@atproto/oauth-provider 0.3.1 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (404) hide show
  1. package/.linguirc +57 -0
  2. package/CHANGELOG.md +29 -0
  3. package/LICENSE.txt +1 -1
  4. package/dist/account/account-manager.d.ts +17 -3
  5. package/dist/account/account-manager.d.ts.map +1 -1
  6. package/dist/account/account-manager.js +102 -8
  7. package/dist/account/account-manager.js.map +1 -1
  8. package/dist/account/account-store.d.ts +81 -15
  9. package/dist/account/account-store.d.ts.map +1 -1
  10. package/dist/account/account-store.js +70 -19
  11. package/dist/account/account-store.js.map +1 -1
  12. package/dist/account/sign-in-data.d.ts +28 -0
  13. package/dist/account/sign-in-data.d.ts.map +1 -0
  14. package/dist/account/sign-in-data.js +16 -0
  15. package/dist/account/sign-in-data.js.map +1 -0
  16. package/dist/account/sign-up-data.d.ts +26 -0
  17. package/dist/account/sign-up-data.d.ts.map +1 -0
  18. package/dist/account/sign-up-data.js +11 -0
  19. package/dist/account/sign-up-data.js.map +1 -0
  20. package/dist/assets/app/bundle-manifest.json +598 -6
  21. package/dist/assets/app/index-ItwwtJ8r.js +36 -0
  22. package/dist/assets/app/index-ItwwtJ8r.js.map +1 -0
  23. package/dist/assets/app/main-B_dNxQo_.js +4 -0
  24. package/dist/assets/app/main-B_dNxQo_.js.map +1 -0
  25. package/dist/assets/app/main-CSatvmRR.css +3 -0
  26. package/dist/assets/app/main-CSatvmRR.js +306 -0
  27. package/dist/assets/app/main-CSatvmRR.js.map +1 -0
  28. package/dist/assets/app/messages-BQeltXSF.js +4 -0
  29. package/dist/assets/app/messages-BQeltXSF.js.map +1 -0
  30. package/dist/assets/app/messages-BQkEhfjg.js +4 -0
  31. package/dist/assets/app/messages-BQkEhfjg.js.map +1 -0
  32. package/dist/assets/app/messages-BUjKj_UJ.js +4 -0
  33. package/dist/assets/app/messages-BUjKj_UJ.js.map +1 -0
  34. package/dist/assets/app/messages-BWIQa8fO.js +4 -0
  35. package/dist/assets/app/messages-BWIQa8fO.js.map +1 -0
  36. package/dist/assets/app/messages-BaNVb0bp.js +4 -0
  37. package/dist/assets/app/messages-BaNVb0bp.js.map +1 -0
  38. package/dist/assets/app/messages-BaizVXcF.js +4 -0
  39. package/dist/assets/app/messages-BaizVXcF.js.map +1 -0
  40. package/dist/assets/app/messages-BfoClA1Y.js +4 -0
  41. package/dist/assets/app/messages-BfoClA1Y.js.map +1 -0
  42. package/dist/assets/app/messages-BsKGDZnC.js +4 -0
  43. package/dist/assets/app/messages-BsKGDZnC.js.map +1 -0
  44. package/dist/assets/app/messages-Bu-TJhml.js +4 -0
  45. package/dist/assets/app/messages-Bu-TJhml.js.map +1 -0
  46. package/dist/assets/app/messages-BvOKnBQk.js +4 -0
  47. package/dist/assets/app/messages-BvOKnBQk.js.map +1 -0
  48. package/dist/assets/app/messages-BxDzCiWz.js +4 -0
  49. package/dist/assets/app/messages-BxDzCiWz.js.map +1 -0
  50. package/dist/assets/app/messages-CDgFOy4S.js +4 -0
  51. package/dist/assets/app/messages-CDgFOy4S.js.map +1 -0
  52. package/dist/assets/app/messages-CLbTz0o9.js +4 -0
  53. package/dist/assets/app/messages-CLbTz0o9.js.map +1 -0
  54. package/dist/assets/app/messages-CNwSh0t7.js +4 -0
  55. package/dist/assets/app/messages-CNwSh0t7.js.map +1 -0
  56. package/dist/assets/app/messages-CSMNJ6P8.js +4 -0
  57. package/dist/assets/app/messages-CSMNJ6P8.js.map +1 -0
  58. package/dist/assets/app/messages-CZQUw3mp.js +4 -0
  59. package/dist/assets/app/messages-CZQUw3mp.js.map +1 -0
  60. package/dist/assets/app/messages-CZT41oVp.js +4 -0
  61. package/dist/assets/app/messages-CZT41oVp.js.map +1 -0
  62. package/dist/assets/app/messages-C_b-d3t8.js +4 -0
  63. package/dist/assets/app/messages-C_b-d3t8.js.map +1 -0
  64. package/dist/assets/app/messages-C_u3MTc2.js +4 -0
  65. package/dist/assets/app/messages-C_u3MTc2.js.map +1 -0
  66. package/dist/assets/app/messages-Cn8nHZic.js +4 -0
  67. package/dist/assets/app/messages-Cn8nHZic.js.map +1 -0
  68. package/dist/assets/app/messages-CtDywJUm.js +4 -0
  69. package/dist/assets/app/messages-CtDywJUm.js.map +1 -0
  70. package/dist/assets/app/messages-CurtIjBF.js +4 -0
  71. package/dist/assets/app/messages-CurtIjBF.js.map +1 -0
  72. package/dist/assets/app/messages-Cv6zIbaP.js +4 -0
  73. package/dist/assets/app/messages-Cv6zIbaP.js.map +1 -0
  74. package/dist/assets/app/messages-D1eLQuPE.js +4 -0
  75. package/dist/assets/app/messages-D1eLQuPE.js.map +1 -0
  76. package/dist/assets/app/messages-D8vHEaYW.js +4 -0
  77. package/dist/assets/app/messages-D8vHEaYW.js.map +1 -0
  78. package/dist/assets/app/messages-DJ1Q4GeC.js +4 -0
  79. package/dist/assets/app/messages-DJ1Q4GeC.js.map +1 -0
  80. package/dist/assets/app/messages-DRL3exqd.js +4 -0
  81. package/dist/assets/app/messages-DRL3exqd.js.map +1 -0
  82. package/dist/assets/app/messages-DWLPQRTp.js +4 -0
  83. package/dist/assets/app/messages-DWLPQRTp.js.map +1 -0
  84. package/dist/assets/app/messages-DjVaE9YE.js +4 -0
  85. package/dist/assets/app/messages-DjVaE9YE.js.map +1 -0
  86. package/dist/assets/app/messages-DqpMfFJR.js +4 -0
  87. package/dist/assets/app/messages-DqpMfFJR.js.map +1 -0
  88. package/dist/assets/app/messages-ETjhJBEN.js +4 -0
  89. package/dist/assets/app/messages-ETjhJBEN.js.map +1 -0
  90. package/dist/assets/app/messages-EUKrgrGn.js +4 -0
  91. package/dist/assets/app/messages-EUKrgrGn.js.map +1 -0
  92. package/dist/assets/app/messages-QQrOUcPW.js +4 -0
  93. package/dist/assets/app/messages-QQrOUcPW.js.map +1 -0
  94. package/dist/assets/app/messages-e2QGqFL6.js +4 -0
  95. package/dist/assets/app/messages-e2QGqFL6.js.map +1 -0
  96. package/dist/assets/app/messages-p61py7gD.js +4 -0
  97. package/dist/assets/app/messages-p61py7gD.js.map +1 -0
  98. package/dist/assets/asset.d.ts +1 -0
  99. package/dist/assets/asset.d.ts.map +1 -1
  100. package/dist/assets/assets-middleware.d.ts.map +1 -1
  101. package/dist/assets/assets-middleware.js +12 -7
  102. package/dist/assets/assets-middleware.js.map +1 -1
  103. package/dist/assets/index.d.ts +3 -2
  104. package/dist/assets/index.d.ts.map +1 -1
  105. package/dist/assets/index.js +13 -1
  106. package/dist/assets/index.js.map +1 -1
  107. package/dist/client/client-store.d.ts +3 -3
  108. package/dist/client/client-store.d.ts.map +1 -1
  109. package/dist/client/client-store.js +6 -5
  110. package/dist/client/client-store.js.map +1 -1
  111. package/dist/device/device-manager.d.ts +12 -13
  112. package/dist/device/device-manager.d.ts.map +1 -1
  113. package/dist/device/device-manager.js +5 -3
  114. package/dist/device/device-manager.js.map +1 -1
  115. package/dist/device/device-store.d.ts +3 -3
  116. package/dist/device/device-store.d.ts.map +1 -1
  117. package/dist/device/device-store.js +10 -9
  118. package/dist/device/device-store.js.map +1 -1
  119. package/dist/dpop/dpop-manager.d.ts +15 -7
  120. package/dist/dpop/dpop-manager.d.ts.map +1 -1
  121. package/dist/dpop/dpop-manager.js +17 -3
  122. package/dist/dpop/dpop-manager.js.map +1 -1
  123. package/dist/dpop/dpop-nonce.d.ts +11 -5
  124. package/dist/dpop/dpop-nonce.d.ts.map +1 -1
  125. package/dist/dpop/dpop-nonce.js +47 -38
  126. package/dist/dpop/dpop-nonce.js.map +1 -1
  127. package/dist/errors/handle-unavailable-error.d.ts +11 -0
  128. package/dist/errors/handle-unavailable-error.d.ts.map +1 -0
  129. package/dist/errors/handle-unavailable-error.js +19 -0
  130. package/dist/errors/handle-unavailable-error.js.map +1 -0
  131. package/dist/errors/invalid-request-error.d.ts +6 -8
  132. package/dist/errors/invalid-request-error.d.ts.map +1 -1
  133. package/dist/errors/invalid-request-error.js +10 -8
  134. package/dist/errors/invalid-request-error.js.map +1 -1
  135. package/dist/lib/csp/index.d.ts +18 -0
  136. package/dist/lib/csp/index.d.ts.map +1 -0
  137. package/dist/lib/csp/index.js +72 -0
  138. package/dist/lib/csp/index.js.map +1 -0
  139. package/dist/lib/hcaptcha.d.ts +177 -0
  140. package/dist/lib/hcaptcha.d.ts.map +1 -0
  141. package/dist/lib/hcaptcha.js +155 -0
  142. package/dist/lib/hcaptcha.js.map +1 -0
  143. package/dist/lib/html/build-document.d.ts +11 -3
  144. package/dist/lib/html/build-document.d.ts.map +1 -1
  145. package/dist/lib/html/build-document.js +51 -15
  146. package/dist/lib/html/build-document.js.map +1 -1
  147. package/dist/lib/http/middleware.d.ts.map +1 -1
  148. package/dist/lib/http/middleware.js +4 -1
  149. package/dist/lib/http/middleware.js.map +1 -1
  150. package/dist/lib/http/request.d.ts +18 -3
  151. package/dist/lib/http/request.d.ts.map +1 -1
  152. package/dist/lib/http/request.js +56 -23
  153. package/dist/lib/http/request.js.map +1 -1
  154. package/dist/lib/http/response.d.ts +4 -2
  155. package/dist/lib/http/response.d.ts.map +1 -1
  156. package/dist/lib/http/response.js +23 -5
  157. package/dist/lib/http/response.js.map +1 -1
  158. package/dist/lib/locale.d.ts +15 -0
  159. package/dist/lib/locale.d.ts.map +1 -0
  160. package/dist/lib/locale.js +17 -0
  161. package/dist/lib/locale.js.map +1 -0
  162. package/dist/lib/util/function.d.ts +2 -2
  163. package/dist/lib/util/function.d.ts.map +1 -1
  164. package/dist/lib/util/function.js.map +1 -1
  165. package/dist/lib/util/type.d.ts +88 -1
  166. package/dist/lib/util/type.d.ts.map +1 -1
  167. package/dist/lib/util/type.js +41 -0
  168. package/dist/lib/util/type.js.map +1 -1
  169. package/dist/metadata/build-metadata.d.ts +2 -2
  170. package/dist/metadata/build-metadata.d.ts.map +1 -1
  171. package/dist/metadata/build-metadata.js.map +1 -1
  172. package/dist/oauth-errors.d.ts +1 -0
  173. package/dist/oauth-errors.d.ts.map +1 -1
  174. package/dist/oauth-errors.js +3 -1
  175. package/dist/oauth-errors.js.map +1 -1
  176. package/dist/oauth-hooks.d.ts +60 -3
  177. package/dist/oauth-hooks.d.ts.map +1 -1
  178. package/dist/oauth-hooks.js +3 -3
  179. package/dist/oauth-hooks.js.map +1 -1
  180. package/dist/oauth-provider.d.ts +28 -22
  181. package/dist/oauth-provider.d.ts.map +1 -1
  182. package/dist/oauth-provider.js +212 -211
  183. package/dist/oauth-provider.js.map +1 -1
  184. package/dist/oauth-verifier.d.ts +1 -1
  185. package/dist/oauth-verifier.d.ts.map +1 -1
  186. package/dist/oauth-verifier.js +2 -1
  187. package/dist/oauth-verifier.js.map +1 -1
  188. package/dist/output/build-authorize-data.d.ts +0 -1
  189. package/dist/output/build-authorize-data.d.ts.map +1 -1
  190. package/dist/output/build-authorize-data.js +0 -1
  191. package/dist/output/build-authorize-data.js.map +1 -1
  192. package/dist/output/build-customization-data.d.ts +232 -0
  193. package/dist/output/build-customization-data.d.ts.map +1 -0
  194. package/dist/output/build-customization-data.js +145 -0
  195. package/dist/output/build-customization-data.js.map +1 -0
  196. package/dist/output/output-manager.d.ts +16 -9
  197. package/dist/output/output-manager.d.ts.map +1 -1
  198. package/dist/output/output-manager.js +78 -42
  199. package/dist/output/output-manager.js.map +1 -1
  200. package/dist/output/send-authorize-redirect.d.ts +9 -6
  201. package/dist/output/send-authorize-redirect.d.ts.map +1 -1
  202. package/dist/output/send-authorize-redirect.js +20 -14
  203. package/dist/output/send-authorize-redirect.js.map +1 -1
  204. package/dist/output/send-web-page.d.ts +7 -2
  205. package/dist/output/send-web-page.d.ts.map +1 -1
  206. package/dist/output/send-web-page.js +37 -21
  207. package/dist/output/send-web-page.js.map +1 -1
  208. package/dist/request/request-manager.d.ts +1 -1
  209. package/dist/request/request-manager.d.ts.map +1 -1
  210. package/dist/request/request-manager.js +4 -4
  211. package/dist/request/request-manager.js.map +1 -1
  212. package/dist/request/request-store.d.ts +3 -3
  213. package/dist/request/request-store.d.ts.map +1 -1
  214. package/dist/request/request-store.js +11 -10
  215. package/dist/request/request-store.js.map +1 -1
  216. package/dist/token/token-store.d.ts +4 -4
  217. package/dist/token/token-store.d.ts.map +1 -1
  218. package/dist/token/token-store.js +13 -12
  219. package/dist/token/token-store.js.map +1 -1
  220. package/package.json +46 -21
  221. package/rollup.config.js +61 -17
  222. package/src/account/account-manager.ts +159 -8
  223. package/src/account/account-store.ts +127 -32
  224. package/src/account/sign-in-data.ts +15 -0
  225. package/src/account/sign-up-data.ts +11 -0
  226. package/src/assets/app/app.tsx +31 -16
  227. package/src/assets/app/backend-data.ts +15 -60
  228. package/src/assets/app/backend-types.ts +66 -0
  229. package/src/assets/app/components/forms/button-toggle-visibility.tsx +43 -0
  230. package/src/assets/app/components/forms/button.tsx +60 -0
  231. package/src/assets/app/components/forms/fieldset.tsx +55 -0
  232. package/src/assets/app/components/forms/form-card-async.tsx +103 -0
  233. package/src/assets/app/components/forms/form-card.tsx +49 -0
  234. package/src/assets/app/components/forms/input-checkbox.tsx +73 -0
  235. package/src/assets/app/components/forms/input-container.tsx +107 -0
  236. package/src/assets/app/components/forms/input-email-address.tsx +66 -0
  237. package/src/assets/app/components/forms/input-new-password.tsx +62 -0
  238. package/src/assets/app/components/forms/input-password.tsx +88 -0
  239. package/src/assets/app/components/forms/input-text.tsx +76 -0
  240. package/src/assets/app/components/forms/input-token.tsx +94 -0
  241. package/src/assets/app/components/forms/wizard-card.tsx +116 -0
  242. package/src/assets/app/components/layouts/layout-title-page.tsx +77 -0
  243. package/src/assets/app/components/layouts/layout-welcome.tsx +73 -0
  244. package/src/assets/app/components/utils/account-identifier.tsx +23 -0
  245. package/src/assets/app/components/utils/account-image.tsx +33 -0
  246. package/src/assets/app/components/utils/admonition.tsx +52 -0
  247. package/src/assets/app/components/utils/client-name.tsx +45 -0
  248. package/src/assets/app/components/utils/error-card.tsx +93 -0
  249. package/src/assets/app/components/utils/error-message.tsx +62 -0
  250. package/src/assets/app/components/utils/help-card.tsx +46 -0
  251. package/src/assets/app/components/utils/icons.tsx +88 -0
  252. package/src/assets/app/components/utils/link-anchor.tsx +28 -0
  253. package/src/assets/app/components/utils/link-title.tsx +26 -0
  254. package/src/assets/app/components/utils/multi-lang-string.tsx +56 -0
  255. package/src/assets/app/components/utils/password-strength-label.tsx +37 -0
  256. package/src/assets/app/components/utils/password-strength-meter.tsx +58 -0
  257. package/src/assets/app/components/{url-viewer.tsx → utils/url-viewer.tsx} +9 -6
  258. package/src/assets/app/hooks/use-api.ts +128 -55
  259. package/src/assets/app/hooks/use-async-action.ts +120 -0
  260. package/src/assets/app/hooks/use-browser-color-scheme.ts +31 -0
  261. package/src/assets/app/hooks/use-csrf-token.ts +1 -1
  262. package/src/assets/app/hooks/use-random-string.ts +37 -0
  263. package/src/assets/app/hooks/use-stepper.ts +87 -0
  264. package/src/assets/app/index.html +182 -0
  265. package/src/assets/app/lib/api.ts +248 -79
  266. package/src/assets/app/lib/clsx.ts +5 -8
  267. package/src/assets/app/lib/json-client.ts +94 -0
  268. package/src/assets/app/lib/password.ts +98 -0
  269. package/src/assets/app/lib/ref.ts +17 -0
  270. package/src/assets/app/locales/an/messages.po +492 -0
  271. package/src/assets/app/locales/ast/messages.po +492 -0
  272. package/src/assets/app/locales/ca/messages.po +492 -0
  273. package/src/assets/app/locales/da/messages.po +492 -0
  274. package/src/assets/app/locales/de/messages.po +492 -0
  275. package/src/assets/app/locales/el/messages.po +492 -0
  276. package/src/assets/app/locales/en/messages.po +492 -0
  277. package/src/assets/app/locales/en-GB/messages.po +492 -0
  278. package/src/assets/app/locales/es/messages.po +492 -0
  279. package/src/assets/app/locales/eu/messages.po +492 -0
  280. package/src/assets/app/locales/fi/messages.po +492 -0
  281. package/src/assets/app/locales/fr/messages.po +492 -0
  282. package/src/assets/app/locales/ga/messages.po +492 -0
  283. package/src/assets/app/locales/gl/messages.po +492 -0
  284. package/src/assets/app/locales/hi/messages.po +492 -0
  285. package/src/assets/app/locales/hu/messages.po +492 -0
  286. package/src/assets/app/locales/ia/messages.po +492 -0
  287. package/src/assets/app/locales/id/messages.po +492 -0
  288. package/src/assets/app/locales/it/messages.po +492 -0
  289. package/src/assets/app/locales/ja/messages.po +492 -0
  290. package/src/assets/app/locales/km/messages.po +492 -0
  291. package/src/assets/app/locales/ko/messages.po +492 -0
  292. package/src/assets/app/locales/load.ts +8 -0
  293. package/src/assets/app/locales/locale-context.ts +19 -0
  294. package/src/assets/app/locales/locale-provider.tsx +112 -0
  295. package/src/assets/app/locales/locale-selector.tsx +58 -0
  296. package/src/assets/app/locales/locales.ts +168 -0
  297. package/src/assets/app/locales/ne/messages.po +492 -0
  298. package/src/assets/app/locales/nl/messages.po +492 -0
  299. package/src/assets/app/locales/pl/messages.po +492 -0
  300. package/src/assets/app/locales/pt-BR/messages.po +492 -0
  301. package/src/assets/app/locales/ro/messages.po +492 -0
  302. package/src/assets/app/locales/ru/messages.po +492 -0
  303. package/src/assets/app/locales/sv/messages.po +492 -0
  304. package/src/assets/app/locales/th/messages.po +492 -0
  305. package/src/assets/app/locales/tr/messages.po +492 -0
  306. package/src/assets/app/locales/uk/messages.po +492 -0
  307. package/src/assets/app/locales/vi/messages.po +492 -0
  308. package/src/assets/app/locales/zh-CN/messages.po +492 -0
  309. package/src/assets/app/locales/zh-HK/messages.po +492 -0
  310. package/src/assets/app/locales/zh-TW/messages.po +492 -0
  311. package/src/assets/app/main.css +23 -2
  312. package/src/assets/app/main.tsx +24 -8
  313. package/src/assets/app/views/authorize/accept/accept-form.tsx +150 -0
  314. package/src/assets/app/views/authorize/accept/accept-view.tsx +70 -0
  315. package/src/assets/app/views/authorize/authorize-view.tsx +180 -0
  316. package/src/assets/app/views/authorize/reset-password/reset-password-confirm-form.tsx +88 -0
  317. package/src/assets/app/views/authorize/reset-password/reset-password-request-form.tsx +80 -0
  318. package/src/assets/app/views/authorize/reset-password/reset-password-view.tsx +127 -0
  319. package/src/assets/app/views/authorize/sign-in/sign-in-form.tsx +244 -0
  320. package/src/assets/app/views/authorize/sign-in/sign-in-picker.tsx +116 -0
  321. package/src/assets/app/views/authorize/sign-in/sign-in-view.tsx +145 -0
  322. package/src/assets/app/views/authorize/sign-up/sign-up-account-form.tsx +140 -0
  323. package/src/assets/app/views/authorize/sign-up/sign-up-disclaimer.tsx +51 -0
  324. package/src/assets/app/views/authorize/sign-up/sign-up-handle-form.tsx +289 -0
  325. package/src/assets/app/views/authorize/sign-up/sign-up-hcaptcha-form.tsx +108 -0
  326. package/src/assets/app/views/authorize/sign-up/sign-up-view.tsx +158 -0
  327. package/src/assets/app/views/authorize/welcome/welcome-view.tsx +56 -0
  328. package/src/assets/app/views/error/error-view.tsx +31 -0
  329. package/src/assets/asset.ts +1 -0
  330. package/src/assets/assets-middleware.ts +13 -8
  331. package/src/assets/index.ts +15 -2
  332. package/src/client/client-store.ts +10 -12
  333. package/src/device/device-manager.ts +14 -15
  334. package/src/device/device-store.ts +9 -15
  335. package/src/dpop/dpop-manager.ts +20 -8
  336. package/src/dpop/dpop-nonce.ts +58 -40
  337. package/src/errors/handle-unavailable-error.ts +18 -0
  338. package/src/errors/invalid-request-error.ts +10 -8
  339. package/src/lib/csp/index.ts +98 -0
  340. package/src/lib/hcaptcha.ts +182 -0
  341. package/src/lib/html/build-document.ts +60 -16
  342. package/src/lib/http/middleware.ts +4 -3
  343. package/src/lib/http/request.ts +81 -28
  344. package/src/lib/http/response.ts +22 -9
  345. package/src/lib/locale.ts +21 -0
  346. package/src/lib/util/function.ts +0 -3
  347. package/src/lib/util/type.ts +130 -1
  348. package/src/metadata/build-metadata.ts +2 -1
  349. package/src/oauth-errors.ts +1 -0
  350. package/src/oauth-hooks.ts +69 -3
  351. package/src/oauth-provider.ts +410 -315
  352. package/src/oauth-verifier.ts +3 -1
  353. package/src/output/build-authorize-data.ts +1 -3
  354. package/src/output/build-customization-data.ts +189 -0
  355. package/src/output/output-manager.ts +111 -48
  356. package/src/output/send-authorize-redirect.ts +43 -36
  357. package/src/output/send-web-page.ts +40 -26
  358. package/src/request/request-manager.ts +4 -4
  359. package/src/request/request-store.ts +12 -16
  360. package/src/token/token-store.ts +14 -18
  361. package/tailwind.config.js +5 -0
  362. package/tsconfig.backend.tsbuildinfo +1 -1
  363. package/tsconfig.frontend.tsbuildinfo +1 -1
  364. package/tsconfig.tools.tsbuildinfo +1 -1
  365. package/vite.config.mjs +16 -0
  366. package/.postcssrc.yml +0 -3
  367. package/dist/assets/app/main.css +0 -3
  368. package/dist/assets/app/main.js +0 -20
  369. package/dist/assets/app/main.js.map +0 -1
  370. package/dist/output/customization.d.ts +0 -27
  371. package/dist/output/customization.d.ts.map +0 -1
  372. package/dist/output/customization.js +0 -88
  373. package/dist/output/customization.js.map +0 -1
  374. package/src/assets/app/components/accept-form.tsx +0 -137
  375. package/src/assets/app/components/account-identifier.tsx +0 -18
  376. package/src/assets/app/components/account-picker.tsx +0 -127
  377. package/src/assets/app/components/button.tsx +0 -34
  378. package/src/assets/app/components/client-name.tsx +0 -37
  379. package/src/assets/app/components/fieldset.tsx +0 -26
  380. package/src/assets/app/components/form-card.tsx +0 -47
  381. package/src/assets/app/components/help-card.tsx +0 -42
  382. package/src/assets/app/components/icons/alert-icon.tsx +0 -5
  383. package/src/assets/app/components/icons/at-symbol-icon.tsx +0 -5
  384. package/src/assets/app/components/icons/caret-right-icon.tsx +0 -5
  385. package/src/assets/app/components/icons/lock-icon.tsx +0 -5
  386. package/src/assets/app/components/icons/token-icon.tsx +0 -5
  387. package/src/assets/app/components/icons/util.tsx +0 -17
  388. package/src/assets/app/components/info-card.tsx +0 -45
  389. package/src/assets/app/components/input-checkbox.tsx +0 -47
  390. package/src/assets/app/components/input-container.tsx +0 -37
  391. package/src/assets/app/components/input-layout.tsx +0 -47
  392. package/src/assets/app/components/input-text.tsx +0 -69
  393. package/src/assets/app/components/layout-title-page.tsx +0 -60
  394. package/src/assets/app/components/layout-welcome.tsx +0 -74
  395. package/src/assets/app/components/sign-in-form.tsx +0 -337
  396. package/src/assets/app/components/sign-up-account-form.tsx +0 -194
  397. package/src/assets/app/components/sign-up-disclaimer.tsx +0 -44
  398. package/src/assets/app/views/accept-view.tsx +0 -55
  399. package/src/assets/app/views/authorize-view.tsx +0 -106
  400. package/src/assets/app/views/error-view.tsx +0 -36
  401. package/src/assets/app/views/sign-in-view.tsx +0 -111
  402. package/src/assets/app/views/sign-up-view.tsx +0 -86
  403. package/src/assets/app/views/welcome-view.tsx +0 -54
  404. package/src/output/customization.ts +0 -118
package/dist/request/request-store.js CHANGED
@@ -14,21 +14,22 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
14
14
  for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
15
15
  };
16
16
  Object.defineProperty(exports, "__esModule", { value: true });
17
- exports.isRequestStore = isRequestStore;
17
+ exports.isRequestStore = void 0;
18
18
  exports.ifRequestStore = ifRequestStore;
19
+ const type_js_1 = require("../lib/util/type.js");
19
20
  // Export all types needed to implement the RequestStore interface
20
21
  __exportStar(require("./code.js"), exports);
21
- __exportStar(require("./request-id.js"), exports);
22
22
  __exportStar(require("./request-data.js"), exports);
23
- function isRequestStore(implementation) {
24
- return (typeof implementation.createRequest === 'function' &&
25
- typeof implementation.readRequest === 'function' &&
26
- typeof implementation.updateRequest === 'function' &&
27
- typeof implementation.deleteRequest === 'function' &&
28
- typeof implementation.findRequestByCode === 'function');
29
- }
23
+ __exportStar(require("./request-id.js"), exports);
24
+ exports.isRequestStore = (0, type_js_1.buildInterfaceChecker)([
25
+ 'createRequest',
26
+ 'readRequest',
27
+ 'updateRequest',
28
+ 'deleteRequest',
29
+ 'findRequestByCode',
30
+ ]);
30
31
  function ifRequestStore(implementation) {
31
- if (implementation && isRequestStore(implementation)) {
32
+ if (implementation && (0, exports.isRequestStore)(implementation)) {
32
33
  return implementation;
33
34
  }
34
35
  return undefined;
package/dist/request/request-store.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"request-store.js","sourceRoot":"","sources":["../../src/request/request-store.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAiCA,wCAUC;AAED,wCAQC;AAhDD,kEAAkE;AAClE,4CAAyB;AACzB,kDAA+B;AAC/B,oDAAiC;AAyBjC,SAAgB,cAAc,CAC5B,cAA+D;IAE/D,OAAO,CACL,OAAO,cAAc,CAAC,aAAa,KAAK,UAAU;QAClD,OAAO,cAAc,CAAC,WAAW,KAAK,UAAU;QAChD,OAAO,cAAc,CAAC,aAAa,KAAK,UAAU;QAClD,OAAO,cAAc,CAAC,aAAa,KAAK,UAAU;QAClD,OAAO,cAAc,CAAC,iBAAiB,KAAK,UAAU,CACvD,CAAA;AACH,CAAC;AAED,SAAgB,cAAc,CAC5B,cAAgE;IAEhE,IAAI,cAAc,IAAI,cAAc,CAAC,cAAc,CAAC,EAAE,CAAC;QACrD,OAAO,cAAc,CAAA;IACvB,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC"}
1
+ {"version":3,"file":"request-store.js","sourceRoot":"","sources":["../../src/request/request-store.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAyCA,wCAQC;AAjDD,iDAAsE;AAKtE,kEAAkE;AAClE,4CAAyB;AACzB,oDAAiC;AACjC,kDAA+B;AAyBlB,QAAA,cAAc,GAAG,IAAA,+BAAqB,EAAe;IAChE,eAAe;IACf,aAAa;IACb,eAAe;IACf,eAAe;IACf,mBAAmB;CACpB,CAAC,CAAA;AAEF,SAAgB,cAAc,CAC5B,cAAkB;IAElB,IAAI,cAAc,IAAI,IAAA,sBAAc,EAAC,cAAc,CAAC,EAAE,CAAC;QACrD,OAAO,cAAc,CAAA;IACvB,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC"}
package/dist/token/token-store.d.ts CHANGED
@@ -5,9 +5,9 @@ import { Code } from '../request/code.js';
5
5
  import { RefreshToken } from './refresh-token.js';
6
6
  import { TokenData } from './token-data.js';
7
7
  import { TokenId } from './token-id.js';
8
- export * from './token-id.js';
9
- export * from './token-data.js';
10
8
  export * from './refresh-token.js';
9
+ export * from './token-data.js';
10
+ export * from './token-id.js';
11
11
  export type { Awaitable };
12
12
  export type TokenInfo = {
13
13
  id: TokenId;
@@ -30,6 +30,6 @@ export interface TokenStore {
30
30
  findTokenByRefreshToken(refreshToken: RefreshToken): Awaitable<null | TokenInfo>;
31
31
  findTokenByCode(code: Code): Awaitable<null | TokenInfo>;
32
32
  }
33
- export declare function isTokenStore(implementation: Record<string, unknown> & Partial<TokenStore>): implementation is Record<string, unknown> & TokenStore;
34
- export declare function asTokenStore(implementation?: Record<string, unknown> & Partial<TokenStore>): TokenStore;
33
+ export declare const isTokenStore: <V extends Partial<TokenStore>>(value: V) => value is V & import("../lib/util/type.js").RequiredDefined<TokenStore>;
34
+ export declare function asTokenStore<V extends Partial<TokenStore>>(implementation?: V): V & TokenStore;
35
35
  //# sourceMappingURL=token-store.d.ts.map
package/dist/token/token-store.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"token-store.d.ts","sourceRoot":"","sources":["../../src/token/token-store.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAA;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAA;AAC/C,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAA;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAC3C,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAA;AAGvC,cAAc,eAAe,CAAA;AAC7B,cAAc,iBAAiB,CAAA;AAC/B,cAAc,oBAAoB,CAAA;AAClC,YAAY,EAAE,SAAS,EAAE,CAAA;AAEzB,MAAM,MAAM,SAAS,GAAG;IACtB,EAAE,EAAE,OAAO,CAAA;IACX,IAAI,EAAE,SAAS,CAAA;IACf,OAAO,EAAE,OAAO,CAAA;IAChB,IAAI,CAAC,EAAE,iBAAiB,CAAA;IACxB,mBAAmB,EAAE,IAAI,GAAG,YAAY,CAAA;CACzC,CAAA;AAED,MAAM,MAAM,YAAY,GAAG,IAAI,CAC7B,SAAS,EACT,YAAY,GAAG,WAAW,GAAG,WAAW,CACzC,CAAA;AAED,MAAM,WAAW,UAAU;IACzB,WAAW,CACT,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,SAAS,EACf,YAAY,CAAC,EAAE,YAAY,GAC1B,SAAS,CAAC,IAAI,CAAC,CAAA;IAElB,SAAS,CAAC,OAAO,EAAE,OAAO,GAAG,SAAS,CAAC,IAAI,GAAG,SAAS,CAAC,CAAA;IAExD,WAAW,CAAC,OAAO,EAAE,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,CAAA;IAE9C,WAAW,CACT,OAAO,EAAE,OAAO,EAChB,UAAU,EAAE,OAAO,EACnB,eAAe,EAAE,YAAY,EAC7B,OAAO,EAAE,YAAY,GACpB,SAAS,CAAC,IAAI,CAAC,CAAA;IAElB;;;;OAIG;IACH,uBAAuB,CACrB,YAAY,EAAE,YAAY,GACzB,SAAS,CAAC,IAAI,GAAG,SAAS,CAAC,CAAA;IAE9B,eAAe,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,CAAC,IAAI,GAAG,SAAS,CAAC,CAAA;CACzD;AAED,wBAAgB,YAAY,CAC1B,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,UAAU,CAAC,GAC5D,cAAc,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,UAAU,CASxD;AAED,wBAAgB,YAAY,CAC1B,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,UAAU,CAAC,GAC7D,UAAU,CAKZ"}
1
+ {"version":3,"file":"token-store.d.ts","sourceRoot":"","sources":["../../src/token/token-store.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAA;AAC/D,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAC/C,OAAO,EAAE,SAAS,EAAyB,MAAM,qBAAqB,CAAA;AACtE,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAA;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAC3C,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAA;AAGvC,cAAc,oBAAoB,CAAA;AAClC,cAAc,iBAAiB,CAAA;AAC/B,cAAc,eAAe,CAAA;AAC7B,YAAY,EAAE,SAAS,EAAE,CAAA;AAEzB,MAAM,MAAM,SAAS,GAAG;IACtB,EAAE,EAAE,OAAO,CAAA;IACX,IAAI,EAAE,SAAS,CAAA;IACf,OAAO,EAAE,OAAO,CAAA;IAChB,IAAI,CAAC,EAAE,iBAAiB,CAAA;IACxB,mBAAmB,EAAE,IAAI,GAAG,YAAY,CAAA;CACzC,CAAA;AAED,MAAM,MAAM,YAAY,GAAG,IAAI,CAC7B,SAAS,EACT,YAAY,GAAG,WAAW,GAAG,WAAW,CACzC,CAAA;AAED,MAAM,WAAW,UAAU;IACzB,WAAW,CACT,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,SAAS,EACf,YAAY,CAAC,EAAE,YAAY,GAC1B,SAAS,CAAC,IAAI,CAAC,CAAA;IAElB,SAAS,CAAC,OAAO,EAAE,OAAO,GAAG,SAAS,CAAC,IAAI,GAAG,SAAS,CAAC,CAAA;IAExD,WAAW,CAAC,OAAO,EAAE,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,CAAA;IAE9C,WAAW,CACT,OAAO,EAAE,OAAO,EAChB,UAAU,EAAE,OAAO,EACnB,eAAe,EAAE,YAAY,EAC7B,OAAO,EAAE,YAAY,GACpB,SAAS,CAAC,IAAI,CAAC,CAAA;IAElB;;;;OAIG;IACH,uBAAuB,CACrB,YAAY,EAAE,YAAY,GACzB,SAAS,CAAC,IAAI,GAAG,SAAS,CAAC,CAAA;IAE9B,eAAe,CAAC,IAAI,EAAE,IAAI,GAAG,SAAS,CAAC,IAAI,GAAG,SAAS,CAAC,CAAA;CACzD;AAED,eAAO,MAAM,YAAY,qHAOvB,CAAA;AAEF,wBAAgB,YAAY,CAAC,CAAC,SAAS,OAAO,CAAC,UAAU,CAAC,EACxD,cAAc,CAAC,EAAE,CAAC,GACjB,CAAC,GAAG,UAAU,CAKhB"}
package/dist/token/token-store.js CHANGED
@@ -14,22 +14,23 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
14
14
  for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
15
15
  };
16
16
  Object.defineProperty(exports, "__esModule", { value: true });
17
- exports.isTokenStore = isTokenStore;
17
+ exports.isTokenStore = void 0;
18
18
  exports.asTokenStore = asTokenStore;
19
+ const type_js_1 = require("../lib/util/type.js");
19
20
  // Export all types needed to implement the TokenStore interface
20
- __exportStar(require("./token-id.js"), exports);
21
- __exportStar(require("./token-data.js"), exports);
22
21
  __exportStar(require("./refresh-token.js"), exports);
23
- function isTokenStore(implementation) {
24
- return (typeof implementation.createToken === 'function' &&
25
- typeof implementation.readToken === 'function' &&
26
- typeof implementation.rotateToken === 'function' &&
27
- typeof implementation.deleteToken === 'function' &&
28
- typeof implementation.findTokenByCode === 'function' &&
29
- typeof implementation.findTokenByRefreshToken === 'function');
30
- }
22
+ __exportStar(require("./token-data.js"), exports);
23
+ __exportStar(require("./token-id.js"), exports);
24
+ exports.isTokenStore = (0, type_js_1.buildInterfaceChecker)([
25
+ 'createToken',
26
+ 'readToken',
27
+ 'deleteToken',
28
+ 'rotateToken',
29
+ 'findTokenByRefreshToken',
30
+ 'findTokenByCode',
31
+ ]);
31
32
  function asTokenStore(implementation) {
32
- if (!implementation || !isTokenStore(implementation)) {
33
+ if (!implementation || !(0, exports.isTokenStore)(implementation)) {
33
34
  throw new Error('Invalid TokenStore implementation');
34
35
  }
35
36
  return implementation;
package/dist/token/token-store.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"token-store.js","sourceRoot":"","sources":["../../src/token/token-store.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAyDA,oCAWC;AAED,oCAOC;AArED,gEAAgE;AAChE,gDAA6B;AAC7B,kDAA+B;AAC/B,qDAAkC;AA8ClC,SAAgB,YAAY,CAC1B,cAA6D;IAE7D,OAAO,CACL,OAAO,cAAc,CAAC,WAAW,KAAK,UAAU;QAChD,OAAO,cAAc,CAAC,SAAS,KAAK,UAAU;QAC9C,OAAO,cAAc,CAAC,WAAW,KAAK,UAAU;QAChD,OAAO,cAAc,CAAC,WAAW,KAAK,UAAU;QAChD,OAAO,cAAc,CAAC,eAAe,KAAK,UAAU;QACpD,OAAO,cAAc,CAAC,uBAAuB,KAAK,UAAU,CAC7D,CAAA;AACH,CAAC;AAED,SAAgB,YAAY,CAC1B,cAA8D;IAE9D,IAAI,CAAC,cAAc,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAA;IACtD,CAAC;IACD,OAAO,cAAc,CAAA;AACvB,CAAC"}
1
+ {"version":3,"file":"token-store.js","sourceRoot":"","sources":["../../src/token/token-store.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAkEA,oCAOC;AAvED,iDAAsE;AAMtE,gEAAgE;AAChE,qDAAkC;AAClC,kDAA+B;AAC/B,gDAA6B;AA8ChB,QAAA,YAAY,GAAG,IAAA,+BAAqB,EAAa;IAC5D,aAAa;IACb,WAAW;IACX,aAAa;IACb,aAAa;IACb,yBAAyB;IACzB,iBAAiB;CAClB,CAAC,CAAA;AAEF,SAAgB,YAAY,CAC1B,cAAkB;IAElB,IAAI,CAAC,cAAc,IAAI,CAAC,IAAA,oBAAY,EAAC,cAAc,CAAC,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAA;IACtD,CAAC;IACD,OAAO,cAAc,CAAA;AACvB,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@atproto/oauth-provider",
3
- "version": "0.3.1",
3
+ "version": "0.5.0",
4
4
  "license": "MIT",
5
5
  "description": "Generic OAuth2 and OpenID Connect provider for Node.js. Currently only supports features needed for Atproto.",
6
6
  "keywords": [
@@ -32,50 +32,75 @@
32
32
  },
33
33
  "dependencies": {
34
34
  "@hapi/accept": "^6.0.3",
35
+ "@hapi/address": "^5.1.1",
35
36
  "@hapi/bourne": "^3.0.0",
36
37
  "@hapi/content": "^6.0.0",
37
38
  "cookie": "^0.6.0",
39
+ "disposable-email-domains-js": "^1.5.0",
40
+ "forwarded": "^0.2.0",
38
41
  "http-errors": "^2.0.0",
39
42
  "ioredis": "^5.3.2",
40
43
  "jose": "^5.2.0",
41
44
  "psl": "^1.9.0",
42
45
  "zod": "^3.23.8",
43
- "@atproto-labs/fetch": "0.2.1",
44
- "@atproto-labs/fetch-node": "0.1.7",
46
+ "@atproto-labs/fetch": "0.2.2",
47
+ "@atproto-labs/fetch-node": "0.1.8",
48
+ "@atproto-labs/pipe": "0.1.0",
45
49
  "@atproto-labs/simple-store": "0.1.2",
46
50
  "@atproto-labs/simple-store-memory": "0.1.2",
47
- "@atproto-labs/pipe": "0.1.0",
48
51
  "@atproto/common": "^0.4.8",
49
- "@atproto/jwk": "0.1.3",
50
- "@atproto/jwk-jose": "0.1.4",
51
- "@atproto/oauth-types": "0.2.3"
52
+ "@atproto/jwk": "0.1.4",
53
+ "@atproto/jwk-jose": "0.1.5",
54
+ "@atproto/oauth-types": "0.2.4"
52
55
  },
53
56
  "devDependencies": {
54
- "@rollup/plugin-commonjs": "^25.0.7",
55
- "@rollup/plugin-node-resolve": "^15.2.3",
56
- "@rollup/plugin-replace": "^5.0.5",
57
- "@rollup/plugin-terser": "^0.4.4",
58
- "@rollup/plugin-typescript": "^11.1.6",
57
+ "@hcaptcha/react-hcaptcha": "^1.11.2",
58
+ "@lingui/cli": "^5.2.0",
59
+ "@lingui/core": "^5.2.0",
60
+ "@lingui/react": "^5.2.0",
61
+ "@lingui/swc-plugin": "^5.4.0",
62
+ "@lingui/vite-plugin": "^5.2.0",
63
+ "@rollup/plugin-commonjs": "^28.0.2",
64
+ "@rollup/plugin-dynamic-import-vars": "^2.1.5",
65
+ "@rollup/plugin-node-resolve": "^16.0.0",
66
+ "@rollup/plugin-swc": "^0.4.0",
67
+ "@swc/core": "^1.10.18",
68
+ "@swc/helpers": "^0.5.15",
59
69
  "@types/cookie": "^0.6.0",
70
+ "@types/forwarded": "0.1.3",
60
71
  "@types/psl": "1.1.3",
61
- "@types/react": "^18.2.50",
62
- "@types/react-dom": "^18.2.18",
72
+ "@types/react": "^19.0.10",
73
+ "@types/react-dom": "^19.0.4",
63
74
  "@types/send": "^0.17.4",
75
+ "@vitejs/plugin-react-swc": "^3.8.0",
64
76
  "@web/rollup-plugin-import-meta-assets": "^2.2.1",
65
77
  "autoprefixer": "^10.4.17",
66
- "postcss": "^8.4.33",
67
- "react": "^18.2.0",
68
- "react-dom": "^18.2.0",
78
+ "postcss": "^8.4.38",
79
+ "react": "^19.0.0",
80
+ "react-dom": "^19.0.0",
81
+ "react-error-boundary": "^5.0.0",
69
82
  "rollup": "^4.13.0",
70
83
  "rollup-plugin-postcss": "^4.0.2",
71
- "tailwindcss": "^3.4.1",
84
+ "tailwindcss": "^3.4.3",
72
85
  "typescript": "^5.6.3",
73
- "@atproto-labs/rollup-plugin-bundle-manifest": "0.1.1"
86
+ "vite": "^6.2.0",
87
+ "@atproto-labs/rollup-plugin-bundle-manifest": "0.1.2"
88
+ },
89
+ "postcss": {
90
+ "plugins": {
91
+ "tailwindcss": {},
92
+ "autoprefixer": {}
93
+ }
74
94
  },
75
95
  "scripts": {
96
+ "po:extract": "lingui extract --clean",
97
+ "po:compile": "lingui compile --typescript",
98
+ "prebuild:frontend": "pnpm po:compile",
76
99
  "build:frontend": "rollup --config rollup.config.js",
77
100
  "build:backend": "tsc --build --force tsconfig.backend.json",
78
- "build": "pnpm --parallel --stream '/^build:.+$/'",
79
- "dev": "rollup --config rollup.config.js --watch"
101
+ "start:ui": "vite",
102
+ "dev:frontend": "pnpm run build:frontend --watch",
103
+ "dev:catalogs": "pnpm run po:extract --debounce 250 --watch > /dev/null",
104
+ "dev:messages": "pnpm run po:compile --debounce 500 --watch"
80
105
  }
81
106
  }
package/rollup.config.js CHANGED
@@ -1,10 +1,11 @@
1
1
  /* eslint-env node */
2
2
 
3
3
  const { default: commonjs } = require('@rollup/plugin-commonjs')
4
+ const {
5
+ default: dynamicImportVars,
6
+ } = require('@rollup/plugin-dynamic-import-vars')
4
7
  const { default: nodeResolve } = require('@rollup/plugin-node-resolve')
5
- const { default: replace } = require('@rollup/plugin-replace')
6
- const { default: terser } = require('@rollup/plugin-terser')
7
- const { default: typescript } = require('@rollup/plugin-typescript')
8
+ const { default: swc } = require('@rollup/plugin-swc')
8
9
  const { defineConfig } = require('rollup')
9
10
  const {
10
11
  default: manifest,
@@ -16,34 +17,77 @@ module.exports = defineConfig((commandLineArguments) => {
16
17
  process.env['NODE_ENV'] ??
17
18
  (commandLineArguments.watch ? 'development' : 'production')
18
19
 
19
- const minify = NODE_ENV !== 'development'
20
+ const devMode = NODE_ENV === 'development'
20
21
 
21
22
  return {
22
- input: 'src/assets/app/main.tsx',
23
+ input: ['src/assets/app/main.tsx', 'src/assets/app/main.css'],
23
24
  output: {
24
25
  manualChunks: undefined,
25
26
  sourcemap: true,
26
- file: 'dist/assets/app/main.js',
27
- format: 'iife',
27
+ dir: 'dist/assets/app',
28
+ format: 'module',
29
+ entryFileNames: 'main-[hash].js',
28
30
  },
29
31
  plugins: [
30
- nodeResolve({ preferBuiltins: false, browser: true }),
31
- commonjs(),
32
- postcss({ config: true, extract: true, minimize: minify }),
33
- typescript({
34
- tsconfig: './tsconfig.frontend.json',
35
- outputToFilesystem: true,
32
+ {
33
+ name: 'resolve-swc-helpers',
34
+ resolveId(src) {
35
+ // For some reason, "nodeResolve" doesn't resolve these:
36
+ if (src.startsWith('@swc/helpers/')) return require.resolve(src)
37
+ },
38
+ },
39
+ nodeResolve({
40
+ preferBuiltins: false,
41
+ browser: true,
42
+ exportConditions: ['browser', 'module', 'import', 'default'],
36
43
  }),
37
- replace({
38
- preventAssignment: true,
39
- values: { 'process.env.NODE_ENV': JSON.stringify(NODE_ENV) },
44
+ commonjs(),
45
+ postcss({ config: true, extract: true, minimize: !devMode }),
46
+ swc({
47
+ swc: {
48
+ swcrc: false,
49
+ configFile: false,
50
+ sourceMaps: true,
51
+ minify: !devMode,
52
+ jsc: {
53
+ experimental: {
54
+ // @NOTE Because of the experimental nature of SWC plugins, A
55
+ // very particular version of @swc/core needs to be used. The
56
+ // link below allows to determine with version of @swc/core is
57
+ // compatible based on the version of @lingui/swc-plugin used
58
+ // (click on the swc_core version in the right column to see
59
+ // which version of the @swc/core is compatible)
60
+ //
61
+ // https://github.com/lingui/swc-plugin?tab=readme-ov-file#compatibility
62
+ plugins: [['@lingui/swc-plugin', {}]],
63
+ },
64
+ minify: {
65
+ compress: true,
66
+ mangle: true,
67
+ },
68
+ externalHelpers: true,
69
+ target: 'es2020',
70
+ parser: { syntax: 'typescript', tsx: true },
71
+ transform: {
72
+ useDefineForClassFields: true,
73
+ react: { runtime: 'automatic' },
74
+ optimizer: {
75
+ simplify: true,
76
+ globals: {
77
+ vars: { 'process.env.NODE_ENV': JSON.stringify(NODE_ENV) },
78
+ },
79
+ },
80
+ },
81
+ },
82
+ },
40
83
  }),
84
+ dynamicImportVars({ errorWhenNoFilesFound: true }),
85
+
41
86
  // Change `data` to `true` to include assets data in the manifest,
42
87
  // allowing for easier bundling of the backend code (eg. using esbuild) as
43
88
  // bundlers know how to bundle JSON files but not how to bundle assets
44
89
  // referenced at runtime.
45
90
  manifest({ data: false }),
46
- minify && terser({}),
47
91
  ],
48
92
  onwarn(warning, warn) {
49
93
  // 'use client' directives are fine
package/src/account/account-manager.ts CHANGED
@@ -1,31 +1,164 @@
1
- import { isOAuthClientIdLoopback } from '@atproto/oauth-types'
1
+ import {
2
+ OAuthIssuerIdentifier,
3
+ isOAuthClientIdLoopback,
4
+ } from '@atproto/oauth-types'
2
5
  import { Client } from '../client/client.js'
3
6
  import { DeviceId } from '../device/device-id.js'
7
+ import { InvalidRequestError } from '../errors/invalid-request-error.js'
8
+ import { HCaptchaClient, HcaptchaVerifyResult } from '../lib/hcaptcha.js'
9
+ import { callAsync } from '../lib/util/function.js'
4
10
  import { constantTime } from '../lib/util/time.js'
5
- import { InvalidRequestError } from '../oauth-errors.js'
11
+ import { OAuthHooks, RequestMetadata } from '../oauth-hooks.js'
12
+ import { Customization } from '../oauth-provider.js'
6
13
  import { Sub } from '../oidc/sub.js'
7
14
  import { ClientAuth } from '../token/token-store.js'
8
15
  import {
9
16
  Account,
10
17
  AccountInfo,
11
18
  AccountStore,
12
- SignInCredentials,
19
+ ResetPasswordConfirmData,
20
+ ResetPasswordRequestData,
13
21
  } from './account-store.js'
22
+ import { SignInData } from './sign-in-data.js'
23
+ import { SignUpData } from './sign-up-data.js'
14
24
 
15
25
  const TIMING_ATTACK_MITIGATION_DELAY = 400
26
+ const BRUTE_FORCE_MITIGATION_DELAY = 300
16
27
 
17
28
  export class AccountManager {
18
- constructor(protected readonly store: AccountStore) {}
29
+ protected readonly inviteCodeRequired: boolean
30
+ protected readonly hcaptchaClient?: HCaptchaClient
31
+
32
+ constructor(
33
+ issuer: OAuthIssuerIdentifier,
34
+ protected readonly store: AccountStore,
35
+ protected readonly hooks: OAuthHooks,
36
+ customization: Customization,
37
+ ) {
38
+ this.inviteCodeRequired = customization.inviteCodeRequired !== false
39
+ this.hcaptchaClient = customization.hcaptcha
40
+ ? new HCaptchaClient(new URL(issuer).hostname, customization.hcaptcha)
41
+ : undefined
42
+ }
43
+
44
+ protected async verifySignupData(
45
+ data: SignUpData,
46
+ deviceId: DeviceId,
47
+ deviceMetadata: RequestMetadata,
48
+ ): Promise<void> {
49
+ let hcaptchaResult: undefined | HcaptchaVerifyResult
50
+
51
+ if (this.inviteCodeRequired && !data.inviteCode) {
52
+ throw new InvalidRequestError('Invite code is required')
53
+ }
54
+
55
+ if (this.hcaptchaClient) {
56
+ if (!data.hcaptchaToken) {
57
+ throw new InvalidRequestError('hCaptcha token is required')
58
+ }
59
+
60
+ const { allowed, result } = await this.hcaptchaClient.verify(
61
+ 'signup',
62
+ data.hcaptchaToken,
63
+ deviceMetadata.ipAddress,
64
+ data.handle,
65
+ deviceMetadata.userAgent,
66
+ )
67
+
68
+ await callAsync(this.hooks.onSignupHcaptchaResult, {
69
+ data,
70
+ allowed,
71
+ result,
72
+ deviceId,
73
+ deviceMetadata,
74
+ })
75
+
76
+ if (!allowed) {
77
+ throw new InvalidRequestError('hCaptcha verification failed')
78
+ }
79
+
80
+ hcaptchaResult = result
81
+ }
82
+
83
+ await callAsync(this.hooks.onSignupAttempt, {
84
+ data,
85
+ deviceId,
86
+ deviceMetadata,
87
+ hcaptchaResult,
88
+ })
89
+ }
90
+
91
+ public async signUp(
92
+ data: SignUpData,
93
+ deviceId: DeviceId,
94
+ deviceMetadata: RequestMetadata,
95
+ ): Promise<AccountInfo> {
96
+ await this.verifySignupData(data, deviceId, deviceMetadata)
97
+
98
+ // Mitigation against brute forcing email of users.
99
+ // @TODO Add rate limit to all the OAuth routes.
100
+ return constantTime(BRUTE_FORCE_MITIGATION_DELAY, async () => {
101
+ let account: Account
102
+ try {
103
+ account = await this.store.createAccount(data)
104
+ } catch (err) {
105
+ throw InvalidRequestError.from(err, 'Account creation failed')
106
+ }
107
+
108
+ try {
109
+ const info = await this.store.addDeviceAccount(
110
+ deviceId,
111
+ account.sub,
112
+ false,
113
+ )
114
+
115
+ await callAsync(this.hooks.onSignedUp, {
116
+ data,
117
+ info,
118
+ account,
119
+ deviceId,
120
+ deviceMetadata,
121
+ })
122
+
123
+ return { account, info }
124
+ } catch (err) {
125
+ throw InvalidRequestError.from(
126
+ err,
127
+ 'Something went wrong, try singing-in',
128
+ )
129
+ }
130
+ })
131
+ }
19
132
 
20
133
  public async signIn(
21
- credentials: SignInCredentials,
134
+ data: SignInData,
22
135
  deviceId: DeviceId,
136
+ deviceMetadata: RequestMetadata,
23
137
  ): Promise<AccountInfo> {
24
138
  return constantTime(TIMING_ATTACK_MITIGATION_DELAY, async () => {
25
- const result = await this.store.authenticateAccount(credentials, deviceId)
26
- if (result) return result
139
+ try {
140
+ const account = await this.store.authenticateAccount(data)
141
+ const info = await this.store.addDeviceAccount(
142
+ deviceId,
143
+ account.sub,
144
+ data.remember,
145
+ )
27
146
 
28
- throw new InvalidRequestError('Invalid credentials')
147
+ await callAsync(this.hooks.onSignedIn, {
148
+ data,
149
+ info,
150
+ account,
151
+ deviceId,
152
+ deviceMetadata,
153
+ })
154
+
155
+ return { account, info }
156
+ } catch (err) {
157
+ throw InvalidRequestError.from(
158
+ err,
159
+ 'Unable to sign-in due to an unexpected server error',
160
+ )
161
+ }
29
162
  })
30
163
  }
31
164
 
@@ -52,4 +185,22 @@ export class AccountManager {
52
185
  const results = await this.store.listDeviceAccounts(deviceId)
53
186
  return results.filter((result) => result.info.remembered)
54
187
  }
188
+
189
+ public async resetPasswordRequest(data: ResetPasswordRequestData) {
190
+ return constantTime(TIMING_ATTACK_MITIGATION_DELAY, async () => {
191
+ await this.store.resetPasswordRequest(data)
192
+ })
193
+ }
194
+
195
+ public async resetPasswordConfirm(data: ResetPasswordConfirmData) {
196
+ return constantTime(TIMING_ATTACK_MITIGATION_DELAY, async () => {
197
+ await this.store.resetPasswordConfirm(data)
198
+ })
199
+ }
200
+
201
+ public async verifyHandleAvailability(handle: string): Promise<void> {
202
+ return constantTime(TIMING_ATTACK_MITIGATION_DELAY, async () => {
203
+ return this.store.verifyHandleAvailability(handle)
204
+ })
205
+ }
55
206
  }