npm - @atproto/oauth-provider - Versions diffs - 0.1.0 - Mend

@atproto/oauth-provider 0.1.0

Files changed (631) hide show

package/.postcssrc.yml +3 -0
package/CHANGELOG.md +19 -0
package/LICENSE.txt +7 -0
package/dist/access-token/access-token-type.d.ts +6 -0
package/dist/access-token/access-token-type.d.ts.map +1 -0
package/dist/access-token/access-token-type.js +10 -0
package/dist/access-token/access-token-type.js.map +1 -0
package/dist/account/account-manager.d.ts +14 -0
package/dist/account/account-manager.d.ts.map +1 -0
package/dist/account/account-manager.js +39 -0
package/dist/account/account-manager.js.map +1 -0
package/dist/account/account-store.d.ts +39 -0
package/dist/account/account-store.d.ts.map +1 -0
package/dist/account/account-store.js +19 -0
package/dist/account/account-store.js.map +1 -0
package/dist/account/account.d.ts +8 -0
package/dist/account/account.d.ts.map +1 -0
package/dist/account/account.js +3 -0
package/dist/account/account.js.map +1 -0
package/dist/assets/app/bundle-manifest.json +22 -0
package/dist/assets/app/main.css +3 -0
package/dist/assets/app/main.js +20 -0
package/dist/assets/app/main.js.map +1 -0
package/dist/assets/asset.d.ts +9 -0
package/dist/assets/asset.d.ts.map +1 -0
package/dist/assets/asset.js +3 -0
package/dist/assets/asset.js.map +1 -0
package/dist/assets/assets-middleware.d.ts +2 -0
package/dist/assets/assets-middleware.d.ts.map +1 -0
package/dist/assets/assets-middleware.js +30 -0
package/dist/assets/assets-middleware.js.map +1 -0
package/dist/assets/index.d.ts +4 -0
package/dist/assets/index.d.ts.map +1 -0
package/dist/assets/index.js +65 -0
package/dist/assets/index.js.map +1 -0
package/dist/client/client-auth.d.ts +13 -0
package/dist/client/client-auth.d.ts.map +1 -0
package/dist/client/client-auth.js +35 -0
package/dist/client/client-auth.js.map +1 -0
package/dist/client/client-data.d.ts +8 -0
package/dist/client/client-data.d.ts.map +1 -0
package/dist/client/client-data.js +3 -0
package/dist/client/client-data.js.map +1 -0
package/dist/client/client-id.d.ts +4 -0
package/dist/client/client-id.d.ts.map +1 -0
package/dist/client/client-id.js +6 -0
package/dist/client/client-id.js.map +1 -0
package/dist/client/client-info.d.ts +13 -0
package/dist/client/client-info.d.ts.map +1 -0
package/dist/client/client-info.js +3 -0
package/dist/client/client-info.js.map +1 -0
package/dist/client/client-manager.d.ts +38 -0
package/dist/client/client-manager.d.ts.map +1 -0
package/dist/client/client-manager.js +534 -0
package/dist/client/client-manager.js.map +1 -0
package/dist/client/client-store.d.ts +13 -0
package/dist/client/client-store.d.ts.map +1 -0
package/dist/client/client-store.js +39 -0
package/dist/client/client-store.js.map +1 -0
package/dist/client/client-utils.d.ts +6 -0
package/dist/client/client-utils.d.ts.map +1 -0
package/dist/client/client-utils.js +40 -0
package/dist/client/client-utils.js.map +1 -0
package/dist/client/client.d.ts +41 -0
package/dist/client/client.d.ts.map +1 -0
package/dist/client/client.js +163 -0
package/dist/client/client.js.map +1 -0
package/dist/constants.d.ts +42 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +53 -0
package/dist/constants.js.map +1 -0
package/dist/device/device-data.d.ts +20 -0
package/dist/device/device-data.d.ts.map +1 -0
package/dist/device/device-data.js +11 -0
package/dist/device/device-data.js.map +1 -0
package/dist/device/device-details.d.ts +17 -0
package/dist/device/device-details.d.ts.map +1 -0
package/dist/device/device-details.js +34 -0
package/dist/device/device-details.js.map +1 -0
package/dist/device/device-id.d.ts +6 -0
package/dist/device/device-id.d.ts.map +1 -0
package/dist/device/device-id.js +18 -0
package/dist/device/device-id.js.map +1 -0
package/dist/device/device-manager.d.ts +88 -0
package/dist/device/device-manager.d.ts.map +1 -0
package/dist/device/device-manager.js +206 -0
package/dist/device/device-manager.js.map +1 -0
package/dist/device/device-store.d.ts +15 -0
package/dist/device/device-store.d.ts.map +1 -0
package/dist/device/device-store.js +36 -0
package/dist/device/device-store.js.map +1 -0
package/dist/device/session-id.d.ts +6 -0
package/dist/device/session-id.d.ts.map +1 -0
package/dist/device/session-id.js +18 -0
package/dist/device/session-id.js.map +1 -0
package/dist/dpop/dpop-manager.d.ts +33 -0
package/dist/dpop/dpop-manager.d.ts.map +1 -0
package/dist/dpop/dpop-manager.js +115 -0
package/dist/dpop/dpop-manager.js.map +1 -0
package/dist/dpop/dpop-nonce.d.ts +13 -0
package/dist/dpop/dpop-nonce.d.ts.map +1 -0
package/dist/dpop/dpop-nonce.js +94 -0
package/dist/dpop/dpop-nonce.js.map +1 -0
package/dist/errors/access-denied-error.d.ts +8 -0
package/dist/errors/access-denied-error.d.ts.map +1 -0
package/dist/errors/access-denied-error.js +21 -0
package/dist/errors/access-denied-error.js.map +1 -0
package/dist/errors/account-selection-required-error.d.ts +6 -0
package/dist/errors/account-selection-required-error.d.ts.map +1 -0
package/dist/errors/account-selection-required-error.js +11 -0
package/dist/errors/account-selection-required-error.js.map +1 -0
package/dist/errors/consent-required-error.d.ts +6 -0
package/dist/errors/consent-required-error.d.ts.map +1 -0
package/dist/errors/consent-required-error.js +11 -0
package/dist/errors/consent-required-error.js.map +1 -0
package/dist/errors/invalid-authorization-details-error.d.ts +20 -0
package/dist/errors/invalid-authorization-details-error.d.ts.map +1 -0
package/dist/errors/invalid-authorization-details-error.js +26 -0
package/dist/errors/invalid-authorization-details-error.js.map +1 -0
package/dist/errors/invalid-client-error.d.ts +18 -0
package/dist/errors/invalid-client-error.d.ts.map +1 -0
package/dist/errors/invalid-client-error.js +24 -0
package/dist/errors/invalid-client-error.js.map +1 -0
package/dist/errors/invalid-client-id-error.d.ts +13 -0
package/dist/errors/invalid-client-id-error.d.ts.map +1 -0
package/dist/errors/invalid-client-id-error.js +25 -0
package/dist/errors/invalid-client-id-error.js.map +1 -0
package/dist/errors/invalid-client-metadata-error.d.ts +13 -0
package/dist/errors/invalid-client-metadata-error.d.ts.map +1 -0
package/dist/errors/invalid-client-metadata-error.js +23 -0
package/dist/errors/invalid-client-metadata-error.js.map +1 -0
package/dist/errors/invalid-dpop-key-binding-error.d.ts +12 -0
package/dist/errors/invalid-dpop-key-binding-error.d.ts.map +1 -0
package/dist/errors/invalid-dpop-key-binding-error.js +20 -0
package/dist/errors/invalid-dpop-key-binding-error.js.map +1 -0
package/dist/errors/invalid-dpop-proof-error.d.ts +5 -0
package/dist/errors/invalid-dpop-proof-error.d.ts.map +1 -0
package/dist/errors/invalid-dpop-proof-error.js +12 -0
package/dist/errors/invalid-dpop-proof-error.js.map +1 -0
package/dist/errors/invalid-grant-error.d.ts +14 -0
package/dist/errors/invalid-grant-error.d.ts.map +1 -0
package/dist/errors/invalid-grant-error.js +20 -0
package/dist/errors/invalid-grant-error.js.map +1 -0
package/dist/errors/invalid-parameters-error.d.ts +6 -0
package/dist/errors/invalid-parameters-error.d.ts.map +1 -0
package/dist/errors/invalid-parameters-error.js +11 -0
package/dist/errors/invalid-parameters-error.js.map +1 -0
package/dist/errors/invalid-redirect-uri-error.d.ts +11 -0
package/dist/errors/invalid-redirect-uri-error.d.ts.map +1 -0
package/dist/errors/invalid-redirect-uri-error.js +21 -0
package/dist/errors/invalid-redirect-uri-error.js.map +1 -0
package/dist/errors/invalid-request-error.d.ts +28 -0
package/dist/errors/invalid-request-error.d.ts.map +1 -0
package/dist/errors/invalid-request-error.js +34 -0
package/dist/errors/invalid-request-error.js.map +1 -0
package/dist/errors/invalid-token-error.d.ts +16 -0
package/dist/errors/invalid-token-error.d.ts.map +1 -0
package/dist/errors/invalid-token-error.js +45 -0
package/dist/errors/invalid-token-error.js.map +1 -0
package/dist/errors/login-required-error.d.ts +6 -0
package/dist/errors/login-required-error.d.ts.map +1 -0
package/dist/errors/login-required-error.js +11 -0
package/dist/errors/login-required-error.js.map +1 -0
package/dist/errors/oauth-error.d.ts +13 -0
package/dist/errors/oauth-error.d.ts.map +1 -0
package/dist/errors/oauth-error.js +29 -0
package/dist/errors/oauth-error.js.map +1 -0
package/dist/errors/unauthorized-client-error.d.ts +18 -0
package/dist/errors/unauthorized-client-error.d.ts.map +1 -0
package/dist/errors/unauthorized-client-error.js +24 -0
package/dist/errors/unauthorized-client-error.js.map +1 -0
package/dist/errors/use-dpop-nonce-error.d.ts +18 -0
package/dist/errors/use-dpop-nonce-error.d.ts.map +1 -0
package/dist/errors/use-dpop-nonce-error.js +27 -0
package/dist/errors/use-dpop-nonce-error.js.map +1 -0
package/dist/errors/www-authenticate-error.d.ts +9 -0
package/dist/errors/www-authenticate-error.d.ts.map +1 -0
package/dist/errors/www-authenticate-error.js +46 -0
package/dist/errors/www-authenticate-error.js.map +1 -0
package/dist/index.d.ts +14 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +31 -0
package/dist/index.js.map +1 -0
package/dist/lib/html/build-document.d.ts +32 -0
package/dist/lib/html/build-document.d.ts.map +1 -0
package/dist/lib/html/build-document.js +61 -0
package/dist/lib/html/build-document.js.map +1 -0
package/dist/lib/html/escapers.d.ts +9 -0
package/dist/lib/html/escapers.d.ts.map +1 -0
package/dist/lib/html/escapers.js +66 -0
package/dist/lib/html/escapers.js.map +1 -0
package/dist/lib/html/html.d.ts +13 -0
package/dist/lib/html/html.d.ts.map +1 -0
package/dist/lib/html/html.js +53 -0
package/dist/lib/html/html.js.map +1 -0
package/dist/lib/html/index.d.ts +4 -0
package/dist/lib/html/index.d.ts.map +1 -0
package/dist/lib/html/index.js +21 -0
package/dist/lib/html/index.js.map +1 -0
package/dist/lib/html/tags.d.ts +34 -0
package/dist/lib/html/tags.d.ts.map +1 -0
package/dist/lib/html/tags.js +47 -0
package/dist/lib/html/tags.js.map +1 -0
package/dist/lib/html/util.d.ts +4 -0
package/dist/lib/html/util.d.ts.map +1 -0
package/dist/lib/html/util.js +20 -0
package/dist/lib/html/util.js.map +1 -0
package/dist/lib/http/accept.d.ts +29 -0
package/dist/lib/http/accept.d.ts.map +1 -0
package/dist/lib/http/accept.js +67 -0
package/dist/lib/http/accept.js.map +1 -0
package/dist/lib/http/context.d.ts +5 -0
package/dist/lib/http/context.d.ts.map +1 -0
package/dist/lib/http/context.js +10 -0
package/dist/lib/http/context.js.map +1 -0
package/dist/lib/http/index.d.ts +10 -0
package/dist/lib/http/index.d.ts.map +1 -0
package/dist/lib/http/index.js +26 -0
package/dist/lib/http/index.js.map +1 -0
package/dist/lib/http/method.d.ts +6 -0
package/dist/lib/http/method.d.ts.map +1 -0
package/dist/lib/http/method.js +19 -0
package/dist/lib/http/method.js.map +1 -0
package/dist/lib/http/middleware.d.ts +18 -0
package/dist/lib/http/middleware.d.ts.map +1 -0
package/dist/lib/http/middleware.js +118 -0
package/dist/lib/http/middleware.js.map +1 -0
package/dist/lib/http/parser.d.ts +33 -0
package/dist/lib/http/parser.d.ts.map +1 -0
package/dist/lib/http/parser.js +48 -0
package/dist/lib/http/parser.js.map +1 -0
package/dist/lib/http/path.d.ts +9 -0
package/dist/lib/http/path.d.ts.map +1 -0
package/dist/lib/http/path.js +54 -0
package/dist/lib/http/path.js.map +1 -0
package/dist/lib/http/request.d.ts +33 -0
package/dist/lib/http/request.d.ts.map +1 -0
package/dist/lib/http/request.js +86 -0
package/dist/lib/http/request.js.map +1 -0
package/dist/lib/http/response.d.ts +13 -0
package/dist/lib/http/response.d.ts.map +1 -0
package/dist/lib/http/response.js +98 -0
package/dist/lib/http/response.js.map +1 -0
package/dist/lib/http/route.d.ts +25 -0
package/dist/lib/http/route.d.ts.map +1 -0
package/dist/lib/http/route.js +39 -0
package/dist/lib/http/route.js.map +1 -0
package/dist/lib/http/router.d.ts +32 -0
package/dist/lib/http/router.d.ts.map +1 -0
package/dist/lib/http/router.js +74 -0
package/dist/lib/http/router.js.map +1 -0
package/dist/lib/http/stream.d.ts +13 -0
package/dist/lib/http/stream.d.ts.map +1 -0
package/dist/lib/http/stream.js +46 -0
package/dist/lib/http/stream.js.map +1 -0
package/dist/lib/http/types.d.ts +7 -0
package/dist/lib/http/types.d.ts.map +1 -0
package/dist/lib/http/types.js +3 -0
package/dist/lib/http/types.js.map +1 -0
package/dist/lib/http/url.d.ts +8 -0
package/dist/lib/http/url.d.ts.map +1 -0
package/dist/lib/http/url.js +22 -0
package/dist/lib/http/url.js.map +1 -0
package/dist/lib/redis.d.ts +5 -0
package/dist/lib/redis.d.ts.map +1 -0
package/dist/lib/redis.js +22 -0
package/dist/lib/redis.js.map +1 -0
package/dist/lib/util/authorization-header.d.ts +4 -0
package/dist/lib/util/authorization-header.d.ts.map +1 -0
package/dist/lib/util/authorization-header.js +23 -0
package/dist/lib/util/authorization-header.js.map +1 -0
package/dist/lib/util/cast.d.ts +2 -0
package/dist/lib/util/cast.d.ts.map +1 -0
package/dist/lib/util/cast.js +10 -0
package/dist/lib/util/cast.js.map +1 -0
package/dist/lib/util/crypto.d.ts +3 -0
package/dist/lib/util/crypto.d.ts.map +1 -0
package/dist/lib/util/crypto.js +29 -0
package/dist/lib/util/crypto.js.map +1 -0
package/dist/lib/util/date.d.ts +3 -0
package/dist/lib/util/date.d.ts.map +1 -0
package/dist/lib/util/date.js +12 -0
package/dist/lib/util/date.js.map +1 -0
package/dist/lib/util/hostname.d.ts +6 -0
package/dist/lib/util/hostname.d.ts.map +1 -0
package/dist/lib/util/hostname.js +24 -0
package/dist/lib/util/hostname.js.map +1 -0
package/dist/lib/util/redirect-uri.d.ts +7 -0
package/dist/lib/util/redirect-uri.d.ts.map +1 -0
package/dist/lib/util/redirect-uri.js +44 -0
package/dist/lib/util/redirect-uri.js.map +1 -0
package/dist/lib/util/time.d.ts +6 -0
package/dist/lib/util/time.d.ts.map +1 -0
package/dist/lib/util/time.js +28 -0
package/dist/lib/util/time.js.map +1 -0
package/dist/lib/util/type.d.ts +6 -0
package/dist/lib/util/type.d.ts.map +1 -0
package/dist/lib/util/type.js +3 -0
package/dist/lib/util/type.js.map +1 -0
package/dist/lib/util/well-known.d.ts +3 -0
package/dist/lib/util/well-known.d.ts.map +1 -0
package/dist/lib/util/well-known.js +11 -0
package/dist/lib/util/well-known.js.map +1 -0
package/dist/metadata/build-metadata.d.ts +14 -0
package/dist/metadata/build-metadata.d.ts.map +1 -0
package/dist/metadata/build-metadata.js +132 -0
package/dist/metadata/build-metadata.js.map +1 -0
package/dist/oauth-client.d.ts +4 -0
package/dist/oauth-client.d.ts.map +1 -0
package/dist/oauth-client.js +19 -0
package/dist/oauth-client.js.map +1 -0
package/dist/oauth-dpop.d.ts +3 -0
package/dist/oauth-dpop.d.ts.map +1 -0
package/dist/oauth-dpop.js +19 -0
package/dist/oauth-dpop.js.map +1 -0
package/dist/oauth-errors.d.ts +20 -0
package/dist/oauth-errors.d.ts.map +1 -0
package/dist/oauth-errors.js +43 -0
package/dist/oauth-errors.js.map +1 -0
package/dist/oauth-hooks.d.ts +42 -0
package/dist/oauth-hooks.d.ts.map +1 -0
package/dist/oauth-hooks.js +3 -0
package/dist/oauth-hooks.js.map +1 -0
package/dist/oauth-provider.d.ts +179 -0
package/dist/oauth-provider.d.ts.map +1 -0
package/dist/oauth-provider.js +748 -0
package/dist/oauth-provider.js.map +1 -0
package/dist/oauth-store.d.ts +11 -0
package/dist/oauth-store.d.ts.map +1 -0
package/dist/oauth-store.js +27 -0
package/dist/oauth-store.js.map +1 -0
package/dist/oauth-verifier.d.ts +66 -0
package/dist/oauth-verifier.d.ts.map +1 -0
package/dist/oauth-verifier.js +94 -0
package/dist/oauth-verifier.js.map +1 -0
package/dist/oidc/claims.d.ts +16 -0
package/dist/oidc/claims.d.ts.map +1 -0
package/dist/oidc/claims.js +29 -0
package/dist/oidc/claims.js.map +1 -0
package/dist/oidc/sub.d.ts +4 -0
package/dist/oidc/sub.d.ts.map +1 -0
package/dist/oidc/sub.js +6 -0
package/dist/oidc/sub.js.map +1 -0
package/dist/oidc/userinfo.d.ts +7 -0
package/dist/oidc/userinfo.d.ts.map +1 -0
package/dist/oidc/userinfo.js +3 -0
package/dist/oidc/userinfo.js.map +1 -0
package/dist/output/build-error-payload.d.ts +6 -0
package/dist/output/build-error-payload.d.ts.map +1 -0
package/dist/output/build-error-payload.js +108 -0
package/dist/output/build-error-payload.js.map +1 -0
package/dist/output/customization.d.ts +37 -0
package/dist/output/customization.d.ts.map +1 -0
package/dist/output/customization.js +62 -0
package/dist/output/customization.js.map +1 -0
package/dist/output/send-authorize-page.d.ts +43 -0
package/dist/output/send-authorize-page.d.ts.map +1 -0
package/dist/output/send-authorize-page.js +49 -0
package/dist/output/send-authorize-page.js.map +1 -0
package/dist/output/send-authorize-redirect.d.ts +25 -0
package/dist/output/send-authorize-redirect.d.ts.map +1 -0
package/dist/output/send-authorize-redirect.js +72 -0
package/dist/output/send-authorize-redirect.js.map +1 -0
package/dist/output/send-error-page.d.ts +5 -0
package/dist/output/send-error-page.d.ts.map +1 -0
package/dist/output/send-error-page.js +31 -0
package/dist/output/send-error-page.js.map +1 -0
package/dist/output/send-web-page.d.ts +8 -0
package/dist/output/send-web-page.d.ts.map +1 -0
package/dist/output/send-web-page.js +48 -0
package/dist/output/send-web-page.js.map +1 -0
package/dist/parameters/claims-requested.d.ts +3 -0
package/dist/parameters/claims-requested.d.ts.map +1 -0
package/dist/parameters/claims-requested.js +77 -0
package/dist/parameters/claims-requested.js.map +1 -0
package/dist/parameters/oidc-payload.d.ts +31 -0
package/dist/parameters/oidc-payload.d.ts.map +1 -0
package/dist/parameters/oidc-payload.js +25 -0
package/dist/parameters/oidc-payload.js.map +1 -0
package/dist/replay/replay-manager.d.ts +10 -0
package/dist/replay/replay-manager.d.ts.map +1 -0
package/dist/replay/replay-manager.js +23 -0
package/dist/replay/replay-manager.js.map +1 -0
package/dist/replay/replay-store-memory.d.ts +11 -0
package/dist/replay/replay-store-memory.d.ts.map +1 -0
package/dist/replay/replay-store-memory.js +30 -0
package/dist/replay/replay-store-memory.js.map +1 -0
package/dist/replay/replay-store-redis.d.ts +16 -0
package/dist/replay/replay-store-redis.d.ts.map +1 -0
package/dist/replay/replay-store-redis.js +20 -0
package/dist/replay/replay-store-redis.js.map +1 -0
package/dist/replay/replay-store.d.ts +16 -0
package/dist/replay/replay-store.d.ts.map +1 -0
package/dist/replay/replay-store.js +22 -0
package/dist/replay/replay-store.js.map +1 -0
package/dist/request/code.d.ts +7 -0
package/dist/request/code.d.ts.map +1 -0
package/dist/request/code.js +20 -0
package/dist/request/code.js.map +1 -0
package/dist/request/request-data.d.ts +21 -0
package/dist/request/request-data.d.ts.map +1 -0
package/dist/request/request-data.js +6 -0
package/dist/request/request-data.js.map +1 -0
package/dist/request/request-id.d.ts +6 -0
package/dist/request/request-id.d.ts.map +1 -0
package/dist/request/request-id.js +18 -0
package/dist/request/request-id.js.map +1 -0
package/dist/request/request-info.d.ts +12 -0
package/dist/request/request-info.d.ts.map +1 -0
package/dist/request/request-info.js +3 -0
package/dist/request/request-info.js.map +1 -0
package/dist/request/request-manager.d.ts +40 -0
package/dist/request/request-manager.d.ts.map +1 -0
package/dist/request/request-manager.js +310 -0
package/dist/request/request-manager.js.map +1 -0
package/dist/request/request-store-memory.d.ts +16 -0
package/dist/request/request-store-memory.d.ts.map +1 -0
package/dist/request/request-store-memory.js +31 -0
package/dist/request/request-store-memory.js.map +1 -0
package/dist/request/request-store-redis.d.ts +24 -0
package/dist/request/request-store-redis.d.ts.map +1 -0
package/dist/request/request-store-redis.js +58 -0
package/dist/request/request-store-redis.js.map +1 -0
package/dist/request/request-store.d.ts +27 -0
package/dist/request/request-store.d.ts.map +1 -0
package/dist/request/request-store.js +37 -0
package/dist/request/request-store.js.map +1 -0
package/dist/request/request-uri.d.ts +8 -0
package/dist/request/request-uri.d.ts.map +1 -0
package/dist/request/request-uri.js +24 -0
package/dist/request/request-uri.js.map +1 -0
package/dist/request/types.d.ts +328 -0
package/dist/request/types.d.ts.map +1 -0
package/dist/request/types.js +27 -0
package/dist/request/types.js.map +1 -0
package/dist/signer/signed-token-payload.d.ts +1694 -0
package/dist/signer/signed-token-payload.d.ts.map +1 -0
package/dist/signer/signed-token-payload.js +32 -0
package/dist/signer/signed-token-payload.js.map +1 -0
package/dist/signer/signer.d.ts +193 -0
package/dist/signer/signer.d.ts.map +1 -0
package/dist/signer/signer.js +101 -0
package/dist/signer/signer.js.map +1 -0
package/dist/token/refresh-token.d.ts +7 -0
package/dist/token/refresh-token.d.ts.map +1 -0
package/dist/token/refresh-token.js +20 -0
package/dist/token/refresh-token.js.map +1 -0
package/dist/token/token-claims.d.ts +1687 -0
package/dist/token/token-claims.d.ts.map +1 -0
package/dist/token/token-claims.js +30 -0
package/dist/token/token-claims.js.map +1 -0
package/dist/token/token-data.d.ts +20 -0
package/dist/token/token-data.d.ts.map +1 -0
package/dist/token/token-data.js +3 -0
package/dist/token/token-data.js.map +1 -0
package/dist/token/token-id.d.ts +7 -0
package/dist/token/token-id.d.ts.map +1 -0
package/dist/token/token-id.js +20 -0
package/dist/token/token-id.js.map +1 -0
package/dist/token/token-manager.d.ts +48 -0
package/dist/token/token-manager.d.ts.map +1 -0
package/dist/token/token-manager.js +421 -0
package/dist/token/token-manager.js.map +1 -0
package/dist/token/token-store.d.ts +35 -0
package/dist/token/token-store.d.ts.map +1 -0
package/dist/token/token-store.js +38 -0
package/dist/token/token-store.js.map +1 -0
package/dist/token/types.d.ts +250 -0
package/dist/token/types.d.ts.map +1 -0
package/dist/token/types.js +36 -0
package/dist/token/types.js.map +1 -0
package/dist/token/verify-token-claims.d.ts +17 -0
package/dist/token/verify-token-claims.d.ts.map +1 -0
package/dist/token/verify-token-claims.js +39 -0
package/dist/token/verify-token-claims.js.map +1 -0
package/package.json +83 -0
package/rollup.config.js +55 -0
package/src/access-token/access-token-type.ts +5 -0
package/src/account/account-manager.ts +55 -0
package/src/account/account-store.ts +74 -0
package/src/account/account.ts +10 -0
package/src/assets/app/app.tsx +28 -0
package/src/assets/app/backend-data.ts +65 -0
package/src/assets/app/components/accept-form.tsx +112 -0
package/src/assets/app/components/account-identifier.tsx +18 -0
package/src/assets/app/components/account-picker.tsx +108 -0
package/src/assets/app/components/client-identifier.tsx +32 -0
package/src/assets/app/components/client-name.tsx +30 -0
package/src/assets/app/components/error-card.tsx +41 -0
package/src/assets/app/components/help-card.tsx +42 -0
package/src/assets/app/components/layout-title-page.tsx +43 -0
package/src/assets/app/components/layout-welcome.tsx +58 -0
package/src/assets/app/components/sign-in-form.tsx +290 -0
package/src/assets/app/components/sign-up-account-form.tsx +210 -0
package/src/assets/app/components/sign-up-disclaimer.tsx +44 -0
package/src/assets/app/components/url-viewer.tsx +70 -0
package/src/assets/app/cookies.ts +11 -0
package/src/assets/app/hooks/use-api.ts +104 -0
package/src/assets/app/hooks/use-bound-dispatch.ts +5 -0
package/src/assets/app/hooks/use-csrf-token.ts +5 -0
package/src/assets/app/lib/api.ts +64 -0
package/src/assets/app/lib/clsx.ts +4 -0
package/src/assets/app/lib/util.ts +10 -0
package/src/assets/app/main.css +11 -0
package/src/assets/app/main.tsx +28 -0
package/src/assets/app/views/accept-view.tsx +51 -0
package/src/assets/app/views/authorize-view.tsx +101 -0
package/src/assets/app/views/error-view.tsx +27 -0
package/src/assets/app/views/sign-in-view.tsx +121 -0
package/src/assets/app/views/sign-up-view.tsx +93 -0
package/src/assets/app/views/welcome-view.tsx +61 -0
package/src/assets/asset.ts +8 -0
package/src/assets/assets-middleware.ts +32 -0
package/src/assets/index.ts +74 -0
package/src/client/client-auth.ts +45 -0
package/src/client/client-data.ts +9 -0
package/src/client/client-id.ts +4 -0
package/src/client/client-info.ts +13 -0
package/src/client/client-manager.ts +818 -0
package/src/client/client-store.ts +38 -0
package/src/client/client-utils.ts +43 -0
package/src/client/client.ts +231 -0
package/src/constants.ts +69 -0
package/src/device/device-data.ts +11 -0
package/src/device/device-details.ts +43 -0
package/src/device/device-id.ts +23 -0
package/src/device/device-manager.ts +287 -0
package/src/device/device-store.ts +35 -0
package/src/device/session-id.ts +22 -0
package/src/dpop/dpop-manager.ts +147 -0
package/src/dpop/dpop-nonce.ts +104 -0
package/src/errors/access-denied-error.ts +26 -0
package/src/errors/account-selection-required-error.ts +12 -0
package/src/errors/consent-required-error.ts +12 -0
package/src/errors/invalid-authorization-details-error.ts +22 -0
package/src/errors/invalid-client-error.ts +20 -0
package/src/errors/invalid-client-id-error.ts +20 -0
package/src/errors/invalid-client-metadata-error.ts +19 -0
package/src/errors/invalid-dpop-key-binding-error.ts +21 -0
package/src/errors/invalid-dpop-proof-error.ts +13 -0
package/src/errors/invalid-grant-error.ts +16 -0
package/src/errors/invalid-parameters-error.ts +12 -0
package/src/errors/invalid-redirect-uri-error.ts +17 -0
package/src/errors/invalid-request-error.ts +30 -0
package/src/errors/invalid-token-error.ts +59 -0
package/src/errors/login-required-error.ts +12 -0
package/src/errors/oauth-error.ts +28 -0
package/src/errors/unauthorized-client-error.ts +20 -0
package/src/errors/use-dpop-nonce-error.ts +32 -0
package/src/errors/www-authenticate-error.ts +65 -0
package/src/index.ts +15 -0
package/src/lib/html/README.md +9 -0
package/src/lib/html/build-document.ts +98 -0
package/src/lib/html/escapers.ts +66 -0
package/src/lib/html/html.ts +61 -0
package/src/lib/html/index.ts +5 -0
package/src/lib/html/tags.ts +58 -0
package/src/lib/html/util.ts +21 -0
package/src/lib/http/README.md +11 -0
package/src/lib/http/accept.ts +91 -0
package/src/lib/http/context.ts +11 -0
package/src/lib/http/index.ts +9 -0
package/src/lib/http/method.ts +18 -0
package/src/lib/http/middleware.ts +183 -0
package/src/lib/http/parser.ts +64 -0
package/src/lib/http/path.ts +82 -0
package/src/lib/http/request.ts +141 -0
package/src/lib/http/response.ts +133 -0
package/src/lib/http/route.ts +56 -0
package/src/lib/http/router.ts +118 -0
package/src/lib/http/stream.ts +78 -0
package/src/lib/http/types.ts +22 -0
package/src/lib/http/url.ts +23 -0
package/src/lib/redis.ts +23 -0
package/src/lib/util/authorization-header.ts +26 -0
package/src/lib/util/cast.ts +4 -0
package/src/lib/util/crypto.ts +27 -0
package/src/lib/util/date.ts +7 -0
package/src/lib/util/hostname.ts +19 -0
package/src/lib/util/redirect-uri.ts +46 -0
package/src/lib/util/time.ts +33 -0
package/src/lib/util/type.ts +4 -0
package/src/lib/util/well-known.ts +8 -0
package/src/metadata/build-metadata.ts +165 -0
package/src/oauth-client.ts +3 -0
package/src/oauth-dpop.ts +2 -0
package/src/oauth-errors.ts +21 -0
package/src/oauth-hooks.ts +66 -0
package/src/oauth-provider.ts +1409 -0
package/src/oauth-store.ts +11 -0
package/src/oauth-verifier.ts +219 -0
package/src/oidc/claims.ts +35 -0
package/src/oidc/sub.ts +4 -0
package/src/oidc/userinfo.ts +11 -0
package/src/output/build-error-payload.ts +143 -0
package/src/output/customization.ts +96 -0
package/src/output/send-authorize-page.ts +111 -0
package/src/output/send-authorize-redirect.ts +130 -0
package/src/output/send-error-page.ts +41 -0
package/src/output/send-web-page.ts +66 -0
package/src/parameters/claims-requested.ts +106 -0
package/src/parameters/oidc-payload.ts +28 -0
package/src/replay/replay-manager.ts +38 -0
package/src/replay/replay-store-memory.ts +36 -0
package/src/replay/replay-store-redis.ts +31 -0
package/src/replay/replay-store.ts +44 -0
package/src/request/code.ts +24 -0
package/src/request/request-data.ts +26 -0
package/src/request/request-id.ts +23 -0
package/src/request/request-info.ts +12 -0
package/src/request/request-manager.ts +479 -0
package/src/request/request-store-memory.ts +39 -0
package/src/request/request-store-redis.ts +71 -0
package/src/request/request-store.ts +54 -0
package/src/request/request-uri.ts +29 -0
package/src/request/types.ts +48 -0
package/src/signer/signed-token-payload.ts +35 -0
package/src/signer/signer.ts +165 -0
package/src/token/refresh-token.ts +31 -0
package/src/token/token-claims.ts +31 -0
package/src/token/token-data.ts +33 -0
package/src/token/token-id.ts +26 -0
package/src/token/token-manager.ts +591 -0
package/src/token/token-store.ts +78 -0
package/src/token/types.ts +86 -0
package/src/token/verify-token-claims.ts +65 -0
package/tailwind.config.js +13 -0
package/tsconfig.backend.json +9 -0
package/tsconfig.frontend.json +11 -0
package/tsconfig.json +8 -0
package/tsconfig.tools.json +8 -0

package/dist/replay/replay-store-redis.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"replay-store-redis.js","sourceRoot":"","sources":["../../src/replay/replay-store-redis.ts"],"names":[],"mappings":";;;AAEA,8CAAiE;AASjE,MAAa,gBAAgB;IACV,KAAK,CAAO;IAE7B,YAAY,OAAgC;QAC1C,IAAI,CAAC,KAAK,GAAG,IAAA,sBAAW,EAAC,OAAO,CAAC,KAAK,CAAC,CAAA;IACzC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CACV,SAAiB,EACjB,KAAa,EACb,SAAiB;QAEjB,MAAM,GAAG,GAAG,UAAU,SAAS,IAAI,KAAK,EAAE,CAAA;QAC1C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,CAAC,CAAA;QACnE,OAAO,IAAI,IAAI,IAAI,CAAA;IACrB,CAAC;CACF;AAnBD,4CAmBC"}

package/dist/replay/replay-store.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import { Awaitable } from '../lib/util/type.js';
+export type { Awaitable };
+export interface ReplayStore {
+    /**
+     * Returns true if the nonce is unique within the given time frame. While not
+     * strictly necessary for security purposes, the namespace should be used to
+     * mitigate denial of service attacks from one client to the other.
+     *
+     * @param timeFrame expressed in milliseconds. Will never exceed 24 hours.
+     */
+    unique(namespace: string, nonce: string, timeFrame: number): Awaitable<boolean>;
+}
+export declare function isReplayStore(implementation: Record<string, unknown> & Partial<ReplayStore>): implementation is Record<string, unknown> & ReplayStore;
+export declare function ifReplayStore(implementation?: Record<string, unknown> & Partial<ReplayStore>): ReplayStore | undefined;
+export declare function asReplayStore(implementation?: Record<string, unknown> & Partial<ReplayStore>): ReplayStore;
+//# sourceMappingURL=replay-store.d.ts.map

package/dist/replay/replay-store.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"replay-store.d.ts","sourceRoot":"","sources":["../../src/replay/replay-store.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAA;AAG/C,YAAY,EAAE,SAAS,EAAE,CAAA;AAEzB,MAAM,WAAW,WAAW;IAC1B;;;;;;OAMG;IACH,MAAM,CACJ,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,GAChB,SAAS,CAAC,OAAO,CAAC,CAAA;CACtB;AAED,wBAAgB,aAAa,CAC3B,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,WAAW,CAAC,GAC7D,cAAc,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,WAAW,CAEzD;AAED,wBAAgB,aAAa,CAC3B,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,WAAW,CAAC,GAC9D,WAAW,GAAG,SAAS,CAMzB;AAED,wBAAgB,aAAa,CAC3B,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,WAAW,CAAC,GAC9D,WAAW,CAKb"}

package/dist/replay/replay-store.js ADDED Viewed

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.asReplayStore = exports.ifReplayStore = exports.isReplayStore = void 0;
+function isReplayStore(implementation) {
+    return typeof implementation.unique === 'function';
+}
+exports.isReplayStore = isReplayStore;
+function ifReplayStore(implementation) {
+    if (implementation && isReplayStore(implementation)) {
+        return implementation;
+    }
+    return undefined;
+}
+exports.ifReplayStore = ifReplayStore;
+function asReplayStore(implementation) {
+    const store = ifReplayStore(implementation);
+    if (store)
+        return store;
+    throw new Error('Invalid ReplayStore implementation');
+}
+exports.asReplayStore = asReplayStore;
+//# sourceMappingURL=replay-store.js.map

package/dist/replay/replay-store.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"replay-store.js","sourceRoot":"","sources":["../../src/replay/replay-store.ts"],"names":[],"mappings":";;;AAoBA,SAAgB,aAAa,CAC3B,cAA8D;IAE9D,OAAO,OAAO,cAAc,CAAC,MAAM,KAAK,UAAU,CAAA;AACpD,CAAC;AAJD,sCAIC;AAED,SAAgB,aAAa,CAC3B,cAA+D;IAE/D,IAAI,cAAc,IAAI,aAAa,CAAC,cAAc,CAAC,EAAE,CAAC;QACpD,OAAO,cAAc,CAAA;IACvB,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AARD,sCAQC;AAED,SAAgB,aAAa,CAC3B,cAA+D;IAE/D,MAAM,KAAK,GAAG,aAAa,CAAC,cAAc,CAAC,CAAA;IAC3C,IAAI,KAAK;QAAE,OAAO,KAAK,CAAA;IAEvB,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAA;AACvD,CAAC;AAPD,sCAOC"}

package/dist/request/code.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import { z } from 'zod';
+export declare const CODE_LENGTH: number;
+export declare const codeSchema: z.ZodEffects<z.ZodString, `cod-${string}`, string>;
+export declare const isCode: (data: unknown) => data is `cod-${string}`;
+export type Code = z.infer<typeof codeSchema>;
+export declare const generateCode: () => Promise<Code>;
+//# sourceMappingURL=code.d.ts.map

package/dist/request/code.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"code.d.ts","sourceRoot":"","sources":["../../src/request/code.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAKvB,eAAO,MAAM,WAAW,QAA6C,CAAA;AAErE,eAAO,MAAM,UAAU,oDAQpB,CAAA;AAEH,eAAO,MAAM,MAAM,SAAU,OAAO,4BACA,CAAA;AAEpC,MAAM,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,UAAU,CAAC,CAAA;AAC7C,eAAO,MAAM,YAAY,QAAa,QAAQ,IAAI,CAEjD,CAAA"}

package/dist/request/code.js ADDED Viewed

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateCode = exports.isCode = exports.codeSchema = exports.CODE_LENGTH = void 0;
+const zod_1 = require("zod");
+const constants_js_1 = require("../constants.js");
+const crypto_js_1 = require("../lib/util/crypto.js");
+exports.CODE_LENGTH = constants_js_1.CODE_PREFIX.length + constants_js_1.CODE_BYTES_LENGTH * 2; // hex encoding
+exports.codeSchema = zod_1.z
+    .string()
+    .length(exports.CODE_LENGTH) // hex encoding
+    .refine((v) => v.startsWith(constants_js_1.CODE_PREFIX), {
+    message: `Invalid code format`,
+});
+const isCode = (data) => exports.codeSchema.safeParse(data).success;
+exports.isCode = isCode;
+const generateCode = async () => {
+    return `${constants_js_1.CODE_PREFIX}${await (0, crypto_js_1.randomHexId)(constants_js_1.CODE_BYTES_LENGTH)}`;
+};
+exports.generateCode = generateCode;
+//# sourceMappingURL=code.js.map

package/dist/request/code.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"code.js","sourceRoot":"","sources":["../../src/request/code.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEvB,kDAAgE;AAChE,qDAAmD;AAEtC,QAAA,WAAW,GAAG,0BAAW,CAAC,MAAM,GAAG,gCAAiB,GAAG,CAAC,CAAA,CAAC,eAAe;AAExE,QAAA,UAAU,GAAG,OAAC;KACxB,MAAM,EAAE;KACR,MAAM,CAAC,mBAAW,CAAC,CAAC,eAAe;KACnC,MAAM,CACL,CAAC,CAAC,EAAyC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,0BAAW,CAAC,EACvE;IACE,OAAO,EAAE,qBAAqB;CAC/B,CACF,CAAA;AAEI,MAAM,MAAM,GAAG,CAAC,IAAa,EAAgB,EAAE,CACpD,kBAAU,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,OAAO,CAAA;AADvB,QAAA,MAAM,UACiB;AAG7B,MAAM,YAAY,GAAG,KAAK,IAAmB,EAAE;IACpD,OAAO,GAAG,0BAAW,GAAG,MAAM,IAAA,uBAAW,EAAC,gCAAiB,CAAC,EAAE,CAAA;AAChE,CAAC,CAAA;AAFY,QAAA,YAAY,gBAExB"}

package/dist/request/request-data.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+import { OAuthAuthenticationRequestParameters } from '@atproto/oauth-types';
+import { ClientAuth } from '../client/client-auth.js';
+import { ClientId } from '../client/client-id.js';
+import { DeviceId } from '../device/device-id.js';
+import { Sub } from '../oidc/sub.js';
+import { Code } from './code.js';
+export type RequestData = {
+    clientId: ClientId;
+    clientAuth: ClientAuth;
+    parameters: Readonly<OAuthAuthenticationRequestParameters>;
+    expiresAt: Date;
+    deviceId: DeviceId | null;
+    sub: Sub | null;
+    code: Code | null;
+};
+export type RequestDataAuthorized = RequestData & {
+    sub: Sub;
+    deviceId: DeviceId;
+};
+export declare const isRequestDataAuthorized: (data: RequestData) => data is RequestDataAuthorized;
+//# sourceMappingURL=request-data.d.ts.map

package/dist/request/request-data.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"request-data.d.ts","sourceRoot":"","sources":["../../src/request/request-data.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oCAAoC,EAAE,MAAM,sBAAsB,CAAA;AAE3E,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AACjD,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AACjD,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAA;AACpC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAEhC,MAAM,MAAM,WAAW,GAAG;IACxB,QAAQ,EAAE,QAAQ,CAAA;IAClB,UAAU,EAAE,UAAU,CAAA;IACtB,UAAU,EAAE,QAAQ,CAAC,oCAAoC,CAAC,CAAA;IAC1D,SAAS,EAAE,IAAI,CAAA;IACf,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAA;IACzB,GAAG,EAAE,GAAG,GAAG,IAAI,CAAA;IACf,IAAI,EAAE,IAAI,GAAG,IAAI,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG,WAAW,GAAG;IAChD,GAAG,EAAE,GAAG,CAAA;IACR,QAAQ,EAAE,QAAQ,CAAA;CACnB,CAAA;AAED,eAAO,MAAM,uBAAuB,SAC5B,WAAW,kCAC4D,CAAA"}

package/dist/request/request-data.js ADDED Viewed

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isRequestDataAuthorized = void 0;
+const isRequestDataAuthorized = (data) => data.sub !== null && data.deviceId !== null;
+exports.isRequestDataAuthorized = isRequestDataAuthorized;
+//# sourceMappingURL=request-data.js.map

package/dist/request/request-data.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"request-data.js","sourceRoot":"","sources":["../../src/request/request-data.ts"],"names":[],"mappings":";;;AAuBO,MAAM,uBAAuB,GAAG,CACrC,IAAiB,EACc,EAAE,CAAC,IAAI,CAAC,GAAG,KAAK,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAA;AAFlE,QAAA,uBAAuB,2BAE2C"}

package/dist/request/request-id.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { z } from 'zod';
+export declare const REQUEST_ID_LENGTH: number;
+export declare const requestIdSchema: z.ZodEffects<z.ZodString, `req-${string}`, string>;
+export type RequestId = z.infer<typeof requestIdSchema>;
+export declare const generateRequestId: () => Promise<RequestId>;
+//# sourceMappingURL=request-id.d.ts.map

package/dist/request/request-id.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"request-id.d.ts","sourceRoot":"","sources":["../../src/request/request-id.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAKvB,eAAO,MAAM,iBAAiB,QAC0B,CAAA;AAExD,eAAO,MAAM,eAAe,oDASzB,CAAA;AAEH,MAAM,MAAM,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAA;AACvD,eAAO,MAAM,iBAAiB,QAAa,QAAQ,SAAS,CAE3D,CAAA"}

package/dist/request/request-id.js ADDED Viewed

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateRequestId = exports.requestIdSchema = exports.REQUEST_ID_LENGTH = void 0;
+const zod_1 = require("zod");
+const constants_js_1 = require("../constants.js");
+const crypto_js_1 = require("../lib/util/crypto.js");
+exports.REQUEST_ID_LENGTH = constants_js_1.REQUEST_ID_PREFIX.length + constants_js_1.REQUEST_ID_BYTES_LENGTH * 2; // hex encoding
+exports.requestIdSchema = zod_1.z
+    .string()
+    .length(exports.REQUEST_ID_LENGTH)
+    .refine((v) => v.startsWith(constants_js_1.REQUEST_ID_PREFIX), {
+    message: `Invalid request ID format`,
+});
+const generateRequestId = async () => {
+    return `${constants_js_1.REQUEST_ID_PREFIX}${await (0, crypto_js_1.randomHexId)(constants_js_1.REQUEST_ID_BYTES_LENGTH)}`;
+};
+exports.generateRequestId = generateRequestId;
+//# sourceMappingURL=request-id.js.map

package/dist/request/request-id.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"request-id.js","sourceRoot":"","sources":["../../src/request/request-id.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEvB,kDAA4E;AAC5E,qDAAmD;AAEtC,QAAA,iBAAiB,GAC5B,gCAAiB,CAAC,MAAM,GAAG,sCAAuB,GAAG,CAAC,CAAA,CAAC,eAAe;AAE3D,QAAA,eAAe,GAAG,OAAC;KAC7B,MAAM,EAAE;KACR,MAAM,CAAC,yBAAiB,CAAC;KACzB,MAAM,CACL,CAAC,CAAC,EAA+C,EAAE,CACjD,CAAC,CAAC,UAAU,CAAC,gCAAiB,CAAC,EACjC;IACE,OAAO,EAAE,2BAA2B;CACrC,CACF,CAAA;AAGI,MAAM,iBAAiB,GAAG,KAAK,IAAwB,EAAE;IAC9D,OAAO,GAAG,gCAAiB,GAAG,MAAM,IAAA,uBAAW,EAAC,sCAAuB,CAAC,EAAE,CAAA;AAC5E,CAAC,CAAA;AAFY,QAAA,iBAAiB,qBAE7B"}

package/dist/request/request-info.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { OAuthAuthenticationRequestParameters } from '@atproto/oauth-types';
+import { ClientAuth } from '../client/client-auth.js';
+import { RequestId } from './request-id.js';
+import { RequestUri } from './request-uri.js';
+export type RequestInfo = {
+    id: RequestId;
+    uri: RequestUri;
+    parameters: Readonly<OAuthAuthenticationRequestParameters>;
+    expiresAt: Date;
+    clientAuth: ClientAuth;
+};
+//# sourceMappingURL=request-info.d.ts.map

package/dist/request/request-info.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"request-info.d.ts","sourceRoot":"","sources":["../../src/request/request-info.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oCAAoC,EAAE,MAAM,sBAAsB,CAAA;AAC3E,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C,MAAM,MAAM,WAAW,GAAG;IACxB,EAAE,EAAE,SAAS,CAAA;IACb,GAAG,EAAE,UAAU,CAAA;IACf,UAAU,EAAE,QAAQ,CAAC,oCAAoC,CAAC,CAAA;IAC1D,SAAS,EAAE,IAAI,CAAA;IACf,UAAU,EAAE,UAAU,CAAA;CACvB,CAAA"}

package/dist/request/request-info.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=request-info.js.map

package/dist/request/request-info.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"request-info.js","sourceRoot":"","sources":["../../src/request/request-info.ts"],"names":[],"mappings":""}

package/dist/request/request-manager.d.ts ADDED Viewed

@@ -0,0 +1,40 @@
+import { OAuthAuthenticationRequestParameters, OAuthAuthorizationServerMetadata } from '@atproto/oauth-types';
+import { DeviceAccountInfo } from '../account/account-store.js';
+import { Account } from '../account/account.js';
+import { ClientAuth } from '../client/client-auth.js';
+import { ClientId } from '../client/client-id.js';
+import { Client } from '../client/client.js';
+import { DeviceId } from '../device/device-id.js';
+import { OAuthHooks } from '../oauth-hooks.js';
+import { Signer } from '../signer/signer.js';
+import { Code } from './code.js';
+import { RequestDataAuthorized } from './request-data.js';
+import { RequestInfo } from './request-info.js';
+import { RequestStore } from './request-store.js';
+import { RequestUri } from './request-uri.js';
+export declare class RequestManager {
+    protected readonly store: RequestStore;
+    protected readonly signer: Signer;
+    protected readonly metadata: OAuthAuthorizationServerMetadata;
+    protected readonly hooks: OAuthHooks;
+    protected readonly pkceRequired: boolean;
+    protected readonly tokenMaxAge: number;
+    constructor(store: RequestStore, signer: Signer, metadata: OAuthAuthorizationServerMetadata, hooks: OAuthHooks, pkceRequired?: boolean, tokenMaxAge?: number);
+    protected createTokenExpiry(): Date;
+    createAuthorizationRequest(client: Client, clientAuth: ClientAuth, input: Readonly<OAuthAuthenticationRequestParameters>, deviceId: null | DeviceId, dpopJkt: null | string): Promise<RequestInfo>;
+    protected create(client: Client, clientAuth: ClientAuth, parameters: Readonly<OAuthAuthenticationRequestParameters>, deviceId?: null | DeviceId): Promise<RequestInfo>;
+    validate(client: Client, clientAuth: ClientAuth, parameters: Readonly<OAuthAuthenticationRequestParameters>, dpopJkt: null | string, pkceRequired?: boolean): Promise<Readonly<OAuthAuthenticationRequestParameters>>;
+    get(uri: RequestUri, clientId: ClientId, deviceId: DeviceId): Promise<RequestInfo>;
+    setAuthorized(client: Client, uri: RequestUri, deviceId: DeviceId, account: Account, info: DeviceAccountInfo): Promise<{
+        code?: Code;
+        token?: string;
+        id_token?: string;
+    }>;
+    /**
+     * @note If this method throws an error, any token previously generated from
+     * the same `code` **must** me revoked.
+     */
+    findCode(client: Client, clientAuth: ClientAuth, code: Code): Promise<RequestDataAuthorized>;
+    delete(uri: RequestUri): Promise<void>;
+}
+//# sourceMappingURL=request-manager.d.ts.map

package/dist/request/request-manager.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"request-manager.d.ts","sourceRoot":"","sources":["../../src/request/request-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,oCAAoC,EACpC,gCAAgC,EACjC,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAA;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AACjD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAM5C,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AAOjD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAE9C,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAC5C,OAAO,EAAE,IAAI,EAAgB,MAAM,WAAW,CAAA;AAC9C,OAAO,EAEL,qBAAqB,EACtB,MAAM,mBAAmB,CAAA;AAE1B,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAC/C,OAAO,EAAE,YAAY,EAAqB,MAAM,oBAAoB,CAAA;AACpE,OAAO,EAGL,UAAU,EACX,MAAM,kBAAkB,CAAA;AAEzB,qBAAa,cAAc;IAEvB,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,YAAY;IACtC,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM;IACjC,SAAS,CAAC,QAAQ,CAAC,QAAQ,EAAE,gCAAgC;IAC7D,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,UAAU;IACpC,SAAS,CAAC,QAAQ,CAAC,YAAY;IAC/B,SAAS,CAAC,QAAQ,CAAC,WAAW;gBALX,KAAK,EAAE,YAAY,EACnB,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,gCAAgC,EAC1C,KAAK,EAAE,UAAU,EACjB,YAAY,UAAO,EACnB,WAAW,SAAgB;IAGhD,SAAS,CAAC,iBAAiB;IAIrB,0BAA0B,CAC9B,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,QAAQ,CAAC,oCAAoC,CAAC,EACrD,QAAQ,EAAE,IAAI,GAAG,QAAQ,EACzB,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,WAAW,CAAC;cAKP,MAAM,CACpB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,UAAU,EAAE,QAAQ,CAAC,oCAAoC,CAAC,EAC1D,QAAQ,GAAE,IAAI,GAAG,QAAe,GAC/B,OAAO,CAAC,WAAW,CAAC;IAkBjB,QAAQ,CACZ,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,UAAU,EAAE,QAAQ,CAAC,oCAAoC,CAAC,EAC1D,OAAO,EAAE,IAAI,GAAG,MAAM,EACtB,YAAY,UAAoB,GAC/B,OAAO,CAAC,QAAQ,CAAC,oCAAoC,CAAC,CAAC;IAmMpD,GAAG,CACP,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,EAClB,QAAQ,EAAE,QAAQ,GACjB,OAAO,CAAC,WAAW,CAAC;IA2DjB,aAAa,CACjB,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,EAClB,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,iBAAiB,GACtB,OAAO,CAAC;QAAE,IAAI,CAAC,EAAE,IAAI,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAiE9D;;;OAGG;IACU,QAAQ,CACnB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,IAAI,EAAE,IAAI,GACT,OAAO,CAAC,qBAAqB,CAAC;IA2C3B,MAAM,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;CAI7C"}

package/dist/request/request-manager.js ADDED Viewed

@@ -0,0 +1,310 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RequestManager = void 0;
+const oauth_types_1 = require("@atproto/oauth-types");
+const constants_js_1 = require("../constants.js");
+const access_denied_error_js_1 = require("../errors/access-denied-error.js");
+const consent_required_error_js_1 = require("../errors/consent-required-error.js");
+const invalid_grant_error_js_1 = require("../errors/invalid-grant-error.js");
+const invalid_parameters_error_js_1 = require("../errors/invalid-parameters-error.js");
+const invalid_request_error_js_1 = require("../errors/invalid-request-error.js");
+const redirect_uri_js_1 = require("../lib/util/redirect-uri.js");
+const claims_js_1 = require("../oidc/claims.js");
+const code_js_1 = require("./code.js");
+const request_data_js_1 = require("./request-data.js");
+const request_id_js_1 = require("./request-id.js");
+const request_uri_js_1 = require("./request-uri.js");
+class RequestManager {
+    store;
+    signer;
+    metadata;
+    hooks;
+    pkceRequired;
+    tokenMaxAge;
+    constructor(store, signer, metadata, hooks, pkceRequired = true, tokenMaxAge = constants_js_1.TOKEN_MAX_AGE) {
+        this.store = store;
+        this.signer = signer;
+        this.metadata = metadata;
+        this.hooks = hooks;
+        this.pkceRequired = pkceRequired;
+        this.tokenMaxAge = tokenMaxAge;
+    }
+    createTokenExpiry() {
+        return new Date(Date.now() + this.tokenMaxAge);
+    }
+    async createAuthorizationRequest(client, clientAuth, input, deviceId, dpopJkt) {
+        const parameters = await this.validate(client, clientAuth, input, dpopJkt);
+        return this.create(client, clientAuth, parameters, deviceId);
+    }
+    async create(client, clientAuth, parameters, deviceId = null) {
+        const expiresAt = new Date(Date.now() + constants_js_1.PAR_EXPIRES_IN);
+        const id = await (0, request_id_js_1.generateRequestId)();
+        await this.store.createRequest(id, {
+            clientId: client.id,
+            clientAuth,
+            parameters,
+            expiresAt,
+            deviceId,
+            sub: null,
+            code: null,
+        });
+        const uri = (0, request_uri_js_1.encodeRequestUri)(id);
+        return { id, uri, expiresAt, parameters, clientAuth };
+    }
+    async validate(client, clientAuth, parameters, dpopJkt, pkceRequired = this.pkceRequired) {
+        // https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-10#section-1.4.1
+        // > The authorization server MAY fully or partially ignore the scope
+        // > requested by the client, based on the authorization server policy or
+        // > the resource owner's instructions. If the issued access token scope is
+        // > different from the one requested by the client, the authorization
+        // > server MUST include the scope response parameter in the token response
+        // > (Section 3.2.3) to inform the client of the actual scope granted.
+        const cScopes = client.metadata.scope?.split(' ');
+        const sScopes = this.metadata.scopes_supported;
+        const scopes = (parameters.scope || client.metadata.scope)
+            ?.split(' ')
+            .filter((scope) => !!scope && (sScopes?.includes(scope) ?? true)) ?? [];
+        for (const scope of scopes) {
+            if (!cScopes?.includes(scope)) {
+                throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Scope "${scope}" is not registered for this client`);
+            }
+        }
+        for (const [scope, claims] of Object.entries(claims_js_1.OIDC_SCOPE_CLAIMS)) {
+            for (const claim of claims) {
+                if (parameters?.claims?.id_token?.[claim]?.essential === true ||
+                    parameters?.claims?.userinfo?.[claim]?.essential === true) {
+                    if (!scopes?.includes(scope)) {
+                        throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Essential ${claim} claim requires "${scope}" scope`);
+                    }
+                }
+            }
+        }
+        parameters = { ...parameters, scope: scopes.join(' ') };
+        const responseTypes = parameters.response_type.split(' ');
+        if (parameters.authorization_details) {
+            const clientAuthDetailsTypes = client.metadata.authorization_details_types;
+            if (!clientAuthDetailsTypes) {
+                throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'Client Metadata does not declare any "authorization_details"');
+            }
+            for (const detail of parameters.authorization_details) {
+                if (!clientAuthDetailsTypes?.includes(detail.type)) {
+                    throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Unsupported "authorization_details" type "${detail.type}"`);
+                }
+            }
+        }
+        const { redirect_uri } = parameters;
+        if (redirect_uri &&
+            !client.metadata.redirect_uris.some((uri) => (0, redirect_uri_js_1.compareRedirectUri)(uri, redirect_uri))) {
+            throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Invalid redirect_uri ${redirect_uri} (allowed: ${client.metadata.redirect_uris.join(' ')})`);
+        }
+        // https://datatracker.ietf.org/doc/html/rfc9449#section-10
+        if (!parameters.dpop_jkt) {
+            if (dpopJkt)
+                parameters = { ...parameters, dpop_jkt: dpopJkt };
+        }
+        else if (parameters.dpop_jkt !== dpopJkt) {
+            throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'DPoP header and dpop_jkt do not match');
+        }
+        if (clientAuth.method === oauth_types_1.CLIENT_ASSERTION_TYPE_JWT_BEARER) {
+            if (parameters.dpop_jkt && clientAuth.jkt === parameters.dpop_jkt) {
+                throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'The DPoP proof must be signed with a different key than the client assertion');
+            }
+        }
+        if (!client.metadata.response_types.includes(parameters.response_type)) {
+            throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Unsupported response_type "${parameters.response_type}"`, 'unsupported_response_type');
+        }
+        if (pkceRequired && responseTypes.includes('token')) {
+            throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Response type "${parameters.response_type}" is incompatible with PKCE`, 'unsupported_response_type');
+        }
+        // https://datatracker.ietf.org/doc/html/rfc7636#section-4.4.1
+        if (pkceRequired && !parameters.code_challenge) {
+            throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'code_challenge is required');
+        }
+        if (parameters.code_challenge &&
+            clientAuth.method === 'none' &&
+            (parameters.code_challenge_method ?? 'plain') === 'plain') {
+            throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'code_challenge_method=plain requires client authentication');
+        }
+        // https://datatracker.ietf.org/doc/html/rfc7636#section-4.3
+        if (parameters.code_challenge_method && !parameters.code_challenge) {
+            throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'code_challenge_method requires code_challenge');
+        }
+        // https://openid.net/specs/openid-connect-core-1_0.html#HybridAuthRequest
+        //
+        // > nonce: REQUIRED if the Response Type of the request is "code id_token" or
+        // >   "code id_token token" and OPTIONAL when the Response Type of the
+        // >   request is "code token". It is a string value used to associate a
+        // >   Client session with an ID Token, and to mitigate replay attacks. The
+        // >   value is passed through unmodified from the Authentication Request to
+        // >   the ID Token. Sufficient entropy MUST be present in the nonce values
+        // >   used to prevent attackers from guessing values. For implementation
+        // >   notes, see Section 15.5.2.
+        if (responseTypes.includes('id_token') && !parameters.nonce) {
+            throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'nonce is required for implicit and hybrid flows');
+        }
+        // Make "expensive" checks after the "cheaper" checks
+        if (parameters.id_token_hint != null) {
+            const { payload } = await this.signer.verify(parameters.id_token_hint, {
+                // these are meant to be outdated when used as a hint
+                clockTolerance: Infinity,
+            });
+            if (!payload.sub) {
+                throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Unexpected empty id_token_hint "sub"`);
+            }
+            else if (parameters.login_hint == null) {
+                parameters = { ...parameters, login_hint: payload.sub };
+            }
+            else if (parameters.login_hint !== payload.sub) {
+                throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'login_hint does not match "sub" of id_token_hint');
+            }
+        }
+        // ATPROTO extension: if the client is not trusted, force users to consent
+        // to authorization requests. We do this to avoid unauthenticated clients
+        // from being able to silently re-authenticate users.
+        if (clientAuth.method === 'none' && !client.info.isFirstParty) {
+            if (parameters.prompt === 'none') {
+                throw new consent_required_error_js_1.ConsentRequiredError(parameters, 'Public clients are not allowed to use silent-sign-on');
+            }
+            // force "consent" for unauthenticated, third party clients
+            parameters = { ...parameters, prompt: 'consent' };
+        }
+        return parameters;
+    }
+    async get(uri, clientId, deviceId) {
+        const id = (0, request_uri_js_1.decodeRequestUri)(uri);
+        const data = await this.store.readRequest(id);
+        if (!data)
+            throw new invalid_request_error_js_1.InvalidRequestError(`Unknown request_uri "${uri}"`);
+        const updates = {};
+        try {
+            if (data.sub || data.code) {
+                // If an account was linked to the request, the next step is to exchange
+                // the code for a token.
+                throw new access_denied_error_js_1.AccessDeniedError(data.parameters, 'This request was already authorized');
+            }
+            if (data.expiresAt < new Date()) {
+                throw new access_denied_error_js_1.AccessDeniedError(data.parameters, 'This request has expired');
+            }
+            else {
+                updates.expiresAt = new Date(Date.now() + constants_js_1.AUTHORIZATION_INACTIVITY_TIMEOUT);
+            }
+            if (data.clientId !== clientId) {
+                throw new access_denied_error_js_1.AccessDeniedError(data.parameters, 'This request was initiated for another client');
+            }
+            if (!data.deviceId) {
+                updates.deviceId = deviceId;
+            }
+            else if (data.deviceId !== deviceId) {
+                throw new access_denied_error_js_1.AccessDeniedError(data.parameters, 'This request was initiated from another device');
+            }
+        }
+        catch (err) {
+            await this.store.deleteRequest(id);
+            throw err;
+        }
+        if (Object.keys(updates).length > 0) {
+            await this.store.updateRequest(id, updates);
+        }
+        return {
+            id,
+            uri,
+            expiresAt: updates.expiresAt || data.expiresAt,
+            parameters: data.parameters,
+            clientAuth: data.clientAuth,
+        };
+    }
+    async setAuthorized(client, uri, deviceId, account, info) {
+        const id = (0, request_uri_js_1.decodeRequestUri)(uri);
+        const data = await this.store.readRequest(id);
+        if (!data)
+            throw new invalid_request_error_js_1.InvalidRequestError(`Unknown request_uri "${uri}"`);
+        try {
+            if (data.expiresAt < new Date()) {
+                throw new access_denied_error_js_1.AccessDeniedError(data.parameters, 'This request has expired');
+            }
+            if (!data.deviceId) {
+                throw new access_denied_error_js_1.AccessDeniedError(data.parameters, 'This request was not initiated');
+            }
+            if (data.deviceId !== deviceId) {
+                throw new access_denied_error_js_1.AccessDeniedError(data.parameters, 'This request was initiated from another device');
+            }
+            if (data.sub || data.code) {
+                throw new access_denied_error_js_1.AccessDeniedError(data.parameters, 'This request was already authorized');
+            }
+            const responseType = data.parameters.response_type.split(' ');
+            if (responseType.includes('token')) {
+                throw new access_denied_error_js_1.AccessDeniedError(data.parameters, 'Implicit "token" forbidden (use "code" with PKCE instead)');
+            }
+            const code = responseType.includes('code')
+                ? await (0, code_js_1.generateCode)()
+                : undefined;
+            // Bind the request to the account, preventing it from being used again.
+            await this.store.updateRequest(id, {
+                sub: account.sub,
+                code,
+                // Allow the client to exchange the code for a token within the next 60 seconds.
+                expiresAt: new Date(Date.now() + constants_js_1.AUTHORIZATION_INACTIVITY_TIMEOUT),
+            });
+            const id_token = responseType.includes('id_token')
+                ? await this.signer.idToken(client, data.parameters, account, {
+                    auth_time: info.authenticatedAt,
+                    exp: this.createTokenExpiry(),
+                    code,
+                })
+                : undefined;
+            return { code, id_token };
+        }
+        catch (err) {
+            await this.store.deleteRequest(id);
+            throw err;
+        }
+    }
+    /**
+     * @note If this method throws an error, any token previously generated from
+     * the same `code` **must** me revoked.
+     */
+    async findCode(client, clientAuth, code) {
+        const result = await this.store.findRequestByCode(code);
+        if (!result)
+            throw new invalid_grant_error_js_1.InvalidGrantError('Invalid code');
+        try {
+            const { data } = result;
+            if (!(0, request_data_js_1.isRequestDataAuthorized)(data)) {
+                // Should never happen: maybe the store implementation is faulty ?
+                throw new Error('Unexpected request state');
+            }
+            if (data.clientId !== client.id) {
+                throw new invalid_grant_error_js_1.InvalidGrantError('This code was issued for another client');
+            }
+            if (data.expiresAt < new Date()) {
+                throw new invalid_grant_error_js_1.InvalidGrantError('This code has expired');
+            }
+            if (data.clientAuth.method === 'none') {
+                // If the client did not use PAR, it was not authenticated when the
+                // request was created (see authorize() method above). Since PAR is not
+                // mandatory, and since the token exchange currently taking place *is*
+                // authenticated (`clientAuth`), we allow "upgrading" the authentication
+                // method (the token created will be bound to the current clientAuth).
+            }
+            else {
+                if (clientAuth.method !== data.clientAuth.method) {
+                    throw new invalid_grant_error_js_1.InvalidGrantError('Invalid client authentication');
+                }
+                if (!(await client.validateClientAuth(data.clientAuth))) {
+                    throw new invalid_grant_error_js_1.InvalidGrantError('Invalid client authentication');
+                }
+            }
+            return data;
+        }
+        finally {
+            // A "code" can only be used once
+            await this.store.deleteRequest(result.id);
+        }
+    }
+    async delete(uri) {
+        const id = (0, request_uri_js_1.decodeRequestUri)(uri);
+        await this.store.deleteRequest(id);
+    }
+}
+exports.RequestManager = RequestManager;
+//# sourceMappingURL=request-manager.js.map

package/dist/request/request-manager.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"request-manager.js","sourceRoot":"","sources":["../../src/request/request-manager.ts"],"names":[],"mappings":";;;AAAA,sDAI6B;AAO7B,kDAIwB;AAExB,6EAAoE;AACpE,mFAA0E;AAC1E,6EAAoE;AACpE,uFAA8E;AAC9E,iFAAwE;AACxE,iEAAgE;AAEhE,iDAAqD;AAErD,uCAA8C;AAC9C,uDAG0B;AAC1B,mDAAmD;AAGnD,qDAIyB;AAEzB,MAAa,cAAc;IAEJ;IACA;IACA;IACA;IACA;IACA;IANrB,YACqB,KAAmB,EACnB,MAAc,EACd,QAA0C,EAC1C,KAAiB,EACjB,eAAe,IAAI,EACnB,cAAc,4BAAa;QAL3B,UAAK,GAAL,KAAK,CAAc;QACnB,WAAM,GAAN,MAAM,CAAQ;QACd,aAAQ,GAAR,QAAQ,CAAkC;QAC1C,UAAK,GAAL,KAAK,CAAY;QACjB,iBAAY,GAAZ,YAAY,CAAO;QACnB,gBAAW,GAAX,WAAW,CAAgB;IAC7C,CAAC;IAEM,iBAAiB;QACzB,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,0BAA0B,CAC9B,MAAc,EACd,UAAsB,EACtB,KAAqD,EACrD,QAAyB,EACzB,OAAsB;QAEtB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,CAAC,CAAA;QAC1E,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAA;IAC9D,CAAC;IAES,KAAK,CAAC,MAAM,CACpB,MAAc,EACd,UAAsB,EACtB,UAA0D,EAC1D,WAA4B,IAAI;QAEhC,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,6BAAc,CAAC,CAAA;QACvD,MAAM,EAAE,GAAG,MAAM,IAAA,iCAAiB,GAAE,CAAA;QAEpC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE;YACjC,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,UAAU;YACV,UAAU;YACV,SAAS;YACT,QAAQ;YACR,GAAG,EAAE,IAAI;YACT,IAAI,EAAE,IAAI;SACX,CAAC,CAAA;QAEF,MAAM,GAAG,GAAG,IAAA,iCAAgB,EAAC,EAAE,CAAC,CAAA;QAChC,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU,EAAE,CAAA;IACvD,CAAC;IAED,KAAK,CAAC,QAAQ,CACZ,MAAc,EACd,UAAsB,EACtB,UAA0D,EAC1D,OAAsB,EACtB,YAAY,GAAG,IAAI,CAAC,YAAY;QAEhC,+EAA+E;QAC/E,qEAAqE;QACrE,yEAAyE;QACzE,2EAA2E;QAC3E,sEAAsE;QACtE,2EAA2E;QAC3E,sEAAsE;QAEtE,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAA;QAE9C,MAAM,MAAM,GACV,CAAC,UAAU,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;YACzC,EAAE,KAAK,CAAC,GAAG,CAAC;aACX,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,EAAE,CAAA;QAE3E,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,UAAU,KAAK,qCAAqC,CACrD,CAAA;YACH,CAAC;QACH,CAAC;QAED,KAAK,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,6BAAiB,CAAC,EAAE,CAAC;YAChE,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;gBAC3B,IACE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,KAAK,CAAC,EAAE,SAAS,KAAK,IAAI;oBACzD,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,KAAK,CAAC,EAAE,SAAS,KAAK,IAAI,EACzD,CAAC;oBACD,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;wBAC7B,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,aAAa,KAAK,oBAAoB,KAAK,SAAS,CACrD,CAAA;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAA;QAEvD,MAAM,aAAa,GAAG,UAAU,CAAC,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAEzD,IAAI,UAAU,CAAC,qBAAqB,EAAE,CAAC;YACrC,MAAM,sBAAsB,GAAG,MAAM,CAAC,QAAQ,CAAC,2BAA2B,CAAA;YAC1E,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBAC5B,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,8DAA8D,CAC/D,CAAA;YACH,CAAC;YAED,KAAK,MAAM,MAAM,IAAI,UAAU,CAAC,qBAAqB,EAAE,CAAC;gBACtD,IAAI,CAAC,sBAAsB,EAAE,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBACnD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,6CAA6C,MAAM,CAAC,IAAI,GAAG,CAC5D,CAAA;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,EAAE,YAAY,EAAE,GAAG,UAAU,CAAA;QACnC,IACE,YAAY;YACZ,CAAC,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAC1C,IAAA,oCAAkB,EAAC,GAAG,EAAE,YAAY,CAAC,CACtC,EACD,CAAC;YACD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,wBAAwB,YAAY,cAAc,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAC7F,CAAA;QACH,CAAC;QAED,2DAA2D;QAC3D,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;YACzB,IAAI,OAAO;gBAAE,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAA;QAChE,CAAC;aAAM,IAAI,UAAU,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YAC3C,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,uCAAuC,CACxC,CAAA;QACH,CAAC;QAED,IAAI,UAAU,CAAC,MAAM,KAAK,8CAAgC,EAAE,CAAC;YAC3D,IAAI,UAAU,CAAC,QAAQ,IAAI,UAAU,CAAC,GAAG,KAAK,UAAU,CAAC,QAAQ,EAAE,CAAC;gBAClE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,8EAA8E,CAC/E,CAAA;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAC,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;YACvE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,8BAA8B,UAAU,CAAC,aAAa,GAAG,EACzD,2BAA2B,CAC5B,CAAA;QACH,CAAC;QAED,IAAI,YAAY,IAAI,aAAa,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YACpD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,kBAAkB,UAAU,CAAC,aAAa,6BAA6B,EACvE,2BAA2B,CAC5B,CAAA;QACH,CAAC;QAED,8DAA8D;QAC9D,IAAI,YAAY,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;YAC/C,MAAM,IAAI,oDAAsB,CAAC,UAAU,EAAE,4BAA4B,CAAC,CAAA;QAC5E,CAAC;QAED,IACE,UAAU,CAAC,cAAc;YACzB,UAAU,CAAC,MAAM,KAAK,MAAM;YAC5B,CAAC,UAAU,CAAC,qBAAqB,IAAI,OAAO,CAAC,KAAK,OAAO,EACzD,CAAC;YACD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,4DAA4D,CAC7D,CAAA;QACH,CAAC;QAED,4DAA4D;QAC5D,IAAI,UAAU,CAAC,qBAAqB,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;YACnE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,+CAA+C,CAChD,CAAA;QACH,CAAC;QAED,0EAA0E;QAC1E,EAAE;QACF,8EAA8E;QAC9E,uEAAuE;QACvE,wEAAwE;QACxE,2EAA2E;QAC3E,4EAA4E;QAC5E,2EAA2E;QAC3E,yEAAyE;QACzE,iCAAiC;QACjC,IAAI,aAAa,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YAC5D,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,iDAAiD,CAClD,CAAA;QACH,CAAC;QAED,qDAAqD;QAErD,IAAI,UAAU,CAAC,aAAa,IAAI,IAAI,EAAE,CAAC;YACrC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,aAAa,EAAE;gBACrE,qDAAqD;gBACrD,cAAc,EAAE,QAAQ;aACzB,CAAC,CAAA;YAEF,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;gBACjB,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,sCAAsC,CACvC,CAAA;YACH,CAAC;iBAAM,IAAI,UAAU,CAAC,UAAU,IAAI,IAAI,EAAE,CAAC;gBACzC,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,GAAG,EAAE,CAAA;YACzD,CAAC;iBAAM,IAAI,UAAU,CAAC,UAAU,KAAK,OAAO,CAAC,GAAG,EAAE,CAAC;gBACjD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,kDAAkD,CACnD,CAAA;YACH,CAAC;QACH,CAAC;QAED,0EAA0E;QAC1E,yEAAyE;QACzE,qDAAqD;QACrD,IAAI,UAAU,CAAC,MAAM,KAAK,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YAC9D,IAAI,UAAU,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBACjC,MAAM,IAAI,gDAAoB,CAC5B,UAAU,EACV,sDAAsD,CACvD,CAAA;YACH,CAAC;YAED,2DAA2D;YAC3D,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,CAAA;QACnD,CAAC;QAED,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,KAAK,CAAC,GAAG,CACP,GAAe,EACf,QAAkB,EAClB,QAAkB;QAElB,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAEhC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,8CAAmB,CAAC,wBAAwB,GAAG,GAAG,CAAC,CAAA;QAExE,MAAM,OAAO,GAAsB,EAAE,CAAA;QAErC,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,wEAAwE;gBACxE,wBAAwB;gBACxB,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,qCAAqC,CACtC,CAAA;YACH,CAAC;YAED,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,IAAI,CAAC,UAAU,EAAE,0BAA0B,CAAC,CAAA;YAC1E,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,SAAS,GAAG,IAAI,IAAI,CAC1B,IAAI,CAAC,GAAG,EAAE,GAAG,+CAAgC,CAC9C,CAAA;YACH,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC/B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,+CAA+C,CAChD,CAAA;YACH,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnB,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAA;YAC7B,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACtC,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gDAAgD,CACjD,CAAA;YACH,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;YAClC,MAAM,GAAG,CAAA;QACX,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE,OAAO,CAAC,CAAA;QAC7C,CAAC;QAED,OAAO;YACL,EAAE;YACF,GAAG;YACH,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS;YAC9C,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B,CAAA;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,MAAc,EACd,GAAe,EACf,QAAkB,EAClB,OAAgB,EAChB,IAAuB;QAEvB,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAEhC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,8CAAmB,CAAC,wBAAwB,GAAG,GAAG,CAAC,CAAA;QAExE,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,IAAI,CAAC,UAAU,EAAE,0BAA0B,CAAC,CAAA;YAC1E,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnB,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gCAAgC,CACjC,CAAA;YACH,CAAC;YACD,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC/B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gDAAgD,CACjD,CAAA;YACH,CAAC;YACD,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,qCAAqC,CACtC,CAAA;YACH,CAAC;YAED,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAE7D,IAAI,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBACnC,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,2DAA2D,CAC5D,CAAA;YACH,CAAC;YAED,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACxC,CAAC,CAAC,MAAM,IAAA,sBAAY,GAAE;gBACtB,CAAC,CAAC,SAAS,CAAA;YAEb,wEAAwE;YACxE,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE;gBACjC,GAAG,EAAE,OAAO,CAAC,GAAG;gBAChB,IAAI;gBACJ,gFAAgF;gBAChF,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,+CAAgC,CAAC;aACnE,CAAC,CAAA;YAEF,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC;gBAChD,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,EAAE;oBAC1D,SAAS,EAAE,IAAI,CAAC,eAAe;oBAC/B,GAAG,EAAE,IAAI,CAAC,iBAAiB,EAAE;oBAC7B,IAAI;iBACL,CAAC;gBACJ,CAAC,CAAC,SAAS,CAAA;YAEb,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAA;QAC3B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;YAClC,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAc,EACd,UAAsB,EACtB,IAAU;QAEV,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAA;QACvD,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,0CAAiB,CAAC,cAAc,CAAC,CAAA;QAExD,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,CAAA;YAEvB,IAAI,CAAC,IAAA,yCAAuB,EAAC,IAAI,CAAC,EAAE,CAAC;gBACnC,kEAAkE;gBAClE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;YAC7C,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,yCAAyC,CAAC,CAAA;YACxE,CAAC;YAED,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,uBAAuB,CAAC,CAAA;YACtD,CAAC;YAED,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBACtC,mEAAmE;gBACnE,uEAAuE;gBACvE,sEAAsE;gBACtE,wEAAwE;gBACxE,sEAAsE;YACxE,CAAC;iBAAM,CAAC;gBACN,IAAI,UAAU,CAAC,MAAM,KAAK,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;oBACjD,MAAM,IAAI,0CAAiB,CAAC,+BAA+B,CAAC,CAAA;gBAC9D,CAAC;gBAED,IAAI,CAAC,CAAC,MAAM,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;oBACxD,MAAM,IAAI,0CAAiB,CAAC,+BAA+B,CAAC,CAAA;gBAC9D,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAA;QACb,CAAC;gBAAS,CAAC;YACT,iCAAiC;YACjC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;QAC3C,CAAC;IACH,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAe;QAC1B,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAChC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;IACpC,CAAC;CACF;AAtbD,wCAsbC"}

package/dist/request/request-store-memory.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import { Code } from './code.js';
+import { RequestId } from './request-id.js';
+import { RequestData } from './request-data.js';
+import { RequestStore } from './request-store.js';
+export declare class RequestStoreMemory implements RequestStore {
+    #private;
+    readRequest(id: RequestId): Promise<RequestData | null>;
+    createRequest(id: RequestId, data: RequestData): Promise<void>;
+    updateRequest(id: RequestId, data: Partial<RequestData>): Promise<void>;
+    deleteRequest(id: RequestId): Promise<void>;
+    findRequestByCode(code: Code): Promise<{
+        id: RequestId;
+        data: RequestData;
+    } | null>;
+}
+//# sourceMappingURL=request-store-memory.d.ts.map

package/dist/request/request-store-memory.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"request-store-memory.d.ts","sourceRoot":"","sources":["../../src/request/request-store-memory.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAChC,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAEjD,qBAAa,kBAAmB,YAAW,YAAY;;IAG/C,WAAW,CAAC,EAAE,EAAE,SAAS,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAIvD,aAAa,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9D,aAAa,CACjB,EAAE,EAAE,SAAS,EACb,IAAI,EAAE,OAAO,CAAC,WAAW,CAAC,GACzB,OAAO,CAAC,IAAI,CAAC;IAOV,aAAa,CAAC,EAAE,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;IAI3C,iBAAiB,CACrB,IAAI,EAAE,IAAI,GACT,OAAO,CAAC;QAAE,EAAE,EAAE,SAAS,CAAC;QAAC,IAAI,EAAE,WAAW,CAAA;KAAE,GAAG,IAAI,CAAC;CAMxD"}

package/dist/request/request-store-memory.js ADDED Viewed

@@ -0,0 +1,31 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RequestStoreMemory = void 0;
+class RequestStoreMemory {
+    #requests = new Map();
+    async readRequest(id) {
+        return this.#requests.get(id) ?? null;
+    }
+    async createRequest(id, data) {
+        this.#requests.set(id, data);
+    }
+    async updateRequest(id, data) {
+        const current = this.#requests.get(id);
+        if (!current)
+            throw new Error('Request not found');
+        const newData = { ...current, ...data };
+        this.#requests.set(id, newData);
+    }
+    async deleteRequest(id) {
+        this.#requests.delete(id);
+    }
+    async findRequestByCode(code) {
+        for (const [id, data] of this.#requests) {
+            if (data.code === code)
+                return { id, data };
+        }
+        return null;
+    }
+}
+exports.RequestStoreMemory = RequestStoreMemory;
+//# sourceMappingURL=request-store-memory.js.map

package/dist/request/request-store-memory.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"request-store-memory.js","sourceRoot":"","sources":["../../src/request/request-store-memory.ts"],"names":[],"mappings":";;;AAKA,MAAa,kBAAkB;IAC7B,SAAS,GAAG,IAAI,GAAG,EAA0B,CAAA;IAE7C,KAAK,CAAC,WAAW,CAAC,EAAa;QAC7B,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,IAAI,CAAA;IACvC,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,EAAa,EAAE,IAAiB;QAClD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;IAC9B,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,EAAa,EACb,IAA0B;QAE1B,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACtC,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAA;QAClD,MAAM,OAAO,GAAG,EAAE,GAAG,OAAO,EAAE,GAAG,IAAI,EAAE,CAAA;QACvC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,CAAC,CAAA;IACjC,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,EAAa;QAC/B,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IAC3B,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,IAAU;QAEV,KAAK,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACxC,IAAI,IAAI,CAAC,IAAI,KAAK,IAAI;gBAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAA;QAC7C,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;CACF;AAjCD,gDAiCC"}