@atproto/oauth-types 0.4.0 → 0.4.2

package/CHANGELOG.md

@@ -1,5 +1,26 @@
 # @atproto/oauth-types
 
+## 0.4.2
+
+### Patch Changes
+
+- [#4216](https://github.com/bluesky-social/atproto/pull/4216) [`09439d7d6`](https://github.com/bluesky-social/atproto/commit/09439d7d688294ad1a0c78a74b901ba2f7c5f4c3) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Expose new utilities to build and work with atproto loopback client metadata
+
+- [#4216](https://github.com/bluesky-social/atproto/pull/4216) [`09439d7d6`](https://github.com/bluesky-social/atproto/commit/09439d7d688294ad1a0c78a74b901ba2f7c5f4c3) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Improve validation of `AtprotoOAuthScope`
+
+- [#4216](https://github.com/bluesky-social/atproto/pull/4216) [`09439d7d6`](https://github.com/bluesky-social/atproto/commit/09439d7d688294ad1a0c78a74b901ba2f7c5f4c3) Thanks [@matthieusieben](https://github.com/matthieusieben)! - Add `AtprotoOAuthTokenResponse` schema
+
+- Updated dependencies [[`f560cf226`](https://github.com/bluesky-social/atproto/commit/f560cf2266715666ce5852ab095fcfb3876ae815), [`fefe70126`](https://github.com/bluesky-social/atproto/commit/fefe70126d0ea82507ac750f669b3478290f186b), [`f560cf226`](https://github.com/bluesky-social/atproto/commit/f560cf2266715666ce5852ab095fcfb3876ae815), [`f560cf226`](https://github.com/bluesky-social/atproto/commit/f560cf2266715666ce5852ab095fcfb3876ae815), [`f560cf226`](https://github.com/bluesky-social/atproto/commit/f560cf2266715666ce5852ab095fcfb3876ae815), [`09439d7d6`](https://github.com/bluesky-social/atproto/commit/09439d7d688294ad1a0c78a74b901ba2f7c5f4c3)]:
+  - @atproto/jwk@0.6.0
+  - @atproto/did@0.2.1
+
+## 0.4.1
+
+### Patch Changes
+
+- Updated dependencies [[`8a88e2c15`](https://github.com/bluesky-social/atproto/commit/8a88e2c15451f5e8239400eeb277ad31d178b8e6), [`8a88e2c15`](https://github.com/bluesky-social/atproto/commit/8a88e2c15451f5e8239400eeb277ad31d178b8e6)]:
+  - @atproto/jwk@0.5.0
+
 ## 0.4.0
 
 ### Minor Changes

package/dist/atproto-loopback-client-id.d.ts

@@ -0,0 +1,14 @@
+import { AtprotoOAuthScope } from './atproto-oauth-scope.js';
+import { OAuthClientIdLoopback } from './oauth-client-id-loopback.js';
+import { OAuthLoopbackRedirectURI } from './oauth-redirect-uri.js';
+export type OAuthLoopbackClientIdConfig = {
+    scope?: string;
+    redirect_uris?: Iterable<string>;
+};
+export declare function buildAtprotoLoopbackClientId(config?: OAuthLoopbackClientIdConfig): OAuthClientIdLoopback;
+export type AtprotoLoopbackClientIdParams = {
+    scope: AtprotoOAuthScope;
+    redirect_uris: [OAuthLoopbackRedirectURI, ...OAuthLoopbackRedirectURI[]];
+};
+export declare function parseAtprotoLoopbackClientId(clientId: string): AtprotoLoopbackClientIdParams;
+//# sourceMappingURL=atproto-loopback-client-id.d.ts.map

package/dist/atproto-loopback-client-id.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"atproto-loopback-client-id.d.ts","sourceRoot":"","sources":["../src/atproto-loopback-client-id.ts"],"names":[],"mappings":"AACA,OAAO,EACL,iBAAiB,EAIlB,MAAM,0BAA0B,CAAA;AACjC,OAAO,EAEL,qBAAqB,EAEtB,MAAM,+BAA+B,CAAA;AACtC,OAAO,EACL,wBAAwB,EAEzB,MAAM,yBAAyB,CAAA;AAGhC,MAAM,MAAM,2BAA2B,GAAG;IACxC,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,aAAa,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;CACjC,CAAA;AAED,wBAAgB,4BAA4B,CAC1C,MAAM,CAAC,EAAE,2BAA2B,GACnC,qBAAqB,CA4BvB;AAED,MAAM,MAAM,6BAA6B,GAAG;IAC1C,KAAK,EAAE,iBAAiB,CAAA;IACxB,aAAa,EAAE,CAAC,wBAAwB,EAAE,GAAG,wBAAwB,EAAE,CAAC,CAAA;CACzE,CAAA;AAED,wBAAgB,4BAA4B,CAC1C,QAAQ,EAAE,MAAM,GACf,6BAA6B,CAY/B"}

package/dist/atproto-loopback-client-id.js

@@ -0,0 +1,43 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.buildAtprotoLoopbackClientId = buildAtprotoLoopbackClientId;
+exports.parseAtprotoLoopbackClientId = parseAtprotoLoopbackClientId;
+const atproto_loopback_client_redirect_uris_js_1 = require("./atproto-loopback-client-redirect-uris.js");
+const atproto_oauth_scope_js_1 = require("./atproto-oauth-scope.js");
+const oauth_client_id_loopback_js_1 = require("./oauth-client-id-loopback.js");
+const oauth_redirect_uri_js_1 = require("./oauth-redirect-uri.js");
+const util_js_1 = require("./util.js");
+function buildAtprotoLoopbackClientId(config) {
+    if (config) {
+        const params = new URLSearchParams();
+        const { scope } = config;
+        if (scope != null && scope !== atproto_oauth_scope_js_1.DEFAULT_ATPROTO_OAUTH_SCOPE) {
+            params.set('scope', (0, atproto_oauth_scope_js_1.asAtprotoOAuthScope)(scope));
+        }
+        const redirectUris = (0, util_js_1.asArray)(config.redirect_uris);
+        if (redirectUris &&
+            !(0, util_js_1.arrayEquivalent)(redirectUris, atproto_loopback_client_redirect_uris_js_1.DEFAULT_LOOPBACK_CLIENT_REDIRECT_URIS)) {
+            if (!redirectUris.length) {
+                throw new TypeError(`Unexpected empty "redirect_uris" config`);
+            }
+            for (const uri of redirectUris) {
+                params.append('redirect_uri', oauth_redirect_uri_js_1.oauthLoopbackRedirectURISchema.parse(uri));
+            }
+        }
+        if (params.size) {
+            return `${oauth_client_id_loopback_js_1.LOOPBACK_CLIENT_ID_ORIGIN}?${params.toString()}`;
+        }
+    }
+    return oauth_client_id_loopback_js_1.LOOPBACK_CLIENT_ID_ORIGIN;
+}
+function parseAtprotoLoopbackClientId(clientId) {
+    const { scope = atproto_oauth_scope_js_1.DEFAULT_ATPROTO_OAUTH_SCOPE, redirect_uris } = (0, oauth_client_id_loopback_js_1.parseOAuthLoopbackClientId)(clientId);
+    if (!(0, atproto_oauth_scope_js_1.isAtprotoOAuthScope)(scope)) {
+        throw new TypeError('ATProto Loopback ClientID must include "atproto" scope');
+    }
+    return {
+        scope,
+        redirect_uris: redirect_uris ?? [...atproto_loopback_client_redirect_uris_js_1.DEFAULT_LOOPBACK_CLIENT_REDIRECT_URIS],
+    };
+}
+//# sourceMappingURL=atproto-loopback-client-id.js.map

package/dist/atproto-loopback-client-id.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"atproto-loopback-client-id.js","sourceRoot":"","sources":["../src/atproto-loopback-client-id.ts"],"names":[],"mappings":";;AAuBA,oEA8BC;AAOD,oEAcC;AA1ED,yGAAkG;AAClG,qEAKiC;AACjC,+EAIsC;AACtC,mEAGgC;AAChC,uCAAoD;AAOpD,SAAgB,4BAA4B,CAC1C,MAAoC;IAEpC,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAA;QAEpC,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,CAAA;QACxB,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,KAAK,oDAA2B,EAAE,CAAC;YAC3D,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,IAAA,4CAAmB,EAAC,KAAK,CAAC,CAAC,CAAA;QACjD,CAAC;QAED,MAAM,YAAY,GAAG,IAAA,iBAAO,EAAC,MAAM,CAAC,aAAa,CAAC,CAAA;QAClD,IACE,YAAY;YACZ,CAAC,IAAA,yBAAe,EAAC,YAAY,EAAE,gFAAqC,CAAC,EACrE,CAAC;YACD,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;gBACzB,MAAM,IAAI,SAAS,CAAC,yCAAyC,CAAC,CAAA;YAChE,CAAC;YACD,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;gBAC/B,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,sDAA8B,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAA;YAC1E,CAAC;QACH,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;YAChB,OAAO,GAAG,uDAAyB,IAAI,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAA;QAC5D,CAAC;IACH,CAAC;IAED,OAAO,uDAAyB,CAAA;AAClC,CAAC;AAOD,SAAgB,4BAA4B,CAC1C,QAAgB;IAEhB,MAAM,EAAE,KAAK,GAAG,oDAA2B,EAAE,aAAa,EAAE,GAC1D,IAAA,wDAA0B,EAAC,QAAQ,CAAC,CAAA;IACtC,IAAI,CAAC,IAAA,4CAAmB,EAAC,KAAK,CAAC,EAAE,CAAC;QAChC,MAAM,IAAI,SAAS,CACjB,wDAAwD,CACzD,CAAA;IACH,CAAC;IACD,OAAO;QACL,KAAK;QACL,aAAa,EAAE,aAAa,IAAI,CAAC,GAAG,gFAAqC,CAAC;KAC3E,CAAA;AACH,CAAC","sourcesContent":["import { DEFAULT_LOOPBACK_CLIENT_REDIRECT_URIS } from './atproto-loopback-client-redirect-uris.js'\nimport {\n  AtprotoOAuthScope,\n  DEFAULT_ATPROTO_OAUTH_SCOPE,\n  asAtprotoOAuthScope,\n  isAtprotoOAuthScope,\n} from './atproto-oauth-scope.js'\nimport {\n  LOOPBACK_CLIENT_ID_ORIGIN,\n  OAuthClientIdLoopback,\n  parseOAuthLoopbackClientId,\n} from './oauth-client-id-loopback.js'\nimport {\n  OAuthLoopbackRedirectURI,\n  oauthLoopbackRedirectURISchema,\n} from './oauth-redirect-uri.js'\nimport { arrayEquivalent, asArray } from './util.js'\n\nexport type OAuthLoopbackClientIdConfig = {\n  scope?: string\n  redirect_uris?: Iterable<string>\n}\n\nexport function buildAtprotoLoopbackClientId(\n  config?: OAuthLoopbackClientIdConfig,\n): OAuthClientIdLoopback {\n  if (config) {\n    const params = new URLSearchParams()\n\n    const { scope } = config\n    if (scope != null && scope !== DEFAULT_ATPROTO_OAUTH_SCOPE) {\n      params.set('scope', asAtprotoOAuthScope(scope))\n    }\n\n    const redirectUris = asArray(config.redirect_uris)\n    if (\n      redirectUris &&\n      !arrayEquivalent(redirectUris, DEFAULT_LOOPBACK_CLIENT_REDIRECT_URIS)\n    ) {\n      if (!redirectUris.length) {\n        throw new TypeError(`Unexpected empty \"redirect_uris\" config`)\n      }\n      for (const uri of redirectUris) {\n        params.append('redirect_uri', oauthLoopbackRedirectURISchema.parse(uri))\n      }\n    }\n\n    if (params.size) {\n      return `${LOOPBACK_CLIENT_ID_ORIGIN}?${params.toString()}`\n    }\n  }\n\n  return LOOPBACK_CLIENT_ID_ORIGIN\n}\n\nexport type AtprotoLoopbackClientIdParams = {\n  scope: AtprotoOAuthScope\n  redirect_uris: [OAuthLoopbackRedirectURI, ...OAuthLoopbackRedirectURI[]]\n}\n\nexport function parseAtprotoLoopbackClientId(\n  clientId: string,\n): AtprotoLoopbackClientIdParams {\n  const { scope = DEFAULT_ATPROTO_OAUTH_SCOPE, redirect_uris } =\n    parseOAuthLoopbackClientId(clientId)\n  if (!isAtprotoOAuthScope(scope)) {\n    throw new TypeError(\n      'ATProto Loopback ClientID must include \"atproto\" scope',\n    )\n  }\n  return {\n    scope,\n    redirect_uris: redirect_uris ?? [...DEFAULT_LOOPBACK_CLIENT_REDIRECT_URIS],\n  }\n}\n"]}

package/dist/atproto-loopback-client-metadata.d.ts

@@ -1,6 +1,13 @@
+import { OAuthLoopbackClientIdConfig } from './atproto-loopback-client-id.js';
+import { AtprotoOAuthScope } from './atproto-oauth-scope.js';
 import { OAuthClientIdLoopback } from './oauth-client-id-loopback.js';
 import { OAuthClientMetadataInput } from './oauth-client-metadata.js';
-export declare function atprotoLoopbackClientMetadata(clientId: string): OAuthClientMetadataInput & {
+import { OAuthLoopbackRedirectURI } from './oauth-redirect-uri.js';
+export type AtprotoLoopbackClientMetadata = OAuthClientMetadataInput & {
     client_id: OAuthClientIdLoopback;
+    scope: AtprotoOAuthScope;
+    redirect_uris: [OAuthLoopbackRedirectURI, ...OAuthLoopbackRedirectURI[]];
 };
+export declare function atprotoLoopbackClientMetadata(clientId: string): AtprotoLoopbackClientMetadata;
+export declare function buildAtprotoLoopbackClientMetadata(config: OAuthLoopbackClientIdConfig): AtprotoLoopbackClientMetadata;
 //# sourceMappingURL=atproto-loopback-client-metadata.d.ts.map

package/dist/atproto-loopback-client-metadata.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"atproto-loopback-client-metadata.d.ts","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,qBAAqB,EAEtB,MAAM,+BAA+B,CAAA;AACtC,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAA;AAErE,wBAAgB,6BAA6B,CAC3C,QAAQ,EAAE,MAAM,GACf,wBAAwB,GAAG;IAC5B,SAAS,EAAE,qBAAqB,CAAA;CACjC,CAgBA"}
+{"version":3,"file":"atproto-loopback-client-metadata.d.ts","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,2BAA2B,EAG5B,MAAM,iCAAiC,CAAA;AACxC,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAA;AAC5D,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAA;AACrE,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAA;AACrE,OAAO,EAAE,wBAAwB,EAAE,MAAM,yBAAyB,CAAA;AAElE,MAAM,MAAM,6BAA6B,GAAG,wBAAwB,GAAG;IACrE,SAAS,EAAE,qBAAqB,CAAA;IAChC,KAAK,EAAE,iBAAiB,CAAA;IACxB,aAAa,EAAE,CAAC,wBAAwB,EAAE,GAAG,wBAAwB,EAAE,CAAC,CAAA;CACzE,CAAA;AAED,wBAAgB,6BAA6B,CAC3C,QAAQ,EAAE,MAAM,GACf,6BAA6B,CAI/B;AAED,wBAAgB,kCAAkC,CAChD,MAAM,EAAE,2BAA2B,GAClC,6BAA6B,CAG/B"}

package/dist/atproto-loopback-client-metadata.js

@@ -1,13 +1,22 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.atprotoLoopbackClientMetadata = atprotoLoopbackClientMetadata;
-const oauth_client_id_loopback_js_1 = require("./oauth-client-id-loopback.js");
+exports.buildAtprotoLoopbackClientMetadata = buildAtprotoLoopbackClientMetadata;
+const atproto_loopback_client_id_js_1 = require("./atproto-loopback-client-id.js");
 function atprotoLoopbackClientMetadata(clientId) {
-    const { scope = 'atproto', redirect_uris = [`http://127.0.0.1/`, `http://[::1]/`], } = (0, oauth_client_id_loopback_js_1.parseOAuthLoopbackClientId)(clientId);
+    const params = (0, atproto_loopback_client_id_js_1.parseAtprotoLoopbackClientId)(clientId);
+    // Safe to cast because parseAtprotoLoopbackClientId ensures it's a loopback ID
+    return buildMetadataInternal(clientId, params);
+}
+function buildAtprotoLoopbackClientMetadata(config) {
+    const clientId = (0, atproto_loopback_client_id_js_1.buildAtprotoLoopbackClientId)(config);
+    return buildMetadataInternal(clientId, (0, atproto_loopback_client_id_js_1.parseAtprotoLoopbackClientId)(clientId));
+}
+function buildMetadataInternal(clientId, clientParams) {
     return {
         client_id: clientId,
-        scope,
-        redirect_uris,
+        scope: clientParams.scope,
+        redirect_uris: clientParams.redirect_uris,
         response_types: ['code'],
         grant_types: ['authorization_code', 'refresh_token'],
         token_endpoint_auth_method: 'none',

package/dist/atproto-loopback-client-metadata.js.map

@@ -1 +1 @@
-{"version":3,"file":"atproto-loopback-client-metadata.js","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":";;AAMA,sEAoBC;AA1BD,+EAGsC;AAGtC,SAAgB,6BAA6B,CAC3C,QAAgB;IAIhB,MAAM,EACJ,KAAK,GAAG,SAAS,EACjB,aAAa,GAAG,CAAC,mBAAmB,EAAE,eAAe,CAAC,GACvD,GAAG,IAAA,wDAA0B,EAAC,QAAQ,CAAC,CAAA;IAExC,OAAO;QACL,SAAS,EAAE,QAAiC;QAC5C,KAAK;QACL,aAAa;QACb,cAAc,EAAE,CAAC,MAAM,CAAC;QACxB,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QACpD,0BAA0B,EAAE,MAAM;QAClC,gBAAgB,EAAE,QAAQ;QAC1B,wBAAwB,EAAE,IAAI;KAC/B,CAAA;AACH,CAAC"}
+{"version":3,"file":"atproto-loopback-client-metadata.js","sourceRoot":"","sources":["../src/atproto-loopback-client-metadata.ts"],"names":[],"mappings":";;AAiBA,sEAMC;AAED,gFAKC;AA9BD,mFAKwC;AAYxC,SAAgB,6BAA6B,CAC3C,QAAgB;IAEhB,MAAM,MAAM,GAAG,IAAA,4DAA4B,EAAC,QAAQ,CAAC,CAAA;IACrD,+EAA+E;IAC/E,OAAO,qBAAqB,CAAC,QAAiC,EAAE,MAAM,CAAC,CAAA;AACzE,CAAC;AAED,SAAgB,kCAAkC,CAChD,MAAmC;IAEnC,MAAM,QAAQ,GAAG,IAAA,4DAA4B,EAAC,MAAM,CAAC,CAAA;IACrD,OAAO,qBAAqB,CAAC,QAAQ,EAAE,IAAA,4DAA4B,EAAC,QAAQ,CAAC,CAAC,CAAA;AAChF,CAAC;AAED,SAAS,qBAAqB,CAC5B,QAA+B,EAC/B,YAA2C;IAE3C,OAAO;QACL,SAAS,EAAE,QAAQ;QACnB,KAAK,EAAE,YAAY,CAAC,KAAK;QACzB,aAAa,EAAE,YAAY,CAAC,aAAa;QACzC,cAAc,EAAE,CAAC,MAAM,CAAC;QACxB,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QACpD,0BAA0B,EAAE,MAAM;QAClC,gBAAgB,EAAE,QAAQ;QAC1B,wBAAwB,EAAE,IAAI;KAC/B,CAAA;AACH,CAAC","sourcesContent":["import {\n  AtprotoLoopbackClientIdParams,\n  OAuthLoopbackClientIdConfig,\n  buildAtprotoLoopbackClientId,\n  parseAtprotoLoopbackClientId,\n} from './atproto-loopback-client-id.js'\nimport { AtprotoOAuthScope } from './atproto-oauth-scope.js'\nimport { OAuthClientIdLoopback } from './oauth-client-id-loopback.js'\nimport { OAuthClientMetadataInput } from './oauth-client-metadata.js'\nimport { OAuthLoopbackRedirectURI } from './oauth-redirect-uri.js'\n\nexport type AtprotoLoopbackClientMetadata = OAuthClientMetadataInput & {\n  client_id: OAuthClientIdLoopback\n  scope: AtprotoOAuthScope\n  redirect_uris: [OAuthLoopbackRedirectURI, ...OAuthLoopbackRedirectURI[]]\n}\n\nexport function atprotoLoopbackClientMetadata(\n  clientId: string,\n): AtprotoLoopbackClientMetadata {\n  const params = parseAtprotoLoopbackClientId(clientId)\n  // Safe to cast because parseAtprotoLoopbackClientId ensures it's a loopback ID\n  return buildMetadataInternal(clientId as OAuthClientIdLoopback, params)\n}\n\nexport function buildAtprotoLoopbackClientMetadata(\n  config: OAuthLoopbackClientIdConfig,\n): AtprotoLoopbackClientMetadata {\n  const clientId = buildAtprotoLoopbackClientId(config)\n  return buildMetadataInternal(clientId, parseAtprotoLoopbackClientId(clientId))\n}\n\nfunction buildMetadataInternal(\n  clientId: OAuthClientIdLoopback,\n  clientParams: AtprotoLoopbackClientIdParams,\n): AtprotoLoopbackClientMetadata {\n  return {\n    client_id: clientId,\n    scope: clientParams.scope,\n    redirect_uris: clientParams.redirect_uris,\n    response_types: ['code'],\n    grant_types: ['authorization_code', 'refresh_token'],\n    token_endpoint_auth_method: 'none',\n    application_type: 'native',\n    dpop_bound_access_tokens: true,\n  }\n}\n"]}

package/dist/atproto-loopback-client-redirect-uris.d.ts

@@ -0,0 +1,2 @@
+export declare const DEFAULT_LOOPBACK_CLIENT_REDIRECT_URIS: readonly ["http://127.0.0.1/", "http://[::1]/"];
+//# sourceMappingURL=atproto-loopback-client-redirect-uris.d.ts.map

package/dist/atproto-loopback-client-redirect-uris.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"atproto-loopback-client-redirect-uris.d.ts","sourceRoot":"","sources":["../src/atproto-loopback-client-redirect-uris.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,qCAAqC,iDAGvC,CAAA"}

package/dist/atproto-loopback-client-redirect-uris.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_LOOPBACK_CLIENT_REDIRECT_URIS = void 0;
+exports.DEFAULT_LOOPBACK_CLIENT_REDIRECT_URIS = Object.freeze([
+    `http://127.0.0.1/`,
+    `http://[::1]/`,
+]);
+//# sourceMappingURL=atproto-loopback-client-redirect-uris.js.map

package/dist/atproto-loopback-client-redirect-uris.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"atproto-loopback-client-redirect-uris.js","sourceRoot":"","sources":["../src/atproto-loopback-client-redirect-uris.ts"],"names":[],"mappings":";;;AAAa,QAAA,qCAAqC,GAAG,MAAM,CAAC,MAAM,CAAC;IACjE,mBAAmB;IACnB,eAAe;CACP,CAAC,CAAA","sourcesContent":["export const DEFAULT_LOOPBACK_CLIENT_REDIRECT_URIS = Object.freeze([\n  `http://127.0.0.1/`,\n  `http://[::1]/`,\n] as const)\n"]}

package/dist/atproto-oauth-scope.d.ts

@@ -0,0 +1,12 @@
+import { z } from 'zod';
+import { OAuthScope } from './oauth-scope.js';
+import { SpaceSeparatedValue } from './util.js';
+export declare const ATPROTO_SCOPE_VALUE = "atproto";
+export type AtprotoScopeValue = typeof ATPROTO_SCOPE_VALUE;
+export type AtprotoOAuthScope = OAuthScope & SpaceSeparatedValue<AtprotoScopeValue>;
+export declare function isAtprotoOAuthScope(input: string): input is AtprotoOAuthScope;
+export declare function asAtprotoOAuthScope<I extends string>(input: I): (I & "atproto") | (I & `atproto ${string}`) | (I & `${string} atproto`) | (I & `${string} atproto ${string}`);
+export declare function assertAtprotoOAuthScope(input: string): asserts input is AtprotoOAuthScope;
+export declare const atprotoOAuthScopeSchema: z.ZodEffects<z.ZodString, AtprotoOAuthScope, string>;
+export declare const DEFAULT_ATPROTO_OAUTH_SCOPE = "atproto";
+//# sourceMappingURL=atproto-oauth-scope.d.ts.map

package/dist/atproto-oauth-scope.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"atproto-oauth-scope.d.ts","sourceRoot":"","sources":["../src/atproto-oauth-scope.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AACvB,OAAO,EAAE,UAAU,EAAgB,MAAM,kBAAkB,CAAA;AAC3D,OAAO,EAAE,mBAAmB,EAAyB,MAAM,WAAW,CAAA;AAEtE,eAAO,MAAM,mBAAmB,YAAY,CAAA;AAC5C,MAAM,MAAM,iBAAiB,GAAG,OAAO,mBAAmB,CAAA;AAE1D,MAAM,MAAM,iBAAiB,GAAG,UAAU,GACxC,mBAAmB,CAAC,iBAAiB,CAAC,CAAA;AAExC,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,KAAK,IAAI,iBAAiB,CAI7E;AAED,wBAAgB,mBAAmB,CAAC,CAAC,SAAS,MAAM,EAAE,KAAK,EAAE,CAAC,iHAG7D;AAED,wBAAgB,uBAAuB,CACrC,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,KAAK,IAAI,iBAAiB,CAEpC;AAED,eAAO,MAAM,uBAAuB,sDAElC,CAAA;AAGF,eAAO,MAAM,2BAA2B,YACS,CAAA"}

package/dist/atproto-oauth-scope.js

@@ -0,0 +1,27 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_ATPROTO_OAUTH_SCOPE = exports.atprotoOAuthScopeSchema = exports.ATPROTO_SCOPE_VALUE = void 0;
+exports.isAtprotoOAuthScope = isAtprotoOAuthScope;
+exports.asAtprotoOAuthScope = asAtprotoOAuthScope;
+exports.assertAtprotoOAuthScope = assertAtprotoOAuthScope;
+const zod_1 = require("zod");
+const oauth_scope_js_1 = require("./oauth-scope.js");
+const util_js_1 = require("./util.js");
+exports.ATPROTO_SCOPE_VALUE = 'atproto';
+function isAtprotoOAuthScope(input) {
+    return ((0, oauth_scope_js_1.isOAuthScope)(input) && (0, util_js_1.isSpaceSeparatedValue)(exports.ATPROTO_SCOPE_VALUE, input));
+}
+function asAtprotoOAuthScope(input) {
+    if (isAtprotoOAuthScope(input))
+        return input;
+    throw new TypeError(`Value must contain "${exports.ATPROTO_SCOPE_VALUE}" scope value`);
+}
+function assertAtprotoOAuthScope(input) {
+    void asAtprotoOAuthScope(input);
+}
+exports.atprotoOAuthScopeSchema = zod_1.z.string().refine(isAtprotoOAuthScope, {
+    message: 'Invalid ATProto OAuth scope',
+});
+// Default scope is for reading identity (did) only
+exports.DEFAULT_ATPROTO_OAUTH_SCOPE = exports.ATPROTO_SCOPE_VALUE;
+//# sourceMappingURL=atproto-oauth-scope.js.map

package/dist/atproto-oauth-scope.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"atproto-oauth-scope.js","sourceRoot":"","sources":["../src/atproto-oauth-scope.ts"],"names":[],"mappings":";;;AAUA,kDAIC;AAED,kDAGC;AAED,0DAIC;AAzBD,6BAAuB;AACvB,qDAA2D;AAC3D,uCAAsE;AAEzD,QAAA,mBAAmB,GAAG,SAAS,CAAA;AAM5C,SAAgB,mBAAmB,CAAC,KAAa;IAC/C,OAAO,CACL,IAAA,6BAAY,EAAC,KAAK,CAAC,IAAI,IAAA,+BAAqB,EAAC,2BAAmB,EAAE,KAAK,CAAC,CACzE,CAAA;AACH,CAAC;AAED,SAAgB,mBAAmB,CAAmB,KAAQ;IAC5D,IAAI,mBAAmB,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAA;IAC5C,MAAM,IAAI,SAAS,CAAC,uBAAuB,2BAAmB,eAAe,CAAC,CAAA;AAChF,CAAC;AAED,SAAgB,uBAAuB,CACrC,KAAa;IAEb,KAAK,mBAAmB,CAAC,KAAK,CAAC,CAAA;AACjC,CAAC;AAEY,QAAA,uBAAuB,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,mBAAmB,EAAE;IAC5E,OAAO,EAAE,6BAA6B;CACvC,CAAC,CAAA;AAEF,mDAAmD;AACtC,QAAA,2BAA2B,GACtC,2BAA+C,CAAA","sourcesContent":["import { z } from 'zod'\nimport { OAuthScope, isOAuthScope } from './oauth-scope.js'\nimport { SpaceSeparatedValue, isSpaceSeparatedValue } from './util.js'\n\nexport const ATPROTO_SCOPE_VALUE = 'atproto'\nexport type AtprotoScopeValue = typeof ATPROTO_SCOPE_VALUE\n\nexport type AtprotoOAuthScope = OAuthScope &\n  SpaceSeparatedValue<AtprotoScopeValue>\n\nexport function isAtprotoOAuthScope(input: string): input is AtprotoOAuthScope {\n  return (\n    isOAuthScope(input) && isSpaceSeparatedValue(ATPROTO_SCOPE_VALUE, input)\n  )\n}\n\nexport function asAtprotoOAuthScope<I extends string>(input: I) {\n  if (isAtprotoOAuthScope(input)) return input\n  throw new TypeError(`Value must contain \"${ATPROTO_SCOPE_VALUE}\" scope value`)\n}\n\nexport function assertAtprotoOAuthScope(\n  input: string,\n): asserts input is AtprotoOAuthScope {\n  void asAtprotoOAuthScope(input)\n}\n\nexport const atprotoOAuthScopeSchema = z.string().refine(isAtprotoOAuthScope, {\n  message: 'Invalid ATProto OAuth scope',\n})\n\n// Default scope is for reading identity (did) only\nexport const DEFAULT_ATPROTO_OAUTH_SCOPE =\n  ATPROTO_SCOPE_VALUE satisfies AtprotoOAuthScope\n"]}

package/dist/atproto-oauth-token-response.d.ts

@@ -0,0 +1,106 @@
+import { TypeOf, z } from 'zod';
+export declare const atprotoOAuthTokenResponseSchema: z.ZodObject<z.objectUtil.extendShape<{
+    access_token: z.ZodString;
+    token_type: z.ZodUnion<[z.ZodEffects<z.ZodString, "DPoP", string>, z.ZodEffects<z.ZodString, "Bearer", string>]>;
+    scope: z.ZodOptional<z.ZodString>;
+    refresh_token: z.ZodOptional<z.ZodString>;
+    expires_in: z.ZodOptional<z.ZodNumber>;
+    id_token: z.ZodOptional<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>>;
+    authorization_details: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        type: z.ZodString;
+        locations: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, "many">>;
+        actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        datatypes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        identifier: z.ZodOptional<z.ZodString>;
+        privileges: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        type: string;
+        locations?: `${string}:${string}`[] | undefined;
+        actions?: string[] | undefined;
+        datatypes?: string[] | undefined;
+        identifier?: string | undefined;
+        privileges?: string[] | undefined;
+    }, {
+        type: string;
+        locations?: string[] | undefined;
+        actions?: string[] | undefined;
+        datatypes?: string[] | undefined;
+        identifier?: string | undefined;
+        privileges?: string[] | undefined;
+    }>, "many">>;
+}, {
+    token_type: z.ZodLiteral<"DPoP">;
+    sub: z.ZodEffects<z.ZodString, `did:plc:${string}` | `did:web:${string}`, string>;
+    scope: z.ZodEffects<z.ZodString, import("./atproto-oauth-scope").AtprotoOAuthScope, string>;
+    id_token: z.ZodOptional<z.ZodNever>;
+}>, "passthrough", z.ZodTypeAny, z.objectOutputType<z.objectUtil.extendShape<{
+    access_token: z.ZodString;
+    token_type: z.ZodUnion<[z.ZodEffects<z.ZodString, "DPoP", string>, z.ZodEffects<z.ZodString, "Bearer", string>]>;
+    scope: z.ZodOptional<z.ZodString>;
+    refresh_token: z.ZodOptional<z.ZodString>;
+    expires_in: z.ZodOptional<z.ZodNumber>;
+    id_token: z.ZodOptional<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>>;
+    authorization_details: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        type: z.ZodString;
+        locations: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, "many">>;
+        actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        datatypes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        identifier: z.ZodOptional<z.ZodString>;
+        privileges: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        type: string;
+        locations?: `${string}:${string}`[] | undefined;
+        actions?: string[] | undefined;
+        datatypes?: string[] | undefined;
+        identifier?: string | undefined;
+        privileges?: string[] | undefined;
+    }, {
+        type: string;
+        locations?: string[] | undefined;
+        actions?: string[] | undefined;
+        datatypes?: string[] | undefined;
+        identifier?: string | undefined;
+        privileges?: string[] | undefined;
+    }>, "many">>;
+}, {
+    token_type: z.ZodLiteral<"DPoP">;
+    sub: z.ZodEffects<z.ZodString, `did:plc:${string}` | `did:web:${string}`, string>;
+    scope: z.ZodEffects<z.ZodString, import("./atproto-oauth-scope").AtprotoOAuthScope, string>;
+    id_token: z.ZodOptional<z.ZodNever>;
+}>, z.ZodTypeAny, "passthrough">, z.objectInputType<z.objectUtil.extendShape<{
+    access_token: z.ZodString;
+    token_type: z.ZodUnion<[z.ZodEffects<z.ZodString, "DPoP", string>, z.ZodEffects<z.ZodString, "Bearer", string>]>;
+    scope: z.ZodOptional<z.ZodString>;
+    refresh_token: z.ZodOptional<z.ZodString>;
+    expires_in: z.ZodOptional<z.ZodNumber>;
+    id_token: z.ZodOptional<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>>;
+    authorization_details: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        type: z.ZodString;
+        locations: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, "many">>;
+        actions: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        datatypes: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        identifier: z.ZodOptional<z.ZodString>;
+        privileges: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        type: string;
+        locations?: `${string}:${string}`[] | undefined;
+        actions?: string[] | undefined;
+        datatypes?: string[] | undefined;
+        identifier?: string | undefined;
+        privileges?: string[] | undefined;
+    }, {
+        type: string;
+        locations?: string[] | undefined;
+        actions?: string[] | undefined;
+        datatypes?: string[] | undefined;
+        identifier?: string | undefined;
+        privileges?: string[] | undefined;
+    }>, "many">>;
+}, {
+    token_type: z.ZodLiteral<"DPoP">;
+    sub: z.ZodEffects<z.ZodString, `did:plc:${string}` | `did:web:${string}`, string>;
+    scope: z.ZodEffects<z.ZodString, import("./atproto-oauth-scope").AtprotoOAuthScope, string>;
+    id_token: z.ZodOptional<z.ZodNever>;
+}>, z.ZodTypeAny, "passthrough">>;
+export type AtprotoOAuthTokenResponse = TypeOf<typeof atprotoOAuthTokenResponseSchema>;
+//# sourceMappingURL=atproto-oauth-token-response.d.ts.map

package/dist/atproto-oauth-token-response.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"atproto-oauth-token-response.d.ts","sourceRoot":"","sources":["../src/atproto-oauth-token-response.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAK/B,eAAO,MAAM,+BAA+B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iCAM1C,CAAA;AAEF,MAAM,MAAM,yBAAyB,GAAG,MAAM,CAC5C,OAAO,+BAA+B,CACvC,CAAA"}

package/dist/atproto-oauth-token-response.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.atprotoOAuthTokenResponseSchema = void 0;
+const zod_1 = require("zod");
+const did_1 = require("@atproto/did");
+const atproto_oauth_scope_1 = require("./atproto-oauth-scope");
+const oauth_token_response_js_1 = require("./oauth-token-response.js");
+exports.atprotoOAuthTokenResponseSchema = oauth_token_response_js_1.oauthTokenResponseSchema.extend({
+    token_type: zod_1.z.literal('DPoP'),
+    sub: did_1.atprotoDidSchema,
+    scope: atproto_oauth_scope_1.atprotoOAuthScopeSchema,
+    // OpenID is not compatible with atproto identities
+    id_token: zod_1.z.never().optional(),
+});
+//# sourceMappingURL=atproto-oauth-token-response.js.map

package/dist/atproto-oauth-token-response.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"atproto-oauth-token-response.js","sourceRoot":"","sources":["../src/atproto-oauth-token-response.ts"],"names":[],"mappings":";;;AAAA,6BAA+B;AAC/B,sCAA+C;AAC/C,+DAA+D;AAC/D,uEAAoE;AAEvD,QAAA,+BAA+B,GAAG,kDAAwB,CAAC,MAAM,CAAC;IAC7E,UAAU,EAAE,OAAC,CAAC,OAAO,CAAC,MAAM,CAAC;IAC7B,GAAG,EAAE,sBAAgB;IACrB,KAAK,EAAE,6CAAuB;IAC9B,mDAAmD;IACnD,QAAQ,EAAE,OAAC,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;CAC/B,CAAC,CAAA","sourcesContent":["import { TypeOf, z } from 'zod'\nimport { atprotoDidSchema } from '@atproto/did'\nimport { atprotoOAuthScopeSchema } from './atproto-oauth-scope'\nimport { oauthTokenResponseSchema } from './oauth-token-response.js'\n\nexport const atprotoOAuthTokenResponseSchema = oauthTokenResponseSchema.extend({\n  token_type: z.literal('DPoP'),\n  sub: atprotoDidSchema,\n  scope: atprotoOAuthScopeSchema,\n  // OpenID is not compatible with atproto identities\n  id_token: z.never().optional(),\n})\n\nexport type AtprotoOAuthTokenResponse = TypeOf<\n  typeof atprotoOAuthTokenResponseSchema\n>\n"]}

package/dist/constants.js.map

@@ -1 +1 @@
-{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":";;;AAAa,QAAA,gCAAgC,GAC3C,wDAAwD,CAAA"}
+{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":";;;AAAa,QAAA,gCAAgC,GAC3C,wDAAwD,CAAA","sourcesContent":["export const CLIENT_ASSERTION_TYPE_JWT_BEARER =\n  'urn:ietf:params:oauth:client-assertion-type:jwt-bearer'\n"]}

package/dist/index.d.ts

@@ -1,9 +1,12 @@
 export * from './constants.js';
 export * from './uri.js';
 export * from './util.js';
+export * from './atproto-loopback-client-id.js';
 export * from './atproto-loopback-client-metadata.js';
+export * from './atproto-loopback-client-redirect-uris.js';
+export * from './atproto-oauth-scope.js';
+export * from './atproto-oauth-token-response.js';
 export * from './oauth-access-token.js';
-export * from './oauth-authorization-response-error.js';
 export * from './oauth-authorization-code-grant-token-request.js';
 export * from './oauth-authorization-details.js';
 export * from './oauth-authorization-request-jar.js';
@@ -11,6 +14,7 @@ export * from './oauth-authorization-request-par.js';
 export * from './oauth-authorization-request-parameters.js';
 export * from './oauth-authorization-request-query.js';
 export * from './oauth-authorization-request-uri.js';
+export * from './oauth-authorization-response-error.js';
 export * from './oauth-authorization-server-metadata.js';
 export * from './oauth-client-credentials-grant-token-request.js';
 export * from './oauth-client-credentials.js';

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAA;AAC9B,cAAc,UAAU,CAAA;AACxB,cAAc,WAAW,CAAA;AAEzB,cAAc,uCAAuC,CAAA;AACrD,cAAc,yBAAyB,CAAA;AACvC,cAAc,yCAAyC,CAAA;AACvD,cAAc,mDAAmD,CAAA;AACjE,cAAc,kCAAkC,CAAA;AAChD,cAAc,sCAAsC,CAAA;AACpD,cAAc,sCAAsC,CAAA;AACpD,cAAc,6CAA6C,CAAA;AAC3D,cAAc,wCAAwC,CAAA;AACtD,cAAc,sCAAsC,CAAA;AACpD,cAAc,0CAA0C,CAAA;AACxD,cAAc,mDAAmD,CAAA;AACjE,cAAc,+BAA+B,CAAA;AAC7C,cAAc,mCAAmC,CAAA;AACjD,cAAc,+BAA+B,CAAA;AAC7C,cAAc,sBAAsB,CAAA;AACpC,cAAc,4BAA4B,CAAA;AAC1C,cAAc,iCAAiC,CAAA;AAC/C,cAAc,0BAA0B,CAAA;AACxC,cAAc,uBAAuB,CAAA;AACrC,cAAc,mCAAmC,CAAA;AACjD,cAAc,8BAA8B,CAAA;AAC5C,cAAc,yBAAyB,CAAA;AACvC,cAAc,yCAAyC,CAAA;AACvD,cAAc,wCAAwC,CAAA;AACtD,cAAc,yBAAyB,CAAA;AACvC,cAAc,8CAA8C,CAAA;AAC5D,cAAc,0BAA0B,CAAA;AACxC,cAAc,wBAAwB,CAAA;AACtC,cAAc,0BAA0B,CAAA;AACxC,cAAc,0BAA0B,CAAA;AACxC,cAAc,kBAAkB,CAAA;AAChC,cAAc,iCAAiC,CAAA;AAC/C,cAAc,0BAA0B,CAAA;AACxC,cAAc,2BAA2B,CAAA;AACzC,cAAc,uBAAuB,CAAA;AACrC,cAAc,wCAAwC,CAAA;AACtD,cAAc,4BAA4B,CAAA;AAC1C,cAAc,6BAA6B,CAAA;AAC3C,cAAc,uBAAuB,CAAA;AACrC,cAAc,oBAAoB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,gBAAgB,CAAA;AAC9B,cAAc,UAAU,CAAA;AACxB,cAAc,WAAW,CAAA;AAEzB,cAAc,iCAAiC,CAAA;AAC/C,cAAc,uCAAuC,CAAA;AACrD,cAAc,4CAA4C,CAAA;AAC1D,cAAc,0BAA0B,CAAA;AACxC,cAAc,mCAAmC,CAAA;AACjD,cAAc,yBAAyB,CAAA;AACvC,cAAc,mDAAmD,CAAA;AACjE,cAAc,kCAAkC,CAAA;AAChD,cAAc,sCAAsC,CAAA;AACpD,cAAc,sCAAsC,CAAA;AACpD,cAAc,6CAA6C,CAAA;AAC3D,cAAc,wCAAwC,CAAA;AACtD,cAAc,sCAAsC,CAAA;AACpD,cAAc,yCAAyC,CAAA;AACvD,cAAc,0CAA0C,CAAA;AACxD,cAAc,mDAAmD,CAAA;AACjE,cAAc,+BAA+B,CAAA;AAC7C,cAAc,mCAAmC,CAAA;AACjD,cAAc,+BAA+B,CAAA;AAC7C,cAAc,sBAAsB,CAAA;AACpC,cAAc,4BAA4B,CAAA;AAC1C,cAAc,iCAAiC,CAAA;AAC/C,cAAc,0BAA0B,CAAA;AACxC,cAAc,uBAAuB,CAAA;AACrC,cAAc,mCAAmC,CAAA;AACjD,cAAc,8BAA8B,CAAA;AAC5C,cAAc,yBAAyB,CAAA;AACvC,cAAc,yCAAyC,CAAA;AACvD,cAAc,wCAAwC,CAAA;AACtD,cAAc,yBAAyB,CAAA;AACvC,cAAc,8CAA8C,CAAA;AAC5D,cAAc,0BAA0B,CAAA;AACxC,cAAc,wBAAwB,CAAA;AACtC,cAAc,0BAA0B,CAAA;AACxC,cAAc,0BAA0B,CAAA;AACxC,cAAc,kBAAkB,CAAA;AAChC,cAAc,iCAAiC,CAAA;AAC/C,cAAc,0BAA0B,CAAA;AACxC,cAAc,2BAA2B,CAAA;AACzC,cAAc,uBAAuB,CAAA;AACrC,cAAc,wCAAwC,CAAA;AACtD,cAAc,4BAA4B,CAAA;AAC1C,cAAc,6BAA6B,CAAA;AAC3C,cAAc,uBAAuB,CAAA;AACrC,cAAc,oBAAoB,CAAA"}

package/dist/index.js

@@ -17,9 +17,12 @@ Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./constants.js"), exports);
 __exportStar(require("./uri.js"), exports);
 __exportStar(require("./util.js"), exports);
+__exportStar(require("./atproto-loopback-client-id.js"), exports);
 __exportStar(require("./atproto-loopback-client-metadata.js"), exports);
+__exportStar(require("./atproto-loopback-client-redirect-uris.js"), exports);
+__exportStar(require("./atproto-oauth-scope.js"), exports);
+__exportStar(require("./atproto-oauth-token-response.js"), exports);
 __exportStar(require("./oauth-access-token.js"), exports);
-__exportStar(require("./oauth-authorization-response-error.js"), exports);
 __exportStar(require("./oauth-authorization-code-grant-token-request.js"), exports);
 __exportStar(require("./oauth-authorization-details.js"), exports);
 __exportStar(require("./oauth-authorization-request-jar.js"), exports);
@@ -27,6 +30,7 @@ __exportStar(require("./oauth-authorization-request-par.js"), exports);
 __exportStar(require("./oauth-authorization-request-parameters.js"), exports);
 __exportStar(require("./oauth-authorization-request-query.js"), exports);
 __exportStar(require("./oauth-authorization-request-uri.js"), exports);
+__exportStar(require("./oauth-authorization-response-error.js"), exports);
 __exportStar(require("./oauth-authorization-server-metadata.js"), exports);
 __exportStar(require("./oauth-client-credentials-grant-token-request.js"), exports);
 __exportStar(require("./oauth-client-credentials.js"), exports);

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA8B;AAC9B,2CAAwB;AACxB,4CAAyB;AAEzB,wEAAqD;AACrD,0DAAuC;AACvC,0EAAuD;AACvD,oFAAiE;AACjE,mEAAgD;AAChD,uEAAoD;AACpD,uEAAoD;AACpD,8EAA2D;AAC3D,yEAAsD;AACtD,uEAAoD;AACpD,2EAAwD;AACxD,oFAAiE;AACjE,gEAA6C;AAC7C,oEAAiD;AACjD,gEAA6C;AAC7C,uDAAoC;AACpC,6DAA0C;AAC1C,kEAA+C;AAC/C,2DAAwC;AACxC,wDAAqC;AACrC,oEAAiD;AACjD,+DAA4C;AAC5C,0DAAuC;AACvC,0EAAuD;AACvD,yEAAsD;AACtD,0DAAuC;AACvC,+EAA4D;AAC5D,2DAAwC;AACxC,yDAAsC;AACtC,2DAAwC;AACxC,2DAAwC;AACxC,mDAAgC;AAChC,kEAA+C;AAC/C,2DAAwC;AACxC,4DAAyC;AACzC,wDAAqC;AACrC,yEAAsD;AACtD,6DAA0C;AAC1C,8DAA2C;AAC3C,wDAAqC;AACrC,qDAAkC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA8B;AAC9B,2CAAwB;AACxB,4CAAyB;AAEzB,kEAA+C;AAC/C,wEAAqD;AACrD,6EAA0D;AAC1D,2DAAwC;AACxC,oEAAiD;AACjD,0DAAuC;AACvC,oFAAiE;AACjE,mEAAgD;AAChD,uEAAoD;AACpD,uEAAoD;AACpD,8EAA2D;AAC3D,yEAAsD;AACtD,uEAAoD;AACpD,0EAAuD;AACvD,2EAAwD;AACxD,oFAAiE;AACjE,gEAA6C;AAC7C,oEAAiD;AACjD,gEAA6C;AAC7C,uDAAoC;AACpC,6DAA0C;AAC1C,kEAA+C;AAC/C,2DAAwC;AACxC,wDAAqC;AACrC,oEAAiD;AACjD,+DAA4C;AAC5C,0DAAuC;AACvC,0EAAuD;AACvD,yEAAsD;AACtD,0DAAuC;AACvC,+EAA4D;AAC5D,2DAAwC;AACxC,yDAAsC;AACtC,2DAAwC;AACxC,2DAAwC;AACxC,mDAAgC;AAChC,kEAA+C;AAC/C,2DAAwC;AACxC,4DAAyC;AACzC,wDAAqC;AACrC,yEAAsD;AACtD,6DAA0C;AAC1C,8DAA2C;AAC3C,wDAAqC;AACrC,qDAAkC","sourcesContent":["export * from './constants.js'\nexport * from './uri.js'\nexport * from './util.js'\n\nexport * from './atproto-loopback-client-id.js'\nexport * from './atproto-loopback-client-metadata.js'\nexport * from './atproto-loopback-client-redirect-uris.js'\nexport * from './atproto-oauth-scope.js'\nexport * from './atproto-oauth-token-response.js'\nexport * from './oauth-access-token.js'\nexport * from './oauth-authorization-code-grant-token-request.js'\nexport * from './oauth-authorization-details.js'\nexport * from './oauth-authorization-request-jar.js'\nexport * from './oauth-authorization-request-par.js'\nexport * from './oauth-authorization-request-parameters.js'\nexport * from './oauth-authorization-request-query.js'\nexport * from './oauth-authorization-request-uri.js'\nexport * from './oauth-authorization-response-error.js'\nexport * from './oauth-authorization-server-metadata.js'\nexport * from './oauth-client-credentials-grant-token-request.js'\nexport * from './oauth-client-credentials.js'\nexport * from './oauth-client-id-discoverable.js'\nexport * from './oauth-client-id-loopback.js'\nexport * from './oauth-client-id.js'\nexport * from './oauth-client-metadata.js'\nexport * from './oauth-endpoint-auth-method.js'\nexport * from './oauth-endpoint-name.js'\nexport * from './oauth-grant-type.js'\nexport * from './oauth-introspection-response.js'\nexport * from './oauth-issuer-identifier.js'\nexport * from './oauth-par-response.js'\nexport * from './oauth-password-grant-token-request.js'\nexport * from './oauth-protected-resource-metadata.js'\nexport * from './oauth-redirect-uri.js'\nexport * from './oauth-refresh-token-grant-token-request.js'\nexport * from './oauth-refresh-token.js'\nexport * from './oauth-request-uri.js'\nexport * from './oauth-response-mode.js'\nexport * from './oauth-response-type.js'\nexport * from './oauth-scope.js'\nexport * from './oauth-token-identification.js'\nexport * from './oauth-token-request.js'\nexport * from './oauth-token-response.js'\nexport * from './oauth-token-type.js'\nexport * from './oidc-authorization-error-response.js'\nexport * from './oidc-claims-parameter.js'\nexport * from './oidc-claims-properties.js'\nexport * from './oidc-entity-type.js'\nexport * from './oidc-userinfo.js'\n"]}

package/dist/oauth-access-token.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-access-token.js","sourceRoot":"","sources":["../src/oauth-access-token.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,sBAAsB,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA"}
+{"version":3,"file":"oauth-access-token.js","sourceRoot":"","sources":["../src/oauth-access-token.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AAEV,QAAA,sBAAsB,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA","sourcesContent":["import { z } from 'zod'\n\nexport const oauthAccessTokenSchema = z.string().min(1)\nexport type OAuthAccessToken = z.infer<typeof oauthAccessTokenSchema>\n"]}

package/dist/oauth-authorization-code-grant-token-request.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-authorization-code-grant-token-request.js","sourceRoot":"","sources":["../src/oauth-authorization-code-grant-token-request.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,mEAAgE;AAEnD,QAAA,6CAA6C,GAAG,OAAC,CAAC,MAAM,CAAC;IACpE,UAAU,EAAE,OAAC,CAAC,OAAO,CAAC,oBAAoB,CAAC;IAC3C,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,YAAY,EAAE,8CAAsB;IACpC,6EAA6E;IAC7E,aAAa,EAAE,OAAC;SACb,MAAM,EAAE;SACR,GAAG,CAAC,EAAE,CAAC;SACP,GAAG,CAAC,GAAG,CAAC;SACR,KAAK,CAAC,oBAAoB,CAAC;SAC3B,QAAQ,EAAE;CACd,CAAC,CAAA"}
+{"version":3,"file":"oauth-authorization-code-grant-token-request.js","sourceRoot":"","sources":["../src/oauth-authorization-code-grant-token-request.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,mEAAgE;AAEnD,QAAA,6CAA6C,GAAG,OAAC,CAAC,MAAM,CAAC;IACpE,UAAU,EAAE,OAAC,CAAC,OAAO,CAAC,oBAAoB,CAAC;IAC3C,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,YAAY,EAAE,8CAAsB;IACpC,6EAA6E;IAC7E,aAAa,EAAE,OAAC;SACb,MAAM,EAAE;SACR,GAAG,CAAC,EAAE,CAAC;SACP,GAAG,CAAC,GAAG,CAAC;SACR,KAAK,CAAC,oBAAoB,CAAC;SAC3B,QAAQ,EAAE;CACd,CAAC,CAAA","sourcesContent":["import { z } from 'zod'\nimport { oauthRedirectUriSchema } from './oauth-redirect-uri.js'\n\nexport const oauthAuthorizationCodeGrantTokenRequestSchema = z.object({\n  grant_type: z.literal('authorization_code'),\n  code: z.string().min(1),\n  redirect_uri: oauthRedirectUriSchema,\n  /** @see {@link https://datatracker.ietf.org/doc/html/rfc7636#section-4.1} */\n  code_verifier: z\n    .string()\n    .min(43)\n    .max(128)\n    .regex(/^[a-zA-Z0-9-._~]+$/)\n    .optional(),\n})\n\nexport type OAuthAuthorizationCodeGrantTokenRequest = z.infer<\n  typeof oauthAuthorizationCodeGrantTokenRequestSchema\n>\n"]}

package/dist/oauth-authorization-details.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-authorization-details.js","sourceRoot":"","sources":["../src/oauth-authorization-details.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,qCAA6C;AAE7C;;GAEG;AACU,QAAA,8BAA8B,GAAG,OAAC,CAAC,MAAM,CAAC;IACrD,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE;IAChB;;;OAGG;IACH,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,2BAAkB,CAAC,CAAC,QAAQ,EAAE;IACjD;;;OAGG;IACH,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACvC;;;OAGG;IACH,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACzC;;OAEG;IACH,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACjC;;;OAGG;IACH,UAAU,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CAC3C,CAAC,CAAA;AAMF;;GAEG;AACU,QAAA,+BAA+B,GAAG,OAAC,CAAC,KAAK,CACpD,sCAA8B,CAC/B,CAAA"}
+{"version":3,"file":"oauth-authorization-details.js","sourceRoot":"","sources":["../src/oauth-authorization-details.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,qCAA6C;AAE7C;;GAEG;AACU,QAAA,8BAA8B,GAAG,OAAC,CAAC,MAAM,CAAC;IACrD,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE;IAChB;;;OAGG;IACH,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,2BAAkB,CAAC,CAAC,QAAQ,EAAE;IACjD;;;OAGG;IACH,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACvC;;;OAGG;IACH,SAAS,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACzC;;OAEG;IACH,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACjC;;;OAGG;IACH,UAAU,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CAC3C,CAAC,CAAA;AAMF;;GAEG;AACU,QAAA,+BAA+B,GAAG,OAAC,CAAC,KAAK,CACpD,sCAA8B,CAC/B,CAAA","sourcesContent":["import { z } from 'zod'\nimport { dangerousUriSchema } from './uri.js'\n\n/**\n * @see {@link https://datatracker.ietf.org/doc/html/rfc9396#section-2 | RFC 9396, Section 2}\n */\nexport const oauthAuthorizationDetailSchema = z.object({\n  type: z.string(),\n  /**\n   * An array of strings representing the location of the resource or RS. These\n   * strings are typically URIs identifying the location of the RS.\n   */\n  locations: z.array(dangerousUriSchema).optional(),\n  /**\n   * An array of strings representing the kinds of actions to be taken at the\n   * resource.\n   */\n  actions: z.array(z.string()).optional(),\n  /**\n   * An array of strings representing the kinds of data being requested from the\n   * resource.\n   */\n  datatypes: z.array(z.string()).optional(),\n  /**\n   * A string identifier indicating a specific resource available at the API.\n   */\n  identifier: z.string().optional(),\n  /**\n   * An array of strings representing the types or levels of privilege being\n   * requested at the resource.\n   */\n  privileges: z.array(z.string()).optional(),\n})\n\nexport type OAuthAuthorizationDetail = z.infer<\n  typeof oauthAuthorizationDetailSchema\n>\n\n/**\n * @see {@link https://datatracker.ietf.org/doc/html/rfc9396#section-2 | RFC 9396, Section 2}\n */\nexport const oauthAuthorizationDetailsSchema = z.array(\n  oauthAuthorizationDetailSchema,\n)\n\nexport type OAuthAuthorizationDetails = z.infer<\n  typeof oauthAuthorizationDetailsSchema\n>\n"]}

package/dist/oauth-authorization-request-jar.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-authorization-request-jar.js","sourceRoot":"","sources":["../src/oauth-authorization-request-jar.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,sCAAiE;AAEpD,QAAA,kCAAkC,GAAG,OAAC,CAAC,MAAM,CAAC;IACzD;;;;;OAKG;IACH,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,qBAAe,EAAE,uBAAiB,CAAC,CAAC;CACvD,CAAC,CAAA"}
+{"version":3,"file":"oauth-authorization-request-jar.js","sourceRoot":"","sources":["../src/oauth-authorization-request-jar.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,sCAAiE;AAEpD,QAAA,kCAAkC,GAAG,OAAC,CAAC,MAAM,CAAC;IACzD;;;;;OAKG;IACH,OAAO,EAAE,OAAC,CAAC,KAAK,CAAC,CAAC,qBAAe,EAAE,uBAAiB,CAAC,CAAC;CACvD,CAAC,CAAA","sourcesContent":["import { z } from 'zod'\nimport { signedJwtSchema, unsignedJwtSchema } from '@atproto/jwk'\n\nexport const oauthAuthorizationRequestJarSchema = z.object({\n  /**\n   * AuthorizationRequest inside a JWT:\n   * - \"iat\" is required and **MUST** be less than one minute\n   *\n   * @see {@link https://datatracker.ietf.org/doc/html/rfc9101}\n   */\n  request: z.union([signedJwtSchema, unsignedJwtSchema]),\n})\n\nexport type OAuthAuthorizationRequestJar = z.infer<\n  typeof oauthAuthorizationRequestJarSchema\n>\n"]}

package/dist/oauth-authorization-request-par.d.ts

@@ -3,7 +3,7 @@ export declare const oauthAuthorizationRequestParSchema: z.ZodUnion<[z.ZodObject
     client_id: z.ZodString;
     state: z.ZodOptional<z.ZodString>;
     redirect_uri: z.ZodOptional<z.ZodUnion<[z.ZodEffects<z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `http://[::1]${string}` | "http://localhost" | `http://localhost#${string}` | `http://localhost?${string}` | `http://localhost/${string}` | `http://localhost:${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}`, string>, `http://[::1]${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `https://${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `${string}.${string}:/${string}`, string>]>>;
-    scope: z.ZodOptional<z.ZodString>;
+    scope: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
     response_type: z.ZodEnum<["code", "token", "none", "code id_token token", "code id_token", "code token", "id_token token", "id_token"]>;
     code_challenge: z.ZodOptional<z.ZodString>;
     code_challenge_method: z.ZodOptional<z.ZodEnum<["S256", "plain"]>>;
@@ -65,8 +65,16 @@ export declare const oauthAuthorizationRequestParSchema: z.ZodUnion<[z.ZodObject
 }, "strip", z.ZodTypeAny, {
     client_id: string;
     response_type: "code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
-    redirect_uri?: `http://[::1]${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}` | `https://${string}` | `${string}.${string}:/${string}` | undefined;
     scope?: string | undefined;
+    redirect_uri?: `http://[::1]${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}` | `https://${string}` | `${string}.${string}:/${string}` | undefined;
+    authorization_details?: {
+        type: string;
+        locations?: `${string}:${string}`[] | undefined;
+        actions?: string[] | undefined;
+        datatypes?: string[] | undefined;
+        identifier?: string | undefined;
+        privileges?: string[] | undefined;
+    }[] | undefined;
     nonce?: string | undefined;
     state?: string | undefined;
     code_challenge?: string | undefined;
@@ -84,19 +92,12 @@ export declare const oauthAuthorizationRequestParSchema: z.ZodUnion<[z.ZodObject
     id_token_hint?: `${string}.${string}.${string}` | undefined;
     display?: "page" | "popup" | "touch" | "wap" | undefined;
     prompt?: "none" | "login" | "consent" | "select_account" | undefined;
-    authorization_details?: {
-        type: string;
-        locations?: `${string}:${string}`[] | undefined;
-        actions?: string[] | undefined;
-        datatypes?: string[] | undefined;
-        identifier?: string | undefined;
-        privileges?: string[] | undefined;
-    }[] | undefined;
 }, {
     client_id: string;
     response_type: "code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
-    redirect_uri?: string | undefined;
     scope?: string | undefined;
+    redirect_uri?: string | undefined;
+    authorization_details?: unknown;
     nonce?: string | undefined;
     state?: string | undefined;
     code_challenge?: string | undefined;
@@ -110,7 +111,6 @@ export declare const oauthAuthorizationRequestParSchema: z.ZodUnion<[z.ZodObject
     id_token_hint?: string | undefined;
     display?: "page" | "popup" | "touch" | "wap" | undefined;
     prompt?: "none" | "login" | "consent" | "select_account" | undefined;
-    authorization_details?: unknown;
 }>, z.ZodObject<{
     request: z.ZodUnion<[z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}.${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, `${string}.${string}`, string>]>;
 }, "strip", z.ZodTypeAny, {

package/dist/oauth-authorization-request-par.js.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-authorization-request-par.js","sourceRoot":"","sources":["../src/oauth-authorization-request-par.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,6FAAyF;AACzF,2GAAuG;AAE1F,QAAA,kCAAkC,GAAG,OAAC,CAAC,KAAK,CAAC;IACxD,qFAAyC;IACzC,uEAAkC;CACnC,CAAC,CAAA"}
+{"version":3,"file":"oauth-authorization-request-par.js","sourceRoot":"","sources":["../src/oauth-authorization-request-par.ts"],"names":[],"mappings":";;;AAAA,6BAAuB;AACvB,6FAAyF;AACzF,2GAAuG;AAE1F,QAAA,kCAAkC,GAAG,OAAC,CAAC,KAAK,CAAC;IACxD,qFAAyC;IACzC,uEAAkC;CACnC,CAAC,CAAA","sourcesContent":["import { z } from 'zod'\nimport { oauthAuthorizationRequestJarSchema } from './oauth-authorization-request-jar.js'\nimport { oauthAuthorizationRequestParametersSchema } from './oauth-authorization-request-parameters.js'\n\nexport const oauthAuthorizationRequestParSchema = z.union([\n  oauthAuthorizationRequestParametersSchema,\n  oauthAuthorizationRequestJarSchema,\n])\n\nexport type OAuthAuthorizationRequestPar = z.infer<\n  typeof oauthAuthorizationRequestParSchema\n>\n"]}

package/dist/oauth-authorization-request-parameters.d.ts

@@ -9,7 +9,7 @@ export declare const oauthAuthorizationRequestParametersSchema: z.ZodObject<{
     client_id: z.ZodString;
     state: z.ZodOptional<z.ZodString>;
     redirect_uri: z.ZodOptional<z.ZodUnion<[z.ZodEffects<z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `http://[::1]${string}` | "http://localhost" | `http://localhost#${string}` | `http://localhost?${string}` | `http://localhost/${string}` | `http://localhost:${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}`, string>, `http://[::1]${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `https://${string}`, string>, z.ZodEffects<z.ZodEffects<z.ZodString, `${string}:${string}`, string>, `${string}.${string}:/${string}`, string>]>>;
-    scope: z.ZodOptional<z.ZodString>;
+    scope: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
     response_type: z.ZodEnum<["code", "token", "none", "code id_token token", "code id_token", "code token", "id_token token", "id_token"]>;
     code_challenge: z.ZodOptional<z.ZodString>;
     code_challenge_method: z.ZodOptional<z.ZodEnum<["S256", "plain"]>>;
@@ -77,8 +77,16 @@ export declare const oauthAuthorizationRequestParametersSchema: z.ZodObject<{
 }, "strip", z.ZodTypeAny, {
     client_id: string;
     response_type: "code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
-    redirect_uri?: `http://[::1]${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}` | `https://${string}` | `${string}.${string}:/${string}` | undefined;
     scope?: string | undefined;
+    redirect_uri?: `http://[::1]${string}` | "http://127.0.0.1" | `http://127.0.0.1#${string}` | `http://127.0.0.1?${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}` | `https://${string}` | `${string}.${string}:/${string}` | undefined;
+    authorization_details?: {
+        type: string;
+        locations?: `${string}:${string}`[] | undefined;
+        actions?: string[] | undefined;
+        datatypes?: string[] | undefined;
+        identifier?: string | undefined;
+        privileges?: string[] | undefined;
+    }[] | undefined;
     nonce?: string | undefined;
     state?: string | undefined;
     code_challenge?: string | undefined;
@@ -96,19 +104,12 @@ export declare const oauthAuthorizationRequestParametersSchema: z.ZodObject<{
     id_token_hint?: `${string}.${string}.${string}` | undefined;
     display?: "page" | "popup" | "touch" | "wap" | undefined;
     prompt?: "none" | "login" | "consent" | "select_account" | undefined;
-    authorization_details?: {
-        type: string;
-        locations?: `${string}:${string}`[] | undefined;
-        actions?: string[] | undefined;
-        datatypes?: string[] | undefined;
-        identifier?: string | undefined;
-        privileges?: string[] | undefined;
-    }[] | undefined;
 }, {
     client_id: string;
     response_type: "code" | "none" | "token" | "code id_token token" | "code id_token" | "code token" | "id_token token" | "id_token";
-    redirect_uri?: string | undefined;
     scope?: string | undefined;
+    redirect_uri?: string | undefined;
+    authorization_details?: unknown;
     nonce?: string | undefined;
     state?: string | undefined;
     code_challenge?: string | undefined;
@@ -122,7 +123,6 @@ export declare const oauthAuthorizationRequestParametersSchema: z.ZodObject<{
     id_token_hint?: string | undefined;
     display?: "page" | "popup" | "touch" | "wap" | undefined;
     prompt?: "none" | "login" | "consent" | "select_account" | undefined;
-    authorization_details?: unknown;
 }>;
 /**
  * @see {oauthAuthorizationRequestParametersSchema}