@atproto/pds 0.4.185 → 0.4.187

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (114) hide show
  1. package/CHANGELOG.md +17 -0
  2. package/dist/account-manager/account-manager.d.ts +1 -1
  3. package/dist/account-manager/account-manager.d.ts.map +1 -1
  4. package/dist/account-manager/account-manager.js +1 -0
  5. package/dist/account-manager/account-manager.js.map +1 -1
  6. package/dist/account-manager/helpers/email-token.js +1 -1
  7. package/dist/account-manager/helpers/email-token.js.map +1 -1
  8. package/dist/account-manager/oauth-store.d.ts +2 -2
  9. package/dist/account-manager/oauth-store.d.ts.map +1 -1
  10. package/dist/account-manager/oauth-store.js +9 -3
  11. package/dist/account-manager/oauth-store.js.map +1 -1
  12. package/dist/lexicon/lexicons.d.ts +2 -2
  13. package/dist/lexicon/lexicons.js +1 -1
  14. package/dist/lexicon/lexicons.js.map +1 -1
  15. package/dist/lexicon/types/app/bsky/actor/profile.d.ts +4 -3
  16. package/dist/lexicon/types/app/bsky/actor/profile.d.ts.map +1 -1
  17. package/dist/lexicon/types/app/bsky/actor/profile.js +9 -7
  18. package/dist/lexicon/types/app/bsky/actor/profile.js.map +1 -1
  19. package/dist/lexicon/types/app/bsky/actor/status.d.ts +4 -3
  20. package/dist/lexicon/types/app/bsky/actor/status.d.ts.map +1 -1
  21. package/dist/lexicon/types/app/bsky/actor/status.js +9 -7
  22. package/dist/lexicon/types/app/bsky/actor/status.js.map +1 -1
  23. package/dist/lexicon/types/app/bsky/feed/generator.d.ts +4 -3
  24. package/dist/lexicon/types/app/bsky/feed/generator.d.ts.map +1 -1
  25. package/dist/lexicon/types/app/bsky/feed/generator.js +9 -7
  26. package/dist/lexicon/types/app/bsky/feed/generator.js.map +1 -1
  27. package/dist/lexicon/types/app/bsky/feed/like.d.ts +4 -3
  28. package/dist/lexicon/types/app/bsky/feed/like.d.ts.map +1 -1
  29. package/dist/lexicon/types/app/bsky/feed/like.js +9 -7
  30. package/dist/lexicon/types/app/bsky/feed/like.js.map +1 -1
  31. package/dist/lexicon/types/app/bsky/feed/post.d.ts +4 -3
  32. package/dist/lexicon/types/app/bsky/feed/post.d.ts.map +1 -1
  33. package/dist/lexicon/types/app/bsky/feed/post.js +9 -7
  34. package/dist/lexicon/types/app/bsky/feed/post.js.map +1 -1
  35. package/dist/lexicon/types/app/bsky/feed/postgate.d.ts +4 -3
  36. package/dist/lexicon/types/app/bsky/feed/postgate.d.ts.map +1 -1
  37. package/dist/lexicon/types/app/bsky/feed/postgate.js +9 -7
  38. package/dist/lexicon/types/app/bsky/feed/postgate.js.map +1 -1
  39. package/dist/lexicon/types/app/bsky/feed/repost.d.ts +4 -3
  40. package/dist/lexicon/types/app/bsky/feed/repost.d.ts.map +1 -1
  41. package/dist/lexicon/types/app/bsky/feed/repost.js +9 -7
  42. package/dist/lexicon/types/app/bsky/feed/repost.js.map +1 -1
  43. package/dist/lexicon/types/app/bsky/feed/threadgate.d.ts +4 -3
  44. package/dist/lexicon/types/app/bsky/feed/threadgate.d.ts.map +1 -1
  45. package/dist/lexicon/types/app/bsky/feed/threadgate.js +9 -7
  46. package/dist/lexicon/types/app/bsky/feed/threadgate.js.map +1 -1
  47. package/dist/lexicon/types/app/bsky/graph/block.d.ts +4 -3
  48. package/dist/lexicon/types/app/bsky/graph/block.d.ts.map +1 -1
  49. package/dist/lexicon/types/app/bsky/graph/block.js +9 -7
  50. package/dist/lexicon/types/app/bsky/graph/block.js.map +1 -1
  51. package/dist/lexicon/types/app/bsky/graph/follow.d.ts +4 -3
  52. package/dist/lexicon/types/app/bsky/graph/follow.d.ts.map +1 -1
  53. package/dist/lexicon/types/app/bsky/graph/follow.js +9 -7
  54. package/dist/lexicon/types/app/bsky/graph/follow.js.map +1 -1
  55. package/dist/lexicon/types/app/bsky/graph/list.d.ts +4 -3
  56. package/dist/lexicon/types/app/bsky/graph/list.d.ts.map +1 -1
  57. package/dist/lexicon/types/app/bsky/graph/list.js +9 -7
  58. package/dist/lexicon/types/app/bsky/graph/list.js.map +1 -1
  59. package/dist/lexicon/types/app/bsky/graph/listblock.d.ts +4 -3
  60. package/dist/lexicon/types/app/bsky/graph/listblock.d.ts.map +1 -1
  61. package/dist/lexicon/types/app/bsky/graph/listblock.js +9 -7
  62. package/dist/lexicon/types/app/bsky/graph/listblock.js.map +1 -1
  63. package/dist/lexicon/types/app/bsky/graph/listitem.d.ts +4 -3
  64. package/dist/lexicon/types/app/bsky/graph/listitem.d.ts.map +1 -1
  65. package/dist/lexicon/types/app/bsky/graph/listitem.js +9 -7
  66. package/dist/lexicon/types/app/bsky/graph/listitem.js.map +1 -1
  67. package/dist/lexicon/types/app/bsky/graph/starterpack.d.ts +4 -3
  68. package/dist/lexicon/types/app/bsky/graph/starterpack.d.ts.map +1 -1
  69. package/dist/lexicon/types/app/bsky/graph/starterpack.js +9 -7
  70. package/dist/lexicon/types/app/bsky/graph/starterpack.js.map +1 -1
  71. package/dist/lexicon/types/app/bsky/graph/verification.d.ts +4 -3
  72. package/dist/lexicon/types/app/bsky/graph/verification.d.ts.map +1 -1
  73. package/dist/lexicon/types/app/bsky/graph/verification.js +9 -7
  74. package/dist/lexicon/types/app/bsky/graph/verification.js.map +1 -1
  75. package/dist/lexicon/types/app/bsky/labeler/service.d.ts +4 -3
  76. package/dist/lexicon/types/app/bsky/labeler/service.d.ts.map +1 -1
  77. package/dist/lexicon/types/app/bsky/labeler/service.js +9 -7
  78. package/dist/lexicon/types/app/bsky/labeler/service.js.map +1 -1
  79. package/dist/lexicon/types/app/bsky/notification/declaration.d.ts +4 -3
  80. package/dist/lexicon/types/app/bsky/notification/declaration.d.ts.map +1 -1
  81. package/dist/lexicon/types/app/bsky/notification/declaration.js +9 -7
  82. package/dist/lexicon/types/app/bsky/notification/declaration.js.map +1 -1
  83. package/dist/lexicon/types/chat/bsky/actor/declaration.d.ts +4 -3
  84. package/dist/lexicon/types/chat/bsky/actor/declaration.d.ts.map +1 -1
  85. package/dist/lexicon/types/chat/bsky/actor/declaration.js +9 -7
  86. package/dist/lexicon/types/chat/bsky/actor/declaration.js.map +1 -1
  87. package/dist/lexicon/types/com/atproto/lexicon/schema.d.ts +4 -3
  88. package/dist/lexicon/types/com/atproto/lexicon/schema.d.ts.map +1 -1
  89. package/dist/lexicon/types/com/atproto/lexicon/schema.js +9 -7
  90. package/dist/lexicon/types/com/atproto/lexicon/schema.js.map +1 -1
  91. package/package.json +8 -8
  92. package/src/account-manager/account-manager.ts +2 -0
  93. package/src/account-manager/helpers/email-token.ts +1 -1
  94. package/src/account-manager/oauth-store.ts +15 -5
  95. package/src/lexicon/lexicons.ts +1 -1
  96. package/src/lexicon/types/app/bsky/actor/profile.ts +12 -6
  97. package/src/lexicon/types/app/bsky/actor/status.ts +12 -6
  98. package/src/lexicon/types/app/bsky/feed/generator.ts +12 -6
  99. package/src/lexicon/types/app/bsky/feed/like.ts +12 -6
  100. package/src/lexicon/types/app/bsky/feed/post.ts +12 -6
  101. package/src/lexicon/types/app/bsky/feed/postgate.ts +12 -6
  102. package/src/lexicon/types/app/bsky/feed/repost.ts +12 -6
  103. package/src/lexicon/types/app/bsky/feed/threadgate.ts +12 -6
  104. package/src/lexicon/types/app/bsky/graph/block.ts +12 -6
  105. package/src/lexicon/types/app/bsky/graph/follow.ts +12 -6
  106. package/src/lexicon/types/app/bsky/graph/list.ts +12 -6
  107. package/src/lexicon/types/app/bsky/graph/listblock.ts +12 -6
  108. package/src/lexicon/types/app/bsky/graph/listitem.ts +12 -6
  109. package/src/lexicon/types/app/bsky/graph/starterpack.ts +12 -6
  110. package/src/lexicon/types/app/bsky/graph/verification.ts +12 -6
  111. package/src/lexicon/types/app/bsky/labeler/service.ts +12 -6
  112. package/src/lexicon/types/app/bsky/notification/declaration.ts +12 -6
  113. package/src/lexicon/types/chat/bsky/actor/declaration.ts +12 -6
  114. package/src/lexicon/types/com/atproto/lexicon/schema.ts +12 -6
package/CHANGELOG.md CHANGED
@@ -1,5 +1,22 @@
1
1
  # @atproto/pds
2
2
 
3
+ ## 0.4.187
4
+
5
+ ### Patch Changes
6
+
7
+ - Updated dependencies [[`8c03d75b6`](https://github.com/bluesky-social/atproto/commit/8c03d75b6c11bed15b58bfa7ff4bf68199fc6511), [`a8e307ef4`](https://github.com/bluesky-social/atproto/commit/a8e307ef4851b164ee38bb5149343631e329f143), [`8ff5ec4ca`](https://github.com/bluesky-social/atproto/commit/8ff5ec4caa9a1f5c1e453a416ba2af22d1ee4f58), [`1e702ea67`](https://github.com/bluesky-social/atproto/commit/1e702ea675e3697e050be1f28e54bb1298b56436)]:
8
+ - @atproto/oauth-provider@0.13.3
9
+ - @atproto/api@0.17.4
10
+ - @atproto-labs/fetch-node@0.2.0
11
+ - @atproto/lexicon-resolver@0.2.3
12
+
13
+ ## 0.4.186
14
+
15
+ ### Patch Changes
16
+
17
+ - Updated dependencies [[`386f583cf`](https://github.com/bluesky-social/atproto/commit/386f583cffa2c596a12be4e98dde498f3b8670f6)]:
18
+ - @atproto/api@0.17.3
19
+
3
20
  ## 0.4.185
4
21
 
5
22
  ### Patch Changes
package/dist/account-manager/account-manager.d.ts CHANGED
@@ -120,7 +120,7 @@ export declare class AccountManager {
120
120
  resetPassword(opts: {
121
121
  password: string;
122
122
  token: string;
123
- }): Promise<void>;
123
+ }): Promise<string>;
124
124
  updateAccountPassword(opts: {
125
125
  did: string;
126
126
  password: string;
package/dist/account-manager/account-manager.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"account-manager.d.ts","sourceRoot":"","sources":["../../src/account-manager/account-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AACvC,OAAO,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAA;AAEtC,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAW9C,OAAO,EAAE,UAAU,EAAE,MAAM,yCAAyC,CAAA;AACpE,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAsB,MAAM,MAAM,CAAA;AACvE,OAAO,KAAK,OAAO,MAAM,mBAAmB,CAAA;AAC5C,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAA;AAG/D,OAAO,KAAK,MAAM,MAAM,kBAAkB,CAAA;AAC1C,OAAO,KAAK,QAAQ,MAAM,oBAAoB,CAAA;AAK9C,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAA;AAEtE,MAAM,MAAM,sBAAsB,GAAG;IACnC,YAAY,EAAE,MAAM,CAAA;IACpB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,qBAAa,cAAc;IAIvB,QAAQ,CAAC,UAAU,EAAE,UAAU;IAC/B,QAAQ,CAAC,MAAM,EAAE,SAAS;IAC1B,QAAQ,CAAC,UAAU,EAAE,MAAM;IAC3B,QAAQ,CAAC,oBAAoB,EAAE,MAAM,EAAE;IANzC,QAAQ,CAAC,EAAE,EAAE,SAAS,CAAA;gBAGX,UAAU,EAAE,UAAU,EACtB,MAAM,EAAE,SAAS,EACjB,UAAU,EAAE,MAAM,EAClB,oBAAoB,EAAE,MAAM,EAAE,EACvC,EAAE,EAAE,sBAAsB;IAKtB,cAAc;IAKpB,KAAK;IAOC,UAAU,CACd,WAAW,EAAE,MAAM,EACnB,KAAK,CAAC,EAAE,OAAO,CAAC,iBAAiB,GAChC,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC;IAIzB,WAAW,CACf,IAAI,EAAE,MAAM,EAAE,EACd,KAAK,CAAC,EAAE,OAAO,CAAC,iBAAiB,GAChC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;IAI/B,iBAAiB,CACrB,KAAK,EAAE,MAAM,EACb,KAAK,CAAC,EAAE,OAAO,CAAC,iBAAiB,GAChC,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC;IAIzB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAMjD,cAAc,CAClB,WAAW,EAAE,MAAM,EACnB,KAAK,CAAC,EAAE,OAAO,CAAC,iBAAiB,GAChC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAKnB,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAU7D,0BAA0B,CAC9B,MAAM,EAAE,MAAM,EACd,EACE,GAAG,EACH,aAAa,GACd,GAAE;QACD,GAAG,CAAC,EAAE,MAAM,CAAA;QACZ,aAAa,CAAC,EAAE,OAAO,CAAA;KACnB,GACL,OAAO,CAAC,MAAM,CAAC;IAyCZ,aAAa,CAAC,EAClB,GAAG,EACH,MAAM,EACN,KAAK,EACL,QAAQ,EACR,OAAO,EACP,OAAO,EACP,UAAU,EACV,WAAW,EACX,UAAU,GACX,EAAE;QACD,GAAG,EAAE,MAAM,CAAA;QACX,MAAM,EAAE,MAAM,CAAA;QACd,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,QAAQ,CAAC,EAAE,MAAM,CAAA;QACjB,OAAO,EAAE,GAAG,CAAA;QACZ,OAAO,EAAE,MAAM,CAAA;QACf,UAAU,CAAC,EAAE,MAAM,CAAA;QACnB,WAAW,CAAC,EAAE,OAAO,CAAA;QACrB,UAAU,CAAC,EAAE,MAAM,CAAA;KACpB;IAmCK,uBAAuB,CAAC,IAAI,EAAE;QAClC,GAAG,EAAE,MAAM,CAAA;QACX,MAAM,EAAE,MAAM,CAAA;QACd,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,QAAQ,CAAC,EAAE,MAAM,CAAA;QACjB,OAAO,EAAE,GAAG,CAAA;QACZ,OAAO,EAAE,MAAM,CAAA;QACf,UAAU,CAAC,EAAE,MAAM,CAAA;QACnB,WAAW,CAAC,EAAE,OAAO,CAAA;KACtB;;;;IAeK,YAAY,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAIxC,aAAa,CAAC,GAAG,EAAE,MAAM;IAIzB,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU;IAUjD,qBAAqB,CAAC,GAAG,EAAE,MAAM;;;;IAIjC,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM;IAIjD,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,IAAI;IAIzD,eAAe,CAAC,GAAG,EAAE,MAAM;IAO3B,aAAa,CACjB,GAAG,EAAE,MAAM,EACX,WAAW,EAAE,QAAQ,CAAC,eAAe,GAAG,IAAI,EAC5C,aAAa,UAAQ;;;;IAgBjB,kBAAkB,CAAC,EAAE,EAAE,MAAM;IAwD7B,kBAAkB,CAAC,EAAE,EAAE,MAAM;IAO7B,KAAK,CAAC,EACV,UAAU,EACV,QAAQ,GACT,EAAE;QACD,UAAU,EAAE,MAAM,CAAA;QAClB,QAAQ,EAAE,MAAM,CAAA;KACjB,GAAG,OAAO,CAAC;QACV,IAAI,EAAE,YAAY,CAAA;QAClB,WAAW,EAAE,QAAQ,CAAC,eAAe,GAAG,IAAI,CAAA;QAC5C,aAAa,EAAE,OAAO,CAAA;KACvB,CAAC;IA8CI,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO;IAIhE,gBAAgB,CAAC,GAAG,EAAE,MAAM;;;;;IAI5B,qBAAqB,CACzB,GAAG,EAAE,MAAM,EACX,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,OAAO,CAAC;IAIb,iBAAiB,CACrB,GAAG,EAAE,MAAM,EACX,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,QAAQ,CAAC,eAAe,GAAG,IAAI,CAAC;IAIrC,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM;IAY3C,uBAAuB,CAAC,IAAI,EAAE,MAAM;IAIpC,iBAAiB,CACrB,QAAQ,EAAE;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,EAAE,CAAA;KAAE,EAAE,EAChD,QAAQ,EAAE,MAAM;IAKZ,wBAAwB,CAC5B,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,MAAM,EAAE,EACf,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,CAAC,GAAG,CAAC;IAWX,sBAAsB,CAAC,GAAG,EAAE,MAAM;IAKlC,uBAAuB,CAAC,IAAI,EAAE,MAAM,EAAE;IAItC,uBAAuB,CAAC,IAAI,EAAE,MAAM,EAAE;IAItC,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE;;;;IAIlC,yBAAyB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO;IAIxD,kBAAkB,CAAC,IAAI,EAAE;QAAE,KAAK,EAAE,MAAM,EAAE,CAAC;QAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;KAAE;IAOhE,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB;IAIxD,qBAAqB,CACzB,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,iBAAiB,EAC1B,KAAK,EAAE,MAAM;IAKT,+BAA+B,CACnC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,iBAAiB,EAC1B,KAAK,EAAE,MAAM;IAMT,YAAY,CAAC,IAAI,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE;IAYjD,WAAW,CAAC,IAAI,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE;IAUhD,aAAa,CAAC,IAAI,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE;IASvD,qBAAqB,CAAC,IAAI,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE;CAWpE"}
1
+ {"version":3,"file":"account-manager.d.ts","sourceRoot":"","sources":["../../src/account-manager/account-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AACvC,OAAO,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAA;AAEtC,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAW9C,OAAO,EAAE,UAAU,EAAE,MAAM,yCAAyC,CAAA;AACpE,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAsB,MAAM,MAAM,CAAA;AACvE,OAAO,KAAK,OAAO,MAAM,mBAAmB,CAAA;AAC5C,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAA;AAG/D,OAAO,KAAK,MAAM,MAAM,kBAAkB,CAAA;AAC1C,OAAO,KAAK,QAAQ,MAAM,oBAAoB,CAAA;AAK9C,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAA;AAEtE,MAAM,MAAM,sBAAsB,GAAG;IACnC,YAAY,EAAE,MAAM,CAAA;IACpB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,qBAAa,cAAc;IAIvB,QAAQ,CAAC,UAAU,EAAE,UAAU;IAC/B,QAAQ,CAAC,MAAM,EAAE,SAAS;IAC1B,QAAQ,CAAC,UAAU,EAAE,MAAM;IAC3B,QAAQ,CAAC,oBAAoB,EAAE,MAAM,EAAE;IANzC,QAAQ,CAAC,EAAE,EAAE,SAAS,CAAA;gBAGX,UAAU,EAAE,UAAU,EACtB,MAAM,EAAE,SAAS,EACjB,UAAU,EAAE,MAAM,EAClB,oBAAoB,EAAE,MAAM,EAAE,EACvC,EAAE,EAAE,sBAAsB;IAKtB,cAAc;IAKpB,KAAK;IAOC,UAAU,CACd,WAAW,EAAE,MAAM,EACnB,KAAK,CAAC,EAAE,OAAO,CAAC,iBAAiB,GAChC,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC;IAIzB,WAAW,CACf,IAAI,EAAE,MAAM,EAAE,EACd,KAAK,CAAC,EAAE,OAAO,CAAC,iBAAiB,GAChC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;IAI/B,iBAAiB,CACrB,KAAK,EAAE,MAAM,EACb,KAAK,CAAC,EAAE,OAAO,CAAC,iBAAiB,GAChC,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC;IAIzB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAMjD,cAAc,CAClB,WAAW,EAAE,MAAM,EACnB,KAAK,CAAC,EAAE,OAAO,CAAC,iBAAiB,GAChC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAKnB,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAU7D,0BAA0B,CAC9B,MAAM,EAAE,MAAM,EACd,EACE,GAAG,EACH,aAAa,GACd,GAAE;QACD,GAAG,CAAC,EAAE,MAAM,CAAA;QACZ,aAAa,CAAC,EAAE,OAAO,CAAA;KACnB,GACL,OAAO,CAAC,MAAM,CAAC;IAyCZ,aAAa,CAAC,EAClB,GAAG,EACH,MAAM,EACN,KAAK,EACL,QAAQ,EACR,OAAO,EACP,OAAO,EACP,UAAU,EACV,WAAW,EACX,UAAU,GACX,EAAE;QACD,GAAG,EAAE,MAAM,CAAA;QACX,MAAM,EAAE,MAAM,CAAA;QACd,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,QAAQ,CAAC,EAAE,MAAM,CAAA;QACjB,OAAO,EAAE,GAAG,CAAA;QACZ,OAAO,EAAE,MAAM,CAAA;QACf,UAAU,CAAC,EAAE,MAAM,CAAA;QACnB,WAAW,CAAC,EAAE,OAAO,CAAA;QACrB,UAAU,CAAC,EAAE,MAAM,CAAA;KACpB;IAmCK,uBAAuB,CAAC,IAAI,EAAE;QAClC,GAAG,EAAE,MAAM,CAAA;QACX,MAAM,EAAE,MAAM,CAAA;QACd,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,QAAQ,CAAC,EAAE,MAAM,CAAA;QACjB,OAAO,EAAE,GAAG,CAAA;QACZ,OAAO,EAAE,MAAM,CAAA;QACf,UAAU,CAAC,EAAE,MAAM,CAAA;QACnB,WAAW,CAAC,EAAE,OAAO,CAAA;KACtB;;;;IAeK,YAAY,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAIxC,aAAa,CAAC,GAAG,EAAE,MAAM;IAIzB,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU;IAUjD,qBAAqB,CAAC,GAAG,EAAE,MAAM;;;;IAIjC,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM;IAIjD,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,IAAI;IAIzD,eAAe,CAAC,GAAG,EAAE,MAAM;IAO3B,aAAa,CACjB,GAAG,EAAE,MAAM,EACX,WAAW,EAAE,QAAQ,CAAC,eAAe,GAAG,IAAI,EAC5C,aAAa,UAAQ;;;;IAgBjB,kBAAkB,CAAC,EAAE,EAAE,MAAM;IAwD7B,kBAAkB,CAAC,EAAE,EAAE,MAAM;IAO7B,KAAK,CAAC,EACV,UAAU,EACV,QAAQ,GACT,EAAE;QACD,UAAU,EAAE,MAAM,CAAA;QAClB,QAAQ,EAAE,MAAM,CAAA;KACjB,GAAG,OAAO,CAAC;QACV,IAAI,EAAE,YAAY,CAAA;QAClB,WAAW,EAAE,QAAQ,CAAC,eAAe,GAAG,IAAI,CAAA;QAC5C,aAAa,EAAE,OAAO,CAAA;KACvB,CAAC;IA8CI,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO;IAIhE,gBAAgB,CAAC,GAAG,EAAE,MAAM;;;;;IAI5B,qBAAqB,CACzB,GAAG,EAAE,MAAM,EACX,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,OAAO,CAAC;IAIb,iBAAiB,CACrB,GAAG,EAAE,MAAM,EACX,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,QAAQ,CAAC,eAAe,GAAG,IAAI,CAAC;IAIrC,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM;IAY3C,uBAAuB,CAAC,IAAI,EAAE,MAAM;IAIpC,iBAAiB,CACrB,QAAQ,EAAE;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,EAAE,CAAA;KAAE,EAAE,EAChD,QAAQ,EAAE,MAAM;IAKZ,wBAAwB,CAC5B,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,MAAM,EAAE,EACf,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,CAAC,GAAG,CAAC;IAWX,sBAAsB,CAAC,GAAG,EAAE,MAAM;IAKlC,uBAAuB,CAAC,IAAI,EAAE,MAAM,EAAE;IAItC,uBAAuB,CAAC,IAAI,EAAE,MAAM,EAAE;IAItC,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE;;;;IAIlC,yBAAyB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO;IAIxD,kBAAkB,CAAC,IAAI,EAAE;QAAE,KAAK,EAAE,MAAM,EAAE,CAAC;QAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;KAAE;IAOhE,gBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB;IAIxD,qBAAqB,CACzB,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,iBAAiB,EAC1B,KAAK,EAAE,MAAM;IAKT,+BAA+B,CACnC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,iBAAiB,EAC1B,KAAK,EAAE,MAAM;IAMT,YAAY,CAAC,IAAI,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE;IAYjD,WAAW,CAAC,IAAI,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE;IAUhD,aAAa,CAAC,IAAI,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE;IAWvD,qBAAqB,CAAC,IAAI,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE;CAWpE"}
package/dist/account-manager/account-manager.js CHANGED
@@ -399,6 +399,7 @@ class AccountManager {
399
399
  async resetPassword(opts) {
400
400
  const did = await emailToken.assertValidTokenAndFindDid(this.db, 'reset_password', opts.token);
401
401
  await this.updateAccountPassword({ did, password: opts.password });
402
+ return did;
402
403
  }
403
404
  async updateAccountPassword(opts) {
404
405
  const { did } = opts;
package/dist/account-manager/account-manager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"account-manager.js","sourceRoot":"","sources":["../../src/account-manager/account-manager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,4CAA4C;AAE5C,4CAA4C;AAC5C,sDAA6E;AAC7E,8CAAyC;AACzC,8BAAmC;AACnC,6DAA0D;AAC1D,2CAIwB;AAExB,6BAAuE;AACvE,2DAA4C;AAC5C,+CAA+D;AAC/D,qDAAsC;AACtC,kEAAmD;AACnD,yDAA0C;AAC1C,6DAA8C;AAC9C,qDAAsC;AACtC,yDAA0C;AAC1C,uDAAwC;AAExC,6CAAsE;AAA7D,wGAAA,aAAa,OAAA;AAAE,8GAAA,mBAAmB,OAAA;AAO3C,MAAa,cAAc;IAGzB,YACW,UAAsB,EACtB,MAAiB,EACjB,UAAkB,EAClB,oBAA8B,EACvC,EAA0B;QAJ1B;;;;mBAAS,UAAU;WAAY;QAC/B;;;;mBAAS,MAAM;WAAW;QAC1B;;;;mBAAS,UAAU;WAAQ;QAC3B;;;;mBAAS,oBAAoB;WAAU;QANhC;;;;;WAAa;QASpB,IAAI,CAAC,EAAE,GAAG,IAAA,UAAK,EAAC,EAAE,CAAC,YAAY,EAAE,EAAE,CAAC,wBAAwB,CAAC,CAAA;IAC/D,CAAC;IAED,KAAK,CAAC,cAAc;QAClB,MAAM,IAAI,CAAC,EAAE,CAAC,SAAS,EAAE,CAAA;QACzB,MAAM,IAAA,gBAAW,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,sBAAsB,EAAE,CAAA;IACrD,CAAC;IAED,KAAK;QACH,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAA;IACjB,CAAC;IAED,UAAU;IACV,aAAa;IAEb,KAAK,CAAC,UAAU,CACd,WAAmB,EACnB,KAAiC;QAEjC,OAAO,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,WAAW,EAAE,KAAK,CAAC,CAAA;IACxD,CAAC;IAED,KAAK,CAAC,WAAW,CACf,IAAc,EACd,KAAiC;QAEjC,OAAO,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,CAAA;IAClD,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,KAAa,EACb,KAAiC;QAEjC,OAAO,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,CAAA;IACzD,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,GAAW;QAClC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC,CAAA;QACxE,IAAI,CAAC,OAAO;YAAE,OAAO,KAAK,CAAA;QAC1B,OAAO,CAAC,OAAO,CAAC,aAAa,CAAA;IAC/B,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,WAAmB,EACnB,KAAiC;QAEjC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE,KAAK,CAAC,CAAA;QACrD,OAAO,GAAG,EAAE,GAAG,IAAI,IAAI,CAAA;IACzB,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,WAAmB;QACxC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE;YAC7C,kBAAkB,EAAE,IAAI;YACxB,gBAAgB,EAAE,IAAI;SACvB,CAAC,CAAA;QAEF,MAAM,GAAG,GAAG,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAA;QAC5C,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,uBAAa,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAA;IACvD,CAAC;IAED,KAAK,CAAC,0BAA0B,CAC9B,MAAc,EACd,EACE,GAAG,EACH,aAAa,MAIX,EAAE;QAEN,MAAM,UAAU,GAAG,IAAA,gCAAwB,EAAC,MAAM,CAAC,CAAA;QAEnD,iBAAiB;QACjB,IAAI,CAAC,IAAA,mBAAU,EAAC,UAAU,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,iCAAmB,CAC3B,qCAAqC,EACrC,eAAe,CAChB,CAAA;QACH,CAAC;QACD,aAAa;QACb,IAAI,CAAC,aAAa,IAAI,IAAA,gCAAe,EAAC,UAAU,CAAC,EAAE,CAAC;YAClD,MAAM,IAAI,iCAAmB,CAC3B,kCAAkC,EAClC,eAAe,CAChB,CAAA;QACH,CAAC;QACD,IAAI,IAAA,uBAAe,EAAC,UAAU,EAAE,IAAI,CAAC,oBAAoB,CAAC,EAAE,CAAC;YAC3D,yCAAyC;YACzC,IAAA,sCAA8B,EAC5B,UAAU,EACV,IAAI,CAAC,oBAAoB,EACzB,aAAa,CACd,CAAA;QACH,CAAC;aAAM,CAAC;YACN,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;gBAChB,MAAM,IAAI,iCAAmB,CAC3B,+BAA+B,EAC/B,mBAAmB,CACpB,CAAA;YACH,CAAC;YACD,4CAA4C;YAC5C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;YACpE,IAAI,WAAW,KAAK,GAAG,EAAE,CAAC;gBACxB,MAAM,IAAI,iCAAmB,CAAC,wCAAwC,CAAC,CAAA;YACzE,CAAC;QACH,CAAC;QAED,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,EAClB,GAAG,EACH,MAAM,EACN,KAAK,EACL,QAAQ,EACR,OAAO,EACP,OAAO,EACP,UAAU,EACV,WAAW,EACX,UAAU,GAWX;QACC,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC,uBAAuB,EAAE,CAAC;YACjE,MAAM,IAAI,iCAAmB,CAAC,mBAAmB,CAAC,CAAA;QACpD,CAAC;QAED,MAAM,cAAc,GAAG,QAAQ;YAC7B,CAAC,CAAC,MAAM,MAAM,CAAC,cAAc,CAAC,QAAQ,CAAC;YACvC,CAAC,CAAC,SAAS,CAAA;QAEb,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;QACpC,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACxC,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,MAAM,CAAC,uBAAuB,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;YACzD,CAAC;YACD,MAAM,OAAO,CAAC,GAAG,CAAC;gBAChB,OAAO,CAAC,aAAa,CAAC,KAAK,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;gBAC1D,KAAK,IAAI,cAAc;oBACrB,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC;oBAChE,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE;gBACrB,MAAM,CAAC,eAAe,CAAC,KAAK,EAAE;oBAC5B,GAAG;oBACH,UAAU;oBACV,GAAG;iBACJ,CAAC;gBACF,UAAU;oBACR,IAAI,CAAC,iBAAiB,CACpB,KAAK,EACL,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,EACnC,IAAI,CACL;gBACH,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,CAAC;aAC9C,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,IAS7B;QACC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC;YACxD,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,KAAK,EAAE,sBAAS,CAAC,MAAM;SACxB,CAAC,CAAA;QAEF,MAAM,IAAI,CAAC,aAAa,CAAC,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,CAAC,CAAA;QAEjD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,CAAA;IAClC,CAAC;IAED,yDAAyD;IACzD,0EAA0E;IAC1E,KAAK,CAAC,YAAY,CAAC,GAAW,EAAE,MAAc;QAC5C,OAAO,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,CAAC,CAAA;IACnD,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,GAAW;QAC7B,OAAO,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAA;IAC5C,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,GAAW,EAAE,QAAoB;QACrD,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE,CACxC,OAAO,CAAC,GAAG,CAAC;YACV,OAAO,CAAC,2BAA2B,CAAC,KAAK,EAAE,GAAG,EAAE,QAAQ,CAAC;YACzD,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,GAAG,CAAC;YACzC,KAAK,CAAC,aAAa,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,EAAE;SAC1C,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,GAAW;QACrC,OAAO,OAAO,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAA;IACpD,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,GAAW,EAAE,GAAQ,EAAE,GAAW;QACrD,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,GAAW,EAAE,WAA0B;QAC7D,OAAO,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,WAAW,CAAC,CAAA;IAC7D,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,GAAW;QAC/B,OAAO,OAAO,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAA;IAC9C,CAAC;IAED,OAAO;IACP,aAAa;IAEb,KAAK,CAAC,aAAa,CACjB,GAAW,EACX,WAA4C,EAC5C,aAAa,GAAG,KAAK;QAErB,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC;YACxD,GAAG;YACH,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,aAAa,CAAC;SACpD,CAAC,CAAA;QACF,mFAAmF;QACnF,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,cAAc,GAAG,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAA;YAC1D,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,cAAc,EAAE,WAAW,CAAC,CAAA;QACpE,CAAC;QACD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,CAAA;IAClC,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,EAAU;QACjC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QACrD,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAA;QAEvB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;QAEtB,yDAAyD;QACzD,mEAAmE;QACnE,MAAM,IAAI,CAAC,0BAA0B,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,WAAW,EAAE,CAAC,CAAA;QAE5E,mDAAmD;QACnD,2DAA2D;QAC3D,MAAM,aAAa,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QAC/C,MAAM,gBAAgB,GAAG,CAAC,GAAG,aAAI,CAAA;QACjC,MAAM,cAAc,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,gBAAgB,CAAC,CAAA;QAEjE,MAAM,SAAS,GACb,cAAc,GAAG,aAAa,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,aAAa,CAAA;QAEjE,IAAI,SAAS,IAAI,GAAG,EAAE,CAAC;YACrB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,0DAA0D;QAC1D,6DAA6D;QAC7D,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAA;QAEvD,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC;YACxD,GAAG,EAAE,KAAK,CAAC,GAAG;YACd,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,WAAW,CAAC;YAC1C,GAAG,EAAE,MAAM;SACZ,CAAC,CAAA;QAEF,MAAM,cAAc,GAAG,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAA;QAC1D,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,KAAK,EAAE,EAAE,CAClC,OAAO,CAAC,GAAG,CAAC;gBACV,IAAI,CAAC,qBAAqB,CAAC,KAAK,EAAE;oBAChC,EAAE;oBACF,SAAS,EAAE,SAAS,CAAC,WAAW,EAAE;oBAClC,MAAM;iBACP,CAAC;gBACF,IAAI,CAAC,iBAAiB,CAAC,KAAK,EAAE,cAAc,EAAE,KAAK,CAAC,WAAW,CAAC;aACjE,CAAC,CACH,CAAA;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBAC/C,OAAO,IAAI,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAA;YACpC,CAAC;YACD,MAAM,GAAG,CAAA;QACX,CAAC;QACD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,CAAA;IAClC,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,EAAU;QACjC,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;IAC7C,CAAC;IAED,QAAQ;IACR,aAAa;IAEb,KAAK,CAAC,KAAK,CAAC,EACV,UAAU,EACV,QAAQ,GAIT;QAKC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QACxB,IAAI,CAAC;YACH,MAAM,oBAAoB,GAAG,UAAU,CAAC,WAAW,EAAE,CAAA;YAErD,MAAM,IAAI,GAAG,oBAAoB,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAC7C,CAAC,CAAC,MAAM,IAAI,CAAC,iBAAiB,CAAC,oBAAoB,EAAE;oBACjD,kBAAkB,EAAE,IAAI;oBACxB,gBAAgB,EAAE,IAAI;iBACvB,CAAC;gBACJ,CAAC,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,EAAE;oBAC1C,kBAAkB,EAAE,IAAI;oBACxB,gBAAgB,EAAE,IAAI;iBACvB,CAAC,CAAA;YAEN,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,+BAAiB,CAAC,gCAAgC,CAAC,CAAA;YAC/D,CAAC;YACD,MAAM,aAAa,GAAG,IAAA,gBAAW,EAAC,IAAI,CAAC,CAAA;YAEvC,IAAI,WAAW,GAAoC,IAAI,CAAA;YACvD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,qBAAqB,CACvD,IAAI,CAAC,GAAG,EACR,QAAQ,CACT,CAAA;YACD,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,8DAA8D;gBAC9D,IAAI,aAAa,EAAE,CAAC;oBAClB,MAAM,IAAI,+BAAiB,CAAC,gCAAgC,CAAC,CAAA;gBAC/D,CAAC;gBACD,WAAW,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;gBAC9D,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;oBACzB,MAAM,IAAI,+BAAiB,CAAC,gCAAgC,CAAC,CAAA;gBAC/D,CAAC;YACH,CAAC;YAED,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,aAAa,EAAE,CAAA;QAC7C,CAAC;gBAAS,CAAC;YACT,0BAA0B;YAC1B,MAAM,IAAA,aAAI,EAAC,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC,CAAA;QACxC,CAAC;IACH,CAAC;IAED,YAAY;IACZ,aAAa;IAEb,KAAK,CAAC,iBAAiB,CAAC,GAAW,EAAE,IAAY,EAAE,UAAmB;QACpE,OAAO,QAAQ,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,UAAU,CAAC,CAAA;IACnE,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,GAAW;QAChC,OAAO,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,GAAW,EACX,WAAmB;QAEnB,OAAO,QAAQ,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,WAAW,CAAC,CAAA;IAClE,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,GAAW,EACX,WAAmB;QAEnB,OAAO,QAAQ,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,WAAW,CAAC,CAAA;IAC9D,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,GAAW,EAAE,IAAY;QAC/C,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE,CACxC,OAAO,CAAC,GAAG,CAAC;YACV,QAAQ,CAAC,iBAAiB,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC;YAC5C,IAAI,CAAC,6BAA6B,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC;SACrD,CAAC,CACH,CAAA;IACH,CAAC;IAED,UAAU;IACV,aAAa;IAEb,KAAK,CAAC,uBAAuB,CAAC,IAAY;QACxC,OAAO,MAAM,CAAC,uBAAuB,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;IACtD,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,QAAgD,EAChD,QAAgB;QAEhB,OAAO,MAAM,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAA;IAC9D,CAAC;IAED,KAAK,CAAC,wBAAwB,CAC5B,UAAkB,EAClB,KAAe,EACf,aAAqB,EACrB,QAAe;QAEf,OAAO,MAAM,CAAC,wBAAwB,CACpC,IAAI,CAAC,EAAE,EACP,UAAU,EACV,KAAK,EACL,aAAa,EACb,QAAQ,CACT,CAAA;IACH,CAAC;IAED,KAAK,CAAC,sBAAsB,CAAC,GAAW;QACtC,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAA;QACvE,OAAO,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAA;IACnC,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,IAAc;QAC1C,OAAO,MAAM,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;IACrD,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,IAAc;QAC1C,OAAO,MAAM,CAAC,uBAAuB,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;IACtD,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,KAAe;QACtC,OAAO,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,CAAC,CAAA;IAClD,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,GAAW,EAAE,QAAiB;QAC5D,OAAO,MAAM,CAAC,yBAAyB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAA;IACjE,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,IAA6C;QACpE,OAAO,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;IACjD,CAAC;IAED,eAAe;IACf,aAAa;IAEb,KAAK,CAAC,gBAAgB,CAAC,GAAW,EAAE,OAA0B;QAC5D,OAAO,UAAU,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,CAAA;IAC3D,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,GAAW,EACX,OAA0B,EAC1B,KAAa;QAEb,OAAO,UAAU,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,CAAC,CAAA;IAClE,CAAC;IAED,KAAK,CAAC,+BAA+B,CACnC,GAAW,EACX,OAA0B,EAC1B,KAAa;QAEb,MAAM,UAAU,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,CAAC,CAAA;QAC/D,MAAM,UAAU,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,CAAA;IAC1D,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,IAAoC;QACrD,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,IAAI,CAAA;QAC3B,MAAM,UAAU,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,eAAe,EAAE,KAAK,CAAC,CAAA;QACvE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;QACpC,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,KAAK,EAAE,EAAE,CAClC,OAAO,CAAC,GAAG,CAAC;YACV,UAAU,CAAC,gBAAgB,CAAC,KAAK,EAAE,GAAG,EAAE,eAAe,CAAC;YACxD,OAAO,CAAC,mBAAmB,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SAC7C,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,IAAoC;QACpD,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,IAAI,CAAA;QAC3B,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,KAAK,EAAE,EAAE,CAClC,OAAO,CAAC,GAAG,CAAC;YACV,OAAO,CAAC,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,KAAK,CAAC;YACtC,UAAU,CAAC,oBAAoB,CAAC,KAAK,EAAE,GAAG,CAAC;SAC5C,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,IAAyC;QAC3D,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,0BAA0B,CACrD,IAAI,CAAC,EAAE,EACP,gBAAgB,EAChB,IAAI,CAAC,KAAK,CACX,CAAA;QACD,MAAM,IAAI,CAAC,qBAAqB,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAA;IACpE,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,IAAuC;QACjE,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA;QACpB,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACjE,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE,CACxC,OAAO,CAAC,GAAG,CAAC;YACV,QAAQ,CAAC,kBAAkB,CAAC,KAAK,EAAE,EAAE,GAAG,EAAE,cAAc,EAAE,CAAC;YAC3D,UAAU,CAAC,gBAAgB,CAAC,KAAK,EAAE,GAAG,EAAE,gBAAgB,CAAC;YACzD,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,GAAG,CAAC;SAC1C,CAAC,CACH,CAAA;IACH,CAAC;CACF;AA7gBD,wCA6gBC","sourcesContent":["import { KeyObject } from 'node:crypto'\nimport { CID } from 'multiformats/cid'\nimport { HOUR, wait } from '@atproto/common'\nimport { IdResolver } from '@atproto/identity'\nimport { isValidTld } from '@atproto/syntax'\nimport { AuthRequiredError, InvalidRequestError } from '@atproto/xrpc-server'\nimport { AuthScope } from '../auth-scope'\nimport { softDeleted } from '../db'\nimport { hasExplicitSlur } from '../handle/explicit-slurs'\nimport {\n baseNormalizeAndValidate,\n ensureHandleServiceConstraints,\n isServiceDomain,\n} from '../handle/index'\nimport { StatusAttr } from '../lexicon/types/com/atproto/admin/defs'\nimport { AccountDb, EmailTokenPurpose, getDb, getMigrator } from './db'\nimport * as account from './helpers/account'\nimport { AccountStatus, ActorAccount } from './helpers/account'\nimport * as auth from './helpers/auth'\nimport * as emailToken from './helpers/email-token'\nimport * as invite from './helpers/invite'\nimport * as password from './helpers/password'\nimport * as repo from './helpers/repo'\nimport * as scrypt from './helpers/scrypt'\nimport * as token from './helpers/token'\n\nexport { AccountStatus, formatAccountStatus } from './helpers/account'\n\nexport type AccountManagerDbConfig = {\n accountDbLoc: string\n disableWalAutoCheckpoint: boolean\n}\n\nexport class AccountManager {\n readonly db: AccountDb\n\n constructor(\n readonly idResolver: IdResolver,\n readonly jwtKey: KeyObject,\n readonly serviceDid: string,\n readonly serviceHandleDomains: string[],\n db: AccountManagerDbConfig,\n ) {\n this.db = getDb(db.accountDbLoc, db.disableWalAutoCheckpoint)\n }\n\n async migrateOrThrow() {\n await this.db.ensureWal()\n await getMigrator(this.db).migrateToLatestOrThrow()\n }\n\n close() {\n this.db.close()\n }\n\n // Account\n // ----------\n\n async getAccount(\n handleOrDid: string,\n flags?: account.AvailabilityFlags,\n ): Promise<ActorAccount | null> {\n return account.getAccount(this.db, handleOrDid, flags)\n }\n\n async getAccounts(\n dids: string[],\n flags?: account.AvailabilityFlags,\n ): Promise<Map<string, ActorAccount>> {\n return account.getAccounts(this.db, dids, flags)\n }\n\n async getAccountByEmail(\n email: string,\n flags?: account.AvailabilityFlags,\n ): Promise<ActorAccount | null> {\n return account.getAccountByEmail(this.db, email, flags)\n }\n\n async isAccountActivated(did: string): Promise<boolean> {\n const account = await this.getAccount(did, { includeDeactivated: true })\n if (!account) return false\n return !account.deactivatedAt\n }\n\n async getDidForActor(\n handleOrDid: string,\n flags?: account.AvailabilityFlags,\n ): Promise<string | null> {\n const got = await this.getAccount(handleOrDid, flags)\n return got?.did ?? null\n }\n\n async getAccountStatus(handleOrDid: string): Promise<AccountStatus> {\n const got = await this.getAccount(handleOrDid, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n\n const res = account.formatAccountStatus(got)\n return res.active ? AccountStatus.Active : res.status\n }\n\n async normalizeAndValidateHandle(\n handle: string,\n {\n did,\n allowAnyValid,\n }: {\n did?: string\n allowAnyValid?: boolean\n } = {},\n ): Promise<string> {\n const normalized = baseNormalizeAndValidate(handle)\n\n // tld validation\n if (!isValidTld(normalized)) {\n throw new InvalidRequestError(\n 'Handle TLD is invalid or disallowed',\n 'InvalidHandle',\n )\n }\n // slur check\n if (!allowAnyValid && hasExplicitSlur(normalized)) {\n throw new InvalidRequestError(\n 'Inappropriate language in handle',\n 'InvalidHandle',\n )\n }\n if (isServiceDomain(normalized, this.serviceHandleDomains)) {\n // verify constraints on a service domain\n ensureHandleServiceConstraints(\n normalized,\n this.serviceHandleDomains,\n allowAnyValid,\n )\n } else {\n if (did == null) {\n throw new InvalidRequestError(\n 'Not a supported handle domain',\n 'UnsupportedDomain',\n )\n }\n // verify resolution of a non-service domain\n const resolvedDid = await this.idResolver.handle.resolve(normalized)\n if (resolvedDid !== did) {\n throw new InvalidRequestError('External handle did not resolve to DID')\n }\n }\n\n return normalized\n }\n\n async createAccount({\n did,\n handle,\n email,\n password,\n repoCid,\n repoRev,\n inviteCode,\n deactivated,\n refreshJwt,\n }: {\n did: string\n handle: string\n email?: string\n password?: string\n repoCid: CID\n repoRev: string\n inviteCode?: string\n deactivated?: boolean\n refreshJwt?: string\n }) {\n if (password && password.length > scrypt.NEW_PASSWORD_MAX_LENGTH) {\n throw new InvalidRequestError('Password too long')\n }\n\n const passwordScrypt = password\n ? await scrypt.genSaltAndHash(password)\n : undefined\n\n const now = new Date().toISOString()\n await this.db.transaction(async (dbTxn) => {\n if (inviteCode) {\n await invite.ensureInviteIsAvailable(dbTxn, inviteCode)\n }\n await Promise.all([\n account.registerActor(dbTxn, { did, handle, deactivated }),\n email && passwordScrypt\n ? account.registerAccount(dbTxn, { did, email, passwordScrypt })\n : Promise.resolve(),\n invite.recordInviteUse(dbTxn, {\n did,\n inviteCode,\n now,\n }),\n refreshJwt &&\n auth.storeRefreshToken(\n dbTxn,\n auth.decodeRefreshToken(refreshJwt),\n null,\n ),\n repo.updateRoot(dbTxn, did, repoCid, repoRev),\n ])\n })\n }\n\n async createAccountAndSession(opts: {\n did: string\n handle: string\n email?: string\n password?: string\n repoCid: CID\n repoRev: string\n inviteCode?: string\n deactivated?: boolean\n }) {\n const { accessJwt, refreshJwt } = await auth.createTokens({\n did: opts.did,\n jwtKey: this.jwtKey,\n serviceDid: this.serviceDid,\n scope: AuthScope.Access,\n })\n\n await this.createAccount({ ...opts, refreshJwt })\n\n return { accessJwt, refreshJwt }\n }\n\n // @NOTE should always be paired with a sequenceHandle().\n // the token output from this method should be passed to sequenceHandle().\n async updateHandle(did: string, handle: string) {\n return account.updateHandle(this.db, did, handle)\n }\n\n async deleteAccount(did: string) {\n return account.deleteAccount(this.db, did)\n }\n\n async takedownAccount(did: string, takedown: StatusAttr) {\n await this.db.transaction(async (dbTxn) =>\n Promise.all([\n account.updateAccountTakedownStatus(dbTxn, did, takedown),\n auth.revokeRefreshTokensByDid(dbTxn, did),\n token.removeByDidQB(dbTxn, did).execute(),\n ]),\n )\n }\n\n async getAccountAdminStatus(did: string) {\n return account.getAccountAdminStatus(this.db, did)\n }\n\n async updateRepoRoot(did: string, cid: CID, rev: string) {\n return repo.updateRoot(this.db, did, cid, rev)\n }\n\n async deactivateAccount(did: string, deleteAfter: string | null) {\n return account.deactivateAccount(this.db, did, deleteAfter)\n }\n\n async activateAccount(did: string) {\n return account.activateAccount(this.db, did)\n }\n\n // Auth\n // ----------\n\n async createSession(\n did: string,\n appPassword: password.AppPassDescript | null,\n isSoftDeleted = false,\n ) {\n const { accessJwt, refreshJwt } = await auth.createTokens({\n did,\n jwtKey: this.jwtKey,\n serviceDid: this.serviceDid,\n scope: auth.formatScope(appPassword, isSoftDeleted),\n })\n // For soft deleted accounts don't store refresh token so that it can't be rotated.\n if (!isSoftDeleted) {\n const refreshPayload = auth.decodeRefreshToken(refreshJwt)\n await auth.storeRefreshToken(this.db, refreshPayload, appPassword)\n }\n return { accessJwt, refreshJwt }\n }\n\n async rotateRefreshToken(id: string) {\n const token = await auth.getRefreshToken(this.db, id)\n if (!token) return null\n\n const now = new Date()\n\n // take the chance to tidy all of a user's expired tokens\n // does not need to be transactional since this is just best-effort\n await auth.deleteExpiredRefreshTokens(this.db, token.did, now.toISOString())\n\n // Shorten the refresh token lifespan down from its\n // original expiration time to its revocation grace period.\n const prevExpiresAt = new Date(token.expiresAt)\n const REFRESH_GRACE_MS = 2 * HOUR\n const graceExpiresAt = new Date(now.getTime() + REFRESH_GRACE_MS)\n\n const expiresAt =\n graceExpiresAt < prevExpiresAt ? graceExpiresAt : prevExpiresAt\n\n if (expiresAt <= now) {\n return null\n }\n\n // Determine the next refresh token id: upon refresh token\n // reuse you always receive a refresh token with the same id.\n const nextId = token.nextId ?? auth.getRefreshTokenId()\n\n const { accessJwt, refreshJwt } = await auth.createTokens({\n did: token.did,\n jwtKey: this.jwtKey,\n serviceDid: this.serviceDid,\n scope: auth.formatScope(token.appPassword),\n jti: nextId,\n })\n\n const refreshPayload = auth.decodeRefreshToken(refreshJwt)\n try {\n await this.db.transaction((dbTxn) =>\n Promise.all([\n auth.addRefreshGracePeriod(dbTxn, {\n id,\n expiresAt: expiresAt.toISOString(),\n nextId,\n }),\n auth.storeRefreshToken(dbTxn, refreshPayload, token.appPassword),\n ]),\n )\n } catch (err) {\n if (err instanceof auth.ConcurrentRefreshError) {\n return this.rotateRefreshToken(id)\n }\n throw err\n }\n return { accessJwt, refreshJwt }\n }\n\n async revokeRefreshToken(id: string) {\n return auth.revokeRefreshToken(this.db, id)\n }\n\n // Login\n // ----------\n\n async login({\n identifier,\n password,\n }: {\n identifier: string\n password: string\n }): Promise<{\n user: ActorAccount\n appPassword: password.AppPassDescript | null\n isSoftDeleted: boolean\n }> {\n const start = Date.now()\n try {\n const identifierNormalized = identifier.toLowerCase()\n\n const user = identifierNormalized.includes('@')\n ? await this.getAccountByEmail(identifierNormalized, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n : await this.getAccount(identifierNormalized, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n\n if (!user) {\n throw new AuthRequiredError('Invalid identifier or password')\n }\n const isSoftDeleted = softDeleted(user)\n\n let appPassword: password.AppPassDescript | null = null\n const validAccountPass = await this.verifyAccountPassword(\n user.did,\n password,\n )\n if (!validAccountPass) {\n // takendown/suspended accounts cannot login with app password\n if (isSoftDeleted) {\n throw new AuthRequiredError('Invalid identifier or password')\n }\n appPassword = await this.verifyAppPassword(user.did, password)\n if (appPassword === null) {\n throw new AuthRequiredError('Invalid identifier or password')\n }\n }\n\n return { user, appPassword, isSoftDeleted }\n } finally {\n // Mitigate timing attacks\n await wait(350 - (Date.now() - start))\n }\n }\n\n // Passwords\n // ----------\n\n async createAppPassword(did: string, name: string, privileged: boolean) {\n return password.createAppPassword(this.db, did, name, privileged)\n }\n\n async listAppPasswords(did: string) {\n return password.listAppPasswords(this.db, did)\n }\n\n async verifyAccountPassword(\n did: string,\n passwordStr: string,\n ): Promise<boolean> {\n return password.verifyAccountPassword(this.db, did, passwordStr)\n }\n\n async verifyAppPassword(\n did: string,\n passwordStr: string,\n ): Promise<password.AppPassDescript | null> {\n return password.verifyAppPassword(this.db, did, passwordStr)\n }\n\n async revokeAppPassword(did: string, name: string) {\n await this.db.transaction(async (dbTxn) =>\n Promise.all([\n password.deleteAppPassword(dbTxn, did, name),\n auth.revokeAppPasswordRefreshToken(dbTxn, did, name),\n ]),\n )\n }\n\n // Invites\n // ----------\n\n async ensureInviteIsAvailable(code: string) {\n return invite.ensureInviteIsAvailable(this.db, code)\n }\n\n async createInviteCodes(\n toCreate: { account: string; codes: string[] }[],\n useCount: number,\n ) {\n return invite.createInviteCodes(this.db, toCreate, useCount)\n }\n\n async createAccountInviteCodes(\n forAccount: string,\n codes: string[],\n expectedTotal: number,\n disabled: 0 | 1,\n ) {\n return invite.createAccountInviteCodes(\n this.db,\n forAccount,\n codes,\n expectedTotal,\n disabled,\n )\n }\n\n async getAccountInvitesCodes(did: string) {\n const inviteCodes = await invite.getAccountsInviteCodes(this.db, [did])\n return inviteCodes.get(did) ?? []\n }\n\n async getAccountsInvitesCodes(dids: string[]) {\n return invite.getAccountsInviteCodes(this.db, dids)\n }\n\n async getInvitedByForAccounts(dids: string[]) {\n return invite.getInvitedByForAccounts(this.db, dids)\n }\n\n async getInviteCodesUses(codes: string[]) {\n return invite.getInviteCodesUses(this.db, codes)\n }\n\n async setAccountInvitesDisabled(did: string, disabled: boolean) {\n return invite.setAccountInvitesDisabled(this.db, did, disabled)\n }\n\n async disableInviteCodes(opts: { codes: string[]; accounts: string[] }) {\n return invite.disableInviteCodes(this.db, opts)\n }\n\n // Email Tokens\n // ----------\n\n async createEmailToken(did: string, purpose: EmailTokenPurpose) {\n return emailToken.createEmailToken(this.db, did, purpose)\n }\n\n async assertValidEmailToken(\n did: string,\n purpose: EmailTokenPurpose,\n token: string,\n ) {\n return emailToken.assertValidToken(this.db, did, purpose, token)\n }\n\n async assertValidEmailTokenAndCleanup(\n did: string,\n purpose: EmailTokenPurpose,\n token: string,\n ) {\n await emailToken.assertValidToken(this.db, did, purpose, token)\n await emailToken.deleteEmailToken(this.db, did, purpose)\n }\n\n async confirmEmail(opts: { did: string; token: string }) {\n const { did, token } = opts\n await emailToken.assertValidToken(this.db, did, 'confirm_email', token)\n const now = new Date().toISOString()\n await this.db.transaction((dbTxn) =>\n Promise.all([\n emailToken.deleteEmailToken(dbTxn, did, 'confirm_email'),\n account.setEmailConfirmedAt(dbTxn, did, now),\n ]),\n )\n }\n\n async updateEmail(opts: { did: string; email: string }) {\n const { did, email } = opts\n await this.db.transaction((dbTxn) =>\n Promise.all([\n account.updateEmail(dbTxn, did, email),\n emailToken.deleteAllEmailTokens(dbTxn, did),\n ]),\n )\n }\n\n async resetPassword(opts: { password: string; token: string }) {\n const did = await emailToken.assertValidTokenAndFindDid(\n this.db,\n 'reset_password',\n opts.token,\n )\n await this.updateAccountPassword({ did, password: opts.password })\n }\n\n async updateAccountPassword(opts: { did: string; password: string }) {\n const { did } = opts\n const passwordScrypt = await scrypt.genSaltAndHash(opts.password)\n await this.db.transaction(async (dbTxn) =>\n Promise.all([\n password.updateUserPassword(dbTxn, { did, passwordScrypt }),\n emailToken.deleteEmailToken(dbTxn, did, 'reset_password'),\n auth.revokeRefreshTokensByDid(dbTxn, did),\n ]),\n )\n }\n}\n"]}
1
+ {"version":3,"file":"account-manager.js","sourceRoot":"","sources":["../../src/account-manager/account-manager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,4CAA4C;AAE5C,4CAA4C;AAC5C,sDAA6E;AAC7E,8CAAyC;AACzC,8BAAmC;AACnC,6DAA0D;AAC1D,2CAIwB;AAExB,6BAAuE;AACvE,2DAA4C;AAC5C,+CAA+D;AAC/D,qDAAsC;AACtC,kEAAmD;AACnD,yDAA0C;AAC1C,6DAA8C;AAC9C,qDAAsC;AACtC,yDAA0C;AAC1C,uDAAwC;AAExC,6CAAsE;AAA7D,wGAAA,aAAa,OAAA;AAAE,8GAAA,mBAAmB,OAAA;AAO3C,MAAa,cAAc;IAGzB,YACW,UAAsB,EACtB,MAAiB,EACjB,UAAkB,EAClB,oBAA8B,EACvC,EAA0B;QAJ1B;;;;mBAAS,UAAU;WAAY;QAC/B;;;;mBAAS,MAAM;WAAW;QAC1B;;;;mBAAS,UAAU;WAAQ;QAC3B;;;;mBAAS,oBAAoB;WAAU;QANhC;;;;;WAAa;QASpB,IAAI,CAAC,EAAE,GAAG,IAAA,UAAK,EAAC,EAAE,CAAC,YAAY,EAAE,EAAE,CAAC,wBAAwB,CAAC,CAAA;IAC/D,CAAC;IAED,KAAK,CAAC,cAAc;QAClB,MAAM,IAAI,CAAC,EAAE,CAAC,SAAS,EAAE,CAAA;QACzB,MAAM,IAAA,gBAAW,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,sBAAsB,EAAE,CAAA;IACrD,CAAC;IAED,KAAK;QACH,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAA;IACjB,CAAC;IAED,UAAU;IACV,aAAa;IAEb,KAAK,CAAC,UAAU,CACd,WAAmB,EACnB,KAAiC;QAEjC,OAAO,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,WAAW,EAAE,KAAK,CAAC,CAAA;IACxD,CAAC;IAED,KAAK,CAAC,WAAW,CACf,IAAc,EACd,KAAiC;QAEjC,OAAO,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,CAAA;IAClD,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,KAAa,EACb,KAAiC;QAEjC,OAAO,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,CAAA;IACzD,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,GAAW;QAClC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC,CAAA;QACxE,IAAI,CAAC,OAAO;YAAE,OAAO,KAAK,CAAA;QAC1B,OAAO,CAAC,OAAO,CAAC,aAAa,CAAA;IAC/B,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,WAAmB,EACnB,KAAiC;QAEjC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE,KAAK,CAAC,CAAA;QACrD,OAAO,GAAG,EAAE,GAAG,IAAI,IAAI,CAAA;IACzB,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,WAAmB;QACxC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE;YAC7C,kBAAkB,EAAE,IAAI;YACxB,gBAAgB,EAAE,IAAI;SACvB,CAAC,CAAA;QAEF,MAAM,GAAG,GAAG,OAAO,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAA;QAC5C,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,uBAAa,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAA;IACvD,CAAC;IAED,KAAK,CAAC,0BAA0B,CAC9B,MAAc,EACd,EACE,GAAG,EACH,aAAa,MAIX,EAAE;QAEN,MAAM,UAAU,GAAG,IAAA,gCAAwB,EAAC,MAAM,CAAC,CAAA;QAEnD,iBAAiB;QACjB,IAAI,CAAC,IAAA,mBAAU,EAAC,UAAU,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,iCAAmB,CAC3B,qCAAqC,EACrC,eAAe,CAChB,CAAA;QACH,CAAC;QACD,aAAa;QACb,IAAI,CAAC,aAAa,IAAI,IAAA,gCAAe,EAAC,UAAU,CAAC,EAAE,CAAC;YAClD,MAAM,IAAI,iCAAmB,CAC3B,kCAAkC,EAClC,eAAe,CAChB,CAAA;QACH,CAAC;QACD,IAAI,IAAA,uBAAe,EAAC,UAAU,EAAE,IAAI,CAAC,oBAAoB,CAAC,EAAE,CAAC;YAC3D,yCAAyC;YACzC,IAAA,sCAA8B,EAC5B,UAAU,EACV,IAAI,CAAC,oBAAoB,EACzB,aAAa,CACd,CAAA;QACH,CAAC;aAAM,CAAC;YACN,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;gBAChB,MAAM,IAAI,iCAAmB,CAC3B,+BAA+B,EAC/B,mBAAmB,CACpB,CAAA;YACH,CAAC;YACD,4CAA4C;YAC5C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;YACpE,IAAI,WAAW,KAAK,GAAG,EAAE,CAAC;gBACxB,MAAM,IAAI,iCAAmB,CAAC,wCAAwC,CAAC,CAAA;YACzE,CAAC;QACH,CAAC;QAED,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,EAClB,GAAG,EACH,MAAM,EACN,KAAK,EACL,QAAQ,EACR,OAAO,EACP,OAAO,EACP,UAAU,EACV,WAAW,EACX,UAAU,GAWX;QACC,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC,uBAAuB,EAAE,CAAC;YACjE,MAAM,IAAI,iCAAmB,CAAC,mBAAmB,CAAC,CAAA;QACpD,CAAC;QAED,MAAM,cAAc,GAAG,QAAQ;YAC7B,CAAC,CAAC,MAAM,MAAM,CAAC,cAAc,CAAC,QAAQ,CAAC;YACvC,CAAC,CAAC,SAAS,CAAA;QAEb,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;QACpC,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACxC,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,MAAM,CAAC,uBAAuB,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;YACzD,CAAC;YACD,MAAM,OAAO,CAAC,GAAG,CAAC;gBAChB,OAAO,CAAC,aAAa,CAAC,KAAK,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;gBAC1D,KAAK,IAAI,cAAc;oBACrB,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC;oBAChE,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE;gBACrB,MAAM,CAAC,eAAe,CAAC,KAAK,EAAE;oBAC5B,GAAG;oBACH,UAAU;oBACV,GAAG;iBACJ,CAAC;gBACF,UAAU;oBACR,IAAI,CAAC,iBAAiB,CACpB,KAAK,EACL,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,EACnC,IAAI,CACL;gBACH,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,CAAC;aAC9C,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,IAS7B;QACC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC;YACxD,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,KAAK,EAAE,sBAAS,CAAC,MAAM;SACxB,CAAC,CAAA;QAEF,MAAM,IAAI,CAAC,aAAa,CAAC,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,CAAC,CAAA;QAEjD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,CAAA;IAClC,CAAC;IAED,yDAAyD;IACzD,0EAA0E;IAC1E,KAAK,CAAC,YAAY,CAAC,GAAW,EAAE,MAAc;QAC5C,OAAO,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,CAAC,CAAA;IACnD,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,GAAW;QAC7B,OAAO,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAA;IAC5C,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,GAAW,EAAE,QAAoB;QACrD,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE,CACxC,OAAO,CAAC,GAAG,CAAC;YACV,OAAO,CAAC,2BAA2B,CAAC,KAAK,EAAE,GAAG,EAAE,QAAQ,CAAC;YACzD,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,GAAG,CAAC;YACzC,KAAK,CAAC,aAAa,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,EAAE;SAC1C,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,GAAW;QACrC,OAAO,OAAO,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAA;IACpD,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,GAAW,EAAE,GAAQ,EAAE,GAAW;QACrD,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,GAAW,EAAE,WAA0B;QAC7D,OAAO,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,WAAW,CAAC,CAAA;IAC7D,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,GAAW;QAC/B,OAAO,OAAO,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAA;IAC9C,CAAC;IAED,OAAO;IACP,aAAa;IAEb,KAAK,CAAC,aAAa,CACjB,GAAW,EACX,WAA4C,EAC5C,aAAa,GAAG,KAAK;QAErB,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC;YACxD,GAAG;YACH,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,aAAa,CAAC;SACpD,CAAC,CAAA;QACF,mFAAmF;QACnF,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,cAAc,GAAG,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAA;YAC1D,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,cAAc,EAAE,WAAW,CAAC,CAAA;QACpE,CAAC;QACD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,CAAA;IAClC,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,EAAU;QACjC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QACrD,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAA;QAEvB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;QAEtB,yDAAyD;QACzD,mEAAmE;QACnE,MAAM,IAAI,CAAC,0BAA0B,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,WAAW,EAAE,CAAC,CAAA;QAE5E,mDAAmD;QACnD,2DAA2D;QAC3D,MAAM,aAAa,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QAC/C,MAAM,gBAAgB,GAAG,CAAC,GAAG,aAAI,CAAA;QACjC,MAAM,cAAc,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,gBAAgB,CAAC,CAAA;QAEjE,MAAM,SAAS,GACb,cAAc,GAAG,aAAa,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,aAAa,CAAA;QAEjE,IAAI,SAAS,IAAI,GAAG,EAAE,CAAC;YACrB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,0DAA0D;QAC1D,6DAA6D;QAC7D,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAA;QAEvD,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC;YACxD,GAAG,EAAE,KAAK,CAAC,GAAG;YACd,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,WAAW,CAAC;YAC1C,GAAG,EAAE,MAAM;SACZ,CAAC,CAAA;QAEF,MAAM,cAAc,GAAG,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAA;QAC1D,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,KAAK,EAAE,EAAE,CAClC,OAAO,CAAC,GAAG,CAAC;gBACV,IAAI,CAAC,qBAAqB,CAAC,KAAK,EAAE;oBAChC,EAAE;oBACF,SAAS,EAAE,SAAS,CAAC,WAAW,EAAE;oBAClC,MAAM;iBACP,CAAC;gBACF,IAAI,CAAC,iBAAiB,CAAC,KAAK,EAAE,cAAc,EAAE,KAAK,CAAC,WAAW,CAAC;aACjE,CAAC,CACH,CAAA;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBAC/C,OAAO,IAAI,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAA;YACpC,CAAC;YACD,MAAM,GAAG,CAAA;QACX,CAAC;QACD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,CAAA;IAClC,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,EAAU;QACjC,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;IAC7C,CAAC;IAED,QAAQ;IACR,aAAa;IAEb,KAAK,CAAC,KAAK,CAAC,EACV,UAAU,EACV,QAAQ,GAIT;QAKC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QACxB,IAAI,CAAC;YACH,MAAM,oBAAoB,GAAG,UAAU,CAAC,WAAW,EAAE,CAAA;YAErD,MAAM,IAAI,GAAG,oBAAoB,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAC7C,CAAC,CAAC,MAAM,IAAI,CAAC,iBAAiB,CAAC,oBAAoB,EAAE;oBACjD,kBAAkB,EAAE,IAAI;oBACxB,gBAAgB,EAAE,IAAI;iBACvB,CAAC;gBACJ,CAAC,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,EAAE;oBAC1C,kBAAkB,EAAE,IAAI;oBACxB,gBAAgB,EAAE,IAAI;iBACvB,CAAC,CAAA;YAEN,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,+BAAiB,CAAC,gCAAgC,CAAC,CAAA;YAC/D,CAAC;YACD,MAAM,aAAa,GAAG,IAAA,gBAAW,EAAC,IAAI,CAAC,CAAA;YAEvC,IAAI,WAAW,GAAoC,IAAI,CAAA;YACvD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,qBAAqB,CACvD,IAAI,CAAC,GAAG,EACR,QAAQ,CACT,CAAA;YACD,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,8DAA8D;gBAC9D,IAAI,aAAa,EAAE,CAAC;oBAClB,MAAM,IAAI,+BAAiB,CAAC,gCAAgC,CAAC,CAAA;gBAC/D,CAAC;gBACD,WAAW,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;gBAC9D,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;oBACzB,MAAM,IAAI,+BAAiB,CAAC,gCAAgC,CAAC,CAAA;gBAC/D,CAAC;YACH,CAAC;YAED,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,aAAa,EAAE,CAAA;QAC7C,CAAC;gBAAS,CAAC;YACT,0BAA0B;YAC1B,MAAM,IAAA,aAAI,EAAC,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC,CAAA;QACxC,CAAC;IACH,CAAC;IAED,YAAY;IACZ,aAAa;IAEb,KAAK,CAAC,iBAAiB,CAAC,GAAW,EAAE,IAAY,EAAE,UAAmB;QACpE,OAAO,QAAQ,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,UAAU,CAAC,CAAA;IACnE,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,GAAW;QAChC,OAAO,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAA;IAChD,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,GAAW,EACX,WAAmB;QAEnB,OAAO,QAAQ,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,WAAW,CAAC,CAAA;IAClE,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,GAAW,EACX,WAAmB;QAEnB,OAAO,QAAQ,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,WAAW,CAAC,CAAA;IAC9D,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,GAAW,EAAE,IAAY;QAC/C,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE,CACxC,OAAO,CAAC,GAAG,CAAC;YACV,QAAQ,CAAC,iBAAiB,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC;YAC5C,IAAI,CAAC,6BAA6B,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC;SACrD,CAAC,CACH,CAAA;IACH,CAAC;IAED,UAAU;IACV,aAAa;IAEb,KAAK,CAAC,uBAAuB,CAAC,IAAY;QACxC,OAAO,MAAM,CAAC,uBAAuB,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;IACtD,CAAC;IAED,KAAK,CAAC,iBAAiB,CACrB,QAAgD,EAChD,QAAgB;QAEhB,OAAO,MAAM,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAA;IAC9D,CAAC;IAED,KAAK,CAAC,wBAAwB,CAC5B,UAAkB,EAClB,KAAe,EACf,aAAqB,EACrB,QAAe;QAEf,OAAO,MAAM,CAAC,wBAAwB,CACpC,IAAI,CAAC,EAAE,EACP,UAAU,EACV,KAAK,EACL,aAAa,EACb,QAAQ,CACT,CAAA;IACH,CAAC;IAED,KAAK,CAAC,sBAAsB,CAAC,GAAW;QACtC,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAA;QACvE,OAAO,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAA;IACnC,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,IAAc;QAC1C,OAAO,MAAM,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;IACrD,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,IAAc;QAC1C,OAAO,MAAM,CAAC,uBAAuB,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;IACtD,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,KAAe;QACtC,OAAO,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,CAAC,CAAA;IAClD,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,GAAW,EAAE,QAAiB;QAC5D,OAAO,MAAM,CAAC,yBAAyB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAA;IACjE,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,IAA6C;QACpE,OAAO,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;IACjD,CAAC;IAED,eAAe;IACf,aAAa;IAEb,KAAK,CAAC,gBAAgB,CAAC,GAAW,EAAE,OAA0B;QAC5D,OAAO,UAAU,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,CAAA;IAC3D,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,GAAW,EACX,OAA0B,EAC1B,KAAa;QAEb,OAAO,UAAU,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,CAAC,CAAA;IAClE,CAAC;IAED,KAAK,CAAC,+BAA+B,CACnC,GAAW,EACX,OAA0B,EAC1B,KAAa;QAEb,MAAM,UAAU,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,CAAC,CAAA;QAC/D,MAAM,UAAU,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,CAAA;IAC1D,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,IAAoC;QACrD,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,IAAI,CAAA;QAC3B,MAAM,UAAU,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,eAAe,EAAE,KAAK,CAAC,CAAA;QACvE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;QACpC,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,KAAK,EAAE,EAAE,CAClC,OAAO,CAAC,GAAG,CAAC;YACV,UAAU,CAAC,gBAAgB,CAAC,KAAK,EAAE,GAAG,EAAE,eAAe,CAAC;YACxD,OAAO,CAAC,mBAAmB,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SAC7C,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,IAAoC;QACpD,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,IAAI,CAAA;QAC3B,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,KAAK,EAAE,EAAE,CAClC,OAAO,CAAC,GAAG,CAAC;YACV,OAAO,CAAC,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,KAAK,CAAC;YACtC,UAAU,CAAC,oBAAoB,CAAC,KAAK,EAAE,GAAG,CAAC;SAC5C,CAAC,CACH,CAAA;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,IAAyC;QAC3D,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,0BAA0B,CACrD,IAAI,CAAC,EAAE,EACP,gBAAgB,EAChB,IAAI,CAAC,KAAK,CACX,CAAA;QACD,MAAM,IAAI,CAAC,qBAAqB,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAA;QAElE,OAAO,GAAG,CAAA;IACZ,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,IAAuC;QACjE,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA;QACpB,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACjE,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE,CACxC,OAAO,CAAC,GAAG,CAAC;YACV,QAAQ,CAAC,kBAAkB,CAAC,KAAK,EAAE,EAAE,GAAG,EAAE,cAAc,EAAE,CAAC;YAC3D,UAAU,CAAC,gBAAgB,CAAC,KAAK,EAAE,GAAG,EAAE,gBAAgB,CAAC;YACzD,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,GAAG,CAAC;SAC1C,CAAC,CACH,CAAA;IACH,CAAC;CACF;AA/gBD,wCA+gBC","sourcesContent":["import { KeyObject } from 'node:crypto'\nimport { CID } from 'multiformats/cid'\nimport { HOUR, wait } from '@atproto/common'\nimport { IdResolver } from '@atproto/identity'\nimport { isValidTld } from '@atproto/syntax'\nimport { AuthRequiredError, InvalidRequestError } from '@atproto/xrpc-server'\nimport { AuthScope } from '../auth-scope'\nimport { softDeleted } from '../db'\nimport { hasExplicitSlur } from '../handle/explicit-slurs'\nimport {\n baseNormalizeAndValidate,\n ensureHandleServiceConstraints,\n isServiceDomain,\n} from '../handle/index'\nimport { StatusAttr } from '../lexicon/types/com/atproto/admin/defs'\nimport { AccountDb, EmailTokenPurpose, getDb, getMigrator } from './db'\nimport * as account from './helpers/account'\nimport { AccountStatus, ActorAccount } from './helpers/account'\nimport * as auth from './helpers/auth'\nimport * as emailToken from './helpers/email-token'\nimport * as invite from './helpers/invite'\nimport * as password from './helpers/password'\nimport * as repo from './helpers/repo'\nimport * as scrypt from './helpers/scrypt'\nimport * as token from './helpers/token'\n\nexport { AccountStatus, formatAccountStatus } from './helpers/account'\n\nexport type AccountManagerDbConfig = {\n accountDbLoc: string\n disableWalAutoCheckpoint: boolean\n}\n\nexport class AccountManager {\n readonly db: AccountDb\n\n constructor(\n readonly idResolver: IdResolver,\n readonly jwtKey: KeyObject,\n readonly serviceDid: string,\n readonly serviceHandleDomains: string[],\n db: AccountManagerDbConfig,\n ) {\n this.db = getDb(db.accountDbLoc, db.disableWalAutoCheckpoint)\n }\n\n async migrateOrThrow() {\n await this.db.ensureWal()\n await getMigrator(this.db).migrateToLatestOrThrow()\n }\n\n close() {\n this.db.close()\n }\n\n // Account\n // ----------\n\n async getAccount(\n handleOrDid: string,\n flags?: account.AvailabilityFlags,\n ): Promise<ActorAccount | null> {\n return account.getAccount(this.db, handleOrDid, flags)\n }\n\n async getAccounts(\n dids: string[],\n flags?: account.AvailabilityFlags,\n ): Promise<Map<string, ActorAccount>> {\n return account.getAccounts(this.db, dids, flags)\n }\n\n async getAccountByEmail(\n email: string,\n flags?: account.AvailabilityFlags,\n ): Promise<ActorAccount | null> {\n return account.getAccountByEmail(this.db, email, flags)\n }\n\n async isAccountActivated(did: string): Promise<boolean> {\n const account = await this.getAccount(did, { includeDeactivated: true })\n if (!account) return false\n return !account.deactivatedAt\n }\n\n async getDidForActor(\n handleOrDid: string,\n flags?: account.AvailabilityFlags,\n ): Promise<string | null> {\n const got = await this.getAccount(handleOrDid, flags)\n return got?.did ?? null\n }\n\n async getAccountStatus(handleOrDid: string): Promise<AccountStatus> {\n const got = await this.getAccount(handleOrDid, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n\n const res = account.formatAccountStatus(got)\n return res.active ? AccountStatus.Active : res.status\n }\n\n async normalizeAndValidateHandle(\n handle: string,\n {\n did,\n allowAnyValid,\n }: {\n did?: string\n allowAnyValid?: boolean\n } = {},\n ): Promise<string> {\n const normalized = baseNormalizeAndValidate(handle)\n\n // tld validation\n if (!isValidTld(normalized)) {\n throw new InvalidRequestError(\n 'Handle TLD is invalid or disallowed',\n 'InvalidHandle',\n )\n }\n // slur check\n if (!allowAnyValid && hasExplicitSlur(normalized)) {\n throw new InvalidRequestError(\n 'Inappropriate language in handle',\n 'InvalidHandle',\n )\n }\n if (isServiceDomain(normalized, this.serviceHandleDomains)) {\n // verify constraints on a service domain\n ensureHandleServiceConstraints(\n normalized,\n this.serviceHandleDomains,\n allowAnyValid,\n )\n } else {\n if (did == null) {\n throw new InvalidRequestError(\n 'Not a supported handle domain',\n 'UnsupportedDomain',\n )\n }\n // verify resolution of a non-service domain\n const resolvedDid = await this.idResolver.handle.resolve(normalized)\n if (resolvedDid !== did) {\n throw new InvalidRequestError('External handle did not resolve to DID')\n }\n }\n\n return normalized\n }\n\n async createAccount({\n did,\n handle,\n email,\n password,\n repoCid,\n repoRev,\n inviteCode,\n deactivated,\n refreshJwt,\n }: {\n did: string\n handle: string\n email?: string\n password?: string\n repoCid: CID\n repoRev: string\n inviteCode?: string\n deactivated?: boolean\n refreshJwt?: string\n }) {\n if (password && password.length > scrypt.NEW_PASSWORD_MAX_LENGTH) {\n throw new InvalidRequestError('Password too long')\n }\n\n const passwordScrypt = password\n ? await scrypt.genSaltAndHash(password)\n : undefined\n\n const now = new Date().toISOString()\n await this.db.transaction(async (dbTxn) => {\n if (inviteCode) {\n await invite.ensureInviteIsAvailable(dbTxn, inviteCode)\n }\n await Promise.all([\n account.registerActor(dbTxn, { did, handle, deactivated }),\n email && passwordScrypt\n ? account.registerAccount(dbTxn, { did, email, passwordScrypt })\n : Promise.resolve(),\n invite.recordInviteUse(dbTxn, {\n did,\n inviteCode,\n now,\n }),\n refreshJwt &&\n auth.storeRefreshToken(\n dbTxn,\n auth.decodeRefreshToken(refreshJwt),\n null,\n ),\n repo.updateRoot(dbTxn, did, repoCid, repoRev),\n ])\n })\n }\n\n async createAccountAndSession(opts: {\n did: string\n handle: string\n email?: string\n password?: string\n repoCid: CID\n repoRev: string\n inviteCode?: string\n deactivated?: boolean\n }) {\n const { accessJwt, refreshJwt } = await auth.createTokens({\n did: opts.did,\n jwtKey: this.jwtKey,\n serviceDid: this.serviceDid,\n scope: AuthScope.Access,\n })\n\n await this.createAccount({ ...opts, refreshJwt })\n\n return { accessJwt, refreshJwt }\n }\n\n // @NOTE should always be paired with a sequenceHandle().\n // the token output from this method should be passed to sequenceHandle().\n async updateHandle(did: string, handle: string) {\n return account.updateHandle(this.db, did, handle)\n }\n\n async deleteAccount(did: string) {\n return account.deleteAccount(this.db, did)\n }\n\n async takedownAccount(did: string, takedown: StatusAttr) {\n await this.db.transaction(async (dbTxn) =>\n Promise.all([\n account.updateAccountTakedownStatus(dbTxn, did, takedown),\n auth.revokeRefreshTokensByDid(dbTxn, did),\n token.removeByDidQB(dbTxn, did).execute(),\n ]),\n )\n }\n\n async getAccountAdminStatus(did: string) {\n return account.getAccountAdminStatus(this.db, did)\n }\n\n async updateRepoRoot(did: string, cid: CID, rev: string) {\n return repo.updateRoot(this.db, did, cid, rev)\n }\n\n async deactivateAccount(did: string, deleteAfter: string | null) {\n return account.deactivateAccount(this.db, did, deleteAfter)\n }\n\n async activateAccount(did: string) {\n return account.activateAccount(this.db, did)\n }\n\n // Auth\n // ----------\n\n async createSession(\n did: string,\n appPassword: password.AppPassDescript | null,\n isSoftDeleted = false,\n ) {\n const { accessJwt, refreshJwt } = await auth.createTokens({\n did,\n jwtKey: this.jwtKey,\n serviceDid: this.serviceDid,\n scope: auth.formatScope(appPassword, isSoftDeleted),\n })\n // For soft deleted accounts don't store refresh token so that it can't be rotated.\n if (!isSoftDeleted) {\n const refreshPayload = auth.decodeRefreshToken(refreshJwt)\n await auth.storeRefreshToken(this.db, refreshPayload, appPassword)\n }\n return { accessJwt, refreshJwt }\n }\n\n async rotateRefreshToken(id: string) {\n const token = await auth.getRefreshToken(this.db, id)\n if (!token) return null\n\n const now = new Date()\n\n // take the chance to tidy all of a user's expired tokens\n // does not need to be transactional since this is just best-effort\n await auth.deleteExpiredRefreshTokens(this.db, token.did, now.toISOString())\n\n // Shorten the refresh token lifespan down from its\n // original expiration time to its revocation grace period.\n const prevExpiresAt = new Date(token.expiresAt)\n const REFRESH_GRACE_MS = 2 * HOUR\n const graceExpiresAt = new Date(now.getTime() + REFRESH_GRACE_MS)\n\n const expiresAt =\n graceExpiresAt < prevExpiresAt ? graceExpiresAt : prevExpiresAt\n\n if (expiresAt <= now) {\n return null\n }\n\n // Determine the next refresh token id: upon refresh token\n // reuse you always receive a refresh token with the same id.\n const nextId = token.nextId ?? auth.getRefreshTokenId()\n\n const { accessJwt, refreshJwt } = await auth.createTokens({\n did: token.did,\n jwtKey: this.jwtKey,\n serviceDid: this.serviceDid,\n scope: auth.formatScope(token.appPassword),\n jti: nextId,\n })\n\n const refreshPayload = auth.decodeRefreshToken(refreshJwt)\n try {\n await this.db.transaction((dbTxn) =>\n Promise.all([\n auth.addRefreshGracePeriod(dbTxn, {\n id,\n expiresAt: expiresAt.toISOString(),\n nextId,\n }),\n auth.storeRefreshToken(dbTxn, refreshPayload, token.appPassword),\n ]),\n )\n } catch (err) {\n if (err instanceof auth.ConcurrentRefreshError) {\n return this.rotateRefreshToken(id)\n }\n throw err\n }\n return { accessJwt, refreshJwt }\n }\n\n async revokeRefreshToken(id: string) {\n return auth.revokeRefreshToken(this.db, id)\n }\n\n // Login\n // ----------\n\n async login({\n identifier,\n password,\n }: {\n identifier: string\n password: string\n }): Promise<{\n user: ActorAccount\n appPassword: password.AppPassDescript | null\n isSoftDeleted: boolean\n }> {\n const start = Date.now()\n try {\n const identifierNormalized = identifier.toLowerCase()\n\n const user = identifierNormalized.includes('@')\n ? await this.getAccountByEmail(identifierNormalized, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n : await this.getAccount(identifierNormalized, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n\n if (!user) {\n throw new AuthRequiredError('Invalid identifier or password')\n }\n const isSoftDeleted = softDeleted(user)\n\n let appPassword: password.AppPassDescript | null = null\n const validAccountPass = await this.verifyAccountPassword(\n user.did,\n password,\n )\n if (!validAccountPass) {\n // takendown/suspended accounts cannot login with app password\n if (isSoftDeleted) {\n throw new AuthRequiredError('Invalid identifier or password')\n }\n appPassword = await this.verifyAppPassword(user.did, password)\n if (appPassword === null) {\n throw new AuthRequiredError('Invalid identifier or password')\n }\n }\n\n return { user, appPassword, isSoftDeleted }\n } finally {\n // Mitigate timing attacks\n await wait(350 - (Date.now() - start))\n }\n }\n\n // Passwords\n // ----------\n\n async createAppPassword(did: string, name: string, privileged: boolean) {\n return password.createAppPassword(this.db, did, name, privileged)\n }\n\n async listAppPasswords(did: string) {\n return password.listAppPasswords(this.db, did)\n }\n\n async verifyAccountPassword(\n did: string,\n passwordStr: string,\n ): Promise<boolean> {\n return password.verifyAccountPassword(this.db, did, passwordStr)\n }\n\n async verifyAppPassword(\n did: string,\n passwordStr: string,\n ): Promise<password.AppPassDescript | null> {\n return password.verifyAppPassword(this.db, did, passwordStr)\n }\n\n async revokeAppPassword(did: string, name: string) {\n await this.db.transaction(async (dbTxn) =>\n Promise.all([\n password.deleteAppPassword(dbTxn, did, name),\n auth.revokeAppPasswordRefreshToken(dbTxn, did, name),\n ]),\n )\n }\n\n // Invites\n // ----------\n\n async ensureInviteIsAvailable(code: string) {\n return invite.ensureInviteIsAvailable(this.db, code)\n }\n\n async createInviteCodes(\n toCreate: { account: string; codes: string[] }[],\n useCount: number,\n ) {\n return invite.createInviteCodes(this.db, toCreate, useCount)\n }\n\n async createAccountInviteCodes(\n forAccount: string,\n codes: string[],\n expectedTotal: number,\n disabled: 0 | 1,\n ) {\n return invite.createAccountInviteCodes(\n this.db,\n forAccount,\n codes,\n expectedTotal,\n disabled,\n )\n }\n\n async getAccountInvitesCodes(did: string) {\n const inviteCodes = await invite.getAccountsInviteCodes(this.db, [did])\n return inviteCodes.get(did) ?? []\n }\n\n async getAccountsInvitesCodes(dids: string[]) {\n return invite.getAccountsInviteCodes(this.db, dids)\n }\n\n async getInvitedByForAccounts(dids: string[]) {\n return invite.getInvitedByForAccounts(this.db, dids)\n }\n\n async getInviteCodesUses(codes: string[]) {\n return invite.getInviteCodesUses(this.db, codes)\n }\n\n async setAccountInvitesDisabled(did: string, disabled: boolean) {\n return invite.setAccountInvitesDisabled(this.db, did, disabled)\n }\n\n async disableInviteCodes(opts: { codes: string[]; accounts: string[] }) {\n return invite.disableInviteCodes(this.db, opts)\n }\n\n // Email Tokens\n // ----------\n\n async createEmailToken(did: string, purpose: EmailTokenPurpose) {\n return emailToken.createEmailToken(this.db, did, purpose)\n }\n\n async assertValidEmailToken(\n did: string,\n purpose: EmailTokenPurpose,\n token: string,\n ) {\n return emailToken.assertValidToken(this.db, did, purpose, token)\n }\n\n async assertValidEmailTokenAndCleanup(\n did: string,\n purpose: EmailTokenPurpose,\n token: string,\n ) {\n await emailToken.assertValidToken(this.db, did, purpose, token)\n await emailToken.deleteEmailToken(this.db, did, purpose)\n }\n\n async confirmEmail(opts: { did: string; token: string }) {\n const { did, token } = opts\n await emailToken.assertValidToken(this.db, did, 'confirm_email', token)\n const now = new Date().toISOString()\n await this.db.transaction((dbTxn) =>\n Promise.all([\n emailToken.deleteEmailToken(dbTxn, did, 'confirm_email'),\n account.setEmailConfirmedAt(dbTxn, did, now),\n ]),\n )\n }\n\n async updateEmail(opts: { did: string; email: string }) {\n const { did, email } = opts\n await this.db.transaction((dbTxn) =>\n Promise.all([\n account.updateEmail(dbTxn, did, email),\n emailToken.deleteAllEmailTokens(dbTxn, did),\n ]),\n )\n }\n\n async resetPassword(opts: { password: string; token: string }) {\n const did = await emailToken.assertValidTokenAndFindDid(\n this.db,\n 'reset_password',\n opts.token,\n )\n await this.updateAccountPassword({ did, password: opts.password })\n\n return did\n }\n\n async updateAccountPassword(opts: { did: string; password: string }) {\n const { did } = opts\n const passwordScrypt = await scrypt.genSaltAndHash(opts.password)\n await this.db.transaction(async (dbTxn) =>\n Promise.all([\n password.updateUserPassword(dbTxn, { did, passwordScrypt }),\n emailToken.deleteEmailToken(dbTxn, did, 'reset_password'),\n auth.revokeRefreshTokensByDid(dbTxn, did),\n ]),\n )\n }\n}\n"]}
package/dist/account-manager/helpers/email-token.js CHANGED
@@ -45,7 +45,7 @@ exports.assertValidToken = assertValidToken;
45
45
  const assertValidTokenAndFindDid = async (db, purpose, token, expirationLen = 15 * common_1.MINUTE) => {
46
46
  const res = await db.db
47
47
  .selectFrom('email_token')
48
- .selectAll()
48
+ .select(['did', 'requestedAt'])
49
49
  .where('purpose', '=', purpose)
50
50
  .where('token', '=', token.toUpperCase())
51
51
  .executeTakeFirst();
package/dist/account-manager/helpers/email-token.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"email-token.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/email-token.ts"],"names":[],"mappings":";;;AAAA,4CAAuD;AACvD,sDAA0D;AAC1D,4DAAkE;AAG3D,MAAM,gBAAgB,GAAG,KAAK,EACnC,EAAa,EACb,GAAW,EACX,OAA0B,EACT,EAAE;IACnB,MAAM,KAAK,GAAG,IAAA,qBAAc,GAAE,CAAC,WAAW,EAAE,CAAA;IAC5C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;IACpC,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,aAAa,CAAC;SACzB,MAAM,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC;SACjD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CACjB,EAAE,CAAC,OAAO,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,CACxE,CACJ,CAAA;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAhBY,QAAA,gBAAgB,oBAgB5B;AAEM,MAAM,gBAAgB,GAAG,KAAK,EACnC,EAAa,EACb,GAAW,EACX,OAA0B,EAC1B,EAAE;IACF,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,aAAa,CAAC;SACzB,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,KAAK,CAAC,SAAS,EAAE,GAAG,EAAE,OAAO,CAAC,CAClC,CAAA;AACH,CAAC,CAAA;AAXY,QAAA,gBAAgB,oBAW5B;AAEM,MAAM,oBAAoB,GAAG,KAAK,EAAE,EAAa,EAAE,GAAW,EAAE,EAAE;IACvE,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CACvD,CAAA;AACH,CAAC,CAAA;AAJY,QAAA,oBAAoB,wBAIhC;AAEM,MAAM,gBAAgB,GAAG,KAAK,EACnC,EAAa,EACb,GAAW,EACX,OAA0B,EAC1B,KAAa,EACb,aAAa,GAAG,EAAE,GAAG,eAAM,EAC3B,EAAE;IACF,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,EAAE;SACpB,UAAU,CAAC,aAAa,CAAC;SACzB,SAAS,EAAE;SACX,KAAK,CAAC,SAAS,EAAE,GAAG,EAAE,OAAO,CAAC;SAC9B,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,KAAK,CAAC,WAAW,EAAE,CAAC;SACxC,gBAAgB,EAAE,CAAA;IACrB,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,iCAAmB,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAA;IACnE,CAAC;IACD,MAAM,OAAO,GAAG,CAAC,IAAA,sBAAa,EAAC,IAAI,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,aAAa,CAAC,CAAA;IACxE,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,IAAI,iCAAmB,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAA;IACnE,CAAC;AACH,CAAC,CAAA;AArBY,QAAA,gBAAgB,oBAqB5B;AAEM,MAAM,0BAA0B,GAAG,KAAK,EAC7C,EAAa,EACb,OAA0B,EAC1B,KAAa,EACb,aAAa,GAAG,EAAE,GAAG,eAAM,EACV,EAAE;IACnB,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,EAAE;SACpB,UAAU,CAAC,aAAa,CAAC;SACzB,SAAS,EAAE;SACX,KAAK,CAAC,SAAS,EAAE,GAAG,EAAE,OAAO,CAAC;SAC9B,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,KAAK,CAAC,WAAW,EAAE,CAAC;SACxC,gBAAgB,EAAE,CAAA;IACrB,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,iCAAmB,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAA;IACnE,CAAC;IACD,MAAM,OAAO,GAAG,CAAC,IAAA,sBAAa,EAAC,IAAI,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,aAAa,CAAC,CAAA;IACxE,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,IAAI,iCAAmB,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAA;IACnE,CAAC;IACD,OAAO,GAAG,CAAC,GAAG,CAAA;AAChB,CAAC,CAAA;AApBY,QAAA,0BAA0B,8BAoBtC","sourcesContent":["import { MINUTE, lessThanAgoMs } from '@atproto/common'\nimport { InvalidRequestError } from '@atproto/xrpc-server'\nimport { getRandomToken } from '../../api/com/atproto/server/util'\nimport { AccountDb, EmailTokenPurpose } from '../db'\n\nexport const createEmailToken = async (\n db: AccountDb,\n did: string,\n purpose: EmailTokenPurpose,\n): Promise<string> => {\n const token = getRandomToken().toUpperCase()\n const now = new Date().toISOString()\n await db.executeWithRetry(\n db.db\n .insertInto('email_token')\n .values({ purpose, did, token, requestedAt: now })\n .onConflict((oc) =>\n oc.columns(['purpose', 'did']).doUpdateSet({ token, requestedAt: now }),\n ),\n )\n return token\n}\n\nexport const deleteEmailToken = async (\n db: AccountDb,\n did: string,\n purpose: EmailTokenPurpose,\n) => {\n await db.executeWithRetry(\n db.db\n .deleteFrom('email_token')\n .where('did', '=', did)\n .where('purpose', '=', purpose),\n )\n}\n\nexport const deleteAllEmailTokens = async (db: AccountDb, did: string) => {\n await db.executeWithRetry(\n db.db.deleteFrom('email_token').where('did', '=', did),\n )\n}\n\nexport const assertValidToken = async (\n db: AccountDb,\n did: string,\n purpose: EmailTokenPurpose,\n token: string,\n expirationLen = 15 * MINUTE,\n) => {\n const res = await db.db\n .selectFrom('email_token')\n .selectAll()\n .where('purpose', '=', purpose)\n .where('did', '=', did)\n .where('token', '=', token.toUpperCase())\n .executeTakeFirst()\n if (!res) {\n throw new InvalidRequestError('Token is invalid', 'InvalidToken')\n }\n const expired = !lessThanAgoMs(new Date(res.requestedAt), expirationLen)\n if (expired) {\n throw new InvalidRequestError('Token is expired', 'ExpiredToken')\n }\n}\n\nexport const assertValidTokenAndFindDid = async (\n db: AccountDb,\n purpose: EmailTokenPurpose,\n token: string,\n expirationLen = 15 * MINUTE,\n): Promise<string> => {\n const res = await db.db\n .selectFrom('email_token')\n .selectAll()\n .where('purpose', '=', purpose)\n .where('token', '=', token.toUpperCase())\n .executeTakeFirst()\n if (!res) {\n throw new InvalidRequestError('Token is invalid', 'InvalidToken')\n }\n const expired = !lessThanAgoMs(new Date(res.requestedAt), expirationLen)\n if (expired) {\n throw new InvalidRequestError('Token is expired', 'ExpiredToken')\n }\n return res.did\n}\n"]}
1
+ {"version":3,"file":"email-token.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/email-token.ts"],"names":[],"mappings":";;;AAAA,4CAAuD;AACvD,sDAA0D;AAC1D,4DAAkE;AAG3D,MAAM,gBAAgB,GAAG,KAAK,EACnC,EAAa,EACb,GAAW,EACX,OAA0B,EACT,EAAE;IACnB,MAAM,KAAK,GAAG,IAAA,qBAAc,GAAE,CAAC,WAAW,EAAE,CAAA;IAC5C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;IACpC,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,aAAa,CAAC;SACzB,MAAM,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC;SACjD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CACjB,EAAE,CAAC,OAAO,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,CACxE,CACJ,CAAA;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAhBY,QAAA,gBAAgB,oBAgB5B;AAEM,MAAM,gBAAgB,GAAG,KAAK,EACnC,EAAa,EACb,GAAW,EACX,OAA0B,EAC1B,EAAE;IACF,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,aAAa,CAAC;SACzB,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,KAAK,CAAC,SAAS,EAAE,GAAG,EAAE,OAAO,CAAC,CAClC,CAAA;AACH,CAAC,CAAA;AAXY,QAAA,gBAAgB,oBAW5B;AAEM,MAAM,oBAAoB,GAAG,KAAK,EAAE,EAAa,EAAE,GAAW,EAAE,EAAE;IACvE,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CACvD,CAAA;AACH,CAAC,CAAA;AAJY,QAAA,oBAAoB,wBAIhC;AAEM,MAAM,gBAAgB,GAAG,KAAK,EACnC,EAAa,EACb,GAAW,EACX,OAA0B,EAC1B,KAAa,EACb,aAAa,GAAG,EAAE,GAAG,eAAM,EAC3B,EAAE;IACF,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,EAAE;SACpB,UAAU,CAAC,aAAa,CAAC;SACzB,SAAS,EAAE;SACX,KAAK,CAAC,SAAS,EAAE,GAAG,EAAE,OAAO,CAAC;SAC9B,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,KAAK,CAAC,WAAW,EAAE,CAAC;SACxC,gBAAgB,EAAE,CAAA;IACrB,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,iCAAmB,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAA;IACnE,CAAC;IACD,MAAM,OAAO,GAAG,CAAC,IAAA,sBAAa,EAAC,IAAI,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,aAAa,CAAC,CAAA;IACxE,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,IAAI,iCAAmB,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAA;IACnE,CAAC;AACH,CAAC,CAAA;AArBY,QAAA,gBAAgB,oBAqB5B;AAEM,MAAM,0BAA0B,GAAG,KAAK,EAC7C,EAAa,EACb,OAA0B,EAC1B,KAAa,EACb,aAAa,GAAG,EAAE,GAAG,eAAM,EACV,EAAE;IACnB,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,EAAE;SACpB,UAAU,CAAC,aAAa,CAAC;SACzB,MAAM,CAAC,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;SAC9B,KAAK,CAAC,SAAS,EAAE,GAAG,EAAE,OAAO,CAAC;SAC9B,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,KAAK,CAAC,WAAW,EAAE,CAAC;SACxC,gBAAgB,EAAE,CAAA;IACrB,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,iCAAmB,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAA;IACnE,CAAC;IACD,MAAM,OAAO,GAAG,CAAC,IAAA,sBAAa,EAAC,IAAI,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,aAAa,CAAC,CAAA;IACxE,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,IAAI,iCAAmB,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAA;IACnE,CAAC;IACD,OAAO,GAAG,CAAC,GAAG,CAAA;AAChB,CAAC,CAAA;AApBY,QAAA,0BAA0B,8BAoBtC","sourcesContent":["import { MINUTE, lessThanAgoMs } from '@atproto/common'\nimport { InvalidRequestError } from '@atproto/xrpc-server'\nimport { getRandomToken } from '../../api/com/atproto/server/util'\nimport { AccountDb, EmailTokenPurpose } from '../db'\n\nexport const createEmailToken = async (\n db: AccountDb,\n did: string,\n purpose: EmailTokenPurpose,\n): Promise<string> => {\n const token = getRandomToken().toUpperCase()\n const now = new Date().toISOString()\n await db.executeWithRetry(\n db.db\n .insertInto('email_token')\n .values({ purpose, did, token, requestedAt: now })\n .onConflict((oc) =>\n oc.columns(['purpose', 'did']).doUpdateSet({ token, requestedAt: now }),\n ),\n )\n return token\n}\n\nexport const deleteEmailToken = async (\n db: AccountDb,\n did: string,\n purpose: EmailTokenPurpose,\n) => {\n await db.executeWithRetry(\n db.db\n .deleteFrom('email_token')\n .where('did', '=', did)\n .where('purpose', '=', purpose),\n )\n}\n\nexport const deleteAllEmailTokens = async (db: AccountDb, did: string) => {\n await db.executeWithRetry(\n db.db.deleteFrom('email_token').where('did', '=', did),\n )\n}\n\nexport const assertValidToken = async (\n db: AccountDb,\n did: string,\n purpose: EmailTokenPurpose,\n token: string,\n expirationLen = 15 * MINUTE,\n) => {\n const res = await db.db\n .selectFrom('email_token')\n .selectAll()\n .where('purpose', '=', purpose)\n .where('did', '=', did)\n .where('token', '=', token.toUpperCase())\n .executeTakeFirst()\n if (!res) {\n throw new InvalidRequestError('Token is invalid', 'InvalidToken')\n }\n const expired = !lessThanAgoMs(new Date(res.requestedAt), expirationLen)\n if (expired) {\n throw new InvalidRequestError('Token is expired', 'ExpiredToken')\n }\n}\n\nexport const assertValidTokenAndFindDid = async (\n db: AccountDb,\n purpose: EmailTokenPurpose,\n token: string,\n expirationLen = 15 * MINUTE,\n): Promise<string> => {\n const res = await db.db\n .selectFrom('email_token')\n .select(['did', 'requestedAt'])\n .where('purpose', '=', purpose)\n .where('token', '=', token.toUpperCase())\n .executeTakeFirst()\n if (!res) {\n throw new InvalidRequestError('Token is invalid', 'InvalidToken')\n }\n const expired = !lessThanAgoMs(new Date(res.requestedAt), expirationLen)\n if (expired) {\n throw new InvalidRequestError('Token is expired', 'ExpiredToken')\n }\n return res.did\n}\n"]}
package/dist/account-manager/oauth-store.d.ts CHANGED
@@ -44,8 +44,8 @@ export declare class OAuthStore implements AccountStore, RequestStore, DeviceSto
44
44
  } | {
45
45
  deviceId: DeviceId;
46
46
  }): Promise<DeviceAccount[]>;
47
- resetPasswordRequest({ locale: _locale, email, }: ResetPasswordRequestInput): Promise<void>;
48
- resetPasswordConfirm(data: ResetPasswordConfirmInput): Promise<void>;
47
+ resetPasswordRequest({ locale: _locale, email, }: ResetPasswordRequestInput): Promise<Account | null>;
48
+ resetPasswordConfirm(data: ResetPasswordConfirmInput): Promise<Account | null>;
49
49
  verifyHandleAvailability(handle: string): Promise<void>;
50
50
  createRequest(id: RequestId, data: RequestData): Promise<void>;
51
51
  readRequest(id: RequestId): Promise<RequestData | null>;
package/dist/account-manager/oauth-store.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"oauth-store.d.ts","sourceRoot":"","sources":["../../src/account-manager/oauth-store.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAA2B,MAAM,cAAc,CAAA;AAE9D,OAAO,EAAE,OAAO,EAAoB,MAAM,iBAAiB,CAAA;AAC3D,OAAO,EACL,OAAO,EACP,YAAY,EACZ,uBAAuB,EACvB,oBAAoB,EACpB,iBAAiB,EACjB,QAAQ,EACR,IAAI,EACJ,aAAa,EACb,UAAU,EACV,QAAQ,EACR,WAAW,EACX,kBAAkB,EAIlB,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,WAAW,EACX,SAAS,EACT,YAAY,EACZ,yBAAyB,EACzB,yBAAyB,EACzB,UAAU,EACV,GAAG,EACH,SAAS,EACT,OAAO,EACP,SAAS,EACT,UAAU,EACV,iBAAiB,EAClB,MAAM,yBAAyB,CAAA;AAKhC,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAA;AACvD,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAA;AAE/C,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAA;AAE5D,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAA;AACxC,OAAO,EAAE,SAAS,EAAyB,MAAM,cAAc,CAAA;AAC/D,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAYlD;;;;;GAKG;AACH,qBAAa,UACX,YAAW,YAAY,EAAE,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU;IAG1E,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,eAAe;IAChC,OAAO,CAAC,QAAQ,CAAC,eAAe;IAChC,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,cAAc;gBATd,cAAc,EAAE,cAAc,EAC9B,UAAU,EAAE,UAAU,EACtB,eAAe,EAAE,eAAe,EAChC,eAAe,EAAE,eAAe,EAChC,MAAM,EAAE,YAAY,EACpB,SAAS,EAAE,SAAS,EACpB,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,OAAO,EACvB,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,GAAG,IAAI;IAGhD,OAAO,KAAK,EAAE,GAIb;IAED,OAAO,KAAK,UAAU,GAErB;YAEa,uBAAuB;YAavB,gBAAgB;IAYxB,aAAa,CAAC,EAClB,MAAM,EAAE,OAAO,EACf,UAAU,EACV,MAAM,EACN,KAAK,EACL,QAAQ,GACT,EAAE,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC;IA8E1B,mBAAmB,CAAC,EACxB,MAAM,EAAE,OAAO,EACf,QAAQ,EAAE,UAAU,EACpB,QAAQ,EAER,QAAoB,GACrB,EAAE,uBAAuB,GAAG,OAAO,CAAC,OAAO,CAAC;IA4BvC,mBAAmB,CACvB,GAAG,EAAE,GAAG,EACR,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE,oBAAoB,GACzB,OAAO,CAAC,IAAI,CAAC;IAIV,UAAU,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC;QAClC,OAAO,EAAE,OAAO,CAAA;QAChB,iBAAiB,EAAE,iBAAiB,CAAA;KACrC,CAAC;IAgBI,mBAAmB,CAAC,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMnE,gBAAgB,CACpB,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAoB1B,mBAAmB,CAAC,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC;IAMhE,kBAAkB,CACtB,MAAM,EAAE;QAAE,GAAG,EAAE,GAAG,CAAA;KAAE,GAAG;QAAE,QAAQ,EAAE,QAAQ,CAAA;KAAE,GAC5C,OAAO,CAAC,aAAa,EAAE,CAAC;IA+BrB,oBAAoB,CAAC,EACzB,MAAM,EAAE,OAAO,EACf,KAAK,GACN,EAAE,yBAAyB,GAAG,OAAO,CAAC,IAAI,CAAC;IAqBtC,oBAAoB,CAAC,IAAI,EAAE,yBAAyB,GAAG,OAAO,CAAC,IAAI,CAAC;IAYpE,wBAAwB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkCvD,aAAa,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAM9D,WAAW,CAAC,EAAE,EAAE,SAAS,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAiBvD,aAAa,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAMpE,aAAa,CAAC,EAAE,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;IAI3C,kBAAkB,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC;IASlE,YAAY,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAMjE,UAAU,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,GAAG,UAAU,CAAC;IAK1D,YAAY,CAChB,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,GACxB,OAAO,CAAC,IAAI,CAAC;IAMV,YAAY,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IAO/C,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAItD,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAI5D,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAM1C,WAAW,CACf,EAAE,EAAE,OAAO,EACX,IAAI,EAAE,SAAS,EACf,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,IAAI,CAAC;IAgBV,iBAAiB,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;IAKjD,SAAS,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IAOtD,WAAW,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAK5C,WAAW,CACf,OAAO,EAAE,OAAO,EAChB,UAAU,EAAE,OAAO,EACnB,eAAe,EAAE,YAAY,EAC7B,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,IAAI,CAAC;IA6BV,uBAAuB,CAC3B,YAAY,EAAE,YAAY,GACzB,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IAatB,eAAe,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;YAK9C,WAAW;YAWX,YAAY;CAmC3B"}
1
+ {"version":3,"file":"oauth-store.d.ts","sourceRoot":"","sources":["../../src/account-manager/oauth-store.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAA2B,MAAM,cAAc,CAAA;AAE9D,OAAO,EAAE,OAAO,EAAoB,MAAM,iBAAiB,CAAA;AAC3D,OAAO,EACL,OAAO,EACP,YAAY,EACZ,uBAAuB,EACvB,oBAAoB,EACpB,iBAAiB,EACjB,QAAQ,EACR,IAAI,EACJ,aAAa,EACb,UAAU,EACV,QAAQ,EACR,WAAW,EACX,kBAAkB,EAIlB,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,WAAW,EACX,SAAS,EACT,YAAY,EACZ,yBAAyB,EACzB,yBAAyB,EACzB,UAAU,EACV,GAAG,EACH,SAAS,EACT,OAAO,EACP,SAAS,EACT,UAAU,EACV,iBAAiB,EAClB,MAAM,yBAAyB,CAAA;AAKhC,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAA;AACvD,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAA;AAE/C,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAA;AAE5D,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAA;AACxC,OAAO,EAAE,SAAS,EAAyB,MAAM,cAAc,CAAA;AAC/D,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAYlD;;;;;GAKG;AACH,qBAAa,UACX,YAAW,YAAY,EAAE,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU;IAG1E,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,eAAe;IAChC,OAAO,CAAC,QAAQ,CAAC,eAAe;IAChC,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,cAAc;gBATd,cAAc,EAAE,cAAc,EAC9B,UAAU,EAAE,UAAU,EACtB,eAAe,EAAE,eAAe,EAChC,eAAe,EAAE,eAAe,EAChC,MAAM,EAAE,YAAY,EACpB,SAAS,EAAE,SAAS,EACpB,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,OAAO,EACvB,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,GAAG,IAAI;IAGhD,OAAO,KAAK,EAAE,GAIb;IAED,OAAO,KAAK,UAAU,GAErB;YAEa,uBAAuB;YAavB,gBAAgB;IAYxB,aAAa,CAAC,EAClB,MAAM,EAAE,OAAO,EACf,UAAU,EACV,MAAM,EACN,KAAK,EACL,QAAQ,GACT,EAAE,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC;IA8E1B,mBAAmB,CAAC,EACxB,MAAM,EAAE,OAAO,EACf,QAAQ,EAAE,UAAU,EACpB,QAAQ,EAER,QAAoB,GACrB,EAAE,uBAAuB,GAAG,OAAO,CAAC,OAAO,CAAC;IA4BvC,mBAAmB,CACvB,GAAG,EAAE,GAAG,EACR,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE,oBAAoB,GACzB,OAAO,CAAC,IAAI,CAAC;IAIV,UAAU,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC;QAClC,OAAO,EAAE,OAAO,CAAA;QAChB,iBAAiB,EAAE,iBAAiB,CAAA;KACrC,CAAC;IAgBI,mBAAmB,CAAC,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMnE,gBAAgB,CACpB,QAAQ,EAAE,QAAQ,EAClB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAoB1B,mBAAmB,CAAC,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC;IAMhE,kBAAkB,CACtB,MAAM,EAAE;QAAE,GAAG,EAAE,GAAG,CAAA;KAAE,GAAG;QAAE,QAAQ,EAAE,QAAQ,CAAA;KAAE,GAC5C,OAAO,CAAC,aAAa,EAAE,CAAC;IA+BrB,oBAAoB,CAAC,EACzB,MAAM,EAAE,OAAO,EACf,KAAK,GACN,EAAE,yBAAyB,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAuBhD,oBAAoB,CACxB,IAAI,EAAE,yBAAyB,GAC9B,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAkBpB,wBAAwB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkCvD,aAAa,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAM9D,WAAW,CAAC,EAAE,EAAE,SAAS,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAiBvD,aAAa,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAMpE,aAAa,CAAC,EAAE,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;IAI3C,kBAAkB,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC;IASlE,YAAY,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAMjE,UAAU,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,GAAG,UAAU,CAAC;IAK1D,YAAY,CAChB,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,GACxB,OAAO,CAAC,IAAI,CAAC;IAMV,YAAY,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IAO/C,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAItD,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAI5D,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAM1C,WAAW,CACf,EAAE,EAAE,OAAO,EACX,IAAI,EAAE,SAAS,EACf,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,IAAI,CAAC;IAgBV,iBAAiB,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;IAKjD,SAAS,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IAOtD,WAAW,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAK5C,WAAW,CACf,OAAO,EAAE,OAAO,EAChB,UAAU,EAAE,OAAO,EACnB,eAAe,EAAE,YAAY,EAC7B,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,IAAI,CAAC;IA6BV,uBAAuB,CAC3B,YAAY,EAAE,YAAY,GACzB,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IAatB,eAAe,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;YAK9C,WAAW;YAWX,YAAY;CAmC3B"}
package/dist/account-manager/oauth-store.js CHANGED
@@ -300,19 +300,25 @@ class OAuthStore {
300
300
  includeTakenDown: true,
301
301
  });
302
302
  if (!account?.email || !account?.handle)
303
- return;
303
+ return null;
304
304
  const { handle } = account;
305
305
  const token = await this.accountManager.createEmailToken(account.did, 'reset_password');
306
306
  // @TODO Use the locale to send the email in the right language
307
307
  await this.mailer.sendResetPassword({ handle, token }, { to: account.email });
308
+ return this.buildAccount(account);
308
309
  }
309
310
  async resetPasswordConfirm(data) {
310
311
  try {
311
- await this.accountManager.resetPassword(data);
312
+ const did = await this.accountManager.resetPassword(data);
313
+ const account = await this.accountManager.getAccount(did, {
314
+ includeDeactivated: true,
315
+ includeTakenDown: true,
316
+ });
317
+ return account ? this.buildAccount(account) : null;
312
318
  }
313
319
  catch (err) {
314
320
  if (err instanceof xrpc_server_1.InvalidRequestError) {
315
- throw new oauth_provider_1.InvalidRequestError(err.message, err);
321
+ return null;
316
322
  }
317
323
  throw err;
318
324
  }
package/dist/account-manager/oauth-store.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"oauth-store.js","sourceRoot":"","sources":["../../src/account-manager/oauth-store.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8DAAgC;AAChC,sCAA8D;AAE9D,4CAA2D;AAC3D,4DAgCgC;AAChC,sDAG6B;AAG7B,8BAAmC;AAEnC,sCAAoC;AAEpC,4CAA+D;AAG/D,iEAAkD;AAClD,+CAAiD;AACjD,8EAA+D;AAC/D,mFAAoE;AACpE,oFAAqE;AACrE,+DAAgD;AAChD,iEAAkD;AAClD,6DAA8C;AAC9C,qFAAsE;AAEtE;;;;;GAKG;AACH,MAAa,UAAU;IAGrB,YACmB,cAA8B,EAC9B,UAAsB,EACtB,eAAgC,EAChC,eAAgC,EAChC,MAAoB,EACpB,SAAoB,EACpB,SAAiB,EACjB,cAAuB,EACvB,SAAiB,EACjB,cAA6B;QAT9C;;;;mBAAiB,cAAc;WAAgB;QAC/C;;;;mBAAiB,UAAU;WAAY;QACvC;;;;mBAAiB,eAAe;WAAiB;QACjD;;;;mBAAiB,eAAe;WAAiB;QACjD;;;;mBAAiB,MAAM;WAAc;QACrC;;;;mBAAiB,SAAS;WAAW;QACrC;;;;mBAAiB,SAAS;WAAQ;QAClC;;;;mBAAiB,cAAc;WAAS;QACxC;;;;mBAAiB,SAAS;WAAQ;QAClC;;;;mBAAiB,cAAc;WAAe;IAC7C,CAAC;IAEJ,IAAY,EAAE;QACZ,MAAM,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,cAAc,CAAA;QAClC,IAAI,EAAE,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;QAClE,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAY,UAAU;QACpB,OAAO,IAAI,CAAC,cAAc,CAAC,UAAU,CAAA;IACvC,CAAC;IAEO,KAAK,CAAC,uBAAuB,CAAC,KAAa;QACjD,4EAA4E;QAE5E,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,KAAK,EAAE;YACjE,kBAAkB,EAAE,IAAI;YACxB,gBAAgB,EAAE,IAAI;SACvB,CAAC,CAAA;QAEF,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,IAAI,oCAAmB,CAAC,qBAAqB,CAAC,CAAA;QACtD,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,IAAY;QACzC,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,cAAc,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QACzD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GACX,GAAG,YAAY,iCAAuB,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;YAClE,MAAM,IAAI,uCAAsB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;QAChD,CAAC;IACH,CAAC;IAED,eAAe;IAEf,KAAK,CAAC,aAAa,CAAC,EAClB,MAAM,EAAE,OAAO,EACf,UAAU,EACV,MAAM,EACN,KAAK,EACL,QAAQ,GACG;QACX,uGAAuG;QACvG,yEAAyE;QAEzE,MAAM,OAAO,CAAC,GAAG,CAAC;YAChB,IAAI,CAAC,uBAAuB,CAAC,KAAK,CAAC;YACnC,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC;YACrC,CAAC,UAAU,IAAI,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC;SACjD,CAAC,CAAA;QAEF,4EAA4E;QAC5E,gEAAgE;QAEhE,MAAM,UAAU,GAAG,MAAM,yBAAgB,CAAC,MAAM,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAA;QACtE,MAAM,aAAa,GAAG,UAAU,CAAC,GAAG,EAAE,CAAA;QAEtC,MAAM,SAAS,GAAG,MAAM,IAAA,cAAW,EAAC;YAClC,UAAU,EAAE,aAAa;YACzB,YAAY,EAAE,IAAI,CAAC,cAAc;gBAC/B,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,CAAC;gBAClD,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,CAAC;YAC/B,MAAM;YACN,GAAG,EAAE,IAAI,CAAC,SAAS;YACnB,MAAM,EAAE,IAAI,CAAC,cAAc;SAC5B,CAAC,CAAA;QAEF,MAAM,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,SAAS,CAAA;QAE7B,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,UAAU,CAAC,CAAA;YAC7C,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,EAAE,CAC9D,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAC7B,CAAA;gBAED,MAAM,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,EAAE,CAAC,CAAA;gBAE3C,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC;oBACtC,GAAG;oBACH,MAAM;oBACN,KAAK;oBACL,QAAQ;oBACR,UAAU;oBACV,OAAO,EAAE,MAAM,CAAC,GAAG;oBACnB,OAAO,EAAE,MAAM,CAAC,GAAG;iBACpB,CAAC,CAAA;gBACF,IAAI,CAAC;oBACH,MAAM,IAAI,CAAC,SAAS,CAAC,mBAAmB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;oBACrD,MAAM,IAAI,CAAC,SAAS,CAAC,kBAAkB,CAAC,GAAG,EAAE,uBAAa,CAAC,MAAM,CAAC,CAAA;oBAClE,MAAM,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;oBAChD,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAClC,GAAG,EACH,IAAA,iCAAqB,EAAC,MAAM,CAAC,CAC9B,CAAA;oBACD,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAA;oBACrE,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAAC,aAAa,EAAE,GAAG,CAAC,CAAA;oBAE9D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;oBACzD,IAAI,CAAC,OAAO;wBAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAA;oBAElD,OAAO,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAA;gBACzC,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;oBACtC,MAAM,GAAG,CAAA;gBACX,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;gBAClC,MAAM,GAAG,CAAA;YACX,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,0BAA0B;YAC1B,IAAI,GAAG,YAAY,iCAAuB,EAAE,CAAC;gBAC3C,MAAM,IAAI,oCAAmB,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;YACjD,CAAC;YACD,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,EACxB,MAAM,EAAE,OAAO,EACf,QAAQ,EAAE,UAAU,EACpB,QAAQ;IACR,kCAAkC;IAClC,QAAQ,GAAG,SAAS,GACI;QACxB,0EAA0E;QAC1E,IAAI,CAAC;YACH,sBAAsB;YACtB,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;gBACrB,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAA;YAC/C,CAAC;YAED,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,aAAa,EAAE,GACxC,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAE3D,IAAI,aAAa,EAAE,CAAC;gBAClB,MAAM,IAAI,oCAAmB,CAAC,wBAAwB,CAAC,CAAA;YACzD,CAAC;YAED,IAAI,WAAW,EAAE,CAAC;gBAChB,MAAM,IAAI,oCAAmB,CAAC,+BAA+B,CAAC,CAAA;YAChE,CAAC;YAED,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAA;QAChC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,+BAAqB,EAAE,CAAC;gBACzC,MAAM,IAAI,oCAAmB,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;YACjD,CAAC;YACD,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED,KAAK,CAAC,mBAAmB,CACvB,GAAQ,EACR,QAAkB,EAClB,IAA0B;QAE1B,MAAM,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAA;IACnE,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,GAAQ;QAIvB,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE;YAC9D,kBAAkB,EAAE,IAAI;SACzB,CAAC,CAAA;QAEF,IAAA,qBAAM,EAAC,UAAU,EAAE,mBAAmB,CAAC,CAAA;QAEvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,CAAA;QACnD,MAAM,iBAAiB,GAAG,MAAM,sBAAsB,CAAC,oBAAoB,CACzE,IAAI,CAAC,EAAE,EACP,GAAG,CACJ,CAAA;QAED,OAAO,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAA;IACvC,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,QAAkB,EAAE,GAAW;QACvD,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,GAAG,CAAC,CACrD,CAAA;IACH,CAAC;IAED,KAAK,CAAC,gBAAgB,CACpB,QAAkB,EAClB,GAAW;QAEX,MAAM,GAAG,GAAG,MAAM,mBAAmB;aAClC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC;aACpC,gBAAgB,EAAE,CAAA;QAErB,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAA;QAErB,OAAO;YACL,QAAQ;YACR,UAAU,EAAE,YAAY,CAAC,eAAe,CAAC,GAAG,CAAC;YAC7C,OAAO,EAAE,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC;YACrC,iBAAiB,EAAE,MAAM,sBAAsB,CAAC,oBAAoB,CAClE,IAAI,CAAC,EAAE,EACP,GAAG,CACJ;YACD,SAAS,EAAE,IAAA,gBAAW,EAAC,GAAG,CAAC,WAAW,CAAC;YACvC,SAAS,EAAE,IAAA,gBAAW,EAAC,GAAG,CAAC,WAAW,CAAC;SACxC,CAAA;IACH,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,QAAkB,EAAE,GAAQ;QACpD,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,GAAG,CAAC,CACrD,CAAA;IACH,CAAC;IAED,KAAK,CAAC,kBAAkB,CACtB,MAA6C;QAE7C,MAAM,IAAI,GAAG,MAAM,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,OAAO,EAAE,CAAA;QAE1E,MAAM,UAAU,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;QAE3D,sDAAsD;QACtD,MAAM,QAAQ,GAAG,IAAI,GAAG,CACtB,MAAM,OAAO,CAAC,GAAG,CACf,KAAK,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,EAAE,GAAG,EAA2B,EAAE;YAC5D,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAE,CAAA;YAC5C,OAAO,CAAC,GAAG,EAAE,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAA;QAC5C,CAAC,CAAC,CACH,CACF,CAAA;QAED,MAAM,oBAAoB,GACxB,MAAM,sBAAsB,CAAC,yBAAyB,CACpD,IAAI,CAAC,EAAE,EACP,UAAU,CACX,CAAA;QAEH,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACxB,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,UAAU,EAAE,YAAY,CAAC,eAAe,CAAC,GAAG,CAAC;YAC7C,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAE;YAC/B,iBAAiB,EAAE,oBAAoB,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAE;YACrD,SAAS,EAAE,IAAA,gBAAW,EAAC,GAAG,CAAC,WAAW,CAAC;YACvC,SAAS,EAAE,IAAA,gBAAW,EAAC,GAAG,CAAC,WAAW,CAAC;SACxC,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,EACzB,MAAM,EAAE,OAAO,EACf,KAAK,GACqB;QAC1B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,KAAK,EAAE;YACjE,kBAAkB,EAAE,IAAI;YACxB,gBAAgB,EAAE,IAAI;SACvB,CAAC,CAAA;QAEF,IAAI,CAAC,OAAO,EAAE,KAAK,IAAI,CAAC,OAAO,EAAE,MAAM;YAAE,OAAM;QAE/C,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;QAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,gBAAgB,CACtD,OAAO,CAAC,GAAG,EACX,gBAAgB,CACjB,CAAA;QAED,+DAA+D;QAC/D,MAAM,IAAI,CAAC,MAAM,CAAC,iBAAiB,CACjC,EAAE,MAAM,EAAE,KAAK,EAAE,EACjB,EAAE,EAAE,EAAE,OAAO,CAAC,KAAK,EAAE,CACtB,CAAA;IACH,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,IAA+B;QACxD,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,IAAI,CAAC,CAAA;QAC/C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,iCAAuB,EAAE,CAAC;gBAC3C,MAAM,IAAI,oCAAmB,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;YACjD,CAAC;YAED,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,MAAc;QAC3C,8EAA8E;QAC9E,IAAI,CAAC;YACH,MAAM,UAAU,GACd,MAAM,IAAI,CAAC,cAAc,CAAC,0BAA0B,CAAC,MAAM,CAAC,CAAA;YAE9D,uEAAuE;YACvE,sEAAsE;YACtE,WAAW;YACX,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;gBAC1B,MAAM,IAAI,uCAAsB,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAA;YAC9D,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,UAAU,EAAE;gBAC/D,kBAAkB,EAAE,IAAI;gBACxB,gBAAgB,EAAE,IAAI;aACvB,CAAC,CAAA;YAEF,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,IAAI,uCAAsB,CAAC,OAAO,CAAC,CAAA;YAC3C,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,iCAAuB,EAAE,CAAC;gBAC3C,MAAM,GAAG,CAAC,eAAe,KAAK,oBAAoB;oBAChD,CAAC,CAAC,IAAI,uCAAsB,CAAC,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC;oBAClD,CAAC,CAAC,IAAI,uCAAsB,CAAC,QAAQ,EAAE,GAAG,CAAC,OAAO,CAAC,CAAA;YACvD,CAAC;YAED,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED,eAAe;IAEf,KAAK,CAAC,aAAa,CAAC,EAAa,EAAE,IAAiB;QAClD,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,iBAAiB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,CAC9C,CAAA;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,EAAa;QAC7B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,iBAAiB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,gBAAgB,EAAE,CAAA;YAC1E,IAAI,CAAC,GAAG;gBAAE,OAAO,IAAI,CAAA;YACrB,OAAO,iBAAiB,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAA;QAChD,CAAC;gBAAS,CAAC;YACT,0EAA0E;YAC1E,0EAA0E;YAC1E,2BAA2B;YAC3B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE;gBAClC,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,iBAAiB,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC,CAC9C,CAAA;YACH,CAAC,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,EAAa,EAAE,IAAuB;QACxD,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,iBAAiB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,CAC9C,CAAA;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,EAAa;QAC/B,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAA;IAC7E,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,IAAU;QACjC,MAAM,GAAG,GAAG,MAAM,iBAAiB;aAChC,eAAe,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC;aAC9B,gBAAgB,EAAE,CAAA;QACrB,OAAO,GAAG,CAAC,CAAC,CAAC,iBAAiB,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IACpE,CAAC;IAED,cAAc;IAEd,KAAK,CAAC,YAAY,CAAC,QAAkB,EAAE,IAAgB;QACrD,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,CAC/C,CAAA;IACH,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,QAAkB;QACjC,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC,gBAAgB,EAAE,CAAA;QAC3E,OAAO,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IACvD,CAAC;IAED,KAAK,CAAC,YAAY,CAChB,QAAkB,EAClB,IAAyB;QAEzB,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,CAC/C,CAAA;IACH,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,QAAkB;QACnC,+DAA+D;QAC/D,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC1E,CAAC;IAED,eAAe;IAEf,KAAK,CAAC,WAAW,CAAC,IAAY;QAC5B,OAAO,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;IAC1C,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,IAAY,EAAE,IAAiB;QAChD,OAAO,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,CAAA;IAClD,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,IAAY;QAC9B,OAAO,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;IAC5C,CAAC;IAED,aAAa;IAEb,KAAK,CAAC,WAAW,CACf,EAAW,EACX,IAAe,EACf,YAA2B;QAE3B,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACxC,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,sBAAsB;qBAC3C,OAAO,CAAC,KAAK,EAAE,YAAY,CAAC;qBAC5B,uBAAuB,EAAE,CAAA;gBAE5B,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;oBACd,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAA;gBACjD,CAAC;YACH,CAAC;YAED,OAAO,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,YAAY,CAAC,CAAC,OAAO,EAAE,CAAA;QACtE,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,GAAQ;QAC9B,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,OAAO,EAAE,CAAA;QACxE,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;IAC9D,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,OAAgB;QAC9B,MAAM,GAAG,GAAG,MAAM,WAAW;aAC1B,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,CAAC;aAC9B,gBAAgB,EAAE,CAAA;QACrB,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IAC3C,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAgB;QAChC,6DAA6D;QAC7D,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAA;IACxE,CAAC;IAED,KAAK,CAAC,WAAW,CACf,OAAgB,EAChB,UAAmB,EACnB,eAA6B,EAC7B,OAAqB;QAErB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACpD,MAAM,EAAE,EAAE,EAAE,mBAAmB,EAAE,GAAG,MAAM,WAAW;iBAClD,WAAW,CAAC,KAAK,EAAE,OAAO,CAAC;iBAC3B,uBAAuB,EAAE,CAAA;YAE5B,IAAI,mBAAmB,EAAE,CAAC;gBACxB,MAAM,sBAAsB;qBACzB,QAAQ,CAAC,KAAK,EAAE,EAAE,EAAE,mBAAmB,CAAC;qBACxC,OAAO,EAAE,CAAA;YACd,CAAC;YAED,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,sBAAsB;iBAC3C,OAAO,CAAC,KAAK,EAAE,eAAe,CAAC;iBAC/B,uBAAuB,EAAE,CAAA;YAE5B,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;gBACd,iEAAiE;gBACjE,OAAO,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;YACtD,CAAC;YAED,MAAM,WAAW;iBACd,QAAQ,CAAC,KAAK,EAAE,EAAE,EAAE,UAAU,EAAE,eAAe,EAAE,OAAO,CAAC;iBACzD,OAAO,EAAE,CAAA;QACd,CAAC,CAAC,CAAA;QAEF,IAAI,GAAG;YAAE,MAAM,GAAG,CAAA;IACpB,CAAC;IAED,KAAK,CAAC,uBAAuB,CAC3B,YAA0B;QAE1B,MAAM,IAAI,GAAG,MAAM,sBAAsB;aACtC,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,YAAY,CAAC;aACpC,gBAAgB,EAAE,CAAA;QAErB,MAAM,MAAM,GAAG,IAAI;YACjB,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,OAAO,EAAE;YACtB,CAAC,CAAC,EAAE,mBAAmB,EAAE,YAAY,EAAE,CAAA;QAEzC,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,gBAAgB,EAAE,CAAA;QAC1E,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IAC3C,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,IAAU;QAC9B,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,gBAAgB,EAAE,CAAA;QAC5E,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IAC3C,CAAC;IAEO,KAAK,CAAC,WAAW,CACvB,GAA2D;QAE3D,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,OAAO;YACf,IAAI,EAAE,WAAW,CAAC,WAAW,CAAC,GAAG,CAAC;YAClC,OAAO,EAAE,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC;YACrC,mBAAmB,EAAE,GAAG,CAAC,mBAAmB;SAC7C,CAAA;IACH,CAAC;IAEO,KAAK,CAAC,YAAY,CACxB,GAA+B;QAE/B,MAAM,OAAO,GAAY;YACvB,GAAG,EAAE,GAAG,CAAC,GAAG;YACZ,GAAG,EAAE,IAAI,CAAC,UAAU;YACpB,KAAK,EAAE,GAAG,CAAC,KAAK,IAAI,SAAS;YAC7B,cAAc,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,gBAAgB,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS;YACpE,kBAAkB,EAAE,GAAG,CAAC,MAAM,IAAI,SAAS;SAC5C,CAAA;QAED,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACtC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAA;YAEvB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU;iBAClC,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;gBACzB,OAAO,KAAK,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAA;YACxC,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;gBACb,iBAAQ,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,EAAE,8BAA8B,CAAC,CAAA;gBACvD,OAAO,IAAI,CAAA,CAAC,uBAAuB;YACrC,CAAC,CAAC,CAAA;YAEJ,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,OAAO,CAAA;gBAEvC,OAAO,CAAC,IAAI,KAAZ,OAAO,CAAC,IAAI,GAAK,WAAW,EAAA;gBAC5B,OAAO,CAAC,OAAO,KAAf,OAAO,CAAC,OAAO,GAAK,MAAM;oBACxB,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;oBAClE,CAAC,CAAC,SAAS,EAAA;YACf,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;CACF;AA1iBD,gCA0iBC","sourcesContent":["import assert from 'node:assert'\nimport { Client, createOp as createPlcOp } from '@did-plc/lib'\nimport { Selectable } from 'kysely'\nimport { Keypair, Secp256k1Keypair } from '@atproto/crypto'\nimport {\n Account,\n AccountStore,\n AuthenticateAccountData,\n AuthorizedClientData,\n AuthorizedClients,\n ClientId,\n Code,\n DeviceAccount,\n DeviceData,\n DeviceId,\n DeviceStore,\n FoundRequestResult,\n HandleUnavailableError,\n InvalidInviteCodeError,\n InvalidRequestError,\n LexiconData,\n LexiconStore,\n NewTokenData,\n RefreshToken,\n RequestData,\n RequestId,\n RequestStore,\n ResetPasswordConfirmInput,\n ResetPasswordRequestInput,\n SignUpData,\n Sub,\n TokenData,\n TokenId,\n TokenInfo,\n TokenStore,\n UpdateRequestData,\n} from '@atproto/oauth-provider'\nimport {\n AuthRequiredError as XrpcAuthRequiredError,\n InvalidRequestError as XrpcInvalidRequestError,\n} from '@atproto/xrpc-server'\nimport { ActorStore } from '../actor-store/actor-store'\nimport { BackgroundQueue } from '../background'\nimport { fromDateISO } from '../db'\nimport { ImageUrlBuilder } from '../image/image-url-builder'\nimport { dbLogger } from '../logger'\nimport { ServerMailer } from '../mailer'\nimport { Sequencer, syncEvtDataFromCommit } from '../sequencer'\nimport { AccountManager } from './account-manager'\nimport * as schemas from './db/schema'\nimport * as accountHelper from './helpers/account'\nimport { AccountStatus } from './helpers/account'\nimport * as accountDeviceHelper from './helpers/account-device'\nimport * as authRequestHelper from './helpers/authorization-request'\nimport * as authorizedClientHelper from './helpers/authorized-client'\nimport * as deviceHelper from './helpers/device'\nimport * as lexiconHelper from './helpers/lexicon'\nimport * as tokenHelper from './helpers/token'\nimport * as usedRefreshTokenHelper from './helpers/used-refresh-token'\n\n/**\n * This class' purpose is to implement the interface needed by the OAuthProvider\n * to interact with the account database (through the {@link AccountManager}).\n *\n * @note The use of this class assumes that there is no entryway.\n */\nexport class OAuthStore\n implements AccountStore, RequestStore, DeviceStore, LexiconStore, TokenStore\n{\n constructor(\n private readonly accountManager: AccountManager,\n private readonly actorStore: ActorStore,\n private readonly imageUrlBuilder: ImageUrlBuilder,\n private readonly backgroundQueue: BackgroundQueue,\n private readonly mailer: ServerMailer,\n private readonly sequencer: Sequencer,\n private readonly plcClient: Client,\n private readonly plcRotationKey: Keypair,\n private readonly publicUrl: string,\n private readonly recoveryDidKey: string | null,\n ) {}\n\n private get db() {\n const { db } = this.accountManager\n if (db.destroyed) throw new Error('Database connection is closed')\n return db\n }\n\n private get serviceDid() {\n return this.accountManager.serviceDid\n }\n\n private async verifyEmailAvailability(email: string): Promise<void> {\n // @NOTE Email validity & disposability check performed by the OAuthProvider\n\n const account = await this.accountManager.getAccountByEmail(email, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n\n if (account) {\n throw new InvalidRequestError(`Email already taken`)\n }\n }\n\n private async verifyInviteCode(code: string) {\n try {\n await this.accountManager.ensureInviteIsAvailable(code)\n } catch (err) {\n const message =\n err instanceof XrpcInvalidRequestError ? err.message : undefined\n throw new InvalidInviteCodeError(message, err)\n }\n }\n\n // AccountStore\n\n async createAccount({\n locale: _locale,\n inviteCode,\n handle,\n email,\n password,\n }: SignUpData): Promise<Account> {\n // @TODO Send an account creation confirmation email (+verification link) to the user (in their locale)\n // @NOTE Password strength & length already enforced by the OAuthProvider\n\n await Promise.all([\n this.verifyEmailAvailability(email),\n this.verifyHandleAvailability(handle),\n !inviteCode || this.verifyInviteCode(inviteCode),\n ])\n\n // @TODO The code bellow should probably be refactored to be common with the\n // code of the `com.atproto.server.createAccount` XRPC endpoint.\n\n const signingKey = await Secp256k1Keypair.create({ exportable: true })\n const signingKeyDid = signingKey.did()\n\n const plcCreate = await createPlcOp({\n signingKey: signingKeyDid,\n rotationKeys: this.recoveryDidKey\n ? [this.recoveryDidKey, this.plcRotationKey.did()]\n : [this.plcRotationKey.did()],\n handle,\n pds: this.publicUrl,\n signer: this.plcRotationKey,\n })\n\n const { did, op } = plcCreate\n\n try {\n await this.actorStore.create(did, signingKey)\n try {\n const commit = await this.actorStore.transact(did, (actorTxn) =>\n actorTxn.repo.createRepo([]),\n )\n\n await this.plcClient.sendOperation(did, op)\n\n await this.accountManager.createAccount({\n did,\n handle,\n email,\n password,\n inviteCode,\n repoCid: commit.cid,\n repoRev: commit.rev,\n })\n try {\n await this.sequencer.sequenceIdentityEvt(did, handle)\n await this.sequencer.sequenceAccountEvt(did, AccountStatus.Active)\n await this.sequencer.sequenceCommit(did, commit)\n await this.sequencer.sequenceSyncEvt(\n did,\n syncEvtDataFromCommit(commit),\n )\n await this.accountManager.updateRepoRoot(did, commit.cid, commit.rev)\n await this.actorStore.clearReservedKeypair(signingKeyDid, did)\n\n const account = await this.accountManager.getAccount(did)\n if (!account) throw new Error('Account not found')\n\n return await this.buildAccount(account)\n } catch (err) {\n this.accountManager.deleteAccount(did)\n throw err\n }\n } catch (err) {\n await this.actorStore.destroy(did)\n throw err\n }\n } catch (err) {\n // XrpcError => OAuthError\n if (err instanceof XrpcInvalidRequestError) {\n throw new InvalidRequestError(err.message, err)\n }\n throw err\n }\n }\n\n async authenticateAccount({\n locale: _locale,\n username: identifier,\n password,\n // Not supported by the PDS (yet?)\n emailOtp = undefined,\n }: AuthenticateAccountData): Promise<Account> {\n // @TODO (?) Send an email to the user to notify them of the login attempt\n try {\n // Should never happen\n if (emailOtp != null) {\n throw new Error('Email OTP is not supported')\n }\n\n const { user, appPassword, isSoftDeleted } =\n await this.accountManager.login({ identifier, password })\n\n if (isSoftDeleted) {\n throw new InvalidRequestError('Account was taken down')\n }\n\n if (appPassword) {\n throw new InvalidRequestError('App passwords are not allowed')\n }\n\n return this.buildAccount(user)\n } catch (err) {\n if (err instanceof XrpcAuthRequiredError) {\n throw new InvalidRequestError(err.message, err)\n }\n throw err\n }\n }\n\n async setAuthorizedClient(\n sub: Sub,\n clientId: ClientId,\n data: AuthorizedClientData,\n ): Promise<void> {\n await authorizedClientHelper.upsert(this.db, sub, clientId, data)\n }\n\n async getAccount(sub: Sub): Promise<{\n account: Account\n authorizedClients: AuthorizedClients\n }> {\n const accountRow = await accountHelper.getAccount(this.db, sub, {\n includeDeactivated: true,\n })\n\n assert(accountRow, 'Account not found')\n\n const account = await this.buildAccount(accountRow)\n const authorizedClients = await authorizedClientHelper.getAuthorizedClients(\n this.db,\n sub,\n )\n\n return { account, authorizedClients }\n }\n\n async upsertDeviceAccount(deviceId: DeviceId, sub: string): Promise<void> {\n await this.db.executeWithRetry(\n accountDeviceHelper.upsertQB(this.db, deviceId, sub),\n )\n }\n\n async getDeviceAccount(\n deviceId: DeviceId,\n sub: string,\n ): Promise<DeviceAccount | null> {\n const row = await accountDeviceHelper\n .selectQB(this.db, { deviceId, sub })\n .executeTakeFirst()\n\n if (!row) return null\n\n return {\n deviceId,\n deviceData: deviceHelper.rowToDeviceData(row),\n account: await this.buildAccount(row),\n authorizedClients: await authorizedClientHelper.getAuthorizedClients(\n this.db,\n sub,\n ),\n createdAt: fromDateISO(row.adCreatedAt),\n updatedAt: fromDateISO(row.adUpdatedAt),\n }\n }\n\n async removeDeviceAccount(deviceId: DeviceId, sub: Sub): Promise<void> {\n await this.db.executeWithRetry(\n accountDeviceHelper.removeQB(this.db, deviceId, sub),\n )\n }\n\n async listDeviceAccounts(\n filter: { sub: Sub } | { deviceId: DeviceId },\n ): Promise<DeviceAccount[]> {\n const rows = await accountDeviceHelper.selectQB(this.db, filter).execute()\n\n const uniqueDids = [...new Set(rows.map((row) => row.did))]\n\n // Enrich all distinct account with their profile data\n const accounts = new Map(\n await Promise.all(\n Array.from(uniqueDids, async (did): Promise<[Sub, Account]> => {\n const row = rows.find((r) => r.did === did)!\n return [did, await this.buildAccount(row)]\n }),\n ),\n )\n\n const authorizedClientsMap =\n await authorizedClientHelper.getAuthorizedClientsMulti(\n this.db,\n uniqueDids,\n )\n\n return rows.map((row) => ({\n deviceId: row.deviceId,\n deviceData: deviceHelper.rowToDeviceData(row),\n account: accounts.get(row.did)!,\n authorizedClients: authorizedClientsMap.get(row.did)!,\n createdAt: fromDateISO(row.adCreatedAt),\n updatedAt: fromDateISO(row.adUpdatedAt),\n }))\n }\n\n async resetPasswordRequest({\n locale: _locale,\n email,\n }: ResetPasswordRequestInput): Promise<void> {\n const account = await this.accountManager.getAccountByEmail(email, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n\n if (!account?.email || !account?.handle) return\n\n const { handle } = account\n const token = await this.accountManager.createEmailToken(\n account.did,\n 'reset_password',\n )\n\n // @TODO Use the locale to send the email in the right language\n await this.mailer.sendResetPassword(\n { handle, token },\n { to: account.email },\n )\n }\n\n async resetPasswordConfirm(data: ResetPasswordConfirmInput): Promise<void> {\n try {\n await this.accountManager.resetPassword(data)\n } catch (err) {\n if (err instanceof XrpcInvalidRequestError) {\n throw new InvalidRequestError(err.message, err)\n }\n\n throw err\n }\n }\n\n async verifyHandleAvailability(handle: string): Promise<void> {\n // @NOTE Handle validity & normalization already enforced by the OAuthProvider\n try {\n const normalized =\n await this.accountManager.normalizeAndValidateHandle(handle)\n\n // Should never happen (OAuthProvider should have already validated the\n // handle) This check is just a safeguard against future normalization\n // changes.\n if (normalized !== handle) {\n throw new HandleUnavailableError('syntax', 'Invalid handle')\n }\n\n const account = await this.accountManager.getAccount(normalized, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n\n if (account) {\n throw new HandleUnavailableError('taken')\n }\n } catch (err) {\n if (err instanceof XrpcInvalidRequestError) {\n throw err.customErrorName === 'HandleNotAvailable'\n ? new HandleUnavailableError('taken', err.message)\n : new HandleUnavailableError('syntax', err.message)\n }\n\n throw err\n }\n }\n\n // RequestStore\n\n async createRequest(id: RequestId, data: RequestData): Promise<void> {\n await this.db.executeWithRetry(\n authRequestHelper.createQB(this.db, id, data),\n )\n }\n\n async readRequest(id: RequestId): Promise<RequestData | null> {\n try {\n const row = await authRequestHelper.readQB(this.db, id).executeTakeFirst()\n if (!row) return null\n return authRequestHelper.rowToRequestData(row)\n } finally {\n // Take the opportunity to clean up expired requests. Do this after we got\n // the current (potentially expired) request data to allow the provider to\n // handle expired requests.\n this.backgroundQueue.add(async () => {\n await this.db.executeWithRetry(\n authRequestHelper.removeOldExpiredQB(this.db),\n )\n })\n }\n }\n\n async updateRequest(id: RequestId, data: UpdateRequestData): Promise<void> {\n await this.db.executeWithRetry(\n authRequestHelper.updateQB(this.db, id, data),\n )\n }\n\n async deleteRequest(id: RequestId): Promise<void> {\n await this.db.executeWithRetry(authRequestHelper.removeByIdQB(this.db, id))\n }\n\n async consumeRequestCode(code: Code): Promise<FoundRequestResult | null> {\n const row = await authRequestHelper\n .consumeByCodeQB(this.db, code)\n .executeTakeFirst()\n return row ? authRequestHelper.rowToFoundRequestResult(row) : null\n }\n\n // DeviceStore\n\n async createDevice(deviceId: DeviceId, data: DeviceData): Promise<void> {\n await this.db.executeWithRetry(\n deviceHelper.createQB(this.db, deviceId, data),\n )\n }\n\n async readDevice(deviceId: DeviceId): Promise<null | DeviceData> {\n const row = await deviceHelper.readQB(this.db, deviceId).executeTakeFirst()\n return row ? deviceHelper.rowToDeviceData(row) : null\n }\n\n async updateDevice(\n deviceId: DeviceId,\n data: Partial<DeviceData>,\n ): Promise<void> {\n await this.db.executeWithRetry(\n deviceHelper.updateQB(this.db, deviceId, data),\n )\n }\n\n async deleteDevice(deviceId: DeviceId): Promise<void> {\n // Will cascade to device_account (device_account_device_id_fk)\n await this.db.executeWithRetry(deviceHelper.removeQB(this.db, deviceId))\n }\n\n // LexiconStore\n\n async findLexicon(nsid: string): Promise<LexiconData | null> {\n return lexiconHelper.find(this.db, nsid)\n }\n\n async storeLexicon(nsid: string, data: LexiconData): Promise<void> {\n return lexiconHelper.upsert(this.db, nsid, data)\n }\n\n async deleteLexicon(nsid: string): Promise<void> {\n return lexiconHelper.remove(this.db, nsid)\n }\n\n // TokenStore\n\n async createToken(\n id: TokenId,\n data: TokenData,\n refreshToken?: RefreshToken,\n ): Promise<void> {\n await this.db.transaction(async (dbTxn) => {\n if (refreshToken) {\n const { count } = await usedRefreshTokenHelper\n .countQB(dbTxn, refreshToken)\n .executeTakeFirstOrThrow()\n\n if (count > 0) {\n throw new Error('Refresh token already in use')\n }\n }\n\n return tokenHelper.createQB(dbTxn, id, data, refreshToken).execute()\n })\n }\n\n async listAccountTokens(sub: Sub): Promise<TokenInfo[]> {\n const rows = await tokenHelper.findByQB(this.db, { did: sub }).execute()\n return Promise.all(rows.map((row) => this.toTokenInfo(row)))\n }\n\n async readToken(tokenId: TokenId): Promise<TokenInfo | null> {\n const row = await tokenHelper\n .findByQB(this.db, { tokenId })\n .executeTakeFirst()\n return row ? this.toTokenInfo(row) : null\n }\n\n async deleteToken(tokenId: TokenId): Promise<void> {\n // Will cascade to used_refresh_token (used_refresh_token_fk)\n await this.db.executeWithRetry(tokenHelper.removeQB(this.db, tokenId))\n }\n\n async rotateToken(\n tokenId: TokenId,\n newTokenId: TokenId,\n newRefreshToken: RefreshToken,\n newData: NewTokenData,\n ): Promise<void> {\n const err = await this.db.transaction(async (dbTxn) => {\n const { id, currentRefreshToken } = await tokenHelper\n .forRotateQB(dbTxn, tokenId)\n .executeTakeFirstOrThrow()\n\n if (currentRefreshToken) {\n await usedRefreshTokenHelper\n .insertQB(dbTxn, id, currentRefreshToken)\n .execute()\n }\n\n const { count } = await usedRefreshTokenHelper\n .countQB(dbTxn, newRefreshToken)\n .executeTakeFirstOrThrow()\n\n if (count > 0) {\n // Do NOT throw (we don't want the transaction to be rolled back)\n return new Error('New refresh token already in use')\n }\n\n await tokenHelper\n .rotateQB(dbTxn, id, newTokenId, newRefreshToken, newData)\n .execute()\n })\n\n if (err) throw err\n }\n\n async findTokenByRefreshToken(\n refreshToken: RefreshToken,\n ): Promise<TokenInfo | null> {\n const used = await usedRefreshTokenHelper\n .findByTokenQB(this.db, refreshToken)\n .executeTakeFirst()\n\n const search = used\n ? { id: used.tokenId }\n : { currentRefreshToken: refreshToken }\n\n const row = await tokenHelper.findByQB(this.db, search).executeTakeFirst()\n return row ? this.toTokenInfo(row) : null\n }\n\n async findTokenByCode(code: Code): Promise<TokenInfo | null> {\n const row = await tokenHelper.findByQB(this.db, { code }).executeTakeFirst()\n return row ? this.toTokenInfo(row) : null\n }\n\n private async toTokenInfo(\n row: accountHelper.ActorAccount & Selectable<schemas.Token>,\n ): Promise<TokenInfo> {\n return {\n id: row.tokenId,\n data: tokenHelper.toTokenData(row),\n account: await this.buildAccount(row),\n currentRefreshToken: row.currentRefreshToken,\n }\n }\n\n private async buildAccount(\n row: accountHelper.ActorAccount,\n ): Promise<Account> {\n const account: Account = {\n sub: row.did,\n aud: this.serviceDid,\n email: row.email || undefined,\n email_verified: row.email ? row.emailConfirmedAt != null : undefined,\n preferred_username: row.handle || undefined,\n }\n\n if (!account.name || !account.picture) {\n const did = account.sub\n\n const profile = await this.actorStore\n .read(did, async (store) => {\n return store.record.getProfileRecord()\n })\n .catch((err) => {\n dbLogger.error({ err }, 'Failed to get profile record')\n return null // No need to propagate\n })\n\n if (profile) {\n const { avatar, displayName } = profile\n\n account.name ||= displayName\n account.picture ||= avatar\n ? this.imageUrlBuilder.build('avatar', did, avatar.ref.toString())\n : undefined\n }\n }\n\n return account\n }\n}\n"]}
1
+ {"version":3,"file":"oauth-store.js","sourceRoot":"","sources":["../../src/account-manager/oauth-store.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8DAAgC;AAChC,sCAA8D;AAE9D,4CAA2D;AAC3D,4DAgCgC;AAChC,sDAG6B;AAG7B,8BAAmC;AAEnC,sCAAoC;AAEpC,4CAA+D;AAG/D,iEAAkD;AAClD,+CAAiD;AACjD,8EAA+D;AAC/D,mFAAoE;AACpE,oFAAqE;AACrE,+DAAgD;AAChD,iEAAkD;AAClD,6DAA8C;AAC9C,qFAAsE;AAEtE;;;;;GAKG;AACH,MAAa,UAAU;IAGrB,YACmB,cAA8B,EAC9B,UAAsB,EACtB,eAAgC,EAChC,eAAgC,EAChC,MAAoB,EACpB,SAAoB,EACpB,SAAiB,EACjB,cAAuB,EACvB,SAAiB,EACjB,cAA6B;QAT9C;;;;mBAAiB,cAAc;WAAgB;QAC/C;;;;mBAAiB,UAAU;WAAY;QACvC;;;;mBAAiB,eAAe;WAAiB;QACjD;;;;mBAAiB,eAAe;WAAiB;QACjD;;;;mBAAiB,MAAM;WAAc;QACrC;;;;mBAAiB,SAAS;WAAW;QACrC;;;;mBAAiB,SAAS;WAAQ;QAClC;;;;mBAAiB,cAAc;WAAS;QACxC;;;;mBAAiB,SAAS;WAAQ;QAClC;;;;mBAAiB,cAAc;WAAe;IAC7C,CAAC;IAEJ,IAAY,EAAE;QACZ,MAAM,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,cAAc,CAAA;QAClC,IAAI,EAAE,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;QAClE,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAY,UAAU;QACpB,OAAO,IAAI,CAAC,cAAc,CAAC,UAAU,CAAA;IACvC,CAAC;IAEO,KAAK,CAAC,uBAAuB,CAAC,KAAa;QACjD,4EAA4E;QAE5E,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,KAAK,EAAE;YACjE,kBAAkB,EAAE,IAAI;YACxB,gBAAgB,EAAE,IAAI;SACvB,CAAC,CAAA;QAEF,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,IAAI,oCAAmB,CAAC,qBAAqB,CAAC,CAAA;QACtD,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,IAAY;QACzC,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,cAAc,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QACzD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GACX,GAAG,YAAY,iCAAuB,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;YAClE,MAAM,IAAI,uCAAsB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;QAChD,CAAC;IACH,CAAC;IAED,eAAe;IAEf,KAAK,CAAC,aAAa,CAAC,EAClB,MAAM,EAAE,OAAO,EACf,UAAU,EACV,MAAM,EACN,KAAK,EACL,QAAQ,GACG;QACX,uGAAuG;QACvG,yEAAyE;QAEzE,MAAM,OAAO,CAAC,GAAG,CAAC;YAChB,IAAI,CAAC,uBAAuB,CAAC,KAAK,CAAC;YACnC,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC;YACrC,CAAC,UAAU,IAAI,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC;SACjD,CAAC,CAAA;QAEF,4EAA4E;QAC5E,gEAAgE;QAEhE,MAAM,UAAU,GAAG,MAAM,yBAAgB,CAAC,MAAM,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAA;QACtE,MAAM,aAAa,GAAG,UAAU,CAAC,GAAG,EAAE,CAAA;QAEtC,MAAM,SAAS,GAAG,MAAM,IAAA,cAAW,EAAC;YAClC,UAAU,EAAE,aAAa;YACzB,YAAY,EAAE,IAAI,CAAC,cAAc;gBAC/B,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,CAAC;gBAClD,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,CAAC;YAC/B,MAAM;YACN,GAAG,EAAE,IAAI,CAAC,SAAS;YACnB,MAAM,EAAE,IAAI,CAAC,cAAc;SAC5B,CAAC,CAAA;QAEF,MAAM,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,SAAS,CAAA;QAE7B,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,UAAU,CAAC,CAAA;YAC7C,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,EAAE,CAC9D,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAC7B,CAAA;gBAED,MAAM,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,GAAG,EAAE,EAAE,CAAC,CAAA;gBAE3C,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC;oBACtC,GAAG;oBACH,MAAM;oBACN,KAAK;oBACL,QAAQ;oBACR,UAAU;oBACV,OAAO,EAAE,MAAM,CAAC,GAAG;oBACnB,OAAO,EAAE,MAAM,CAAC,GAAG;iBACpB,CAAC,CAAA;gBACF,IAAI,CAAC;oBACH,MAAM,IAAI,CAAC,SAAS,CAAC,mBAAmB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;oBACrD,MAAM,IAAI,CAAC,SAAS,CAAC,kBAAkB,CAAC,GAAG,EAAE,uBAAa,CAAC,MAAM,CAAC,CAAA;oBAClE,MAAM,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;oBAChD,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAClC,GAAG,EACH,IAAA,iCAAqB,EAAC,MAAM,CAAC,CAC9B,CAAA;oBACD,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAA;oBACrE,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAAC,aAAa,EAAE,GAAG,CAAC,CAAA;oBAE9D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;oBACzD,IAAI,CAAC,OAAO;wBAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAA;oBAElD,OAAO,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAA;gBACzC,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;oBACtC,MAAM,GAAG,CAAA;gBACX,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;gBAClC,MAAM,GAAG,CAAA;YACX,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,0BAA0B;YAC1B,IAAI,GAAG,YAAY,iCAAuB,EAAE,CAAC;gBAC3C,MAAM,IAAI,oCAAmB,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;YACjD,CAAC;YACD,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,EACxB,MAAM,EAAE,OAAO,EACf,QAAQ,EAAE,UAAU,EACpB,QAAQ;IACR,kCAAkC;IAClC,QAAQ,GAAG,SAAS,GACI;QACxB,0EAA0E;QAC1E,IAAI,CAAC;YACH,sBAAsB;YACtB,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;gBACrB,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAA;YAC/C,CAAC;YAED,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,aAAa,EAAE,GACxC,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAE3D,IAAI,aAAa,EAAE,CAAC;gBAClB,MAAM,IAAI,oCAAmB,CAAC,wBAAwB,CAAC,CAAA;YACzD,CAAC;YAED,IAAI,WAAW,EAAE,CAAC;gBAChB,MAAM,IAAI,oCAAmB,CAAC,+BAA+B,CAAC,CAAA;YAChE,CAAC;YAED,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAA;QAChC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,+BAAqB,EAAE,CAAC;gBACzC,MAAM,IAAI,oCAAmB,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;YACjD,CAAC;YACD,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED,KAAK,CAAC,mBAAmB,CACvB,GAAQ,EACR,QAAkB,EAClB,IAA0B;QAE1B,MAAM,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAA;IACnE,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,GAAQ;QAIvB,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,EAAE;YAC9D,kBAAkB,EAAE,IAAI;SACzB,CAAC,CAAA;QAEF,IAAA,qBAAM,EAAC,UAAU,EAAE,mBAAmB,CAAC,CAAA;QAEvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,CAAA;QACnD,MAAM,iBAAiB,GAAG,MAAM,sBAAsB,CAAC,oBAAoB,CACzE,IAAI,CAAC,EAAE,EACP,GAAG,CACJ,CAAA;QAED,OAAO,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAA;IACvC,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,QAAkB,EAAE,GAAW;QACvD,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,GAAG,CAAC,CACrD,CAAA;IACH,CAAC;IAED,KAAK,CAAC,gBAAgB,CACpB,QAAkB,EAClB,GAAW;QAEX,MAAM,GAAG,GAAG,MAAM,mBAAmB;aAClC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC;aACpC,gBAAgB,EAAE,CAAA;QAErB,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAA;QAErB,OAAO;YACL,QAAQ;YACR,UAAU,EAAE,YAAY,CAAC,eAAe,CAAC,GAAG,CAAC;YAC7C,OAAO,EAAE,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC;YACrC,iBAAiB,EAAE,MAAM,sBAAsB,CAAC,oBAAoB,CAClE,IAAI,CAAC,EAAE,EACP,GAAG,CACJ;YACD,SAAS,EAAE,IAAA,gBAAW,EAAC,GAAG,CAAC,WAAW,CAAC;YACvC,SAAS,EAAE,IAAA,gBAAW,EAAC,GAAG,CAAC,WAAW,CAAC;SACxC,CAAA;IACH,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,QAAkB,EAAE,GAAQ;QACpD,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,GAAG,CAAC,CACrD,CAAA;IACH,CAAC;IAED,KAAK,CAAC,kBAAkB,CACtB,MAA6C;QAE7C,MAAM,IAAI,GAAG,MAAM,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,OAAO,EAAE,CAAA;QAE1E,MAAM,UAAU,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;QAE3D,sDAAsD;QACtD,MAAM,QAAQ,GAAG,IAAI,GAAG,CACtB,MAAM,OAAO,CAAC,GAAG,CACf,KAAK,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,EAAE,GAAG,EAA2B,EAAE;YAC5D,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAE,CAAA;YAC5C,OAAO,CAAC,GAAG,EAAE,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAA;QAC5C,CAAC,CAAC,CACH,CACF,CAAA;QAED,MAAM,oBAAoB,GACxB,MAAM,sBAAsB,CAAC,yBAAyB,CACpD,IAAI,CAAC,EAAE,EACP,UAAU,CACX,CAAA;QAEH,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACxB,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,UAAU,EAAE,YAAY,CAAC,eAAe,CAAC,GAAG,CAAC;YAC7C,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAE;YAC/B,iBAAiB,EAAE,oBAAoB,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAE;YACrD,SAAS,EAAE,IAAA,gBAAW,EAAC,GAAG,CAAC,WAAW,CAAC;YACvC,SAAS,EAAE,IAAA,gBAAW,EAAC,GAAG,CAAC,WAAW,CAAC;SACxC,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,EACzB,MAAM,EAAE,OAAO,EACf,KAAK,GACqB;QAC1B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,KAAK,EAAE;YACjE,kBAAkB,EAAE,IAAI;YACxB,gBAAgB,EAAE,IAAI;SACvB,CAAC,CAAA;QAEF,IAAI,CAAC,OAAO,EAAE,KAAK,IAAI,CAAC,OAAO,EAAE,MAAM;YAAE,OAAO,IAAI,CAAA;QAEpD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;QAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,gBAAgB,CACtD,OAAO,CAAC,GAAG,EACX,gBAAgB,CACjB,CAAA;QAED,+DAA+D;QAC/D,MAAM,IAAI,CAAC,MAAM,CAAC,iBAAiB,CACjC,EAAE,MAAM,EAAE,KAAK,EAAE,EACjB,EAAE,EAAE,EAAE,OAAO,CAAC,KAAK,EAAE,CACtB,CAAA;QAED,OAAO,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAA;IACnC,CAAC;IAED,KAAK,CAAC,oBAAoB,CACxB,IAA+B;QAE/B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,IAAI,CAAC,CAAA;YACzD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,GAAG,EAAE;gBACxD,kBAAkB,EAAE,IAAI;gBACxB,gBAAgB,EAAE,IAAI;aACvB,CAAC,CAAA;YAEF,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;QACpD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,iCAAuB,EAAE,CAAC;gBAC3C,OAAO,IAAI,CAAA;YACb,CAAC;YAED,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,MAAc;QAC3C,8EAA8E;QAC9E,IAAI,CAAC;YACH,MAAM,UAAU,GACd,MAAM,IAAI,CAAC,cAAc,CAAC,0BAA0B,CAAC,MAAM,CAAC,CAAA;YAE9D,uEAAuE;YACvE,sEAAsE;YACtE,WAAW;YACX,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;gBAC1B,MAAM,IAAI,uCAAsB,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAA;YAC9D,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,UAAU,EAAE;gBAC/D,kBAAkB,EAAE,IAAI;gBACxB,gBAAgB,EAAE,IAAI;aACvB,CAAC,CAAA;YAEF,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,IAAI,uCAAsB,CAAC,OAAO,CAAC,CAAA;YAC3C,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,iCAAuB,EAAE,CAAC;gBAC3C,MAAM,GAAG,CAAC,eAAe,KAAK,oBAAoB;oBAChD,CAAC,CAAC,IAAI,uCAAsB,CAAC,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC;oBAClD,CAAC,CAAC,IAAI,uCAAsB,CAAC,QAAQ,EAAE,GAAG,CAAC,OAAO,CAAC,CAAA;YACvD,CAAC;YAED,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;IAED,eAAe;IAEf,KAAK,CAAC,aAAa,CAAC,EAAa,EAAE,IAAiB;QAClD,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,iBAAiB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,CAC9C,CAAA;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,EAAa;QAC7B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,iBAAiB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,gBAAgB,EAAE,CAAA;YAC1E,IAAI,CAAC,GAAG;gBAAE,OAAO,IAAI,CAAA;YACrB,OAAO,iBAAiB,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAA;QAChD,CAAC;gBAAS,CAAC;YACT,0EAA0E;YAC1E,0EAA0E;YAC1E,2BAA2B;YAC3B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE;gBAClC,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,iBAAiB,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC,CAC9C,CAAA;YACH,CAAC,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,EAAa,EAAE,IAAuB;QACxD,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,iBAAiB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,CAC9C,CAAA;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,EAAa;QAC/B,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAA;IAC7E,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,IAAU;QACjC,MAAM,GAAG,GAAG,MAAM,iBAAiB;aAChC,eAAe,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC;aAC9B,gBAAgB,EAAE,CAAA;QACrB,OAAO,GAAG,CAAC,CAAC,CAAC,iBAAiB,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IACpE,CAAC;IAED,cAAc;IAEd,KAAK,CAAC,YAAY,CAAC,QAAkB,EAAE,IAAgB;QACrD,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,CAC/C,CAAA;IACH,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,QAAkB;QACjC,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC,gBAAgB,EAAE,CAAA;QAC3E,OAAO,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IACvD,CAAC;IAED,KAAK,CAAC,YAAY,CAChB,QAAkB,EAClB,IAAyB;QAEzB,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAC5B,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,CAC/C,CAAA;IACH,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,QAAkB;QACnC,+DAA+D;QAC/D,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC1E,CAAC;IAED,eAAe;IAEf,KAAK,CAAC,WAAW,CAAC,IAAY;QAC5B,OAAO,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;IAC1C,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,IAAY,EAAE,IAAiB;QAChD,OAAO,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,CAAA;IAClD,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,IAAY;QAC9B,OAAO,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;IAC5C,CAAC;IAED,aAAa;IAEb,KAAK,CAAC,WAAW,CACf,EAAW,EACX,IAAe,EACf,YAA2B;QAE3B,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACxC,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,sBAAsB;qBAC3C,OAAO,CAAC,KAAK,EAAE,YAAY,CAAC;qBAC5B,uBAAuB,EAAE,CAAA;gBAE5B,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;oBACd,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAA;gBACjD,CAAC;YACH,CAAC;YAED,OAAO,WAAW,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,YAAY,CAAC,CAAC,OAAO,EAAE,CAAA;QACtE,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,GAAQ;QAC9B,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,OAAO,EAAE,CAAA;QACxE,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;IAC9D,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,OAAgB;QAC9B,MAAM,GAAG,GAAG,MAAM,WAAW;aAC1B,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,CAAC;aAC9B,gBAAgB,EAAE,CAAA;QACrB,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IAC3C,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAgB;QAChC,6DAA6D;QAC7D,MAAM,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAA;IACxE,CAAC;IAED,KAAK,CAAC,WAAW,CACf,OAAgB,EAChB,UAAmB,EACnB,eAA6B,EAC7B,OAAqB;QAErB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACpD,MAAM,EAAE,EAAE,EAAE,mBAAmB,EAAE,GAAG,MAAM,WAAW;iBAClD,WAAW,CAAC,KAAK,EAAE,OAAO,CAAC;iBAC3B,uBAAuB,EAAE,CAAA;YAE5B,IAAI,mBAAmB,EAAE,CAAC;gBACxB,MAAM,sBAAsB;qBACzB,QAAQ,CAAC,KAAK,EAAE,EAAE,EAAE,mBAAmB,CAAC;qBACxC,OAAO,EAAE,CAAA;YACd,CAAC;YAED,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,sBAAsB;iBAC3C,OAAO,CAAC,KAAK,EAAE,eAAe,CAAC;iBAC/B,uBAAuB,EAAE,CAAA;YAE5B,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;gBACd,iEAAiE;gBACjE,OAAO,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;YACtD,CAAC;YAED,MAAM,WAAW;iBACd,QAAQ,CAAC,KAAK,EAAE,EAAE,EAAE,UAAU,EAAE,eAAe,EAAE,OAAO,CAAC;iBACzD,OAAO,EAAE,CAAA;QACd,CAAC,CAAC,CAAA;QAEF,IAAI,GAAG;YAAE,MAAM,GAAG,CAAA;IACpB,CAAC;IAED,KAAK,CAAC,uBAAuB,CAC3B,YAA0B;QAE1B,MAAM,IAAI,GAAG,MAAM,sBAAsB;aACtC,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,YAAY,CAAC;aACpC,gBAAgB,EAAE,CAAA;QAErB,MAAM,MAAM,GAAG,IAAI;YACjB,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,OAAO,EAAE;YACtB,CAAC,CAAC,EAAE,mBAAmB,EAAE,YAAY,EAAE,CAAA;QAEzC,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,gBAAgB,EAAE,CAAA;QAC1E,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IAC3C,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,IAAU;QAC9B,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,gBAAgB,EAAE,CAAA;QAC5E,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IAC3C,CAAC;IAEO,KAAK,CAAC,WAAW,CACvB,GAA2D;QAE3D,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,OAAO;YACf,IAAI,EAAE,WAAW,CAAC,WAAW,CAAC,GAAG,CAAC;YAClC,OAAO,EAAE,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC;YACrC,mBAAmB,EAAE,GAAG,CAAC,mBAAmB;SAC7C,CAAA;IACH,CAAC;IAEO,KAAK,CAAC,YAAY,CACxB,GAA+B;QAE/B,MAAM,OAAO,GAAY;YACvB,GAAG,EAAE,GAAG,CAAC,GAAG;YACZ,GAAG,EAAE,IAAI,CAAC,UAAU;YACpB,KAAK,EAAE,GAAG,CAAC,KAAK,IAAI,SAAS;YAC7B,cAAc,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,gBAAgB,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS;YACpE,kBAAkB,EAAE,GAAG,CAAC,MAAM,IAAI,SAAS;SAC5C,CAAA;QAED,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACtC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAA;YAEvB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU;iBAClC,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;gBACzB,OAAO,KAAK,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAA;YACxC,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;gBACb,iBAAQ,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,EAAE,8BAA8B,CAAC,CAAA;gBACvD,OAAO,IAAI,CAAA,CAAC,uBAAuB;YACrC,CAAC,CAAC,CAAA;YAEJ,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,OAAO,CAAA;gBAEvC,OAAO,CAAC,IAAI,KAAZ,OAAO,CAAC,IAAI,GAAK,WAAW,EAAA;gBAC5B,OAAO,CAAC,OAAO,KAAf,OAAO,CAAC,OAAO,GAAK,MAAM;oBACxB,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;oBAClE,CAAC,CAAC,SAAS,EAAA;YACf,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;CACF;AApjBD,gCAojBC","sourcesContent":["import assert from 'node:assert'\nimport { Client, createOp as createPlcOp } from '@did-plc/lib'\nimport { Selectable } from 'kysely'\nimport { Keypair, Secp256k1Keypair } from '@atproto/crypto'\nimport {\n Account,\n AccountStore,\n AuthenticateAccountData,\n AuthorizedClientData,\n AuthorizedClients,\n ClientId,\n Code,\n DeviceAccount,\n DeviceData,\n DeviceId,\n DeviceStore,\n FoundRequestResult,\n HandleUnavailableError,\n InvalidInviteCodeError,\n InvalidRequestError,\n LexiconData,\n LexiconStore,\n NewTokenData,\n RefreshToken,\n RequestData,\n RequestId,\n RequestStore,\n ResetPasswordConfirmInput,\n ResetPasswordRequestInput,\n SignUpData,\n Sub,\n TokenData,\n TokenId,\n TokenInfo,\n TokenStore,\n UpdateRequestData,\n} from '@atproto/oauth-provider'\nimport {\n AuthRequiredError as XrpcAuthRequiredError,\n InvalidRequestError as XrpcInvalidRequestError,\n} from '@atproto/xrpc-server'\nimport { ActorStore } from '../actor-store/actor-store'\nimport { BackgroundQueue } from '../background'\nimport { fromDateISO } from '../db'\nimport { ImageUrlBuilder } from '../image/image-url-builder'\nimport { dbLogger } from '../logger'\nimport { ServerMailer } from '../mailer'\nimport { Sequencer, syncEvtDataFromCommit } from '../sequencer'\nimport { AccountManager } from './account-manager'\nimport * as schemas from './db/schema'\nimport * as accountHelper from './helpers/account'\nimport { AccountStatus } from './helpers/account'\nimport * as accountDeviceHelper from './helpers/account-device'\nimport * as authRequestHelper from './helpers/authorization-request'\nimport * as authorizedClientHelper from './helpers/authorized-client'\nimport * as deviceHelper from './helpers/device'\nimport * as lexiconHelper from './helpers/lexicon'\nimport * as tokenHelper from './helpers/token'\nimport * as usedRefreshTokenHelper from './helpers/used-refresh-token'\n\n/**\n * This class' purpose is to implement the interface needed by the OAuthProvider\n * to interact with the account database (through the {@link AccountManager}).\n *\n * @note The use of this class assumes that there is no entryway.\n */\nexport class OAuthStore\n implements AccountStore, RequestStore, DeviceStore, LexiconStore, TokenStore\n{\n constructor(\n private readonly accountManager: AccountManager,\n private readonly actorStore: ActorStore,\n private readonly imageUrlBuilder: ImageUrlBuilder,\n private readonly backgroundQueue: BackgroundQueue,\n private readonly mailer: ServerMailer,\n private readonly sequencer: Sequencer,\n private readonly plcClient: Client,\n private readonly plcRotationKey: Keypair,\n private readonly publicUrl: string,\n private readonly recoveryDidKey: string | null,\n ) {}\n\n private get db() {\n const { db } = this.accountManager\n if (db.destroyed) throw new Error('Database connection is closed')\n return db\n }\n\n private get serviceDid() {\n return this.accountManager.serviceDid\n }\n\n private async verifyEmailAvailability(email: string): Promise<void> {\n // @NOTE Email validity & disposability check performed by the OAuthProvider\n\n const account = await this.accountManager.getAccountByEmail(email, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n\n if (account) {\n throw new InvalidRequestError(`Email already taken`)\n }\n }\n\n private async verifyInviteCode(code: string) {\n try {\n await this.accountManager.ensureInviteIsAvailable(code)\n } catch (err) {\n const message =\n err instanceof XrpcInvalidRequestError ? err.message : undefined\n throw new InvalidInviteCodeError(message, err)\n }\n }\n\n // AccountStore\n\n async createAccount({\n locale: _locale,\n inviteCode,\n handle,\n email,\n password,\n }: SignUpData): Promise<Account> {\n // @TODO Send an account creation confirmation email (+verification link) to the user (in their locale)\n // @NOTE Password strength & length already enforced by the OAuthProvider\n\n await Promise.all([\n this.verifyEmailAvailability(email),\n this.verifyHandleAvailability(handle),\n !inviteCode || this.verifyInviteCode(inviteCode),\n ])\n\n // @TODO The code bellow should probably be refactored to be common with the\n // code of the `com.atproto.server.createAccount` XRPC endpoint.\n\n const signingKey = await Secp256k1Keypair.create({ exportable: true })\n const signingKeyDid = signingKey.did()\n\n const plcCreate = await createPlcOp({\n signingKey: signingKeyDid,\n rotationKeys: this.recoveryDidKey\n ? [this.recoveryDidKey, this.plcRotationKey.did()]\n : [this.plcRotationKey.did()],\n handle,\n pds: this.publicUrl,\n signer: this.plcRotationKey,\n })\n\n const { did, op } = plcCreate\n\n try {\n await this.actorStore.create(did, signingKey)\n try {\n const commit = await this.actorStore.transact(did, (actorTxn) =>\n actorTxn.repo.createRepo([]),\n )\n\n await this.plcClient.sendOperation(did, op)\n\n await this.accountManager.createAccount({\n did,\n handle,\n email,\n password,\n inviteCode,\n repoCid: commit.cid,\n repoRev: commit.rev,\n })\n try {\n await this.sequencer.sequenceIdentityEvt(did, handle)\n await this.sequencer.sequenceAccountEvt(did, AccountStatus.Active)\n await this.sequencer.sequenceCommit(did, commit)\n await this.sequencer.sequenceSyncEvt(\n did,\n syncEvtDataFromCommit(commit),\n )\n await this.accountManager.updateRepoRoot(did, commit.cid, commit.rev)\n await this.actorStore.clearReservedKeypair(signingKeyDid, did)\n\n const account = await this.accountManager.getAccount(did)\n if (!account) throw new Error('Account not found')\n\n return await this.buildAccount(account)\n } catch (err) {\n this.accountManager.deleteAccount(did)\n throw err\n }\n } catch (err) {\n await this.actorStore.destroy(did)\n throw err\n }\n } catch (err) {\n // XrpcError => OAuthError\n if (err instanceof XrpcInvalidRequestError) {\n throw new InvalidRequestError(err.message, err)\n }\n throw err\n }\n }\n\n async authenticateAccount({\n locale: _locale,\n username: identifier,\n password,\n // Not supported by the PDS (yet?)\n emailOtp = undefined,\n }: AuthenticateAccountData): Promise<Account> {\n // @TODO (?) Send an email to the user to notify them of the login attempt\n try {\n // Should never happen\n if (emailOtp != null) {\n throw new Error('Email OTP is not supported')\n }\n\n const { user, appPassword, isSoftDeleted } =\n await this.accountManager.login({ identifier, password })\n\n if (isSoftDeleted) {\n throw new InvalidRequestError('Account was taken down')\n }\n\n if (appPassword) {\n throw new InvalidRequestError('App passwords are not allowed')\n }\n\n return this.buildAccount(user)\n } catch (err) {\n if (err instanceof XrpcAuthRequiredError) {\n throw new InvalidRequestError(err.message, err)\n }\n throw err\n }\n }\n\n async setAuthorizedClient(\n sub: Sub,\n clientId: ClientId,\n data: AuthorizedClientData,\n ): Promise<void> {\n await authorizedClientHelper.upsert(this.db, sub, clientId, data)\n }\n\n async getAccount(sub: Sub): Promise<{\n account: Account\n authorizedClients: AuthorizedClients\n }> {\n const accountRow = await accountHelper.getAccount(this.db, sub, {\n includeDeactivated: true,\n })\n\n assert(accountRow, 'Account not found')\n\n const account = await this.buildAccount(accountRow)\n const authorizedClients = await authorizedClientHelper.getAuthorizedClients(\n this.db,\n sub,\n )\n\n return { account, authorizedClients }\n }\n\n async upsertDeviceAccount(deviceId: DeviceId, sub: string): Promise<void> {\n await this.db.executeWithRetry(\n accountDeviceHelper.upsertQB(this.db, deviceId, sub),\n )\n }\n\n async getDeviceAccount(\n deviceId: DeviceId,\n sub: string,\n ): Promise<DeviceAccount | null> {\n const row = await accountDeviceHelper\n .selectQB(this.db, { deviceId, sub })\n .executeTakeFirst()\n\n if (!row) return null\n\n return {\n deviceId,\n deviceData: deviceHelper.rowToDeviceData(row),\n account: await this.buildAccount(row),\n authorizedClients: await authorizedClientHelper.getAuthorizedClients(\n this.db,\n sub,\n ),\n createdAt: fromDateISO(row.adCreatedAt),\n updatedAt: fromDateISO(row.adUpdatedAt),\n }\n }\n\n async removeDeviceAccount(deviceId: DeviceId, sub: Sub): Promise<void> {\n await this.db.executeWithRetry(\n accountDeviceHelper.removeQB(this.db, deviceId, sub),\n )\n }\n\n async listDeviceAccounts(\n filter: { sub: Sub } | { deviceId: DeviceId },\n ): Promise<DeviceAccount[]> {\n const rows = await accountDeviceHelper.selectQB(this.db, filter).execute()\n\n const uniqueDids = [...new Set(rows.map((row) => row.did))]\n\n // Enrich all distinct account with their profile data\n const accounts = new Map(\n await Promise.all(\n Array.from(uniqueDids, async (did): Promise<[Sub, Account]> => {\n const row = rows.find((r) => r.did === did)!\n return [did, await this.buildAccount(row)]\n }),\n ),\n )\n\n const authorizedClientsMap =\n await authorizedClientHelper.getAuthorizedClientsMulti(\n this.db,\n uniqueDids,\n )\n\n return rows.map((row) => ({\n deviceId: row.deviceId,\n deviceData: deviceHelper.rowToDeviceData(row),\n account: accounts.get(row.did)!,\n authorizedClients: authorizedClientsMap.get(row.did)!,\n createdAt: fromDateISO(row.adCreatedAt),\n updatedAt: fromDateISO(row.adUpdatedAt),\n }))\n }\n\n async resetPasswordRequest({\n locale: _locale,\n email,\n }: ResetPasswordRequestInput): Promise<Account | null> {\n const account = await this.accountManager.getAccountByEmail(email, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n\n if (!account?.email || !account?.handle) return null\n\n const { handle } = account\n const token = await this.accountManager.createEmailToken(\n account.did,\n 'reset_password',\n )\n\n // @TODO Use the locale to send the email in the right language\n await this.mailer.sendResetPassword(\n { handle, token },\n { to: account.email },\n )\n\n return this.buildAccount(account)\n }\n\n async resetPasswordConfirm(\n data: ResetPasswordConfirmInput,\n ): Promise<Account | null> {\n try {\n const did = await this.accountManager.resetPassword(data)\n const account = await this.accountManager.getAccount(did, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n\n return account ? this.buildAccount(account) : null\n } catch (err) {\n if (err instanceof XrpcInvalidRequestError) {\n return null\n }\n\n throw err\n }\n }\n\n async verifyHandleAvailability(handle: string): Promise<void> {\n // @NOTE Handle validity & normalization already enforced by the OAuthProvider\n try {\n const normalized =\n await this.accountManager.normalizeAndValidateHandle(handle)\n\n // Should never happen (OAuthProvider should have already validated the\n // handle) This check is just a safeguard against future normalization\n // changes.\n if (normalized !== handle) {\n throw new HandleUnavailableError('syntax', 'Invalid handle')\n }\n\n const account = await this.accountManager.getAccount(normalized, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n\n if (account) {\n throw new HandleUnavailableError('taken')\n }\n } catch (err) {\n if (err instanceof XrpcInvalidRequestError) {\n throw err.customErrorName === 'HandleNotAvailable'\n ? new HandleUnavailableError('taken', err.message)\n : new HandleUnavailableError('syntax', err.message)\n }\n\n throw err\n }\n }\n\n // RequestStore\n\n async createRequest(id: RequestId, data: RequestData): Promise<void> {\n await this.db.executeWithRetry(\n authRequestHelper.createQB(this.db, id, data),\n )\n }\n\n async readRequest(id: RequestId): Promise<RequestData | null> {\n try {\n const row = await authRequestHelper.readQB(this.db, id).executeTakeFirst()\n if (!row) return null\n return authRequestHelper.rowToRequestData(row)\n } finally {\n // Take the opportunity to clean up expired requests. Do this after we got\n // the current (potentially expired) request data to allow the provider to\n // handle expired requests.\n this.backgroundQueue.add(async () => {\n await this.db.executeWithRetry(\n authRequestHelper.removeOldExpiredQB(this.db),\n )\n })\n }\n }\n\n async updateRequest(id: RequestId, data: UpdateRequestData): Promise<void> {\n await this.db.executeWithRetry(\n authRequestHelper.updateQB(this.db, id, data),\n )\n }\n\n async deleteRequest(id: RequestId): Promise<void> {\n await this.db.executeWithRetry(authRequestHelper.removeByIdQB(this.db, id))\n }\n\n async consumeRequestCode(code: Code): Promise<FoundRequestResult | null> {\n const row = await authRequestHelper\n .consumeByCodeQB(this.db, code)\n .executeTakeFirst()\n return row ? authRequestHelper.rowToFoundRequestResult(row) : null\n }\n\n // DeviceStore\n\n async createDevice(deviceId: DeviceId, data: DeviceData): Promise<void> {\n await this.db.executeWithRetry(\n deviceHelper.createQB(this.db, deviceId, data),\n )\n }\n\n async readDevice(deviceId: DeviceId): Promise<null | DeviceData> {\n const row = await deviceHelper.readQB(this.db, deviceId).executeTakeFirst()\n return row ? deviceHelper.rowToDeviceData(row) : null\n }\n\n async updateDevice(\n deviceId: DeviceId,\n data: Partial<DeviceData>,\n ): Promise<void> {\n await this.db.executeWithRetry(\n deviceHelper.updateQB(this.db, deviceId, data),\n )\n }\n\n async deleteDevice(deviceId: DeviceId): Promise<void> {\n // Will cascade to device_account (device_account_device_id_fk)\n await this.db.executeWithRetry(deviceHelper.removeQB(this.db, deviceId))\n }\n\n // LexiconStore\n\n async findLexicon(nsid: string): Promise<LexiconData | null> {\n return lexiconHelper.find(this.db, nsid)\n }\n\n async storeLexicon(nsid: string, data: LexiconData): Promise<void> {\n return lexiconHelper.upsert(this.db, nsid, data)\n }\n\n async deleteLexicon(nsid: string): Promise<void> {\n return lexiconHelper.remove(this.db, nsid)\n }\n\n // TokenStore\n\n async createToken(\n id: TokenId,\n data: TokenData,\n refreshToken?: RefreshToken,\n ): Promise<void> {\n await this.db.transaction(async (dbTxn) => {\n if (refreshToken) {\n const { count } = await usedRefreshTokenHelper\n .countQB(dbTxn, refreshToken)\n .executeTakeFirstOrThrow()\n\n if (count > 0) {\n throw new Error('Refresh token already in use')\n }\n }\n\n return tokenHelper.createQB(dbTxn, id, data, refreshToken).execute()\n })\n }\n\n async listAccountTokens(sub: Sub): Promise<TokenInfo[]> {\n const rows = await tokenHelper.findByQB(this.db, { did: sub }).execute()\n return Promise.all(rows.map((row) => this.toTokenInfo(row)))\n }\n\n async readToken(tokenId: TokenId): Promise<TokenInfo | null> {\n const row = await tokenHelper\n .findByQB(this.db, { tokenId })\n .executeTakeFirst()\n return row ? this.toTokenInfo(row) : null\n }\n\n async deleteToken(tokenId: TokenId): Promise<void> {\n // Will cascade to used_refresh_token (used_refresh_token_fk)\n await this.db.executeWithRetry(tokenHelper.removeQB(this.db, tokenId))\n }\n\n async rotateToken(\n tokenId: TokenId,\n newTokenId: TokenId,\n newRefreshToken: RefreshToken,\n newData: NewTokenData,\n ): Promise<void> {\n const err = await this.db.transaction(async (dbTxn) => {\n const { id, currentRefreshToken } = await tokenHelper\n .forRotateQB(dbTxn, tokenId)\n .executeTakeFirstOrThrow()\n\n if (currentRefreshToken) {\n await usedRefreshTokenHelper\n .insertQB(dbTxn, id, currentRefreshToken)\n .execute()\n }\n\n const { count } = await usedRefreshTokenHelper\n .countQB(dbTxn, newRefreshToken)\n .executeTakeFirstOrThrow()\n\n if (count > 0) {\n // Do NOT throw (we don't want the transaction to be rolled back)\n return new Error('New refresh token already in use')\n }\n\n await tokenHelper\n .rotateQB(dbTxn, id, newTokenId, newRefreshToken, newData)\n .execute()\n })\n\n if (err) throw err\n }\n\n async findTokenByRefreshToken(\n refreshToken: RefreshToken,\n ): Promise<TokenInfo | null> {\n const used = await usedRefreshTokenHelper\n .findByTokenQB(this.db, refreshToken)\n .executeTakeFirst()\n\n const search = used\n ? { id: used.tokenId }\n : { currentRefreshToken: refreshToken }\n\n const row = await tokenHelper.findByQB(this.db, search).executeTakeFirst()\n return row ? this.toTokenInfo(row) : null\n }\n\n async findTokenByCode(code: Code): Promise<TokenInfo | null> {\n const row = await tokenHelper.findByQB(this.db, { code }).executeTakeFirst()\n return row ? this.toTokenInfo(row) : null\n }\n\n private async toTokenInfo(\n row: accountHelper.ActorAccount & Selectable<schemas.Token>,\n ): Promise<TokenInfo> {\n return {\n id: row.tokenId,\n data: tokenHelper.toTokenData(row),\n account: await this.buildAccount(row),\n currentRefreshToken: row.currentRefreshToken,\n }\n }\n\n private async buildAccount(\n row: accountHelper.ActorAccount,\n ): Promise<Account> {\n const account: Account = {\n sub: row.did,\n aud: this.serviceDid,\n email: row.email || undefined,\n email_verified: row.email ? row.emailConfirmedAt != null : undefined,\n preferred_username: row.handle || undefined,\n }\n\n if (!account.name || !account.picture) {\n const did = account.sub\n\n const profile = await this.actorStore\n .read(did, async (store) => {\n return store.record.getProfileRecord()\n })\n .catch((err) => {\n dbLogger.error({ err }, 'Failed to get profile record')\n return null // No need to propagate\n })\n\n if (profile) {\n const { avatar, displayName } = profile\n\n account.name ||= displayName\n account.picture ||= avatar\n ? this.imageUrlBuilder.build('avatar', did, avatar.ref.toString())\n : undefined\n }\n }\n\n return account\n }\n}\n"]}
package/dist/lexicon/lexicons.d.ts CHANGED
@@ -3429,7 +3429,7 @@ export declare const schemaDict: {
3429
3429
  };
3430
3430
  readonly hiddenReplies: {
3431
3431
  readonly type: "array";
3432
- readonly maxLength: 50;
3432
+ readonly maxLength: 300;
3433
3433
  readonly items: {
3434
3434
  readonly type: "string";
3435
3435
  readonly format: "at-uri";
@@ -20767,7 +20767,7 @@ export declare const schemas: ({
20767
20767
  };
20768
20768
  readonly hiddenReplies: {
20769
20769
  readonly type: "array";
20770
- readonly maxLength: 50;
20770
+ readonly maxLength: 300;
20771
20771
  readonly items: {
20772
20772
  readonly type: "string";
20773
20773
  readonly format: "at-uri";
package/dist/lexicon/lexicons.js CHANGED
@@ -3575,7 +3575,7 @@ exports.schemaDict = {
3575
3575
  },
3576
3576
  hiddenReplies: {
3577
3577
  type: 'array',
3578
- maxLength: 50,
3578
+ maxLength: 300,
3579
3579
  items: {
3580
3580
  type: 'string',
3581
3581
  format: 'at-uri',