npm - @atproto/oauth-provider - Versions diffs - 0.1.0 - Mend

@atproto/oauth-provider 0.1.0

Files changed (631) hide show

package/.postcssrc.yml +3 -0
package/CHANGELOG.md +19 -0
package/LICENSE.txt +7 -0
package/dist/access-token/access-token-type.d.ts +6 -0
package/dist/access-token/access-token-type.d.ts.map +1 -0
package/dist/access-token/access-token-type.js +10 -0
package/dist/access-token/access-token-type.js.map +1 -0
package/dist/account/account-manager.d.ts +14 -0
package/dist/account/account-manager.d.ts.map +1 -0
package/dist/account/account-manager.js +39 -0
package/dist/account/account-manager.js.map +1 -0
package/dist/account/account-store.d.ts +39 -0
package/dist/account/account-store.d.ts.map +1 -0
package/dist/account/account-store.js +19 -0
package/dist/account/account-store.js.map +1 -0
package/dist/account/account.d.ts +8 -0
package/dist/account/account.d.ts.map +1 -0
package/dist/account/account.js +3 -0
package/dist/account/account.js.map +1 -0
package/dist/assets/app/bundle-manifest.json +22 -0
package/dist/assets/app/main.css +3 -0
package/dist/assets/app/main.js +20 -0
package/dist/assets/app/main.js.map +1 -0
package/dist/assets/asset.d.ts +9 -0
package/dist/assets/asset.d.ts.map +1 -0
package/dist/assets/asset.js +3 -0
package/dist/assets/asset.js.map +1 -0
package/dist/assets/assets-middleware.d.ts +2 -0
package/dist/assets/assets-middleware.d.ts.map +1 -0
package/dist/assets/assets-middleware.js +30 -0
package/dist/assets/assets-middleware.js.map +1 -0
package/dist/assets/index.d.ts +4 -0
package/dist/assets/index.d.ts.map +1 -0
package/dist/assets/index.js +65 -0
package/dist/assets/index.js.map +1 -0
package/dist/client/client-auth.d.ts +13 -0
package/dist/client/client-auth.d.ts.map +1 -0
package/dist/client/client-auth.js +35 -0
package/dist/client/client-auth.js.map +1 -0
package/dist/client/client-data.d.ts +8 -0
package/dist/client/client-data.d.ts.map +1 -0
package/dist/client/client-data.js +3 -0
package/dist/client/client-data.js.map +1 -0
package/dist/client/client-id.d.ts +4 -0
package/dist/client/client-id.d.ts.map +1 -0
package/dist/client/client-id.js +6 -0
package/dist/client/client-id.js.map +1 -0
package/dist/client/client-info.d.ts +13 -0
package/dist/client/client-info.d.ts.map +1 -0
package/dist/client/client-info.js +3 -0
package/dist/client/client-info.js.map +1 -0
package/dist/client/client-manager.d.ts +38 -0
package/dist/client/client-manager.d.ts.map +1 -0
package/dist/client/client-manager.js +534 -0
package/dist/client/client-manager.js.map +1 -0
package/dist/client/client-store.d.ts +13 -0
package/dist/client/client-store.d.ts.map +1 -0
package/dist/client/client-store.js +39 -0
package/dist/client/client-store.js.map +1 -0
package/dist/client/client-utils.d.ts +6 -0
package/dist/client/client-utils.d.ts.map +1 -0
package/dist/client/client-utils.js +40 -0
package/dist/client/client-utils.js.map +1 -0
package/dist/client/client.d.ts +41 -0
package/dist/client/client.d.ts.map +1 -0
package/dist/client/client.js +163 -0
package/dist/client/client.js.map +1 -0
package/dist/constants.d.ts +42 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +53 -0
package/dist/constants.js.map +1 -0
package/dist/device/device-data.d.ts +20 -0
package/dist/device/device-data.d.ts.map +1 -0
package/dist/device/device-data.js +11 -0
package/dist/device/device-data.js.map +1 -0
package/dist/device/device-details.d.ts +17 -0
package/dist/device/device-details.d.ts.map +1 -0
package/dist/device/device-details.js +34 -0
package/dist/device/device-details.js.map +1 -0
package/dist/device/device-id.d.ts +6 -0
package/dist/device/device-id.d.ts.map +1 -0
package/dist/device/device-id.js +18 -0
package/dist/device/device-id.js.map +1 -0
package/dist/device/device-manager.d.ts +88 -0
package/dist/device/device-manager.d.ts.map +1 -0
package/dist/device/device-manager.js +206 -0
package/dist/device/device-manager.js.map +1 -0
package/dist/device/device-store.d.ts +15 -0
package/dist/device/device-store.d.ts.map +1 -0
package/dist/device/device-store.js +36 -0
package/dist/device/device-store.js.map +1 -0
package/dist/device/session-id.d.ts +6 -0
package/dist/device/session-id.d.ts.map +1 -0
package/dist/device/session-id.js +18 -0
package/dist/device/session-id.js.map +1 -0
package/dist/dpop/dpop-manager.d.ts +33 -0
package/dist/dpop/dpop-manager.d.ts.map +1 -0
package/dist/dpop/dpop-manager.js +115 -0
package/dist/dpop/dpop-manager.js.map +1 -0
package/dist/dpop/dpop-nonce.d.ts +13 -0
package/dist/dpop/dpop-nonce.d.ts.map +1 -0
package/dist/dpop/dpop-nonce.js +94 -0
package/dist/dpop/dpop-nonce.js.map +1 -0
package/dist/errors/access-denied-error.d.ts +8 -0
package/dist/errors/access-denied-error.d.ts.map +1 -0
package/dist/errors/access-denied-error.js +21 -0
package/dist/errors/access-denied-error.js.map +1 -0
package/dist/errors/account-selection-required-error.d.ts +6 -0
package/dist/errors/account-selection-required-error.d.ts.map +1 -0
package/dist/errors/account-selection-required-error.js +11 -0
package/dist/errors/account-selection-required-error.js.map +1 -0
package/dist/errors/consent-required-error.d.ts +6 -0
package/dist/errors/consent-required-error.d.ts.map +1 -0
package/dist/errors/consent-required-error.js +11 -0
package/dist/errors/consent-required-error.js.map +1 -0
package/dist/errors/invalid-authorization-details-error.d.ts +20 -0
package/dist/errors/invalid-authorization-details-error.d.ts.map +1 -0
package/dist/errors/invalid-authorization-details-error.js +26 -0
package/dist/errors/invalid-authorization-details-error.js.map +1 -0
package/dist/errors/invalid-client-error.d.ts +18 -0
package/dist/errors/invalid-client-error.d.ts.map +1 -0
package/dist/errors/invalid-client-error.js +24 -0
package/dist/errors/invalid-client-error.js.map +1 -0
package/dist/errors/invalid-client-id-error.d.ts +13 -0
package/dist/errors/invalid-client-id-error.d.ts.map +1 -0
package/dist/errors/invalid-client-id-error.js +25 -0
package/dist/errors/invalid-client-id-error.js.map +1 -0
package/dist/errors/invalid-client-metadata-error.d.ts +13 -0
package/dist/errors/invalid-client-metadata-error.d.ts.map +1 -0
package/dist/errors/invalid-client-metadata-error.js +23 -0
package/dist/errors/invalid-client-metadata-error.js.map +1 -0
package/dist/errors/invalid-dpop-key-binding-error.d.ts +12 -0
package/dist/errors/invalid-dpop-key-binding-error.d.ts.map +1 -0
package/dist/errors/invalid-dpop-key-binding-error.js +20 -0
package/dist/errors/invalid-dpop-key-binding-error.js.map +1 -0
package/dist/errors/invalid-dpop-proof-error.d.ts +5 -0
package/dist/errors/invalid-dpop-proof-error.d.ts.map +1 -0
package/dist/errors/invalid-dpop-proof-error.js +12 -0
package/dist/errors/invalid-dpop-proof-error.js.map +1 -0
package/dist/errors/invalid-grant-error.d.ts +14 -0
package/dist/errors/invalid-grant-error.d.ts.map +1 -0
package/dist/errors/invalid-grant-error.js +20 -0
package/dist/errors/invalid-grant-error.js.map +1 -0
package/dist/errors/invalid-parameters-error.d.ts +6 -0
package/dist/errors/invalid-parameters-error.d.ts.map +1 -0
package/dist/errors/invalid-parameters-error.js +11 -0
package/dist/errors/invalid-parameters-error.js.map +1 -0
package/dist/errors/invalid-redirect-uri-error.d.ts +11 -0
package/dist/errors/invalid-redirect-uri-error.d.ts.map +1 -0
package/dist/errors/invalid-redirect-uri-error.js +21 -0
package/dist/errors/invalid-redirect-uri-error.js.map +1 -0
package/dist/errors/invalid-request-error.d.ts +28 -0
package/dist/errors/invalid-request-error.d.ts.map +1 -0
package/dist/errors/invalid-request-error.js +34 -0
package/dist/errors/invalid-request-error.js.map +1 -0
package/dist/errors/invalid-token-error.d.ts +16 -0
package/dist/errors/invalid-token-error.d.ts.map +1 -0
package/dist/errors/invalid-token-error.js +45 -0
package/dist/errors/invalid-token-error.js.map +1 -0
package/dist/errors/login-required-error.d.ts +6 -0
package/dist/errors/login-required-error.d.ts.map +1 -0
package/dist/errors/login-required-error.js +11 -0
package/dist/errors/login-required-error.js.map +1 -0
package/dist/errors/oauth-error.d.ts +13 -0
package/dist/errors/oauth-error.d.ts.map +1 -0
package/dist/errors/oauth-error.js +29 -0
package/dist/errors/oauth-error.js.map +1 -0
package/dist/errors/unauthorized-client-error.d.ts +18 -0
package/dist/errors/unauthorized-client-error.d.ts.map +1 -0
package/dist/errors/unauthorized-client-error.js +24 -0
package/dist/errors/unauthorized-client-error.js.map +1 -0
package/dist/errors/use-dpop-nonce-error.d.ts +18 -0
package/dist/errors/use-dpop-nonce-error.d.ts.map +1 -0
package/dist/errors/use-dpop-nonce-error.js +27 -0
package/dist/errors/use-dpop-nonce-error.js.map +1 -0
package/dist/errors/www-authenticate-error.d.ts +9 -0
package/dist/errors/www-authenticate-error.d.ts.map +1 -0
package/dist/errors/www-authenticate-error.js +46 -0
package/dist/errors/www-authenticate-error.js.map +1 -0
package/dist/index.d.ts +14 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +31 -0
package/dist/index.js.map +1 -0
package/dist/lib/html/build-document.d.ts +32 -0
package/dist/lib/html/build-document.d.ts.map +1 -0
package/dist/lib/html/build-document.js +61 -0
package/dist/lib/html/build-document.js.map +1 -0
package/dist/lib/html/escapers.d.ts +9 -0
package/dist/lib/html/escapers.d.ts.map +1 -0
package/dist/lib/html/escapers.js +66 -0
package/dist/lib/html/escapers.js.map +1 -0
package/dist/lib/html/html.d.ts +13 -0
package/dist/lib/html/html.d.ts.map +1 -0
package/dist/lib/html/html.js +53 -0
package/dist/lib/html/html.js.map +1 -0
package/dist/lib/html/index.d.ts +4 -0
package/dist/lib/html/index.d.ts.map +1 -0
package/dist/lib/html/index.js +21 -0
package/dist/lib/html/index.js.map +1 -0
package/dist/lib/html/tags.d.ts +34 -0
package/dist/lib/html/tags.d.ts.map +1 -0
package/dist/lib/html/tags.js +47 -0
package/dist/lib/html/tags.js.map +1 -0
package/dist/lib/html/util.d.ts +4 -0
package/dist/lib/html/util.d.ts.map +1 -0
package/dist/lib/html/util.js +20 -0
package/dist/lib/html/util.js.map +1 -0
package/dist/lib/http/accept.d.ts +29 -0
package/dist/lib/http/accept.d.ts.map +1 -0
package/dist/lib/http/accept.js +67 -0
package/dist/lib/http/accept.js.map +1 -0
package/dist/lib/http/context.d.ts +5 -0
package/dist/lib/http/context.d.ts.map +1 -0
package/dist/lib/http/context.js +10 -0
package/dist/lib/http/context.js.map +1 -0
package/dist/lib/http/index.d.ts +10 -0
package/dist/lib/http/index.d.ts.map +1 -0
package/dist/lib/http/index.js +26 -0
package/dist/lib/http/index.js.map +1 -0
package/dist/lib/http/method.d.ts +6 -0
package/dist/lib/http/method.d.ts.map +1 -0
package/dist/lib/http/method.js +19 -0
package/dist/lib/http/method.js.map +1 -0
package/dist/lib/http/middleware.d.ts +18 -0
package/dist/lib/http/middleware.d.ts.map +1 -0
package/dist/lib/http/middleware.js +118 -0
package/dist/lib/http/middleware.js.map +1 -0
package/dist/lib/http/parser.d.ts +33 -0
package/dist/lib/http/parser.d.ts.map +1 -0
package/dist/lib/http/parser.js +48 -0
package/dist/lib/http/parser.js.map +1 -0
package/dist/lib/http/path.d.ts +9 -0
package/dist/lib/http/path.d.ts.map +1 -0
package/dist/lib/http/path.js +54 -0
package/dist/lib/http/path.js.map +1 -0
package/dist/lib/http/request.d.ts +33 -0
package/dist/lib/http/request.d.ts.map +1 -0
package/dist/lib/http/request.js +86 -0
package/dist/lib/http/request.js.map +1 -0
package/dist/lib/http/response.d.ts +13 -0
package/dist/lib/http/response.d.ts.map +1 -0
package/dist/lib/http/response.js +98 -0
package/dist/lib/http/response.js.map +1 -0
package/dist/lib/http/route.d.ts +25 -0
package/dist/lib/http/route.d.ts.map +1 -0
package/dist/lib/http/route.js +39 -0
package/dist/lib/http/route.js.map +1 -0
package/dist/lib/http/router.d.ts +32 -0
package/dist/lib/http/router.d.ts.map +1 -0
package/dist/lib/http/router.js +74 -0
package/dist/lib/http/router.js.map +1 -0
package/dist/lib/http/stream.d.ts +13 -0
package/dist/lib/http/stream.d.ts.map +1 -0
package/dist/lib/http/stream.js +46 -0
package/dist/lib/http/stream.js.map +1 -0
package/dist/lib/http/types.d.ts +7 -0
package/dist/lib/http/types.d.ts.map +1 -0
package/dist/lib/http/types.js +3 -0
package/dist/lib/http/types.js.map +1 -0
package/dist/lib/http/url.d.ts +8 -0
package/dist/lib/http/url.d.ts.map +1 -0
package/dist/lib/http/url.js +22 -0
package/dist/lib/http/url.js.map +1 -0
package/dist/lib/redis.d.ts +5 -0
package/dist/lib/redis.d.ts.map +1 -0
package/dist/lib/redis.js +22 -0
package/dist/lib/redis.js.map +1 -0
package/dist/lib/util/authorization-header.d.ts +4 -0
package/dist/lib/util/authorization-header.d.ts.map +1 -0
package/dist/lib/util/authorization-header.js +23 -0
package/dist/lib/util/authorization-header.js.map +1 -0
package/dist/lib/util/cast.d.ts +2 -0
package/dist/lib/util/cast.d.ts.map +1 -0
package/dist/lib/util/cast.js +10 -0
package/dist/lib/util/cast.js.map +1 -0
package/dist/lib/util/crypto.d.ts +3 -0
package/dist/lib/util/crypto.d.ts.map +1 -0
package/dist/lib/util/crypto.js +29 -0
package/dist/lib/util/crypto.js.map +1 -0
package/dist/lib/util/date.d.ts +3 -0
package/dist/lib/util/date.d.ts.map +1 -0
package/dist/lib/util/date.js +12 -0
package/dist/lib/util/date.js.map +1 -0
package/dist/lib/util/hostname.d.ts +6 -0
package/dist/lib/util/hostname.d.ts.map +1 -0
package/dist/lib/util/hostname.js +24 -0
package/dist/lib/util/hostname.js.map +1 -0
package/dist/lib/util/redirect-uri.d.ts +7 -0
package/dist/lib/util/redirect-uri.d.ts.map +1 -0
package/dist/lib/util/redirect-uri.js +44 -0
package/dist/lib/util/redirect-uri.js.map +1 -0
package/dist/lib/util/time.d.ts +6 -0
package/dist/lib/util/time.d.ts.map +1 -0
package/dist/lib/util/time.js +28 -0
package/dist/lib/util/time.js.map +1 -0
package/dist/lib/util/type.d.ts +6 -0
package/dist/lib/util/type.d.ts.map +1 -0
package/dist/lib/util/type.js +3 -0
package/dist/lib/util/type.js.map +1 -0
package/dist/lib/util/well-known.d.ts +3 -0
package/dist/lib/util/well-known.d.ts.map +1 -0
package/dist/lib/util/well-known.js +11 -0
package/dist/lib/util/well-known.js.map +1 -0
package/dist/metadata/build-metadata.d.ts +14 -0
package/dist/metadata/build-metadata.d.ts.map +1 -0
package/dist/metadata/build-metadata.js +132 -0
package/dist/metadata/build-metadata.js.map +1 -0
package/dist/oauth-client.d.ts +4 -0
package/dist/oauth-client.d.ts.map +1 -0
package/dist/oauth-client.js +19 -0
package/dist/oauth-client.js.map +1 -0
package/dist/oauth-dpop.d.ts +3 -0
package/dist/oauth-dpop.d.ts.map +1 -0
package/dist/oauth-dpop.js +19 -0
package/dist/oauth-dpop.js.map +1 -0
package/dist/oauth-errors.d.ts +20 -0
package/dist/oauth-errors.d.ts.map +1 -0
package/dist/oauth-errors.js +43 -0
package/dist/oauth-errors.js.map +1 -0
package/dist/oauth-hooks.d.ts +42 -0
package/dist/oauth-hooks.d.ts.map +1 -0
package/dist/oauth-hooks.js +3 -0
package/dist/oauth-hooks.js.map +1 -0
package/dist/oauth-provider.d.ts +179 -0
package/dist/oauth-provider.d.ts.map +1 -0
package/dist/oauth-provider.js +748 -0
package/dist/oauth-provider.js.map +1 -0
package/dist/oauth-store.d.ts +11 -0
package/dist/oauth-store.d.ts.map +1 -0
package/dist/oauth-store.js +27 -0
package/dist/oauth-store.js.map +1 -0
package/dist/oauth-verifier.d.ts +66 -0
package/dist/oauth-verifier.d.ts.map +1 -0
package/dist/oauth-verifier.js +94 -0
package/dist/oauth-verifier.js.map +1 -0
package/dist/oidc/claims.d.ts +16 -0
package/dist/oidc/claims.d.ts.map +1 -0
package/dist/oidc/claims.js +29 -0
package/dist/oidc/claims.js.map +1 -0
package/dist/oidc/sub.d.ts +4 -0
package/dist/oidc/sub.d.ts.map +1 -0
package/dist/oidc/sub.js +6 -0
package/dist/oidc/sub.js.map +1 -0
package/dist/oidc/userinfo.d.ts +7 -0
package/dist/oidc/userinfo.d.ts.map +1 -0
package/dist/oidc/userinfo.js +3 -0
package/dist/oidc/userinfo.js.map +1 -0
package/dist/output/build-error-payload.d.ts +6 -0
package/dist/output/build-error-payload.d.ts.map +1 -0
package/dist/output/build-error-payload.js +108 -0
package/dist/output/build-error-payload.js.map +1 -0
package/dist/output/customization.d.ts +37 -0
package/dist/output/customization.d.ts.map +1 -0
package/dist/output/customization.js +62 -0
package/dist/output/customization.js.map +1 -0
package/dist/output/send-authorize-page.d.ts +43 -0
package/dist/output/send-authorize-page.d.ts.map +1 -0
package/dist/output/send-authorize-page.js +49 -0
package/dist/output/send-authorize-page.js.map +1 -0
package/dist/output/send-authorize-redirect.d.ts +25 -0
package/dist/output/send-authorize-redirect.d.ts.map +1 -0
package/dist/output/send-authorize-redirect.js +72 -0
package/dist/output/send-authorize-redirect.js.map +1 -0
package/dist/output/send-error-page.d.ts +5 -0
package/dist/output/send-error-page.d.ts.map +1 -0
package/dist/output/send-error-page.js +31 -0
package/dist/output/send-error-page.js.map +1 -0
package/dist/output/send-web-page.d.ts +8 -0
package/dist/output/send-web-page.d.ts.map +1 -0
package/dist/output/send-web-page.js +48 -0
package/dist/output/send-web-page.js.map +1 -0
package/dist/parameters/claims-requested.d.ts +3 -0
package/dist/parameters/claims-requested.d.ts.map +1 -0
package/dist/parameters/claims-requested.js +77 -0
package/dist/parameters/claims-requested.js.map +1 -0
package/dist/parameters/oidc-payload.d.ts +31 -0
package/dist/parameters/oidc-payload.d.ts.map +1 -0
package/dist/parameters/oidc-payload.js +25 -0
package/dist/parameters/oidc-payload.js.map +1 -0
package/dist/replay/replay-manager.d.ts +10 -0
package/dist/replay/replay-manager.d.ts.map +1 -0
package/dist/replay/replay-manager.js +23 -0
package/dist/replay/replay-manager.js.map +1 -0
package/dist/replay/replay-store-memory.d.ts +11 -0
package/dist/replay/replay-store-memory.d.ts.map +1 -0
package/dist/replay/replay-store-memory.js +30 -0
package/dist/replay/replay-store-memory.js.map +1 -0
package/dist/replay/replay-store-redis.d.ts +16 -0
package/dist/replay/replay-store-redis.d.ts.map +1 -0
package/dist/replay/replay-store-redis.js +20 -0
package/dist/replay/replay-store-redis.js.map +1 -0
package/dist/replay/replay-store.d.ts +16 -0
package/dist/replay/replay-store.d.ts.map +1 -0
package/dist/replay/replay-store.js +22 -0
package/dist/replay/replay-store.js.map +1 -0
package/dist/request/code.d.ts +7 -0
package/dist/request/code.d.ts.map +1 -0
package/dist/request/code.js +20 -0
package/dist/request/code.js.map +1 -0
package/dist/request/request-data.d.ts +21 -0
package/dist/request/request-data.d.ts.map +1 -0
package/dist/request/request-data.js +6 -0
package/dist/request/request-data.js.map +1 -0
package/dist/request/request-id.d.ts +6 -0
package/dist/request/request-id.d.ts.map +1 -0
package/dist/request/request-id.js +18 -0
package/dist/request/request-id.js.map +1 -0
package/dist/request/request-info.d.ts +12 -0
package/dist/request/request-info.d.ts.map +1 -0
package/dist/request/request-info.js +3 -0
package/dist/request/request-info.js.map +1 -0
package/dist/request/request-manager.d.ts +40 -0
package/dist/request/request-manager.d.ts.map +1 -0
package/dist/request/request-manager.js +310 -0
package/dist/request/request-manager.js.map +1 -0
package/dist/request/request-store-memory.d.ts +16 -0
package/dist/request/request-store-memory.d.ts.map +1 -0
package/dist/request/request-store-memory.js +31 -0
package/dist/request/request-store-memory.js.map +1 -0
package/dist/request/request-store-redis.d.ts +24 -0
package/dist/request/request-store-redis.d.ts.map +1 -0
package/dist/request/request-store-redis.js +58 -0
package/dist/request/request-store-redis.js.map +1 -0
package/dist/request/request-store.d.ts +27 -0
package/dist/request/request-store.d.ts.map +1 -0
package/dist/request/request-store.js +37 -0
package/dist/request/request-store.js.map +1 -0
package/dist/request/request-uri.d.ts +8 -0
package/dist/request/request-uri.d.ts.map +1 -0
package/dist/request/request-uri.js +24 -0
package/dist/request/request-uri.js.map +1 -0
package/dist/request/types.d.ts +328 -0
package/dist/request/types.d.ts.map +1 -0
package/dist/request/types.js +27 -0
package/dist/request/types.js.map +1 -0
package/dist/signer/signed-token-payload.d.ts +1694 -0
package/dist/signer/signed-token-payload.d.ts.map +1 -0
package/dist/signer/signed-token-payload.js +32 -0
package/dist/signer/signed-token-payload.js.map +1 -0
package/dist/signer/signer.d.ts +193 -0
package/dist/signer/signer.d.ts.map +1 -0
package/dist/signer/signer.js +101 -0
package/dist/signer/signer.js.map +1 -0
package/dist/token/refresh-token.d.ts +7 -0
package/dist/token/refresh-token.d.ts.map +1 -0
package/dist/token/refresh-token.js +20 -0
package/dist/token/refresh-token.js.map +1 -0
package/dist/token/token-claims.d.ts +1687 -0
package/dist/token/token-claims.d.ts.map +1 -0
package/dist/token/token-claims.js +30 -0
package/dist/token/token-claims.js.map +1 -0
package/dist/token/token-data.d.ts +20 -0
package/dist/token/token-data.d.ts.map +1 -0
package/dist/token/token-data.js +3 -0
package/dist/token/token-data.js.map +1 -0
package/dist/token/token-id.d.ts +7 -0
package/dist/token/token-id.d.ts.map +1 -0
package/dist/token/token-id.js +20 -0
package/dist/token/token-id.js.map +1 -0
package/dist/token/token-manager.d.ts +48 -0
package/dist/token/token-manager.d.ts.map +1 -0
package/dist/token/token-manager.js +421 -0
package/dist/token/token-manager.js.map +1 -0
package/dist/token/token-store.d.ts +35 -0
package/dist/token/token-store.d.ts.map +1 -0
package/dist/token/token-store.js +38 -0
package/dist/token/token-store.js.map +1 -0
package/dist/token/types.d.ts +250 -0
package/dist/token/types.d.ts.map +1 -0
package/dist/token/types.js +36 -0
package/dist/token/types.js.map +1 -0
package/dist/token/verify-token-claims.d.ts +17 -0
package/dist/token/verify-token-claims.d.ts.map +1 -0
package/dist/token/verify-token-claims.js +39 -0
package/dist/token/verify-token-claims.js.map +1 -0
package/package.json +83 -0
package/rollup.config.js +55 -0
package/src/access-token/access-token-type.ts +5 -0
package/src/account/account-manager.ts +55 -0
package/src/account/account-store.ts +74 -0
package/src/account/account.ts +10 -0
package/src/assets/app/app.tsx +28 -0
package/src/assets/app/backend-data.ts +65 -0
package/src/assets/app/components/accept-form.tsx +112 -0
package/src/assets/app/components/account-identifier.tsx +18 -0
package/src/assets/app/components/account-picker.tsx +108 -0
package/src/assets/app/components/client-identifier.tsx +32 -0
package/src/assets/app/components/client-name.tsx +30 -0
package/src/assets/app/components/error-card.tsx +41 -0
package/src/assets/app/components/help-card.tsx +42 -0
package/src/assets/app/components/layout-title-page.tsx +43 -0
package/src/assets/app/components/layout-welcome.tsx +58 -0
package/src/assets/app/components/sign-in-form.tsx +290 -0
package/src/assets/app/components/sign-up-account-form.tsx +210 -0
package/src/assets/app/components/sign-up-disclaimer.tsx +44 -0
package/src/assets/app/components/url-viewer.tsx +70 -0
package/src/assets/app/cookies.ts +11 -0
package/src/assets/app/hooks/use-api.ts +104 -0
package/src/assets/app/hooks/use-bound-dispatch.ts +5 -0
package/src/assets/app/hooks/use-csrf-token.ts +5 -0
package/src/assets/app/lib/api.ts +64 -0
package/src/assets/app/lib/clsx.ts +4 -0
package/src/assets/app/lib/util.ts +10 -0
package/src/assets/app/main.css +11 -0
package/src/assets/app/main.tsx +28 -0
package/src/assets/app/views/accept-view.tsx +51 -0
package/src/assets/app/views/authorize-view.tsx +101 -0
package/src/assets/app/views/error-view.tsx +27 -0
package/src/assets/app/views/sign-in-view.tsx +121 -0
package/src/assets/app/views/sign-up-view.tsx +93 -0
package/src/assets/app/views/welcome-view.tsx +61 -0
package/src/assets/asset.ts +8 -0
package/src/assets/assets-middleware.ts +32 -0
package/src/assets/index.ts +74 -0
package/src/client/client-auth.ts +45 -0
package/src/client/client-data.ts +9 -0
package/src/client/client-id.ts +4 -0
package/src/client/client-info.ts +13 -0
package/src/client/client-manager.ts +818 -0
package/src/client/client-store.ts +38 -0
package/src/client/client-utils.ts +43 -0
package/src/client/client.ts +231 -0
package/src/constants.ts +69 -0
package/src/device/device-data.ts +11 -0
package/src/device/device-details.ts +43 -0
package/src/device/device-id.ts +23 -0
package/src/device/device-manager.ts +287 -0
package/src/device/device-store.ts +35 -0
package/src/device/session-id.ts +22 -0
package/src/dpop/dpop-manager.ts +147 -0
package/src/dpop/dpop-nonce.ts +104 -0
package/src/errors/access-denied-error.ts +26 -0
package/src/errors/account-selection-required-error.ts +12 -0
package/src/errors/consent-required-error.ts +12 -0
package/src/errors/invalid-authorization-details-error.ts +22 -0
package/src/errors/invalid-client-error.ts +20 -0
package/src/errors/invalid-client-id-error.ts +20 -0
package/src/errors/invalid-client-metadata-error.ts +19 -0
package/src/errors/invalid-dpop-key-binding-error.ts +21 -0
package/src/errors/invalid-dpop-proof-error.ts +13 -0
package/src/errors/invalid-grant-error.ts +16 -0
package/src/errors/invalid-parameters-error.ts +12 -0
package/src/errors/invalid-redirect-uri-error.ts +17 -0
package/src/errors/invalid-request-error.ts +30 -0
package/src/errors/invalid-token-error.ts +59 -0
package/src/errors/login-required-error.ts +12 -0
package/src/errors/oauth-error.ts +28 -0
package/src/errors/unauthorized-client-error.ts +20 -0
package/src/errors/use-dpop-nonce-error.ts +32 -0
package/src/errors/www-authenticate-error.ts +65 -0
package/src/index.ts +15 -0
package/src/lib/html/README.md +9 -0
package/src/lib/html/build-document.ts +98 -0
package/src/lib/html/escapers.ts +66 -0
package/src/lib/html/html.ts +61 -0
package/src/lib/html/index.ts +5 -0
package/src/lib/html/tags.ts +58 -0
package/src/lib/html/util.ts +21 -0
package/src/lib/http/README.md +11 -0
package/src/lib/http/accept.ts +91 -0
package/src/lib/http/context.ts +11 -0
package/src/lib/http/index.ts +9 -0
package/src/lib/http/method.ts +18 -0
package/src/lib/http/middleware.ts +183 -0
package/src/lib/http/parser.ts +64 -0
package/src/lib/http/path.ts +82 -0
package/src/lib/http/request.ts +141 -0
package/src/lib/http/response.ts +133 -0
package/src/lib/http/route.ts +56 -0
package/src/lib/http/router.ts +118 -0
package/src/lib/http/stream.ts +78 -0
package/src/lib/http/types.ts +22 -0
package/src/lib/http/url.ts +23 -0
package/src/lib/redis.ts +23 -0
package/src/lib/util/authorization-header.ts +26 -0
package/src/lib/util/cast.ts +4 -0
package/src/lib/util/crypto.ts +27 -0
package/src/lib/util/date.ts +7 -0
package/src/lib/util/hostname.ts +19 -0
package/src/lib/util/redirect-uri.ts +46 -0
package/src/lib/util/time.ts +33 -0
package/src/lib/util/type.ts +4 -0
package/src/lib/util/well-known.ts +8 -0
package/src/metadata/build-metadata.ts +165 -0
package/src/oauth-client.ts +3 -0
package/src/oauth-dpop.ts +2 -0
package/src/oauth-errors.ts +21 -0
package/src/oauth-hooks.ts +66 -0
package/src/oauth-provider.ts +1409 -0
package/src/oauth-store.ts +11 -0
package/src/oauth-verifier.ts +219 -0
package/src/oidc/claims.ts +35 -0
package/src/oidc/sub.ts +4 -0
package/src/oidc/userinfo.ts +11 -0
package/src/output/build-error-payload.ts +143 -0
package/src/output/customization.ts +96 -0
package/src/output/send-authorize-page.ts +111 -0
package/src/output/send-authorize-redirect.ts +130 -0
package/src/output/send-error-page.ts +41 -0
package/src/output/send-web-page.ts +66 -0
package/src/parameters/claims-requested.ts +106 -0
package/src/parameters/oidc-payload.ts +28 -0
package/src/replay/replay-manager.ts +38 -0
package/src/replay/replay-store-memory.ts +36 -0
package/src/replay/replay-store-redis.ts +31 -0
package/src/replay/replay-store.ts +44 -0
package/src/request/code.ts +24 -0
package/src/request/request-data.ts +26 -0
package/src/request/request-id.ts +23 -0
package/src/request/request-info.ts +12 -0
package/src/request/request-manager.ts +479 -0
package/src/request/request-store-memory.ts +39 -0
package/src/request/request-store-redis.ts +71 -0
package/src/request/request-store.ts +54 -0
package/src/request/request-uri.ts +29 -0
package/src/request/types.ts +48 -0
package/src/signer/signed-token-payload.ts +35 -0
package/src/signer/signer.ts +165 -0
package/src/token/refresh-token.ts +31 -0
package/src/token/token-claims.ts +31 -0
package/src/token/token-data.ts +33 -0
package/src/token/token-id.ts +26 -0
package/src/token/token-manager.ts +591 -0
package/src/token/token-store.ts +78 -0
package/src/token/types.ts +86 -0
package/src/token/verify-token-claims.ts +65 -0
package/tailwind.config.js +13 -0
package/tsconfig.backend.json +9 -0
package/tsconfig.frontend.json +11 -0
package/tsconfig.json +8 -0
package/tsconfig.tools.json +8 -0

package/src/assets/app/hooks/use-api.ts ADDED Viewed

@@ -0,0 +1,104 @@
+import { useCallback, useMemo, useState } from 'react'
+import { Account, AuthorizeData, Session } from '../backend-data'
+import { Api } from '../lib/api'
+import { upsert } from '../lib/util'
+import { useCsrfToken } from './use-csrf-token'
+export type SignInCredentials = {
+  username: string
+  password: string
+  remember?: boolean
+}
+export type SignUpData = {
+  username: string
+  password: string
+  extra?: Record<string, string>
+}
+export function useApi(
+  {
+    clientId,
+    requestUri,
+    csrfCookie,
+    sessions: initialSessions,
+    newSessionsRequireConsent,
+  }: AuthorizeData,
+  {
+    onRedirected,
+  }: {
+    onRedirected?: () => void
+  } = {},
+) {
+  const csrfToken = useCsrfToken(csrfCookie) ?? '<csrf-token-missing>' // Invalid value
+  const [sessions, setSessions] = useState<readonly Session[]>(initialSessions)
+  const setSession = useCallback(
+    (sub: string | null) => {
+      setSessions((sessions) =>
+        sub === (sessions.find((s) => s.selected)?.account.sub || null)
+          ? sessions
+          : sessions.map((s) => ({ ...s, selected: s.account.sub === sub })),
+      )
+    },
+    [setSessions],
+  )
+  const api = useMemo(
+    () => new Api(requestUri, clientId, csrfToken, newSessionsRequireConsent),
+    [requestUri, clientId, csrfToken, newSessionsRequireConsent],
+  )
+  const performRedirect = useCallback(
+    (url: URL) => {
+      window.location.href = String(url)
+      if (onRedirected) setTimeout(onRedirected)
+    },
+    [onRedirected],
+  )
+  const doSignIn = useCallback(
+    async (credentials: SignInCredentials): Promise<void> => {
+      const session = await api.signIn(credentials)
+      const { sub } = session.account
+      setSessions((sessions) => {
+        return upsert(sessions, session, (s) => s.account.sub === sub).map(
+          // Make sure to de-select any other selected session
+          (s) => (s === session || !s.selected ? s : { ...s, selected: false }),
+        )
+      })
+    },
+    [api, performRedirect, clientId, setSessions],
+  )
+  const doSignUp = useCallback(
+    (data: SignUpData) => {
+      //
+      throw new Error('Not implemented')
+    },
+    [api],
+  )
+  const doAccept = useCallback(
+    async (account: Account) => {
+      performRedirect(await api.accept(account))
+    },
+    [api, performRedirect],
+  )
+  const doReject = useCallback(async () => {
+    performRedirect(await api.reject())
+  }, [api, performRedirect])
+  return {
+    sessions,
+    setSession,
+    doSignIn,
+    doSignUp,
+    doAccept,
+    doReject,
+  }
+}

package/src/assets/app/hooks/use-bound-dispatch.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import { Dispatch, useCallback } from 'react'
+export function useBoundDispatch<A>(dispatch: Dispatch<A>, value: A) {
+  return useCallback(() => dispatch(value), [dispatch, value])
+}

package/src/assets/app/hooks/use-csrf-token.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import { cookies } from '../cookies'
+export function useCsrfToken(cookieName: string) {
+  return cookies[cookieName]
+}

package/src/assets/app/lib/api.ts ADDED Viewed

@@ -0,0 +1,64 @@
+import { fetchJsonProcessor, fetchOkProcessor } from '@atproto-labs/fetch'
+import { Account, Session } from '../backend-data'
+export class Api {
+  constructor(
+    private requestUri: string,
+    private clientId: string,
+    private csrfToken: string,
+    private newSessionsRequireConsent: boolean,
+  ) {}
+  async signIn(credentials: {
+    username: string
+    password: string
+    remember?: boolean
+  }): Promise<Session> {
+    const { json } = await fetch('/oauth/authorize/sign-in', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      mode: 'same-origin',
+      body: JSON.stringify({
+        csrf_token: this.csrfToken,
+        request_uri: this.requestUri,
+        client_id: this.clientId,
+        credentials,
+      }),
+    })
+      .then(fetchOkProcessor())
+      .then(
+        fetchJsonProcessor<{
+          account: Account
+          consentRequired: boolean
+        }>(),
+      )
+    return {
+      account: json.account,
+      selected: true,
+      loginRequired: false,
+      consentRequired: this.newSessionsRequireConsent || json.consentRequired,
+    }
+  }
+  async accept(account: Account): Promise<URL> {
+    const url = new URL('/oauth/authorize/accept', window.origin)
+    url.searchParams.set('request_uri', this.requestUri)
+    url.searchParams.set('account_sub', account.sub)
+    url.searchParams.set('client_id', this.clientId)
+    url.searchParams.set('csrf_token', this.csrfToken)
+    return url
+  }
+  async reject(): Promise<URL> {
+    const url = new URL('/oauth/authorize/reject', window.origin)
+    url.searchParams.set('request_uri', this.requestUri)
+    url.searchParams.set('client_id', this.clientId)
+    url.searchParams.set('csrf_token', this.csrfToken)
+    return url
+  }
+}

package/src/assets/app/lib/clsx.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export function clsx(a: string | undefined, b?: string) {
+  if (a && b) return `${a} ${b}`
+  return a || b
+}

package/src/assets/app/lib/util.ts ADDED Viewed

@@ -0,0 +1,10 @@
+export function upsert<T>(
+  arr: readonly T[],
+  item: T,
+  predicate: (value: T, index: number, obj: readonly T[]) => boolean,
+): T[] {
+  const idx = arr.findIndex(predicate)
+  return idx === -1
+    ? [...arr, item]
+    : [...arr.slice(0, idx), item, ...arr.slice(idx + 1)]
+}

package/src/assets/app/main.css ADDED Viewed

@@ -0,0 +1,11 @@
+@tailwind base;
+@tailwind components;
+@tailwind utilities;
+/* Matches colors defined in tailwind.config.js */
+@layer base {
+  :root {
+    --color-primary: 255 115 179;
+    --color-error: 235 65 49;
+  }
+}

package/src/assets/app/main.tsx ADDED Viewed

@@ -0,0 +1,28 @@
+// This must be loaded before any dependency to ensure that global variables
+// cannot be accessed by JS from node_modules.
+import * as backendData from './backend-data'
+import { createRoot } from 'react-dom/client'
+import { App } from './app'
+import './main.css'
+const { authorizeData } = backendData
+if (authorizeData) {
+  // When the user is logging in, make sure the page URL contains the
+  // "request_uri" in case the user refreshes the page.
+  const url = new URL(window.location.href)
+  if (
+    url.pathname === '/oauth/authorize' &&
+    !url.searchParams.has('request_uri')
+  ) {
+    url.search = ''
+    url.searchParams.set('client_id', authorizeData.clientId)
+    url.searchParams.set('request_uri', authorizeData.requestUri)
+    window.history.replaceState(history.state, '', url.pathname + url.search)
+  }
+}
+const container = document.getElementById('root')!
+const root = createRoot(container)
+root.render(<App {...backendData} />)

package/src/assets/app/views/accept-view.tsx ADDED Viewed

@@ -0,0 +1,51 @@
+import { OAuthClientMetadata } from '@atproto/oauth-types'
+import { Session } from '../backend-data'
+import { AcceptForm } from '../components/accept-form'
+import { LayoutTitlePage } from '../components/layout-title-page'
+export type AcceptViewProps = {
+  clientId: string
+  clientMetadata: OAuthClientMetadata
+  clientTrusted: boolean
+  session: Session
+  onAccept: () => void
+  onReject: () => void
+  onBack?: () => void
+}
+export function AcceptView({
+  clientId,
+  clientMetadata,
+  clientTrusted,
+  session,
+  onAccept,
+  onReject,
+  onBack,
+}: AcceptViewProps) {
+  const { account } = session
+  return (
+    <LayoutTitlePage
+      title="Authorize"
+      subtitle={
+        <>
+          Grant access to your{' '}
+          <b>{account.preferred_username || account.email || account.sub}</b>{' '}
+          account.
+        </>
+      }
+    >
+      <AcceptForm
+        className="max-w-lg w-full"
+        clientId={clientId}
+        clientMetadata={clientMetadata}
+        clientTrusted={clientTrusted}
+        account={account}
+        onBack={onBack}
+        onAccept={onAccept}
+        onReject={onReject}
+      />
+    </LayoutTitlePage>
+  )
+}

package/src/assets/app/views/authorize-view.tsx ADDED Viewed

@@ -0,0 +1,101 @@
+import { useEffect, useState } from 'react'
+import type { AuthorizeData, CustomizationData } from '../backend-data'
+import { LayoutTitlePage } from '../components/layout-title-page'
+import { useApi } from '../hooks/use-api'
+import { useBoundDispatch } from '../hooks/use-bound-dispatch'
+import { AcceptView } from './accept-view'
+import { SignInView } from './sign-in-view'
+import { SignUpView } from './sign-up-view'
+import { WelcomeView } from './welcome-view'
+export type AuthorizeViewProps = {
+  authorizeData: AuthorizeData
+  customizationData?: CustomizationData
+}
+export function AuthorizeView({
+  authorizeData,
+  customizationData,
+}: AuthorizeViewProps) {
+  const forceSignIn = authorizeData?.loginHint != null
+  const [view, setView] = useState<
+    'welcome' | 'sign-in' | 'sign-up' | 'accept' | 'done'
+  >(forceSignIn ? 'sign-in' : 'welcome')
+  const showDone = useBoundDispatch(setView, 'done')
+  const showSignIn = useBoundDispatch(setView, 'sign-in')
+  // const showSignUp = useBoundDispatch(setView, 'sign-up')
+  const showAccept = useBoundDispatch(setView, 'accept')
+  const showWelcome = useBoundDispatch(setView, 'welcome')
+  const { sessions, setSession, doAccept, doReject, doSignIn, doSignUp } =
+    useApi(authorizeData, { onRedirected: showDone })
+  const session = sessions.find((s) => s.selected && !s.loginRequired)
+  useEffect(() => {
+    if (session) {
+      if (session.consentRequired) showAccept()
+      else doAccept(session.account)
+    }
+  }, [session, doAccept, showAccept])
+  if (view === 'welcome') {
+    return (
+      <WelcomeView
+        name={customizationData?.name}
+        logo={customizationData?.logo}
+        links={customizationData?.links}
+        onSignIn={showSignIn}
+        // onSignUp={showSignUp}
+        onCancel={doReject}
+      />
+    )
+  }
+  if (view === 'sign-up') {
+    return (
+      <SignUpView
+        links={customizationData?.links}
+        onSignUp={doSignUp}
+        onBack={showWelcome}
+      />
+    )
+  }
+  if (view === 'sign-in') {
+    return (
+      <SignInView
+        loginHint={authorizeData.loginHint}
+        sessions={sessions}
+        setSession={setSession}
+        onSignIn={doSignIn}
+        onBack={forceSignIn ? doReject : showWelcome}
+      />
+    )
+  }
+  if (view === 'accept' && session) {
+    return (
+      <AcceptView
+        session={session}
+        clientId={authorizeData.clientId}
+        clientMetadata={authorizeData.clientMetadata}
+        clientTrusted={authorizeData.clientTrusted}
+        onAccept={() => doAccept(session.account)}
+        onReject={doReject}
+        onBack={() => {
+          setSession(null)
+          setView(sessions.length ? 'sign-in' : 'welcome')
+        }}
+      />
+    )
+  }
+  return (
+    <LayoutTitlePage title="Login complete">
+      You are being redirected...
+    </LayoutTitlePage>
+  )
+}

package/src/assets/app/views/error-view.tsx ADDED Viewed

@@ -0,0 +1,27 @@
+import { CustomizationData, ErrorData } from '../backend-data'
+import { ErrorCard } from '../components/error-card'
+import { LayoutWelcome } from '../components/layout-welcome'
+export type ErrorViewProps = {
+  customizationData?: CustomizationData
+  errorData?: ErrorData
+}
+export function ErrorView({ errorData, customizationData }: ErrorViewProps) {
+  return (
+    <LayoutWelcome {...customizationData}>
+      <ErrorCard message={getUserFriendlyMessage(errorData)} />
+    </LayoutWelcome>
+  )
+}
+function getUserFriendlyMessage(errorData?: ErrorData) {
+  const desc = errorData?.error_description
+  switch (desc) {
+    case 'Unknown request_uri': // Request was removed from database
+    case 'This request has expired':
+      return 'This sign-in session has expired'
+    default:
+      return desc || 'An unknown error occurred'
+  }
+}

package/src/assets/app/views/sign-in-view.tsx ADDED Viewed

@@ -0,0 +1,121 @@
+import { useCallback, useEffect, useMemo, useState } from 'react'
+import { Session } from '../backend-data'
+import { AccountPicker } from '../components/account-picker'
+import { LayoutTitlePage } from '../components/layout-title-page'
+import { SignInForm, SignInFormOutput } from '../components/sign-in-form'
+export type SignInViewProps = {
+  sessions: readonly Session[]
+  setSession: (sub: string | null) => void
+  loginHint?: string
+  onSignIn: (credentials: SignInFormOutput) => void | PromiseLike<void>
+  onBack?: () => void
+}
+export function SignInView({
+  loginHint,
+  sessions,
+  setSession,
+  onSignIn,
+  onBack,
+}: SignInViewProps) {
+  const session = useMemo(() => sessions.find((s) => s.selected), [sessions])
+  const clearSession = useCallback(() => setSession(null), [setSession])
+  const accounts = useMemo(() => sessions.map((s) => s.account), [sessions])
+  const [showSignInForm, setShowSignInForm] = useState(sessions.length === 0)
+  useEffect(() => {
+    // Make sure the "back" action shows the account picker instead of the
+    // sign-in form (since the account was added to the list of current
+    // sessions).
+    if (session) setShowSignInForm(false)
+  }, [session])
+  if (session) {
+    // All set (parent view will handle the redirect)
+    if (!session.loginRequired) return null
+    return (
+      <LayoutTitlePage
+        title="Sign in"
+        subtitle="Confirm your password to continue"
+      >
+        <SignInForm
+          className="max-w-lg w-full"
+          onSubmit={onSignIn}
+          onCancel={clearSession}
+          cancelAria="Back" // to account picker
+          usernameDefault={session.account.preferred_username}
+          usernameReadonly={true}
+          rememberDefault={true}
+        />
+      </LayoutTitlePage>
+    )
+  }
+  if (loginHint) {
+    return (
+      <LayoutTitlePage title="Sign in" subtitle="Enter your password">
+        <SignInForm
+          className="max-w-lg w-full"
+          onSubmit={onSignIn}
+          onCancel={onBack}
+          cancelAria="Back"
+          usernameDefault={loginHint}
+          usernameReadonly={true}
+        />
+      </LayoutTitlePage>
+    )
+  }
+  if (sessions.length === 0) {
+    return (
+      <LayoutTitlePage
+        title="Sign in"
+        subtitle="Enter your username and password"
+      >
+        <SignInForm
+          className="max-w-lg w-full"
+          onSubmit={onSignIn}
+          onCancel={onBack}
+          cancelAria="Back"
+        />
+      </LayoutTitlePage>
+    )
+  }
+  if (showSignInForm) {
+    return (
+      <LayoutTitlePage
+        title="Sign in"
+        subtitle="Enter your username and password"
+      >
+        <SignInForm
+          className="max-w-lg w-full"
+          onSubmit={onSignIn}
+          onCancel={() => setShowSignInForm(false)}
+          cancelAria="Back" // to account picker
+        />
+      </LayoutTitlePage>
+    )
+  }
+  return (
+    <LayoutTitlePage
+      title="Sign in as..."
+      subtitle="Select an account to continue."
+    >
+      <AccountPicker
+        className="max-w-lg w-full"
+        accounts={accounts}
+        onAccount={(a) => setSession(a.sub)}
+        onOther={() => setShowSignInForm(true)}
+        onBack={onBack}
+        backAria="Back" // to previous view
+      />
+    </LayoutTitlePage>
+  )
+}

package/src/assets/app/views/sign-up-view.tsx ADDED Viewed

@@ -0,0 +1,93 @@
+import { ReactNode, useCallback, useState } from 'react'
+import { LinkDefinition } from '../backend-data'
+import { HelpCard } from '../components/help-card'
+import { LayoutTitlePage } from '../components/layout-title-page'
+import {
+  SignUpAccountForm,
+  SignUpAccountFormOutput,
+} from '../components/sign-up-account-form'
+import { SignUpDisclaimer } from '../components/sign-up-disclaimer'
+export type SignUpViewProps = {
+  stepName?: (step: number, total: number) => ReactNode
+  stepTitle?: (step: number, total: number) => ReactNode
+  links?: LinkDefinition[]
+  onSignUp: (data: {
+    username: string
+    password: string
+    extra?: Record<string, string>
+  }) => void | PromiseLike<void>
+  onBack?: () => void
+}
+export function SignUpView({
+  stepName = (step, total) => `Step ${step} of ${total}`,
+  stepTitle = (step, total) => {
+    switch (step) {
+      case 1:
+        return 'Your account'
+      default:
+        return null
+    }
+  },
+  links,
+  onSignUp,
+  onBack,
+}: SignUpViewProps) {
+  const [_credentials, setCredentials] =
+    useState<null | SignUpAccountFormOutput>(null)
+  const [step, setStep] = useState<1 | 2>(1)
+  const stepCount = 2
+  const doSubmitAccount = useCallback(
+    (credentials: SignUpAccountFormOutput) => {
+      setCredentials(credentials)
+      setStep(2)
+    },
+    [onSignUp, setCredentials, setStep],
+  )
+  return (
+    <LayoutTitlePage
+      title="Create Account"
+      subtitle="We're so excited to have you join us!"
+    >
+      <div className="max-w-lg w-full flex flex-col">
+        <p className="mt-4 text-slate-400 dark:text-slate-600">
+          {stepName(step, stepCount)}
+        </p>
+        <h2 className="font-medium text-xl mb-4">
+          {stepTitle(step, stepCount)}
+        </h2>
+        {step === 1 && (
+          <SignUpAccountForm
+            className="flex-grow"
+            onSubmit={doSubmitAccount}
+            onCancel={onBack}
+            cancelLabel="Back"
+          >
+            <SignUpDisclaimer links={links} />
+          </SignUpAccountForm>
+        )}
+        {step === 2 && (
+          <button
+            type="button"
+            className="inline-flex items-center px-4 py-2 border border-transparent text-sm font-medium rounded-md text-slate-700 bg-slate-100 hover:bg-slate-200 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-slate-500"
+            onClick={() => setStep(1)}
+          >
+            Back
+          </button>
+        )}
+        <HelpCard className="mb-4" links={links} />
+      </div>
+    </LayoutTitlePage>
+  )
+}

package/src/assets/app/views/welcome-view.tsx ADDED Viewed

@@ -0,0 +1,61 @@
+import { LayoutWelcome, LayoutWelcomeProps } from '../components/layout-welcome'
+import { clsx } from '../lib/clsx'
+export type WelcomeViewParams = LayoutWelcomeProps & {
+  onSignIn?: () => void
+  signInLabel?: string
+  onSignUp?: () => void
+  signUpLabel?: string
+  onCancel?: () => void
+  cancelLabel?: string
+}
+export function WelcomeView({
+  onSignUp,
+  signUpLabel = 'Create a new account',
+  onSignIn,
+  signInLabel = 'Sign in',
+  onCancel,
+  cancelLabel = 'Cancel',
+  ...props
+}: WelcomeViewParams) {
+  return (
+    <LayoutWelcome {...props}>
+      {onSignUp && (
+        <button
+          className={clsx(
+            'm-1 w-60 max-w-full text-white py-2 px-4 rounded-full truncate',
+            onSignIn ? 'bg-primary' : 'bg-slate-400',
+          )}
+          onClick={onSignUp}
+        >
+          {signUpLabel}
+        </button>
+      )}
+      {onSignIn && (
+        <button
+          className={clsx(
+            'm-1 w-60 max-w-full py-2 px-4 rounded-full truncate',
+            onSignUp ? 'bg-slate-100 dark:bg-slate-700' : 'bg-primary',
+          )}
+          onClick={onSignIn}
+        >
+          {signInLabel}
+        </button>
+      )}
+      {onCancel && (
+        <button
+          className="m-1 w-60 max-w-full bg-transparent text-primary py-2 px-4 rounded-full truncate font-light"
+          onClick={onCancel}
+        >
+          {cancelLabel}
+        </button>
+      )}
+    </LayoutWelcome>
+  )
+}