npm - @atproto/pds - Versions diffs - 0.4.175 → 0.4.177 - Mend

@atproto/pds 0.4.175 → 0.4.177

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (133) hide show

package/src/auth-verifier.ts CHANGED Viewed

@@ -7,7 +7,7 @@ import { IdResolver, getDidKeyFromMultibase } from '@atproto/identity'
 import {
   OAuthError,
   OAuthVerifier,
-  VerifyTokenClaimsOptions,
+  VerifyTokenPayloadOptions,
   WWWAuthenticateError,
 } from '@atproto/oauth-provider'
 import {
@@ -39,7 +39,6 @@ import {
 } from './auth-output'
 import { ACCESS_STANDARD, AuthScope, isAuthScope } from './auth-scope'
 import { softDeleted } from './db'
-import { oauthLogger } from './logger'
 import { appendVary } from './util/http'
 import { WithRequired } from './util/types'
@@ -338,7 +337,7 @@ export class AuthVerifier {
     OAuthOutput,
     P
   > {
-    const verifyTokenOptions: VerifyTokenClaimsOptions = {
+    const verifyTokenOptions: VerifyTokenPayloadOptions = {
       audience: [this.dids.pds],
       scope: ['atproto'],
     }
@@ -358,7 +357,7 @@ export class AuthVerifier {
       const originalUrl = req.originalUrl || req.url || '/'
       const url = new URL(originalUrl, this._publicUrl)
-      const { tokenClaims, dpopProof } = await this.oauthVerifier
+      const { scope, sub: did } = await this.oauthVerifier
         .authenticateRequest(
           req.method || 'GET',
           url,
@@ -383,28 +382,13 @@ export class AuthVerifier {
           throw err
         })
-      // @TODO drop this once oauth provider no longer accepts DPoP proof with
-      // query or fragment in "htu" claim.
-      if (dpopProof?.htu.match(/[?#]/)) {
-        oauthLogger.info(
-          {
-            client_id: tokenClaims.client_id,
-            htu: dpopProof.htu,
-          },
-          'DPoP proof "htu" contains query or fragment',
-        )
-      }
-      const { sub: did } = tokenClaims
       if (typeof did !== 'string' || !did.startsWith('did:')) {
         throw new InvalidRequestError('Malformed token', 'InvalidToken')
       }
       await this.verifyStatus(did, verifyStatusOptions)
-      const permissions = new ScopePermissionsTransition(
-        tokenClaims.scope?.split(' '),
-      )
+      const permissions = new ScopePermissionsTransition(scope?.split(' '))
       // Should never happen
       if (!permissions.scopes.has('atproto')) {

package/src/context.ts CHANGED Viewed

@@ -32,6 +32,7 @@ import {
 } from '@atproto-labs/fetch-node'
 import { AccountManager } from './account-manager/account-manager'
 import { OAuthStore } from './account-manager/oauth-store'
+import { ScopeReferenceGetter } from './account-manager/scope-reference-getter'
 import { ActorStore } from './actor-store/actor-store'
 import { authPassthru, forwardedFor } from './api/proxy'
 import {
@@ -46,7 +47,7 @@ import { Crawlers } from './crawlers'
 import { DidSqliteCache } from './did-cache'
 import { DiskBlobStore } from './disk-blobstore'
 import { ImageUrlBuilder } from './image/image-url-builder'
-import { fetchLogger, lexiconResolverLogger } from './logger'
+import { fetchLogger, lexiconResolverLogger, oauthLogger } from './logger'
 import { ServerMailer } from './mailer'
 import { ModerationMailer } from './mailer/moderation'
 import { LocalViewer, LocalViewerCreator } from './read-after-write/viewer'
@@ -397,10 +398,11 @@ export class AppContext {
             protected_resources: [new URL(cfg.oauth.issuer).origin],
           },
           // If the PDS is both an authorization server & resource server (no
-          // entryway), there is no need to use JWTs as access tokens. Instead,
-          // the PDS can use tokenId as access tokens. This allows the PDS to
-          // always use up-to-date token data from the token store.
-          accessTokenMode: AccessTokenMode.light,
+          // entryway), we can afford to check the token validity on every
+          // request. This allows revoked tokens to be rejected immediately.
+          // This also allows JWT to be shorter since some claims (notably the
+          // "scope" claim) do not need to be included in the token.
+          accessTokenMode: AccessTokenMode.stateful,
           getClientInfo(clientId) {
             return {
@@ -410,6 +412,10 @@ export class AppContext {
         })
       : undefined
+    const scopeRefGetter = entrywayAgent
+      ? new ScopeReferenceGetter(entrywayAgent, redisScratch)
+      : undefined
     const oauthVerifier: OAuthVerifier =
       oauthProvider ?? // OAuthProvider extends OAuthVerifier
       new OAuthVerifier({
@@ -417,6 +423,21 @@ export class AppContext {
         keyset: [await JoseKey.fromKeyLike(jwtPublicKey!, undefined, 'ES256K')],
         dpopSecret: secrets.dpopSecret,
         redis: redisScratch,
+        onDecodeToken: scopeRefGetter
+          ? async ({ payload, dpopProof }) => {
+              // @TODO drop this once oauth provider no longer accepts DPoP proof with
+              // query or fragment in "htu" claim.
+              if (dpopProof?.htu.match(/[?#]/)) {
+                oauthLogger.info(
+                  { htu: dpopProof.htu, client_id: payload.client_id },
+                  'DPoP proof "htu" contains query or fragment',
+                )
+              }
+              const scope = await scopeRefGetter.dereference(payload.scope)
+              return { ...payload, scope }
+            }
+          : undefined,
       })
     const authVerifier = new AuthVerifier(

package/src/disk-blobstore.ts CHANGED Viewed

@@ -3,10 +3,16 @@ import fs from 'node:fs/promises'
 import path from 'node:path'
 import stream from 'node:stream'
 import { CID } from 'multiformats/cid'
-import { fileExists, isErrnoException, rmIfExists } from '@atproto/common'
+import {
+  aggregateErrors,
+  chunkArray,
+  fileExists,
+  isErrnoException,
+  rmIfExists,
+} from '@atproto/common'
 import { randomStr } from '@atproto/crypto'
 import { BlobNotFoundError, BlobStore } from '@atproto/repo'
-import { httpLogger as log } from './logger'
+import { blobStoreLogger as log } from './logger'
 export class DiskBlobStore implements BlobStore {
   constructor(
@@ -137,7 +143,18 @@ export class DiskBlobStore implements BlobStore {
   }
   async deleteMany(cids: CID[]): Promise<void> {
-    await Promise.all(cids.map((cid) => this.delete(cid)))
+    const errors: unknown[] = []
+    for (const chunk of chunkArray(cids, 500)) {
+      await Promise.all(
+        chunk.map((cid) =>
+          this.delete(cid).catch((err) => {
+            log.error({ err, cid: cid.toString() }, 'error deleting blob')
+            errors.push(err)
+          }),
+        ),
+      )
+    }
+    if (errors.length) throw aggregateErrors(errors)
   }
   async deleteAll(): Promise<void> {

package/src/lexicon/index.ts CHANGED Viewed

@@ -17,6 +17,9 @@ import * as AppBskyActorGetSuggestions from './types/app/bsky/actor/getSuggestio
 import * as AppBskyActorPutPreferences from './types/app/bsky/actor/putPreferences.js'
 import * as AppBskyActorSearchActors from './types/app/bsky/actor/searchActors.js'
 import * as AppBskyActorSearchActorsTypeahead from './types/app/bsky/actor/searchActorsTypeahead.js'
+import * as AppBskyBookmarkCreateBookmark from './types/app/bsky/bookmark/createBookmark.js'
+import * as AppBskyBookmarkDeleteBookmark from './types/app/bsky/bookmark/deleteBookmark.js'
+import * as AppBskyBookmarkGetBookmarks from './types/app/bsky/bookmark/getBookmarks.js'
 import * as AppBskyFeedDescribeFeedGenerator from './types/app/bsky/feed/describeFeedGenerator.js'
 import * as AppBskyFeedGetActorFeeds from './types/app/bsky/feed/getActorFeeds.js'
 import * as AppBskyFeedGetActorLikes from './types/app/bsky/feed/getActorLikes.js'
@@ -195,6 +198,7 @@ import * as ComAtprotoSyncSubscribeRepos from './types/com/atproto/sync/subscrib
 import * as ComAtprotoTempAddReservedHandle from './types/com/atproto/temp/addReservedHandle.js'
 import * as ComAtprotoTempCheckHandleAvailability from './types/com/atproto/temp/checkHandleAvailability.js'
 import * as ComAtprotoTempCheckSignupQueue from './types/com/atproto/temp/checkSignupQueue.js'
+import * as ComAtprotoTempDereferenceScope from './types/com/atproto/temp/dereferenceScope.js'
 import * as ComAtprotoTempFetchLabels from './types/com/atproto/temp/fetchLabels.js'
 import * as ComAtprotoTempRequestPhoneVerification from './types/com/atproto/temp/requestPhoneVerification.js'
 import * as ComAtprotoTempRevokeAccountCredentials from './types/com/atproto/temp/revokeAccountCredentials.js'
@@ -286,6 +290,75 @@ export const TOOLS_OZONE_MODERATION = {
   DefsTimelineEventPlcTombstone:
     'tools.ozone.moderation.defs#timelineEventPlcTombstone',
 }
+export const TOOLS_OZONE_REPORT = {
+  DefsReasonAppeal: 'tools.ozone.report.defs#reasonAppeal',
+  DefsReasonViolenceAnimalWelfare:
+    'tools.ozone.report.defs#reasonViolenceAnimalWelfare',
+  DefsReasonViolenceThreats: 'tools.ozone.report.defs#reasonViolenceThreats',
+  DefsReasonViolenceGraphicContent:
+    'tools.ozone.report.defs#reasonViolenceGraphicContent',
+  DefsReasonViolenceSelfHarm: 'tools.ozone.report.defs#reasonViolenceSelfHarm',
+  DefsReasonViolenceGlorification:
+    'tools.ozone.report.defs#reasonViolenceGlorification',
+  DefsReasonViolenceExtremistContent:
+    'tools.ozone.report.defs#reasonViolenceExtremistContent',
+  DefsReasonViolenceTrafficking:
+    'tools.ozone.report.defs#reasonViolenceTrafficking',
+  DefsReasonViolenceOther: 'tools.ozone.report.defs#reasonViolenceOther',
+  DefsReasonSexualAbuseContent:
+    'tools.ozone.report.defs#reasonSexualAbuseContent',
+  DefsReasonSexualNCII: 'tools.ozone.report.defs#reasonSexualNCII',
+  DefsReasonSexualSextortion: 'tools.ozone.report.defs#reasonSexualSextortion',
+  DefsReasonSexualDeepfake: 'tools.ozone.report.defs#reasonSexualDeepfake',
+  DefsReasonSexualAnimal: 'tools.ozone.report.defs#reasonSexualAnimal',
+  DefsReasonSexualUnlabeled: 'tools.ozone.report.defs#reasonSexualUnlabeled',
+  DefsReasonSexualOther: 'tools.ozone.report.defs#reasonSexualOther',
+  DefsReasonChildSafetyCSAM: 'tools.ozone.report.defs#reasonChildSafetyCSAM',
+  DefsReasonChildSafetyGroom: 'tools.ozone.report.defs#reasonChildSafetyGroom',
+  DefsReasonChildSafetyMinorPrivacy:
+    'tools.ozone.report.defs#reasonChildSafetyMinorPrivacy',
+  DefsReasonChildSafetyEndangerment:
+    'tools.ozone.report.defs#reasonChildSafetyEndangerment',
+  DefsReasonChildSafetyHarassment:
+    'tools.ozone.report.defs#reasonChildSafetyHarassment',
+  DefsReasonChildSafetyPromotion:
+    'tools.ozone.report.defs#reasonChildSafetyPromotion',
+  DefsReasonChildSafetyOther: 'tools.ozone.report.defs#reasonChildSafetyOther',
+  DefsReasonHarassmentTroll: 'tools.ozone.report.defs#reasonHarassmentTroll',
+  DefsReasonHarassmentTargeted:
+    'tools.ozone.report.defs#reasonHarassmentTargeted',
+  DefsReasonHarassmentHateSpeech:
+    'tools.ozone.report.defs#reasonHarassmentHateSpeech',
+  DefsReasonHarassmentDoxxing:
+    'tools.ozone.report.defs#reasonHarassmentDoxxing',
+  DefsReasonHarassmentOther: 'tools.ozone.report.defs#reasonHarassmentOther',
+  DefsReasonMisleadingBot: 'tools.ozone.report.defs#reasonMisleadingBot',
+  DefsReasonMisleadingImpersonation:
+    'tools.ozone.report.defs#reasonMisleadingImpersonation',
+  DefsReasonMisleadingSpam: 'tools.ozone.report.defs#reasonMisleadingSpam',
+  DefsReasonMisleadingScam: 'tools.ozone.report.defs#reasonMisleadingScam',
+  DefsReasonMisleadingSyntheticContent:
+    'tools.ozone.report.defs#reasonMisleadingSyntheticContent',
+  DefsReasonMisleadingMisinformation:
+    'tools.ozone.report.defs#reasonMisleadingMisinformation',
+  DefsReasonMisleadingOther: 'tools.ozone.report.defs#reasonMisleadingOther',
+  DefsReasonRuleSiteSecurity: 'tools.ozone.report.defs#reasonRuleSiteSecurity',
+  DefsReasonRuleStolenContent:
+    'tools.ozone.report.defs#reasonRuleStolenContent',
+  DefsReasonRuleProhibitedSales:
+    'tools.ozone.report.defs#reasonRuleProhibitedSales',
+  DefsReasonRuleBanEvasion: 'tools.ozone.report.defs#reasonRuleBanEvasion',
+  DefsReasonRuleOther: 'tools.ozone.report.defs#reasonRuleOther',
+  DefsReasonCivicElectoralProcess:
+    'tools.ozone.report.defs#reasonCivicElectoralProcess',
+  DefsReasonCivicDisclosure: 'tools.ozone.report.defs#reasonCivicDisclosure',
+  DefsReasonCivicInterference:
+    'tools.ozone.report.defs#reasonCivicInterference',
+  DefsReasonCivicMisinformation:
+    'tools.ozone.report.defs#reasonCivicMisinformation',
+  DefsReasonCivicImpersonation:
+    'tools.ozone.report.defs#reasonCivicImpersonation',
+}
 export const TOOLS_OZONE_TEAM = {
   DefsRoleAdmin: 'tools.ozone.team.defs#roleAdmin',
   DefsRoleModerator: 'tools.ozone.team.defs#roleModerator',
@@ -326,6 +399,7 @@ export class AppNS {
 export class AppBskyNS {
   _server: Server
   actor: AppBskyActorNS
+  bookmark: AppBskyBookmarkNS
   embed: AppBskyEmbedNS
   feed: AppBskyFeedNS
   graph: AppBskyGraphNS
@@ -338,6 +412,7 @@ export class AppBskyNS {
   constructor(server: Server) {
     this._server = server
     this.actor = new AppBskyActorNS(server)
+    this.bookmark = new AppBskyBookmarkNS(server)
     this.embed = new AppBskyEmbedNS(server)
     this.feed = new AppBskyFeedNS(server)
     this.graph = new AppBskyGraphNS(server)
@@ -441,6 +516,50 @@ export class AppBskyActorNS {
   }
 }
+export class AppBskyBookmarkNS {
+  _server: Server
+  constructor(server: Server) {
+    this._server = server
+  }
+  createBookmark<A extends Auth = void>(
+    cfg: MethodConfigOrHandler<
+      A,
+      AppBskyBookmarkCreateBookmark.QueryParams,
+      AppBskyBookmarkCreateBookmark.HandlerInput,
+      AppBskyBookmarkCreateBookmark.HandlerOutput
+    >,
+  ) {
+    const nsid = 'app.bsky.bookmark.createBookmark' // @ts-ignore
+    return this._server.xrpc.method(nsid, cfg)
+  }
+  deleteBookmark<A extends Auth = void>(
+    cfg: MethodConfigOrHandler<
+      A,
+      AppBskyBookmarkDeleteBookmark.QueryParams,
+      AppBskyBookmarkDeleteBookmark.HandlerInput,
+      AppBskyBookmarkDeleteBookmark.HandlerOutput
+    >,
+  ) {
+    const nsid = 'app.bsky.bookmark.deleteBookmark' // @ts-ignore
+    return this._server.xrpc.method(nsid, cfg)
+  }
+  getBookmarks<A extends Auth = void>(
+    cfg: MethodConfigOrHandler<
+      A,
+      AppBskyBookmarkGetBookmarks.QueryParams,
+      AppBskyBookmarkGetBookmarks.HandlerInput,
+      AppBskyBookmarkGetBookmarks.HandlerOutput
+    >,
+  ) {
+    const nsid = 'app.bsky.bookmark.getBookmarks' // @ts-ignore
+    return this._server.xrpc.method(nsid, cfg)
+  }
+}
 export class AppBskyEmbedNS {
   _server: Server
@@ -2794,6 +2913,18 @@ export class ComAtprotoTempNS {
     return this._server.xrpc.method(nsid, cfg)
   }
+  dereferenceScope<A extends Auth = void>(
+    cfg: MethodConfigOrHandler<
+      A,
+      ComAtprotoTempDereferenceScope.QueryParams,
+      ComAtprotoTempDereferenceScope.HandlerInput,
+      ComAtprotoTempDereferenceScope.HandlerOutput
+    >,
+  ) {
+    const nsid = 'com.atproto.temp.dereferenceScope' // @ts-ignore
+    return this._server.xrpc.method(nsid, cfg)
+  }
   fetchLabels<A extends Auth = void>(
     cfg: MethodConfigOrHandler<
       A,