@atproto/pds 0.4.164 → 0.4.166
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +19 -0
- package/dist/account-manager/account-manager.js +2 -2
- package/dist/account-manager/account-manager.js.map +1 -1
- package/dist/account-manager/helpers/account-device.d.ts +4 -4
- package/dist/account-manager/helpers/account.d.ts +1 -1
- package/dist/account-manager/helpers/auth.d.ts +1 -1
- package/dist/account-manager/helpers/auth.d.ts.map +1 -1
- package/dist/account-manager/helpers/auth.js +8 -8
- package/dist/account-manager/helpers/auth.js.map +1 -1
- package/dist/account-manager/helpers/authorization-request.d.ts +1 -1
- package/dist/account-manager/helpers/authorization-request.d.ts.map +1 -1
- package/dist/account-manager/helpers/authorization-request.js +16 -8
- package/dist/account-manager/helpers/authorization-request.js.map +1 -1
- package/dist/account-manager/helpers/token.d.ts +65 -65
- package/dist/actor-store/preference/reader.d.ts +2 -2
- package/dist/actor-store/preference/reader.d.ts.map +1 -1
- package/dist/actor-store/preference/reader.js +2 -2
- package/dist/actor-store/preference/reader.js.map +1 -1
- package/dist/actor-store/preference/transactor.d.ts +2 -2
- package/dist/actor-store/preference/transactor.d.ts.map +1 -1
- package/dist/actor-store/preference/transactor.js +5 -5
- package/dist/actor-store/preference/transactor.js.map +1 -1
- package/dist/actor-store/preference/util.d.ts +4 -2
- package/dist/actor-store/preference/util.d.ts.map +1 -1
- package/dist/actor-store/preference/util.js +9 -8
- package/dist/actor-store/preference/util.js.map +1 -1
- package/dist/actor-store/record/reader.d.ts +2 -2
- package/dist/api/app/bsky/actor/getPreferences.d.ts.map +1 -1
- package/dist/api/app/bsky/actor/getPreferences.js +29 -7
- package/dist/api/app/bsky/actor/getPreferences.js.map +1 -1
- package/dist/api/app/bsky/actor/getProfile.d.ts.map +1 -1
- package/dist/api/app/bsky/actor/getProfile.js +9 -1
- package/dist/api/app/bsky/actor/getProfile.js.map +1 -1
- package/dist/api/app/bsky/actor/getProfiles.d.ts.map +1 -1
- package/dist/api/app/bsky/actor/getProfiles.js +9 -1
- package/dist/api/app/bsky/actor/getProfiles.js.map +1 -1
- package/dist/api/app/bsky/actor/putPreferences.d.ts.map +1 -1
- package/dist/api/app/bsky/actor/putPreferences.js +30 -8
- package/dist/api/app/bsky/actor/putPreferences.js.map +1 -1
- package/dist/api/app/bsky/feed/getActorLikes.d.ts.map +1 -1
- package/dist/api/app/bsky/feed/getActorLikes.js +9 -1
- package/dist/api/app/bsky/feed/getActorLikes.js.map +1 -1
- package/dist/api/app/bsky/feed/getAuthorFeed.d.ts.map +1 -1
- package/dist/api/app/bsky/feed/getAuthorFeed.js +9 -1
- package/dist/api/app/bsky/feed/getAuthorFeed.js.map +1 -1
- package/dist/api/app/bsky/feed/getFeed.d.ts.map +1 -1
- package/dist/api/app/bsky/feed/getFeed.js +8 -1
- package/dist/api/app/bsky/feed/getFeed.js.map +1 -1
- package/dist/api/app/bsky/feed/getPostThread.d.ts.map +1 -1
- package/dist/api/app/bsky/feed/getPostThread.js +8 -1
- package/dist/api/app/bsky/feed/getPostThread.js.map +1 -1
- package/dist/api/app/bsky/feed/getTimeline.d.ts.map +1 -1
- package/dist/api/app/bsky/feed/getTimeline.js +9 -1
- package/dist/api/app/bsky/feed/getTimeline.js.map +1 -1
- package/dist/api/app/bsky/notification/registerPush.d.ts.map +1 -1
- package/dist/api/app/bsky/notification/registerPush.js +16 -4
- package/dist/api/app/bsky/notification/registerPush.js.map +1 -1
- package/dist/api/com/atproto/identity/getRecommendedDidCredentials.d.ts.map +1 -1
- package/dist/api/com/atproto/identity/getRecommendedDidCredentials.js +5 -1
- package/dist/api/com/atproto/identity/getRecommendedDidCredentials.js.map +1 -1
- package/dist/api/com/atproto/identity/requestPlcOperationSignature.d.ts.map +1 -1
- package/dist/api/com/atproto/identity/requestPlcOperationSignature.js +9 -2
- package/dist/api/com/atproto/identity/requestPlcOperationSignature.js.map +1 -1
- package/dist/api/com/atproto/identity/signPlcOperation.d.ts.map +1 -1
- package/dist/api/com/atproto/identity/signPlcOperation.js +9 -1
- package/dist/api/com/atproto/identity/signPlcOperation.js.map +1 -1
- package/dist/api/com/atproto/identity/submitPlcOperation.d.ts.map +1 -1
- package/dist/api/com/atproto/identity/submitPlcOperation.js +5 -1
- package/dist/api/com/atproto/identity/submitPlcOperation.js.map +1 -1
- package/dist/api/com/atproto/identity/updateHandle.d.ts.map +1 -1
- package/dist/api/com/atproto/identity/updateHandle.js +6 -1
- package/dist/api/com/atproto/identity/updateHandle.js.map +1 -1
- package/dist/api/com/atproto/moderation/createReport.d.ts.map +1 -1
- package/dist/api/com/atproto/moderation/createReport.js +8 -3
- package/dist/api/com/atproto/moderation/createReport.js.map +1 -1
- package/dist/api/com/atproto/repo/applyWrites.d.ts.map +1 -1
- package/dist/api/com/atproto/repo/applyWrites.js +25 -19
- package/dist/api/com/atproto/repo/applyWrites.js.map +1 -1
- package/dist/api/com/atproto/repo/createRecord.d.ts.map +1 -1
- package/dist/api/com/atproto/repo/createRecord.js +10 -1
- package/dist/api/com/atproto/repo/createRecord.js.map +1 -1
- package/dist/api/com/atproto/repo/deleteRecord.d.ts.map +1 -1
- package/dist/api/com/atproto/repo/deleteRecord.js +12 -1
- package/dist/api/com/atproto/repo/deleteRecord.js.map +1 -1
- package/dist/api/com/atproto/repo/importRepo.d.ts.map +1 -1
- package/dist/api/com/atproto/repo/importRepo.js +7 -2
- package/dist/api/com/atproto/repo/importRepo.js.map +1 -1
- package/dist/api/com/atproto/repo/listMissingBlobs.d.ts.map +1 -1
- package/dist/api/com/atproto/repo/listMissingBlobs.js +6 -2
- package/dist/api/com/atproto/repo/listMissingBlobs.js.map +1 -1
- package/dist/api/com/atproto/repo/putRecord.d.ts.map +1 -1
- package/dist/api/com/atproto/repo/putRecord.js +17 -11
- package/dist/api/com/atproto/repo/putRecord.js.map +1 -1
- package/dist/api/com/atproto/repo/uploadBlob.d.ts.map +1 -1
- package/dist/api/com/atproto/repo/uploadBlob.js +5 -1
- package/dist/api/com/atproto/repo/uploadBlob.js.map +1 -1
- package/dist/api/com/atproto/server/activateAccount.d.ts.map +1 -1
- package/dist/api/com/atproto/server/activateAccount.js +7 -1
- package/dist/api/com/atproto/server/activateAccount.js.map +1 -1
- package/dist/api/com/atproto/server/checkAccountStatus.d.ts.map +1 -1
- package/dist/api/com/atproto/server/checkAccountStatus.js +5 -1
- package/dist/api/com/atproto/server/checkAccountStatus.js.map +1 -1
- package/dist/api/com/atproto/server/confirmEmail.d.ts.map +1 -1
- package/dist/api/com/atproto/server/confirmEmail.js +6 -1
- package/dist/api/com/atproto/server/confirmEmail.js.map +1 -1
- package/dist/api/com/atproto/server/createAppPassword.d.ts.map +1 -1
- package/dist/api/com/atproto/server/createAppPassword.js +7 -1
- package/dist/api/com/atproto/server/createAppPassword.js.map +1 -1
- package/dist/api/com/atproto/server/deactivateAccount.d.ts.map +1 -1
- package/dist/api/com/atproto/server/deactivateAccount.js +9 -2
- package/dist/api/com/atproto/server/deactivateAccount.js.map +1 -1
- package/dist/api/com/atproto/server/deleteSession.d.ts.map +1 -1
- package/dist/api/com/atproto/server/deleteSession.js +3 -1
- package/dist/api/com/atproto/server/deleteSession.js.map +1 -1
- package/dist/api/com/atproto/server/getAccountInviteCodes.d.ts.map +1 -1
- package/dist/api/com/atproto/server/getAccountInviteCodes.js +8 -1
- package/dist/api/com/atproto/server/getAccountInviteCodes.js.map +1 -1
- package/dist/api/com/atproto/server/getServiceAuth.d.ts.map +1 -1
- package/dist/api/com/atproto/server/getServiceAuth.js +24 -13
- package/dist/api/com/atproto/server/getServiceAuth.js.map +1 -1
- package/dist/api/com/atproto/server/getSession.d.ts.map +1 -1
- package/dist/api/com/atproto/server/getSession.js +12 -19
- package/dist/api/com/atproto/server/getSession.js.map +1 -1
- package/dist/api/com/atproto/server/listAppPasswords.d.ts.map +1 -1
- package/dist/api/com/atproto/server/listAppPasswords.js +6 -1
- package/dist/api/com/atproto/server/listAppPasswords.js.map +1 -1
- package/dist/api/com/atproto/server/refreshSession.js +1 -1
- package/dist/api/com/atproto/server/refreshSession.js.map +1 -1
- package/dist/api/com/atproto/server/requestAccountDelete.d.ts.map +1 -1
- package/dist/api/com/atproto/server/requestAccountDelete.js +8 -1
- package/dist/api/com/atproto/server/requestAccountDelete.js.map +1 -1
- package/dist/api/com/atproto/server/requestEmailConfirmation.d.ts.map +1 -1
- package/dist/api/com/atproto/server/requestEmailConfirmation.js +6 -1
- package/dist/api/com/atproto/server/requestEmailConfirmation.js.map +1 -1
- package/dist/api/com/atproto/server/requestEmailUpdate.d.ts.map +1 -1
- package/dist/api/com/atproto/server/requestEmailUpdate.js +6 -1
- package/dist/api/com/atproto/server/requestEmailUpdate.js.map +1 -1
- package/dist/api/com/atproto/server/revokeAppPassword.d.ts.map +1 -1
- package/dist/api/com/atproto/server/revokeAppPassword.js +6 -1
- package/dist/api/com/atproto/server/revokeAppPassword.js.map +1 -1
- package/dist/api/com/atproto/server/updateEmail.d.ts.map +1 -1
- package/dist/api/com/atproto/server/updateEmail.js +8 -1
- package/dist/api/com/atproto/server/updateEmail.js.map +1 -1
- package/dist/api/com/atproto/sync/deprecated/getCheckout.d.ts.map +1 -1
- package/dist/api/com/atproto/sync/deprecated/getCheckout.js +7 -2
- package/dist/api/com/atproto/sync/deprecated/getCheckout.js.map +1 -1
- package/dist/api/com/atproto/sync/deprecated/getHead.d.ts.map +1 -1
- package/dist/api/com/atproto/sync/deprecated/getHead.js +7 -2
- package/dist/api/com/atproto/sync/deprecated/getHead.js.map +1 -1
- package/dist/api/com/atproto/sync/getBlob.d.ts.map +1 -1
- package/dist/api/com/atproto/sync/getBlob.js +7 -3
- package/dist/api/com/atproto/sync/getBlob.js.map +1 -1
- package/dist/api/com/atproto/sync/getBlocks.d.ts.map +1 -1
- package/dist/api/com/atproto/sync/getBlocks.js +7 -2
- package/dist/api/com/atproto/sync/getBlocks.js.map +1 -1
- package/dist/api/com/atproto/sync/getLatestCommit.d.ts.map +1 -1
- package/dist/api/com/atproto/sync/getLatestCommit.js +7 -2
- package/dist/api/com/atproto/sync/getLatestCommit.js.map +1 -1
- package/dist/api/com/atproto/sync/getRecord.d.ts.map +1 -1
- package/dist/api/com/atproto/sync/getRecord.js +7 -2
- package/dist/api/com/atproto/sync/getRecord.js.map +1 -1
- package/dist/api/com/atproto/sync/getRepo.d.ts.map +1 -1
- package/dist/api/com/atproto/sync/getRepo.js +7 -3
- package/dist/api/com/atproto/sync/getRepo.js.map +1 -1
- package/dist/api/com/atproto/sync/listBlobs.d.ts.map +1 -1
- package/dist/api/com/atproto/sync/listBlobs.js +7 -3
- package/dist/api/com/atproto/sync/listBlobs.js.map +1 -1
- package/dist/api/com/atproto/temp/checkSignupQueue.d.ts.map +1 -1
- package/dist/api/com/atproto/temp/checkSignupQueue.js +7 -3
- package/dist/api/com/atproto/temp/checkSignupQueue.js.map +1 -1
- package/dist/auth-output.d.ts +45 -0
- package/dist/auth-output.d.ts.map +1 -0
- package/dist/auth-output.js +3 -0
- package/dist/auth-output.js.map +1 -0
- package/dist/auth-scope.d.ts +16 -0
- package/dist/auth-scope.d.ts.map +1 -0
- package/dist/auth-scope.js +40 -0
- package/dist/auth-scope.js.map +1 -0
- package/dist/auth-verifier.d.ts +50 -115
- package/dist/auth-verifier.d.ts.map +1 -1
- package/dist/auth-verifier.js +275 -366
- package/dist/auth-verifier.js.map +1 -1
- package/dist/config/config.d.ts +2 -1
- package/dist/config/config.d.ts.map +1 -1
- package/dist/config/config.js +2 -1
- package/dist/config/config.js.map +1 -1
- package/dist/config/env.d.ts +1 -0
- package/dist/config/env.d.ts.map +1 -1
- package/dist/config/env.js +3 -1
- package/dist/config/env.js.map +1 -1
- package/dist/context.d.ts.map +1 -1
- package/dist/context.js +5 -5
- package/dist/context.js.map +1 -1
- package/dist/lexicon/index.d.ts +234 -230
- package/dist/lexicon/index.d.ts.map +1 -1
- package/dist/lexicon/index.js +682 -674
- package/dist/lexicon/index.js.map +1 -1
- package/dist/lexicon/lexicons.d.ts +17994 -17706
- package/dist/lexicon/lexicons.d.ts.map +1 -1
- package/dist/lexicon/lexicons.js +9126 -8980
- package/dist/lexicon/lexicons.js.map +1 -1
- package/dist/lexicon/types/app/bsky/graph/getLists.d.ts +2 -0
- package/dist/lexicon/types/app/bsky/graph/getLists.d.ts.map +1 -1
- package/dist/lexicon/types/app/bsky/graph/getListsWithMembership.d.ts +40 -0
- package/dist/lexicon/types/app/bsky/graph/getListsWithMembership.d.ts.map +1 -0
- package/dist/lexicon/types/app/bsky/graph/getListsWithMembership.js +16 -0
- package/dist/lexicon/types/app/bsky/graph/getListsWithMembership.js.map +1 -0
- package/dist/lexicon/types/app/bsky/graph/getStarterPacksWithMembership.d.ts +38 -0
- package/dist/lexicon/types/app/bsky/graph/getStarterPacksWithMembership.d.ts.map +1 -0
- package/dist/lexicon/types/app/bsky/graph/getStarterPacksWithMembership.js +16 -0
- package/dist/lexicon/types/app/bsky/graph/getStarterPacksWithMembership.js.map +1 -0
- package/dist/pipethrough.d.ts +5 -3
- package/dist/pipethrough.d.ts.map +1 -1
- package/dist/pipethrough.js +42 -15
- package/dist/pipethrough.js.map +1 -1
- package/dist/sequencer/events.d.ts +13 -13
- package/dist/util/http.d.ts +7 -0
- package/dist/util/http.d.ts.map +1 -0
- package/dist/util/http.js +31 -0
- package/dist/util/http.js.map +1 -0
- package/dist/util/types.d.ts +5 -0
- package/dist/util/types.d.ts.map +1 -0
- package/dist/util/types.js +3 -0
- package/dist/util/types.js.map +1 -0
- package/package.json +7 -6
- package/src/account-manager/account-manager.ts +1 -1
- package/src/account-manager/helpers/auth.ts +1 -1
- package/src/account-manager/helpers/authorization-request.ts +8 -4
- package/src/actor-store/preference/reader.ts +3 -4
- package/src/actor-store/preference/transactor.ts +6 -7
- package/src/actor-store/preference/util.ts +15 -5
- package/src/api/app/bsky/actor/getPreferences.ts +33 -8
- package/src/api/app/bsky/actor/getProfile.ts +9 -1
- package/src/api/app/bsky/actor/getProfiles.ts +9 -1
- package/src/api/app/bsky/actor/putPreferences.ts +35 -12
- package/src/api/app/bsky/feed/getActorLikes.ts +9 -1
- package/src/api/app/bsky/feed/getAuthorFeed.ts +9 -1
- package/src/api/app/bsky/feed/getFeed.ts +9 -2
- package/src/api/app/bsky/feed/getPostThread.ts +8 -1
- package/src/api/app/bsky/feed/getTimeline.ts +9 -1
- package/src/api/app/bsky/notification/registerPush.ts +16 -5
- package/src/api/com/atproto/identity/getRecommendedDidCredentials.ts +5 -1
- package/src/api/com/atproto/identity/requestPlcOperationSignature.ts +9 -2
- package/src/api/com/atproto/identity/signPlcOperation.ts +9 -1
- package/src/api/com/atproto/identity/submitPlcOperation.ts +5 -1
- package/src/api/com/atproto/identity/updateHandle.ts +6 -1
- package/src/api/com/atproto/moderation/createReport.ts +8 -3
- package/src/api/com/atproto/repo/applyWrites.ts +28 -20
- package/src/api/com/atproto/repo/createRecord.ts +12 -1
- package/src/api/com/atproto/repo/deleteRecord.ts +14 -1
- package/src/api/com/atproto/repo/importRepo.ts +9 -2
- package/src/api/com/atproto/repo/listMissingBlobs.ts +7 -2
- package/src/api/com/atproto/repo/putRecord.ts +18 -10
- package/src/api/com/atproto/repo/uploadBlob.ts +6 -2
- package/src/api/com/atproto/server/activateAccount.ts +10 -2
- package/src/api/com/atproto/server/checkAccountStatus.ts +5 -1
- package/src/api/com/atproto/server/confirmEmail.ts +6 -1
- package/src/api/com/atproto/server/createAppPassword.ts +9 -1
- package/src/api/com/atproto/server/deactivateAccount.ts +11 -2
- package/src/api/com/atproto/server/deleteSession.ts +3 -1
- package/src/api/com/atproto/server/getAccountInviteCodes.ts +11 -2
- package/src/api/com/atproto/server/getServiceAuth.ts +37 -18
- package/src/api/com/atproto/server/getSession.ts +20 -27
- package/src/api/com/atproto/server/listAppPasswords.ts +8 -1
- package/src/api/com/atproto/server/refreshSession.ts +1 -1
- package/src/api/com/atproto/server/requestAccountDelete.ts +11 -2
- package/src/api/com/atproto/server/requestEmailConfirmation.ts +6 -1
- package/src/api/com/atproto/server/requestEmailUpdate.ts +6 -1
- package/src/api/com/atproto/server/revokeAppPassword.ts +8 -1
- package/src/api/com/atproto/server/updateEmail.ts +11 -2
- package/src/api/com/atproto/sync/deprecated/getCheckout.ts +7 -6
- package/src/api/com/atproto/sync/deprecated/getHead.ts +7 -6
- package/src/api/com/atproto/sync/getBlob.ts +7 -7
- package/src/api/com/atproto/sync/getBlocks.ts +7 -6
- package/src/api/com/atproto/sync/getLatestCommit.ts +7 -6
- package/src/api/com/atproto/sync/getRecord.ts +7 -6
- package/src/api/com/atproto/sync/getRepo.ts +7 -7
- package/src/api/com/atproto/sync/listBlobs.ts +7 -7
- package/src/api/com/atproto/temp/checkSignupQueue.ts +8 -2
- package/src/auth-output.ts +51 -0
- package/src/auth-scope.ts +40 -0
- package/src/auth-verifier.ts +404 -520
- package/src/config/config.ts +7 -7
- package/src/config/env.ts +5 -1
- package/src/context.ts +6 -5
- package/src/lexicon/index.ts +1247 -1221
- package/src/lexicon/lexicons.ts +9494 -9341
- package/src/lexicon/types/app/bsky/graph/getLists.ts +2 -0
- package/src/lexicon/types/app/bsky/graph/getListsWithMembership.ts +63 -0
- package/src/lexicon/types/app/bsky/graph/getStarterPacksWithMembership.ts +65 -0
- package/src/pipethrough.ts +61 -18
- package/src/util/http.ts +31 -0
- package/src/util/types.ts +7 -0
- package/tests/oauth.test.ts +11 -37
- package/tests/preferences.test.ts +7 -3
- package/tsconfig.build.tsbuildinfo +1 -1
|
@@ -10,9 +10,12 @@ const logger_1 = require("../../../../logger");
|
|
|
10
10
|
const repo_1 = require("../../../../repo");
|
|
11
11
|
function default_1(server, ctx) {
|
|
12
12
|
server.com.atproto.repo.putRecord({
|
|
13
|
-
auth: ctx.authVerifier.
|
|
13
|
+
auth: ctx.authVerifier.authorization({
|
|
14
14
|
checkTakedown: true,
|
|
15
15
|
checkDeactivated: true,
|
|
16
|
+
authorize: () => {
|
|
17
|
+
// Performed in the handler as it requires the request body
|
|
18
|
+
},
|
|
16
19
|
}),
|
|
17
20
|
rateLimit: [
|
|
18
21
|
{
|
|
@@ -28,17 +31,20 @@ function default_1(server, ctx) {
|
|
|
28
31
|
],
|
|
29
32
|
handler: async ({ auth, input }) => {
|
|
30
33
|
const { repo, collection, rkey, record, validate, swapCommit, swapRecord, } = input.body;
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
34
|
+
// We can't compute permissions based on the request payload ("input") in
|
|
35
|
+
// the 'auth' phase, so we do it here.
|
|
36
|
+
if (auth.credentials.type === 'oauth') {
|
|
37
|
+
auth.credentials.permissions.assertRepo({
|
|
38
|
+
action: 'create',
|
|
39
|
+
collection,
|
|
40
|
+
});
|
|
41
|
+
auth.credentials.permissions.assertRepo({
|
|
42
|
+
action: 'update',
|
|
43
|
+
collection,
|
|
44
|
+
});
|
|
39
45
|
}
|
|
40
|
-
const did =
|
|
41
|
-
if (did !==
|
|
46
|
+
const { did } = auth.credentials;
|
|
47
|
+
if (did !== repo) {
|
|
42
48
|
throw new xrpc_server_1.AuthRequiredError();
|
|
43
49
|
}
|
|
44
50
|
const uri = syntax_1.AtUri.make(did, collection, rkey);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"putRecord.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/repo/putRecord.ts"],"names":[],"mappings":";;AAoBA,
|
|
1
|
+
{"version":3,"file":"putRecord.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/repo/putRecord.ts"],"names":[],"mappings":";;AAoBA,4BA4IC;AAhKD,0CAAsC;AACtC,8CAA0C;AAC1C,4CAAuC;AACvC,sDAA6E;AAI7E,2DAAkD;AAElD,+CAA6C;AAC7C,2CAQyB;AAEzB,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;QAChC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,aAAa,EAAE,IAAI;YACnB,gBAAgB,EAAE,IAAI;YACtB,SAAS,EAAE,GAAG,EAAE;gBACd,2DAA2D;YAC7D,CAAC;SACF,CAAC;QACF,SAAS,EAAE;YACT;gBACE,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG;gBAC3C,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;aACpB;YACD;gBACE,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG;gBAC3C,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;aACpB;SACF;QACD,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE;YACjC,MAAM,EACJ,IAAI,EACJ,UAAU,EACV,IAAI,EACJ,MAAM,EACN,QAAQ,EACR,UAAU,EACV,UAAU,GACX,GAAG,KAAK,CAAC,IAAI,CAAA;YAEd,yEAAyE;YACzE,sCAAsC;YACtC,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;gBACtC,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,UAAU,CAAC;oBACtC,MAAM,EAAE,QAAQ;oBAChB,UAAU;iBACX,CAAC,CAAA;gBACF,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,UAAU,CAAC;oBACtC,MAAM,EAAE,QAAQ;oBAChB,UAAU;iBACX,CAAC,CAAA;YACJ,CAAC;YAED,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,WAAW,CAAA;YAChC,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;gBACjB,MAAM,IAAI,+BAAiB,EAAE,CAAA;YAC/B,CAAC;YAED,MAAM,GAAG,GAAG,cAAK,CAAC,IAAI,CAAC,GAAG,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;YAC7C,MAAM,aAAa,GAAG,UAAU,CAAC,CAAC,CAAC,SAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACpE,MAAM,aAAa,GACjB,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAA;YAErE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,QAAQ,CACrD,GAAG,EACH,KAAK,EAAE,QAAQ,EAAE,EAAE;gBACjB,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC,CAAA;gBAChE,MAAM,QAAQ,GAAG,OAAO,KAAK,IAAI,CAAA;gBAEjC,+FAA+F;gBAC/F,IAAI,QAAQ,IAAI,UAAU,KAAK,cAAG,CAAC,mBAAmB,EAAE,CAAC;oBACvD,MAAM,0BAA0B,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;gBACpD,CAAC;gBACD,MAAM,SAAS,GAAG;oBAChB,GAAG;oBACH,UAAU;oBACV,IAAI;oBACJ,MAAM;oBACN,OAAO,EAAE,aAAa;oBACtB,QAAQ;iBACT,CAAA;gBAED,IAAI,KAAsC,CAAA;gBAC1C,IAAI,CAAC;oBACH,KAAK,GAAG,QAAQ;wBACd,CAAC,CAAC,MAAM,IAAA,oBAAa,EAAC,SAAS,CAAC;wBAChC,CAAC,CAAC,MAAM,IAAA,oBAAa,EAAC,SAAS,CAAC,CAAA;gBACpC,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,IAAI,GAAG,YAAY,yBAAkB,EAAE,CAAC;wBACtC,MAAM,IAAI,iCAAmB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;oBAC5C,CAAC;oBACD,MAAM,GAAG,CAAA;gBACX,CAAC;gBAED,QAAQ;gBACR,IAAI,OAAO,IAAI,OAAO,CAAC,GAAG,KAAK,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,CAAC;oBACpD,OAAO;wBACL,MAAM,EAAE,IAAI;wBACZ,KAAK;qBACN,CAAA;gBACH,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI;qBAC/B,aAAa,CAAC,CAAC,KAAK,CAAC,EAAE,aAAa,CAAC;qBACrC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;oBACb,IACE,GAAG,YAAY,yBAAkB;wBACjC,GAAG,YAAY,yBAAkB,EACjC,CAAC;wBACD,MAAM,IAAI,iCAAmB,CAAC,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;oBAC3D,CAAC;yBAAM,CAAC;wBACN,MAAM,GAAG,CAAA;oBACX,CAAC;gBACH,CAAC,CAAC,CAAA;gBAEJ,MAAM,GAAG,CAAC,SAAS,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;gBAE/C,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAA;YAC1B,CAAC,CACF,CAAA;YAED,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;gBACpB,MAAM,GAAG,CAAC,cAAc;qBACrB,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC;qBAC3C,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;oBACb,iBAAQ,CAAC,KAAK,CACZ,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,EAC9C,+BAA+B,CAChC,CAAA;gBACH,CAAC,CAAC,CAAA;YACN,CAAC;YAED,OAAO;gBACL,QAAQ,EAAE,kBAAkB;gBAC5B,IAAI,EAAE;oBACJ,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE;oBACzB,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE;oBACzB,MAAM,EAAE,MAAM;wBACZ,CAAC,CAAC;4BACE,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE;4BAC1B,GAAG,EAAE,MAAM,CAAC,GAAG;yBAChB;wBACH,CAAC,CAAC,SAAS;oBACb,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;iBACzC;aACF,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC;AAED,0BAA0B;AAC1B,MAAM,0BAA0B,GAAG,KAAK,EACtC,UAAgC,EAChC,MAA8B,EAC9B,EAAE;IACF,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QACtD,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;QAC1E,MAAM,CAAC,MAAM,GAAG,IAAI,iBAAO,CACzB,MAAM,CAAC,MAAM,CAAC,GAAG,EACjB,MAAM,CAAC,MAAM,CAAC,QAAQ,EACtB,IAAI,CAAC,IAAI,CACV,CAAA;IACH,CAAC;IACD,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QACtD,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;QAC1E,MAAM,CAAC,MAAM,GAAG,IAAI,iBAAO,CACzB,MAAM,CAAC,MAAM,CAAC,GAAG,EACjB,MAAM,CAAC,MAAM,CAAC,QAAQ,EACtB,IAAI,CAAC,IAAI,CACV,CAAA;IACH,CAAC;AACH,CAAC,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"uploadBlob.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/repo/uploadBlob.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAE5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,
|
|
1
|
+
{"version":3,"file":"uploadBlob.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/repo/uploadBlob.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAE5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QAgEvD"}
|
|
@@ -5,8 +5,12 @@ const common_1 = require("@atproto/common");
|
|
|
5
5
|
const xrpc_server_1 = require("@atproto/xrpc-server");
|
|
6
6
|
function default_1(server, ctx) {
|
|
7
7
|
server.com.atproto.repo.uploadBlob({
|
|
8
|
-
auth: ctx.authVerifier.
|
|
8
|
+
auth: ctx.authVerifier.authorizationOrUserServiceAuth({
|
|
9
9
|
checkTakedown: true,
|
|
10
|
+
authorize: (permissions, { req }) => {
|
|
11
|
+
const encoding = (0, xrpc_server_1.parseReqEncoding)(req);
|
|
12
|
+
permissions.assertBlob({ mime: encoding });
|
|
13
|
+
},
|
|
10
14
|
}),
|
|
11
15
|
rateLimit: {
|
|
12
16
|
durationMs: common_1.DAY,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"uploadBlob.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/repo/uploadBlob.ts"],"names":[],"mappings":";;AAMA,
|
|
1
|
+
{"version":3,"file":"uploadBlob.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/repo/uploadBlob.ts"],"names":[],"mappings":";;AAMA,4BAgEC;AAtED,4CAAqC;AACrC,sDAA6E;AAK7E,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC;QACjC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,8BAA8B,CAAC;YACpD,aAAa,EAAE,IAAI;YACnB,SAAS,EAAE,CAAC,WAAW,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE;gBAClC,MAAM,QAAQ,GAAG,IAAA,8BAAgB,EAAC,GAAG,CAAC,CAAA;gBACtC,WAAW,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAA;YAC5C,CAAC;SACF,CAAC;QACF,SAAS,EAAE;YACT,UAAU,EAAE,YAAG;YACf,MAAM,EAAE,IAAI;SACb;QACD,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE;YACjC,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAA;YAEtC,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,kBAAkB,CAClD,SAAS,EACT,KAAK,EAAE,KAAK,EAAE,EAAE;gBACd,IAAI,QAAsB,CAAA;gBAC1B,IAAI,CAAC;oBACH,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,wBAAwB,CACvD,KAAK,CAAC,QAAQ,EACd,KAAK,CAAC,IAAI,CACX,CAAA;gBACH,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,IAAI,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,YAAY,EAAE,CAAC;wBACnC,MAAM,IAAI,kCAAoB,CAC5B,qCAAqC,CACtC,CAAA;oBACH,CAAC;oBACD,MAAM,GAAG,CAAA;gBACX,CAAC;gBAED,OAAO,KAAK,CAAC,QAAQ,CAAC,KAAK,EAAE,QAAQ,EAAE,EAAE;oBACvC,MAAM,OAAO,GACX,MAAM,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAA;oBAExD,qEAAqE;oBACrE,MAAM,cAAc,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAC/D,OAAO,CAAC,GAAG,CACZ,CAAA;oBACD,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;wBAC9B,MAAM,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,0BAA0B,CAAC;4BAClD,GAAG,EAAE,OAAO,CAAC,GAAG;4BAChB,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,IAAI,EAAE,OAAO,CAAC,IAAI;4BAClB,WAAW,EAAE,EAAE;yBAChB,CAAC,CAAA;oBACJ,CAAC;oBAED,OAAO,OAAO,CAAA;gBAChB,CAAC,CAAC,CAAA;YACJ,CAAC,CACF,CAAA;YAED,OAAO;gBACL,QAAQ,EAAE,kBAAkB;gBAC5B,IAAI,EAAE;oBACJ,IAAI;iBACL;aACF,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"activateAccount.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/activateAccount.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"activateAccount.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/activateAccount.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAG5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QA+CvD"}
|
|
@@ -3,10 +3,16 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.default = default_1;
|
|
4
4
|
const syntax_1 = require("@atproto/syntax");
|
|
5
5
|
const xrpc_server_1 = require("@atproto/xrpc-server");
|
|
6
|
+
const auth_scope_1 = require("../../../../auth-scope");
|
|
6
7
|
const util_1 = require("./util");
|
|
7
8
|
function default_1(server, ctx) {
|
|
8
9
|
server.com.atproto.server.activateAccount({
|
|
9
|
-
auth: ctx.authVerifier.
|
|
10
|
+
auth: ctx.authVerifier.authorization({
|
|
11
|
+
scopes: auth_scope_1.ACCESS_FULL,
|
|
12
|
+
authorize: () => {
|
|
13
|
+
throw new xrpc_server_1.ForbiddenError('OAuth credentials are not supported for this endpoint');
|
|
14
|
+
},
|
|
15
|
+
}),
|
|
10
16
|
handler: async ({ req, auth }) => {
|
|
11
17
|
// in the case of entryway, the full flow is activateAccount (PDS) -> activateAccount (Entryway) -> updateSubjectStatus(PDS)
|
|
12
18
|
if (ctx.entrywayAgent) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"activateAccount.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/activateAccount.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"activateAccount.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/activateAccount.ts"],"names":[],"mappings":";;AAOA,4BA+CC;AAtDD,4CAAgD;AAChD,sDAA0E;AAC1E,uDAAoD;AAGpD,iCAAyD;AAEzD,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,CAAC;QACxC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,MAAM,EAAE,wBAAW;YACnB,SAAS,EAAE,GAAG,EAAE;gBACd,MAAM,IAAI,4BAAc,CACtB,uDAAuD,CACxD,CAAA;YACH,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE;YAC/B,4HAA4H;YAC5H,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;gBACtB,MAAM,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,CACxD,SAAS,EACT,GAAG,CAAC,uBAAuB,CAAC,GAAG,CAAC,CACjC,CAAA;gBACD,OAAM;YACR,CAAC;YAED,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAA;YAEtC,MAAM,IAAA,uCAAgC,EAAC,GAAG,EAAE,SAAS,CAAC,CAAA;YAEtD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,UAAU,CAAC,SAAS,EAAE;gBAC7D,kBAAkB,EAAE,IAAI;aACzB,CAAC,CAAA;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,iCAAmB,CAAC,gBAAgB,EAAE,iBAAiB,CAAC,CAAA;YACpE,CAAC;YAED,MAAM,GAAG,CAAC,cAAc,CAAC,eAAe,CAAC,SAAS,CAAC,CAAA;YAEnD,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE,CAC9D,KAAK,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAC9B,CAAA;YAED,gGAAgG;YAChG,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAA;YACnE,MAAM,GAAG,CAAC,SAAS,CAAC,kBAAkB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;YACzD,MAAM,GAAG,CAAC,SAAS,CAAC,mBAAmB,CACrC,SAAS,EACT,OAAO,CAAC,MAAM,IAAI,uBAAc,CACjC,CAAA;YACD,MAAM,GAAG,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAA;QAC1D,CAAC;KACF,CAAC,CAAA;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"checkAccountStatus.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/checkAccountStatus.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAG5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,
|
|
1
|
+
{"version":3,"file":"checkAccountStatus.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/checkAccountStatus.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAG5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QA6CvD"}
|
|
@@ -4,7 +4,11 @@ exports.default = default_1;
|
|
|
4
4
|
const util_1 = require("./util");
|
|
5
5
|
function default_1(server, ctx) {
|
|
6
6
|
server.com.atproto.server.checkAccountStatus({
|
|
7
|
-
auth: ctx.authVerifier.
|
|
7
|
+
auth: ctx.authVerifier.authorization({
|
|
8
|
+
authorize: () => {
|
|
9
|
+
// always allow
|
|
10
|
+
},
|
|
11
|
+
}),
|
|
8
12
|
handler: async ({ auth }) => {
|
|
9
13
|
const requester = auth.credentials.did;
|
|
10
14
|
const [repoRoot, repoBlocks, indexedRecords, importedBlobs, expectedBlobs,] = await ctx.actorStore.read(requester, async (store) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"checkAccountStatus.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/checkAccountStatus.ts"],"names":[],"mappings":";;AAIA,
|
|
1
|
+
{"version":3,"file":"checkAccountStatus.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/checkAccountStatus.ts"],"names":[],"mappings":";;AAIA,4BA6CC;AA/CD,iCAAgD;AAEhD,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,kBAAkB,CAAC;QAC3C,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,SAAS,EAAE,GAAG,EAAE;gBACd,eAAe;YACjB,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;YAC1B,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAA;YACtC,MAAM,CACJ,QAAQ,EACR,UAAU,EACV,cAAc,EACd,aAAa,EACb,aAAa,EACd,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;gBACvD,OAAO,MAAM,OAAO,CAAC,GAAG,CAAC;oBACvB,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE;oBACpC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE;oBAChC,KAAK,CAAC,MAAM,CAAC,WAAW,EAAE;oBAC1B,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;oBAC3B,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;iBAClC,CAAC,CAAA;YACJ,CAAC,CAAC,CAAA;YACF,MAAM,CAAC,SAAS,EAAE,QAAQ,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;gBAC9C,GAAG,CAAC,cAAc,CAAC,kBAAkB,CAAC,SAAS,CAAC;gBAChD,IAAA,8BAAuB,EAAC,GAAG,EAAE,SAAS,CAAC;aACxC,CAAC,CAAA;YAEF,OAAO;gBACL,QAAQ,EAAE,kBAAkB;gBAC5B,IAAI,EAAE;oBACJ,SAAS;oBACT,QAAQ;oBACR,UAAU,EAAE,QAAQ,CAAC,GAAG,CAAC,QAAQ,EAAE;oBACnC,OAAO,EAAE,QAAQ,CAAC,GAAG;oBACrB,UAAU;oBACV,cAAc;oBACd,kBAAkB,EAAE,CAAC;oBACrB,aAAa;oBACb,aAAa;iBACd;aACF,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"confirmEmail.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/confirmEmail.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAG5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,
|
|
1
|
+
{"version":3,"file":"confirmEmail.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/confirmEmail.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAG5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QAsCvD"}
|
|
@@ -5,7 +5,12 @@ const xrpc_server_1 = require("@atproto/xrpc-server");
|
|
|
5
5
|
const lexicons_1 = require("../../../../lexicon/lexicons");
|
|
6
6
|
function default_1(server, ctx) {
|
|
7
7
|
server.com.atproto.server.confirmEmail({
|
|
8
|
-
auth: ctx.authVerifier.
|
|
8
|
+
auth: ctx.authVerifier.authorization({
|
|
9
|
+
checkTakedown: true,
|
|
10
|
+
authorize: (permissions) => {
|
|
11
|
+
permissions.assertAccount({ attr: 'email', action: 'manage' });
|
|
12
|
+
},
|
|
13
|
+
}),
|
|
9
14
|
handler: async ({ auth, input, req }) => {
|
|
10
15
|
const did = auth.credentials.did;
|
|
11
16
|
const user = await ctx.accountManager.getAccount(did, {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"confirmEmail.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/confirmEmail.ts"],"names":[],"mappings":";;AAKA,
|
|
1
|
+
{"version":3,"file":"confirmEmail.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/confirmEmail.ts"],"names":[],"mappings":";;AAKA,4BAsCC;AA3CD,sDAA0D;AAG1D,2DAAkD;AAElD,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC;QACrC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,aAAa,EAAE,IAAI;YACnB,SAAS,EAAE,CAAC,WAAW,EAAE,EAAE;gBACzB,WAAW,CAAC,aAAa,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAA;YAChE,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,EAAE;YACtC,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAA;YAEhC,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,UAAU,CAAC,GAAG,EAAE;gBACpD,kBAAkB,EAAE,IAAI;aACzB,CAAC,CAAA;YACF,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,iCAAmB,CAAC,gBAAgB,EAAE,iBAAiB,CAAC,CAAA;YACpE,CAAC;YAED,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;gBACtB,MAAM,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CACrD,KAAK,CAAC,IAAI,EACV,MAAM,GAAG,CAAC,mBAAmB,CAC3B,GAAG,EACH,IAAI,CAAC,WAAW,CAAC,GAAG,EACpB,cAAG,CAAC,4BAA4B,CACjC,CACF,CAAA;gBACD,OAAM;YACR,CAAC;YAED,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC,IAAI,CAAA;YAEnC,IAAI,IAAI,CAAC,KAAK,KAAK,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;gBACvC,MAAM,IAAI,iCAAmB,CAAC,eAAe,EAAE,cAAc,CAAC,CAAA;YAChE,CAAC;YACD,MAAM,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAA;QACvD,CAAC;KACF,CAAC,CAAA;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"createAppPassword.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/createAppPassword.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"createAppPassword.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/createAppPassword.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAI5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QAsCvD"}
|
|
@@ -1,12 +1,18 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.default = default_1;
|
|
4
|
+
const xrpc_server_1 = require("@atproto/xrpc-server");
|
|
5
|
+
const auth_scope_1 = require("../../../../auth-scope");
|
|
4
6
|
const lexicons_1 = require("../../../../lexicon/lexicons");
|
|
5
7
|
const proxy_1 = require("../../../proxy");
|
|
6
8
|
function default_1(server, ctx) {
|
|
7
9
|
server.com.atproto.server.createAppPassword({
|
|
8
|
-
auth: ctx.authVerifier.
|
|
10
|
+
auth: ctx.authVerifier.authorization({
|
|
9
11
|
checkTakedown: true,
|
|
12
|
+
scopes: auth_scope_1.ACCESS_FULL,
|
|
13
|
+
authorize: () => {
|
|
14
|
+
throw new xrpc_server_1.ForbiddenError('OAuth credentials are not supported for this endpoint');
|
|
15
|
+
},
|
|
10
16
|
}),
|
|
11
17
|
handler: async ({ auth, input, req }) => {
|
|
12
18
|
if (ctx.entrywayAgent) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"createAppPassword.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/createAppPassword.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"createAppPassword.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/createAppPassword.ts"],"names":[],"mappings":";;AAOA,4BAsCC;AA7CD,sDAAqD;AACrD,uDAAoD;AAGpD,2DAAkD;AAClD,0CAA+C;AAE/C,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC;QAC1C,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,aAAa,EAAE,IAAI;YACnB,MAAM,EAAE,wBAAW;YACnB,SAAS,EAAE,GAAG,EAAE;gBACd,MAAM,IAAI,4BAAc,CACtB,uDAAuD,CACxD,CAAA;YACH,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,EAAE;YACtC,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;gBACtB,OAAO,IAAA,sBAAc,EACnB,MAAM,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAC1D,KAAK,CAAC,IAAI,EACV,MAAM,GAAG,CAAC,mBAAmB,CAC3B,GAAG,EACH,IAAI,CAAC,WAAW,CAAC,GAAG,EACpB,cAAG,CAAC,iCAAiC,CACtC,CACF,CACF,CAAA;YACH,CAAC;YAED,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC,IAAI,CAAA;YAC3B,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,iBAAiB,CAC5D,IAAI,CAAC,WAAW,CAAC,GAAG,EACpB,IAAI,EACJ,KAAK,CAAC,IAAI,CAAC,UAAU,IAAI,KAAK,CAC/B,CAAA;YAED,OAAO;gBACL,QAAQ,EAAE,kBAAkB;gBAC5B,IAAI,EAAE,WAAW;aAClB,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"deactivateAccount.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deactivateAccount.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"deactivateAccount.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deactivateAccount.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAE5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QA8BvD"}
|
|
@@ -1,10 +1,17 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.default = default_1;
|
|
4
|
-
const
|
|
4
|
+
const xrpc_server_1 = require("@atproto/xrpc-server");
|
|
5
|
+
const auth_scope_1 = require("../../../../auth-scope");
|
|
5
6
|
function default_1(server, ctx) {
|
|
6
7
|
server.com.atproto.server.deactivateAccount({
|
|
7
|
-
auth: ctx.authVerifier.
|
|
8
|
+
auth: ctx.authVerifier.authorization({
|
|
9
|
+
additional: [auth_scope_1.AuthScope.Takendown],
|
|
10
|
+
scopes: auth_scope_1.ACCESS_FULL,
|
|
11
|
+
authorize: () => {
|
|
12
|
+
throw new xrpc_server_1.ForbiddenError('OAuth credentials are not supported for this endpoint');
|
|
13
|
+
},
|
|
14
|
+
}),
|
|
8
15
|
handler: async ({ req, auth, input }) => {
|
|
9
16
|
// in the case of entryway, the full flow is deactivateAccount (PDS) -> deactivateAccount (Entryway) -> updateSubjectStatus(PDS)
|
|
10
17
|
if (ctx.entrywayAgent) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"deactivateAccount.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deactivateAccount.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"deactivateAccount.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deactivateAccount.ts"],"names":[],"mappings":";;AAKA,4BA8BC;AAnCD,sDAAqD;AACrD,uDAA+D;AAI/D,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC;QAC1C,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,UAAU,EAAE,CAAC,sBAAS,CAAC,SAAS,CAAC;YACjC,MAAM,EAAE,wBAAW;YACnB,SAAS,EAAE,GAAG,EAAE;gBACd,MAAM,IAAI,4BAAc,CACtB,uDAAuD,CACxD,CAAA;YACH,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE;YACtC,gIAAgI;YAChI,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;gBACtB,MAAM,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAC1D,KAAK,CAAC,IAAI,EACV,GAAG,CAAC,uBAAuB,CAAC,GAAG,CAAC,CACjC,CAAA;gBACD,OAAM;YACR,CAAC;YAED,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAA;YACtC,MAAM,GAAG,CAAC,cAAc,CAAC,iBAAiB,CACxC,SAAS,EACT,KAAK,CAAC,IAAI,CAAC,WAAW,IAAI,IAAI,CAC/B,CAAA;YACD,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAA;YACnE,MAAM,GAAG,CAAC,SAAS,CAAC,kBAAkB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;QAC3D,CAAC;KACF,CAAC,CAAA;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"deleteSession.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deleteSession.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAE5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,
|
|
1
|
+
{"version":3,"file":"deleteSession.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deleteSession.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAE5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QAmBvD"}
|
|
@@ -10,7 +10,9 @@ function default_1(server, ctx) {
|
|
|
10
10
|
}
|
|
11
11
|
else {
|
|
12
12
|
server.com.atproto.server.deleteSession({
|
|
13
|
-
auth: ctx.authVerifier.
|
|
13
|
+
auth: ctx.authVerifier.refresh({
|
|
14
|
+
allowExpired: true,
|
|
15
|
+
}),
|
|
14
16
|
handler: async ({ auth }) => {
|
|
15
17
|
await ctx.accountManager.revokeRefreshToken(auth.credentials.tokenId);
|
|
16
18
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"deleteSession.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deleteSession.ts"],"names":[],"mappings":";;AAGA,
|
|
1
|
+
{"version":3,"file":"deleteSession.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deleteSession.ts"],"names":[],"mappings":";;AAGA,4BAmBC;AAnBD,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,EAAE,aAAa,EAAE,GAAG,GAAG,CAAA;IAC7B,IAAI,aAAa,EAAE,CAAC;QAClB,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE;YACxD,MAAM,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAClD,SAAS,EACT,GAAG,CAAC,uBAAuB,CAAC,GAAG,CAAC,CACjC,CAAA;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC;YACtC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,OAAO,CAAC;gBAC7B,YAAY,EAAE,IAAI;aACnB,CAAC;YACF,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;gBAC1B,MAAM,GAAG,CAAC,cAAc,CAAC,kBAAkB,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;YACvE,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getAccountInviteCodes.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getAccountInviteCodes.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"getAccountInviteCodes.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getAccountInviteCodes.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAK5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QA6EvD"}
|
|
@@ -2,12 +2,19 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.default = default_1;
|
|
4
4
|
const xrpc_server_1 = require("@atproto/xrpc-server");
|
|
5
|
+
const auth_scope_1 = require("../../../../auth-scope");
|
|
5
6
|
const lexicons_1 = require("../../../../lexicon/lexicons");
|
|
6
7
|
const proxy_1 = require("../../../proxy");
|
|
7
8
|
const util_1 = require("./util");
|
|
8
9
|
function default_1(server, ctx) {
|
|
9
10
|
server.com.atproto.server.getAccountInviteCodes({
|
|
10
|
-
auth: ctx.authVerifier.
|
|
11
|
+
auth: ctx.authVerifier.authorization({
|
|
12
|
+
checkTakedown: true,
|
|
13
|
+
scopes: auth_scope_1.ACCESS_FULL,
|
|
14
|
+
authorize: () => {
|
|
15
|
+
throw new xrpc_server_1.ForbiddenError('OAuth credentials are not supported for this endpoint');
|
|
16
|
+
},
|
|
17
|
+
}),
|
|
11
18
|
handler: async ({ params, auth, req }) => {
|
|
12
19
|
if (ctx.entrywayAgent) {
|
|
13
20
|
return (0, proxy_1.resultPassthru)(await ctx.entrywayAgent.com.atproto.server.getAccountInviteCodes(params, await ctx.entrywayAuthHeaders(req, auth.credentials.did, lexicons_1.ids.ComAtprotoServerGetAccountInviteCodes)));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getAccountInviteCodes.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getAccountInviteCodes.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"getAccountInviteCodes.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getAccountInviteCodes.ts"],"names":[],"mappings":";;AASA,4BA6EC;AAtFD,sDAA0E;AAE1E,uDAAoD;AAGpD,2DAAkD;AAClD,0CAA+C;AAC/C,iCAAoC;AAEpC,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC;QAC9C,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,aAAa,EAAE,IAAI;YACnB,MAAM,EAAE,wBAAW;YACnB,SAAS,EAAE,GAAG,EAAE;gBACd,MAAM,IAAI,4BAAc,CACtB,uDAAuD,CACxD,CAAA;YACH,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE;YACvC,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;gBACtB,OAAO,IAAA,sBAAc,EACnB,MAAM,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAC9D,MAAM,EACN,MAAM,GAAG,CAAC,mBAAmB,CAC3B,GAAG,EACH,IAAI,CAAC,WAAW,CAAC,GAAG,EACpB,cAAG,CAAC,qCAAqC,CAC1C,CACF,CACF,CAAA;YACH,CAAC;YAED,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAA;YACtC,MAAM,EAAE,WAAW,EAAE,eAAe,EAAE,GAAG,MAAM,CAAA;YAE/C,MAAM,CAAC,OAAO,EAAE,SAAS,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;gBAC7C,GAAG,CAAC,cAAc,CAAC,UAAU,CAAC,SAAS,CAAC;gBACxC,GAAG,CAAC,cAAc,CAAC,sBAAsB,CAAC,SAAS,CAAC;aACrD,CAAC,CAAA;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,iCAAmB,CAAC,mBAAmB,EAAE,UAAU,CAAC,CAAA;YAChE,CAAC;YAED,IAAI,OAAO,GAAiB,EAAE,CAAA;YAE9B,IACE,eAAe;gBACf,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ;gBACxB,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,KAAK,IAAI,EACjC,CAAC;gBACD,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,sBAAsB,CAAC;oBACjD,GAAG,EAAE,SAAS;oBACd,aAAa,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;oBACpD,KAAK,EAAE,SAAS;oBAChB,KAAK,EAAE,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK;oBAC5B,QAAQ,EAAE,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ;iBACnC,CAAC,CAAA;gBACF,IAAI,QAAQ,GAAG,CAAC,EAAE,CAAC;oBACjB,MAAM,KAAK,GAAG,IAAA,kBAAW,EAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;oBAC5C,OAAO,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,wBAAwB,CACzD,SAAS,EACT,KAAK,EACL,KAAK,EACL,OAAO,CAAC,eAAe,IAAI,CAAC,CAC7B,CAAA;gBACH,CAAC;YACH,CAAC;YAED,MAAM,QAAQ,GAAG,CAAC,GAAG,SAAS,EAAE,GAAG,OAAO,CAAC,CAAA;YAE3C,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;gBACxC,IAAI,IAAI,CAAC,QAAQ;oBAAE,OAAO,KAAK,CAAA;gBAC/B,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,SAAS;oBAAE,OAAO,KAAK,CAAA;gBACpE,OAAO,IAAI,CAAA;YACb,CAAC,CAAC,CAAA;YAEF,OAAO;gBACL,QAAQ,EAAE,kBAAkB;gBAC5B,IAAI,EAAE;oBACJ,KAAK,EAAE,QAAQ;iBAChB;aACF,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,sBAAsB,GAAG,CAAC,IAM/B,EAAuC,EAAE;IACxC,mGAAmG;IACnG,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,KAAK,OAAO,CAAC,CAAA;IAC5E,MAAM,kBAAkB,GAAG,YAAY,CAAC,MAAM,CAC5C,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,SAAS,GAAG,GAAG,CAAC,IAAI,CAAC,MAAM,CAC1D,CAAA;IAED,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,aAAa,CAAA;IAEpD,6EAA6E;IAC7E,IAAI,WAAmB,CAAA;IAEvB,IAAI,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACrC,yGAAyG;QACzG,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAA;IACxD,CAAC;SAAM,CAAC;QACN,gDAAgD;QAChD,yDAAyD;QACzD,mDAAmD;QACnD,qBAAqB;QACrB,MAAM,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAA;QACjE,MAAM,oBAAoB,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,aAAa,CAAA;QAC5D,MAAM,sBAAsB,GAAG,IAAI,CAAC,KAAK,CACvC,oBAAoB,GAAG,IAAI,CAAC,QAAQ,CACrC,CAAA;QACD,WAAW,GAAG,gBAAgB,GAAG,sBAAsB,CAAA;IACzD,CAAC;IACD,wEAAwE;IACxE,MAAM,UAAU,GAAG,YAAY,CAAC,MAAM,CACpC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,CAC1D,CAAA;IACD,iHAAiH;IACjH,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CACvB,CAAC,GAAG,kBAAkB,CAAC,MAAM,EAC7B,WAAW,GAAG,UAAU,CAAC,MAAM,CAChC,CAAA;IACD,OAAO;QACL,QAAQ;QACR,KAAK,EAAE,YAAY,CAAC,MAAM,GAAG,QAAQ;KACtC,CAAA;AACH,CAAC,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getServiceAuth.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getServiceAuth.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"getServiceAuth.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getServiceAuth.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAI5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QAkFvD"}
|
|
@@ -3,21 +3,37 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.default = default_1;
|
|
4
4
|
const common_1 = require("@atproto/common");
|
|
5
5
|
const xrpc_server_1 = require("@atproto/xrpc-server");
|
|
6
|
-
const
|
|
6
|
+
const auth_scope_1 = require("../../../../auth-scope");
|
|
7
7
|
const lexicons_1 = require("../../../../lexicon/lexicons");
|
|
8
8
|
const pipethrough_1 = require("../../../../pipethrough");
|
|
9
9
|
function default_1(server, ctx) {
|
|
10
10
|
server.com.atproto.server.getServiceAuth({
|
|
11
|
-
auth: ctx.authVerifier.
|
|
12
|
-
additional: [
|
|
11
|
+
auth: ctx.authVerifier.authorization({
|
|
12
|
+
additional: [auth_scope_1.AuthScope.Takendown],
|
|
13
|
+
authorize: (permissions, ctx) => {
|
|
14
|
+
const { aud, lxm = '*' } = ctx.params;
|
|
15
|
+
permissions.assertRpc({ aud, lxm });
|
|
16
|
+
},
|
|
13
17
|
}),
|
|
14
18
|
handler: async ({ params, auth }) => {
|
|
15
19
|
const did = auth.credentials.did;
|
|
20
|
+
// @NOTE "exp" is expressed in seconds since epoch, not milliseconds
|
|
16
21
|
const { aud, exp, lxm = null } = params;
|
|
17
22
|
// Takendown accounts should not be able to generate service auth tokens except for methods necessary for account migration
|
|
18
|
-
if (auth.credentials.
|
|
19
|
-
|
|
20
|
-
|
|
23
|
+
if (auth.credentials.type === 'access') {
|
|
24
|
+
// @NOTE We should probably use "ForbiddenError" here. Using
|
|
25
|
+
// "InvalidRequestError" for legacy reasons.
|
|
26
|
+
if ((0, auth_scope_1.isTakendown)(auth.credentials.scope) &&
|
|
27
|
+
lxm !== lexicons_1.ids.ComAtprotoServerCreateAccount) {
|
|
28
|
+
throw new xrpc_server_1.InvalidRequestError('Bad token scope', 'InvalidToken');
|
|
29
|
+
}
|
|
30
|
+
// @NOTE "oauth" based credentials already checked through permission
|
|
31
|
+
// set in "authorize" method above.
|
|
32
|
+
if (lxm != null &&
|
|
33
|
+
pipethrough_1.PRIVILEGED_METHODS.has(lxm) &&
|
|
34
|
+
!(0, auth_scope_1.isAccessPrivileged)(auth.credentials.scope)) {
|
|
35
|
+
throw new xrpc_server_1.InvalidRequestError(`insufficient access to request a service auth token for the following method: ${lxm}`);
|
|
36
|
+
}
|
|
21
37
|
}
|
|
22
38
|
if (exp) {
|
|
23
39
|
const diff = exp * 1000 - Date.now();
|
|
@@ -31,13 +47,8 @@ function default_1(server, ctx) {
|
|
|
31
47
|
throw new xrpc_server_1.InvalidRequestError('cannot request a method-less token with an expiration more than a minute in the future', 'BadExpiration');
|
|
32
48
|
}
|
|
33
49
|
}
|
|
34
|
-
if (lxm) {
|
|
35
|
-
|
|
36
|
-
throw new xrpc_server_1.InvalidRequestError(`cannot request a service auth token for the following protected method: ${lxm}`);
|
|
37
|
-
}
|
|
38
|
-
if (!auth.credentials.isPrivileged && pipethrough_1.PRIVILEGED_METHODS.has(lxm)) {
|
|
39
|
-
throw new xrpc_server_1.InvalidRequestError(`insufficient access to request a service auth token for the following method: ${lxm}`);
|
|
40
|
-
}
|
|
50
|
+
if (lxm && pipethrough_1.PROTECTED_METHODS.has(lxm)) {
|
|
51
|
+
throw new xrpc_server_1.InvalidRequestError(`cannot request a service auth token for the following protected method: ${lxm}`);
|
|
41
52
|
}
|
|
42
53
|
const keypair = await ctx.actorStore.keypair(did);
|
|
43
54
|
const token = await (0, xrpc_server_1.createServiceJwt)({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getServiceAuth.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getServiceAuth.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"getServiceAuth.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getServiceAuth.ts"],"names":[],"mappings":";;AAYA,4BAkFC;AA9FD,4CAA8C;AAC9C,sDAA4E;AAC5E,uDAI+B;AAG/B,2DAAkD;AAClD,yDAA+E;AAE/E,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC;QACvC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,UAAU,EAAE,CAAC,sBAAS,CAAC,SAAS,CAAC;YACjC,SAAS,EAAE,CAAC,WAAW,EAAE,GAAG,EAAE,EAAE;gBAC9B,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,GAAG,CAAC,MAAM,CAAA;gBACrC,WAAW,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAA;YACrC,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE;YAClC,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAA;YAEhC,oEAAoE;YACpE,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,GAAG,IAAI,EAAE,GAAG,MAAM,CAAA;YAEvC,2HAA2H;YAC3H,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvC,4DAA4D;gBAC5D,4CAA4C;gBAC5C,IACE,IAAA,wBAAW,EAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC;oBACnC,GAAG,KAAK,cAAG,CAAC,6BAA6B,EACzC,CAAC;oBACD,MAAM,IAAI,iCAAmB,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAA;gBAClE,CAAC;gBAED,qEAAqE;gBACrE,mCAAmC;gBACnC,IACE,GAAG,IAAI,IAAI;oBACX,gCAAkB,CAAC,GAAG,CAAC,GAAG,CAAC;oBAC3B,CAAC,IAAA,+BAAkB,EAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,EAC3C,CAAC;oBACD,MAAM,IAAI,iCAAmB,CAC3B,iFAAiF,GAAG,EAAE,CACvF,CAAA;gBACH,CAAC;YACH,CAAC;YAED,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,IAAI,GAAG,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;gBACpC,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC;oBACb,MAAM,IAAI,iCAAmB,CAC3B,uBAAuB,EACvB,eAAe,CAChB,CAAA;gBACH,CAAC;qBAAM,IAAI,IAAI,GAAG,aAAI,EAAE,CAAC;oBACvB,MAAM,IAAI,iCAAmB,CAC3B,2EAA2E,EAC3E,eAAe,CAChB,CAAA;gBACH,CAAC;qBAAM,IAAI,CAAC,GAAG,IAAI,IAAI,GAAG,eAAM,EAAE,CAAC;oBACjC,MAAM,IAAI,iCAAmB,CAC3B,wFAAwF,EACxF,eAAe,CAChB,CAAA;gBACH,CAAC;YACH,CAAC;YAED,IAAI,GAAG,IAAI,+BAAiB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBACtC,MAAM,IAAI,iCAAmB,CAC3B,2EAA2E,GAAG,EAAE,CACjF,CAAA;YACH,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YAEjD,MAAM,KAAK,GAAG,MAAM,IAAA,8BAAgB,EAAC;gBACnC,GAAG,EAAE,GAAG;gBACR,GAAG;gBACH,GAAG;gBACH,GAAG;gBACH,OAAO;aACR,CAAC,CAAA;YACF,OAAO;gBACL,QAAQ,EAAE,kBAAkB;gBAC5B,IAAI,EAAE;oBACJ,KAAK;iBACN;aACF,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getSession.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getSession.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"getSession.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getSession.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAG5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QAsDvD"}
|
|
@@ -4,19 +4,19 @@ exports.default = default_1;
|
|
|
4
4
|
const syntax_1 = require("@atproto/syntax");
|
|
5
5
|
const xrpc_server_1 = require("@atproto/xrpc-server");
|
|
6
6
|
const account_manager_1 = require("../../../../account-manager/account-manager");
|
|
7
|
-
const
|
|
7
|
+
const auth_scope_1 = require("../../../../auth-scope");
|
|
8
8
|
const util_1 = require("./util");
|
|
9
9
|
function default_1(server, ctx) {
|
|
10
10
|
server.com.atproto.server.getSession({
|
|
11
|
-
auth: ctx.authVerifier.
|
|
12
|
-
additional: [
|
|
11
|
+
auth: ctx.authVerifier.authorization({
|
|
12
|
+
additional: [auth_scope_1.AuthScope.SignupQueued],
|
|
13
|
+
authorize: () => {
|
|
14
|
+
// Always allowed. "email" access is checked in the handler.
|
|
15
|
+
},
|
|
13
16
|
}),
|
|
14
17
|
handler: async ({ auth, req }) => {
|
|
15
18
|
if (ctx.entrywayAgent) {
|
|
16
|
-
|
|
17
|
-
const headers = auth.credentials.type === 'oauth' // DPoP bound tokens cannot be proxied
|
|
18
|
-
? await ctx.entrywayAuthHeaders(req, auth.credentials.did, 'com.atproto.server.getSession')
|
|
19
|
-
: ctx.entrywayPassthruHeaders(req);
|
|
19
|
+
const headers = await ctx.entrywayAuthHeaders(req, auth.credentials.did, 'com.atproto.server.getSession');
|
|
20
20
|
const res = await ctx.entrywayAgent.com.atproto.server.getSession(undefined, headers);
|
|
21
21
|
return {
|
|
22
22
|
encoding: 'application/json',
|
|
@@ -48,18 +48,11 @@ function default_1(server, ctx) {
|
|
|
48
48
|
});
|
|
49
49
|
}
|
|
50
50
|
function output({ credentials }, data) {
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
if (!credentials.oauthScopes.has('transition:email')) {
|
|
56
|
-
const { email, emailAuthFactor, emailConfirmed, ...rest } = data;
|
|
57
|
-
return rest;
|
|
58
|
-
}
|
|
59
|
-
return data;
|
|
60
|
-
default:
|
|
61
|
-
// @ts-expect-error
|
|
62
|
-
throw new Error(`Unknown credentials type: ${credentials.type}`);
|
|
51
|
+
if (credentials.type === 'oauth' &&
|
|
52
|
+
!credentials.permissions.allowsAccount({ attr: 'email', action: 'read' })) {
|
|
53
|
+
const { email, emailAuthFactor, emailConfirmed, ...rest } = data;
|
|
54
|
+
return rest;
|
|
63
55
|
}
|
|
56
|
+
return data;
|
|
64
57
|
}
|
|
65
58
|
//# sourceMappingURL=getSession.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getSession.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getSession.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"getSession.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getSession.ts"],"names":[],"mappings":";;AAUA,4BAsDC;AA/DD,4CAAgD;AAChD,sDAA0D;AAC1D,iFAAiF;AAEjF,uDAAkD;AAGlD,iCAAyC;AAEzC,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC;QACnC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,UAAU,EAAE,CAAC,sBAAS,CAAC,YAAY,CAAC;YACpC,SAAS,EAAE,GAAG,EAAE;gBACd,4DAA4D;YAC9D,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE;YAC/B,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;gBACtB,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,mBAAmB,CAC3C,GAAG,EACH,IAAI,CAAC,WAAW,CAAC,GAAG,EACpB,+BAA+B,CAChC,CAAA;gBAED,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAC/D,SAAS,EACT,OAAO,CACR,CAAA;gBAED,OAAO;oBACL,QAAQ,EAAE,kBAAkB;oBAC5B,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC;iBAC7B,CAAA;YACH,CAAC;YAED,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAA;YAChC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;gBACvC,GAAG,CAAC,cAAc,CAAC,UAAU,CAAC,GAAG,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC;gBAChE,IAAA,uBAAgB,EAAC,GAAG,EAAE,GAAG,CAAC;aAC3B,CAAC,CAAA;YACF,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,iCAAmB,CAC3B,yCAAyC,GAAG,EAAE,CAC/C,CAAA;YACH,CAAC;YAED,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,IAAA,qCAAmB,EAAC,IAAI,CAAC,CAAA;YAEpD,OAAO;gBACL,QAAQ,EAAE,kBAAkB;gBAC5B,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE;oBACjB,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,uBAAc;oBACrC,GAAG,EAAE,IAAI,CAAC,GAAG;oBACb,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,SAAS;oBAC9B,MAAM;oBACN,cAAc,EAAE,CAAC,CAAC,IAAI,CAAC,gBAAgB;oBACvC,MAAM;oBACN,MAAM;iBACP,CAAC;aACH,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC;AAED,SAAS,MAAM,CACb,EAAE,WAAW,EAA8B,EAC3C,IAA6C;IAE7C,IACE,WAAW,CAAC,IAAI,KAAK,OAAO;QAC5B,CAAC,WAAW,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,EACzE,CAAC;QACD,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,GAAG,IAAI,EAAE,GAAG,IAAI,CAAA;QAChE,OAAO,IAAI,CAAA;IACb,CAAC;IAED,OAAO,IAAI,CAAA;AACb,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"listAppPasswords.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/listAppPasswords.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"listAppPasswords.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/listAppPasswords.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAI5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QAgCvD"}
|
|
@@ -1,11 +1,16 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.default = default_1;
|
|
4
|
+
const xrpc_server_1 = require("@atproto/xrpc-server");
|
|
4
5
|
const lexicons_1 = require("../../../../lexicon/lexicons");
|
|
5
6
|
const proxy_1 = require("../../../proxy");
|
|
6
7
|
function default_1(server, ctx) {
|
|
7
8
|
server.com.atproto.server.listAppPasswords({
|
|
8
|
-
auth: ctx.authVerifier.
|
|
9
|
+
auth: ctx.authVerifier.authorization({
|
|
10
|
+
authorize: () => {
|
|
11
|
+
throw new xrpc_server_1.ForbiddenError('OAuth credentials are not supported for this endpoint');
|
|
12
|
+
},
|
|
13
|
+
}),
|
|
9
14
|
handler: async ({ auth, req }) => {
|
|
10
15
|
if (ctx.entrywayAgent) {
|
|
11
16
|
return (0, proxy_1.resultPassthru)(await ctx.entrywayAgent.com.atproto.server.listAppPasswords(undefined, await ctx.entrywayAuthHeaders(req, auth.credentials.did, lexicons_1.ids.ComAtprotoServerListAppPasswords)));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"listAppPasswords.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/listAppPasswords.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"listAppPasswords.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/listAppPasswords.ts"],"names":[],"mappings":";;AAMA,4BAgCC;AAtCD,sDAAqD;AAGrD,2DAAkD;AAClD,0CAA+C;AAE/C,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC;QACzC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,SAAS,EAAE,GAAG,EAAE;gBACd,MAAM,IAAI,4BAAc,CACtB,uDAAuD,CACxD,CAAA;YACH,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE;YAC/B,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;gBACtB,OAAO,IAAA,sBAAc,EACnB,MAAM,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,gBAAgB,CACzD,SAAS,EACT,MAAM,GAAG,CAAC,mBAAmB,CAC3B,GAAG,EACH,IAAI,CAAC,WAAW,CAAC,GAAG,EACpB,cAAG,CAAC,gCAAgC,CACrC,CACF,CACF,CAAA;YACH,CAAC;YAED,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,gBAAgB,CACzD,IAAI,CAAC,WAAW,CAAC,GAAG,CACrB,CAAA;YACD,OAAO;gBACL,QAAQ,EAAE,kBAAkB;gBAC5B,IAAI,EAAE,EAAE,SAAS,EAAE;aACpB,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC"}
|
|
@@ -9,7 +9,7 @@ const proxy_1 = require("../../../proxy");
|
|
|
9
9
|
const util_2 = require("./util");
|
|
10
10
|
function default_1(server, ctx) {
|
|
11
11
|
server.com.atproto.server.refreshSession({
|
|
12
|
-
auth: ctx.authVerifier.refresh,
|
|
12
|
+
auth: ctx.authVerifier.refresh(),
|
|
13
13
|
handler: async ({ auth, req }) => {
|
|
14
14
|
const did = auth.credentials.did;
|
|
15
15
|
const user = await ctx.accountManager.getAccount(did, {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"refreshSession.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/refreshSession.ts"],"names":[],"mappings":";;AASA,4BAsDC;AA/DD,4CAAgD;AAChD,sDAA6E;AAC7E,iFAAiF;AAEjF,8CAAiD;AAEjD,0CAA+C;AAC/C,iCAAyC;AAEzC,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC;QACvC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,OAAO;
|
|
1
|
+
{"version":3,"file":"refreshSession.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/refreshSession.ts"],"names":[],"mappings":";;AASA,4BAsDC;AA/DD,4CAAgD;AAChD,sDAA6E;AAC7E,iFAAiF;AAEjF,8CAAiD;AAEjD,0CAA+C;AAC/C,iCAAyC;AAEzC,mBAAyB,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC;QACvC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,OAAO,EAAE;QAChC,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE;YAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAA;YAChC,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,UAAU,CAAC,GAAG,EAAE;gBACpD,kBAAkB,EAAE,IAAI;gBACxB,gBAAgB,EAAE,IAAI;aACvB,CAAC,CAAA;YACF,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,iCAAmB,CAC3B,yCAAyC,GAAG,EAAE,CAC/C,CAAA;YACH,CAAC;YACD,IAAI,IAAA,kBAAW,EAAC,IAAI,CAAC,EAAE,CAAC;gBACtB,MAAM,IAAI,+BAAiB,CACzB,6BAA6B,EAC7B,iBAAiB,CAClB,CAAA;YACH,CAAC;YAED,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;gBACtB,OAAO,IAAA,sBAAc,EACnB,MAAM,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,CACvD,SAAS,EACT,GAAG,CAAC,uBAAuB,CAAC,GAAG,CAAC,CACjC,CACF,CAAA;YACH,CAAC;YAED,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;gBAC1C,IAAA,uBAAgB,EAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC;gBAC/B,GAAG,CAAC,cAAc,CAAC,kBAAkB,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC;aAChE,CAAC,CAAA;YACF,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;gBACrB,MAAM,IAAI,iCAAmB,CAAC,wBAAwB,EAAE,cAAc,CAAC,CAAA;YACzE,CAAC;YAED,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,IAAA,qCAAmB,EAAC,IAAI,CAAC,CAAA;YAEpD,OAAO;gBACL,QAAQ,EAAE,kBAAkB;gBAC5B,IAAI,EAAE;oBACJ,GAAG,EAAE,IAAI,CAAC,GAAG;oBACb,MAAM;oBACN,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,uBAAc;oBACrC,SAAS,EAAE,OAAO,CAAC,SAAS;oBAC5B,UAAU,EAAE,OAAO,CAAC,UAAU;oBAC9B,MAAM;oBACN,MAAM;iBACP;aACF,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"requestAccountDelete.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/requestAccountDelete.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"requestAccountDelete.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/requestAccountDelete.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAG5C,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QAuDvD"}
|
|
@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.default = default_1;
|
|
4
4
|
const common_1 = require("@atproto/common");
|
|
5
5
|
const xrpc_server_1 = require("@atproto/xrpc-server");
|
|
6
|
+
const auth_scope_1 = require("../../../../auth-scope");
|
|
6
7
|
const lexicons_1 = require("../../../../lexicon/lexicons");
|
|
7
8
|
function default_1(server, ctx) {
|
|
8
9
|
server.com.atproto.server.requestAccountDelete({
|
|
@@ -18,7 +19,13 @@ function default_1(server, ctx) {
|
|
|
18
19
|
calcKey: ({ auth }) => auth.credentials.did,
|
|
19
20
|
},
|
|
20
21
|
],
|
|
21
|
-
auth: ctx.authVerifier.
|
|
22
|
+
auth: ctx.authVerifier.authorization({
|
|
23
|
+
checkTakedown: true,
|
|
24
|
+
scopes: auth_scope_1.ACCESS_FULL,
|
|
25
|
+
authorize: () => {
|
|
26
|
+
throw new xrpc_server_1.ForbiddenError('OAuth credentials are not supported for this endpoint');
|
|
27
|
+
},
|
|
28
|
+
}),
|
|
22
29
|
handler: async ({ auth, req }) => {
|
|
23
30
|
const did = auth.credentials.did;
|
|
24
31
|
const account = await ctx.accountManager.getAccount(did, {
|