@atproto/oauth-provider 0.5.1 → 0.6.0

package/CHANGELOG.md

@@ -1,5 +1,44 @@
 # @atproto/oauth-provider
 
+## 0.6.0
+
+### Minor Changes
+
+- [#3645](https://github.com/bluesky-social/atproto/pull/3645) [`49528e83d`](https://github.com/bluesky-social/atproto/commit/49528e83daee8d91c1956b13cc73e9c2b79b6b10) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Remove onSignupHcaptchaResult hook
+
+- [#3645](https://github.com/bluesky-social/atproto/pull/3645) [`49528e83d`](https://github.com/bluesky-social/atproto/commit/49528e83daee8d91c1956b13cc73e9c2b79b6b10) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Allow `onSignedUp` hook to access hcaptcha result data.
+
+### Patch Changes
+
+- [#3645](https://github.com/bluesky-social/atproto/pull/3645) [`49528e83d`](https://github.com/bluesky-social/atproto/commit/49528e83daee8d91c1956b13cc73e9c2b79b6b10) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Fix hcaptcha verification based on score
+
+- [#3627](https://github.com/bluesky-social/atproto/pull/3627) [`9332c0f31`](https://github.com/bluesky-social/atproto/commit/9332c0f315bb7270bf346f69ecb178481ed07764) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Fix CSP directives for assets loaded through an `src`.
+
+- [#3627](https://github.com/bluesky-social/atproto/pull/3627) [`9332c0f31`](https://github.com/bluesky-social/atproto/commit/9332c0f315bb7270bf346f69ecb178481ed07764) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Make CSP header shorter (by combining <script> tags in the backend, when possible)
+
+- [#3627](https://github.com/bluesky-social/atproto/pull/3627) [`9332c0f31`](https://github.com/bluesky-social/atproto/commit/9332c0f315bb7270bf346f69ecb178481ed07764) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Disable un-necessary pre-loading of assets
+
+- [#3640](https://github.com/bluesky-social/atproto/pull/3640) [`cc4122652`](https://github.com/bluesky-social/atproto/commit/cc4122652ed42ba55826c019d0ec57bf25df1ecd) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Split OAuth Provider's ui into its own package
+
+- [#3627](https://github.com/bluesky-social/atproto/pull/3627) [`9332c0f31`](https://github.com/bluesky-social/atproto/commit/9332c0f315bb7270bf346f69ecb178481ed07764) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Fixes issue in internal HTML generation class
+
+- [#3627](https://github.com/bluesky-social/atproto/pull/3627) [`9332c0f31`](https://github.com/bluesky-social/atproto/commit/9332c0f315bb7270bf346f69ecb178481ed07764) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Set `Cross-Origin-Embedder-Policy` to `unsafe-none` when HCaptcha is enabled
+
+- [#3645](https://github.com/bluesky-social/atproto/pull/3645) [`49528e83d`](https://github.com/bluesky-social/atproto/commit/49528e83daee8d91c1956b13cc73e9c2b79b6b10) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Improve HCaptcha error reporting
+
+- Updated dependencies [[`cc4122652`](https://github.com/bluesky-social/atproto/commit/cc4122652ed42ba55826c019d0ec57bf25df1ecd), [`cc4122652`](https://github.com/bluesky-social/atproto/commit/cc4122652ed42ba55826c019d0ec57bf25df1ecd), [`670b6b5de`](https://github.com/bluesky-social/atproto/commit/670b6b5de2bf91e6944761c98eb1126fb6a681ee)]:
+  - @atproto/oauth-provider-ui@0.0.2
+  - @atproto/oauth-provider-api@0.0.1
+  - @atproto/syntax@0.4.0
+
+## 0.5.2
+
+### Patch Changes
+
+- [#3622](https://github.com/bluesky-social/atproto/pull/3622) [`9e3eace8f`](https://github.com/bluesky-social/atproto/commit/9e3eace8f9c22141e6da80b7696cd3b3e7c38779) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Properly validate handle syntax during sign-up
+
+- [#3621](https://github.com/bluesky-social/atproto/pull/3621) [`5ada66ceb`](https://github.com/bluesky-social/atproto/commit/5ada66ceb9d5b2c64f112bb62da0edc421c765bf) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Allow invite codes in any format
+
 ## 0.5.1
 
 ### Patch Changes

package/dist/account/account-manager.d.ts

@@ -1,22 +1,24 @@
 import { OAuthIssuerIdentifier } from '@atproto/oauth-types';
 import { Client } from '../client/client.js';
 import { DeviceId } from '../device/device-id.js';
-import { HCaptchaClient } from '../lib/hcaptcha.js';
+import { HCaptchaClient, HcaptchaVerifyResult } from '../lib/hcaptcha.js';
 import { OAuthHooks, RequestMetadata } from '../oauth-hooks.js';
 import { Customization } from '../oauth-provider.js';
 import { Sub } from '../oidc/sub.js';
 import { ClientAuth } from '../token/token-store.js';
-import { Account, AccountInfo, AccountStore, ResetPasswordConfirmData, ResetPasswordRequestData } from './account-store.js';
+import { Account, AccountInfo, AccountStore, ResetPasswordConfirmData, ResetPasswordRequestData, SignUpData } from './account-store.js';
 import { SignInData } from './sign-in-data.js';
-import { SignUpData } from './sign-up-data.js';
+import { SignUpInput } from './sign-up-input.js';
 export declare class AccountManager {
     protected readonly store: AccountStore;
     protected readonly hooks: OAuthHooks;
     protected readonly inviteCodeRequired: boolean;
     protected readonly hcaptchaClient?: HCaptchaClient;
     constructor(issuer: OAuthIssuerIdentifier, store: AccountStore, hooks: OAuthHooks, customization: Customization);
-    protected verifySignupData(data: SignUpData, deviceId: DeviceId, deviceMetadata: RequestMetadata): Promise<void>;
-    signUp(data: SignUpData, deviceId: DeviceId, deviceMetadata: RequestMetadata): Promise<AccountInfo>;
+    protected processHcaptchaToken(input: SignUpInput, deviceId: DeviceId, deviceMetadata: RequestMetadata): Promise<HcaptchaVerifyResult | undefined>;
+    protected enforceInviteCode(input: SignUpInput, _deviceId: DeviceId, _deviceMetadata: RequestMetadata): Promise<string | undefined>;
+    protected buildSignupData(input: SignUpInput, deviceId: DeviceId, deviceMetadata: RequestMetadata): Promise<SignUpData>;
+    signUp(input: SignUpInput, deviceId: DeviceId, deviceMetadata: RequestMetadata): Promise<AccountInfo>;
     signIn(data: SignInData, deviceId: DeviceId, deviceMetadata: RequestMetadata): Promise<AccountInfo>;
     get(deviceId: DeviceId, sub: Sub): Promise<AccountInfo>;
     addAuthorizedClient(deviceId: DeviceId, account: Account, client: Client, _clientAuth: ClientAuth): Promise<void>;

package/dist/account/account-manager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"account-manager.d.ts","sourceRoot":"","sources":["../../src/account/account-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,qBAAqB,EAEtB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAC5C,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AAEjD,OAAO,EAAE,cAAc,EAAwB,MAAM,oBAAoB,CAAA;AAGzE,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAA;AACpD,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAA;AACpC,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AACpD,OAAO,EACL,OAAO,EACP,WAAW,EACX,YAAY,EACZ,wBAAwB,EACxB,wBAAwB,EACzB,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAK9C,qBAAa,cAAc;IAMvB,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,YAAY;IACtC,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,UAAU;IANtC,SAAS,CAAC,QAAQ,CAAC,kBAAkB,EAAE,OAAO,CAAA;IAC9C,SAAS,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,cAAc,CAAA;gBAGhD,MAAM,EAAE,qBAAqB,EACV,KAAK,EAAE,YAAY,EACnB,KAAK,EAAE,UAAU,EACpC,aAAa,EAAE,aAAa;cAQd,gBAAgB,CAC9B,IAAI,EAAE,UAAU,EAChB,QAAQ,EAAE,QAAQ,EAClB,cAAc,EAAE,eAAe,GAC9B,OAAO,CAAC,IAAI,CAAC;IA2CH,MAAM,CACjB,IAAI,EAAE,UAAU,EAChB,QAAQ,EAAE,QAAQ,EAClB,cAAc,EAAE,eAAe,GAC9B,OAAO,CAAC,WAAW,CAAC;IAsCV,MAAM,CACjB,IAAI,EAAE,UAAU,EAChB,QAAQ,EAAE,QAAQ,EAClB,cAAc,EAAE,eAAe,GAC9B,OAAO,CAAC,WAAW,CAAC;IA4BV,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,WAAW,CAAC;IAOvD,mBAAmB,CAC9B,QAAQ,EAAE,QAAQ,EAClB,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,UAAU,GACtB,OAAO,CAAC,IAAI,CAAC;IAOH,IAAI,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAKhD,oBAAoB,CAAC,IAAI,EAAE,wBAAwB;IAMnD,oBAAoB,CAAC,IAAI,EAAE,wBAAwB;IAMnD,wBAAwB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAKrE"}
+{"version":3,"file":"account-manager.d.ts","sourceRoot":"","sources":["../../src/account/account-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,qBAAqB,EAEtB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAC5C,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AAEjD,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAA;AAGzE,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAA;AACpD,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAA;AACpC,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AACpD,OAAO,EACL,OAAO,EACP,WAAW,EACX,YAAY,EACZ,wBAAwB,EACxB,wBAAwB,EACxB,UAAU,EACX,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAKhD,qBAAa,cAAc;IAMvB,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,YAAY;IACtC,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,UAAU;IANtC,SAAS,CAAC,QAAQ,CAAC,kBAAkB,EAAE,OAAO,CAAA;IAC9C,SAAS,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,cAAc,CAAA;gBAGhD,MAAM,EAAE,qBAAqB,EACV,KAAK,EAAE,YAAY,EACnB,KAAK,EAAE,UAAU,EACpC,aAAa,EAAE,aAAa;cAQd,oBAAoB,CAClC,KAAK,EAAE,WAAW,EAClB,QAAQ,EAAE,QAAQ,EAClB,cAAc,EAAE,eAAe,GAC9B,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC;cA4B5B,iBAAiB,CAC/B,KAAK,EAAE,WAAW,EAClB,SAAS,EAAE,QAAQ,EACnB,eAAe,EAAE,eAAe,GAC/B,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;cAYd,eAAe,CAC7B,KAAK,EAAE,WAAW,EAClB,QAAQ,EAAE,QAAQ,EAClB,cAAc,EAAE,eAAe,GAC9B,OAAO,CAAC,UAAU,CAAC;IAST,MAAM,CACjB,KAAK,EAAE,WAAW,EAClB,QAAQ,EAAE,QAAQ,EAClB,cAAc,EAAE,eAAe,GAC9B,OAAO,CAAC,WAAW,CAAC;IA4CV,MAAM,CACjB,IAAI,EAAE,UAAU,EAChB,QAAQ,EAAE,QAAQ,EAClB,cAAc,EAAE,eAAe,GAC9B,OAAO,CAAC,WAAW,CAAC;IA4BV,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,WAAW,CAAC;IAOvD,mBAAmB,CAC9B,QAAQ,EAAE,QAAQ,EAClB,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,UAAU,GACtB,OAAO,CAAC,IAAI,CAAC;IAOH,IAAI,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAKhD,oBAAoB,CAAC,IAAI,EAAE,wBAAwB;IAMnD,oBAAoB,CAAC,IAAI,EAAE,wBAAwB;IAMnD,wBAAwB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAKrE"}

package/dist/account/account-manager.js

@@ -21,37 +21,46 @@ class AccountManager {
             ? new hcaptcha_js_1.HCaptchaClient(new URL(issuer).hostname, customization.hcaptcha)
             : undefined;
     }
-    async verifySignupData(data, deviceId, deviceMetadata) {
-        let hcaptchaResult;
-        if (this.inviteCodeRequired && !data.inviteCode) {
-            throw new invalid_request_error_js_1.InvalidRequestError('Invite code is required');
+    async processHcaptchaToken(input, deviceId, deviceMetadata) {
+        if (!this.hcaptchaClient) {
+            return undefined;
         }
-        if (this.hcaptchaClient) {
-            if (!data.hcaptchaToken) {
-                throw new invalid_request_error_js_1.InvalidRequestError('hCaptcha token is required');
-            }
-            const { allowed, result } = await this.hcaptchaClient.verify('signup', data.hcaptchaToken, deviceMetadata.ipAddress, data.handle, deviceMetadata.userAgent);
-            await (0, function_js_1.callAsync)(this.hooks.onSignupHcaptchaResult, {
-                data,
-                allowed,
-                result,
-                deviceId,
-                deviceMetadata,
-            });
-            if (!allowed) {
-                throw new invalid_request_error_js_1.InvalidRequestError('hCaptcha verification failed');
-            }
-            hcaptchaResult = result;
+        if (!input.hcaptchaToken) {
+            throw new invalid_request_error_js_1.InvalidRequestError('hCaptcha token is required');
+        }
+        const { allowed, result } = await this.hcaptchaClient
+            .verify('signup', input.hcaptchaToken, deviceMetadata.ipAddress, input.handle, deviceMetadata.userAgent)
+            .catch((err) => {
+            throw invalid_request_error_js_1.InvalidRequestError.from(err, 'hCaptcha verification failed');
+        });
+        if (!allowed) {
+            throw new invalid_request_error_js_1.InvalidRequestError('hCaptcha verification failed');
+        }
+        return result;
+    }
+    async enforceInviteCode(input, _deviceId, _deviceMetadata) {
+        if (!this.inviteCodeRequired) {
+            return undefined;
+        }
+        if (!input.inviteCode) {
+            throw new invalid_request_error_js_1.InvalidRequestError('Invite code is required');
         }
+        return input.inviteCode;
+    }
+    async buildSignupData(input, deviceId, deviceMetadata) {
+        const [hcaptchaResult, inviteCode] = await Promise.all([
+            this.processHcaptchaToken(input, deviceId, deviceMetadata),
+            this.enforceInviteCode(input, deviceId, deviceMetadata),
+        ]);
+        return { ...input, hcaptchaResult, inviteCode };
+    }
+    async signUp(input, deviceId, deviceMetadata) {
         await (0, function_js_1.callAsync)(this.hooks.onSignupAttempt, {
-            data,
+            input,
             deviceId,
             deviceMetadata,
-            hcaptchaResult,
         });
-    }
-    async signUp(data, deviceId, deviceMetadata) {
-        await this.verifySignupData(data, deviceId, deviceMetadata);
+        const data = await this.buildSignupData(input, deviceId, deviceMetadata);
         // Mitigation against brute forcing email of users.
         // @TODO Add rate limit to all the OAuth routes.
         return (0, time_js_1.constantTime)(BRUTE_FORCE_MITIGATION_DELAY, async () => {

package/dist/account/account-manager.js.map

@@ -1 +1 @@
-{"version":3,"file":"account-manager.js","sourceRoot":"","sources":["../../src/account/account-manager.ts"],"names":[],"mappings":";;;AAAA,sDAG6B;AAG7B,iFAAwE;AACxE,oDAAyE;AACzE,yDAAmD;AACnD,iDAAkD;AAelD,MAAM,8BAA8B,GAAG,GAAG,CAAA;AAC1C,MAAM,4BAA4B,GAAG,GAAG,CAAA;AAExC,MAAa,cAAc;IAMJ;IACA;IANF,kBAAkB,CAAS;IAC3B,cAAc,CAAiB;IAElD,YACE,MAA6B,EACV,KAAmB,EACnB,KAAiB,EACpC,aAA4B;QAFT,UAAK,GAAL,KAAK,CAAc;QACnB,UAAK,GAAL,KAAK,CAAY;QAGpC,IAAI,CAAC,kBAAkB,GAAG,aAAa,CAAC,kBAAkB,KAAK,KAAK,CAAA;QACpE,IAAI,CAAC,cAAc,GAAG,aAAa,CAAC,QAAQ;YAC1C,CAAC,CAAC,IAAI,4BAAc,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,aAAa,CAAC,QAAQ,CAAC;YACtE,CAAC,CAAC,SAAS,CAAA;IACf,CAAC;IAES,KAAK,CAAC,gBAAgB,CAC9B,IAAgB,EAChB,QAAkB,EAClB,cAA+B;QAE/B,IAAI,cAAgD,CAAA;QAEpD,IAAI,IAAI,CAAC,kBAAkB,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChD,MAAM,IAAI,8CAAmB,CAAC,yBAAyB,CAAC,CAAA;QAC1D,CAAC;QAED,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;gBACxB,MAAM,IAAI,8CAAmB,CAAC,4BAA4B,CAAC,CAAA;YAC7D,CAAC;YAED,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAC1D,QAAQ,EACR,IAAI,CAAC,aAAa,EAClB,cAAc,CAAC,SAAS,EACxB,IAAI,CAAC,MAAM,EACX,cAAc,CAAC,SAAS,CACzB,CAAA;YAED,MAAM,IAAA,uBAAS,EAAC,IAAI,CAAC,KAAK,CAAC,sBAAsB,EAAE;gBACjD,IAAI;gBACJ,OAAO;gBACP,MAAM;gBACN,QAAQ;gBACR,cAAc;aACf,CAAC,CAAA;YAEF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,8CAAmB,CAAC,8BAA8B,CAAC,CAAA;YAC/D,CAAC;YAED,cAAc,GAAG,MAAM,CAAA;QACzB,CAAC;QAED,MAAM,IAAA,uBAAS,EAAC,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE;YAC1C,IAAI;YACJ,QAAQ;YACR,cAAc;YACd,cAAc;SACf,CAAC,CAAA;IACJ,CAAC;IAEM,KAAK,CAAC,MAAM,CACjB,IAAgB,EAChB,QAAkB,EAClB,cAA+B;QAE/B,MAAM,IAAI,CAAC,gBAAgB,CAAC,IAAI,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAA;QAE3D,mDAAmD;QACnD,gDAAgD;QAChD,OAAO,IAAA,sBAAY,EAAC,4BAA4B,EAAE,KAAK,IAAI,EAAE;YAC3D,IAAI,OAAgB,CAAA;YACpB,IAAI,CAAC;gBACH,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,CAAA;YAChD,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,8CAAmB,CAAC,IAAI,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAA;YAChE,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAC5C,QAAQ,EACR,OAAO,CAAC,GAAG,EACX,KAAK,CACN,CAAA;gBAED,MAAM,IAAA,uBAAS,EAAC,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE;oBACrC,IAAI;oBACJ,IAAI;oBACJ,OAAO;oBACP,QAAQ;oBACR,cAAc;iBACf,CAAC,CAAA;gBAEF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;YAC1B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,8CAAmB,CAAC,IAAI,CAC5B,GAAG,EACH,sCAAsC,CACvC,CAAA;YACH,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAEM,KAAK,CAAC,MAAM,CACjB,IAAgB,EAChB,QAAkB,EAClB,cAA+B;QAE/B,OAAO,IAAA,sBAAY,EAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;YAC7D,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAA;gBAC1D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAC5C,QAAQ,EACR,OAAO,CAAC,GAAG,EACX,IAAI,CAAC,QAAQ,CACd,CAAA;gBAED,MAAM,IAAA,uBAAS,EAAC,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE;oBACrC,IAAI;oBACJ,IAAI;oBACJ,OAAO;oBACP,QAAQ;oBACR,cAAc;iBACf,CAAC,CAAA;gBAEF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;YAC1B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,8CAAmB,CAAC,IAAI,CAC5B,GAAG,EACH,qDAAqD,CACtD,CAAA;YACH,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAEM,KAAK,CAAC,GAAG,CAAC,QAAkB,EAAE,GAAQ;QAC3C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAA;QAC/D,IAAI,MAAM;YAAE,OAAO,MAAM,CAAA;QAEzB,MAAM,IAAI,8CAAmB,CAAC,mBAAmB,CAAC,CAAA;IACpD,CAAC;IAEM,KAAK,CAAC,mBAAmB,CAC9B,QAAkB,EAClB,OAAgB,EAChB,MAAc,EACd,WAAuB;QAEvB,+DAA+D;QAC/D,IAAI,IAAA,qCAAuB,EAAC,MAAM,CAAC,EAAE,CAAC;YAAE,OAAM;QAE9C,MAAM,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,CAAC,CAAA;IACxE,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,QAAkB;QAClC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAA;QAC7D,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAC3D,CAAC;IAEM,KAAK,CAAC,oBAAoB,CAAC,IAA8B;QAC9D,OAAO,IAAA,sBAAY,EAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;YAC7D,MAAM,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAA;QAC7C,CAAC,CAAC,CAAA;IACJ,CAAC;IAEM,KAAK,CAAC,oBAAoB,CAAC,IAA8B;QAC9D,OAAO,IAAA,sBAAY,EAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;YAC7D,MAAM,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAA;QAC7C,CAAC,CAAC,CAAA;IACJ,CAAC;IAEM,KAAK,CAAC,wBAAwB,CAAC,MAAc;QAClD,OAAO,IAAA,sBAAY,EAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;YAC7D,OAAO,IAAI,CAAC,KAAK,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAA;QACpD,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAlLD,wCAkLC"}
+{"version":3,"file":"account-manager.js","sourceRoot":"","sources":["../../src/account/account-manager.ts"],"names":[],"mappings":";;;AAAA,sDAG6B;AAG7B,iFAAwE;AACxE,oDAAyE;AACzE,yDAAmD;AACnD,iDAAkD;AAgBlD,MAAM,8BAA8B,GAAG,GAAG,CAAA;AAC1C,MAAM,4BAA4B,GAAG,GAAG,CAAA;AAExC,MAAa,cAAc;IAMJ;IACA;IANF,kBAAkB,CAAS;IAC3B,cAAc,CAAiB;IAElD,YACE,MAA6B,EACV,KAAmB,EACnB,KAAiB,EACpC,aAA4B;QAFT,UAAK,GAAL,KAAK,CAAc;QACnB,UAAK,GAAL,KAAK,CAAY;QAGpC,IAAI,CAAC,kBAAkB,GAAG,aAAa,CAAC,kBAAkB,KAAK,KAAK,CAAA;QACpE,IAAI,CAAC,cAAc,GAAG,aAAa,CAAC,QAAQ;YAC1C,CAAC,CAAC,IAAI,4BAAc,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,aAAa,CAAC,QAAQ,CAAC;YACtE,CAAC,CAAC,SAAS,CAAA;IACf,CAAC;IAES,KAAK,CAAC,oBAAoB,CAClC,KAAkB,EAClB,QAAkB,EAClB,cAA+B;QAE/B,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;YACzB,MAAM,IAAI,8CAAmB,CAAC,4BAA4B,CAAC,CAAA;QAC7D,CAAC;QAED,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,cAAc;aAClD,MAAM,CACL,QAAQ,EACR,KAAK,CAAC,aAAa,EACnB,cAAc,CAAC,SAAS,EACxB,KAAK,CAAC,MAAM,EACZ,cAAc,CAAC,SAAS,CACzB;aACA,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACb,MAAM,8CAAmB,CAAC,IAAI,CAAC,GAAG,EAAE,8BAA8B,CAAC,CAAA;QACrE,CAAC,CAAC,CAAA;QAEJ,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,8CAAmB,CAAC,8BAA8B,CAAC,CAAA;QAC/D,CAAC;QAED,OAAO,MAAM,CAAA;IACf,CAAC;IAES,KAAK,CAAC,iBAAiB,CAC/B,KAAkB,EAClB,SAAmB,EACnB,eAAgC;QAEhC,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC;YACtB,MAAM,IAAI,8CAAmB,CAAC,yBAAyB,CAAC,CAAA;QAC1D,CAAC;QAED,OAAO,KAAK,CAAC,UAAU,CAAA;IACzB,CAAC;IAES,KAAK,CAAC,eAAe,CAC7B,KAAkB,EAClB,QAAkB,EAClB,cAA+B;QAE/B,MAAM,CAAC,cAAc,EAAE,UAAU,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YACrD,IAAI,CAAC,oBAAoB,CAAC,KAAK,EAAE,QAAQ,EAAE,cAAc,CAAC;YAC1D,IAAI,CAAC,iBAAiB,CAAC,KAAK,EAAE,QAAQ,EAAE,cAAc,CAAC;SACxD,CAAC,CAAA;QAEF,OAAO,EAAE,GAAG,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,CAAA;IACjD,CAAC;IAEM,KAAK,CAAC,MAAM,CACjB,KAAkB,EAClB,QAAkB,EAClB,cAA+B;QAE/B,MAAM,IAAA,uBAAS,EAAC,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE;YAC1C,KAAK;YACL,QAAQ;YACR,cAAc;SACf,CAAC,CAAA;QAEF,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAA;QAExE,mDAAmD;QACnD,gDAAgD;QAChD,OAAO,IAAA,sBAAY,EAAC,4BAA4B,EAAE,KAAK,IAAI,EAAE;YAC3D,IAAI,OAAgB,CAAA;YACpB,IAAI,CAAC;gBACH,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,CAAA;YAChD,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,8CAAmB,CAAC,IAAI,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAA;YAChE,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAC5C,QAAQ,EACR,OAAO,CAAC,GAAG,EACX,KAAK,CACN,CAAA;gBAED,MAAM,IAAA,uBAAS,EAAC,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE;oBACrC,IAAI;oBACJ,IAAI;oBACJ,OAAO;oBACP,QAAQ;oBACR,cAAc;iBACf,CAAC,CAAA;gBAEF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;YAC1B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,8CAAmB,CAAC,IAAI,CAC5B,GAAG,EACH,sCAAsC,CACvC,CAAA;YACH,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAEM,KAAK,CAAC,MAAM,CACjB,IAAgB,EAChB,QAAkB,EAClB,cAA+B;QAE/B,OAAO,IAAA,sBAAY,EAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;YAC7D,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAA;gBAC1D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAC5C,QAAQ,EACR,OAAO,CAAC,GAAG,EACX,IAAI,CAAC,QAAQ,CACd,CAAA;gBAED,MAAM,IAAA,uBAAS,EAAC,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE;oBACrC,IAAI;oBACJ,IAAI;oBACJ,OAAO;oBACP,QAAQ;oBACR,cAAc;iBACf,CAAC,CAAA;gBAEF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;YAC1B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,8CAAmB,CAAC,IAAI,CAC5B,GAAG,EACH,qDAAqD,CACtD,CAAA;YACH,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAEM,KAAK,CAAC,GAAG,CAAC,QAAkB,EAAE,GAAQ;QAC3C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAA;QAC/D,IAAI,MAAM;YAAE,OAAO,MAAM,CAAA;QAEzB,MAAM,IAAI,8CAAmB,CAAC,mBAAmB,CAAC,CAAA;IACpD,CAAC;IAEM,KAAK,CAAC,mBAAmB,CAC9B,QAAkB,EAClB,OAAgB,EAChB,MAAc,EACd,WAAuB;QAEvB,+DAA+D;QAC/D,IAAI,IAAA,qCAAuB,EAAC,MAAM,CAAC,EAAE,CAAC;YAAE,OAAM;QAE9C,MAAM,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,CAAC,CAAA;IACxE,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,QAAkB;QAClC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAA;QAC7D,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAC3D,CAAC;IAEM,KAAK,CAAC,oBAAoB,CAAC,IAA8B;QAC9D,OAAO,IAAA,sBAAY,EAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;YAC7D,MAAM,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAA;QAC7C,CAAC,CAAC,CAAA;IACJ,CAAC;IAEM,KAAK,CAAC,oBAAoB,CAAC,IAA8B;QAC9D,OAAO,IAAA,sBAAY,EAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;YAC7D,MAAM,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAA;QAC7C,CAAC,CAAC,CAAA;IACJ,CAAC;IAEM,KAAK,CAAC,wBAAwB,CAAC,MAAc;QAClD,OAAO,IAAA,sBAAY,EAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;YAC7D,OAAO,IAAI,CAAC,KAAK,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAA;QACpD,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAtMD,wCAsMC"}

package/dist/account/account-store.d.ts

@@ -1,15 +1,19 @@
 import { z } from 'zod';
 import { ClientId } from '../client/client-id.js';
 import { DeviceId } from '../device/device-id.js';
+import { HcaptchaVerifyResult } from '../lib/hcaptcha.js';
 import { Awaitable } from '../lib/util/type.js';
 import { HandleUnavailableError, InvalidRequestError, SecondAuthenticationFactorRequiredError } from '../oauth-errors.js';
 import { Sub } from '../oidc/sub.js';
 import { Account } from './account.js';
+import { SignUpInput } from './sign-up-input.js';
 export declare const oldPasswordSchema: z.ZodString;
 export declare const newPasswordSchema: z.ZodString;
 export declare const tokenSchema: z.ZodString;
-export declare const handleSchema: z.ZodString;
-export declare const emailSchema: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
+export declare const handleSchema: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
+export declare const emailSchema: z.ZodEffects<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, string, string>;
+export declare const inviteCodeSchema: z.ZodString;
+export type InviteCode = z.infer<typeof inviteCodeSchema>;
 export declare const authenticateAccountDataSchema: z.ZodObject<{
     locale: z.ZodString;
     username: z.ZodString;
@@ -29,8 +33,8 @@ export declare const authenticateAccountDataSchema: z.ZodObject<{
 export type AuthenticateAccountData = z.TypeOf<typeof authenticateAccountDataSchema>;
 export declare const createAccountDataSchema: z.ZodObject<{
     locale: z.ZodString;
-    handle: z.ZodString;
-    email: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
+    handle: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
+    email: z.ZodEffects<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, string, string>;
     password: z.ZodIntersection<z.ZodString, z.ZodString>;
     inviteCode: z.ZodOptional<z.ZodString>;
 }, "strict", z.ZodTypeAny, {
@@ -49,7 +53,7 @@ export declare const createAccountDataSchema: z.ZodObject<{
 export type CreateAccountData = z.TypeOf<typeof createAccountDataSchema>;
 export declare const resetPasswordRequestDataSchema: z.ZodObject<{
     locale: z.ZodString;
-    email: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
+    email: z.ZodEffects<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, string, string>;
 }, "strict", z.ZodTypeAny, {
     email: string;
     locale: string;
@@ -79,6 +83,10 @@ export type AccountInfo = {
     account: Account;
     info: DeviceAccountInfo;
 };
+export type SignUpData = SignUpInput & {
+    hcaptchaResult?: HcaptchaVerifyResult;
+    inviteCode?: InviteCode;
+};
 export interface AccountStore {
     /**
      * @throws {HandleUnavailableError} - To indicate that the handle is already taken

package/dist/account/account-store.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"account-store.d.ts","sourceRoot":"","sources":["../../src/account/account-store.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AACvB,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AACjD,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AAEjD,OAAO,EAAE,SAAS,EAAyB,MAAM,qBAAqB,CAAA;AACtE,OAAO,EACL,sBAAsB,EACtB,mBAAmB,EACnB,uCAAuC,EACxC,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAA;AACpC,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AAGtC,eAAO,MAAM,iBAAiB,aAAoB,CAAA;AAClD,eAAO,MAAM,iBAAiB,aAAoB,CAAA;AAClD,eAAO,MAAM,WAAW,aAAgD,CAAA;AACxE,eAAO,MAAM,YAAY,aAIgD,CAAA;AACzE,eAAO,MAAM,WAAW,yEAWpB,CAAA;AAEJ,eAAO,MAAM,6BAA6B;;;;;;;;;;;;;;;EAO/B,CAAA;AAEX,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAC5C,OAAO,6BAA6B,CACrC,CAAA;AAED,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;EAQzB,CAAA;AAEX,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,uBAAuB,CAAC,CAAA;AAExE,eAAO,MAAM,8BAA8B;;;;;;;;;EAKhC,CAAA;AAEX,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,MAAM,CAC7C,OAAO,8BAA8B,CACtC,CAAA;AAED,eAAO,MAAM,8BAA8B;;;;;;;;;EAKhC,CAAA;AAEX,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,MAAM,CAC7C,OAAO,8BAA8B,CACtC,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,UAAU,EAAE,OAAO,CAAA;IACnB,eAAe,EAAE,IAAI,CAAA;IACrB,iBAAiB,EAAE,SAAS,QAAQ,EAAE,CAAA;CACvC,CAAA;AAGD,OAAO,EACL,KAAK,OAAO,EACZ,KAAK,QAAQ,EACb,sBAAsB,EACtB,mBAAmB,EACnB,uCAAuC,EACvC,KAAK,GAAG,GACT,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,EAAE,OAAO,CAAA;IAChB,IAAI,EAAE,iBAAiB,CAAA;CACxB,CAAA;AAED,MAAM,WAAW,YAAY;IAC3B;;;OAGG;IACH,aAAa,CAAC,IAAI,EAAE,iBAAiB,GAAG,SAAS,CAAC,OAAO,CAAC,CAAA;IAE1D;;;OAGG;IACH,mBAAmB,CAAC,IAAI,EAAE,uBAAuB,GAAG,SAAS,CAAC,OAAO,CAAC,CAAA;IAEtE,mBAAmB,CACjB,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,GAAG,EACR,QAAQ,EAAE,QAAQ,GACjB,SAAS,CAAC,IAAI,CAAC,CAAA;IAElB;;;OAGG;IACH,gBAAgB,CACd,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,GAAG,EACR,QAAQ,EAAE,OAAO,GAChB,SAAS,CAAC,iBAAiB,CAAC,CAAA;IAE/B;;OAEG;IACH,gBAAgB,CAAC,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,GAAG,SAAS,CAAC,WAAW,GAAG,IAAI,CAAC,CAAA;IAC7E,mBAAmB,CAAC,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,CAAA;IAElE;;;OAGG;IACH,kBAAkB,CAAC,QAAQ,EAAE,QAAQ,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC,CAAA;IAEhE,oBAAoB,CAAC,IAAI,EAAE,wBAAwB,GAAG,SAAS,CAAC,IAAI,CAAC,CAAA;IACrE,oBAAoB,CAAC,IAAI,EAAE,wBAAwB,GAAG,SAAS,CAAC,IAAI,CAAC,CAAA;IAErE;;OAEG;IACH,wBAAwB,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,CAAA;CAC1D;AAED,eAAO,MAAM,cAAc,yHAWzB,CAAA;AAEF,wBAAgB,cAAc,CAAC,CAAC,EAAE,cAAc,EAAE,CAAC,GAAG,CAAC,GAAG,YAAY,CAKrE"}
+{"version":3,"file":"account-store.d.ts","sourceRoot":"","sources":["../../src/account/account-store.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AACjD,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAA;AACjD,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAA;AAEzD,OAAO,EAAE,SAAS,EAAyB,MAAM,qBAAqB,CAAA;AACtE,OAAO,EACL,sBAAsB,EACtB,mBAAmB,EACnB,uCAAuC,EACxC,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAA;AACpC,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAGhD,eAAO,MAAM,iBAAiB,aAAoB,CAAA;AAClD,eAAO,MAAM,iBAAiB,aAAoB,CAAA;AAClD,eAAO,MAAM,WAAW,aAEqC,CAAA;AAC7D,eAAO,MAAM,YAAY,yEAcI,CAAA;AAC7B,eAAO,MAAM,WAAW,uGAYoB,CAAA;AAC5C,eAAO,MAAM,gBAAgB,aAAoB,CAAA;AACjD,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAA;AAEzD,eAAO,MAAM,6BAA6B;;;;;;;;;;;;;;;EAO/B,CAAA;AAEX,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAC5C,OAAO,6BAA6B,CACrC,CAAA;AAED,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;EAQzB,CAAA;AAEX,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,uBAAuB,CAAC,CAAA;AAExE,eAAO,MAAM,8BAA8B;;;;;;;;;EAKhC,CAAA;AAEX,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,MAAM,CAC7C,OAAO,8BAA8B,CACtC,CAAA;AAED,eAAO,MAAM,8BAA8B;;;;;;;;;EAKhC,CAAA;AAEX,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,MAAM,CAC7C,OAAO,8BAA8B,CACtC,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,UAAU,EAAE,OAAO,CAAA;IACnB,eAAe,EAAE,IAAI,CAAA;IACrB,iBAAiB,EAAE,SAAS,QAAQ,EAAE,CAAA;CACvC,CAAA;AAGD,OAAO,EACL,KAAK,OAAO,EACZ,KAAK,QAAQ,EACb,sBAAsB,EACtB,mBAAmB,EACnB,uCAAuC,EACvC,KAAK,GAAG,GACT,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,EAAE,OAAO,CAAA;IAChB,IAAI,EAAE,iBAAiB,CAAA;CACxB,CAAA;AAED,MAAM,MAAM,UAAU,GAAG,WAAW,GAAG;IACrC,cAAc,CAAC,EAAE,oBAAoB,CAAA;IACrC,UAAU,CAAC,EAAE,UAAU,CAAA;CACxB,CAAA;AAED,MAAM,WAAW,YAAY;IAC3B;;;OAGG;IACH,aAAa,CAAC,IAAI,EAAE,iBAAiB,GAAG,SAAS,CAAC,OAAO,CAAC,CAAA;IAE1D;;;OAGG;IACH,mBAAmB,CAAC,IAAI,EAAE,uBAAuB,GAAG,SAAS,CAAC,OAAO,CAAC,CAAA;IAEtE,mBAAmB,CACjB,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,GAAG,EACR,QAAQ,EAAE,QAAQ,GACjB,SAAS,CAAC,IAAI,CAAC,CAAA;IAElB;;;OAGG;IACH,gBAAgB,CACd,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,GAAG,EACR,QAAQ,EAAE,OAAO,GAChB,SAAS,CAAC,iBAAiB,CAAC,CAAA;IAE/B;;OAEG;IACH,gBAAgB,CAAC,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,GAAG,SAAS,CAAC,WAAW,GAAG,IAAI,CAAC,CAAA;IAC7E,mBAAmB,CAAC,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,CAAA;IAElE;;;OAGG;IACH,kBAAkB,CAAC,QAAQ,EAAE,QAAQ,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC,CAAA;IAEhE,oBAAoB,CAAC,IAAI,EAAE,wBAAwB,GAAG,SAAS,CAAC,IAAI,CAAC,CAAA;IACrE,oBAAoB,CAAC,IAAI,EAAE,wBAAwB,GAAG,SAAS,CAAC,IAAI,CAAC,CAAA;IAErE;;OAEG;IACH,wBAAwB,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,CAAA;CAC1D;AAED,eAAO,MAAM,cAAc,yHAWzB,CAAA;AAEF,wBAAgB,cAAc,CAAC,CAAC,EAAE,cAAc,EAAE,CAAC,GAAG,CAAC,GAAG,YAAY,CAKrE"}

package/dist/account/account-store.js

@@ -1,10 +1,11 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isAccountStore = exports.SecondAuthenticationFactorRequiredError = exports.InvalidRequestError = exports.HandleUnavailableError = exports.resetPasswordConfirmDataSchema = exports.resetPasswordRequestDataSchema = exports.createAccountDataSchema = exports.authenticateAccountDataSchema = exports.emailSchema = exports.handleSchema = exports.tokenSchema = exports.newPasswordSchema = exports.oldPasswordSchema = void 0;
+exports.isAccountStore = exports.SecondAuthenticationFactorRequiredError = exports.InvalidRequestError = exports.HandleUnavailableError = exports.resetPasswordConfirmDataSchema = exports.resetPasswordRequestDataSchema = exports.createAccountDataSchema = exports.authenticateAccountDataSchema = exports.inviteCodeSchema = exports.emailSchema = exports.handleSchema = exports.tokenSchema = exports.newPasswordSchema = exports.oldPasswordSchema = void 0;
 exports.asAccountStore = asAccountStore;
 const address_1 = require("@hapi/address");
 const disposable_email_domains_js_1 = require("disposable-email-domains-js");
 const zod_1 = require("zod");
+const syntax_1 = require("@atproto/syntax");
 const locale_js_1 = require("../lib/locale.js");
 const type_js_1 = require("../lib/util/type.js");
 const oauth_errors_js_1 = require("../oauth-errors.js");
@@ -14,12 +15,25 @@ Object.defineProperty(exports, "SecondAuthenticationFactorRequiredError", { enum
 // @NOTE Change the length here to force stronger passwords (through a reset)
 exports.oldPasswordSchema = zod_1.z.string().min(1);
 exports.newPasswordSchema = zod_1.z.string().min(8);
-exports.tokenSchema = zod_1.z.string().regex(/^[A-Z2-7]{5}-[A-Z2-7]{5}$/);
+exports.tokenSchema = zod_1.z
+    .string()
+    .regex(/^[A-Z2-7]{5}-[A-Z2-7]{5}$/, 'Invalid token format');
 exports.handleSchema = zod_1.z
     .string()
-    .min(3)
-    .max(30)
-    .regex(/^[a-z0-9][a-z0-9-]+[a-z0-9](?:\.[a-z0-9][a-z0-9-]+[a-z0-9])+$/);
+    // @NOTE: We only check against validity towards ATProto's syntax. Additional
+    // rules may be imposed by the store implementation.
+    .superRefine((value, ctx) => {
+    try {
+        (0, syntax_1.ensureValidHandle)(value);
+    }
+    catch (err) {
+        ctx.addIssue({
+            code: zod_1.z.ZodIssueCode.custom,
+            message: err instanceof Error ? err.message : 'Invalid handle',
+        });
+    }
+})
+    .transform(syntax_1.normalizeHandle);
 exports.emailSchema = zod_1.z
     .string()
     .email()
@@ -31,13 +45,15 @@ exports.emailSchema = zod_1.z
 })
     .refine((email) => !(0, disposable_email_domains_js_1.isDisposableEmail)(email), {
     message: 'Disposable email addresses are not allowed',
-});
+})
+    .transform((value) => value.toLowerCase());
+exports.inviteCodeSchema = zod_1.z.string().min(1);
 exports.authenticateAccountDataSchema = zod_1.z
     .object({
     locale: locale_js_1.localeSchema,
     username: zod_1.z.string(),
     password: exports.oldPasswordSchema,
-    emailOtp: zod_1.z.string().optional(),
+    emailOtp: exports.tokenSchema.optional(),
 })
     .strict();
 exports.createAccountDataSchema = zod_1.z
@@ -46,7 +62,7 @@ exports.createAccountDataSchema = zod_1.z
     handle: exports.handleSchema,
     email: exports.emailSchema,
     password: zod_1.z.intersection(exports.oldPasswordSchema, exports.newPasswordSchema),
-    inviteCode: exports.tokenSchema.optional(),
+    inviteCode: exports.inviteCodeSchema.optional(),
 })
     .strict();
 exports.resetPasswordRequestDataSchema = zod_1.z

package/dist/account/account-store.js.map

@@ -1 +1 @@
-{"version":3,"file":"account-store.js","sourceRoot":"","sources":["../../src/account/account-store.ts"],"names":[],"mappings":";;;AAwKA,wCAKC;AA7KD,2CAA4C;AAC5C,6EAA+D;AAC/D,6BAAuB;AAGvB,gDAA+C;AAC/C,iDAAsE;AACtE,wDAI2B;AAmFzB,uGAtFA,wCAAsB,OAsFA;AACtB,oGAtFA,qCAAmB,OAsFA;AACnB,wHAtFA,yDAAuC,OAsFA;AAjFzC,6EAA6E;AAChE,QAAA,iBAAiB,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;AACrC,QAAA,iBAAiB,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;AACrC,QAAA,WAAW,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAA;AAC3D,QAAA,YAAY,GAAG,OAAC;KAC1B,MAAM,EAAE;KACR,GAAG,CAAC,CAAC,CAAC;KACN,GAAG,CAAC,EAAE,CAAC;KACP,KAAK,CAAC,+DAA+D,CAAC,CAAA;AAC5D,QAAA,WAAW,GAAG,OAAC;KACzB,MAAM,EAAE;KACR,KAAK,EAAE;IACR,6EAA6E;IAC7E,uEAAuE;IACvE,UAAU;KACT,MAAM,CAAC,sBAAY,EAAE;IACpB,OAAO,EAAE,uBAAuB;CACjC,CAAC;KACD,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,IAAA,+CAAiB,EAAC,KAAK,CAAC,EAAE;IAC5C,OAAO,EAAE,4CAA4C;CACtD,CAAC,CAAA;AAES,QAAA,6BAA6B,GAAG,OAAC;KAC3C,MAAM,CAAC;IACN,MAAM,EAAE,wBAAY;IACpB,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE;IACpB,QAAQ,EAAE,yBAAiB;IAC3B,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAChC,CAAC;KACD,MAAM,EAAE,CAAA;AAME,QAAA,uBAAuB,GAAG,OAAC;KACrC,MAAM,CAAC;IACN,MAAM,EAAE,wBAAY;IACpB,MAAM,EAAE,oBAAY;IACpB,KAAK,EAAE,mBAAW;IAClB,QAAQ,EAAE,OAAC,CAAC,YAAY,CAAC,yBAAiB,EAAE,yBAAiB,CAAC;IAC9D,UAAU,EAAE,mBAAW,CAAC,QAAQ,EAAE;CACnC,CAAC;KACD,MAAM,EAAE,CAAA;AAIE,QAAA,8BAA8B,GAAG,OAAC;KAC5C,MAAM,CAAC;IACN,MAAM,EAAE,wBAAY;IACpB,KAAK,EAAE,mBAAW;CACnB,CAAC;KACD,MAAM,EAAE,CAAA;AAME,QAAA,8BAA8B,GAAG,OAAC;KAC5C,MAAM,CAAC;IACN,KAAK,EAAE,mBAAW;IAClB,QAAQ,EAAE,OAAC,CAAC,YAAY,CAAC,yBAAiB,EAAE,yBAAiB,CAAC;CAC/D,CAAC;KACD,MAAM,EAAE,CAAA;AA6EE,QAAA,cAAc,GAAG,IAAA,+BAAqB,EAAe;IAChE,eAAe;IACf,qBAAqB;IACrB,qBAAqB;IACrB,kBAAkB;IAClB,kBAAkB;IAClB,qBAAqB;IACrB,oBAAoB;IACpB,sBAAsB;IACtB,sBAAsB;IACtB,0BAA0B;CAC3B,CAAC,CAAA;AAEF,SAAgB,cAAc,CAAI,cAAiB;IACjD,IAAI,CAAC,cAAc,IAAI,CAAC,IAAA,sBAAc,EAAC,cAAc,CAAC,EAAE,CAAC;QACvD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;IACxD,CAAC;IACD,OAAO,cAAc,CAAA;AACvB,CAAC"}
+{"version":3,"file":"account-store.js","sourceRoot":"","sources":["../../src/account/account-store.ts"],"names":[],"mappings":";;;AA+LA,wCAKC;AApMD,2CAA4C;AAC5C,6EAA+D;AAC/D,6BAAuB;AACvB,4CAAoE;AAIpE,gDAA+C;AAC/C,iDAAsE;AACtE,wDAI2B;AAmGzB,uGAtGA,wCAAsB,OAsGA;AACtB,oGAtGA,qCAAmB,OAsGA;AACnB,wHAtGA,yDAAuC,OAsGA;AAhGzC,6EAA6E;AAChE,QAAA,iBAAiB,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;AACrC,QAAA,iBAAiB,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;AACrC,QAAA,WAAW,GAAG,OAAC;KACzB,MAAM,EAAE;KACR,KAAK,CAAC,2BAA2B,EAAE,sBAAsB,CAAC,CAAA;AAChD,QAAA,YAAY,GAAG,OAAC;KAC1B,MAAM,EAAE;IACT,6EAA6E;IAC7E,oDAAoD;KACnD,WAAW,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;IAC1B,IAAI,CAAC;QACH,IAAA,0BAAiB,EAAC,KAAK,CAAC,CAAA;IAC1B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,QAAQ,CAAC;YACX,IAAI,EAAE,OAAC,CAAC,YAAY,CAAC,MAAM;YAC3B,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,gBAAgB;SAC/D,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC;KACD,SAAS,CAAC,wBAAe,CAAC,CAAA;AAChB,QAAA,WAAW,GAAG,OAAC;KACzB,MAAM,EAAE;KACR,KAAK,EAAE;IACR,6EAA6E;IAC7E,uEAAuE;IACvE,UAAU;KACT,MAAM,CAAC,sBAAY,EAAE;IACpB,OAAO,EAAE,uBAAuB;CACjC,CAAC;KACD,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,IAAA,+CAAiB,EAAC,KAAK,CAAC,EAAE;IAC5C,OAAO,EAAE,4CAA4C;CACtD,CAAC;KACD,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAA;AAC/B,QAAA,gBAAgB,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;AAGpC,QAAA,6BAA6B,GAAG,OAAC;KAC3C,MAAM,CAAC;IACN,MAAM,EAAE,wBAAY;IACpB,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE;IACpB,QAAQ,EAAE,yBAAiB;IAC3B,QAAQ,EAAE,mBAAW,CAAC,QAAQ,EAAE;CACjC,CAAC;KACD,MAAM,EAAE,CAAA;AAME,QAAA,uBAAuB,GAAG,OAAC;KACrC,MAAM,CAAC;IACN,MAAM,EAAE,wBAAY;IACpB,MAAM,EAAE,oBAAY;IACpB,KAAK,EAAE,mBAAW;IAClB,QAAQ,EAAE,OAAC,CAAC,YAAY,CAAC,yBAAiB,EAAE,yBAAiB,CAAC;IAC9D,UAAU,EAAE,wBAAgB,CAAC,QAAQ,EAAE;CACxC,CAAC;KACD,MAAM,EAAE,CAAA;AAIE,QAAA,8BAA8B,GAAG,OAAC;KAC5C,MAAM,CAAC;IACN,MAAM,EAAE,wBAAY;IACpB,KAAK,EAAE,mBAAW;CACnB,CAAC;KACD,MAAM,EAAE,CAAA;AAME,QAAA,8BAA8B,GAAG,OAAC;KAC5C,MAAM,CAAC;IACN,KAAK,EAAE,mBAAW;IAClB,QAAQ,EAAE,OAAC,CAAC,YAAY,CAAC,yBAAiB,EAAE,yBAAiB,CAAC;CAC/D,CAAC;KACD,MAAM,EAAE,CAAA;AAkFE,QAAA,cAAc,GAAG,IAAA,+BAAqB,EAAe;IAChE,eAAe;IACf,qBAAqB;IACrB,qBAAqB;IACrB,kBAAkB;IAClB,kBAAkB;IAClB,qBAAqB;IACrB,oBAAoB;IACpB,sBAAsB;IACtB,sBAAsB;IACtB,0BAA0B;CAC3B,CAAC,CAAA;AAEF,SAAgB,cAAc,CAAI,cAAiB;IACjD,IAAI,CAAC,cAAc,IAAI,CAAC,IAAA,sBAAc,EAAC,cAAc,CAAC,EAAE,CAAC;QACvD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;IACxD,CAAC;IACD,OAAO,cAAc,CAAA;AACvB,CAAC"}

package/dist/account/account.d.ts

@@ -1,12 +1,2 @@
-import { Simplify } from '../lib/util/type.js';
-import { Sub } from '../oidc/sub.js';
-export type Account = Simplify<{
-    sub: Sub;
-    aud: string | [string, ...string[]];
-    preferred_username?: string;
-    email?: string;
-    email_verified?: boolean;
-    picture?: string;
-    name?: string;
-}>;
+export type { Account } from '@atproto/oauth-provider-api';
 //# sourceMappingURL=account.d.ts.map

package/dist/account/account.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"account.d.ts","sourceRoot":"","sources":["../../src/account/account.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA;AAC9C,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAA;AAEpC,MAAM,MAAM,OAAO,GAAG,QAAQ,CAAC;IAC7B,GAAG,EAAE,GAAG,CAAA;IACR,GAAG,EAAE,MAAM,GAAG,CAAC,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC,CAAA;IAGnC,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,IAAI,CAAC,EAAE,MAAM,CAAA;CACd,CAAC,CAAA"}
+{"version":3,"file":"account.d.ts","sourceRoot":"","sources":["../../src/account/account.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,OAAO,EAAE,MAAM,6BAA6B,CAAA"}

package/dist/account/{sign-up-data.d.ts → sign-up-input.d.ts}

@@ -1,8 +1,8 @@
 import { z } from 'zod';
-export declare const signUpDataSchema: z.ZodObject<z.objectUtil.extendShape<{
+export declare const signUpInputSchema: z.ZodObject<z.objectUtil.extendShape<{
     locale: z.ZodString;
-    handle: z.ZodString;
-    email: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
+    handle: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
+    email: z.ZodEffects<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, string, string>;
     password: z.ZodIntersection<z.ZodString, z.ZodString>;
     inviteCode: z.ZodOptional<z.ZodString>;
 }, {
@@ -22,5 +22,5 @@ export declare const signUpDataSchema: z.ZodObject<z.objectUtil.extendShape<{
     inviteCode?: string | undefined;
     hcaptchaToken?: string | undefined;
 }>;
-export type SignUpData = z.TypeOf<typeof signUpDataSchema>;
-//# sourceMappingURL=sign-up-data.d.ts.map
+export type SignUpInput = z.TypeOf<typeof signUpInputSchema>;
+//# sourceMappingURL=sign-up-input.d.ts.map

package/dist/account/sign-up-input.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sign-up-input.d.ts","sourceRoot":"","sources":["../../src/account/sign-up-input.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAIvB,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;EAInB,CAAA;AAEX,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,iBAAiB,CAAC,CAAA"}

package/dist/account/{sign-up-data.js → sign-up-input.js}

@@ -1,11 +1,11 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.signUpDataSchema = void 0;
+exports.signUpInputSchema = void 0;
 const hcaptcha_js_1 = require("../lib/hcaptcha.js");
 const account_store_js_1 = require("./account-store.js");
-exports.signUpDataSchema = account_store_js_1.createAccountDataSchema
+exports.signUpInputSchema = account_store_js_1.createAccountDataSchema
     .extend({
     hcaptchaToken: hcaptcha_js_1.hcaptchaTokenSchema.optional(),
 })
     .strict();
-//# sourceMappingURL=sign-up-data.js.map
+//# sourceMappingURL=sign-up-input.js.map

package/dist/account/sign-up-input.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sign-up-input.js","sourceRoot":"","sources":["../../src/account/sign-up-input.ts"],"names":[],"mappings":";;;AACA,oDAAwD;AACxD,yDAA4D;AAE/C,QAAA,iBAAiB,GAAG,0CAAuB;KACrD,MAAM,CAAC;IACN,aAAa,EAAE,iCAAmB,CAAC,QAAQ,EAAE;CAC9C,CAAC;KACD,MAAM,EAAE,CAAA"}

package/dist/assets/assets-middleware.d.ts

@@ -1,3 +1,5 @@
 import { Middleware } from '../lib/http/index.js';
+export declare const ASSETS_URL_PREFIX = "/@atproto/oauth-provider/~assets/";
+export declare function buildAssetUrl(filename: string): string;
 export declare function authorizeAssetsMiddleware(): Middleware;
 //# sourceMappingURL=assets-middleware.d.ts.map

package/dist/assets/assets-middleware.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"assets-middleware.d.ts","sourceRoot":"","sources":["../../src/assets/assets-middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,UAAU,EAIX,MAAM,sBAAsB,CAAA;AAI7B,wBAAgB,yBAAyB,IAAI,UAAU,CAwCtD"}
+{"version":3,"file":"assets-middleware.d.ts","sourceRoot":"","sources":["../../src/assets/assets-middleware.ts"],"names":[],"mappings":"AACA,OAAO,EACL,UAAU,EAIX,MAAM,sBAAsB,CAAA;AAE7B,eAAO,MAAM,iBAAiB,sCAAsC,CAAA;AAEpE,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAEtD;AAED,wBAAgB,yBAAyB,IAAI,UAAU,CA6BtD"}

package/dist/assets/assets-middleware.js

@@ -1,28 +1,26 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.ASSETS_URL_PREFIX = void 0;
+exports.buildAssetUrl = buildAssetUrl;
 exports.authorizeAssetsMiddleware = authorizeAssetsMiddleware;
+const oauth_provider_ui_1 = require("@atproto/oauth-provider-ui");
 const index_js_1 = require("../lib/http/index.js");
-const index_js_2 = require("./index.js");
+exports.ASSETS_URL_PREFIX = '/@atproto/oauth-provider/~assets/';
+function buildAssetUrl(filename) {
+    return `${exports.ASSETS_URL_PREFIX}${encodeURIComponent(filename)}`;
+}
 function authorizeAssetsMiddleware() {
     return async function assetsMiddleware(req, res, next) {
         if (req.method !== 'GET' && req.method !== 'HEAD')
             return next();
-        if (!req.url?.startsWith(index_js_2.ASSETS_URL_PREFIX))
-            return next();
-        const [pathname, query] = req.url.split('?', 2);
-        if (query)
+        if (!req.url?.startsWith(exports.ASSETS_URL_PREFIX))
             return next();
-        const filename = pathname.slice(index_js_2.ASSETS_URL_PREFIX.length);
+        const filename = req.url.slice(exports.ASSETS_URL_PREFIX.length);
         if (!filename)
             return next();
-        let asset;
-        try {
-            asset = (0, index_js_2.getAsset)(filename);
-        }
-        catch {
-            // Filename not found or not valid
+        const asset = oauth_provider_ui_1.assets.get(filename);
+        if (!asset)
             return next();
-        }
         try {
             // Allow "null" (ie. no header) to allow loading assets outside of a
             // fetch context (not from a web page).
@@ -37,7 +35,7 @@ function authorizeAssetsMiddleware() {
         }
         res.setHeader('ETag', asset.sha256);
         res.setHeader('Cache-Control', 'public, max-age=31536000, immutable');
-        (0, index_js_1.writeStream)(res, asset.createStream(), { contentType: asset.type });
+        (0, index_js_1.writeStream)(res, asset.stream(), { contentType: asset.mime });
     };
 }
 //# sourceMappingURL=assets-middleware.js.map

package/dist/assets/assets-middleware.js.map

@@ -1 +1 @@
-{"version":3,"file":"assets-middleware.js","sourceRoot":"","sources":["../../src/assets/assets-middleware.ts"],"names":[],"mappings":";;AASA,8DAwCC;AAjDD,mDAK6B;AAE7B,yCAAwD;AAExD,SAAgB,yBAAyB;IACvC,OAAO,KAAK,UAAU,gBAAgB,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI;QACnD,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM;YAAE,OAAO,IAAI,EAAE,CAAA;QAChE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC,4BAAiB,CAAC;YAAE,OAAO,IAAI,EAAE,CAAA;QAE1D,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAG7C,CAAA;QACD,IAAI,KAAK;YAAE,OAAO,IAAI,EAAE,CAAA;QAExB,MAAM,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,4BAAiB,CAAC,MAAM,CAAC,CAAA;QACzD,IAAI,CAAC,QAAQ;YAAE,OAAO,IAAI,EAAE,CAAA;QAE5B,IAAI,KAAY,CAAA;QAChB,IAAI,CAAC;YACH,KAAK,GAAG,IAAA,mBAAQ,EAAC,QAAQ,CAAC,CAAA;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,kCAAkC;YAClC,OAAO,IAAI,EAAE,CAAA;QACf,CAAC;QAED,IAAI,CAAC;YACH,oEAAoE;YACpE,uCAAuC;YACvC,IAAA,4BAAiB,EAAC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC,CAAA;YACxE,IAAA,4BAAiB,EAAC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAA;QACpE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,IAAI,CAAC,GAAG,CAAC,CAAA;QAClB,CAAC;QAED,IAAI,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,KAAK,CAAC,MAAM,EAAE,CAAC;YAClD,OAAO,KAAK,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAA;QACtC,CAAC;QAED,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC,CAAA;QACnC,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,qCAAqC,CAAC,CAAA;QAErE,IAAA,sBAAW,EAAC,GAAG,EAAE,KAAK,CAAC,YAAY,EAAE,EAAE,EAAE,WAAW,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC,CAAA;IACrE,CAAC,CAAA;AACH,CAAC"}
+{"version":3,"file":"assets-middleware.js","sourceRoot":"","sources":["../../src/assets/assets-middleware.ts"],"names":[],"mappings":";;;AAUA,sCAEC;AAED,8DA6BC;AA3CD,kEAAmD;AACnD,mDAK6B;AAEhB,QAAA,iBAAiB,GAAG,mCAAmC,CAAA;AAEpE,SAAgB,aAAa,CAAC,QAAgB;IAC5C,OAAO,GAAG,yBAAiB,GAAG,kBAAkB,CAAC,QAAQ,CAAC,EAAE,CAAA;AAC9D,CAAC;AAED,SAAgB,yBAAyB;IACvC,OAAO,KAAK,UAAU,gBAAgB,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI;QACnD,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM;YAAE,OAAO,IAAI,EAAE,CAAA;QAChE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC,yBAAiB,CAAC;YAAE,OAAO,IAAI,EAAE,CAAA;QAE1D,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,yBAAiB,CAAC,MAAM,CAAC,CAAA;QACxD,IAAI,CAAC,QAAQ;YAAE,OAAO,IAAI,EAAE,CAAA;QAE5B,MAAM,KAAK,GAAG,0BAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;QAClC,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,EAAE,CAAA;QAEzB,IAAI,CAAC;YACH,oEAAoE;YACpE,uCAAuC;YACvC,IAAA,4BAAiB,EAAC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC,CAAA;YACxE,IAAA,4BAAiB,EAAC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAA;QACpE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,IAAI,CAAC,GAAG,CAAC,CAAA;QAClB,CAAC;QAED,IAAI,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,KAAK,CAAC,MAAM,EAAE,CAAC;YAClD,OAAO,KAAK,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAA;QACtC,CAAC;QAED,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC,CAAA;QACnC,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,qCAAqC,CAAC,CAAA;QAErE,IAAA,sBAAW,EAAC,GAAG,EAAE,KAAK,CAAC,MAAM,EAAE,EAAE,EAAE,WAAW,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC,CAAA;IAC/D,CAAC,CAAA;AACH,CAAC"}

package/dist/errors/invalid-invite-code-error.d.ts

@@ -0,0 +1,5 @@
+import { InvalidRequestError } from './invalid-request-error';
+export declare class InvalidInviteCodeError extends InvalidRequestError {
+    constructor(details?: string, cause?: unknown);
+}
+//# sourceMappingURL=invalid-invite-code-error.d.ts.map

package/dist/errors/invalid-invite-code-error.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"invalid-invite-code-error.d.ts","sourceRoot":"","sources":["../../src/errors/invalid-invite-code-error.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAA;AAE7D,qBAAa,sBAAuB,SAAQ,mBAAmB;gBACjD,OAAO,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,OAAO;CAM9C"}

package/dist/errors/invalid-invite-code-error.js

@@ -0,0 +1,11 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.InvalidInviteCodeError = void 0;
+const invalid_request_error_1 = require("./invalid-request-error");
+class InvalidInviteCodeError extends invalid_request_error_1.InvalidRequestError {
+    constructor(details, cause) {
+        super('This invite code is invalid.' + (details ? ` ${details}` : ''), cause);
+    }
+}
+exports.InvalidInviteCodeError = InvalidInviteCodeError;
+//# sourceMappingURL=invalid-invite-code-error.js.map

package/dist/errors/invalid-invite-code-error.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"invalid-invite-code-error.js","sourceRoot":"","sources":["../../src/errors/invalid-invite-code-error.ts"],"names":[],"mappings":";;;AAAA,mEAA6D;AAE7D,MAAa,sBAAuB,SAAQ,2CAAmB;IAC7D,YAAY,OAAgB,EAAE,KAAe;QAC3C,KAAK,CACH,8BAA8B,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAC/D,KAAK,CACN,CAAA;IACH,CAAC;CACF;AAPD,wDAOC"}

package/dist/errors/oauth-error.d.ts

@@ -6,8 +6,8 @@ export declare class OAuthError extends Error {
     constructor(error: string, error_description: string, status?: number, cause?: unknown);
     get statusCode(): number;
     toJSON(): {
-        readonly error: string;
-        readonly error_description: string;
+        error: string;
+        error_description: string;
     };
 }
 //# sourceMappingURL=oauth-error.d.ts.map

package/dist/errors/oauth-error.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-error.js","sourceRoot":"","sources":["../../src/errors/oauth-error.ts"],"names":[],"mappings":";;;AAAA,MAAa,UAAW,SAAQ,KAAK;IAIjB;IACA;IACA;IALX,MAAM,CAAS;IAEtB,YACkB,KAAa,EACb,iBAAyB,EACzB,SAAS,GAAG,EAC5B,KAAe;QAEf,KAAK,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;QALnB,UAAK,GAAL,KAAK,CAAQ;QACb,sBAAiB,GAAjB,iBAAiB,CAAQ;QACzB,WAAM,GAAN,MAAM,CAAM;QAK5B,KAAK,CAAC,iBAAiB,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,WAAW,CAAC,CAAA;QAEjD,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAA;QACjC,IAAI,CAAC,MAAM,GAAG,MAAM,GAAG,GAAG,CAAA;IAC5B,CAAC;IAED,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAED,MAAM;QACJ,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;SACjC,CAAA;IACZ,CAAC;CACF;AA3BD,gCA2BC"}
+{"version":3,"file":"oauth-error.js","sourceRoot":"","sources":["../../src/errors/oauth-error.ts"],"names":[],"mappings":";;;AAAA,MAAa,UAAW,SAAQ,KAAK;IAIjB;IACA;IACA;IALX,MAAM,CAAS;IAEtB,YACkB,KAAa,EACb,iBAAyB,EACzB,SAAS,GAAG,EAC5B,KAAe;QAEf,KAAK,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;QALnB,UAAK,GAAL,KAAK,CAAQ;QACb,sBAAiB,GAAjB,iBAAiB,CAAQ;QACzB,WAAM,GAAN,MAAM,CAAM;QAK5B,KAAK,CAAC,iBAAiB,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,WAAW,CAAC,CAAA;QAEjD,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAA;QACjC,IAAI,CAAC,MAAM,GAAG,MAAM,GAAG,GAAG,CAAA;IAC5B,CAAC;IAED,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAED,MAAM;QACJ,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;SAC1C,CAAA;IACH,CAAC;CACF;AA3BD,gCA2BC"}

package/dist/lib/csp/index.d.ts

@@ -1,5 +1,5 @@
-import { Simplify } from '../util/type.js';
-export type CspValue = `data:` | `https:${string}` | `'none'` | `'self'` | `'sha256-${string}'` | `'nonce-${string}'` | `'unsafe-inline'` | `'unsafe-eval'` | `'strict-dynamic'` | `'report-sample'` | `'unsafe-hashes'`;
+import { CombinedTuple, Simplify } from '../util/type.js';
+export type CspValue = `data:` | `http:${string}` | `https:${string}` | `'none'` | `'self'` | `'sha256-${string}'` | `'nonce-${string}'` | `'unsafe-inline'` | `'unsafe-eval'` | `'strict-dynamic'` | `'report-sample'` | `'unsafe-hashes'`;
 declare const STRING_DIRECTIVES: readonly ["base-uri"];
 declare const BOOLEAN_DIRECTIVES: readonly ["upgrade-insecure-requests", "block-all-mixed-content"];
 declare const ARRAY_DIRECTIVES: readonly ["connect-src", "default-src", "form-action", "frame-ancestors", "frame-src", "img-src", "script-src", "style-src"];
@@ -8,11 +8,10 @@ export type CspConfig = Simplify<{
 } & {
     [K in (typeof STRING_DIRECTIVES)[number]]?: CspValue;
 } & {
-    [K in (typeof ARRAY_DIRECTIVES)[number]]?: readonly CspValue[];
+    [K in (typeof ARRAY_DIRECTIVES)[number]]?: Iterable<CspValue>;
 }>;
 export declare function buildCsp(config: CspConfig): string;
-export declare function mergeCsp(a: CspConfig, b?: CspConfig): CspConfig;
-export declare function mergeCsp(a: CspConfig | undefined, b: CspConfig): CspConfig;
-export declare function mergeCsp(a?: CspConfig, b?: CspConfig): CspConfig | undefined;
+export declare function mergeCsp<C extends (CspConfig | null | undefined)[]>(...configs: C): CombinedTuple<C>;
+export declare function combineCsp(a: CspConfig, b: CspConfig): CspConfig;
 export {};
 //# sourceMappingURL=index.d.ts.map

package/dist/lib/csp/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/lib/csp/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAA;AAE1C,MAAM,MAAM,QAAQ,GAChB,OAAO,GACP,SAAS,MAAM,EAAE,GACjB,QAAQ,GACR,QAAQ,GACR,WAAW,MAAM,GAAG,GACpB,UAAU,MAAM,GAAG,GACnB,iBAAiB,GACjB,eAAe,GACf,kBAAkB,GAClB,iBAAiB,GACjB,iBAAiB,CAAA;AAErB,QAAA,MAAM,iBAAiB,uBAAwB,CAAA;AAC/C,QAAA,MAAM,kBAAkB,mEAGd,CAAA;AACV,QAAA,MAAM,gBAAgB,8HASZ,CAAA;AAEV,MAAM,MAAM,SAAS,GAAG,QAAQ,CAC9B;KACG,CAAC,IAAI,CAAC,OAAO,kBAAkB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO;CACrD,GAAG;KACD,CAAC,IAAI,CAAC,OAAO,iBAAiB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,QAAQ;CACrD,GAAG;KACD,CAAC,IAAI,CAAC,OAAO,gBAAgB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,SAAS,QAAQ,EAAE;CAC/D,CACF,CAAA;AAID,wBAAgB,QAAQ,CAAC,MAAM,EAAE,SAAS,GAAG,MAAM,CAgBlD;AAED,wBAAgB,QAAQ,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;AAChE,wBAAgB,QAAQ,CAAC,CAAC,EAAE,SAAS,GAAG,SAAS,EAAE,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;AAC3E,wBAAgB,QAAQ,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,EAAE,SAAS,GAAG,SAAS,GAAG,SAAS,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/lib/csp/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAA;AAEzD,MAAM,MAAM,QAAQ,GAChB,OAAO,GACP,QAAQ,MAAM,EAAE,GAChB,SAAS,MAAM,EAAE,GACjB,QAAQ,GACR,QAAQ,GACR,WAAW,MAAM,GAAG,GACpB,UAAU,MAAM,GAAG,GACnB,iBAAiB,GACjB,eAAe,GACf,kBAAkB,GAClB,iBAAiB,GACjB,iBAAiB,CAAA;AAErB,QAAA,MAAM,iBAAiB,uBAAwB,CAAA;AAC/C,QAAA,MAAM,kBAAkB,mEAGd,CAAA;AACV,QAAA,MAAM,gBAAgB,8HASZ,CAAA;AAEV,MAAM,MAAM,SAAS,GAAG,QAAQ,CAC9B;KACG,CAAC,IAAI,CAAC,OAAO,kBAAkB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO;CACrD,GAAG;KACD,CAAC,IAAI,CAAC,OAAO,iBAAiB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,QAAQ;CACrD,GAAG;KACD,CAAC,IAAI,CAAC,OAAO,gBAAgB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,QAAQ,CAAC;CAC9D,CACF,CAAA;AAID,wBAAgB,QAAQ,CAAC,MAAM,EAAE,SAAS,GAAG,MAAM,CAkBlD;AAED,wBAAgB,QAAQ,CAAC,CAAC,SAAS,CAAC,SAAS,GAAG,IAAI,GAAG,SAAS,CAAC,EAAE,EACjE,GAAG,OAAO,EAAE,CAAC,GAEiD,aAAa,CAAC,CAAC,CAAC,CAC/E;AAED,wBAAgB,UAAU,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE,SAAS,GAAG,SAAS,CA8BhE"}