@atproto/oauth-types 0.1.5 → 0.2.1

package/CHANGELOG.md

@@ -1,5 +1,33 @@
 # @atproto/oauth-types
 
+## 0.2.1
+
+### Patch Changes
+
+- [#3066](https://github.com/bluesky-social/atproto/pull/3066) [`5ddd51235`](https://github.com/bluesky-social/atproto/commit/5ddd51235c7e064bddcad2dd218df05d144d18d3) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Add oauthClientIdLoopbackSchema and oauthClientIdDiscoverableSchema schemas
+
+- [#3066](https://github.com/bluesky-social/atproto/pull/3066) [`5ddd51235`](https://github.com/bluesky-social/atproto/commit/5ddd51235c7e064bddcad2dd218df05d144d18d3) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Enforce use of http and https url where applicable
+
+- [#3066](https://github.com/bluesky-social/atproto/pull/3066) [`5ddd51235`](https://github.com/bluesky-social/atproto/commit/5ddd51235c7e064bddcad2dd218df05d144d18d3) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Strong validation or redirect_uri
+
+## 0.2.0
+
+### Minor Changes
+
+- [#2874](https://github.com/bluesky-social/atproto/pull/2874) [`7f26b1765`](https://github.com/bluesky-social/atproto/commit/7f26b176526b9856a8f61faca6f065f0afd43abf) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Allow oauthIssuerIdentifier to be an "http:" url. Make sure to manually check for "http:" issuers if you don't allow them.
+
+- [#2874](https://github.com/bluesky-social/atproto/pull/2874) [`7f26b1765`](https://github.com/bluesky-social/atproto/commit/7f26b176526b9856a8f61faca6f065f0afd43abf) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Remove ALLOW_UNSECURE_ORIGINS constant
+
+- [#2871](https://github.com/bluesky-social/atproto/pull/2871) [`9d40ccbb6`](https://github.com/bluesky-social/atproto/commit/9d40ccbb69103fae9aae7e3cec31e9b3116f3ba2) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Remove invalid `issuer` property from OAuthTokenResponse
+
+### Patch Changes
+
+- [#2871](https://github.com/bluesky-social/atproto/pull/2871) [`9d40ccbb6`](https://github.com/bluesky-social/atproto/commit/9d40ccbb69103fae9aae7e3cec31e9b3116f3ba2) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Add missing "wap" display request parameter value
+
+- [#2871](https://github.com/bluesky-social/atproto/pull/2871) [`9d40ccbb6`](https://github.com/bluesky-social/atproto/commit/9d40ccbb69103fae9aae7e3cec31e9b3116f3ba2) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Remove invalid `client_id` property from oauthRefreshTokenGrantTokenRequestSchema
+
+- [#2874](https://github.com/bluesky-social/atproto/pull/2874) [`7f26b1765`](https://github.com/bluesky-social/atproto/commit/7f26b176526b9856a8f61faca6f065f0afd43abf) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Improve typing of oauthIssuerIdentifierSchema
+
 ## 0.1.5
 
 ### Patch Changes

package/dist/atproto-loopback-client-metadata.d.ts

@@ -1,3 +1,6 @@
+import { OAuthClientIdLoopback } from './oauth-client-id-loopback.js';
 import { OAuthClientMetadataInput } from './oauth-client-metadata.js';
-export declare function atprotoLoopbackClientMetadata(clientId: string): OAuthClientMetadataInput;
+export declare function atprotoLoopbackClientMetadata(clientId: string): OAuthClientMetadataInput & {
+    client_id: OAuthClientIdLoopback;
+};
 //# sourceMappingURL=atproto-loopback-client-metadata.d.ts.map

package/dist/atproto-loopback-client-metadata.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"atproto-loopback-client-metadata.d.ts","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAA;AAErE,wBAAgB,6BAA6B,CAC3C,QAAQ,EAAE,MAAM,GACf,wBAAwB,CAiB1B"}
+{"version":3,"file":"atproto-loopback-client-metadata.d.ts","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,qBAAqB,EAEtB,MAAM,+BAA+B,CAAA;AACtC,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAA;AAErE,wBAAgB,6BAA6B,CAC3C,QAAQ,EAAE,MAAM,GACf,wBAAwB,GAAG;IAC5B,SAAS,EAAE,qBAAqB,CAAA;CACjC,CAiBA"}

package/dist/atproto-loopback-client-metadata.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.atprotoLoopbackClientMetadata = void 0;
+exports.atprotoLoopbackClientMetadata = atprotoLoopbackClientMetadata;
 const oauth_client_id_loopback_js_1 = require("./oauth-client-id-loopback.js");
 function atprotoLoopbackClientMetadata(clientId) {
     const { scope = 'atproto', redirect_uris = [`http://127.0.0.1/`, `http://[::1]/`], } = (0, oauth_client_id_loopback_js_1.parseOAuthLoopbackClientId)(clientId);
@@ -16,5 +16,4 @@ function atprotoLoopbackClientMetadata(clientId) {
         dpop_bound_access_tokens: true,
     };
 }
-exports.atprotoLoopbackClientMetadata = atprotoLoopbackClientMetadata;
 //# sourceMappingURL=atproto-loopback-client-metadata.js.map

package/dist/atproto-loopback-client-metadata.js.map

@@ -1 +1 @@
-{"version":3,"file":"atproto-loopback-client-metadata.js","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":";;;AAAA,+EAA0E;AAG1E,SAAgB,6BAA6B,CAC3C,QAAgB;IAEhB,MAAM,EACJ,KAAK,GAAG,SAAS,EACjB,aAAa,GAAG,CAAC,mBAAmB,EAAE,eAAe,CAAC,GACvD,GAAG,IAAA,wDAA0B,EAAC,QAAQ,CAAC,CAAA;IAExC,OAAO;QACL,SAAS,EAAE,QAAQ;QACnB,KAAK;QACL,aAAa;QACb,WAAW,EAAE,iBAAiB;QAC9B,cAAc,EAAE,CAAC,MAAM,CAAC;QACxB,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QACpD,0BAA0B,EAAE,MAAM;QAClC,gBAAgB,EAAE,QAAQ;QAC1B,wBAAwB,EAAE,IAAI;KAC/B,CAAA;AACH,CAAC;AAnBD,sEAmBC"}
+{"version":3,"file":"atproto-loopback-client-metadata.js","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":";;AAMA,sEAqBC;AA3BD,+EAGsC;AAGtC,SAAgB,6BAA6B,CAC3C,QAAgB;IAIhB,MAAM,EACJ,KAAK,GAAG,SAAS,EACjB,aAAa,GAAG,CAAC,mBAAmB,EAAE,eAAe,CAAC,GACvD,GAAG,IAAA,wDAA0B,EAAC,QAAQ,CAAC,CAAA;IAExC,OAAO;QACL,SAAS,EAAE,QAAiC;QAC5C,KAAK;QACL,aAAa;QACb,WAAW,EAAE,iBAAiB;QAC9B,cAAc,EAAE,CAAC,MAAM,CAAC;QACxB,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QACpD,0BAA0B,EAAE,MAAM;QAClC,gBAAgB,EAAE,QAAQ;QAC1B,wBAAwB,EAAE,IAAI;KAC/B,CAAA;AACH,CAAC"}

package/dist/constants.d.ts

@@ -1,8 +1,2 @@
-/**
- * A variable that allows to determine if unsecure origins should be allowed
- * in OAuth related URI's. This variable is only set to `true` when NODE_ENV
- * is either `development` or `test`.
- */
-export declare const ALLOW_UNSECURE_ORIGINS: boolean;
 export declare const CLIENT_ASSERTION_TYPE_JWT_BEARER = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer";
 //# sourceMappingURL=constants.d.ts.map

package/dist/constants.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,SAS/B,CAAA;AAEJ,eAAO,MAAM,gCAAgC,2DACa,CAAA"}
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,gCAAgC,2DACa,CAAA"}

package/dist/constants.js

@@ -1,21 +1,5 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.CLIENT_ASSERTION_TYPE_JWT_BEARER = exports.ALLOW_UNSECURE_ORIGINS = void 0;
-/**
- * A variable that allows to determine if unsecure origins should be allowed
- * in OAuth related URI's. This variable is only set to `true` when NODE_ENV
- * is either `development` or `test`.
- */
-exports.ALLOW_UNSECURE_ORIGINS = (() => {
-    // try/catch to support running in a browser, including when process.env is
-    // shimmed (e.g. by webpack)
-    try {
-        const env = process.env.NODE_ENV;
-        return env === 'development' || env === 'test';
-    }
-    catch {
-        return false;
-    }
-})();
+exports.CLIENT_ASSERTION_TYPE_JWT_BEARER = void 0;
 exports.CLIENT_ASSERTION_TYPE_JWT_BEARER = 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer';
 //# sourceMappingURL=constants.js.map

package/dist/constants.js.map

@@ -1 +1 @@
-{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":";;;AAAA;;;;GAIG;AACU,QAAA,sBAAsB,GAAG,CAAC,GAAG,EAAE;IAC1C,2EAA2E;IAC3E,4BAA4B;IAC5B,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAA;QAChC,OAAO,GAAG,KAAK,aAAa,IAAI,GAAG,KAAK,MAAM,CAAA;IAChD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC,CAAC,EAAE,CAAA;AAES,QAAA,gCAAgC,GAC3C,wDAAwD,CAAA"}
+{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":";;;AAAa,QAAA,gCAAgC,GAC3C,wDAAwD,CAAA"}

package/dist/index.d.ts

@@ -1,4 +1,5 @@
 export * from './constants.js';
+export * from './uri.js';
 export * from './util.js';
 export * from './atproto-loopback-client-metadata.js';
 export * from './oauth-access-token.js';
@@ -24,6 +25,7 @@ export * from './oauth-issuer-identifier.js';
 export * from './oauth-par-response.js';
 export * from './oauth-password-grant-token-request.js';
 export * from './oauth-protected-resource-metadata.js';
+export * from './oauth-redirect-uri.js';
 export * from './oauth-refresh-token-grant-token-request.js';
 export * from './oauth-refresh-token.js';
 export * from './oauth-request-uri.js';

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAA;AAC9B,cAAc,WAAW,CAAA;AAEzB,cAAc,uCAAuC,CAAA;AACrD,cAAc,yBAAyB,CAAA;AACvC,cAAc,mDAAmD,CAAA;AACjE,cAAc,kCAAkC,CAAA;AAChD,cAAc,sCAAsC,CAAA;AACpD,cAAc,sCAAsC,CAAA;AACpD,cAAc,6CAA6C,CAAA;AAC3D,cAAc,wCAAwC,CAAA;AACtD,cAAc,sCAAsC,CAAA;AACpD,cAAc,0CAA0C,CAAA;AACxD,cAAc,mDAAmD,CAAA;AACjE,cAAc,+BAA+B,CAAA;AAC7C,cAAc,mCAAmC,CAAA;AACjD,cAAc,+BAA+B,CAAA;AAC7C,cAAc,sBAAsB,CAAA;AACpC,cAAc,4BAA4B,CAAA;AAC1C,cAAc,iCAAiC,CAAA;AAC/C,cAAc,0BAA0B,CAAA;AACxC,cAAc,uBAAuB,CAAA;AACrC,cAAc,mCAAmC,CAAA;AACjD,cAAc,8BAA8B,CAAA;AAC5C,cAAc,yBAAyB,CAAA;AACvC,cAAc,yCAAyC,CAAA;AACvD,cAAc,wCAAwC,CAAA;AACtD,cAAc,8CAA8C,CAAA;AAC5D,cAAc,0BAA0B,CAAA;AACxC,cAAc,wBAAwB,CAAA;AACtC,cAAc,0BAA0B,CAAA;AACxC,cAAc,0BAA0B,CAAA;AACxC,cAAc,kBAAkB,CAAA;AAChC,cAAc,iCAAiC,CAAA;AAC/C,cAAc,0BAA0B,CAAA;AACxC,cAAc,2BAA2B,CAAA;AACzC,cAAc,uBAAuB,CAAA;AACrC,cAAc,4BAA4B,CAAA;AAC1C,cAAc,6BAA6B,CAAA;AAC3C,cAAc,uBAAuB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAA;AAC9B,cAAc,UAAU,CAAA;AACxB,cAAc,WAAW,CAAA;AAEzB,cAAc,uCAAuC,CAAA;AACrD,cAAc,yBAAyB,CAAA;AACvC,cAAc,mDAAmD,CAAA;AACjE,cAAc,kCAAkC,CAAA;AAChD,cAAc,sCAAsC,CAAA;AACpD,cAAc,sCAAsC,CAAA;AACpD,cAAc,6CAA6C,CAAA;AAC3D,cAAc,wCAAwC,CAAA;AACtD,cAAc,sCAAsC,CAAA;AACpD,cAAc,0CAA0C,CAAA;AACxD,cAAc,mDAAmD,CAAA;AACjE,cAAc,+BAA+B,CAAA;AAC7C,cAAc,mCAAmC,CAAA;AACjD,cAAc,+BAA+B,CAAA;AAC7C,cAAc,sBAAsB,CAAA;AACpC,cAAc,4BAA4B,CAAA;AAC1C,cAAc,iCAAiC,CAAA;AAC/C,cAAc,0BAA0B,CAAA;AACxC,cAAc,uBAAuB,CAAA;AACrC,cAAc,mCAAmC,CAAA;AACjD,cAAc,8BAA8B,CAAA;AAC5C,cAAc,yBAAyB,CAAA;AACvC,cAAc,yCAAyC,CAAA;AACvD,cAAc,wCAAwC,CAAA;AACtD,cAAc,yBAAyB,CAAA;AACvC,cAAc,8CAA8C,CAAA;AAC5D,cAAc,0BAA0B,CAAA;AACxC,cAAc,wBAAwB,CAAA;AACtC,cAAc,0BAA0B,CAAA;AACxC,cAAc,0BAA0B,CAAA;AACxC,cAAc,kBAAkB,CAAA;AAChC,cAAc,iCAAiC,CAAA;AAC/C,cAAc,0BAA0B,CAAA;AACxC,cAAc,2BAA2B,CAAA;AACzC,cAAc,uBAAuB,CAAA;AACrC,cAAc,4BAA4B,CAAA;AAC1C,cAAc,6BAA6B,CAAA;AAC3C,cAAc,uBAAuB,CAAA"}

package/dist/index.js

@@ -15,6 +15,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./constants.js"), exports);
+__exportStar(require("./uri.js"), exports);
 __exportStar(require("./util.js"), exports);
 __exportStar(require("./atproto-loopback-client-metadata.js"), exports);
 __exportStar(require("./oauth-access-token.js"), exports);
@@ -40,6 +41,7 @@ __exportStar(require("./oauth-issuer-identifier.js"), exports);
 __exportStar(require("./oauth-par-response.js"), exports);
 __exportStar(require("./oauth-password-grant-token-request.js"), exports);
 __exportStar(require("./oauth-protected-resource-metadata.js"), exports);
+__exportStar(require("./oauth-redirect-uri.js"), exports);
 __exportStar(require("./oauth-refresh-token-grant-token-request.js"), exports);
 __exportStar(require("./oauth-refresh-token.js"), exports);
 __exportStar(require("./oauth-request-uri.js"), exports);

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA8B;AAC9B,4CAAyB;AAEzB,wEAAqD;AACrD,0DAAuC;AACvC,oFAAiE;AACjE,mEAAgD;AAChD,uEAAoD;AACpD,uEAAoD;AACpD,8EAA2D;AAC3D,yEAAsD;AACtD,uEAAoD;AACpD,2EAAwD;AACxD,oFAAiE;AACjE,gEAA6C;AAC7C,oEAAiD;AACjD,gEAA6C;AAC7C,uDAAoC;AACpC,6DAA0C;AAC1C,kEAA+C;AAC/C,2DAAwC;AACxC,wDAAqC;AACrC,oEAAiD;AACjD,+DAA4C;AAC5C,0DAAuC;AACvC,0EAAuD;AACvD,yEAAsD;AACtD,+EAA4D;AAC5D,2DAAwC;AACxC,yDAAsC;AACtC,2DAAwC;AACxC,2DAAwC;AACxC,mDAAgC;AAChC,kEAA+C;AAC/C,2DAAwC;AACxC,4DAAyC;AACzC,wDAAqC;AACrC,6DAA0C;AAC1C,8DAA2C;AAC3C,wDAAqC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA8B;AAC9B,2CAAwB;AACxB,4CAAyB;AAEzB,wEAAqD;AACrD,0DAAuC;AACvC,oFAAiE;AACjE,mEAAgD;AAChD,uEAAoD;AACpD,uEAAoD;AACpD,8EAA2D;AAC3D,yEAAsD;AACtD,uEAAoD;AACpD,2EAAwD;AACxD,oFAAiE;AACjE,gEAA6C;AAC7C,oEAAiD;AACjD,gEAA6C;AAC7C,uDAAoC;AACpC,6DAA0C;AAC1C,kEAA+C;AAC/C,2DAAwC;AACxC,wDAAqC;AACrC,oEAAiD;AACjD,+DAA4C;AAC5C,0DAAuC;AACvC,0EAAuD;AACvD,yEAAsD;AACtD,0DAAuC;AACvC,+EAA4D;AAC5D,2DAAwC;AACxC,yDAAsC;AACtC,2DAAwC;AACxC,2DAAwC;AACxC,mDAAgC;AAChC,kEAA+C;AAC/C,2DAAwC;AACxC,4DAAyC;AACzC,wDAAqC;AACrC,6DAA0C;AAC1C,8DAA2C;AAC3C,wDAAqC"}

package/dist/oauth-authorization-code-grant-token-request.d.ts

@@ -2,12 +2,12 @@ import { z } from 'zod';
 export declare const oauthAuthorizationCodeGrantTokenRequestSchema: z.ZodObject<{
     grant_type: z.ZodLiteral<"authorization_code">;
     code: z.ZodString;
-    redirect_uri: z.ZodString;
+    redirect_uri: z.ZodUnion<[z.ZodEffects<z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `http://[::1]${string}` | "http://localhost" | `http://localhost#${string}` | `http://localhost?${string}` | `http://localhost/${string}` | `http://localhost:${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}`, string>, `http://[::1]${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `https://${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `${string}.${string}:/${string}`, string>]>;
     /** @see {@link https://datatracker.ietf.org/doc/html/rfc7636#section-4.1} */
     code_verifier: z.ZodOptional<z.ZodString>;
 }, "strip", z.ZodTypeAny, {
     code: string;
-    redirect_uri: string;
+    redirect_uri: `http://[::1]${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}` | `https://${string}` | `${string}.${string}:/${string}`;
     grant_type: "authorization_code";
     code_verifier?: string | undefined;
 }, {

package/dist/oauth-authorization-code-grant-token-request.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-authorization-code-grant-token-request.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-code-grant-token-request.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,6CAA6C;;;;IAIxD,6EAA6E;;;;;;;;;;;;EAO7E,CAAA;AAEF,MAAM,MAAM,uCAAuC,GAAG,CAAC,CAAC,KAAK,CAC3D,OAAO,6CAA6C,CACrD,CAAA"}
+{"version":3,"file":"oauth-authorization-code-grant-token-request.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-code-grant-token-request.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAGvB,eAAO,MAAM,6CAA6C;;;;IAIxD,6EAA6E;;;;;;;;;;;;EAO7E,CAAA;AAEF,MAAM,MAAM,uCAAuC,GAAG,CAAC,CAAC,KAAK,CAC3D,OAAO,6CAA6C,CACrD,CAAA"}

package/dist/oauth-authorization-code-grant-token-request.js

@@ -2,10 +2,11 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.oauthAuthorizationCodeGrantTokenRequestSchema = void 0;
 const zod_1 = require("zod");
+const oauth_redirect_uri_js_1 = require("./oauth-redirect-uri.js");
 exports.oauthAuthorizationCodeGrantTokenRequestSchema = zod_1.z.object({
     grant_type: zod_1.z.literal('authorization_code'),
     code: zod_1.z.string().min(1),
-    redirect_uri: zod_1.z.string().url(),
+    redirect_uri: oauth_redirect_uri_js_1.oauthRedirectUriSchema,
     /** @see {@link https://datatracker.ietf.org/doc/html/rfc7636#section-4.1} */
     code_verifier: zod_1.z
         .string()

package/dist/oauth-authorization-code-grant-token-request.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-authorization-code-grant-token-request.js","sourceRoot":"","sources":["../src/oauth-authorization-code-grant-token-request.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,6CAA6C,GAAG,OAAC,CAAC,MAAM,CAAC;IACpE,UAAU,EAAE,OAAC,CAAC,OAAO,CAAC,oBAAoB,CAAC;IAC3C,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,YAAY,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IAC9B,6EAA6E;IAC7E,aAAa,EAAE,OAAC;SACb,MAAM,EAAE;SACR,GAAG,CAAC,EAAE,CAAC;SACP,GAAG,CAAC,GAAG,CAAC;SACR,KAAK,CAAC,oBAAoB,CAAC;SAC3B,QAAQ,EAAE;CACd,CAAC,CAAA"}
+{"version":3,"file":"oauth-authorization-code-grant-token-request.js","sourceRoot":"","sources":["../src/oauth-authorization-code-grant-token-request.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,mEAAgE;AAEnD,QAAA,6CAA6C,GAAG,OAAC,CAAC,MAAM,CAAC;IACpE,UAAU,EAAE,OAAC,CAAC,OAAO,CAAC,oBAAoB,CAAC;IAC3C,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,YAAY,EAAE,8CAAsB;IACpC,6EAA6E;IAC7E,aAAa,EAAE,OAAC;SACb,MAAM,EAAE;SACR,GAAG,CAAC,EAAE,CAAC;SACP,GAAG,CAAC,GAAG,CAAC;SACR,KAAK,CAAC,oBAAoB,CAAC;SAC3B,QAAQ,EAAE;CACd,CAAC,CAAA"}

package/dist/oauth-authorization-details.d.ts

@@ -4,14 +4,33 @@ import { z } from 'zod';
  */
 export declare const oauthAuthorizationDetailSchema: z.ZodObject<{
     type: z.ZodString;
-    locations: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    /**
+     * An array of strings representing the location of the resource or RS. These
+     * strings are typically URIs identifying the location of the RS.
+     */
+    locations: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, "many">>;
+    /**
+     * An array of strings representing the kinds of actions to be taken at the
+     * resource.
+     */
     actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    /**
+     * An array of strings representing the kinds of data being requested from the
+     * resource.
+     */
     datatypes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    /**
+     * A string identifier indicating a specific resource available at the API.
+     */
     identifier: z.ZodOptional<z.ZodString>;
+    /**
+     * An array of strings representing the types or levels of privilege being
+     * requested at the resource.
+     */
     privileges: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
 }, "strip", z.ZodTypeAny, {
     type: string;
-    locations?: string[] | undefined;
+    locations?: `${string}:${string}`[] | undefined;
     actions?: string[] | undefined;
     datatypes?: string[] | undefined;
     identifier?: string | undefined;
@@ -30,14 +49,33 @@ export type OAuthAuthorizationDetail = z.infer<typeof oauthAuthorizationDetailSc
  */
 export declare const oauthAuthorizationDetailsSchema: z.ZodArray<z.ZodObject<{
     type: z.ZodString;
-    locations: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    /**
+     * An array of strings representing the location of the resource or RS. These
+     * strings are typically URIs identifying the location of the RS.
+     */
+    locations: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, "many">>;
+    /**
+     * An array of strings representing the kinds of actions to be taken at the
+     * resource.
+     */
     actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    /**
+     * An array of strings representing the kinds of data being requested from the
+     * resource.
+     */
     datatypes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    /**
+     * A string identifier indicating a specific resource available at the API.
+     */
     identifier: z.ZodOptional<z.ZodString>;
+    /**
+     * An array of strings representing the types or levels of privilege being
+     * requested at the resource.
+     */
     privileges: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
 }, "strip", z.ZodTypeAny, {
     type: string;
-    locations?: string[] | undefined;
+    locations?: `${string}:${string}`[] | undefined;
     actions?: string[] | undefined;
     datatypes?: string[] | undefined;
     identifier?: string | undefined;

package/dist/oauth-authorization-details.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-authorization-details.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-details.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB;;GAEG;AACH,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;;;;;EAOzC,CAAA;AAEF,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAC5C,OAAO,8BAA8B,CACtC,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,+BAA+B;;;;;;;;;;;;;;;;;;;;;WAE3C,CAAA;AAED,MAAM,MAAM,yBAAyB,GAAG,CAAC,CAAC,KAAK,CAC7C,OAAO,+BAA+B,CACvC,CAAA"}
+{"version":3,"file":"oauth-authorization-details.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-details.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAGvB;;GAEG;AACH,eAAO,MAAM,8BAA8B;;IAEzC;;;OAGG;;IAEH;;;OAGG;;IAEH;;;OAGG;;IAEH;;OAEG;;IAEH;;;OAGG;;;;;;;;;;;;;;;;EAEH,CAAA;AAEF,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAC5C,OAAO,8BAA8B,CACtC,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,+BAA+B;;IAjC1C;;;OAGG;;IAEH;;;OAGG;;IAEH;;;OAGG;;IAEH;;OAEG;;IAEH;;;OAGG;;;;;;;;;;;;;;;;WAaJ,CAAA;AAED,MAAM,MAAM,yBAAyB,GAAG,CAAC,CAAC,KAAK,CAC7C,OAAO,+BAA+B,CACvC,CAAA"}

package/dist/oauth-authorization-details.js

@@ -2,15 +2,35 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.oauthAuthorizationDetailsSchema = exports.oauthAuthorizationDetailSchema = void 0;
 const zod_1 = require("zod");
+const uri_js_1 = require("./uri.js");
 /**
  * @see {@link https://datatracker.ietf.org/doc/html/rfc9396#section-2 | RFC 9396, Section 2}
  */
 exports.oauthAuthorizationDetailSchema = zod_1.z.object({
     type: zod_1.z.string(),
-    locations: zod_1.z.array(zod_1.z.string().url()).optional(),
+    /**
+     * An array of strings representing the location of the resource or RS. These
+     * strings are typically URIs identifying the location of the RS.
+     */
+    locations: zod_1.z.array(uri_js_1.dangerousUriSchema).optional(),
+    /**
+     * An array of strings representing the kinds of actions to be taken at the
+     * resource.
+     */
     actions: zod_1.z.array(zod_1.z.string()).optional(),
+    /**
+     * An array of strings representing the kinds of data being requested from the
+     * resource.
+     */
     datatypes: zod_1.z.array(zod_1.z.string()).optional(),
+    /**
+     * A string identifier indicating a specific resource available at the API.
+     */
     identifier: zod_1.z.string().optional(),
+    /**
+     * An array of strings representing the types or levels of privilege being
+     * requested at the resource.
+     */
     privileges: zod_1.z.array(zod_1.z.string()).optional(),
 });
 /**

package/dist/oauth-authorization-details.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-authorization-details.js","sourceRoot":"","sources":["../src/oauth-authorization-details.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEvB;;GAEG;AACU,QAAA,8BAA8B,GAAG,OAAC,CAAC,MAAM,CAAC;IACrD,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE;IAChB,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC/C,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACvC,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACzC,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACjC,UAAU,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CAC3C,CAAC,CAAA;AAMF;;GAEG;AACU,QAAA,+BAA+B,GAAG,OAAC,CAAC,KAAK,CACpD,sCAA8B,CAC/B,CAAA"}
+{"version":3,"file":"oauth-authorization-details.js","sourceRoot":"","sources":["../src/oauth-authorization-details.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,qCAA6C;AAE7C;;GAEG;AACU,QAAA,8BAA8B,GAAG,OAAC,CAAC,MAAM,CAAC;IACrD,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE;IAChB;;;OAGG;IACH,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,2BAAkB,CAAC,CAAC,QAAQ,EAAE;IACjD;;;OAGG;IACH,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACvC;;;OAGG;IACH,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACzC;;OAEG;IACH,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACjC;;;OAGG;IACH,UAAU,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CAC3C,CAAC,CAAA;AAMF;;GAEG;AACU,QAAA,+BAA+B,GAAG,OAAC,CAAC,KAAK,CACpD,sCAA8B,CAC/B,CAAA"}

package/dist/oauth-authorization-request-jar.d.ts

@@ -8,7 +8,7 @@ export declare const oauthAuthorizationRequestJarSchema: z.ZodObject<{
      */
     request: z.ZodUnion<[z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}`, string>]>;
 }, "strip", z.ZodTypeAny, {
-    request: `${string}.${string}.${string}` | `${string}.${string}`;
+    request: `${string}.${string}` | `${string}.${string}.${string}`;
 }, {
     request: string;
 }>;

package/dist/oauth-authorization-request-par.d.ts

@@ -2,7 +2,7 @@ import { z } from 'zod';
 export declare const oauthAuthorizationRequestParSchema: z.ZodUnion<[z.ZodObject<{
     client_id: z.ZodString;
     state: z.ZodOptional<z.ZodString>;
-    redirect_uri: z.ZodOptional<z.ZodString>;
+    redirect_uri: z.ZodOptional<z.ZodUnion<[z.ZodEffects<z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `http://[::1]${string}` | "http://localhost" | `http://localhost#${string}` | `http://localhost?${string}` | `http://localhost/${string}` | `http://localhost:${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}`, string>, `http://[::1]${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `https://${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `${string}.${string}:/${string}`, string>]>>;
     scope: z.ZodOptional<z.ZodString>;
     response_type: z.ZodEnum<["code", "token", "none", "code id_token token", "code id_token", "code token", "id_token token", "id_token"]>;
     code_challenge: z.ZodOptional<z.ZodString>;
@@ -27,18 +27,18 @@ export declare const oauthAuthorizationRequestParSchema: z.ZodUnion<[z.ZodObject
     login_hint: z.ZodOptional<z.ZodString>;
     ui_locales: z.ZodOptional<z.ZodString>;
     id_token_hint: z.ZodOptional<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>>;
-    display: z.ZodOptional<z.ZodEnum<["page", "popup", "touch"]>>;
+    display: z.ZodOptional<z.ZodEnum<["page", "popup", "touch", "wap"]>>;
     prompt: z.ZodOptional<z.ZodEnum<["none", "login", "consent", "select_account"]>>;
     authorization_details: z.ZodOptional<z.ZodArray<z.ZodObject<{
         type: z.ZodString;
-        locations: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        locations: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, "many">>;
         actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
         datatypes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
         identifier: z.ZodOptional<z.ZodString>;
         privileges: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
     }, "strip", z.ZodTypeAny, {
         type: string;
-        locations?: string[] | undefined;
+        locations?: `${string}:${string}`[] | undefined;
         actions?: string[] | undefined;
         datatypes?: string[] | undefined;
         identifier?: string | undefined;
@@ -54,7 +54,7 @@ export declare const oauthAuthorizationRequestParSchema: z.ZodUnion<[z.ZodObject
 }, "strip", z.ZodTypeAny, {
     client_id: string;
     response_type: "code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
-    redirect_uri?: string | undefined;
+    redirect_uri?: `http://[::1]${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}` | `https://${string}` | `${string}.${string}:/${string}` | undefined;
     scope?: string | undefined;
     nonce?: string | undefined;
     state?: string | undefined;
@@ -63,7 +63,7 @@ export declare const oauthAuthorizationRequestParSchema: z.ZodUnion<[z.ZodObject
     dpop_jkt?: string | undefined;
     response_mode?: "query" | "fragment" | "form_post" | undefined;
     max_age?: number | undefined;
-    claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
+    claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"email" | "auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
         values?: (string | number | boolean)[] | undefined;
         value?: string | number | boolean | undefined;
         essential?: boolean | undefined;
@@ -71,11 +71,11 @@ export declare const oauthAuthorizationRequestParSchema: z.ZodUnion<[z.ZodObject
     login_hint?: string | undefined;
     ui_locales?: string | undefined;
     id_token_hint?: `${string}.${string}.${string}` | undefined;
-    display?: "page" | "popup" | "touch" | undefined;
+    display?: "page" | "popup" | "touch" | "wap" | undefined;
     prompt?: "none" | "login" | "consent" | "select_account" | undefined;
     authorization_details?: {
         type: string;
-        locations?: string[] | undefined;
+        locations?: `${string}:${string}`[] | undefined;
         actions?: string[] | undefined;
         datatypes?: string[] | undefined;
         identifier?: string | undefined;
@@ -93,7 +93,7 @@ export declare const oauthAuthorizationRequestParSchema: z.ZodUnion<[z.ZodObject
     dpop_jkt?: string | undefined;
     response_mode?: "query" | "fragment" | "form_post" | undefined;
     max_age?: number | undefined;
-    claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
+    claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"email" | "auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
         values?: (string | number | boolean)[] | undefined;
         value?: string | number | boolean | undefined;
         essential?: boolean | undefined;
@@ -101,7 +101,7 @@ export declare const oauthAuthorizationRequestParSchema: z.ZodUnion<[z.ZodObject
     login_hint?: string | undefined;
     ui_locales?: string | undefined;
     id_token_hint?: string | undefined;
-    display?: "page" | "popup" | "touch" | undefined;
+    display?: "page" | "popup" | "touch" | "wap" | undefined;
     prompt?: "none" | "login" | "consent" | "select_account" | undefined;
     authorization_details?: {
         type: string;
@@ -114,7 +114,7 @@ export declare const oauthAuthorizationRequestParSchema: z.ZodUnion<[z.ZodObject
 }>, z.ZodObject<{
     request: z.ZodUnion<[z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}`, string>]>;
 }, "strip", z.ZodTypeAny, {
-    request: `${string}.${string}.${string}` | `${string}.${string}`;
+    request: `${string}.${string}` | `${string}.${string}.${string}`;
 }, {
     request: string;
 }>]>;

package/dist/oauth-authorization-request-parameters.d.ts

@@ -5,7 +5,7 @@ import { z } from 'zod';
 export declare const oauthAuthorizationRequestParametersSchema: z.ZodObject<{
     client_id: z.ZodString;
     state: z.ZodOptional<z.ZodString>;
-    redirect_uri: z.ZodOptional<z.ZodString>;
+    redirect_uri: z.ZodOptional<z.ZodUnion<[z.ZodEffects<z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `http://[::1]${string}` | "http://localhost" | `http://localhost#${string}` | `http://localhost?${string}` | `http://localhost/${string}` | `http://localhost:${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}`, string>, `http://[::1]${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `https://${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `${string}.${string}:/${string}`, string>]>>;
     scope: z.ZodOptional<z.ZodString>;
     response_type: z.ZodEnum<["code", "token", "none", "code id_token token", "code id_token", "code token", "id_token token", "id_token"]>;
     code_challenge: z.ZodOptional<z.ZodString>;
@@ -30,7 +30,7 @@ export declare const oauthAuthorizationRequestParametersSchema: z.ZodObject<{
     login_hint: z.ZodOptional<z.ZodString>;
     ui_locales: z.ZodOptional<z.ZodString>;
     id_token_hint: z.ZodOptional<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>>;
-    display: z.ZodOptional<z.ZodEnum<["page", "popup", "touch"]>>;
+    display: z.ZodOptional<z.ZodEnum<["page", "popup", "touch", "wap"]>>;
     /**
      * - "none" will only be allowed if the user already allowed the client on the same device
      * - "login" will force the user to login again, unless he very recently logged in
@@ -40,14 +40,14 @@ export declare const oauthAuthorizationRequestParametersSchema: z.ZodObject<{
     prompt: z.ZodOptional<z.ZodEnum<["none", "login", "consent", "select_account"]>>;
     authorization_details: z.ZodOptional<z.ZodArray<z.ZodObject<{
         type: z.ZodString;
-        locations: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        locations: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, "many">>;
         actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
         datatypes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
         identifier: z.ZodOptional<z.ZodString>;
         privileges: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
     }, "strip", z.ZodTypeAny, {
         type: string;
-        locations?: string[] | undefined;
+        locations?: `${string}:${string}`[] | undefined;
         actions?: string[] | undefined;
         datatypes?: string[] | undefined;
         identifier?: string | undefined;
@@ -63,7 +63,7 @@ export declare const oauthAuthorizationRequestParametersSchema: z.ZodObject<{
 }, "strip", z.ZodTypeAny, {
     client_id: string;
     response_type: "code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
-    redirect_uri?: string | undefined;
+    redirect_uri?: `http://[::1]${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}` | `https://${string}` | `${string}.${string}:/${string}` | undefined;
     scope?: string | undefined;
     nonce?: string | undefined;
     state?: string | undefined;
@@ -72,7 +72,7 @@ export declare const oauthAuthorizationRequestParametersSchema: z.ZodObject<{
     dpop_jkt?: string | undefined;
     response_mode?: "query" | "fragment" | "form_post" | undefined;
     max_age?: number | undefined;
-    claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
+    claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"email" | "auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
         values?: (string | number | boolean)[] | undefined;
         value?: string | number | boolean | undefined;
         essential?: boolean | undefined;
@@ -80,11 +80,11 @@ export declare const oauthAuthorizationRequestParametersSchema: z.ZodObject<{
     login_hint?: string | undefined;
     ui_locales?: string | undefined;
     id_token_hint?: `${string}.${string}.${string}` | undefined;
-    display?: "page" | "popup" | "touch" | undefined;
+    display?: "page" | "popup" | "touch" | "wap" | undefined;
     prompt?: "none" | "login" | "consent" | "select_account" | undefined;
     authorization_details?: {
         type: string;
-        locations?: string[] | undefined;
+        locations?: `${string}:${string}`[] | undefined;
         actions?: string[] | undefined;
         datatypes?: string[] | undefined;
         identifier?: string | undefined;
@@ -102,7 +102,7 @@ export declare const oauthAuthorizationRequestParametersSchema: z.ZodObject<{
     dpop_jkt?: string | undefined;
     response_mode?: "query" | "fragment" | "form_post" | undefined;
     max_age?: number | undefined;
-    claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
+    claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"email" | "auth_time" | "nonce" | "acr" | "name" | "family_name" | "given_name" | "middle_name" | "nickname" | "preferred_username" | "gender" | "picture" | "profile" | "website" | "birthdate" | "zoneinfo" | "locale" | "updated_at" | "email_verified" | "phone_number" | "phone_number_verified" | "address", {
         values?: (string | number | boolean)[] | undefined;
         value?: string | number | boolean | undefined;
         essential?: boolean | undefined;
@@ -110,7 +110,7 @@ export declare const oauthAuthorizationRequestParametersSchema: z.ZodObject<{
     login_hint?: string | undefined;
     ui_locales?: string | undefined;
     id_token_hint?: string | undefined;
-    display?: "page" | "popup" | "touch" | undefined;
+    display?: "page" | "popup" | "touch" | "wap" | undefined;
     prompt?: "none" | "login" | "consent" | "select_account" | undefined;
     authorization_details?: {
         type: string;

package/dist/oauth-authorization-request-parameters.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-authorization-request-parameters.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-request-parameters.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAWvB;;GAEG;AACH,eAAO,MAAM,yCAAyC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA8DpD;;;;;OAKG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAKH,CAAA;AAEF;;GAEG;AACH,MAAM,MAAM,mCAAmC,GAAG,CAAC,CAAC,KAAK,CACvD,OAAO,yCAAyC,CACjD,CAAA"}
+{"version":3,"file":"oauth-authorization-request-parameters.d.ts","sourceRoot":"","sources":["../src/oauth-authorization-request-parameters.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAYvB;;GAEG;AACH,eAAO,MAAM,yCAAyC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA8DpD;;;;;OAKG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAKH,CAAA;AAEF;;GAEG;AACH,MAAM,MAAM,mCAAmC,GAAG,CAAC,CAAC,KAAK,CACvD,OAAO,yCAAyC,CACjD,CAAA"}

package/dist/oauth-authorization-request-parameters.js

@@ -6,6 +6,7 @@ const zod_1 = require("zod");
 const oauth_authorization_details_js_1 = require("./oauth-authorization-details.js");
 const oauth_client_id_js_1 = require("./oauth-client-id.js");
 const oauth_code_challenge_method_js_1 = require("./oauth-code-challenge-method.js");
+const oauth_redirect_uri_js_1 = require("./oauth-redirect-uri.js");
 const oauth_response_type_js_1 = require("./oauth-response-type.js");
 const oauth_scope_js_1 = require("./oauth-scope.js");
 const oidc_claims_parameter_js_1 = require("./oidc-claims-parameter.js");
@@ -17,7 +18,7 @@ const oidc_entity_type_js_1 = require("./oidc-entity-type.js");
 exports.oauthAuthorizationRequestParametersSchema = zod_1.z.object({
     client_id: oauth_client_id_js_1.oauthClientIdSchema,
     state: zod_1.z.string().optional(),
-    redirect_uri: zod_1.z.string().url().optional(),
+    redirect_uri: oauth_redirect_uri_js_1.oauthRedirectUriSchema.optional(),
     scope: oauth_scope_js_1.oauthScopeSchema.optional(),
     response_type: oauth_response_type_js_1.oauthResponseTypeSchema,
     // PKCE
@@ -54,7 +55,7 @@ exports.oauthAuthorizationRequestParametersSchema = zod_1.z.object({
     // Previous ID Token, should be provided when prompt=none is used
     id_token_hint: jwk_1.signedJwtSchema.optional(),
     // Type of UI the AS is displayed on
-    display: zod_1.z.enum(['page', 'popup', 'touch']).optional(),
+    display: zod_1.z.enum(['page', 'popup', 'touch', 'wap']).optional(),
     /**
      * - "none" will only be allowed if the user already allowed the client on the same device
      * - "login" will force the user to login again, unless he very recently logged in

package/dist/oauth-authorization-request-parameters.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-authorization-request-parameters.js","sourceRoot":"","sources":["../src/oauth-authorization-request-parameters.ts"],"names":[],"mappings":";;;AAAA,sCAA8C;AAC9C,6BAAuB;AAEvB,qFAAkF;AAClF,6DAA0D;AAC1D,qFAAiF;AACjF,qEAAkE;AAClE,qDAAmD;AACnD,yEAAsE;AACtE,2EAAwE;AACxE,+DAA4D;AAE5D;;GAEG;AACU,QAAA,yCAAyC,GAAG,OAAC,CAAC,MAAM,CAAC;IAChE,SAAS,EAAE,wCAAmB;IAC9B,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,YAAY,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACzC,KAAK,EAAE,iCAAgB,CAAC,QAAQ,EAAE;IAClC,aAAa,EAAE,gDAAuB;IAEtC,OAAO;IAEP,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACrC,qBAAqB,EAAE,+DAA8B;SAClD,OAAO,CAAC,MAAM,CAAC;SACf,QAAQ,EAAE;IAEb,OAAO;IAEP,6DAA6D;IAC7D,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAE/B,OAAO;IAEP,kCAAkC;IAClC,aAAa,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,QAAQ,EAAE;IAEpE,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAE5B,0EAA0E;IAC1E,wEAAwE;IACxE,2EAA2E;IAC3E,6EAA6E;IAC7E,4EAA4E;IAC5E,yEAAyE;IACzE,2CAA2C;IAC3C,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAE3C,MAAM,EAAE,OAAC;SACN,MAAM,CACL,0CAAoB,EACpB,OAAC,CAAC,MAAM,CACN,oDAAyB,EACzB,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,sDAA0B,CAAC,CAAC,CACvD,CACF;SACA,QAAQ,EAAE;IAEb,8EAA8E;IAC9E,uCAAuC;IACvC,iDAAiD;IAEjD,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAExC,UAAU,EAAE,OAAC;SACV,MAAM,EAAE;SACR,KAAK,CAAC,gDAAgD,CAAC,CAAC,cAAc;SACtE,QAAQ,EAAE;IAEb,iEAAiE;IACjE,aAAa,EAAE,qBAAe,CAAC,QAAQ,EAAE;IAEzC,oCAAoC;IACpC,OAAO,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE;IAEtD;;;;;OAKG;IACH,MAAM,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,gBAAgB,CAAC,CAAC,CAAC,QAAQ,EAAE;IAEzE,gDAAgD;IAChD,qBAAqB,EAAE,gEAA+B,CAAC,QAAQ,EAAE;CAClE,CAAC,CAAA"}
+{"version":3,"file":"oauth-authorization-request-parameters.js","sourceRoot":"","sources":["../src/oauth-authorization-request-parameters.ts"],"names":[],"mappings":";;;AAAA,sCAA8C;AAC9C,6BAAuB;AAEvB,qFAAkF;AAClF,6DAA0D;AAC1D,qFAAiF;AACjF,mEAAgE;AAChE,qEAAkE;AAClE,qDAAmD;AACnD,yEAAsE;AACtE,2EAAwE;AACxE,+DAA4D;AAE5D;;GAEG;AACU,QAAA,yCAAyC,GAAG,OAAC,CAAC,MAAM,CAAC;IAChE,SAAS,EAAE,wCAAmB;IAC9B,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,YAAY,EAAE,8CAAsB,CAAC,QAAQ,EAAE;IAC/C,KAAK,EAAE,iCAAgB,CAAC,QAAQ,EAAE;IAClC,aAAa,EAAE,gDAAuB;IAEtC,OAAO;IAEP,cAAc,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACrC,qBAAqB,EAAE,+DAA8B;SAClD,OAAO,CAAC,MAAM,CAAC;SACf,QAAQ,EAAE;IAEb,OAAO;IAEP,6DAA6D;IAC7D,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAE/B,OAAO;IAEP,kCAAkC;IAClC,aAAa,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,QAAQ,EAAE;IAEpE,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAE5B,0EAA0E;IAC1E,wEAAwE;IACxE,2EAA2E;IAC3E,6EAA6E;IAC7E,4EAA4E;IAC5E,yEAAyE;IACzE,2CAA2C;IAC3C,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAE3C,MAAM,EAAE,OAAC;SACN,MAAM,CACL,0CAAoB,EACpB,OAAC,CAAC,MAAM,CACN,oDAAyB,EACzB,OAAC,CAAC,KAAK,CAAC,CAAC,OAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,sDAA0B,CAAC,CAAC,CACvD,CACF;SACA,QAAQ,EAAE;IAEb,8EAA8E;IAC9E,uCAAuC;IACvC,iDAAiD;IAEjD,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAExC,UAAU,EAAE,OAAC;SACV,MAAM,EAAE;SACR,KAAK,CAAC,gDAAgD,CAAC,CAAC,cAAc;SACtE,QAAQ,EAAE;IAEb,iEAAiE;IACjE,aAAa,EAAE,qBAAe,CAAC,QAAQ,EAAE;IAEzC,oCAAoC;IACpC,OAAO,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,EAAE;IAE7D;;;;;OAKG;IACH,MAAM,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,gBAAgB,CAAC,CAAC,CAAC,QAAQ,EAAE;IAEzE,gDAAgD;IAChD,qBAAqB,EAAE,gEAA+B,CAAC,QAAQ,EAAE;CAClE,CAAC,CAAA"}