@atproto/oauth-provider 0.1.3 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- package/CHANGELOG.md +35 -0
- package/dist/account/account.d.ts +6 -2
- package/dist/account/account.d.ts.map +1 -1
- package/dist/assets/app/bundle-manifest.json +3 -3
- package/dist/assets/app/main.css +1 -1
- package/dist/assets/app/main.js +1 -1
- package/dist/assets/app/main.js.map +1 -1
- package/dist/assets/assets-middleware.d.ts +2 -1
- package/dist/assets/assets-middleware.d.ts.map +1 -1
- package/dist/assets/assets-middleware.js +7 -0
- package/dist/assets/assets-middleware.js.map +1 -1
- package/dist/client/client-manager.d.ts +4 -3
- package/dist/client/client-manager.d.ts.map +1 -1
- package/dist/client/client-manager.js +60 -37
- package/dist/client/client-manager.js.map +1 -1
- package/dist/client/client.d.ts.map +1 -1
- package/dist/client/client.js +1 -3
- package/dist/client/client.js.map +1 -1
- package/dist/constants.d.ts +2 -0
- package/dist/constants.d.ts.map +1 -1
- package/dist/constants.js +3 -1
- package/dist/constants.js.map +1 -1
- package/dist/device/device-manager.d.ts +1 -1
- package/dist/device/device-manager.d.ts.map +1 -1
- package/dist/device/device-manager.js +2 -2
- package/dist/device/device-manager.js.map +1 -1
- package/dist/errors/invalid-authorization-details-error.d.ts +4 -3
- package/dist/errors/invalid-authorization-details-error.d.ts.map +1 -1
- package/dist/errors/invalid-authorization-details-error.js +4 -4
- package/dist/errors/invalid-authorization-details-error.js.map +1 -1
- package/dist/lib/http/request.d.ts +3 -0
- package/dist/lib/http/request.d.ts.map +1 -1
- package/dist/lib/http/request.js +24 -12
- package/dist/lib/http/request.js.map +1 -1
- package/dist/metadata/build-metadata.d.ts +0 -1
- package/dist/metadata/build-metadata.d.ts.map +1 -1
- package/dist/metadata/build-metadata.js +9 -35
- package/dist/metadata/build-metadata.js.map +1 -1
- package/dist/oauth-hooks.d.ts +3 -10
- package/dist/oauth-hooks.d.ts.map +1 -1
- package/dist/oauth-provider.d.ts +8 -13
- package/dist/oauth-provider.d.ts.map +1 -1
- package/dist/oauth-provider.js +169 -109
- package/dist/oauth-provider.js.map +1 -1
- package/dist/oauth-verifier.d.ts +1 -2
- package/dist/oauth-verifier.d.ts.map +1 -1
- package/dist/oauth-verifier.js.map +1 -1
- package/dist/output/build-authorize-data.d.ts +6 -0
- package/dist/output/build-authorize-data.d.ts.map +1 -1
- package/dist/output/build-authorize-data.js +1 -0
- package/dist/output/build-authorize-data.js.map +1 -1
- package/dist/replay/replay-manager.d.ts +1 -0
- package/dist/replay/replay-manager.d.ts.map +1 -1
- package/dist/replay/replay-manager.js +3 -0
- package/dist/replay/replay-manager.js.map +1 -1
- package/dist/replay/replay-store.d.ts +1 -1
- package/dist/request/request-info.d.ts +2 -0
- package/dist/request/request-info.d.ts.map +1 -1
- package/dist/request/request-manager.d.ts +3 -9
- package/dist/request/request-manager.d.ts.map +1 -1
- package/dist/request/request-manager.js +52 -77
- package/dist/request/request-manager.js.map +1 -1
- package/dist/request/types.d.ts +10 -10
- package/dist/signer/signed-token-payload.d.ts +85 -85
- package/dist/signer/signer.d.ts +23 -30
- package/dist/signer/signer.d.ts.map +1 -1
- package/dist/signer/signer.js +0 -40
- package/dist/signer/signer.js.map +1 -1
- package/dist/token/token-claims.d.ts +81 -81
- package/dist/token/token-manager.d.ts +1 -2
- package/dist/token/token-manager.d.ts.map +1 -1
- package/dist/token/token-manager.js +10 -37
- package/dist/token/token-manager.js.map +1 -1
- package/dist/token/types.d.ts +10 -10
- package/package.json +2 -3
- package/src/account/account.ts +11 -7
- package/src/assets/app/backend-data.ts +9 -2
- package/src/assets/app/components/accept-form.tsx +65 -51
- package/src/assets/app/components/client-name.tsx +24 -16
- package/src/assets/app/views/accept-view.tsx +7 -4
- package/src/assets/app/views/authorize-view.tsx +2 -1
- package/src/assets/assets-middleware.ts +14 -2
- package/src/client/client-manager.ts +78 -60
- package/src/client/client.ts +1 -4
- package/src/constants.ts +3 -0
- package/src/device/device-manager.ts +7 -1
- package/src/errors/invalid-authorization-details-error.ts +9 -4
- package/src/lib/http/request.ts +61 -15
- package/src/metadata/build-metadata.ts +9 -42
- package/src/oauth-hooks.ts +3 -13
- package/src/oauth-provider.ts +181 -159
- package/src/oauth-verifier.ts +1 -2
- package/src/output/build-authorize-data.ts +8 -0
- package/src/replay/replay-manager.ts +9 -0
- package/src/replay/replay-store.ts +1 -1
- package/src/request/request-info.ts +2 -0
- package/src/request/request-manager.ts +81 -107
- package/src/signer/signer.ts +0 -63
- package/src/token/token-manager.ts +8 -41
- package/dist/oidc/claims.d.ts +0 -16
- package/dist/oidc/claims.d.ts.map +0 -1
- package/dist/oidc/claims.js +0 -29
- package/dist/oidc/claims.js.map +0 -1
- package/dist/oidc/userinfo.d.ts +0 -7
- package/dist/oidc/userinfo.d.ts.map +0 -1
- package/dist/oidc/userinfo.js +0 -3
- package/dist/oidc/userinfo.js.map +0 -1
- package/dist/parameters/claims-requested.d.ts +0 -3
- package/dist/parameters/claims-requested.d.ts.map +0 -1
- package/dist/parameters/claims-requested.js +0 -77
- package/dist/parameters/claims-requested.js.map +0 -1
- package/dist/parameters/oidc-payload.d.ts +0 -31
- package/dist/parameters/oidc-payload.d.ts.map +0 -1
- package/dist/parameters/oidc-payload.js +0 -25
- package/dist/parameters/oidc-payload.js.map +0 -1
- package/src/assets/app/components/client-identifier.tsx +0 -31
- package/src/oidc/claims.ts +0 -35
- package/src/oidc/userinfo.ts +0 -11
- package/src/parameters/claims-requested.ts +0 -106
- package/src/parameters/oidc-payload.ts +0 -28
|
@@ -2,66 +2,31 @@ import z from 'zod';
|
|
|
2
2
|
import { Simplify } from '../lib/util/type.js';
|
|
3
3
|
export declare const signedTokenPayloadSchema: z.ZodIntersection<z.ZodObject<{
|
|
4
4
|
iat: z.ZodNumber;
|
|
5
|
-
iss: z.ZodString;
|
|
6
5
|
aud: z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "atleastone">]>;
|
|
6
|
+
iss: z.ZodString;
|
|
7
7
|
exp: z.ZodNumber;
|
|
8
8
|
}, "strip", z.ZodTypeAny, {
|
|
9
9
|
iat: number;
|
|
10
|
-
iss: string;
|
|
11
10
|
aud: string | [string, ...string[]];
|
|
11
|
+
iss: string;
|
|
12
12
|
exp: number;
|
|
13
13
|
}, {
|
|
14
14
|
iat: number;
|
|
15
|
-
iss: string;
|
|
16
15
|
aud: string | [string, ...string[]];
|
|
16
|
+
iss: string;
|
|
17
17
|
exp: number;
|
|
18
18
|
}>, z.ZodObject<z.objectUtil.extendShape<{
|
|
19
19
|
nonce: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
20
|
-
name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
21
20
|
jti: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
21
|
+
name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
22
22
|
htm: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
23
23
|
htu: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
24
24
|
ath: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
25
|
+
sub: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
26
|
+
preferred_username: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
25
27
|
email: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
26
28
|
email_verified: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
|
|
27
|
-
phone_number: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
28
|
-
phone_number_verified: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
|
|
29
|
-
address: z.ZodOptional<z.ZodOptional<z.ZodObject<{
|
|
30
|
-
formatted: z.ZodOptional<z.ZodString>;
|
|
31
|
-
street_address: z.ZodOptional<z.ZodString>;
|
|
32
|
-
locality: z.ZodOptional<z.ZodString>;
|
|
33
|
-
region: z.ZodOptional<z.ZodString>;
|
|
34
|
-
postal_code: z.ZodOptional<z.ZodString>;
|
|
35
|
-
country: z.ZodOptional<z.ZodString>;
|
|
36
|
-
}, "strip", z.ZodTypeAny, {
|
|
37
|
-
formatted?: string | undefined;
|
|
38
|
-
street_address?: string | undefined;
|
|
39
|
-
locality?: string | undefined;
|
|
40
|
-
region?: string | undefined;
|
|
41
|
-
postal_code?: string | undefined;
|
|
42
|
-
country?: string | undefined;
|
|
43
|
-
}, {
|
|
44
|
-
formatted?: string | undefined;
|
|
45
|
-
street_address?: string | undefined;
|
|
46
|
-
locality?: string | undefined;
|
|
47
|
-
region?: string | undefined;
|
|
48
|
-
postal_code?: string | undefined;
|
|
49
|
-
country?: string | undefined;
|
|
50
|
-
}>>>;
|
|
51
|
-
profile: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
52
|
-
family_name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
53
|
-
given_name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
54
|
-
middle_name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
55
|
-
nickname: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
56
|
-
preferred_username: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
57
|
-
gender: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
58
29
|
picture: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
59
|
-
website: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
60
|
-
birthdate: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
61
|
-
zoneinfo: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
62
|
-
locale: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
63
|
-
updated_at: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
|
|
64
|
-
sub: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
65
30
|
nbf: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
|
|
66
31
|
acr: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
67
32
|
azp: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
@@ -1353,6 +1318,41 @@ export declare const signedTokenPayloadSchema: z.ZodIntersection<z.ZodObject<{
|
|
|
1353
1318
|
c_hash: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1354
1319
|
s_hash: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1355
1320
|
auth_time: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
|
|
1321
|
+
family_name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1322
|
+
given_name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1323
|
+
middle_name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1324
|
+
nickname: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1325
|
+
gender: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1326
|
+
profile: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1327
|
+
website: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1328
|
+
birthdate: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1329
|
+
zoneinfo: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1330
|
+
locale: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1331
|
+
updated_at: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
|
|
1332
|
+
phone_number: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1333
|
+
phone_number_verified: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
|
|
1334
|
+
address: z.ZodOptional<z.ZodOptional<z.ZodObject<{
|
|
1335
|
+
formatted: z.ZodOptional<z.ZodString>;
|
|
1336
|
+
street_address: z.ZodOptional<z.ZodString>;
|
|
1337
|
+
locality: z.ZodOptional<z.ZodString>;
|
|
1338
|
+
region: z.ZodOptional<z.ZodString>;
|
|
1339
|
+
postal_code: z.ZodOptional<z.ZodString>;
|
|
1340
|
+
country: z.ZodOptional<z.ZodString>;
|
|
1341
|
+
}, "strip", z.ZodTypeAny, {
|
|
1342
|
+
formatted?: string | undefined;
|
|
1343
|
+
street_address?: string | undefined;
|
|
1344
|
+
locality?: string | undefined;
|
|
1345
|
+
region?: string | undefined;
|
|
1346
|
+
postal_code?: string | undefined;
|
|
1347
|
+
country?: string | undefined;
|
|
1348
|
+
}, {
|
|
1349
|
+
formatted?: string | undefined;
|
|
1350
|
+
street_address?: string | undefined;
|
|
1351
|
+
locality?: string | undefined;
|
|
1352
|
+
region?: string | undefined;
|
|
1353
|
+
postal_code?: string | undefined;
|
|
1354
|
+
country?: string | undefined;
|
|
1355
|
+
}>>>;
|
|
1356
1356
|
authorization_details: z.ZodOptional<z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
1357
1357
|
type: z.ZodString;
|
|
1358
1358
|
locations: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
@@ -1388,31 +1388,10 @@ export declare const signedTokenPayloadSchema: z.ZodIntersection<z.ZodObject<{
|
|
|
1388
1388
|
htm?: string | undefined;
|
|
1389
1389
|
htu?: string | undefined;
|
|
1390
1390
|
ath?: string | undefined;
|
|
1391
|
+
preferred_username?: string | undefined;
|
|
1391
1392
|
email?: string | undefined;
|
|
1392
1393
|
email_verified?: boolean | undefined;
|
|
1393
|
-
phone_number?: string | undefined;
|
|
1394
|
-
phone_number_verified?: boolean | undefined;
|
|
1395
|
-
address?: {
|
|
1396
|
-
formatted?: string | undefined;
|
|
1397
|
-
street_address?: string | undefined;
|
|
1398
|
-
locality?: string | undefined;
|
|
1399
|
-
region?: string | undefined;
|
|
1400
|
-
postal_code?: string | undefined;
|
|
1401
|
-
country?: string | undefined;
|
|
1402
|
-
} | undefined;
|
|
1403
|
-
profile?: string | undefined;
|
|
1404
|
-
family_name?: string | undefined;
|
|
1405
|
-
given_name?: string | undefined;
|
|
1406
|
-
middle_name?: string | undefined;
|
|
1407
|
-
nickname?: string | undefined;
|
|
1408
|
-
preferred_username?: string | undefined;
|
|
1409
|
-
gender?: string | undefined;
|
|
1410
1394
|
picture?: string | undefined;
|
|
1411
|
-
website?: string | undefined;
|
|
1412
|
-
birthdate?: string | undefined;
|
|
1413
|
-
zoneinfo?: string | undefined;
|
|
1414
|
-
locale?: string | undefined;
|
|
1415
|
-
updated_at?: number | undefined;
|
|
1416
1395
|
nbf?: number | undefined;
|
|
1417
1396
|
acr?: string | undefined;
|
|
1418
1397
|
azp?: string | undefined;
|
|
@@ -1526,6 +1505,27 @@ export declare const signedTokenPayloadSchema: z.ZodIntersection<z.ZodObject<{
|
|
|
1526
1505
|
c_hash?: string | undefined;
|
|
1527
1506
|
s_hash?: string | undefined;
|
|
1528
1507
|
auth_time?: number | undefined;
|
|
1508
|
+
family_name?: string | undefined;
|
|
1509
|
+
given_name?: string | undefined;
|
|
1510
|
+
middle_name?: string | undefined;
|
|
1511
|
+
nickname?: string | undefined;
|
|
1512
|
+
gender?: string | undefined;
|
|
1513
|
+
profile?: string | undefined;
|
|
1514
|
+
website?: string | undefined;
|
|
1515
|
+
birthdate?: string | undefined;
|
|
1516
|
+
zoneinfo?: string | undefined;
|
|
1517
|
+
locale?: string | undefined;
|
|
1518
|
+
updated_at?: number | undefined;
|
|
1519
|
+
phone_number?: string | undefined;
|
|
1520
|
+
phone_number_verified?: boolean | undefined;
|
|
1521
|
+
address?: {
|
|
1522
|
+
formatted?: string | undefined;
|
|
1523
|
+
street_address?: string | undefined;
|
|
1524
|
+
locality?: string | undefined;
|
|
1525
|
+
region?: string | undefined;
|
|
1526
|
+
postal_code?: string | undefined;
|
|
1527
|
+
country?: string | undefined;
|
|
1528
|
+
} | undefined;
|
|
1529
1529
|
authorization_details?: z.objectOutputType<{
|
|
1530
1530
|
type: z.ZodString;
|
|
1531
1531
|
locations: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
@@ -1543,31 +1543,10 @@ export declare const signedTokenPayloadSchema: z.ZodIntersection<z.ZodObject<{
|
|
|
1543
1543
|
htm?: string | undefined;
|
|
1544
1544
|
htu?: string | undefined;
|
|
1545
1545
|
ath?: string | undefined;
|
|
1546
|
+
preferred_username?: string | undefined;
|
|
1546
1547
|
email?: string | undefined;
|
|
1547
1548
|
email_verified?: boolean | undefined;
|
|
1548
|
-
phone_number?: string | undefined;
|
|
1549
|
-
phone_number_verified?: boolean | undefined;
|
|
1550
|
-
address?: {
|
|
1551
|
-
formatted?: string | undefined;
|
|
1552
|
-
street_address?: string | undefined;
|
|
1553
|
-
locality?: string | undefined;
|
|
1554
|
-
region?: string | undefined;
|
|
1555
|
-
postal_code?: string | undefined;
|
|
1556
|
-
country?: string | undefined;
|
|
1557
|
-
} | undefined;
|
|
1558
|
-
profile?: string | undefined;
|
|
1559
|
-
family_name?: string | undefined;
|
|
1560
|
-
given_name?: string | undefined;
|
|
1561
|
-
middle_name?: string | undefined;
|
|
1562
|
-
nickname?: string | undefined;
|
|
1563
|
-
preferred_username?: string | undefined;
|
|
1564
|
-
gender?: string | undefined;
|
|
1565
1549
|
picture?: string | undefined;
|
|
1566
|
-
website?: string | undefined;
|
|
1567
|
-
birthdate?: string | undefined;
|
|
1568
|
-
zoneinfo?: string | undefined;
|
|
1569
|
-
locale?: string | undefined;
|
|
1570
|
-
updated_at?: number | undefined;
|
|
1571
1550
|
nbf?: number | undefined;
|
|
1572
1551
|
acr?: string | undefined;
|
|
1573
1552
|
azp?: string | undefined;
|
|
@@ -1681,6 +1660,27 @@ export declare const signedTokenPayloadSchema: z.ZodIntersection<z.ZodObject<{
|
|
|
1681
1660
|
c_hash?: string | undefined;
|
|
1682
1661
|
s_hash?: string | undefined;
|
|
1683
1662
|
auth_time?: number | undefined;
|
|
1663
|
+
family_name?: string | undefined;
|
|
1664
|
+
given_name?: string | undefined;
|
|
1665
|
+
middle_name?: string | undefined;
|
|
1666
|
+
nickname?: string | undefined;
|
|
1667
|
+
gender?: string | undefined;
|
|
1668
|
+
profile?: string | undefined;
|
|
1669
|
+
website?: string | undefined;
|
|
1670
|
+
birthdate?: string | undefined;
|
|
1671
|
+
zoneinfo?: string | undefined;
|
|
1672
|
+
locale?: string | undefined;
|
|
1673
|
+
updated_at?: number | undefined;
|
|
1674
|
+
phone_number?: string | undefined;
|
|
1675
|
+
phone_number_verified?: boolean | undefined;
|
|
1676
|
+
address?: {
|
|
1677
|
+
formatted?: string | undefined;
|
|
1678
|
+
street_address?: string | undefined;
|
|
1679
|
+
locality?: string | undefined;
|
|
1680
|
+
region?: string | undefined;
|
|
1681
|
+
postal_code?: string | undefined;
|
|
1682
|
+
country?: string | undefined;
|
|
1683
|
+
} | undefined;
|
|
1684
1684
|
authorization_details?: z.objectInputType<{
|
|
1685
1685
|
type: z.ZodString;
|
|
1686
1686
|
locations: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
package/dist/signer/signer.d.ts
CHANGED
|
@@ -22,8 +22,8 @@ export declare class Signer {
|
|
|
22
22
|
}): Promise<SignedJwt>;
|
|
23
23
|
verifyAccessToken(token: SignedJwt): Promise<import("@atproto/jwk").VerifyResult<{
|
|
24
24
|
iat: number;
|
|
25
|
-
iss: string;
|
|
26
25
|
aud: string | [string, ...string[]];
|
|
26
|
+
iss: string;
|
|
27
27
|
exp: number;
|
|
28
28
|
jti: `tok-${string}`;
|
|
29
29
|
sub: string;
|
|
@@ -33,31 +33,10 @@ export declare class Signer {
|
|
|
33
33
|
htm?: string | undefined;
|
|
34
34
|
htu?: string | undefined;
|
|
35
35
|
ath?: string | undefined;
|
|
36
|
+
preferred_username?: string | undefined;
|
|
36
37
|
email?: string | undefined;
|
|
37
38
|
email_verified?: boolean | undefined;
|
|
38
|
-
phone_number?: string | undefined;
|
|
39
|
-
phone_number_verified?: boolean | undefined;
|
|
40
|
-
address?: {
|
|
41
|
-
formatted?: string | undefined;
|
|
42
|
-
street_address?: string | undefined;
|
|
43
|
-
locality?: string | undefined;
|
|
44
|
-
region?: string | undefined;
|
|
45
|
-
postal_code?: string | undefined;
|
|
46
|
-
country?: string | undefined;
|
|
47
|
-
} | undefined;
|
|
48
|
-
profile?: string | undefined;
|
|
49
|
-
family_name?: string | undefined;
|
|
50
|
-
given_name?: string | undefined;
|
|
51
|
-
middle_name?: string | undefined;
|
|
52
|
-
nickname?: string | undefined;
|
|
53
|
-
preferred_username?: string | undefined;
|
|
54
|
-
gender?: string | undefined;
|
|
55
39
|
picture?: string | undefined;
|
|
56
|
-
website?: string | undefined;
|
|
57
|
-
birthdate?: string | undefined;
|
|
58
|
-
zoneinfo?: string | undefined;
|
|
59
|
-
locale?: string | undefined;
|
|
60
|
-
updated_at?: number | undefined;
|
|
61
40
|
nbf?: number | undefined;
|
|
62
41
|
acr?: string | undefined;
|
|
63
42
|
azp?: string | undefined;
|
|
@@ -171,6 +150,27 @@ export declare class Signer {
|
|
|
171
150
|
c_hash?: string | undefined;
|
|
172
151
|
s_hash?: string | undefined;
|
|
173
152
|
auth_time?: number | undefined;
|
|
153
|
+
family_name?: string | undefined;
|
|
154
|
+
given_name?: string | undefined;
|
|
155
|
+
middle_name?: string | undefined;
|
|
156
|
+
nickname?: string | undefined;
|
|
157
|
+
gender?: string | undefined;
|
|
158
|
+
profile?: string | undefined;
|
|
159
|
+
website?: string | undefined;
|
|
160
|
+
birthdate?: string | undefined;
|
|
161
|
+
zoneinfo?: string | undefined;
|
|
162
|
+
locale?: string | undefined;
|
|
163
|
+
updated_at?: number | undefined;
|
|
164
|
+
phone_number?: string | undefined;
|
|
165
|
+
phone_number_verified?: boolean | undefined;
|
|
166
|
+
address?: {
|
|
167
|
+
formatted?: string | undefined;
|
|
168
|
+
street_address?: string | undefined;
|
|
169
|
+
locality?: string | undefined;
|
|
170
|
+
region?: string | undefined;
|
|
171
|
+
postal_code?: string | undefined;
|
|
172
|
+
country?: string | undefined;
|
|
173
|
+
} | undefined;
|
|
174
174
|
authorization_details?: import("zod").objectOutputType<{
|
|
175
175
|
type: import("zod").ZodString;
|
|
176
176
|
locations: import("zod").ZodOptional<import("zod").ZodArray<import("zod").ZodString, "many">>;
|
|
@@ -182,12 +182,5 @@ export declare class Signer {
|
|
|
182
182
|
}, string> & {
|
|
183
183
|
key: import("@atproto/jwk").Key;
|
|
184
184
|
}>;
|
|
185
|
-
idToken(client: Client, params: OAuthAuthenticationRequestParameters, account: Account, extra: {
|
|
186
|
-
exp: Date;
|
|
187
|
-
iat?: Date;
|
|
188
|
-
auth_time?: Date;
|
|
189
|
-
code?: string;
|
|
190
|
-
access_token?: string;
|
|
191
|
-
}): Promise<SignedJwt>;
|
|
192
185
|
}
|
|
193
186
|
//# sourceMappingURL=signer.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signer.d.ts","sourceRoot":"","sources":["../../src/signer/signer.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"signer.d.ts","sourceRoot":"","sources":["../../src/signer/signer.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,UAAU,EACV,gBAAgB,EAChB,aAAa,EACb,MAAM,EACN,SAAS,EACT,aAAa,EACd,MAAM,cAAc,CAAA;AACrB,OAAO,EACL,oCAAoC,EACpC,yBAAyB,EAC1B,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAE5C,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA;AAM9C,MAAM,MAAM,WAAW,GAAG,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,CAAA;AAEjD,qBAAa,MAAM;aAEC,MAAM,EAAE,MAAM;aACd,MAAM,EAAE,MAAM;gBADd,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM;IAG1B,MAAM,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,UAAU,EACzD,KAAK,EAAE,SAAS,EAChB,OAAO,CAAC,EAAE,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC;;;IAQ5B,IAAI,CACf,UAAU,EAAE,aAAa,EACzB,OAAO,EAAE,WAAW,GAAG,gBAAgB,CAAC,WAAW,CAAC,GACnD,OAAO,CAAC,SAAS,CAAC;IASf,WAAW,CACf,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,oCAAoC,EAChD,OAAO,EAAE,OAAO,EAChB,KAAK,EAAE;QACL,GAAG,EAAE,OAAO,CAAA;QACZ,GAAG,EAAE,IAAI,CAAA;QACT,GAAG,CAAC,EAAE,IAAI,CAAA;QACV,GAAG,CAAC,EAAE,MAAM,CAAA;QACZ,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;QAC5B,qBAAqB,CAAC,EAAE,yBAAyB,CAAA;KAClD,GACA,OAAO,CAAC,SAAS,CAAC;IAuBf,iBAAiB,CAAC,KAAK,EAAE,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAczC"}
|
package/dist/signer/signer.js
CHANGED
|
@@ -1,12 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.Signer = void 0;
|
|
4
|
-
const node_crypto_1 = require("node:crypto");
|
|
5
|
-
const oidc_token_hash_1 = require("oidc-token-hash");
|
|
6
|
-
const invalid_client_metadata_error_js_1 = require("../errors/invalid-client-metadata-error.js");
|
|
7
4
|
const date_js_1 = require("../lib/util/date.js");
|
|
8
|
-
const claims_requested_js_1 = require("../parameters/claims-requested.js");
|
|
9
|
-
const oidc_payload_js_1 = require("../parameters/oidc-payload.js");
|
|
10
5
|
const signed_token_payload_js_1 = require("./signed-token-payload.js");
|
|
11
6
|
class Signer {
|
|
12
7
|
issuer;
|
|
@@ -61,41 +56,6 @@ class Signer {
|
|
|
61
56
|
signed_token_payload_js_1.signedTokenPayloadSchema.parse(result.payload);
|
|
62
57
|
return result;
|
|
63
58
|
}
|
|
64
|
-
async idToken(client, params, account, extra) {
|
|
65
|
-
// This can happen when a client is using password_grant. If a client is
|
|
66
|
-
// using password_grant, it should not set "require_auth_time" to true.
|
|
67
|
-
if (client.metadata.require_auth_time && extra.auth_time == null) {
|
|
68
|
-
throw new invalid_client_metadata_error_js_1.InvalidClientMetadataError('"require_auth_time" metadata is not compatible with "password_grant" flow');
|
|
69
|
-
}
|
|
70
|
-
return this.sign({
|
|
71
|
-
alg: client.metadata.id_token_signed_response_alg,
|
|
72
|
-
typ: 'JWT',
|
|
73
|
-
}, async ({ alg }, key) => ({
|
|
74
|
-
...(0, oidc_payload_js_1.oidcPayload)(params, account),
|
|
75
|
-
aud: client.id,
|
|
76
|
-
iat: (0, date_js_1.dateToEpoch)(extra.iat),
|
|
77
|
-
exp: (0, date_js_1.dateToEpoch)(extra.exp),
|
|
78
|
-
sub: account.sub,
|
|
79
|
-
jti: (0, node_crypto_1.randomBytes)(16).toString('hex'),
|
|
80
|
-
scope: params.scope,
|
|
81
|
-
nonce: params.nonce,
|
|
82
|
-
s_hash: params.state //
|
|
83
|
-
? await (0, oidc_token_hash_1.generate)(params.state, alg, key.crv)
|
|
84
|
-
: undefined,
|
|
85
|
-
c_hash: extra.code //
|
|
86
|
-
? await (0, oidc_token_hash_1.generate)(extra.code, alg, key.crv)
|
|
87
|
-
: undefined,
|
|
88
|
-
at_hash: extra.access_token //
|
|
89
|
-
? await (0, oidc_token_hash_1.generate)(extra.access_token, alg, key.crv)
|
|
90
|
-
: undefined,
|
|
91
|
-
// https://openid.net/specs/openid-provider-authentication-policy-extension-1_0.html#rfc.section.5.2
|
|
92
|
-
auth_time: client.metadata.require_auth_time ||
|
|
93
|
-
(extra.auth_time != null && params.max_age != null) ||
|
|
94
|
-
(0, claims_requested_js_1.claimRequested)(params, 'id_token', 'auth_time', extra.auth_time)
|
|
95
|
-
? (0, date_js_1.dateToEpoch)(extra.auth_time)
|
|
96
|
-
: undefined,
|
|
97
|
-
}));
|
|
98
|
-
}
|
|
99
59
|
}
|
|
100
60
|
exports.Signer = Signer;
|
|
101
61
|
//# sourceMappingURL=signer.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signer.js","sourceRoot":"","sources":["../../src/signer/signer.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"signer.js","sourceRoot":"","sources":["../../src/signer/signer.ts"],"names":[],"mappings":";;;AAeA,iDAAiD;AAEjD,uEAGkC;AAIlC,MAAa,MAAM;IAEC;IACA;IAFlB,YACkB,MAAc,EACd,MAAc;QADd,WAAM,GAAN,MAAM,CAAQ;QACd,WAAM,GAAN,MAAM,CAAQ;IAC7B,CAAC;IAEJ,KAAK,CAAC,MAAM,CACV,KAAgB,EAChB,OAAuC;QAEvC,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAI,KAAK,EAAE;YACrC,GAAG,OAAO;YACV,MAAM,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC;SACtB,CAAC,CAAA;IACJ,CAAC;IAEM,KAAK,CAAC,IAAI,CACf,UAAyB,EACzB,OAAoD;QAEpD,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,UAAU,EAAE,KAAK,EAAE,eAAe,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;YACxE,GAAG,CAAC,OAAO,OAAO,KAAK,UAAU;gBAC/B,CAAC,CAAC,MAAM,OAAO,CAAC,eAAe,EAAE,GAAG,CAAC;gBACrC,CAAC,CAAC,OAAO,CAAC;YACZ,GAAG,EAAE,IAAI,CAAC,MAAM;SACjB,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CACf,MAAc,EACd,UAAgD,EAChD,OAAgB,EAChB,KAOC;QAED,MAAM,MAAM,GAAkB;YAC5B,4DAA4D;YAC5D,GAAG,EAAE,KAAK,CAAC,GAAG;YACd,GAAG,EAAE,QAAQ;SACd,CAAA;QAED,MAAM,OAAO,GAAoC;YAC/C,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,GAAG,EAAE,IAAA,qBAAW,EAAC,KAAK,EAAE,GAAG,CAAC;YAC5B,GAAG,EAAE,IAAA,qBAAW,EAAC,KAAK,CAAC,GAAG,CAAC;YAC3B,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,GAAG,EAAE,KAAK,CAAC,GAAG;YACd,GAAG,EAAE,KAAK,CAAC,GAAG;YACd,4DAA4D;YAC5D,SAAS,EAAE,MAAM,CAAC,EAAE;YACpB,KAAK,EAAE,UAAU,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK;YAChD,qBAAqB,EAAE,KAAK,CAAC,qBAAqB;SACnD,CAAA;QAED,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IACnC,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAAgB;QACtC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAqB,KAAK,EAAE;YAC1D,GAAG,EAAE,QAAQ;SACd,CAAC,CAAA;QAEF,0EAA0E;QAC1E,2EAA2E;QAC3E,uEAAuE;QACvE,wEAAwE;QACxE,SAAS;QACT,kDAAwB,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;QAE9C,OAAO,MAAM,CAAA;IACf,CAAC;CACF;AA7ED,wBA6EC"}
|
|
@@ -18,46 +18,11 @@ export declare const tokenClaimsSchema: z.ZodIntersection<z.ZodObject<{
|
|
|
18
18
|
htm: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
19
19
|
htu: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
20
20
|
ath: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
21
|
+
sub: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
22
|
+
preferred_username: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
21
23
|
email: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
22
24
|
email_verified: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
|
|
23
|
-
phone_number: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
24
|
-
phone_number_verified: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
|
|
25
|
-
address: z.ZodOptional<z.ZodOptional<z.ZodObject<{
|
|
26
|
-
formatted: z.ZodOptional<z.ZodString>;
|
|
27
|
-
street_address: z.ZodOptional<z.ZodString>;
|
|
28
|
-
locality: z.ZodOptional<z.ZodString>;
|
|
29
|
-
region: z.ZodOptional<z.ZodString>;
|
|
30
|
-
postal_code: z.ZodOptional<z.ZodString>;
|
|
31
|
-
country: z.ZodOptional<z.ZodString>;
|
|
32
|
-
}, "strip", z.ZodTypeAny, {
|
|
33
|
-
formatted?: string | undefined;
|
|
34
|
-
street_address?: string | undefined;
|
|
35
|
-
locality?: string | undefined;
|
|
36
|
-
region?: string | undefined;
|
|
37
|
-
postal_code?: string | undefined;
|
|
38
|
-
country?: string | undefined;
|
|
39
|
-
}, {
|
|
40
|
-
formatted?: string | undefined;
|
|
41
|
-
street_address?: string | undefined;
|
|
42
|
-
locality?: string | undefined;
|
|
43
|
-
region?: string | undefined;
|
|
44
|
-
postal_code?: string | undefined;
|
|
45
|
-
country?: string | undefined;
|
|
46
|
-
}>>>;
|
|
47
|
-
profile: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
48
|
-
family_name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
49
|
-
given_name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
50
|
-
middle_name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
51
|
-
nickname: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
52
|
-
preferred_username: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
53
|
-
gender: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
54
25
|
picture: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
55
|
-
website: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
56
|
-
birthdate: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
57
|
-
zoneinfo: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
58
|
-
locale: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
59
|
-
updated_at: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
|
|
60
|
-
sub: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
61
26
|
nbf: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
|
|
62
27
|
acr: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
63
28
|
azp: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
@@ -1349,6 +1314,41 @@ export declare const tokenClaimsSchema: z.ZodIntersection<z.ZodObject<{
|
|
|
1349
1314
|
c_hash: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1350
1315
|
s_hash: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1351
1316
|
auth_time: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
|
|
1317
|
+
family_name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1318
|
+
given_name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1319
|
+
middle_name: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1320
|
+
nickname: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1321
|
+
gender: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1322
|
+
profile: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1323
|
+
website: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1324
|
+
birthdate: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1325
|
+
zoneinfo: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1326
|
+
locale: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1327
|
+
updated_at: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
|
|
1328
|
+
phone_number: z.ZodOptional<z.ZodOptional<z.ZodString>>;
|
|
1329
|
+
phone_number_verified: z.ZodOptional<z.ZodOptional<z.ZodBoolean>>;
|
|
1330
|
+
address: z.ZodOptional<z.ZodOptional<z.ZodObject<{
|
|
1331
|
+
formatted: z.ZodOptional<z.ZodString>;
|
|
1332
|
+
street_address: z.ZodOptional<z.ZodString>;
|
|
1333
|
+
locality: z.ZodOptional<z.ZodString>;
|
|
1334
|
+
region: z.ZodOptional<z.ZodString>;
|
|
1335
|
+
postal_code: z.ZodOptional<z.ZodString>;
|
|
1336
|
+
country: z.ZodOptional<z.ZodString>;
|
|
1337
|
+
}, "strip", z.ZodTypeAny, {
|
|
1338
|
+
formatted?: string | undefined;
|
|
1339
|
+
street_address?: string | undefined;
|
|
1340
|
+
locality?: string | undefined;
|
|
1341
|
+
region?: string | undefined;
|
|
1342
|
+
postal_code?: string | undefined;
|
|
1343
|
+
country?: string | undefined;
|
|
1344
|
+
}, {
|
|
1345
|
+
formatted?: string | undefined;
|
|
1346
|
+
street_address?: string | undefined;
|
|
1347
|
+
locality?: string | undefined;
|
|
1348
|
+
region?: string | undefined;
|
|
1349
|
+
postal_code?: string | undefined;
|
|
1350
|
+
country?: string | undefined;
|
|
1351
|
+
}>>>;
|
|
1352
1352
|
authorization_details: z.ZodOptional<z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
1353
1353
|
type: z.ZodString;
|
|
1354
1354
|
locations: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
@@ -1382,31 +1382,10 @@ export declare const tokenClaimsSchema: z.ZodIntersection<z.ZodObject<{
|
|
|
1382
1382
|
htm?: string | undefined;
|
|
1383
1383
|
htu?: string | undefined;
|
|
1384
1384
|
ath?: string | undefined;
|
|
1385
|
+
preferred_username?: string | undefined;
|
|
1385
1386
|
email?: string | undefined;
|
|
1386
1387
|
email_verified?: boolean | undefined;
|
|
1387
|
-
phone_number?: string | undefined;
|
|
1388
|
-
phone_number_verified?: boolean | undefined;
|
|
1389
|
-
address?: {
|
|
1390
|
-
formatted?: string | undefined;
|
|
1391
|
-
street_address?: string | undefined;
|
|
1392
|
-
locality?: string | undefined;
|
|
1393
|
-
region?: string | undefined;
|
|
1394
|
-
postal_code?: string | undefined;
|
|
1395
|
-
country?: string | undefined;
|
|
1396
|
-
} | undefined;
|
|
1397
|
-
profile?: string | undefined;
|
|
1398
|
-
family_name?: string | undefined;
|
|
1399
|
-
given_name?: string | undefined;
|
|
1400
|
-
middle_name?: string | undefined;
|
|
1401
|
-
nickname?: string | undefined;
|
|
1402
|
-
preferred_username?: string | undefined;
|
|
1403
|
-
gender?: string | undefined;
|
|
1404
1388
|
picture?: string | undefined;
|
|
1405
|
-
website?: string | undefined;
|
|
1406
|
-
birthdate?: string | undefined;
|
|
1407
|
-
zoneinfo?: string | undefined;
|
|
1408
|
-
locale?: string | undefined;
|
|
1409
|
-
updated_at?: number | undefined;
|
|
1410
1389
|
nbf?: number | undefined;
|
|
1411
1390
|
acr?: string | undefined;
|
|
1412
1391
|
azp?: string | undefined;
|
|
@@ -1520,6 +1499,27 @@ export declare const tokenClaimsSchema: z.ZodIntersection<z.ZodObject<{
|
|
|
1520
1499
|
c_hash?: string | undefined;
|
|
1521
1500
|
s_hash?: string | undefined;
|
|
1522
1501
|
auth_time?: number | undefined;
|
|
1502
|
+
family_name?: string | undefined;
|
|
1503
|
+
given_name?: string | undefined;
|
|
1504
|
+
middle_name?: string | undefined;
|
|
1505
|
+
nickname?: string | undefined;
|
|
1506
|
+
gender?: string | undefined;
|
|
1507
|
+
profile?: string | undefined;
|
|
1508
|
+
website?: string | undefined;
|
|
1509
|
+
birthdate?: string | undefined;
|
|
1510
|
+
zoneinfo?: string | undefined;
|
|
1511
|
+
locale?: string | undefined;
|
|
1512
|
+
updated_at?: number | undefined;
|
|
1513
|
+
phone_number?: string | undefined;
|
|
1514
|
+
phone_number_verified?: boolean | undefined;
|
|
1515
|
+
address?: {
|
|
1516
|
+
formatted?: string | undefined;
|
|
1517
|
+
street_address?: string | undefined;
|
|
1518
|
+
locality?: string | undefined;
|
|
1519
|
+
region?: string | undefined;
|
|
1520
|
+
postal_code?: string | undefined;
|
|
1521
|
+
country?: string | undefined;
|
|
1522
|
+
} | undefined;
|
|
1523
1523
|
authorization_details?: z.objectOutputType<{
|
|
1524
1524
|
type: z.ZodString;
|
|
1525
1525
|
locations: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
@@ -1536,31 +1536,10 @@ export declare const tokenClaimsSchema: z.ZodIntersection<z.ZodObject<{
|
|
|
1536
1536
|
htm?: string | undefined;
|
|
1537
1537
|
htu?: string | undefined;
|
|
1538
1538
|
ath?: string | undefined;
|
|
1539
|
+
preferred_username?: string | undefined;
|
|
1539
1540
|
email?: string | undefined;
|
|
1540
1541
|
email_verified?: boolean | undefined;
|
|
1541
|
-
phone_number?: string | undefined;
|
|
1542
|
-
phone_number_verified?: boolean | undefined;
|
|
1543
|
-
address?: {
|
|
1544
|
-
formatted?: string | undefined;
|
|
1545
|
-
street_address?: string | undefined;
|
|
1546
|
-
locality?: string | undefined;
|
|
1547
|
-
region?: string | undefined;
|
|
1548
|
-
postal_code?: string | undefined;
|
|
1549
|
-
country?: string | undefined;
|
|
1550
|
-
} | undefined;
|
|
1551
|
-
profile?: string | undefined;
|
|
1552
|
-
family_name?: string | undefined;
|
|
1553
|
-
given_name?: string | undefined;
|
|
1554
|
-
middle_name?: string | undefined;
|
|
1555
|
-
nickname?: string | undefined;
|
|
1556
|
-
preferred_username?: string | undefined;
|
|
1557
|
-
gender?: string | undefined;
|
|
1558
1542
|
picture?: string | undefined;
|
|
1559
|
-
website?: string | undefined;
|
|
1560
|
-
birthdate?: string | undefined;
|
|
1561
|
-
zoneinfo?: string | undefined;
|
|
1562
|
-
locale?: string | undefined;
|
|
1563
|
-
updated_at?: number | undefined;
|
|
1564
1543
|
nbf?: number | undefined;
|
|
1565
1544
|
acr?: string | undefined;
|
|
1566
1545
|
azp?: string | undefined;
|
|
@@ -1674,6 +1653,27 @@ export declare const tokenClaimsSchema: z.ZodIntersection<z.ZodObject<{
|
|
|
1674
1653
|
c_hash?: string | undefined;
|
|
1675
1654
|
s_hash?: string | undefined;
|
|
1676
1655
|
auth_time?: number | undefined;
|
|
1656
|
+
family_name?: string | undefined;
|
|
1657
|
+
given_name?: string | undefined;
|
|
1658
|
+
middle_name?: string | undefined;
|
|
1659
|
+
nickname?: string | undefined;
|
|
1660
|
+
gender?: string | undefined;
|
|
1661
|
+
profile?: string | undefined;
|
|
1662
|
+
website?: string | undefined;
|
|
1663
|
+
birthdate?: string | undefined;
|
|
1664
|
+
zoneinfo?: string | undefined;
|
|
1665
|
+
locale?: string | undefined;
|
|
1666
|
+
updated_at?: number | undefined;
|
|
1667
|
+
phone_number?: string | undefined;
|
|
1668
|
+
phone_number_verified?: boolean | undefined;
|
|
1669
|
+
address?: {
|
|
1670
|
+
formatted?: string | undefined;
|
|
1671
|
+
street_address?: string | undefined;
|
|
1672
|
+
locality?: string | undefined;
|
|
1673
|
+
region?: string | undefined;
|
|
1674
|
+
postal_code?: string | undefined;
|
|
1675
|
+
country?: string | undefined;
|
|
1676
|
+
} | undefined;
|
|
1677
1677
|
authorization_details?: z.objectInputType<{
|
|
1678
1678
|
type: z.ZodString;
|
|
1679
1679
|
locations: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
import { SignedJwt } from '@atproto/jwk';
|
|
2
1
|
import { AccessToken, OAuthAuthenticationRequestParameters, OAuthTokenResponse, OAuthTokenType } from '@atproto/oauth-types';
|
|
3
2
|
import { AccessTokenType } from '../access-token/access-token-type.js';
|
|
4
3
|
import { DeviceAccountInfo } from '../account/account-store.js';
|
|
@@ -28,7 +27,7 @@ export declare class TokenManager {
|
|
|
28
27
|
id: DeviceId;
|
|
29
28
|
info: DeviceAccountInfo;
|
|
30
29
|
}, parameters: OAuthAuthenticationRequestParameters, input: CodeGrantRequest, dpopJkt: null | string): Promise<OAuthTokenResponse>;
|
|
31
|
-
protected buildTokenResponse(client: Client, accessToken: AccessToken, refreshToken: string | undefined,
|
|
30
|
+
protected buildTokenResponse(client: Client, accessToken: AccessToken, refreshToken: string | undefined, expiresAt: Date, parameters: OAuthAuthenticationRequestParameters, account: Account, authorizationDetails: null | any): Promise<OAuthTokenResponse>;
|
|
32
31
|
protected validateAccess(client: Client, clientAuth: ClientAuth, tokenInfo: TokenInfo): Promise<void>;
|
|
33
32
|
refresh(client: Client, clientAuth: ClientAuth, input: RefreshGrantRequest, dpopJkt: null | string): Promise<OAuthTokenResponse>;
|
|
34
33
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token-manager.d.ts","sourceRoot":"","sources":["../../src/token/token-manager.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"token-manager.d.ts","sourceRoot":"","sources":["../../src/token/token-manager.ts"],"names":[],"mappings":"AACA,OAAO,EACL,WAAW,EAEX,oCAAoC,EACpC,kBAAkB,EAClB,cAAc,EACf,MAAM,sBAAsB,CAAA;AAG7B,OAAO,EAAE,eAAe,EAAE,MAAM,sCAAsC,CAAA;AACtE,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAA;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AACrD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAQ5C,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AAQjD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAE9C,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAI5C,OAAO,EACL,OAAO,EAIR,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AACxD,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAA;AAClE,OAAO,EACL,wBAAwB,EACxB,uBAAuB,EAExB,MAAM,0BAA0B,CAAA;AAEjC,MAAM,MAAM,yBAAyB,GAAG,uBAAuB,GAAG;IAChE,SAAS,EAAE,SAAS,CAAA;CACrB,CAAA;AAED,qBAAa,YAAY;IAErB,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,UAAU;IACpC,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM;IACjC,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,UAAU;IACpC,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,eAAe;IACnD,SAAS,CAAC,QAAQ,CAAC,WAAW;gBAJX,KAAK,EAAE,UAAU,EACjB,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,UAAU,EACjB,eAAe,EAAE,eAAe,EAChC,WAAW,SAAgB;IAGhD,SAAS,CAAC,iBAAiB,CAAC,GAAG,OAAa;IAI5C,SAAS,CAAC,iBAAiB,CAAC,OAAO,EAAE,OAAO;IAQtC,MAAM,CACV,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,IAAI,GAAG;QAAE,EAAE,EAAE,QAAQ,CAAC;QAAC,IAAI,EAAE,iBAAiB,CAAA;KAAE,EACxD,UAAU,EAAE,oCAAoC,EAChD,KAAK,EAAE,gBAAgB,EACvB,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,kBAAkB,CAAC;cA2Jd,kBAAkB,CAChC,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,YAAY,EAAE,MAAM,GAAG,SAAS,EAChC,SAAS,EAAE,IAAI,EACf,UAAU,EAAE,oCAAoC,EAChD,OAAO,EAAE,OAAO,EAChB,oBAAoB,EAAE,IAAI,GAAG,GAAG,GAC/B,OAAO,CAAC,kBAAkB,CAAC;cAoBd,cAAc,CAC5B,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,SAAS;IAmBhB,OAAO,CACX,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,mBAAmB,EAC1B,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,kBAAkB,CAAC;IA+G9B;;OAEG;IACG,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkC1C;;;;OAIG;IACG,eAAe,CACnB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,SAAS,CAAC;cAoBL,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IA0CjE,YAAY,CAAC,SAAS,EAAE,cAAc,EAAE,OAAO,EAAE,OAAO;IAcxD,mBAAmB,CACvB,SAAS,EAAE,cAAc,EACzB,KAAK,EAAE,OAAO,EACd,OAAO,EAAE,MAAM,GAAG,IAAI,EACtB,aAAa,CAAC,EAAE,wBAAwB,GACvC,OAAO,CAAC,yBAAyB,CAAC;CA0BtC"}
|