@atproto/oauth-provider 0.2.16 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- package/CHANGELOG.md +34 -0
- package/dist/account/account-store.d.ts +1 -1
- package/dist/account/account-store.d.ts.map +1 -1
- package/dist/account/account-store.js +6 -9
- package/dist/account/account-store.js.map +1 -1
- package/dist/account/account.d.ts +1 -1
- package/dist/account/account.d.ts.map +1 -1
- package/dist/assets/app/bundle-manifest.json +2 -2
- package/dist/assets/app/main.js +1 -1
- package/dist/assets/app/main.js.map +1 -1
- package/dist/assets/assets-middleware.d.ts.map +1 -1
- package/dist/assets/assets-middleware.js.map +1 -1
- package/dist/assets/index.d.ts.map +1 -1
- package/dist/assets/index.js +7 -6
- package/dist/assets/index.js.map +1 -1
- package/dist/client/client-auth.d.ts +1 -1
- package/dist/client/client-auth.d.ts.map +1 -1
- package/dist/client/client-auth.js +1 -1
- package/dist/client/client-auth.js.map +1 -1
- package/dist/client/client-manager.d.ts +2 -2
- package/dist/client/client-manager.d.ts.map +1 -1
- package/dist/client/client-manager.js +8 -10
- package/dist/client/client-manager.js.map +1 -1
- package/dist/client/client-store.d.ts.map +1 -1
- package/dist/client/client-store.js.map +1 -1
- package/dist/client/client-utils.d.ts.map +1 -1
- package/dist/client/client-utils.js.map +1 -1
- package/dist/client/client.d.ts +1 -1
- package/dist/client/client.d.ts.map +1 -1
- package/dist/client/client.js +1 -1
- package/dist/client/client.js.map +1 -1
- package/dist/device/device-data.d.ts +7 -8
- package/dist/device/device-data.d.ts.map +1 -1
- package/dist/device/device-data.js +3 -2
- package/dist/device/device-data.js.map +1 -1
- package/dist/device/device-id.d.ts.map +1 -1
- package/dist/device/device-id.js.map +1 -1
- package/dist/device/device-manager.d.ts +104 -19
- package/dist/device/device-manager.d.ts.map +1 -1
- package/dist/device/device-manager.js +44 -31
- package/dist/device/device-manager.js.map +1 -1
- package/dist/device/session-id.d.ts.map +1 -1
- package/dist/device/session-id.js.map +1 -1
- package/dist/dpop/dpop-manager.d.ts.map +1 -1
- package/dist/dpop/dpop-manager.js.map +1 -1
- package/dist/dpop/dpop-nonce.d.ts.map +1 -1
- package/dist/dpop/dpop-nonce.js.map +1 -1
- package/dist/errors/invalid-client-metadata-error.js +1 -1
- package/dist/errors/invalid-client-metadata-error.js.map +1 -1
- package/dist/errors/invalid-token-error.d.ts.map +1 -1
- package/dist/errors/invalid-token-error.js +1 -1
- package/dist/errors/invalid-token-error.js.map +1 -1
- package/dist/errors/www-authenticate-error.d.ts.map +1 -1
- package/dist/errors/www-authenticate-error.js.map +1 -1
- package/dist/lib/http/accept.d.ts +2 -1
- package/dist/lib/http/accept.d.ts.map +1 -1
- package/dist/lib/http/accept.js.map +1 -1
- package/dist/lib/http/method.d.ts +1 -1
- package/dist/lib/http/method.d.ts.map +1 -1
- package/dist/lib/http/middleware.d.ts +1 -1
- package/dist/lib/http/middleware.d.ts.map +1 -1
- package/dist/lib/http/request.d.ts +10 -1
- package/dist/lib/http/request.d.ts.map +1 -1
- package/dist/lib/http/request.js +40 -2
- package/dist/lib/http/request.js.map +1 -1
- package/dist/lib/http/response.d.ts +3 -2
- package/dist/lib/http/response.d.ts.map +1 -1
- package/dist/lib/http/response.js.map +1 -1
- package/dist/lib/http/route.d.ts +2 -1
- package/dist/lib/http/route.d.ts.map +1 -1
- package/dist/lib/http/route.js.map +1 -1
- package/dist/lib/http/router.d.ts +2 -1
- package/dist/lib/http/router.d.ts.map +1 -1
- package/dist/lib/http/router.js.map +1 -1
- package/dist/lib/http/stream.d.ts +1 -1
- package/dist/lib/http/stream.d.ts.map +1 -1
- package/dist/lib/http/stream.js +1 -1
- package/dist/lib/http/stream.js.map +1 -1
- package/dist/lib/http/types.d.ts +0 -1
- package/dist/lib/http/types.d.ts.map +1 -1
- package/dist/lib/util/authorization-header.d.ts.map +1 -1
- package/dist/lib/util/authorization-header.js +1 -1
- package/dist/lib/util/authorization-header.js.map +1 -1
- package/dist/lib/util/function.d.ts +8 -0
- package/dist/lib/util/function.d.ts.map +1 -1
- package/dist/lib/util/function.js +1 -1
- package/dist/lib/util/function.js.map +1 -1
- package/dist/lib/util/hostname.d.ts.map +1 -1
- package/dist/lib/util/time.d.ts +7 -1
- package/dist/lib/util/time.d.ts.map +1 -1
- package/dist/lib/util/time.js +23 -12
- package/dist/lib/util/time.js.map +1 -1
- package/dist/metadata/build-metadata.d.ts.map +1 -1
- package/dist/metadata/build-metadata.js.map +1 -1
- package/dist/oauth-hooks.d.ts +56 -4
- package/dist/oauth-hooks.d.ts.map +1 -1
- package/dist/oauth-hooks.js +8 -0
- package/dist/oauth-hooks.js.map +1 -1
- package/dist/oauth-provider.d.ts +13 -10
- package/dist/oauth-provider.d.ts.map +1 -1
- package/dist/oauth-provider.js +36 -58
- package/dist/oauth-provider.js.map +1 -1
- package/dist/oauth-verifier.d.ts +1 -1
- package/dist/oauth-verifier.d.ts.map +1 -1
- package/dist/oauth-verifier.js.map +1 -1
- package/dist/output/build-authorize-data.d.ts.map +1 -1
- package/dist/output/build-authorize-data.js.map +1 -1
- package/dist/output/build-error-payload.d.ts.map +1 -1
- package/dist/output/build-error-payload.js +1 -1
- package/dist/output/build-error-payload.js.map +1 -1
- package/dist/output/output-manager.d.ts +1 -1
- package/dist/output/output-manager.d.ts.map +1 -1
- package/dist/output/output-manager.js.map +1 -1
- package/dist/output/send-authorize-redirect.d.ts +1 -1
- package/dist/output/send-authorize-redirect.d.ts.map +1 -1
- package/dist/output/send-authorize-redirect.js.map +1 -1
- package/dist/output/send-web-page.d.ts +1 -1
- package/dist/output/send-web-page.d.ts.map +1 -1
- package/dist/output/send-web-page.js.map +1 -1
- package/dist/replay/replay-store-redis.d.ts.map +1 -1
- package/dist/replay/replay-store-redis.js.map +1 -1
- package/dist/request/code.d.ts.map +1 -1
- package/dist/request/code.js.map +1 -1
- package/dist/request/request-data.d.ts.map +1 -1
- package/dist/request/request-data.js.map +1 -1
- package/dist/request/request-id.d.ts.map +1 -1
- package/dist/request/request-id.js.map +1 -1
- package/dist/request/request-info.d.ts +1 -1
- package/dist/request/request-info.d.ts.map +1 -1
- package/dist/request/request-manager.d.ts +2 -1
- package/dist/request/request-manager.d.ts.map +1 -1
- package/dist/request/request-manager.js +10 -2
- package/dist/request/request-manager.js.map +1 -1
- package/dist/request/request-store-memory.d.ts +1 -1
- package/dist/request/request-store-memory.d.ts.map +1 -1
- package/dist/request/request-store-redis.d.ts +1 -1
- package/dist/request/request-store-redis.d.ts.map +1 -1
- package/dist/request/request-store-redis.js.map +1 -1
- package/dist/request/request-uri.d.ts.map +1 -1
- package/dist/request/request-uri.js.map +1 -1
- package/dist/signer/signed-token-payload.d.ts +1 -1
- package/dist/signer/signed-token-payload.d.ts.map +1 -1
- package/dist/signer/signed-token-payload.js +2 -5
- package/dist/signer/signed-token-payload.js.map +1 -1
- package/dist/signer/signer.d.ts +1 -1
- package/dist/signer/signer.d.ts.map +1 -1
- package/dist/signer/signer.js.map +1 -1
- package/dist/token/refresh-token.d.ts.map +1 -1
- package/dist/token/refresh-token.js.map +1 -1
- package/dist/token/token-claims.d.ts +1 -1
- package/dist/token/token-claims.d.ts.map +1 -1
- package/dist/token/token-claims.js +2 -5
- package/dist/token/token-claims.js.map +1 -1
- package/dist/token/token-data.d.ts.map +1 -1
- package/dist/token/token-id.d.ts.map +1 -1
- package/dist/token/token-id.js.map +1 -1
- package/dist/token/token-manager.d.ts +3 -2
- package/dist/token/token-manager.d.ts.map +1 -1
- package/dist/token/token-manager.js +40 -25
- package/dist/token/token-manager.js.map +1 -1
- package/dist/token/verify-token-claims.d.ts.map +1 -1
- package/dist/token/verify-token-claims.js.map +1 -1
- package/package.json +13 -12
- package/rollup.config.js +4 -5
- package/src/account/account-store.ts +1 -2
- package/src/account/account.ts +1 -1
- package/src/assets/app/hooks/use-api.ts +1 -2
- package/src/assets/app/lib/api.ts +0 -1
- package/src/assets/assets-middleware.ts +0 -1
- package/src/assets/index.ts +2 -3
- package/src/client/client-auth.ts +1 -2
- package/src/client/client-manager.ts +22 -25
- package/src/client/client-store.ts +0 -1
- package/src/client/client-utils.ts +0 -1
- package/src/client/client.ts +13 -14
- package/src/device/device-data.ts +3 -3
- package/src/device/device-id.ts +0 -1
- package/src/device/device-manager.ts +94 -79
- package/src/device/session-id.ts +0 -1
- package/src/dpop/dpop-manager.ts +0 -2
- package/src/dpop/dpop-nonce.ts +0 -1
- package/src/errors/invalid-client-metadata-error.ts +1 -1
- package/src/errors/invalid-token-error.ts +1 -2
- package/src/errors/www-authenticate-error.ts +0 -1
- package/src/lib/http/accept.ts +2 -7
- package/src/lib/http/method.ts +1 -1
- package/src/lib/http/middleware.ts +1 -1
- package/src/lib/http/request.ts +66 -4
- package/src/lib/http/response.ts +3 -3
- package/src/lib/http/route.ts +2 -1
- package/src/lib/http/router.ts +2 -1
- package/src/lib/http/stream.ts +4 -5
- package/src/lib/http/types.ts +0 -1
- package/src/lib/util/authorization-header.ts +1 -2
- package/src/lib/util/function.ts +19 -2
- package/src/lib/util/hostname.ts +1 -1
- package/src/lib/util/time.ts +35 -18
- package/src/metadata/build-metadata.ts +0 -1
- package/src/oauth-hooks.ts +73 -14
- package/src/oauth-provider.ts +77 -37
- package/src/oauth-verifier.ts +1 -2
- package/src/output/build-authorize-data.ts +0 -1
- package/src/output/build-error-payload.ts +1 -2
- package/src/output/output-manager.ts +3 -4
- package/src/output/send-authorize-redirect.ts +1 -2
- package/src/output/send-web-page.ts +3 -4
- package/src/replay/replay-manager.ts +1 -1
- package/src/replay/replay-store-redis.ts +0 -1
- package/src/request/code.ts +0 -1
- package/src/request/request-data.ts +0 -1
- package/src/request/request-id.ts +0 -1
- package/src/request/request-info.ts +1 -1
- package/src/request/request-manager.ts +16 -6
- package/src/request/request-store-memory.ts +1 -1
- package/src/request/request-store-redis.ts +1 -2
- package/src/request/request-uri.ts +0 -1
- package/src/signer/signed-token-payload.ts +1 -2
- package/src/signer/signer.ts +1 -2
- package/src/token/refresh-token.ts +0 -1
- package/src/token/token-claims.ts +1 -2
- package/src/token/token-data.ts +0 -1
- package/src/token/token-id.ts +0 -1
- package/src/token/token-manager.ts +53 -25
- package/src/token/verify-token-claims.ts +0 -1
- package/tsconfig.backend.tsbuildinfo +1 -1
- package/dist/device/device-details.d.ts +0 -16
- package/dist/device/device-details.d.ts.map +0 -1
- package/dist/device/device-details.js +0 -34
- package/dist/device/device-details.js.map +0 -1
- package/src/device/device-details.ts +0 -43
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"router.js","sourceRoot":"","sources":["../../../src/lib/http/router.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"router.js","sourceRoot":"","sources":["../../../src/lib/http/router.ts"],"names":[],"mappings":";;;AACA,6CAA6C;AAE7C,mDAA+D;AAE/D,yCAAyD;AAUzD,MAAa,MAAM;IAQE;IAHF,WAAW,GAAoC,EAAE,CAAA;IAElE,YACmB,GAKhB;QALgB,QAAG,GAAH,GAAG,CAKnB;IACA,CAAC;IAEJ,GAAG,CAAC,GAAG,WAA4C;QACjD,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAA;QACrC,OAAO,IAAI,CAAA;IACb,CAAC;IAED,GAAG,CACD,IAAa,EACb,GAAG,EAAgD;QAEnD,OAAO,IAAI,CAAC,QAAQ,CAAI,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAA;IAC3C,CAAC;IAED,GAAG,CACD,IAAa,EACb,GAAG,EAAgD;QAEnD,OAAO,IAAI,CAAC,QAAQ,CAAI,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAA;IAC7C,CAAC;IAED,IAAI,CACF,IAAa,EACb,GAAG,EAAgD;QAEnD,OAAO,IAAI,CAAC,QAAQ,CAAI,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAA;IAC9C,CAAC;IAED,OAAO,CACL,IAAa,EACb,GAAG,EAAgD;QAEnD,OAAO,IAAI,CAAC,QAAQ,CAAI,SAAS,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAA;IACjD,CAAC;IAED,QAAQ,CACN,MAA0B,EAC1B,IAAa,EACb,GAAG,EAAgD;QAEnD,OAAO,IAAI,CAAC,GAAG,CAAC,IAAA,sBAAW,EAAC,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,CAAA;IACnD,CAAC;IAED;;OAEG;IACH,YAAY;QACV,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAA;QAE1B,uEAAuE;QACvE,4BAA4B;QAC5B,MAAM,UAAU,GAAG,IAAA,kCAAkB,EAAC,IAAI,CAAC,WAAW,EAAE;YACtD,WAAW,EAAE,QAAQ;SACtB,CAAC,CAAA;QAEF,OAAO,IAAA,yBAAS,EAA0B,UAAgB,GAAG,EAAE,GAAG,EAAE,IAAI;YACtE,yEAAyE;YACzE,wEAAwE;YACxE,2DAA2D;YAC3D,IAAI,GAAQ,CAAA;YAEZ,IACE,CAAC,SAAS;gBACV,IAAI,IAAI,IAAI;gBACZ,OAAO,IAAI,KAAK,QAAQ;gBACxB,KAAK,IAAI,IAAI;gBACb,IAAI,CAAC,GAAG,YAAY,GAAG,EACvB,CAAC;gBACD,wEAAwE;gBACxE,UAAU;gBACV,GAAG,GAAG,IAAI,CAAC,GAAG,CAAA;YAChB,CAAC;iBAAM,CAAC;gBACN,yCAAyC;gBACzC,IAAI,CAAC;oBACH,MAAM,QAAQ,GAAG,SAAS,EAAE,QAAQ,IAAI,QAAQ,CAAA;oBAChD,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,SAAS,EAAE,IAAI,IAAI,WAAW,CAAA;oBAC/D,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,IAAI,GAAG,CAAA;oBAC/B,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,GAAG,QAAQ,KAAK,IAAI,EAAE,CAAC,CAAA;gBACjD,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,MAAM,KAAK,GACT,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,aAAa,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;oBACtE,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC,CAAA;gBACrE,CAAC;YACH,CAAC;YAED,MAAM,OAAO,GAAG,IAAA,mBAAM,EAAC,IAAI,EAAE,KAAK,EAAE,GAAG,CAAC,CAAA;YACxC,UAAU,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;QAC1C,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAvGD,wBAuGC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { IncomingMessage } from 'node:http';
|
|
1
|
+
import type { IncomingMessage } from 'node:http';
|
|
2
2
|
import { Readable } from 'node:stream';
|
|
3
3
|
import { KnownNames, ParserResult } from './parser.js';
|
|
4
4
|
export declare function decodeHttpRequest(req: IncomingMessage): Readable;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"stream.d.ts","sourceRoot":"","sources":["../../../src/lib/http/stream.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"stream.d.ts","sourceRoot":"","sources":["../../../src/lib/http/stream.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AAChD,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAA;AAGtC,OAAO,EACL,UAAU,EAEV,YAAY,EAGb,MAAM,aAAa,CAAA;AAEpB,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,eAAe,GAAG,QAAQ,CAQhE;AAED;;;;;GAKG;AAEH,wBAAsB,gBAAgB,CAAC,CAAC,SAAS,SAAS,UAAU,EAAE,EACpE,GAAG,EAAE,eAAe,EACpB,KAAK,EAAE,CAAC;;;;;UAiBuB,CAAC,CAAC,MAAM,CAAC;;;;uGAG+qB,CAAC;;UAHzrB,CAAC,CAAC,MAAM,CAAC;;;;;;UAAT,CAAC,CAAC,MAAM,CAAC;KAEzC"}
|
package/dist/lib/http/stream.js
CHANGED
|
@@ -5,8 +5,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
exports.decodeHttpRequest = decodeHttpRequest;
|
|
7
7
|
exports.parseHttpRequest = parseHttpRequest;
|
|
8
|
-
const common_1 = require("@atproto/common");
|
|
9
8
|
const http_errors_1 = __importDefault(require("http-errors"));
|
|
9
|
+
const common_1 = require("@atproto/common");
|
|
10
10
|
const parser_js_1 = require("./parser.js");
|
|
11
11
|
function decodeHttpRequest(req) {
|
|
12
12
|
try {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"stream.js","sourceRoot":"","sources":["../../../src/lib/http/stream.ts"],"names":[],"mappings":";;;;;
|
|
1
|
+
{"version":3,"file":"stream.js","sourceRoot":"","sources":["../../../src/lib/http/stream.ts"],"names":[],"mappings":";;;;;AAYA,8CAQC;AASD,4CAqBC;AAhDD,8DAAyC;AACzC,4CAAkE;AAClE,2CAMoB;AAEpB,SAAgB,iBAAiB,CAAC,GAAoB;IACpD,IAAI,CAAC;QACH,OAAO,IAAA,qBAAY,EAAC,GAAG,EAAE,GAAG,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,CAAA;IAC3D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,OAAO,GACX,KAAK,YAAY,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,0BAA0B,CAAA;QACzE,MAAM,IAAA,qBAAe,EAAC,GAAG,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;IAChD,CAAC;AACH,CAAC;AAED;;;;;GAKG;AAEI,KAAK,UAAU,gBAAgB,CACpC,GAAoB,EACpB,KAAQ;IAER,MAAM,IAAI,GAAG,IAAA,4BAAgB,EAC3B,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,0BAA0B,CAC1D,CAAA;IAED,MAAM,MAAM,GAAG,mBAAO,CAAC,IAAI,CACzB,CAAC,MAAM,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAClE,CAAA;IAED,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAA,qBAAe,EAAC,GAAG,EAAE,6BAA6B,IAAI,CAAC,IAAI,EAAE,CAAC,CAAA;IACtE,CAAC;IAED,MAAM,MAAM,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAA;IACrC,MAAM,MAAM,GAAG,MAAM,IAAA,2BAAkB,EAAC,MAAM,CAAC,CAAA;IAC/C,OAAO,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,CAE/B,CAAA;AACH,CAAC"}
|
package/dist/lib/http/types.d.ts
CHANGED
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import type { IncomingMessage, ServerResponse } from 'node:http';
|
|
2
|
-
export { IncomingMessage, ServerResponse };
|
|
3
2
|
export type NextFunction = (err?: unknown) => void;
|
|
4
3
|
export type Middleware<T = void, Req = IncomingMessage, Res = ServerResponse> = (this: T, req: Req, res: Res, next: NextFunction) => void | PromiseLike<void>;
|
|
5
4
|
export type Handler<T = void, Req = IncomingMessage, Res = ServerResponse> = (this: T, req: Req, res: Res, next?: NextFunction) => void;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/lib/http/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAA;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/lib/http/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAA;AAEhE,MAAM,MAAM,YAAY,GAAG,CAAC,GAAG,CAAC,EAAE,OAAO,KAAK,IAAI,CAAA;AAElD,MAAM,MAAM,UAAU,CACpB,CAAC,GAAG,IAAI,EACR,GAAG,GAAG,eAAe,EACrB,GAAG,GAAG,cAAc,IAClB,CACF,IAAI,EAAE,CAAC,EACP,GAAG,EAAE,GAAG,EACR,GAAG,EAAE,GAAG,EACR,IAAI,EAAE,YAAY,KACf,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,CAAA;AAE7B,MAAM,MAAM,OAAO,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,GAAG,eAAe,EAAE,GAAG,GAAG,cAAc,IAAI,CAC3E,IAAI,EAAE,CAAC,EACP,GAAG,EAAE,GAAG,EACR,GAAG,EAAE,GAAG,EACR,IAAI,CAAC,EAAE,YAAY,KAChB,IAAI,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorization-header.d.ts","sourceRoot":"","sources":["../../../src/lib/util/authorization-header.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"authorization-header.d.ts","sourceRoot":"","sources":["../../../src/lib/util/authorization-header.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAQvB,eAAO,MAAM,yBAAyB,uIAGpC,CAAA;AAEF,eAAO,MAAM,wBAAwB,YAAa,MAAM,gCAcvD,CAAA"}
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.parseAuthorizationHeader = exports.authorizationHeaderSchema = void 0;
|
|
4
|
-
const oauth_types_1 = require("@atproto/oauth-types");
|
|
5
4
|
const zod_1 = require("zod");
|
|
5
|
+
const oauth_types_1 = require("@atproto/oauth-types");
|
|
6
6
|
const invalid_request_error_js_1 = require("../../errors/invalid-request-error.js");
|
|
7
7
|
const www_authenticate_error_js_1 = require("../../errors/www-authenticate-error.js");
|
|
8
8
|
exports.authorizationHeaderSchema = zod_1.z.tuple([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorization-header.js","sourceRoot":"","sources":["../../../src/lib/util/authorization-header.ts"],"names":[],"mappings":";;;AAAA,sDAG6B;AAC7B,
|
|
1
|
+
{"version":3,"file":"authorization-header.js","sourceRoot":"","sources":["../../../src/lib/util/authorization-header.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,sDAG6B;AAC7B,oFAA2E;AAC3E,sFAA6E;AAEhE,QAAA,yBAAyB,GAAG,OAAC,CAAC,KAAK,CAAC;IAC/C,kCAAoB;IACpB,oCAAsB;CACvB,CAAC,CAAA;AAEK,MAAM,wBAAwB,GAAG,CAAC,MAAe,EAAE,EAAE;IAC1D,IAAI,MAAM,IAAI,IAAI,EAAE,CAAC;QACnB,MAAM,IAAI,gDAAoB,CAC5B,iBAAiB,EACjB,+BAA+B,EAC/B,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CACzB,CAAA;IACH,CAAC;IAED,MAAM,MAAM,GAAG,iCAAyB,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAA;IACrE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,IAAI,8CAAmB,CAAC,8BAA8B,CAAC,CAAA;IAC/D,CAAC;IACD,OAAO,MAAM,CAAC,IAAI,CAAA;AACpB,CAAC,CAAA;AAdY,QAAA,wBAAwB,4BAcpC"}
|
|
@@ -1,2 +1,10 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* This function serves two purposes:
|
|
3
|
+
* - It ensures that the return value is a Promise, even if the function returns
|
|
4
|
+
* a "thenable" (i.e. a Promise-like object).
|
|
5
|
+
* - It allows to avoid assigning a `this` context to the function, which is
|
|
6
|
+
* particularly useful when the function is a member of a "private" object.
|
|
7
|
+
*/
|
|
1
8
|
export declare function callAsync<F extends (...args: any[]) => unknown>(this: ThisParameterType<F>, fn: F, ...args: Parameters<F>): Promise<Awaited<ReturnType<F>>>;
|
|
9
|
+
export declare function callAsync<F extends (...args: any[]) => unknown>(this: ThisParameterType<F>, fn?: F, ...args: Parameters<F>): Promise<Awaited<ReturnType<F>> | undefined>;
|
|
2
10
|
//# sourceMappingURL=function.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"function.d.ts","sourceRoot":"","sources":["../../../src/lib/util/function.ts"],"names":[],"mappings":"AAAA,wBAAsB,SAAS,CAAC,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,EACnE,IAAI,EAAE,iBAAiB,CAAC,CAAC,CAAC,EAC1B,EAAE,EAAE,CAAC,EACL,GAAG,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,GACrB,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,
|
|
1
|
+
{"version":3,"file":"function.d.ts","sourceRoot":"","sources":["../../../src/lib/util/function.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,wBAAsB,SAAS,CAAC,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,EACnE,IAAI,EAAE,iBAAiB,CAAC,CAAC,CAAC,EAC1B,EAAE,EAAE,CAAC,EACL,GAAG,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,GACrB,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;AAClC,wBAAsB,SAAS,CAAC,CAAC,SAAS,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,EACnE,IAAI,EAAE,iBAAiB,CAAC,CAAC,CAAC,EAC1B,EAAE,CAAC,EAAE,CAAC,EACN,GAAG,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,GACrB,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"function.js","sourceRoot":"","sources":["../../../src/lib/util/function.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"function.js","sourceRoot":"","sources":["../../../src/lib/util/function.ts"],"names":[],"mappings":";;AAiBA,8BAMC;AANM,KAAK,UAAU,SAAS,CAE7B,EAAM,EACN,GAAG,IAAmB;IAEtB,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,CAAuC,CAAA;AACpE,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hostname.d.ts","sourceRoot":"","sources":["../../../src/lib/util/hostname.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"hostname.d.ts","sourceRoot":"","sources":["../../../src/lib/util/hostname.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAS,MAAM,KAAK,CAAA;AAEzC,wBAAgB,aAAa,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAE/C;AAED,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEpD;AAED,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,GAAG,GAAG,YAAY,GAAG,IAAI,CAG7E;AAED,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,MAAM,GAAG,YAAY,GAAG,IAAI,CAO3E"}
|
package/dist/lib/util/time.d.ts
CHANGED
|
@@ -1,6 +1,12 @@
|
|
|
1
1
|
import { Awaitable } from './type.js';
|
|
2
|
+
export declare function onOvertimeDefault(options: {
|
|
3
|
+
start: number;
|
|
4
|
+
end: number;
|
|
5
|
+
elapsed: number;
|
|
6
|
+
time: number;
|
|
7
|
+
}): void;
|
|
2
8
|
/**
|
|
3
9
|
* Utility function to protect against timing attacks.
|
|
4
10
|
*/
|
|
5
|
-
export declare function constantTime<T>(
|
|
11
|
+
export declare function constantTime<R, T = unknown>(this: T, time: number, fn: (this: T) => Awaitable<R>, onOvertime?: typeof onOvertimeDefault): Promise<R>;
|
|
6
12
|
//# sourceMappingURL=time.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"time.d.ts","sourceRoot":"","sources":["../../../src/lib/util/time.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"time.d.ts","sourceRoot":"","sources":["../../../src/lib/util/time.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAA;AAErC,wBAAgB,iBAAiB,CAAC,OAAO,EAAE;IACzC,KAAK,EAAE,MAAM,CAAA;IACb,GAAG,EAAE,MAAM,CAAA;IACX,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;CACb,GAAG,IAAI,CAIP;AAED;;GAEG;AACH,wBAAsB,YAAY,CAAC,CAAC,EAAE,CAAC,GAAG,OAAO,EAC/C,IAAI,EAAE,CAAC,EACP,IAAI,EAAE,MAAM,EACZ,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,EAC7B,UAAU,2BAAoB,GAC7B,OAAO,CAAC,CAAC,CAAC,CA2BZ"}
|
package/dist/lib/util/time.js
CHANGED
|
@@ -1,27 +1,38 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.onOvertimeDefault = onOvertimeDefault;
|
|
3
4
|
exports.constantTime = constantTime;
|
|
5
|
+
const promises_1 = require("node:timers/promises");
|
|
6
|
+
function onOvertimeDefault(options) {
|
|
7
|
+
console.warn(`constantTime: execution time was ${options.elapsed}ms (which is greater than ${options.time}ms). You should increase the "time" to properly defend against timing attacks.`);
|
|
8
|
+
}
|
|
4
9
|
/**
|
|
5
10
|
* Utility function to protect against timing attacks.
|
|
6
11
|
*/
|
|
7
|
-
async function constantTime(
|
|
8
|
-
if (!Number.isFinite(
|
|
9
|
-
throw new TypeError(
|
|
12
|
+
async function constantTime(time, fn, onOvertime = onOvertimeDefault) {
|
|
13
|
+
if (!Number.isFinite(time) || time <= 0) {
|
|
14
|
+
throw new TypeError(`"time" must be a positive number`);
|
|
10
15
|
}
|
|
11
16
|
const start = Date.now();
|
|
12
17
|
try {
|
|
13
|
-
return await fn();
|
|
18
|
+
return await fn.call(this);
|
|
14
19
|
}
|
|
15
20
|
finally {
|
|
16
|
-
const
|
|
17
|
-
|
|
18
|
-
const
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
21
|
+
const end = Date.now();
|
|
22
|
+
const elapsed = end - start;
|
|
23
|
+
const remaining = time - elapsed;
|
|
24
|
+
if (remaining >= 0) {
|
|
25
|
+
// Happy path, execution time was smaller than "time"
|
|
26
|
+
await (0, promises_1.setTimeout)(remaining);
|
|
27
|
+
}
|
|
28
|
+
else {
|
|
29
|
+
// The function execution took longer than "time"
|
|
30
|
+
onOvertime({ start, end, elapsed, time });
|
|
31
|
+
// Sleep until the next multiple of "time" to mitigate any attack
|
|
32
|
+
const multiplier = Math.ceil(elapsed / time);
|
|
33
|
+
const remaining = multiplier * time - elapsed;
|
|
34
|
+
await (0, promises_1.setTimeout)(remaining);
|
|
23
35
|
}
|
|
24
|
-
await new Promise((resolve) => setTimeout(resolve, n * delay));
|
|
25
36
|
}
|
|
26
37
|
}
|
|
27
38
|
//# sourceMappingURL=time.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"time.js","sourceRoot":"","sources":["../../../src/lib/util/time.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"time.js","sourceRoot":"","sources":["../../../src/lib/util/time.ts"],"names":[],"mappings":";;AAGA,8CASC;AAKD,oCAgCC;AAjDD,mDAA0D;AAG1D,SAAgB,iBAAiB,CAAC,OAKjC;IACC,OAAO,CAAC,IAAI,CACV,oCAAoC,OAAO,CAAC,OAAO,6BAA6B,OAAO,CAAC,IAAI,gFAAgF,CAC7K,CAAA;AACH,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,YAAY,CAEhC,IAAY,EACZ,EAA6B,EAC7B,UAAU,GAAG,iBAAiB;IAE9B,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC;QACxC,MAAM,IAAI,SAAS,CAAC,kCAAkC,CAAC,CAAA;IACzD,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;IACxB,IAAI,CAAC;QACH,OAAO,MAAM,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC5B,CAAC;YAAS,CAAC;QACT,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QACtB,MAAM,OAAO,GAAG,GAAG,GAAG,KAAK,CAAA;QAE3B,MAAM,SAAS,GAAG,IAAI,GAAG,OAAO,CAAA;QAChC,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;YACnB,qDAAqD;YACrD,MAAM,IAAA,qBAAK,EAAC,SAAS,CAAC,CAAA;QACxB,CAAC;aAAM,CAAC;YACN,iDAAiD;YACjD,UAAU,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAA;YAEzC,iEAAiE;YACjE,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,CAAA;YAC5C,MAAM,SAAS,GAAG,UAAU,GAAG,IAAI,GAAG,OAAO,CAAA;YAE7C,MAAM,IAAA,qBAAK,EAAC,SAAS,CAAC,CAAA;QACxB,CAAC;IACH,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"build-metadata.d.ts","sourceRoot":"","sources":["../../src/metadata/build-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AACrC,OAAO,EACL,gCAAgC,EAEjC,MAAM,sBAAsB,CAAA;
|
|
1
|
+
{"version":3,"file":"build-metadata.d.ts","sourceRoot":"","sources":["../../src/metadata/build-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AACrC,OAAO,EACL,gCAAgC,EAEjC,MAAM,sBAAsB,CAAA;AAI7B,MAAM,MAAM,cAAc,GAAG;IAC3B,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC3B,qCAAqC,CAAC,EAAE,MAAM,EAAE,CAAA;IAChD,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAA;CAC/B,CAAA;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAC3B,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,cAAc,CAAC,EAAE,cAAc,GAC9B,gCAAgC,CAsGlC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"build-metadata.js","sourceRoot":"","sources":["../../src/metadata/build-metadata.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"build-metadata.js","sourceRoot":"","sources":["../../src/metadata/build-metadata.ts"],"names":[],"mappings":";;AAkBA,sCA0GC;AA3HD,sDAG6B;AAC7B,mDAA4C;AAC5C,qDAAoD;AAQpD;;;GAGG;AACH,SAAgB,aAAa,CAC3B,MAAc,EACd,MAAc,EACd,cAA+B;IAE/B,OAAO,oDAAsC,CAAC,KAAK,CAAC;QAClD,MAAM;QAEN,gBAAgB,EAAE;YAChB,SAAS;YACT,EAAE;YACF,GAAG,CAAC,cAAc,EAAE,gBAAgB,IAAI,EAAE,CAAC;SAC5C;QACD,uBAAuB,EAAE;YACvB,EAAE;YACF,QAAQ,EAAE,6CAA6C;YACvD,+DAA+D;SAChE;QACD,wBAAwB,EAAE;YACxB,QAAQ;YACR,MAAM;YACN,WAAW;YAEX,SAAS;YACT,UAAU;YACV,yBAAyB;YACzB,mBAAmB;YACnB,gBAAgB;YAChB,oBAAoB;YACpB,cAAc;SACf;QACD,wBAAwB,EAAE;YACxB,mFAAmF;YACnF,OAAO;YACP,UAAU;YACV,0FAA0F;YAC1F,WAAW;SACZ;QACD,qBAAqB,EAAE;YACrB,EAAE;YACF,oBAAoB;YACpB,eAAe;SAChB;QACD,gCAAgC,EAAE;YAChC,sGAAsG;YACtG,MAAM;YAEN,iCAAiC;YACjC,WAAW;SACZ;QACD,oBAAoB,EAAE;YACpB,EAAE;YACF,OAAO;SACR;QACD,wBAAwB,EAAE;YACxB,EAAE;YACF,MAAM;YACN,OAAO;YACP,OAAO;YACP,aAAa;SACd;QAED,gDAAgD;QAChD,8CAA8C,EAAE,IAAI;QAEpD,0DAA0D;QAC1D,2CAA2C,EAAE,CAAC,GAAG,wBAAY,EAAE,MAAM,CAAC;QACtE,8CAA8C,EAAE,EAAE,EAAE,OAAO;QAC3D,8CAA8C,EAAE,EAAE,EAAE,OAAO;QAE3D,2BAA2B,EAAE,IAAI;QACjC,+BAA+B,EAAE,IAAI;QACrC,gCAAgC,EAAE,IAAI;QAEtC,QAAQ,EAAE,IAAI,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC,IAAI;QAE7C,sBAAsB,EAAE,IAAI,GAAG,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC,IAAI;QAEhE,cAAc,EAAE,IAAI,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC,IAAI;QACpD,qCAAqC,EAAE,CAAC,GAAG,kBAAM,CAAC,sBAAsB,CAAC;QACzE,gDAAgD,EAAE,CAAC,GAAG,wBAAY,CAAC;QAEnE,mBAAmB,EAAE,IAAI,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC,IAAI;QAE1D,sBAAsB,EAAE,IAAI,GAAG,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC,IAAI;QAEjE,+DAA+D;QAE/D,0DAA0D;QAC1D,qCAAqC,EAAE,IAAI,GAAG,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC,IAAI;QAEzE,qCAAqC,EAAE,IAAI;QAE3C,4DAA4D;QAC5D,iCAAiC,EAAE,CAAC,GAAG,wBAAY,CAAC;QAEpD,6DAA6D;QAC7D,qCAAqC,EACnC,cAAc,EAAE,qCAAqC;QAEvD,wFAAwF;QACxF,mBAAmB,EAAE,cAAc,EAAE,mBAAmB;QAExD,kIAAkI;QAClI,qCAAqC,EAAE,IAAI;KAC5C,CAAC,CAAA;AACJ,CAAC"}
|
package/dist/oauth-hooks.d.ts
CHANGED
|
@@ -6,8 +6,11 @@ import { ClientId } from './client/client-id.js';
|
|
|
6
6
|
import { ClientInfo } from './client/client-info.js';
|
|
7
7
|
import { Client } from './client/client.js';
|
|
8
8
|
import { InvalidAuthorizationDetailsError } from './errors/invalid-authorization-details-error.js';
|
|
9
|
+
import { RequestMetadata } from './lib/http/request.js';
|
|
9
10
|
import { Awaitable } from './lib/util/type.js';
|
|
10
|
-
|
|
11
|
+
import { AccessDeniedError, OAuthError } from './oauth-errors.js';
|
|
12
|
+
import { DeviceId } from './oauth-store.js';
|
|
13
|
+
export { AccessDeniedError, type Account, type Awaitable, Client, type ClientAuth, type ClientId, type ClientInfo, type DeviceId, InvalidAuthorizationDetailsError, type Jwks, type OAuthAuthorizationDetails, type OAuthAuthorizationRequestParameters, type OAuthClientMetadata, OAuthError, type OAuthTokenResponse, type RequestMetadata, };
|
|
11
14
|
export type OAuthHooks = {
|
|
12
15
|
/**
|
|
13
16
|
* Use this to alter, override or validate the client metadata & jwks returned
|
|
@@ -16,20 +19,69 @@ export type OAuthHooks = {
|
|
|
16
19
|
* @throws {InvalidClientMetadataError} if the metadata is invalid
|
|
17
20
|
* @see {@link InvalidClientMetadataError}
|
|
18
21
|
*/
|
|
19
|
-
|
|
22
|
+
getClientInfo?: (clientId: ClientId, data: {
|
|
20
23
|
metadata: OAuthClientMetadata;
|
|
21
24
|
jwks?: Jwks;
|
|
22
|
-
}) => Awaitable<
|
|
25
|
+
}) => Awaitable<undefined | Partial<ClientInfo>>;
|
|
23
26
|
/**
|
|
24
27
|
* Allows enriching the authorization details with additional information
|
|
25
28
|
* when the tokens are issued.
|
|
26
29
|
*
|
|
27
30
|
* @see {@link https://datatracker.ietf.org/doc/html/rfc9396 | RFC 9396}
|
|
28
31
|
*/
|
|
29
|
-
|
|
32
|
+
getAuthorizationDetails?: (data: {
|
|
30
33
|
client: Client;
|
|
34
|
+
clientAuth: ClientAuth;
|
|
35
|
+
clientMetadata: RequestMetadata;
|
|
31
36
|
parameters: OAuthAuthorizationRequestParameters;
|
|
32
37
|
account: Account;
|
|
33
38
|
}) => Awaitable<undefined | OAuthAuthorizationDetails>;
|
|
39
|
+
/**
|
|
40
|
+
* This hook is called when a client is authorized.
|
|
41
|
+
*
|
|
42
|
+
* @throws {AccessDeniedError} to deny the authorization request and redirect
|
|
43
|
+
* the user to the client with an OAuth error (other errors will result in an
|
|
44
|
+
* internal server error being displayed to the user)
|
|
45
|
+
*
|
|
46
|
+
* @note We use `deviceMetadata` instead of `clientMetadata` to make it clear
|
|
47
|
+
* that this metadata is from the user device, which might be different from
|
|
48
|
+
* the client metadata (because the OAuth client could live in a backend).
|
|
49
|
+
*/
|
|
50
|
+
onAuthorized?: (data: {
|
|
51
|
+
client: Client;
|
|
52
|
+
account: Account;
|
|
53
|
+
parameters: OAuthAuthorizationRequestParameters;
|
|
54
|
+
deviceId: DeviceId;
|
|
55
|
+
deviceMetadata: RequestMetadata;
|
|
56
|
+
}) => Awaitable<void>;
|
|
57
|
+
/**
|
|
58
|
+
* This hook is called when an authorized client exchanges an authorization
|
|
59
|
+
* code for an access token.
|
|
60
|
+
*
|
|
61
|
+
* @throws {OAuthError} to cancel the token creation and revoke the session
|
|
62
|
+
*/
|
|
63
|
+
onTokenCreated?: (data: {
|
|
64
|
+
client: Client;
|
|
65
|
+
clientAuth: ClientAuth;
|
|
66
|
+
clientMetadata: RequestMetadata;
|
|
67
|
+
account: Account;
|
|
68
|
+
parameters: OAuthAuthorizationRequestParameters;
|
|
69
|
+
/** null when "password grant" used (in which case {@link onAuthorized} won't have been called) */
|
|
70
|
+
deviceId: null | DeviceId;
|
|
71
|
+
}) => Awaitable<void>;
|
|
72
|
+
/**
|
|
73
|
+
* This hook is called when an authorized client refreshes an access token.
|
|
74
|
+
*
|
|
75
|
+
* @throws {OAuthError} to cancel the token refresh and revoke the session
|
|
76
|
+
*/
|
|
77
|
+
onTokenRefreshed?: (data: {
|
|
78
|
+
client: Client;
|
|
79
|
+
clientAuth: ClientAuth;
|
|
80
|
+
clientMetadata: RequestMetadata;
|
|
81
|
+
account: Account;
|
|
82
|
+
parameters: OAuthAuthorizationRequestParameters;
|
|
83
|
+
/** null when "password grant" used (in which case {@link onAuthorized} won't have been called) */
|
|
84
|
+
deviceId: null | DeviceId;
|
|
85
|
+
}) => Awaitable<void>;
|
|
34
86
|
};
|
|
35
87
|
//# sourceMappingURL=oauth-hooks.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-hooks.d.ts","sourceRoot":"","sources":["../src/oauth-hooks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AACnC,OAAO,EACL,yBAAyB,EACzB,mCAAmC,EACnC,mBAAmB,EACnB,kBAAkB,EACnB,MAAM,sBAAsB,CAAA;
|
|
1
|
+
{"version":3,"file":"oauth-hooks.d.ts","sourceRoot":"","sources":["../src/oauth-hooks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AACnC,OAAO,EACL,yBAAyB,EACzB,mCAAmC,EACnC,mBAAmB,EACnB,kBAAkB,EACnB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAA;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAC3C,OAAO,EAAE,gCAAgC,EAAE,MAAM,iDAAiD,CAAA;AAClG,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AACvD,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAC9C,OAAO,EAAE,iBAAiB,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AACjE,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAA;AAG3C,OAAO,EACL,iBAAiB,EACjB,KAAK,OAAO,EACZ,KAAK,SAAS,EACd,MAAM,EACN,KAAK,UAAU,EACf,KAAK,QAAQ,EACb,KAAK,UAAU,EACf,KAAK,QAAQ,EACb,gCAAgC,EAChC,KAAK,IAAI,EACT,KAAK,yBAAyB,EAC9B,KAAK,mCAAmC,EACxC,KAAK,mBAAmB,EACxB,UAAU,EACV,KAAK,kBAAkB,EACvB,KAAK,eAAe,GACrB,CAAA;AAED,MAAM,MAAM,UAAU,GAAG;IACvB;;;;;;OAMG;IACH,aAAa,CAAC,EAAE,CACd,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE;QAAE,QAAQ,EAAE,mBAAmB,CAAC;QAAC,IAAI,CAAC,EAAE,IAAI,CAAA;KAAE,KACjD,SAAS,CAAC,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,CAAA;IAE/C;;;;;OAKG;IACH,uBAAuB,CAAC,EAAE,CAAC,IAAI,EAAE;QAC/B,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,UAAU,CAAA;QACtB,cAAc,EAAE,eAAe,CAAA;QAC/B,UAAU,EAAE,mCAAmC,CAAA;QAC/C,OAAO,EAAE,OAAO,CAAA;KACjB,KAAK,SAAS,CAAC,SAAS,GAAG,yBAAyB,CAAC,CAAA;IAEtD;;;;;;;;;;OAUG;IACH,YAAY,CAAC,EAAE,CAAC,IAAI,EAAE;QACpB,MAAM,EAAE,MAAM,CAAA;QACd,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,mCAAmC,CAAA;QAC/C,QAAQ,EAAE,QAAQ,CAAA;QAClB,cAAc,EAAE,eAAe,CAAA;KAChC,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;IAErB;;;;;OAKG;IACH,cAAc,CAAC,EAAE,CAAC,IAAI,EAAE;QACtB,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,UAAU,CAAA;QACtB,cAAc,EAAE,eAAe,CAAA;QAC/B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,mCAAmC,CAAA;QAC/C,kGAAkG;QAClG,QAAQ,EAAE,IAAI,GAAG,QAAQ,CAAA;KAC1B,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;IAErB;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,CAAC,IAAI,EAAE;QACxB,MAAM,EAAE,MAAM,CAAA;QACd,UAAU,EAAE,UAAU,CAAA;QACtB,cAAc,EAAE,eAAe,CAAA;QAC/B,OAAO,EAAE,OAAO,CAAA;QAChB,UAAU,EAAE,mCAAmC,CAAA;QAC/C,kGAAkG;QAClG,QAAQ,EAAE,IAAI,GAAG,QAAQ,CAAA;KAC1B,KAAK,SAAS,CAAC,IAAI,CAAC,CAAA;CACtB,CAAA"}
|
package/dist/oauth-hooks.js
CHANGED
|
@@ -1,3 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.OAuthError = exports.InvalidAuthorizationDetailsError = exports.Client = exports.AccessDeniedError = void 0;
|
|
4
|
+
const client_js_1 = require("./client/client.js");
|
|
5
|
+
Object.defineProperty(exports, "Client", { enumerable: true, get: function () { return client_js_1.Client; } });
|
|
6
|
+
const invalid_authorization_details_error_js_1 = require("./errors/invalid-authorization-details-error.js");
|
|
7
|
+
Object.defineProperty(exports, "InvalidAuthorizationDetailsError", { enumerable: true, get: function () { return invalid_authorization_details_error_js_1.InvalidAuthorizationDetailsError; } });
|
|
8
|
+
const oauth_errors_js_1 = require("./oauth-errors.js");
|
|
9
|
+
Object.defineProperty(exports, "AccessDeniedError", { enumerable: true, get: function () { return oauth_errors_js_1.AccessDeniedError; } });
|
|
10
|
+
Object.defineProperty(exports, "OAuthError", { enumerable: true, get: function () { return oauth_errors_js_1.OAuthError; } });
|
|
3
11
|
//# sourceMappingURL=oauth-hooks.js.map
|
package/dist/oauth-hooks.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-hooks.js","sourceRoot":"","sources":["../src/oauth-hooks.ts"],"names":[],"mappings":""}
|
|
1
|
+
{"version":3,"file":"oauth-hooks.js","sourceRoot":"","sources":["../src/oauth-hooks.ts"],"names":[],"mappings":";;;AAWA,kDAA2C;AAYzC,uFAZO,kBAAM,OAYP;AAXR,4GAAkG;AAgBhG,iHAhBO,yEAAgC,OAgBP;AAblC,uDAAiE;AAK/D,kGALO,mCAAiB,OAKP;AAajB,2FAlB0B,4BAAU,OAkB1B"}
|
package/dist/oauth-provider.d.ts
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import type { IncomingMessage, ServerResponse } from 'node:http';
|
|
2
|
+
import type { Redis, RedisOptions } from 'ioredis';
|
|
2
3
|
import { Jwks, Keyset } from '@atproto/jwk';
|
|
3
4
|
import { OAuthAccessToken, OAuthAuthorizationCodeGrantTokenRequest, OAuthAuthorizationRequestJar, OAuthAuthorizationRequestPar, OAuthAuthorizationRequestParameters, OAuthAuthorizationRequestQuery, OAuthAuthorizationServerMetadata, OAuthClientCredentials, OAuthClientCredentialsNone, OAuthClientMetadata, OAuthIntrospectionResponse, OAuthParResponse, OAuthRefreshTokenGrantTokenRequest, OAuthTokenIdentification, OAuthTokenRequest, OAuthTokenResponse, OAuthTokenType } from '@atproto/oauth-types';
|
|
4
|
-
import
|
|
5
|
+
import { SimpleStore } from '@atproto-labs/simple-store';
|
|
5
6
|
import { AccountManager } from './account/account-manager.js';
|
|
6
7
|
import { AccountStore, DeviceAccountInfo, SignInCredentials } from './account/account-store.js';
|
|
7
8
|
import { Account } from './account/account.js';
|
|
@@ -11,8 +12,10 @@ import { ClientManager, LoopbackMetadataGetter } from './client/client-manager.j
|
|
|
11
12
|
import { ClientStore } from './client/client-store.js';
|
|
12
13
|
import { Client } from './client/client.js';
|
|
13
14
|
import { DeviceId } from './device/device-id.js';
|
|
15
|
+
import { DeviceManagerOptions } from './device/device-manager.js';
|
|
14
16
|
import { DeviceStore } from './device/device-store.js';
|
|
15
|
-
import { Handler,
|
|
17
|
+
import { Handler, Router } from './lib/http/index.js';
|
|
18
|
+
import { RequestMetadata } from './lib/http/request.js';
|
|
16
19
|
import { Override } from './lib/util/type.js';
|
|
17
20
|
import { CustomMetadata } from './metadata/build-metadata.js';
|
|
18
21
|
import { OAuthHooks } from './oauth-hooks.js';
|
|
@@ -28,8 +31,8 @@ import { TokenManager } from './token/token-manager.js';
|
|
|
28
31
|
import { TokenStore } from './token/token-store.js';
|
|
29
32
|
import { VerifyTokenClaimsOptions } from './token/verify-token-claims.js';
|
|
30
33
|
export type OAuthProviderStore = Partial<ClientStore & AccountStore & DeviceStore & TokenStore & RequestStore & ReplayStore>;
|
|
31
|
-
export {
|
|
32
|
-
export type RouterOptions<Req extends IncomingMessage = IncomingMessage, Res extends ServerResponse = ServerResponse> = {
|
|
34
|
+
export { type CustomMetadata, type Customization, type Handler, Keyset, type OAuthAuthorizationServerMetadata, };
|
|
35
|
+
export type RouterOptions<Req extends IncomingMessage = IncomingMessage, Res extends ServerResponse = ServerResponse> = DeviceManagerOptions & {
|
|
33
36
|
onError?: (req: Req, res: Res, err: unknown, message: string) => void;
|
|
34
37
|
};
|
|
35
38
|
export type OAuthProviderOptions = Override<OAuthVerifierOptions & OAuthHooks, {
|
|
@@ -231,7 +234,7 @@ export declare class OAuthProvider extends OAuthVerifier {
|
|
|
231
234
|
/**
|
|
232
235
|
* @see {@link https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-11#section-4.1.1}
|
|
233
236
|
*/
|
|
234
|
-
protected authorize(
|
|
237
|
+
protected authorize(clientCredentials: OAuthClientCredentialsNone, query: OAuthAuthorizationRequestQuery, deviceId: DeviceId, deviceMetadata: RequestMetadata): Promise<AuthorizationResultRedirect | AuthorizationResultAuthorize>;
|
|
235
238
|
protected getSessions(client: Client, clientAuth: ClientAuth, deviceId: DeviceId, parameters: OAuthAuthorizationRequestParameters): Promise<{
|
|
236
239
|
account: Account;
|
|
237
240
|
info: DeviceAccountInfo;
|
|
@@ -244,11 +247,11 @@ export declare class OAuthProvider extends OAuthVerifier {
|
|
|
244
247
|
account: Account;
|
|
245
248
|
consentRequired: boolean;
|
|
246
249
|
}>;
|
|
247
|
-
protected acceptRequest(
|
|
250
|
+
protected acceptRequest(uri: RequestUri, clientId: ClientId, sub: string, deviceId: DeviceId, deviceMetadata: RequestMetadata): Promise<AuthorizationResultRedirect>;
|
|
248
251
|
protected rejectRequest(deviceId: DeviceId, uri: RequestUri, clientId: ClientId): Promise<AuthorizationResultRedirect>;
|
|
249
|
-
protected token(
|
|
250
|
-
protected codeGrant(client: Client, clientAuth: ClientAuth, input: OAuthAuthorizationCodeGrantTokenRequest, dpopJkt: null | string): Promise<OAuthTokenResponse>;
|
|
251
|
-
refreshTokenGrant(client: Client, clientAuth: ClientAuth, input: OAuthRefreshTokenGrantTokenRequest, dpopJkt: null | string): Promise<OAuthTokenResponse>;
|
|
252
|
+
protected token(clientCredentials: OAuthClientCredentials, clientMetadata: RequestMetadata, request: OAuthTokenRequest, dpopJkt: null | string): Promise<OAuthTokenResponse>;
|
|
253
|
+
protected codeGrant(client: Client, clientAuth: ClientAuth, clientMetadata: RequestMetadata, input: OAuthAuthorizationCodeGrantTokenRequest, dpopJkt: null | string): Promise<OAuthTokenResponse>;
|
|
254
|
+
refreshTokenGrant(client: Client, clientAuth: ClientAuth, clientMetadata: RequestMetadata, input: OAuthRefreshTokenGrantTokenRequest, dpopJkt: null | string): Promise<OAuthTokenResponse>;
|
|
252
255
|
/**
|
|
253
256
|
* @see {@link https://datatracker.ietf.org/doc/html/rfc7009#section-2.1 rfc7009}
|
|
254
257
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-provider.d.ts","sourceRoot":"","sources":["../src/oauth-provider.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"oauth-provider.d.ts","sourceRoot":"","sources":["../src/oauth-provider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAA;AAGhE,OAAO,KAAK,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAA;AAElD,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AAC3C,OAAO,EAEL,gBAAgB,EAChB,uCAAuC,EACvC,4BAA4B,EAC5B,4BAA4B,EAC5B,mCAAmC,EACnC,8BAA8B,EAC9B,gCAAgC,EAChC,sBAAsB,EACtB,0BAA0B,EAC1B,mBAAmB,EACnB,0BAA0B,EAC1B,gBAAgB,EAChB,kCAAkC,EAClC,wBAAwB,EACxB,iBAAiB,EACjB,kBAAkB,EAClB,cAAc,EAQf,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AAGxD,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAC7D,OAAO,EACL,YAAY,EACZ,iBAAiB,EACjB,iBAAiB,EAGlB,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA;AAE9C,OAAO,EAAE,UAAU,EAAqB,MAAM,yBAAyB,CAAA;AACvE,OAAO,EAAE,QAAQ,EAAkB,MAAM,uBAAuB,CAAA;AAChE,OAAO,EACL,aAAa,EACb,sBAAsB,EACvB,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,WAAW,EAAiB,MAAM,0BAA0B,CAAA;AACrE,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAE3C,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAA;AAChD,OAAO,EAAiB,oBAAoB,EAAE,MAAM,4BAA4B,CAAA;AAChF,OAAO,EAAE,WAAW,EAAiB,MAAM,0BAA0B,CAAA;AAYrE,OAAO,EACL,OAAO,EAEP,MAAM,EAYP,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AAEvD,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAA;AAC7C,OAAO,EAAE,cAAc,EAAiB,MAAM,8BAA8B,CAAA;AAC5E,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAC7C,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AACzE,OAAO,EAAE,4BAA4B,EAAE,MAAM,kCAAkC,CAAA;AAK/E,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AAEzD,OAAO,EACL,2BAA2B,EAE5B,MAAM,qCAAqC,CAAA;AAC5C,OAAO,EAAE,WAAW,EAAiB,MAAM,0BAA0B,CAAA;AAGrE,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAG7D,OAAO,EAAE,YAAY,EAAkB,MAAM,4BAA4B,CAAA;AACzE,OAAO,EAAE,UAAU,EAAoB,MAAM,0BAA0B,CAAA;AAEvE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AACvD,OAAO,EAAE,UAAU,EAAgB,MAAM,wBAAwB,CAAA;AACjE,OAAO,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAA;AAEzE,MAAM,MAAM,kBAAkB,GAAG,OAAO,CACtC,WAAW,GACT,YAAY,GACZ,WAAW,GACX,UAAU,GACV,YAAY,GACZ,WAAW,CACd,CAAA;AAED,OAAO,EACL,KAAK,cAAc,EACnB,KAAK,aAAa,EAClB,KAAK,OAAO,EACZ,MAAM,EACN,KAAK,gCAAgC,GACtC,CAAA;AAED,MAAM,MAAM,aAAa,CACvB,GAAG,SAAS,eAAe,GAAG,eAAe,EAC7C,GAAG,SAAS,cAAc,GAAG,cAAc,IACzC,oBAAoB,GAAG;IACzB,OAAO,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,KAAK,IAAI,CAAA;CACtE,CAAA;AAED,MAAM,MAAM,oBAAoB,GAAG,QAAQ,CACzC,oBAAoB,GAAG,UAAU,EACjC;IACE;;;OAGG;IACH,oBAAoB,CAAC,EAAE,MAAM,CAAA;IAE7B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAA;IAEpB;;OAEG;IACH,QAAQ,CAAC,EAAE,cAAc,CAAA;IAEzB;;OAEG;IACH,aAAa,CAAC,EAAE,aAAa,CAAA;IAE7B;;;;;;OAMG;IACH,SAAS,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAA;IAEnC;;;OAGG;IACH,KAAK,CAAC,EAAE,KAAK,GAAG,YAAY,GAAG,MAAM,CAAA;IAErC;;;;;;OAMG;IACH,KAAK,CAAC,EAAE,kBAAkB,CAAA;IAE1B,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,UAAU,CAAC,EAAE,UAAU,CAAA;IAEvB;;;;;OAKG;IACH,eAAe,CAAC,EAAE,WAAW,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;IAE3C;;;;;OAKG;IACH,mBAAmB,CAAC,EAAE,WAAW,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAA;IAE9D;;;;;;;OAOG;IACH,gBAAgB,CAAC,EAAE,IAAI,GAAG,KAAK,GAAG,sBAAsB,CAAA;CACzD,CACF,CAAA;AAED,qBAAa,aAAc,SAAQ,aAAa;IAC9C,SAAgB,QAAQ,EAAE,gCAAgC,CAAA;IAC1D,SAAgB,aAAa,CAAC,EAAE,aAAa,CAAA;IAE7C,SAAgB,oBAAoB,EAAE,MAAM,CAAA;IAE5C,SAAgB,cAAc,EAAE,cAAc,CAAA;IAC9C,SAAgB,WAAW,EAAE,WAAW,CAAA;IACxC,SAAgB,aAAa,EAAE,aAAa,CAAA;IAC5C,SAAgB,cAAc,EAAE,cAAc,CAAA;IAC9C,SAAgB,YAAY,EAAE,YAAY,CAAA;gBAEvB,EACjB,QAAQ,EACR,aAAyB,EACzB,oBAA6C,EAC7C,WAA2B,EAE3B,SAA2B,EAC3B,KAAK,EACL,KAAK,EAAE,gCAAgC;IAGvC,YAAoC,EACpC,WAAkC,EAClC,UAAgC,EAGhC,WAAkC,EAClC,WAAkC,EAClC,YAAoC,EAEpC,eAGE,EACF,mBAGE,EAEF,gBAAgD,EAGhD,GAAG,IAAI,EACR,EAAE,oBAAoB;IAuCvB,IAAI,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAEP;IAED,SAAS,CAAC,aAAa,CACrB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,mCAAmC,EAC/C,IAAI,EAAE,iBAAiB;cAaT,kBAAkB,CAChC,WAAW,EAAE,sBAAsB,GAClC,OAAO,CAAC,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;cAmChB,SAAS,CACvB,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,4BAA4B,GAClC,OAAO,CACN;QACE,OAAO,EAAE,mCAAmC,CAAA;KAC7C,GACD;QACE,OAAO,EAAE,mCAAmC,CAAA;QAC5C,eAAe,EAAE;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE,CAAA;QAC7C,GAAG,EAAE,MAAM,CAAA;KACZ,CACJ;IA6CD;;OAEG;cACa,0BAA0B,CACxC,WAAW,EAAE,sBAAsB,EACnC,oBAAoB,EAAE,4BAA4B,EAClD,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,gBAAgB,CAAC;YAmCd,2BAA2B;YAqD3B,aAAa;IAW3B;;OAEG;cACa,SAAS,CACvB,iBAAiB,EAAE,0BAA0B,EAC7C,KAAK,EAAE,8BAA8B,EACrC,QAAQ,EAAE,QAAQ,EAClB,cAAc,EAAE,eAAe,GAC9B,OAAO,CAAC,2BAA2B,GAAG,4BAA4B,CAAC;cAyGtD,WAAW,CACzB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,QAAQ,EAAE,QAAQ,EAClB,UAAU,EAAE,mCAAmC,GAC9C,OAAO,CACR;QACE,OAAO,EAAE,OAAO,CAAA;QAChB,IAAI,EAAE,iBAAiB,CAAA;QAEvB,QAAQ,EAAE,OAAO,CAAA;QACjB,aAAa,EAAE,OAAO,CAAA;QACtB,eAAe,EAAE,OAAO,CAAA;QAExB,WAAW,EAAE,OAAO,CAAA;KACrB,EAAE,CACJ;cAqCe,MAAM,CACpB,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,iBAAiB,GAC7B,OAAO,CAAC;QACT,OAAO,EAAE,OAAO,CAAA;QAChB,eAAe,EAAE,OAAO,CAAA;KACzB,CAAC;cAuBc,aAAa,CAC3B,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,MAAM,EACX,QAAQ,EAAE,QAAQ,EAClB,cAAc,EAAE,eAAe,GAC9B,OAAO,CAAC,2BAA2B,CAAC;cA4CvB,aAAa,CAC3B,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,UAAU,EACf,QAAQ,EAAE,QAAQ,GACjB,OAAO,CAAC,2BAA2B,CAAC;cAmBvB,KAAK,CACnB,iBAAiB,EAAE,sBAAsB,EACzC,cAAc,EAAE,eAAe,EAC/B,OAAO,EAAE,iBAAiB,EAC1B,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,kBAAkB,CAAC;cAyCd,SAAS,CACvB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,cAAc,EAAE,eAAe,EAC/B,KAAK,EAAE,uCAAuC,EAC9C,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,kBAAkB,CAAC;IA6DxB,iBAAiB,CACrB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,UAAU,EACtB,cAAc,EAAE,eAAe,EAC/B,KAAK,EAAE,kCAAkC,EACzC,OAAO,EAAE,IAAI,GAAG,MAAM,GACrB,OAAO,CAAC,kBAAkB,CAAC;IAU9B;;OAEG;cACa,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,wBAAwB;IAM1D;;OAEG;cACa,UAAU,CACxB,WAAW,EAAE,sBAAsB,EACnC,EAAE,KAAK,EAAE,EAAE,wBAAwB,GAClC,OAAO,CAAC,0BAA0B,CAAC;cAiDb,iBAAiB,CACxC,SAAS,EAAE,cAAc,EACzB,KAAK,EAAE,gBAAgB,EACvB,OAAO,EAAE,MAAM,GAAG,IAAI,EACtB,aAAa,CAAC,EAAE,wBAAwB;IAgB1C;;;OAGG;IACI,WAAW,CAChB,CAAC,GAAG,IAAI,EACR,GAAG,SAAS,eAAe,GAAG,eAAe,EAC7C,GAAG,SAAS,cAAc,GAAG,cAAc,EAC3C,OAAO,CAAC,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC;IAKnD,WAAW,CAChB,CAAC,GAAG,IAAI,EACR,GAAG,SAAS,eAAe,GAAG,eAAe,EAC7C,GAAG,SAAS,cAAc,GAAG,cAAc,EAC3C,OAAO,CAAC,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC;CAmgBpC"}
|