EAAE,cAAc;IACvC,QAAQ,CAAC,UAAU,EAAE,cAAc;IACnC,QAAQ,CAAC,aAAa,EAAE,aAAa;IACrC,QAAQ,CAAC,OAAO,EAAE,OAAO;IACzB,QAAQ,CAAC,MAAM,CAAC;IATlB,SAAS,CAAC,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,CAAA;gBAGxB,OAAO,EAAE,GAAG,EACZ,cAAc,EAAE,gCAAgC,EAChD,cAAc,EAAE,cAAc,EAC9B,UAAU,EAAE,cAAc,EAC1B,aAAa,EAAE,aAAa,EAC5B,OAAO,EAAE,OAAO,EAChB,MAAM,CAAC,yBAAQ,EACxB,KAAK,CAAC,EAAE,KAAK;IAaT,MAAM,CAAC,KAAK,EAAE,MAAM;IAQpB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IAiBhE,OAAO,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IA6BpD;;;;;;;OAOG;YACW,oBAAoB;IAsC5B,OAAO,CACX,QAAQ,EAAE,OAAO,EACjB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,kBAAkB,CAAC;IACxB,OAAO,CACX,QAAQ,EAAE,8BAA8B,EACxC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,gBAAgB,CAAC;IACtB,OAAO,CACX,QAAQ,EAAE,iBAAiB,EAC3B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,IAAI,CAAC;IA4BV,eAAe,CAAC,QAAQ,EAAE,iBAAiB,GAAG,OAAO,CAAC;QAC1D,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;QAChC,OAAO,EAAE,yBAAyB,CAAA;KACnC,CAAC;CAsEH"}
|
|
@@ -175,7 +175,9 @@ class OAuthServerAgent {
|
|
|
175
175
|
throw new TypeError(`Missing "sub" in token response`);
|
|
176
176
|
// @TODO (?) make timeout configurable
|
|
177
177
|
const signal = __addDisposableResource(env_1, (0, util_js_1.timeoutSignal)(10e3), false);
|
|
178
|
-
const resolved = await this.oauthResolver.
|
|
178
|
+
const resolved = await this.oauthResolver.resolveFromIdentity(sub, {
|
|
179
|
+
signal,
|
|
180
|
+
});
|
|
179
181
|
if (resolved.metadata.issuer !== this.serverMetadata.issuer) {
|
|
180
182
|
// Best case scenario; the user switched PDS. Worst case scenario; a bad
|
|
181
183
|
// actor is trying to impersonate a user. In any case, we must not allow
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-server-agent.js","sourceRoot":"","sources":["../src/oauth-server-agent.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAgF;AAGhF,sDAU6B;AAE7B,iDAA6C;AAC7C,4EAAmE;AACnE,mDAAkD;AAElD,uEAA8D;AAG9D,uCAAyC;AAkBzC,MAAa,gBAAgB;IAG3B,YACW,OAAY,EACZ,cAAgD,EAChD,cAA8B,EAC9B,UAA0B,EAC1B,aAA4B,EAC5B,OAAgB,EAChB,MAAe,EACxB,KAAa;QAPb;;;;mBAAS,OAAO;WAAK;QACrB;;;;mBAAS,cAAc;WAAkC;QACzD;;;;mBAAS,cAAc;WAAgB;QACvC;;;;mBAAS,UAAU;WAAgB;QACnC;;;;mBAAS,aAAa;WAAe;QACrC;;;;mBAAS,OAAO;WAAS;QACzB;;;;mBAAS,MAAM;WAAS;QAThB;;;;;WAAyB;QAYjC,IAAI,CAAC,SAAS,GAAG,IAAA,gCAAgB,EAAO;YACtC,KAAK,EAAE,IAAA,iBAAS,EAAC,KAAK,CAAC;YACvB,GAAG,EAAE,cAAc,CAAC,SAAS;YAC7B,GAAG,EAAE,OAAO;YACZ,aAAa,EAAE,cAAc,CAAC,iCAAiC;YAC/D,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;YACtC,MAAM,EAAE,UAAU;YAClB,YAAY,EAAE,IAAI;SACnB,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAAa;QACxB,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;QAC7C,CAAC;QAAC,MAAM,CAAC;YACP,aAAa;QACf,CAAC;IACH,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,IAAY,EAAE,QAAiB;QAChD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YAChD,UAAU,EAAE,oBAAoB;YAChC,YAAY,EAAE,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,CAAE;YACnD,IAAI;YACJ,aAAa,EAAE,QAAQ;SACxB,CAAC,CAAA;QAEF,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAA;QACjD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAA;YAE7C,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,QAAkB;QAC9B,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC;YAC5B,MAAM,IAAI,0CAAiB,CAAC,QAAQ,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAA;QACzE,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YAChD,UAAU,EAAE,eAAe;YAC3B,aAAa,EAAE,QAAQ,CAAC,aAAa;SACtC,CAAC,CAAA;QAEF,IAAI,CAAC;YACH,IAAI,QAAQ,CAAC,GAAG,KAAK,aAAa,CAAC,GAAG,EAAE,CAAC;gBACvC,MAAM,IAAI,0CAAiB,CACzB,QAAQ,CAAC,GAAG,EACZ,uCAAuC,aAAa,CAAC,GAAG,GAAG,CAC5D,CAAA;YACH,CAAC;YACD,IAAI,QAAQ,CAAC,GAAG,KAAK,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;gBAChD,MAAM,IAAI,0CAAiB,CAAC,QAAQ,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAA;YAC9D,CAAC;YAED,OAAO,IAAI,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAA;QACjD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAA;YAE7C,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACK,KAAK,CAAC,oBAAoB,CAChC,aAAiC;;;YAEjC,MAAM,EAAE,GAAG,EAAE,GAAG,aAAa,CAAA;YAC7B,2EAA2E;YAC3E,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,SAAS,CAAC,iCAAiC,CAAC,CAAA;YAEhE,sCAAsC;YACtC,MAAM,MAAM,kCAAG,IAAA,uBAAa,EAAC,IAAI,CAAC,QAAA,CAAA;YAElC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,
|
|
1
|
+
{"version":3,"file":"oauth-server-agent.js","sourceRoot":"","sources":["../src/oauth-server-agent.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAgF;AAGhF,sDAU6B;AAE7B,iDAA6C;AAC7C,4EAAmE;AACnE,mDAAkD;AAElD,uEAA8D;AAG9D,uCAAyC;AAkBzC,MAAa,gBAAgB;IAG3B,YACW,OAAY,EACZ,cAAgD,EAChD,cAA8B,EAC9B,UAA0B,EAC1B,aAA4B,EAC5B,OAAgB,EAChB,MAAe,EACxB,KAAa;QAPb;;;;mBAAS,OAAO;WAAK;QACrB;;;;mBAAS,cAAc;WAAkC;QACzD;;;;mBAAS,cAAc;WAAgB;QACvC;;;;mBAAS,UAAU;WAAgB;QACnC;;;;mBAAS,aAAa;WAAe;QACrC;;;;mBAAS,OAAO;WAAS;QACzB;;;;mBAAS,MAAM;WAAS;QAThB;;;;;WAAyB;QAYjC,IAAI,CAAC,SAAS,GAAG,IAAA,gCAAgB,EAAO;YACtC,KAAK,EAAE,IAAA,iBAAS,EAAC,KAAK,CAAC;YACvB,GAAG,EAAE,cAAc,CAAC,SAAS;YAC7B,GAAG,EAAE,OAAO;YACZ,aAAa,EAAE,cAAc,CAAC,iCAAiC;YAC/D,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;YACtC,MAAM,EAAE,UAAU;YAClB,YAAY,EAAE,IAAI;SACnB,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAAa;QACxB,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;QAC7C,CAAC;QAAC,MAAM,CAAC;YACP,aAAa;QACf,CAAC;IACH,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,IAAY,EAAE,QAAiB;QAChD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YAChD,UAAU,EAAE,oBAAoB;YAChC,YAAY,EAAE,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,CAAE;YACnD,IAAI;YACJ,aAAa,EAAE,QAAQ;SACxB,CAAC,CAAA;QAEF,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAA;QACjD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAA;YAE7C,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,QAAkB;QAC9B,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC;YAC5B,MAAM,IAAI,0CAAiB,CAAC,QAAQ,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAA;QACzE,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;YAChD,UAAU,EAAE,eAAe;YAC3B,aAAa,EAAE,QAAQ,CAAC,aAAa;SACtC,CAAC,CAAA;QAEF,IAAI,CAAC;YACH,IAAI,QAAQ,CAAC,GAAG,KAAK,aAAa,CAAC,GAAG,EAAE,CAAC;gBACvC,MAAM,IAAI,0CAAiB,CACzB,QAAQ,CAAC,GAAG,EACZ,uCAAuC,aAAa,CAAC,GAAG,GAAG,CAC5D,CAAA;YACH,CAAC;YACD,IAAI,QAAQ,CAAC,GAAG,KAAK,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;gBAChD,MAAM,IAAI,0CAAiB,CAAC,QAAQ,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAA;YAC9D,CAAC;YAED,OAAO,IAAI,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAA;QACjD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,YAAY,CAAC,CAAA;YAE7C,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACK,KAAK,CAAC,oBAAoB,CAChC,aAAiC;;;YAEjC,MAAM,EAAE,GAAG,EAAE,GAAG,aAAa,CAAA;YAC7B,2EAA2E;YAC3E,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,SAAS,CAAC,iCAAiC,CAAC,CAAA;YAEhE,sCAAsC;YACtC,MAAM,MAAM,kCAAG,IAAA,uBAAa,EAAC,IAAI,CAAC,QAAA,CAAA;YAElC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC,GAAG,EAAE;gBACjE,MAAM;aACP,CAAC,CAAA;YAEF,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,KAAK,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;gBAC5D,wEAAwE;gBACxE,wEAAwE;gBACxE,yBAAyB;gBACzB,MAAM,IAAI,SAAS,CAAC,iBAAiB,CAAC,CAAA;YACxC,CAAC;YAED,OAAO;gBACL,GAAG;gBACH,GAAG,EAAE,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI;gBAC/B,GAAG,EAAE,QAAQ,CAAC,QAAQ,CAAC,MAAM;gBAE7B,KAAK,EAAE,aAAa,CAAC,KAAK;gBAC1B,QAAQ,EAAE,aAAa,CAAC,QAAQ;gBAChC,aAAa,EAAE,aAAa,CAAC,aAAa;gBAC1C,YAAY,EAAE,aAAa,CAAC,YAAY;gBACxC,UAAU,EAAE,aAAa,CAAC,UAAU,IAAI,QAAQ;gBAChD,UAAU,EACR,OAAO,aAAa,CAAC,UAAU,KAAK,QAAQ;oBAC1C,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,aAAa,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;oBACtE,CAAC,CAAC,SAAS;aAChB,CAAA;;;;;;;;;KACF;IAeD,KAAK,CAAC,OAAO,CAAC,QAA2B,EAAE,OAAgC;QACzE,MAAM,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,QAAQ,WAAW,CAAC,CAAA;QACvD,IAAI,CAAC,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,MAAM,QAAQ,qBAAqB,CAAC,CAAA;QAE9D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAA;QAEjD,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE;YACnD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAChE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,OAAO,EAAE,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;SACtD,CAAC,CAAC,IAAI,CAAC,IAAA,0BAAkB,GAAE,CAAC,CAAA;QAE7B,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YAChB,QAAQ,QAAQ,EAAE,CAAC;gBACjB,KAAK,OAAO;oBACV,OAAO,sCAAwB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;gBAC7C,KAAK,8BAA8B;oBACjC,OAAO,oCAAsB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;gBAC3C;oBACE,OAAO,IAAI,CAAA;YACf,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,4CAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;QAC9C,CAAC;IACH,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,QAA2B;QAI/C,MAAM,eAAe,GACnB,IAAI,CAAC,cAAc,CAAC,GAAG,QAAQ,kCAAkC,CAAC;YAClE,IAAI,CAAC,cAAc,CAAC,uCAAuC,CAAC,CAAA;QAE9D,MAAM,MAAM,GACV,IAAI,CAAC,cAAc,CAAC,GAAG,QAAQ,uBAAuB,CAAC;YACvD,IAAI,CAAC,cAAc,CAAC,4BAA4B,CAAC,CAAA;QAEnD,IACE,MAAM,KAAK,iBAAiB;YAC5B,CAAC,IAAI,CAAC,MAAM;gBACV,CAAC,MAAM;gBACP,CAAC,eAAe,EAAE,QAAQ,CAAC,iBAAiB,CAAC,IAAI,KAAK,CAAC,CAAC,EAC1D,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAA;YAExD,IAAI,CAAC;gBACH,MAAM,GAAG,GACP,IAAI,CAAC,cAAc,CACjB,GAAG,QAAQ,6CAA6C,CACzD;oBACD,IAAI,CAAC,cAAc,CACjB,kDAAkD,CACnD;oBACD,2BAAY,CAAA;gBAEd,wEAAwE;gBACxE,wEAAwE;gBACxE,wDAAwD;gBACxD,MAAM,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,IAAI;qBACvC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,GAAG,CAAC;qBACrB,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAA;gBAEpD,OAAO;oBACL,OAAO,EAAE;wBACP,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS;wBACxC,qBAAqB,EAAE,8CAAgC;wBACvD,gBAAgB,EAAE,MAAM,IAAI,CAAC,MAAM,CAAC,SAAS,CAC3C,EAAE,GAAG,EAAE,GAAG,EAAE,EACZ;4BACE,GAAG,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS;4BAClC,GAAG,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS;4BAClC,GAAG,EAAE,IAAI,CAAC,cAAc,CAAC,MAAM;4BAC/B,GAAG,EAAE,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE;4BACvC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;yBACnC,CACF;qBACF;iBACF,CAAA;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,MAAM,KAAK,iBAAiB;oBAAE,MAAM,GAAG,CAAA;gBAE3C,uBAAuB;YACzB,CAAC;QACH,CAAC;QAED,IACE,MAAM,KAAK,MAAM;YACjB,CAAC,CAAC,MAAM,IAAI,CAAC,eAAe,EAAE,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,CAAC,EACxD,CAAC;YACD,OAAO;gBACL,OAAO,EAAE;oBACP,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS;iBACzC;aACF,CAAA;QACH,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,eAAe,QAAQ,wBAAwB,CAAC,CAAA;IAClE,CAAC;CACF;AA5OD,4CA4OC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-server-factory.d.ts","sourceRoot":"","sources":["../src/oauth-server-factory.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AAC1C,OAAO,EAAE,gCAAgC,EAAE,MAAM,sBAAsB,CAAA;AAEvE,OAAO,EAAE,gBAAgB,EAAE,MAAM,mDAAmD,CAAA;AACpF,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACnD,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAA;AAC1E,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;AAE3C,qBAAa,kBAAkB;IAE3B,QAAQ,CAAC,cAAc,EAAE,cAAc;IACvC,QAAQ,CAAC,OAAO,EAAE,OAAO;IACzB,QAAQ,CAAC,QAAQ,EAAE,aAAa;IAChC,QAAQ,CAAC,KAAK,EAAE,KAAK;IACrB,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS;IACnC,QAAQ,CAAC,cAAc,EAAE,cAAc;gBAL9B,cAAc,EAAE,cAAc,EAC9B,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,aAAa,EACvB,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,MAAM,GAAG,SAAS,EAC1B,cAAc,EAAE,cAAc;IAGnC,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,gBAAgB;
|
|
1
|
+
{"version":3,"file":"oauth-server-factory.d.ts","sourceRoot":"","sources":["../src/oauth-server-factory.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AAC1C,OAAO,EAAE,gCAAgC,EAAE,MAAM,sBAAsB,CAAA;AAEvE,OAAO,EAAE,gBAAgB,EAAE,MAAM,mDAAmD,CAAA;AACpF,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AACnD,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAA;AAC1E,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;AAE3C,qBAAa,kBAAkB;IAE3B,QAAQ,CAAC,cAAc,EAAE,cAAc;IACvC,QAAQ,CAAC,OAAO,EAAE,OAAO;IACzB,QAAQ,CAAC,QAAQ,EAAE,aAAa;IAChC,QAAQ,CAAC,KAAK,EAAE,KAAK;IACrB,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS;IACnC,QAAQ,CAAC,cAAc,EAAE,cAAc;gBAL9B,cAAc,EAAE,cAAc,EAC9B,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,aAAa,EACvB,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,MAAM,GAAG,SAAS,EAC1B,cAAc,EAAE,cAAc;IAGnC,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,gBAAgB;IAQnE,YAAY,CAChB,cAAc,EAAE,gCAAgC,EAChD,OAAO,EAAE,GAAG;CAaf"}
|
|
@@ -42,7 +42,7 @@ class OAuthServerFactory {
|
|
|
42
42
|
});
|
|
43
43
|
}
|
|
44
44
|
async fromIssuer(issuer, dpopKey, options) {
|
|
45
|
-
const serverMetadata = await this.resolver.
|
|
45
|
+
const serverMetadata = await this.resolver.getAuthorizationServerMetadata(issuer, options);
|
|
46
46
|
return this.fromMetadata(serverMetadata, dpopKey);
|
|
47
47
|
}
|
|
48
48
|
async fromMetadata(serverMetadata, dpopKey) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-server-factory.js","sourceRoot":"","sources":["../src/oauth-server-factory.ts"],"names":[],"mappings":";;;AAMA,mEAA0E;AAI1E,MAAa,kBAAkB;IAC7B,YACW,cAA8B,EAC9B,OAAgB,EAChB,QAAuB,EACvB,KAAY,EACZ,MAA0B,EAC1B,cAA8B;QALvC;;;;mBAAS,cAAc;WAAgB;QACvC;;;;mBAAS,OAAO;WAAS;QACzB;;;;mBAAS,QAAQ;WAAe;QAChC;;;;mBAAS,KAAK;WAAO;QACrB;;;;mBAAS,MAAM;WAAoB;QACnC;;;;mBAAS,cAAc;WAAgB;IACtC,CAAC;IAEJ,KAAK,CAAC,UAAU,CAAC,MAAc,EAAE,OAAY,EAAE,OAA0B;QACvE,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,
|
|
1
|
+
{"version":3,"file":"oauth-server-factory.js","sourceRoot":"","sources":["../src/oauth-server-factory.ts"],"names":[],"mappings":";;;AAMA,mEAA0E;AAI1E,MAAa,kBAAkB;IAC7B,YACW,cAA8B,EAC9B,OAAgB,EAChB,QAAuB,EACvB,KAAY,EACZ,MAA0B,EAC1B,cAA8B;QALvC;;;;mBAAS,cAAc;WAAgB;QACvC;;;;mBAAS,OAAO;WAAS;QACzB;;;;mBAAS,QAAQ;WAAe;QAChC;;;;mBAAS,KAAK;WAAO;QACrB;;;;mBAAS,MAAM;WAAoB;QACnC;;;;mBAAS,cAAc;WAAgB;IACtC,CAAC;IAEJ,KAAK,CAAC,UAAU,CAAC,MAAc,EAAE,OAAY,EAAE,OAA0B;QACvE,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,8BAA8B,CACvE,MAAM,EACN,OAAO,CACR,CAAA;QACD,OAAO,IAAI,CAAC,YAAY,CAAC,cAAc,EAAE,OAAO,CAAC,CAAA;IACnD,CAAC;IAED,KAAK,CAAC,YAAY,CAChB,cAAgD,EAChD,OAAY;QAEZ,OAAO,IAAI,wCAAgB,CACzB,OAAO,EACP,cAAc,EACd,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,KAAK,CACX,CAAA;IACH,CAAC;CACF;AAjCD,gDAiCC"}
|
package/dist/session-getter.js
CHANGED
|
@@ -89,7 +89,7 @@ class SessionGetter extends simple_store_1.CachedGetter {
|
|
|
89
89
|
// concurrency issues if multiple tabs/instances are trying to refresh
|
|
90
90
|
// the same token. The chances of this happening when multiple instances
|
|
91
91
|
// are started simultaneously is reduced by randomizing the expiry time
|
|
92
|
-
// (see isStale()
|
|
92
|
+
// (see isStale() below). Even so, There still exist chances that
|
|
93
93
|
// multiple tabs will try to refresh the token at the same time. The
|
|
94
94
|
// best solution would be to use a mutex/lock to ensure that only one
|
|
95
95
|
// instance is refreshing the token at a time. A simpler workaround is
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session-getter.js","sourceRoot":"","sources":["../src/session-getter.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6DAImC;AAGnC,4EAAmE;AACnE,4EAAmE;AACnE,4EAAmE;AACnE,uEAA8D;AAI9D,uCAA4D;AAuB5D;;;;;;GAMG;AACH,MAAa,aAAc,SAAQ,2BAA6B;IAG9D,YACE,YAA0B,EAC1B,aAAiC,EAChB,OAAgB;QAEjC,KAAK,CACH,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,aAAa,EAAoB,EAAE;YACtD,iEAAiE;YACjE,uEAAuE;YACvE,+BAA+B;YAC/B,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,mEAAmE;gBACnE,iEAAiE;gBACjE,iEAAiE;gBACjE,mEAAmE;gBACnE,wDAAwD;gBACxD,MAAM,GAAG,GAAG,4CAA4C,CAAA;gBACxD,MAAM,KAAK,GAAG,IAAI,0CAAiB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;gBAC7C,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAA;gBAC7C,MAAM,KAAK,CAAA;YACb,CAAC;YAED,uEAAuE;YACvE,6DAA6D;YAC7D,uEAAuE;YACvE,oEAAoE;YACpE,8BAA8B;YAE9B,IAAI,GAAG,KAAK,aAAa,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;gBACvC,uDAAuD;gBACvD,MAAM,IAAI,0CAAiB,CAAC,GAAG,EAAE,6BAA6B,CAAC,CAAA;YACjE,CAAC;YAED,gEAAgE;YAChE,sEAAsE;YACtE,wEAAwE;YACxE,uEAAuE;YACvE,
|
|
1
|
+
{"version":3,"file":"session-getter.js","sourceRoot":"","sources":["../src/session-getter.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6DAImC;AAGnC,4EAAmE;AACnE,4EAAmE;AACnE,4EAAmE;AACnE,uEAA8D;AAI9D,uCAA4D;AAuB5D;;;;;;GAMG;AACH,MAAa,aAAc,SAAQ,2BAA6B;IAG9D,YACE,YAA0B,EAC1B,aAAiC,EAChB,OAAgB;QAEjC,KAAK,CACH,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,aAAa,EAAoB,EAAE;YACtD,iEAAiE;YACjE,uEAAuE;YACvE,+BAA+B;YAC/B,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,mEAAmE;gBACnE,iEAAiE;gBACjE,iEAAiE;gBACjE,mEAAmE;gBACnE,wDAAwD;gBACxD,MAAM,GAAG,GAAG,4CAA4C,CAAA;gBACxD,MAAM,KAAK,GAAG,IAAI,0CAAiB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;gBAC7C,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAA;gBAC7C,MAAM,KAAK,CAAA;YACb,CAAC;YAED,uEAAuE;YACvE,6DAA6D;YAC7D,uEAAuE;YACvE,oEAAoE;YACpE,8BAA8B;YAE9B,IAAI,GAAG,KAAK,aAAa,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;gBACvC,uDAAuD;gBACvD,MAAM,IAAI,0CAAiB,CAAC,GAAG,EAAE,6BAA6B,CAAC,CAAA;YACjE,CAAC;YAED,gEAAgE;YAChE,sEAAsE;YACtE,wEAAwE;YACxE,uEAAuE;YACvE,iEAAiE;YACjE,oEAAoE;YACpE,qEAAqE;YACrE,sEAAsE;YACtE,uEAAuE;YACvE,gEAAgE;YAChE,uBAAuB;YAEvB,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,aAAa,CAAA;YAC3C,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;YAEpE,oEAAoE;YACpE,sEAAsE;YACtE,6DAA6D;YAC7D,gEAAgE;YAChE,8DAA8D;YAC9D,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,CAAA;YAEjC,IAAI,CAAC;gBACH,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;gBAElD,IAAI,GAAG,KAAK,WAAW,CAAC,GAAG,EAAE,CAAC;oBAC5B,iEAAiE;oBACjE,MAAM,IAAI,0CAAiB,CAAC,GAAG,EAAE,wBAAwB,CAAC,CAAA;gBAC5D,CAAC;gBAED,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAA;YAC3C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,6DAA6D;gBAC7D,sEAAsE;gBACtE,uBAAuB;gBACvB,IACE,KAAK,YAAY,4CAAkB;oBACnC,KAAK,CAAC,MAAM,KAAK,GAAG;oBACpB,KAAK,CAAC,KAAK,KAAK,eAAe,EAC/B,CAAC;oBACD,kEAAkE;oBAClE,iEAAiE;oBACjE,kEAAkE;oBAClE,8DAA8D;oBAC9D,IAAI,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAC;wBACnC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAA;wBAE7C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;wBACxC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;4BACzB,6DAA6D;4BAC7D,sDAAsD;4BAEtD,sDAAsD;4BACtD,0DAA0D;4BAC1D,+CAA+C;4BAC/C,MAAM,GAAG,GAAG,4CAA4C,CAAA;4BACxD,MAAM,IAAI,0CAAiB,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;wBAClD,CAAC;6BAAM,IACL,MAAM,CAAC,QAAQ,CAAC,YAAY,KAAK,QAAQ,CAAC,YAAY;4BACtD,MAAM,CAAC,QAAQ,CAAC,aAAa,KAAK,QAAQ,CAAC,aAAa,EACxD,CAAC;4BACD,6DAA6D;4BAC7D,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAA;wBAC/C,CAAC;6BAAM,CAAC;4BACN,0DAA0D;4BAC1D,0BAA0B;wBAC5B,CAAC;oBACH,CAAC;oBAED,oDAAoD;oBACpD,MAAM,GAAG,GAAG,KAAK,CAAC,gBAAgB,IAAI,yBAAyB,CAAA;oBAC/D,MAAM,IAAI,0CAAiB,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;gBAClD,CAAC;gBAED,MAAM,KAAK,CAAA;YACb,CAAC;QACH,CAAC,EACD,YAAY,EACZ;YACE,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;gBAC7B,OAAO,CACL,QAAQ,CAAC,UAAU,IAAI,IAAI;oBAC3B,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,OAAO,EAAE;wBACrC,8DAA8D;wBAC9D,sBAAsB;wBACtB,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CACpB,CAAA;YACH,CAAC;YACD,YAAY,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE,EAAE;gBACtD,sDAAsD;gBACtD,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;gBACpE,MAAM,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,aAAa,IAAI,QAAQ,CAAC,YAAY,CAAC,CAAA;gBACpE,MAAM,GAAG,CAAA;YACX,CAAC;YACD,aAAa,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;YAC3B,4CAA4C;YAC5C,GAAG,YAAY,0CAAiB;gBAChC,GAAG,YAAY,0CAAiB;gBAChC,GAAG,YAAY,0CAAiB;SACnC,CACF,CAAA;QAlID;;;;mBAAiB,OAAO;WAAS;QALlB;;;;mBAAc,IAAI,2BAAiB,EAAmB;WAAA;IAwIvE,CAAC;IAED,gBAAgB,CACd,IAAO,EACP,QAAiC,EACjC,OAA2C;QAE3C,IAAI,CAAC,WAAW,CAAC,gBAAgB,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAA;IAC5D,CAAC;IAED,mBAAmB,CACjB,IAAO,EACP,QAAiC,EACjC,OAAwC;QAExC,IAAI,CAAC,WAAW,CAAC,mBAAmB,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAA;IAC/D,CAAC;IAED,aAAa,CACX,IAAO,EACP,MAA0B;QAE1B,OAAO,IAAI,CAAC,WAAW,CAAC,mBAAmB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;IAC3D,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,GAAW,EAAE,OAAgB;QAC3C,MAAM,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QACnC,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,GAAG,EAAE,GAAG,OAAO,EAAE,CAAC,CAAA;IACpD,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,GAAW,EAAE,KAAe;QAC1C,MAAM,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,CAAC,CAAA;QACjC,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAA;IAC/C,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,UAAU,CAAC,GAAW,EAAE,OAAiB;QAC7C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE;YAClC,OAAO,EAAE,OAAO,KAAK,IAAI;YACzB,UAAU,EAAE,OAAO,KAAK,KAAK;SAC9B,CAAC,CAAA;QAEF,IAAI,GAAG,KAAK,OAAO,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;YACjC,uDAAuD;YACvD,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAA;QAC9D,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,OAA0B;QAC/C,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,yBAAyB,GAAG,EAAE,EAAE,KAAK,IAAI,EAAE;;;gBACvE,yEAAyE;gBACzE,8CAA8C;gBAC9C,MAAM,MAAM,kCAAG,IAAA,uBAAa,EAAC,IAAI,EAAE,OAAO,CAAC,QAAA,CAAA;gBAE3C,OAAO,MAAM,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,CAAC,CAAA;;;;;;;;;SACpD,CAAC,CAAA;IACJ,CAAC;CACF;AAzMD,sCAyMC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@atproto/oauth-client",
|
|
3
|
-
"version": "0.1.2-rc.
|
|
3
|
+
"version": "0.1.2-rc.3",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"description": "OAuth client for ATPROTO PDS. This package serves as common base for environment-specific implementations (NodeJS, Browser, React-Native).",
|
|
6
6
|
"keywords": [
|
|
@@ -27,17 +27,17 @@
|
|
|
27
27
|
"dependencies": {
|
|
28
28
|
"multiformats": "^9.9.0",
|
|
29
29
|
"zod": "^3.23.8",
|
|
30
|
-
"@atproto-labs/did-resolver": "0.1.1",
|
|
31
|
-
"@atproto-labs/
|
|
30
|
+
"@atproto-labs/did-resolver": "0.1.2-rc.1",
|
|
31
|
+
"@atproto-labs/fetch": "0.1.0",
|
|
32
|
+
"@atproto-labs/handle-resolver": "0.1.2-rc.1",
|
|
33
|
+
"@atproto-labs/identity-resolver": "0.1.2-rc.1",
|
|
32
34
|
"@atproto-labs/simple-store": "0.1.1",
|
|
33
|
-
"@atproto/
|
|
34
|
-
"@atproto/did": "0.1.
|
|
35
|
+
"@atproto-labs/simple-store-memory": "0.1.1",
|
|
36
|
+
"@atproto/did": "0.1.1-rc.1",
|
|
37
|
+
"@atproto/api": "0.13.0-rc.2",
|
|
35
38
|
"@atproto/jwk": "0.1.1",
|
|
36
|
-
"@atproto/oauth-types": "0.1.1",
|
|
37
|
-
"@atproto/xrpc": "0.
|
|
38
|
-
"@atproto-labs/identity-resolver": "0.1.1",
|
|
39
|
-
"@atproto-labs/fetch": "0.1.0",
|
|
40
|
-
"@atproto-labs/simple-store-memory": "0.1.1"
|
|
39
|
+
"@atproto/oauth-types": "0.1.2-rc.1",
|
|
40
|
+
"@atproto/xrpc": "0.5.1-rc.0"
|
|
41
41
|
},
|
|
42
42
|
"devDependencies": {
|
|
43
43
|
"typescript": "^5.3.3"
|
package/src/oauth-atp-agent.ts
CHANGED
|
@@ -30,9 +30,8 @@ export class OAuthAtpAgent extends Agent {
|
|
|
30
30
|
})
|
|
31
31
|
}
|
|
32
32
|
|
|
33
|
-
clone():
|
|
34
|
-
|
|
35
|
-
return this.copyInto(agent)
|
|
33
|
+
clone(): OAuthAtpAgent {
|
|
34
|
+
return this.copyInto(new OAuthAtpAgent(this.oauthAgent))
|
|
36
35
|
}
|
|
37
36
|
|
|
38
37
|
get did(): string {
|
|
@@ -93,6 +93,14 @@ export class OAuthAuthorizationServerMetadataResolver extends CachedGetter<
|
|
|
93
93
|
throw new TypeError(`Invalid issuer ${metadata.issuer}`)
|
|
94
94
|
}
|
|
95
95
|
|
|
96
|
+
// ATPROTO requires client_id_metadata_document
|
|
97
|
+
// http://drafts.aaronpk.com/draft-parecki-oauth-client-id-metadata-document/draft-parecki-oauth-client-id-metadata-document.html
|
|
98
|
+
if (metadata.client_id_metadata_document_supported !== true) {
|
|
99
|
+
throw new TypeError(
|
|
100
|
+
`Authorization server "${issuer}" does not support client_id_metadata_document`,
|
|
101
|
+
)
|
|
102
|
+
}
|
|
103
|
+
|
|
96
104
|
return metadata
|
|
97
105
|
}
|
|
98
106
|
}
|
package/src/oauth-client.ts
CHANGED
|
@@ -257,16 +257,10 @@ export class OAuthClient extends CustomEventTarget<OAuthClientEventMap> {
|
|
|
257
257
|
throw new TypeError('Invalid redirect_uri')
|
|
258
258
|
}
|
|
259
259
|
|
|
260
|
-
const
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
// DID)
|
|
265
|
-
{
|
|
266
|
-
identity: undefined,
|
|
267
|
-
metadata: await this.oauthResolver.resolveMetadata(input, { signal }),
|
|
268
|
-
}
|
|
269
|
-
: await this.oauthResolver.resolve(input, { signal })
|
|
260
|
+
const { identity, metadata } = await this.oauthResolver.resolve(
|
|
261
|
+
input,
|
|
262
|
+
options,
|
|
263
|
+
)
|
|
270
264
|
|
|
271
265
|
const nonce = await this.runtime.generateNonce()
|
|
272
266
|
const pkce = await this.runtime.generatePKCE()
|
|
@@ -10,6 +10,7 @@ import {
|
|
|
10
10
|
SimpleStore,
|
|
11
11
|
} from '@atproto-labs/simple-store'
|
|
12
12
|
import {
|
|
13
|
+
ALLOW_UNSECURE_ORIGINS,
|
|
13
14
|
OAuthProtectedResourceMetadata,
|
|
14
15
|
oauthProtectedResourceMetadataSchema,
|
|
15
16
|
} from '@atproto/oauth-types'
|
|
@@ -45,10 +46,14 @@ export class OAuthProtectedResourceMetadataResolver extends CachedGetter<
|
|
|
45
46
|
options?: GetCachedOptions,
|
|
46
47
|
): Promise<OAuthProtectedResourceMetadata> {
|
|
47
48
|
const { protocol, origin } = new URL(resource)
|
|
48
|
-
if (
|
|
49
|
-
|
|
49
|
+
if (
|
|
50
|
+
protocol === 'https:' ||
|
|
51
|
+
(protocol === 'http:' && ALLOW_UNSECURE_ORIGINS)
|
|
52
|
+
) {
|
|
53
|
+
return super.get(origin, options)
|
|
50
54
|
}
|
|
51
|
-
|
|
55
|
+
|
|
56
|
+
throw new TypeError(`Forbidden resource sercure protocol "${protocol}"`)
|
|
52
57
|
}
|
|
53
58
|
|
|
54
59
|
private async fetchMetadata(
|
|
@@ -62,7 +67,7 @@ export class OAuthProtectedResourceMetadataResolver extends CachedGetter<
|
|
|
62
67
|
const request = new Request(url, {
|
|
63
68
|
signal: options?.signal,
|
|
64
69
|
headers,
|
|
65
|
-
redirect: '
|
|
70
|
+
redirect: 'manual', // response must be 200 OK
|
|
66
71
|
})
|
|
67
72
|
|
|
68
73
|
const response = await this.fetch(request)
|
package/src/oauth-resolver.ts
CHANGED
|
@@ -1,16 +1,19 @@
|
|
|
1
1
|
import {
|
|
2
|
-
ResolveIdentityOptions,
|
|
3
2
|
IdentityResolver,
|
|
4
3
|
ResolvedIdentity,
|
|
4
|
+
ResolveIdentityOptions,
|
|
5
5
|
} from '@atproto-labs/identity-resolver'
|
|
6
|
-
import {
|
|
6
|
+
import {
|
|
7
|
+
OAuthAuthorizationServerMetadata,
|
|
8
|
+
oauthIssuerIdentifierSchema,
|
|
9
|
+
} from '@atproto/oauth-types'
|
|
7
10
|
|
|
8
|
-
import { OAuthResolverError } from './oauth-resolver-error.js'
|
|
9
11
|
import {
|
|
10
12
|
GetCachedOptions,
|
|
11
13
|
OAuthAuthorizationServerMetadataResolver,
|
|
12
14
|
} from './oauth-authorization-server-metadata-resolver.js'
|
|
13
15
|
import { OAuthProtectedResourceMetadataResolver } from './oauth-protected-resource-metadata-resolver.js'
|
|
16
|
+
import { OAuthResolverError } from './oauth-resolver-error.js'
|
|
14
17
|
|
|
15
18
|
export type { GetCachedOptions }
|
|
16
19
|
export type ResolveOAuthOptions = GetCachedOptions & ResolveIdentityOptions
|
|
@@ -22,6 +25,75 @@ export class OAuthResolver {
|
|
|
22
25
|
readonly authorizationServerMetadataResolver: OAuthAuthorizationServerMetadataResolver,
|
|
23
26
|
) {}
|
|
24
27
|
|
|
28
|
+
/**
|
|
29
|
+
* @param input - A handle, DID, PDS URL or Entryway URL
|
|
30
|
+
*/
|
|
31
|
+
public async resolve(
|
|
32
|
+
input: string,
|
|
33
|
+
options?: ResolveOAuthOptions,
|
|
34
|
+
): Promise<{
|
|
35
|
+
identity?: ResolvedIdentity
|
|
36
|
+
metadata: OAuthAuthorizationServerMetadata
|
|
37
|
+
}> {
|
|
38
|
+
// Allow using an entryway, or PDS url, directly as login input (e.g.
|
|
39
|
+
// when the user forgot their handle, or when the handle does not
|
|
40
|
+
// resolve to a DID)
|
|
41
|
+
return /^https?:\/\//.test(input)
|
|
42
|
+
? this.resolveFromService(input, options)
|
|
43
|
+
: this.resolveFromIdentity(input, options)
|
|
44
|
+
}
|
|
45
|
+
|
|
46
|
+
/**
|
|
47
|
+
* @note this method can be used to verify if a particular uri supports OAuth
|
|
48
|
+
* based sign-in (for compatibility with legacy implementation).
|
|
49
|
+
*/
|
|
50
|
+
public async resolveFromService(
|
|
51
|
+
input: string,
|
|
52
|
+
options?: ResolveOAuthOptions,
|
|
53
|
+
): Promise<{
|
|
54
|
+
metadata: OAuthAuthorizationServerMetadata
|
|
55
|
+
}> {
|
|
56
|
+
try {
|
|
57
|
+
// Assume first that input is a PDS URL (as required by ATPROTO)
|
|
58
|
+
const metadata = await this.getResourceServerMetadata(input, options)
|
|
59
|
+
return { metadata }
|
|
60
|
+
} catch (err) {
|
|
61
|
+
if (!options?.signal?.aborted && err instanceof OAuthResolverError) {
|
|
62
|
+
try {
|
|
63
|
+
// Fallback to trying to fetch as an issuer (Entryway)
|
|
64
|
+
const result = oauthIssuerIdentifierSchema.safeParse(input)
|
|
65
|
+
if (result.success) {
|
|
66
|
+
const metadata = await this.getAuthorizationServerMetadata(
|
|
67
|
+
result.data,
|
|
68
|
+
options,
|
|
69
|
+
)
|
|
70
|
+
return { metadata }
|
|
71
|
+
}
|
|
72
|
+
} catch {
|
|
73
|
+
// Fallback failed, throw original error
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
|
|
77
|
+
throw err
|
|
78
|
+
}
|
|
79
|
+
}
|
|
80
|
+
|
|
81
|
+
public async resolveFromIdentity(
|
|
82
|
+
input: string,
|
|
83
|
+
options?: ResolveOAuthOptions,
|
|
84
|
+
): Promise<{
|
|
85
|
+
identity: ResolvedIdentity
|
|
86
|
+
metadata: OAuthAuthorizationServerMetadata
|
|
87
|
+
}> {
|
|
88
|
+
const identity = await this.resolveIdentity(input, options)
|
|
89
|
+
|
|
90
|
+
options?.signal?.throwIfAborted()
|
|
91
|
+
|
|
92
|
+
const metadata = await this.getResourceServerMetadata(identity.pds, options)
|
|
93
|
+
|
|
94
|
+
return { identity, metadata }
|
|
95
|
+
}
|
|
96
|
+
|
|
25
97
|
public async resolveIdentity(
|
|
26
98
|
input: string,
|
|
27
99
|
options?: ResolveIdentityOptions,
|
|
@@ -36,7 +108,7 @@ export class OAuthResolver {
|
|
|
36
108
|
}
|
|
37
109
|
}
|
|
38
110
|
|
|
39
|
-
public async
|
|
111
|
+
public async getAuthorizationServerMetadata(
|
|
40
112
|
issuer: string,
|
|
41
113
|
options?: GetCachedOptions,
|
|
42
114
|
): Promise<OAuthAuthorizationServerMetadata> {
|
|
@@ -50,62 +122,49 @@ export class OAuthResolver {
|
|
|
50
122
|
}
|
|
51
123
|
}
|
|
52
124
|
|
|
53
|
-
public async
|
|
54
|
-
|
|
125
|
+
public async getResourceServerMetadata(
|
|
126
|
+
pdsUrl: string | URL,
|
|
55
127
|
options?: GetCachedOptions,
|
|
56
128
|
) {
|
|
57
129
|
try {
|
|
58
130
|
const rsMetadata = await this.protectedResourceMetadataResolver.get(
|
|
59
|
-
|
|
131
|
+
pdsUrl,
|
|
60
132
|
options,
|
|
61
133
|
)
|
|
62
134
|
|
|
63
|
-
|
|
64
|
-
if (
|
|
135
|
+
// ATPROTO requires one, and only one, authorization server entry
|
|
136
|
+
if (rsMetadata.authorization_servers?.length !== 1) {
|
|
65
137
|
throw new OAuthResolverError(
|
|
66
|
-
|
|
138
|
+
rsMetadata.authorization_servers?.length
|
|
139
|
+
? `Unable to determine authorization server for PDS: ${pdsUrl}`
|
|
140
|
+
: `No authorization servers found for PDS: ${pdsUrl}`,
|
|
67
141
|
)
|
|
68
142
|
}
|
|
69
143
|
|
|
144
|
+
const issuer = rsMetadata.authorization_servers![0]!
|
|
145
|
+
|
|
70
146
|
options?.signal?.throwIfAborted()
|
|
71
147
|
|
|
72
|
-
const asMetadata = await this.
|
|
148
|
+
const asMetadata = await this.getAuthorizationServerMetadata(
|
|
149
|
+
issuer,
|
|
150
|
+
options,
|
|
151
|
+
)
|
|
73
152
|
|
|
74
153
|
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-resource-metadata-05#section-4
|
|
75
154
|
if (asMetadata.protected_resources) {
|
|
76
155
|
if (!asMetadata.protected_resources.includes(rsMetadata.resource)) {
|
|
77
156
|
throw new OAuthResolverError(
|
|
78
|
-
`PDS "${
|
|
157
|
+
`PDS "${pdsUrl}" not protected by issuer "${issuer}"`,
|
|
79
158
|
)
|
|
80
159
|
}
|
|
81
160
|
}
|
|
82
161
|
|
|
83
162
|
return asMetadata
|
|
84
163
|
} catch (cause) {
|
|
85
|
-
options?.signal?.throwIfAborted()
|
|
86
|
-
|
|
87
164
|
throw OAuthResolverError.from(
|
|
88
165
|
cause,
|
|
89
|
-
`Failed to resolve OAuth server metadata for resource: ${
|
|
166
|
+
`Failed to resolve OAuth server metadata for resource: ${pdsUrl}`,
|
|
90
167
|
)
|
|
91
168
|
}
|
|
92
169
|
}
|
|
93
|
-
|
|
94
|
-
public async resolve(
|
|
95
|
-
input: string,
|
|
96
|
-
options?: ResolveOAuthOptions,
|
|
97
|
-
): Promise<{
|
|
98
|
-
identity: ResolvedIdentity
|
|
99
|
-
metadata: OAuthAuthorizationServerMetadata
|
|
100
|
-
}> {
|
|
101
|
-
options?.signal?.throwIfAborted()
|
|
102
|
-
|
|
103
|
-
const identity = await this.resolveIdentity(input, options)
|
|
104
|
-
|
|
105
|
-
options?.signal?.throwIfAborted()
|
|
106
|
-
|
|
107
|
-
const metadata = await this.resolvePdsMetadata(identity.pds, options)
|
|
108
|
-
|
|
109
|
-
return { identity, metadata }
|
|
110
|
-
}
|
|
111
170
|
}
|
|
@@ -134,7 +134,9 @@ export class OAuthServerAgent {
|
|
|
134
134
|
// @TODO (?) make timeout configurable
|
|
135
135
|
using signal = timeoutSignal(10e3)
|
|
136
136
|
|
|
137
|
-
const resolved = await this.oauthResolver.
|
|
137
|
+
const resolved = await this.oauthResolver.resolveFromIdentity(sub, {
|
|
138
|
+
signal,
|
|
139
|
+
})
|
|
138
140
|
|
|
139
141
|
if (resolved.metadata.issuer !== this.serverMetadata.issuer) {
|
|
140
142
|
// Best case scenario; the user switched PDS. Worst case scenario; a bad
|
|
@@ -19,7 +19,10 @@ export class OAuthServerFactory {
|
|
|
19
19
|
) {}
|
|
20
20
|
|
|
21
21
|
async fromIssuer(issuer: string, dpopKey: Key, options?: GetCachedOptions) {
|
|
22
|
-
const serverMetadata = await this.resolver.
|
|
22
|
+
const serverMetadata = await this.resolver.getAuthorizationServerMetadata(
|
|
23
|
+
issuer,
|
|
24
|
+
options,
|
|
25
|
+
)
|
|
23
26
|
return this.fromMetadata(serverMetadata, dpopKey)
|
|
24
27
|
}
|
|
25
28
|
|
package/src/session-getter.ts
CHANGED
|
@@ -82,7 +82,7 @@ export class SessionGetter extends CachedGetter<string, Session> {
|
|
|
82
82
|
// concurrency issues if multiple tabs/instances are trying to refresh
|
|
83
83
|
// the same token. The chances of this happening when multiple instances
|
|
84
84
|
// are started simultaneously is reduced by randomizing the expiry time
|
|
85
|
-
// (see isStale()
|
|
85
|
+
// (see isStale() below). Even so, There still exist chances that
|
|
86
86
|
// multiple tabs will try to refresh the token at the same time. The
|
|
87
87
|
// best solution would be to use a mutex/lock to ensure that only one
|
|
88
88
|
// instance is refreshing the token at a time. A simpler workaround is
|