@atproto/oauth-provider 0.1.3 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +29 -0
- package/dist/account/account.d.ts +6 -2
- package/dist/account/account.d.ts.map +1 -1
- package/dist/assets/app/bundle-manifest.json +3 -3
- package/dist/assets/app/main.css +1 -1
- package/dist/assets/app/main.js +1 -1
- package/dist/assets/app/main.js.map +1 -1
- package/dist/assets/assets-middleware.d.ts +2 -1
- package/dist/assets/assets-middleware.d.ts.map +1 -1
- package/dist/assets/assets-middleware.js +7 -0
- package/dist/assets/assets-middleware.js.map +1 -1
- package/dist/client/client-manager.d.ts +4 -3
- package/dist/client/client-manager.d.ts.map +1 -1
- package/dist/client/client-manager.js +60 -37
- package/dist/client/client-manager.js.map +1 -1
- package/dist/client/client.d.ts.map +1 -1
- package/dist/client/client.js +1 -3
- package/dist/client/client.js.map +1 -1
- package/dist/constants.d.ts +2 -0
- package/dist/constants.d.ts.map +1 -1
- package/dist/constants.js +3 -1
- package/dist/constants.js.map +1 -1
- package/dist/device/device-manager.d.ts +1 -1
- package/dist/device/device-manager.d.ts.map +1 -1
- package/dist/device/device-manager.js +2 -2
- package/dist/device/device-manager.js.map +1 -1
- package/dist/errors/invalid-authorization-details-error.d.ts +4 -3
- package/dist/errors/invalid-authorization-details-error.d.ts.map +1 -1
- package/dist/errors/invalid-authorization-details-error.js +4 -4
- package/dist/errors/invalid-authorization-details-error.js.map +1 -1
- package/dist/lib/http/request.d.ts +3 -0
- package/dist/lib/http/request.d.ts.map +1 -1
- package/dist/lib/http/request.js +24 -12
- package/dist/lib/http/request.js.map +1 -1
- package/dist/metadata/build-metadata.d.ts +0 -1
- package/dist/metadata/build-metadata.d.ts.map +1 -1
- package/dist/metadata/build-metadata.js +9 -35
- package/dist/metadata/build-metadata.js.map +1 -1
- package/dist/oauth-hooks.d.ts +3 -10
- package/dist/oauth-hooks.d.ts.map +1 -1
- package/dist/oauth-provider.d.ts +8 -13
- package/dist/oauth-provider.d.ts.map +1 -1
- package/dist/oauth-provider.js +169 -109
- package/dist/oauth-provider.js.map +1 -1
- package/dist/oauth-verifier.d.ts +1 -2
- package/dist/oauth-verifier.d.ts.map +1 -1
- package/dist/oauth-verifier.js.map +1 -1
- package/dist/output/build-authorize-data.d.ts +6 -0
- package/dist/output/build-authorize-data.d.ts.map +1 -1
- package/dist/output/build-authorize-data.js +1 -0
- package/dist/output/build-authorize-data.js.map +1 -1
- package/dist/replay/replay-manager.d.ts +1 -0
- package/dist/replay/replay-manager.d.ts.map +1 -1
- package/dist/replay/replay-manager.js +3 -0
- package/dist/replay/replay-manager.js.map +1 -1
- package/dist/replay/replay-store.d.ts +1 -1
- package/dist/request/request-info.d.ts +2 -0
- package/dist/request/request-info.d.ts.map +1 -1
- package/dist/request/request-manager.d.ts +3 -9
- package/dist/request/request-manager.d.ts.map +1 -1
- package/dist/request/request-manager.js +52 -77
- package/dist/request/request-manager.js.map +1 -1
- package/dist/request/types.d.ts +10 -10
- package/dist/signer/signed-token-payload.d.ts +85 -85
- package/dist/signer/signer.d.ts +23 -30
- package/dist/signer/signer.d.ts.map +1 -1
- package/dist/signer/signer.js +0 -40
- package/dist/signer/signer.js.map +1 -1
- package/dist/token/token-claims.d.ts +81 -81
- package/dist/token/token-manager.d.ts +1 -2
- package/dist/token/token-manager.d.ts.map +1 -1
- package/dist/token/token-manager.js +10 -37
- package/dist/token/token-manager.js.map +1 -1
- package/dist/token/types.d.ts +10 -10
- package/package.json +2 -3
- package/src/account/account.ts +11 -7
- package/src/assets/app/backend-data.ts +9 -2
- package/src/assets/app/components/accept-form.tsx +65 -51
- package/src/assets/app/components/client-name.tsx +24 -16
- package/src/assets/app/components/url-viewer.tsx +3 -3
- package/src/assets/app/views/accept-view.tsx +7 -4
- package/src/assets/app/views/authorize-view.tsx +2 -1
- package/src/assets/assets-middleware.ts +14 -2
- package/src/client/client-manager.ts +78 -60
- package/src/client/client.ts +1 -4
- package/src/constants.ts +3 -0
- package/src/device/device-manager.ts +7 -1
- package/src/errors/invalid-authorization-details-error.ts +9 -4
- package/src/lib/http/request.ts +61 -15
- package/src/metadata/build-metadata.ts +9 -42
- package/src/oauth-hooks.ts +3 -13
- package/src/oauth-provider.ts +181 -159
- package/src/oauth-verifier.ts +1 -2
- package/src/output/build-authorize-data.ts +8 -0
- package/src/replay/replay-manager.ts +9 -0
- package/src/replay/replay-store.ts +1 -1
- package/src/request/request-info.ts +2 -0
- package/src/request/request-manager.ts +81 -107
- package/src/signer/signer.ts +0 -63
- package/src/token/token-manager.ts +8 -41
- package/dist/oidc/claims.d.ts +0 -16
- package/dist/oidc/claims.d.ts.map +0 -1
- package/dist/oidc/claims.js +0 -29
- package/dist/oidc/claims.js.map +0 -1
- package/dist/oidc/userinfo.d.ts +0 -7
- package/dist/oidc/userinfo.d.ts.map +0 -1
- package/dist/oidc/userinfo.js +0 -3
- package/dist/oidc/userinfo.js.map +0 -1
- package/dist/parameters/claims-requested.d.ts +0 -3
- package/dist/parameters/claims-requested.d.ts.map +0 -1
- package/dist/parameters/claims-requested.js +0 -77
- package/dist/parameters/claims-requested.js.map +0 -1
- package/dist/parameters/oidc-payload.d.ts +0 -31
- package/dist/parameters/oidc-payload.d.ts.map +0 -1
- package/dist/parameters/oidc-payload.js +0 -25
- package/dist/parameters/oidc-payload.js.map +0 -1
- package/src/assets/app/components/client-identifier.tsx +0 -31
- package/src/oidc/claims.ts +0 -35
- package/src/oidc/userinfo.ts +0 -11
- package/src/parameters/claims-requested.ts +0 -106
- package/src/parameters/oidc-payload.ts +0 -28
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-verifier.js","sourceRoot":"","sources":["../src/oauth-verifier.ts"],"names":[],"mappings":";;;AAAA,sCAAuD;
|
|
1
|
+
{"version":3,"file":"oauth-verifier.js","sourceRoot":"","sources":["../src/oauth-verifier.ts"],"names":[],"mappings":";;;AAAA,sCAAuD;AAyErD,uFAzEY,YAAM,OAyEZ;AAxER,sDAI6B;AAG7B,8EAAqE;AA+DnE,gGA/DO,sCAAe,OA+DP;AA9DjB,4DAAwE;AACxE,wDAAgD;AA8D9C,0FA9DO,yBAAS,OA8DP;AA7DX,sFAA4E;AAC5E,4EAAmE;AACnE,8EAAoE;AACpE,kFAAyE;AACzE,gFAA6E;AAE7E,kEAA0D;AAC1D,4EAAmE;AACnE,0EAAiE;AAEjE,kDAA2C;AAC3C,2EAIuC;AAoDvC,MAAa,aAAa;IACR,MAAM,CAAQ;IACd,MAAM,CAAQ;IAEX,eAAe,CAAiB;IAChC,WAAW,CAAa;IACxB,aAAa,CAAe;IAC5B,MAAM,CAAQ;IAEjC,YAAY,EACV,KAAK,EACL,MAAM,EACN,MAAM,EACN,WAAW,GAAG,KAAK,IAAI,IAAI;QACzB,CAAC,CAAC,IAAI,wCAAgB,CAAC,EAAE,KAAK,EAAE,CAAC;QACjC,CAAC,CAAC,IAAI,0CAAiB,EAAE,EAC3B,eAAe,GAAG,sCAAe,CAAC,GAAG,EAErC,GAAG,cAAc,EACI;QACrB,MAAM,YAAY,GAAG,yCAA2B,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;QAC9D,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,CAAA;QAEvC,oCAAoC;QACpC,IAAI,SAAS,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;YAC/B,MAAM,IAAI,SAAS,CACjB,yDAAyD,SAAS,GAAG,CACtE,CAAA;QACH,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,YAAY,CAAA;QAC1B,IAAI,CAAC,MAAM,GAAG,MAAM,YAAY,YAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,YAAM,CAAC,MAAM,CAAC,CAAA;QAEpE,IAAI,CAAC,eAAe,GAAG,eAAe,CAAA;QACtC,IAAI,CAAC,WAAW,GAAG,IAAI,6BAAW,CAAC,cAAc,CAAC,CAAA;QAClD,IAAI,CAAC,aAAa,GAAG,IAAI,iCAAa,CAAC,WAAW,CAAC,CAAA;QACnD,IAAI,CAAC,MAAM,GAAG,IAAI,kBAAM,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,CAAA;IACpD,CAAC;IAEM,aAAa;QAClB,OAAO,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,CAAA;IACrC,CAAC;IAEM,KAAK,CAAC,cAAc,CACzB,KAAc,EACd,GAAW,EACX,GAAiB,EACjB,WAAoB;QAEpB,IAAI,KAAK,KAAK,SAAS;YAAE,OAAO,IAAI,CAAA;QAEpC,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CACxD,KAAK,EACL,GAAG,EACH,GAAG,EACH,WAAW,CACZ,CAAA;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAC/D,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,mDAAqB,CAAC,8BAA8B,CAAC,CAAA;QAE5E,OAAO,GAAG,CAAA;IACZ,CAAC;IAES,sBAAsB,CAC9B,SAAyB,EACzB,eAAgC;QAEhC,IACE,IAAI,CAAC,eAAe,KAAK,sCAAe,CAAC,IAAI;YAC7C,IAAI,CAAC,eAAe,KAAK,eAAe,EACxC,CAAC;YACD,MAAM,IAAI,0CAAiB,CAAC,SAAS,EAAE,oBAAoB,CAAC,CAAA;QAC9D,CAAC;IACH,CAAC;IAES,KAAK,CAAC,iBAAiB,CAC/B,SAAyB,EACzB,KAAkB,EAClB,OAAsB,EACtB,aAAwC;QAExC,IAAI,CAAC,IAAA,iBAAW,EAAC,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,0CAAiB,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAA;QAC3D,CAAC;QAED,IAAI,CAAC,sBAAsB,CAAC,SAAS,EAAE,sCAAe,CAAC,GAAG,CAAC,CAAA;QAE3D,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM;aAClC,iBAAiB,CAAC,KAAK,CAAC;aACxB,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACb,MAAM,0CAAiB,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;QAC9C,CAAC,CAAC,CAAA;QAEJ,OAAO,IAAA,0CAAiB,EACtB,KAAK,EACL,OAAO,CAAC,GAAG,EACX,SAAS,EACT,OAAO,EACP,OAAO,EACP,aAAa,CACd,CAAA;IACH,CAAC;IAEM,KAAK,CAAC,mBAAmB,CAC9B,MAAc,EACd,GAAQ,EACR,OAGC,EACD,aAAwC;QAExC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,GAAG,IAAA,kDAAwB,EAAC,OAAO,CAAC,aAAa,CAAC,CAAA;QAC1E,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CACvC,OAAO,CAAC,IAAI,EACZ,MAAM,EACN,GAAG,EACH,KAAK,CACN,CAAA;YAED,IAAI,SAAS,KAAK,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;gBACrC,MAAM,IAAI,mDAAqB,CAAC,qBAAqB,CAAC,CAAA;YACxD,CAAC;YAED,OAAO,MAAM,IAAI,CAAC,iBAAiB,CACjC,SAAS,EACT,KAAK,EACL,OAAO,EACP,aAAa,CACd,CAAA;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,2CAAiB;gBAAE,MAAM,GAAG,CAAC,sBAAsB,EAAE,CAAA;YACxE,IAAI,GAAG,YAAY,gDAAoB;gBAAE,MAAM,GAAG,CAAA;YAElD,MAAM,0CAAiB,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;QAC9C,CAAC;IACH,CAAC;CACF;AA3ID,sCA2IC"}
|
|
@@ -3,12 +3,17 @@ import { DeviceAccountInfo } from '../account/account-store.js';
|
|
|
3
3
|
import { Account } from '../account/account.js';
|
|
4
4
|
import { Client } from '../client/client.js';
|
|
5
5
|
import { RequestUri } from '../request/request-uri.js';
|
|
6
|
+
export type ScopeDetail = {
|
|
7
|
+
scope: string;
|
|
8
|
+
description?: string;
|
|
9
|
+
};
|
|
6
10
|
export type AuthorizationResultAuthorize = {
|
|
7
11
|
issuer: string;
|
|
8
12
|
client: Client;
|
|
9
13
|
parameters: OAuthAuthenticationRequestParameters;
|
|
10
14
|
authorize: {
|
|
11
15
|
uri: RequestUri;
|
|
16
|
+
scopeDetails?: ScopeDetail[];
|
|
12
17
|
sessions: readonly {
|
|
13
18
|
account: Account;
|
|
14
19
|
info: DeviceAccountInfo;
|
|
@@ -32,6 +37,7 @@ export type AuthorizeData = {
|
|
|
32
37
|
requestUri: string;
|
|
33
38
|
csrfCookie: string;
|
|
34
39
|
loginHint?: string;
|
|
40
|
+
scopeDetails?: ScopeDetail[];
|
|
35
41
|
newSessionsRequireConsent: boolean;
|
|
36
42
|
sessions: Session[];
|
|
37
43
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"build-authorize-data.d.ts","sourceRoot":"","sources":["../../src/output/build-authorize-data.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oCAAoC,EACpC,mBAAmB,EACpB,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAA;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAA;AAEtD,MAAM,MAAM,4BAA4B,GAAG;IACzC,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,UAAU,EAAE,oCAAoC,CAAA;IAChD,SAAS,EAAE;QACT,GAAG,EAAE,UAAU,CAAA;QACf,QAAQ,EAAE,SAAS;YACjB,OAAO,EAAE,OAAO,CAAA;YAChB,IAAI,EAAE,iBAAiB,CAAA;YAEvB,QAAQ,EAAE,OAAO,CAAA;YACjB,aAAa,EAAE,OAAO,CAAA;YACtB,eAAe,EAAE,OAAO,CAAA;SACzB,EAAE,CAAA;KACJ,CAAA;CACF,CAAA;AAKD,KAAK,OAAO,GAAG;IACb,OAAO,EAAE,OAAO,CAAA;IAChB,IAAI,CAAC,EAAE,KAAK,CAAA;IAEZ,QAAQ,EAAE,OAAO,CAAA;IACjB,aAAa,EAAE,OAAO,CAAA;IACtB,eAAe,EAAE,OAAO,CAAA;CACzB,CAAA;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,QAAQ,EAAE,MAAM,CAAA;IAChB,cAAc,EAAE,mBAAmB,CAAA;IACnC,aAAa,EAAE,OAAO,CAAA;IACtB,UAAU,EAAE,MAAM,CAAA;IAClB,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,yBAAyB,EAAE,OAAO,CAAA;IAClC,QAAQ,EAAE,OAAO,EAAE,CAAA;CACpB,CAAA;AAED,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,4BAA4B,GACjC,aAAa,
|
|
1
|
+
{"version":3,"file":"build-authorize-data.d.ts","sourceRoot":"","sources":["../../src/output/build-authorize-data.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oCAAoC,EACpC,mBAAmB,EACpB,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAA;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAA;AAEtD,MAAM,MAAM,WAAW,GAAG;IACxB,KAAK,EAAE,MAAM,CAAA;IACb,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB,CAAA;AAED,MAAM,MAAM,4BAA4B,GAAG;IACzC,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,UAAU,EAAE,oCAAoC,CAAA;IAChD,SAAS,EAAE;QACT,GAAG,EAAE,UAAU,CAAA;QACf,YAAY,CAAC,EAAE,WAAW,EAAE,CAAA;QAC5B,QAAQ,EAAE,SAAS;YACjB,OAAO,EAAE,OAAO,CAAA;YAChB,IAAI,EAAE,iBAAiB,CAAA;YAEvB,QAAQ,EAAE,OAAO,CAAA;YACjB,aAAa,EAAE,OAAO,CAAA;YACtB,eAAe,EAAE,OAAO,CAAA;SACzB,EAAE,CAAA;KACJ,CAAA;CACF,CAAA;AAKD,KAAK,OAAO,GAAG;IACb,OAAO,EAAE,OAAO,CAAA;IAChB,IAAI,CAAC,EAAE,KAAK,CAAA;IAEZ,QAAQ,EAAE,OAAO,CAAA;IACjB,aAAa,EAAE,OAAO,CAAA;IACtB,eAAe,EAAE,OAAO,CAAA;CACzB,CAAA;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,QAAQ,EAAE,MAAM,CAAA;IAChB,cAAc,EAAE,mBAAmB,CAAA;IACnC,aAAa,EAAE,OAAO,CAAA;IACtB,UAAU,EAAE,MAAM,CAAA;IAClB,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,YAAY,CAAC,EAAE,WAAW,EAAE,CAAA;IAC5B,yBAAyB,EAAE,OAAO,CAAA;IAClC,QAAQ,EAAE,OAAO,EAAE,CAAA;CACpB,CAAA;AAED,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,4BAA4B,GACjC,aAAa,CAmBf"}
|
|
@@ -10,6 +10,7 @@ function buildAuthorizeData(data) {
|
|
|
10
10
|
csrfCookie: `csrf-${data.authorize.uri}`,
|
|
11
11
|
loginHint: data.parameters.login_hint,
|
|
12
12
|
newSessionsRequireConsent: data.parameters.prompt === 'consent',
|
|
13
|
+
scopeDetails: data.authorize.scopeDetails,
|
|
13
14
|
sessions: data.authorize.sessions.map((session) => ({
|
|
14
15
|
account: session.account,
|
|
15
16
|
selected: session.selected,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"build-authorize-data.js","sourceRoot":"","sources":["../../src/output/build-authorize-data.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"build-authorize-data.js","sourceRoot":"","sources":["../../src/output/build-authorize-data.ts"],"names":[],"mappings":";;;AAyDA,SAAgB,kBAAkB,CAChC,IAAkC;IAElC,OAAO;QACL,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE;QACxB,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;QACpC,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS;QACzC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG;QAC9B,UAAU,EAAE,QAAQ,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE;QACxC,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,UAAU;QACrC,yBAAyB,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,KAAK,SAAS;QAC/D,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,YAAY;QACzC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,CACnC,CAAC,OAAO,EAAW,EAAE,CAAC,CAAC;YACrB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,aAAa,EAAE,OAAO,CAAC,aAAa;YACpC,eAAe,EAAE,OAAO,CAAC,eAAe;SACzC,CAAC,CACH;KACF,CAAA;AACH,CAAC;AArBD,gDAqBC"}
|
|
@@ -6,5 +6,6 @@ export declare class ReplayManager {
|
|
|
6
6
|
uniqueAuth(jti: string, clientId: ClientId): Promise<boolean>;
|
|
7
7
|
uniqueJar(jti: string, clientId: ClientId): Promise<boolean>;
|
|
8
8
|
uniqueDpop(jti: string, clientId?: ClientId): Promise<boolean>;
|
|
9
|
+
uniqueCodeChallenge(challenge: string): Promise<boolean>;
|
|
9
10
|
}
|
|
10
11
|
//# sourceMappingURL=replay-manager.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"replay-manager.d.ts","sourceRoot":"","sources":["../../src/replay/replay-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;
|
|
1
|
+
{"version":3,"file":"replay-manager.d.ts","sourceRoot":"","sources":["../../src/replay/replay-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AAOjD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAK/C,qBAAa,aAAa;IACZ,SAAS,CAAC,QAAQ,CAAC,WAAW,EAAE,WAAW;gBAAxB,WAAW,EAAE,WAAW;IAEjD,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC;IAQ7D,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC;IAQ5D,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC;IAQ9D,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAO/D"}
|
|
@@ -18,6 +18,9 @@ class ReplayManager {
|
|
|
18
18
|
async uniqueDpop(jti, clientId) {
|
|
19
19
|
return this.replayStore.unique(clientId ? `DPoP@${clientId}` : `DPoP`, jti, asTimeFrame(constants_js_1.DPOP_NONCE_MAX_AGE));
|
|
20
20
|
}
|
|
21
|
+
async uniqueCodeChallenge(challenge) {
|
|
22
|
+
return this.replayStore.unique('CodeChallenge', challenge, asTimeFrame(constants_js_1.CODE_CHALLENGE_REPLAY_TIMEFRAME));
|
|
23
|
+
}
|
|
21
24
|
}
|
|
22
25
|
exports.ReplayManager = ReplayManager;
|
|
23
26
|
//# sourceMappingURL=replay-manager.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"replay-manager.js","sourceRoot":"","sources":["../../src/replay/replay-manager.ts"],"names":[],"mappings":";;;AACA,
|
|
1
|
+
{"version":3,"file":"replay-manager.js","sourceRoot":"","sources":["../../src/replay/replay-manager.ts"],"names":[],"mappings":";;;AACA,kDAKwB;AAGxB,MAAM,cAAc,GAAG,GAAG,CAAA,CAAC,8BAA8B;AACzD,MAAM,WAAW,GAAG,CAAC,SAAiB,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,cAAc,CAAC,CAAA;AAEhF,MAAa,aAAa;IACO;IAA/B,YAA+B,WAAwB;QAAxB,gBAAW,GAAX,WAAW,CAAa;IAAG,CAAC;IAE3D,KAAK,CAAC,UAAU,CAAC,GAAW,EAAE,QAAkB;QAC9C,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,CAC5B,QAAQ,QAAQ,EAAE,EAClB,GAAG,EACH,WAAW,CAAC,uCAAwB,CAAC,CACtC,CAAA;IACH,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,GAAW,EAAE,QAAkB;QAC7C,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,CAC5B,OAAO,QAAQ,EAAE,EACjB,GAAG,EACH,WAAW,CAAC,0BAAW,CAAC,CACzB,CAAA;IACH,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,GAAW,EAAE,QAAmB;QAC/C,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,CAC5B,QAAQ,CAAC,CAAC,CAAC,QAAQ,QAAQ,EAAE,CAAC,CAAC,CAAC,MAAM,EACtC,GAAG,EACH,WAAW,CAAC,iCAAkB,CAAC,CAChC,CAAA;IACH,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,SAAiB;QACzC,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,CAC5B,eAAe,EACf,SAAS,EACT,WAAW,CAAC,8CAA+B,CAAC,CAC7C,CAAA;IACH,CAAC;CACF;AAlCD,sCAkCC"}
|
|
@@ -6,7 +6,7 @@ export interface ReplayStore {
|
|
|
6
6
|
* strictly necessary for security purposes, the namespace should be used to
|
|
7
7
|
* mitigate denial of service attacks from one client to the other.
|
|
8
8
|
*
|
|
9
|
-
* @param timeFrame expressed in milliseconds.
|
|
9
|
+
* @param timeFrame expressed in milliseconds.
|
|
10
10
|
*/
|
|
11
11
|
unique(namespace: string, nonce: string, timeFrame: number): Awaitable<boolean>;
|
|
12
12
|
}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { OAuthAuthenticationRequestParameters } from '@atproto/oauth-types';
|
|
2
|
+
import { ClientId } from '../client/client-id.js';
|
|
2
3
|
import { ClientAuth } from '../client/client-auth.js';
|
|
3
4
|
import { RequestId } from './request-id.js';
|
|
4
5
|
import { RequestUri } from './request-uri.js';
|
|
@@ -7,6 +8,7 @@ export type RequestInfo = {
|
|
|
7
8
|
uri: RequestUri;
|
|
8
9
|
parameters: Readonly<OAuthAuthenticationRequestParameters>;
|
|
9
10
|
expiresAt: Date;
|
|
11
|
+
clientId: ClientId;
|
|
10
12
|
clientAuth: ClientAuth;
|
|
11
13
|
};
|
|
12
14
|
//# sourceMappingURL=request-info.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request-info.d.ts","sourceRoot":"","sources":["../../src/request/request-info.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oCAAoC,EAAE,MAAM,sBAAsB,CAAA;AAC3E,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C,MAAM,MAAM,WAAW,GAAG;IACxB,EAAE,EAAE,SAAS,CAAA;IACb,GAAG,EAAE,UAAU,CAAA;IACf,UAAU,EAAE,QAAQ,CAAC,oCAAoC,CAAC,CAAA;IAC1D,SAAS,EAAE,IAAI,CAAA;IACf,UAAU,EAAE,UAAU,CAAA;CACvB,CAAA"}
|
|
1
|
+
{"version":3,"file":"request-info.d.ts","sourceRoot":"","sources":["../../src/request/request-info.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oCAAoC,EAAE,MAAM,sBAAsB,CAAA;AAC3E,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C,MAAM,MAAM,WAAW,GAAG;IACxB,EAAE,EAAE,SAAS,CAAA;IACb,GAAG,EAAE,UAAU,CAAA;IACf,UAAU,EAAE,QAAQ,CAAC,oCAAoC,CAAC,CAAA;IAC1D,SAAS,EAAE,IAAI,CAAA;IACf,QAAQ,EAAE,QAAQ,CAAA;IAClB,UAAU,EAAE,UAAU,CAAA;CACvB,CAAA"}
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import { OAuthAuthenticationRequestParameters, OAuthAuthorizationServerMetadata } from '@atproto/oauth-types';
|
|
2
|
-
import { DeviceAccountInfo } from '../account/account-store.js';
|
|
3
2
|
import { Account } from '../account/account.js';
|
|
4
3
|
import { ClientAuth } from '../client/client-auth.js';
|
|
5
4
|
import { ClientId } from '../client/client-id.js';
|
|
@@ -17,19 +16,14 @@ export declare class RequestManager {
|
|
|
17
16
|
protected readonly signer: Signer;
|
|
18
17
|
protected readonly metadata: OAuthAuthorizationServerMetadata;
|
|
19
18
|
protected readonly hooks: OAuthHooks;
|
|
20
|
-
protected readonly pkceRequired: boolean;
|
|
21
19
|
protected readonly tokenMaxAge: number;
|
|
22
|
-
constructor(store: RequestStore, signer: Signer, metadata: OAuthAuthorizationServerMetadata, hooks: OAuthHooks,
|
|
20
|
+
constructor(store: RequestStore, signer: Signer, metadata: OAuthAuthorizationServerMetadata, hooks: OAuthHooks, tokenMaxAge?: number);
|
|
23
21
|
protected createTokenExpiry(): Date;
|
|
24
22
|
createAuthorizationRequest(client: Client, clientAuth: ClientAuth, input: Readonly<OAuthAuthenticationRequestParameters>, deviceId: null | DeviceId, dpopJkt: null | string): Promise<RequestInfo>;
|
|
25
23
|
protected create(client: Client, clientAuth: ClientAuth, parameters: Readonly<OAuthAuthenticationRequestParameters>, deviceId?: null | DeviceId): Promise<RequestInfo>;
|
|
26
|
-
validate(client: Client, clientAuth: ClientAuth, parameters: Readonly<OAuthAuthenticationRequestParameters>, dpopJkt: null | string
|
|
24
|
+
validate(client: Client, clientAuth: ClientAuth, parameters: Readonly<OAuthAuthenticationRequestParameters>, dpopJkt: null | string): Promise<Readonly<OAuthAuthenticationRequestParameters>>;
|
|
27
25
|
get(uri: RequestUri, clientId: ClientId, deviceId: DeviceId): Promise<RequestInfo>;
|
|
28
|
-
setAuthorized(client: Client, uri: RequestUri, deviceId: DeviceId, account: Account
|
|
29
|
-
code?: Code;
|
|
30
|
-
token?: string;
|
|
31
|
-
id_token?: string;
|
|
32
|
-
}>;
|
|
26
|
+
setAuthorized(client: Client, uri: RequestUri, deviceId: DeviceId, account: Account): Promise<Code>;
|
|
33
27
|
/**
|
|
34
28
|
* @note If this method throws an error, any token previously generated from
|
|
35
29
|
* the same `code` **must** me revoked.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request-manager.d.ts","sourceRoot":"","sources":["../../src/request/request-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,oCAAoC,EACpC,gCAAgC,EACjC,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"request-manager.d.ts","sourceRoot":"","sources":["../../src/request/request-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,oCAAoC,EACpC,gCAAgC,EACjC,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AACjD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAM5C,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AAQjD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAC5C,OAAO,EAAE,IAAI,EAAgB,MAAM,WAAW,CAAA;AAC9C,OAAO,EAEL,qBAAqB,EACtB,MAAM,mBAAmB,CAAA;AAE1B,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAC/C,OAAO,EAAE,YAAY,EAAqB,MAAM,oBAAoB,CAAA;AACpE,OAAO,EAGL,UAAU,EACX,MAAM,kBAAkB,CAAA;AAEzB,qBAAa,cAAc;IAEvB,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,YAAY;IACtC,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM;IACjC,SAAS,CAAC,QAAQ,CAAC,QAAQ,EAAE,gCAAgC;IAC7D,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,UAAU;IACpC,SAAS,CAAC,QAAQ,CAAC,WAAW;gBAJX,KAAK,EAAE,YAAY,EACnB,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,gCAAgC,EAC1C,KAAK,EAAE,UAAU,EACjB,WAAW,SAAgB;IAGhD,SAAS,CAAC,iBAAiB;IAIrB,0BAA0B,CAC9B,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,QAAQ,CAAC,oCAAoC,CAAC,EACrD,QAAQ,EAAE,IAAI,GAAG,QAAQ,EACzB,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,WAAW,CAAC;cAKP,MAAM,CACpB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,UAAU,EAAE,QAAQ,CAAC,oCAAoC,CAAC,EAC1D,QAAQ,GAAE,IAAI,GAAG,QAAe,GAC/B,OAAO,CAAC,WAAW,CAAC;IAkBjB,QAAQ,CACZ,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,UAAU,EAAE,QAAQ,CAAC,oCAAoC,CAAC,EAC1D,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,QAAQ,CAAC,oCAAoC,CAAC,CAAC;IA8LpD,GAAG,CACP,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,EAClB,QAAQ,EAAE,QAAQ,GACjB,OAAO,CAAC,WAAW,CAAC;IA4DjB,aAAa,CACjB,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,EAClB,OAAO,EAAE,OAAO,GACf,OAAO,CAAC,IAAI,CAAC;IA+ChB;;;OAGG;IACU,QAAQ,CACnB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,IAAI,EAAE,IAAI,GACT,OAAO,CAAC,qBAAqB,CAAC;IA2C3B,MAAM,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;CAI7C"}
|
|
@@ -5,11 +5,11 @@ const oauth_types_1 = require("@atproto/oauth-types");
|
|
|
5
5
|
const constants_js_1 = require("../constants.js");
|
|
6
6
|
const access_denied_error_js_1 = require("../errors/access-denied-error.js");
|
|
7
7
|
const consent_required_error_js_1 = require("../errors/consent-required-error.js");
|
|
8
|
+
const invalid_authorization_details_error_js_1 = require("../errors/invalid-authorization-details-error.js");
|
|
8
9
|
const invalid_grant_error_js_1 = require("../errors/invalid-grant-error.js");
|
|
9
10
|
const invalid_parameters_error_js_1 = require("../errors/invalid-parameters-error.js");
|
|
10
11
|
const invalid_request_error_js_1 = require("../errors/invalid-request-error.js");
|
|
11
12
|
const redirect_uri_js_1 = require("../lib/util/redirect-uri.js");
|
|
12
|
-
const claims_js_1 = require("../oidc/claims.js");
|
|
13
13
|
const code_js_1 = require("./code.js");
|
|
14
14
|
const request_data_js_1 = require("./request-data.js");
|
|
15
15
|
const request_id_js_1 = require("./request-id.js");
|
|
@@ -19,14 +19,12 @@ class RequestManager {
|
|
|
19
19
|
signer;
|
|
20
20
|
metadata;
|
|
21
21
|
hooks;
|
|
22
|
-
pkceRequired;
|
|
23
22
|
tokenMaxAge;
|
|
24
|
-
constructor(store, signer, metadata, hooks,
|
|
23
|
+
constructor(store, signer, metadata, hooks, tokenMaxAge = constants_js_1.TOKEN_MAX_AGE) {
|
|
25
24
|
this.store = store;
|
|
26
25
|
this.signer = signer;
|
|
27
26
|
this.metadata = metadata;
|
|
28
27
|
this.hooks = hooks;
|
|
29
|
-
this.pkceRequired = pkceRequired;
|
|
30
28
|
this.tokenMaxAge = tokenMaxAge;
|
|
31
29
|
}
|
|
32
30
|
createTokenExpiry() {
|
|
@@ -49,9 +47,22 @@ class RequestManager {
|
|
|
49
47
|
code: null,
|
|
50
48
|
});
|
|
51
49
|
const uri = (0, request_uri_js_1.encodeRequestUri)(id);
|
|
52
|
-
return { id, uri, expiresAt, parameters, clientAuth };
|
|
50
|
+
return { id, uri, expiresAt, parameters, clientId: client.id, clientAuth };
|
|
53
51
|
}
|
|
54
|
-
async validate(client, clientAuth, parameters, dpopJkt
|
|
52
|
+
async validate(client, clientAuth, parameters, dpopJkt) {
|
|
53
|
+
for (const k of [
|
|
54
|
+
// Known unsupported OIDC parameters
|
|
55
|
+
'claims',
|
|
56
|
+
'id_token_hint',
|
|
57
|
+
'nonce', // note that OIDC "nonce" is redundant with PKCE
|
|
58
|
+
]) {
|
|
59
|
+
if (parameters[k]) {
|
|
60
|
+
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Unsupported "${k}" parameter`);
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
if (parameters.response_type !== 'code') {
|
|
64
|
+
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'Only "code" response type is allowed');
|
|
65
|
+
}
|
|
55
66
|
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-10#section-1.4.1
|
|
56
67
|
// > The authorization server MAY fully or partially ignore the scope
|
|
57
68
|
// > requested by the client, based on the authorization server policy or
|
|
@@ -59,36 +70,39 @@ class RequestManager {
|
|
|
59
70
|
// > different from the one requested by the client, the authorization
|
|
60
71
|
// > server MUST include the scope response parameter in the token response
|
|
61
72
|
// > (Section 3.2.3) to inform the client of the actual scope granted.
|
|
62
|
-
const cScopes = client.metadata.scope?.split(' ');
|
|
73
|
+
const cScopes = client.metadata.scope?.split(' ').filter(Boolean);
|
|
63
74
|
const sScopes = this.metadata.scopes_supported;
|
|
64
|
-
const scopes = (parameters.scope ||
|
|
65
|
-
|
|
66
|
-
.
|
|
75
|
+
const scopes = new Set(parameters.scope?.split(' ').filter(Boolean) || cScopes);
|
|
76
|
+
if (scopes.has('openid')) {
|
|
77
|
+
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'OpenID Connect is not supported');
|
|
78
|
+
}
|
|
79
|
+
if (!scopes.has('atproto')) {
|
|
80
|
+
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'The "atproto" scope is required');
|
|
81
|
+
}
|
|
67
82
|
for (const scope of scopes) {
|
|
68
|
-
|
|
83
|
+
// Loopback clients do not define any scope in their metadata
|
|
84
|
+
if (cScopes && !cScopes.includes(scope)) {
|
|
69
85
|
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Scope "${scope}" is not registered for this client`);
|
|
70
86
|
}
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
for
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
if (!scopes?.includes(scope)) {
|
|
77
|
-
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Essential ${claim} claim requires "${scope}" scope`);
|
|
78
|
-
}
|
|
79
|
-
}
|
|
87
|
+
// Currently, the implementation requires all the scopes to be statically
|
|
88
|
+
// defined in the server metadata. In the future, we might add support
|
|
89
|
+
// for dynamic scopes.
|
|
90
|
+
if (!sScopes?.includes(scope)) {
|
|
91
|
+
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Scope "${scope}" is not supported by this server`);
|
|
80
92
|
}
|
|
81
93
|
}
|
|
82
|
-
parameters = { ...parameters, scope: scopes.join(' ') };
|
|
83
|
-
const responseTypes = parameters.response_type.split(' ');
|
|
94
|
+
parameters = { ...parameters, scope: [...scopes].join(' ') || undefined };
|
|
84
95
|
if (parameters.authorization_details) {
|
|
85
96
|
const clientAuthDetailsTypes = client.metadata.authorization_details_types;
|
|
86
97
|
if (!clientAuthDetailsTypes) {
|
|
87
|
-
throw new
|
|
98
|
+
throw new invalid_authorization_details_error_js_1.InvalidAuthorizationDetailsError(parameters, 'Client Metadata does not declare any "authorization_details"');
|
|
88
99
|
}
|
|
89
100
|
for (const detail of parameters.authorization_details) {
|
|
101
|
+
if (!this.metadata.authorization_details_types_supported?.includes(detail.type)) {
|
|
102
|
+
throw new invalid_authorization_details_error_js_1.InvalidAuthorizationDetailsError(parameters, `Unsupported "authorization_details" type "${detail.type}"`);
|
|
103
|
+
}
|
|
90
104
|
if (!clientAuthDetailsTypes?.includes(detail.type)) {
|
|
91
|
-
throw new
|
|
105
|
+
throw new invalid_authorization_details_error_js_1.InvalidAuthorizationDetailsError(parameters, `Client Metadata does not declare any "authorization_details" of type "${detail.type}"`);
|
|
92
106
|
}
|
|
93
107
|
}
|
|
94
108
|
}
|
|
@@ -113,11 +127,9 @@ class RequestManager {
|
|
|
113
127
|
if (!client.metadata.response_types.includes(parameters.response_type)) {
|
|
114
128
|
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Unsupported response_type "${parameters.response_type}"`, 'unsupported_response_type');
|
|
115
129
|
}
|
|
116
|
-
if (pkceRequired && responseTypes.includes('token')) {
|
|
117
|
-
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Response type "${parameters.response_type}" is incompatible with PKCE`, 'unsupported_response_type');
|
|
118
|
-
}
|
|
119
130
|
// https://datatracker.ietf.org/doc/html/rfc7636#section-4.4.1
|
|
120
|
-
|
|
131
|
+
// PKCE is mandatory
|
|
132
|
+
if (!parameters.code_challenge) {
|
|
121
133
|
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'code_challenge is required');
|
|
122
134
|
}
|
|
123
135
|
if (parameters.code_challenge &&
|
|
@@ -129,39 +141,13 @@ class RequestManager {
|
|
|
129
141
|
if (parameters.code_challenge_method && !parameters.code_challenge) {
|
|
130
142
|
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'code_challenge_method requires code_challenge');
|
|
131
143
|
}
|
|
132
|
-
//
|
|
133
|
-
//
|
|
134
|
-
//
|
|
135
|
-
//
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
// > the ID Token. Sufficient entropy MUST be present in the nonce values
|
|
140
|
-
// > used to prevent attackers from guessing values. For implementation
|
|
141
|
-
// > notes, see Section 15.5.2.
|
|
142
|
-
if (responseTypes.includes('id_token') && !parameters.nonce) {
|
|
143
|
-
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'nonce is required for implicit and hybrid flows');
|
|
144
|
-
}
|
|
145
|
-
// Make "expensive" checks after the "cheaper" checks
|
|
146
|
-
if (parameters.id_token_hint != null) {
|
|
147
|
-
const { payload } = await this.signer.verify(parameters.id_token_hint, {
|
|
148
|
-
// these are meant to be outdated when used as a hint
|
|
149
|
-
clockTolerance: Infinity,
|
|
150
|
-
});
|
|
151
|
-
if (!payload.sub) {
|
|
152
|
-
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, `Unexpected empty id_token_hint "sub"`);
|
|
153
|
-
}
|
|
154
|
-
else if (parameters.login_hint == null) {
|
|
155
|
-
parameters = { ...parameters, login_hint: payload.sub };
|
|
156
|
-
}
|
|
157
|
-
else if (parameters.login_hint !== payload.sub) {
|
|
158
|
-
throw new invalid_parameters_error_js_1.InvalidParametersError(parameters, 'login_hint does not match "sub" of id_token_hint');
|
|
159
|
-
}
|
|
160
|
-
}
|
|
161
|
-
// ATPROTO extension: if the client is not trusted, force users to consent
|
|
162
|
-
// to authorization requests. We do this to avoid unauthenticated clients
|
|
163
|
-
// from being able to silently re-authenticate users.
|
|
164
|
-
if (clientAuth.method === 'none' && !client.info.isFirstParty) {
|
|
144
|
+
// ATPROTO extension: if the client is not trusted, and not authenticated,
|
|
145
|
+
// force users to consent to authorization requests. We do this to avoid
|
|
146
|
+
// unauthenticated clients from being able to silently re-authenticate
|
|
147
|
+
// users.
|
|
148
|
+
if (!client.info.isTrusted &&
|
|
149
|
+
!client.info.isFirstParty &&
|
|
150
|
+
clientAuth.method === 'none') {
|
|
165
151
|
if (parameters.prompt === 'none') {
|
|
166
152
|
throw new consent_required_error_js_1.ConsentRequiredError(parameters, 'Public clients are not allowed to use silent-sign-on');
|
|
167
153
|
}
|
|
@@ -210,10 +196,11 @@ class RequestManager {
|
|
|
210
196
|
uri,
|
|
211
197
|
expiresAt: updates.expiresAt || data.expiresAt,
|
|
212
198
|
parameters: data.parameters,
|
|
199
|
+
clientId: data.clientId,
|
|
213
200
|
clientAuth: data.clientAuth,
|
|
214
201
|
};
|
|
215
202
|
}
|
|
216
|
-
async setAuthorized(client, uri, deviceId, account
|
|
203
|
+
async setAuthorized(client, uri, deviceId, account) {
|
|
217
204
|
const id = (0, request_uri_js_1.decodeRequestUri)(uri);
|
|
218
205
|
const data = await this.store.readRequest(id);
|
|
219
206
|
if (!data)
|
|
@@ -231,13 +218,8 @@ class RequestManager {
|
|
|
231
218
|
if (data.sub || data.code) {
|
|
232
219
|
throw new access_denied_error_js_1.AccessDeniedError(data.parameters, 'This request was already authorized');
|
|
233
220
|
}
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
throw new access_denied_error_js_1.AccessDeniedError(data.parameters, 'Implicit "token" forbidden (use "code" with PKCE instead)');
|
|
237
|
-
}
|
|
238
|
-
const code = responseType.includes('code')
|
|
239
|
-
? await (0, code_js_1.generateCode)()
|
|
240
|
-
: undefined;
|
|
221
|
+
// Only response_type=code is supported
|
|
222
|
+
const code = await (0, code_js_1.generateCode)();
|
|
241
223
|
// Bind the request to the account, preventing it from being used again.
|
|
242
224
|
await this.store.updateRequest(id, {
|
|
243
225
|
sub: account.sub,
|
|
@@ -245,14 +227,7 @@ class RequestManager {
|
|
|
245
227
|
// Allow the client to exchange the code for a token within the next 60 seconds.
|
|
246
228
|
expiresAt: new Date(Date.now() + constants_js_1.AUTHORIZATION_INACTIVITY_TIMEOUT),
|
|
247
229
|
});
|
|
248
|
-
|
|
249
|
-
? await this.signer.idToken(client, data.parameters, account, {
|
|
250
|
-
auth_time: info.authenticatedAt,
|
|
251
|
-
exp: this.createTokenExpiry(),
|
|
252
|
-
code,
|
|
253
|
-
})
|
|
254
|
-
: undefined;
|
|
255
|
-
return { code, id_token };
|
|
230
|
+
return code;
|
|
256
231
|
}
|
|
257
232
|
catch (err) {
|
|
258
233
|
await this.store.deleteRequest(id);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request-manager.js","sourceRoot":"","sources":["../../src/request/request-manager.ts"],"names":[],"mappings":";;;AAAA,sDAI6B;AAO7B,kDAIwB;AAExB,6EAAoE;AACpE,mFAA0E;AAC1E,6EAAoE;AACpE,uFAA8E;AAC9E,iFAAwE;AACxE,iEAAgE;AAEhE,iDAAqD;AAErD,uCAA8C;AAC9C,uDAG0B;AAC1B,mDAAmD;AAGnD,qDAIyB;AAEzB,MAAa,cAAc;IAEJ;IACA;IACA;IACA;IACA;IACA;IANrB,YACqB,KAAmB,EACnB,MAAc,EACd,QAA0C,EAC1C,KAAiB,EACjB,eAAe,IAAI,EACnB,cAAc,4BAAa;QAL3B,UAAK,GAAL,KAAK,CAAc;QACnB,WAAM,GAAN,MAAM,CAAQ;QACd,aAAQ,GAAR,QAAQ,CAAkC;QAC1C,UAAK,GAAL,KAAK,CAAY;QACjB,iBAAY,GAAZ,YAAY,CAAO;QACnB,gBAAW,GAAX,WAAW,CAAgB;IAC7C,CAAC;IAEM,iBAAiB;QACzB,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,0BAA0B,CAC9B,MAAc,EACd,UAAsB,EACtB,KAAqD,EACrD,QAAyB,EACzB,OAAsB;QAEtB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,CAAC,CAAA;QAC1E,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAA;IAC9D,CAAC;IAES,KAAK,CAAC,MAAM,CACpB,MAAc,EACd,UAAsB,EACtB,UAA0D,EAC1D,WAA4B,IAAI;QAEhC,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,6BAAc,CAAC,CAAA;QACvD,MAAM,EAAE,GAAG,MAAM,IAAA,iCAAiB,GAAE,CAAA;QAEpC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE;YACjC,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,UAAU;YACV,UAAU;YACV,SAAS;YACT,QAAQ;YACR,GAAG,EAAE,IAAI;YACT,IAAI,EAAE,IAAI;SACX,CAAC,CAAA;QAEF,MAAM,GAAG,GAAG,IAAA,iCAAgB,EAAC,EAAE,CAAC,CAAA;QAChC,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU,EAAE,CAAA;IACvD,CAAC;IAED,KAAK,CAAC,QAAQ,CACZ,MAAc,EACd,UAAsB,EACtB,UAA0D,EAC1D,OAAsB,EACtB,YAAY,GAAG,IAAI,CAAC,YAAY;QAEhC,+EAA+E;QAC/E,qEAAqE;QACrE,yEAAyE;QACzE,2EAA2E;QAC3E,sEAAsE;QACtE,2EAA2E;QAC3E,sEAAsE;QAEtE,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAA;QAE9C,MAAM,MAAM,GACV,CAAC,UAAU,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;YACzC,EAAE,KAAK,CAAC,GAAG,CAAC;aACX,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,EAAE,CAAA;QAE3E,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,UAAU,KAAK,qCAAqC,CACrD,CAAA;YACH,CAAC;QACH,CAAC;QAED,KAAK,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,6BAAiB,CAAC,EAAE,CAAC;YAChE,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;gBAC3B,IACE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,KAAK,CAAC,EAAE,SAAS,KAAK,IAAI;oBACzD,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,KAAK,CAAC,EAAE,SAAS,KAAK,IAAI,EACzD,CAAC;oBACD,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;wBAC7B,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,aAAa,KAAK,oBAAoB,KAAK,SAAS,CACrD,CAAA;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAA;QAEvD,MAAM,aAAa,GAAG,UAAU,CAAC,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAEzD,IAAI,UAAU,CAAC,qBAAqB,EAAE,CAAC;YACrC,MAAM,sBAAsB,GAAG,MAAM,CAAC,QAAQ,CAAC,2BAA2B,CAAA;YAC1E,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBAC5B,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,8DAA8D,CAC/D,CAAA;YACH,CAAC;YAED,KAAK,MAAM,MAAM,IAAI,UAAU,CAAC,qBAAqB,EAAE,CAAC;gBACtD,IAAI,CAAC,sBAAsB,EAAE,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBACnD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,6CAA6C,MAAM,CAAC,IAAI,GAAG,CAC5D,CAAA;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,EAAE,YAAY,EAAE,GAAG,UAAU,CAAA;QACnC,IACE,YAAY;YACZ,CAAC,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAC1C,IAAA,oCAAkB,EAAC,GAAG,EAAE,YAAY,CAAC,CACtC,EACD,CAAC;YACD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,wBAAwB,YAAY,cAAc,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAC7F,CAAA;QACH,CAAC;QAED,2DAA2D;QAC3D,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;YACzB,IAAI,OAAO;gBAAE,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAA;QAChE,CAAC;aAAM,IAAI,UAAU,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YAC3C,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,uCAAuC,CACxC,CAAA;QACH,CAAC;QAED,IAAI,UAAU,CAAC,MAAM,KAAK,8CAAgC,EAAE,CAAC;YAC3D,IAAI,UAAU,CAAC,QAAQ,IAAI,UAAU,CAAC,GAAG,KAAK,UAAU,CAAC,QAAQ,EAAE,CAAC;gBAClE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,8EAA8E,CAC/E,CAAA;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAC,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;YACvE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,8BAA8B,UAAU,CAAC,aAAa,GAAG,EACzD,2BAA2B,CAC5B,CAAA;QACH,CAAC;QAED,IAAI,YAAY,IAAI,aAAa,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YACpD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,kBAAkB,UAAU,CAAC,aAAa,6BAA6B,EACvE,2BAA2B,CAC5B,CAAA;QACH,CAAC;QAED,8DAA8D;QAC9D,IAAI,YAAY,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;YAC/C,MAAM,IAAI,oDAAsB,CAAC,UAAU,EAAE,4BAA4B,CAAC,CAAA;QAC5E,CAAC;QAED,IACE,UAAU,CAAC,cAAc;YACzB,UAAU,CAAC,MAAM,KAAK,MAAM;YAC5B,CAAC,UAAU,CAAC,qBAAqB,IAAI,OAAO,CAAC,KAAK,OAAO,EACzD,CAAC;YACD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,4DAA4D,CAC7D,CAAA;QACH,CAAC;QAED,4DAA4D;QAC5D,IAAI,UAAU,CAAC,qBAAqB,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;YACnE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,+CAA+C,CAChD,CAAA;QACH,CAAC;QAED,0EAA0E;QAC1E,EAAE;QACF,8EAA8E;QAC9E,uEAAuE;QACvE,wEAAwE;QACxE,2EAA2E;QAC3E,4EAA4E;QAC5E,2EAA2E;QAC3E,yEAAyE;QACzE,iCAAiC;QACjC,IAAI,aAAa,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YAC5D,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,iDAAiD,CAClD,CAAA;QACH,CAAC;QAED,qDAAqD;QAErD,IAAI,UAAU,CAAC,aAAa,IAAI,IAAI,EAAE,CAAC;YACrC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,aAAa,EAAE;gBACrE,qDAAqD;gBACrD,cAAc,EAAE,QAAQ;aACzB,CAAC,CAAA;YAEF,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;gBACjB,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,sCAAsC,CACvC,CAAA;YACH,CAAC;iBAAM,IAAI,UAAU,CAAC,UAAU,IAAI,IAAI,EAAE,CAAC;gBACzC,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,GAAG,EAAE,CAAA;YACzD,CAAC;iBAAM,IAAI,UAAU,CAAC,UAAU,KAAK,OAAO,CAAC,GAAG,EAAE,CAAC;gBACjD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,kDAAkD,CACnD,CAAA;YACH,CAAC;QACH,CAAC;QAED,0EAA0E;QAC1E,yEAAyE;QACzE,qDAAqD;QACrD,IAAI,UAAU,CAAC,MAAM,KAAK,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YAC9D,IAAI,UAAU,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBACjC,MAAM,IAAI,gDAAoB,CAC5B,UAAU,EACV,sDAAsD,CACvD,CAAA;YACH,CAAC;YAED,2DAA2D;YAC3D,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,CAAA;QACnD,CAAC;QAED,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,KAAK,CAAC,GAAG,CACP,GAAe,EACf,QAAkB,EAClB,QAAkB;QAElB,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAEhC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,8CAAmB,CAAC,wBAAwB,GAAG,GAAG,CAAC,CAAA;QAExE,MAAM,OAAO,GAAsB,EAAE,CAAA;QAErC,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,wEAAwE;gBACxE,wBAAwB;gBACxB,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,qCAAqC,CACtC,CAAA;YACH,CAAC;YAED,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,IAAI,CAAC,UAAU,EAAE,0BAA0B,CAAC,CAAA;YAC1E,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,SAAS,GAAG,IAAI,IAAI,CAC1B,IAAI,CAAC,GAAG,EAAE,GAAG,+CAAgC,CAC9C,CAAA;YACH,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC/B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,+CAA+C,CAChD,CAAA;YACH,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnB,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAA;YAC7B,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACtC,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gDAAgD,CACjD,CAAA;YACH,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;YAClC,MAAM,GAAG,CAAA;QACX,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE,OAAO,CAAC,CAAA;QAC7C,CAAC;QAED,OAAO;YACL,EAAE;YACF,GAAG;YACH,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS;YAC9C,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B,CAAA;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,MAAc,EACd,GAAe,EACf,QAAkB,EAClB,OAAgB,EAChB,IAAuB;QAEvB,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAEhC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,8CAAmB,CAAC,wBAAwB,GAAG,GAAG,CAAC,CAAA;QAExE,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,IAAI,CAAC,UAAU,EAAE,0BAA0B,CAAC,CAAA;YAC1E,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnB,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gCAAgC,CACjC,CAAA;YACH,CAAC;YACD,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC/B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gDAAgD,CACjD,CAAA;YACH,CAAC;YACD,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,qCAAqC,CACtC,CAAA;YACH,CAAC;YAED,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAE7D,IAAI,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBACnC,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,2DAA2D,CAC5D,CAAA;YACH,CAAC;YAED,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACxC,CAAC,CAAC,MAAM,IAAA,sBAAY,GAAE;gBACtB,CAAC,CAAC,SAAS,CAAA;YAEb,wEAAwE;YACxE,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE;gBACjC,GAAG,EAAE,OAAO,CAAC,GAAG;gBAChB,IAAI;gBACJ,gFAAgF;gBAChF,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,+CAAgC,CAAC;aACnE,CAAC,CAAA;YAEF,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC;gBAChD,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,EAAE;oBAC1D,SAAS,EAAE,IAAI,CAAC,eAAe;oBAC/B,GAAG,EAAE,IAAI,CAAC,iBAAiB,EAAE;oBAC7B,IAAI;iBACL,CAAC;gBACJ,CAAC,CAAC,SAAS,CAAA;YAEb,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAA;QAC3B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;YAClC,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAc,EACd,UAAsB,EACtB,IAAU;QAEV,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAA;QACvD,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,0CAAiB,CAAC,cAAc,CAAC,CAAA;QAExD,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,CAAA;YAEvB,IAAI,CAAC,IAAA,yCAAuB,EAAC,IAAI,CAAC,EAAE,CAAC;gBACnC,kEAAkE;gBAClE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;YAC7C,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,yCAAyC,CAAC,CAAA;YACxE,CAAC;YAED,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,uBAAuB,CAAC,CAAA;YACtD,CAAC;YAED,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBACtC,mEAAmE;gBACnE,uEAAuE;gBACvE,sEAAsE;gBACtE,wEAAwE;gBACxE,sEAAsE;YACxE,CAAC;iBAAM,CAAC;gBACN,IAAI,UAAU,CAAC,MAAM,KAAK,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;oBACjD,MAAM,IAAI,0CAAiB,CAAC,+BAA+B,CAAC,CAAA;gBAC9D,CAAC;gBAED,IAAI,CAAC,CAAC,MAAM,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;oBACxD,MAAM,IAAI,0CAAiB,CAAC,+BAA+B,CAAC,CAAA;gBAC9D,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAA;QACb,CAAC;gBAAS,CAAC;YACT,iCAAiC;YACjC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;QAC3C,CAAC;IACH,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAe;QAC1B,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAChC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;IACpC,CAAC;CACF;AAtbD,wCAsbC"}
|
|
1
|
+
{"version":3,"file":"request-manager.js","sourceRoot":"","sources":["../../src/request/request-manager.ts"],"names":[],"mappings":";;;AAAA,sDAI6B;AAM7B,kDAIwB;AAExB,6EAAoE;AACpE,mFAA0E;AAC1E,6GAAmG;AACnG,6EAAoE;AACpE,uFAA8E;AAC9E,iFAAwE;AACxE,iEAAgE;AAGhE,uCAA8C;AAC9C,uDAG0B;AAC1B,mDAAmD;AAGnD,qDAIyB;AAEzB,MAAa,cAAc;IAEJ;IACA;IACA;IACA;IACA;IALrB,YACqB,KAAmB,EACnB,MAAc,EACd,QAA0C,EAC1C,KAAiB,EACjB,cAAc,4BAAa;QAJ3B,UAAK,GAAL,KAAK,CAAc;QACnB,WAAM,GAAN,MAAM,CAAQ;QACd,aAAQ,GAAR,QAAQ,CAAkC;QAC1C,UAAK,GAAL,KAAK,CAAY;QACjB,gBAAW,GAAX,WAAW,CAAgB;IAC7C,CAAC;IAEM,iBAAiB;QACzB,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,0BAA0B,CAC9B,MAAc,EACd,UAAsB,EACtB,KAAqD,EACrD,QAAyB,EACzB,OAAsB;QAEtB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,CAAC,CAAA;QAC1E,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAA;IAC9D,CAAC;IAES,KAAK,CAAC,MAAM,CACpB,MAAc,EACd,UAAsB,EACtB,UAA0D,EAC1D,WAA4B,IAAI;QAEhC,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,6BAAc,CAAC,CAAA;QACvD,MAAM,EAAE,GAAG,MAAM,IAAA,iCAAiB,GAAE,CAAA;QAEpC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE;YACjC,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,UAAU;YACV,UAAU;YACV,SAAS;YACT,QAAQ;YACR,GAAG,EAAE,IAAI;YACT,IAAI,EAAE,IAAI;SACX,CAAC,CAAA;QAEF,MAAM,GAAG,GAAG,IAAA,iCAAgB,EAAC,EAAE,CAAC,CAAA;QAChC,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,UAAU,EAAE,CAAA;IAC5E,CAAC;IAED,KAAK,CAAC,QAAQ,CACZ,MAAc,EACd,UAAsB,EACtB,UAA0D,EAC1D,OAAsB;QAEtB,KAAK,MAAM,CAAC,IAAI;YACd,oCAAoC;YACpC,QAAQ;YACR,eAAe;YACf,OAAO,EAAE,gDAAgD;SACjD,EAAE,CAAC;YACX,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;gBAClB,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,gBAAgB,CAAC,aAAa,CAC/B,CAAA;YACH,CAAC;QACH,CAAC;QAED,IAAI,UAAU,CAAC,aAAa,KAAK,MAAM,EAAE,CAAC;YACxC,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,sCAAsC,CACvC,CAAA;QACH,CAAC;QAED,+EAA+E;QAC/E,qEAAqE;QACrE,yEAAyE;QACzE,2EAA2E;QAC3E,sEAAsE;QACtE,2EAA2E;QAC3E,sEAAsE;QAEtE,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;QACjE,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAA;QAE9C,MAAM,MAAM,GAAG,IAAI,GAAG,CACpB,UAAU,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,OAAO,CACxD,CAAA;QAED,IAAI,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,iCAAiC,CAClC,CAAA;QACH,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,iCAAiC,CAClC,CAAA;QACH,CAAC;QAED,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,6DAA6D;YAC7D,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBACxC,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,UAAU,KAAK,qCAAqC,CACrD,CAAA;YACH,CAAC;YAED,yEAAyE;YACzE,sEAAsE;YACtE,sBAAsB;YACtB,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,UAAU,KAAK,mCAAmC,CACnD,CAAA;YACH,CAAC;QACH,CAAC;QAED,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,KAAK,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,SAAS,EAAE,CAAA;QAEzE,IAAI,UAAU,CAAC,qBAAqB,EAAE,CAAC;YACrC,MAAM,sBAAsB,GAAG,MAAM,CAAC,QAAQ,CAAC,2BAA2B,CAAA;YAC1E,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBAC5B,MAAM,IAAI,yEAAgC,CACxC,UAAU,EACV,8DAA8D,CAC/D,CAAA;YACH,CAAC;YAED,KAAK,MAAM,MAAM,IAAI,UAAU,CAAC,qBAAqB,EAAE,CAAC;gBACtD,IACE,CAAC,IAAI,CAAC,QAAQ,CAAC,qCAAqC,EAAE,QAAQ,CAC5D,MAAM,CAAC,IAAI,CACZ,EACD,CAAC;oBACD,MAAM,IAAI,yEAAgC,CACxC,UAAU,EACV,6CAA6C,MAAM,CAAC,IAAI,GAAG,CAC5D,CAAA;gBACH,CAAC;gBACD,IAAI,CAAC,sBAAsB,EAAE,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBACnD,MAAM,IAAI,yEAAgC,CACxC,UAAU,EACV,yEAAyE,MAAM,CAAC,IAAI,GAAG,CACxF,CAAA;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,EAAE,YAAY,EAAE,GAAG,UAAU,CAAA;QACnC,IACE,YAAY;YACZ,CAAC,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAC1C,IAAA,oCAAkB,EAAC,GAAG,EAAE,YAAY,CAAC,CACtC,EACD,CAAC;YACD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,wBAAwB,YAAY,cAAc,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAC7F,CAAA;QACH,CAAC;QAED,2DAA2D;QAC3D,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;YACzB,IAAI,OAAO;gBAAE,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAA;QAChE,CAAC;aAAM,IAAI,UAAU,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YAC3C,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,uCAAuC,CACxC,CAAA;QACH,CAAC;QAED,IAAI,UAAU,CAAC,MAAM,KAAK,8CAAgC,EAAE,CAAC;YAC3D,IAAI,UAAU,CAAC,QAAQ,IAAI,UAAU,CAAC,GAAG,KAAK,UAAU,CAAC,QAAQ,EAAE,CAAC;gBAClE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,8EAA8E,CAC/E,CAAA;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAC,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;YACvE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,8BAA8B,UAAU,CAAC,aAAa,GAAG,EACzD,2BAA2B,CAC5B,CAAA;QACH,CAAC;QAED,8DAA8D;QAC9D,oBAAoB;QACpB,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;YAC/B,MAAM,IAAI,oDAAsB,CAAC,UAAU,EAAE,4BAA4B,CAAC,CAAA;QAC5E,CAAC;QAED,IACE,UAAU,CAAC,cAAc;YACzB,UAAU,CAAC,MAAM,KAAK,MAAM;YAC5B,CAAC,UAAU,CAAC,qBAAqB,IAAI,OAAO,CAAC,KAAK,OAAO,EACzD,CAAC;YACD,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,4DAA4D,CAC7D,CAAA;QACH,CAAC;QAED,4DAA4D;QAC5D,IAAI,UAAU,CAAC,qBAAqB,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;YACnE,MAAM,IAAI,oDAAsB,CAC9B,UAAU,EACV,+CAA+C,CAChD,CAAA;QACH,CAAC;QAED,0EAA0E;QAC1E,wEAAwE;QACxE,sEAAsE;QACtE,SAAS;QACT,IACE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS;YACtB,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY;YACzB,UAAU,CAAC,MAAM,KAAK,MAAM,EAC5B,CAAC;YACD,IAAI,UAAU,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBACjC,MAAM,IAAI,gDAAoB,CAC5B,UAAU,EACV,sDAAsD,CACvD,CAAA;YACH,CAAC;YAED,2DAA2D;YAC3D,UAAU,GAAG,EAAE,GAAG,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,CAAA;QACnD,CAAC;QAED,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,KAAK,CAAC,GAAG,CACP,GAAe,EACf,QAAkB,EAClB,QAAkB;QAElB,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAEhC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,8CAAmB,CAAC,wBAAwB,GAAG,GAAG,CAAC,CAAA;QAExE,MAAM,OAAO,GAAsB,EAAE,CAAA;QAErC,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,wEAAwE;gBACxE,wBAAwB;gBACxB,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,qCAAqC,CACtC,CAAA;YACH,CAAC;YAED,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,IAAI,CAAC,UAAU,EAAE,0BAA0B,CAAC,CAAA;YAC1E,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,SAAS,GAAG,IAAI,IAAI,CAC1B,IAAI,CAAC,GAAG,EAAE,GAAG,+CAAgC,CAC9C,CAAA;YACH,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC/B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,+CAA+C,CAChD,CAAA;YACH,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnB,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAA;YAC7B,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACtC,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gDAAgD,CACjD,CAAA;YACH,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;YAClC,MAAM,GAAG,CAAA;QACX,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE,OAAO,CAAC,CAAA;QAC7C,CAAC;QAED,OAAO;YACL,EAAE;YACF,GAAG;YACH,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS;YAC9C,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B,CAAA;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,MAAc,EACd,GAAe,EACf,QAAkB,EAClB,OAAgB;QAEhB,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAEhC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,8CAAmB,CAAC,wBAAwB,GAAG,GAAG,CAAC,CAAA;QAExE,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,IAAI,CAAC,UAAU,EAAE,0BAA0B,CAAC,CAAA;YAC1E,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnB,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gCAAgC,CACjC,CAAA;YACH,CAAC;YACD,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC/B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,gDAAgD,CACjD,CAAA;YACH,CAAC;YACD,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,MAAM,IAAI,0CAAiB,CACzB,IAAI,CAAC,UAAU,EACf,qCAAqC,CACtC,CAAA;YACH,CAAC;YAED,uCAAuC;YACvC,MAAM,IAAI,GAAG,MAAM,IAAA,sBAAY,GAAE,CAAA;YAEjC,wEAAwE;YACxE,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,EAAE;gBACjC,GAAG,EAAE,OAAO,CAAC,GAAG;gBAChB,IAAI;gBACJ,gFAAgF;gBAChF,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,+CAAgC,CAAC;aACnE,CAAC,CAAA;YAEF,OAAO,IAAI,CAAA;QACb,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;YAClC,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAc,EACd,UAAsB,EACtB,IAAU;QAEV,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAA;QACvD,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,0CAAiB,CAAC,cAAc,CAAC,CAAA;QAExD,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,CAAA;YAEvB,IAAI,CAAC,IAAA,yCAAuB,EAAC,IAAI,CAAC,EAAE,CAAC;gBACnC,kEAAkE;gBAClE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;YAC7C,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,yCAAyC,CAAC,CAAA;YACxE,CAAC;YAED,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAChC,MAAM,IAAI,0CAAiB,CAAC,uBAAuB,CAAC,CAAA;YACtD,CAAC;YAED,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBACtC,mEAAmE;gBACnE,uEAAuE;gBACvE,sEAAsE;gBACtE,wEAAwE;gBACxE,sEAAsE;YACxE,CAAC;iBAAM,CAAC;gBACN,IAAI,UAAU,CAAC,MAAM,KAAK,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;oBACjD,MAAM,IAAI,0CAAiB,CAAC,+BAA+B,CAAC,CAAA;gBAC9D,CAAC;gBAED,IAAI,CAAC,CAAC,MAAM,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;oBACxD,MAAM,IAAI,0CAAiB,CAAC,+BAA+B,CAAC,CAAA;gBAC9D,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAA;QACb,CAAC;gBAAS,CAAC;YACT,iCAAiC;YACjC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;QAC3C,CAAC;IACH,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAe;QAC1B,MAAM,EAAE,GAAG,IAAA,iCAAgB,EAAC,GAAG,CAAC,CAAA;QAChC,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;IACpC,CAAC;CACF;AA7ZD,wCA6ZC"}
|
package/dist/request/types.d.ts
CHANGED
|
@@ -45,7 +45,7 @@ export declare const pushedAuthorizationRequestSchema: z.ZodIntersection<z.ZodUn
|
|
|
45
45
|
state: z.ZodOptional<z.ZodString>;
|
|
46
46
|
nonce: z.ZodOptional<z.ZodString>;
|
|
47
47
|
dpop_jkt: z.ZodOptional<z.ZodString>;
|
|
48
|
-
response_type: z.ZodEnum<["code", "token", "
|
|
48
|
+
response_type: z.ZodEnum<["code", "token", "none", "code id_token token", "code id_token", "code token", "id_token token", "id_token"]>;
|
|
49
49
|
response_mode: z.ZodOptional<z.ZodEnum<["query", "fragment", "form_post"]>>;
|
|
50
50
|
code_challenge: z.ZodOptional<z.ZodString>;
|
|
51
51
|
code_challenge_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<["S256", "plain"]>>>;
|
|
@@ -94,7 +94,7 @@ export declare const pushedAuthorizationRequestSchema: z.ZodIntersection<z.ZodUn
|
|
|
94
94
|
}>, "many">>;
|
|
95
95
|
}, "strip", z.ZodTypeAny, {
|
|
96
96
|
client_id: string;
|
|
97
|
-
response_type: "none" | "code" | "
|
|
97
|
+
response_type: "none" | "code" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
|
|
98
98
|
scope?: string | undefined;
|
|
99
99
|
redirect_uri?: string | undefined;
|
|
100
100
|
nonce?: string | undefined;
|
|
@@ -104,7 +104,7 @@ export declare const pushedAuthorizationRequestSchema: z.ZodIntersection<z.ZodUn
|
|
|
104
104
|
code_challenge?: string | undefined;
|
|
105
105
|
code_challenge_method?: "S256" | "plain" | undefined;
|
|
106
106
|
max_age?: number | undefined;
|
|
107
|
-
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "
|
|
107
|
+
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "preferred_username" | "email" | "email_verified" | "picture" | "acr" | "auth_time" | "family_name" | "given_name" | "middle_name" | "nickname" | "gender" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "phone_number" | "phone_number_verified" | "address", {
|
|
108
108
|
values?: (string | number | boolean)[] | undefined;
|
|
109
109
|
value?: string | number | boolean | undefined;
|
|
110
110
|
essential?: boolean | undefined;
|
|
@@ -124,7 +124,7 @@ export declare const pushedAuthorizationRequestSchema: z.ZodIntersection<z.ZodUn
|
|
|
124
124
|
}[] | undefined;
|
|
125
125
|
}, {
|
|
126
126
|
client_id: string;
|
|
127
|
-
response_type: "none" | "code" | "
|
|
127
|
+
response_type: "none" | "code" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
|
|
128
128
|
scope?: string | undefined;
|
|
129
129
|
redirect_uri?: string | undefined;
|
|
130
130
|
nonce?: string | undefined;
|
|
@@ -134,7 +134,7 @@ export declare const pushedAuthorizationRequestSchema: z.ZodIntersection<z.ZodUn
|
|
|
134
134
|
code_challenge?: string | undefined;
|
|
135
135
|
code_challenge_method?: "S256" | "plain" | undefined;
|
|
136
136
|
max_age?: number | undefined;
|
|
137
|
-
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "
|
|
137
|
+
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "preferred_username" | "email" | "email_verified" | "picture" | "acr" | "auth_time" | "family_name" | "given_name" | "middle_name" | "nickname" | "gender" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "phone_number" | "phone_number_verified" | "address", {
|
|
138
138
|
values?: (string | number | boolean)[] | undefined;
|
|
139
139
|
value?: string | number | boolean | undefined;
|
|
140
140
|
essential?: boolean | undefined;
|
|
@@ -198,7 +198,7 @@ export declare const authorizationRequestQuerySchema: z.ZodIntersection<z.ZodUni
|
|
|
198
198
|
state: z.ZodOptional<z.ZodString>;
|
|
199
199
|
nonce: z.ZodOptional<z.ZodString>;
|
|
200
200
|
dpop_jkt: z.ZodOptional<z.ZodString>;
|
|
201
|
-
response_type: z.ZodEnum<["code", "token", "
|
|
201
|
+
response_type: z.ZodEnum<["code", "token", "none", "code id_token token", "code id_token", "code token", "id_token token", "id_token"]>;
|
|
202
202
|
response_mode: z.ZodOptional<z.ZodEnum<["query", "fragment", "form_post"]>>;
|
|
203
203
|
code_challenge: z.ZodOptional<z.ZodString>;
|
|
204
204
|
code_challenge_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<["S256", "plain"]>>>;
|
|
@@ -247,7 +247,7 @@ export declare const authorizationRequestQuerySchema: z.ZodIntersection<z.ZodUni
|
|
|
247
247
|
}>, "many">>;
|
|
248
248
|
}, "strip", z.ZodTypeAny, {
|
|
249
249
|
client_id: string;
|
|
250
|
-
response_type: "none" | "code" | "
|
|
250
|
+
response_type: "none" | "code" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
|
|
251
251
|
scope?: string | undefined;
|
|
252
252
|
redirect_uri?: string | undefined;
|
|
253
253
|
nonce?: string | undefined;
|
|
@@ -257,7 +257,7 @@ export declare const authorizationRequestQuerySchema: z.ZodIntersection<z.ZodUni
|
|
|
257
257
|
code_challenge?: string | undefined;
|
|
258
258
|
code_challenge_method?: "S256" | "plain" | undefined;
|
|
259
259
|
max_age?: number | undefined;
|
|
260
|
-
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "
|
|
260
|
+
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "preferred_username" | "email" | "email_verified" | "picture" | "acr" | "auth_time" | "family_name" | "given_name" | "middle_name" | "nickname" | "gender" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "phone_number" | "phone_number_verified" | "address", {
|
|
261
261
|
values?: (string | number | boolean)[] | undefined;
|
|
262
262
|
value?: string | number | boolean | undefined;
|
|
263
263
|
essential?: boolean | undefined;
|
|
@@ -277,7 +277,7 @@ export declare const authorizationRequestQuerySchema: z.ZodIntersection<z.ZodUni
|
|
|
277
277
|
}[] | undefined;
|
|
278
278
|
}, {
|
|
279
279
|
client_id: string;
|
|
280
|
-
response_type: "none" | "code" | "
|
|
280
|
+
response_type: "none" | "code" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
|
|
281
281
|
scope?: string | undefined;
|
|
282
282
|
redirect_uri?: string | undefined;
|
|
283
283
|
nonce?: string | undefined;
|
|
@@ -287,7 +287,7 @@ export declare const authorizationRequestQuerySchema: z.ZodIntersection<z.ZodUni
|
|
|
287
287
|
code_challenge?: string | undefined;
|
|
288
288
|
code_challenge_method?: "S256" | "plain" | undefined;
|
|
289
289
|
max_age?: number | undefined;
|
|
290
|
-
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "
|
|
290
|
+
claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"nonce" | "name" | "preferred_username" | "email" | "email_verified" | "picture" | "acr" | "auth_time" | "family_name" | "given_name" | "middle_name" | "nickname" | "gender" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "phone_number" | "phone_number_verified" | "address", {
|
|
291
291
|
values?: (string | number | boolean)[] | undefined;
|
|
292
292
|
value?: string | number | boolean | undefined;
|
|
293
293
|
essential?: boolean | undefined;
|