@atproto/oauth-types 0.1.4 → 0.1.5

package/CHANGELOG.md

@@ -1,5 +1,31 @@
 # @atproto/oauth-types
 
+## 0.1.5
+
+### Patch Changes
+
+- [#2755](https://github.com/bluesky-social/atproto/pull/2755) [`ed325d863`](https://github.com/bluesky-social/atproto/commit/ed325d863ce8ea5986c5a45c3188aaa35288b7a8) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Properly validate client metadata scope
+
+- [#2755](https://github.com/bluesky-social/atproto/pull/2755) [`ed325d863`](https://github.com/bluesky-social/atproto/commit/ed325d863ce8ea5986c5a45c3188aaa35288b7a8) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Allow ClientID query params to end with a slash "/" char
+
+- [#2755](https://github.com/bluesky-social/atproto/pull/2755) [`ed325d863`](https://github.com/bluesky-social/atproto/commit/ed325d863ce8ea5986c5a45c3188aaa35288b7a8) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Expose OAuthScope
+
+- [#2755](https://github.com/bluesky-social/atproto/pull/2755) [`ed325d863`](https://github.com/bluesky-social/atproto/commit/ed325d863ce8ea5986c5a45c3188aaa35288b7a8) Thanks [@matthieusieben](https://github.com/matthieusieben)! - add assertion utils for client ids
+
+- [#2755](https://github.com/bluesky-social/atproto/pull/2755) [`ed325d863`](https://github.com/bluesky-social/atproto/commit/ed325d863ce8ea5986c5a45c3188aaa35288b7a8) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Allow loopback client ids to omit the (empty) path parameter
+
+- [#2755](https://github.com/bluesky-social/atproto/pull/2755) [`ed325d863`](https://github.com/bluesky-social/atproto/commit/ed325d863ce8ea5986c5a45c3188aaa35288b7a8) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Enforce ClientID URL path to be normalized
+
+- [#2755](https://github.com/bluesky-social/atproto/pull/2755) [`ed325d863`](https://github.com/bluesky-social/atproto/commit/ed325d863ce8ea5986c5a45c3188aaa35288b7a8) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Rename OAuthAuthenticationRequestParameters to OAuthAuthorizationRequestParameters
+
+- [#2755](https://github.com/bluesky-social/atproto/pull/2755) [`ed325d863`](https://github.com/bluesky-social/atproto/commit/ed325d863ce8ea5986c5a45c3188aaa35288b7a8) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Restrict the value used as code_challenge_methods_supported
+
+- [#2755](https://github.com/bluesky-social/atproto/pull/2755) [`ed325d863`](https://github.com/bluesky-social/atproto/commit/ed325d863ce8ea5986c5a45c3188aaa35288b7a8) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Add missing "expires_in" property to OAuthParResponse type definition
+
+- [#2755](https://github.com/bluesky-social/atproto/pull/2755) [`ed325d863`](https://github.com/bluesky-social/atproto/commit/ed325d863ce8ea5986c5a45c3188aaa35288b7a8) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Allow loopback clients to define their scopes through the "scope" client_id query parameter.
+
+- [#2755](https://github.com/bluesky-social/atproto/pull/2755) [`ed325d863`](https://github.com/bluesky-social/atproto/commit/ed325d863ce8ea5986c5a45c3188aaa35288b7a8) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Improve error description in case of invalid loopback client_id
+
 ## 0.1.4
 
 ### Patch Changes

package/dist/atproto-loopback-client-metadata.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"atproto-loopback-client-metadata.d.ts","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAA;AAGrE,wBAAgB,6BAA6B,CAC3C,QAAQ,EAAE,MAAM,GACf,wBAAwB,CA6B1B"}
+{"version":3,"file":"atproto-loopback-client-metadata.d.ts","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAA;AAErE,wBAAgB,6BAA6B,CAC3C,QAAQ,EAAE,MAAM,GACf,wBAAwB,CAiB1B"}

package/dist/atproto-loopback-client-metadata.js

@@ -2,26 +2,15 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.atprotoLoopbackClientMetadata = void 0;
 const oauth_client_id_loopback_js_1 = require("./oauth-client-id-loopback.js");
-const oauth_client_id_url_js_1 = require("./oauth-client-id-url.js");
 function atprotoLoopbackClientMetadata(clientId) {
-    if (!(0, oauth_client_id_loopback_js_1.isOAuthClientIdLoopback)(clientId)) {
-        throw new TypeError(`Invalid loopback client ID ${clientId}`);
-    }
-    const { origin, pathname, searchParams } = (0, oauth_client_id_url_js_1.parseOAuthClientIdUrl)(clientId);
-    for (const name of searchParams.keys()) {
-        if (name !== 'redirect_uri') {
-            throw new TypeError(`Invalid query parameter ${name} in client ID`);
-        }
-    }
-    const redirectUris = searchParams.getAll('redirect_uri');
+    const { scope = 'atproto', redirect_uris = [`http://127.0.0.1/`, `http://[::1]/`], } = (0, oauth_client_id_loopback_js_1.parseOAuthLoopbackClientId)(clientId);
     return {
         client_id: clientId,
+        scope,
+        redirect_uris,
         client_name: 'Loopback client',
         response_types: ['code'],
         grant_types: ['authorization_code', 'refresh_token'],
-        redirect_uris: (redirectUris.length
-            ? redirectUris
-            : ['127.0.0.1', '[::1]'].map((ip) => Object.assign(new URL(pathname, origin), { hostname: ip }).href)),
         token_endpoint_auth_method: 'none',
         application_type: 'native',
         dpop_bound_access_tokens: true,

package/dist/atproto-loopback-client-metadata.js.map

@@ -1 +1 @@
-{"version":3,"file":"atproto-loopback-client-metadata.js","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":";;;AAAA,+EAAuE;AAEvE,qEAAgE;AAEhE,SAAgB,6BAA6B,CAC3C,QAAgB;IAEhB,IAAI,CAAC,IAAA,qDAAuB,EAAC,QAAQ,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,SAAS,CAAC,8BAA8B,QAAQ,EAAE,CAAC,CAAA;IAC/D,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,IAAA,8CAAqB,EAAC,QAAQ,CAAC,CAAA;IAE1E,KAAK,MAAM,IAAI,IAAI,YAAY,CAAC,IAAI,EAAE,EAAE,CAAC;QACvC,IAAI,IAAI,KAAK,cAAc,EAAE,CAAC;YAC5B,MAAM,IAAI,SAAS,CAAC,2BAA2B,IAAI,eAAe,CAAC,CAAA;QACrE,CAAC;IACH,CAAC;IACD,MAAM,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,cAAc,CAAC,CAAA;IAExD,OAAO;QACL,SAAS,EAAE,QAAQ;QACnB,WAAW,EAAE,iBAAiB;QAC9B,cAAc,EAAE,CAAC,MAAM,CAAC;QACxB,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QACpD,aAAa,EAAE,CAAC,YAAY,CAAC,MAAM;YACjC,CAAC,CAAC,YAAY;YACd,CAAC,CAAE,CAAC,WAAW,EAAE,OAAO,CAAW,CAAC,GAAG,CACnC,CAAC,EAAE,EAAE,EAAE,CACL,MAAM,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC,IAAI,CAClE,CAA0B;QAC/B,0BAA0B,EAAE,MAAM;QAClC,gBAAgB,EAAE,QAAQ;QAC1B,wBAAwB,EAAE,IAAI;KAC/B,CAAA;AACH,CAAC;AA/BD,sEA+BC"}
+{"version":3,"file":"atproto-loopback-client-metadata.js","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":";;;AAAA,+EAA0E;AAG1E,SAAgB,6BAA6B,CAC3C,QAAgB;IAEhB,MAAM,EACJ,KAAK,GAAG,SAAS,EACjB,aAAa,GAAG,CAAC,mBAAmB,EAAE,eAAe,CAAC,GACvD,GAAG,IAAA,wDAA0B,EAAC,QAAQ,CAAC,CAAA;IAExC,OAAO;QACL,SAAS,EAAE,QAAQ;QACnB,KAAK;QACL,aAAa;QACb,WAAW,EAAE,iBAAiB;QAC9B,cAAc,EAAE,CAAC,MAAM,CAAC;QACxB,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QACpD,0BAA0B,EAAE,MAAM;QAClC,gBAAgB,EAAE,QAAQ;QAC1B,wBAAwB,EAAE,IAAI;KAC/B,CAAA;AACH,CAAC;AAnBD,sEAmBC"}

package/dist/index.d.ts

@@ -1,24 +1,37 @@
 export * from './constants.js';
 export * from './util.js';
-export * from './access-token.js';
 export * from './atproto-loopback-client-metadata.js';
-export * from './oauth-client-id-discoverable.js';
-export * from './oauth-client-id-loopback.js';
-export * from './oauth-authentication-request-parameters.js';
+export * from './oauth-access-token.js';
+export * from './oauth-authorization-code-grant-token-request.js';
 export * from './oauth-authorization-details.js';
+export * from './oauth-authorization-request-jar.js';
+export * from './oauth-authorization-request-par.js';
+export * from './oauth-authorization-request-parameters.js';
+export * from './oauth-authorization-request-query.js';
+export * from './oauth-authorization-request-uri.js';
 export * from './oauth-authorization-server-metadata.js';
+export * from './oauth-client-credentials-grant-token-request.js';
 export * from './oauth-client-credentials.js';
+export * from './oauth-client-id-discoverable.js';
+export * from './oauth-client-id-loopback.js';
 export * from './oauth-client-id.js';
-export * from './oauth-client-identification.js';
 export * from './oauth-client-metadata.js';
 export * from './oauth-endpoint-auth-method.js';
 export * from './oauth-endpoint-name.js';
 export * from './oauth-grant-type.js';
+export * from './oauth-introspection-response.js';
 export * from './oauth-issuer-identifier.js';
 export * from './oauth-par-response.js';
+export * from './oauth-password-grant-token-request.js';
 export * from './oauth-protected-resource-metadata.js';
+export * from './oauth-refresh-token-grant-token-request.js';
+export * from './oauth-refresh-token.js';
+export * from './oauth-request-uri.js';
 export * from './oauth-response-mode.js';
 export * from './oauth-response-type.js';
+export * from './oauth-scope.js';
+export * from './oauth-token-identification.js';
+export * from './oauth-token-request.js';
 export * from './oauth-token-response.js';
 export * from './oauth-token-type.js';
 export * from './oidc-claims-parameter.js';

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAA;AAC9B,cAAc,WAAW,CAAA;AAEzB,cAAc,mBAAmB,CAAA;AACjC,cAAc,uCAAuC,CAAA;AACrD,cAAc,mCAAmC,CAAA;AACjD,cAAc,+BAA+B,CAAA;AAC7C,cAAc,8CAA8C,CAAA;AAC5D,cAAc,kCAAkC,CAAA;AAChD,cAAc,0CAA0C,CAAA;AACxD,cAAc,+BAA+B,CAAA;AAC7C,cAAc,sBAAsB,CAAA;AACpC,cAAc,kCAAkC,CAAA;AAChD,cAAc,4BAA4B,CAAA;AAC1C,cAAc,iCAAiC,CAAA;AAC/C,cAAc,0BAA0B,CAAA;AACxC,cAAc,uBAAuB,CAAA;AACrC,cAAc,8BAA8B,CAAA;AAC5C,cAAc,yBAAyB,CAAA;AACvC,cAAc,wCAAwC,CAAA;AACtD,cAAc,0BAA0B,CAAA;AACxC,cAAc,0BAA0B,CAAA;AACxC,cAAc,2BAA2B,CAAA;AACzC,cAAc,uBAAuB,CAAA;AACrC,cAAc,4BAA4B,CAAA;AAC1C,cAAc,6BAA6B,CAAA;AAC3C,cAAc,uBAAuB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAA;AAC9B,cAAc,WAAW,CAAA;AAEzB,cAAc,uCAAuC,CAAA;AACrD,cAAc,yBAAyB,CAAA;AACvC,cAAc,mDAAmD,CAAA;AACjE,cAAc,kCAAkC,CAAA;AAChD,cAAc,sCAAsC,CAAA;AACpD,cAAc,sCAAsC,CAAA;AACpD,cAAc,6CAA6C,CAAA;AAC3D,cAAc,wCAAwC,CAAA;AACtD,cAAc,sCAAsC,CAAA;AACpD,cAAc,0CAA0C,CAAA;AACxD,cAAc,mDAAmD,CAAA;AACjE,cAAc,+BAA+B,CAAA;AAC7C,cAAc,mCAAmC,CAAA;AACjD,cAAc,+BAA+B,CAAA;AAC7C,cAAc,sBAAsB,CAAA;AACpC,cAAc,4BAA4B,CAAA;AAC1C,cAAc,iCAAiC,CAAA;AAC/C,cAAc,0BAA0B,CAAA;AACxC,cAAc,uBAAuB,CAAA;AACrC,cAAc,mCAAmC,CAAA;AACjD,cAAc,8BAA8B,CAAA;AAC5C,cAAc,yBAAyB,CAAA;AACvC,cAAc,yCAAyC,CAAA;AACvD,cAAc,wCAAwC,CAAA;AACtD,cAAc,8CAA8C,CAAA;AAC5D,cAAc,0BAA0B,CAAA;AACxC,cAAc,wBAAwB,CAAA;AACtC,cAAc,0BAA0B,CAAA;AACxC,cAAc,0BAA0B,CAAA;AACxC,cAAc,kBAAkB,CAAA;AAChC,cAAc,iCAAiC,CAAA;AAC/C,cAAc,0BAA0B,CAAA;AACxC,cAAc,2BAA2B,CAAA;AACzC,cAAc,uBAAuB,CAAA;AACrC,cAAc,4BAA4B,CAAA;AAC1C,cAAc,6BAA6B,CAAA;AAC3C,cAAc,uBAAuB,CAAA"}

package/dist/index.js

@@ -16,25 +16,38 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./constants.js"), exports);
 __exportStar(require("./util.js"), exports);
-__exportStar(require("./access-token.js"), exports);
 __exportStar(require("./atproto-loopback-client-metadata.js"), exports);
-__exportStar(require("./oauth-client-id-discoverable.js"), exports);
-__exportStar(require("./oauth-client-id-loopback.js"), exports);
-__exportStar(require("./oauth-authentication-request-parameters.js"), exports);
+__exportStar(require("./oauth-access-token.js"), exports);
+__exportStar(require("./oauth-authorization-code-grant-token-request.js"), exports);
 __exportStar(require("./oauth-authorization-details.js"), exports);
+__exportStar(require("./oauth-authorization-request-jar.js"), exports);
+__exportStar(require("./oauth-authorization-request-par.js"), exports);
+__exportStar(require("./oauth-authorization-request-parameters.js"), exports);
+__exportStar(require("./oauth-authorization-request-query.js"), exports);
+__exportStar(require("./oauth-authorization-request-uri.js"), exports);
 __exportStar(require("./oauth-authorization-server-metadata.js"), exports);
+__exportStar(require("./oauth-client-credentials-grant-token-request.js"), exports);
 __exportStar(require("./oauth-client-credentials.js"), exports);
+__exportStar(require("./oauth-client-id-discoverable.js"), exports);
+__exportStar(require("./oauth-client-id-loopback.js"), exports);
 __exportStar(require("./oauth-client-id.js"), exports);
-__exportStar(require("./oauth-client-identification.js"), exports);
 __exportStar(require("./oauth-client-metadata.js"), exports);
 __exportStar(require("./oauth-endpoint-auth-method.js"), exports);
 __exportStar(require("./oauth-endpoint-name.js"), exports);
 __exportStar(require("./oauth-grant-type.js"), exports);
+__exportStar(require("./oauth-introspection-response.js"), exports);
 __exportStar(require("./oauth-issuer-identifier.js"), exports);
 __exportStar(require("./oauth-par-response.js"), exports);
+__exportStar(require("./oauth-password-grant-token-request.js"), exports);
 __exportStar(require("./oauth-protected-resource-metadata.js"), exports);
+__exportStar(require("./oauth-refresh-token-grant-token-request.js"), exports);
+__exportStar(require("./oauth-refresh-token.js"), exports);
+__exportStar(require("./oauth-request-uri.js"), exports);
 __exportStar(require("./oauth-response-mode.js"), exports);
 __exportStar(require("./oauth-response-type.js"), exports);
+__exportStar(require("./oauth-scope.js"), exports);
+__exportStar(require("./oauth-token-identification.js"), exports);
+__exportStar(require("./oauth-token-request.js"), exports);
 __exportStar(require("./oauth-token-response.js"), exports);
 __exportStar(require("./oauth-token-type.js"), exports);
 __exportStar(require("./oidc-claims-parameter.js"), exports);

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA8B;AAC9B,4CAAyB;AAEzB,oDAAiC;AACjC,wEAAqD;AACrD,oEAAiD;AACjD,gEAA6C;AAC7C,+EAA4D;AAC5D,mEAAgD;AAChD,2EAAwD;AACxD,gEAA6C;AAC7C,uDAAoC;AACpC,mEAAgD;AAChD,6DAA0C;AAC1C,kEAA+C;AAC/C,2DAAwC;AACxC,wDAAqC;AACrC,+DAA4C;AAC5C,0DAAuC;AACvC,yEAAsD;AACtD,2DAAwC;AACxC,2DAAwC;AACxC,4DAAyC;AACzC,wDAAqC;AACrC,6DAA0C;AAC1C,8DAA2C;AAC3C,wDAAqC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA8B;AAC9B,4CAAyB;AAEzB,wEAAqD;AACrD,0DAAuC;AACvC,oFAAiE;AACjE,mEAAgD;AAChD,uEAAoD;AACpD,uEAAoD;AACpD,8EAA2D;AAC3D,yEAAsD;AACtD,uEAAoD;AACpD,2EAAwD;AACxD,oFAAiE;AACjE,gEAA6C;AAC7C,oEAAiD;AACjD,gEAA6C;AAC7C,uDAAoC;AACpC,6DAA0C;AAC1C,kEAA+C;AAC/C,2DAAwC;AACxC,wDAAqC;AACrC,oEAAiD;AACjD,+DAA4C;AAC5C,0DAAuC;AACvC,0EAAuD;AACvD,yEAAsD;AACtD,+EAA4D;AAC5D,2DAAwC;AACxC,yDAAsC;AACtC,2DAAwC;AACxC,2DAAwC;AACxC,mDAAgC;AAChC,kEAA+C;AAC/C,2DAAwC;AACxC,4DAAyC;AACzC,wDAAqC;AACrC,6DAA0C;AAC1C,8DAA2C;AAC3C,wDAAqC"}

package/dist/oauth-access-token.d.ts

@@ -0,0 +1,4 @@
+import { z } from 'zod';
+export declare const oauthAccessTokenSchema: z.ZodString;
+export type OAuthAccessToken = z.infer<typeof oauthAccessTokenSchema>;
+//# sourceMappingURL=oauth-access-token.d.ts.map

package/dist/oauth-access-token.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-access-token.d.ts","sourceRoot":"","sources":["../src/oauth-access-token.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,sBAAsB,aAAoB,CAAA;AACvD,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAA"}

package/dist/oauth-access-token.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.oauthAccessTokenSchema = void 0;
+const zod_1 = require("zod");
+exports.oauthAccessTokenSchema = zod_1.z.string().min(1);
+//# sourceMappingURL=oauth-access-token.js.map

package/dist/oauth-access-token.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-access-token.js","sourceRoot":"","sources":["../src/oauth-access-token.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,sBAAsB,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA"}

package/dist/oauth-authorization-code-grant-token-request.d.ts

@@ -0,0 +1,20 @@
+import { z } from 'zod';
+export declare const oauthAuthorizationCodeGrantTokenRequestSchema: z.ZodObject<{
+    grant_type: z.ZodLiteral<"authorization_code">;
+    code: z.ZodString;
+    redirect_uri: z.ZodString;
+    /** @see {@link https://datatracker.ietf.org/doc/html/rfc7636#section-4.1} */
+    code_verifier: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    code: string;
+    redirect_uri: string;
+    grant_type: "authorization_code";
+    code_verifier?: string | undefined;
+}, {
+    code: string;
+    redirect_uri: string;
+    grant_type: "authorization_code";
+    code_verifier?: string | undefined;
+}>;
+export type OAuthAuthorizationCodeGrantTokenRequest = z.infer<typeof oauthAuthorizationCodeGrantTokenRequestSchema>;
+//# sourceMappingURL=oauth-authorization-code-grant-token-request.d.ts.map

package/dist/oauth-authorization-code-grant-token-request.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-authorization-code-grant-token-request.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-code-grant-token-request.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,6CAA6C;;;;IAIxD,6EAA6E;;;;;;;;;;;;EAO7E,CAAA;AAEF,MAAM,MAAM,uCAAuC,GAAG,CAAC,CAAC,KAAK,CAC3D,OAAO,6CAA6C,CACrD,CAAA"}

package/dist/oauth-authorization-code-grant-token-request.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.oauthAuthorizationCodeGrantTokenRequestSchema = void 0;
+const zod_1 = require("zod");
+exports.oauthAuthorizationCodeGrantTokenRequestSchema = zod_1.z.object({
+    grant_type: zod_1.z.literal('authorization_code'),
+    code: zod_1.z.string().min(1),
+    redirect_uri: zod_1.z.string().url(),
+    /** @see {@link https://datatracker.ietf.org/doc/html/rfc7636#section-4.1} */
+    code_verifier: zod_1.z
+        .string()
+        .min(43)
+        .max(128)
+        .regex(/^[a-zA-Z0-9-._~]+$/)
+        .optional(),
+});
+//# sourceMappingURL=oauth-authorization-code-grant-token-request.js.map

package/dist/oauth-authorization-code-grant-token-request.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-authorization-code-grant-token-request.js","sourceRoot":"","sources":["../src/oauth-authorization-code-grant-token-request.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,6CAA6C,GAAG,OAAC,CAAC,MAAM,CAAC;IACpE,UAAU,EAAE,OAAC,CAAC,OAAO,CAAC,oBAAoB,CAAC;IAC3C,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,YAAY,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IAC9B,6EAA6E;IAC7E,aAAa,EAAE,OAAC;SACb,MAAM,EAAE;SACR,GAAG,CAAC,EAAE,CAAC;SACP,GAAG,CAAC,GAAG,CAAC;SACR,KAAK,CAAC,oBAAoB,CAAC;SAC3B,QAAQ,EAAE;CACd,CAAC,CAAA"}

package/dist/oauth-authorization-request-jar.d.ts

@@ -0,0 +1,16 @@
+import { z } from 'zod';
+export declare const oauthAuthorizationRequestJarSchema: z.ZodObject<{
+    /**
+     * AuthorizationRequest inside a JWT:
+     * - "iat" is required and **MUST** be less than one minute
+     *
+     * @see {@link https://datatracker.ietf.org/doc/html/rfc9101}
+     */
+    request: z.ZodUnion<[z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}`, string>]>;
+}, "strip", z.ZodTypeAny, {
+    request: `${string}.${string}.${string}` | `${string}.${string}`;
+}, {
+    request: string;
+}>;
+export type OAuthAuthorizationRequestJar = z.infer<typeof oauthAuthorizationRequestJarSchema>;
+//# sourceMappingURL=oauth-authorization-request-jar.d.ts.map

package/dist/oauth-authorization-request-jar.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-authorization-request-jar.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-request-jar.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,kCAAkC;IAC7C;;;;;OAKG;;;;;;EAEH,CAAA;AAEF,MAAM,MAAM,4BAA4B,GAAG,CAAC,CAAC,KAAK,CAChD,OAAO,kCAAkC,CAC1C,CAAA"}

package/dist/oauth-authorization-request-jar.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.oauthAuthorizationRequestJarSchema = void 0;
+const jwk_1 = require("@atproto/jwk");
+const zod_1 = require("zod");
+exports.oauthAuthorizationRequestJarSchema = zod_1.z.object({
+    /**
+     * AuthorizationRequest inside a JWT:
+     * - "iat" is required and **MUST** be less than one minute
+     *
+     * @see {@link https://datatracker.ietf.org/doc/html/rfc9101}
+     */
+    request: zod_1.z.union([jwk_1.signedJwtSchema, jwk_1.unsignedJwtSchema]),
+});
+//# sourceMappingURL=oauth-authorization-request-jar.js.map

package/dist/oauth-authorization-request-jar.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-authorization-request-jar.js","sourceRoot":"","sources":["../src/oauth-authorization-request-jar.ts"],"names":[],"mappings":";;;AAAA,sCAAiE;AACjE,6BAAuB;AAEV,QAAA,kCAAkC,GAAG,OAAC,CAAC,MAAM,CAAC;IACzD;;;;;OAKG;IACH,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,qBAAe,EAAE,uBAAiB,CAAC,CAAC;CACvD,CAAC,CAAA"}

package/dist/oauth-authorization-request-par.d.ts

@@ -0,0 +1,122 @@
+import { z } from 'zod';
+export declare const oauthAuthorizationRequestParSchema: z.ZodUnion<[z.ZodObject<{
+    client_id: z.ZodString;
+    state: z.ZodOptional<z.ZodString>;
+    redirect_uri: z.ZodOptional<z.ZodString>;
+    scope: z.ZodOptional<z.ZodString>;
+    response_type: z.ZodEnum<["code", "token", "none", "code id_token token", "code id_token", "code token", "id_token token", "id_token"]>;
+    code_challenge: z.ZodOptional<z.ZodString>;
+    code_challenge_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<["S256", "plain"]>>>;
+    dpop_jkt: z.ZodOptional<z.ZodString>;
+    response_mode: z.ZodOptional<z.ZodEnum<["query", "fragment", "form_post"]>>;
+    nonce: z.ZodOptional<z.ZodString>;
+    max_age: z.ZodOptional<z.ZodNumber>;
+    claims: z.ZodOptional<z.ZodRecord<z.ZodEnum<["userinfo", "id_token"]>, z.ZodRecord<z.ZodEnum<["auth_time", "nonce", "acr", "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "gender", "picture", "profile", "website", "birthdate", "zoneinfo", "locale", "updated_at", "email", "email_verified", "phone_number", "phone_number_verified", "address"]>, z.ZodUnion<[z.ZodLiteral<null>, z.ZodObject<{
+        essential: z.ZodOptional<z.ZodBoolean>;
+        value: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodNumber, z.ZodBoolean]>>;
+        values: z.ZodOptional<z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodNumber, z.ZodBoolean]>, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        values?: (string | number | boolean)[] | undefined;
+        value?: string | number | boolean | undefined;
+        essential?: boolean | undefined;
+    }, {
+        values?: (string | number | boolean)[] | undefined;
+        value?: string | number | boolean | undefined;
+        essential?: boolean | undefined;
+    }>]>>>>;
+    login_hint: z.ZodOptional<z.ZodString>;
+    ui_locales: z.ZodOptional<z.ZodString>;
+    id_token_hint: z.ZodOptional<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>>;
+    display: z.ZodOptional<z.ZodEnum<["page", "popup", "touch"]>>;
+    prompt: z.ZodOptional<z.ZodEnum<["none", "login", "consent", "select_account"]>>;
+    authorization_details: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        type: z.ZodString;
+        locations: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        datatypes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        identifier: z.ZodOptional<z.ZodString>;
+        privileges: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        type: string;
+        locations?: string[] | undefined;
+        actions?: string[] | undefined;
+        datatypes?: string[] | undefined;
+        identifier?: string | undefined;
+        privileges?: string[] | undefined;
+    }, {
+        type: string;
+        locations?: string[] | undefined;
+        actions?: string[] | undefined;
+        datatypes?: string[] | undefined;
+        identifier?: string | undefined;
+        privileges?: string[] | undefined;
+    }>, "many">>;
+}, "strip", z.ZodTypeAny, {
+    client_id: string;
+    response_type: "code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
+    redirect_uri?: string | undefined;
+    scope?: string | undefined;
+    nonce?: string | undefined;
+    state?: string | undefined;
+    code_challenge?: string | undefined;
+    code_challenge_method?: "S256" | "plain" | undefined;
+    dpop_jkt?: string | undefined;
+    response_mode?: "query" | "fragment" | "form_post" | undefined;
+    max_age?: number | undefined;
+    claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
+        values?: (string | number | boolean)[] | undefined;
+        value?: string | number | boolean | undefined;
+        essential?: boolean | undefined;
+    } | null>>>> | undefined;
+    login_hint?: string | undefined;
+    ui_locales?: string | undefined;
+    id_token_hint?: `${string}.${string}.${string}` | undefined;
+    display?: "page" | "popup" | "touch" | undefined;
+    prompt?: "none" | "login" | "consent" | "select_account" | undefined;
+    authorization_details?: {
+        type: string;
+        locations?: string[] | undefined;
+        actions?: string[] | undefined;
+        datatypes?: string[] | undefined;
+        identifier?: string | undefined;
+        privileges?: string[] | undefined;
+    }[] | undefined;
+}, {
+    client_id: string;
+    response_type: "code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
+    redirect_uri?: string | undefined;
+    scope?: string | undefined;
+    nonce?: string | undefined;
+    state?: string | undefined;
+    code_challenge?: string | undefined;
+    code_challenge_method?: "S256" | "plain" | undefined;
+    dpop_jkt?: string | undefined;
+    response_mode?: "query" | "fragment" | "form_post" | undefined;
+    max_age?: number | undefined;
+    claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
+        values?: (string | number | boolean)[] | undefined;
+        value?: string | number | boolean | undefined;
+        essential?: boolean | undefined;
+    } | null>>>> | undefined;
+    login_hint?: string | undefined;
+    ui_locales?: string | undefined;
+    id_token_hint?: string | undefined;
+    display?: "page" | "popup" | "touch" | undefined;
+    prompt?: "none" | "login" | "consent" | "select_account" | undefined;
+    authorization_details?: {
+        type: string;
+        locations?: string[] | undefined;
+        actions?: string[] | undefined;
+        datatypes?: string[] | undefined;
+        identifier?: string | undefined;
+        privileges?: string[] | undefined;
+    }[] | undefined;
+}>, z.ZodObject<{
+    request: z.ZodUnion<[z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}`, string>]>;
+}, "strip", z.ZodTypeAny, {
+    request: `${string}.${string}.${string}` | `${string}.${string}`;
+}, {
+    request: string;
+}>]>;
+export type OAuthAuthorizationRequestPar = z.infer<typeof oauthAuthorizationRequestParSchema>;
+//# sourceMappingURL=oauth-authorization-request-par.d.ts.map

package/dist/oauth-authorization-request-par.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-authorization-request-par.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-request-par.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAKvB,eAAO,MAAM,kCAAkC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAG7C,CAAA;AAEF,MAAM,MAAM,4BAA4B,GAAG,CAAC,CAAC,KAAK,CAChD,OAAO,kCAAkC,CAC1C,CAAA"}

package/dist/oauth-authorization-request-par.js

@@ -0,0 +1,11 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.oauthAuthorizationRequestParSchema = void 0;
+const zod_1 = require("zod");
+const oauth_authorization_request_jar_js_1 = require("./oauth-authorization-request-jar.js");
+const oauth_authorization_request_parameters_js_1 = require("./oauth-authorization-request-parameters.js");
+exports.oauthAuthorizationRequestParSchema = zod_1.z.union([
+    oauth_authorization_request_parameters_js_1.oauthAuthorizationRequestParametersSchema,
+    oauth_authorization_request_jar_js_1.oauthAuthorizationRequestJarSchema,
+]);
+//# sourceMappingURL=oauth-authorization-request-par.js.map

package/dist/oauth-authorization-request-par.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-authorization-request-par.js","sourceRoot":"","sources":["../src/oauth-authorization-request-par.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEvB,6FAAyF;AACzF,2GAAuG;AAE1F,QAAA,kCAAkC,GAAG,OAAC,CAAC,KAAK,CAAC;IACxD,qFAAyC;IACzC,uEAAkC;CACnC,CAAC,CAAA"}

package/dist/{oauth-authentication-request-parameters.d.ts → oauth-authorization-request-parameters.d.ts}

@@ -2,17 +2,17 @@ import { z } from 'zod';
 /**
  * @see {@link https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest | OIDC}
  */
-export declare const oauthAuthenticationRequestParametersSchema: z.ZodObject<{
+export declare const oauthAuthorizationRequestParametersSchema: z.ZodObject<{
     client_id: z.ZodString;
     state: z.ZodOptional<z.ZodString>;
-    nonce: z.ZodOptional<z.ZodString>;
-    dpop_jkt: z.ZodOptional<z.ZodString>;
+    redirect_uri: z.ZodOptional<z.ZodString>;
+    scope: z.ZodOptional<z.ZodString>;
     response_type: z.ZodEnum<["code", "token", "none", "code id_token token", "code id_token", "code token", "id_token token", "id_token"]>;
-    response_mode: z.ZodOptional<z.ZodEnum<["query", "fragment", "form_post"]>>;
     code_challenge: z.ZodOptional<z.ZodString>;
     code_challenge_method: z.ZodOptional<z.ZodDefault<z.ZodEnum<["S256", "plain"]>>>;
-    redirect_uri: z.ZodOptional<z.ZodString>;
-    scope: z.ZodOptional<z.ZodString>;
+    dpop_jkt: z.ZodOptional<z.ZodString>;
+    response_mode: z.ZodOptional<z.ZodEnum<["query", "fragment", "form_post"]>>;
+    nonce: z.ZodOptional<z.ZodString>;
     max_age: z.ZodOptional<z.ZodNumber>;
     claims: z.ZodOptional<z.ZodRecord<z.ZodEnum<["userinfo", "id_token"]>, z.ZodRecord<z.ZodEnum<["auth_time", "nonce", "acr", "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "gender", "picture", "profile", "website", "birthdate", "zoneinfo", "locale", "updated_at", "email", "email_verified", "phone_number", "phone_number_verified", "address"]>, z.ZodUnion<[z.ZodLiteral<null>, z.ZodObject<{
         essential: z.ZodOptional<z.ZodBoolean>;
@@ -63,14 +63,14 @@ export declare const oauthAuthenticationRequestParametersSchema: z.ZodObject<{
 }, "strip", z.ZodTypeAny, {
     client_id: string;
     response_type: "code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
-    scope?: string | undefined;
     redirect_uri?: string | undefined;
+    scope?: string | undefined;
     nonce?: string | undefined;
     state?: string | undefined;
-    dpop_jkt?: string | undefined;
-    response_mode?: "query" | "fragment" | "form_post" | undefined;
     code_challenge?: string | undefined;
     code_challenge_method?: "S256" | "plain" | undefined;
+    dpop_jkt?: string | undefined;
+    response_mode?: "query" | "fragment" | "form_post" | undefined;
     max_age?: number | undefined;
     claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
         values?: (string | number | boolean)[] | undefined;
@@ -93,14 +93,14 @@ export declare const oauthAuthenticationRequestParametersSchema: z.ZodObject<{
 }, {
     client_id: string;
     response_type: "code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
-    scope?: string | undefined;
     redirect_uri?: string | undefined;
+    scope?: string | undefined;
     nonce?: string | undefined;
     state?: string | undefined;
-    dpop_jkt?: string | undefined;
-    response_mode?: "query" | "fragment" | "form_post" | undefined;
     code_challenge?: string | undefined;
     code_challenge_method?: "S256" | "plain" | undefined;
+    dpop_jkt?: string | undefined;
+    response_mode?: "query" | "fragment" | "form_post" | undefined;
     max_age?: number | undefined;
     claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
         values?: (string | number | boolean)[] | undefined;
@@ -122,7 +122,7 @@ export declare const oauthAuthenticationRequestParametersSchema: z.ZodObject<{
     }[] | undefined;
 }>;
 /**
- * @see {oauthAuthenticationRequestParametersSchema}
+ * @see {oauthAuthorizationRequestParametersSchema}
  */
-export type OAuthAuthenticationRequestParameters = z.infer<typeof oauthAuthenticationRequestParametersSchema>;
-//# sourceMappingURL=oauth-authentication-request-parameters.d.ts.map
+export type OAuthAuthorizationRequestParameters = z.infer<typeof oauthAuthorizationRequestParametersSchema>;
+//# sourceMappingURL=oauth-authorization-request-parameters.d.ts.map

package/dist/oauth-authorization-request-parameters.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-authorization-request-parameters.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-request-parameters.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAWvB;;GAEG;AACH,eAAO,MAAM,yCAAyC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA8DpD;;;;;OAKG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAKH,CAAA;AAEF;;GAEG;AACH,MAAM,MAAM,mCAAmC,GAAG,CAAC,CAAC,KAAK,CACvD,OAAO,yCAAyC,CACjD,CAAA"}

package/dist/{oauth-authentication-request-parameters.js → oauth-authorization-request-parameters.js}

@@ -1,38 +1,37 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.oauthAuthenticationRequestParametersSchema = void 0;
+exports.oauthAuthorizationRequestParametersSchema = void 0;
 const jwk_1 = require("@atproto/jwk");
 const zod_1 = require("zod");
 const oauth_authorization_details_js_1 = require("./oauth-authorization-details.js");
 const oauth_client_id_js_1 = require("./oauth-client-id.js");
+const oauth_code_challenge_method_js_1 = require("./oauth-code-challenge-method.js");
 const oauth_response_type_js_1 = require("./oauth-response-type.js");
+const oauth_scope_js_1 = require("./oauth-scope.js");
 const oidc_claims_parameter_js_1 = require("./oidc-claims-parameter.js");
 const oidc_claims_properties_js_1 = require("./oidc-claims-properties.js");
 const oidc_entity_type_js_1 = require("./oidc-entity-type.js");
 /**
  * @see {@link https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest | OIDC}
  */
-exports.oauthAuthenticationRequestParametersSchema = zod_1.z.object({
+exports.oauthAuthorizationRequestParametersSchema = zod_1.z.object({
     client_id: oauth_client_id_js_1.oauthClientIdSchema,
     state: zod_1.z.string().optional(),
-    nonce: zod_1.z.string().optional(),
-    dpop_jkt: zod_1.z.string().optional(),
+    redirect_uri: zod_1.z.string().url().optional(),
+    scope: oauth_scope_js_1.oauthScopeSchema.optional(),
     response_type: oauth_response_type_js_1.oauthResponseTypeSchema,
-    // Default depend on response_type
-    response_mode: zod_1.z.enum(['query', 'fragment', 'form_post']).optional(),
     // PKCE
     code_challenge: zod_1.z.string().optional(),
-    code_challenge_method: zod_1.z.enum(['S256', 'plain']).default('S256').optional(),
-    redirect_uri: zod_1.z.string().url().optional(),
-    // https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-11#section-1.4.1
-    // scope       = scope-token *( SP scope-token )
-    // scope-token = 1*( %x21 / %x23-5B / %x5D-7E )
-    // = Basically most ASCII characters except backslash and double quote
-    scope: zod_1.z
-        .string()
-        .regex(/^[!\x23-\x5B\x5D-\x7E]+( [!\x23-\x5B\x5D-\x7E]+)*$/)
+    code_challenge_method: oauth_code_challenge_method_js_1.oauthCodeChallengeMethodSchema
+        .default('S256')
         .optional(),
+    // DPOP
+    // https://datatracker.ietf.org/doc/html/rfc9449#section-12.3
+    dpop_jkt: zod_1.z.string().optional(),
     // OIDC
+    // Default depend on response_type
+    response_mode: zod_1.z.enum(['query', 'fragment', 'form_post']).optional(),
+    nonce: zod_1.z.string().optional(),
     // Specifies the allowable elapsed time in seconds since the last time the
     // End-User was actively authenticated by the OP. If the elapsed time is
     // greater than this value, the OP MUST attempt to actively re-authenticate
@@ -66,4 +65,4 @@ exports.oauthAuthenticationRequestParametersSchema = zod_1.z.object({
     // https://datatracker.ietf.org/doc/html/rfc9396
     authorization_details: oauth_authorization_details_js_1.oauthAuthorizationDetailsSchema.optional(),
 });
-//# sourceMappingURL=oauth-authentication-request-parameters.js.map
+//# sourceMappingURL=oauth-authorization-request-parameters.js.map

package/dist/oauth-authorization-request-parameters.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-authorization-request-parameters.js","sourceRoot":"","sources":["../src/oauth-authorization-request-parameters.ts"],"names":[],"mappings":";;;AAAA,sCAA8C;AAC9C,6BAAuB;AAEvB,qFAAkF;AAClF,6DAA0D;AAC1D,qFAAiF;AACjF,qEAAkE;AAClE,qDAAmD;AACnD,yEAAsE;AACtE,2EAAwE;AACxE,+DAA4D;AAE5D;;GAEG;AACU,QAAA,yCAAyC,GAAG,OAAC,CAAC,MAAM,CAAC;IAChE,SAAS,EAAE,wCAAmB;IAC9B,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,YAAY,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACzC,KAAK,EAAE,iCAAgB,CAAC,QAAQ,EAAE;IAClC,aAAa,EAAE,gDAAuB;IAEtC,OAAO;IAEP,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACrC,qBAAqB,EAAE,+DAA8B;SAClD,OAAO,CAAC,MAAM,CAAC;SACf,QAAQ,EAAE;IAEb,OAAO;IAEP,6DAA6D;IAC7D,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAE/B,OAAO;IAEP,kCAAkC;IAClC,aAAa,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,QAAQ,EAAE;IAEpE,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAE5B,0EAA0E;IAC1E,wEAAwE;IACxE,2EAA2E;IAC3E,6EAA6E;IAC7E,4EAA4E;IAC5E,yEAAyE;IACzE,2CAA2C;IAC3C,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAE3C,MAAM,EAAE,OAAC;SACN,MAAM,CACL,0CAAoB,EACpB,OAAC,CAAC,MAAM,CACN,oDAAyB,EACzB,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,sDAA0B,CAAC,CAAC,CACvD,CACF;SACA,QAAQ,EAAE;IAEb,8EAA8E;IAC9E,uCAAuC;IACvC,iDAAiD;IAEjD,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAExC,UAAU,EAAE,OAAC;SACV,MAAM,EAAE;SACR,KAAK,CAAC,gDAAgD,CAAC,CAAC,cAAc;SACtE,QAAQ,EAAE;IAEb,iEAAiE;IACjE,aAAa,EAAE,qBAAe,CAAC,QAAQ,EAAE;IAEzC,oCAAoC;IACpC,OAAO,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE;IAEtD;;;;;OAKG;IACH,MAAM,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,gBAAgB,CAAC,CAAC,CAAC,QAAQ,EAAE;IAEzE,gDAAgD;IAChD,qBAAqB,EAAE,gEAA+B,CAAC,QAAQ,EAAE;CAClE,CAAC,CAAA"}