@atproto/oauth-provider 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (631) hide show
  1. package/.postcssrc.yml +3 -0
  2. package/CHANGELOG.md +19 -0
  3. package/LICENSE.txt +7 -0
  4. package/dist/access-token/access-token-type.d.ts +6 -0
  5. package/dist/access-token/access-token-type.d.ts.map +1 -0
  6. package/dist/access-token/access-token-type.js +10 -0
  7. package/dist/access-token/access-token-type.js.map +1 -0
  8. package/dist/account/account-manager.d.ts +14 -0
  9. package/dist/account/account-manager.d.ts.map +1 -0
  10. package/dist/account/account-manager.js +39 -0
  11. package/dist/account/account-manager.js.map +1 -0
  12. package/dist/account/account-store.d.ts +39 -0
  13. package/dist/account/account-store.d.ts.map +1 -0
  14. package/dist/account/account-store.js +19 -0
  15. package/dist/account/account-store.js.map +1 -0
  16. package/dist/account/account.d.ts +8 -0
  17. package/dist/account/account.d.ts.map +1 -0
  18. package/dist/account/account.js +3 -0
  19. package/dist/account/account.js.map +1 -0
  20. package/dist/assets/app/bundle-manifest.json +22 -0
  21. package/dist/assets/app/main.css +3 -0
  22. package/dist/assets/app/main.js +20 -0
  23. package/dist/assets/app/main.js.map +1 -0
  24. package/dist/assets/asset.d.ts +9 -0
  25. package/dist/assets/asset.d.ts.map +1 -0
  26. package/dist/assets/asset.js +3 -0
  27. package/dist/assets/asset.js.map +1 -0
  28. package/dist/assets/assets-middleware.d.ts +2 -0
  29. package/dist/assets/assets-middleware.d.ts.map +1 -0
  30. package/dist/assets/assets-middleware.js +30 -0
  31. package/dist/assets/assets-middleware.js.map +1 -0
  32. package/dist/assets/index.d.ts +4 -0
  33. package/dist/assets/index.d.ts.map +1 -0
  34. package/dist/assets/index.js +65 -0
  35. package/dist/assets/index.js.map +1 -0
  36. package/dist/client/client-auth.d.ts +13 -0
  37. package/dist/client/client-auth.d.ts.map +1 -0
  38. package/dist/client/client-auth.js +35 -0
  39. package/dist/client/client-auth.js.map +1 -0
  40. package/dist/client/client-data.d.ts +8 -0
  41. package/dist/client/client-data.d.ts.map +1 -0
  42. package/dist/client/client-data.js +3 -0
  43. package/dist/client/client-data.js.map +1 -0
  44. package/dist/client/client-id.d.ts +4 -0
  45. package/dist/client/client-id.d.ts.map +1 -0
  46. package/dist/client/client-id.js +6 -0
  47. package/dist/client/client-id.js.map +1 -0
  48. package/dist/client/client-info.d.ts +13 -0
  49. package/dist/client/client-info.d.ts.map +1 -0
  50. package/dist/client/client-info.js +3 -0
  51. package/dist/client/client-info.js.map +1 -0
  52. package/dist/client/client-manager.d.ts +38 -0
  53. package/dist/client/client-manager.d.ts.map +1 -0
  54. package/dist/client/client-manager.js +534 -0
  55. package/dist/client/client-manager.js.map +1 -0
  56. package/dist/client/client-store.d.ts +13 -0
  57. package/dist/client/client-store.d.ts.map +1 -0
  58. package/dist/client/client-store.js +39 -0
  59. package/dist/client/client-store.js.map +1 -0
  60. package/dist/client/client-utils.d.ts +6 -0
  61. package/dist/client/client-utils.d.ts.map +1 -0
  62. package/dist/client/client-utils.js +40 -0
  63. package/dist/client/client-utils.js.map +1 -0
  64. package/dist/client/client.d.ts +41 -0
  65. package/dist/client/client.d.ts.map +1 -0
  66. package/dist/client/client.js +163 -0
  67. package/dist/client/client.js.map +1 -0
  68. package/dist/constants.d.ts +42 -0
  69. package/dist/constants.d.ts.map +1 -0
  70. package/dist/constants.js +53 -0
  71. package/dist/constants.js.map +1 -0
  72. package/dist/device/device-data.d.ts +20 -0
  73. package/dist/device/device-data.d.ts.map +1 -0
  74. package/dist/device/device-data.js +11 -0
  75. package/dist/device/device-data.js.map +1 -0
  76. package/dist/device/device-details.d.ts +17 -0
  77. package/dist/device/device-details.d.ts.map +1 -0
  78. package/dist/device/device-details.js +34 -0
  79. package/dist/device/device-details.js.map +1 -0
  80. package/dist/device/device-id.d.ts +6 -0
  81. package/dist/device/device-id.d.ts.map +1 -0
  82. package/dist/device/device-id.js +18 -0
  83. package/dist/device/device-id.js.map +1 -0
  84. package/dist/device/device-manager.d.ts +88 -0
  85. package/dist/device/device-manager.d.ts.map +1 -0
  86. package/dist/device/device-manager.js +206 -0
  87. package/dist/device/device-manager.js.map +1 -0
  88. package/dist/device/device-store.d.ts +15 -0
  89. package/dist/device/device-store.d.ts.map +1 -0
  90. package/dist/device/device-store.js +36 -0
  91. package/dist/device/device-store.js.map +1 -0
  92. package/dist/device/session-id.d.ts +6 -0
  93. package/dist/device/session-id.d.ts.map +1 -0
  94. package/dist/device/session-id.js +18 -0
  95. package/dist/device/session-id.js.map +1 -0
  96. package/dist/dpop/dpop-manager.d.ts +33 -0
  97. package/dist/dpop/dpop-manager.d.ts.map +1 -0
  98. package/dist/dpop/dpop-manager.js +115 -0
  99. package/dist/dpop/dpop-manager.js.map +1 -0
  100. package/dist/dpop/dpop-nonce.d.ts +13 -0
  101. package/dist/dpop/dpop-nonce.d.ts.map +1 -0
  102. package/dist/dpop/dpop-nonce.js +94 -0
  103. package/dist/dpop/dpop-nonce.js.map +1 -0
  104. package/dist/errors/access-denied-error.d.ts +8 -0
  105. package/dist/errors/access-denied-error.d.ts.map +1 -0
  106. package/dist/errors/access-denied-error.js +21 -0
  107. package/dist/errors/access-denied-error.js.map +1 -0
  108. package/dist/errors/account-selection-required-error.d.ts +6 -0
  109. package/dist/errors/account-selection-required-error.d.ts.map +1 -0
  110. package/dist/errors/account-selection-required-error.js +11 -0
  111. package/dist/errors/account-selection-required-error.js.map +1 -0
  112. package/dist/errors/consent-required-error.d.ts +6 -0
  113. package/dist/errors/consent-required-error.d.ts.map +1 -0
  114. package/dist/errors/consent-required-error.js +11 -0
  115. package/dist/errors/consent-required-error.js.map +1 -0
  116. package/dist/errors/invalid-authorization-details-error.d.ts +20 -0
  117. package/dist/errors/invalid-authorization-details-error.d.ts.map +1 -0
  118. package/dist/errors/invalid-authorization-details-error.js +26 -0
  119. package/dist/errors/invalid-authorization-details-error.js.map +1 -0
  120. package/dist/errors/invalid-client-error.d.ts +18 -0
  121. package/dist/errors/invalid-client-error.d.ts.map +1 -0
  122. package/dist/errors/invalid-client-error.js +24 -0
  123. package/dist/errors/invalid-client-error.js.map +1 -0
  124. package/dist/errors/invalid-client-id-error.d.ts +13 -0
  125. package/dist/errors/invalid-client-id-error.d.ts.map +1 -0
  126. package/dist/errors/invalid-client-id-error.js +25 -0
  127. package/dist/errors/invalid-client-id-error.js.map +1 -0
  128. package/dist/errors/invalid-client-metadata-error.d.ts +13 -0
  129. package/dist/errors/invalid-client-metadata-error.d.ts.map +1 -0
  130. package/dist/errors/invalid-client-metadata-error.js +23 -0
  131. package/dist/errors/invalid-client-metadata-error.js.map +1 -0
  132. package/dist/errors/invalid-dpop-key-binding-error.d.ts +12 -0
  133. package/dist/errors/invalid-dpop-key-binding-error.d.ts.map +1 -0
  134. package/dist/errors/invalid-dpop-key-binding-error.js +20 -0
  135. package/dist/errors/invalid-dpop-key-binding-error.js.map +1 -0
  136. package/dist/errors/invalid-dpop-proof-error.d.ts +5 -0
  137. package/dist/errors/invalid-dpop-proof-error.d.ts.map +1 -0
  138. package/dist/errors/invalid-dpop-proof-error.js +12 -0
  139. package/dist/errors/invalid-dpop-proof-error.js.map +1 -0
  140. package/dist/errors/invalid-grant-error.d.ts +14 -0
  141. package/dist/errors/invalid-grant-error.d.ts.map +1 -0
  142. package/dist/errors/invalid-grant-error.js +20 -0
  143. package/dist/errors/invalid-grant-error.js.map +1 -0
  144. package/dist/errors/invalid-parameters-error.d.ts +6 -0
  145. package/dist/errors/invalid-parameters-error.d.ts.map +1 -0
  146. package/dist/errors/invalid-parameters-error.js +11 -0
  147. package/dist/errors/invalid-parameters-error.js.map +1 -0
  148. package/dist/errors/invalid-redirect-uri-error.d.ts +11 -0
  149. package/dist/errors/invalid-redirect-uri-error.d.ts.map +1 -0
  150. package/dist/errors/invalid-redirect-uri-error.js +21 -0
  151. package/dist/errors/invalid-redirect-uri-error.js.map +1 -0
  152. package/dist/errors/invalid-request-error.d.ts +28 -0
  153. package/dist/errors/invalid-request-error.d.ts.map +1 -0
  154. package/dist/errors/invalid-request-error.js +34 -0
  155. package/dist/errors/invalid-request-error.js.map +1 -0
  156. package/dist/errors/invalid-token-error.d.ts +16 -0
  157. package/dist/errors/invalid-token-error.d.ts.map +1 -0
  158. package/dist/errors/invalid-token-error.js +45 -0
  159. package/dist/errors/invalid-token-error.js.map +1 -0
  160. package/dist/errors/login-required-error.d.ts +6 -0
  161. package/dist/errors/login-required-error.d.ts.map +1 -0
  162. package/dist/errors/login-required-error.js +11 -0
  163. package/dist/errors/login-required-error.js.map +1 -0
  164. package/dist/errors/oauth-error.d.ts +13 -0
  165. package/dist/errors/oauth-error.d.ts.map +1 -0
  166. package/dist/errors/oauth-error.js +29 -0
  167. package/dist/errors/oauth-error.js.map +1 -0
  168. package/dist/errors/unauthorized-client-error.d.ts +18 -0
  169. package/dist/errors/unauthorized-client-error.d.ts.map +1 -0
  170. package/dist/errors/unauthorized-client-error.js +24 -0
  171. package/dist/errors/unauthorized-client-error.js.map +1 -0
  172. package/dist/errors/use-dpop-nonce-error.d.ts +18 -0
  173. package/dist/errors/use-dpop-nonce-error.d.ts.map +1 -0
  174. package/dist/errors/use-dpop-nonce-error.js +27 -0
  175. package/dist/errors/use-dpop-nonce-error.js.map +1 -0
  176. package/dist/errors/www-authenticate-error.d.ts +9 -0
  177. package/dist/errors/www-authenticate-error.d.ts.map +1 -0
  178. package/dist/errors/www-authenticate-error.js +46 -0
  179. package/dist/errors/www-authenticate-error.js.map +1 -0
  180. package/dist/index.d.ts +14 -0
  181. package/dist/index.d.ts.map +1 -0
  182. package/dist/index.js +31 -0
  183. package/dist/index.js.map +1 -0
  184. package/dist/lib/html/build-document.d.ts +32 -0
  185. package/dist/lib/html/build-document.d.ts.map +1 -0
  186. package/dist/lib/html/build-document.js +61 -0
  187. package/dist/lib/html/build-document.js.map +1 -0
  188. package/dist/lib/html/escapers.d.ts +9 -0
  189. package/dist/lib/html/escapers.d.ts.map +1 -0
  190. package/dist/lib/html/escapers.js +66 -0
  191. package/dist/lib/html/escapers.js.map +1 -0
  192. package/dist/lib/html/html.d.ts +13 -0
  193. package/dist/lib/html/html.d.ts.map +1 -0
  194. package/dist/lib/html/html.js +53 -0
  195. package/dist/lib/html/html.js.map +1 -0
  196. package/dist/lib/html/index.d.ts +4 -0
  197. package/dist/lib/html/index.d.ts.map +1 -0
  198. package/dist/lib/html/index.js +21 -0
  199. package/dist/lib/html/index.js.map +1 -0
  200. package/dist/lib/html/tags.d.ts +34 -0
  201. package/dist/lib/html/tags.d.ts.map +1 -0
  202. package/dist/lib/html/tags.js +47 -0
  203. package/dist/lib/html/tags.js.map +1 -0
  204. package/dist/lib/html/util.d.ts +4 -0
  205. package/dist/lib/html/util.d.ts.map +1 -0
  206. package/dist/lib/html/util.js +20 -0
  207. package/dist/lib/html/util.js.map +1 -0
  208. package/dist/lib/http/accept.d.ts +29 -0
  209. package/dist/lib/http/accept.d.ts.map +1 -0
  210. package/dist/lib/http/accept.js +67 -0
  211. package/dist/lib/http/accept.js.map +1 -0
  212. package/dist/lib/http/context.d.ts +5 -0
  213. package/dist/lib/http/context.d.ts.map +1 -0
  214. package/dist/lib/http/context.js +10 -0
  215. package/dist/lib/http/context.js.map +1 -0
  216. package/dist/lib/http/index.d.ts +10 -0
  217. package/dist/lib/http/index.d.ts.map +1 -0
  218. package/dist/lib/http/index.js +26 -0
  219. package/dist/lib/http/index.js.map +1 -0
  220. package/dist/lib/http/method.d.ts +6 -0
  221. package/dist/lib/http/method.d.ts.map +1 -0
  222. package/dist/lib/http/method.js +19 -0
  223. package/dist/lib/http/method.js.map +1 -0
  224. package/dist/lib/http/middleware.d.ts +18 -0
  225. package/dist/lib/http/middleware.d.ts.map +1 -0
  226. package/dist/lib/http/middleware.js +118 -0
  227. package/dist/lib/http/middleware.js.map +1 -0
  228. package/dist/lib/http/parser.d.ts +33 -0
  229. package/dist/lib/http/parser.d.ts.map +1 -0
  230. package/dist/lib/http/parser.js +48 -0
  231. package/dist/lib/http/parser.js.map +1 -0
  232. package/dist/lib/http/path.d.ts +9 -0
  233. package/dist/lib/http/path.d.ts.map +1 -0
  234. package/dist/lib/http/path.js +54 -0
  235. package/dist/lib/http/path.js.map +1 -0
  236. package/dist/lib/http/request.d.ts +33 -0
  237. package/dist/lib/http/request.d.ts.map +1 -0
  238. package/dist/lib/http/request.js +86 -0
  239. package/dist/lib/http/request.js.map +1 -0
  240. package/dist/lib/http/response.d.ts +13 -0
  241. package/dist/lib/http/response.d.ts.map +1 -0
  242. package/dist/lib/http/response.js +98 -0
  243. package/dist/lib/http/response.js.map +1 -0
  244. package/dist/lib/http/route.d.ts +25 -0
  245. package/dist/lib/http/route.d.ts.map +1 -0
  246. package/dist/lib/http/route.js +39 -0
  247. package/dist/lib/http/route.js.map +1 -0
  248. package/dist/lib/http/router.d.ts +32 -0
  249. package/dist/lib/http/router.d.ts.map +1 -0
  250. package/dist/lib/http/router.js +74 -0
  251. package/dist/lib/http/router.js.map +1 -0
  252. package/dist/lib/http/stream.d.ts +13 -0
  253. package/dist/lib/http/stream.d.ts.map +1 -0
  254. package/dist/lib/http/stream.js +46 -0
  255. package/dist/lib/http/stream.js.map +1 -0
  256. package/dist/lib/http/types.d.ts +7 -0
  257. package/dist/lib/http/types.d.ts.map +1 -0
  258. package/dist/lib/http/types.js +3 -0
  259. package/dist/lib/http/types.js.map +1 -0
  260. package/dist/lib/http/url.d.ts +8 -0
  261. package/dist/lib/http/url.d.ts.map +1 -0
  262. package/dist/lib/http/url.js +22 -0
  263. package/dist/lib/http/url.js.map +1 -0
  264. package/dist/lib/redis.d.ts +5 -0
  265. package/dist/lib/redis.d.ts.map +1 -0
  266. package/dist/lib/redis.js +22 -0
  267. package/dist/lib/redis.js.map +1 -0
  268. package/dist/lib/util/authorization-header.d.ts +4 -0
  269. package/dist/lib/util/authorization-header.d.ts.map +1 -0
  270. package/dist/lib/util/authorization-header.js +23 -0
  271. package/dist/lib/util/authorization-header.js.map +1 -0
  272. package/dist/lib/util/cast.d.ts +2 -0
  273. package/dist/lib/util/cast.d.ts.map +1 -0
  274. package/dist/lib/util/cast.js +10 -0
  275. package/dist/lib/util/cast.js.map +1 -0
  276. package/dist/lib/util/crypto.d.ts +3 -0
  277. package/dist/lib/util/crypto.d.ts.map +1 -0
  278. package/dist/lib/util/crypto.js +29 -0
  279. package/dist/lib/util/crypto.js.map +1 -0
  280. package/dist/lib/util/date.d.ts +3 -0
  281. package/dist/lib/util/date.d.ts.map +1 -0
  282. package/dist/lib/util/date.js +12 -0
  283. package/dist/lib/util/date.js.map +1 -0
  284. package/dist/lib/util/hostname.d.ts +6 -0
  285. package/dist/lib/util/hostname.d.ts.map +1 -0
  286. package/dist/lib/util/hostname.js +24 -0
  287. package/dist/lib/util/hostname.js.map +1 -0
  288. package/dist/lib/util/redirect-uri.d.ts +7 -0
  289. package/dist/lib/util/redirect-uri.d.ts.map +1 -0
  290. package/dist/lib/util/redirect-uri.js +44 -0
  291. package/dist/lib/util/redirect-uri.js.map +1 -0
  292. package/dist/lib/util/time.d.ts +6 -0
  293. package/dist/lib/util/time.d.ts.map +1 -0
  294. package/dist/lib/util/time.js +28 -0
  295. package/dist/lib/util/time.js.map +1 -0
  296. package/dist/lib/util/type.d.ts +6 -0
  297. package/dist/lib/util/type.d.ts.map +1 -0
  298. package/dist/lib/util/type.js +3 -0
  299. package/dist/lib/util/type.js.map +1 -0
  300. package/dist/lib/util/well-known.d.ts +3 -0
  301. package/dist/lib/util/well-known.d.ts.map +1 -0
  302. package/dist/lib/util/well-known.js +11 -0
  303. package/dist/lib/util/well-known.js.map +1 -0
  304. package/dist/metadata/build-metadata.d.ts +14 -0
  305. package/dist/metadata/build-metadata.d.ts.map +1 -0
  306. package/dist/metadata/build-metadata.js +132 -0
  307. package/dist/metadata/build-metadata.js.map +1 -0
  308. package/dist/oauth-client.d.ts +4 -0
  309. package/dist/oauth-client.d.ts.map +1 -0
  310. package/dist/oauth-client.js +19 -0
  311. package/dist/oauth-client.js.map +1 -0
  312. package/dist/oauth-dpop.d.ts +3 -0
  313. package/dist/oauth-dpop.d.ts.map +1 -0
  314. package/dist/oauth-dpop.js +19 -0
  315. package/dist/oauth-dpop.js.map +1 -0
  316. package/dist/oauth-errors.d.ts +20 -0
  317. package/dist/oauth-errors.d.ts.map +1 -0
  318. package/dist/oauth-errors.js +43 -0
  319. package/dist/oauth-errors.js.map +1 -0
  320. package/dist/oauth-hooks.d.ts +42 -0
  321. package/dist/oauth-hooks.d.ts.map +1 -0
  322. package/dist/oauth-hooks.js +3 -0
  323. package/dist/oauth-hooks.js.map +1 -0
  324. package/dist/oauth-provider.d.ts +179 -0
  325. package/dist/oauth-provider.d.ts.map +1 -0
  326. package/dist/oauth-provider.js +748 -0
  327. package/dist/oauth-provider.js.map +1 -0
  328. package/dist/oauth-store.d.ts +11 -0
  329. package/dist/oauth-store.d.ts.map +1 -0
  330. package/dist/oauth-store.js +27 -0
  331. package/dist/oauth-store.js.map +1 -0
  332. package/dist/oauth-verifier.d.ts +66 -0
  333. package/dist/oauth-verifier.d.ts.map +1 -0
  334. package/dist/oauth-verifier.js +94 -0
  335. package/dist/oauth-verifier.js.map +1 -0
  336. package/dist/oidc/claims.d.ts +16 -0
  337. package/dist/oidc/claims.d.ts.map +1 -0
  338. package/dist/oidc/claims.js +29 -0
  339. package/dist/oidc/claims.js.map +1 -0
  340. package/dist/oidc/sub.d.ts +4 -0
  341. package/dist/oidc/sub.d.ts.map +1 -0
  342. package/dist/oidc/sub.js +6 -0
  343. package/dist/oidc/sub.js.map +1 -0
  344. package/dist/oidc/userinfo.d.ts +7 -0
  345. package/dist/oidc/userinfo.d.ts.map +1 -0
  346. package/dist/oidc/userinfo.js +3 -0
  347. package/dist/oidc/userinfo.js.map +1 -0
  348. package/dist/output/build-error-payload.d.ts +6 -0
  349. package/dist/output/build-error-payload.d.ts.map +1 -0
  350. package/dist/output/build-error-payload.js +108 -0
  351. package/dist/output/build-error-payload.js.map +1 -0
  352. package/dist/output/customization.d.ts +37 -0
  353. package/dist/output/customization.d.ts.map +1 -0
  354. package/dist/output/customization.js +62 -0
  355. package/dist/output/customization.js.map +1 -0
  356. package/dist/output/send-authorize-page.d.ts +43 -0
  357. package/dist/output/send-authorize-page.d.ts.map +1 -0
  358. package/dist/output/send-authorize-page.js +49 -0
  359. package/dist/output/send-authorize-page.js.map +1 -0
  360. package/dist/output/send-authorize-redirect.d.ts +25 -0
  361. package/dist/output/send-authorize-redirect.d.ts.map +1 -0
  362. package/dist/output/send-authorize-redirect.js +72 -0
  363. package/dist/output/send-authorize-redirect.js.map +1 -0
  364. package/dist/output/send-error-page.d.ts +5 -0
  365. package/dist/output/send-error-page.d.ts.map +1 -0
  366. package/dist/output/send-error-page.js +31 -0
  367. package/dist/output/send-error-page.js.map +1 -0
  368. package/dist/output/send-web-page.d.ts +8 -0
  369. package/dist/output/send-web-page.d.ts.map +1 -0
  370. package/dist/output/send-web-page.js +48 -0
  371. package/dist/output/send-web-page.js.map +1 -0
  372. package/dist/parameters/claims-requested.d.ts +3 -0
  373. package/dist/parameters/claims-requested.d.ts.map +1 -0
  374. package/dist/parameters/claims-requested.js +77 -0
  375. package/dist/parameters/claims-requested.js.map +1 -0
  376. package/dist/parameters/oidc-payload.d.ts +31 -0
  377. package/dist/parameters/oidc-payload.d.ts.map +1 -0
  378. package/dist/parameters/oidc-payload.js +25 -0
  379. package/dist/parameters/oidc-payload.js.map +1 -0
  380. package/dist/replay/replay-manager.d.ts +10 -0
  381. package/dist/replay/replay-manager.d.ts.map +1 -0
  382. package/dist/replay/replay-manager.js +23 -0
  383. package/dist/replay/replay-manager.js.map +1 -0
  384. package/dist/replay/replay-store-memory.d.ts +11 -0
  385. package/dist/replay/replay-store-memory.d.ts.map +1 -0
  386. package/dist/replay/replay-store-memory.js +30 -0
  387. package/dist/replay/replay-store-memory.js.map +1 -0
  388. package/dist/replay/replay-store-redis.d.ts +16 -0
  389. package/dist/replay/replay-store-redis.d.ts.map +1 -0
  390. package/dist/replay/replay-store-redis.js +20 -0
  391. package/dist/replay/replay-store-redis.js.map +1 -0
  392. package/dist/replay/replay-store.d.ts +16 -0
  393. package/dist/replay/replay-store.d.ts.map +1 -0
  394. package/dist/replay/replay-store.js +22 -0
  395. package/dist/replay/replay-store.js.map +1 -0
  396. package/dist/request/code.d.ts +7 -0
  397. package/dist/request/code.d.ts.map +1 -0
  398. package/dist/request/code.js +20 -0
  399. package/dist/request/code.js.map +1 -0
  400. package/dist/request/request-data.d.ts +21 -0
  401. package/dist/request/request-data.d.ts.map +1 -0
  402. package/dist/request/request-data.js +6 -0
  403. package/dist/request/request-data.js.map +1 -0
  404. package/dist/request/request-id.d.ts +6 -0
  405. package/dist/request/request-id.d.ts.map +1 -0
  406. package/dist/request/request-id.js +18 -0
  407. package/dist/request/request-id.js.map +1 -0
  408. package/dist/request/request-info.d.ts +12 -0
  409. package/dist/request/request-info.d.ts.map +1 -0
  410. package/dist/request/request-info.js +3 -0
  411. package/dist/request/request-info.js.map +1 -0
  412. package/dist/request/request-manager.d.ts +40 -0
  413. package/dist/request/request-manager.d.ts.map +1 -0
  414. package/dist/request/request-manager.js +310 -0
  415. package/dist/request/request-manager.js.map +1 -0
  416. package/dist/request/request-store-memory.d.ts +16 -0
  417. package/dist/request/request-store-memory.d.ts.map +1 -0
  418. package/dist/request/request-store-memory.js +31 -0
  419. package/dist/request/request-store-memory.js.map +1 -0
  420. package/dist/request/request-store-redis.d.ts +24 -0
  421. package/dist/request/request-store-redis.d.ts.map +1 -0
  422. package/dist/request/request-store-redis.js +58 -0
  423. package/dist/request/request-store-redis.js.map +1 -0
  424. package/dist/request/request-store.d.ts +27 -0
  425. package/dist/request/request-store.d.ts.map +1 -0
  426. package/dist/request/request-store.js +37 -0
  427. package/dist/request/request-store.js.map +1 -0
  428. package/dist/request/request-uri.d.ts +8 -0
  429. package/dist/request/request-uri.d.ts.map +1 -0
  430. package/dist/request/request-uri.js +24 -0
  431. package/dist/request/request-uri.js.map +1 -0
  432. package/dist/request/types.d.ts +328 -0
  433. package/dist/request/types.d.ts.map +1 -0
  434. package/dist/request/types.js +27 -0
  435. package/dist/request/types.js.map +1 -0
  436. package/dist/signer/signed-token-payload.d.ts +1694 -0
  437. package/dist/signer/signed-token-payload.d.ts.map +1 -0
  438. package/dist/signer/signed-token-payload.js +32 -0
  439. package/dist/signer/signed-token-payload.js.map +1 -0
  440. package/dist/signer/signer.d.ts +193 -0
  441. package/dist/signer/signer.d.ts.map +1 -0
  442. package/dist/signer/signer.js +101 -0
  443. package/dist/signer/signer.js.map +1 -0
  444. package/dist/token/refresh-token.d.ts +7 -0
  445. package/dist/token/refresh-token.d.ts.map +1 -0
  446. package/dist/token/refresh-token.js +20 -0
  447. package/dist/token/refresh-token.js.map +1 -0
  448. package/dist/token/token-claims.d.ts +1687 -0
  449. package/dist/token/token-claims.d.ts.map +1 -0
  450. package/dist/token/token-claims.js +30 -0
  451. package/dist/token/token-claims.js.map +1 -0
  452. package/dist/token/token-data.d.ts +20 -0
  453. package/dist/token/token-data.d.ts.map +1 -0
  454. package/dist/token/token-data.js +3 -0
  455. package/dist/token/token-data.js.map +1 -0
  456. package/dist/token/token-id.d.ts +7 -0
  457. package/dist/token/token-id.d.ts.map +1 -0
  458. package/dist/token/token-id.js +20 -0
  459. package/dist/token/token-id.js.map +1 -0
  460. package/dist/token/token-manager.d.ts +48 -0
  461. package/dist/token/token-manager.d.ts.map +1 -0
  462. package/dist/token/token-manager.js +421 -0
  463. package/dist/token/token-manager.js.map +1 -0
  464. package/dist/token/token-store.d.ts +35 -0
  465. package/dist/token/token-store.d.ts.map +1 -0
  466. package/dist/token/token-store.js +38 -0
  467. package/dist/token/token-store.js.map +1 -0
  468. package/dist/token/types.d.ts +250 -0
  469. package/dist/token/types.d.ts.map +1 -0
  470. package/dist/token/types.js +36 -0
  471. package/dist/token/types.js.map +1 -0
  472. package/dist/token/verify-token-claims.d.ts +17 -0
  473. package/dist/token/verify-token-claims.d.ts.map +1 -0
  474. package/dist/token/verify-token-claims.js +39 -0
  475. package/dist/token/verify-token-claims.js.map +1 -0
  476. package/package.json +83 -0
  477. package/rollup.config.js +55 -0
  478. package/src/access-token/access-token-type.ts +5 -0
  479. package/src/account/account-manager.ts +55 -0
  480. package/src/account/account-store.ts +74 -0
  481. package/src/account/account.ts +10 -0
  482. package/src/assets/app/app.tsx +28 -0
  483. package/src/assets/app/backend-data.ts +65 -0
  484. package/src/assets/app/components/accept-form.tsx +112 -0
  485. package/src/assets/app/components/account-identifier.tsx +18 -0
  486. package/src/assets/app/components/account-picker.tsx +108 -0
  487. package/src/assets/app/components/client-identifier.tsx +32 -0
  488. package/src/assets/app/components/client-name.tsx +30 -0
  489. package/src/assets/app/components/error-card.tsx +41 -0
  490. package/src/assets/app/components/help-card.tsx +42 -0
  491. package/src/assets/app/components/layout-title-page.tsx +43 -0
  492. package/src/assets/app/components/layout-welcome.tsx +58 -0
  493. package/src/assets/app/components/sign-in-form.tsx +290 -0
  494. package/src/assets/app/components/sign-up-account-form.tsx +210 -0
  495. package/src/assets/app/components/sign-up-disclaimer.tsx +44 -0
  496. package/src/assets/app/components/url-viewer.tsx +70 -0
  497. package/src/assets/app/cookies.ts +11 -0
  498. package/src/assets/app/hooks/use-api.ts +104 -0
  499. package/src/assets/app/hooks/use-bound-dispatch.ts +5 -0
  500. package/src/assets/app/hooks/use-csrf-token.ts +5 -0
  501. package/src/assets/app/lib/api.ts +64 -0
  502. package/src/assets/app/lib/clsx.ts +4 -0
  503. package/src/assets/app/lib/util.ts +10 -0
  504. package/src/assets/app/main.css +11 -0
  505. package/src/assets/app/main.tsx +28 -0
  506. package/src/assets/app/views/accept-view.tsx +51 -0
  507. package/src/assets/app/views/authorize-view.tsx +101 -0
  508. package/src/assets/app/views/error-view.tsx +27 -0
  509. package/src/assets/app/views/sign-in-view.tsx +121 -0
  510. package/src/assets/app/views/sign-up-view.tsx +93 -0
  511. package/src/assets/app/views/welcome-view.tsx +61 -0
  512. package/src/assets/asset.ts +8 -0
  513. package/src/assets/assets-middleware.ts +32 -0
  514. package/src/assets/index.ts +74 -0
  515. package/src/client/client-auth.ts +45 -0
  516. package/src/client/client-data.ts +9 -0
  517. package/src/client/client-id.ts +4 -0
  518. package/src/client/client-info.ts +13 -0
  519. package/src/client/client-manager.ts +818 -0
  520. package/src/client/client-store.ts +38 -0
  521. package/src/client/client-utils.ts +43 -0
  522. package/src/client/client.ts +231 -0
  523. package/src/constants.ts +69 -0
  524. package/src/device/device-data.ts +11 -0
  525. package/src/device/device-details.ts +43 -0
  526. package/src/device/device-id.ts +23 -0
  527. package/src/device/device-manager.ts +287 -0
  528. package/src/device/device-store.ts +35 -0
  529. package/src/device/session-id.ts +22 -0
  530. package/src/dpop/dpop-manager.ts +147 -0
  531. package/src/dpop/dpop-nonce.ts +104 -0
  532. package/src/errors/access-denied-error.ts +26 -0
  533. package/src/errors/account-selection-required-error.ts +12 -0
  534. package/src/errors/consent-required-error.ts +12 -0
  535. package/src/errors/invalid-authorization-details-error.ts +22 -0
  536. package/src/errors/invalid-client-error.ts +20 -0
  537. package/src/errors/invalid-client-id-error.ts +20 -0
  538. package/src/errors/invalid-client-metadata-error.ts +19 -0
  539. package/src/errors/invalid-dpop-key-binding-error.ts +21 -0
  540. package/src/errors/invalid-dpop-proof-error.ts +13 -0
  541. package/src/errors/invalid-grant-error.ts +16 -0
  542. package/src/errors/invalid-parameters-error.ts +12 -0
  543. package/src/errors/invalid-redirect-uri-error.ts +17 -0
  544. package/src/errors/invalid-request-error.ts +30 -0
  545. package/src/errors/invalid-token-error.ts +59 -0
  546. package/src/errors/login-required-error.ts +12 -0
  547. package/src/errors/oauth-error.ts +28 -0
  548. package/src/errors/unauthorized-client-error.ts +20 -0
  549. package/src/errors/use-dpop-nonce-error.ts +32 -0
  550. package/src/errors/www-authenticate-error.ts +65 -0
  551. package/src/index.ts +15 -0
  552. package/src/lib/html/README.md +9 -0
  553. package/src/lib/html/build-document.ts +98 -0
  554. package/src/lib/html/escapers.ts +66 -0
  555. package/src/lib/html/html.ts +61 -0
  556. package/src/lib/html/index.ts +5 -0
  557. package/src/lib/html/tags.ts +58 -0
  558. package/src/lib/html/util.ts +21 -0
  559. package/src/lib/http/README.md +11 -0
  560. package/src/lib/http/accept.ts +91 -0
  561. package/src/lib/http/context.ts +11 -0
  562. package/src/lib/http/index.ts +9 -0
  563. package/src/lib/http/method.ts +18 -0
  564. package/src/lib/http/middleware.ts +183 -0
  565. package/src/lib/http/parser.ts +64 -0
  566. package/src/lib/http/path.ts +82 -0
  567. package/src/lib/http/request.ts +141 -0
  568. package/src/lib/http/response.ts +133 -0
  569. package/src/lib/http/route.ts +56 -0
  570. package/src/lib/http/router.ts +118 -0
  571. package/src/lib/http/stream.ts +78 -0
  572. package/src/lib/http/types.ts +22 -0
  573. package/src/lib/http/url.ts +23 -0
  574. package/src/lib/redis.ts +23 -0
  575. package/src/lib/util/authorization-header.ts +26 -0
  576. package/src/lib/util/cast.ts +4 -0
  577. package/src/lib/util/crypto.ts +27 -0
  578. package/src/lib/util/date.ts +7 -0
  579. package/src/lib/util/hostname.ts +19 -0
  580. package/src/lib/util/redirect-uri.ts +46 -0
  581. package/src/lib/util/time.ts +33 -0
  582. package/src/lib/util/type.ts +4 -0
  583. package/src/lib/util/well-known.ts +8 -0
  584. package/src/metadata/build-metadata.ts +165 -0
  585. package/src/oauth-client.ts +3 -0
  586. package/src/oauth-dpop.ts +2 -0
  587. package/src/oauth-errors.ts +21 -0
  588. package/src/oauth-hooks.ts +66 -0
  589. package/src/oauth-provider.ts +1409 -0
  590. package/src/oauth-store.ts +11 -0
  591. package/src/oauth-verifier.ts +219 -0
  592. package/src/oidc/claims.ts +35 -0
  593. package/src/oidc/sub.ts +4 -0
  594. package/src/oidc/userinfo.ts +11 -0
  595. package/src/output/build-error-payload.ts +143 -0
  596. package/src/output/customization.ts +96 -0
  597. package/src/output/send-authorize-page.ts +111 -0
  598. package/src/output/send-authorize-redirect.ts +130 -0
  599. package/src/output/send-error-page.ts +41 -0
  600. package/src/output/send-web-page.ts +66 -0
  601. package/src/parameters/claims-requested.ts +106 -0
  602. package/src/parameters/oidc-payload.ts +28 -0
  603. package/src/replay/replay-manager.ts +38 -0
  604. package/src/replay/replay-store-memory.ts +36 -0
  605. package/src/replay/replay-store-redis.ts +31 -0
  606. package/src/replay/replay-store.ts +44 -0
  607. package/src/request/code.ts +24 -0
  608. package/src/request/request-data.ts +26 -0
  609. package/src/request/request-id.ts +23 -0
  610. package/src/request/request-info.ts +12 -0
  611. package/src/request/request-manager.ts +479 -0
  612. package/src/request/request-store-memory.ts +39 -0
  613. package/src/request/request-store-redis.ts +71 -0
  614. package/src/request/request-store.ts +54 -0
  615. package/src/request/request-uri.ts +29 -0
  616. package/src/request/types.ts +48 -0
  617. package/src/signer/signed-token-payload.ts +35 -0
  618. package/src/signer/signer.ts +165 -0
  619. package/src/token/refresh-token.ts +31 -0
  620. package/src/token/token-claims.ts +31 -0
  621. package/src/token/token-data.ts +33 -0
  622. package/src/token/token-id.ts +26 -0
  623. package/src/token/token-manager.ts +591 -0
  624. package/src/token/token-store.ts +78 -0
  625. package/src/token/types.ts +86 -0
  626. package/src/token/verify-token-claims.ts +65 -0
  627. package/tailwind.config.js +13 -0
  628. package/tsconfig.backend.json +9 -0
  629. package/tsconfig.frontend.json +11 -0
  630. package/tsconfig.json +8 -0
  631. package/tsconfig.tools.json +8 -0
package/dist/oauth-errors.js ADDED
@@ -0,0 +1,43 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.WWWAuthenticateError = exports.UseDpopNonceError = exports.UnauthorizedClientError = exports.LoginRequiredError = exports.InvalidTokenError = exports.InvalidRequestError = exports.InvalidRedirectUriError = exports.InvalidParametersError = exports.InvalidGrantError = exports.InvalidDpopProofError = exports.InvalidDpopKeyBindingError = exports.InvalidClientMetadataError = exports.InvalidClientIdError = exports.InvalidClientError = exports.InvalidAuthorizationDetailsError = exports.ConsentRequiredError = exports.AccountSelectionRequiredError = exports.AccessDeniedError = exports.OAuthError = void 0;
4
+ // Root Error class
5
+ var oauth_error_js_1 = require("./errors/oauth-error.js");
6
+ Object.defineProperty(exports, "OAuthError", { enumerable: true, get: function () { return oauth_error_js_1.OAuthError; } });
7
+ var access_denied_error_js_1 = require("./errors/access-denied-error.js");
8
+ Object.defineProperty(exports, "AccessDeniedError", { enumerable: true, get: function () { return access_denied_error_js_1.AccessDeniedError; } });
9
+ var account_selection_required_error_js_1 = require("./errors/account-selection-required-error.js");
10
+ Object.defineProperty(exports, "AccountSelectionRequiredError", { enumerable: true, get: function () { return account_selection_required_error_js_1.AccountSelectionRequiredError; } });
11
+ var consent_required_error_js_1 = require("./errors/consent-required-error.js");
12
+ Object.defineProperty(exports, "ConsentRequiredError", { enumerable: true, get: function () { return consent_required_error_js_1.ConsentRequiredError; } });
13
+ var invalid_authorization_details_error_js_1 = require("./errors/invalid-authorization-details-error.js");
14
+ Object.defineProperty(exports, "InvalidAuthorizationDetailsError", { enumerable: true, get: function () { return invalid_authorization_details_error_js_1.InvalidAuthorizationDetailsError; } });
15
+ var invalid_client_error_js_1 = require("./errors/invalid-client-error.js");
16
+ Object.defineProperty(exports, "InvalidClientError", { enumerable: true, get: function () { return invalid_client_error_js_1.InvalidClientError; } });
17
+ var invalid_client_id_error_js_1 = require("./errors/invalid-client-id-error.js");
18
+ Object.defineProperty(exports, "InvalidClientIdError", { enumerable: true, get: function () { return invalid_client_id_error_js_1.InvalidClientIdError; } });
19
+ var invalid_client_metadata_error_js_1 = require("./errors/invalid-client-metadata-error.js");
20
+ Object.defineProperty(exports, "InvalidClientMetadataError", { enumerable: true, get: function () { return invalid_client_metadata_error_js_1.InvalidClientMetadataError; } });
21
+ var invalid_dpop_key_binding_error_js_1 = require("./errors/invalid-dpop-key-binding-error.js");
22
+ Object.defineProperty(exports, "InvalidDpopKeyBindingError", { enumerable: true, get: function () { return invalid_dpop_key_binding_error_js_1.InvalidDpopKeyBindingError; } });
23
+ var invalid_dpop_proof_error_js_1 = require("./errors/invalid-dpop-proof-error.js");
24
+ Object.defineProperty(exports, "InvalidDpopProofError", { enumerable: true, get: function () { return invalid_dpop_proof_error_js_1.InvalidDpopProofError; } });
25
+ var invalid_grant_error_js_1 = require("./errors/invalid-grant-error.js");
26
+ Object.defineProperty(exports, "InvalidGrantError", { enumerable: true, get: function () { return invalid_grant_error_js_1.InvalidGrantError; } });
27
+ var invalid_parameters_error_js_1 = require("./errors/invalid-parameters-error.js");
28
+ Object.defineProperty(exports, "InvalidParametersError", { enumerable: true, get: function () { return invalid_parameters_error_js_1.InvalidParametersError; } });
29
+ var invalid_redirect_uri_error_js_1 = require("./errors/invalid-redirect-uri-error.js");
30
+ Object.defineProperty(exports, "InvalidRedirectUriError", { enumerable: true, get: function () { return invalid_redirect_uri_error_js_1.InvalidRedirectUriError; } });
31
+ var invalid_request_error_js_1 = require("./errors/invalid-request-error.js");
32
+ Object.defineProperty(exports, "InvalidRequestError", { enumerable: true, get: function () { return invalid_request_error_js_1.InvalidRequestError; } });
33
+ var invalid_token_error_js_1 = require("./errors/invalid-token-error.js");
34
+ Object.defineProperty(exports, "InvalidTokenError", { enumerable: true, get: function () { return invalid_token_error_js_1.InvalidTokenError; } });
35
+ var login_required_error_js_1 = require("./errors/login-required-error.js");
36
+ Object.defineProperty(exports, "LoginRequiredError", { enumerable: true, get: function () { return login_required_error_js_1.LoginRequiredError; } });
37
+ var unauthorized_client_error_js_1 = require("./errors/unauthorized-client-error.js");
38
+ Object.defineProperty(exports, "UnauthorizedClientError", { enumerable: true, get: function () { return unauthorized_client_error_js_1.UnauthorizedClientError; } });
39
+ var use_dpop_nonce_error_js_1 = require("./errors/use-dpop-nonce-error.js");
40
+ Object.defineProperty(exports, "UseDpopNonceError", { enumerable: true, get: function () { return use_dpop_nonce_error_js_1.UseDpopNonceError; } });
41
+ var www_authenticate_error_js_1 = require("./errors/www-authenticate-error.js");
42
+ Object.defineProperty(exports, "WWWAuthenticateError", { enumerable: true, get: function () { return www_authenticate_error_js_1.WWWAuthenticateError; } });
43
+ //# sourceMappingURL=oauth-errors.js.map
package/dist/oauth-errors.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"oauth-errors.js","sourceRoot":"","sources":["../src/oauth-errors.ts"],"names":[],"mappings":";;;AAAA,mBAAmB;AACnB,0DAAoD;AAA3C,4GAAA,UAAU,OAAA;AAEnB,0EAAmE;AAA1D,2HAAA,iBAAiB,OAAA;AAC1B,oGAA4F;AAAnF,oJAAA,6BAA6B,OAAA;AACtC,gFAAyE;AAAhE,iIAAA,oBAAoB,OAAA;AAC7B,0GAAkG;AAAzF,0JAAA,gCAAgC,OAAA;AACzC,4EAAqE;AAA5D,6HAAA,kBAAkB,OAAA;AAC3B,kFAA0E;AAAjE,kIAAA,oBAAoB,OAAA;AAC7B,8FAAsF;AAA7E,8IAAA,0BAA0B,OAAA;AACnC,gGAAuF;AAA9E,+IAAA,0BAA0B,OAAA;AACnC,oFAA4E;AAAnE,oIAAA,qBAAqB,OAAA;AAC9B,0EAAmE;AAA1D,2HAAA,iBAAiB,OAAA;AAC1B,oFAA6E;AAApE,qIAAA,sBAAsB,OAAA;AAC/B,wFAAgF;AAAvE,wIAAA,uBAAuB,OAAA;AAChC,8EAAuE;AAA9D,+HAAA,mBAAmB,OAAA;AAC5B,0EAAmE;AAA1D,2HAAA,iBAAiB,OAAA;AAC1B,4EAAqE;AAA5D,6HAAA,kBAAkB,OAAA;AAC3B,sFAA+E;AAAtE,uIAAA,uBAAuB,OAAA;AAChC,4EAAoE;AAA3D,4HAAA,iBAAiB,OAAA;AAC1B,gFAAyE;AAAhE,iIAAA,oBAAoB,OAAA"}
package/dist/oauth-hooks.d.ts ADDED
@@ -0,0 +1,42 @@
1
+ import { Jwks } from '@atproto/jwk';
2
+ import { OAuthAuthenticationRequestParameters, OAuthAuthorizationDetails, OAuthClientMetadata, OAuthTokenResponse } from '@atproto/oauth-types';
3
+ import { Account } from './account/account.js';
4
+ import { ClientAuth } from './client/client-auth.js';
5
+ import { ClientId } from './client/client-id.js';
6
+ import { ClientInfo } from './client/client-info.js';
7
+ import { Client } from './client/client.js';
8
+ import { Awaitable } from './lib/util/type.js';
9
+ export type { Account, Client, ClientAuth, ClientId, ClientInfo, Jwks, OAuthAuthenticationRequestParameters, OAuthAuthorizationDetails, OAuthClientMetadata, OAuthTokenResponse, };
10
+ export type OAuthHooks = {
11
+ /**
12
+ * Use this to alter, override or validate the client metadata & jwks returned
13
+ * by the client store.
14
+ *
15
+ * @throws {InvalidClientMetadataError} if the metadata is invalid
16
+ * @see {@link InvalidClientMetadataError}
17
+ */
18
+ onClientInfo?: (clientId: ClientId, data: {
19
+ metadata: OAuthClientMetadata;
20
+ jwks?: Jwks;
21
+ }) => Awaitable<void | undefined | Partial<ClientInfo>>;
22
+ /**
23
+ * Allows enriching the authorization details with additional information
24
+ * before the tokens are issued.
25
+ *
26
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc9396 | RFC 9396}
27
+ */
28
+ onAuthorizationDetails?: (data: {
29
+ client: Client;
30
+ parameters: OAuthAuthenticationRequestParameters;
31
+ account: Account;
32
+ }) => Awaitable<undefined | OAuthAuthorizationDetails>;
33
+ /**
34
+ * Allows altering the token response before it is sent to the client.
35
+ */
36
+ onTokenResponse?: (tokenResponse: OAuthTokenResponse, data: {
37
+ client: Client;
38
+ parameters: OAuthAuthenticationRequestParameters;
39
+ account: Account;
40
+ }) => Awaitable<void>;
41
+ };
42
+ //# sourceMappingURL=oauth-hooks.d.ts.map
package/dist/oauth-hooks.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"oauth-hooks.d.ts","sourceRoot":"","sources":["../src/oauth-hooks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AACnC,OAAO,EACL,oCAAoC,EACpC,yBAAyB,EACzB,mBAAmB,EACnB,kBAAkB,EACnB,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAA;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAG9C,YAAY,EACV,OAAO,EACP,MAAM,EACN,UAAU,EACV,QAAQ,EACR,UAAU,EACV,IAAI,EACJ,oCAAoC,EACpC,yBAAyB,EACzB,mBAAmB,EACnB,kBAAkB,GACnB,CAAA;AAED,MAAM,MAAM,UAAU,GAAG;IACvB;;;;;;OAMG;IACH,YAAY,CAAC,EAAE,CACb,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE;QAAE,QAAQ,EAAE,mBAAmB,CAAC;QAAC,IAAI,CAAC,EAAE,IAAI,CAAA;KAAE,KACjD,SAAS,CAAC,IAAI,GAAG,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,CAAA;IAEtD;;;;;OAKG;IACH,sBAAsB,CAAC,EAAE,CAAC,IAAI,EAAE;QAC9B,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,oCAAoC,CAAA;QAChD,OAAO,EAAE,OAAO,CAAA;KACjB,KAAK,SAAS,CAAC,SAAS,GAAG,yBAAyB,CAAC,CAAA;IAEtD;;OAEG;IACH,eAAe,CAAC,EAAE,CAChB,aAAa,EAAE,kBAAkB,EACjC,IAAI,EAAE;QACJ,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,oCAAoC,CAAA;QAChD,OAAO,EAAE,OAAO,CAAA;KACjB,KACE,SAAS,CAAC,IAAI,CAAC,CAAA;CACrB,CAAA"}
package/dist/oauth-hooks.js ADDED
@@ -0,0 +1,3 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ //# sourceMappingURL=oauth-hooks.js.map
package/dist/oauth-hooks.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"oauth-hooks.js","sourceRoot":"","sources":["../src/oauth-hooks.ts"],"names":[],"mappings":""}
package/dist/oauth-provider.d.ts ADDED
@@ -0,0 +1,179 @@
1
+ /// <reference types="node" />
2
+ import { SimpleStore } from '@atproto-labs/simple-store';
3
+ import { Jwks, Keyset, SignedJwt } from '@atproto/jwk';
4
+ import { AccessToken, OAuthAuthenticationRequestParameters, OAuthAuthorizationServerMetadata, OAuthClientIdentification, OAuthClientMetadata, OAuthEndpointName, OAuthTokenResponse, OAuthTokenType } from '@atproto/oauth-types';
5
+ import { Redis, type RedisOptions } from 'ioredis';
6
+ import { AccountManager } from './account/account-manager.js';
7
+ import { AccountInfo, AccountStore, DeviceAccountInfo, LoginCredentials } from './account/account-store.js';
8
+ import { Account } from './account/account.js';
9
+ import { ClientAuth } from './client/client-auth.js';
10
+ import { ClientId } from './client/client-id.js';
11
+ import { ClientManager, LoopbackMetadataGetter } from './client/client-manager.js';
12
+ import { ClientStore } from './client/client-store.js';
13
+ import { Client } from './client/client.js';
14
+ import { DeviceId } from './device/device-id.js';
15
+ import { DeviceStore } from './device/device-store.js';
16
+ import { Handler, IncomingMessage, Router, ServerResponse } from './lib/http/index.js';
17
+ import { Override } from './lib/util/type.js';
18
+ import { CustomMetadata } from './metadata/build-metadata.js';
19
+ import { OAuthHooks } from './oauth-hooks.js';
20
+ import { OAuthVerifier, OAuthVerifierOptions } from './oauth-verifier.js';
21
+ import { Userinfo } from './oidc/userinfo.js';
22
+ import { Customization } from './output/customization.js';
23
+ import { AuthorizationResultAuthorize } from './output/send-authorize-page.js';
24
+ import { AuthorizationResultRedirect } from './output/send-authorize-redirect.js';
25
+ import { ReplayStore } from './replay/replay-store.js';
26
+ import { RequestManager } from './request/request-manager.js';
27
+ import { RequestStore } from './request/request-store.js';
28
+ import { RequestUri } from './request/request-uri.js';
29
+ import { AuthorizationRequestJar, AuthorizationRequestQuery, PushedAuthorizationRequest } from './request/types.js';
30
+ import { TokenManager } from './token/token-manager.js';
31
+ import { TokenInfo, TokenStore } from './token/token-store.js';
32
+ import { CodeGrantRequest, Introspect, IntrospectionResponse, RefreshGrantRequest, Revoke, TokenRequest } from './token/types.js';
33
+ import { VerifyTokenClaimsOptions } from './token/verify-token-claims.js';
34
+ export type OAuthProviderStore = Partial<ClientStore & AccountStore & DeviceStore & TokenStore & RequestStore & ReplayStore>;
35
+ export { Keyset, type CustomMetadata, type Customization, type Handler, type OAuthAuthorizationServerMetadata, };
36
+ export type RouterOptions<Req extends IncomingMessage = IncomingMessage, Res extends ServerResponse = ServerResponse> = {
37
+ onError?: (req: Req, res: Res, err: unknown, message: string) => void;
38
+ };
39
+ export type OAuthProviderOptions = Override<OAuthVerifierOptions & OAuthHooks, {
40
+ /**
41
+ * Maximum age a device/account session can be before requiring
42
+ * re-authentication. This can be overridden on a authorization request basis
43
+ * using the `max_age` parameter and on a client basis using the
44
+ * `default_max_age` client metadata.
45
+ */
46
+ authenticationMaxAge?: number;
47
+ /**
48
+ * Maximum age access & id tokens can be before requiring a refresh.
49
+ */
50
+ tokenMaxAge?: number;
51
+ /**
52
+ * Additional metadata to be included in the discovery document.
53
+ */
54
+ metadata?: CustomMetadata;
55
+ /**
56
+ * UI customizations
57
+ */
58
+ customization?: Customization;
59
+ /**
60
+ * A custom fetch function that can be used to fetch the client metadata from
61
+ * the internet. By default, the fetch function is a safeFetchWrap() function
62
+ * that protects against SSRF attacks, large responses & known bad domains. If
63
+ * you want to disable all protections, you can provide `globalThis.fetch` as
64
+ * fetch function.
65
+ */
66
+ safeFetch?: typeof globalThis.fetch;
67
+ /**
68
+ * A redis instance to use for replay protection. If not provided, replay
69
+ * protection will use memory storage.
70
+ */
71
+ redis?: Redis | RedisOptions | string;
72
+ /**
73
+ * This will be used as the default store for all the stores. If a store is
74
+ * not provided, this store will be used instead. If the `store` does not
75
+ * implement a specific store, a runtime error will be thrown. Make sure that
76
+ * this store implements all the interfaces not provided in the other
77
+ * `<name>Store` options.
78
+ */
79
+ store?: OAuthProviderStore;
80
+ accountStore?: AccountStore;
81
+ deviceStore?: DeviceStore;
82
+ clientStore?: ClientStore;
83
+ replayStore?: ReplayStore;
84
+ requestStore?: RequestStore;
85
+ tokenStore?: TokenStore;
86
+ /**
87
+ * In order to speed up the client fetching process, you can provide a cache
88
+ * to store HTTP responses.
89
+ *
90
+ * @note the cached entries should automatically expire after a certain time (typically 10 minutes)
91
+ */
92
+ clientJwksCache?: SimpleStore<string, Jwks>;
93
+ /**
94
+ * In order to speed up the client fetching process, you can provide a cache
95
+ * to store HTTP responses.
96
+ *
97
+ * @note the cached entries should automatically expire after a certain time (typically 10 minutes)
98
+ */
99
+ clientMetadataCache?: SimpleStore<string, OAuthClientMetadata>;
100
+ /**
101
+ * In order to enable loopback clients, you can provide a function that
102
+ * returns the client metadata for a given loopback URL. This is useful for
103
+ * development and testing purposes. This function is not called for internet
104
+ * clients.
105
+ *
106
+ * @default is as specified by ATPROTO
107
+ */
108
+ loopbackMetadata?: null | false | LoopbackMetadataGetter;
109
+ }>;
110
+ export declare class OAuthProvider extends OAuthVerifier {
111
+ readonly metadata: OAuthAuthorizationServerMetadata;
112
+ readonly customization?: Customization;
113
+ readonly authenticationMaxAge: number;
114
+ readonly accountManager: AccountManager;
115
+ readonly deviceStore: DeviceStore;
116
+ readonly clientManager: ClientManager;
117
+ readonly requestManager: RequestManager;
118
+ readonly tokenManager: TokenManager;
119
+ constructor({ metadata, customization, authenticationMaxAge, tokenMaxAge, safeFetch, redis, store, // compound store implementation
120
+ accountStore, deviceStore, tokenStore, clientStore, replayStore, requestStore, clientJwksCache, clientMetadataCache, loopbackMetadata, ...rest }: OAuthProviderOptions);
121
+ get jwks(): Jwks;
122
+ protected loginRequired(client: Client, parameters: OAuthAuthenticationRequestParameters, info: DeviceAccountInfo): boolean;
123
+ protected authenticateClient(client: Client, endpoint: OAuthEndpointName, credentials: OAuthClientIdentification): Promise<ClientAuth>;
124
+ protected decodeJAR(client: Client, input: AuthorizationRequestJar): Promise<{
125
+ payload: OAuthAuthenticationRequestParameters;
126
+ } | {
127
+ payload: OAuthAuthenticationRequestParameters;
128
+ protectedHeader: {
129
+ kid: string;
130
+ alg: string;
131
+ };
132
+ jkt: string;
133
+ }>;
134
+ /**
135
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc9126}
136
+ */
137
+ protected pushedAuthorizationRequest(input: PushedAuthorizationRequest, dpopJkt: null | string): Promise<{
138
+ request_uri: `urn:ietf:params:oauth:request_uri:req-${string}`;
139
+ expires_in: number;
140
+ }>;
141
+ private loadAuthorizationRequest;
142
+ private deleteRequest;
143
+ protected authorize(deviceId: DeviceId, input: AuthorizationRequestQuery): Promise<AuthorizationResultRedirect | AuthorizationResultAuthorize>;
144
+ protected getSessions(client: Client, clientAuth: ClientAuth, deviceId: DeviceId, parameters: OAuthAuthenticationRequestParameters): Promise<{
145
+ account: Account;
146
+ info: DeviceAccountInfo;
147
+ selected: boolean;
148
+ loginRequired: boolean;
149
+ consentRequired: boolean;
150
+ matchesHint: boolean;
151
+ }[]>;
152
+ protected signIn(deviceId: DeviceId, credentials: LoginCredentials): Promise<AccountInfo>;
153
+ protected acceptRequest(deviceId: DeviceId, uri: RequestUri, clientId: ClientId, sub: string): Promise<AuthorizationResultRedirect>;
154
+ protected rejectRequest(deviceId: DeviceId, uri: RequestUri, clientId: ClientId): Promise<AuthorizationResultRedirect>;
155
+ protected token(input: TokenRequest, dpopJkt: null | string): Promise<OAuthTokenResponse>;
156
+ protected codeGrant(client: Client, clientAuth: ClientAuth, input: CodeGrantRequest, dpopJkt: null | string): Promise<OAuthTokenResponse>;
157
+ refreshTokenGrant(client: Client, clientAuth: ClientAuth, input: RefreshGrantRequest, dpopJkt: null | string): Promise<OAuthTokenResponse>;
158
+ /**
159
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc7009#section-2.1 rfc7009}
160
+ */
161
+ protected revoke(input: Revoke): Promise<void>;
162
+ /**
163
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc7662#section-2.1 rfc7662}
164
+ */
165
+ protected introspect(input: Introspect): Promise<IntrospectionResponse>;
166
+ /**
167
+ * @see {@link https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.5.3.2 Successful UserInfo Response}
168
+ */
169
+ protected userinfo({ data, account }: TokenInfo): Promise<Userinfo>;
170
+ protected signUserinfo(userinfo: Userinfo): Promise<SignedJwt>;
171
+ protected authenticateToken(tokenType: OAuthTokenType, token: AccessToken, dpopJkt: string | null, verifyOptions?: VerifyTokenClaimsOptions): Promise<import("./token/verify-token-claims.js").VerifyTokenClaimsResult>;
172
+ /**
173
+ * @returns An http request handler that can be used with node's http server
174
+ * or as a middleware with express / connect.
175
+ */
176
+ httpHandler<T = void, Req extends IncomingMessage = IncomingMessage, Res extends ServerResponse = ServerResponse>(options?: RouterOptions<Req, Res>): Handler<T, Req, Res>;
177
+ buildRouter<T = void, Req extends IncomingMessage = IncomingMessage, Res extends ServerResponse = ServerResponse>({ onError, }?: RouterOptions<Req, Res>): Router<T, Req, Res>;
178
+ }
179
+ //# sourceMappingURL=oauth-provider.d.ts.map
package/dist/oauth-provider.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"oauth-provider.d.ts","sourceRoot":"","sources":["../src/oauth-provider.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AAExD,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAmB,MAAM,cAAc,CAAA;AACvE,OAAO,EACL,WAAW,EAEX,oCAAoC,EACpC,gCAAgC,EAChC,yBAAyB,EACzB,mBAAmB,EACnB,iBAAiB,EACjB,kBAAkB,EAClB,cAAc,EAGf,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EAAE,KAAK,EAAE,KAAK,YAAY,EAAE,MAAM,SAAS,CAAA;AAIlD,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAC7D,OAAO,EACL,WAAW,EACX,YAAY,EACZ,iBAAiB,EACjB,gBAAgB,EAEjB,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA;AAE9C,OAAO,EAAE,UAAU,EAAqB,MAAM,yBAAyB,CAAA;AACvE,OAAO,EAAE,QAAQ,EAAkB,MAAM,uBAAuB,CAAA;AAChE,OAAO,EACL,aAAa,EACb,sBAAsB,EACvB,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,WAAW,EAAiB,MAAM,0BAA0B,CAAA;AACrE,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAE3C,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAA;AAEhD,OAAO,EAAE,WAAW,EAAiB,MAAM,0BAA0B,CAAA;AAYrE,OAAO,EACL,OAAO,EACP,eAAe,EAEf,MAAM,EACN,cAAc,EAWf,MAAM,qBAAqB,CAAA;AAE5B,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAA;AAC7C,OAAO,EAAE,cAAc,EAAiB,MAAM,8BAA8B,CAAA;AAC5E,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAC7C,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AACzE,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAA;AAK7C,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzD,OAAO,EACL,4BAA4B,EAE7B,MAAM,iCAAiC,CAAA;AACxC,OAAO,EACL,2BAA2B,EAE5B,MAAM,qCAAqC,CAAA;AAG5C,OAAO,EAAE,WAAW,EAAiB,MAAM,0BAA0B,CAAA;AAErE,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAG7D,OAAO,EAAE,YAAY,EAAkB,MAAM,4BAA4B,CAAA;AACzE,OAAO,EAAE,UAAU,EAAoB,MAAM,0BAA0B,CAAA;AACvE,OAAO,EACL,uBAAuB,EACvB,yBAAyB,EACzB,0BAA0B,EAG3B,MAAM,oBAAoB,CAAA;AAE3B,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AACvD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAgB,MAAM,wBAAwB,CAAA;AAC5E,OAAO,EACL,gBAAgB,EAChB,UAAU,EACV,qBAAqB,EACrB,mBAAmB,EACnB,MAAM,EACN,YAAY,EAIb,MAAM,kBAAkB,CAAA;AACzB,OAAO,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAA;AAEzE,MAAM,MAAM,kBAAkB,GAAG,OAAO,CACtC,WAAW,GACT,YAAY,GACZ,WAAW,GACX,UAAU,GACV,YAAY,GACZ,WAAW,CACd,CAAA;AAED,OAAO,EACL,MAAM,EACN,KAAK,cAAc,EACnB,KAAK,aAAa,EAClB,KAAK,OAAO,EACZ,KAAK,gCAAgC,GACtC,CAAA;AAED,MAAM,MAAM,aAAa,CACvB,GAAG,SAAS,eAAe,GAAG,eAAe,EAC7C,GAAG,SAAS,cAAc,GAAG,cAAc,IACzC;IACF,OAAO,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,KAAK,IAAI,CAAA;CACtE,CAAA;AAED,MAAM,MAAM,oBAAoB,GAAG,QAAQ,CACzC,oBAAoB,GAAG,UAAU,EACjC;IACE;;;;;OAKG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAA;IAE7B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAA;IAEpB;;OAEG;IACH,QAAQ,CAAC,EAAE,cAAc,CAAA;IAEzB;;OAEG;IACH,aAAa,CAAC,EAAE,aAAa,CAAA;IAE7B;;;;;;OAMG;IACH,SAAS,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAA;IAEnC;;;OAGG;IACH,KAAK,CAAC,EAAE,KAAK,GAAG,YAAY,GAAG,MAAM,CAAA;IAErC;;;;;;OAMG;IACH,KAAK,CAAC,EAAE,kBAAkB,CAAA;IAE1B,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,UAAU,CAAC,EAAE,UAAU,CAAA;IAEvB;;;;;OAKG;IACH,eAAe,CAAC,EAAE,WAAW,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;IAE3C;;;;;OAKG;IACH,mBAAmB,CAAC,EAAE,WAAW,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAA;IAE9D;;;;;;;OAOG;IACH,gBAAgB,CAAC,EAAE,IAAI,GAAG,KAAK,GAAG,sBAAsB,CAAA;CACzD,CACF,CAAA;AAED,qBAAa,aAAc,SAAQ,aAAa;IAC9C,SAAgB,QAAQ,EAAE,gCAAgC,CAAA;IAC1D,SAAgB,aAAa,CAAC,EAAE,aAAa,CAAA;IAE7C,SAAgB,oBAAoB,EAAE,MAAM,CAAA;IAE5C,SAAgB,cAAc,EAAE,cAAc,CAAA;IAC9C,SAAgB,WAAW,EAAE,WAAW,CAAA;IACxC,SAAgB,aAAa,EAAE,aAAa,CAAA;IAC5C,SAAgB,cAAc,EAAE,cAAc,CAAA;IAC9C,SAAgB,YAAY,EAAE,YAAY,CAAA;gBAEvB,EACjB,QAAQ,EACR,aAAyB,EACzB,oBAA6C,EAC7C,WAA2B,EAE3B,SAA2B,EAC3B,KAAK,EACL,KAAK,EAAE,gCAAgC;IAGvC,YAAoC,EACpC,WAAkC,EAClC,UAAgC,EAGhC,WAAkC,EAClC,WAAkC,EAClC,YAAoC,EAEpC,eAGE,EACF,mBAGE,EAEF,gBAAgD,EAGhD,GAAG,IAAI,EACR,EAAE,oBAAoB;IAsCvB,IAAI,IAAI,IAAI,IAAI,CAEf;IAED,SAAS,CAAC,aAAa,CACrB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,oCAAoC,EAChD,IAAI,EAAE,iBAAiB;cAoBT,kBAAkB,CAChC,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,iBAAiB,EAC3B,WAAW,EAAE,yBAAyB,GACrC,OAAO,CAAC,UAAU,CAAC;cAiBN,SAAS,CACvB,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,uBAAuB,GAC7B,OAAO,CACN;QACE,OAAO,EAAE,oCAAoC,CAAA;KAC9C,GACD;QACE,OAAO,EAAE,oCAAoC,CAAA;QAC7C,eAAe,EAAE;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE,CAAA;QAC7C,GAAG,EAAE,MAAM,CAAA;KACZ,CACJ;IA6CD;;OAEG;cACa,0BAA0B,CACxC,KAAK,EAAE,0BAA0B,EACjC,OAAO,EAAE,IAAI,GAAG,MAAM;;;;YAyCV,wBAAwB;YAmDxB,aAAa;cAWX,SAAS,CACvB,QAAQ,EAAE,QAAQ,EAClB,KAAK,EAAE,yBAAyB,GAC/B,OAAO,CAAC,2BAA2B,GAAG,4BAA4B,CAAC;cA0FtD,WAAW,CACzB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,QAAQ,EAAE,QAAQ,EAClB,UAAU,EAAE,oCAAoC,GAC/C,OAAO,CACR;QACE,OAAO,EAAE,OAAO,CAAA;QAChB,IAAI,EAAE,iBAAiB,CAAA;QAEvB,QAAQ,EAAE,OAAO,CAAA;QACjB,aAAa,EAAE,OAAO,CAAA;QACtB,eAAe,EAAE,OAAO,CAAA;QAExB,WAAW,EAAE,OAAO,CAAA;KACrB,EAAE,CACJ;cAsBe,MAAM,CACpB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,gBAAgB,GAC5B,OAAO,CAAC,WAAW,CAAC;cAIP,aAAa,CAC3B,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,2BAA2B,CAAC;cAsDvB,aAAa,CAC3B,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,GACjB,OAAO,CAAC,2BAA2B,CAAC;cA0BvB,KAAK,CACnB,KAAK,EAAE,YAAY,EACnB,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,kBAAkB,CAAC;cAwBd,SAAS,CACvB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,gBAAgB,EACvB,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,kBAAkB,CAAC;IAgCxB,iBAAiB,CACrB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,mBAAmB,EAC1B,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,kBAAkB,CAAC;IAI9B;;OAEG;cACa,MAAM,CAAC,KAAK,EAAE,MAAM;IAMpC;;OAEG;cACa,UAAU,CACxB,KAAK,EAAE,UAAU,GAChB,OAAO,CAAC,qBAAqB,CAAC;IAsDjC;;OAEG;cACa,QAAQ,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,SAAS,GAAG,OAAO,CAAC,QAAQ,CAAC;cAWzD,YAAY,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC;cAW3C,iBAAiB,CACxC,SAAS,EAAE,cAAc,EACzB,KAAK,EAAE,WAAW,EAClB,OAAO,EAAE,MAAM,GAAG,IAAI,EACtB,aAAa,CAAC,EAAE,wBAAwB;IAgB1C;;;OAGG;IACI,WAAW,CAChB,CAAC,GAAG,IAAI,EACR,GAAG,SAAS,eAAe,GAAG,eAAe,EAC7C,GAAG,SAAS,cAAc,GAAG,cAAc,EAC3C,OAAO,CAAC,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC;IAKnD,WAAW,CAChB,CAAC,GAAG,IAAI,EACR,GAAG,SAAS,eAAe,GAAG,eAAe,EAC7C,GAAG,SAAS,cAAc,GAAG,cAAc,EAC3C,EACA,OAGa,GACd,GAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAM;CA8bhC"}