@atproto/oauth-client 0.2.1 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- package/CHANGELOG.md +42 -0
- package/README.md +12 -6
- package/dist/atproto-token-response.d.ts +110 -0
- package/dist/atproto-token-response.d.ts.map +1 -0
- package/dist/atproto-token-response.js +20 -0
- package/dist/atproto-token-response.js.map +1 -0
- package/dist/fetch-dpop.js +1 -2
- package/dist/fetch-dpop.js.map +1 -1
- package/dist/oauth-authorization-server-metadata-resolver.d.ts +6 -2
- package/dist/oauth-authorization-server-metadata-resolver.d.ts.map +1 -1
- package/dist/oauth-authorization-server-metadata-resolver.js +18 -9
- package/dist/oauth-authorization-server-metadata-resolver.js.map +1 -1
- package/dist/oauth-callback-error.d.ts.map +1 -1
- package/dist/oauth-client.d.ts +30 -15
- package/dist/oauth-client.d.ts.map +1 -1
- package/dist/oauth-client.js +24 -17
- package/dist/oauth-client.js.map +1 -1
- package/dist/oauth-protected-resource-metadata-resolver.d.ts +5 -1
- package/dist/oauth-protected-resource-metadata-resolver.d.ts.map +1 -1
- package/dist/oauth-protected-resource-metadata-resolver.js +18 -11
- package/dist/oauth-protected-resource-metadata-resolver.js.map +1 -1
- package/dist/oauth-resolver.d.ts +2 -2
- package/dist/oauth-server-agent.d.ts +15 -12
- package/dist/oauth-server-agent.d.ts.map +1 -1
- package/dist/oauth-server-agent.js +66 -47
- package/dist/oauth-server-agent.js.map +1 -1
- package/dist/oauth-session.d.ts +13 -8
- package/dist/oauth-session.d.ts.map +1 -1
- package/dist/oauth-session.js +12 -7
- package/dist/oauth-session.js.map +1 -1
- package/dist/runtime.d.ts +1 -1
- package/dist/runtime.js.map +1 -1
- package/dist/session-getter.d.ts +5 -4
- package/dist/session-getter.d.ts.map +1 -1
- package/dist/session-getter.js +52 -32
- package/dist/session-getter.js.map +1 -1
- package/dist/types.d.ts +98 -102
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js.map +1 -1
- package/dist/util.d.ts +6 -1
- package/dist/util.d.ts.map +1 -1
- package/dist/util.js +56 -2
- package/dist/util.js.map +1 -1
- package/dist/validate-client-metadata.d.ts.map +1 -1
- package/dist/validate-client-metadata.js +17 -7
- package/dist/validate-client-metadata.js.map +1 -1
- package/package.json +9 -9
- package/src/atproto-token-response.ts +22 -0
- package/src/oauth-authorization-server-metadata-resolver.ts +22 -8
- package/src/oauth-client.ts +62 -32
- package/src/oauth-protected-resource-metadata-resolver.ts +22 -12
- package/src/oauth-server-agent.ts +89 -70
- package/src/oauth-session.ts +21 -13
- package/src/runtime.ts +1 -1
- package/src/session-getter.ts +53 -33
- package/src/types.ts +16 -11
- package/src/util.ts +78 -0
- package/src/validate-client-metadata.ts +23 -6
- package/tsconfig.build.tsbuildinfo +1 -0
package/dist/oauth-session.d.ts
CHANGED
|
@@ -1,28 +1,33 @@
|
|
|
1
1
|
import { Fetch } from '@atproto-labs/fetch';
|
|
2
|
+
import { AtprotoDid } from '@atproto/did';
|
|
2
3
|
import { OAuthAuthorizationServerMetadata } from '@atproto/oauth-types';
|
|
4
|
+
import { AtprotoScope } from './atproto-token-response.js';
|
|
3
5
|
import { OAuthServerAgent, TokenSet } from './oauth-server-agent.js';
|
|
4
6
|
import { SessionGetter } from './session-getter.js';
|
|
5
7
|
export type TokenInfo = {
|
|
6
8
|
expiresAt?: Date;
|
|
7
9
|
expired?: boolean;
|
|
8
|
-
scope
|
|
10
|
+
scope: AtprotoScope;
|
|
9
11
|
iss: string;
|
|
10
12
|
aud: string;
|
|
11
|
-
sub:
|
|
13
|
+
sub: AtprotoDid;
|
|
12
14
|
};
|
|
13
15
|
export declare class OAuthSession {
|
|
14
16
|
readonly server: OAuthServerAgent;
|
|
15
|
-
readonly sub:
|
|
17
|
+
readonly sub: AtprotoDid;
|
|
16
18
|
private readonly sessionGetter;
|
|
17
19
|
protected dpopFetch: Fetch<unknown>;
|
|
18
|
-
constructor(server: OAuthServerAgent, sub:
|
|
19
|
-
get did():
|
|
20
|
+
constructor(server: OAuthServerAgent, sub: AtprotoDid, sessionGetter: SessionGetter, fetch?: Fetch);
|
|
21
|
+
get did(): AtprotoDid;
|
|
20
22
|
get serverMetadata(): Readonly<OAuthAuthorizationServerMetadata>;
|
|
21
23
|
/**
|
|
22
|
-
* @param refresh
|
|
24
|
+
* @param refresh When `true`, the credentials will be refreshed even if they
|
|
25
|
+
* are not expired. When `false`, the credentials will not be refreshed even
|
|
26
|
+
* if they are expired. When `undefined`, the credentials will be refreshed
|
|
27
|
+
* if, and only if, they are (about to be) expired. Defaults to `undefined`.
|
|
23
28
|
*/
|
|
24
|
-
getTokenSet(refresh
|
|
25
|
-
getTokenInfo(refresh?: boolean): Promise<TokenInfo>;
|
|
29
|
+
protected getTokenSet(refresh: boolean | 'auto'): Promise<TokenSet>;
|
|
30
|
+
getTokenInfo(refresh?: boolean | 'auto'): Promise<TokenInfo>;
|
|
26
31
|
signOut(): Promise<void>;
|
|
27
32
|
fetchHandler(pathname: string, init?: RequestInit): Promise<Response>;
|
|
28
33
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-session.d.ts","sourceRoot":"","sources":["../src/oauth-session.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"oauth-session.d.ts","sourceRoot":"","sources":["../src/oauth-session.ts"],"names":[],"mappings":"AAAA,OAAO,EAAa,KAAK,EAAE,MAAM,qBAAqB,CAAA;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AACzC,OAAO,EAAE,gCAAgC,EAAE,MAAM,sBAAsB,CAAA;AAEvE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAA;AAI1D,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AACpE,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AAMnD,MAAM,MAAM,SAAS,GAAG;IACtB,SAAS,CAAC,EAAE,IAAI,CAAA;IAChB,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB,KAAK,EAAE,YAAY,CAAA;IACnB,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,UAAU,CAAA;CAChB,CAAA;AAED,qBAAa,YAAY;aAIL,MAAM,EAAE,gBAAgB;aACxB,GAAG,EAAE,UAAU;IAC/B,OAAO,CAAC,QAAQ,CAAC,aAAa;IALhC,SAAS,CAAC,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,CAAA;gBAGjB,MAAM,EAAE,gBAAgB,EACxB,GAAG,EAAE,UAAU,EACd,aAAa,EAAE,aAAa,EAC7C,KAAK,GAAE,KAAwB;IAajC,IAAI,GAAG,IAAI,UAAU,CAEpB;IAED,IAAI,cAAc,IAAI,QAAQ,CAAC,gCAAgC,CAAC,CAE/D;IAED;;;;;OAKG;cACa,WAAW,CAAC,OAAO,EAAE,OAAO,GAAG,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IASnE,YAAY,CAAC,OAAO,GAAE,OAAO,GAAG,MAAe,GAAG,OAAO,CAAC,SAAS,CAAC;IAmBpE,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAYxB,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;CA2D5E"}
|
package/dist/oauth-session.js
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.OAuthSession = void 0;
|
|
4
|
-
const did_1 = require("@atproto/did");
|
|
5
4
|
const fetch_1 = require("@atproto-labs/fetch");
|
|
6
5
|
const token_invalid_error_js_1 = require("./errors/token-invalid-error.js");
|
|
7
6
|
const token_revoked_error_js_1 = require("./errors/token-revoked-error.js");
|
|
@@ -44,19 +43,25 @@ class OAuthSession {
|
|
|
44
43
|
});
|
|
45
44
|
}
|
|
46
45
|
get did() {
|
|
47
|
-
return
|
|
46
|
+
return this.sub;
|
|
48
47
|
}
|
|
49
48
|
get serverMetadata() {
|
|
50
49
|
return this.server.serverMetadata;
|
|
51
50
|
}
|
|
52
51
|
/**
|
|
53
|
-
* @param refresh
|
|
52
|
+
* @param refresh When `true`, the credentials will be refreshed even if they
|
|
53
|
+
* are not expired. When `false`, the credentials will not be refreshed even
|
|
54
|
+
* if they are expired. When `undefined`, the credentials will be refreshed
|
|
55
|
+
* if, and only if, they are (about to be) expired. Defaults to `undefined`.
|
|
54
56
|
*/
|
|
55
57
|
async getTokenSet(refresh) {
|
|
56
|
-
const { tokenSet } = await this.sessionGetter.
|
|
58
|
+
const { tokenSet } = await this.sessionGetter.get(this.sub, {
|
|
59
|
+
noCache: refresh === true,
|
|
60
|
+
allowStale: refresh === false,
|
|
61
|
+
});
|
|
57
62
|
return tokenSet;
|
|
58
63
|
}
|
|
59
|
-
async getTokenInfo(refresh) {
|
|
64
|
+
async getTokenInfo(refresh = 'auto') {
|
|
60
65
|
const tokenSet = await this.getTokenSet(refresh);
|
|
61
66
|
const expiresAt = tokenSet.expires_at == null ? undefined : new Date(tokenSet.expires_at);
|
|
62
67
|
return {
|
|
@@ -74,7 +79,7 @@ class OAuthSession {
|
|
|
74
79
|
}
|
|
75
80
|
async signOut() {
|
|
76
81
|
try {
|
|
77
|
-
const
|
|
82
|
+
const tokenSet = await this.getTokenSet(false);
|
|
78
83
|
await this.server.revoke(tokenSet.access_token);
|
|
79
84
|
}
|
|
80
85
|
finally {
|
|
@@ -83,7 +88,7 @@ class OAuthSession {
|
|
|
83
88
|
}
|
|
84
89
|
async fetchHandler(pathname, init) {
|
|
85
90
|
// This will try and refresh the token if it is known to be expired
|
|
86
|
-
const tokenSet = await this.getTokenSet(
|
|
91
|
+
const tokenSet = await this.getTokenSet('auto');
|
|
87
92
|
const initialUrl = new URL(pathname, tokenSet.aud);
|
|
88
93
|
const initialAuth = `${tokenSet.token_type} ${tokenSet.access_token}`;
|
|
89
94
|
const headers = new Headers(init?.headers);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-session.js","sourceRoot":"","sources":["../src/oauth-session.ts"],"names":[],"mappings":";;;AAAA
|
|
1
|
+
{"version":3,"file":"oauth-session.js","sourceRoot":"","sources":["../src/oauth-session.ts"],"names":[],"mappings":";;;AAAA,+CAAsD;AAKtD,4EAAmE;AACnE,4EAAmE;AACnE,mDAAkD;AAIlD,MAAM,cAAc,GAAG,UAAU,CAAC,cAErB,CAAA;AAWb,MAAa,YAAY;IAGvB,YACkB,MAAwB,EACxB,GAAe,EACd,aAA4B,EAC7C,QAAe,UAAU,CAAC,KAAK;QAH/B;;;;mBAAgB,MAAM;WAAkB;QACxC;;;;mBAAgB,GAAG;WAAY;QAC/B;;;;mBAAiB,aAAa;WAAe;QALrC;;;;;WAAyB;QAQjC,IAAI,CAAC,SAAS,GAAG,IAAA,gCAAgB,EAAO;YACtC,KAAK,EAAE,IAAA,iBAAS,EAAC,KAAK,CAAC;YACvB,GAAG,EAAE,MAAM,CAAC,cAAc,CAAC,SAAS;YACpC,GAAG,EAAE,MAAM,CAAC,OAAO;YACnB,aAAa,EAAE,MAAM,CAAC,cAAc,CAAC,iCAAiC;YACtE,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;YAC7C,MAAM,EAAE,MAAM,CAAC,UAAU;YACzB,YAAY,EAAE,KAAK;SACpB,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,GAAG;QACL,OAAO,IAAI,CAAC,GAAG,CAAA;IACjB,CAAC;IAED,IAAI,cAAc;QAChB,OAAO,IAAI,CAAC,MAAM,CAAC,cAAc,CAAA;IACnC,CAAC;IAED;;;;;OAKG;IACO,KAAK,CAAC,WAAW,CAAC,OAAyB;QACnD,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE;YAC1D,OAAO,EAAE,OAAO,KAAK,IAAI;YACzB,UAAU,EAAE,OAAO,KAAK,KAAK;SAC9B,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,UAA4B,MAAM;QACnD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;QAChD,MAAM,SAAS,GACb,QAAQ,CAAC,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAA;QAEzE,OAAO;YACL,SAAS;YACT,IAAI,OAAO;gBACT,OAAO,SAAS,IAAI,IAAI;oBACtB,CAAC,CAAC,SAAS;oBACX,CAAC,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAA;YAC5C,CAAC;YACD,KAAK,EAAE,QAAQ,CAAC,KAAK;YACrB,GAAG,EAAE,QAAQ,CAAC,GAAG;YACjB,GAAG,EAAE,QAAQ,CAAC,GAAG;YACjB,GAAG,EAAE,QAAQ,CAAC,GAAG;SAClB,CAAA;IACH,CAAC;IAED,KAAK,CAAC,OAAO;QACX,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAA;YAC9C,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAA;QACjD,CAAC;gBAAS,CAAC;YACT,MAAM,IAAI,CAAC,aAAa,CAAC,SAAS,CAChC,IAAI,CAAC,GAAG,EACR,IAAI,0CAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,CAChC,CAAA;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,QAAgB,EAAE,IAAkB;QACrD,mEAAmE;QACnE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAA;QAE/C,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAA;QAClD,MAAM,WAAW,GAAG,GAAG,QAAQ,CAAC,UAAU,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAA;QAErE,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAC1C,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,WAAW,CAAC,CAAA;QAEzC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE;YACvD,GAAG,IAAI;YACP,OAAO;SACR,CAAC,CAAA;QAEF,2DAA2D;QAC3D,IAAI,CAAC,sBAAsB,CAAC,eAAe,CAAC,EAAE,CAAC;YAC7C,OAAO,eAAe,CAAA;QACxB,CAAC;QAED,IAAI,aAAuB,CAAA;QAC3B,IAAI,CAAC;YACH,kBAAkB;YAClB,aAAa,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;QAC9C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,eAAe,CAAA;QACxB,CAAC;QAED,2EAA2E;QAC3E,yEAAyE;QACzE,yEAAyE;QACzE,wEAAwE;QACxE,IAAI,cAAc,IAAI,IAAI,EAAE,IAAI,YAAY,cAAc,EAAE,CAAC;YAC3D,OAAO,eAAe,CAAA;QACxB,CAAC;QAED,MAAM,SAAS,GAAG,GAAG,aAAa,CAAC,UAAU,IAAI,aAAa,CAAC,YAAY,EAAE,CAAA;QAC7E,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,aAAa,CAAC,GAAG,CAAC,CAAA;QAErD,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC,CAAA;QAEvC,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;QAE1E,yEAAyE;QACzE,0EAA0E;QAC1E,yEAAyE;QACzE,iEAAiE;QACjE,IAAI,sBAAsB,CAAC,aAAa,CAAC,EAAE,CAAC;YAC1C,oEAAoE;YACpE,0EAA0E;YAC1E,kCAAkC;YAClC,MAAM,IAAI,CAAC,aAAa,CAAC,SAAS,CAChC,IAAI,CAAC,GAAG,EACR,IAAI,0CAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,CAChC,CAAA;QACH,CAAC;QAED,OAAO,aAAa,CAAA;IACtB,CAAC;CACF;AArID,oCAqIC;AAED;;;GAGG;AACH,SAAS,sBAAsB,CAAC,QAAkB;IAChD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG;QAAE,OAAO,KAAK,CAAA;IACzC,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;IACxD,OAAO,CACL,OAAO,IAAI,IAAI;QACf,CAAC,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC9D,OAAO,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAC1C,CAAA;AACH,CAAC"}
|
package/dist/runtime.d.ts
CHANGED
package/dist/runtime.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"runtime.js","sourceRoot":"","sources":["../src/runtime.ts"],"names":[],"mappings":";;;AACA,sDAAqD;AAErD,uCAA4C;AAG5C,MAAa,OAAO;IAIlB,YAAsB,cAAqC;QAA/C;;;;mBAAU,cAAc;WAAuB;QAHlD;;;;;WAA8B;QAC9B;;;;;WAAsB;QAG7B,MAAM,EAAE,WAAW,EAAE,GAAG,cAAc,CAAA;QAEtC,IAAI,CAAC,qBAAqB,GAAG,WAAW,IAAI,IAAI,CAAA;QAChD,IAAI,CAAC,SAAS;YACZ,WAAW,EAAE,IAAI,CAAC,cAAc,CAAC;gBACjC,+BAA+B;gBAC/B,0BAAgB,CAAA;IACpB,CAAC;IAEM,KAAK,CAAC,WAAW,CAAC,IAAc;QACrC,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QACtD,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,UAAU,CAAC,CAAA;IAClD,CAAC;IAEM,KAAK,CAAC,MAAM,CAAC,IAAY;QAC9B,MAAM,KAAK,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QAC5C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAA;QAC1E,OAAO,kBAAS,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;IACrC,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,MAAM,GAAG,EAAE;QACpC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,MAAM,CAAC,CAAA;QAC/D,OAAO,kBAAS,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;IACpC,CAAC;IAEM,KAAK,CAAC,YAAY,CAAC,UAAmB;QAC3C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAA;QACxD,OAAO;YACL,QAAQ;YACR,SAAS,EAAE,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;YACtC,MAAM,EAAE,
|
|
1
|
+
{"version":3,"file":"runtime.js","sourceRoot":"","sources":["../src/runtime.ts"],"names":[],"mappings":";;;AACA,sDAAqD;AAErD,uCAA4C;AAG5C,MAAa,OAAO;IAIlB,YAAsB,cAAqC;QAA/C;;;;mBAAU,cAAc;WAAuB;QAHlD;;;;;WAA8B;QAC9B;;;;;WAAsB;QAG7B,MAAM,EAAE,WAAW,EAAE,GAAG,cAAc,CAAA;QAEtC,IAAI,CAAC,qBAAqB,GAAG,WAAW,IAAI,IAAI,CAAA;QAChD,IAAI,CAAC,SAAS;YACZ,WAAW,EAAE,IAAI,CAAC,cAAc,CAAC;gBACjC,+BAA+B;gBAC/B,0BAAgB,CAAA;IACpB,CAAC;IAEM,KAAK,CAAC,WAAW,CAAC,IAAc;QACrC,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QACtD,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,UAAU,CAAC,CAAA;IAClD,CAAC;IAEM,KAAK,CAAC,MAAM,CAAC,IAAY;QAC9B,MAAM,KAAK,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QAC5C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAA;QAC1E,OAAO,kBAAS,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;IACrC,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,MAAM,GAAG,EAAE;QACpC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,MAAM,CAAC,CAAA;QAC/D,OAAO,kBAAS,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;IACpC,CAAC;IAEM,KAAK,CAAC,YAAY,CAAC,UAAmB;QAC3C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAA;QACxD,OAAO;YACL,QAAQ;YACR,SAAS,EAAE,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;YACtC,MAAM,EAAE,MAAe;SACxB,CAAA;IACH,CAAC;IAEM,KAAK,CAAC,sBAAsB,CAAC,GAAG;QACrC,MAAM,UAAU,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAA;QAC5C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAA;QACvC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;IAC1B,CAAC;IAED;;;;;;OAMG;IACO,KAAK,CAAC,gBAAgB,CAAC,UAAU,GAAG,EAAE;QAC9C,IAAI,UAAU,GAAG,EAAE,IAAI,UAAU,GAAG,EAAE,EAAE,CAAC;YACvC,MAAM,IAAI,SAAS,CAAC,8BAA8B,CAAC,CAAA;QACrD,CAAC;QACD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,UAAU,CAAC,CAAA;QACnE,OAAO,kBAAS,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;IACpC,CAAC;CACF;AA3DD,0BA2DC;AAED,SAAS,oBAAoB,CAAC,GAAG;IAC/B,MAAM,GAAG,GAAG,CAAC,KAAK,EAAE,EAAE;QACpB,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,CAAA;QACxB,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,EAAE,CAAC;YACxC,MAAM,IAAI,SAAS,CAAC,IAAI,KAAK,gCAAgC,CAAC,CAAA;QAChE,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC,CAAA;IAED,QAAQ,GAAG,CAAC,GAAG,EAAE,CAAC;QAChB,KAAK,IAAI;YACP,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAA;QACvE,KAAK,KAAK;YACR,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAA;QAC1D,KAAK,KAAK;YACR,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAA;QACtD,KAAK,KAAK;YACR,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,KAAK,CAAC,EAAE,CAAA;QACzC;YACE,MAAM,IAAI,SAAS,CAAC,mDAAmD,CAAC,CAAA;IAC5E,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,CAAS,EAAE,CAAS;IACxC,IAAI,CAAC,KAAK,QAAQ;QAAE,OAAO,CAAC,CAAC,CAAA;IAC7B,IAAI,CAAC,KAAK,QAAQ;QAAE,OAAO,CAAC,CAAA;IAE5B,KAAK,MAAM,MAAM,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,CAAC;QACxC,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBACzB,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBACpC,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBAEpC,6BAA6B;gBAC7B,OAAO,IAAI,GAAG,IAAI,CAAA;YACpB,CAAC;YACD,OAAO,CAAC,CAAC,CAAA;QACX,CAAC;aAAM,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAChC,OAAO,CAAC,CAAA;QACV,CAAC;IACH,CAAC;IAED,iDAAiD;IACjD,OAAO,CAAC,CAAA;AACV,CAAC"}
|
package/dist/session-getter.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { CachedGetter, GetCachedOptions, SimpleStore } from '@atproto-labs/simple-store';
|
|
2
|
+
import { AtprotoDid } from '@atproto/did';
|
|
2
3
|
import { Key } from '@atproto/jwk';
|
|
3
4
|
import { TokenInvalidError } from './errors/token-invalid-error.js';
|
|
4
5
|
import { TokenRefreshError } from './errors/token-refresh-error.js';
|
|
@@ -28,7 +29,7 @@ export type SessionEventListener<T extends keyof SessionEventMap = keyof Session
|
|
|
28
29
|
* contains the logic for reading from the cache which, if the cache is based on
|
|
29
30
|
* localStorage/indexedDB, will sync across multiple tabs (for a given sub).
|
|
30
31
|
*/
|
|
31
|
-
export declare class SessionGetter extends CachedGetter<
|
|
32
|
+
export declare class SessionGetter extends CachedGetter<AtprotoDid, Session> {
|
|
32
33
|
private readonly runtime;
|
|
33
34
|
private readonly eventTarget;
|
|
34
35
|
constructor(sessionStore: SessionStore, serverFactory: OAuthServerFactory, runtime: Runtime);
|
|
@@ -36,14 +37,14 @@ export declare class SessionGetter extends CachedGetter<string, Session> {
|
|
|
36
37
|
removeEventListener<T extends keyof SessionEventMap>(type: T, callback: SessionEventListener<T>, options?: EventListenerOptions | boolean): void;
|
|
37
38
|
dispatchEvent<T extends keyof SessionEventMap>(type: T, detail: SessionEventMap[T]): boolean;
|
|
38
39
|
setStored(sub: string, session: Session): Promise<void>;
|
|
39
|
-
delStored(sub:
|
|
40
|
+
delStored(sub: AtprotoDid, cause?: unknown): Promise<void>;
|
|
40
41
|
/**
|
|
41
42
|
* @param refresh When `true`, the credentials will be refreshed even if they
|
|
42
43
|
* are not expired. When `false`, the credentials will not be refreshed even
|
|
43
44
|
* if they are expired. When `undefined`, the credentials will be refreshed
|
|
44
45
|
* if, and only if, they are (about to be) expired. Defaults to `undefined`.
|
|
45
46
|
*/
|
|
46
|
-
getSession(sub:
|
|
47
|
-
get(sub:
|
|
47
|
+
getSession(sub: AtprotoDid, refresh?: boolean): Promise<Session>;
|
|
48
|
+
get(sub: AtprotoDid, options?: GetCachedOptions): Promise<Session>;
|
|
48
49
|
}
|
|
49
50
|
//# sourceMappingURL=session-getter.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session-getter.d.ts","sourceRoot":"","sources":["../src/session-getter.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,WAAW,EACZ,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAA;AAElC,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAA;AACnE,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAA;AACnE,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAA;AAEnE,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AAClD,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;AAC9D,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AAGtC,MAAM,MAAM,OAAO,GAAG;IACpB,OAAO,EAAE,GAAG,CAAA;IACZ,QAAQ,EAAE,QAAQ,CAAA;CACnB,CAAA;AAED,MAAM,MAAM,YAAY,GAAG,WAAW,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;AAEvD,MAAM,MAAM,eAAe,GAAG;IAC5B,OAAO,EAAE;QACP,GAAG,EAAE,MAAM,CAAA;KACZ,GAAG,OAAO,CAAA;IACX,OAAO,EAAE;QACP,GAAG,EAAE,MAAM,CAAA;QACX,KAAK,EAAE,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,OAAO,CAAA;KAC3E,CAAA;CACF,CAAA;AAED,MAAM,MAAM,oBAAoB,CAC9B,CAAC,SAAS,MAAM,eAAe,GAAG,MAAM,eAAe,IACrD,CAAC,KAAK,EAAE,WAAW,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,CAAA;AAEpD;;;;;;GAMG;AACH,qBAAa,aAAc,SAAQ,YAAY,CAAC,
|
|
1
|
+
{"version":3,"file":"session-getter.d.ts","sourceRoot":"","sources":["../src/session-getter.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,WAAW,EACZ,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AACzC,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAA;AAElC,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAA;AACnE,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAA;AACnE,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAA;AAEnE,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AAClD,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;AAC9D,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AAGtC,MAAM,MAAM,OAAO,GAAG;IACpB,OAAO,EAAE,GAAG,CAAA;IACZ,QAAQ,EAAE,QAAQ,CAAA;CACnB,CAAA;AAED,MAAM,MAAM,YAAY,GAAG,WAAW,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;AAEvD,MAAM,MAAM,eAAe,GAAG;IAC5B,OAAO,EAAE;QACP,GAAG,EAAE,MAAM,CAAA;KACZ,GAAG,OAAO,CAAA;IACX,OAAO,EAAE;QACP,GAAG,EAAE,MAAM,CAAA;QACX,KAAK,EAAE,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,OAAO,CAAA;KAC3E,CAAA;CACF,CAAA;AAED,MAAM,MAAM,oBAAoB,CAC9B,CAAC,SAAS,MAAM,eAAe,GAAG,MAAM,eAAe,IACrD,CAAC,KAAK,EAAE,WAAW,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,CAAA;AAEpD;;;;;;GAMG;AACH,qBAAa,aAAc,SAAQ,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC;IAMhE,OAAO,CAAC,QAAQ,CAAC,OAAO;IAL1B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA2C;gBAGrE,YAAY,EAAE,YAAY,EAC1B,aAAa,EAAE,kBAAkB,EAChB,OAAO,EAAE,OAAO;IA4InC,gBAAgB,CAAC,CAAC,SAAS,MAAM,eAAe,EAC9C,IAAI,EAAE,CAAC,EACP,QAAQ,EAAE,oBAAoB,CAAC,CAAC,CAAC,EACjC,OAAO,CAAC,EAAE,uBAAuB,GAAG,OAAO;IAK7C,mBAAmB,CAAC,CAAC,SAAS,MAAM,eAAe,EACjD,IAAI,EAAE,CAAC,EACP,QAAQ,EAAE,oBAAoB,CAAC,CAAC,CAAC,EACjC,OAAO,CAAC,EAAE,oBAAoB,GAAG,OAAO;IAK1C,aAAa,CAAC,CAAC,SAAS,MAAM,eAAe,EAC3C,IAAI,EAAE,CAAC,EACP,MAAM,EAAE,eAAe,CAAC,CAAC,CAAC,GACzB,OAAO;IAIJ,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO;IAS9B,SAAS,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAKzE;;;;;OAKG;IACG,UAAU,CAAC,GAAG,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,OAAO;IAO7C,GAAG,CAAC,GAAG,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;CAwBzE"}
|
package/dist/session-getter.js
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
var __addDisposableResource = (this && this.__addDisposableResource) || function (env, value, async) {
|
|
3
3
|
if (value !== null && value !== void 0) {
|
|
4
4
|
if (typeof value !== "object" && typeof value !== "function") throw new TypeError("Object expected.");
|
|
5
|
-
var dispose;
|
|
5
|
+
var dispose, inner;
|
|
6
6
|
if (async) {
|
|
7
7
|
if (!Symbol.asyncDispose) throw new TypeError("Symbol.asyncDispose is not defined.");
|
|
8
8
|
dispose = value[Symbol.asyncDispose];
|
|
@@ -10,8 +10,10 @@ var __addDisposableResource = (this && this.__addDisposableResource) || function
|
|
|
10
10
|
if (dispose === void 0) {
|
|
11
11
|
if (!Symbol.dispose) throw new TypeError("Symbol.dispose is not defined.");
|
|
12
12
|
dispose = value[Symbol.dispose];
|
|
13
|
+
if (async) inner = dispose;
|
|
13
14
|
}
|
|
14
15
|
if (typeof dispose !== "function") throw new TypeError("Object not disposable.");
|
|
16
|
+
if (inner) dispose = function() { try { inner.call(this); } catch (e) { return Promise.reject(e); } };
|
|
15
17
|
env.stack.push({ value: value, dispose: dispose, async: async });
|
|
16
18
|
}
|
|
17
19
|
else if (async) {
|
|
@@ -25,17 +27,22 @@ var __disposeResources = (this && this.__disposeResources) || (function (Suppres
|
|
|
25
27
|
env.error = env.hasError ? new SuppressedError(e, env.error, "An error was suppressed during disposal.") : e;
|
|
26
28
|
env.hasError = true;
|
|
27
29
|
}
|
|
30
|
+
var r, s = 0;
|
|
28
31
|
function next() {
|
|
29
|
-
while (env.stack.
|
|
30
|
-
var rec = env.stack.pop();
|
|
32
|
+
while (r = env.stack.pop()) {
|
|
31
33
|
try {
|
|
32
|
-
|
|
33
|
-
if (
|
|
34
|
+
if (!r.async && s === 1) return s = 0, env.stack.push(r), Promise.resolve().then(next);
|
|
35
|
+
if (r.dispose) {
|
|
36
|
+
var result = r.dispose.call(r.value);
|
|
37
|
+
if (r.async) return s |= 2, Promise.resolve(result).then(next, function(e) { fail(e); return next(); });
|
|
38
|
+
}
|
|
39
|
+
else s |= 1;
|
|
34
40
|
}
|
|
35
41
|
catch (e) {
|
|
36
42
|
fail(e);
|
|
37
43
|
}
|
|
38
44
|
}
|
|
45
|
+
if (s === 1) return env.hasError ? Promise.reject(env.error) : Promise.resolve();
|
|
39
46
|
if (env.hasError) throw env.error;
|
|
40
47
|
}
|
|
41
48
|
return next();
|
|
@@ -81,27 +88,28 @@ class SessionGetter extends simple_store_1.CachedGetter {
|
|
|
81
88
|
// dispatched, even if the session was removed from the store through a
|
|
82
89
|
// concurrent access (which, normally, should not happen if a proper
|
|
83
90
|
// runtime lock was provided).
|
|
84
|
-
|
|
91
|
+
const { dpopKey, tokenSet } = storedSession;
|
|
92
|
+
if (sub !== tokenSet.sub) {
|
|
85
93
|
// Fool-proofing (e.g. against invalid session storage)
|
|
86
94
|
throw new token_refresh_error_js_1.TokenRefreshError(sub, 'Stored session sub mismatch');
|
|
87
95
|
}
|
|
96
|
+
if (!tokenSet.refresh_token) {
|
|
97
|
+
throw new token_refresh_error_js_1.TokenRefreshError(sub, 'No refresh token available');
|
|
98
|
+
}
|
|
88
99
|
// Since refresh tokens can only be used once, we might run into
|
|
89
|
-
// concurrency issues if multiple
|
|
90
|
-
// the same token. The chances of this
|
|
91
|
-
// are started simultaneously is
|
|
92
|
-
// (see isStale() below).
|
|
93
|
-
//
|
|
94
|
-
//
|
|
95
|
-
//
|
|
96
|
-
// to check if
|
|
97
|
-
// one in memory. If it isn't, then another instance has already
|
|
98
|
-
// refreshed the token.
|
|
99
|
-
const { tokenSet, dpopKey } = storedSession;
|
|
100
|
+
// concurrency issues if multiple instances (e.g. browser tabs) are
|
|
101
|
+
// trying to refresh the same token simultaneously. The chances of this
|
|
102
|
+
// happening when multiple instances are started simultaneously is
|
|
103
|
+
// reduced by randomizing the expiry time (see isStale() below). The
|
|
104
|
+
// best solution is to use a mutex/lock to ensure that only one instance
|
|
105
|
+
// is refreshing the token at a time (runtime.usingLock) but that is not
|
|
106
|
+
// always possible. If no lock implementation is provided, we will use
|
|
107
|
+
// the store to check if a concurrent refresh occurred.
|
|
100
108
|
const server = await serverFactory.fromIssuer(tokenSet.iss, dpopKey);
|
|
101
109
|
// Because refresh tokens can only be used once, we must not use the
|
|
102
110
|
// "signal" to abort the refresh, or throw any abort error beyond this
|
|
103
111
|
// point. Any thrown error beyond this point will prevent the
|
|
104
|
-
//
|
|
112
|
+
// TokenGetter from obtaining, and storing, the new token set,
|
|
105
113
|
// effectively rendering the currently saved session unusable.
|
|
106
114
|
options?.signal?.throwIfAborted();
|
|
107
115
|
try {
|
|
@@ -138,7 +146,7 @@ class SessionGetter extends simple_store_1.CachedGetter {
|
|
|
138
146
|
else if (stored.tokenSet.access_token !== tokenSet.access_token ||
|
|
139
147
|
stored.tokenSet.refresh_token !== tokenSet.refresh_token) {
|
|
140
148
|
// A concurrent refresh occurred. Pretend this one succeeded.
|
|
141
|
-
return
|
|
149
|
+
return stored;
|
|
142
150
|
}
|
|
143
151
|
else {
|
|
144
152
|
// There were no concurrent refresh. The token is (likely)
|
|
@@ -155,9 +163,13 @@ class SessionGetter extends simple_store_1.CachedGetter {
|
|
|
155
163
|
isStale: (sub, { tokenSet }) => {
|
|
156
164
|
return (tokenSet.expires_at != null &&
|
|
157
165
|
new Date(tokenSet.expires_at).getTime() <
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
166
|
+
Date.now() +
|
|
167
|
+
// Add some lee way to ensure the token is not expired when it
|
|
168
|
+
// reaches the server.
|
|
169
|
+
10e3 +
|
|
170
|
+
// Add some randomness to reduce the chances of multiple
|
|
171
|
+
// instances trying to refresh the token at the same.
|
|
172
|
+
30e3 * Math.random());
|
|
161
173
|
},
|
|
162
174
|
onStoreError: async (err, sub, { tokenSet, dpopKey }) => {
|
|
163
175
|
// If the token data cannot be stored, let's revoke it
|
|
@@ -194,6 +206,10 @@ class SessionGetter extends simple_store_1.CachedGetter {
|
|
|
194
206
|
return this.eventTarget.dispatchCustomEvent(type, detail);
|
|
195
207
|
}
|
|
196
208
|
async setStored(sub, session) {
|
|
209
|
+
// Prevent tampering with the stored value
|
|
210
|
+
if (sub !== session.tokenSet.sub) {
|
|
211
|
+
throw new TypeError('Token set does not match the expected sub');
|
|
212
|
+
}
|
|
197
213
|
await super.setStored(sub, session);
|
|
198
214
|
this.dispatchEvent('updated', { sub, ...session });
|
|
199
215
|
}
|
|
@@ -208,24 +224,23 @@ class SessionGetter extends simple_store_1.CachedGetter {
|
|
|
208
224
|
* if, and only if, they are (about to be) expired. Defaults to `undefined`.
|
|
209
225
|
*/
|
|
210
226
|
async getSession(sub, refresh) {
|
|
211
|
-
|
|
227
|
+
return this.get(sub, {
|
|
212
228
|
noCache: refresh === true,
|
|
213
229
|
allowStale: refresh === false,
|
|
214
230
|
});
|
|
215
|
-
if (sub !== session.tokenSet.sub) {
|
|
216
|
-
// Fool-proofing (e.g. against invalid session storage)
|
|
217
|
-
throw new Error('Token set does not match the expected sub');
|
|
218
|
-
}
|
|
219
|
-
return session;
|
|
220
231
|
}
|
|
221
232
|
async get(sub, options) {
|
|
222
|
-
|
|
233
|
+
const session = await this.runtime.usingLock(`@atproto-oauth-client-${sub}`, async () => {
|
|
223
234
|
const env_1 = { stack: [], error: void 0, hasError: false };
|
|
224
235
|
try {
|
|
225
|
-
// Make sure, even if there is no signal in the options, that the
|
|
226
|
-
// will be cancelled after at most 30 seconds.
|
|
236
|
+
// Make sure, even if there is no signal in the options, that the
|
|
237
|
+
// request will be cancelled after at most 30 seconds.
|
|
227
238
|
const signal = __addDisposableResource(env_1, (0, util_js_1.timeoutSignal)(30e3, options), false);
|
|
228
|
-
|
|
239
|
+
const abortController = __addDisposableResource(env_1, (0, util_js_1.combineSignals)([options?.signal, signal]), false);
|
|
240
|
+
return await super.get(sub, {
|
|
241
|
+
...options,
|
|
242
|
+
signal: abortController.signal,
|
|
243
|
+
});
|
|
229
244
|
}
|
|
230
245
|
catch (e_1) {
|
|
231
246
|
env_1.error = e_1;
|
|
@@ -235,6 +250,11 @@ class SessionGetter extends simple_store_1.CachedGetter {
|
|
|
235
250
|
__disposeResources(env_1);
|
|
236
251
|
}
|
|
237
252
|
});
|
|
253
|
+
if (sub !== session.tokenSet.sub) {
|
|
254
|
+
// Fool-proofing (e.g. against invalid session storage)
|
|
255
|
+
throw new Error('Token set does not match the expected sub');
|
|
256
|
+
}
|
|
257
|
+
return session;
|
|
238
258
|
}
|
|
239
259
|
}
|
|
240
260
|
exports.SessionGetter = SessionGetter;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session-getter.js","sourceRoot":"","sources":["../src/session-getter.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"session-getter.js","sourceRoot":"","sources":["../src/session-getter.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6DAImC;AAInC,4EAAmE;AACnE,4EAAmE;AACnE,4EAAmE;AACnE,uEAA8D;AAI9D,uCAA4E;AAuB5E;;;;;;GAMG;AACH,MAAa,aAAc,SAAQ,2BAAiC;IAGlE,YACE,YAA0B,EAC1B,aAAiC,EAChB,OAAgB;QAEjC,KAAK,CACH,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,aAAa,EAAoB,EAAE;YACtD,iEAAiE;YACjE,uEAAuE;YACvE,+BAA+B;YAC/B,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,mEAAmE;gBACnE,iEAAiE;gBACjE,iEAAiE;gBACjE,mEAAmE;gBACnE,wDAAwD;gBACxD,MAAM,GAAG,GAAG,4CAA4C,CAAA;gBACxD,MAAM,KAAK,GAAG,IAAI,0CAAiB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;gBAC7C,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAA;gBAC7C,MAAM,KAAK,CAAA;YACb,CAAC;YAED,uEAAuE;YACvE,6DAA6D;YAC7D,uEAAuE;YACvE,oEAAoE;YACpE,8BAA8B;YAE9B,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,aAAa,CAAA;YAE3C,IAAI,GAAG,KAAK,QAAQ,CAAC,GAAG,EAAE,CAAC;gBACzB,uDAAuD;gBACvD,MAAM,IAAI,0CAAiB,CAAC,GAAG,EAAE,6BAA6B,CAAC,CAAA;YACjE,CAAC;YAED,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC;gBAC5B,MAAM,IAAI,0CAAiB,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAA;YAChE,CAAC;YAED,gEAAgE;YAChE,mEAAmE;YACnE,uEAAuE;YACvE,kEAAkE;YAClE,oEAAoE;YACpE,wEAAwE;YACxE,wEAAwE;YACxE,sEAAsE;YACtE,uDAAuD;YAEvD,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;YAEpE,oEAAoE;YACpE,sEAAsE;YACtE,6DAA6D;YAC7D,8DAA8D;YAC9D,8DAA8D;YAC9D,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,CAAA;YAEjC,IAAI,CAAC;gBACH,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;gBAElD,IAAI,GAAG,KAAK,WAAW,CAAC,GAAG,EAAE,CAAC;oBAC5B,iEAAiE;oBACjE,MAAM,IAAI,0CAAiB,CAAC,GAAG,EAAE,wBAAwB,CAAC,CAAA;gBAC5D,CAAC;gBAED,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAA;YAC3C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,6DAA6D;gBAC7D,sEAAsE;gBACtE,uBAAuB;gBACvB,IACE,KAAK,YAAY,4CAAkB;oBACnC,KAAK,CAAC,MAAM,KAAK,GAAG;oBACpB,KAAK,CAAC,KAAK,KAAK,eAAe,EAC/B,CAAC;oBACD,kEAAkE;oBAClE,iEAAiE;oBACjE,kEAAkE;oBAClE,8DAA8D;oBAC9D,IAAI,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAC;wBACnC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAA;wBAE7C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;wBACxC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;4BACzB,6DAA6D;4BAC7D,sDAAsD;4BAEtD,sDAAsD;4BACtD,0DAA0D;4BAC1D,+CAA+C;4BAC/C,MAAM,GAAG,GAAG,4CAA4C,CAAA;4BACxD,MAAM,IAAI,0CAAiB,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;wBAClD,CAAC;6BAAM,IACL,MAAM,CAAC,QAAQ,CAAC,YAAY,KAAK,QAAQ,CAAC,YAAY;4BACtD,MAAM,CAAC,QAAQ,CAAC,aAAa,KAAK,QAAQ,CAAC,aAAa,EACxD,CAAC;4BACD,6DAA6D;4BAC7D,OAAO,MAAM,CAAA;wBACf,CAAC;6BAAM,CAAC;4BACN,0DAA0D;4BAC1D,0BAA0B;wBAC5B,CAAC;oBACH,CAAC;oBAED,oDAAoD;oBACpD,MAAM,GAAG,GAAG,KAAK,CAAC,gBAAgB,IAAI,yBAAyB,CAAA;oBAC/D,MAAM,IAAI,0CAAiB,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;gBAClD,CAAC;gBAED,MAAM,KAAK,CAAA;YACb,CAAC;QACH,CAAC,EACD,YAAY,EACZ;YACE,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;gBAC7B,OAAO,CACL,QAAQ,CAAC,UAAU,IAAI,IAAI;oBAC3B,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,OAAO,EAAE;wBACrC,IAAI,CAAC,GAAG,EAAE;4BACR,8DAA8D;4BAC9D,sBAAsB;4BACtB,IAAI;4BACJ,wDAAwD;4BACxD,qDAAqD;4BACrD,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,CACzB,CAAA;YACH,CAAC;YACD,YAAY,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE,EAAE;gBACtD,sDAAsD;gBACtD,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;gBACpE,MAAM,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,aAAa,IAAI,QAAQ,CAAC,YAAY,CAAC,CAAA;gBACpE,MAAM,GAAG,CAAA;YACX,CAAC;YACD,aAAa,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;YAC3B,4CAA4C;YAC5C,GAAG,YAAY,0CAAiB;gBAChC,GAAG,YAAY,0CAAiB;gBAChC,GAAG,YAAY,0CAAiB;SACnC,CACF,CAAA;QAzID;;;;mBAAiB,OAAO;WAAS;QALlB;;;;mBAAc,IAAI,2BAAiB,EAAmB;WAAA;IA+IvE,CAAC;IAED,gBAAgB,CACd,IAAO,EACP,QAAiC,EACjC,OAA2C;QAE3C,IAAI,CAAC,WAAW,CAAC,gBAAgB,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAA;IAC5D,CAAC;IAED,mBAAmB,CACjB,IAAO,EACP,QAAiC,EACjC,OAAwC;QAExC,IAAI,CAAC,WAAW,CAAC,mBAAmB,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAA;IAC/D,CAAC;IAED,aAAa,CACX,IAAO,EACP,MAA0B;QAE1B,OAAO,IAAI,CAAC,WAAW,CAAC,mBAAmB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;IAC3D,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,GAAW,EAAE,OAAgB;QAC3C,0CAA0C;QAC1C,IAAI,GAAG,KAAK,OAAO,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;YACjC,MAAM,IAAI,SAAS,CAAC,2CAA2C,CAAC,CAAA;QAClE,CAAC;QACD,MAAM,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;QACnC,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,GAAG,EAAE,GAAG,OAAO,EAAE,CAAC,CAAA;IACpD,CAAC;IAEQ,KAAK,CAAC,SAAS,CAAC,GAAe,EAAE,KAAe;QACvD,MAAM,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,CAAC,CAAA;QACjC,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAA;IAC/C,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,UAAU,CAAC,GAAe,EAAE,OAAiB;QACjD,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE;YACnB,OAAO,EAAE,OAAO,KAAK,IAAI;YACzB,UAAU,EAAE,OAAO,KAAK,KAAK;SAC9B,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAe,EAAE,OAA0B;QACnD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,CAC1C,yBAAyB,GAAG,EAAE,EAC9B,KAAK,IAAI,EAAE;;;gBACT,iEAAiE;gBACjE,sDAAsD;gBACtD,MAAM,MAAM,kCAAG,IAAA,uBAAa,EAAC,IAAI,EAAE,OAAO,CAAC,QAAA,CAAA;gBAE3C,MAAM,eAAe,kCAAG,IAAA,wBAAc,EAAC,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,QAAA,CAAA;gBAEjE,OAAO,MAAM,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE;oBAC1B,GAAG,OAAO;oBACV,MAAM,EAAE,eAAe,CAAC,MAAM;iBAC/B,CAAC,CAAA;;;;;;;;;SACH,CACF,CAAA;QAED,IAAI,GAAG,KAAK,OAAO,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;YACjC,uDAAuD;YACvD,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAA;QAC9D,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;CACF;AA5ND,sCA4NC"}
|