@atproto/oauth-provider 0.2.1 → 0.2.2
Sign up to get free protection for your applications and to get access to all the features.
- package/CHANGELOG.md +36 -0
- package/dist/account/account-store.d.ts +2 -2
- package/dist/assets/app/bundle-manifest.json +3 -3
- package/dist/assets/app/main.css +1 -1
- package/dist/assets/app/main.js +3 -3
- package/dist/assets/app/main.js.map +1 -1
- package/dist/assets/assets-middleware.d.ts.map +1 -1
- package/dist/assets/assets-middleware.js +4 -2
- package/dist/assets/assets-middleware.js.map +1 -1
- package/dist/client/client-manager.d.ts.map +1 -1
- package/dist/client/client-manager.js +127 -118
- package/dist/client/client-manager.js.map +1 -1
- package/dist/client/client-utils.d.ts +1 -2
- package/dist/client/client-utils.d.ts.map +1 -1
- package/dist/client/client-utils.js +3 -12
- package/dist/client/client-utils.js.map +1 -1
- package/dist/client/client.d.ts +8 -3
- package/dist/client/client.d.ts.map +1 -1
- package/dist/client/client.js +70 -1
- package/dist/client/client.js.map +1 -1
- package/dist/constants.d.ts +0 -1
- package/dist/constants.d.ts.map +1 -1
- package/dist/constants.js +1 -2
- package/dist/constants.js.map +1 -1
- package/dist/errors/access-denied-error.d.ts +4 -4
- package/dist/errors/access-denied-error.d.ts.map +1 -1
- package/dist/errors/access-denied-error.js +2 -2
- package/dist/errors/access-denied-error.js.map +1 -1
- package/dist/errors/account-selection-required-error.d.ts +2 -2
- package/dist/errors/account-selection-required-error.d.ts.map +1 -1
- package/dist/errors/account-selection-required-error.js.map +1 -1
- package/dist/errors/consent-required-error.d.ts +2 -2
- package/dist/errors/consent-required-error.d.ts.map +1 -1
- package/dist/errors/consent-required-error.js.map +1 -1
- package/dist/errors/invalid-authorization-details-error.d.ts +2 -2
- package/dist/errors/invalid-authorization-details-error.d.ts.map +1 -1
- package/dist/errors/invalid-authorization-details-error.js.map +1 -1
- package/dist/errors/invalid-client-id-error.d.ts +1 -1
- package/dist/errors/invalid-client-id-error.d.ts.map +1 -1
- package/dist/errors/invalid-client-id-error.js +12 -6
- package/dist/errors/invalid-client-id-error.js.map +1 -1
- package/dist/errors/invalid-client-metadata-error.d.ts +1 -1
- package/dist/errors/invalid-client-metadata-error.d.ts.map +1 -1
- package/dist/errors/invalid-client-metadata-error.js +11 -3
- package/dist/errors/invalid-client-metadata-error.js.map +1 -1
- package/dist/errors/invalid-parameters-error.d.ts +2 -2
- package/dist/errors/invalid-parameters-error.d.ts.map +1 -1
- package/dist/errors/invalid-parameters-error.js.map +1 -1
- package/dist/errors/invalid-scope-error.d.ts +9 -0
- package/dist/errors/invalid-scope-error.d.ts.map +1 -0
- package/dist/errors/invalid-scope-error.js +14 -0
- package/dist/errors/invalid-scope-error.js.map +1 -0
- package/dist/errors/login-required-error.d.ts +2 -2
- package/dist/errors/login-required-error.d.ts.map +1 -1
- package/dist/errors/login-required-error.js.map +1 -1
- package/dist/lib/html/html.d.ts +1 -1
- package/dist/lib/html/html.d.ts.map +1 -1
- package/dist/lib/html/html.js +14 -11
- package/dist/lib/html/html.js.map +1 -1
- package/dist/lib/http/parser.d.ts +9 -2
- package/dist/lib/http/parser.d.ts.map +1 -1
- package/dist/lib/http/parser.js +15 -7
- package/dist/lib/http/parser.js.map +1 -1
- package/dist/lib/http/request.d.ts +0 -23
- package/dist/lib/http/request.d.ts.map +1 -1
- package/dist/lib/http/request.js +1 -11
- package/dist/lib/http/request.js.map +1 -1
- package/dist/lib/http/stream.d.ts +28 -6
- package/dist/lib/http/stream.d.ts.map +1 -1
- package/dist/lib/http/stream.js +21 -32
- package/dist/lib/http/stream.js.map +1 -1
- package/dist/lib/util/authorization-header.d.ts.map +1 -1
- package/dist/lib/util/authorization-header.js +1 -1
- package/dist/lib/util/authorization-header.js.map +1 -1
- package/dist/lib/util/hostname.d.ts +3 -2
- package/dist/lib/util/hostname.d.ts.map +1 -1
- package/dist/lib/util/hostname.js +12 -8
- package/dist/lib/util/hostname.js.map +1 -1
- package/dist/metadata/build-metadata.d.ts.map +1 -1
- package/dist/metadata/build-metadata.js +2 -1
- package/dist/metadata/build-metadata.js.map +1 -1
- package/dist/oauth-errors.d.ts +1 -0
- package/dist/oauth-errors.d.ts.map +1 -1
- package/dist/oauth-errors.js +3 -1
- package/dist/oauth-errors.js.map +1 -1
- package/dist/oauth-hooks.d.ts +3 -3
- package/dist/oauth-hooks.d.ts.map +1 -1
- package/dist/oauth-provider.d.ts +20 -22
- package/dist/oauth-provider.d.ts.map +1 -1
- package/dist/oauth-provider.js +234 -176
- package/dist/oauth-provider.js.map +1 -1
- package/dist/oauth-verifier.d.ts +2 -2
- package/dist/oauth-verifier.d.ts.map +1 -1
- package/dist/oauth-verifier.js.map +1 -1
- package/dist/output/build-authorize-data.d.ts +2 -2
- package/dist/output/build-authorize-data.d.ts.map +1 -1
- package/dist/output/send-authorize-redirect.d.ts +2 -4
- package/dist/output/send-authorize-redirect.d.ts.map +1 -1
- package/dist/output/send-authorize-redirect.js +5 -2
- package/dist/output/send-authorize-redirect.js.map +1 -1
- package/dist/request/request-data.d.ts +2 -2
- package/dist/request/request-data.d.ts.map +1 -1
- package/dist/request/request-info.d.ts +2 -2
- package/dist/request/request-info.d.ts.map +1 -1
- package/dist/request/request-manager.d.ts +4 -4
- package/dist/request/request-manager.d.ts.map +1 -1
- package/dist/request/request-manager.js +94 -60
- package/dist/request/request-manager.js.map +1 -1
- package/dist/signer/signed-token-payload.d.ts +122 -122
- package/dist/signer/signer.d.ts +41 -40
- package/dist/signer/signer.d.ts.map +1 -1
- package/dist/signer/signer.js +13 -15
- package/dist/signer/signer.js.map +1 -1
- package/dist/token/token-claims.d.ts +121 -121
- package/dist/token/token-data.d.ts +3 -3
- package/dist/token/token-data.d.ts.map +1 -1
- package/dist/token/token-manager.d.ts +4 -5
- package/dist/token/token-manager.d.ts.map +1 -1
- package/dist/token/token-manager.js +96 -72
- package/dist/token/token-manager.js.map +1 -1
- package/dist/token/verify-token-claims.d.ts +3 -3
- package/dist/token/verify-token-claims.d.ts.map +1 -1
- package/dist/token/verify-token-claims.js.map +1 -1
- package/package.json +7 -6
- package/src/assets/app/components/sign-in-form.tsx +31 -2
- package/src/assets/assets-middleware.ts +4 -2
- package/src/client/client-manager.ts +163 -161
- package/src/client/client-utils.ts +7 -12
- package/src/client/client.ts +112 -3
- package/src/constants.ts +0 -2
- package/src/errors/access-denied-error.ts +10 -4
- package/src/errors/account-selection-required-error.ts +2 -2
- package/src/errors/consent-required-error.ts +2 -2
- package/src/errors/invalid-authorization-details-error.ts +2 -2
- package/src/errors/invalid-client-id-error.ts +15 -4
- package/src/errors/invalid-client-metadata-error.ts +15 -3
- package/src/errors/invalid-parameters-error.ts +2 -2
- package/src/errors/invalid-scope-error.ts +15 -0
- package/src/errors/login-required-error.ts +2 -2
- package/src/lib/html/html.ts +14 -12
- package/src/lib/http/parser.ts +21 -8
- package/src/lib/http/request.ts +1 -23
- package/src/lib/http/stream.ts +29 -60
- package/src/lib/util/authorization-header.ts +5 -2
- package/src/lib/util/hostname.ts +9 -5
- package/src/metadata/build-metadata.ts +3 -1
- package/src/oauth-errors.ts +1 -0
- package/src/oauth-hooks.ts +3 -3
- package/src/oauth-provider.ts +368 -269
- package/src/oauth-verifier.ts +2 -2
- package/src/output/build-authorize-data.ts +2 -2
- package/src/output/send-authorize-redirect.ts +7 -6
- package/src/request/request-data.ts +2 -2
- package/src/request/request-info.ts +2 -2
- package/src/request/request-manager.ts +129 -103
- package/src/signer/signer.ts +24 -25
- package/src/token/token-data.ts +3 -3
- package/src/token/token-manager.ts +141 -99
- package/src/token/verify-token-claims.ts +3 -3
- package/dist/request/types.d.ts +0 -328
- package/dist/request/types.d.ts.map +0 -1
- package/dist/request/types.js +0 -27
- package/dist/request/types.js.map +0 -1
- package/dist/token/types.d.ts +0 -250
- package/dist/token/types.d.ts.map +0 -1
- package/dist/token/types.js +0 -36
- package/dist/token/types.js.map +0 -1
- package/src/request/types.ts +0 -48
- package/src/token/types.ts +0 -86
package/dist/lib/http/parser.js
CHANGED
|
@@ -7,18 +7,23 @@ exports.parsers = exports.parseContentType = void 0;
|
|
|
7
7
|
const bourne_1 = require("@hapi/bourne");
|
|
8
8
|
const content_1 = require("@hapi/content");
|
|
9
9
|
const http_errors_1 = __importDefault(require("http-errors"));
|
|
10
|
-
|
|
10
|
+
/**
|
|
11
|
+
* Parse a content-type string into its components.
|
|
12
|
+
*
|
|
13
|
+
* @throws {TypeError} If the content-type is invalid.
|
|
14
|
+
*/
|
|
15
|
+
function parseContentType(type) {
|
|
16
|
+
if (typeof type !== 'string') {
|
|
17
|
+
throw (0, http_errors_1.default)(415, `Invalid content-type: ${type == null ? String(type) : typeof type}`);
|
|
18
|
+
}
|
|
11
19
|
try {
|
|
12
20
|
return (0, content_1.type)(type);
|
|
13
21
|
}
|
|
14
22
|
catch (err) {
|
|
15
23
|
// De-boomify the error
|
|
16
|
-
|
|
17
|
-
throw (0, http_errors_1.default)(err['output']['statusCode'], err['message']);
|
|
18
|
-
}
|
|
19
|
-
throw err;
|
|
24
|
+
throw (0, http_errors_1.default)(415, err instanceof Error ? err.message : 'Invalid content-type');
|
|
20
25
|
}
|
|
21
|
-
}
|
|
26
|
+
}
|
|
22
27
|
exports.parseContentType = parseContentType;
|
|
23
28
|
exports.parsers = [
|
|
24
29
|
{
|
|
@@ -50,7 +55,10 @@ exports.parsers = [
|
|
|
50
55
|
try {
|
|
51
56
|
if (!buffer.length)
|
|
52
57
|
return {};
|
|
53
|
-
|
|
58
|
+
const params = new URLSearchParams(buffer.toString());
|
|
59
|
+
if (params.has('__proto__'))
|
|
60
|
+
throw new TypeError('Invalid key');
|
|
61
|
+
return Object.fromEntries(params);
|
|
54
62
|
}
|
|
55
63
|
catch (err) {
|
|
56
64
|
throw (0, http_errors_1.default)(400, 'Invalid URL-encoded data', { cause: err });
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parser.js","sourceRoot":"","sources":["../../../src/lib/http/parser.ts"],"names":[],"mappings":";;;;;;AAAA,yCAAiD;AACjD,2CAAuD;AACvD,8DAAyC;
|
|
1
|
+
{"version":3,"file":"parser.js","sourceRoot":"","sources":["../../../src/lib/http/parser.ts"],"names":[],"mappings":";;;;;;AAAA,yCAAiD;AACjD,2CAAuD;AACvD,8DAAyC;AAKzC;;;;GAIG;AACH,SAAgB,gBAAgB,CAAC,IAAa;IAC5C,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7B,MAAM,IAAA,qBAAe,EACnB,GAAG,EACH,yBAAyB,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,IAAI,EAAE,CACrE,CAAA;IACH,CAAC;IAED,IAAI,CAAC;QACH,OAAO,IAAA,cAAe,EAAC,IAAI,CAAC,CAAA;IAC9B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,uBAAuB;QACvB,MAAM,IAAA,qBAAe,EACnB,GAAG,EACH,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,sBAAsB,CAC5D,CAAA;IACH,CAAC;AACH,CAAC;AAjBD,4CAiBC;AAuBY,QAAA,OAAO,GAAG;IACrB;QACE,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,CAAC,IAAI,EAA6D,EAAE;YACxE,OAAO,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAClD,CAAC;QACD,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE,OAAO,EAAE,EAAQ,EAAE;YACnC,IAAI,OAAO,IAAI,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClD,MAAM,IAAA,qBAAe,EAAC,GAAG,EAAE,qBAAqB,CAAC,CAAA;YACnD,CAAC;YACD,IAAI,CAAC;gBACH,OAAO,IAAA,cAAS,EAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAA;YACrC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAA,qBAAe,EAAC,GAAG,EAAE,cAAc,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;YAC5D,CAAC;QACH,CAAC;KACF;IACD;QACE,IAAI,EAAE,YAAY;QAClB,IAAI,EAAE,CAAC,IAAI,EAA+C,EAAE;YAC1D,OAAO,IAAI,KAAK,mCAAmC,CAAA;QACrD,CAAC;QACD,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE,OAAO,EAAE,EAA8B,EAAE;YACzD,IAAI,OAAO,IAAI,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClD,MAAM,IAAA,qBAAe,EAAC,GAAG,EAAE,qBAAqB,CAAC,CAAA;YACnD,CAAC;YACD,IAAI,CAAC;gBACH,IAAI,CAAC,MAAM,CAAC,MAAM;oBAAE,OAAO,EAAE,CAAA;gBAC7B,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAA;gBACrD,IAAI,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC;oBAAE,MAAM,IAAI,SAAS,CAAC,aAAa,CAAC,CAAA;gBAC/D,OAAO,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAA;YACnC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAA,qBAAe,EAAC,GAAG,EAAE,0BAA0B,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;YACxE,CAAC;QACH,CAAC;KACF;IACD;QACE,IAAI,EAAE,OAAO;QACb,IAAI,EAAE,CAAC,IAAI,EAAsC,EAAE;YACjD,OAAO,IAAI,KAAK,0BAA0B,CAAA;QAC5C,CAAC;QACD,KAAK,EAAE,CAAC,MAAM,EAAU,EAAE,CAAC,MAAM;KAClC;CAC0B,CAAA"}
|
|
@@ -1,29 +1,6 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
|
-
/// <reference types="node" />
|
|
3
|
-
import { z } from 'zod';
|
|
4
|
-
import { KnownNames } from './parser.js';
|
|
5
2
|
import { IncomingMessage, ServerResponse } from './types.js';
|
|
6
3
|
import { UrlReference } from './url.js';
|
|
7
|
-
export declare function parseRequestPayload<A extends readonly KnownNames[] = readonly KnownNames[]>(req: IncomingMessage, allow?: A): Promise<ReturnType<(Extract<{
|
|
8
|
-
readonly name: "json";
|
|
9
|
-
readonly test: (mime: string) => mime is "application/json" | `application/${string}+json`;
|
|
10
|
-
readonly parse: (buffer: Buffer, { charset }: import("./parser.js").ContentType) => import("./parser.js").Json;
|
|
11
|
-
}, {
|
|
12
|
-
name: A[number];
|
|
13
|
-
}> | Extract<{
|
|
14
|
-
readonly name: "urlencoded";
|
|
15
|
-
readonly test: (mime: string) => mime is "application/x-www-form-urlencoded";
|
|
16
|
-
readonly parse: (buffer: Buffer, { charset }: import("./parser.js").ContentType) => Partial<Record<string, string>>;
|
|
17
|
-
}, {
|
|
18
|
-
name: A[number];
|
|
19
|
-
}> | Extract<{
|
|
20
|
-
readonly name: "bytes";
|
|
21
|
-
readonly test: (mime: string) => mime is "application/octet-stream";
|
|
22
|
-
readonly parse: (buffer: Buffer) => Buffer;
|
|
23
|
-
}, {
|
|
24
|
-
name: A[number];
|
|
25
|
-
}>)["parse"]>>;
|
|
26
|
-
export declare function validateRequestPayload<S extends z.ZodTypeAny>(req: IncomingMessage, schema: S, allow?: readonly KnownNames[]): Promise<z.infer<S>>;
|
|
27
4
|
export declare function validateHeaderValue(req: IncomingMessage, name: keyof IncomingMessage['headers'], allowedValues: readonly (string | null)[]): void;
|
|
28
5
|
export declare function validateFetchMode(req: IncomingMessage, res: ServerResponse, expectedMode: readonly (null | 'navigate' | 'same-origin' | 'no-cors' | 'cors')[]): void;
|
|
29
6
|
export declare function validateFetchDest(req: IncomingMessage, res: ServerResponse, expectedDest: readonly (null | 'document' | 'embed' | 'font' | 'image' | 'manifest' | 'media' | 'object' | 'report' | 'script' | 'serviceworker' | 'sharedworker' | 'style' | 'worker' | 'xslt')[]): void;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request.d.ts","sourceRoot":"","sources":["../../../src/lib/http/request.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"request.d.ts","sourceRoot":"","sources":["../../../src/lib/http/request.ts"],"names":[],"mappings":";AAKA,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,YAAY,CAAA;AAC5D,OAAO,EAAY,YAAY,EAAE,MAAM,UAAU,CAAA;AAEjD,wBAAgB,mBAAmB,CACjC,GAAG,EAAE,eAAe,EACpB,IAAI,EAAE,MAAM,eAAe,CAAC,SAAS,CAAC,EACtC,aAAa,EAAE,SAAS,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,QAgB1C;AAED,wBAAgB,iBAAiB,CAC/B,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,cAAc,EACnB,YAAY,EAAE,SAAS,CACnB,IAAI,GACJ,UAAU,GACV,aAAa,GACb,SAAS,GACT,MAAM,CACT,EAAE,QAGJ;AAED,wBAAgB,iBAAiB,CAC/B,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,cAAc,EACnB,YAAY,EAAE,SAAS,CACnB,IAAI,GACJ,UAAU,GACV,OAAO,GACP,MAAM,GACN,OAAO,GACP,UAAU,GACV,OAAO,GACP,QAAQ,GACR,QAAQ,GACR,QAAQ,GACR,eAAe,GACf,cAAc,GACd,OAAO,GACP,QAAQ,GACR,MAAM,CACT,EAAE,QAGJ;AAED,wBAAgB,iBAAiB,CAC/B,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,cAAc,EACnB,YAAY,EAAE,SAAS,CACnB,IAAI,GACJ,aAAa,GACb,WAAW,GACX,YAAY,GACZ,MAAM,CACT,EAAE,QAGJ;AAED,wBAAgB,eAAe,CAC7B,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,cAAc,EACnB,SAAS,EAAE,YAAY,EACvB,SAAS,UAAQ,QAOlB;AAED,wBAAsB,cAAc,CAClC,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,cAAc,EACnB,UAAU,SAAe,iBAa1B;AAGD,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,cAAc,EACnB,MAAM,EAAE,MAAM,EACd,SAAS,UAAO,QAMjB;AAED,wBAAgB,iBAAiB,CAC/B,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,cAAc,EACnB,SAAS,EAAE,MAAM,EACjB,UAAU,SAAe,EACzB,WAAW,UAAQ,QAwBpB;AAED,wBAAgB,gBAAgB,CAC9B,GAAG,EAAE,eAAe,GACnB,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,SAAS,GAAG,MAAM,CAAC,CAM3C"}
|
package/dist/lib/http/request.js
CHANGED
|
@@ -3,22 +3,12 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.parseHttpCookies = exports.validateCsrfToken = exports.validateSameOrigin = exports.setupCsrfToken = exports.validateReferer = exports.validateFetchSite = exports.validateFetchDest = exports.validateFetchMode = exports.validateHeaderValue =
|
|
6
|
+
exports.parseHttpCookies = exports.validateCsrfToken = exports.validateSameOrigin = exports.setupCsrfToken = exports.validateReferer = exports.validateFetchSite = exports.validateFetchDest = exports.validateFetchMode = exports.validateHeaderValue = void 0;
|
|
7
7
|
const cookie_1 = require("cookie");
|
|
8
8
|
const crypto_1 = require("crypto");
|
|
9
9
|
const http_errors_1 = __importDefault(require("http-errors"));
|
|
10
10
|
const response_js_1 = require("./response.js");
|
|
11
|
-
const stream_js_1 = require("./stream.js");
|
|
12
11
|
const url_js_1 = require("./url.js");
|
|
13
|
-
function parseRequestPayload(req, allow) {
|
|
14
|
-
return (0, stream_js_1.parseStream)((0, stream_js_1.decodeStream)(req, req.headers['content-encoding']), req.headers['content-type'], allow);
|
|
15
|
-
}
|
|
16
|
-
exports.parseRequestPayload = parseRequestPayload;
|
|
17
|
-
async function validateRequestPayload(req, schema, allow = ['json', 'urlencoded']) {
|
|
18
|
-
const payload = await parseRequestPayload(req, allow);
|
|
19
|
-
return schema.parseAsync(payload, { path: ['body'] });
|
|
20
|
-
}
|
|
21
|
-
exports.validateRequestPayload = validateRequestPayload;
|
|
22
12
|
function validateHeaderValue(req, name, allowedValues) {
|
|
23
13
|
const value = req.headers[name] ?? null;
|
|
24
14
|
if (Array.isArray(value)) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request.js","sourceRoot":"","sources":["../../../src/lib/http/request.ts"],"names":[],"mappings":";;;;;;AAAA,mCAA2E;AAC3E,mCAAoC;AACpC,8DAAyC;
|
|
1
|
+
{"version":3,"file":"request.js","sourceRoot":"","sources":["../../../src/lib/http/request.ts"],"names":[],"mappings":";;;;;;AAAA,mCAA2E;AAC3E,mCAAoC;AACpC,8DAAyC;AAEzC,+CAA4C;AAE5C,qCAAiD;AAEjD,SAAgB,mBAAmB,CACjC,GAAoB,EACpB,IAAsC,EACtC,aAAyC;IAEzC,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAA;IAEvC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,MAAM,IAAA,qBAAe,EAAC,GAAG,EAAE,WAAW,IAAI,SAAS,CAAC,CAAA;IACtD,CAAC;IAED,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACnC,MAAM,IAAA,qBAAe,EACnB,GAAG,EACH,KAAK;YACH,CAAC,CAAC,aAAa,IAAI,YAAY,KAAK,eAAe,aAAa,GAAG;YACnE,CAAC,CAAC,WAAW,IAAI,SAAS,CAC7B,CAAA;IACH,CAAC;AACH,CAAC;AAnBD,kDAmBC;AAED,SAAgB,iBAAiB,CAC/B,GAAoB,EACpB,GAAmB,EACnB,YAMG;IAEH,mBAAmB,CAAC,GAAG,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAA;AAC1D,CAAC;AAZD,8CAYC;AAED,SAAgB,iBAAiB,CAC/B,GAAoB,EACpB,GAAmB,EACnB,YAgBG;IAEH,mBAAmB,CAAC,GAAG,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAA;AAC1D,CAAC;AAtBD,8CAsBC;AAED,SAAgB,iBAAiB,CAC/B,GAAoB,EACpB,GAAmB,EACnB,YAMG;IAEH,mBAAmB,CAAC,GAAG,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAA;AAC1D,CAAC;AAZD,8CAYC;AAED,SAAgB,eAAe,CAC7B,GAAoB,EACpB,GAAmB,EACnB,SAAuB,EACvB,SAAS,GAAG,KAAK;IAEjB,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;IACtC,MAAM,UAAU,GAAG,OAAO,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IACpD,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,IAAA,iBAAQ,EAAC,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;QAC/D,MAAM,IAAA,qBAAe,EAAC,GAAG,EAAE,mBAAmB,OAAO,EAAE,CAAC,CAAA;IAC1D,CAAC;AACH,CAAC;AAXD,0CAWC;AAEM,KAAK,UAAU,cAAc,CAClC,GAAoB,EACpB,GAAmB,EACnB,UAAU,GAAG,YAAY;IAEzB,MAAM,SAAS,GAAG,IAAA,oBAAW,EAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAChD,IAAA,0BAAY,EACV,GAAG,EACH,YAAY,EACZ,IAAA,kBAAe,EAAC,UAAU,EAAE,SAAS,EAAE;QACrC,MAAM,EAAE,IAAI;QACZ,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG;KACvC,CAAC,CACH,CAAA;AACH,CAAC;AAhBD,wCAgBC;AAED,+BAA+B;AAC/B,SAAgB,kBAAkB,CAChC,GAAoB,EACpB,GAAmB,EACnB,MAAc,EACd,SAAS,GAAG,IAAI;IAEhB,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IACvC,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;QAClD,MAAM,IAAA,qBAAe,EAAC,GAAG,EAAE,kBAAkB,SAAS,EAAE,CAAC,CAAA;IAC3D,CAAC;AACH,CAAC;AAVD,gDAUC;AAED,SAAgB,iBAAiB,CAC/B,GAAoB,EACpB,GAAmB,EACnB,SAAiB,EACjB,UAAU,GAAG,YAAY,EACzB,WAAW,GAAG,KAAK;IAEnB,MAAM,OAAO,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAA;IACrC,IACE,CAAC,SAAS;QACV,CAAC,OAAO;QACR,CAAC,UAAU;QACX,OAAO,CAAC,UAAU,CAAC,KAAK,SAAS,EACjC,CAAC;QACD,MAAM,IAAA,qBAAe,EAAC,GAAG,EAAE,oBAAoB,CAAC,CAAA;IAClD,CAAC;IAED,IAAI,WAAW,EAAE,CAAC;QAChB,IAAA,0BAAY,EACV,GAAG,EACH,YAAY,EACZ,IAAA,kBAAe,EAAC,UAAU,EAAE,EAAE,EAAE;YAC9B,MAAM,EAAE,IAAI;YACZ,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,CAAC;SACV,CAAC,CACH,CAAA;IACH,CAAC;AACH,CAAC;AA7BD,8CA6BC;AAED,SAAgB,gBAAgB,CAC9B,GAAoB;IAEpB,OAAO,SAAS,IAAI,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,uCAAuC;QAC5E,CAAC,CAAE,GAAG,CAAC,OAAe;QACtB,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC;YACrB,CAAC,CAAC,CAAE,GAAW,CAAC,OAAO,GAAG,IAAA,cAAW,EAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;YAC7D,CAAC,CAAC,IAAI,CAAA;AACZ,CAAC;AARD,4CAQC"}
|
|
@@ -1,13 +1,35 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
2
|
/// <reference types="node" />
|
|
3
|
+
/// <reference types="node" />
|
|
4
|
+
import { IncomingMessage } from 'node:http';
|
|
3
5
|
import { Readable } from 'node:stream';
|
|
4
|
-
import { KnownNames,
|
|
5
|
-
export declare function
|
|
6
|
-
|
|
7
|
-
|
|
6
|
+
import { KnownNames, ParserResult } from './parser.js';
|
|
7
|
+
export declare function decodeHttpRequest(req: IncomingMessage): Readable;
|
|
8
|
+
/**
|
|
9
|
+
* Generic method that parses a stream of unknown nature (HTTP request/response,
|
|
10
|
+
* socket, file, etc.), but of known mime type, into a parsed object.
|
|
11
|
+
*
|
|
12
|
+
* @throws {TypeError} If the content-type is not valid or supported.
|
|
13
|
+
*/
|
|
14
|
+
export declare function parseHttpRequest<A extends readonly KnownNames[]>(req: IncomingMessage, allow: A): Promise<ParserResult<Extract<{
|
|
15
|
+
readonly name: "json";
|
|
16
|
+
readonly test: (mime: string) => mime is "application/json" | `application/${string}+json`;
|
|
17
|
+
readonly parse: (buffer: Buffer, { charset }: import("./parser.js").ContentType) => import("./parser.js").Json;
|
|
18
|
+
}, {
|
|
19
|
+
name: A[number];
|
|
20
|
+
}> | Extract<{
|
|
21
|
+
readonly name: "urlencoded";
|
|
22
|
+
readonly test: (mime: string) => mime is "application/x-www-form-urlencoded";
|
|
23
|
+
readonly parse: (buffer: Buffer, { charset }: import("./parser.js").ContentType) => {
|
|
24
|
+
[x: string]: string | undefined;
|
|
25
|
+
};
|
|
26
|
+
}, {
|
|
8
27
|
name: A[number];
|
|
9
|
-
}
|
|
10
|
-
|
|
28
|
+
}> | Extract<{
|
|
29
|
+
readonly name: "bytes";
|
|
30
|
+
readonly test: (mime: string) => mime is "application/octet-stream";
|
|
31
|
+
readonly parse: (buffer: Buffer) => Buffer;
|
|
32
|
+
}, {
|
|
11
33
|
name: A[number];
|
|
12
34
|
}>>>;
|
|
13
35
|
//# sourceMappingURL=stream.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"stream.d.ts","sourceRoot":"","sources":["../../../src/lib/http/stream.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"stream.d.ts","sourceRoot":"","sources":["../../../src/lib/http/stream.ts"],"names":[],"mappings":";;;AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AAC3C,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAA;AAEtC,OAAO,EACL,UAAU,EAGV,YAAY,EAEb,MAAM,aAAa,CAAA;AAEpB,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,eAAe,GAAG,QAAQ,CAMhE;AAED;;;;;GAKG;AAEH,wBAAsB,gBAAgB,CAAC,CAAC,SAAS,SAAS,UAAU,EAAE,EACpE,GAAG,EAAE,eAAe,EACpB,KAAK,EAAE,CAAC;;;;;UAiBuB,CAAC,CAAC,MAAM,CAAC;;;;;;;;UAAT,CAAC,CAAC,MAAM,CAAC;;;;;;UAAT,CAAC,CAAC,MAAM,CAAC;KAEzC"}
|
package/dist/lib/http/stream.js
CHANGED
|
@@ -3,45 +3,34 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.
|
|
7
|
-
const
|
|
8
|
-
const node_zlib_1 = require("node:zlib");
|
|
6
|
+
exports.parseHttpRequest = exports.decodeHttpRequest = void 0;
|
|
7
|
+
const common_1 = require("@atproto/common");
|
|
9
8
|
const http_errors_1 = __importDefault(require("http-errors"));
|
|
10
9
|
const parser_js_1 = require("./parser.js");
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
for await (const chunk of req) {
|
|
15
|
-
chunks.push(chunk);
|
|
16
|
-
totalLength += chunk.length;
|
|
10
|
+
function decodeHttpRequest(req) {
|
|
11
|
+
try {
|
|
12
|
+
return (0, common_1.decodeStream)(req, req.headers['content-encoding']);
|
|
17
13
|
}
|
|
18
|
-
|
|
19
|
-
}
|
|
20
|
-
exports.readStream = readStream;
|
|
21
|
-
function decodeStream(req, encoding = 'identity') {
|
|
22
|
-
switch (encoding) {
|
|
23
|
-
case 'deflate':
|
|
24
|
-
return req.compose((0, node_zlib_1.createInflate)());
|
|
25
|
-
case 'gzip':
|
|
26
|
-
return req.compose((0, node_zlib_1.createGunzip)());
|
|
27
|
-
case 'identity':
|
|
28
|
-
return req.compose(new node_stream_1.PassThrough());
|
|
29
|
-
default:
|
|
30
|
-
throw (0, http_errors_1.default)(415, 'Unsupported content-encoding');
|
|
14
|
+
catch (err) {
|
|
15
|
+
throw (0, http_errors_1.default)(415, err, { expose: err instanceof TypeError });
|
|
31
16
|
}
|
|
32
17
|
}
|
|
33
|
-
exports.
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
18
|
+
exports.decodeHttpRequest = decodeHttpRequest;
|
|
19
|
+
/**
|
|
20
|
+
* Generic method that parses a stream of unknown nature (HTTP request/response,
|
|
21
|
+
* socket, file, etc.), but of known mime type, into a parsed object.
|
|
22
|
+
*
|
|
23
|
+
* @throws {TypeError} If the content-type is not valid or supported.
|
|
24
|
+
*/
|
|
25
|
+
async function parseHttpRequest(req, allow) {
|
|
26
|
+
const type = (0, parser_js_1.parseContentType)(req.headers['content-type'] ?? 'application/octet-stream');
|
|
27
|
+
const parser = parser_js_1.parsers.find((parser) => allow.includes(parser.name) && parser.test(type.mime));
|
|
40
28
|
if (!parser) {
|
|
41
|
-
throw (0, http_errors_1.default)(
|
|
29
|
+
throw (0, http_errors_1.default)(415, `Unsupported content-type: ${type.mime}`);
|
|
42
30
|
}
|
|
43
|
-
const
|
|
31
|
+
const stream = decodeHttpRequest(req);
|
|
32
|
+
const buffer = await (0, common_1.streamToNodeBuffer)(stream);
|
|
44
33
|
return parser.parse(buffer, type);
|
|
45
34
|
}
|
|
46
|
-
exports.
|
|
35
|
+
exports.parseHttpRequest = parseHttpRequest;
|
|
47
36
|
//# sourceMappingURL=stream.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"stream.js","sourceRoot":"","sources":["../../../src/lib/http/stream.ts"],"names":[],"mappings":";;;;;;AAAA,
|
|
1
|
+
{"version":3,"file":"stream.js","sourceRoot":"","sources":["../../../src/lib/http/stream.ts"],"names":[],"mappings":";;;;;;AAAA,4CAAkE;AAClE,8DAAyC;AAIzC,2CAMoB;AAEpB,SAAgB,iBAAiB,CAAC,GAAoB;IACpD,IAAI,CAAC;QACH,OAAO,IAAA,qBAAY,EAAC,GAAG,EAAE,GAAG,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,CAAA;IAC3D,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAA,qBAAe,EAAC,GAAG,EAAE,GAAG,EAAE,EAAE,MAAM,EAAE,GAAG,YAAY,SAAS,EAAE,CAAC,CAAA;IACvE,CAAC;AACH,CAAC;AAND,8CAMC;AAED;;;;;GAKG;AAEI,KAAK,UAAU,gBAAgB,CACpC,GAAoB,EACpB,KAAQ;IAER,MAAM,IAAI,GAAG,IAAA,4BAAgB,EAC3B,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,0BAA0B,CAC1D,CAAA;IAED,MAAM,MAAM,GAAG,mBAAO,CAAC,IAAI,CACzB,CAAC,MAAM,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAClE,CAAA;IAED,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAA,qBAAe,EAAC,GAAG,EAAE,6BAA6B,IAAI,CAAC,IAAI,EAAE,CAAC,CAAA;IACtE,CAAC;IAED,MAAM,MAAM,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAA;IACrC,MAAM,MAAM,GAAG,MAAM,IAAA,2BAAkB,EAAC,MAAM,CAAC,CAAA;IAC/C,OAAO,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,CAE/B,CAAA;AACH,CAAC;AArBD,4CAqBC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorization-header.d.ts","sourceRoot":"","sources":["../../../src/lib/util/authorization-header.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"authorization-header.d.ts","sourceRoot":"","sources":["../../../src/lib/util/authorization-header.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAKvB,eAAO,MAAM,yBAAyB,uIAGpC,CAAA;AAEF,eAAO,MAAM,wBAAwB,YAAa,MAAM,gCAcvD,CAAA"}
|
|
@@ -7,7 +7,7 @@ const invalid_request_error_js_1 = require("../../errors/invalid-request-error.j
|
|
|
7
7
|
const www_authenticate_error_js_1 = require("../../errors/www-authenticate-error.js");
|
|
8
8
|
exports.authorizationHeaderSchema = zod_1.z.tuple([
|
|
9
9
|
oauth_types_1.oauthTokenTypeSchema,
|
|
10
|
-
oauth_types_1.
|
|
10
|
+
oauth_types_1.oauthAccessTokenSchema,
|
|
11
11
|
]);
|
|
12
12
|
const parseAuthorizationHeader = (header) => {
|
|
13
13
|
if (header == null) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorization-header.js","sourceRoot":"","sources":["../../../src/lib/util/authorization-header.ts"],"names":[],"mappings":";;;AAAA,
|
|
1
|
+
{"version":3,"file":"authorization-header.js","sourceRoot":"","sources":["../../../src/lib/util/authorization-header.ts"],"names":[],"mappings":";;;AAAA,sDAG6B;AAC7B,6BAAuB;AAEvB,oFAA2E;AAC3E,sFAA6E;AAEhE,QAAA,yBAAyB,GAAG,OAAC,CAAC,KAAK,CAAC;IAC/C,kCAAoB;IACpB,oCAAsB;CACvB,CAAC,CAAA;AAEK,MAAM,wBAAwB,GAAG,CAAC,MAAe,EAAE,EAAE;IAC1D,IAAI,MAAM,IAAI,IAAI,EAAE,CAAC;QACnB,MAAM,IAAI,gDAAoB,CAC5B,iBAAiB,EACjB,+BAA+B,EAC/B,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CACzB,CAAA;IACH,CAAC;IAED,MAAM,MAAM,GAAG,iCAAyB,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAA;IACrE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,IAAI,8CAAmB,CAAC,8BAA8B,CAAC,CAAA;IAC/D,CAAC;IACD,OAAO,MAAM,CAAC,IAAI,CAAA;AACpB,CAAC,CAAA;AAdY,QAAA,wBAAwB,4BAcpC"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
2
|
import { ParsedDomain } from 'psl';
|
|
3
|
+
export declare function isInternetUrl(url: URL): boolean;
|
|
3
4
|
export declare function isInternetHost(host: string): boolean;
|
|
4
|
-
export declare function
|
|
5
|
-
export declare function
|
|
5
|
+
export declare function parseUrlPublicSuffix(input: string | URL): ParsedDomain | null;
|
|
6
|
+
export declare function parseDomainPublicSuffix(domain: string): ParsedDomain | null;
|
|
6
7
|
//# sourceMappingURL=hostname.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hostname.d.ts","sourceRoot":"","sources":["../../../src/lib/util/hostname.ts"],"names":[],"mappings":";AAAA,OAAO,EAAS,YAAY,EAAE,MAAM,KAAK,CAAA;AAEzC,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEpD;AAED,wBAAgB,
|
|
1
|
+
{"version":3,"file":"hostname.d.ts","sourceRoot":"","sources":["../../../src/lib/util/hostname.ts"],"names":[],"mappings":";AAAA,OAAO,EAAS,YAAY,EAAE,MAAM,KAAK,CAAA;AAEzC,wBAAgB,aAAa,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAE/C;AAED,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEpD;AAED,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,GAAG,GAAG,YAAY,GAAG,IAAI,CAG7E;AAED,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,MAAM,GAAG,YAAY,GAAG,IAAI,CAO3E"}
|
|
@@ -1,17 +1,21 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.parseDomainPublicSuffix = exports.parseUrlPublicSuffix = exports.isInternetHost = exports.isInternetUrl = void 0;
|
|
4
4
|
const psl_1 = require("psl");
|
|
5
|
+
function isInternetUrl(url) {
|
|
6
|
+
return parseUrlPublicSuffix(url) !== null;
|
|
7
|
+
}
|
|
8
|
+
exports.isInternetUrl = isInternetUrl;
|
|
5
9
|
function isInternetHost(host) {
|
|
6
|
-
return
|
|
10
|
+
return parseDomainPublicSuffix(host) !== null;
|
|
7
11
|
}
|
|
8
12
|
exports.isInternetHost = isInternetHost;
|
|
9
|
-
function
|
|
10
|
-
const
|
|
11
|
-
return
|
|
13
|
+
function parseUrlPublicSuffix(input) {
|
|
14
|
+
const { hostname } = new URL(input);
|
|
15
|
+
return parseDomainPublicSuffix(hostname);
|
|
12
16
|
}
|
|
13
|
-
exports.
|
|
14
|
-
function
|
|
17
|
+
exports.parseUrlPublicSuffix = parseUrlPublicSuffix;
|
|
18
|
+
function parseDomainPublicSuffix(domain) {
|
|
15
19
|
const parsed = (0, psl_1.parse)(domain);
|
|
16
20
|
if ('listed' in parsed && parsed.listed && parsed.domain) {
|
|
17
21
|
return parsed;
|
|
@@ -20,5 +24,5 @@ function parseDomain(domain) {
|
|
|
20
24
|
return null;
|
|
21
25
|
}
|
|
22
26
|
}
|
|
23
|
-
exports.
|
|
27
|
+
exports.parseDomainPublicSuffix = parseDomainPublicSuffix;
|
|
24
28
|
//# sourceMappingURL=hostname.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hostname.js","sourceRoot":"","sources":["../../../src/lib/util/hostname.ts"],"names":[],"mappings":";;;AAAA,6BAAyC;AAEzC,SAAgB,cAAc,CAAC,IAAY;IACzC,OAAO,
|
|
1
|
+
{"version":3,"file":"hostname.js","sourceRoot":"","sources":["../../../src/lib/util/hostname.ts"],"names":[],"mappings":";;;AAAA,6BAAyC;AAEzC,SAAgB,aAAa,CAAC,GAAQ;IACpC,OAAO,oBAAoB,CAAC,GAAG,CAAC,KAAK,IAAI,CAAA;AAC3C,CAAC;AAFD,sCAEC;AAED,SAAgB,cAAc,CAAC,IAAY;IACzC,OAAO,uBAAuB,CAAC,IAAI,CAAC,KAAK,IAAI,CAAA;AAC/C,CAAC;AAFD,wCAEC;AAED,SAAgB,oBAAoB,CAAC,KAAmB;IACtD,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAA;IACnC,OAAO,uBAAuB,CAAC,QAAQ,CAAC,CAAA;AAC1C,CAAC;AAHD,oDAGC;AAED,SAAgB,uBAAuB,CAAC,MAAc;IACpD,MAAM,MAAM,GAAG,IAAA,WAAK,EAAC,MAAM,CAAC,CAAA;IAC5B,IAAI,QAAQ,IAAI,MAAM,IAAI,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QACzD,OAAO,MAAM,CAAA;IACf,CAAC;SAAM,CAAC;QACN,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC;AAPD,0DAOC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"build-metadata.d.ts","sourceRoot":"","sources":["../../src/metadata/build-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AACrC,OAAO,EAAE,gCAAgC,EAAE,MAAM,sBAAsB,CAAA;AAKvE,MAAM,MAAM,cAAc,GAAG;IAC3B,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC3B,qCAAqC,CAAC,EAAE,MAAM,EAAE,CAAA;IAChD,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAA;CAC/B,CAAA;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAC3B,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,cAAc,CAAC,EAAE,cAAc,GAC9B,gCAAgC,
|
|
1
|
+
{"version":3,"file":"build-metadata.d.ts","sourceRoot":"","sources":["../../src/metadata/build-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AACrC,OAAO,EAAE,gCAAgC,EAAE,MAAM,sBAAsB,CAAA;AAKvE,MAAM,MAAM,cAAc,GAAG;IAC3B,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC3B,qCAAqC,CAAC,EAAE,MAAM,EAAE,CAAA;IAChD,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAA;CAC/B,CAAA;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAC3B,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,cAAc,CAAC,EAAE,cAAc,GAC9B,gCAAgC,CAsGlC"}
|
|
@@ -47,7 +47,8 @@ function buildMetadata(issuer, keyset, customMetadata) {
|
|
|
47
47
|
code_challenge_methods_supported: [
|
|
48
48
|
// https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#pkce-code-challenge-method
|
|
49
49
|
'S256',
|
|
50
|
-
|
|
50
|
+
// atproto does not allow "plain"
|
|
51
|
+
// 'plain',
|
|
51
52
|
],
|
|
52
53
|
ui_locales_supported: [
|
|
53
54
|
//
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"build-metadata.js","sourceRoot":"","sources":["../../src/metadata/build-metadata.ts"],"names":[],"mappings":";;;AAGA,mDAA4C;AAC5C,qDAAoD;AAQpD;;;GAGG;AACH,SAAgB,aAAa,CAC3B,MAAc,EACd,MAAc,EACd,cAA+B;IAE/B,OAAO;QACL,MAAM;QAEN,gBAAgB,EAAE;YAChB,SAAS;YACT,EAAE;YACF,GAAG,CAAC,cAAc,EAAE,gBAAgB,IAAI,EAAE,CAAC;SAC5C;QACD,uBAAuB,EAAE;YACvB,EAAE;YACF,QAAQ,EAAE,6CAA6C;YACvD,+DAA+D;SAChE;QACD,wBAAwB,EAAE;YACxB,QAAQ;YACR,MAAM;YACN,WAAW;YAEX,SAAS;YACT,UAAU;YACV,yBAAyB;YACzB,mBAAmB;YACnB,gBAAgB;YAChB,oBAAoB;YACpB,cAAc;SACf;QACD,wBAAwB,EAAE;YACxB,mFAAmF;YACnF,OAAO;YACP,UAAU;YACV,0FAA0F;YAC1F,WAAW;SACZ;QACD,qBAAqB,EAAE;YACrB,EAAE;YACF,oBAAoB;YACpB,eAAe;SAChB;QACD,gCAAgC,EAAE;YAChC,sGAAsG;YACtG,MAAM;
|
|
1
|
+
{"version":3,"file":"build-metadata.js","sourceRoot":"","sources":["../../src/metadata/build-metadata.ts"],"names":[],"mappings":";;;AAGA,mDAA4C;AAC5C,qDAAoD;AAQpD;;;GAGG;AACH,SAAgB,aAAa,CAC3B,MAAc,EACd,MAAc,EACd,cAA+B;IAE/B,OAAO;QACL,MAAM;QAEN,gBAAgB,EAAE;YAChB,SAAS;YACT,EAAE;YACF,GAAG,CAAC,cAAc,EAAE,gBAAgB,IAAI,EAAE,CAAC;SAC5C;QACD,uBAAuB,EAAE;YACvB,EAAE;YACF,QAAQ,EAAE,6CAA6C;YACvD,+DAA+D;SAChE;QACD,wBAAwB,EAAE;YACxB,QAAQ;YACR,MAAM;YACN,WAAW;YAEX,SAAS;YACT,UAAU;YACV,yBAAyB;YACzB,mBAAmB;YACnB,gBAAgB;YAChB,oBAAoB;YACpB,cAAc;SACf;QACD,wBAAwB,EAAE;YACxB,mFAAmF;YACnF,OAAO;YACP,UAAU;YACV,0FAA0F;YAC1F,WAAW;SACZ;QACD,qBAAqB,EAAE;YACrB,EAAE;YACF,oBAAoB;YACpB,eAAe;SAChB;QACD,gCAAgC,EAAE;YAChC,sGAAsG;YACtG,MAAM;YAEN,iCAAiC;YACjC,WAAW;SACZ;QACD,oBAAoB,EAAE;YACpB,EAAE;YACF,OAAO;SACR;QACD,wBAAwB,EAAE;YACxB,EAAE;YACF,MAAM;YACN,OAAO;YACP,OAAO;YACP,aAAa;SACd;QAED,gDAAgD;QAChD,8CAA8C,EAAE,IAAI;QAEpD,0DAA0D;QAC1D,2CAA2C,EAAE,CAAC,GAAG,wBAAY,EAAE,MAAM,CAAC;QACtE,8CAA8C,EAAE,EAAE,EAAE,OAAO;QAC3D,8CAA8C,EAAE,EAAE,EAAE,OAAO;QAE3D,2BAA2B,EAAE,IAAI;QACjC,+BAA+B,EAAE,IAAI;QACrC,gCAAgC,EAAE,IAAI;QAEtC,QAAQ,EAAE,IAAI,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC,IAAI;QAE7C,sBAAsB,EAAE,IAAI,GAAG,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC,IAAI;QAEhE,cAAc,EAAE,IAAI,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC,IAAI;QACpD,qCAAqC,EAAE,CAAC,GAAG,kBAAM,CAAC,sBAAsB,CAAC;QACzE,gDAAgD,EAAE,CAAC,GAAG,wBAAY,CAAC;QAEnE,mBAAmB,EAAE,IAAI,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC,IAAI;QAE1D,sBAAsB,EAAE,IAAI,GAAG,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI;QAEjE,+DAA+D;QAE/D,0DAA0D;QAC1D,qCAAqC,EAAE,IAAI,GAAG,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC,IAAI;QAEzE,qCAAqC,EAAE,IAAI;QAE3C,4DAA4D;QAC5D,iCAAiC,EAAE,CAAC,GAAG,wBAAY,CAAC;QAEpD,6DAA6D;QAC7D,qCAAqC,EACnC,cAAc,EAAE,qCAAqC;QAEvD,wFAAwF;QACxF,mBAAmB,EAAE,cAAc,EAAE,mBAAmB;QAExD,kIAAkI;QAClI,qCAAqC,EAAE,IAAI;KAC5C,CAAA;AACH,CAAC;AA1GD,sCA0GC"}
|
package/dist/oauth-errors.d.ts
CHANGED
|
@@ -12,6 +12,7 @@ export { InvalidGrantError } from './errors/invalid-grant-error.js';
|
|
|
12
12
|
export { InvalidParametersError } from './errors/invalid-parameters-error.js';
|
|
13
13
|
export { InvalidRedirectUriError } from './errors/invalid-redirect-uri-error.js';
|
|
14
14
|
export { InvalidRequestError } from './errors/invalid-request-error.js';
|
|
15
|
+
export { InvalidScopeError } from './errors/invalid-scope-error.js';
|
|
15
16
|
export { InvalidTokenError } from './errors/invalid-token-error.js';
|
|
16
17
|
export { LoginRequiredError } from './errors/login-required-error.js';
|
|
17
18
|
export { SecondAuthenticationFactorRequiredError } from './errors/second-authentication-factor-required-error.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-errors.d.ts","sourceRoot":"","sources":["../src/oauth-errors.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AAEpD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAA;AACnE,OAAO,EAAE,6BAA6B,EAAE,MAAM,8CAA8C,CAAA;AAC5F,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAA;AACzE,OAAO,EAAE,gCAAgC,EAAE,MAAM,iDAAiD,CAAA;AAClG,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AACrE,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAC1E,OAAO,EAAE,0BAA0B,EAAE,MAAM,2CAA2C,CAAA;AACtF,OAAO,EAAE,0BAA0B,EAAE,MAAM,4CAA4C,CAAA;AACvF,OAAO,EAAE,qBAAqB,EAAE,MAAM,sCAAsC,CAAA;AAC5E,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAA;AACnE,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAA;AAC7E,OAAO,EAAE,uBAAuB,EAAE,MAAM,wCAAwC,CAAA;AAChF,OAAO,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAA;AACvE,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAA;AACnE,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AACrE,OAAO,EAAE,uCAAuC,EAAE,MAAM,yDAAyD,CAAA;AACjH,OAAO,EAAE,uBAAuB,EAAE,MAAM,uCAAuC,CAAA;AAC/E,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAA;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAA"}
|
|
1
|
+
{"version":3,"file":"oauth-errors.d.ts","sourceRoot":"","sources":["../src/oauth-errors.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AAEpD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAA;AACnE,OAAO,EAAE,6BAA6B,EAAE,MAAM,8CAA8C,CAAA;AAC5F,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAA;AACzE,OAAO,EAAE,gCAAgC,EAAE,MAAM,iDAAiD,CAAA;AAClG,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AACrE,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAA;AAC1E,OAAO,EAAE,0BAA0B,EAAE,MAAM,2CAA2C,CAAA;AACtF,OAAO,EAAE,0BAA0B,EAAE,MAAM,4CAA4C,CAAA;AACvF,OAAO,EAAE,qBAAqB,EAAE,MAAM,sCAAsC,CAAA;AAC5E,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAA;AACnE,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAA;AAC7E,OAAO,EAAE,uBAAuB,EAAE,MAAM,wCAAwC,CAAA;AAChF,OAAO,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAA;AACvE,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAA;AACnE,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAA;AACnE,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AACrE,OAAO,EAAE,uCAAuC,EAAE,MAAM,yDAAyD,CAAA;AACjH,OAAO,EAAE,uBAAuB,EAAE,MAAM,uCAAuC,CAAA;AAC/E,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAA;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAA"}
|
package/dist/oauth-errors.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.WWWAuthenticateError = exports.UseDpopNonceError = exports.UnauthorizedClientError = exports.SecondAuthenticationFactorRequiredError = exports.LoginRequiredError = exports.InvalidTokenError = exports.InvalidRequestError = exports.InvalidRedirectUriError = exports.InvalidParametersError = exports.InvalidGrantError = exports.InvalidDpopProofError = exports.InvalidDpopKeyBindingError = exports.InvalidClientMetadataError = exports.InvalidClientIdError = exports.InvalidClientError = exports.InvalidAuthorizationDetailsError = exports.ConsentRequiredError = exports.AccountSelectionRequiredError = exports.AccessDeniedError = exports.OAuthError = void 0;
|
|
3
|
+
exports.WWWAuthenticateError = exports.UseDpopNonceError = exports.UnauthorizedClientError = exports.SecondAuthenticationFactorRequiredError = exports.LoginRequiredError = exports.InvalidTokenError = exports.InvalidScopeError = exports.InvalidRequestError = exports.InvalidRedirectUriError = exports.InvalidParametersError = exports.InvalidGrantError = exports.InvalidDpopProofError = exports.InvalidDpopKeyBindingError = exports.InvalidClientMetadataError = exports.InvalidClientIdError = exports.InvalidClientError = exports.InvalidAuthorizationDetailsError = exports.ConsentRequiredError = exports.AccountSelectionRequiredError = exports.AccessDeniedError = exports.OAuthError = void 0;
|
|
4
4
|
// Root Error class
|
|
5
5
|
var oauth_error_js_1 = require("./errors/oauth-error.js");
|
|
6
6
|
Object.defineProperty(exports, "OAuthError", { enumerable: true, get: function () { return oauth_error_js_1.OAuthError; } });
|
|
@@ -30,6 +30,8 @@ var invalid_redirect_uri_error_js_1 = require("./errors/invalid-redirect-uri-err
|
|
|
30
30
|
Object.defineProperty(exports, "InvalidRedirectUriError", { enumerable: true, get: function () { return invalid_redirect_uri_error_js_1.InvalidRedirectUriError; } });
|
|
31
31
|
var invalid_request_error_js_1 = require("./errors/invalid-request-error.js");
|
|
32
32
|
Object.defineProperty(exports, "InvalidRequestError", { enumerable: true, get: function () { return invalid_request_error_js_1.InvalidRequestError; } });
|
|
33
|
+
var invalid_scope_error_js_1 = require("./errors/invalid-scope-error.js");
|
|
34
|
+
Object.defineProperty(exports, "InvalidScopeError", { enumerable: true, get: function () { return invalid_scope_error_js_1.InvalidScopeError; } });
|
|
33
35
|
var invalid_token_error_js_1 = require("./errors/invalid-token-error.js");
|
|
34
36
|
Object.defineProperty(exports, "InvalidTokenError", { enumerable: true, get: function () { return invalid_token_error_js_1.InvalidTokenError; } });
|
|
35
37
|
var login_required_error_js_1 = require("./errors/login-required-error.js");
|
package/dist/oauth-errors.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-errors.js","sourceRoot":"","sources":["../src/oauth-errors.ts"],"names":[],"mappings":";;;AAAA,mBAAmB;AACnB,0DAAoD;AAA3C,4GAAA,UAAU,OAAA;AAEnB,0EAAmE;AAA1D,2HAAA,iBAAiB,OAAA;AAC1B,oGAA4F;AAAnF,oJAAA,6BAA6B,OAAA;AACtC,gFAAyE;AAAhE,iIAAA,oBAAoB,OAAA;AAC7B,0GAAkG;AAAzF,0JAAA,gCAAgC,OAAA;AACzC,4EAAqE;AAA5D,6HAAA,kBAAkB,OAAA;AAC3B,kFAA0E;AAAjE,kIAAA,oBAAoB,OAAA;AAC7B,8FAAsF;AAA7E,8IAAA,0BAA0B,OAAA;AACnC,gGAAuF;AAA9E,+IAAA,0BAA0B,OAAA;AACnC,oFAA4E;AAAnE,oIAAA,qBAAqB,OAAA;AAC9B,0EAAmE;AAA1D,2HAAA,iBAAiB,OAAA;AAC1B,oFAA6E;AAApE,qIAAA,sBAAsB,OAAA;AAC/B,wFAAgF;AAAvE,wIAAA,uBAAuB,OAAA;AAChC,8EAAuE;AAA9D,+HAAA,mBAAmB,OAAA;AAC5B,0EAAmE;AAA1D,2HAAA,iBAAiB,OAAA;AAC1B,4EAAqE;AAA5D,6HAAA,kBAAkB,OAAA;AAC3B,0HAAiH;AAAxG,yKAAA,uCAAuC,OAAA;AAChD,sFAA+E;AAAtE,uIAAA,uBAAuB,OAAA;AAChC,4EAAoE;AAA3D,4HAAA,iBAAiB,OAAA;AAC1B,gFAAyE;AAAhE,iIAAA,oBAAoB,OAAA"}
|
|
1
|
+
{"version":3,"file":"oauth-errors.js","sourceRoot":"","sources":["../src/oauth-errors.ts"],"names":[],"mappings":";;;AAAA,mBAAmB;AACnB,0DAAoD;AAA3C,4GAAA,UAAU,OAAA;AAEnB,0EAAmE;AAA1D,2HAAA,iBAAiB,OAAA;AAC1B,oGAA4F;AAAnF,oJAAA,6BAA6B,OAAA;AACtC,gFAAyE;AAAhE,iIAAA,oBAAoB,OAAA;AAC7B,0GAAkG;AAAzF,0JAAA,gCAAgC,OAAA;AACzC,4EAAqE;AAA5D,6HAAA,kBAAkB,OAAA;AAC3B,kFAA0E;AAAjE,kIAAA,oBAAoB,OAAA;AAC7B,8FAAsF;AAA7E,8IAAA,0BAA0B,OAAA;AACnC,gGAAuF;AAA9E,+IAAA,0BAA0B,OAAA;AACnC,oFAA4E;AAAnE,oIAAA,qBAAqB,OAAA;AAC9B,0EAAmE;AAA1D,2HAAA,iBAAiB,OAAA;AAC1B,oFAA6E;AAApE,qIAAA,sBAAsB,OAAA;AAC/B,wFAAgF;AAAvE,wIAAA,uBAAuB,OAAA;AAChC,8EAAuE;AAA9D,+HAAA,mBAAmB,OAAA;AAC5B,0EAAmE;AAA1D,2HAAA,iBAAiB,OAAA;AAC1B,0EAAmE;AAA1D,2HAAA,iBAAiB,OAAA;AAC1B,4EAAqE;AAA5D,6HAAA,kBAAkB,OAAA;AAC3B,0HAAiH;AAAxG,yKAAA,uCAAuC,OAAA;AAChD,sFAA+E;AAAtE,uIAAA,uBAAuB,OAAA;AAChC,4EAAoE;AAA3D,4HAAA,iBAAiB,OAAA;AAC1B,gFAAyE;AAAhE,iIAAA,oBAAoB,OAAA"}
|
package/dist/oauth-hooks.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { Jwks } from '@atproto/jwk';
|
|
2
|
-
import {
|
|
2
|
+
import { OAuthAuthorizationDetails, OAuthAuthorizationRequestParameters, OAuthClientMetadata, OAuthTokenResponse } from '@atproto/oauth-types';
|
|
3
3
|
import { Account } from './account/account.js';
|
|
4
4
|
import { ClientAuth } from './client/client-auth.js';
|
|
5
5
|
import { ClientId } from './client/client-id.js';
|
|
@@ -7,7 +7,7 @@ import { ClientInfo } from './client/client-info.js';
|
|
|
7
7
|
import { Client } from './client/client.js';
|
|
8
8
|
import { InvalidAuthorizationDetailsError } from './errors/invalid-authorization-details-error.js';
|
|
9
9
|
import { Awaitable } from './lib/util/type.js';
|
|
10
|
-
export type { Account, Client, ClientAuth, ClientId, ClientInfo, InvalidAuthorizationDetailsError, Jwks,
|
|
10
|
+
export type { Account, Client, ClientAuth, ClientId, ClientInfo, InvalidAuthorizationDetailsError, Jwks, OAuthAuthorizationDetails, OAuthAuthorizationRequestParameters, OAuthClientMetadata, OAuthTokenResponse, };
|
|
11
11
|
export type OAuthHooks = {
|
|
12
12
|
/**
|
|
13
13
|
* Use this to alter, override or validate the client metadata & jwks returned
|
|
@@ -28,7 +28,7 @@ export type OAuthHooks = {
|
|
|
28
28
|
*/
|
|
29
29
|
onAuthorizationDetails?: (data: {
|
|
30
30
|
client: Client;
|
|
31
|
-
parameters:
|
|
31
|
+
parameters: OAuthAuthorizationRequestParameters;
|
|
32
32
|
account: Account;
|
|
33
33
|
}) => Awaitable<undefined | OAuthAuthorizationDetails>;
|
|
34
34
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-hooks.d.ts","sourceRoot":"","sources":["../src/oauth-hooks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AACnC,OAAO,EACL,
|
|
1
|
+
{"version":3,"file":"oauth-hooks.d.ts","sourceRoot":"","sources":["../src/oauth-hooks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AACnC,OAAO,EACL,yBAAyB,EACzB,mCAAmC,EACnC,mBAAmB,EACnB,kBAAkB,EACnB,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAA;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAC3C,OAAO,EAAE,gCAAgC,EAAE,MAAM,iDAAiD,CAAA;AAClG,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAG9C,YAAY,EACV,OAAO,EACP,MAAM,EACN,UAAU,EACV,QAAQ,EACR,UAAU,EACV,gCAAgC,EAChC,IAAI,EACJ,yBAAyB,EACzB,mCAAmC,EACnC,mBAAmB,EACnB,kBAAkB,GACnB,CAAA;AAED,MAAM,MAAM,UAAU,GAAG;IACvB;;;;;;OAMG;IACH,YAAY,CAAC,EAAE,CACb,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE;QAAE,QAAQ,EAAE,mBAAmB,CAAC;QAAC,IAAI,CAAC,EAAE,IAAI,CAAA;KAAE,KACjD,SAAS,CAAC,IAAI,GAAG,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,CAAA;IAEtD;;;;;OAKG;IACH,sBAAsB,CAAC,EAAE,CAAC,IAAI,EAAE;QAC9B,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,mCAAmC,CAAA;QAC/C,OAAO,EAAE,OAAO,CAAA;KACjB,KAAK,SAAS,CAAC,SAAS,GAAG,yBAAyB,CAAC,CAAA;CACvD,CAAA"}
|
package/dist/oauth-provider.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
2
|
import { SimpleStore } from '@atproto-labs/simple-store';
|
|
3
3
|
import { Jwks, Keyset } from '@atproto/jwk';
|
|
4
|
-
import {
|
|
4
|
+
import { OAuthAccessToken, OAuthAuthorizationCodeGrantTokenRequest, OAuthAuthorizationRequestJar, OAuthAuthorizationRequestPar, OAuthAuthorizationRequestParameters, OAuthAuthorizationRequestQuery, OAuthAuthorizationServerMetadata, OAuthClientCredentials, OAuthClientCredentialsNone, OAuthClientMetadata, OAuthIntrospectionResponse, OAuthParResponse, OAuthRefreshTokenGrantTokenRequest, OAuthTokenIdentification, OAuthTokenRequest, OAuthTokenResponse, OAuthTokenType } from '@atproto/oauth-types';
|
|
5
5
|
import { Redis, type RedisOptions } from 'ioredis';
|
|
6
6
|
import { AccountManager } from './account/account-manager.js';
|
|
7
7
|
import { AccountStore, DeviceAccountInfo, SignInCredentials } from './account/account-store.js';
|
|
@@ -25,10 +25,8 @@ import { ReplayStore } from './replay/replay-store.js';
|
|
|
25
25
|
import { RequestManager } from './request/request-manager.js';
|
|
26
26
|
import { RequestStore } from './request/request-store.js';
|
|
27
27
|
import { RequestUri } from './request/request-uri.js';
|
|
28
|
-
import { AuthorizationRequestJar, AuthorizationRequestQuery, PushedAuthorizationRequest } from './request/types.js';
|
|
29
28
|
import { TokenManager } from './token/token-manager.js';
|
|
30
29
|
import { TokenStore } from './token/token-store.js';
|
|
31
|
-
import { CodeGrantRequest, Introspect, IntrospectionResponse, RefreshGrantRequest, Revoke, TokenRequest } from './token/types.js';
|
|
32
30
|
import { VerifyTokenClaimsOptions } from './token/verify-token-claims.js';
|
|
33
31
|
export type OAuthProviderStore = Partial<ClientStore & AccountStore & DeviceStore & TokenStore & RequestStore & ReplayStore>;
|
|
34
32
|
export { Keyset, type CustomMetadata, type Customization, type Handler, type OAuthAuthorizationServerMetadata, };
|
|
@@ -213,12 +211,12 @@ export declare class OAuthProvider extends OAuthVerifier {
|
|
|
213
211
|
readonly x5u?: string | undefined;
|
|
214
212
|
})[];
|
|
215
213
|
};
|
|
216
|
-
protected loginRequired(client: Client, parameters:
|
|
217
|
-
protected authenticateClient(
|
|
218
|
-
protected decodeJAR(client: Client, input:
|
|
219
|
-
payload:
|
|
214
|
+
protected loginRequired(client: Client, parameters: OAuthAuthorizationRequestParameters, info: DeviceAccountInfo): boolean;
|
|
215
|
+
protected authenticateClient(credentials: OAuthClientCredentials): Promise<[Client, ClientAuth]>;
|
|
216
|
+
protected decodeJAR(client: Client, input: OAuthAuthorizationRequestJar): Promise<{
|
|
217
|
+
payload: OAuthAuthorizationRequestParameters;
|
|
220
218
|
} | {
|
|
221
|
-
payload:
|
|
219
|
+
payload: OAuthAuthorizationRequestParameters;
|
|
222
220
|
protectedHeader: {
|
|
223
221
|
kid: string;
|
|
224
222
|
alg: string;
|
|
@@ -228,14 +226,14 @@ export declare class OAuthProvider extends OAuthVerifier {
|
|
|
228
226
|
/**
|
|
229
227
|
* @see {@link https://datatracker.ietf.org/doc/html/rfc9126}
|
|
230
228
|
*/
|
|
231
|
-
protected pushedAuthorizationRequest(
|
|
232
|
-
|
|
233
|
-
expires_in: number;
|
|
234
|
-
}>;
|
|
235
|
-
private loadAuthorizationRequest;
|
|
229
|
+
protected pushedAuthorizationRequest(credentials: OAuthClientCredentials, authorizationRequest: OAuthAuthorizationRequestPar, dpopJkt: null | string): Promise<OAuthParResponse>;
|
|
230
|
+
private processAuthorizationRequest;
|
|
236
231
|
private deleteRequest;
|
|
237
|
-
|
|
238
|
-
|
|
232
|
+
/**
|
|
233
|
+
* @see {@link https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-11#section-4.1.1}
|
|
234
|
+
*/
|
|
235
|
+
protected authorize(deviceId: DeviceId, credentials: OAuthClientCredentialsNone, query: OAuthAuthorizationRequestQuery): Promise<AuthorizationResultRedirect | AuthorizationResultAuthorize>;
|
|
236
|
+
protected getSessions(client: Client, clientAuth: ClientAuth, deviceId: DeviceId, parameters: OAuthAuthorizationRequestParameters): Promise<{
|
|
239
237
|
account: Account;
|
|
240
238
|
info: DeviceAccountInfo;
|
|
241
239
|
selected: boolean;
|
|
@@ -249,23 +247,23 @@ export declare class OAuthProvider extends OAuthVerifier {
|
|
|
249
247
|
}>;
|
|
250
248
|
protected acceptRequest(deviceId: DeviceId, uri: RequestUri, clientId: ClientId, sub: string): Promise<AuthorizationResultRedirect>;
|
|
251
249
|
protected rejectRequest(deviceId: DeviceId, uri: RequestUri, clientId: ClientId): Promise<AuthorizationResultRedirect>;
|
|
252
|
-
protected token(
|
|
253
|
-
protected codeGrant(client: Client, clientAuth: ClientAuth, input:
|
|
254
|
-
refreshTokenGrant(client: Client, clientAuth: ClientAuth, input:
|
|
250
|
+
protected token(credentials: OAuthClientCredentials, request: OAuthTokenRequest, dpopJkt: null | string): Promise<OAuthTokenResponse>;
|
|
251
|
+
protected codeGrant(client: Client, clientAuth: ClientAuth, input: OAuthAuthorizationCodeGrantTokenRequest, dpopJkt: null | string): Promise<OAuthTokenResponse>;
|
|
252
|
+
refreshTokenGrant(client: Client, clientAuth: ClientAuth, input: OAuthRefreshTokenGrantTokenRequest, dpopJkt: null | string): Promise<OAuthTokenResponse>;
|
|
255
253
|
/**
|
|
256
254
|
* @see {@link https://datatracker.ietf.org/doc/html/rfc7009#section-2.1 rfc7009}
|
|
257
255
|
*/
|
|
258
|
-
protected revoke(
|
|
256
|
+
protected revoke({ token }: OAuthTokenIdentification): Promise<void>;
|
|
259
257
|
/**
|
|
260
258
|
* @see {@link https://datatracker.ietf.org/doc/html/rfc7662#section-2.1 rfc7662}
|
|
261
259
|
*/
|
|
262
|
-
protected introspect(
|
|
263
|
-
protected authenticateToken(tokenType: OAuthTokenType, token:
|
|
260
|
+
protected introspect(credentials: OAuthClientCredentials, { token }: OAuthTokenIdentification): Promise<OAuthIntrospectionResponse>;
|
|
261
|
+
protected authenticateToken(tokenType: OAuthTokenType, token: OAuthAccessToken, dpopJkt: string | null, verifyOptions?: VerifyTokenClaimsOptions): Promise<import("./token/verify-token-claims.js").VerifyTokenClaimsResult>;
|
|
264
262
|
/**
|
|
265
263
|
* @returns An http request handler that can be used with node's http server
|
|
266
264
|
* or as a middleware with express / connect.
|
|
267
265
|
*/
|
|
268
266
|
httpHandler<T = void, Req extends IncomingMessage = IncomingMessage, Res extends ServerResponse = ServerResponse>(options?: RouterOptions<Req, Res>): Handler<T, Req, Res>;
|
|
269
|
-
buildRouter<T = void, Req extends IncomingMessage = IncomingMessage, Res extends ServerResponse = ServerResponse>(
|
|
267
|
+
buildRouter<T = void, Req extends IncomingMessage = IncomingMessage, Res extends ServerResponse = ServerResponse>(options?: RouterOptions<Req, Res>): Router<T, Req, Res>;
|
|
270
268
|
}
|
|
271
269
|
//# sourceMappingURL=oauth-provider.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-provider.d.ts","sourceRoot":"","sources":["../src/oauth-provider.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AAExD,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AAC3C,OAAO,
|
|
1
|
+
{"version":3,"file":"oauth-provider.d.ts","sourceRoot":"","sources":["../src/oauth-provider.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AAExD,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AAC3C,OAAO,EAEL,gBAAgB,EAChB,uCAAuC,EACvC,4BAA4B,EAC5B,4BAA4B,EAC5B,mCAAmC,EACnC,8BAA8B,EAC9B,gCAAgC,EAChC,sBAAsB,EACtB,0BAA0B,EAC1B,mBAAmB,EACnB,0BAA0B,EAC1B,gBAAgB,EAChB,kCAAkC,EAClC,wBAAwB,EACxB,iBAAiB,EACjB,kBAAkB,EAClB,cAAc,EAQf,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EAAE,KAAK,EAAE,KAAK,YAAY,EAAE,MAAM,SAAS,CAAA;AAIlD,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAC7D,OAAO,EACL,YAAY,EACZ,iBAAiB,EACjB,iBAAiB,EAGlB,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA;AAE9C,OAAO,EAAE,UAAU,EAAqB,MAAM,yBAAyB,CAAA;AACvE,OAAO,EAAE,QAAQ,EAAkB,MAAM,uBAAuB,CAAA;AAChE,OAAO,EACL,aAAa,EACb,sBAAsB,EACvB,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,WAAW,EAAiB,MAAM,0BAA0B,CAAA;AACrE,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAE3C,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAA;AAEhD,OAAO,EAAE,WAAW,EAAiB,MAAM,0BAA0B,CAAA;AAYrE,OAAO,EACL,OAAO,EACP,eAAe,EAEf,MAAM,EACN,cAAc,EAYf,MAAM,qBAAqB,CAAA;AAE5B,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAA;AAC7C,OAAO,EAAE,cAAc,EAAiB,MAAM,8BAA8B,CAAA;AAC5E,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAC7C,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AACzE,OAAO,EAAE,4BAA4B,EAAE,MAAM,kCAAkC,CAAA;AAK/E,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AAEzD,OAAO,EACL,2BAA2B,EAE5B,MAAM,qCAAqC,CAAA;AAC5C,OAAO,EAAE,WAAW,EAAiB,MAAM,0BAA0B,CAAA;AAGrE,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAG7D,OAAO,EAAE,YAAY,EAAkB,MAAM,4BAA4B,CAAA;AACzE,OAAO,EAAE,UAAU,EAAoB,MAAM,0BAA0B,CAAA;AAEvE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AACvD,OAAO,EAAE,UAAU,EAAgB,MAAM,wBAAwB,CAAA;AACjE,OAAO,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAA;AAEzE,MAAM,MAAM,kBAAkB,GAAG,OAAO,CACtC,WAAW,GACT,YAAY,GACZ,WAAW,GACX,UAAU,GACV,YAAY,GACZ,WAAW,CACd,CAAA;AAED,OAAO,EACL,MAAM,EACN,KAAK,cAAc,EACnB,KAAK,aAAa,EAClB,KAAK,OAAO,EACZ,KAAK,gCAAgC,GACtC,CAAA;AAED,MAAM,MAAM,aAAa,CACvB,GAAG,SAAS,eAAe,GAAG,eAAe,EAC7C,GAAG,SAAS,cAAc,GAAG,cAAc,IACzC;IACF,OAAO,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,KAAK,IAAI,CAAA;CACtE,CAAA;AAED,MAAM,MAAM,oBAAoB,GAAG,QAAQ,CACzC,oBAAoB,GAAG,UAAU,EACjC;IACE;;;OAGG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAA;IAE7B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAA;IAEpB;;OAEG;IACH,QAAQ,CAAC,EAAE,cAAc,CAAA;IAEzB;;OAEG;IACH,aAAa,CAAC,EAAE,aAAa,CAAA;IAE7B;;;;;;OAMG;IACH,SAAS,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAA;IAEnC;;;OAGG;IACH,KAAK,CAAC,EAAE,KAAK,GAAG,YAAY,GAAG,MAAM,CAAA;IAErC;;;;;;OAMG;IACH,KAAK,CAAC,EAAE,kBAAkB,CAAA;IAE1B,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,UAAU,CAAC,EAAE,UAAU,CAAA;IAEvB;;;;;OAKG;IACH,eAAe,CAAC,EAAE,WAAW,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;IAE3C;;;;;OAKG;IACH,mBAAmB,CAAC,EAAE,WAAW,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAA;IAE9D;;;;;;;OAOG;IACH,gBAAgB,CAAC,EAAE,IAAI,GAAG,KAAK,GAAG,sBAAsB,CAAA;CACzD,CACF,CAAA;AAED,qBAAa,aAAc,SAAQ,aAAa;IAC9C,SAAgB,QAAQ,EAAE,gCAAgC,CAAA;IAC1D,SAAgB,aAAa,CAAC,EAAE,aAAa,CAAA;IAE7C,SAAgB,oBAAoB,EAAE,MAAM,CAAA;IAE5C,SAAgB,cAAc,EAAE,cAAc,CAAA;IAC9C,SAAgB,WAAW,EAAE,WAAW,CAAA;IACxC,SAAgB,aAAa,EAAE,aAAa,CAAA;IAC5C,SAAgB,cAAc,EAAE,cAAc,CAAA;IAC9C,SAAgB,YAAY,EAAE,YAAY,CAAA;gBAEvB,EACjB,QAAQ,EACR,aAAyB,EACzB,oBAA6C,EAC7C,WAA2B,EAE3B,SAA2B,EAC3B,KAAK,EACL,KAAK,EAAE,gCAAgC;IAGvC,YAAoC,EACpC,WAAkC,EAClC,UAAgC,EAGhC,WAAkC,EAClC,WAAkC,EAClC,YAAoC,EAEpC,eAGE,EACF,mBAGE,EAEF,gBAAgD,EAGhD,GAAG,IAAI,EACR,EAAE,oBAAoB;IAuCvB,IAAI,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAEP;IAED,SAAS,CAAC,aAAa,CACrB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,mCAAmC,EAC/C,IAAI,EAAE,iBAAiB;cAaT,kBAAkB,CAChC,WAAW,EAAE,sBAAsB,GAClC,OAAO,CAAC,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;cAmChB,SAAS,CACvB,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,4BAA4B,GAClC,OAAO,CACN;QACE,OAAO,EAAE,mCAAmC,CAAA;KAC7C,GACD;QACE,OAAO,EAAE,mCAAmC,CAAA;QAC5C,eAAe,EAAE;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE,CAAA;QAC7C,GAAG,EAAE,MAAM,CAAA;KACZ,CACJ;IA6CD;;OAEG;cACa,0BAA0B,CACxC,WAAW,EAAE,sBAAsB,EACnC,oBAAoB,EAAE,4BAA4B,EAClD,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,gBAAgB,CAAC;YAmCd,2BAA2B;YAqD3B,aAAa;IAW3B;;OAEG;cACa,SAAS,CACvB,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,0BAA0B,EACvC,KAAK,EAAE,8BAA8B,GACpC,OAAO,CAAC,2BAA2B,GAAG,4BAA4B,CAAC;cAuGtD,WAAW,CACzB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,QAAQ,EAAE,QAAQ,EAClB,UAAU,EAAE,mCAAmC,GAC9C,OAAO,CACR;QACE,OAAO,EAAE,OAAO,CAAA;QAChB,IAAI,EAAE,iBAAiB,CAAA;QAEvB,QAAQ,EAAE,OAAO,CAAA;QACjB,aAAa,EAAE,OAAO,CAAA;QACtB,eAAe,EAAE,OAAO,CAAA;QAExB,WAAW,EAAE,OAAO,CAAA;KACrB,EAAE,CACJ;cAqCe,MAAM,CACpB,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,iBAAiB,GAC7B,OAAO,CAAC;QACT,OAAO,EAAE,OAAO,CAAA;QAChB,eAAe,EAAE,OAAO,CAAA;KACzB,CAAC;cAuBc,aAAa,CAC3B,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,2BAA2B,CAAC;cA2CvB,aAAa,CAC3B,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,GACjB,OAAO,CAAC,2BAA2B,CAAC;cAmBvB,KAAK,CACnB,WAAW,EAAE,sBAAsB,EACnC,OAAO,EAAE,iBAAiB,EAC1B,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,kBAAkB,CAAC;cA4Bd,SAAS,CACvB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,uCAAuC,EAC9C,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,kBAAkB,CAAC;IA4DxB,iBAAiB,CACrB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,kCAAkC,EACzC,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,kBAAkB,CAAC;IAI9B;;OAEG;cACa,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,wBAAwB;IAM1D;;OAEG;cACa,UAAU,CACxB,WAAW,EAAE,sBAAsB,EACnC,EAAE,KAAK,EAAE,EAAE,wBAAwB,GAClC,OAAO,CAAC,0BAA0B,CAAC;cAiDb,iBAAiB,CACxC,SAAS,EAAE,cAAc,EACzB,KAAK,EAAE,gBAAgB,EACvB,OAAO,EAAE,MAAM,GAAG,IAAI,EACtB,aAAa,CAAC,EAAE,wBAAwB;IAgB1C;;;OAGG;IACI,WAAW,CAChB,CAAC,GAAG,IAAI,EACR,GAAG,SAAS,eAAe,GAAG,eAAe,EAC7C,GAAG,SAAS,cAAc,GAAG,cAAc,EAC3C,OAAO,CAAC,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC;IAKnD,WAAW,CAChB,CAAC,GAAG,IAAI,EACR,GAAG,SAAS,eAAe,GAAG,eAAe,EAC7C,GAAG,SAAS,cAAc,GAAG,cAAc,EAC3C,OAAO,CAAC,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC;CAgfpC"}
|