@atproto/pds 0.4.196 → 0.4.197

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. package/CHANGELOG.md +15 -0
  2. package/dist/account-manager/db/schema/lexicon.d.ts +2 -2
  3. package/dist/account-manager/db/schema/lexicon.d.ts.map +1 -1
  4. package/dist/account-manager/db/schema/lexicon.js.map +1 -1
  5. package/dist/api/com/atproto/admin/getInviteCodes.d.ts +1 -1
  6. package/dist/api/com/atproto/sync/listRepos.d.ts +1 -1
  7. package/dist/config/config.d.ts +1 -1
  8. package/dist/config/config.d.ts.map +1 -1
  9. package/dist/config/config.js +6 -3
  10. package/dist/config/config.js.map +1 -1
  11. package/dist/config/env.d.ts +100 -101
  12. package/dist/config/env.d.ts.map +1 -1
  13. package/dist/config/env.js +6 -5
  14. package/dist/config/env.js.map +1 -1
  15. package/dist/context.d.ts.map +1 -1
  16. package/dist/context.js +23 -39
  17. package/dist/context.js.map +1 -1
  18. package/dist/db/pagination.d.ts +1 -1
  19. package/dist/handle/index.d.ts +1 -1
  20. package/dist/handle/index.d.ts.map +1 -1
  21. package/package.json +12 -13
  22. package/src/account-manager/db/schema/lexicon.ts +2 -2
  23. package/src/config/config.ts +7 -3
  24. package/src/config/env.ts +6 -150
  25. package/src/context.ts +39 -47
package/CHANGELOG.md CHANGED
@@ -1,5 +1,20 @@
1
1
  # @atproto/pds
2
2
 
3
+ ## 0.4.197
4
+
5
+ ### Patch Changes
6
+
7
+ - Updated dependencies [[`be8e6c1`](https://github.com/bluesky-social/atproto/commit/be8e6c1f25814202b98e2616a217599a6c46e0db), [`be8e6c1`](https://github.com/bluesky-social/atproto/commit/be8e6c1f25814202b98e2616a217599a6c46e0db), [`8012627`](https://github.com/bluesky-social/atproto/commit/8012627a1226cb2f1c753385ad2497b6b43ffd2e), [`1d445af`](https://github.com/bluesky-social/atproto/commit/1d445af2a7fc27eca5a45869b29266e6a2a7f3ba), [`1d445af`](https://github.com/bluesky-social/atproto/commit/1d445af2a7fc27eca5a45869b29266e6a2a7f3ba), [`bcae2b7`](https://github.com/bluesky-social/atproto/commit/bcae2b77b68da6dc2ec202651c8bf41fd5769f69), [`8012627`](https://github.com/bluesky-social/atproto/commit/8012627a1226cb2f1c753385ad2497b6b43ffd2e), [`0adc852`](https://github.com/bluesky-social/atproto/commit/0adc852c31ffa154c1b93e38182c35880ecdb4ba), [`d396de0`](https://github.com/bluesky-social/atproto/commit/d396de016d1d55d08cfad1dabd3ffd9eaeea76ea), [`90f1569`](https://github.com/bluesky-social/atproto/commit/90f15698ee63d9a7374f1206754eda5d530873d7), [`688f9d6`](https://github.com/bluesky-social/atproto/commit/688f9d67597ba96d6e9c4a4aec4d394d42f4cbf4), [`0adc852`](https://github.com/bluesky-social/atproto/commit/0adc852c31ffa154c1b93e38182c35880ecdb4ba), [`be8e6c1`](https://github.com/bluesky-social/atproto/commit/be8e6c1f25814202b98e2616a217599a6c46e0db)]:
8
+ - @atproto/oauth-provider@0.14.0
9
+ - @atproto/oauth-scopes@0.3.0
10
+ - @atproto/lex-data@0.0.2
11
+ - @atproto/lex-cbor@0.0.2
12
+ - @atproto/syntax@0.4.2
13
+ - @atproto/crypto@0.4.5
14
+ - @atproto/api@0.18.4
15
+ - @atproto/common@0.5.2
16
+ - @atproto/xrpc-server@0.10.2
17
+
3
18
  ## 0.4.196
4
19
 
5
20
  ### Patch Changes
package/dist/account-manager/db/schema/lexicon.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import type { LexiconDoc } from '@atproto/oauth-provider';
1
+ import type { LexiconDocument } from '@atproto/oauth-provider';
2
2
  import { DateISO, JsonEncoded } from '../../../db/cast';
3
3
  export interface Lexicon {
4
4
  nsid: string;
@@ -6,7 +6,7 @@ export interface Lexicon {
6
6
  updatedAt: DateISO;
7
7
  lastSucceededAt: null | DateISO;
8
8
  uri: null | string;
9
- lexicon: null | JsonEncoded<LexiconDoc>;
9
+ lexicon: null | JsonEncoded<LexiconDocument>;
10
10
  }
11
11
  export declare const tableName = "lexicon";
12
12
  export type PartialDB = {
package/dist/account-manager/db/schema/lexicon.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"lexicon.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/lexicon.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AACzD,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAA;AAEvD,MAAM,WAAW,OAAO;IACtB,IAAI,EAAE,MAAM,CAAA;IACZ,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAClB,eAAe,EAAE,IAAI,GAAG,OAAO,CAAA;IAC/B,GAAG,EAAE,IAAI,GAAG,MAAM,CAAA;IAClB,OAAO,EAAE,IAAI,GAAG,WAAW,CAAC,UAAU,CAAC,CAAA;CACxC;AAED,eAAO,MAAM,SAAS,YAAY,CAAA;AAElC,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,OAAO,CAAA;CAAE,CAAA"}
1
+ {"version":3,"file":"lexicon.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/lexicon.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAA;AAC9D,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAA;AAEvD,MAAM,WAAW,OAAO;IACtB,IAAI,EAAE,MAAM,CAAA;IACZ,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAClB,eAAe,EAAE,IAAI,GAAG,OAAO,CAAA;IAC/B,GAAG,EAAE,IAAI,GAAG,MAAM,CAAA;IAClB,OAAO,EAAE,IAAI,GAAG,WAAW,CAAC,eAAe,CAAC,CAAA;CAC7C;AAED,eAAO,MAAM,SAAS,YAAY,CAAA;AAElC,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,OAAO,CAAA;CAAE,CAAA"}
package/dist/account-manager/db/schema/lexicon.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"lexicon.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/lexicon.ts"],"names":[],"mappings":";;;AAYa,QAAA,SAAS,GAAG,SAAS,CAAA","sourcesContent":["import type { LexiconDoc } from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/cast'\n\nexport interface Lexicon {\n nsid: string\n createdAt: DateISO\n updatedAt: DateISO\n lastSucceededAt: null | DateISO\n uri: null | string\n lexicon: null | JsonEncoded<LexiconDoc>\n}\n\nexport const tableName = 'lexicon'\n\nexport type PartialDB = { [tableName]: Lexicon }\n"]}
1
+ {"version":3,"file":"lexicon.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/lexicon.ts"],"names":[],"mappings":";;;AAYa,QAAA,SAAS,GAAG,SAAS,CAAA","sourcesContent":["import type { LexiconDocument } from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/cast'\n\nexport interface Lexicon {\n nsid: string\n createdAt: DateISO\n updatedAt: DateISO\n lastSucceededAt: null | DateISO\n uri: null | string\n lexicon: null | JsonEncoded<LexiconDocument>\n}\n\nexport const tableName = 'lexicon'\n\nexport type PartialDB = { [tableName]: Lexicon }\n"]}
package/dist/api/com/atproto/admin/getInviteCodes.d.ts CHANGED
@@ -13,7 +13,7 @@ export declare class TimeCodeKeyset extends GenericKeyset<TimeCodeResult, Cursor
13
13
  secondary: string;
14
14
  };
15
15
  cursorToLabeledResult(cursor: Cursor): {
16
- primary: string;
16
+ primary: `${string}-${string}-${string}T${string}:${string}:${string}Z`;
17
17
  secondary: string;
18
18
  };
19
19
  }
package/dist/api/com/atproto/sync/listRepos.d.ts CHANGED
@@ -13,7 +13,7 @@ export declare class TimeDidKeyset extends GenericKeyset<TimeDidResult, Cursor>
13
13
  secondary: string;
14
14
  };
15
15
  cursorToLabeledResult(cursor: Cursor): {
16
- primary: string;
16
+ primary: `${string}-${string}-${string}T${string}:${string}:${string}Z`;
17
17
  secondary: string;
18
18
  };
19
19
  }
package/dist/config/config.d.ts CHANGED
@@ -110,7 +110,7 @@ export type OAuthConfig = {
110
110
  };
111
111
  };
112
112
  export type LexiconResolverConfig = {
113
- didAuthority?: string;
113
+ didAuthority?: `did:${string}:${string}`;
114
114
  };
115
115
  export type InvitesConfig = {
116
116
  required: true;
package/dist/config/config.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/config/config.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AACvE,OAAO,EAAE,iBAAiB,EAAE,MAAM,OAAO,CAAA;AAKzC,eAAO,MAAM,QAAQ,GAAI,KAAK,iBAAiB,KAAG,YAmVjD,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,OAAO,EAAE,aAAa,CAAA;IACtB,EAAE,EAAE,cAAc,CAAA;IAClB,UAAU,EAAE,gBAAgB,CAAA;IAC5B,SAAS,EAAE,iBAAiB,GAAG,mBAAmB,CAAA;IAClD,QAAQ,EAAE,cAAc,CAAA;IACxB,QAAQ,EAAE,cAAc,GAAG,IAAI,CAAA;IAC/B,OAAO,EAAE,aAAa,CAAA;IACtB,KAAK,EAAE,WAAW,GAAG,IAAI,CAAA;IACzB,eAAe,EAAE,WAAW,GAAG,IAAI,CAAA;IACnC,YAAY,EAAE,kBAAkB,CAAA;IAChC,WAAW,EAAE,iBAAiB,GAAG,IAAI,CAAA;IACrC,UAAU,EAAE,gBAAgB,GAAG,IAAI,CAAA;IACnC,aAAa,EAAE,mBAAmB,GAAG,IAAI,CAAA;IACzC,KAAK,EAAE,kBAAkB,GAAG,IAAI,CAAA;IAChC,UAAU,EAAE,gBAAgB,CAAA;IAC5B,QAAQ,EAAE,MAAM,EAAE,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,OAAO,EAAE,qBAAqB,CAAA;CAC/B,CAAA;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;IACjB,GAAG,EAAE,MAAM,CAAA;IACX,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,gBAAgB,EAAE,OAAO,CAAA;IACzB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,eAAe,EAAE,MAAM,CAAA;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,OAAO,EAAE,OAAO,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,YAAY,EAAE,MAAM,CAAA;IACpB,cAAc,EAAE,MAAM,CAAA;IACtB,aAAa,EAAE,MAAM,CAAA;IACrB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IACjB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,QAAQ,EAAE,IAAI,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,WAAW,CAAC,EAAE;QACZ,WAAW,EAAE,MAAM,CAAA;QACnB,eAAe,EAAE,MAAM,CAAA;KACxB,CAAA;CACF,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,MAAM,EAAE,MAAM,CAAA;IACd,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,WAAW,EAAE,MAAM,CAAA;IACnB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;IAC7B,oBAAoB,EAAE,MAAM,EAAE,CAAA;IAC9B,uBAAuB,CAAC,EAAE,MAAM,EAAE,CAAA;IAClC,uBAAuB,EAAE,OAAO,CAAA;CACjC,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,eAAe,EAAE,MAAM,CAAA;IACvB,cAAc,EAAE,MAAM,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,qBAAqB,EAAE,OAAO,CAAA;IAC9B,eAAe,EAAE,MAAM,CAAA;CACxB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,qBAAqB,EAAE,OAAO,CAAA;IAC9B,UAAU,EAAE,OAAO,CAAA;IACnB,cAAc,EAAE,MAAM,CAAA;IACtB,WAAW,EAAE,MAAM,CAAA;IACnB,eAAe,EAAE,MAAM,CAAA;IACvB,UAAU,EAAE,MAAM,CAAA;IAElB;;;;;;OAMG;IACH,gBAAgB,EAAE,OAAO,CAAA;CAC1B,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,CAAC,EAAE;QACT,QAAQ,CAAC,EAAE,cAAc,CAAA;QACzB,QAAQ,EAAE,aAAa,CAAA;QACvB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;KAC1B,CAAA;CACF,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,aAAa,GACrB;IACE,QAAQ,EAAE,IAAI,CAAA;IACd,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,KAAK,EAAE,MAAM,CAAA;CACd,GACD;IACE,QAAQ,EAAE,KAAK,CAAA;CAChB,CAAA;AAEL,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,EAAE,MAAM,CAAA;IACf,WAAW,EAAE,MAAM,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,SAAS,EAAE,MAAM,CAAA;IACjB,mBAAmB,EAAE,MAAM,CAAA;CAC5B,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,gBAAgB,GACxB;IACE,OAAO,EAAE,IAAI,CAAA;IACb,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;CACrB,GACD;IAAE,OAAO,EAAE,KAAK,CAAA;CAAE,CAAA;AAEtB,MAAM,MAAM,iBAAiB,GAAG;IAC9B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA"}
1
+ {"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/config/config.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAEvE,OAAO,EAAE,iBAAiB,EAAE,MAAM,OAAO,CAAA;AAKzC,eAAO,MAAM,QAAQ,GAAI,KAAK,iBAAiB,KAAG,YAsVjD,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,OAAO,EAAE,aAAa,CAAA;IACtB,EAAE,EAAE,cAAc,CAAA;IAClB,UAAU,EAAE,gBAAgB,CAAA;IAC5B,SAAS,EAAE,iBAAiB,GAAG,mBAAmB,CAAA;IAClD,QAAQ,EAAE,cAAc,CAAA;IACxB,QAAQ,EAAE,cAAc,GAAG,IAAI,CAAA;IAC/B,OAAO,EAAE,aAAa,CAAA;IACtB,KAAK,EAAE,WAAW,GAAG,IAAI,CAAA;IACzB,eAAe,EAAE,WAAW,GAAG,IAAI,CAAA;IACnC,YAAY,EAAE,kBAAkB,CAAA;IAChC,WAAW,EAAE,iBAAiB,GAAG,IAAI,CAAA;IACrC,UAAU,EAAE,gBAAgB,GAAG,IAAI,CAAA;IACnC,aAAa,EAAE,mBAAmB,GAAG,IAAI,CAAA;IACzC,KAAK,EAAE,kBAAkB,GAAG,IAAI,CAAA;IAChC,UAAU,EAAE,gBAAgB,CAAA;IAC5B,QAAQ,EAAE,MAAM,EAAE,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,OAAO,EAAE,qBAAqB,CAAA;CAC/B,CAAA;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;IACjB,GAAG,EAAE,MAAM,CAAA;IACX,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,gBAAgB,EAAE,OAAO,CAAA;IACzB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,eAAe,EAAE,MAAM,CAAA;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,OAAO,EAAE,OAAO,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,YAAY,EAAE,MAAM,CAAA;IACpB,cAAc,EAAE,MAAM,CAAA;IACtB,aAAa,EAAE,MAAM,CAAA;IACrB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IACjB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,QAAQ,EAAE,IAAI,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,WAAW,CAAC,EAAE;QACZ,WAAW,EAAE,MAAM,CAAA;QACnB,eAAe,EAAE,MAAM,CAAA;KACxB,CAAA;CACF,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,MAAM,EAAE,MAAM,CAAA;IACd,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,WAAW,EAAE,MAAM,CAAA;IACnB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;IAC7B,oBAAoB,EAAE,MAAM,EAAE,CAAA;IAC9B,uBAAuB,CAAC,EAAE,MAAM,EAAE,CAAA;IAClC,uBAAuB,EAAE,OAAO,CAAA;CACjC,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,eAAe,EAAE,MAAM,CAAA;IACvB,cAAc,EAAE,MAAM,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,qBAAqB,EAAE,OAAO,CAAA;IAC9B,eAAe,EAAE,MAAM,CAAA;CACxB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,qBAAqB,EAAE,OAAO,CAAA;IAC9B,UAAU,EAAE,OAAO,CAAA;IACnB,cAAc,EAAE,MAAM,CAAA;IACtB,WAAW,EAAE,MAAM,CAAA;IACnB,eAAe,EAAE,MAAM,CAAA;IACvB,UAAU,EAAE,MAAM,CAAA;IAElB;;;;;;OAMG;IACH,gBAAgB,EAAE,OAAO,CAAA;CAC1B,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,CAAC,EAAE;QACT,QAAQ,CAAC,EAAE,cAAc,CAAA;QACzB,QAAQ,EAAE,aAAa,CAAA;QACvB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;KAC1B,CAAA;CACF,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,YAAY,CAAC,EAAE,OAAO,MAAM,IAAI,MAAM,EAAE,CAAA;CACzC,CAAA;AAED,MAAM,MAAM,aAAa,GACrB;IACE,QAAQ,EAAE,IAAI,CAAA;IACd,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,KAAK,EAAE,MAAM,CAAA;CACd,GACD;IACE,QAAQ,EAAE,KAAK,CAAA;CAChB,CAAA;AAEL,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,EAAE,MAAM,CAAA;IACf,WAAW,EAAE,MAAM,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,SAAS,EAAE,MAAM,CAAA;IACjB,mBAAmB,EAAE,MAAM,CAAA;CAC5B,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,gBAAgB,GACxB;IACE,OAAO,EAAE,IAAI,CAAA;IACb,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;CACrB,GACD;IAAE,OAAO,EAAE,KAAK,CAAA;CAAE,CAAA;AAEtB,MAAM,MAAM,iBAAiB,GAAG;IAC9B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA"}
package/dist/config/config.js CHANGED
@@ -7,6 +7,7 @@ exports.envToCfg = void 0;
7
7
  const node_assert_1 = __importDefault(require("node:assert"));
8
8
  const node_path_1 = __importDefault(require("node:path"));
9
9
  const common_1 = require("@atproto/common");
10
+ const syntax_1 = require("@atproto/syntax");
10
11
  // off-config but still from env:
11
12
  // logging: LOG_LEVEL, LOG_SYSTEMS, LOG_ENABLED, LOG_DESTINATION
12
13
  const envToCfg = (env) => {
@@ -276,9 +277,11 @@ const envToCfg = (env) => {
276
277
  trustedClients: env.trustedOAuthClients,
277
278
  },
278
279
  };
279
- const lexiconCfg = {
280
- didAuthority: env.lexiconDidAuthority,
281
- };
280
+ const lexiconCfg = {};
281
+ if (env.lexiconDidAuthority != null) {
282
+ (0, syntax_1.ensureValidDid)(env.lexiconDidAuthority);
283
+ lexiconCfg.didAuthority = env.lexiconDidAuthority;
284
+ }
282
285
  return {
283
286
  service: serviceCfg,
284
287
  db: dbCfg,
package/dist/config/config.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/config/config.ts"],"names":[],"mappings":";;;;;;AAAA,8DAAgC;AAChC,0DAA4B;AAC5B,4CAAmD;AAInD,iCAAiC;AACjC,gEAAgE;AAEzD,MAAM,QAAQ,GAAG,CAAC,GAAsB,EAAgB,EAAE;IAC/D,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,IAAI,IAAI,CAAA;IAC7B,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,IAAI,WAAW,CAAA;IAC5C,MAAM,SAAS,GACb,QAAQ,KAAK,WAAW;QACtB,CAAC,CAAC,oBAAoB,IAAI,EAAE;QAC5B,CAAC,CAAC,WAAW,QAAQ,EAAE,CAAA;IAC3B,MAAM,GAAG,GAAG,GAAG,CAAC,UAAU,IAAI,WAAW,QAAQ,EAAE,CAAA;IACnD,MAAM,UAAU,GAA4B;QAC1C,IAAI;QACJ,QAAQ;QACR,SAAS;QACT,GAAG;QACH,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,WAAW;QACjC,gBAAgB,EAAE,GAAG,CAAC,gBAAgB;QACtC,iBAAiB,EAAE,GAAG,CAAC,iBAAiB;QACxC,mBAAmB,EAAE,GAAG,CAAC,mBAAmB;QAC5C,gBAAgB,EAAE,GAAG,CAAC,gBAAgB,IAAI,IAAI;QAC9C,aAAa,EAAE,GAAG,CAAC,aAAa;QAChC,eAAe,EAAE,GAAG,CAAC,eAAe,IAAI,CAAC,GAAG,IAAI,GAAG,IAAI,EAAE,MAAM;QAC/D,OAAO,EAAE,GAAG,CAAC,OAAO,IAAI,KAAK;KAC9B,CAAA;IAED,MAAM,KAAK,GAAG,CAAC,IAAY,EAAE,EAAE;QAC7B,OAAO,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,mBAAI,CAAC,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IACtE,CAAC,CAAA;IAED,MAAM,wBAAwB,GAAG,GAAG,CAAC,wBAAwB,IAAI,KAAK,CAAA;IAEtE,MAAM,KAAK,GAAuB;QAChC,YAAY,EAAE,GAAG,CAAC,iBAAiB,IAAI,KAAK,CAAC,gBAAgB,CAAC;QAC9D,cAAc,EAAE,GAAG,CAAC,mBAAmB,IAAI,KAAK,CAAC,kBAAkB,CAAC;QACpE,aAAa,EAAE,GAAG,CAAC,kBAAkB,IAAI,KAAK,CAAC,kBAAkB,CAAC;QAClE,wBAAwB;KACzB,CAAA;IAED,MAAM,aAAa,GAA+B;QAChD,SAAS,EAAE,GAAG,CAAC,mBAAmB,IAAI,KAAK,CAAC,QAAQ,CAAC;QACrD,SAAS,EAAE,GAAG,CAAC,mBAAmB,IAAI,GAAG;QACzC,wBAAwB;KACzB,CAAA;IAED,IAAI,YAAuC,CAAA;IAC3C,IAAI,GAAG,CAAC,iBAAiB,IAAI,GAAG,CAAC,qBAAqB,EAAE,CAAC;QACvD,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAA;IACnE,CAAC;IACD,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;QAC1B,YAAY,GAAG;YACb,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,GAAG,CAAC,iBAAiB;YAC7B,eAAe,EAAE,GAAG,CAAC,0BAA0B,IAAI,KAAK;YACxD,MAAM,EAAE,GAAG,CAAC,iBAAiB;YAC7B,QAAQ,EAAE,GAAG,CAAC,mBAAmB;YACjC,cAAc,EAAE,GAAG,CAAC,yBAAyB;SAC9C,CAAA;QACD,IAAI,GAAG,CAAC,sBAAsB,IAAI,GAAG,CAAC,0BAA0B,EAAE,CAAC;YACjE,IAAI,CAAC,GAAG,CAAC,sBAAsB,IAAI,CAAC,GAAG,CAAC,0BAA0B,EAAE,CAAC;gBACnE,MAAM,IAAI,KAAK,CACb,6EAA6E,CAC9E,CAAA;YACH,CAAC;YACD,YAAY,CAAC,WAAW,GAAG;gBACzB,WAAW,EAAE,GAAG,CAAC,sBAAsB;gBACvC,eAAe,EAAE,GAAG,CAAC,0BAA0B;aAChD,CAAA;QACH,CAAC;IACH,CAAC;SAAM,IAAI,GAAG,CAAC,qBAAqB,EAAE,CAAC;QACrC,YAAY,GAAG;YACb,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,GAAG,CAAC,qBAAqB;YACnC,YAAY,EAAE,GAAG,CAAC,wBAAwB;SAC3C,CAAA;IACH,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAA;IAC/D,CAAC;IAED,IAAI,oBAA8B,CAAA;IAClC,IAAI,GAAG,CAAC,oBAAoB,IAAI,GAAG,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpE,oBAAoB,GAAG,GAAG,CAAC,oBAAoB,CAAA;IACjD,CAAC;SAAM,CAAC;QACN,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;YAC7B,oBAAoB,GAAG,CAAC,OAAO,CAAC,CAAA;QAClC,CAAC;aAAM,CAAC;YACN,oBAAoB,GAAG,CAAC,IAAI,QAAQ,EAAE,CAAC,CAAA;QACzC,CAAC;IACH,CAAC;IACD,MAAM,aAAa,GAAG,oBAAoB,CAAC,IAAI,CAC7C,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CACzD,CAAA;IACD,IAAI,aAAa,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,0BAA0B,aAAa,EAAE,CAAC,CAAA;IAC5D,CAAC;IAED,MAAM,WAAW,GAA6B;QAC5C,MAAM,EAAE,GAAG,CAAC,SAAS,IAAI,uBAAuB;QAChD,WAAW,EAAE,GAAG,CAAC,cAAc,IAAI,YAAG;QACtC,aAAa,EAAE,GAAG,CAAC,gBAAgB,IAAI,aAAI;QAC3C,eAAe,EAAE,GAAG,CAAC,eAAe,IAAI,CAAC,GAAG,eAAM;QAClD,cAAc,EAAE,GAAG,CAAC,cAAc,IAAI,IAAI;QAC1C,oBAAoB;QACpB,uBAAuB,EAAE,GAAG,CAAC,uBAAuB;QACpD,uBAAuB,EAAE,CAAC,CAAC,GAAG,CAAC,uBAAuB;KACvD,CAAA;IAED,IAAI,WAAW,GAA6B,IAAI,CAAA;IAChD,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC;QACpB,IAAA,qBAAM,EACJ,GAAG,CAAC,oCAAoC;YACtC,GAAG,CAAC,sBAAsB;YAC1B,GAAG,CAAC,WAAW,EACjB,iFAAiF,CAClF,CAAA;QACD,WAAW,GAAG;YACZ,GAAG,EAAE,GAAG,CAAC,WAAW;YACpB,GAAG,EAAE,GAAG,CAAC,WAAW;YACpB,eAAe,EAAE,GAAG,CAAC,oCAAoC;YACzD,cAAc,EAAE,GAAG,CAAC,sBAAsB;SAC3C,CAAA;IACH,CAAC;IAED,8CAA8C;IAC9C,MAAM,UAAU,GACd,GAAG,CAAC,cAAc,KAAK,KAAK;QAC1B,CAAC,CAAC;YACE,QAAQ,EAAE,KAAK;SAChB;QACH,CAAC,CAAC;YACE,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,cAAc,IAAI,IAAI;YACpC,KAAK,EAAE,GAAG,CAAC,WAAW,IAAI,CAAC;SAC5B,CAAA;IAEP,IAAI,QAA+B,CAAA;IACnC,IAAI,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;QAC/C,QAAQ,GAAG,IAAI,CAAA;IACjB,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;YAC/C,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAA;QACH,CAAC;QACD,QAAQ,GAAG;YACT,OAAO,EAAE,GAAG,CAAC,YAAY;YACzB,WAAW,EAAE,GAAG,CAAC,gBAAgB;SAClC,CAAA;IACH,CAAC;IAED,IAAI,kBAAmD,CAAA;IACvD,IAAI,CAAC,GAAG,CAAC,sBAAsB,IAAI,CAAC,GAAG,CAAC,sBAAsB,EAAE,CAAC;QAC/D,kBAAkB,GAAG,IAAI,CAAA;IAC3B,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,GAAG,CAAC,sBAAsB,IAAI,CAAC,GAAG,CAAC,sBAAsB,EAAE,CAAC;YAC/D,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAA;QACH,CAAC;QACD,kBAAkB,GAAG;YACnB,OAAO,EAAE,GAAG,CAAC,sBAAsB;YACnC,WAAW,EAAE,GAAG,CAAC,sBAAsB;SACxC,CAAA;IACH,CAAC;IAED,MAAM,eAAe,GAAiC;QACpD,SAAS,EAAE,GAAG,CAAC,qBAAqB,IAAI,GAAG;QAC3C,mBAAmB,EAAE,GAAG,CAAC,mBAAmB,IAAI,YAAG;KACpD,CAAA;IAED,IAAI,cAAc,GAAgC,IAAI,CAAA;IACtD,IAAI,GAAG,CAAC,cAAc,EAAE,CAAC;QACvB,IAAA,qBAAM,EACJ,GAAG,CAAC,cAAc,EAClB,4EAA4E,CAC7E,CAAA;QACD,cAAc,GAAG;YACf,GAAG,EAAE,GAAG,CAAC,cAAc;YACvB,GAAG,EAAE,GAAG,CAAC,cAAc;YACvB,aAAa,EAAE,GAAG,CAAC,wBAAwB;SAC5C,CAAA;IACH,CAAC;IAED,IAAI,aAAa,GAA+B,IAAI,CAAA;IACpD,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;QACtB,IAAA,qBAAM,EACJ,GAAG,CAAC,aAAa,EACjB,mEAAmE,CACpE,CAAA;QACD,aAAa,GAAG;YACd,GAAG,EAAE,GAAG,CAAC,aAAa;YACtB,GAAG,EAAE,GAAG,CAAC,aAAa;SACvB,CAAA;IACH,CAAC;IAED,IAAI,gBAAgB,GAAkC,IAAI,CAAA;IAC1D,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACzB,IAAA,qBAAM,EACJ,GAAG,CAAC,gBAAgB,EACpB,sEAAsE,CACvE,CAAA;QACD,gBAAgB,GAAG;YACjB,GAAG,EAAE,GAAG,CAAC,gBAAgB;YACzB,GAAG,EAAE,GAAG,CAAC,gBAAgB;SAC1B,CAAA;IACH,CAAC;IAED,2DAA2D;IAC3D,IAAI,aAAa,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACvC,gBAAgB,GAAG,aAAa,CAAA;IAClC,CAAC;IAED,MAAM,QAAQ,GAA0B,GAAG,CAAC,mBAAmB;QAC7D,CAAC,CAAC;YACE,OAAO,EAAE,GAAG,CAAC,mBAAmB;YAChC,QAAQ,EAAE,GAAG,CAAC,oBAAoB;SACnC;QACH,CAAC,CAAC,IAAI,CAAA;IAER,MAAM,aAAa,GAA+B,GAAG,CAAC,iBAAiB;QACrE,CAAC,CAAC;YACE,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,GAAG,CAAC,kBAAkB;YACjC,SAAS,EAAE,GAAG,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAClD,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAC/B;SACF;QACH,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAA;IAEtB,MAAM,WAAW,GAA6B,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAA;IAEhE,MAAM,QAAQ,GAA0B;QACtC,qBAAqB,EAAE,GAAG,CAAC,qBAAqB,IAAI,GAAG,CAAC,OAAO,IAAI,KAAK;QACxE,eAAe,EAAE,GAAG,CAAC,oBAAoB,IAAI,GAAG,GAAG,IAAI,EAAE,QAAQ;KAClE,CAAA;IAED,MAAM,QAAQ,GAA0B;QACtC,qBAAqB,EAAE,GAAG,CAAC,qBAAqB,IAAI,GAAG,CAAC,OAAO,IAAI,KAAK;QACxE,UAAU,EAAE,GAAG,CAAC,eAAe,IAAI,KAAK;QACxC,cAAc,EAAE,GAAG,CAAC,mBAAmB,IAAI,IAAI;QAC/C,WAAW,EAAE,GAAG,CAAC,gBAAgB,IAAI,IAAI;QACzC,eAAe,EAAE,GAAG,CAAC,oBAAoB,IAAI,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,OAAO;QACtE,UAAU,EACR,GAAG,CAAC,eAAe,IAAI,IAAI,IAAI,GAAG,CAAC,eAAe,GAAG,CAAC;YACpD,CAAC,CAAC,GAAG,CAAC,eAAe;YACrB,CAAC,CAAC,CAAC;QACP,gBAAgB,EAAE,GAAG,CAAC,qBAAqB,IAAI,KAAK;KACrD,CAAA;IAED,MAAM,QAAQ,GAA0B,WAAW;QACjD,CAAC,CAAC;YACE,MAAM,EAAE,WAAW,CAAC,GAAG;YACvB,QAAQ,EAAE,SAAS;SACpB;QACH,CAAC,CAAC;YACE,MAAM,EAAE,UAAU,CAAC,SAAS;YAC5B,QAAQ,EAAE;gBACR,QAAQ,EACN,GAAG,CAAC,eAAe;oBACnB,GAAG,CAAC,iBAAiB;oBACrB,GAAG,CAAC,iBAAiB;oBACnB,CAAC,CAAC;wBACE,OAAO,EAAE,GAAG,CAAC,eAAe;wBAC5B,SAAS,EAAE,GAAG,CAAC,iBAAiB;wBAChC,SAAS,EAAE,GAAG,CAAC,iBAAiB;qBACjC;oBACH,CAAC,CAAC,SAAS;gBACf,QAAQ,EAAE;oBACR,IAAI,EAAE,GAAG,CAAC,WAAW,IAAI,GAAG,QAAQ,MAAM;oBAC1C,IAAI,EAAE,GAAG,CAAC,OAAO;oBACjB,MAAM,EAAE;wBACN,KAAK,EAAE,GAAG,CAAC,UAAU;wBACrB,IAAI,EAAE,GAAG,CAAC,SAAS;wBACnB,OAAO,EAAE,GAAG,CAAC,YAAY;wBACzB,eAAe,EAAE,GAAG,CAAC,oBAAoB;wBACzC,UAAU,EAAE,GAAG,CAAC,eAAe;wBAC/B,KAAK,EAAE,GAAG,CAAC,UAAU;wBACrB,aAAa,EAAE,GAAG,CAAC,kBAAkB;wBACrC,QAAQ,EAAE,GAAG,CAAC,aAAa;wBAC3B,OAAO,EAAE,GAAG,CAAC,YAAY;wBACzB,eAAe,EAAE,GAAG,CAAC,oBAAoB;wBACzC,UAAU,EAAE,GAAG,CAAC,eAAe;wBAC/B,OAAO,EAAE,GAAG,CAAC,YAAY;wBACzB,eAAe,EAAE,GAAG,CAAC,oBAAoB;wBACzC,UAAU,EAAE,GAAG,CAAC,eAAe;qBAChC;oBACD,KAAK,EAAE;wBACL;4BACE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,SAAS,EAAE;4BACpC,IAAI,EAAE,GAAG,CAAC,OAAO;4BACjB,GAAG,EAAE,WAAoB,EAAE,yCAAyC;yBACrE;wBACD;4BACE,KAAK,EAAE,EAAE,EAAE,EAAE,kBAAkB,EAAE;4BACjC,IAAI,EAAE,GAAG,CAAC,iBAAiB;4BAC3B,GAAG,EAAE,kBAA2B;yBACjC;wBACD;4BACE,KAAK,EAAE,EAAE,EAAE,EAAE,gBAAgB,EAAE;4BAC/B,IAAI,EAAE,GAAG,CAAC,gBAAgB;4BAC1B,GAAG,EAAE,gBAAyB;yBAC/B;wBACD;4BACE,KAAK,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE;4BACxB,IAAI,EAAE,GAAG,CAAC,UAAU;4BACpB,GAAG,EAAE,MAAe;yBACrB;qBACF,CAAC,MAAM,CACN,CAA8B,CAAI,EAA6B,EAAE,CAC/D,CAAC,CAAC,IAAI,IAAI,IAAI,IAAI,CAAC,CAAC,IAAI,KAAK,EAAE,CAClC;iBACF;gBACD,cAAc,EAAE,GAAG,CAAC,mBAAmB;aACxC;SACF,CAAA;IAEL,MAAM,UAAU,GAA0B;QACxC,YAAY,EAAE,GAAG,CAAC,mBAAmB;KACtC,CAAA;IAED,OAAO;QACL,OAAO,EAAE,UAAU;QACnB,EAAE,EAAE,KAAK;QACT,UAAU,EAAE,aAAa;QACzB,SAAS,EAAE,YAAY;QACvB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,WAAW;QACrB,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,QAAQ;QACf,eAAe,EAAE,kBAAkB;QACnC,YAAY,EAAE,eAAe;QAC7B,WAAW,EAAE,cAAc;QAC3B,UAAU,EAAE,aAAa;QACzB,aAAa,EAAE,gBAAgB;QAC/B,KAAK,EAAE,QAAQ;QACf,UAAU,EAAE,aAAa;QACzB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,QAAQ;QACf,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,QAAQ;QACf,KAAK,EAAE,QAAQ;KAChB,CAAA;AACH,CAAC,CAAA;AAnVY,QAAA,QAAQ,YAmVpB","sourcesContent":["import assert from 'node:assert'\nimport path from 'node:path'\nimport { DAY, HOUR, SECOND } from '@atproto/common'\nimport { BrandingInput, HcaptchaConfig } from '@atproto/oauth-provider'\nimport { ServerEnvironment } from './env'\n\n// off-config but still from env:\n// logging: LOG_LEVEL, LOG_SYSTEMS, LOG_ENABLED, LOG_DESTINATION\n\nexport const envToCfg = (env: ServerEnvironment): ServerConfig => {\n const port = env.port ?? 2583\n const hostname = env.hostname ?? 'localhost'\n const publicUrl =\n hostname === 'localhost'\n ? `http://localhost:${port}`\n : `https://${hostname}`\n const did = env.serviceDid ?? `did:web:${hostname}`\n const serviceCfg: ServerConfig['service'] = {\n port,\n hostname,\n publicUrl,\n did,\n version: env.version, // default?\n privacyPolicyUrl: env.privacyPolicyUrl,\n termsOfServiceUrl: env.termsOfServiceUrl,\n contactEmailAddress: env.contactEmailAddress,\n acceptingImports: env.acceptingImports ?? true,\n maxImportSize: env.maxImportSize,\n blobUploadLimit: env.blobUploadLimit ?? 5 * 1024 * 1024, // 5mb\n devMode: env.devMode ?? false,\n }\n\n const dbLoc = (name: string) => {\n return env.dataDirectory ? path.join(env.dataDirectory, name) : name\n }\n\n const disableWalAutoCheckpoint = env.disableWalAutoCheckpoint ?? false\n\n const dbCfg: ServerConfig['db'] = {\n accountDbLoc: env.accountDbLocation ?? dbLoc('account.sqlite'),\n sequencerDbLoc: env.sequencerDbLocation ?? dbLoc('sequencer.sqlite'),\n didCacheDbLoc: env.didCacheDbLocation ?? dbLoc('did_cache.sqlite'),\n disableWalAutoCheckpoint,\n }\n\n const actorStoreCfg: ServerConfig['actorStore'] = {\n directory: env.actorStoreDirectory ?? dbLoc('actors'),\n cacheSize: env.actorStoreCacheSize ?? 100,\n disableWalAutoCheckpoint,\n }\n\n let blobstoreCfg: ServerConfig['blobstore']\n if (env.blobstoreS3Bucket && env.blobstoreDiskLocation) {\n throw new Error('Cannot set both S3 and disk blobstore env vars')\n }\n if (env.blobstoreS3Bucket) {\n blobstoreCfg = {\n provider: 's3',\n bucket: env.blobstoreS3Bucket,\n uploadTimeoutMs: env.blobstoreS3UploadTimeoutMs || 20000,\n region: env.blobstoreS3Region,\n endpoint: env.blobstoreS3Endpoint,\n forcePathStyle: env.blobstoreS3ForcePathStyle,\n }\n if (env.blobstoreS3AccessKeyId || env.blobstoreS3SecretAccessKey) {\n if (!env.blobstoreS3AccessKeyId || !env.blobstoreS3SecretAccessKey) {\n throw new Error(\n 'Must specify both S3 access key id and secret access key blobstore env vars',\n )\n }\n blobstoreCfg.credentials = {\n accessKeyId: env.blobstoreS3AccessKeyId,\n secretAccessKey: env.blobstoreS3SecretAccessKey,\n }\n }\n } else if (env.blobstoreDiskLocation) {\n blobstoreCfg = {\n provider: 'disk',\n location: env.blobstoreDiskLocation,\n tempLocation: env.blobstoreDiskTmpLocation,\n }\n } else {\n throw new Error('Must configure either S3 or disk blobstore')\n }\n\n let serviceHandleDomains: string[]\n if (env.serviceHandleDomains && env.serviceHandleDomains.length > 0) {\n serviceHandleDomains = env.serviceHandleDomains\n } else {\n if (hostname === 'localhost') {\n serviceHandleDomains = ['.test']\n } else {\n serviceHandleDomains = [`.${hostname}`]\n }\n }\n const invalidDomain = serviceHandleDomains.find(\n (domain) => domain.length < 1 || !domain.startsWith('.'),\n )\n if (invalidDomain) {\n throw new Error(`Invalid handle domain: ${invalidDomain}`)\n }\n\n const identityCfg: ServerConfig['identity'] = {\n plcUrl: env.didPlcUrl ?? 'https://plc.directory',\n cacheMaxTTL: env.didCacheMaxTTL ?? DAY,\n cacheStaleTTL: env.didCacheStaleTTL ?? HOUR,\n resolverTimeout: env.resolverTimeout ?? 3 * SECOND,\n recoveryDidKey: env.recoveryDidKey ?? null,\n serviceHandleDomains,\n handleBackupNameservers: env.handleBackupNameservers,\n enableDidDocWithSession: !!env.enableDidDocWithSession,\n }\n\n let entrywayCfg: ServerConfig['entryway'] = null\n if (env.entrywayUrl) {\n assert(\n env.entrywayJwtVerifyKeyK256PublicKeyHex &&\n env.entrywayPlcRotationKey &&\n env.entrywayDid,\n 'if entryway url is configured, must include all required entryway configuration',\n )\n entrywayCfg = {\n url: env.entrywayUrl,\n did: env.entrywayDid,\n jwtPublicKeyHex: env.entrywayJwtVerifyKeyK256PublicKeyHex,\n plcRotationKey: env.entrywayPlcRotationKey,\n }\n }\n\n // default to being required if left undefined\n const invitesCfg: ServerConfig['invites'] =\n env.inviteRequired === false\n ? {\n required: false,\n }\n : {\n required: true,\n interval: env.inviteInterval ?? null,\n epoch: env.inviteEpoch ?? 0,\n }\n\n let emailCfg: ServerConfig['email']\n if (!env.emailFromAddress && !env.emailSmtpUrl) {\n emailCfg = null\n } else {\n if (!env.emailFromAddress || !env.emailSmtpUrl) {\n throw new Error(\n 'Partial email config, must set both emailFromAddress and emailSmtpUrl',\n )\n }\n emailCfg = {\n smtpUrl: env.emailSmtpUrl,\n fromAddress: env.emailFromAddress,\n }\n }\n\n let moderationEmailCfg: ServerConfig['moderationEmail']\n if (!env.moderationEmailAddress && !env.moderationEmailSmtpUrl) {\n moderationEmailCfg = null\n } else {\n if (!env.moderationEmailAddress || !env.moderationEmailSmtpUrl) {\n throw new Error(\n 'Partial moderation email config, must set both emailFromAddress and emailSmtpUrl',\n )\n }\n moderationEmailCfg = {\n smtpUrl: env.moderationEmailSmtpUrl,\n fromAddress: env.moderationEmailAddress,\n }\n }\n\n const subscriptionCfg: ServerConfig['subscription'] = {\n maxBuffer: env.maxSubscriptionBuffer ?? 500,\n repoBackfillLimitMs: env.repoBackfillLimitMs ?? DAY,\n }\n\n let bskyAppViewCfg: ServerConfig['bskyAppView'] = null\n if (env.bskyAppViewUrl) {\n assert(\n env.bskyAppViewDid,\n 'if bsky appview service url is configured, must configure its did as well.',\n )\n bskyAppViewCfg = {\n url: env.bskyAppViewUrl,\n did: env.bskyAppViewDid,\n cdnUrlPattern: env.bskyAppViewCdnUrlPattern,\n }\n }\n\n let modServiceCfg: ServerConfig['modService'] = null\n if (env.modServiceUrl) {\n assert(\n env.modServiceDid,\n 'if mod service url is configured, must configure its did as well.',\n )\n modServiceCfg = {\n url: env.modServiceUrl,\n did: env.modServiceDid,\n }\n }\n\n let reportServiceCfg: ServerConfig['reportService'] = null\n if (env.reportServiceUrl) {\n assert(\n env.reportServiceDid,\n 'if report service url is configured, must configure its did as well.',\n )\n reportServiceCfg = {\n url: env.reportServiceUrl,\n did: env.reportServiceDid,\n }\n }\n\n // if there's a mod service, default report service into it\n if (modServiceCfg && !reportServiceCfg) {\n reportServiceCfg = modServiceCfg\n }\n\n const redisCfg: ServerConfig['redis'] = env.redisScratchAddress\n ? {\n address: env.redisScratchAddress,\n password: env.redisScratchPassword,\n }\n : null\n\n const rateLimitsCfg: ServerConfig['rateLimits'] = env.rateLimitsEnabled\n ? {\n enabled: true,\n bypassKey: env.rateLimitBypassKey,\n bypassIps: env.rateLimitBypassIps?.map((ipOrCidr) =>\n ipOrCidr.split('/')[0]?.trim(),\n ),\n }\n : { enabled: false }\n\n const crawlersCfg: ServerConfig['crawlers'] = env.crawlers ?? []\n\n const fetchCfg: ServerConfig['fetch'] = {\n disableSsrfProtection: env.disableSsrfProtection ?? env.devMode ?? false,\n maxResponseSize: env.fetchMaxResponseSize ?? 512 * 1024, // 512kb\n }\n\n const proxyCfg: ServerConfig['proxy'] = {\n disableSsrfProtection: env.disableSsrfProtection ?? env.devMode ?? false,\n allowHTTP2: env.proxyAllowHTTP2 ?? false,\n headersTimeout: env.proxyHeadersTimeout ?? 10e3,\n bodyTimeout: env.proxyBodyTimeout ?? 30e3,\n maxResponseSize: env.proxyMaxResponseSize ?? 10 * 1024 * 1024, // 10mb\n maxRetries:\n env.proxyMaxRetries != null && env.proxyMaxRetries > 0\n ? env.proxyMaxRetries\n : 0,\n preferCompressed: env.proxyPreferCompressed ?? false,\n }\n\n const oauthCfg: ServerConfig['oauth'] = entrywayCfg\n ? {\n issuer: entrywayCfg.url,\n provider: undefined,\n }\n : {\n issuer: serviceCfg.publicUrl,\n provider: {\n hcaptcha:\n env.hcaptchaSiteKey &&\n env.hcaptchaSecretKey &&\n env.hcaptchaTokenSalt\n ? {\n siteKey: env.hcaptchaSiteKey,\n secretKey: env.hcaptchaSecretKey,\n tokenSalt: env.hcaptchaTokenSalt,\n }\n : undefined,\n branding: {\n name: env.serviceName ?? `${hostname} PDS`,\n logo: env.logoUrl,\n colors: {\n light: env.lightColor,\n dark: env.darkColor,\n primary: env.primaryColor,\n primaryContrast: env.primaryColorContrast,\n primaryHue: env.primaryColorHue,\n error: env.errorColor,\n errorContrast: env.errorColorContrast,\n errorHue: env.errorColorHue,\n success: env.successColor,\n successContrast: env.successColorContrast,\n successHue: env.successColorHue,\n warning: env.warningColor,\n warningContrast: env.warningColorContrast,\n warningHue: env.warningColorHue,\n },\n links: [\n {\n title: { en: 'Home', fr: 'Accueil' },\n href: env.homeUrl,\n rel: 'canonical' as const, // Prevents login page from being indexed\n },\n {\n title: { en: 'Terms of Service' },\n href: env.termsOfServiceUrl,\n rel: 'terms-of-service' as const,\n },\n {\n title: { en: 'Privacy Policy' },\n href: env.privacyPolicyUrl,\n rel: 'privacy-policy' as const,\n },\n {\n title: { en: 'Support' },\n href: env.supportUrl,\n rel: 'help' as const,\n },\n ].filter(\n <T extends { href?: string }>(f: T): f is T & { href: string } =>\n f.href != null && f.href !== '',\n ),\n },\n trustedClients: env.trustedOAuthClients,\n },\n }\n\n const lexiconCfg: LexiconResolverConfig = {\n didAuthority: env.lexiconDidAuthority,\n }\n\n return {\n service: serviceCfg,\n db: dbCfg,\n actorStore: actorStoreCfg,\n blobstore: blobstoreCfg,\n identity: identityCfg,\n entryway: entrywayCfg,\n invites: invitesCfg,\n email: emailCfg,\n moderationEmail: moderationEmailCfg,\n subscription: subscriptionCfg,\n bskyAppView: bskyAppViewCfg,\n modService: modServiceCfg,\n reportService: reportServiceCfg,\n redis: redisCfg,\n rateLimits: rateLimitsCfg,\n crawlers: crawlersCfg,\n fetch: fetchCfg,\n lexicon: lexiconCfg,\n proxy: proxyCfg,\n oauth: oauthCfg,\n }\n}\n\nexport type ServerConfig = {\n service: ServiceConfig\n db: DatabaseConfig\n actorStore: ActorStoreConfig\n blobstore: S3BlobstoreConfig | DiskBlobstoreConfig\n identity: IdentityConfig\n entryway: EntrywayConfig | null\n invites: InvitesConfig\n email: EmailConfig | null\n moderationEmail: EmailConfig | null\n subscription: SubscriptionConfig\n bskyAppView: BksyAppViewConfig | null\n modService: ModServiceConfig | null\n reportService: ReportServiceConfig | null\n redis: RedisScratchConfig | null\n rateLimits: RateLimitsConfig\n crawlers: string[]\n fetch: FetchConfig\n proxy: ProxyConfig\n oauth: OAuthConfig\n lexicon: LexiconResolverConfig\n}\n\nexport type ServiceConfig = {\n port: number\n hostname: string\n publicUrl: string\n did: string\n version?: string\n privacyPolicyUrl?: string\n termsOfServiceUrl?: string\n acceptingImports: boolean\n maxImportSize?: number\n blobUploadLimit: number\n contactEmailAddress?: string\n devMode: boolean\n}\n\nexport type DatabaseConfig = {\n accountDbLoc: string\n sequencerDbLoc: string\n didCacheDbLoc: string\n disableWalAutoCheckpoint: boolean\n}\n\nexport type ActorStoreConfig = {\n directory: string\n cacheSize: number\n disableWalAutoCheckpoint: boolean\n}\n\nexport type S3BlobstoreConfig = {\n provider: 's3'\n bucket: string\n region?: string\n endpoint?: string\n forcePathStyle?: boolean\n uploadTimeoutMs?: number\n credentials?: {\n accessKeyId: string\n secretAccessKey: string\n }\n}\n\nexport type DiskBlobstoreConfig = {\n provider: 'disk'\n location: string\n tempLocation?: string\n}\n\nexport type IdentityConfig = {\n plcUrl: string\n resolverTimeout: number\n cacheStaleTTL: number\n cacheMaxTTL: number\n recoveryDidKey: string | null\n serviceHandleDomains: string[]\n handleBackupNameservers?: string[]\n enableDidDocWithSession: boolean\n}\n\nexport type EntrywayConfig = {\n url: string\n did: string\n jwtPublicKeyHex: string\n plcRotationKey: string\n}\n\nexport type FetchConfig = {\n disableSsrfProtection: boolean\n maxResponseSize: number\n}\n\nexport type ProxyConfig = {\n disableSsrfProtection: boolean\n allowHTTP2: boolean\n headersTimeout: number\n bodyTimeout: number\n maxResponseSize: number\n maxRetries: number\n\n /**\n * When proxying requests that might get intercepted (for read-after-write) we\n * negotiate the encoding based on the client's preferences. We will however\n * use or own weights in order to be able to better control if the PDS will\n * need to perform content decoding. This settings allows to prefer compressed\n * content over uncompressed one.\n */\n preferCompressed: boolean\n}\n\nexport type OAuthConfig = {\n issuer: string\n provider?: {\n hcaptcha?: HcaptchaConfig\n branding: BrandingInput\n trustedClients?: string[]\n }\n}\n\nexport type LexiconResolverConfig = {\n didAuthority?: string\n}\n\nexport type InvitesConfig =\n | {\n required: true\n interval: number | null\n epoch: number\n }\n | {\n required: false\n }\n\nexport type EmailConfig = {\n smtpUrl: string\n fromAddress: string\n}\n\nexport type SubscriptionConfig = {\n maxBuffer: number\n repoBackfillLimitMs: number\n}\n\nexport type RedisScratchConfig = {\n address: string\n password?: string\n}\n\nexport type RateLimitsConfig =\n | {\n enabled: true\n bypassKey?: string\n bypassIps?: string[]\n }\n | { enabled: false }\n\nexport type BksyAppViewConfig = {\n url: string\n did: string\n cdnUrlPattern?: string\n}\n\nexport type ModServiceConfig = {\n url: string\n did: string\n}\n\nexport type ReportServiceConfig = {\n url: string\n did: string\n}\n"]}
1
+ {"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/config/config.ts"],"names":[],"mappings":";;;;;;AAAA,8DAAgC;AAChC,0DAA4B;AAC5B,4CAAmD;AAEnD,4CAAgD;AAGhD,iCAAiC;AACjC,gEAAgE;AAEzD,MAAM,QAAQ,GAAG,CAAC,GAAsB,EAAgB,EAAE;IAC/D,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,IAAI,IAAI,CAAA;IAC7B,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,IAAI,WAAW,CAAA;IAC5C,MAAM,SAAS,GACb,QAAQ,KAAK,WAAW;QACtB,CAAC,CAAC,oBAAoB,IAAI,EAAE;QAC5B,CAAC,CAAC,WAAW,QAAQ,EAAE,CAAA;IAC3B,MAAM,GAAG,GAAG,GAAG,CAAC,UAAU,IAAI,WAAW,QAAQ,EAAE,CAAA;IACnD,MAAM,UAAU,GAA4B;QAC1C,IAAI;QACJ,QAAQ;QACR,SAAS;QACT,GAAG;QACH,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,WAAW;QACjC,gBAAgB,EAAE,GAAG,CAAC,gBAAgB;QACtC,iBAAiB,EAAE,GAAG,CAAC,iBAAiB;QACxC,mBAAmB,EAAE,GAAG,CAAC,mBAAmB;QAC5C,gBAAgB,EAAE,GAAG,CAAC,gBAAgB,IAAI,IAAI;QAC9C,aAAa,EAAE,GAAG,CAAC,aAAa;QAChC,eAAe,EAAE,GAAG,CAAC,eAAe,IAAI,CAAC,GAAG,IAAI,GAAG,IAAI,EAAE,MAAM;QAC/D,OAAO,EAAE,GAAG,CAAC,OAAO,IAAI,KAAK;KAC9B,CAAA;IAED,MAAM,KAAK,GAAG,CAAC,IAAY,EAAE,EAAE;QAC7B,OAAO,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,mBAAI,CAAC,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IACtE,CAAC,CAAA;IAED,MAAM,wBAAwB,GAAG,GAAG,CAAC,wBAAwB,IAAI,KAAK,CAAA;IAEtE,MAAM,KAAK,GAAuB;QAChC,YAAY,EAAE,GAAG,CAAC,iBAAiB,IAAI,KAAK,CAAC,gBAAgB,CAAC;QAC9D,cAAc,EAAE,GAAG,CAAC,mBAAmB,IAAI,KAAK,CAAC,kBAAkB,CAAC;QACpE,aAAa,EAAE,GAAG,CAAC,kBAAkB,IAAI,KAAK,CAAC,kBAAkB,CAAC;QAClE,wBAAwB;KACzB,CAAA;IAED,MAAM,aAAa,GAA+B;QAChD,SAAS,EAAE,GAAG,CAAC,mBAAmB,IAAI,KAAK,CAAC,QAAQ,CAAC;QACrD,SAAS,EAAE,GAAG,CAAC,mBAAmB,IAAI,GAAG;QACzC,wBAAwB;KACzB,CAAA;IAED,IAAI,YAAuC,CAAA;IAC3C,IAAI,GAAG,CAAC,iBAAiB,IAAI,GAAG,CAAC,qBAAqB,EAAE,CAAC;QACvD,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAA;IACnE,CAAC;IACD,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;QAC1B,YAAY,GAAG;YACb,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,GAAG,CAAC,iBAAiB;YAC7B,eAAe,EAAE,GAAG,CAAC,0BAA0B,IAAI,KAAK;YACxD,MAAM,EAAE,GAAG,CAAC,iBAAiB;YAC7B,QAAQ,EAAE,GAAG,CAAC,mBAAmB;YACjC,cAAc,EAAE,GAAG,CAAC,yBAAyB;SAC9C,CAAA;QACD,IAAI,GAAG,CAAC,sBAAsB,IAAI,GAAG,CAAC,0BAA0B,EAAE,CAAC;YACjE,IAAI,CAAC,GAAG,CAAC,sBAAsB,IAAI,CAAC,GAAG,CAAC,0BAA0B,EAAE,CAAC;gBACnE,MAAM,IAAI,KAAK,CACb,6EAA6E,CAC9E,CAAA;YACH,CAAC;YACD,YAAY,CAAC,WAAW,GAAG;gBACzB,WAAW,EAAE,GAAG,CAAC,sBAAsB;gBACvC,eAAe,EAAE,GAAG,CAAC,0BAA0B;aAChD,CAAA;QACH,CAAC;IACH,CAAC;SAAM,IAAI,GAAG,CAAC,qBAAqB,EAAE,CAAC;QACrC,YAAY,GAAG;YACb,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,GAAG,CAAC,qBAAqB;YACnC,YAAY,EAAE,GAAG,CAAC,wBAAwB;SAC3C,CAAA;IACH,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAA;IAC/D,CAAC;IAED,IAAI,oBAA8B,CAAA;IAClC,IAAI,GAAG,CAAC,oBAAoB,IAAI,GAAG,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpE,oBAAoB,GAAG,GAAG,CAAC,oBAAoB,CAAA;IACjD,CAAC;SAAM,CAAC;QACN,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;YAC7B,oBAAoB,GAAG,CAAC,OAAO,CAAC,CAAA;QAClC,CAAC;aAAM,CAAC;YACN,oBAAoB,GAAG,CAAC,IAAI,QAAQ,EAAE,CAAC,CAAA;QACzC,CAAC;IACH,CAAC;IACD,MAAM,aAAa,GAAG,oBAAoB,CAAC,IAAI,CAC7C,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CACzD,CAAA;IACD,IAAI,aAAa,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,0BAA0B,aAAa,EAAE,CAAC,CAAA;IAC5D,CAAC;IAED,MAAM,WAAW,GAA6B;QAC5C,MAAM,EAAE,GAAG,CAAC,SAAS,IAAI,uBAAuB;QAChD,WAAW,EAAE,GAAG,CAAC,cAAc,IAAI,YAAG;QACtC,aAAa,EAAE,GAAG,CAAC,gBAAgB,IAAI,aAAI;QAC3C,eAAe,EAAE,GAAG,CAAC,eAAe,IAAI,CAAC,GAAG,eAAM;QAClD,cAAc,EAAE,GAAG,CAAC,cAAc,IAAI,IAAI;QAC1C,oBAAoB;QACpB,uBAAuB,EAAE,GAAG,CAAC,uBAAuB;QACpD,uBAAuB,EAAE,CAAC,CAAC,GAAG,CAAC,uBAAuB;KACvD,CAAA;IAED,IAAI,WAAW,GAA6B,IAAI,CAAA;IAChD,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC;QACpB,IAAA,qBAAM,EACJ,GAAG,CAAC,oCAAoC;YACtC,GAAG,CAAC,sBAAsB;YAC1B,GAAG,CAAC,WAAW,EACjB,iFAAiF,CAClF,CAAA;QACD,WAAW,GAAG;YACZ,GAAG,EAAE,GAAG,CAAC,WAAW;YACpB,GAAG,EAAE,GAAG,CAAC,WAAW;YACpB,eAAe,EAAE,GAAG,CAAC,oCAAoC;YACzD,cAAc,EAAE,GAAG,CAAC,sBAAsB;SAC3C,CAAA;IACH,CAAC;IAED,8CAA8C;IAC9C,MAAM,UAAU,GACd,GAAG,CAAC,cAAc,KAAK,KAAK;QAC1B,CAAC,CAAC;YACE,QAAQ,EAAE,KAAK;SAChB;QACH,CAAC,CAAC;YACE,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,cAAc,IAAI,IAAI;YACpC,KAAK,EAAE,GAAG,CAAC,WAAW,IAAI,CAAC;SAC5B,CAAA;IAEP,IAAI,QAA+B,CAAA;IACnC,IAAI,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;QAC/C,QAAQ,GAAG,IAAI,CAAA;IACjB,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;YAC/C,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAA;QACH,CAAC;QACD,QAAQ,GAAG;YACT,OAAO,EAAE,GAAG,CAAC,YAAY;YACzB,WAAW,EAAE,GAAG,CAAC,gBAAgB;SAClC,CAAA;IACH,CAAC;IAED,IAAI,kBAAmD,CAAA;IACvD,IAAI,CAAC,GAAG,CAAC,sBAAsB,IAAI,CAAC,GAAG,CAAC,sBAAsB,EAAE,CAAC;QAC/D,kBAAkB,GAAG,IAAI,CAAA;IAC3B,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,GAAG,CAAC,sBAAsB,IAAI,CAAC,GAAG,CAAC,sBAAsB,EAAE,CAAC;YAC/D,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAA;QACH,CAAC;QACD,kBAAkB,GAAG;YACnB,OAAO,EAAE,GAAG,CAAC,sBAAsB;YACnC,WAAW,EAAE,GAAG,CAAC,sBAAsB;SACxC,CAAA;IACH,CAAC;IAED,MAAM,eAAe,GAAiC;QACpD,SAAS,EAAE,GAAG,CAAC,qBAAqB,IAAI,GAAG;QAC3C,mBAAmB,EAAE,GAAG,CAAC,mBAAmB,IAAI,YAAG;KACpD,CAAA;IAED,IAAI,cAAc,GAAgC,IAAI,CAAA;IACtD,IAAI,GAAG,CAAC,cAAc,EAAE,CAAC;QACvB,IAAA,qBAAM,EACJ,GAAG,CAAC,cAAc,EAClB,4EAA4E,CAC7E,CAAA;QACD,cAAc,GAAG;YACf,GAAG,EAAE,GAAG,CAAC,cAAc;YACvB,GAAG,EAAE,GAAG,CAAC,cAAc;YACvB,aAAa,EAAE,GAAG,CAAC,wBAAwB;SAC5C,CAAA;IACH,CAAC;IAED,IAAI,aAAa,GAA+B,IAAI,CAAA;IACpD,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;QACtB,IAAA,qBAAM,EACJ,GAAG,CAAC,aAAa,EACjB,mEAAmE,CACpE,CAAA;QACD,aAAa,GAAG;YACd,GAAG,EAAE,GAAG,CAAC,aAAa;YACtB,GAAG,EAAE,GAAG,CAAC,aAAa;SACvB,CAAA;IACH,CAAC;IAED,IAAI,gBAAgB,GAAkC,IAAI,CAAA;IAC1D,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACzB,IAAA,qBAAM,EACJ,GAAG,CAAC,gBAAgB,EACpB,sEAAsE,CACvE,CAAA;QACD,gBAAgB,GAAG;YACjB,GAAG,EAAE,GAAG,CAAC,gBAAgB;YACzB,GAAG,EAAE,GAAG,CAAC,gBAAgB;SAC1B,CAAA;IACH,CAAC;IAED,2DAA2D;IAC3D,IAAI,aAAa,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACvC,gBAAgB,GAAG,aAAa,CAAA;IAClC,CAAC;IAED,MAAM,QAAQ,GAA0B,GAAG,CAAC,mBAAmB;QAC7D,CAAC,CAAC;YACE,OAAO,EAAE,GAAG,CAAC,mBAAmB;YAChC,QAAQ,EAAE,GAAG,CAAC,oBAAoB;SACnC;QACH,CAAC,CAAC,IAAI,CAAA;IAER,MAAM,aAAa,GAA+B,GAAG,CAAC,iBAAiB;QACrE,CAAC,CAAC;YACE,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,GAAG,CAAC,kBAAkB;YACjC,SAAS,EAAE,GAAG,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAClD,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAC/B;SACF;QACH,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAA;IAEtB,MAAM,WAAW,GAA6B,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAA;IAEhE,MAAM,QAAQ,GAA0B;QACtC,qBAAqB,EAAE,GAAG,CAAC,qBAAqB,IAAI,GAAG,CAAC,OAAO,IAAI,KAAK;QACxE,eAAe,EAAE,GAAG,CAAC,oBAAoB,IAAI,GAAG,GAAG,IAAI,EAAE,QAAQ;KAClE,CAAA;IAED,MAAM,QAAQ,GAA0B;QACtC,qBAAqB,EAAE,GAAG,CAAC,qBAAqB,IAAI,GAAG,CAAC,OAAO,IAAI,KAAK;QACxE,UAAU,EAAE,GAAG,CAAC,eAAe,IAAI,KAAK;QACxC,cAAc,EAAE,GAAG,CAAC,mBAAmB,IAAI,IAAI;QAC/C,WAAW,EAAE,GAAG,CAAC,gBAAgB,IAAI,IAAI;QACzC,eAAe,EAAE,GAAG,CAAC,oBAAoB,IAAI,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,OAAO;QACtE,UAAU,EACR,GAAG,CAAC,eAAe,IAAI,IAAI,IAAI,GAAG,CAAC,eAAe,GAAG,CAAC;YACpD,CAAC,CAAC,GAAG,CAAC,eAAe;YACrB,CAAC,CAAC,CAAC;QACP,gBAAgB,EAAE,GAAG,CAAC,qBAAqB,IAAI,KAAK;KACrD,CAAA;IAED,MAAM,QAAQ,GAA0B,WAAW;QACjD,CAAC,CAAC;YACE,MAAM,EAAE,WAAW,CAAC,GAAG;YACvB,QAAQ,EAAE,SAAS;SACpB;QACH,CAAC,CAAC;YACE,MAAM,EAAE,UAAU,CAAC,SAAS;YAC5B,QAAQ,EAAE;gBACR,QAAQ,EACN,GAAG,CAAC,eAAe;oBACnB,GAAG,CAAC,iBAAiB;oBACrB,GAAG,CAAC,iBAAiB;oBACnB,CAAC,CAAC;wBACE,OAAO,EAAE,GAAG,CAAC,eAAe;wBAC5B,SAAS,EAAE,GAAG,CAAC,iBAAiB;wBAChC,SAAS,EAAE,GAAG,CAAC,iBAAiB;qBACjC;oBACH,CAAC,CAAC,SAAS;gBACf,QAAQ,EAAE;oBACR,IAAI,EAAE,GAAG,CAAC,WAAW,IAAI,GAAG,QAAQ,MAAM;oBAC1C,IAAI,EAAE,GAAG,CAAC,OAAO;oBACjB,MAAM,EAAE;wBACN,KAAK,EAAE,GAAG,CAAC,UAAU;wBACrB,IAAI,EAAE,GAAG,CAAC,SAAS;wBACnB,OAAO,EAAE,GAAG,CAAC,YAAY;wBACzB,eAAe,EAAE,GAAG,CAAC,oBAAoB;wBACzC,UAAU,EAAE,GAAG,CAAC,eAAe;wBAC/B,KAAK,EAAE,GAAG,CAAC,UAAU;wBACrB,aAAa,EAAE,GAAG,CAAC,kBAAkB;wBACrC,QAAQ,EAAE,GAAG,CAAC,aAAa;wBAC3B,OAAO,EAAE,GAAG,CAAC,YAAY;wBACzB,eAAe,EAAE,GAAG,CAAC,oBAAoB;wBACzC,UAAU,EAAE,GAAG,CAAC,eAAe;wBAC/B,OAAO,EAAE,GAAG,CAAC,YAAY;wBACzB,eAAe,EAAE,GAAG,CAAC,oBAAoB;wBACzC,UAAU,EAAE,GAAG,CAAC,eAAe;qBAChC;oBACD,KAAK,EAAE;wBACL;4BACE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,SAAS,EAAE;4BACpC,IAAI,EAAE,GAAG,CAAC,OAAO;4BACjB,GAAG,EAAE,WAAoB,EAAE,yCAAyC;yBACrE;wBACD;4BACE,KAAK,EAAE,EAAE,EAAE,EAAE,kBAAkB,EAAE;4BACjC,IAAI,EAAE,GAAG,CAAC,iBAAiB;4BAC3B,GAAG,EAAE,kBAA2B;yBACjC;wBACD;4BACE,KAAK,EAAE,EAAE,EAAE,EAAE,gBAAgB,EAAE;4BAC/B,IAAI,EAAE,GAAG,CAAC,gBAAgB;4BAC1B,GAAG,EAAE,gBAAyB;yBAC/B;wBACD;4BACE,KAAK,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE;4BACxB,IAAI,EAAE,GAAG,CAAC,UAAU;4BACpB,GAAG,EAAE,MAAe;yBACrB;qBACF,CAAC,MAAM,CACN,CAA8B,CAAI,EAA6B,EAAE,CAC/D,CAAC,CAAC,IAAI,IAAI,IAAI,IAAI,CAAC,CAAC,IAAI,KAAK,EAAE,CAClC;iBACF;gBACD,cAAc,EAAE,GAAG,CAAC,mBAAmB;aACxC;SACF,CAAA;IAEL,MAAM,UAAU,GAA0B,EAAE,CAAA;IAE5C,IAAI,GAAG,CAAC,mBAAmB,IAAI,IAAI,EAAE,CAAC;QACpC,IAAA,uBAAc,EAAC,GAAG,CAAC,mBAAmB,CAAC,CAAA;QACvC,UAAU,CAAC,YAAY,GAAG,GAAG,CAAC,mBAAmB,CAAA;IACnD,CAAC;IAED,OAAO;QACL,OAAO,EAAE,UAAU;QACnB,EAAE,EAAE,KAAK;QACT,UAAU,EAAE,aAAa;QACzB,SAAS,EAAE,YAAY;QACvB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,WAAW;QACrB,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,QAAQ;QACf,eAAe,EAAE,kBAAkB;QACnC,YAAY,EAAE,eAAe;QAC7B,WAAW,EAAE,cAAc;QAC3B,UAAU,EAAE,aAAa;QACzB,aAAa,EAAE,gBAAgB;QAC/B,KAAK,EAAE,QAAQ;QACf,UAAU,EAAE,aAAa;QACzB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,QAAQ;QACf,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,QAAQ;QACf,KAAK,EAAE,QAAQ;KAChB,CAAA;AACH,CAAC,CAAA;AAtVY,QAAA,QAAQ,YAsVpB","sourcesContent":["import assert from 'node:assert'\nimport path from 'node:path'\nimport { DAY, HOUR, SECOND } from '@atproto/common'\nimport { BrandingInput, HcaptchaConfig } from '@atproto/oauth-provider'\nimport { ensureValidDid } from '@atproto/syntax'\nimport { ServerEnvironment } from './env'\n\n// off-config but still from env:\n// logging: LOG_LEVEL, LOG_SYSTEMS, LOG_ENABLED, LOG_DESTINATION\n\nexport const envToCfg = (env: ServerEnvironment): ServerConfig => {\n const port = env.port ?? 2583\n const hostname = env.hostname ?? 'localhost'\n const publicUrl =\n hostname === 'localhost'\n ? `http://localhost:${port}`\n : `https://${hostname}`\n const did = env.serviceDid ?? `did:web:${hostname}`\n const serviceCfg: ServerConfig['service'] = {\n port,\n hostname,\n publicUrl,\n did,\n version: env.version, // default?\n privacyPolicyUrl: env.privacyPolicyUrl,\n termsOfServiceUrl: env.termsOfServiceUrl,\n contactEmailAddress: env.contactEmailAddress,\n acceptingImports: env.acceptingImports ?? true,\n maxImportSize: env.maxImportSize,\n blobUploadLimit: env.blobUploadLimit ?? 5 * 1024 * 1024, // 5mb\n devMode: env.devMode ?? false,\n }\n\n const dbLoc = (name: string) => {\n return env.dataDirectory ? path.join(env.dataDirectory, name) : name\n }\n\n const disableWalAutoCheckpoint = env.disableWalAutoCheckpoint ?? false\n\n const dbCfg: ServerConfig['db'] = {\n accountDbLoc: env.accountDbLocation ?? dbLoc('account.sqlite'),\n sequencerDbLoc: env.sequencerDbLocation ?? dbLoc('sequencer.sqlite'),\n didCacheDbLoc: env.didCacheDbLocation ?? dbLoc('did_cache.sqlite'),\n disableWalAutoCheckpoint,\n }\n\n const actorStoreCfg: ServerConfig['actorStore'] = {\n directory: env.actorStoreDirectory ?? dbLoc('actors'),\n cacheSize: env.actorStoreCacheSize ?? 100,\n disableWalAutoCheckpoint,\n }\n\n let blobstoreCfg: ServerConfig['blobstore']\n if (env.blobstoreS3Bucket && env.blobstoreDiskLocation) {\n throw new Error('Cannot set both S3 and disk blobstore env vars')\n }\n if (env.blobstoreS3Bucket) {\n blobstoreCfg = {\n provider: 's3',\n bucket: env.blobstoreS3Bucket,\n uploadTimeoutMs: env.blobstoreS3UploadTimeoutMs || 20000,\n region: env.blobstoreS3Region,\n endpoint: env.blobstoreS3Endpoint,\n forcePathStyle: env.blobstoreS3ForcePathStyle,\n }\n if (env.blobstoreS3AccessKeyId || env.blobstoreS3SecretAccessKey) {\n if (!env.blobstoreS3AccessKeyId || !env.blobstoreS3SecretAccessKey) {\n throw new Error(\n 'Must specify both S3 access key id and secret access key blobstore env vars',\n )\n }\n blobstoreCfg.credentials = {\n accessKeyId: env.blobstoreS3AccessKeyId,\n secretAccessKey: env.blobstoreS3SecretAccessKey,\n }\n }\n } else if (env.blobstoreDiskLocation) {\n blobstoreCfg = {\n provider: 'disk',\n location: env.blobstoreDiskLocation,\n tempLocation: env.blobstoreDiskTmpLocation,\n }\n } else {\n throw new Error('Must configure either S3 or disk blobstore')\n }\n\n let serviceHandleDomains: string[]\n if (env.serviceHandleDomains && env.serviceHandleDomains.length > 0) {\n serviceHandleDomains = env.serviceHandleDomains\n } else {\n if (hostname === 'localhost') {\n serviceHandleDomains = ['.test']\n } else {\n serviceHandleDomains = [`.${hostname}`]\n }\n }\n const invalidDomain = serviceHandleDomains.find(\n (domain) => domain.length < 1 || !domain.startsWith('.'),\n )\n if (invalidDomain) {\n throw new Error(`Invalid handle domain: ${invalidDomain}`)\n }\n\n const identityCfg: ServerConfig['identity'] = {\n plcUrl: env.didPlcUrl ?? 'https://plc.directory',\n cacheMaxTTL: env.didCacheMaxTTL ?? DAY,\n cacheStaleTTL: env.didCacheStaleTTL ?? HOUR,\n resolverTimeout: env.resolverTimeout ?? 3 * SECOND,\n recoveryDidKey: env.recoveryDidKey ?? null,\n serviceHandleDomains,\n handleBackupNameservers: env.handleBackupNameservers,\n enableDidDocWithSession: !!env.enableDidDocWithSession,\n }\n\n let entrywayCfg: ServerConfig['entryway'] = null\n if (env.entrywayUrl) {\n assert(\n env.entrywayJwtVerifyKeyK256PublicKeyHex &&\n env.entrywayPlcRotationKey &&\n env.entrywayDid,\n 'if entryway url is configured, must include all required entryway configuration',\n )\n entrywayCfg = {\n url: env.entrywayUrl,\n did: env.entrywayDid,\n jwtPublicKeyHex: env.entrywayJwtVerifyKeyK256PublicKeyHex,\n plcRotationKey: env.entrywayPlcRotationKey,\n }\n }\n\n // default to being required if left undefined\n const invitesCfg: ServerConfig['invites'] =\n env.inviteRequired === false\n ? {\n required: false,\n }\n : {\n required: true,\n interval: env.inviteInterval ?? null,\n epoch: env.inviteEpoch ?? 0,\n }\n\n let emailCfg: ServerConfig['email']\n if (!env.emailFromAddress && !env.emailSmtpUrl) {\n emailCfg = null\n } else {\n if (!env.emailFromAddress || !env.emailSmtpUrl) {\n throw new Error(\n 'Partial email config, must set both emailFromAddress and emailSmtpUrl',\n )\n }\n emailCfg = {\n smtpUrl: env.emailSmtpUrl,\n fromAddress: env.emailFromAddress,\n }\n }\n\n let moderationEmailCfg: ServerConfig['moderationEmail']\n if (!env.moderationEmailAddress && !env.moderationEmailSmtpUrl) {\n moderationEmailCfg = null\n } else {\n if (!env.moderationEmailAddress || !env.moderationEmailSmtpUrl) {\n throw new Error(\n 'Partial moderation email config, must set both emailFromAddress and emailSmtpUrl',\n )\n }\n moderationEmailCfg = {\n smtpUrl: env.moderationEmailSmtpUrl,\n fromAddress: env.moderationEmailAddress,\n }\n }\n\n const subscriptionCfg: ServerConfig['subscription'] = {\n maxBuffer: env.maxSubscriptionBuffer ?? 500,\n repoBackfillLimitMs: env.repoBackfillLimitMs ?? DAY,\n }\n\n let bskyAppViewCfg: ServerConfig['bskyAppView'] = null\n if (env.bskyAppViewUrl) {\n assert(\n env.bskyAppViewDid,\n 'if bsky appview service url is configured, must configure its did as well.',\n )\n bskyAppViewCfg = {\n url: env.bskyAppViewUrl,\n did: env.bskyAppViewDid,\n cdnUrlPattern: env.bskyAppViewCdnUrlPattern,\n }\n }\n\n let modServiceCfg: ServerConfig['modService'] = null\n if (env.modServiceUrl) {\n assert(\n env.modServiceDid,\n 'if mod service url is configured, must configure its did as well.',\n )\n modServiceCfg = {\n url: env.modServiceUrl,\n did: env.modServiceDid,\n }\n }\n\n let reportServiceCfg: ServerConfig['reportService'] = null\n if (env.reportServiceUrl) {\n assert(\n env.reportServiceDid,\n 'if report service url is configured, must configure its did as well.',\n )\n reportServiceCfg = {\n url: env.reportServiceUrl,\n did: env.reportServiceDid,\n }\n }\n\n // if there's a mod service, default report service into it\n if (modServiceCfg && !reportServiceCfg) {\n reportServiceCfg = modServiceCfg\n }\n\n const redisCfg: ServerConfig['redis'] = env.redisScratchAddress\n ? {\n address: env.redisScratchAddress,\n password: env.redisScratchPassword,\n }\n : null\n\n const rateLimitsCfg: ServerConfig['rateLimits'] = env.rateLimitsEnabled\n ? {\n enabled: true,\n bypassKey: env.rateLimitBypassKey,\n bypassIps: env.rateLimitBypassIps?.map((ipOrCidr) =>\n ipOrCidr.split('/')[0]?.trim(),\n ),\n }\n : { enabled: false }\n\n const crawlersCfg: ServerConfig['crawlers'] = env.crawlers ?? []\n\n const fetchCfg: ServerConfig['fetch'] = {\n disableSsrfProtection: env.disableSsrfProtection ?? env.devMode ?? false,\n maxResponseSize: env.fetchMaxResponseSize ?? 512 * 1024, // 512kb\n }\n\n const proxyCfg: ServerConfig['proxy'] = {\n disableSsrfProtection: env.disableSsrfProtection ?? env.devMode ?? false,\n allowHTTP2: env.proxyAllowHTTP2 ?? false,\n headersTimeout: env.proxyHeadersTimeout ?? 10e3,\n bodyTimeout: env.proxyBodyTimeout ?? 30e3,\n maxResponseSize: env.proxyMaxResponseSize ?? 10 * 1024 * 1024, // 10mb\n maxRetries:\n env.proxyMaxRetries != null && env.proxyMaxRetries > 0\n ? env.proxyMaxRetries\n : 0,\n preferCompressed: env.proxyPreferCompressed ?? false,\n }\n\n const oauthCfg: ServerConfig['oauth'] = entrywayCfg\n ? {\n issuer: entrywayCfg.url,\n provider: undefined,\n }\n : {\n issuer: serviceCfg.publicUrl,\n provider: {\n hcaptcha:\n env.hcaptchaSiteKey &&\n env.hcaptchaSecretKey &&\n env.hcaptchaTokenSalt\n ? {\n siteKey: env.hcaptchaSiteKey,\n secretKey: env.hcaptchaSecretKey,\n tokenSalt: env.hcaptchaTokenSalt,\n }\n : undefined,\n branding: {\n name: env.serviceName ?? `${hostname} PDS`,\n logo: env.logoUrl,\n colors: {\n light: env.lightColor,\n dark: env.darkColor,\n primary: env.primaryColor,\n primaryContrast: env.primaryColorContrast,\n primaryHue: env.primaryColorHue,\n error: env.errorColor,\n errorContrast: env.errorColorContrast,\n errorHue: env.errorColorHue,\n success: env.successColor,\n successContrast: env.successColorContrast,\n successHue: env.successColorHue,\n warning: env.warningColor,\n warningContrast: env.warningColorContrast,\n warningHue: env.warningColorHue,\n },\n links: [\n {\n title: { en: 'Home', fr: 'Accueil' },\n href: env.homeUrl,\n rel: 'canonical' as const, // Prevents login page from being indexed\n },\n {\n title: { en: 'Terms of Service' },\n href: env.termsOfServiceUrl,\n rel: 'terms-of-service' as const,\n },\n {\n title: { en: 'Privacy Policy' },\n href: env.privacyPolicyUrl,\n rel: 'privacy-policy' as const,\n },\n {\n title: { en: 'Support' },\n href: env.supportUrl,\n rel: 'help' as const,\n },\n ].filter(\n <T extends { href?: string }>(f: T): f is T & { href: string } =>\n f.href != null && f.href !== '',\n ),\n },\n trustedClients: env.trustedOAuthClients,\n },\n }\n\n const lexiconCfg: LexiconResolverConfig = {}\n\n if (env.lexiconDidAuthority != null) {\n ensureValidDid(env.lexiconDidAuthority)\n lexiconCfg.didAuthority = env.lexiconDidAuthority\n }\n\n return {\n service: serviceCfg,\n db: dbCfg,\n actorStore: actorStoreCfg,\n blobstore: blobstoreCfg,\n identity: identityCfg,\n entryway: entrywayCfg,\n invites: invitesCfg,\n email: emailCfg,\n moderationEmail: moderationEmailCfg,\n subscription: subscriptionCfg,\n bskyAppView: bskyAppViewCfg,\n modService: modServiceCfg,\n reportService: reportServiceCfg,\n redis: redisCfg,\n rateLimits: rateLimitsCfg,\n crawlers: crawlersCfg,\n fetch: fetchCfg,\n lexicon: lexiconCfg,\n proxy: proxyCfg,\n oauth: oauthCfg,\n }\n}\n\nexport type ServerConfig = {\n service: ServiceConfig\n db: DatabaseConfig\n actorStore: ActorStoreConfig\n blobstore: S3BlobstoreConfig | DiskBlobstoreConfig\n identity: IdentityConfig\n entryway: EntrywayConfig | null\n invites: InvitesConfig\n email: EmailConfig | null\n moderationEmail: EmailConfig | null\n subscription: SubscriptionConfig\n bskyAppView: BksyAppViewConfig | null\n modService: ModServiceConfig | null\n reportService: ReportServiceConfig | null\n redis: RedisScratchConfig | null\n rateLimits: RateLimitsConfig\n crawlers: string[]\n fetch: FetchConfig\n proxy: ProxyConfig\n oauth: OAuthConfig\n lexicon: LexiconResolverConfig\n}\n\nexport type ServiceConfig = {\n port: number\n hostname: string\n publicUrl: string\n did: string\n version?: string\n privacyPolicyUrl?: string\n termsOfServiceUrl?: string\n acceptingImports: boolean\n maxImportSize?: number\n blobUploadLimit: number\n contactEmailAddress?: string\n devMode: boolean\n}\n\nexport type DatabaseConfig = {\n accountDbLoc: string\n sequencerDbLoc: string\n didCacheDbLoc: string\n disableWalAutoCheckpoint: boolean\n}\n\nexport type ActorStoreConfig = {\n directory: string\n cacheSize: number\n disableWalAutoCheckpoint: boolean\n}\n\nexport type S3BlobstoreConfig = {\n provider: 's3'\n bucket: string\n region?: string\n endpoint?: string\n forcePathStyle?: boolean\n uploadTimeoutMs?: number\n credentials?: {\n accessKeyId: string\n secretAccessKey: string\n }\n}\n\nexport type DiskBlobstoreConfig = {\n provider: 'disk'\n location: string\n tempLocation?: string\n}\n\nexport type IdentityConfig = {\n plcUrl: string\n resolverTimeout: number\n cacheStaleTTL: number\n cacheMaxTTL: number\n recoveryDidKey: string | null\n serviceHandleDomains: string[]\n handleBackupNameservers?: string[]\n enableDidDocWithSession: boolean\n}\n\nexport type EntrywayConfig = {\n url: string\n did: string\n jwtPublicKeyHex: string\n plcRotationKey: string\n}\n\nexport type FetchConfig = {\n disableSsrfProtection: boolean\n maxResponseSize: number\n}\n\nexport type ProxyConfig = {\n disableSsrfProtection: boolean\n allowHTTP2: boolean\n headersTimeout: number\n bodyTimeout: number\n maxResponseSize: number\n maxRetries: number\n\n /**\n * When proxying requests that might get intercepted (for read-after-write) we\n * negotiate the encoding based on the client's preferences. We will however\n * use or own weights in order to be able to better control if the PDS will\n * need to perform content decoding. This settings allows to prefer compressed\n * content over uncompressed one.\n */\n preferCompressed: boolean\n}\n\nexport type OAuthConfig = {\n issuer: string\n provider?: {\n hcaptcha?: HcaptchaConfig\n branding: BrandingInput\n trustedClients?: string[]\n }\n}\n\nexport type LexiconResolverConfig = {\n didAuthority?: `did:${string}:${string}`\n}\n\nexport type InvitesConfig =\n | {\n required: true\n interval: number | null\n epoch: number\n }\n | {\n required: false\n }\n\nexport type EmailConfig = {\n smtpUrl: string\n fromAddress: string\n}\n\nexport type SubscriptionConfig = {\n maxBuffer: number\n repoBackfillLimitMs: number\n}\n\nexport type RedisScratchConfig = {\n address: string\n password?: string\n}\n\nexport type RateLimitsConfig =\n | {\n enabled: true\n bypassKey?: string\n bypassIps?: string[]\n }\n | { enabled: false }\n\nexport type BksyAppViewConfig = {\n url: string\n did: string\n cdnUrlPattern?: string\n}\n\nexport type ModServiceConfig = {\n url: string\n did: string\n}\n\nexport type ReportServiceConfig = {\n url: string\n did: string\n}\n"]}
package/dist/config/env.d.ts CHANGED
@@ -1,103 +1,102 @@
1
- export declare const readEnv: () => ServerEnvironment;
2
- export type ServerEnvironment = {
3
- port?: number;
4
- hostname?: string;
5
- serviceDid?: string;
6
- serviceName?: string;
7
- version?: string;
8
- homeUrl?: string;
9
- logoUrl?: string;
10
- privacyPolicyUrl?: string;
11
- supportUrl?: string;
12
- termsOfServiceUrl?: string;
13
- contactEmailAddress?: string;
14
- acceptingImports?: boolean;
15
- maxImportSize?: number;
16
- blobUploadLimit?: number;
17
- devMode?: boolean;
18
- hcaptchaSiteKey?: string;
19
- hcaptchaSecretKey?: string;
20
- hcaptchaTokenSalt?: string;
21
- trustedOAuthClients?: string[];
22
- lightColor?: string;
23
- darkColor?: string;
24
- primaryColor?: string;
25
- primaryColorContrast?: string;
26
- primaryColorHue?: number;
27
- errorColor?: string;
28
- errorColorContrast?: string;
29
- errorColorHue?: number;
30
- warningColor?: string;
31
- warningColorContrast?: string;
32
- warningColorHue?: number;
33
- successColor?: string;
34
- successColorContrast?: string;
35
- successColorHue?: number;
36
- dataDirectory?: string;
37
- disableWalAutoCheckpoint?: boolean;
38
- accountDbLocation?: string;
39
- sequencerDbLocation?: string;
40
- didCacheDbLocation?: string;
41
- actorStoreDirectory?: string;
42
- actorStoreCacheSize?: number;
43
- blobstoreS3Bucket?: string;
44
- blobstoreDiskLocation?: string;
45
- blobstoreDiskTmpLocation?: string;
46
- blobstoreS3Region?: string;
47
- blobstoreS3Endpoint?: string;
48
- blobstoreS3ForcePathStyle?: boolean;
49
- blobstoreS3AccessKeyId?: string;
50
- blobstoreS3SecretAccessKey?: string;
51
- blobstoreS3UploadTimeoutMs?: number;
52
- didPlcUrl?: string;
53
- didCacheStaleTTL?: number;
54
- didCacheMaxTTL?: number;
55
- resolverTimeout?: number;
56
- recoveryDidKey?: string;
57
- serviceHandleDomains?: string[];
58
- handleBackupNameservers?: string[];
59
- enableDidDocWithSession?: boolean;
60
- entrywayUrl?: string;
61
- entrywayDid?: string;
62
- entrywayJwtVerifyKeyK256PublicKeyHex?: string;
63
- entrywayPlcRotationKey?: string;
64
- inviteRequired?: boolean;
65
- inviteInterval?: number;
66
- inviteEpoch?: number;
67
- emailSmtpUrl?: string;
68
- emailFromAddress?: string;
69
- moderationEmailSmtpUrl?: string;
70
- moderationEmailAddress?: string;
71
- maxSubscriptionBuffer?: number;
72
- repoBackfillLimitMs?: number;
73
- bskyAppViewUrl?: string;
74
- bskyAppViewDid?: string;
75
- bskyAppViewCdnUrlPattern?: string;
76
- modServiceUrl?: string;
77
- modServiceDid?: string;
78
- reportServiceUrl?: string;
79
- reportServiceDid?: string;
80
- rateLimitsEnabled?: boolean;
81
- rateLimitBypassKey?: string;
82
- rateLimitBypassIps?: string[];
83
- redisScratchAddress?: string;
84
- redisScratchPassword?: string;
85
- crawlers?: string[];
86
- dpopSecret?: string;
87
- jwtSecret?: string;
88
- adminPassword?: string;
89
- entrywayAdminToken?: string;
90
- plcRotationKeyKmsKeyId?: string;
91
- plcRotationKeyK256PrivateKeyHex?: string;
92
- disableSsrfProtection?: boolean;
93
- fetchForceLogging?: boolean;
94
- fetchMaxResponseSize?: number;
95
- lexiconDidAuthority?: string;
96
- proxyAllowHTTP2?: boolean;
97
- proxyHeadersTimeout?: number;
98
- proxyBodyTimeout?: number;
99
- proxyMaxResponseSize?: number;
100
- proxyMaxRetries?: number;
101
- proxyPreferCompressed?: boolean;
1
+ export declare function readEnv(): {
2
+ port: number | undefined;
3
+ hostname: string | undefined;
4
+ serviceDid: string | undefined;
5
+ serviceName: string | undefined;
6
+ version: string | undefined;
7
+ homeUrl: string | undefined;
8
+ logoUrl: string | undefined;
9
+ privacyPolicyUrl: string | undefined;
10
+ supportUrl: string | undefined;
11
+ termsOfServiceUrl: string | undefined;
12
+ contactEmailAddress: string | undefined;
13
+ acceptingImports: boolean | undefined;
14
+ maxImportSize: number | undefined;
15
+ blobUploadLimit: number | undefined;
16
+ devMode: boolean | undefined;
17
+ hcaptchaSiteKey: string | undefined;
18
+ hcaptchaSecretKey: string | undefined;
19
+ hcaptchaTokenSalt: string | undefined;
20
+ trustedOAuthClients: string[];
21
+ lightColor: string | undefined;
22
+ darkColor: string | undefined;
23
+ primaryColor: string | undefined;
24
+ primaryColorContrast: string | undefined;
25
+ primaryColorHue: number | undefined;
26
+ errorColor: string | undefined;
27
+ errorColorContrast: string | undefined;
28
+ errorColorHue: number | undefined;
29
+ warningColor: string | undefined;
30
+ warningColorContrast: string | undefined;
31
+ warningColorHue: number | undefined;
32
+ successColor: string | undefined;
33
+ successColorContrast: string | undefined;
34
+ successColorHue: number | undefined;
35
+ dataDirectory: string | undefined;
36
+ disableWalAutoCheckpoint: boolean | undefined;
37
+ accountDbLocation: string | undefined;
38
+ sequencerDbLocation: string | undefined;
39
+ didCacheDbLocation: string | undefined;
40
+ actorStoreDirectory: string | undefined;
41
+ actorStoreCacheSize: number | undefined;
42
+ blobstoreS3Bucket: string | undefined;
43
+ blobstoreS3Region: string | undefined;
44
+ blobstoreS3Endpoint: string | undefined;
45
+ blobstoreS3ForcePathStyle: boolean | undefined;
46
+ blobstoreS3AccessKeyId: string | undefined;
47
+ blobstoreS3SecretAccessKey: string | undefined;
48
+ blobstoreS3UploadTimeoutMs: number | undefined;
49
+ blobstoreDiskLocation: string | undefined;
50
+ blobstoreDiskTmpLocation: string | undefined;
51
+ didPlcUrl: string | undefined;
52
+ didCacheStaleTTL: number | undefined;
53
+ didCacheMaxTTL: number | undefined;
54
+ resolverTimeout: number | undefined;
55
+ recoveryDidKey: string | undefined;
56
+ serviceHandleDomains: string[];
57
+ handleBackupNameservers: string[];
58
+ enableDidDocWithSession: boolean | undefined;
59
+ entrywayUrl: string | undefined;
60
+ entrywayDid: string | undefined;
61
+ entrywayJwtVerifyKeyK256PublicKeyHex: string | undefined;
62
+ entrywayPlcRotationKey: string | undefined;
63
+ inviteRequired: boolean | undefined;
64
+ inviteInterval: number | undefined;
65
+ inviteEpoch: number | undefined;
66
+ emailSmtpUrl: string | undefined;
67
+ emailFromAddress: string | undefined;
68
+ moderationEmailSmtpUrl: string | undefined;
69
+ moderationEmailAddress: string | undefined;
70
+ maxSubscriptionBuffer: number | undefined;
71
+ repoBackfillLimitMs: number | undefined;
72
+ bskyAppViewUrl: string | undefined;
73
+ bskyAppViewDid: string | undefined;
74
+ bskyAppViewCdnUrlPattern: string | undefined;
75
+ modServiceUrl: string | undefined;
76
+ modServiceDid: string | undefined;
77
+ reportServiceUrl: string | undefined;
78
+ reportServiceDid: string | undefined;
79
+ rateLimitsEnabled: boolean | undefined;
80
+ rateLimitBypassKey: string | undefined;
81
+ rateLimitBypassIps: string[];
82
+ redisScratchAddress: string | undefined;
83
+ redisScratchPassword: string | undefined;
84
+ crawlers: string[];
85
+ dpopSecret: string | undefined;
86
+ jwtSecret: string | undefined;
87
+ adminPassword: string | undefined;
88
+ entrywayAdminToken: string | undefined;
89
+ plcRotationKeyKmsKeyId: string | undefined;
90
+ plcRotationKeyK256PrivateKeyHex: string | undefined;
91
+ disableSsrfProtection: boolean | undefined;
92
+ fetchMaxResponseSize: number | undefined;
93
+ proxyAllowHTTP2: boolean | undefined;
94
+ proxyHeadersTimeout: number | undefined;
95
+ proxyBodyTimeout: number | undefined;
96
+ proxyMaxResponseSize: number | undefined;
97
+ proxyMaxRetries: number | undefined;
98
+ proxyPreferCompressed: boolean | undefined;
99
+ lexiconDidAuthority: string | undefined;
102
100
  };
101
+ export type ServerEnvironment = Partial<ReturnType<typeof readEnv>>;
103
102
  //# sourceMappingURL=env.d.ts.map
package/dist/config/env.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../src/config/env.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,OAAO,QAAO,iBAwJ1B,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAE9B,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,OAAO,CAAC,EAAE,OAAO,CAAA;IAGjB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAA;IAG9B,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,oBAAoB,CAAC,EAAE,MAAM,CAAA;IAC7B,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAC3B,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,oBAAoB,CAAC,EAAE,MAAM,CAAA;IAC7B,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,oBAAoB,CAAC,EAAE,MAAM,CAAA;IAC7B,eAAe,CAAC,EAAE,MAAM,CAAA;IAGxB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,wBAAwB,CAAC,EAAE,OAAO,CAAA;IAClC,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAG3B,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAG5B,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,qBAAqB,CAAC,EAAE,MAAM,CAAA;IAC9B,wBAAwB,CAAC,EAAE,MAAM,CAAA;IAGjC,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,yBAAyB,CAAC,EAAE,OAAO,CAAA;IACnC,sBAAsB,CAAC,EAAE,MAAM,CAAA;IAC/B,0BAA0B,CAAC,EAAE,MAAM,CAAA;IACnC,0BAA0B,CAAC,EAAE,MAAM,CAAA;IAGnC,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC/B,uBAAuB,CAAC,EAAE,MAAM,EAAE,CAAA;IAClC,uBAAuB,CAAC,EAAE,OAAO,CAAA;IAGjC,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,oCAAoC,CAAC,EAAE,MAAM,CAAA;IAC7C,sBAAsB,CAAC,EAAE,MAAM,CAAA;IAG/B,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,WAAW,CAAC,EAAE,MAAM,CAAA;IAGpB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,sBAAsB,CAAC,EAAE,MAAM,CAAA;IAC/B,sBAAsB,CAAC,EAAE,MAAM,CAAA;IAG/B,qBAAqB,CAAC,EAAE,MAAM,CAAA;IAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAG5B,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,wBAAwB,CAAC,EAAE,MAAM,CAAA;IAGjC,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,aAAa,CAAC,EAAE,MAAM,CAAA;IAGtB,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,gBAAgB,CAAC,EAAE,MAAM,CAAA;IAGzB,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAC3B,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAA;IAG7B,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,oBAAoB,CAAC,EAAE,MAAM,CAAA;IAG7B,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;IAGnB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAG3B,sBAAsB,CAAC,EAAE,MAAM,CAAA;IAC/B,+BAA+B,CAAC,EAAE,MAAM,CAAA;IAGxC,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAG/B,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,oBAAoB,CAAC,EAAE,MAAM,CAAA;IAG7B,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAG5B,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,oBAAoB,CAAC,EAAE,MAAM,CAAA;IAC7B,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,qBAAqB,CAAC,EAAE,OAAO,CAAA;CAChC,CAAA"}
1
+ {"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../src/config/env.ts"],"names":[],"mappings":"AAEA,wBAAgB,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2JtB;AAED,MAAM,MAAM,iBAAiB,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,OAAO,CAAC,CAAC,CAAA"}
package/dist/config/env.js CHANGED
@@ -1,8 +1,8 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.readEnv = void 0;
3
+ exports.readEnv = readEnv;
4
4
  const common_1 = require("@atproto/common");
5
- const readEnv = () => {
5
+ function readEnv() {
6
6
  return {
7
7
  // service
8
8
  port: (0, common_1.envInt)('PDS_PORT'),
@@ -68,7 +68,7 @@ const readEnv = () => {
68
68
  didCacheMaxTTL: (0, common_1.envInt)('PDS_DID_CACHE_MAX_TTL'),
69
69
  resolverTimeout: (0, common_1.envInt)('PDS_ID_RESOLVER_TIMEOUT'),
70
70
  recoveryDidKey: (0, common_1.envStr)('PDS_RECOVERY_DID_KEY'),
71
- serviceHandleDomains: (0, common_1.envList)('PDS_SERVICE_HANDLE_DOMAINS'),
71
+ serviceHandleDomains: (0, common_1.envList)('PDS_SERVICE_HANDLE_DOMAINS'), // public hostname by default
72
72
  handleBackupNameservers: (0, common_1.envList)('PDS_HANDLE_BACKUP_NAMESERVERS'),
73
73
  enableDidDocWithSession: (0, common_1.envBool)('PDS_ENABLE_DID_DOC_WITH_SESSION'),
74
74
  // entryway
@@ -127,7 +127,8 @@ const readEnv = () => {
127
127
  proxyMaxResponseSize: (0, common_1.envInt)('PDS_PROXY_MAX_RESPONSE_SIZE'),
128
128
  proxyMaxRetries: (0, common_1.envInt)('PDS_PROXY_MAX_RETRIES'),
129
129
  proxyPreferCompressed: (0, common_1.envBool)('PDS_PROXY_PREFER_COMPRESSED'),
130
+ // lexicon resolution
131
+ lexiconDidAuthority: (0, common_1.envStr)('PDS_LEXICON_AUTHORITY_DID'),
130
132
  };
131
- };
132
- exports.readEnv = readEnv;
133
+ }
133
134
  //# sourceMappingURL=env.js.map
package/dist/config/env.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"env.js","sourceRoot":"","sources":["../../src/config/env.ts"],"names":[],"mappings":";;;AAAA,4CAAkE;AAE3D,MAAM,OAAO,GAAG,GAAsB,EAAE;IAC7C,OAAO;QACL,UAAU;QACV,IAAI,EAAE,IAAA,eAAM,EAAC,UAAU,CAAC;QACxB,QAAQ,EAAE,IAAA,eAAM,EAAC,cAAc,CAAC;QAChC,UAAU,EAAE,IAAA,eAAM,EAAC,iBAAiB,CAAC;QACrC,WAAW,EAAE,IAAA,eAAM,EAAC,kBAAkB,CAAC;QACvC,OAAO,EAAE,IAAA,eAAM,EAAC,aAAa,CAAC;QAC9B,OAAO,EAAE,IAAA,eAAM,EAAC,cAAc,CAAC;QAC/B,OAAO,EAAE,IAAA,eAAM,EAAC,cAAc,CAAC;QAC/B,gBAAgB,EAAE,IAAA,eAAM,EAAC,wBAAwB,CAAC;QAClD,UAAU,EAAE,IAAA,eAAM,EAAC,iBAAiB,CAAC;QACrC,iBAAiB,EAAE,IAAA,eAAM,EAAC,0BAA0B,CAAC;QACrD,mBAAmB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACxD,gBAAgB,EAAE,IAAA,gBAAO,EAAC,4BAA4B,CAAC;QACvD,aAAa,EAAE,IAAA,eAAM,EAAC,0BAA0B,CAAC;QACjD,eAAe,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAChD,OAAO,EAAE,IAAA,gBAAO,EAAC,cAAc,CAAC;QAEhC,WAAW;QACX,eAAe,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAChD,iBAAiB,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QACpD,iBAAiB,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QAEpD,QAAQ;QACR,mBAAmB,EAAE,IAAA,gBAAO,EAAC,2BAA2B,CAAC;QAEzD,WAAW;QACX,UAAU,EAAE,IAAA,eAAM,EAAC,iBAAiB,CAAC;QACrC,SAAS,EAAE,IAAA,eAAM,EAAC,gBAAgB,CAAC;QACnC,YAAY,EAAE,IAAA,eAAM,EAAC,mBAAmB,CAAC;QACzC,oBAAoB,EAAE,IAAA,eAAM,EAAC,4BAA4B,CAAC;QAC1D,eAAe,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAChD,UAAU,EAAE,IAAA,eAAM,EAAC,iBAAiB,CAAC;QACrC,kBAAkB,EAAE,IAAA,eAAM,EAAC,0BAA0B,CAAC;QACtD,aAAa,EAAE,IAAA,eAAM,EAAC,qBAAqB,CAAC;QAC5C,YAAY,EAAE,IAAA,eAAM,EAAC,mBAAmB,CAAC;QACzC,oBAAoB,EAAE,IAAA,eAAM,EAAC,4BAA4B,CAAC;QAC1D,eAAe,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAChD,YAAY,EAAE,IAAA,eAAM,EAAC,mBAAmB,CAAC;QACzC,oBAAoB,EAAE,IAAA,eAAM,EAAC,4BAA4B,CAAC;QAC1D,eAAe,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAEhD,WAAW;QACX,aAAa,EAAE,IAAA,eAAM,EAAC,oBAAoB,CAAC;QAC3C,wBAAwB,EAAE,IAAA,gBAAO,EAAC,wCAAwC,CAAC;QAC3E,iBAAiB,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QACpD,mBAAmB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACxD,kBAAkB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QAEvD,cAAc;QACd,mBAAmB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACxD,mBAAmB,EAAE,IAAA,eAAM,EAAC,4BAA4B,CAAC;QAEzD,0BAA0B;QAC1B,KAAK;QACL,iBAAiB,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QACpD,iBAAiB,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QACpD,mBAAmB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACxD,yBAAyB,EAAE,IAAA,gBAAO,EAAC,mCAAmC,CAAC;QACvE,sBAAsB,EAAE,IAAA,eAAM,EAAC,gCAAgC,CAAC;QAChE,0BAA0B,EAAE,IAAA,eAAM,EAAC,oCAAoC,CAAC;QACxE,0BAA0B,EAAE,IAAA,eAAM,EAAC,oCAAoC,CAAC;QACxE,OAAO;QACP,qBAAqB,EAAE,IAAA,eAAM,EAAC,6BAA6B,CAAC;QAC5D,wBAAwB,EAAE,IAAA,eAAM,EAAC,iCAAiC,CAAC;QAEnE,WAAW;QACX,SAAS,EAAE,IAAA,eAAM,EAAC,iBAAiB,CAAC;QACpC,gBAAgB,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QACnD,cAAc,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAC/C,eAAe,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QAClD,cAAc,EAAE,IAAA,eAAM,EAAC,sBAAsB,CAAC;QAC9C,oBAAoB,EAAE,IAAA,gBAAO,EAAC,4BAA4B,CAAC;QAC3D,uBAAuB,EAAE,IAAA,gBAAO,EAAC,+BAA+B,CAAC;QACjE,uBAAuB,EAAE,IAAA,gBAAO,EAAC,iCAAiC,CAAC;QAEnE,WAAW;QACX,WAAW,EAAE,IAAA,eAAM,EAAC,kBAAkB,CAAC;QACvC,WAAW,EAAE,IAAA,eAAM,EAAC,kBAAkB,CAAC;QACvC,oCAAoC,EAAE,IAAA,eAAM,EAC1C,iDAAiD,CAClD;QACD,sBAAsB,EAAE,IAAA,eAAM,EAAC,+BAA+B,CAAC;QAE/D,UAAU;QACV,cAAc,EAAE,IAAA,gBAAO,EAAC,qBAAqB,CAAC;QAC9C,cAAc,EAAE,IAAA,eAAM,EAAC,qBAAqB,CAAC;QAC7C,WAAW,EAAE,IAAA,eAAM,EAAC,kBAAkB,CAAC;QAEvC,QAAQ;QACR,YAAY,EAAE,IAAA,eAAM,EAAC,oBAAoB,CAAC;QAC1C,gBAAgB,EAAE,IAAA,eAAM,EAAC,wBAAwB,CAAC;QAClD,sBAAsB,EAAE,IAAA,eAAM,EAAC,+BAA+B,CAAC;QAC/D,sBAAsB,EAAE,IAAA,eAAM,EAAC,8BAA8B,CAAC;QAE9D,eAAe;QACf,qBAAqB,EAAE,IAAA,eAAM,EAAC,6BAA6B,CAAC;QAC5D,mBAAmB,EAAE,IAAA,eAAM,EAAC,4BAA4B,CAAC;QAEzD,UAAU;QACV,cAAc,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAC/C,cAAc,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAC/C,wBAAwB,EAAE,IAAA,eAAM,EAAC,mCAAmC,CAAC;QAErE,cAAc;QACd,aAAa,EAAE,IAAA,eAAM,EAAC,qBAAqB,CAAC;QAC5C,aAAa,EAAE,IAAA,eAAM,EAAC,qBAAqB,CAAC;QAE5C,iBAAiB;QACjB,gBAAgB,EAAE,IAAA,eAAM,EAAC,wBAAwB,CAAC;QAClD,gBAAgB,EAAE,IAAA,eAAM,EAAC,wBAAwB,CAAC;QAElD,cAAc;QACd,iBAAiB,EAAE,IAAA,gBAAO,EAAC,yBAAyB,CAAC;QACrD,kBAAkB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACvD,kBAAkB,EAAE,IAAA,gBAAO,EAAC,2BAA2B,CAAC;QAExD,QAAQ;QACR,mBAAmB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACxD,oBAAoB,EAAE,IAAA,eAAM,EAAC,4BAA4B,CAAC;QAE1D,WAAW;QACX,QAAQ,EAAE,IAAA,gBAAO,EAAC,cAAc,CAAC;QAEjC,UAAU;QACV,UAAU,EAAE,IAAA,eAAM,EAAC,iBAAiB,CAAC;QACrC,SAAS,EAAE,IAAA,eAAM,EAAC,gBAAgB,CAAC;QACnC,aAAa,EAAE,IAAA,eAAM,EAAC,oBAAoB,CAAC;QAC3C,kBAAkB,EAAE,IAAA,eAAM,EAAC,0BAA0B,CAAC;QAEtD,MAAM;QACN,sBAAsB,EAAE,IAAA,eAAM,EAAC,iCAAiC,CAAC;QACjE,SAAS;QACT,+BAA+B,EAAE,IAAA,eAAM,EACrC,2CAA2C,CAC5C;QAED,kCAAkC;QAClC,qBAAqB,EAAE,IAAA,gBAAO,EAAC,6BAA6B,CAAC;QAE7D,QAAQ;QACR,oBAAoB,EAAE,IAAA,eAAM,EAAC,6BAA6B,CAAC;QAE3D,QAAQ;QACR,eAAe,EAAE,IAAA,gBAAO,EAAC,uBAAuB,CAAC;QACjD,mBAAmB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACxD,gBAAgB,EAAE,IAAA,eAAM,EAAC,wBAAwB,CAAC;QAClD,oBAAoB,EAAE,IAAA,eAAM,EAAC,6BAA6B,CAAC;QAC3D,eAAe,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAChD,qBAAqB,EAAE,IAAA,gBAAO,EAAC,6BAA6B,CAAC;KAC9D,CAAA;AACH,CAAC,CAAA;AAxJY,QAAA,OAAO,WAwJnB","sourcesContent":["import { envBool, envInt, envList, envStr } from '@atproto/common'\n\nexport const readEnv = (): ServerEnvironment => {\n return {\n // service\n port: envInt('PDS_PORT'),\n hostname: envStr('PDS_HOSTNAME'),\n serviceDid: envStr('PDS_SERVICE_DID'),\n serviceName: envStr('PDS_SERVICE_NAME'),\n version: envStr('PDS_VERSION'),\n homeUrl: envStr('PDS_HOME_URL'),\n logoUrl: envStr('PDS_LOGO_URL'),\n privacyPolicyUrl: envStr('PDS_PRIVACY_POLICY_URL'),\n supportUrl: envStr('PDS_SUPPORT_URL'),\n termsOfServiceUrl: envStr('PDS_TERMS_OF_SERVICE_URL'),\n contactEmailAddress: envStr('PDS_CONTACT_EMAIL_ADDRESS'),\n acceptingImports: envBool('PDS_ACCEPTING_REPO_IMPORTS'),\n maxImportSize: envInt('PDS_MAX_REPO_IMPORT_SIZE'),\n blobUploadLimit: envInt('PDS_BLOB_UPLOAD_LIMIT'),\n devMode: envBool('PDS_DEV_MODE'),\n\n // hCaptcha\n hcaptchaSiteKey: envStr('PDS_HCAPTCHA_SITE_KEY'),\n hcaptchaSecretKey: envStr('PDS_HCAPTCHA_SECRET_KEY'),\n hcaptchaTokenSalt: envStr('PDS_HCAPTCHA_TOKEN_SALT'),\n\n // OAuth\n trustedOAuthClients: envList('PDS_OAUTH_TRUSTED_CLIENTS'),\n\n // branding\n lightColor: envStr('PDS_LIGHT_COLOR'),\n darkColor: envStr('PDS_DARK_COLOR'),\n primaryColor: envStr('PDS_PRIMARY_COLOR'),\n primaryColorContrast: envStr('PDS_PRIMARY_COLOR_CONTRAST'),\n primaryColorHue: envInt('PDS_PRIMARY_COLOR_HUE'),\n errorColor: envStr('PDS_ERROR_COLOR'),\n errorColorContrast: envStr('PDS_ERROR_COLOR_CONTRAST'),\n errorColorHue: envInt('PDS_ERROR_COLOR_HUE'),\n warningColor: envStr('PDS_WARNING_COLOR'),\n warningColorContrast: envStr('PDS_WARNING_COLOR_CONTRAST'),\n warningColorHue: envInt('PDS_WARNING_COLOR_HUE'),\n successColor: envStr('PDS_SUCCESS_COLOR'),\n successColorContrast: envStr('PDS_SUCCESS_COLOR_CONTRAST'),\n successColorHue: envInt('PDS_SUCCESS_COLOR_HUE'),\n\n // database\n dataDirectory: envStr('PDS_DATA_DIRECTORY'),\n disableWalAutoCheckpoint: envBool('PDS_SQLITE_DISABLE_WAL_AUTO_CHECKPOINT'),\n accountDbLocation: envStr('PDS_ACCOUNT_DB_LOCATION'),\n sequencerDbLocation: envStr('PDS_SEQUENCER_DB_LOCATION'),\n didCacheDbLocation: envStr('PDS_DID_CACHE_DB_LOCATION'),\n\n // actor store\n actorStoreDirectory: envStr('PDS_ACTOR_STORE_DIRECTORY'),\n actorStoreCacheSize: envInt('PDS_ACTOR_STORE_CACHE_SIZE'),\n\n // blobstore: one required\n // s3\n blobstoreS3Bucket: envStr('PDS_BLOBSTORE_S3_BUCKET'),\n blobstoreS3Region: envStr('PDS_BLOBSTORE_S3_REGION'),\n blobstoreS3Endpoint: envStr('PDS_BLOBSTORE_S3_ENDPOINT'),\n blobstoreS3ForcePathStyle: envBool('PDS_BLOBSTORE_S3_FORCE_PATH_STYLE'),\n blobstoreS3AccessKeyId: envStr('PDS_BLOBSTORE_S3_ACCESS_KEY_ID'),\n blobstoreS3SecretAccessKey: envStr('PDS_BLOBSTORE_S3_SECRET_ACCESS_KEY'),\n blobstoreS3UploadTimeoutMs: envInt('PDS_BLOBSTORE_S3_UPLOAD_TIMEOUT_MS'),\n // disk\n blobstoreDiskLocation: envStr('PDS_BLOBSTORE_DISK_LOCATION'),\n blobstoreDiskTmpLocation: envStr('PDS_BLOBSTORE_DISK_TMP_LOCATION'),\n\n // identity\n didPlcUrl: envStr('PDS_DID_PLC_URL'),\n didCacheStaleTTL: envInt('PDS_DID_CACHE_STALE_TTL'),\n didCacheMaxTTL: envInt('PDS_DID_CACHE_MAX_TTL'),\n resolverTimeout: envInt('PDS_ID_RESOLVER_TIMEOUT'),\n recoveryDidKey: envStr('PDS_RECOVERY_DID_KEY'),\n serviceHandleDomains: envList('PDS_SERVICE_HANDLE_DOMAINS'),\n handleBackupNameservers: envList('PDS_HANDLE_BACKUP_NAMESERVERS'),\n enableDidDocWithSession: envBool('PDS_ENABLE_DID_DOC_WITH_SESSION'),\n\n // entryway\n entrywayUrl: envStr('PDS_ENTRYWAY_URL'),\n entrywayDid: envStr('PDS_ENTRYWAY_DID'),\n entrywayJwtVerifyKeyK256PublicKeyHex: envStr(\n 'PDS_ENTRYWAY_JWT_VERIFY_KEY_K256_PUBLIC_KEY_HEX',\n ),\n entrywayPlcRotationKey: envStr('PDS_ENTRYWAY_PLC_ROTATION_KEY'),\n\n // invites\n inviteRequired: envBool('PDS_INVITE_REQUIRED'),\n inviteInterval: envInt('PDS_INVITE_INTERVAL'),\n inviteEpoch: envInt('PDS_INVITE_EPOCH'),\n\n // email\n emailSmtpUrl: envStr('PDS_EMAIL_SMTP_URL'),\n emailFromAddress: envStr('PDS_EMAIL_FROM_ADDRESS'),\n moderationEmailSmtpUrl: envStr('PDS_MODERATION_EMAIL_SMTP_URL'),\n moderationEmailAddress: envStr('PDS_MODERATION_EMAIL_ADDRESS'),\n\n // subscription\n maxSubscriptionBuffer: envInt('PDS_MAX_SUBSCRIPTION_BUFFER'),\n repoBackfillLimitMs: envInt('PDS_REPO_BACKFILL_LIMIT_MS'),\n\n // appview\n bskyAppViewUrl: envStr('PDS_BSKY_APP_VIEW_URL'),\n bskyAppViewDid: envStr('PDS_BSKY_APP_VIEW_DID'),\n bskyAppViewCdnUrlPattern: envStr('PDS_BSKY_APP_VIEW_CDN_URL_PATTERN'),\n\n // mod service\n modServiceUrl: envStr('PDS_MOD_SERVICE_URL'),\n modServiceDid: envStr('PDS_MOD_SERVICE_DID'),\n\n // report service\n reportServiceUrl: envStr('PDS_REPORT_SERVICE_URL'),\n reportServiceDid: envStr('PDS_REPORT_SERVICE_DID'),\n\n // rate limits\n rateLimitsEnabled: envBool('PDS_RATE_LIMITS_ENABLED'),\n rateLimitBypassKey: envStr('PDS_RATE_LIMIT_BYPASS_KEY'),\n rateLimitBypassIps: envList('PDS_RATE_LIMIT_BYPASS_IPS'),\n\n // redis\n redisScratchAddress: envStr('PDS_REDIS_SCRATCH_ADDRESS'),\n redisScratchPassword: envStr('PDS_REDIS_SCRATCH_PASSWORD'),\n\n // crawlers\n crawlers: envList('PDS_CRAWLERS'),\n\n // secrets\n dpopSecret: envStr('PDS_DPOP_SECRET'),\n jwtSecret: envStr('PDS_JWT_SECRET'),\n adminPassword: envStr('PDS_ADMIN_PASSWORD'),\n entrywayAdminToken: envStr('PDS_ENTRYWAY_ADMIN_TOKEN'),\n\n // kms\n plcRotationKeyKmsKeyId: envStr('PDS_PLC_ROTATION_KEY_KMS_KEY_ID'),\n // memory\n plcRotationKeyK256PrivateKeyHex: envStr(\n 'PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX',\n ),\n\n // user provided url http requests\n disableSsrfProtection: envBool('PDS_DISABLE_SSRF_PROTECTION'),\n\n // fetch\n fetchMaxResponseSize: envInt('PDS_FETCH_MAX_RESPONSE_SIZE'),\n\n // proxy\n proxyAllowHTTP2: envBool('PDS_PROXY_ALLOW_HTTP2'),\n proxyHeadersTimeout: envInt('PDS_PROXY_HEADERS_TIMEOUT'),\n proxyBodyTimeout: envInt('PDS_PROXY_BODY_TIMEOUT'),\n proxyMaxResponseSize: envInt('PDS_PROXY_MAX_RESPONSE_SIZE'),\n proxyMaxRetries: envInt('PDS_PROXY_MAX_RETRIES'),\n proxyPreferCompressed: envBool('PDS_PROXY_PREFER_COMPRESSED'),\n }\n}\n\nexport type ServerEnvironment = {\n // service\n port?: number\n hostname?: string\n serviceDid?: string\n serviceName?: string\n version?: string\n homeUrl?: string\n logoUrl?: string\n privacyPolicyUrl?: string\n supportUrl?: string\n termsOfServiceUrl?: string\n contactEmailAddress?: string\n acceptingImports?: boolean\n maxImportSize?: number\n blobUploadLimit?: number\n devMode?: boolean\n\n // OAuth\n hcaptchaSiteKey?: string\n hcaptchaSecretKey?: string\n hcaptchaTokenSalt?: string\n trustedOAuthClients?: string[]\n\n // branding\n lightColor?: string\n darkColor?: string\n primaryColor?: string\n primaryColorContrast?: string\n primaryColorHue?: number\n errorColor?: string\n errorColorContrast?: string\n errorColorHue?: number\n warningColor?: string\n warningColorContrast?: string\n warningColorHue?: number\n successColor?: string\n successColorContrast?: string\n successColorHue?: number\n\n // database\n dataDirectory?: string\n disableWalAutoCheckpoint?: boolean\n accountDbLocation?: string\n sequencerDbLocation?: string\n didCacheDbLocation?: string\n\n // actor store\n actorStoreDirectory?: string\n actorStoreCacheSize?: number\n\n // blobstore: one required\n blobstoreS3Bucket?: string\n blobstoreDiskLocation?: string\n blobstoreDiskTmpLocation?: string\n\n // -- optional s3 parameters\n blobstoreS3Region?: string\n blobstoreS3Endpoint?: string\n blobstoreS3ForcePathStyle?: boolean\n blobstoreS3AccessKeyId?: string\n blobstoreS3SecretAccessKey?: string\n blobstoreS3UploadTimeoutMs?: number\n\n // identity\n didPlcUrl?: string\n didCacheStaleTTL?: number\n didCacheMaxTTL?: number\n resolverTimeout?: number\n recoveryDidKey?: string\n serviceHandleDomains?: string[] // public hostname by default\n handleBackupNameservers?: string[]\n enableDidDocWithSession?: boolean\n\n // entryway\n entrywayUrl?: string\n entrywayDid?: string\n entrywayJwtVerifyKeyK256PublicKeyHex?: string\n entrywayPlcRotationKey?: string\n\n // invites\n inviteRequired?: boolean\n inviteInterval?: number\n inviteEpoch?: number\n\n // email\n emailSmtpUrl?: string\n emailFromAddress?: string\n moderationEmailSmtpUrl?: string\n moderationEmailAddress?: string\n\n // subscription\n maxSubscriptionBuffer?: number\n repoBackfillLimitMs?: number\n\n // appview\n bskyAppViewUrl?: string\n bskyAppViewDid?: string\n bskyAppViewCdnUrlPattern?: string\n\n // mod service\n modServiceUrl?: string\n modServiceDid?: string\n\n // report service\n reportServiceUrl?: string\n reportServiceDid?: string\n\n // rate limits\n rateLimitsEnabled?: boolean\n rateLimitBypassKey?: string\n rateLimitBypassIps?: string[]\n\n // redis\n redisScratchAddress?: string\n redisScratchPassword?: string\n\n // crawler\n crawlers?: string[]\n\n // secrets\n dpopSecret?: string\n jwtSecret?: string\n adminPassword?: string\n entrywayAdminToken?: string\n\n // keys\n plcRotationKeyKmsKeyId?: string\n plcRotationKeyK256PrivateKeyHex?: string\n\n // user provided url http requests\n disableSsrfProtection?: boolean\n\n // fetch\n fetchForceLogging?: boolean\n fetchMaxResponseSize?: number\n\n // lexicon resolver\n lexiconDidAuthority?: string\n\n // proxy\n proxyAllowHTTP2?: boolean\n proxyHeadersTimeout?: number\n proxyBodyTimeout?: number\n proxyMaxResponseSize?: number\n proxyMaxRetries?: number\n proxyPreferCompressed?: boolean\n}\n"]}
1
+ {"version":3,"file":"env.js","sourceRoot":"","sources":["../../src/config/env.ts"],"names":[],"mappings":";;AAEA,0BA2JC;AA7JD,4CAAkE;AAElE,SAAgB,OAAO;IACrB,OAAO;QACL,UAAU;QACV,IAAI,EAAE,IAAA,eAAM,EAAC,UAAU,CAAC;QACxB,QAAQ,EAAE,IAAA,eAAM,EAAC,cAAc,CAAC;QAChC,UAAU,EAAE,IAAA,eAAM,EAAC,iBAAiB,CAAC;QACrC,WAAW,EAAE,IAAA,eAAM,EAAC,kBAAkB,CAAC;QACvC,OAAO,EAAE,IAAA,eAAM,EAAC,aAAa,CAAC;QAC9B,OAAO,EAAE,IAAA,eAAM,EAAC,cAAc,CAAC;QAC/B,OAAO,EAAE,IAAA,eAAM,EAAC,cAAc,CAAC;QAC/B,gBAAgB,EAAE,IAAA,eAAM,EAAC,wBAAwB,CAAC;QAClD,UAAU,EAAE,IAAA,eAAM,EAAC,iBAAiB,CAAC;QACrC,iBAAiB,EAAE,IAAA,eAAM,EAAC,0BAA0B,CAAC;QACrD,mBAAmB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACxD,gBAAgB,EAAE,IAAA,gBAAO,EAAC,4BAA4B,CAAC;QACvD,aAAa,EAAE,IAAA,eAAM,EAAC,0BAA0B,CAAC;QACjD,eAAe,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAChD,OAAO,EAAE,IAAA,gBAAO,EAAC,cAAc,CAAC;QAEhC,WAAW;QACX,eAAe,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAChD,iBAAiB,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QACpD,iBAAiB,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QAEpD,QAAQ;QACR,mBAAmB,EAAE,IAAA,gBAAO,EAAC,2BAA2B,CAAC;QAEzD,WAAW;QACX,UAAU,EAAE,IAAA,eAAM,EAAC,iBAAiB,CAAC;QACrC,SAAS,EAAE,IAAA,eAAM,EAAC,gBAAgB,CAAC;QACnC,YAAY,EAAE,IAAA,eAAM,EAAC,mBAAmB,CAAC;QACzC,oBAAoB,EAAE,IAAA,eAAM,EAAC,4BAA4B,CAAC;QAC1D,eAAe,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAChD,UAAU,EAAE,IAAA,eAAM,EAAC,iBAAiB,CAAC;QACrC,kBAAkB,EAAE,IAAA,eAAM,EAAC,0BAA0B,CAAC;QACtD,aAAa,EAAE,IAAA,eAAM,EAAC,qBAAqB,CAAC;QAC5C,YAAY,EAAE,IAAA,eAAM,EAAC,mBAAmB,CAAC;QACzC,oBAAoB,EAAE,IAAA,eAAM,EAAC,4BAA4B,CAAC;QAC1D,eAAe,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAChD,YAAY,EAAE,IAAA,eAAM,EAAC,mBAAmB,CAAC;QACzC,oBAAoB,EAAE,IAAA,eAAM,EAAC,4BAA4B,CAAC;QAC1D,eAAe,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAEhD,WAAW;QACX,aAAa,EAAE,IAAA,eAAM,EAAC,oBAAoB,CAAC;QAC3C,wBAAwB,EAAE,IAAA,gBAAO,EAAC,wCAAwC,CAAC;QAC3E,iBAAiB,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QACpD,mBAAmB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACxD,kBAAkB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QAEvD,cAAc;QACd,mBAAmB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACxD,mBAAmB,EAAE,IAAA,eAAM,EAAC,4BAA4B,CAAC;QAEzD,0BAA0B;QAC1B,KAAK;QACL,iBAAiB,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QACpD,iBAAiB,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QACpD,mBAAmB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACxD,yBAAyB,EAAE,IAAA,gBAAO,EAAC,mCAAmC,CAAC;QACvE,sBAAsB,EAAE,IAAA,eAAM,EAAC,gCAAgC,CAAC;QAChE,0BAA0B,EAAE,IAAA,eAAM,EAAC,oCAAoC,CAAC;QACxE,0BAA0B,EAAE,IAAA,eAAM,EAAC,oCAAoC,CAAC;QACxE,OAAO;QACP,qBAAqB,EAAE,IAAA,eAAM,EAAC,6BAA6B,CAAC;QAC5D,wBAAwB,EAAE,IAAA,eAAM,EAAC,iCAAiC,CAAC;QAEnE,WAAW;QACX,SAAS,EAAE,IAAA,eAAM,EAAC,iBAAiB,CAAC;QACpC,gBAAgB,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QACnD,cAAc,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAC/C,eAAe,EAAE,IAAA,eAAM,EAAC,yBAAyB,CAAC;QAClD,cAAc,EAAE,IAAA,eAAM,EAAC,sBAAsB,CAAC;QAC9C,oBAAoB,EAAE,IAAA,gBAAO,EAAC,4BAA4B,CAAC,EAAE,6BAA6B;QAC1F,uBAAuB,EAAE,IAAA,gBAAO,EAAC,+BAA+B,CAAC;QACjE,uBAAuB,EAAE,IAAA,gBAAO,EAAC,iCAAiC,CAAC;QAEnE,WAAW;QACX,WAAW,EAAE,IAAA,eAAM,EAAC,kBAAkB,CAAC;QACvC,WAAW,EAAE,IAAA,eAAM,EAAC,kBAAkB,CAAC;QACvC,oCAAoC,EAAE,IAAA,eAAM,EAC1C,iDAAiD,CAClD;QACD,sBAAsB,EAAE,IAAA,eAAM,EAAC,+BAA+B,CAAC;QAE/D,UAAU;QACV,cAAc,EAAE,IAAA,gBAAO,EAAC,qBAAqB,CAAC;QAC9C,cAAc,EAAE,IAAA,eAAM,EAAC,qBAAqB,CAAC;QAC7C,WAAW,EAAE,IAAA,eAAM,EAAC,kBAAkB,CAAC;QAEvC,QAAQ;QACR,YAAY,EAAE,IAAA,eAAM,EAAC,oBAAoB,CAAC;QAC1C,gBAAgB,EAAE,IAAA,eAAM,EAAC,wBAAwB,CAAC;QAClD,sBAAsB,EAAE,IAAA,eAAM,EAAC,+BAA+B,CAAC;QAC/D,sBAAsB,EAAE,IAAA,eAAM,EAAC,8BAA8B,CAAC;QAE9D,eAAe;QACf,qBAAqB,EAAE,IAAA,eAAM,EAAC,6BAA6B,CAAC;QAC5D,mBAAmB,EAAE,IAAA,eAAM,EAAC,4BAA4B,CAAC;QAEzD,UAAU;QACV,cAAc,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAC/C,cAAc,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAC/C,wBAAwB,EAAE,IAAA,eAAM,EAAC,mCAAmC,CAAC;QAErE,cAAc;QACd,aAAa,EAAE,IAAA,eAAM,EAAC,qBAAqB,CAAC;QAC5C,aAAa,EAAE,IAAA,eAAM,EAAC,qBAAqB,CAAC;QAE5C,iBAAiB;QACjB,gBAAgB,EAAE,IAAA,eAAM,EAAC,wBAAwB,CAAC;QAClD,gBAAgB,EAAE,IAAA,eAAM,EAAC,wBAAwB,CAAC;QAElD,cAAc;QACd,iBAAiB,EAAE,IAAA,gBAAO,EAAC,yBAAyB,CAAC;QACrD,kBAAkB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACvD,kBAAkB,EAAE,IAAA,gBAAO,EAAC,2BAA2B,CAAC;QAExD,QAAQ;QACR,mBAAmB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACxD,oBAAoB,EAAE,IAAA,eAAM,EAAC,4BAA4B,CAAC;QAE1D,WAAW;QACX,QAAQ,EAAE,IAAA,gBAAO,EAAC,cAAc,CAAC;QAEjC,UAAU;QACV,UAAU,EAAE,IAAA,eAAM,EAAC,iBAAiB,CAAC;QACrC,SAAS,EAAE,IAAA,eAAM,EAAC,gBAAgB,CAAC;QACnC,aAAa,EAAE,IAAA,eAAM,EAAC,oBAAoB,CAAC;QAC3C,kBAAkB,EAAE,IAAA,eAAM,EAAC,0BAA0B,CAAC;QAEtD,MAAM;QACN,sBAAsB,EAAE,IAAA,eAAM,EAAC,iCAAiC,CAAC;QACjE,SAAS;QACT,+BAA+B,EAAE,IAAA,eAAM,EACrC,2CAA2C,CAC5C;QAED,kCAAkC;QAClC,qBAAqB,EAAE,IAAA,gBAAO,EAAC,6BAA6B,CAAC;QAE7D,QAAQ;QACR,oBAAoB,EAAE,IAAA,eAAM,EAAC,6BAA6B,CAAC;QAE3D,QAAQ;QACR,eAAe,EAAE,IAAA,gBAAO,EAAC,uBAAuB,CAAC;QACjD,mBAAmB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;QACxD,gBAAgB,EAAE,IAAA,eAAM,EAAC,wBAAwB,CAAC;QAClD,oBAAoB,EAAE,IAAA,eAAM,EAAC,6BAA6B,CAAC;QAC3D,eAAe,EAAE,IAAA,eAAM,EAAC,uBAAuB,CAAC;QAChD,qBAAqB,EAAE,IAAA,gBAAO,EAAC,6BAA6B,CAAC;QAE7D,qBAAqB;QACrB,mBAAmB,EAAE,IAAA,eAAM,EAAC,2BAA2B,CAAC;KACzD,CAAA;AACH,CAAC","sourcesContent":["import { envBool, envInt, envList, envStr } from '@atproto/common'\n\nexport function readEnv() {\n return {\n // service\n port: envInt('PDS_PORT'),\n hostname: envStr('PDS_HOSTNAME'),\n serviceDid: envStr('PDS_SERVICE_DID'),\n serviceName: envStr('PDS_SERVICE_NAME'),\n version: envStr('PDS_VERSION'),\n homeUrl: envStr('PDS_HOME_URL'),\n logoUrl: envStr('PDS_LOGO_URL'),\n privacyPolicyUrl: envStr('PDS_PRIVACY_POLICY_URL'),\n supportUrl: envStr('PDS_SUPPORT_URL'),\n termsOfServiceUrl: envStr('PDS_TERMS_OF_SERVICE_URL'),\n contactEmailAddress: envStr('PDS_CONTACT_EMAIL_ADDRESS'),\n acceptingImports: envBool('PDS_ACCEPTING_REPO_IMPORTS'),\n maxImportSize: envInt('PDS_MAX_REPO_IMPORT_SIZE'),\n blobUploadLimit: envInt('PDS_BLOB_UPLOAD_LIMIT'),\n devMode: envBool('PDS_DEV_MODE'),\n\n // hCaptcha\n hcaptchaSiteKey: envStr('PDS_HCAPTCHA_SITE_KEY'),\n hcaptchaSecretKey: envStr('PDS_HCAPTCHA_SECRET_KEY'),\n hcaptchaTokenSalt: envStr('PDS_HCAPTCHA_TOKEN_SALT'),\n\n // OAuth\n trustedOAuthClients: envList('PDS_OAUTH_TRUSTED_CLIENTS'),\n\n // branding\n lightColor: envStr('PDS_LIGHT_COLOR'),\n darkColor: envStr('PDS_DARK_COLOR'),\n primaryColor: envStr('PDS_PRIMARY_COLOR'),\n primaryColorContrast: envStr('PDS_PRIMARY_COLOR_CONTRAST'),\n primaryColorHue: envInt('PDS_PRIMARY_COLOR_HUE'),\n errorColor: envStr('PDS_ERROR_COLOR'),\n errorColorContrast: envStr('PDS_ERROR_COLOR_CONTRAST'),\n errorColorHue: envInt('PDS_ERROR_COLOR_HUE'),\n warningColor: envStr('PDS_WARNING_COLOR'),\n warningColorContrast: envStr('PDS_WARNING_COLOR_CONTRAST'),\n warningColorHue: envInt('PDS_WARNING_COLOR_HUE'),\n successColor: envStr('PDS_SUCCESS_COLOR'),\n successColorContrast: envStr('PDS_SUCCESS_COLOR_CONTRAST'),\n successColorHue: envInt('PDS_SUCCESS_COLOR_HUE'),\n\n // database\n dataDirectory: envStr('PDS_DATA_DIRECTORY'),\n disableWalAutoCheckpoint: envBool('PDS_SQLITE_DISABLE_WAL_AUTO_CHECKPOINT'),\n accountDbLocation: envStr('PDS_ACCOUNT_DB_LOCATION'),\n sequencerDbLocation: envStr('PDS_SEQUENCER_DB_LOCATION'),\n didCacheDbLocation: envStr('PDS_DID_CACHE_DB_LOCATION'),\n\n // actor store\n actorStoreDirectory: envStr('PDS_ACTOR_STORE_DIRECTORY'),\n actorStoreCacheSize: envInt('PDS_ACTOR_STORE_CACHE_SIZE'),\n\n // blobstore: one required\n // s3\n blobstoreS3Bucket: envStr('PDS_BLOBSTORE_S3_BUCKET'),\n blobstoreS3Region: envStr('PDS_BLOBSTORE_S3_REGION'),\n blobstoreS3Endpoint: envStr('PDS_BLOBSTORE_S3_ENDPOINT'),\n blobstoreS3ForcePathStyle: envBool('PDS_BLOBSTORE_S3_FORCE_PATH_STYLE'),\n blobstoreS3AccessKeyId: envStr('PDS_BLOBSTORE_S3_ACCESS_KEY_ID'),\n blobstoreS3SecretAccessKey: envStr('PDS_BLOBSTORE_S3_SECRET_ACCESS_KEY'),\n blobstoreS3UploadTimeoutMs: envInt('PDS_BLOBSTORE_S3_UPLOAD_TIMEOUT_MS'),\n // disk\n blobstoreDiskLocation: envStr('PDS_BLOBSTORE_DISK_LOCATION'),\n blobstoreDiskTmpLocation: envStr('PDS_BLOBSTORE_DISK_TMP_LOCATION'),\n\n // identity\n didPlcUrl: envStr('PDS_DID_PLC_URL'),\n didCacheStaleTTL: envInt('PDS_DID_CACHE_STALE_TTL'),\n didCacheMaxTTL: envInt('PDS_DID_CACHE_MAX_TTL'),\n resolverTimeout: envInt('PDS_ID_RESOLVER_TIMEOUT'),\n recoveryDidKey: envStr('PDS_RECOVERY_DID_KEY'),\n serviceHandleDomains: envList('PDS_SERVICE_HANDLE_DOMAINS'), // public hostname by default\n handleBackupNameservers: envList('PDS_HANDLE_BACKUP_NAMESERVERS'),\n enableDidDocWithSession: envBool('PDS_ENABLE_DID_DOC_WITH_SESSION'),\n\n // entryway\n entrywayUrl: envStr('PDS_ENTRYWAY_URL'),\n entrywayDid: envStr('PDS_ENTRYWAY_DID'),\n entrywayJwtVerifyKeyK256PublicKeyHex: envStr(\n 'PDS_ENTRYWAY_JWT_VERIFY_KEY_K256_PUBLIC_KEY_HEX',\n ),\n entrywayPlcRotationKey: envStr('PDS_ENTRYWAY_PLC_ROTATION_KEY'),\n\n // invites\n inviteRequired: envBool('PDS_INVITE_REQUIRED'),\n inviteInterval: envInt('PDS_INVITE_INTERVAL'),\n inviteEpoch: envInt('PDS_INVITE_EPOCH'),\n\n // email\n emailSmtpUrl: envStr('PDS_EMAIL_SMTP_URL'),\n emailFromAddress: envStr('PDS_EMAIL_FROM_ADDRESS'),\n moderationEmailSmtpUrl: envStr('PDS_MODERATION_EMAIL_SMTP_URL'),\n moderationEmailAddress: envStr('PDS_MODERATION_EMAIL_ADDRESS'),\n\n // subscription\n maxSubscriptionBuffer: envInt('PDS_MAX_SUBSCRIPTION_BUFFER'),\n repoBackfillLimitMs: envInt('PDS_REPO_BACKFILL_LIMIT_MS'),\n\n // appview\n bskyAppViewUrl: envStr('PDS_BSKY_APP_VIEW_URL'),\n bskyAppViewDid: envStr('PDS_BSKY_APP_VIEW_DID'),\n bskyAppViewCdnUrlPattern: envStr('PDS_BSKY_APP_VIEW_CDN_URL_PATTERN'),\n\n // mod service\n modServiceUrl: envStr('PDS_MOD_SERVICE_URL'),\n modServiceDid: envStr('PDS_MOD_SERVICE_DID'),\n\n // report service\n reportServiceUrl: envStr('PDS_REPORT_SERVICE_URL'),\n reportServiceDid: envStr('PDS_REPORT_SERVICE_DID'),\n\n // rate limits\n rateLimitsEnabled: envBool('PDS_RATE_LIMITS_ENABLED'),\n rateLimitBypassKey: envStr('PDS_RATE_LIMIT_BYPASS_KEY'),\n rateLimitBypassIps: envList('PDS_RATE_LIMIT_BYPASS_IPS'),\n\n // redis\n redisScratchAddress: envStr('PDS_REDIS_SCRATCH_ADDRESS'),\n redisScratchPassword: envStr('PDS_REDIS_SCRATCH_PASSWORD'),\n\n // crawlers\n crawlers: envList('PDS_CRAWLERS'),\n\n // secrets\n dpopSecret: envStr('PDS_DPOP_SECRET'),\n jwtSecret: envStr('PDS_JWT_SECRET'),\n adminPassword: envStr('PDS_ADMIN_PASSWORD'),\n entrywayAdminToken: envStr('PDS_ENTRYWAY_ADMIN_TOKEN'),\n\n // kms\n plcRotationKeyKmsKeyId: envStr('PDS_PLC_ROTATION_KEY_KMS_KEY_ID'),\n // memory\n plcRotationKeyK256PrivateKeyHex: envStr(\n 'PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX',\n ),\n\n // user provided url http requests\n disableSsrfProtection: envBool('PDS_DISABLE_SSRF_PROTECTION'),\n\n // fetch\n fetchMaxResponseSize: envInt('PDS_FETCH_MAX_RESPONSE_SIZE'),\n\n // proxy\n proxyAllowHTTP2: envBool('PDS_PROXY_ALLOW_HTTP2'),\n proxyHeadersTimeout: envInt('PDS_PROXY_HEADERS_TIMEOUT'),\n proxyBodyTimeout: envInt('PDS_PROXY_BODY_TIMEOUT'),\n proxyMaxResponseSize: envInt('PDS_PROXY_MAX_RESPONSE_SIZE'),\n proxyMaxRetries: envInt('PDS_PROXY_MAX_RETRIES'),\n proxyPreferCompressed: envBool('PDS_PROXY_PREFER_COMPRESSED'),\n\n // lexicon resolution\n lexiconDidAuthority: envStr('PDS_LEXICON_AUTHORITY_DID'),\n }\n}\n\nexport type ServerEnvironment = Partial<ReturnType<typeof readEnv>>\n"]}
package/dist/context.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,GAAG,MAAM,cAAc,CAAA;AACnC,OAAO,OAAO,MAAM,SAAS,CAAA;AAC7B,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAG/B,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAA;AAChC,OAAO,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAA;AAEvC,OAAO,KAAK,MAAM,MAAM,iBAAiB,CAAA;AACzC,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAK9C,OAAO,EAGL,aAAa,EAEd,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAA;AAKzC,OAAO,EACL,KAAK,EAIN,MAAM,0BAA0B,CAAA;AACjC,OAAO,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAA;AAGlE,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAA;AAEtD,OAAO,EACL,YAAY,EAGb,MAAM,iBAAiB,CAAA;AACxB,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAA;AAC7C,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAI5C,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAA;AACvC,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AACtD,OAAO,EAAe,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;AAE3E,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AAEvC,MAAM,MAAM,iBAAiB,GAAG;IAC9B,UAAU,EAAE,UAAU,CAAA;IACtB,SAAS,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,SAAS,CAAA;IACrC,WAAW,EAAE,kBAAkB,CAAA;IAC/B,MAAM,EAAE,YAAY,CAAA;IACpB,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,QAAQ,EAAE,cAAc,CAAA;IACxB,UAAU,EAAE,UAAU,CAAA;IACtB,SAAS,EAAE,GAAG,CAAC,MAAM,CAAA;IACrB,cAAc,EAAE,cAAc,CAAA;IAC9B,SAAS,EAAE,SAAS,CAAA;IACpB,eAAe,EAAE,eAAe,CAAA;IAChC,YAAY,CAAC,EAAE,KAAK,CAAA;IACpB,QAAQ,EAAE,QAAQ,CAAA;IAClB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,eAAe,CAAC,EAAE,QAAQ,CAAA;IAC1B,cAAc,CAAC,EAAE,QAAQ,CAAA;IACzB,aAAa,CAAC,EAAE,QAAQ,CAAA;IACxB,kBAAkB,CAAC,EAAE,QAAQ,CAAA;IAC7B,UAAU,EAAE,MAAM,CAAC,UAAU,CAAA;IAC7B,SAAS,EAAE,KAAK,CAAA;IAChB,aAAa,CAAC,EAAE,aAAa,CAAA;IAC7B,YAAY,EAAE,YAAY,CAAA;IAC1B,cAAc,EAAE,MAAM,CAAC,OAAO,CAAA;IAC9B,GAAG,EAAE,YAAY,CAAA;CAClB,CAAA;AAED,qBAAa,UAAU;IACd,UAAU,EAAE,UAAU,CAAA;IACtB,SAAS,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,SAAS,CAAA;IACrC,WAAW,EAAE,kBAAkB,CAAA;IAC/B,MAAM,EAAE,YAAY,CAAA;IACpB,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,QAAQ,EAAE,cAAc,CAAA;IACxB,UAAU,EAAE,UAAU,CAAA;IACtB,SAAS,EAAE,GAAG,CAAC,MAAM,CAAA;IACrB,cAAc,EAAE,cAAc,CAAA;IAC9B,SAAS,EAAE,SAAS,CAAA;IACpB,eAAe,EAAE,eAAe,CAAA;IAChC,YAAY,CAAC,EAAE,KAAK,CAAA;IACpB,QAAQ,EAAE,QAAQ,CAAA;IAClB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,eAAe,EAAE,QAAQ,GAAG,SAAS,CAAA;IACrC,cAAc,EAAE,QAAQ,GAAG,SAAS,CAAA;IACpC,aAAa,EAAE,QAAQ,GAAG,SAAS,CAAA;IACnC,kBAAkB,EAAE,QAAQ,GAAG,SAAS,CAAA;IACxC,UAAU,EAAE,MAAM,CAAC,UAAU,CAAA;IAC7B,SAAS,EAAE,KAAK,CAAA;IAChB,YAAY,EAAE,YAAY,CAAA;IAC1B,aAAa,CAAC,EAAE,aAAa,CAAA;IAC7B,cAAc,EAAE,MAAM,CAAC,OAAO,CAAA;IAC9B,GAAG,EAAE,YAAY,CAAA;gBAEZ,IAAI,EAAE,iBAAiB;WA2BtB,UAAU,CACrB,GAAG,EAAE,YAAY,EACjB,OAAO,EAAE,aAAa,EACtB,SAAS,CAAC,EAAE,OAAO,CAAC,iBAAiB,CAAC,GACrC,OAAO,CAAC,UAAU,CAAC;IA4VhB,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM;;;;;IAK3C,mBAAmB,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM;;;IAUxE,uBAAuB,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO;;;IAItC,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM;;;;;IAUxD,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM;CAS3D;AAUD,eAAe,UAAU,CAAA"}
1
+ {"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,GAAG,MAAM,cAAc,CAAA;AACnC,OAAO,OAAO,MAAM,SAAS,CAAA;AAC7B,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAG/B,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAA;AAChC,OAAO,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAA;AAEvC,OAAO,KAAK,MAAM,MAAM,iBAAiB,CAAA;AACzC,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAC9C,OAAO,EAIL,aAAa,EAEd,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAA;AAKzC,OAAO,EACL,KAAK,EAIN,MAAM,0BAA0B,CAAA;AACjC,OAAO,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAA;AAGlE,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAA;AAEtD,OAAO,EACL,YAAY,EAGb,MAAM,iBAAiB,CAAA;AACxB,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAA;AAC7C,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAI5C,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAA;AACvC,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AACtD,OAAO,EAAe,kBAAkB,EAAE,MAAM,2BAA2B,CAAA;AAE3E,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AAEvC,MAAM,MAAM,iBAAiB,GAAG;IAC9B,UAAU,EAAE,UAAU,CAAA;IACtB,SAAS,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,SAAS,CAAA;IACrC,WAAW,EAAE,kBAAkB,CAAA;IAC/B,MAAM,EAAE,YAAY,CAAA;IACpB,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,QAAQ,EAAE,cAAc,CAAA;IACxB,UAAU,EAAE,UAAU,CAAA;IACtB,SAAS,EAAE,GAAG,CAAC,MAAM,CAAA;IACrB,cAAc,EAAE,cAAc,CAAA;IAC9B,SAAS,EAAE,SAAS,CAAA;IACpB,eAAe,EAAE,eAAe,CAAA;IAChC,YAAY,CAAC,EAAE,KAAK,CAAA;IACpB,QAAQ,EAAE,QAAQ,CAAA;IAClB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,eAAe,CAAC,EAAE,QAAQ,CAAA;IAC1B,cAAc,CAAC,EAAE,QAAQ,CAAA;IACzB,aAAa,CAAC,EAAE,QAAQ,CAAA;IACxB,kBAAkB,CAAC,EAAE,QAAQ,CAAA;IAC7B,UAAU,EAAE,MAAM,CAAC,UAAU,CAAA;IAC7B,SAAS,EAAE,KAAK,CAAA;IAChB,aAAa,CAAC,EAAE,aAAa,CAAA;IAC7B,YAAY,EAAE,YAAY,CAAA;IAC1B,cAAc,EAAE,MAAM,CAAC,OAAO,CAAA;IAC9B,GAAG,EAAE,YAAY,CAAA;CAClB,CAAA;AAED,qBAAa,UAAU;IACd,UAAU,EAAE,UAAU,CAAA;IACtB,SAAS,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,SAAS,CAAA;IACrC,WAAW,EAAE,kBAAkB,CAAA;IAC/B,MAAM,EAAE,YAAY,CAAA;IACpB,gBAAgB,EAAE,gBAAgB,CAAA;IAClC,QAAQ,EAAE,cAAc,CAAA;IACxB,UAAU,EAAE,UAAU,CAAA;IACtB,SAAS,EAAE,GAAG,CAAC,MAAM,CAAA;IACrB,cAAc,EAAE,cAAc,CAAA;IAC9B,SAAS,EAAE,SAAS,CAAA;IACpB,eAAe,EAAE,eAAe,CAAA;IAChC,YAAY,CAAC,EAAE,KAAK,CAAA;IACpB,QAAQ,EAAE,QAAQ,CAAA;IAClB,WAAW,CAAC,EAAE,WAAW,CAAA;IACzB,eAAe,EAAE,QAAQ,GAAG,SAAS,CAAA;IACrC,cAAc,EAAE,QAAQ,GAAG,SAAS,CAAA;IACpC,aAAa,EAAE,QAAQ,GAAG,SAAS,CAAA;IACnC,kBAAkB,EAAE,QAAQ,GAAG,SAAS,CAAA;IACxC,UAAU,EAAE,MAAM,CAAC,UAAU,CAAA;IAC7B,SAAS,EAAE,KAAK,CAAA;IAChB,YAAY,EAAE,YAAY,CAAA;IAC1B,aAAa,CAAC,EAAE,aAAa,CAAA;IAC7B,cAAc,EAAE,MAAM,CAAC,OAAO,CAAA;IAC9B,GAAG,EAAE,YAAY,CAAA;gBAEZ,IAAI,EAAE,iBAAiB;WA2BtB,UAAU,CACrB,GAAG,EAAE,YAAY,EACjB,OAAO,EAAE,aAAa,EACtB,SAAS,CAAC,EAAE,OAAO,CAAC,iBAAiB,CAAC,GACrC,OAAO,CAAC,UAAU,CAAC;IAuVhB,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM;;;;;IAK3C,mBAAmB,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM;;;IAUxE,uBAAuB,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO;;;IAItC,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM;;;;;IAUxD,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM;CAS3D;AAUD,eAAe,UAAU,CAAA"}
package/dist/context.js CHANGED
@@ -46,7 +46,6 @@ const api_1 = require("@atproto/api");
46
46
  const aws_1 = require("@atproto/aws");
47
47
  const crypto = __importStar(require("@atproto/crypto"));
48
48
  const identity_1 = require("@atproto/identity");
49
- const lexicon_resolver_1 = require("@atproto/lexicon-resolver");
50
49
  const oauth_provider_1 = require("@atproto/oauth-provider");
51
50
  const xrpc_server_1 = require("@atproto/xrpc-server");
52
51
  const fetch_node_1 = require("@atproto-labs/fetch-node");
@@ -366,43 +365,6 @@ class AppContext {
366
365
  return globalThis.fetch.call(this, input, init);
367
366
  },
368
367
  });
369
- const baseLexiconResolver = (0, lexicon_resolver_1.buildLexiconResolver)({
370
- idResolver,
371
- rpc: { fetch: safeFetch },
372
- });
373
- const getLexiconAuthority = (_nsid) => {
374
- // At the moment, only a single override strategy is supported by
375
- // specifying a did through which all the lexicons will be resolved. We
376
- // might need more granular control in the future (e.g. per-nsid
377
- // overrides)
378
- return cfg.lexicon.didAuthority;
379
- };
380
- const lexiconResolver = async (input) => {
381
- const nsid = String(input);
382
- try {
383
- const result = await baseLexiconResolver(input, {
384
- didAuthority: getLexiconAuthority(nsid),
385
- // Right now, the lexicon resolver is only used by the oauth-provider,
386
- // which caches the responses internally (through the LexiconStore).
387
- // Since the `LexiconResolver` does not allow specifying a
388
- // `forceRefresh` option, we hard code it here. Should PDSs need to
389
- // resolve lexicons for other purposes (e.g. record validation), we'd
390
- // probably want to either implement caching as built into the
391
- // lexiconResolver here, or allow the caller (oauth-provider, etc.) to
392
- // specify a `forceRefresh` option by altering the LexiconResolver
393
- // interface.
394
- forceRefresh: true,
395
- });
396
- const cid = result.cid.toString();
397
- const uri = result.uri.toString();
398
- logger_1.lexiconResolverLogger.info({ nsid, uri, cid }, 'Resolved lexicon');
399
- return result;
400
- }
401
- catch (err) {
402
- logger_1.lexiconResolverLogger.error({ nsid, err }, 'Lexicon resolution failed');
403
- throw err;
404
- }
405
- };
406
368
  const oauthProvider = cfg.oauth.provider
407
369
  ? new oauth_provider_1.OAuthProvider({
408
370
  issuer: cfg.oauth.issuer,
@@ -415,7 +377,29 @@ class AppContext {
415
377
  hcaptcha: cfg.oauth.provider.hcaptcha,
416
378
  branding: cfg.oauth.provider.branding,
417
379
  safeFetch,
418
- lexiconResolver,
380
+ lexResolver: new oauth_provider_1.LexResolver({
381
+ fetch: safeFetch,
382
+ plcDirectoryUrl: cfg.identity.plcUrl,
383
+ hooks: {
384
+ onResolveAuthority: ({ nsid }) => {
385
+ logger_1.lexiconResolverLogger.debug({ nsid: nsid.toString() }, 'Resolving lexicon DID authority');
386
+ // Override the lexicon did resolution to point to a custom PDS
387
+ return cfg.lexicon.didAuthority;
388
+ },
389
+ onResolveAuthorityResult({ nsid, did }) {
390
+ logger_1.lexiconResolverLogger.info({ nsid: nsid.toString(), did }, 'Resolved lexicon DID');
391
+ },
392
+ onResolveAuthorityError({ nsid, err }) {
393
+ logger_1.lexiconResolverLogger.error({ nsid: nsid.toString(), err }, 'Lexicon DID resolution error');
394
+ },
395
+ onFetchResult({ uri, cid }) {
396
+ logger_1.lexiconResolverLogger.info({ uri: uri.toString(), cid: cid.toString() }, 'Fetched lexicon');
397
+ },
398
+ onFetchError({ err, uri }) {
399
+ logger_1.lexiconResolverLogger.error({ uri: uri.toString(), err }, 'Lexicon fetch error');
400
+ },
401
+ },
402
+ }),
419
403
  metadata: {
420
404
  protected_resources: [new URL(cfg.oauth.issuer).origin],
421
405
  },
package/dist/context.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"context.js","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8DAAgC;AAChC,kDAAmC;AAGnC,uDAAwC;AACxC,iDAAkC;AAClC,+CAAgC;AAChC,sCAAuC;AACvC,sCAAsD;AACtD,wDAAyC;AACzC,gDAA8C;AAC9C,gEAGkC;AAClC,4DAKgC;AAEhC,sDAG6B;AAC7B,yDAKiC;AACjC,uEAAkE;AAClE,+DAA0D;AAC1D,qFAA+E;AAC/E,2DAAsD;AACtD,uCAAwD;AACxD,mDAIwB;AACxB,6CAA8C;AAC9C,mDAA6C;AAE7C,yCAAqC;AACrC,2CAA4C;AAC5C,qDAAgD;AAChD,iEAA2D;AAC3D,qCAA0E;AAC1E,qCAAuC;AACvC,oDAAsD;AACtD,sDAA2E;AAC3E,mCAAwC;AACxC,2CAAuC;AA6BvC,MAAa,UAAU;IA0BrB,YAAY,IAAuB;QAzB5B;;;;;WAAsB;QACtB;;;;;WAAqC;QACrC;;;;;WAA+B;QAC/B;;;;;WAAoB;QACpB;;;;;WAAkC;QAClC;;;;;WAAwB;QACxB;;;;;WAAsB;QACtB;;;;;WAAqB;QACrB;;;;;WAA8B;QAC9B;;;;;WAAoB;QACpB;;;;;WAAgC;QAChC;;;;;WAAoB;QACpB;;;;;WAAkB;QAClB;;;;;WAAyB;QACzB;;;;;WAAqC;QACrC;;;;;WAAoC;QACpC;;;;;WAAmC;QACnC;;;;;WAAwC;QACxC;;;;;WAA6B;QAC7B;;;;;WAAgB;QAChB;;;;;WAA0B;QAC1B;;;;;WAA6B;QAC7B;;;;;WAA8B;QAC9B;;;;;WAAiB;QAGtB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAA;QACjC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;QAC/B,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACnC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAA;QACzB,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAA;QAC7C,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAA;QAC7B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAA;QACjC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;QAC/B,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAA;QACzC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;QAC/B,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAA;QAC3C,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,CAAA;QACrC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAA;QAC7B,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACnC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAA;QAC3C,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAA;QACzC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAA;QACvC,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,kBAAkB,CAAA;QACjD,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAA;QACjC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;QAC/B,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,CAAA;QACrC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAA;QACvC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAA;QACzC,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAA;IACrB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,UAAU,CACrB,GAAiB,EACjB,OAAsB,EACtB,SAAsC;QAEtC,MAAM,SAAS,GACb,GAAG,CAAC,SAAS,CAAC,QAAQ,KAAK,IAAI;YAC7B,CAAC,CAAC,iBAAW,CAAC,OAAO,CAAC;gBAClB,MAAM,EAAE,GAAG,CAAC,SAAS,CAAC,MAAM;gBAC5B,MAAM,EAAE,GAAG,CAAC,SAAS,CAAC,MAAM;gBAC5B,QAAQ,EAAE,GAAG,CAAC,SAAS,CAAC,QAAQ;gBAChC,cAAc,EAAE,GAAG,CAAC,SAAS,CAAC,cAAc;gBAC5C,WAAW,EAAE,GAAG,CAAC,SAAS,CAAC,WAAW;gBACtC,eAAe,EAAE,GAAG,CAAC,SAAS,CAAC,eAAe;aAC/C,CAAC;YACJ,CAAC,CAAC,8BAAa,CAAC,OAAO,CACnB,GAAG,CAAC,SAAS,CAAC,QAAQ,EACtB,GAAG,CAAC,SAAS,CAAC,YAAY,CAC3B,CAAA;QAEP,MAAM,aAAa,GACjB,GAAG,CAAC,KAAK,KAAK,IAAI;YAChB,CAAC,CAAC,UAAU,CAAC,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC;YAC/C,CAAC,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;QAEzD,MAAM,MAAM,GAAG,IAAI,qBAAY,CAAC,aAAa,EAAE,GAAG,CAAC,CAAA;QAEnD,MAAM,gBAAgB,GACpB,GAAG,CAAC,eAAe,KAAK,IAAI;YAC1B,CAAC,CAAC,UAAU,CAAC,eAAe,CAAC,GAAG,CAAC,eAAe,CAAC,OAAO,CAAC;YACzD,CAAC,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;QAEzD,MAAM,gBAAgB,GAAG,IAAI,6BAAgB,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAA;QAEpE,MAAM,QAAQ,GAAG,IAAI,0BAAc,CACjC,GAAG,CAAC,EAAE,CAAC,aAAa,EACpB,GAAG,CAAC,QAAQ,CAAC,aAAa,EAC1B,GAAG,CAAC,QAAQ,CAAC,WAAW,EACxB,GAAG,CAAC,EAAE,CAAC,wBAAwB,CAChC,CAAA;QACD,MAAM,QAAQ,CAAC,cAAc,EAAE,CAAA;QAE/B,MAAM,UAAU,GAAG,IAAI,qBAAU,CAAC;YAChC,MAAM,EAAE,GAAG,CAAC,QAAQ,CAAC,MAAM;YAC3B,QAAQ;YACR,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,eAAe;YACrC,iBAAiB,EAAE,GAAG,CAAC,QAAQ,CAAC,uBAAuB;SACxD,CAAC,CAAA;QACF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;QAErD,MAAM,eAAe,GAAG,IAAI,4BAAe,EAAE,CAAA;QAC7C,MAAM,QAAQ,GAAG,IAAI,mBAAQ,CAC3B,GAAG,CAAC,OAAO,CAAC,QAAQ,EACpB,GAAG,CAAC,QAAQ,EACZ,eAAe,CAChB,CAAA;QACD,MAAM,SAAS,GAAG,IAAI,qBAAS,CAC7B,GAAG,CAAC,EAAE,CAAC,cAAc,EACrB,QAAQ,EACR,SAAS,EACT,GAAG,CAAC,EAAE,CAAC,wBAAwB,CAChC,CAAA;QACD,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK;YAC5B,CAAC,CAAC,IAAA,sBAAc,EAAC,GAAG,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC;YACvD,CAAC,CAAC,SAAS,CAAA;QAEb,MAAM,WAAW,GAAG,GAAG,CAAC,WAAW;YACjC,CAAC,CAAC,IAAI,2BAAW,CAAC,GAAG,CAAC,WAAW,CAAC;YAClC,CAAC,CAAC,SAAS,CAAA;QAEb,MAAM,eAAe,GAAG,GAAG,CAAC,UAAU;YACpC,CAAC,CAAC,IAAI,cAAQ,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC;YAC/C,CAAC,CAAC,SAAS,CAAA;QACb,MAAM,cAAc,GAAG,GAAG,CAAC,aAAa;YACtC,CAAC,CAAC,IAAI,cAAQ,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC;YAClD,CAAC,CAAC,SAAS,CAAA;QACb,MAAM,aAAa,GAAG,GAAG,CAAC,QAAQ;YAChC,CAAC,CAAC,IAAI,cAAQ,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACb,IAAI,kBAAwC,CAAA;QAC5C,IAAI,GAAG,CAAC,QAAQ,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;YAC/C,kBAAkB,GAAG,IAAI,cAAQ,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAA;YAChE,kBAAkB,CAAC,GAAG,CAAC,SAAS,CAC9B,eAAe,EACf,eAAe,CAAC,OAAO,EAAE,OAAO,CAAC,kBAAkB,CAAC,CACrD,CAAA;QACH,CAAC;QAED,MAAM,YAAY,GAAG,IAAA,qCAAqB,EAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QAC7D,MAAM,YAAY,GAAG,GAAG,CAAC,QAAQ;YAC/B,CAAC,CAAC,IAAA,qCAAqB,EAAC,GAAG,CAAC,QAAQ,CAAC,eAAe,CAAC;YACrD,CAAC,CAAC,IAAI,CAAA;QAER,MAAM,eAAe,GAAG,IAAI,mCAAe,CACzC,GAAG,CAAC,OAAO,CAAC,QAAQ,EACpB,WAAW,CACZ,CAAA;QAED,MAAM,UAAU,GAAG,IAAI,wBAAU,CAAC,GAAG,CAAC,UAAU,EAAE;YAChD,SAAS;YACT,eAAe;SAChB,CAAC,CAAA;QAEF,MAAM,cAAc,GAAG,IAAI,gCAAc,CACvC,UAAU,EACV,YAAY,EACZ,GAAG,CAAC,OAAO,CAAC,GAAG,EACf,GAAG,CAAC,QAAQ,CAAC,oBAAoB,EACjC,GAAG,CAAC,EAAE,CACP,CAAA;QACD,MAAM,cAAc,CAAC,cAAc,EAAE,CAAA;QAErC,MAAM,cAAc,GAClB,OAAO,CAAC,cAAc,CAAC,QAAQ,KAAK,KAAK;YACvC,CAAC,CAAC,MAAM,gBAAU,CAAC,IAAI,CAAC;gBACpB,KAAK,EAAE,OAAO,CAAC,cAAc,CAAC,KAAK;aACpC,CAAC;YACJ,CAAC,CAAC,MAAM,MAAM,CAAC,gBAAgB,CAAC,MAAM,CAClC,OAAO,CAAC,cAAc,CAAC,aAAa,CACrC,CAAA;QAEP,MAAM,WAAW,GAAG,oBAAW,CAAC,OAAO,CACrC,cAAc,EACd,eAAe,EACf,WAAW,CACZ,CAAA;QAED,qEAAqE;QACrE,MAAM,cAAc,GAAG,IAAI,MAAM,CAAC,KAAK,CAAC;YACtC,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,UAAU,EAAE,uBAAuB;YACtD,cAAc,EAAE,GAAG,CAAC,KAAK,CAAC,cAAc;YACxC,eAAe,EAAE,GAAG,CAAC,KAAK,CAAC,eAAe;YAC1C,WAAW,EAAE,GAAG,CAAC,KAAK,CAAC,WAAW;YAClC,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,qBAAqB;gBACtC,CAAC,CAAC,SAAS;gBACX,CAAC,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE;oBACf,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAC1B,MAAM,YAAY,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,CAAA;oBAClD,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;wBAC1B,MAAM,IAAI,KAAK,CAAC,uBAAuB,QAAQ,GAAG,CAAC,CAAA;oBACrD,CAAC;oBACD,IAAI,IAAA,wBAAW,EAAC,QAAQ,CAAC,KAAK,KAAK,EAAE,CAAC;wBACpC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAA;oBAC7D,CAAC;oBACD,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;gBACtC,CAAC;YACL,OAAO,EAAE;gBACP,MAAM,EAAE,GAAG,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,0BAAa;aACpE;SACF,CAAC,CAAA;QACF,MAAM,UAAU,GACd,GAAG,CAAC,KAAK,CAAC,UAAU,GAAG,CAAC;YACtB,CAAC,CAAC,IAAI,MAAM,CAAC,UAAU,CAAC,cAAc,EAAE;gBACpC,WAAW,EAAE,EAAE,EAAE,8BAA8B;gBAC/C,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC;gBACxB,UAAU,EAAE,GAAG,CAAC,KAAK,CAAC,UAAU;aACjC,CAAC;YACJ,CAAC,CAAC,cAAc,CAAA;QAEpB;;;;;;;;WAQG;QACH,MAAM,SAAS,GAAG,IAAA,0BAAa,EAAC;YAC9B,WAAW,EAAE,KAAK;YAClB,qBAAqB,EAAE,KAAK;YAC5B,eAAe,EAAE,GAAG,CAAC,KAAK,CAAC,eAAe;YAC1C,cAAc,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,qBAAqB;YAEhD,yEAAyE;YACzE,mEAAmE;YACnE,yEAAyE;YACzE,oEAAoE;YACpE,uEAAuE;YACvE,qEAAqE;YACrE,uEAAuE;YACvE,qEAAqE;YACrE,8BAA8B,EAAE,IAAI;YACpC,KAAK,EAAE,UAAU,KAAK,EAAE,IAAI;gBAC1B,MAAM,MAAM,GACV,IAAI,EAAE,MAAM,IAAI,CAAC,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;gBACnE,MAAM,GAAG,GAAG,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;gBAEhE,oBAAW,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,OAAO,CAAC,CAAA;gBAE1C,OAAO,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAA;YACjD,CAAC;SACF,CAAC,CAAA;QAEF,MAAM,mBAAmB,GAAG,IAAA,uCAAoB,EAAC;YAC/C,UAAU;YACV,GAAG,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE;SAC1B,CAAC,CAAA;QAEF,MAAM,mBAAmB,GAAG,CAAC,KAAa,EAAsB,EAAE;YAChE,iEAAiE;YACjE,uEAAuE;YACvE,gEAAgE;YAChE,aAAa;YACb,OAAO,GAAG,CAAC,OAAO,CAAC,YAAY,CAAA;QACjC,CAAC,CAAA;QAED,MAAM,eAAe,GAAoB,KAAK,EAAE,KAAK,EAAE,EAAE;YACvD,MAAM,IAAI,GAAW,MAAM,CAAC,KAAK,CAAC,CAAA;YAClC,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,mBAAmB,CAAC,KAAK,EAAE;oBAC9C,YAAY,EAAE,mBAAmB,CAAC,IAAI,CAAC;oBACvC,sEAAsE;oBACtE,oEAAoE;oBACpE,0DAA0D;oBAC1D,mEAAmE;oBACnE,qEAAqE;oBACrE,8DAA8D;oBAC9D,sEAAsE;oBACtE,kEAAkE;oBAClE,aAAa;oBACb,YAAY,EAAE,IAAI;iBACnB,CAAC,CAAA;gBAEF,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAA;gBACjC,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAA;gBACjC,8BAAqB,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,kBAAkB,CAAC,CAAA;gBAElE,OAAO,MAAM,CAAA;YACf,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,8BAAqB,CAAC,KAAK,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,2BAA2B,CAAC,CAAA;gBAEvE,MAAM,GAAG,CAAA;YACX,CAAC;QACH,CAAC,CAAA;QAED,MAAM,aAAa,GAAG,GAAG,CAAC,KAAK,CAAC,QAAQ;YACtC,CAAC,CAAC,IAAI,8BAAa,CAAC;gBAChB,MAAM,EAAE,GAAG,CAAC,KAAK,CAAC,MAAM;gBACxB,MAAM,EAAE,CAAC,MAAM,wBAAO,CAAC,WAAW,CAAC,YAAY,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;gBACrE,KAAK,EAAE,IAAI,wBAAU,CACnB,cAAc,EACd,UAAU,EACV,eAAe,EACf,eAAe,EACf,MAAM,EACN,SAAS,EACT,SAAS,EACT,cAAc,EACd,GAAG,CAAC,OAAO,CAAC,SAAS,EACrB,GAAG,CAAC,QAAQ,CAAC,cAAc,CAC5B;gBACD,KAAK,EAAE,YAAY;gBACnB,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,kBAAkB,EAAE,GAAG,CAAC,OAAO,CAAC,QAAQ;gBACxC,oBAAoB,EAAE,GAAG,CAAC,QAAQ,CAAC,oBAAoB;gBACvD,QAAQ,EAAE,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ;gBACrC,QAAQ,EAAE,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ;gBACrC,SAAS;gBACT,eAAe;gBACf,QAAQ,EAAE;oBACR,mBAAmB,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;iBACxD;gBACD,mEAAmE;gBACnE,gEAAgE;gBAChE,kEAAkE;gBAClE,oEAAoE;gBACpE,0DAA0D;gBAC1D,eAAe,EAAE,gCAAe,CAAC,QAAQ;gBAEzC,aAAa,CAAC,QAAQ;oBACpB,OAAO;wBACL,SAAS,EAAE,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,cAAc,EAAE,QAAQ,CAAC,QAAQ,CAAC;qBAClE,CAAA;gBACH,CAAC;aACF,CAAC;YACJ,CAAC,CAAC,SAAS,CAAA;QAEb,MAAM,cAAc,GAAG,aAAa;YAClC,CAAC,CAAC,IAAI,6CAAoB,CAAC,aAAa,EAAE,YAAY,CAAC;YACvD,CAAC,CAAC,SAAS,CAAA;QAEb,MAAM,aAAa,GACjB,aAAa,IAAI,sCAAsC;YACvD,IAAI,8BAAa,CAAC;gBAChB,MAAM,EAAE,GAAG,CAAC,KAAK,CAAC,MAAM;gBACxB,MAAM,EAAE,CAAC,MAAM,wBAAO,CAAC,WAAW,CAAC,YAAa,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;gBACvE,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,KAAK,EAAE,YAAY;gBACnB,aAAa,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,SAAS,EAAE,EAAE,EAAE;oBAC9C,wEAAwE;oBACxE,oCAAoC;oBACpC,IAAI,SAAS,EAAE,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;wBACjC,oBAAW,CAAC,IAAI,CACd,EAAE,GAAG,EAAE,SAAS,CAAC,GAAG,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE,EACpD,6CAA6C,CAC9C,CAAA;oBACH,CAAC;oBAED,IAAI,cAAc,EAAE,CAAC;wBACnB,OAAO,CAAC,KAAK,GAAG,MAAM,cAAc,CAAC,WAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;oBACjE,CAAC;oBAED,OAAO,OAAO,CAAA;gBAChB,CAAC;aACF,CAAC,CAAA;QAEJ,MAAM,YAAY,GAAG,IAAI,4BAAY,CACnC,cAAc,EACd,UAAU,EACV,aAAa,EACb;YACE,SAAS,EAAE,GAAG,CAAC,OAAO,CAAC,SAAS;YAChC,MAAM,EAAE,YAAY,IAAI,YAAY;YACpC,SAAS,EAAE,OAAO,CAAC,aAAa;YAChC,IAAI,EAAE;gBACJ,GAAG,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG;gBACpB,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,GAAG;gBAC3B,UAAU,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG;aAChC;SACF,CACF,CAAA;QAED,OAAO,IAAI,UAAU,CAAC;YACpB,UAAU;YACV,SAAS;YACT,WAAW;YACX,MAAM;YACN,gBAAgB;YAChB,QAAQ;YACR,UAAU;YACV,SAAS;YACT,cAAc;YACd,SAAS;YACT,eAAe;YACf,YAAY;YACZ,QAAQ;YACR,WAAW;YACX,eAAe;YACf,cAAc;YACd,aAAa;YACb,kBAAkB;YAClB,UAAU;YACV,SAAS;YACT,YAAY;YACZ,aAAa;YACb,cAAc;YACd,GAAG;YACH,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC;SACrB,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,GAAW,EAAE,GAAW;QAC/C,IAAA,qBAAM,EAAC,IAAI,CAAC,WAAW,CAAC,CAAA;QACxB,OAAO,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;IAChE,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,GAAoB,EAAE,GAAW,EAAE,GAAW;QACtE,IAAA,qBAAM,EAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;QACzB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAC3C,GAAG,EACH,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,EACrB,GAAG,CACJ,CAAA;QACD,OAAO,IAAA,oBAAY,EAAC,GAAG,EAAE,OAAO,CAAC,CAAA;IACnC,CAAC;IAED,uBAAuB,CAAC,GAAoB;QAC1C,OAAO,IAAA,oBAAY,EAAC,GAAG,EAAE,IAAA,oBAAY,EAAC,GAAG,CAAC,CAAC,CAAA;IAC7C,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,GAAW,EAAE,GAAW,EAAE,GAAW;QAC5D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAClD,OAAO,IAAA,sCAAwB,EAAC;YAC9B,GAAG,EAAE,GAAG;YACR,GAAG;YACH,GAAG;YACH,OAAO;SACR,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,GAAW,EAAE,GAAW,EAAE,GAAW;QACxD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAClD,OAAO,IAAA,8BAAgB,EAAC;YACtB,GAAG,EAAE,GAAG;YACR,GAAG;YACH,GAAG;YACH,OAAO;SACR,CAAC,CAAA;IACJ,CAAC;CACF;AA3bD,gCA2bC;AAED,MAAM,eAAe,GAAG,CAAC,QAAgB,EAAE,QAAgB,EAAE,EAAE;IAC7D,MAAM,OAAO,GAAG,GAAG,CAAC,QAAQ,CAC1B,GAAG,CAAC,UAAU,CAAC,GAAG,QAAQ,IAAI,QAAQ,EAAE,EAAE,MAAM,CAAC,EACjD,WAAW,CACZ,CAAA;IACD,OAAO,SAAS,OAAO,EAAE,CAAA;AAC3B,CAAC,CAAA;AAED,kBAAe,UAAU,CAAA","sourcesContent":["import assert from 'node:assert'\nimport * as plc from '@did-plc/lib'\nimport express from 'express'\nimport { Redis } from 'ioredis'\nimport * as nodemailer from 'nodemailer'\nimport * as ui8 from 'uint8arrays'\nimport * as undici from 'undici'\nimport { AtpAgent } from '@atproto/api'\nimport { KmsKeypair, S3BlobStore } from '@atproto/aws'\nimport * as crypto from '@atproto/crypto'\nimport { IdResolver } from '@atproto/identity'\nimport {\n LexiconResolver,\n buildLexiconResolver,\n} from '@atproto/lexicon-resolver'\nimport {\n AccessTokenMode,\n JoseKey,\n OAuthProvider,\n OAuthVerifier,\n} from '@atproto/oauth-provider'\nimport { BlobStore } from '@atproto/repo'\nimport {\n createServiceAuthHeaders,\n createServiceJwt,\n} from '@atproto/xrpc-server'\nimport {\n Fetch,\n isUnicastIp,\n safeFetchWrap,\n unicastLookup,\n} from '@atproto-labs/fetch-node'\nimport { AccountManager } from './account-manager/account-manager'\nimport { OAuthStore } from './account-manager/oauth-store'\nimport { ScopeReferenceGetter } from './account-manager/scope-reference-getter'\nimport { ActorStore } from './actor-store/actor-store'\nimport { authPassthru, forwardedFor } from './api/proxy'\nimport {\n AuthVerifier,\n createPublicKeyObject,\n createSecretKeyObject,\n} from './auth-verifier'\nimport { BackgroundQueue } from './background'\nimport { BskyAppView } from './bsky-app-view'\nimport { ServerConfig, ServerSecrets } from './config'\nimport { Crawlers } from './crawlers'\nimport { DidSqliteCache } from './did-cache'\nimport { DiskBlobStore } from './disk-blobstore'\nimport { ImageUrlBuilder } from './image/image-url-builder'\nimport { fetchLogger, lexiconResolverLogger, oauthLogger } from './logger'\nimport { ServerMailer } from './mailer'\nimport { ModerationMailer } from './mailer/moderation'\nimport { LocalViewer, LocalViewerCreator } from './read-after-write/viewer'\nimport { getRedisClient } from './redis'\nimport { Sequencer } from './sequencer'\n\nexport type AppContextOptions = {\n actorStore: ActorStore\n blobstore: (did: string) => BlobStore\n localViewer: LocalViewerCreator\n mailer: ServerMailer\n moderationMailer: ModerationMailer\n didCache: DidSqliteCache\n idResolver: IdResolver\n plcClient: plc.Client\n accountManager: AccountManager\n sequencer: Sequencer\n backgroundQueue: BackgroundQueue\n redisScratch?: Redis\n crawlers: Crawlers\n bskyAppView?: BskyAppView\n moderationAgent?: AtpAgent\n reportingAgent?: AtpAgent\n entrywayAgent?: AtpAgent\n entrywayAdminAgent?: AtpAgent\n proxyAgent: undici.Dispatcher\n safeFetch: Fetch\n oauthProvider?: OAuthProvider\n authVerifier: AuthVerifier\n plcRotationKey: crypto.Keypair\n cfg: ServerConfig\n}\n\nexport class AppContext {\n public actorStore: ActorStore\n public blobstore: (did: string) => BlobStore\n public localViewer: LocalViewerCreator\n public mailer: ServerMailer\n public moderationMailer: ModerationMailer\n public didCache: DidSqliteCache\n public idResolver: IdResolver\n public plcClient: plc.Client\n public accountManager: AccountManager\n public sequencer: Sequencer\n public backgroundQueue: BackgroundQueue\n public redisScratch?: Redis\n public crawlers: Crawlers\n public bskyAppView?: BskyAppView\n public moderationAgent: AtpAgent | undefined\n public reportingAgent: AtpAgent | undefined\n public entrywayAgent: AtpAgent | undefined\n public entrywayAdminAgent: AtpAgent | undefined\n public proxyAgent: undici.Dispatcher\n public safeFetch: Fetch\n public authVerifier: AuthVerifier\n public oauthProvider?: OAuthProvider\n public plcRotationKey: crypto.Keypair\n public cfg: ServerConfig\n\n constructor(opts: AppContextOptions) {\n this.actorStore = opts.actorStore\n this.blobstore = opts.blobstore\n this.localViewer = opts.localViewer\n this.mailer = opts.mailer\n this.moderationMailer = opts.moderationMailer\n this.didCache = opts.didCache\n this.idResolver = opts.idResolver\n this.plcClient = opts.plcClient\n this.accountManager = opts.accountManager\n this.sequencer = opts.sequencer\n this.backgroundQueue = opts.backgroundQueue\n this.redisScratch = opts.redisScratch\n this.crawlers = opts.crawlers\n this.bskyAppView = opts.bskyAppView\n this.moderationAgent = opts.moderationAgent\n this.reportingAgent = opts.reportingAgent\n this.entrywayAgent = opts.entrywayAgent\n this.entrywayAdminAgent = opts.entrywayAdminAgent\n this.proxyAgent = opts.proxyAgent\n this.safeFetch = opts.safeFetch\n this.authVerifier = opts.authVerifier\n this.oauthProvider = opts.oauthProvider\n this.plcRotationKey = opts.plcRotationKey\n this.cfg = opts.cfg\n }\n\n static async fromConfig(\n cfg: ServerConfig,\n secrets: ServerSecrets,\n overrides?: Partial<AppContextOptions>,\n ): Promise<AppContext> {\n const blobstore =\n cfg.blobstore.provider === 's3'\n ? S3BlobStore.creator({\n bucket: cfg.blobstore.bucket,\n region: cfg.blobstore.region,\n endpoint: cfg.blobstore.endpoint,\n forcePathStyle: cfg.blobstore.forcePathStyle,\n credentials: cfg.blobstore.credentials,\n uploadTimeoutMs: cfg.blobstore.uploadTimeoutMs,\n })\n : DiskBlobStore.creator(\n cfg.blobstore.location,\n cfg.blobstore.tempLocation,\n )\n\n const mailTransport =\n cfg.email !== null\n ? nodemailer.createTransport(cfg.email.smtpUrl)\n : nodemailer.createTransport({ jsonTransport: true })\n\n const mailer = new ServerMailer(mailTransport, cfg)\n\n const modMailTransport =\n cfg.moderationEmail !== null\n ? nodemailer.createTransport(cfg.moderationEmail.smtpUrl)\n : nodemailer.createTransport({ jsonTransport: true })\n\n const moderationMailer = new ModerationMailer(modMailTransport, cfg)\n\n const didCache = new DidSqliteCache(\n cfg.db.didCacheDbLoc,\n cfg.identity.cacheStaleTTL,\n cfg.identity.cacheMaxTTL,\n cfg.db.disableWalAutoCheckpoint,\n )\n await didCache.migrateOrThrow()\n\n const idResolver = new IdResolver({\n plcUrl: cfg.identity.plcUrl,\n didCache,\n timeout: cfg.identity.resolverTimeout,\n backupNameservers: cfg.identity.handleBackupNameservers,\n })\n const plcClient = new plc.Client(cfg.identity.plcUrl)\n\n const backgroundQueue = new BackgroundQueue()\n const crawlers = new Crawlers(\n cfg.service.hostname,\n cfg.crawlers,\n backgroundQueue,\n )\n const sequencer = new Sequencer(\n cfg.db.sequencerDbLoc,\n crawlers,\n undefined,\n cfg.db.disableWalAutoCheckpoint,\n )\n const redisScratch = cfg.redis\n ? getRedisClient(cfg.redis.address, cfg.redis.password)\n : undefined\n\n const bskyAppView = cfg.bskyAppView\n ? new BskyAppView(cfg.bskyAppView)\n : undefined\n\n const moderationAgent = cfg.modService\n ? new AtpAgent({ service: cfg.modService.url })\n : undefined\n const reportingAgent = cfg.reportService\n ? new AtpAgent({ service: cfg.reportService.url })\n : undefined\n const entrywayAgent = cfg.entryway\n ? new AtpAgent({ service: cfg.entryway.url })\n : undefined\n let entrywayAdminAgent: AtpAgent | undefined\n if (cfg.entryway && secrets.entrywayAdminToken) {\n entrywayAdminAgent = new AtpAgent({ service: cfg.entryway.url })\n entrywayAdminAgent.api.setHeader(\n 'authorization',\n basicAuthHeader('admin', secrets.entrywayAdminToken),\n )\n }\n\n const jwtSecretKey = createSecretKeyObject(secrets.jwtSecret)\n const jwtPublicKey = cfg.entryway\n ? createPublicKeyObject(cfg.entryway.jwtPublicKeyHex)\n : null\n\n const imageUrlBuilder = new ImageUrlBuilder(\n cfg.service.hostname,\n bskyAppView,\n )\n\n const actorStore = new ActorStore(cfg.actorStore, {\n blobstore,\n backgroundQueue,\n })\n\n const accountManager = new AccountManager(\n idResolver,\n jwtSecretKey,\n cfg.service.did,\n cfg.identity.serviceHandleDomains,\n cfg.db,\n )\n await accountManager.migrateOrThrow()\n\n const plcRotationKey =\n secrets.plcRotationKey.provider === 'kms'\n ? await KmsKeypair.load({\n keyId: secrets.plcRotationKey.keyId,\n })\n : await crypto.Secp256k1Keypair.import(\n secrets.plcRotationKey.privateKeyHex,\n )\n\n const localViewer = LocalViewer.creator(\n accountManager,\n imageUrlBuilder,\n bskyAppView,\n )\n\n // An agent for performing HTTP requests based on user provided URLs.\n const proxyAgentBase = new undici.Agent({\n allowH2: cfg.proxy.allowHTTP2, // This is experimental\n headersTimeout: cfg.proxy.headersTimeout,\n maxResponseSize: cfg.proxy.maxResponseSize,\n bodyTimeout: cfg.proxy.bodyTimeout,\n factory: cfg.proxy.disableSsrfProtection\n ? undefined\n : (origin, opts) => {\n const { protocol, hostname } =\n origin instanceof URL ? origin : new URL(origin)\n if (protocol !== 'https:') {\n throw new Error(`Forbidden protocol \"${protocol}\"`)\n }\n if (isUnicastIp(hostname) === false) {\n throw new Error('Hostname resolved to non-unicast address')\n }\n return new undici.Pool(origin, opts)\n },\n connect: {\n lookup: cfg.proxy.disableSsrfProtection ? undefined : unicastLookup,\n },\n })\n const proxyAgent =\n cfg.proxy.maxRetries > 0\n ? new undici.RetryAgent(proxyAgentBase, {\n statusCodes: [], // Only retry on socket errors\n methods: ['GET', 'HEAD'],\n maxRetries: cfg.proxy.maxRetries,\n })\n : proxyAgentBase\n\n /**\n * A fetch() function that protects against SSRF attacks, large responses &\n * known bad domains. This function can safely be used to fetch user\n * provided URLs (unless \"disableSsrfProtection\" is true, of course).\n *\n * @note **DO NOT** wrap `safeFetch` with any logging or other transforms as\n * this might prevent the use of explicit `redirect: \"follow\"` init from\n * working. See {@link safeFetchWrap}.\n */\n const safeFetch = safeFetchWrap({\n allowIpHost: false,\n allowImplicitRedirect: false,\n responseMaxSize: cfg.fetch.maxResponseSize,\n ssrfProtection: !cfg.fetch.disableSsrfProtection,\n\n // @NOTE Since we are using NodeJS <= 20, unicastFetchWrap would normally\n // *not* be using a keep-alive agent if it we are providing a fetch\n // function that is different from `globalThis.fetch`. However, since the\n // fetch function below is indeed calling `globalThis.fetch` without\n // altering any argument, we can safely force the use of the keep-alive\n // agent. This would not be the case if we used \"loggedFetch\" as that\n // function does wrap the input & init arguments into a Request object,\n // which, on NodeJS<=20, results in init.dispatcher *not* being used.\n dangerouslyForceKeepAliveAgent: true,\n fetch: function (input, init) {\n const method =\n init?.method ?? (input instanceof Request ? input.method : 'GET')\n const uri = input instanceof Request ? input.url : String(input)\n\n fetchLogger.info({ method, uri }, 'fetch')\n\n return globalThis.fetch.call(this, input, init)\n },\n })\n\n const baseLexiconResolver = buildLexiconResolver({\n idResolver,\n rpc: { fetch: safeFetch },\n })\n\n const getLexiconAuthority = (_nsid: string): string | undefined => {\n // At the moment, only a single override strategy is supported by\n // specifying a did through which all the lexicons will be resolved. We\n // might need more granular control in the future (e.g. per-nsid\n // overrides)\n return cfg.lexicon.didAuthority\n }\n\n const lexiconResolver: LexiconResolver = async (input) => {\n const nsid: string = String(input)\n try {\n const result = await baseLexiconResolver(input, {\n didAuthority: getLexiconAuthority(nsid),\n // Right now, the lexicon resolver is only used by the oauth-provider,\n // which caches the responses internally (through the LexiconStore).\n // Since the `LexiconResolver` does not allow specifying a\n // `forceRefresh` option, we hard code it here. Should PDSs need to\n // resolve lexicons for other purposes (e.g. record validation), we'd\n // probably want to either implement caching as built into the\n // lexiconResolver here, or allow the caller (oauth-provider, etc.) to\n // specify a `forceRefresh` option by altering the LexiconResolver\n // interface.\n forceRefresh: true,\n })\n\n const cid = result.cid.toString()\n const uri = result.uri.toString()\n lexiconResolverLogger.info({ nsid, uri, cid }, 'Resolved lexicon')\n\n return result\n } catch (err) {\n lexiconResolverLogger.error({ nsid, err }, 'Lexicon resolution failed')\n\n throw err\n }\n }\n\n const oauthProvider = cfg.oauth.provider\n ? new OAuthProvider({\n issuer: cfg.oauth.issuer,\n keyset: [await JoseKey.fromKeyLike(jwtSecretKey, undefined, 'HS256')],\n store: new OAuthStore(\n accountManager,\n actorStore,\n imageUrlBuilder,\n backgroundQueue,\n mailer,\n sequencer,\n plcClient,\n plcRotationKey,\n cfg.service.publicUrl,\n cfg.identity.recoveryDidKey,\n ),\n redis: redisScratch,\n dpopSecret: secrets.dpopSecret,\n inviteCodeRequired: cfg.invites.required,\n availableUserDomains: cfg.identity.serviceHandleDomains,\n hcaptcha: cfg.oauth.provider.hcaptcha,\n branding: cfg.oauth.provider.branding,\n safeFetch,\n lexiconResolver,\n metadata: {\n protected_resources: [new URL(cfg.oauth.issuer).origin],\n },\n // If the PDS is both an authorization server & resource server (no\n // entryway), we can afford to check the token validity on every\n // request. This allows revoked tokens to be rejected immediately.\n // This also allows JWT to be shorter since some claims (notably the\n // \"scope\" claim) do not need to be included in the token.\n accessTokenMode: AccessTokenMode.stateful,\n\n getClientInfo(clientId) {\n return {\n isTrusted: cfg.oauth.provider?.trustedClients?.includes(clientId),\n }\n },\n })\n : undefined\n\n const scopeRefGetter = entrywayAgent\n ? new ScopeReferenceGetter(entrywayAgent, redisScratch)\n : undefined\n\n const oauthVerifier: OAuthVerifier =\n oauthProvider ?? // OAuthProvider extends OAuthVerifier\n new OAuthVerifier({\n issuer: cfg.oauth.issuer,\n keyset: [await JoseKey.fromKeyLike(jwtPublicKey!, undefined, 'ES256K')],\n dpopSecret: secrets.dpopSecret,\n redis: redisScratch,\n onDecodeToken: async ({ payload, dpopProof }) => {\n // @TODO drop this once oauth provider no longer accepts DPoP proof with\n // query or fragment in \"htu\" claim.\n if (dpopProof?.htu.match(/[?#]/)) {\n oauthLogger.info(\n { htu: dpopProof.htu, client_id: payload.client_id },\n 'DPoP proof \"htu\" contains query or fragment',\n )\n }\n\n if (scopeRefGetter) {\n payload.scope = await scopeRefGetter.dereference(payload.scope)\n }\n\n return payload\n },\n })\n\n const authVerifier = new AuthVerifier(\n accountManager,\n idResolver,\n oauthVerifier,\n {\n publicUrl: cfg.service.publicUrl,\n jwtKey: jwtPublicKey ?? jwtSecretKey,\n adminPass: secrets.adminPassword,\n dids: {\n pds: cfg.service.did,\n entryway: cfg.entryway?.did,\n modService: cfg.modService?.did,\n },\n },\n )\n\n return new AppContext({\n actorStore,\n blobstore,\n localViewer,\n mailer,\n moderationMailer,\n didCache,\n idResolver,\n plcClient,\n accountManager,\n sequencer,\n backgroundQueue,\n redisScratch,\n crawlers,\n bskyAppView,\n moderationAgent,\n reportingAgent,\n entrywayAgent,\n entrywayAdminAgent,\n proxyAgent,\n safeFetch,\n authVerifier,\n oauthProvider,\n plcRotationKey,\n cfg,\n ...(overrides ?? {}),\n })\n }\n\n async appviewAuthHeaders(did: string, lxm: string) {\n assert(this.bskyAppView)\n return this.serviceAuthHeaders(did, this.bskyAppView.did, lxm)\n }\n\n async entrywayAuthHeaders(req: express.Request, did: string, lxm: string) {\n assert(this.cfg.entryway)\n const headers = await this.serviceAuthHeaders(\n did,\n this.cfg.entryway.did,\n lxm,\n )\n return forwardedFor(req, headers)\n }\n\n entrywayPassthruHeaders(req: express.Request) {\n return forwardedFor(req, authPassthru(req))\n }\n\n async serviceAuthHeaders(did: string, aud: string, lxm: string) {\n const keypair = await this.actorStore.keypair(did)\n return createServiceAuthHeaders({\n iss: did,\n aud,\n lxm,\n keypair,\n })\n }\n\n async serviceAuthJwt(did: string, aud: string, lxm: string) {\n const keypair = await this.actorStore.keypair(did)\n return createServiceJwt({\n iss: did,\n aud,\n lxm,\n keypair,\n })\n }\n}\n\nconst basicAuthHeader = (username: string, password: string) => {\n const encoded = ui8.toString(\n ui8.fromString(`${username}:${password}`, 'utf8'),\n 'base64pad',\n )\n return `Basic ${encoded}`\n}\n\nexport default AppContext\n"]}
1
+ {"version":3,"file":"context.js","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8DAAgC;AAChC,kDAAmC;AAGnC,uDAAwC;AACxC,iDAAkC;AAClC,+CAAgC;AAChC,sCAAuC;AACvC,sCAAsD;AACtD,wDAAyC;AACzC,gDAA8C;AAC9C,4DAMgC;AAEhC,sDAG6B;AAC7B,yDAKiC;AACjC,uEAAkE;AAClE,+DAA0D;AAC1D,qFAA+E;AAC/E,2DAAsD;AACtD,uCAAwD;AACxD,mDAIwB;AACxB,6CAA8C;AAC9C,mDAA6C;AAE7C,yCAAqC;AACrC,2CAA4C;AAC5C,qDAAgD;AAChD,iEAA2D;AAC3D,qCAA0E;AAC1E,qCAAuC;AACvC,oDAAsD;AACtD,sDAA2E;AAC3E,mCAAwC;AACxC,2CAAuC;AA6BvC,MAAa,UAAU;IA0BrB,YAAY,IAAuB;QAzB5B;;;;;WAAsB;QACtB;;;;;WAAqC;QACrC;;;;;WAA+B;QAC/B;;;;;WAAoB;QACpB;;;;;WAAkC;QAClC;;;;;WAAwB;QACxB;;;;;WAAsB;QACtB;;;;;WAAqB;QACrB;;;;;WAA8B;QAC9B;;;;;WAAoB;QACpB;;;;;WAAgC;QAChC;;;;;WAAoB;QACpB;;;;;WAAkB;QAClB;;;;;WAAyB;QACzB;;;;;WAAqC;QACrC;;;;;WAAoC;QACpC;;;;;WAAmC;QACnC;;;;;WAAwC;QACxC;;;;;WAA6B;QAC7B;;;;;WAAgB;QAChB;;;;;WAA0B;QAC1B;;;;;WAA6B;QAC7B;;;;;WAA8B;QAC9B;;;;;WAAiB;QAGtB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAA;QACjC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;QAC/B,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACnC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAA;QACzB,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAA;QAC7C,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAA;QAC7B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAA;QACjC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;QAC/B,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAA;QACzC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;QAC/B,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAA;QAC3C,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,CAAA;QACrC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAA;QAC7B,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAA;QACnC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAA;QAC3C,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAA;QACzC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAA;QACvC,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,kBAAkB,CAAA;QACjD,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAA;QACjC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;QAC/B,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,CAAA;QACrC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAA;QACvC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAA;QACzC,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAA;IACrB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,UAAU,CACrB,GAAiB,EACjB,OAAsB,EACtB,SAAsC;QAEtC,MAAM,SAAS,GACb,GAAG,CAAC,SAAS,CAAC,QAAQ,KAAK,IAAI;YAC7B,CAAC,CAAC,iBAAW,CAAC,OAAO,CAAC;gBAClB,MAAM,EAAE,GAAG,CAAC,SAAS,CAAC,MAAM;gBAC5B,MAAM,EAAE,GAAG,CAAC,SAAS,CAAC,MAAM;gBAC5B,QAAQ,EAAE,GAAG,CAAC,SAAS,CAAC,QAAQ;gBAChC,cAAc,EAAE,GAAG,CAAC,SAAS,CAAC,cAAc;gBAC5C,WAAW,EAAE,GAAG,CAAC,SAAS,CAAC,WAAW;gBACtC,eAAe,EAAE,GAAG,CAAC,SAAS,CAAC,eAAe;aAC/C,CAAC;YACJ,CAAC,CAAC,8BAAa,CAAC,OAAO,CACnB,GAAG,CAAC,SAAS,CAAC,QAAQ,EACtB,GAAG,CAAC,SAAS,CAAC,YAAY,CAC3B,CAAA;QAEP,MAAM,aAAa,GACjB,GAAG,CAAC,KAAK,KAAK,IAAI;YAChB,CAAC,CAAC,UAAU,CAAC,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC;YAC/C,CAAC,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;QAEzD,MAAM,MAAM,GAAG,IAAI,qBAAY,CAAC,aAAa,EAAE,GAAG,CAAC,CAAA;QAEnD,MAAM,gBAAgB,GACpB,GAAG,CAAC,eAAe,KAAK,IAAI;YAC1B,CAAC,CAAC,UAAU,CAAC,eAAe,CAAC,GAAG,CAAC,eAAe,CAAC,OAAO,CAAC;YACzD,CAAC,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;QAEzD,MAAM,gBAAgB,GAAG,IAAI,6BAAgB,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAA;QAEpE,MAAM,QAAQ,GAAG,IAAI,0BAAc,CACjC,GAAG,CAAC,EAAE,CAAC,aAAa,EACpB,GAAG,CAAC,QAAQ,CAAC,aAAa,EAC1B,GAAG,CAAC,QAAQ,CAAC,WAAW,EACxB,GAAG,CAAC,EAAE,CAAC,wBAAwB,CAChC,CAAA;QACD,MAAM,QAAQ,CAAC,cAAc,EAAE,CAAA;QAE/B,MAAM,UAAU,GAAG,IAAI,qBAAU,CAAC;YAChC,MAAM,EAAE,GAAG,CAAC,QAAQ,CAAC,MAAM;YAC3B,QAAQ;YACR,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,eAAe;YACrC,iBAAiB,EAAE,GAAG,CAAC,QAAQ,CAAC,uBAAuB;SACxD,CAAC,CAAA;QACF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;QAErD,MAAM,eAAe,GAAG,IAAI,4BAAe,EAAE,CAAA;QAC7C,MAAM,QAAQ,GAAG,IAAI,mBAAQ,CAC3B,GAAG,CAAC,OAAO,CAAC,QAAQ,EACpB,GAAG,CAAC,QAAQ,EACZ,eAAe,CAChB,CAAA;QACD,MAAM,SAAS,GAAG,IAAI,qBAAS,CAC7B,GAAG,CAAC,EAAE,CAAC,cAAc,EACrB,QAAQ,EACR,SAAS,EACT,GAAG,CAAC,EAAE,CAAC,wBAAwB,CAChC,CAAA;QACD,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK;YAC5B,CAAC,CAAC,IAAA,sBAAc,EAAC,GAAG,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC;YACvD,CAAC,CAAC,SAAS,CAAA;QAEb,MAAM,WAAW,GAAG,GAAG,CAAC,WAAW;YACjC,CAAC,CAAC,IAAI,2BAAW,CAAC,GAAG,CAAC,WAAW,CAAC;YAClC,CAAC,CAAC,SAAS,CAAA;QAEb,MAAM,eAAe,GAAG,GAAG,CAAC,UAAU;YACpC,CAAC,CAAC,IAAI,cAAQ,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC;YAC/C,CAAC,CAAC,SAAS,CAAA;QACb,MAAM,cAAc,GAAG,GAAG,CAAC,aAAa;YACtC,CAAC,CAAC,IAAI,cAAQ,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC;YAClD,CAAC,CAAC,SAAS,CAAA;QACb,MAAM,aAAa,GAAG,GAAG,CAAC,QAAQ;YAChC,CAAC,CAAC,IAAI,cAAQ,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACb,IAAI,kBAAwC,CAAA;QAC5C,IAAI,GAAG,CAAC,QAAQ,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;YAC/C,kBAAkB,GAAG,IAAI,cAAQ,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAA;YAChE,kBAAkB,CAAC,GAAG,CAAC,SAAS,CAC9B,eAAe,EACf,eAAe,CAAC,OAAO,EAAE,OAAO,CAAC,kBAAkB,CAAC,CACrD,CAAA;QACH,CAAC;QAED,MAAM,YAAY,GAAG,IAAA,qCAAqB,EAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QAC7D,MAAM,YAAY,GAAG,GAAG,CAAC,QAAQ;YAC/B,CAAC,CAAC,IAAA,qCAAqB,EAAC,GAAG,CAAC,QAAQ,CAAC,eAAe,CAAC;YACrD,CAAC,CAAC,IAAI,CAAA;QAER,MAAM,eAAe,GAAG,IAAI,mCAAe,CACzC,GAAG,CAAC,OAAO,CAAC,QAAQ,EACpB,WAAW,CACZ,CAAA;QAED,MAAM,UAAU,GAAG,IAAI,wBAAU,CAAC,GAAG,CAAC,UAAU,EAAE;YAChD,SAAS;YACT,eAAe;SAChB,CAAC,CAAA;QAEF,MAAM,cAAc,GAAG,IAAI,gCAAc,CACvC,UAAU,EACV,YAAY,EACZ,GAAG,CAAC,OAAO,CAAC,GAAG,EACf,GAAG,CAAC,QAAQ,CAAC,oBAAoB,EACjC,GAAG,CAAC,EAAE,CACP,CAAA;QACD,MAAM,cAAc,CAAC,cAAc,EAAE,CAAA;QAErC,MAAM,cAAc,GAClB,OAAO,CAAC,cAAc,CAAC,QAAQ,KAAK,KAAK;YACvC,CAAC,CAAC,MAAM,gBAAU,CAAC,IAAI,CAAC;gBACpB,KAAK,EAAE,OAAO,CAAC,cAAc,CAAC,KAAK;aACpC,CAAC;YACJ,CAAC,CAAC,MAAM,MAAM,CAAC,gBAAgB,CAAC,MAAM,CAClC,OAAO,CAAC,cAAc,CAAC,aAAa,CACrC,CAAA;QAEP,MAAM,WAAW,GAAG,oBAAW,CAAC,OAAO,CACrC,cAAc,EACd,eAAe,EACf,WAAW,CACZ,CAAA;QAED,qEAAqE;QACrE,MAAM,cAAc,GAAG,IAAI,MAAM,CAAC,KAAK,CAAC;YACtC,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,UAAU,EAAE,uBAAuB;YACtD,cAAc,EAAE,GAAG,CAAC,KAAK,CAAC,cAAc;YACxC,eAAe,EAAE,GAAG,CAAC,KAAK,CAAC,eAAe;YAC1C,WAAW,EAAE,GAAG,CAAC,KAAK,CAAC,WAAW;YAClC,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,qBAAqB;gBACtC,CAAC,CAAC,SAAS;gBACX,CAAC,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE;oBACf,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAC1B,MAAM,YAAY,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,CAAA;oBAClD,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;wBAC1B,MAAM,IAAI,KAAK,CAAC,uBAAuB,QAAQ,GAAG,CAAC,CAAA;oBACrD,CAAC;oBACD,IAAI,IAAA,wBAAW,EAAC,QAAQ,CAAC,KAAK,KAAK,EAAE,CAAC;wBACpC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAA;oBAC7D,CAAC;oBACD,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;gBACtC,CAAC;YACL,OAAO,EAAE;gBACP,MAAM,EAAE,GAAG,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,0BAAa;aACpE;SACF,CAAC,CAAA;QACF,MAAM,UAAU,GACd,GAAG,CAAC,KAAK,CAAC,UAAU,GAAG,CAAC;YACtB,CAAC,CAAC,IAAI,MAAM,CAAC,UAAU,CAAC,cAAc,EAAE;gBACpC,WAAW,EAAE,EAAE,EAAE,8BAA8B;gBAC/C,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC;gBACxB,UAAU,EAAE,GAAG,CAAC,KAAK,CAAC,UAAU;aACjC,CAAC;YACJ,CAAC,CAAC,cAAc,CAAA;QAEpB;;;;;;;;WAQG;QACH,MAAM,SAAS,GAAG,IAAA,0BAAa,EAAC;YAC9B,WAAW,EAAE,KAAK;YAClB,qBAAqB,EAAE,KAAK;YAC5B,eAAe,EAAE,GAAG,CAAC,KAAK,CAAC,eAAe;YAC1C,cAAc,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,qBAAqB;YAEhD,yEAAyE;YACzE,mEAAmE;YACnE,yEAAyE;YACzE,oEAAoE;YACpE,uEAAuE;YACvE,qEAAqE;YACrE,uEAAuE;YACvE,qEAAqE;YACrE,8BAA8B,EAAE,IAAI;YACpC,KAAK,EAAE,UAAU,KAAK,EAAE,IAAI;gBAC1B,MAAM,MAAM,GACV,IAAI,EAAE,MAAM,IAAI,CAAC,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;gBACnE,MAAM,GAAG,GAAG,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;gBAEhE,oBAAW,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,OAAO,CAAC,CAAA;gBAE1C,OAAO,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAA;YACjD,CAAC;SACF,CAAC,CAAA;QAEF,MAAM,aAAa,GAAG,GAAG,CAAC,KAAK,CAAC,QAAQ;YACtC,CAAC,CAAC,IAAI,8BAAa,CAAC;gBAChB,MAAM,EAAE,GAAG,CAAC,KAAK,CAAC,MAAM;gBACxB,MAAM,EAAE,CAAC,MAAM,wBAAO,CAAC,WAAW,CAAC,YAAY,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;gBACrE,KAAK,EAAE,IAAI,wBAAU,CACnB,cAAc,EACd,UAAU,EACV,eAAe,EACf,eAAe,EACf,MAAM,EACN,SAAS,EACT,SAAS,EACT,cAAc,EACd,GAAG,CAAC,OAAO,CAAC,SAAS,EACrB,GAAG,CAAC,QAAQ,CAAC,cAAc,CAC5B;gBACD,KAAK,EAAE,YAAY;gBACnB,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,kBAAkB,EAAE,GAAG,CAAC,OAAO,CAAC,QAAQ;gBACxC,oBAAoB,EAAE,GAAG,CAAC,QAAQ,CAAC,oBAAoB;gBACvD,QAAQ,EAAE,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ;gBACrC,QAAQ,EAAE,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ;gBACrC,SAAS;gBACT,WAAW,EAAE,IAAI,4BAAW,CAAC;oBAC3B,KAAK,EAAE,SAAS;oBAChB,eAAe,EAAE,GAAG,CAAC,QAAQ,CAAC,MAAM;oBACpC,KAAK,EAAE;wBACL,kBAAkB,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE;4BAC/B,8BAAqB,CAAC,KAAK,CACzB,EAAE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,EACzB,iCAAiC,CAClC,CAAA;4BACD,+DAA+D;4BAC/D,OAAO,GAAG,CAAC,OAAO,CAAC,YAAY,CAAA;wBACjC,CAAC;wBACD,wBAAwB,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE;4BACpC,8BAAqB,CAAC,IAAI,CACxB,EAAE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,GAAG,EAAE,EAC9B,sBAAsB,CACvB,CAAA;wBACH,CAAC;wBACD,uBAAuB,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE;4BACnC,8BAAqB,CAAC,KAAK,CACzB,EAAE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,GAAG,EAAE,EAC9B,8BAA8B,CAC/B,CAAA;wBACH,CAAC;wBACD,aAAa,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE;4BACxB,8BAAqB,CAAC,IAAI,CACxB,EAAE,GAAG,EAAE,GAAG,CAAC,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,QAAQ,EAAE,EAAE,EAC5C,iBAAiB,CAClB,CAAA;wBACH,CAAC;wBACD,YAAY,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE;4BACvB,8BAAqB,CAAC,KAAK,CACzB,EAAE,GAAG,EAAE,GAAG,CAAC,QAAQ,EAAE,EAAE,GAAG,EAAE,EAC5B,qBAAqB,CACtB,CAAA;wBACH,CAAC;qBACF;iBACF,CAAC;gBACF,QAAQ,EAAE;oBACR,mBAAmB,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;iBACxD;gBACD,mEAAmE;gBACnE,gEAAgE;gBAChE,kEAAkE;gBAClE,oEAAoE;gBACpE,0DAA0D;gBAC1D,eAAe,EAAE,gCAAe,CAAC,QAAQ;gBAEzC,aAAa,CAAC,QAAQ;oBACpB,OAAO;wBACL,SAAS,EAAE,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,cAAc,EAAE,QAAQ,CAAC,QAAQ,CAAC;qBAClE,CAAA;gBACH,CAAC;aACF,CAAC;YACJ,CAAC,CAAC,SAAS,CAAA;QAEb,MAAM,cAAc,GAAG,aAAa;YAClC,CAAC,CAAC,IAAI,6CAAoB,CAAC,aAAa,EAAE,YAAY,CAAC;YACvD,CAAC,CAAC,SAAS,CAAA;QAEb,MAAM,aAAa,GACjB,aAAa,IAAI,sCAAsC;YACvD,IAAI,8BAAa,CAAC;gBAChB,MAAM,EAAE,GAAG,CAAC,KAAK,CAAC,MAAM;gBACxB,MAAM,EAAE,CAAC,MAAM,wBAAO,CAAC,WAAW,CAAC,YAAa,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;gBACvE,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,KAAK,EAAE,YAAY;gBACnB,aAAa,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,SAAS,EAAE,EAAE,EAAE;oBAC9C,wEAAwE;oBACxE,oCAAoC;oBACpC,IAAI,SAAS,EAAE,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;wBACjC,oBAAW,CAAC,IAAI,CACd,EAAE,GAAG,EAAE,SAAS,CAAC,GAAG,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE,EACpD,6CAA6C,CAC9C,CAAA;oBACH,CAAC;oBAED,IAAI,cAAc,EAAE,CAAC;wBACnB,OAAO,CAAC,KAAK,GAAG,MAAM,cAAc,CAAC,WAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;oBACjE,CAAC;oBAED,OAAO,OAAO,CAAA;gBAChB,CAAC;aACF,CAAC,CAAA;QAEJ,MAAM,YAAY,GAAG,IAAI,4BAAY,CACnC,cAAc,EACd,UAAU,EACV,aAAa,EACb;YACE,SAAS,EAAE,GAAG,CAAC,OAAO,CAAC,SAAS;YAChC,MAAM,EAAE,YAAY,IAAI,YAAY;YACpC,SAAS,EAAE,OAAO,CAAC,aAAa;YAChC,IAAI,EAAE;gBACJ,GAAG,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG;gBACpB,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,GAAG;gBAC3B,UAAU,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG;aAChC;SACF,CACF,CAAA;QAED,OAAO,IAAI,UAAU,CAAC;YACpB,UAAU;YACV,SAAS;YACT,WAAW;YACX,MAAM;YACN,gBAAgB;YAChB,QAAQ;YACR,UAAU;YACV,SAAS;YACT,cAAc;YACd,SAAS;YACT,eAAe;YACf,YAAY;YACZ,QAAQ;YACR,WAAW;YACX,eAAe;YACf,cAAc;YACd,aAAa;YACb,kBAAkB;YAClB,UAAU;YACV,SAAS;YACT,YAAY;YACZ,aAAa;YACb,cAAc;YACd,GAAG;YACH,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC;SACrB,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,GAAW,EAAE,GAAW;QAC/C,IAAA,qBAAM,EAAC,IAAI,CAAC,WAAW,CAAC,CAAA;QACxB,OAAO,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;IAChE,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,GAAoB,EAAE,GAAW,EAAE,GAAW;QACtE,IAAA,qBAAM,EAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;QACzB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAC3C,GAAG,EACH,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,EACrB,GAAG,CACJ,CAAA;QACD,OAAO,IAAA,oBAAY,EAAC,GAAG,EAAE,OAAO,CAAC,CAAA;IACnC,CAAC;IAED,uBAAuB,CAAC,GAAoB;QAC1C,OAAO,IAAA,oBAAY,EAAC,GAAG,EAAE,IAAA,oBAAY,EAAC,GAAG,CAAC,CAAC,CAAA;IAC7C,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,GAAW,EAAE,GAAW,EAAE,GAAW;QAC5D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAClD,OAAO,IAAA,sCAAwB,EAAC;YAC9B,GAAG,EAAE,GAAG;YACR,GAAG;YACH,GAAG;YACH,OAAO;SACR,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,GAAW,EAAE,GAAW,EAAE,GAAW;QACxD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAClD,OAAO,IAAA,8BAAgB,EAAC;YACtB,GAAG,EAAE,GAAG;YACR,GAAG;YACH,GAAG;YACH,OAAO;SACR,CAAC,CAAA;IACJ,CAAC;CACF;AAtbD,gCAsbC;AAED,MAAM,eAAe,GAAG,CAAC,QAAgB,EAAE,QAAgB,EAAE,EAAE;IAC7D,MAAM,OAAO,GAAG,GAAG,CAAC,QAAQ,CAC1B,GAAG,CAAC,UAAU,CAAC,GAAG,QAAQ,IAAI,QAAQ,EAAE,EAAE,MAAM,CAAC,EACjD,WAAW,CACZ,CAAA;IACD,OAAO,SAAS,OAAO,EAAE,CAAA;AAC3B,CAAC,CAAA;AAED,kBAAe,UAAU,CAAA","sourcesContent":["import assert from 'node:assert'\nimport * as plc from '@did-plc/lib'\nimport express from 'express'\nimport { Redis } from 'ioredis'\nimport * as nodemailer from 'nodemailer'\nimport * as ui8 from 'uint8arrays'\nimport * as undici from 'undici'\nimport { AtpAgent } from '@atproto/api'\nimport { KmsKeypair, S3BlobStore } from '@atproto/aws'\nimport * as crypto from '@atproto/crypto'\nimport { IdResolver } from '@atproto/identity'\nimport {\n AccessTokenMode,\n JoseKey,\n LexResolver,\n OAuthProvider,\n OAuthVerifier,\n} from '@atproto/oauth-provider'\nimport { BlobStore } from '@atproto/repo'\nimport {\n createServiceAuthHeaders,\n createServiceJwt,\n} from '@atproto/xrpc-server'\nimport {\n Fetch,\n isUnicastIp,\n safeFetchWrap,\n unicastLookup,\n} from '@atproto-labs/fetch-node'\nimport { AccountManager } from './account-manager/account-manager'\nimport { OAuthStore } from './account-manager/oauth-store'\nimport { ScopeReferenceGetter } from './account-manager/scope-reference-getter'\nimport { ActorStore } from './actor-store/actor-store'\nimport { authPassthru, forwardedFor } from './api/proxy'\nimport {\n AuthVerifier,\n createPublicKeyObject,\n createSecretKeyObject,\n} from './auth-verifier'\nimport { BackgroundQueue } from './background'\nimport { BskyAppView } from './bsky-app-view'\nimport { ServerConfig, ServerSecrets } from './config'\nimport { Crawlers } from './crawlers'\nimport { DidSqliteCache } from './did-cache'\nimport { DiskBlobStore } from './disk-blobstore'\nimport { ImageUrlBuilder } from './image/image-url-builder'\nimport { fetchLogger, lexiconResolverLogger, oauthLogger } from './logger'\nimport { ServerMailer } from './mailer'\nimport { ModerationMailer } from './mailer/moderation'\nimport { LocalViewer, LocalViewerCreator } from './read-after-write/viewer'\nimport { getRedisClient } from './redis'\nimport { Sequencer } from './sequencer'\n\nexport type AppContextOptions = {\n actorStore: ActorStore\n blobstore: (did: string) => BlobStore\n localViewer: LocalViewerCreator\n mailer: ServerMailer\n moderationMailer: ModerationMailer\n didCache: DidSqliteCache\n idResolver: IdResolver\n plcClient: plc.Client\n accountManager: AccountManager\n sequencer: Sequencer\n backgroundQueue: BackgroundQueue\n redisScratch?: Redis\n crawlers: Crawlers\n bskyAppView?: BskyAppView\n moderationAgent?: AtpAgent\n reportingAgent?: AtpAgent\n entrywayAgent?: AtpAgent\n entrywayAdminAgent?: AtpAgent\n proxyAgent: undici.Dispatcher\n safeFetch: Fetch\n oauthProvider?: OAuthProvider\n authVerifier: AuthVerifier\n plcRotationKey: crypto.Keypair\n cfg: ServerConfig\n}\n\nexport class AppContext {\n public actorStore: ActorStore\n public blobstore: (did: string) => BlobStore\n public localViewer: LocalViewerCreator\n public mailer: ServerMailer\n public moderationMailer: ModerationMailer\n public didCache: DidSqliteCache\n public idResolver: IdResolver\n public plcClient: plc.Client\n public accountManager: AccountManager\n public sequencer: Sequencer\n public backgroundQueue: BackgroundQueue\n public redisScratch?: Redis\n public crawlers: Crawlers\n public bskyAppView?: BskyAppView\n public moderationAgent: AtpAgent | undefined\n public reportingAgent: AtpAgent | undefined\n public entrywayAgent: AtpAgent | undefined\n public entrywayAdminAgent: AtpAgent | undefined\n public proxyAgent: undici.Dispatcher\n public safeFetch: Fetch\n public authVerifier: AuthVerifier\n public oauthProvider?: OAuthProvider\n public plcRotationKey: crypto.Keypair\n public cfg: ServerConfig\n\n constructor(opts: AppContextOptions) {\n this.actorStore = opts.actorStore\n this.blobstore = opts.blobstore\n this.localViewer = opts.localViewer\n this.mailer = opts.mailer\n this.moderationMailer = opts.moderationMailer\n this.didCache = opts.didCache\n this.idResolver = opts.idResolver\n this.plcClient = opts.plcClient\n this.accountManager = opts.accountManager\n this.sequencer = opts.sequencer\n this.backgroundQueue = opts.backgroundQueue\n this.redisScratch = opts.redisScratch\n this.crawlers = opts.crawlers\n this.bskyAppView = opts.bskyAppView\n this.moderationAgent = opts.moderationAgent\n this.reportingAgent = opts.reportingAgent\n this.entrywayAgent = opts.entrywayAgent\n this.entrywayAdminAgent = opts.entrywayAdminAgent\n this.proxyAgent = opts.proxyAgent\n this.safeFetch = opts.safeFetch\n this.authVerifier = opts.authVerifier\n this.oauthProvider = opts.oauthProvider\n this.plcRotationKey = opts.plcRotationKey\n this.cfg = opts.cfg\n }\n\n static async fromConfig(\n cfg: ServerConfig,\n secrets: ServerSecrets,\n overrides?: Partial<AppContextOptions>,\n ): Promise<AppContext> {\n const blobstore =\n cfg.blobstore.provider === 's3'\n ? S3BlobStore.creator({\n bucket: cfg.blobstore.bucket,\n region: cfg.blobstore.region,\n endpoint: cfg.blobstore.endpoint,\n forcePathStyle: cfg.blobstore.forcePathStyle,\n credentials: cfg.blobstore.credentials,\n uploadTimeoutMs: cfg.blobstore.uploadTimeoutMs,\n })\n : DiskBlobStore.creator(\n cfg.blobstore.location,\n cfg.blobstore.tempLocation,\n )\n\n const mailTransport =\n cfg.email !== null\n ? nodemailer.createTransport(cfg.email.smtpUrl)\n : nodemailer.createTransport({ jsonTransport: true })\n\n const mailer = new ServerMailer(mailTransport, cfg)\n\n const modMailTransport =\n cfg.moderationEmail !== null\n ? nodemailer.createTransport(cfg.moderationEmail.smtpUrl)\n : nodemailer.createTransport({ jsonTransport: true })\n\n const moderationMailer = new ModerationMailer(modMailTransport, cfg)\n\n const didCache = new DidSqliteCache(\n cfg.db.didCacheDbLoc,\n cfg.identity.cacheStaleTTL,\n cfg.identity.cacheMaxTTL,\n cfg.db.disableWalAutoCheckpoint,\n )\n await didCache.migrateOrThrow()\n\n const idResolver = new IdResolver({\n plcUrl: cfg.identity.plcUrl,\n didCache,\n timeout: cfg.identity.resolverTimeout,\n backupNameservers: cfg.identity.handleBackupNameservers,\n })\n const plcClient = new plc.Client(cfg.identity.plcUrl)\n\n const backgroundQueue = new BackgroundQueue()\n const crawlers = new Crawlers(\n cfg.service.hostname,\n cfg.crawlers,\n backgroundQueue,\n )\n const sequencer = new Sequencer(\n cfg.db.sequencerDbLoc,\n crawlers,\n undefined,\n cfg.db.disableWalAutoCheckpoint,\n )\n const redisScratch = cfg.redis\n ? getRedisClient(cfg.redis.address, cfg.redis.password)\n : undefined\n\n const bskyAppView = cfg.bskyAppView\n ? new BskyAppView(cfg.bskyAppView)\n : undefined\n\n const moderationAgent = cfg.modService\n ? new AtpAgent({ service: cfg.modService.url })\n : undefined\n const reportingAgent = cfg.reportService\n ? new AtpAgent({ service: cfg.reportService.url })\n : undefined\n const entrywayAgent = cfg.entryway\n ? new AtpAgent({ service: cfg.entryway.url })\n : undefined\n let entrywayAdminAgent: AtpAgent | undefined\n if (cfg.entryway && secrets.entrywayAdminToken) {\n entrywayAdminAgent = new AtpAgent({ service: cfg.entryway.url })\n entrywayAdminAgent.api.setHeader(\n 'authorization',\n basicAuthHeader('admin', secrets.entrywayAdminToken),\n )\n }\n\n const jwtSecretKey = createSecretKeyObject(secrets.jwtSecret)\n const jwtPublicKey = cfg.entryway\n ? createPublicKeyObject(cfg.entryway.jwtPublicKeyHex)\n : null\n\n const imageUrlBuilder = new ImageUrlBuilder(\n cfg.service.hostname,\n bskyAppView,\n )\n\n const actorStore = new ActorStore(cfg.actorStore, {\n blobstore,\n backgroundQueue,\n })\n\n const accountManager = new AccountManager(\n idResolver,\n jwtSecretKey,\n cfg.service.did,\n cfg.identity.serviceHandleDomains,\n cfg.db,\n )\n await accountManager.migrateOrThrow()\n\n const plcRotationKey =\n secrets.plcRotationKey.provider === 'kms'\n ? await KmsKeypair.load({\n keyId: secrets.plcRotationKey.keyId,\n })\n : await crypto.Secp256k1Keypair.import(\n secrets.plcRotationKey.privateKeyHex,\n )\n\n const localViewer = LocalViewer.creator(\n accountManager,\n imageUrlBuilder,\n bskyAppView,\n )\n\n // An agent for performing HTTP requests based on user provided URLs.\n const proxyAgentBase = new undici.Agent({\n allowH2: cfg.proxy.allowHTTP2, // This is experimental\n headersTimeout: cfg.proxy.headersTimeout,\n maxResponseSize: cfg.proxy.maxResponseSize,\n bodyTimeout: cfg.proxy.bodyTimeout,\n factory: cfg.proxy.disableSsrfProtection\n ? undefined\n : (origin, opts) => {\n const { protocol, hostname } =\n origin instanceof URL ? origin : new URL(origin)\n if (protocol !== 'https:') {\n throw new Error(`Forbidden protocol \"${protocol}\"`)\n }\n if (isUnicastIp(hostname) === false) {\n throw new Error('Hostname resolved to non-unicast address')\n }\n return new undici.Pool(origin, opts)\n },\n connect: {\n lookup: cfg.proxy.disableSsrfProtection ? undefined : unicastLookup,\n },\n })\n const proxyAgent =\n cfg.proxy.maxRetries > 0\n ? new undici.RetryAgent(proxyAgentBase, {\n statusCodes: [], // Only retry on socket errors\n methods: ['GET', 'HEAD'],\n maxRetries: cfg.proxy.maxRetries,\n })\n : proxyAgentBase\n\n /**\n * A fetch() function that protects against SSRF attacks, large responses &\n * known bad domains. This function can safely be used to fetch user\n * provided URLs (unless \"disableSsrfProtection\" is true, of course).\n *\n * @note **DO NOT** wrap `safeFetch` with any logging or other transforms as\n * this might prevent the use of explicit `redirect: \"follow\"` init from\n * working. See {@link safeFetchWrap}.\n */\n const safeFetch = safeFetchWrap({\n allowIpHost: false,\n allowImplicitRedirect: false,\n responseMaxSize: cfg.fetch.maxResponseSize,\n ssrfProtection: !cfg.fetch.disableSsrfProtection,\n\n // @NOTE Since we are using NodeJS <= 20, unicastFetchWrap would normally\n // *not* be using a keep-alive agent if it we are providing a fetch\n // function that is different from `globalThis.fetch`. However, since the\n // fetch function below is indeed calling `globalThis.fetch` without\n // altering any argument, we can safely force the use of the keep-alive\n // agent. This would not be the case if we used \"loggedFetch\" as that\n // function does wrap the input & init arguments into a Request object,\n // which, on NodeJS<=20, results in init.dispatcher *not* being used.\n dangerouslyForceKeepAliveAgent: true,\n fetch: function (input, init) {\n const method =\n init?.method ?? (input instanceof Request ? input.method : 'GET')\n const uri = input instanceof Request ? input.url : String(input)\n\n fetchLogger.info({ method, uri }, 'fetch')\n\n return globalThis.fetch.call(this, input, init)\n },\n })\n\n const oauthProvider = cfg.oauth.provider\n ? new OAuthProvider({\n issuer: cfg.oauth.issuer,\n keyset: [await JoseKey.fromKeyLike(jwtSecretKey, undefined, 'HS256')],\n store: new OAuthStore(\n accountManager,\n actorStore,\n imageUrlBuilder,\n backgroundQueue,\n mailer,\n sequencer,\n plcClient,\n plcRotationKey,\n cfg.service.publicUrl,\n cfg.identity.recoveryDidKey,\n ),\n redis: redisScratch,\n dpopSecret: secrets.dpopSecret,\n inviteCodeRequired: cfg.invites.required,\n availableUserDomains: cfg.identity.serviceHandleDomains,\n hcaptcha: cfg.oauth.provider.hcaptcha,\n branding: cfg.oauth.provider.branding,\n safeFetch,\n lexResolver: new LexResolver({\n fetch: safeFetch,\n plcDirectoryUrl: cfg.identity.plcUrl,\n hooks: {\n onResolveAuthority: ({ nsid }) => {\n lexiconResolverLogger.debug(\n { nsid: nsid.toString() },\n 'Resolving lexicon DID authority',\n )\n // Override the lexicon did resolution to point to a custom PDS\n return cfg.lexicon.didAuthority\n },\n onResolveAuthorityResult({ nsid, did }) {\n lexiconResolverLogger.info(\n { nsid: nsid.toString(), did },\n 'Resolved lexicon DID',\n )\n },\n onResolveAuthorityError({ nsid, err }) {\n lexiconResolverLogger.error(\n { nsid: nsid.toString(), err },\n 'Lexicon DID resolution error',\n )\n },\n onFetchResult({ uri, cid }) {\n lexiconResolverLogger.info(\n { uri: uri.toString(), cid: cid.toString() },\n 'Fetched lexicon',\n )\n },\n onFetchError({ err, uri }) {\n lexiconResolverLogger.error(\n { uri: uri.toString(), err },\n 'Lexicon fetch error',\n )\n },\n },\n }),\n metadata: {\n protected_resources: [new URL(cfg.oauth.issuer).origin],\n },\n // If the PDS is both an authorization server & resource server (no\n // entryway), we can afford to check the token validity on every\n // request. This allows revoked tokens to be rejected immediately.\n // This also allows JWT to be shorter since some claims (notably the\n // \"scope\" claim) do not need to be included in the token.\n accessTokenMode: AccessTokenMode.stateful,\n\n getClientInfo(clientId) {\n return {\n isTrusted: cfg.oauth.provider?.trustedClients?.includes(clientId),\n }\n },\n })\n : undefined\n\n const scopeRefGetter = entrywayAgent\n ? new ScopeReferenceGetter(entrywayAgent, redisScratch)\n : undefined\n\n const oauthVerifier: OAuthVerifier =\n oauthProvider ?? // OAuthProvider extends OAuthVerifier\n new OAuthVerifier({\n issuer: cfg.oauth.issuer,\n keyset: [await JoseKey.fromKeyLike(jwtPublicKey!, undefined, 'ES256K')],\n dpopSecret: secrets.dpopSecret,\n redis: redisScratch,\n onDecodeToken: async ({ payload, dpopProof }) => {\n // @TODO drop this once oauth provider no longer accepts DPoP proof with\n // query or fragment in \"htu\" claim.\n if (dpopProof?.htu.match(/[?#]/)) {\n oauthLogger.info(\n { htu: dpopProof.htu, client_id: payload.client_id },\n 'DPoP proof \"htu\" contains query or fragment',\n )\n }\n\n if (scopeRefGetter) {\n payload.scope = await scopeRefGetter.dereference(payload.scope)\n }\n\n return payload\n },\n })\n\n const authVerifier = new AuthVerifier(\n accountManager,\n idResolver,\n oauthVerifier,\n {\n publicUrl: cfg.service.publicUrl,\n jwtKey: jwtPublicKey ?? jwtSecretKey,\n adminPass: secrets.adminPassword,\n dids: {\n pds: cfg.service.did,\n entryway: cfg.entryway?.did,\n modService: cfg.modService?.did,\n },\n },\n )\n\n return new AppContext({\n actorStore,\n blobstore,\n localViewer,\n mailer,\n moderationMailer,\n didCache,\n idResolver,\n plcClient,\n accountManager,\n sequencer,\n backgroundQueue,\n redisScratch,\n crawlers,\n bskyAppView,\n moderationAgent,\n reportingAgent,\n entrywayAgent,\n entrywayAdminAgent,\n proxyAgent,\n safeFetch,\n authVerifier,\n oauthProvider,\n plcRotationKey,\n cfg,\n ...(overrides ?? {}),\n })\n }\n\n async appviewAuthHeaders(did: string, lxm: string) {\n assert(this.bskyAppView)\n return this.serviceAuthHeaders(did, this.bskyAppView.did, lxm)\n }\n\n async entrywayAuthHeaders(req: express.Request, did: string, lxm: string) {\n assert(this.cfg.entryway)\n const headers = await this.serviceAuthHeaders(\n did,\n this.cfg.entryway.did,\n lxm,\n )\n return forwardedFor(req, headers)\n }\n\n entrywayPassthruHeaders(req: express.Request) {\n return forwardedFor(req, authPassthru(req))\n }\n\n async serviceAuthHeaders(did: string, aud: string, lxm: string) {\n const keypair = await this.actorStore.keypair(did)\n return createServiceAuthHeaders({\n iss: did,\n aud,\n lxm,\n keypair,\n })\n }\n\n async serviceAuthJwt(did: string, aud: string, lxm: string) {\n const keypair = await this.actorStore.keypair(did)\n return createServiceJwt({\n iss: did,\n aud,\n lxm,\n keypair,\n })\n }\n}\n\nconst basicAuthHeader = (username: string, password: string) => {\n const encoded = ui8.toString(\n ui8.fromString(`${username}:${password}`, 'utf8'),\n 'base64pad',\n )\n return `Basic ${encoded}`\n}\n\nexport default AppContext\n"]}
package/dist/db/pagination.d.ts CHANGED
@@ -47,7 +47,7 @@ export declare class TimeCidKeyset<TimeCidResult = CreatedAtCidResult> extends G
47
47
  secondary: string;
48
48
  };
49
49
  cursorToLabeledResult(cursor: Cursor): {
50
- primary: string;
50
+ primary: `${string}-${string}-${string}T${string}:${string}:${string}Z`;
51
51
  secondary: string;
52
52
  };
53
53
  }
package/dist/handle/index.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- export declare const baseNormalizeAndValidate: (handle: string) => string;
1
+ export declare const baseNormalizeAndValidate: (handle: string) => `${string}.${string}`;
2
2
  export declare const isServiceDomain: (handle: string, availableUserDomains: string[]) => boolean;
3
3
  export declare const ensureHandleServiceConstraints: (handle: string, availableUserDomains: string[], allowReserved?: boolean) => void;
4
4
  //# sourceMappingURL=index.d.ts.map
package/dist/handle/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/handle/index.ts"],"names":[],"mappings":"AAOA,eAAO,MAAM,wBAAwB,GAAI,QAAQ,MAAM,WAStD,CAAA;AAED,eAAO,MAAM,eAAe,GAC1B,QAAQ,MAAM,EACd,sBAAsB,MAAM,EAAE,KAC7B,OAEF,CAAA;AAED,eAAO,MAAM,8BAA8B,GACzC,QAAQ,MAAM,EACd,sBAAsB,MAAM,EAAE,EAC9B,uBAAqB,KACpB,IAmBF,CAAA"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/handle/index.ts"],"names":[],"mappings":"AAOA,eAAO,MAAM,wBAAwB,GAAI,QAAQ,MAAM,0BAStD,CAAA;AAED,eAAO,MAAM,eAAe,GAC1B,QAAQ,MAAM,EACd,sBAAsB,MAAM,EAAE,KAC7B,OAEF,CAAA;AAED,eAAO,MAAM,8BAA8B,GACzC,QAAQ,MAAM,EACd,sBAAsB,MAAM,EAAE,EAC9B,uBAAqB,KACpB,IAmBF,CAAA"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@atproto/pds",
3
- "version": "0.4.196",
3
+ "version": "0.4.197",
4
4
  "license": "MIT",
5
5
  "description": "Reference implementation of atproto Personal Data Server (PDS)",
6
6
  "keywords": [
@@ -52,21 +52,20 @@
52
52
  "@atproto-labs/simple-store-memory": "0.1.4",
53
53
  "@atproto-labs/simple-store-redis": "0.0.1",
54
54
  "@atproto-labs/xrpc-utils": "0.0.24",
55
- "@atproto/api": "^0.18.3",
55
+ "@atproto/api": "^0.18.4",
56
56
  "@atproto/aws": "^0.2.31",
57
- "@atproto/common": "^0.5.1",
58
- "@atproto/crypto": "^0.4.4",
57
+ "@atproto/common": "^0.5.2",
58
+ "@atproto/crypto": "^0.4.5",
59
59
  "@atproto/identity": "^0.4.10",
60
- "@atproto/lex-cbor": "^0.0.1",
61
- "@atproto/lex-data": "^0.0.1",
60
+ "@atproto/lex-cbor": "^0.0.2",
61
+ "@atproto/lex-data": "^0.0.2",
62
62
  "@atproto/lexicon": "^0.5.2",
63
- "@atproto/lexicon-resolver": "^0.2.4",
64
- "@atproto/oauth-provider": "^0.13.5",
65
- "@atproto/oauth-scopes": "^0.2.2",
63
+ "@atproto/oauth-provider": "^0.14.0",
64
+ "@atproto/oauth-scopes": "^0.3.0",
66
65
  "@atproto/repo": "^0.8.11",
67
- "@atproto/syntax": "^0.4.1",
66
+ "@atproto/syntax": "^0.4.2",
68
67
  "@atproto/xrpc": "^0.7.6",
69
- "@atproto/xrpc-server": "^0.10.1"
68
+ "@atproto/xrpc-server": "^0.10.2"
70
69
  },
71
70
  "devDependencies": {
72
71
  "@atproto/pds-entryway": "npm:@atproto/pds@0.3.0-entryway.3",
@@ -84,8 +83,8 @@
84
83
  "ts-node": "^10.8.2",
85
84
  "typescript": "^5.6.3",
86
85
  "ws": "^8.12.0",
87
- "@atproto/api": "^0.18.3",
88
- "@atproto/bsky": "^0.0.198",
86
+ "@atproto/api": "^0.18.4",
87
+ "@atproto/bsky": "^0.0.199",
89
88
  "@atproto/lex-cli": "^0.9.7",
90
89
  "@atproto/oauth-client-browser-example": "0.0.8"
91
90
  },
package/src/account-manager/db/schema/lexicon.ts CHANGED
@@ -1,4 +1,4 @@
1
- import type { LexiconDoc } from '@atproto/oauth-provider'
1
+ import type { LexiconDocument } from '@atproto/oauth-provider'
2
2
  import { DateISO, JsonEncoded } from '../../../db/cast'
3
3
 
4
4
  export interface Lexicon {
@@ -7,7 +7,7 @@ export interface Lexicon {
7
7
  updatedAt: DateISO
8
8
  lastSucceededAt: null | DateISO
9
9
  uri: null | string
10
- lexicon: null | JsonEncoded<LexiconDoc>
10
+ lexicon: null | JsonEncoded<LexiconDocument>
11
11
  }
12
12
 
13
13
  export const tableName = 'lexicon'
package/src/config/config.ts CHANGED
@@ -2,6 +2,7 @@ import assert from 'node:assert'
2
2
  import path from 'node:path'
3
3
  import { DAY, HOUR, SECOND } from '@atproto/common'
4
4
  import { BrandingInput, HcaptchaConfig } from '@atproto/oauth-provider'
5
+ import { ensureValidDid } from '@atproto/syntax'
5
6
  import { ServerEnvironment } from './env'
6
7
 
7
8
  // off-config but still from env:
@@ -320,8 +321,11 @@ export const envToCfg = (env: ServerEnvironment): ServerConfig => {
320
321
  },
321
322
  }
322
323
 
323
- const lexiconCfg: LexiconResolverConfig = {
324
- didAuthority: env.lexiconDidAuthority,
324
+ const lexiconCfg: LexiconResolverConfig = {}
325
+
326
+ if (env.lexiconDidAuthority != null) {
327
+ ensureValidDid(env.lexiconDidAuthority)
328
+ lexiconCfg.didAuthority = env.lexiconDidAuthority
325
329
  }
326
330
 
327
331
  return {
@@ -469,7 +473,7 @@ export type OAuthConfig = {
469
473
  }
470
474
 
471
475
  export type LexiconResolverConfig = {
472
- didAuthority?: string
476
+ didAuthority?: `did:${string}:${string}`
473
477
  }
474
478
 
475
479
  export type InvitesConfig =
package/src/config/env.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import { envBool, envInt, envList, envStr } from '@atproto/common'
2
2
 
3
- export const readEnv = (): ServerEnvironment => {
3
+ export function readEnv() {
4
4
  return {
5
5
  // service
6
6
  port: envInt('PDS_PORT'),
@@ -73,7 +73,7 @@ export const readEnv = (): ServerEnvironment => {
73
73
  didCacheMaxTTL: envInt('PDS_DID_CACHE_MAX_TTL'),
74
74
  resolverTimeout: envInt('PDS_ID_RESOLVER_TIMEOUT'),
75
75
  recoveryDidKey: envStr('PDS_RECOVERY_DID_KEY'),
76
- serviceHandleDomains: envList('PDS_SERVICE_HANDLE_DOMAINS'),
76
+ serviceHandleDomains: envList('PDS_SERVICE_HANDLE_DOMAINS'), // public hostname by default
77
77
  handleBackupNameservers: envList('PDS_HANDLE_BACKUP_NAMESERVERS'),
78
78
  enableDidDocWithSession: envBool('PDS_ENABLE_DID_DOC_WITH_SESSION'),
79
79
 
@@ -151,154 +151,10 @@ export const readEnv = (): ServerEnvironment => {
151
151
  proxyMaxResponseSize: envInt('PDS_PROXY_MAX_RESPONSE_SIZE'),
152
152
  proxyMaxRetries: envInt('PDS_PROXY_MAX_RETRIES'),
153
153
  proxyPreferCompressed: envBool('PDS_PROXY_PREFER_COMPRESSED'),
154
+
155
+ // lexicon resolution
156
+ lexiconDidAuthority: envStr('PDS_LEXICON_AUTHORITY_DID'),
154
157
  }
155
158
  }
156
159
 
157
- export type ServerEnvironment = {
158
- // service
159
- port?: number
160
- hostname?: string
161
- serviceDid?: string
162
- serviceName?: string
163
- version?: string
164
- homeUrl?: string
165
- logoUrl?: string
166
- privacyPolicyUrl?: string
167
- supportUrl?: string
168
- termsOfServiceUrl?: string
169
- contactEmailAddress?: string
170
- acceptingImports?: boolean
171
- maxImportSize?: number
172
- blobUploadLimit?: number
173
- devMode?: boolean
174
-
175
- // OAuth
176
- hcaptchaSiteKey?: string
177
- hcaptchaSecretKey?: string
178
- hcaptchaTokenSalt?: string
179
- trustedOAuthClients?: string[]
180
-
181
- // branding
182
- lightColor?: string
183
- darkColor?: string
184
- primaryColor?: string
185
- primaryColorContrast?: string
186
- primaryColorHue?: number
187
- errorColor?: string
188
- errorColorContrast?: string
189
- errorColorHue?: number
190
- warningColor?: string
191
- warningColorContrast?: string
192
- warningColorHue?: number
193
- successColor?: string
194
- successColorContrast?: string
195
- successColorHue?: number
196
-
197
- // database
198
- dataDirectory?: string
199
- disableWalAutoCheckpoint?: boolean
200
- accountDbLocation?: string
201
- sequencerDbLocation?: string
202
- didCacheDbLocation?: string
203
-
204
- // actor store
205
- actorStoreDirectory?: string
206
- actorStoreCacheSize?: number
207
-
208
- // blobstore: one required
209
- blobstoreS3Bucket?: string
210
- blobstoreDiskLocation?: string
211
- blobstoreDiskTmpLocation?: string
212
-
213
- // -- optional s3 parameters
214
- blobstoreS3Region?: string
215
- blobstoreS3Endpoint?: string
216
- blobstoreS3ForcePathStyle?: boolean
217
- blobstoreS3AccessKeyId?: string
218
- blobstoreS3SecretAccessKey?: string
219
- blobstoreS3UploadTimeoutMs?: number
220
-
221
- // identity
222
- didPlcUrl?: string
223
- didCacheStaleTTL?: number
224
- didCacheMaxTTL?: number
225
- resolverTimeout?: number
226
- recoveryDidKey?: string
227
- serviceHandleDomains?: string[] // public hostname by default
228
- handleBackupNameservers?: string[]
229
- enableDidDocWithSession?: boolean
230
-
231
- // entryway
232
- entrywayUrl?: string
233
- entrywayDid?: string
234
- entrywayJwtVerifyKeyK256PublicKeyHex?: string
235
- entrywayPlcRotationKey?: string
236
-
237
- // invites
238
- inviteRequired?: boolean
239
- inviteInterval?: number
240
- inviteEpoch?: number
241
-
242
- // email
243
- emailSmtpUrl?: string
244
- emailFromAddress?: string
245
- moderationEmailSmtpUrl?: string
246
- moderationEmailAddress?: string
247
-
248
- // subscription
249
- maxSubscriptionBuffer?: number
250
- repoBackfillLimitMs?: number
251
-
252
- // appview
253
- bskyAppViewUrl?: string
254
- bskyAppViewDid?: string
255
- bskyAppViewCdnUrlPattern?: string
256
-
257
- // mod service
258
- modServiceUrl?: string
259
- modServiceDid?: string
260
-
261
- // report service
262
- reportServiceUrl?: string
263
- reportServiceDid?: string
264
-
265
- // rate limits
266
- rateLimitsEnabled?: boolean
267
- rateLimitBypassKey?: string
268
- rateLimitBypassIps?: string[]
269
-
270
- // redis
271
- redisScratchAddress?: string
272
- redisScratchPassword?: string
273
-
274
- // crawler
275
- crawlers?: string[]
276
-
277
- // secrets
278
- dpopSecret?: string
279
- jwtSecret?: string
280
- adminPassword?: string
281
- entrywayAdminToken?: string
282
-
283
- // keys
284
- plcRotationKeyKmsKeyId?: string
285
- plcRotationKeyK256PrivateKeyHex?: string
286
-
287
- // user provided url http requests
288
- disableSsrfProtection?: boolean
289
-
290
- // fetch
291
- fetchForceLogging?: boolean
292
- fetchMaxResponseSize?: number
293
-
294
- // lexicon resolver
295
- lexiconDidAuthority?: string
296
-
297
- // proxy
298
- proxyAllowHTTP2?: boolean
299
- proxyHeadersTimeout?: number
300
- proxyBodyTimeout?: number
301
- proxyMaxResponseSize?: number
302
- proxyMaxRetries?: number
303
- proxyPreferCompressed?: boolean
304
- }
160
+ export type ServerEnvironment = Partial<ReturnType<typeof readEnv>>
package/src/context.ts CHANGED
@@ -9,13 +9,10 @@ import { AtpAgent } from '@atproto/api'
9
9
  import { KmsKeypair, S3BlobStore } from '@atproto/aws'
10
10
  import * as crypto from '@atproto/crypto'
11
11
  import { IdResolver } from '@atproto/identity'
12
- import {
13
- LexiconResolver,
14
- buildLexiconResolver,
15
- } from '@atproto/lexicon-resolver'
16
12
  import {
17
13
  AccessTokenMode,
18
14
  JoseKey,
15
+ LexResolver,
19
16
  OAuthProvider,
20
17
  OAuthVerifier,
21
18
  } from '@atproto/oauth-provider'
@@ -328,48 +325,6 @@ export class AppContext {
328
325
  },
329
326
  })
330
327
 
331
- const baseLexiconResolver = buildLexiconResolver({
332
- idResolver,
333
- rpc: { fetch: safeFetch },
334
- })
335
-
336
- const getLexiconAuthority = (_nsid: string): string | undefined => {
337
- // At the moment, only a single override strategy is supported by
338
- // specifying a did through which all the lexicons will be resolved. We
339
- // might need more granular control in the future (e.g. per-nsid
340
- // overrides)
341
- return cfg.lexicon.didAuthority
342
- }
343
-
344
- const lexiconResolver: LexiconResolver = async (input) => {
345
- const nsid: string = String(input)
346
- try {
347
- const result = await baseLexiconResolver(input, {
348
- didAuthority: getLexiconAuthority(nsid),
349
- // Right now, the lexicon resolver is only used by the oauth-provider,
350
- // which caches the responses internally (through the LexiconStore).
351
- // Since the `LexiconResolver` does not allow specifying a
352
- // `forceRefresh` option, we hard code it here. Should PDSs need to
353
- // resolve lexicons for other purposes (e.g. record validation), we'd
354
- // probably want to either implement caching as built into the
355
- // lexiconResolver here, or allow the caller (oauth-provider, etc.) to
356
- // specify a `forceRefresh` option by altering the LexiconResolver
357
- // interface.
358
- forceRefresh: true,
359
- })
360
-
361
- const cid = result.cid.toString()
362
- const uri = result.uri.toString()
363
- lexiconResolverLogger.info({ nsid, uri, cid }, 'Resolved lexicon')
364
-
365
- return result
366
- } catch (err) {
367
- lexiconResolverLogger.error({ nsid, err }, 'Lexicon resolution failed')
368
-
369
- throw err
370
- }
371
- }
372
-
373
328
  const oauthProvider = cfg.oauth.provider
374
329
  ? new OAuthProvider({
375
330
  issuer: cfg.oauth.issuer,
@@ -393,7 +348,44 @@ export class AppContext {
393
348
  hcaptcha: cfg.oauth.provider.hcaptcha,
394
349
  branding: cfg.oauth.provider.branding,
395
350
  safeFetch,
396
- lexiconResolver,
351
+ lexResolver: new LexResolver({
352
+ fetch: safeFetch,
353
+ plcDirectoryUrl: cfg.identity.plcUrl,
354
+ hooks: {
355
+ onResolveAuthority: ({ nsid }) => {
356
+ lexiconResolverLogger.debug(
357
+ { nsid: nsid.toString() },
358
+ 'Resolving lexicon DID authority',
359
+ )
360
+ // Override the lexicon did resolution to point to a custom PDS
361
+ return cfg.lexicon.didAuthority
362
+ },
363
+ onResolveAuthorityResult({ nsid, did }) {
364
+ lexiconResolverLogger.info(
365
+ { nsid: nsid.toString(), did },
366
+ 'Resolved lexicon DID',
367
+ )
368
+ },
369
+ onResolveAuthorityError({ nsid, err }) {
370
+ lexiconResolverLogger.error(
371
+ { nsid: nsid.toString(), err },
372
+ 'Lexicon DID resolution error',
373
+ )
374
+ },
375
+ onFetchResult({ uri, cid }) {
376
+ lexiconResolverLogger.info(
377
+ { uri: uri.toString(), cid: cid.toString() },
378
+ 'Fetched lexicon',
379
+ )
380
+ },
381
+ onFetchError({ err, uri }) {
382
+ lexiconResolverLogger.error(
383
+ { uri: uri.toString(), err },
384
+ 'Lexicon fetch error',
385
+ )
386
+ },
387
+ },
388
+ }),
397
389
  metadata: {
398
390
  protected_resources: [new URL(cfg.oauth.issuer).origin],
399
391
  },