@atproto/oauth-provider 0.2.0 → 0.2.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (170) hide show
  1. package/CHANGELOG.md +42 -0
  2. package/dist/account/account-store.d.ts +2 -2
  3. package/dist/assets/app/bundle-manifest.json +3 -3
  4. package/dist/assets/app/main.css +1 -1
  5. package/dist/assets/app/main.js +3 -3
  6. package/dist/assets/app/main.js.map +1 -1
  7. package/dist/assets/assets-middleware.d.ts.map +1 -1
  8. package/dist/assets/assets-middleware.js +4 -2
  9. package/dist/assets/assets-middleware.js.map +1 -1
  10. package/dist/client/client-manager.d.ts.map +1 -1
  11. package/dist/client/client-manager.js +127 -118
  12. package/dist/client/client-manager.js.map +1 -1
  13. package/dist/client/client-utils.d.ts +1 -2
  14. package/dist/client/client-utils.d.ts.map +1 -1
  15. package/dist/client/client-utils.js +3 -12
  16. package/dist/client/client-utils.js.map +1 -1
  17. package/dist/client/client.d.ts +8 -3
  18. package/dist/client/client.d.ts.map +1 -1
  19. package/dist/client/client.js +70 -1
  20. package/dist/client/client.js.map +1 -1
  21. package/dist/constants.d.ts +0 -1
  22. package/dist/constants.d.ts.map +1 -1
  23. package/dist/constants.js +1 -2
  24. package/dist/constants.js.map +1 -1
  25. package/dist/errors/access-denied-error.d.ts +4 -4
  26. package/dist/errors/access-denied-error.d.ts.map +1 -1
  27. package/dist/errors/access-denied-error.js +2 -2
  28. package/dist/errors/access-denied-error.js.map +1 -1
  29. package/dist/errors/account-selection-required-error.d.ts +2 -2
  30. package/dist/errors/account-selection-required-error.d.ts.map +1 -1
  31. package/dist/errors/account-selection-required-error.js.map +1 -1
  32. package/dist/errors/consent-required-error.d.ts +2 -2
  33. package/dist/errors/consent-required-error.d.ts.map +1 -1
  34. package/dist/errors/consent-required-error.js.map +1 -1
  35. package/dist/errors/invalid-authorization-details-error.d.ts +2 -2
  36. package/dist/errors/invalid-authorization-details-error.d.ts.map +1 -1
  37. package/dist/errors/invalid-authorization-details-error.js.map +1 -1
  38. package/dist/errors/invalid-client-id-error.d.ts +1 -1
  39. package/dist/errors/invalid-client-id-error.d.ts.map +1 -1
  40. package/dist/errors/invalid-client-id-error.js +12 -6
  41. package/dist/errors/invalid-client-id-error.js.map +1 -1
  42. package/dist/errors/invalid-client-metadata-error.d.ts +1 -1
  43. package/dist/errors/invalid-client-metadata-error.d.ts.map +1 -1
  44. package/dist/errors/invalid-client-metadata-error.js +11 -3
  45. package/dist/errors/invalid-client-metadata-error.js.map +1 -1
  46. package/dist/errors/invalid-parameters-error.d.ts +2 -2
  47. package/dist/errors/invalid-parameters-error.d.ts.map +1 -1
  48. package/dist/errors/invalid-parameters-error.js.map +1 -1
  49. package/dist/errors/invalid-scope-error.d.ts +9 -0
  50. package/dist/errors/invalid-scope-error.d.ts.map +1 -0
  51. package/dist/errors/invalid-scope-error.js +14 -0
  52. package/dist/errors/invalid-scope-error.js.map +1 -0
  53. package/dist/errors/login-required-error.d.ts +2 -2
  54. package/dist/errors/login-required-error.d.ts.map +1 -1
  55. package/dist/errors/login-required-error.js.map +1 -1
  56. package/dist/lib/html/html.d.ts +1 -1
  57. package/dist/lib/html/html.d.ts.map +1 -1
  58. package/dist/lib/html/html.js +14 -11
  59. package/dist/lib/html/html.js.map +1 -1
  60. package/dist/lib/http/parser.d.ts +9 -2
  61. package/dist/lib/http/parser.d.ts.map +1 -1
  62. package/dist/lib/http/parser.js +15 -7
  63. package/dist/lib/http/parser.js.map +1 -1
  64. package/dist/lib/http/request.d.ts +0 -23
  65. package/dist/lib/http/request.d.ts.map +1 -1
  66. package/dist/lib/http/request.js +1 -11
  67. package/dist/lib/http/request.js.map +1 -1
  68. package/dist/lib/http/stream.d.ts +28 -6
  69. package/dist/lib/http/stream.d.ts.map +1 -1
  70. package/dist/lib/http/stream.js +21 -32
  71. package/dist/lib/http/stream.js.map +1 -1
  72. package/dist/lib/util/authorization-header.d.ts.map +1 -1
  73. package/dist/lib/util/authorization-header.js +1 -1
  74. package/dist/lib/util/authorization-header.js.map +1 -1
  75. package/dist/lib/util/hostname.d.ts +3 -2
  76. package/dist/lib/util/hostname.d.ts.map +1 -1
  77. package/dist/lib/util/hostname.js +12 -8
  78. package/dist/lib/util/hostname.js.map +1 -1
  79. package/dist/metadata/build-metadata.d.ts.map +1 -1
  80. package/dist/metadata/build-metadata.js +2 -1
  81. package/dist/metadata/build-metadata.js.map +1 -1
  82. package/dist/oauth-errors.d.ts +1 -0
  83. package/dist/oauth-errors.d.ts.map +1 -1
  84. package/dist/oauth-errors.js +3 -1
  85. package/dist/oauth-errors.js.map +1 -1
  86. package/dist/oauth-hooks.d.ts +3 -3
  87. package/dist/oauth-hooks.d.ts.map +1 -1
  88. package/dist/oauth-provider.d.ts +20 -22
  89. package/dist/oauth-provider.d.ts.map +1 -1
  90. package/dist/oauth-provider.js +234 -176
  91. package/dist/oauth-provider.js.map +1 -1
  92. package/dist/oauth-verifier.d.ts +2 -2
  93. package/dist/oauth-verifier.d.ts.map +1 -1
  94. package/dist/oauth-verifier.js.map +1 -1
  95. package/dist/output/build-authorize-data.d.ts +2 -2
  96. package/dist/output/build-authorize-data.d.ts.map +1 -1
  97. package/dist/output/send-authorize-redirect.d.ts +2 -4
  98. package/dist/output/send-authorize-redirect.d.ts.map +1 -1
  99. package/dist/output/send-authorize-redirect.js +5 -2
  100. package/dist/output/send-authorize-redirect.js.map +1 -1
  101. package/dist/request/request-data.d.ts +2 -2
  102. package/dist/request/request-data.d.ts.map +1 -1
  103. package/dist/request/request-info.d.ts +2 -2
  104. package/dist/request/request-info.d.ts.map +1 -1
  105. package/dist/request/request-manager.d.ts +4 -4
  106. package/dist/request/request-manager.d.ts.map +1 -1
  107. package/dist/request/request-manager.js +94 -60
  108. package/dist/request/request-manager.js.map +1 -1
  109. package/dist/signer/signed-token-payload.d.ts +122 -122
  110. package/dist/signer/signer.d.ts +41 -40
  111. package/dist/signer/signer.d.ts.map +1 -1
  112. package/dist/signer/signer.js +13 -15
  113. package/dist/signer/signer.js.map +1 -1
  114. package/dist/token/token-claims.d.ts +121 -121
  115. package/dist/token/token-data.d.ts +3 -3
  116. package/dist/token/token-data.d.ts.map +1 -1
  117. package/dist/token/token-manager.d.ts +4 -5
  118. package/dist/token/token-manager.d.ts.map +1 -1
  119. package/dist/token/token-manager.js +96 -72
  120. package/dist/token/token-manager.js.map +1 -1
  121. package/dist/token/verify-token-claims.d.ts +3 -3
  122. package/dist/token/verify-token-claims.d.ts.map +1 -1
  123. package/dist/token/verify-token-claims.js.map +1 -1
  124. package/package.json +7 -6
  125. package/src/assets/app/components/sign-in-form.tsx +31 -2
  126. package/src/assets/app/components/url-viewer.tsx +3 -3
  127. package/src/assets/assets-middleware.ts +4 -2
  128. package/src/client/client-manager.ts +163 -161
  129. package/src/client/client-utils.ts +7 -12
  130. package/src/client/client.ts +112 -3
  131. package/src/constants.ts +0 -2
  132. package/src/errors/access-denied-error.ts +10 -4
  133. package/src/errors/account-selection-required-error.ts +2 -2
  134. package/src/errors/consent-required-error.ts +2 -2
  135. package/src/errors/invalid-authorization-details-error.ts +2 -2
  136. package/src/errors/invalid-client-id-error.ts +15 -4
  137. package/src/errors/invalid-client-metadata-error.ts +15 -3
  138. package/src/errors/invalid-parameters-error.ts +2 -2
  139. package/src/errors/invalid-scope-error.ts +15 -0
  140. package/src/errors/login-required-error.ts +2 -2
  141. package/src/lib/html/html.ts +14 -12
  142. package/src/lib/http/parser.ts +21 -8
  143. package/src/lib/http/request.ts +1 -23
  144. package/src/lib/http/stream.ts +29 -60
  145. package/src/lib/util/authorization-header.ts +5 -2
  146. package/src/lib/util/hostname.ts +9 -5
  147. package/src/metadata/build-metadata.ts +3 -1
  148. package/src/oauth-errors.ts +1 -0
  149. package/src/oauth-hooks.ts +3 -3
  150. package/src/oauth-provider.ts +368 -269
  151. package/src/oauth-verifier.ts +2 -2
  152. package/src/output/build-authorize-data.ts +2 -2
  153. package/src/output/send-authorize-redirect.ts +7 -6
  154. package/src/request/request-data.ts +2 -2
  155. package/src/request/request-info.ts +2 -2
  156. package/src/request/request-manager.ts +129 -103
  157. package/src/signer/signer.ts +24 -25
  158. package/src/token/token-data.ts +3 -3
  159. package/src/token/token-manager.ts +141 -99
  160. package/src/token/verify-token-claims.ts +3 -3
  161. package/dist/request/types.d.ts +0 -328
  162. package/dist/request/types.d.ts.map +0 -1
  163. package/dist/request/types.js +0 -27
  164. package/dist/request/types.js.map +0 -1
  165. package/dist/token/types.d.ts +0 -250
  166. package/dist/token/types.d.ts.map +0 -1
  167. package/dist/token/types.js +0 -36
  168. package/dist/token/types.js.map +0 -1
  169. package/src/request/types.ts +0 -48
  170. package/src/token/types.ts +0 -86
@@ -1,48 +0,0 @@
1
- import { signedJwtSchema, unsignedJwtSchema } from '@atproto/jwk'
2
- import {
3
- oauthAuthenticationRequestParametersSchema,
4
- oauthClientIdentificationSchema,
5
- } from '@atproto/oauth-types'
6
- import { z } from 'zod'
7
-
8
- import { requestUriSchema } from './request-uri.js'
9
-
10
- export const authorizationRequestJarSchema = z.object({
11
- /**
12
- * AuthorizationRequest inside a JWT:
13
- * - "iat" is required and **MUST** be less than one minute
14
- *
15
- * @see {@link https://datatracker.ietf.org/doc/html/rfc9101}
16
- */
17
- request: z.union([signedJwtSchema, unsignedJwtSchema]),
18
- })
19
-
20
- export type AuthorizationRequestJar = z.infer<
21
- typeof authorizationRequestJarSchema
22
- >
23
-
24
- export const pushedAuthorizationRequestSchema = z.intersection(
25
- oauthClientIdentificationSchema,
26
- z.union([
27
- oauthAuthenticationRequestParametersSchema,
28
- authorizationRequestJarSchema,
29
- //
30
- ]),
31
- )
32
-
33
- export type PushedAuthorizationRequest = z.infer<
34
- typeof pushedAuthorizationRequestSchema
35
- >
36
-
37
- export const authorizationRequestQuerySchema = z.intersection(
38
- oauthClientIdentificationSchema,
39
- z.union([
40
- oauthAuthenticationRequestParametersSchema,
41
- authorizationRequestJarSchema,
42
- z.object({ request_uri: requestUriSchema }),
43
- ]),
44
- )
45
-
46
- export type AuthorizationRequestQuery = z.infer<
47
- typeof authorizationRequestQuerySchema
48
- >
@@ -1,86 +0,0 @@
1
- import {
2
- OAuthAuthorizationDetails,
3
- OAuthTokenType,
4
- accessTokenSchema,
5
- oauthClientIdentificationSchema,
6
- } from '@atproto/oauth-types'
7
- import { z } from 'zod'
8
-
9
- import { clientIdSchema } from '../client/client-id.js'
10
- import { codeSchema } from '../request/code.js'
11
- import { refreshTokenSchema } from './refresh-token.js'
12
-
13
- export const codeGrantRequestSchema = z.intersection(
14
- oauthClientIdentificationSchema,
15
- z.object({
16
- grant_type: z.literal('authorization_code'),
17
- code: codeSchema,
18
- /** @see {@link https://datatracker.ietf.org/doc/html/rfc7636#section-4.1} */
19
- code_verifier: z
20
- .string()
21
- .min(43)
22
- .max(128)
23
- .regex(/^[a-zA-Z0-9-._~]+$/),
24
- redirect_uri: z.string().url(),
25
- // request_uri ???
26
- }),
27
- )
28
-
29
- export type CodeGrantRequest = z.infer<typeof codeGrantRequestSchema>
30
-
31
- export const refreshGrantRequestSchema = z.intersection(
32
- oauthClientIdentificationSchema,
33
- z.object({
34
- grant_type: z.literal('refresh_token'),
35
- refresh_token: refreshTokenSchema,
36
- client_id: clientIdSchema,
37
- }),
38
- )
39
-
40
- export type RefreshGrantRequest = z.infer<typeof refreshGrantRequestSchema>
41
-
42
- export const tokenRequestSchema = z.union([
43
- codeGrantRequestSchema,
44
- refreshGrantRequestSchema,
45
- ])
46
-
47
- export type TokenRequest = z.infer<typeof tokenRequestSchema>
48
-
49
- export const tokenIdentification = z.object({
50
- token: z.union([accessTokenSchema, refreshTokenSchema]),
51
- token_type_hint: z.enum(['access_token', 'refresh_token']).optional(),
52
- })
53
-
54
- export type TokenIdentification = z.infer<typeof tokenIdentification>
55
-
56
- export const revokeSchema = tokenIdentification
57
-
58
- export type Revoke = z.infer<typeof revokeSchema>
59
-
60
- export const introspectSchema = z.intersection(
61
- oauthClientIdentificationSchema,
62
- tokenIdentification,
63
- )
64
-
65
- export type Introspect = z.infer<typeof introspectSchema>
66
-
67
- // https://datatracker.ietf.org/doc/html/rfc7662#section-2.2
68
- export type IntrospectionResponse =
69
- | { active: false }
70
- | {
71
- active: true
72
-
73
- scope?: string
74
- client_id?: string
75
- username?: string
76
- token_type?: OAuthTokenType
77
- authorization_details?: OAuthAuthorizationDetails
78
-
79
- aud?: string | [string, ...string[]]
80
- exp?: number
81
- iat?: number
82
- iss?: string
83
- jti?: string
84
- nbf?: number
85
- sub?: string
86
- }