@atproto/pds 0.4.164 → 0.4.166

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (296) hide show
  1. package/CHANGELOG.md +19 -0
  2. package/dist/account-manager/account-manager.js +2 -2
  3. package/dist/account-manager/account-manager.js.map +1 -1
  4. package/dist/account-manager/helpers/account-device.d.ts +4 -4
  5. package/dist/account-manager/helpers/account.d.ts +1 -1
  6. package/dist/account-manager/helpers/auth.d.ts +1 -1
  7. package/dist/account-manager/helpers/auth.d.ts.map +1 -1
  8. package/dist/account-manager/helpers/auth.js +8 -8
  9. package/dist/account-manager/helpers/auth.js.map +1 -1
  10. package/dist/account-manager/helpers/authorization-request.d.ts +1 -1
  11. package/dist/account-manager/helpers/authorization-request.d.ts.map +1 -1
  12. package/dist/account-manager/helpers/authorization-request.js +16 -8
  13. package/dist/account-manager/helpers/authorization-request.js.map +1 -1
  14. package/dist/account-manager/helpers/token.d.ts +65 -65
  15. package/dist/actor-store/preference/reader.d.ts +2 -2
  16. package/dist/actor-store/preference/reader.d.ts.map +1 -1
  17. package/dist/actor-store/preference/reader.js +2 -2
  18. package/dist/actor-store/preference/reader.js.map +1 -1
  19. package/dist/actor-store/preference/transactor.d.ts +2 -2
  20. package/dist/actor-store/preference/transactor.d.ts.map +1 -1
  21. package/dist/actor-store/preference/transactor.js +5 -5
  22. package/dist/actor-store/preference/transactor.js.map +1 -1
  23. package/dist/actor-store/preference/util.d.ts +4 -2
  24. package/dist/actor-store/preference/util.d.ts.map +1 -1
  25. package/dist/actor-store/preference/util.js +9 -8
  26. package/dist/actor-store/preference/util.js.map +1 -1
  27. package/dist/actor-store/record/reader.d.ts +2 -2
  28. package/dist/api/app/bsky/actor/getPreferences.d.ts.map +1 -1
  29. package/dist/api/app/bsky/actor/getPreferences.js +29 -7
  30. package/dist/api/app/bsky/actor/getPreferences.js.map +1 -1
  31. package/dist/api/app/bsky/actor/getProfile.d.ts.map +1 -1
  32. package/dist/api/app/bsky/actor/getProfile.js +9 -1
  33. package/dist/api/app/bsky/actor/getProfile.js.map +1 -1
  34. package/dist/api/app/bsky/actor/getProfiles.d.ts.map +1 -1
  35. package/dist/api/app/bsky/actor/getProfiles.js +9 -1
  36. package/dist/api/app/bsky/actor/getProfiles.js.map +1 -1
  37. package/dist/api/app/bsky/actor/putPreferences.d.ts.map +1 -1
  38. package/dist/api/app/bsky/actor/putPreferences.js +30 -8
  39. package/dist/api/app/bsky/actor/putPreferences.js.map +1 -1
  40. package/dist/api/app/bsky/feed/getActorLikes.d.ts.map +1 -1
  41. package/dist/api/app/bsky/feed/getActorLikes.js +9 -1
  42. package/dist/api/app/bsky/feed/getActorLikes.js.map +1 -1
  43. package/dist/api/app/bsky/feed/getAuthorFeed.d.ts.map +1 -1
  44. package/dist/api/app/bsky/feed/getAuthorFeed.js +9 -1
  45. package/dist/api/app/bsky/feed/getAuthorFeed.js.map +1 -1
  46. package/dist/api/app/bsky/feed/getFeed.d.ts.map +1 -1
  47. package/dist/api/app/bsky/feed/getFeed.js +8 -1
  48. package/dist/api/app/bsky/feed/getFeed.js.map +1 -1
  49. package/dist/api/app/bsky/feed/getPostThread.d.ts.map +1 -1
  50. package/dist/api/app/bsky/feed/getPostThread.js +8 -1
  51. package/dist/api/app/bsky/feed/getPostThread.js.map +1 -1
  52. package/dist/api/app/bsky/feed/getTimeline.d.ts.map +1 -1
  53. package/dist/api/app/bsky/feed/getTimeline.js +9 -1
  54. package/dist/api/app/bsky/feed/getTimeline.js.map +1 -1
  55. package/dist/api/app/bsky/notification/registerPush.d.ts.map +1 -1
  56. package/dist/api/app/bsky/notification/registerPush.js +16 -4
  57. package/dist/api/app/bsky/notification/registerPush.js.map +1 -1
  58. package/dist/api/com/atproto/identity/getRecommendedDidCredentials.d.ts.map +1 -1
  59. package/dist/api/com/atproto/identity/getRecommendedDidCredentials.js +5 -1
  60. package/dist/api/com/atproto/identity/getRecommendedDidCredentials.js.map +1 -1
  61. package/dist/api/com/atproto/identity/requestPlcOperationSignature.d.ts.map +1 -1
  62. package/dist/api/com/atproto/identity/requestPlcOperationSignature.js +9 -2
  63. package/dist/api/com/atproto/identity/requestPlcOperationSignature.js.map +1 -1
  64. package/dist/api/com/atproto/identity/signPlcOperation.d.ts.map +1 -1
  65. package/dist/api/com/atproto/identity/signPlcOperation.js +9 -1
  66. package/dist/api/com/atproto/identity/signPlcOperation.js.map +1 -1
  67. package/dist/api/com/atproto/identity/submitPlcOperation.d.ts.map +1 -1
  68. package/dist/api/com/atproto/identity/submitPlcOperation.js +5 -1
  69. package/dist/api/com/atproto/identity/submitPlcOperation.js.map +1 -1
  70. package/dist/api/com/atproto/identity/updateHandle.d.ts.map +1 -1
  71. package/dist/api/com/atproto/identity/updateHandle.js +6 -1
  72. package/dist/api/com/atproto/identity/updateHandle.js.map +1 -1
  73. package/dist/api/com/atproto/moderation/createReport.d.ts.map +1 -1
  74. package/dist/api/com/atproto/moderation/createReport.js +8 -3
  75. package/dist/api/com/atproto/moderation/createReport.js.map +1 -1
  76. package/dist/api/com/atproto/repo/applyWrites.d.ts.map +1 -1
  77. package/dist/api/com/atproto/repo/applyWrites.js +25 -19
  78. package/dist/api/com/atproto/repo/applyWrites.js.map +1 -1
  79. package/dist/api/com/atproto/repo/createRecord.d.ts.map +1 -1
  80. package/dist/api/com/atproto/repo/createRecord.js +10 -1
  81. package/dist/api/com/atproto/repo/createRecord.js.map +1 -1
  82. package/dist/api/com/atproto/repo/deleteRecord.d.ts.map +1 -1
  83. package/dist/api/com/atproto/repo/deleteRecord.js +12 -1
  84. package/dist/api/com/atproto/repo/deleteRecord.js.map +1 -1
  85. package/dist/api/com/atproto/repo/importRepo.d.ts.map +1 -1
  86. package/dist/api/com/atproto/repo/importRepo.js +7 -2
  87. package/dist/api/com/atproto/repo/importRepo.js.map +1 -1
  88. package/dist/api/com/atproto/repo/listMissingBlobs.d.ts.map +1 -1
  89. package/dist/api/com/atproto/repo/listMissingBlobs.js +6 -2
  90. package/dist/api/com/atproto/repo/listMissingBlobs.js.map +1 -1
  91. package/dist/api/com/atproto/repo/putRecord.d.ts.map +1 -1
  92. package/dist/api/com/atproto/repo/putRecord.js +17 -11
  93. package/dist/api/com/atproto/repo/putRecord.js.map +1 -1
  94. package/dist/api/com/atproto/repo/uploadBlob.d.ts.map +1 -1
  95. package/dist/api/com/atproto/repo/uploadBlob.js +5 -1
  96. package/dist/api/com/atproto/repo/uploadBlob.js.map +1 -1
  97. package/dist/api/com/atproto/server/activateAccount.d.ts.map +1 -1
  98. package/dist/api/com/atproto/server/activateAccount.js +7 -1
  99. package/dist/api/com/atproto/server/activateAccount.js.map +1 -1
  100. package/dist/api/com/atproto/server/checkAccountStatus.d.ts.map +1 -1
  101. package/dist/api/com/atproto/server/checkAccountStatus.js +5 -1
  102. package/dist/api/com/atproto/server/checkAccountStatus.js.map +1 -1
  103. package/dist/api/com/atproto/server/confirmEmail.d.ts.map +1 -1
  104. package/dist/api/com/atproto/server/confirmEmail.js +6 -1
  105. package/dist/api/com/atproto/server/confirmEmail.js.map +1 -1
  106. package/dist/api/com/atproto/server/createAppPassword.d.ts.map +1 -1
  107. package/dist/api/com/atproto/server/createAppPassword.js +7 -1
  108. package/dist/api/com/atproto/server/createAppPassword.js.map +1 -1
  109. package/dist/api/com/atproto/server/deactivateAccount.d.ts.map +1 -1
  110. package/dist/api/com/atproto/server/deactivateAccount.js +9 -2
  111. package/dist/api/com/atproto/server/deactivateAccount.js.map +1 -1
  112. package/dist/api/com/atproto/server/deleteSession.d.ts.map +1 -1
  113. package/dist/api/com/atproto/server/deleteSession.js +3 -1
  114. package/dist/api/com/atproto/server/deleteSession.js.map +1 -1
  115. package/dist/api/com/atproto/server/getAccountInviteCodes.d.ts.map +1 -1
  116. package/dist/api/com/atproto/server/getAccountInviteCodes.js +8 -1
  117. package/dist/api/com/atproto/server/getAccountInviteCodes.js.map +1 -1
  118. package/dist/api/com/atproto/server/getServiceAuth.d.ts.map +1 -1
  119. package/dist/api/com/atproto/server/getServiceAuth.js +24 -13
  120. package/dist/api/com/atproto/server/getServiceAuth.js.map +1 -1
  121. package/dist/api/com/atproto/server/getSession.d.ts.map +1 -1
  122. package/dist/api/com/atproto/server/getSession.js +12 -19
  123. package/dist/api/com/atproto/server/getSession.js.map +1 -1
  124. package/dist/api/com/atproto/server/listAppPasswords.d.ts.map +1 -1
  125. package/dist/api/com/atproto/server/listAppPasswords.js +6 -1
  126. package/dist/api/com/atproto/server/listAppPasswords.js.map +1 -1
  127. package/dist/api/com/atproto/server/refreshSession.js +1 -1
  128. package/dist/api/com/atproto/server/refreshSession.js.map +1 -1
  129. package/dist/api/com/atproto/server/requestAccountDelete.d.ts.map +1 -1
  130. package/dist/api/com/atproto/server/requestAccountDelete.js +8 -1
  131. package/dist/api/com/atproto/server/requestAccountDelete.js.map +1 -1
  132. package/dist/api/com/atproto/server/requestEmailConfirmation.d.ts.map +1 -1
  133. package/dist/api/com/atproto/server/requestEmailConfirmation.js +6 -1
  134. package/dist/api/com/atproto/server/requestEmailConfirmation.js.map +1 -1
  135. package/dist/api/com/atproto/server/requestEmailUpdate.d.ts.map +1 -1
  136. package/dist/api/com/atproto/server/requestEmailUpdate.js +6 -1
  137. package/dist/api/com/atproto/server/requestEmailUpdate.js.map +1 -1
  138. package/dist/api/com/atproto/server/revokeAppPassword.d.ts.map +1 -1
  139. package/dist/api/com/atproto/server/revokeAppPassword.js +6 -1
  140. package/dist/api/com/atproto/server/revokeAppPassword.js.map +1 -1
  141. package/dist/api/com/atproto/server/updateEmail.d.ts.map +1 -1
  142. package/dist/api/com/atproto/server/updateEmail.js +8 -1
  143. package/dist/api/com/atproto/server/updateEmail.js.map +1 -1
  144. package/dist/api/com/atproto/sync/deprecated/getCheckout.d.ts.map +1 -1
  145. package/dist/api/com/atproto/sync/deprecated/getCheckout.js +7 -2
  146. package/dist/api/com/atproto/sync/deprecated/getCheckout.js.map +1 -1
  147. package/dist/api/com/atproto/sync/deprecated/getHead.d.ts.map +1 -1
  148. package/dist/api/com/atproto/sync/deprecated/getHead.js +7 -2
  149. package/dist/api/com/atproto/sync/deprecated/getHead.js.map +1 -1
  150. package/dist/api/com/atproto/sync/getBlob.d.ts.map +1 -1
  151. package/dist/api/com/atproto/sync/getBlob.js +7 -3
  152. package/dist/api/com/atproto/sync/getBlob.js.map +1 -1
  153. package/dist/api/com/atproto/sync/getBlocks.d.ts.map +1 -1
  154. package/dist/api/com/atproto/sync/getBlocks.js +7 -2
  155. package/dist/api/com/atproto/sync/getBlocks.js.map +1 -1
  156. package/dist/api/com/atproto/sync/getLatestCommit.d.ts.map +1 -1
  157. package/dist/api/com/atproto/sync/getLatestCommit.js +7 -2
  158. package/dist/api/com/atproto/sync/getLatestCommit.js.map +1 -1
  159. package/dist/api/com/atproto/sync/getRecord.d.ts.map +1 -1
  160. package/dist/api/com/atproto/sync/getRecord.js +7 -2
  161. package/dist/api/com/atproto/sync/getRecord.js.map +1 -1
  162. package/dist/api/com/atproto/sync/getRepo.d.ts.map +1 -1
  163. package/dist/api/com/atproto/sync/getRepo.js +7 -3
  164. package/dist/api/com/atproto/sync/getRepo.js.map +1 -1
  165. package/dist/api/com/atproto/sync/listBlobs.d.ts.map +1 -1
  166. package/dist/api/com/atproto/sync/listBlobs.js +7 -3
  167. package/dist/api/com/atproto/sync/listBlobs.js.map +1 -1
  168. package/dist/api/com/atproto/temp/checkSignupQueue.d.ts.map +1 -1
  169. package/dist/api/com/atproto/temp/checkSignupQueue.js +7 -3
  170. package/dist/api/com/atproto/temp/checkSignupQueue.js.map +1 -1
  171. package/dist/auth-output.d.ts +45 -0
  172. package/dist/auth-output.d.ts.map +1 -0
  173. package/dist/auth-output.js +3 -0
  174. package/dist/auth-output.js.map +1 -0
  175. package/dist/auth-scope.d.ts +16 -0
  176. package/dist/auth-scope.d.ts.map +1 -0
  177. package/dist/auth-scope.js +40 -0
  178. package/dist/auth-scope.js.map +1 -0
  179. package/dist/auth-verifier.d.ts +50 -115
  180. package/dist/auth-verifier.d.ts.map +1 -1
  181. package/dist/auth-verifier.js +275 -366
  182. package/dist/auth-verifier.js.map +1 -1
  183. package/dist/config/config.d.ts +2 -1
  184. package/dist/config/config.d.ts.map +1 -1
  185. package/dist/config/config.js +2 -1
  186. package/dist/config/config.js.map +1 -1
  187. package/dist/config/env.d.ts +1 -0
  188. package/dist/config/env.d.ts.map +1 -1
  189. package/dist/config/env.js +3 -1
  190. package/dist/config/env.js.map +1 -1
  191. package/dist/context.d.ts.map +1 -1
  192. package/dist/context.js +5 -5
  193. package/dist/context.js.map +1 -1
  194. package/dist/lexicon/index.d.ts +234 -230
  195. package/dist/lexicon/index.d.ts.map +1 -1
  196. package/dist/lexicon/index.js +682 -674
  197. package/dist/lexicon/index.js.map +1 -1
  198. package/dist/lexicon/lexicons.d.ts +17994 -17706
  199. package/dist/lexicon/lexicons.d.ts.map +1 -1
  200. package/dist/lexicon/lexicons.js +9126 -8980
  201. package/dist/lexicon/lexicons.js.map +1 -1
  202. package/dist/lexicon/types/app/bsky/graph/getLists.d.ts +2 -0
  203. package/dist/lexicon/types/app/bsky/graph/getLists.d.ts.map +1 -1
  204. package/dist/lexicon/types/app/bsky/graph/getListsWithMembership.d.ts +40 -0
  205. package/dist/lexicon/types/app/bsky/graph/getListsWithMembership.d.ts.map +1 -0
  206. package/dist/lexicon/types/app/bsky/graph/getListsWithMembership.js +16 -0
  207. package/dist/lexicon/types/app/bsky/graph/getListsWithMembership.js.map +1 -0
  208. package/dist/lexicon/types/app/bsky/graph/getStarterPacksWithMembership.d.ts +38 -0
  209. package/dist/lexicon/types/app/bsky/graph/getStarterPacksWithMembership.d.ts.map +1 -0
  210. package/dist/lexicon/types/app/bsky/graph/getStarterPacksWithMembership.js +16 -0
  211. package/dist/lexicon/types/app/bsky/graph/getStarterPacksWithMembership.js.map +1 -0
  212. package/dist/pipethrough.d.ts +5 -3
  213. package/dist/pipethrough.d.ts.map +1 -1
  214. package/dist/pipethrough.js +42 -15
  215. package/dist/pipethrough.js.map +1 -1
  216. package/dist/sequencer/events.d.ts +13 -13
  217. package/dist/util/http.d.ts +7 -0
  218. package/dist/util/http.d.ts.map +1 -0
  219. package/dist/util/http.js +31 -0
  220. package/dist/util/http.js.map +1 -0
  221. package/dist/util/types.d.ts +5 -0
  222. package/dist/util/types.d.ts.map +1 -0
  223. package/dist/util/types.js +3 -0
  224. package/dist/util/types.js.map +1 -0
  225. package/package.json +7 -6
  226. package/src/account-manager/account-manager.ts +1 -1
  227. package/src/account-manager/helpers/auth.ts +1 -1
  228. package/src/account-manager/helpers/authorization-request.ts +8 -4
  229. package/src/actor-store/preference/reader.ts +3 -4
  230. package/src/actor-store/preference/transactor.ts +6 -7
  231. package/src/actor-store/preference/util.ts +15 -5
  232. package/src/api/app/bsky/actor/getPreferences.ts +33 -8
  233. package/src/api/app/bsky/actor/getProfile.ts +9 -1
  234. package/src/api/app/bsky/actor/getProfiles.ts +9 -1
  235. package/src/api/app/bsky/actor/putPreferences.ts +35 -12
  236. package/src/api/app/bsky/feed/getActorLikes.ts +9 -1
  237. package/src/api/app/bsky/feed/getAuthorFeed.ts +9 -1
  238. package/src/api/app/bsky/feed/getFeed.ts +9 -2
  239. package/src/api/app/bsky/feed/getPostThread.ts +8 -1
  240. package/src/api/app/bsky/feed/getTimeline.ts +9 -1
  241. package/src/api/app/bsky/notification/registerPush.ts +16 -5
  242. package/src/api/com/atproto/identity/getRecommendedDidCredentials.ts +5 -1
  243. package/src/api/com/atproto/identity/requestPlcOperationSignature.ts +9 -2
  244. package/src/api/com/atproto/identity/signPlcOperation.ts +9 -1
  245. package/src/api/com/atproto/identity/submitPlcOperation.ts +5 -1
  246. package/src/api/com/atproto/identity/updateHandle.ts +6 -1
  247. package/src/api/com/atproto/moderation/createReport.ts +8 -3
  248. package/src/api/com/atproto/repo/applyWrites.ts +28 -20
  249. package/src/api/com/atproto/repo/createRecord.ts +12 -1
  250. package/src/api/com/atproto/repo/deleteRecord.ts +14 -1
  251. package/src/api/com/atproto/repo/importRepo.ts +9 -2
  252. package/src/api/com/atproto/repo/listMissingBlobs.ts +7 -2
  253. package/src/api/com/atproto/repo/putRecord.ts +18 -10
  254. package/src/api/com/atproto/repo/uploadBlob.ts +6 -2
  255. package/src/api/com/atproto/server/activateAccount.ts +10 -2
  256. package/src/api/com/atproto/server/checkAccountStatus.ts +5 -1
  257. package/src/api/com/atproto/server/confirmEmail.ts +6 -1
  258. package/src/api/com/atproto/server/createAppPassword.ts +9 -1
  259. package/src/api/com/atproto/server/deactivateAccount.ts +11 -2
  260. package/src/api/com/atproto/server/deleteSession.ts +3 -1
  261. package/src/api/com/atproto/server/getAccountInviteCodes.ts +11 -2
  262. package/src/api/com/atproto/server/getServiceAuth.ts +37 -18
  263. package/src/api/com/atproto/server/getSession.ts +20 -27
  264. package/src/api/com/atproto/server/listAppPasswords.ts +8 -1
  265. package/src/api/com/atproto/server/refreshSession.ts +1 -1
  266. package/src/api/com/atproto/server/requestAccountDelete.ts +11 -2
  267. package/src/api/com/atproto/server/requestEmailConfirmation.ts +6 -1
  268. package/src/api/com/atproto/server/requestEmailUpdate.ts +6 -1
  269. package/src/api/com/atproto/server/revokeAppPassword.ts +8 -1
  270. package/src/api/com/atproto/server/updateEmail.ts +11 -2
  271. package/src/api/com/atproto/sync/deprecated/getCheckout.ts +7 -6
  272. package/src/api/com/atproto/sync/deprecated/getHead.ts +7 -6
  273. package/src/api/com/atproto/sync/getBlob.ts +7 -7
  274. package/src/api/com/atproto/sync/getBlocks.ts +7 -6
  275. package/src/api/com/atproto/sync/getLatestCommit.ts +7 -6
  276. package/src/api/com/atproto/sync/getRecord.ts +7 -6
  277. package/src/api/com/atproto/sync/getRepo.ts +7 -7
  278. package/src/api/com/atproto/sync/listBlobs.ts +7 -7
  279. package/src/api/com/atproto/temp/checkSignupQueue.ts +8 -2
  280. package/src/auth-output.ts +51 -0
  281. package/src/auth-scope.ts +40 -0
  282. package/src/auth-verifier.ts +404 -520
  283. package/src/config/config.ts +7 -7
  284. package/src/config/env.ts +5 -1
  285. package/src/context.ts +6 -5
  286. package/src/lexicon/index.ts +1247 -1221
  287. package/src/lexicon/lexicons.ts +9494 -9341
  288. package/src/lexicon/types/app/bsky/graph/getLists.ts +2 -0
  289. package/src/lexicon/types/app/bsky/graph/getListsWithMembership.ts +63 -0
  290. package/src/lexicon/types/app/bsky/graph/getStarterPacksWithMembership.ts +65 -0
  291. package/src/pipethrough.ts +61 -18
  292. package/src/util/http.ts +31 -0
  293. package/src/util/types.ts +7 -0
  294. package/tests/oauth.test.ts +11 -37
  295. package/tests/preferences.test.ts +7 -3
  296. package/tsconfig.build.tsbuildinfo +1 -1
package/src/config/config.ts CHANGED
@@ -255,7 +255,7 @@ export const envToCfg = (env: ServerEnvironment): ServerConfig => {
255
255
  const oauthCfg: ServerConfig['oauth'] = entrywayCfg
256
256
  ? {
257
257
  issuer: entrywayCfg.url,
258
- provider: false,
258
+ provider: undefined,
259
259
  }
260
260
  : {
261
261
  issuer: serviceCfg.publicUrl,
@@ -315,6 +315,7 @@ export const envToCfg = (env: ServerEnvironment): ServerConfig => {
315
315
  f.href != null && f.href !== '',
316
316
  ),
317
317
  },
318
+ trustedClients: env.trustedOAuthClients,
318
319
  },
319
320
  }
320
321
 
@@ -452,12 +453,11 @@ export type ProxyConfig = {
452
453
 
453
454
  export type OAuthConfig = {
454
455
  issuer: string
455
- provider:
456
- | false
457
- | {
458
- hcaptcha?: HcaptchaConfig
459
- branding: BrandingInput
460
- }
456
+ provider?: {
457
+ hcaptcha?: HcaptchaConfig
458
+ branding: BrandingInput
459
+ trustedClients?: string[]
460
+ }
461
461
  }
462
462
 
463
463
  export type InvitesConfig =
package/src/config/env.ts CHANGED
@@ -18,11 +18,14 @@ export const readEnv = (): ServerEnvironment => {
18
18
  blobUploadLimit: envInt('PDS_BLOB_UPLOAD_LIMIT'),
19
19
  devMode: envBool('PDS_DEV_MODE'),
20
20
 
21
- // OAuth
21
+ // hCaptcha
22
22
  hcaptchaSiteKey: envStr('PDS_HCAPTCHA_SITE_KEY'),
23
23
  hcaptchaSecretKey: envStr('PDS_HCAPTCHA_SECRET_KEY'),
24
24
  hcaptchaTokenSalt: envStr('PDS_HCAPTCHA_TOKEN_SALT'),
25
25
 
26
+ // OAuth
27
+ trustedOAuthClients: envList('PDS_OAUTH_TRUSTED_CLIENTS'),
28
+
26
29
  // branding
27
30
  lightColor: envStr('PDS_LIGHT_COLOR'),
28
31
  darkColor: envStr('PDS_DARK_COLOR'),
@@ -171,6 +174,7 @@ export type ServerEnvironment = {
171
174
  hcaptchaSiteKey?: string
172
175
  hcaptchaSecretKey?: string
173
176
  hcaptchaTokenSalt?: string
177
+ trustedOAuthClients?: string[]
174
178
 
175
179
  // branding
176
180
  lightColor?: string
package/src/context.ts CHANGED
@@ -333,17 +333,18 @@ export class AppContext {
333
333
  safeFetch,
334
334
  metadata: {
335
335
  protected_resources: [new URL(cfg.oauth.issuer).origin],
336
- scopes_supported: [
337
- 'transition:email',
338
- 'transition:generic',
339
- 'transition:chat.bsky',
340
- ],
341
336
  },
342
337
  // If the PDS is both an authorization server & resource server (no
343
338
  // entryway), there is no need to use JWTs as access tokens. Instead,
344
339
  // the PDS can use tokenId as access tokens. This allows the PDS to
345
340
  // always use up-to-date token data from the token store.
346
341
  accessTokenMode: AccessTokenMode.light,
342
+
343
+ getClientInfo(clientId) {
344
+ return {
345
+ isTrusted: cfg.oauth.provider?.trustedClients?.includes(clientId),
346
+ }
347
+ },
347
348
  })
348
349
  : undefined
349
350