@atproto/oauth-scopes 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +13 -0
- package/dist/atproto-oauth-scope.d.ts +6 -1
- package/dist/atproto-oauth-scope.d.ts.map +1 -1
- package/dist/atproto-oauth-scope.js +40 -5
- package/dist/atproto-oauth-scope.js.map +1 -1
- package/dist/lib/util.d.ts +1 -0
- package/dist/lib/util.d.ts.map +1 -1
- package/dist/lib/util.js +4 -0
- package/dist/lib/util.js.map +1 -1
- package/package.json +2 -2
- package/src/atproto-oauth-scope.ts +44 -8
- package/src/lib/util.ts +4 -0
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,18 @@
|
|
|
1
1
|
# @atproto/oauth-scopes
|
|
2
2
|
|
|
3
|
+
## 0.2.0
|
|
4
|
+
|
|
5
|
+
### Minor Changes
|
|
6
|
+
|
|
7
|
+
- [#4149](https://github.com/bluesky-social/atproto/pull/4149) [`8914f9abd`](https://github.com/bluesky-social/atproto/commit/8914f9abde2059c551d7e4c8d104227986098b82) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Method `authenticateRequest` now returns `SignedTokenPayload`
|
|
8
|
+
|
|
9
|
+
### Patch Changes
|
|
10
|
+
|
|
11
|
+
- [#4149](https://github.com/bluesky-social/atproto/pull/4149) [`8914f9abd`](https://github.com/bluesky-social/atproto/commit/8914f9abde2059c551d7e4c8d104227986098b82) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Add scope normalization utility
|
|
12
|
+
|
|
13
|
+
- Updated dependencies []:
|
|
14
|
+
- @atproto/lexicon@0.5.1
|
|
15
|
+
|
|
3
16
|
## 0.1.0
|
|
4
17
|
|
|
5
18
|
### Minor Changes
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
import { ScopeStringFor, isScopeStringFor } from './lib/syntax.js';
|
|
2
2
|
export { type ScopeStringFor, isScopeStringFor };
|
|
3
|
-
export
|
|
3
|
+
export declare const STATIC_SCOPE_VALUES: readonly ["atproto", "transition:email", "transition:generic", "transition:chat.bsky"];
|
|
4
|
+
export type StaticScopeValue = (typeof STATIC_SCOPE_VALUES)[number];
|
|
5
|
+
export declare function isStaticScopeValue(value: string): value is StaticScopeValue;
|
|
6
|
+
export type AtprotoOauthScope = StaticScopeValue | ScopeStringFor<'account'> | ScopeStringFor<'blob'> | ScopeStringFor<'identity'> | ScopeStringFor<'include'> | ScopeStringFor<'repo'> | ScopeStringFor<'rpc'>;
|
|
4
7
|
/**
|
|
5
8
|
* @note This function does not only verify the scope string format (with
|
|
6
9
|
* {@link isScopeStringFor}), but also checks if the provided parameters are
|
|
@@ -9,4 +12,6 @@ export type AtprotoOauthScope = 'atproto' | 'transition:email' | 'transition:gen
|
|
|
9
12
|
* the code.
|
|
10
13
|
*/
|
|
11
14
|
export declare function isAtprotoOauthScope(value: string): value is AtprotoOauthScope;
|
|
15
|
+
export declare function normalizeAtprotoOauthScope(scope: string): string;
|
|
16
|
+
export declare function normalizeAtprotoOauthScopeValue(value: string): AtprotoOauthScope | null;
|
|
12
17
|
//# sourceMappingURL=atproto-oauth-scope.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"atproto-oauth-scope.d.ts","sourceRoot":"","sources":["../src/atproto-oauth-scope.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;
|
|
1
|
+
{"version":3,"file":"atproto-oauth-scope.d.ts","sourceRoot":"","sources":["../src/atproto-oauth-scope.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AASlE,OAAO,EAAE,KAAK,cAAc,EAAE,gBAAgB,EAAE,CAAA;AAEhD,eAAO,MAAM,mBAAmB,wFAKrB,CAAA;AAEX,MAAM,MAAM,gBAAgB,GAAG,CAAC,OAAO,mBAAmB,CAAC,CAAC,MAAM,CAAC,CAAA;AACnE,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,KAAK,IAAI,gBAAgB,CAE3E;AAED,MAAM,MAAM,iBAAiB,GACzB,gBAAgB,GAChB,cAAc,CAAC,SAAS,CAAC,GACzB,cAAc,CAAC,MAAM,CAAC,GACtB,cAAc,CAAC,UAAU,CAAC,GAC1B,cAAc,CAAC,SAAS,CAAC,GACzB,cAAc,CAAC,MAAM,CAAC,GACtB,cAAc,CAAC,KAAK,CAAC,CAAA;AAEzB;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,KAAK,IAAI,iBAAiB,CAU7E;AAED,wBAAgB,0BAA0B,CAAC,KAAK,EAAE,MAAM,UAOvD;AAED,wBAAgB,+BAA+B,CAC7C,KAAK,EAAE,MAAM,GACZ,iBAAiB,GAAG,IAAI,CAgB1B"}
|
|
@@ -1,15 +1,28 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.isScopeStringFor = void 0;
|
|
3
|
+
exports.STATIC_SCOPE_VALUES = exports.isScopeStringFor = void 0;
|
|
4
|
+
exports.isStaticScopeValue = isStaticScopeValue;
|
|
4
5
|
exports.isAtprotoOauthScope = isAtprotoOauthScope;
|
|
6
|
+
exports.normalizeAtprotoOauthScope = normalizeAtprotoOauthScope;
|
|
7
|
+
exports.normalizeAtprotoOauthScopeValue = normalizeAtprotoOauthScopeValue;
|
|
5
8
|
const syntax_js_1 = require("./lib/syntax.js");
|
|
6
9
|
Object.defineProperty(exports, "isScopeStringFor", { enumerable: true, get: function () { return syntax_js_1.isScopeStringFor; } });
|
|
10
|
+
const util_js_1 = require("./lib/util.js");
|
|
7
11
|
const account_permission_js_1 = require("./scopes/account-permission.js");
|
|
8
12
|
const blob_permission_js_1 = require("./scopes/blob-permission.js");
|
|
9
13
|
const identity_permission_js_1 = require("./scopes/identity-permission.js");
|
|
10
14
|
const include_scope_js_1 = require("./scopes/include-scope.js");
|
|
11
15
|
const repo_permission_js_1 = require("./scopes/repo-permission.js");
|
|
12
16
|
const rpc_permission_js_1 = require("./scopes/rpc-permission.js");
|
|
17
|
+
exports.STATIC_SCOPE_VALUES = Object.freeze([
|
|
18
|
+
'atproto',
|
|
19
|
+
'transition:email',
|
|
20
|
+
'transition:generic',
|
|
21
|
+
'transition:chat.bsky',
|
|
22
|
+
]);
|
|
23
|
+
function isStaticScopeValue(value) {
|
|
24
|
+
return exports.STATIC_SCOPE_VALUES.includes(value);
|
|
25
|
+
}
|
|
13
26
|
/**
|
|
14
27
|
* @note This function does not only verify the scope string format (with
|
|
15
28
|
* {@link isScopeStringFor}), but also checks if the provided parameters are
|
|
@@ -18,10 +31,7 @@ const rpc_permission_js_1 = require("./scopes/rpc-permission.js");
|
|
|
18
31
|
* the code.
|
|
19
32
|
*/
|
|
20
33
|
function isAtprotoOauthScope(value) {
|
|
21
|
-
return (value
|
|
22
|
-
value === 'transition:email' ||
|
|
23
|
-
value === 'transition:generic' ||
|
|
24
|
-
value === 'transition:chat.bsky' ||
|
|
34
|
+
return (isStaticScopeValue(value) ||
|
|
25
35
|
account_permission_js_1.AccountPermission.fromString(value) != null ||
|
|
26
36
|
blob_permission_js_1.BlobPermission.fromString(value) != null ||
|
|
27
37
|
identity_permission_js_1.IdentityPermission.fromString(value) != null ||
|
|
@@ -29,4 +39,29 @@ function isAtprotoOauthScope(value) {
|
|
|
29
39
|
repo_permission_js_1.RepoPermission.fromString(value) != null ||
|
|
30
40
|
rpc_permission_js_1.RpcPermission.fromString(value) != null);
|
|
31
41
|
}
|
|
42
|
+
function normalizeAtprotoOauthScope(scope) {
|
|
43
|
+
return scope
|
|
44
|
+
.split(' ')
|
|
45
|
+
.map(normalizeAtprotoOauthScopeValue)
|
|
46
|
+
.filter(util_js_1.isNonNullable)
|
|
47
|
+
.sort()
|
|
48
|
+
.join(' ');
|
|
49
|
+
}
|
|
50
|
+
function normalizeAtprotoOauthScopeValue(value) {
|
|
51
|
+
if (isStaticScopeValue(value))
|
|
52
|
+
return value;
|
|
53
|
+
for (const Scope of [
|
|
54
|
+
account_permission_js_1.AccountPermission,
|
|
55
|
+
blob_permission_js_1.BlobPermission,
|
|
56
|
+
identity_permission_js_1.IdentityPermission,
|
|
57
|
+
include_scope_js_1.IncludeScope,
|
|
58
|
+
repo_permission_js_1.RepoPermission,
|
|
59
|
+
rpc_permission_js_1.RpcPermission,
|
|
60
|
+
]) {
|
|
61
|
+
const parsed = Scope.fromString(value);
|
|
62
|
+
if (parsed)
|
|
63
|
+
return parsed.toString();
|
|
64
|
+
}
|
|
65
|
+
return null;
|
|
66
|
+
}
|
|
32
67
|
//# sourceMappingURL=atproto-oauth-scope.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"atproto-oauth-scope.js","sourceRoot":"","sources":["../src/atproto-oauth-scope.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"atproto-oauth-scope.js","sourceRoot":"","sources":["../src/atproto-oauth-scope.ts"],"names":[],"mappings":";;;AAmBA,gDAEC;AAkBD,kDAUC;AAED,gEAOC;AAED,0EAkBC;AA9ED,+CAAkE;AASpC,iGATL,4BAAgB,OASK;AAR9C,2CAA6C;AAC7C,0EAAkE;AAClE,oEAA4D;AAC5D,4EAAoE;AACpE,gEAAwD;AACxD,oEAA4D;AAC5D,kEAA0D;AAI7C,QAAA,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC;IAC/C,SAAS;IACT,kBAAkB;IAClB,oBAAoB;IACpB,sBAAsB;CACd,CAAC,CAAA;AAGX,SAAgB,kBAAkB,CAAC,KAAa;IAC9C,OAAQ,2BAAyC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;AACnE,CAAC;AAWD;;;;;;GAMG;AACH,SAAgB,mBAAmB,CAAC,KAAa;IAC/C,OAAO,CACL,kBAAkB,CAAC,KAAK,CAAC;QACzB,yCAAiB,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,IAAI;QAC3C,mCAAc,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,IAAI;QACxC,2CAAkB,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,IAAI;QAC5C,+BAAY,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,IAAI;QACtC,mCAAc,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,IAAI;QACxC,iCAAa,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,IAAI,CACxC,CAAA;AACH,CAAC;AAED,SAAgB,0BAA0B,CAAC,KAAa;IACtD,OAAO,KAAK;SACT,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,+BAA+B,CAAC;SACpC,MAAM,CAAC,uBAAa,CAAC;SACrB,IAAI,EAAE;SACN,IAAI,CAAC,GAAG,CAAC,CAAA;AACd,CAAC;AAED,SAAgB,+BAA+B,CAC7C,KAAa;IAEb,IAAI,kBAAkB,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAA;IAE3C,KAAK,MAAM,KAAK,IAAI;QAClB,yCAAiB;QACjB,mCAAc;QACd,2CAAkB;QAClB,+BAAY;QACZ,mCAAc;QACd,iCAAa;KACd,EAAE,CAAC;QACF,MAAM,MAAM,GAAG,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;QACtC,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAA;IACtC,CAAC;IAED,OAAO,IAAI,CAAA;AACb,CAAC"}
|
package/dist/lib/util.d.ts
CHANGED
|
@@ -3,4 +3,5 @@ export interface Matchable<T> {
|
|
|
3
3
|
}
|
|
4
4
|
export declare function minIdx(a: number, b: number): number;
|
|
5
5
|
export declare function knownValuesValidator<T>(values: Iterable<T>): (value: unknown) => value is T;
|
|
6
|
+
export declare function isNonNullable<T>(value: T): value is NonNullable<T>;
|
|
6
7
|
//# sourceMappingURL=util.d.ts.map
|
package/dist/lib/util.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../src/lib/util.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,SAAS,CAAC,CAAC;IAC1B,OAAO,CAAC,OAAO,EAAE,CAAC,GAAG,OAAO,CAAA;CAC7B;AAED,wBAAgB,MAAM,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAInD;AAED,wBAAgB,oBAAoB,CAAC,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,IAEjD,OAAO,OAAO,KAAG,KAAK,IAAI,CAAC,CACpC"}
|
|
1
|
+
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../src/lib/util.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,SAAS,CAAC,CAAC;IAC1B,OAAO,CAAC,OAAO,EAAE,CAAC,GAAG,OAAO,CAAA;CAC7B;AAED,wBAAgB,MAAM,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAInD;AAED,wBAAgB,oBAAoB,CAAC,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,IAEjD,OAAO,OAAO,KAAG,KAAK,IAAI,CAAC,CACpC;AAED,wBAAgB,aAAa,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,KAAK,IAAI,WAAW,CAAC,CAAC,CAAC,CAElE"}
|
package/dist/lib/util.js
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.minIdx = minIdx;
|
|
4
4
|
exports.knownValuesValidator = knownValuesValidator;
|
|
5
|
+
exports.isNonNullable = isNonNullable;
|
|
5
6
|
function minIdx(a, b) {
|
|
6
7
|
if (a === -1)
|
|
7
8
|
return b;
|
|
@@ -13,4 +14,7 @@ function knownValuesValidator(values) {
|
|
|
13
14
|
const set = new Set(values);
|
|
14
15
|
return (value) => set.has(value);
|
|
15
16
|
}
|
|
17
|
+
function isNonNullable(value) {
|
|
18
|
+
return value != null;
|
|
19
|
+
}
|
|
16
20
|
//# sourceMappingURL=util.js.map
|
package/dist/lib/util.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.js","sourceRoot":"","sources":["../../src/lib/util.ts"],"names":[],"mappings":";;AAIA,wBAIC;AAED,oDAGC;
|
|
1
|
+
{"version":3,"file":"util.js","sourceRoot":"","sources":["../../src/lib/util.ts"],"names":[],"mappings":";;AAIA,wBAIC;AAED,oDAGC;AAED,sCAEC;AAbD,SAAgB,MAAM,CAAC,CAAS,EAAE,CAAS;IACzC,IAAI,CAAC,KAAK,CAAC,CAAC;QAAE,OAAO,CAAC,CAAA;IACtB,IAAI,CAAC,KAAK,CAAC,CAAC;QAAE,OAAO,CAAC,CAAA;IACtB,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;AACvB,CAAC;AAED,SAAgB,oBAAoB,CAAI,MAAmB;IACzD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAU,MAAM,CAAC,CAAA;IACpC,OAAO,CAAC,KAAc,EAAc,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;AACvD,CAAC;AAED,SAAgB,aAAa,CAAI,KAAQ;IACvC,OAAO,KAAK,IAAI,IAAI,CAAA;AACtB,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@atproto/oauth-scopes",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.2.0",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"description": "A library for manipulating and validating ATproto OAuth scopes in TypeScript.",
|
|
6
6
|
"keywords": [
|
|
@@ -26,7 +26,7 @@
|
|
|
26
26
|
},
|
|
27
27
|
"dependencies": {
|
|
28
28
|
"@atproto/did": "^0.2.0",
|
|
29
|
-
"@atproto/lexicon": "^0.5.
|
|
29
|
+
"@atproto/lexicon": "^0.5.1",
|
|
30
30
|
"@atproto/syntax": "^0.4.1"
|
|
31
31
|
},
|
|
32
32
|
"devDependencies": {
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { ScopeStringFor, isScopeStringFor } from './lib/syntax.js'
|
|
2
|
+
import { isNonNullable } from './lib/util.js'
|
|
2
3
|
import { AccountPermission } from './scopes/account-permission.js'
|
|
3
4
|
import { BlobPermission } from './scopes/blob-permission.js'
|
|
4
5
|
import { IdentityPermission } from './scopes/identity-permission.js'
|
|
@@ -8,11 +9,20 @@ import { RpcPermission } from './scopes/rpc-permission.js'
|
|
|
8
9
|
|
|
9
10
|
export { type ScopeStringFor, isScopeStringFor }
|
|
10
11
|
|
|
12
|
+
export const STATIC_SCOPE_VALUES = Object.freeze([
|
|
13
|
+
'atproto',
|
|
14
|
+
'transition:email',
|
|
15
|
+
'transition:generic',
|
|
16
|
+
'transition:chat.bsky',
|
|
17
|
+
] as const)
|
|
18
|
+
|
|
19
|
+
export type StaticScopeValue = (typeof STATIC_SCOPE_VALUES)[number]
|
|
20
|
+
export function isStaticScopeValue(value: string): value is StaticScopeValue {
|
|
21
|
+
return (STATIC_SCOPE_VALUES as readonly string[]).includes(value)
|
|
22
|
+
}
|
|
23
|
+
|
|
11
24
|
export type AtprotoOauthScope =
|
|
12
|
-
|
|
|
13
|
-
| 'transition:email'
|
|
14
|
-
| 'transition:generic'
|
|
15
|
-
| 'transition:chat.bsky'
|
|
25
|
+
| StaticScopeValue
|
|
16
26
|
| ScopeStringFor<'account'>
|
|
17
27
|
| ScopeStringFor<'blob'>
|
|
18
28
|
| ScopeStringFor<'identity'>
|
|
@@ -29,10 +39,7 @@ export type AtprotoOauthScope =
|
|
|
29
39
|
*/
|
|
30
40
|
export function isAtprotoOauthScope(value: string): value is AtprotoOauthScope {
|
|
31
41
|
return (
|
|
32
|
-
value
|
|
33
|
-
value === 'transition:email' ||
|
|
34
|
-
value === 'transition:generic' ||
|
|
35
|
-
value === 'transition:chat.bsky' ||
|
|
42
|
+
isStaticScopeValue(value) ||
|
|
36
43
|
AccountPermission.fromString(value) != null ||
|
|
37
44
|
BlobPermission.fromString(value) != null ||
|
|
38
45
|
IdentityPermission.fromString(value) != null ||
|
|
@@ -41,3 +48,32 @@ export function isAtprotoOauthScope(value: string): value is AtprotoOauthScope {
|
|
|
41
48
|
RpcPermission.fromString(value) != null
|
|
42
49
|
)
|
|
43
50
|
}
|
|
51
|
+
|
|
52
|
+
export function normalizeAtprotoOauthScope(scope: string) {
|
|
53
|
+
return scope
|
|
54
|
+
.split(' ')
|
|
55
|
+
.map(normalizeAtprotoOauthScopeValue)
|
|
56
|
+
.filter(isNonNullable)
|
|
57
|
+
.sort()
|
|
58
|
+
.join(' ')
|
|
59
|
+
}
|
|
60
|
+
|
|
61
|
+
export function normalizeAtprotoOauthScopeValue(
|
|
62
|
+
value: string,
|
|
63
|
+
): AtprotoOauthScope | null {
|
|
64
|
+
if (isStaticScopeValue(value)) return value
|
|
65
|
+
|
|
66
|
+
for (const Scope of [
|
|
67
|
+
AccountPermission,
|
|
68
|
+
BlobPermission,
|
|
69
|
+
IdentityPermission,
|
|
70
|
+
IncludeScope,
|
|
71
|
+
RepoPermission,
|
|
72
|
+
RpcPermission,
|
|
73
|
+
]) {
|
|
74
|
+
const parsed = Scope.fromString(value)
|
|
75
|
+
if (parsed) return parsed.toString()
|
|
76
|
+
}
|
|
77
|
+
|
|
78
|
+
return null
|
|
79
|
+
}
|
package/src/lib/util.ts
CHANGED
|
@@ -12,3 +12,7 @@ export function knownValuesValidator<T>(values: Iterable<T>) {
|
|
|
12
12
|
const set = new Set<unknown>(values)
|
|
13
13
|
return (value: unknown): value is T => set.has(value)
|
|
14
14
|
}
|
|
15
|
+
|
|
16
|
+
export function isNonNullable<T>(value: T): value is NonNullable<T> {
|
|
17
|
+
return value != null
|
|
18
|
+
}
|