@atproto/pds 0.5.0 → 0.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +27 -0
- package/dist/account-manager/account-manager.d.ts +35 -4
- package/dist/account-manager/account-manager.d.ts.map +1 -1
- package/dist/account-manager/account-manager.js +67 -6
- package/dist/account-manager/account-manager.js.map +1 -1
- package/dist/account-manager/helpers/account.d.ts +1 -1
- package/dist/account-manager/helpers/account.d.ts.map +1 -1
- package/dist/account-manager/helpers/account.js +10 -4
- package/dist/account-manager/helpers/account.js.map +1 -1
- package/dist/account-manager/oauth-store.d.ts +2 -1
- package/dist/account-manager/oauth-store.d.ts.map +1 -1
- package/dist/account-manager/oauth-store.js +61 -12
- package/dist/account-manager/oauth-store.js.map +1 -1
- package/dist/actor-store/record/reader.d.ts +1 -1
- package/dist/actor-store/record/reader.d.ts.map +1 -1
- package/dist/actor-store/record/reader.js.map +1 -1
- package/dist/api/app/bsky/actor/getPreferences.d.ts.map +1 -1
- package/dist/api/app/bsky/actor/getPreferences.js +7 -2
- package/dist/api/app/bsky/actor/getPreferences.js.map +1 -1
- package/dist/api/app/bsky/actor/putPreferences.d.ts.map +1 -1
- package/dist/api/app/bsky/actor/putPreferences.js +7 -2
- package/dist/api/app/bsky/actor/putPreferences.js.map +1 -1
- package/dist/api/com/atproto/admin/updateAccountHandle.d.ts.map +1 -1
- package/dist/api/com/atproto/admin/updateAccountHandle.js +33 -43
- package/dist/api/com/atproto/admin/updateAccountHandle.js.map +1 -1
- package/dist/api/com/atproto/identity/updateHandle.d.ts.map +1 -1
- package/dist/api/com/atproto/identity/updateHandle.js +39 -61
- package/dist/api/com/atproto/identity/updateHandle.js.map +1 -1
- package/dist/api/com/atproto/repo/getRecord.js +3 -3
- package/dist/api/com/atproto/repo/getRecord.js.map +1 -1
- package/dist/api/com/atproto/repo/putRecord.js +2 -2
- package/dist/api/com/atproto/repo/putRecord.js.map +1 -1
- package/dist/api/com/atproto/server/getServiceAuth.d.ts.map +1 -1
- package/dist/api/com/atproto/server/getServiceAuth.js +4 -0
- package/dist/api/com/atproto/server/getServiceAuth.js.map +1 -1
- package/dist/config/config.d.ts +5 -2
- package/dist/config/config.d.ts.map +1 -1
- package/dist/config/config.js +50 -46
- package/dist/config/config.js.map +1 -1
- package/dist/config/env.d.ts +1 -0
- package/dist/config/env.d.ts.map +1 -1
- package/dist/config/env.js +1 -0
- package/dist/config/env.js.map +1 -1
- package/dist/context.d.ts.map +1 -1
- package/dist/context.js +3 -3
- package/dist/context.js.map +1 -1
- package/dist/lexicons/app/bsky/actor/defs.defs.d.ts +8 -0
- package/dist/lexicons/app/bsky/actor/defs.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/actor/defs.defs.js +3 -0
- package/dist/lexicons/app/bsky/actor/defs.defs.js.map +1 -1
- package/dist/lexicons/app/bsky/actor/profile.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/actor/status.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/draft/defs.defs.d.ts +22 -0
- package/dist/lexicons/app/bsky/draft/defs.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/draft/defs.defs.js +11 -0
- package/dist/lexicons/app/bsky/draft/defs.defs.js.map +1 -1
- package/dist/lexicons/app/bsky/embed/gallery.d.ts +3 -0
- package/dist/lexicons/app/bsky/embed/gallery.d.ts.map +1 -0
- package/dist/lexicons/app/bsky/embed/gallery.defs.d.ts +130 -0
- package/dist/lexicons/app/bsky/embed/gallery.defs.d.ts.map +1 -0
- package/dist/lexicons/app/bsky/embed/gallery.defs.js +47 -0
- package/dist/lexicons/app/bsky/embed/gallery.defs.js.map +1 -0
- package/dist/lexicons/app/bsky/embed/gallery.js +6 -0
- package/dist/lexicons/app/bsky/embed/gallery.js.map +1 -0
- package/dist/lexicons/app/bsky/embed/record.defs.d.ts +2 -1
- package/dist/lexicons/app/bsky/embed/record.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/embed/record.defs.js +2 -0
- package/dist/lexicons/app/bsky/embed/record.defs.js.map +1 -1
- package/dist/lexicons/app/bsky/embed/recordWithMedia.defs.d.ts +13 -12
- package/dist/lexicons/app/bsky/embed/recordWithMedia.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/embed/recordWithMedia.defs.js +3 -0
- package/dist/lexicons/app/bsky/embed/recordWithMedia.defs.js.map +1 -1
- package/dist/lexicons/app/bsky/embed.d.ts +1 -0
- package/dist/lexicons/app/bsky/embed.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/embed.js +1 -0
- package/dist/lexicons/app/bsky/embed.js.map +1 -1
- package/dist/lexicons/app/bsky/feed/defs.defs.d.ts +2 -1
- package/dist/lexicons/app/bsky/feed/defs.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/feed/defs.defs.js +2 -0
- package/dist/lexicons/app/bsky/feed/defs.defs.js.map +1 -1
- package/dist/lexicons/app/bsky/feed/generator.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/feed/like.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/feed/post.defs.d.ts +12 -11
- package/dist/lexicons/app/bsky/feed/post.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/feed/post.defs.js +2 -0
- package/dist/lexicons/app/bsky/feed/post.defs.js.map +1 -1
- package/dist/lexicons/app/bsky/feed/postgate.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/feed/repost.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/feed/threadgate.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/graph/block.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/graph/follow.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/graph/list.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/graph/listblock.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/graph/listitem.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/graph/starterpack.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/graph/verification.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/labeler/service.defs.d.ts.map +1 -1
- package/dist/lexicons/app/bsky/notification/declaration.defs.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/actor/declaration.defs.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/actor/getStatus.defs.d.ts +2 -0
- package/dist/lexicons/chat/bsky/actor/getStatus.defs.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/actor/getStatus.defs.js +1 -0
- package/dist/lexicons/chat/bsky/actor/getStatus.defs.js.map +1 -1
- package/dist/lexicons/chat/bsky/authFullChatClient.defs.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/authFullChatClient.defs.js +1 -0
- package/dist/lexicons/chat/bsky/authFullChatClient.defs.js.map +1 -1
- package/dist/lexicons/chat/bsky/convo/defs.defs.d.ts +53 -14
- package/dist/lexicons/chat/bsky/convo/defs.defs.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/convo/defs.defs.js +33 -5
- package/dist/lexicons/chat/bsky/convo/defs.defs.js.map +1 -1
- package/dist/lexicons/chat/bsky/convo/getConvoForMembers.defs.d.ts +1 -1
- package/dist/lexicons/chat/bsky/convo/getConvoForMembers.defs.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/convo/getConvoForMembers.defs.js +1 -0
- package/dist/lexicons/chat/bsky/convo/getConvoForMembers.defs.js.map +1 -1
- package/dist/lexicons/chat/bsky/convo/getLog.defs.d.ts +2 -2
- package/dist/lexicons/chat/bsky/convo/getLog.defs.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/convo/getLog.defs.js +3 -0
- package/dist/lexicons/chat/bsky/convo/getLog.defs.js.map +1 -1
- package/dist/lexicons/chat/bsky/embed/joinLink.d.ts +3 -0
- package/dist/lexicons/chat/bsky/embed/joinLink.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/embed/joinLink.defs.d.ts +99 -0
- package/dist/lexicons/chat/bsky/embed/joinLink.defs.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/embed/joinLink.defs.js +28 -0
- package/dist/lexicons/chat/bsky/embed/joinLink.defs.js.map +1 -0
- package/dist/lexicons/chat/bsky/embed/joinLink.js +6 -0
- package/dist/lexicons/chat/bsky/embed/joinLink.js.map +1 -0
- package/dist/lexicons/chat/bsky/embed.d.ts +2 -0
- package/dist/lexicons/chat/bsky/embed.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/embed.js +5 -0
- package/dist/lexicons/chat/bsky/embed.js.map +1 -0
- package/dist/lexicons/chat/bsky/group/addMembers.defs.d.ts +1 -1
- package/dist/lexicons/chat/bsky/group/addMembers.defs.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/group/addMembers.defs.js +1 -0
- package/dist/lexicons/chat/bsky/group/addMembers.defs.js.map +1 -1
- package/dist/lexicons/chat/bsky/group/createGroup.defs.d.ts +1 -1
- package/dist/lexicons/chat/bsky/group/createGroup.defs.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/group/createGroup.defs.js +1 -0
- package/dist/lexicons/chat/bsky/group/createGroup.defs.js.map +1 -1
- package/dist/lexicons/chat/bsky/group/getJoinLinkPreviews.defs.d.ts +1 -1
- package/dist/lexicons/chat/bsky/group/getJoinLinkPreviews.defs.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/group/getJoinLinkPreviews.defs.js +1 -1
- package/dist/lexicons/chat/bsky/group/getJoinLinkPreviews.defs.js.map +1 -1
- package/dist/lexicons/chat/bsky/group/updateJoinRequestsRead.d.ts +3 -0
- package/dist/lexicons/chat/bsky/group/updateJoinRequestsRead.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/group/updateJoinRequestsRead.defs.d.ts +20 -0
- package/dist/lexicons/chat/bsky/group/updateJoinRequestsRead.defs.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/group/updateJoinRequestsRead.defs.js +19 -0
- package/dist/lexicons/chat/bsky/group/updateJoinRequestsRead.defs.js.map +1 -0
- package/dist/lexicons/chat/bsky/group/updateJoinRequestsRead.js +6 -0
- package/dist/lexicons/chat/bsky/group/updateJoinRequestsRead.js.map +1 -0
- package/dist/lexicons/chat/bsky/group/withdrawJoinRequest.d.ts +3 -0
- package/dist/lexicons/chat/bsky/group/withdrawJoinRequest.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/group/withdrawJoinRequest.defs.d.ts +20 -0
- package/dist/lexicons/chat/bsky/group/withdrawJoinRequest.defs.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/group/withdrawJoinRequest.defs.js +18 -0
- package/dist/lexicons/chat/bsky/group/withdrawJoinRequest.defs.js.map +1 -0
- package/dist/lexicons/chat/bsky/group/withdrawJoinRequest.js +6 -0
- package/dist/lexicons/chat/bsky/group/withdrawJoinRequest.js.map +1 -0
- package/dist/lexicons/chat/bsky/group.d.ts +2 -0
- package/dist/lexicons/chat/bsky/group.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/group.js +2 -0
- package/dist/lexicons/chat/bsky/group.js.map +1 -1
- package/dist/lexicons/chat/bsky/moderation/defs.d.ts +2 -0
- package/dist/lexicons/chat/bsky/moderation/defs.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/defs.defs.d.ts +58 -0
- package/dist/lexicons/chat/bsky/moderation/defs.defs.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/defs.defs.js +38 -0
- package/dist/lexicons/chat/bsky/moderation/defs.defs.js.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/defs.js +5 -0
- package/dist/lexicons/chat/bsky/moderation/defs.js.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/getConvo.d.ts +3 -0
- package/dist/lexicons/chat/bsky/moderation/getConvo.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/getConvo.defs.d.ts +22 -0
- package/dist/lexicons/chat/bsky/moderation/getConvo.defs.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/getConvo.defs.js +18 -0
- package/dist/lexicons/chat/bsky/moderation/getConvo.defs.js.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/getConvo.js +6 -0
- package/dist/lexicons/chat/bsky/moderation/getConvo.js.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/getConvoMembers.d.ts +3 -0
- package/dist/lexicons/chat/bsky/moderation/getConvoMembers.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/getConvoMembers.defs.d.ts +28 -0
- package/dist/lexicons/chat/bsky/moderation/getConvoMembers.defs.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/getConvoMembers.defs.js +24 -0
- package/dist/lexicons/chat/bsky/moderation/getConvoMembers.defs.js.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/getConvoMembers.js +6 -0
- package/dist/lexicons/chat/bsky/moderation/getConvoMembers.js.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/getConvos.d.ts +3 -0
- package/dist/lexicons/chat/bsky/moderation/getConvos.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/getConvos.defs.d.ts +22 -0
- package/dist/lexicons/chat/bsky/moderation/getConvos.defs.d.ts.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/getConvos.defs.js +22 -0
- package/dist/lexicons/chat/bsky/moderation/getConvos.defs.js.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/getConvos.js +6 -0
- package/dist/lexicons/chat/bsky/moderation/getConvos.js.map +1 -0
- package/dist/lexicons/chat/bsky/moderation/subscribeModEvents.defs.d.ts +20 -2
- package/dist/lexicons/chat/bsky/moderation/subscribeModEvents.defs.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/moderation/subscribeModEvents.defs.js +11 -0
- package/dist/lexicons/chat/bsky/moderation/subscribeModEvents.defs.js.map +1 -1
- package/dist/lexicons/chat/bsky/moderation.d.ts +4 -0
- package/dist/lexicons/chat/bsky/moderation.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/moderation.js +4 -0
- package/dist/lexicons/chat/bsky/moderation.js.map +1 -1
- package/dist/lexicons/chat/bsky.d.ts +1 -0
- package/dist/lexicons/chat/bsky.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky.js +1 -0
- package/dist/lexicons/chat/bsky.js.map +1 -1
- package/dist/lexicons/com/atproto/lexicon/schema.defs.d.ts.map +1 -1
- package/dist/lexicons/com/atproto/server/getServiceAuth.defs.d.ts +2 -2
- package/dist/lexicons/com/atproto/server/getServiceAuth.defs.js +1 -1
- package/dist/lexicons/com/atproto/server/getServiceAuth.defs.js.map +1 -1
- package/dist/lexicons/com/germnetwork/declaration.defs.d.ts.map +1 -1
- package/dist/lexicons/site/standard/document.defs.d.ts.map +1 -1
- package/dist/lexicons/site/standard/graph/recommend.defs.d.ts.map +1 -1
- package/dist/lexicons/site/standard/graph/subscription.defs.d.ts.map +1 -1
- package/dist/lexicons/site/standard/publication.defs.d.ts.map +1 -1
- package/dist/lexicons/site/standard/theme/basic.defs.d.ts.map +1 -1
- package/dist/lexicons/tools/ozone/moderation/defs.defs.d.ts +11 -3
- package/dist/lexicons/tools/ozone/moderation/defs.defs.d.ts.map +1 -1
- package/dist/lexicons/tools/ozone/moderation/defs.defs.js +9 -0
- package/dist/lexicons/tools/ozone/moderation/defs.defs.js.map +1 -1
- package/dist/lexicons/tools/ozone/moderation/queryEvents.defs.d.ts +2 -2
- package/dist/lexicons/tools/ozone/moderation/queryEvents.defs.d.ts.map +1 -1
- package/dist/lexicons/tools/ozone/moderation/queryEvents.defs.js.map +1 -1
- package/dist/lexicons/tools/ozone/moderation/queryStatuses.defs.d.ts +2 -2
- package/dist/lexicons/tools/ozone/moderation/queryStatuses.defs.d.ts.map +1 -1
- package/dist/lexicons/tools/ozone/moderation/queryStatuses.defs.js.map +1 -1
- package/dist/mailer/index.d.ts +3 -3
- package/dist/mailer/index.d.ts.map +1 -1
- package/dist/mailer/index.js +18 -9
- package/dist/mailer/index.js.map +1 -1
- package/dist/mailer/templates/confirm-email.js +11 -3
- package/dist/mailer/templates/confirm-email.js.map +2 -2
- package/dist/mailer/templates/delete-account.js +2 -2
- package/dist/mailer/templates/delete-account.js.map +2 -2
- package/dist/mailer/templates/plc-operation.js +2 -2
- package/dist/mailer/templates/plc-operation.js.map +2 -2
- package/dist/mailer/templates/reset-password.js +2 -2
- package/dist/mailer/templates/reset-password.js.map +2 -2
- package/dist/mailer/templates/update-email.js +2 -2
- package/dist/mailer/templates/update-email.js.map +2 -2
- package/dist/mailer/templates.d.ts +11 -0
- package/dist/mailer/templates.d.ts.map +1 -1
- package/dist/mailer/templates.js.map +1 -1
- package/dist/pipethrough.d.ts +3 -0
- package/dist/pipethrough.d.ts.map +1 -1
- package/dist/pipethrough.js +25 -9
- package/dist/pipethrough.js.map +1 -1
- package/dist/read-after-write/viewer.d.ts +2 -2
- package/package.json +7 -6
- package/src/account-manager/account-manager.ts +105 -7
- package/src/account-manager/helpers/account.ts +15 -7
- package/src/account-manager/oauth-store.ts +76 -18
- package/src/actor-store/record/reader.ts +1 -1
- package/src/api/app/bsky/actor/getPreferences.ts +11 -2
- package/src/api/app/bsky/actor/putPreferences.ts +11 -2
- package/src/api/com/atproto/admin/updateAccountHandle.ts +37 -46
- package/src/api/com/atproto/identity/updateHandle.ts +45 -76
- package/src/api/com/atproto/repo/getRecord.ts +3 -3
- package/src/api/com/atproto/repo/putRecord.ts +2 -2
- package/src/api/com/atproto/server/getServiceAuth.ts +7 -0
- package/src/config/config.ts +69 -57
- package/src/config/env.ts +3 -0
- package/src/context.ts +13 -10
- package/src/mailer/index.ts +25 -9
- package/src/mailer/templates/confirm-email.hbs +18 -17
- package/src/mailer/templates/delete-account.hbs +6 -6
- package/src/mailer/templates/plc-operation.hbs +6 -6
- package/src/mailer/templates/reset-password.hbs +7 -7
- package/src/mailer/templates/update-email.hbs +6 -6
- package/src/mailer/templates.ts +12 -0
- package/src/pipethrough.ts +33 -12
- package/tests/_puppeteer.ts +8 -2
- package/tests/account-manager.test.ts +123 -50
- package/tests/app-passwords.test.ts +5 -5
- package/tests/get-service-auth.test.ts +81 -0
- package/tests/oauth.test.ts +5 -5
- package/tests/proxied/proxy-header.test.ts +1 -0
- package/tests/proxied/proxy-oauth-aud.test.ts +175 -0
- package/tsconfig.build.tsbuildinfo +1 -1
|
@@ -1,49 +1,39 @@
|
|
|
1
1
|
import { InvalidRequestError } from '@atproto/xrpc-server';
|
|
2
2
|
import { com } from '../../../../lexicons/index.js';
|
|
3
|
-
import { httpLogger } from '../../../../logger.js';
|
|
4
3
|
export default function (server, ctx) {
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
did,
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
4
|
+
const { entrywayClient } = ctx;
|
|
5
|
+
if (entrywayClient) {
|
|
6
|
+
server.add(com.atproto.admin.updateAccountHandle, {
|
|
7
|
+
auth: ctx.authVerifier.adminToken,
|
|
8
|
+
handler: async ({ input: { body } }) => {
|
|
9
|
+
const { did, handle } = await ctx.accountManager.validateHandleUpdate(body.did, body.handle, { allowAnyValid: true });
|
|
10
|
+
// the pds defers to the entryway for updating the handle in the user's
|
|
11
|
+
// did doc. here was just check that the handle is already
|
|
12
|
+
// bidirectionally confirmed.
|
|
13
|
+
//
|
|
14
|
+
// -> entryway(identity.updateHandle) [update handle, submit plc op]
|
|
15
|
+
// -> pds(admin.updateAccountHandle) [track handle, sequence handle update]
|
|
16
|
+
//
|
|
17
|
+
// @TODO if handle is taken according to this PDS, should we force-update?
|
|
18
|
+
const doc = await ctx.idResolver.did
|
|
19
|
+
.resolveAtprotoData(did, true)
|
|
20
|
+
.catch(() => undefined);
|
|
21
|
+
if (!doc || doc.handle !== handle) {
|
|
22
|
+
throw new InvalidRequestError('Handle does not match DID doc');
|
|
21
23
|
}
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
await ctx.plcClient.updateHandle(did, ctx.plcRotationKey, handle);
|
|
37
|
-
}
|
|
38
|
-
await ctx.accountManager.updateHandle(did, handle);
|
|
39
|
-
}
|
|
40
|
-
try {
|
|
41
|
-
await ctx.sequencer.sequenceIdentityEvt(did, handle);
|
|
42
|
-
}
|
|
43
|
-
catch (err) {
|
|
44
|
-
httpLogger.error({ err, did, handle }, 'failed to sequence handle update');
|
|
45
|
-
}
|
|
46
|
-
},
|
|
47
|
-
});
|
|
24
|
+
await ctx.accountManager.updateAccountHandle(did, handle);
|
|
25
|
+
},
|
|
26
|
+
});
|
|
27
|
+
}
|
|
28
|
+
else {
|
|
29
|
+
server.add(com.atproto.admin.updateAccountHandle, {
|
|
30
|
+
auth: ctx.authVerifier.adminToken,
|
|
31
|
+
handler: async ({ input: { body } }) => {
|
|
32
|
+
await ctx.accountManager.updateHandle(body.did, body.handle, {
|
|
33
|
+
allowAnyValid: true,
|
|
34
|
+
});
|
|
35
|
+
},
|
|
36
|
+
});
|
|
37
|
+
}
|
|
48
38
|
}
|
|
49
39
|
//# sourceMappingURL=updateAccountHandle.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"updateAccountHandle.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/admin/updateAccountHandle.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAU,MAAM,sBAAsB,CAAA;AAElE,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;
|
|
1
|
+
{"version":3,"file":"updateAccountHandle.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/admin/updateAccountHandle.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAU,MAAM,sBAAsB,CAAA;AAElE,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AAEnD,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,EAAE,cAAc,EAAE,GAAG,GAAG,CAAA;IAE9B,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,mBAAmB,EAAE;YAChD,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,UAAU;YACjC,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE;gBACrC,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,oBAAoB,CACnE,IAAI,CAAC,GAAG,EACR,IAAI,CAAC,MAAM,EACX,EAAE,aAAa,EAAE,IAAI,EAAE,CACxB,CAAA;gBAED,uEAAuE;gBACvE,0DAA0D;gBAC1D,6BAA6B;gBAC7B,EAAE;gBACF,oEAAoE;gBACpE,4EAA4E;gBAC5E,EAAE;gBACF,0EAA0E;gBAC1E,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,GAAG;qBACjC,kBAAkB,CAAC,GAAG,EAAE,IAAI,CAAC;qBAC7B,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAA;gBAEzB,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;oBAClC,MAAM,IAAI,mBAAmB,CAAC,+BAA+B,CAAC,CAAA;gBAChE,CAAC;gBAED,MAAM,GAAG,CAAC,cAAc,CAAC,mBAAmB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;YAC3D,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,mBAAmB,EAAE;YAChD,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,UAAU;YACjC,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE;gBACrC,MAAM,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE;oBAC3D,aAAa,EAAE,IAAI;iBACpB,CAAC,CAAA;YACJ,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC","sourcesContent":["import { InvalidRequestError, Server } from '@atproto/xrpc-server'\nimport { AppContext } from '../../../../context.js'\nimport { com } from '../../../../lexicons/index.js'\n\nexport default function (server: Server, ctx: AppContext) {\n const { entrywayClient } = ctx\n\n if (entrywayClient) {\n server.add(com.atproto.admin.updateAccountHandle, {\n auth: ctx.authVerifier.adminToken,\n handler: async ({ input: { body } }) => {\n const { did, handle } = await ctx.accountManager.validateHandleUpdate(\n body.did,\n body.handle,\n { allowAnyValid: true },\n )\n\n // the pds defers to the entryway for updating the handle in the user's\n // did doc. here was just check that the handle is already\n // bidirectionally confirmed.\n //\n // -> entryway(identity.updateHandle) [update handle, submit plc op]\n // -> pds(admin.updateAccountHandle) [track handle, sequence handle update]\n //\n // @TODO if handle is taken according to this PDS, should we force-update?\n const doc = await ctx.idResolver.did\n .resolveAtprotoData(did, true)\n .catch(() => undefined)\n\n if (!doc || doc.handle !== handle) {\n throw new InvalidRequestError('Handle does not match DID doc')\n }\n\n await ctx.accountManager.updateAccountHandle(did, handle)\n },\n })\n } else {\n server.add(com.atproto.admin.updateAccountHandle, {\n auth: ctx.authVerifier.adminToken,\n handler: async ({ input: { body } }) => {\n await ctx.accountManager.updateHandle(body.did, body.handle, {\n allowAnyValid: true,\n })\n },\n })\n }\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"updateHandle.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/identity/updateHandle.ts"],"names":[],"mappings":"AACA,OAAO,
|
|
1
|
+
{"version":3,"file":"updateHandle.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/identity/updateHandle.ts"],"names":[],"mappings":"AACA,OAAO,EAAmB,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAE9D,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AAGnD,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QA2DvD"}
|
|
@@ -1,75 +1,53 @@
|
|
|
1
1
|
import { DAY, MINUTE } from '@atproto/common';
|
|
2
|
-
import { InvalidRequestError } from '@atproto/xrpc-server';
|
|
3
2
|
import { com } from '../../../../lexicons/index.js';
|
|
4
|
-
import { httpLogger } from '../../../../logger.js';
|
|
5
3
|
export default function (server, ctx) {
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
4
|
+
const { entrywayClient } = ctx;
|
|
5
|
+
const auth = ctx.authVerifier.authorization({
|
|
6
|
+
checkTakedown: true,
|
|
7
|
+
authorize: (permissions) => {
|
|
8
|
+
permissions.assertIdentity({ attr: 'handle' });
|
|
9
|
+
},
|
|
10
|
+
});
|
|
11
|
+
const rateLimit = [
|
|
12
|
+
{
|
|
13
|
+
durationMs: 5 * MINUTE,
|
|
14
|
+
points: 10,
|
|
15
|
+
calcKey: ({ auth }) => auth.credentials.did,
|
|
16
|
+
},
|
|
17
|
+
{
|
|
18
|
+
durationMs: DAY,
|
|
19
|
+
points: 50,
|
|
20
|
+
calcKey: ({ auth }) => auth.credentials.did,
|
|
21
|
+
},
|
|
22
|
+
];
|
|
23
|
+
if (entrywayClient) {
|
|
24
|
+
server.add(com.atproto.identity.updateHandle, {
|
|
25
|
+
auth,
|
|
26
|
+
rateLimit,
|
|
27
|
+
handler: async ({ auth, input, req }) => {
|
|
28
28
|
const { headers } = await ctx.entrywayAuthHeaders(req, auth.credentials.did, com.atproto.identity.updateHandle.$lxm);
|
|
29
|
-
//
|
|
29
|
+
// The full flow is:
|
|
30
30
|
// -> entryway(identity.updateHandle) [update handle, submit plc op]
|
|
31
31
|
// -> pds(admin.updateAccountHandle) [track handle, sequence handle update]
|
|
32
|
-
await
|
|
32
|
+
await entrywayClient.xrpc(com.atproto.identity.updateHandle, {
|
|
33
33
|
headers,
|
|
34
34
|
body: {
|
|
35
35
|
handle: input.body.handle,
|
|
36
36
|
// @ts-expect-error "did" is not in the schema
|
|
37
|
-
did:
|
|
37
|
+
did: auth.credentials.did,
|
|
38
38
|
},
|
|
39
39
|
});
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
const resolved = await ctx.idResolver.did.resolveAtprotoData(requester, true);
|
|
53
|
-
if (resolved.handle !== handle) {
|
|
54
|
-
throw new InvalidRequestError('DID is not properly configured for handle');
|
|
55
|
-
}
|
|
56
|
-
}
|
|
57
|
-
await ctx.accountManager.updateHandle(requester, handle);
|
|
58
|
-
}
|
|
59
|
-
else {
|
|
60
|
-
// if we found an account with matching handle, check if it is the same as requester
|
|
61
|
-
// if so emit an identity event, otherwise error.
|
|
62
|
-
if (account.did !== requester) {
|
|
63
|
-
throw new InvalidRequestError(`Handle already taken: ${handle}`);
|
|
64
|
-
}
|
|
65
|
-
}
|
|
66
|
-
try {
|
|
67
|
-
await ctx.sequencer.sequenceIdentityEvt(requester, handle);
|
|
68
|
-
}
|
|
69
|
-
catch (err) {
|
|
70
|
-
httpLogger.error({ err, did: requester, handle }, 'failed to sequence handle update');
|
|
71
|
-
}
|
|
72
|
-
},
|
|
73
|
-
});
|
|
40
|
+
},
|
|
41
|
+
});
|
|
42
|
+
}
|
|
43
|
+
else {
|
|
44
|
+
server.add(com.atproto.identity.updateHandle, {
|
|
45
|
+
auth,
|
|
46
|
+
rateLimit,
|
|
47
|
+
handler: async ({ auth, input }) => {
|
|
48
|
+
await ctx.accountManager.updateHandle(auth.credentials.did, input.body.handle);
|
|
49
|
+
},
|
|
50
|
+
});
|
|
51
|
+
}
|
|
74
52
|
}
|
|
75
53
|
//# sourceMappingURL=updateHandle.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"updateHandle.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/identity/updateHandle.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;
|
|
1
|
+
{"version":3,"file":"updateHandle.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/identity/updateHandle.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAI7C,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AAEnD,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,EAAE,cAAc,EAAE,GAAG,GAAG,CAAA;IAE9B,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;QAC1C,aAAa,EAAE,IAAI;QACnB,SAAS,EAAE,CAAC,WAAW,EAAE,EAAE;YACzB,WAAW,CAAC,cAAc,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAA;QAChD,CAAC;KACF,CAAC,CAAA;IAEF,MAAM,SAAS,GAAgD;QAC7D;YACE,UAAU,EAAE,CAAC,GAAG,MAAM;YACtB,MAAM,EAAE,EAAE;YACV,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG;SAC5C;QACD;YACE,UAAU,EAAE,GAAG;YACf,MAAM,EAAE,EAAE;YACV,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG;SAC5C;KACF,CAAA;IAED,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,EAAE;YAC5C,IAAI;YACJ,SAAS;YACT,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,EAAE;gBACtC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,GAAG,CAAC,mBAAmB,CAC/C,GAAG,EACH,IAAI,CAAC,WAAW,CAAC,GAAG,EACpB,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,CACvC,CAAA;gBAED,oBAAoB;gBACpB,oEAAoE;gBACpE,4EAA4E;gBAC5E,MAAM,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,EAAE;oBAC3D,OAAO;oBACP,IAAI,EAAE;wBACJ,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM;wBACzB,8CAA8C;wBAC9C,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,GAAG;qBAC1B;iBACF,CAAC,CAAA;YACJ,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,EAAE;YAC5C,IAAI;YACJ,SAAS;YACT,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE;gBACjC,MAAM,GAAG,CAAC,cAAc,CAAC,YAAY,CACnC,IAAI,CAAC,WAAW,CAAC,GAAG,EACpB,KAAK,CAAC,IAAI,CAAC,MAAM,CAClB,CAAA;YACH,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC","sourcesContent":["import { DAY, MINUTE } from '@atproto/common'\nimport { MethodRateLimit, Server } from '@atproto/xrpc-server'\nimport { AccessOutput, OAuthOutput } from '../../../../auth-output.js'\nimport { AppContext } from '../../../../context.js'\nimport { com } from '../../../../lexicons/index.js'\n\nexport default function (server: Server, ctx: AppContext) {\n const { entrywayClient } = ctx\n\n const auth = ctx.authVerifier.authorization({\n checkTakedown: true,\n authorize: (permissions) => {\n permissions.assertIdentity({ attr: 'handle' })\n },\n })\n\n const rateLimit: MethodRateLimit<AccessOutput | OAuthOutput> = [\n {\n durationMs: 5 * MINUTE,\n points: 10,\n calcKey: ({ auth }) => auth.credentials.did,\n },\n {\n durationMs: DAY,\n points: 50,\n calcKey: ({ auth }) => auth.credentials.did,\n },\n ]\n\n if (entrywayClient) {\n server.add(com.atproto.identity.updateHandle, {\n auth,\n rateLimit,\n handler: async ({ auth, input, req }) => {\n const { headers } = await ctx.entrywayAuthHeaders(\n req,\n auth.credentials.did,\n com.atproto.identity.updateHandle.$lxm,\n )\n\n // The full flow is:\n // -> entryway(identity.updateHandle) [update handle, submit plc op]\n // -> pds(admin.updateAccountHandle) [track handle, sequence handle update]\n await entrywayClient.xrpc(com.atproto.identity.updateHandle, {\n headers,\n body: {\n handle: input.body.handle,\n // @ts-expect-error \"did\" is not in the schema\n did: auth.credentials.did,\n },\n })\n },\n })\n } else {\n server.add(com.atproto.identity.updateHandle, {\n auth,\n rateLimit,\n handler: async ({ auth, input }) => {\n await ctx.accountManager.updateHandle(\n auth.credentials.did,\n input.body.handle,\n )\n },\n })\n }\n}\n"]}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { atUri } from '@atproto/lex';
|
|
2
2
|
import { InvalidRequestError } from '@atproto/xrpc-server';
|
|
3
3
|
import { com } from '../../../../lexicons/index.js';
|
|
4
4
|
import { pipethrough } from '../../../../pipethrough.js';
|
|
@@ -8,7 +8,7 @@ export default function (server, ctx) {
|
|
|
8
8
|
const did = await ctx.accountManager.getDidForActor(repo);
|
|
9
9
|
// fetch from pds if available, if not then fetch from appview
|
|
10
10
|
if (did) {
|
|
11
|
-
const uri =
|
|
11
|
+
const uri = atUri(did, collection, rkey);
|
|
12
12
|
const record = await ctx.actorStore.read(did, (store) => store.record.getRecord(uri, cid ?? null));
|
|
13
13
|
if (!record || record.takedownRef !== null) {
|
|
14
14
|
throw new InvalidRequestError(`Could not locate record: ${uri}`, 'RecordNotFound');
|
|
@@ -16,7 +16,7 @@ export default function (server, ctx) {
|
|
|
16
16
|
return {
|
|
17
17
|
encoding: 'application/json',
|
|
18
18
|
body: {
|
|
19
|
-
uri
|
|
19
|
+
uri,
|
|
20
20
|
cid: record.cid,
|
|
21
21
|
value: record.value,
|
|
22
22
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getRecord.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/repo/getRecord.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"getRecord.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/repo/getRecord.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,cAAc,CAAA;AACpC,OAAO,EAAE,mBAAmB,EAAU,MAAM,sBAAsB,CAAA;AAElE,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AAExD,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,EAAE,EAAE;QAC/D,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,MAAM,CAAA;QAC9C,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,cAAc,CAAC,IAAI,CAAC,CAAA;QAEzD,8DAA8D;QAC9D,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;YACxC,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,KAAK,EAAE,EAAE,CACtD,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,CACzC,CAAA;YACD,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,WAAW,KAAK,IAAI,EAAE,CAAC;gBAC3C,MAAM,IAAI,mBAAmB,CAC3B,4BAA4B,GAAG,EAAE,EACjC,gBAAgB,CACjB,CAAA;YACH,CAAC;YACD,OAAO;gBACL,QAAQ,EAAE,kBAA2B;gBACrC,IAAI,EAAE;oBACJ,GAAG;oBACH,GAAG,EAAE,MAAM,CAAC,GAAG;oBACf,KAAK,EAAE,MAAM,CAAC,KAAK;iBACpB;aACF,CAAA;QACH,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;YACzB,MAAM,IAAI,mBAAmB,CAAC,yBAAyB,CAAC,CAAA;QAC1D,CAAC;QAED,OAAO,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;IAC9B,CAAC,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { atUri } from '@atproto/lex'\nimport { InvalidRequestError, Server } from '@atproto/xrpc-server'\nimport { AppContext } from '../../../../context.js'\nimport { com } from '../../../../lexicons/index.js'\nimport { pipethrough } from '../../../../pipethrough.js'\n\nexport default function (server: Server, ctx: AppContext) {\n server.add(com.atproto.repo.getRecord, async ({ req, params }) => {\n const { repo, collection, rkey, cid } = params\n const did = await ctx.accountManager.getDidForActor(repo)\n\n // fetch from pds if available, if not then fetch from appview\n if (did) {\n const uri = atUri(did, collection, rkey)\n const record = await ctx.actorStore.read(did, (store) =>\n store.record.getRecord(uri, cid ?? null),\n )\n if (!record || record.takedownRef !== null) {\n throw new InvalidRequestError(\n `Could not locate record: ${uri}`,\n 'RecordNotFound',\n )\n }\n return {\n encoding: 'application/json' as const,\n body: {\n uri,\n cid: record.cid,\n value: record.value,\n },\n }\n }\n\n if (!ctx.cfg.bskyAppView) {\n throw new InvalidRequestError(`Could not locate record`)\n }\n\n return pipethrough(ctx, req)\n })\n}\n"]}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
+
import { atUri } from '@atproto/lex';
|
|
1
2
|
import { isLegacyBlobRef, parseCid, } from '@atproto/lex-data';
|
|
2
|
-
import { AtUri } from '@atproto/syntax';
|
|
3
3
|
import { AuthRequiredError, InvalidRequestError, } from '@atproto/xrpc-server';
|
|
4
4
|
import { app, com } from '../../../../lexicons/index.js';
|
|
5
5
|
import { dbLogger } from '../../../../logger.js';
|
|
@@ -56,7 +56,7 @@ export default function (server, ctx) {
|
|
|
56
56
|
collection,
|
|
57
57
|
});
|
|
58
58
|
}
|
|
59
|
-
const uri =
|
|
59
|
+
const uri = atUri(did, collection, rkey);
|
|
60
60
|
const swapCommitCid = swapCommit ? parseCid(swapCommit) : undefined;
|
|
61
61
|
const swapRecordCid = typeof swapRecord === 'string' ? parseCid(swapRecord) : swapRecord;
|
|
62
62
|
const { commit, write } = await ctx.actorStore.transact(did, async (actorTxn) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"putRecord.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/repo/putRecord.ts"],"names":[],"mappings":"AAAA,OAAO,EAIL,eAAe,EACf,QAAQ,GACT,MAAM,mBAAmB,CAAA;AAC1B,OAAO,EAAE,KAAK,EAAE,MAAM,iBAAiB,CAAA;AACvC,OAAO,EACL,iBAAiB,EACjB,mBAAmB,GAEpB,MAAM,sBAAsB,CAAA;AAG7B,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AACxD,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAA;AAChD,OAAO,EACL,kBAAkB,EAClB,kBAAkB,EAClB,kBAAkB,EAGlB,aAAa,EACb,aAAa,GACd,MAAM,2BAA2B,CAAA;AAElC,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE;QACrC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,wEAAwE;YACxE,uEAAuE;YACvE,0EAA0E;YAC1E,yEAAyE;YACzE,uEAAuE;YACvE,6CAA6C;YAE7C,uBAAuB;YACvB,0BAA0B;YAC1B,SAAS,EAAE,GAAG,EAAE;gBACd,2DAA2D;YAC7D,CAAC;SACF,CAAC;QACF,SAAS,EAAE;YACT;gBACE,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG;gBAC3C,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;aACpB;YACD;gBACE,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG;gBAC3C,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;aACpB;SACF;QACD,IAAI,EAAE;YACJ,SAAS,EAAE,SAAS;SACrB;QACD,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE;YACjC,MAAM,EACJ,IAAI,EACJ,UAAU,EACV,IAAI,EACJ,MAAM,EACN,QAAQ,EACR,UAAU,EACV,UAAU,GACX,GAAG,KAAK,CAAC,IAAI,CAAA;YAEd,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,YAAY,CAAC,WAAW,CAAC,IAAI,EAAE;gBACvD,gBAAgB,EAAE,IAAI;gBACtB,aAAa,EAAE,IAAI;aACpB,CAAC,CAAA;YAEF,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAA;YACvB,IAAI,GAAG,KAAK,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,CAAC;gBACjC,MAAM,IAAI,iBAAiB,EAAE,CAAA;YAC/B,CAAC;YAED,yEAAyE;YACzE,sCAAsC;YACtC,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;gBACtC,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,UAAU,CAAC;oBACtC,MAAM,EAAE,QAAQ;oBAChB,UAAU;iBACX,CAAC,CAAA;gBACF,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,UAAU,CAAC;oBACtC,MAAM,EAAE,QAAQ;oBAChB,UAAU;iBACX,CAAC,CAAA;YACJ,CAAC;YAED,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;YAC7C,MAAM,aAAa,GAAG,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACnE,MAAM,aAAa,GACjB,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAA;YAEpE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,QAAQ,CACrD,GAAG,EACH,KAAK,EAAE,QAAQ,EAAE,EAAE;gBACjB,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC,CAAA;gBAChE,MAAM,QAAQ,GAAG,OAAO,KAAK,IAAI,CAAA;gBAEjC,+FAA+F;gBAC/F,IAAI,QAAQ,IAAI,UAAU,KAAK,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;oBAC5D,MAAM,0BAA0B,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;gBACpD,CAAC;gBAED,MAAM,SAAS,GAAG;oBAChB,GAAG;oBACH,UAAU;oBACV,IAAI;oBACJ,MAAM;oBACN,OAAO,EAAE,aAAa;oBACtB,QAAQ;iBACT,CAAA;gBAED,IAAI,KAAsC,CAAA;gBAC1C,IAAI,CAAC;oBACH,KAAK,GAAG,QAAQ;wBACd,CAAC,CAAC,MAAM,aAAa,CAAC,SAAS,CAAC;wBAChC,CAAC,CAAC,MAAM,aAAa,CAAC,SAAS,CAAC,CAAA;gBACpC,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,IAAI,GAAG,YAAY,kBAAkB,EAAE,CAAC;wBACtC,MAAM,IAAI,mBAAmB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;oBAC5C,CAAC;oBACD,MAAM,GAAG,CAAA;gBACX,CAAC;gBAED,QAAQ;gBACR,IAAI,OAAO,IAAI,OAAO,CAAC,GAAG,KAAK,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,CAAC;oBACpD,OAAO;wBACL,MAAM,EAAE,IAAI;wBACZ,KAAK;qBACN,CAAA;gBACH,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI;qBAC/B,aAAa,CAAC,CAAC,KAAK,CAAC,EAAE,aAAa,CAAC;qBACrC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;oBACb,IACE,GAAG,YAAY,kBAAkB;wBACjC,GAAG,YAAY,kBAAkB,EACjC,CAAC;wBACD,MAAM,IAAI,mBAAmB,CAAC,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;oBAC3D,CAAC;yBAAM,CAAC;wBACN,MAAM,GAAG,CAAA;oBACX,CAAC;gBACH,CAAC,CAAC,CAAA;gBAEJ,MAAM,GAAG,CAAC,SAAS,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;gBAE/C,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAA;YAC1B,CAAC,CACF,CAAA;YAED,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;gBACpB,MAAM,GAAG,CAAC,cAAc;qBACrB,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC;qBAC3C,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;oBACb,QAAQ,CAAC,KAAK,CACZ,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,EAC9C,+BAA+B,CAChC,CAAA;gBACH,CAAC,CAAC,CAAA;YACN,CAAC;YAED,OAAO;gBACL,QAAQ,EAAE,kBAAkB;gBAC5B,IAAI,EAAE;oBACJ,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE;oBACzB,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE;oBACzB,MAAM,EAAE,MAAM;wBACZ,CAAC,CAAC;4BACE,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE;4BAC1B,GAAG,EAAE,MAAM,CAAC,GAAG;yBAChB;wBACH,CAAC,CAAC,SAAS;oBACb,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;iBACzC;aACF,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC;AAED,0BAA0B;AAC1B,KAAK,UAAU,0BAA0B,CACvC,UAAgC,EAChC,MAAc;IAEd,IAAI,eAAe,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QACnC,MAAM,CAAC,MAAM,GAAG,MAAM,iBAAiB,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;IACpE,CAAC;IACD,IAAI,eAAe,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QACnC,MAAM,CAAC,MAAM,GAAG,MAAM,iBAAiB,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;IACpE,CAAC;AACH,CAAC;AAED,KAAK,UAAU,iBAAiB,CAC9B,UAAgC,EAChC,UAAyB;IAEzB,MAAM,GAAG,GAAG,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;IACpC,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,CAAA;IAC5D,OAAO;QACL,KAAK,EAAE,MAAM;QACb,QAAQ,EAAE,UAAU,CAAC,QAAQ;QAC7B,GAAG;QACH,IAAI,EAAE,IAAI,CAAC,IAAI;KAChB,CAAA;AACH,CAAC","sourcesContent":["import {\n LegacyBlobRef,\n LexMap,\n TypedBlobRef,\n isLegacyBlobRef,\n parseCid,\n} from '@atproto/lex-data'\nimport { AtUri } from '@atproto/syntax'\nimport {\n AuthRequiredError,\n InvalidRequestError,\n Server,\n} from '@atproto/xrpc-server'\nimport { ActorStoreTransactor } from '../../../../actor-store/actor-store-transactor.js'\nimport { AppContext } from '../../../../context.js'\nimport { app, com } from '../../../../lexicons/index.js'\nimport { dbLogger } from '../../../../logger.js'\nimport {\n BadCommitSwapError,\n BadRecordSwapError,\n InvalidRecordError,\n PreparedCreate,\n PreparedUpdate,\n prepareCreate,\n prepareUpdate,\n} from '../../../../repo/index.js'\n\nexport default function (server: Server, ctx: AppContext) {\n server.add(com.atproto.repo.putRecord, {\n auth: ctx.authVerifier.authorization({\n // @NOTE the \"checkTakedown\" and \"checkDeactivated\" checks are typically\n // performed during auth. However, since this method's \"repo\" parameter\n // can be a handle, we will need to fetch the account again to ensure that\n // the handle matches the DID from the request's credentials. In order to\n // avoid fetching the account twice (during auth, and then again in the\n // controller), the checks are disabled here:\n\n // checkTakedown: true,\n // checkDeactivated: true,\n authorize: () => {\n // Performed in the handler as it requires the request body\n },\n }),\n rateLimit: [\n {\n name: 'repo-write-hour',\n calcKey: ({ auth }) => auth.credentials.did,\n calcPoints: () => 2,\n },\n {\n name: 'repo-write-day',\n calcKey: ({ auth }) => auth.credentials.did,\n calcPoints: () => 2,\n },\n ],\n opts: {\n jsonLimit: 1_000_000,\n },\n handler: async ({ auth, input }) => {\n const {\n repo,\n collection,\n rkey,\n record,\n validate,\n swapCommit,\n swapRecord,\n } = input.body\n\n const account = await ctx.authVerifier.findAccount(repo, {\n checkDeactivated: true,\n checkTakedown: true,\n })\n\n const did = account.did\n if (did !== auth.credentials.did) {\n throw new AuthRequiredError()\n }\n\n // We can't compute permissions based on the request payload (\"input\") in\n // the 'auth' phase, so we do it here.\n if (auth.credentials.type === 'oauth') {\n auth.credentials.permissions.assertRepo({\n action: 'create',\n collection,\n })\n auth.credentials.permissions.assertRepo({\n action: 'update',\n collection,\n })\n }\n\n const uri = AtUri.make(did, collection, rkey)\n const swapCommitCid = swapCommit ? parseCid(swapCommit) : undefined\n const swapRecordCid =\n typeof swapRecord === 'string' ? parseCid(swapRecord) : swapRecord\n\n const { commit, write } = await ctx.actorStore.transact(\n did,\n async (actorTxn) => {\n const current = await actorTxn.record.getRecord(uri, null, true)\n const isUpdate = current !== null\n\n // @TODO temporaray hack for legacy blob refs in profiles - remove after migrating legacy blobs\n if (isUpdate && collection === app.bsky.actor.profile.$type) {\n await updateProfileLegacyBlobRef(actorTxn, record)\n }\n\n const writeInfo = {\n did,\n collection,\n rkey,\n record,\n swapCid: swapRecordCid,\n validate,\n }\n\n let write: PreparedCreate | PreparedUpdate\n try {\n write = isUpdate\n ? await prepareUpdate(writeInfo)\n : await prepareCreate(writeInfo)\n } catch (err) {\n if (err instanceof InvalidRecordError) {\n throw new InvalidRequestError(err.message)\n }\n throw err\n }\n\n // no-op\n if (current && current.cid === write.cid.toString()) {\n return {\n commit: null,\n write,\n }\n }\n\n const commit = await actorTxn.repo\n .processWrites([write], swapCommitCid)\n .catch((err) => {\n if (\n err instanceof BadCommitSwapError ||\n err instanceof BadRecordSwapError\n ) {\n throw new InvalidRequestError(err.message, 'InvalidSwap')\n } else {\n throw err\n }\n })\n\n await ctx.sequencer.sequenceCommit(did, commit)\n\n return { commit, write }\n },\n )\n\n if (commit !== null) {\n await ctx.accountManager\n .updateRepoRoot(did, commit.cid, commit.rev)\n .catch((err) => {\n dbLogger.error(\n { err, did, cid: commit.cid, rev: commit.rev },\n 'failed to update account root',\n )\n })\n }\n\n return {\n encoding: 'application/json',\n body: {\n uri: write.uri.toString(),\n cid: write.cid.toString(),\n commit: commit\n ? {\n cid: commit.cid.toString(),\n rev: commit.rev,\n }\n : undefined,\n validationStatus: write.validationStatus,\n },\n }\n },\n })\n}\n\n// WARNING: mutates object\nasync function updateProfileLegacyBlobRef(\n actorStore: ActorStoreTransactor,\n record: LexMap,\n): Promise<void> {\n if (isLegacyBlobRef(record.avatar)) {\n record.avatar = await upgradeLegacyBlob(actorStore, record.avatar)\n }\n if (isLegacyBlobRef(record.banner)) {\n record.banner = await upgradeLegacyBlob(actorStore, record.banner)\n }\n}\n\nasync function upgradeLegacyBlob(\n actorStore: ActorStoreTransactor,\n legacyBlob: LegacyBlobRef,\n): Promise<TypedBlobRef> {\n const ref = parseCid(legacyBlob.cid)\n const blob = await actorStore.repo.blob.getBlobMetadata(ref)\n return {\n $type: 'blob',\n mimeType: legacyBlob.mimeType,\n ref,\n size: blob.size,\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"putRecord.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/repo/putRecord.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,cAAc,CAAA;AACpC,OAAO,EAIL,eAAe,EACf,QAAQ,GACT,MAAM,mBAAmB,CAAA;AAC1B,OAAO,EACL,iBAAiB,EACjB,mBAAmB,GAEpB,MAAM,sBAAsB,CAAA;AAG7B,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AACxD,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAA;AAChD,OAAO,EACL,kBAAkB,EAClB,kBAAkB,EAClB,kBAAkB,EAGlB,aAAa,EACb,aAAa,GACd,MAAM,2BAA2B,CAAA;AAElC,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE;QACrC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,wEAAwE;YACxE,uEAAuE;YACvE,0EAA0E;YAC1E,yEAAyE;YACzE,uEAAuE;YACvE,6CAA6C;YAE7C,uBAAuB;YACvB,0BAA0B;YAC1B,SAAS,EAAE,GAAG,EAAE;gBACd,2DAA2D;YAC7D,CAAC;SACF,CAAC;QACF,SAAS,EAAE;YACT;gBACE,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG;gBAC3C,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;aACpB;YACD;gBACE,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG;gBAC3C,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;aACpB;SACF;QACD,IAAI,EAAE;YACJ,SAAS,EAAE,SAAS;SACrB;QACD,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE;YACjC,MAAM,EACJ,IAAI,EACJ,UAAU,EACV,IAAI,EACJ,MAAM,EACN,QAAQ,EACR,UAAU,EACV,UAAU,GACX,GAAG,KAAK,CAAC,IAAI,CAAA;YAEd,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,YAAY,CAAC,WAAW,CAAC,IAAI,EAAE;gBACvD,gBAAgB,EAAE,IAAI;gBACtB,aAAa,EAAE,IAAI;aACpB,CAAC,CAAA;YAEF,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAA;YACvB,IAAI,GAAG,KAAK,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,CAAC;gBACjC,MAAM,IAAI,iBAAiB,EAAE,CAAA;YAC/B,CAAC;YAED,yEAAyE;YACzE,sCAAsC;YACtC,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;gBACtC,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,UAAU,CAAC;oBACtC,MAAM,EAAE,QAAQ;oBAChB,UAAU;iBACX,CAAC,CAAA;gBACF,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,UAAU,CAAC;oBACtC,MAAM,EAAE,QAAQ;oBAChB,UAAU;iBACX,CAAC,CAAA;YACJ,CAAC;YAED,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;YACxC,MAAM,aAAa,GAAG,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACnE,MAAM,aAAa,GACjB,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAA;YAEpE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,QAAQ,CACrD,GAAG,EACH,KAAK,EAAE,QAAQ,EAAE,EAAE;gBACjB,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC,CAAA;gBAChE,MAAM,QAAQ,GAAG,OAAO,KAAK,IAAI,CAAA;gBAEjC,+FAA+F;gBAC/F,IAAI,QAAQ,IAAI,UAAU,KAAK,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;oBAC5D,MAAM,0BAA0B,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;gBACpD,CAAC;gBAED,MAAM,SAAS,GAAG;oBAChB,GAAG;oBACH,UAAU;oBACV,IAAI;oBACJ,MAAM;oBACN,OAAO,EAAE,aAAa;oBACtB,QAAQ;iBACT,CAAA;gBAED,IAAI,KAAsC,CAAA;gBAC1C,IAAI,CAAC;oBACH,KAAK,GAAG,QAAQ;wBACd,CAAC,CAAC,MAAM,aAAa,CAAC,SAAS,CAAC;wBAChC,CAAC,CAAC,MAAM,aAAa,CAAC,SAAS,CAAC,CAAA;gBACpC,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,IAAI,GAAG,YAAY,kBAAkB,EAAE,CAAC;wBACtC,MAAM,IAAI,mBAAmB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;oBAC5C,CAAC;oBACD,MAAM,GAAG,CAAA;gBACX,CAAC;gBAED,QAAQ;gBACR,IAAI,OAAO,IAAI,OAAO,CAAC,GAAG,KAAK,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,CAAC;oBACpD,OAAO;wBACL,MAAM,EAAE,IAAI;wBACZ,KAAK;qBACN,CAAA;gBACH,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI;qBAC/B,aAAa,CAAC,CAAC,KAAK,CAAC,EAAE,aAAa,CAAC;qBACrC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;oBACb,IACE,GAAG,YAAY,kBAAkB;wBACjC,GAAG,YAAY,kBAAkB,EACjC,CAAC;wBACD,MAAM,IAAI,mBAAmB,CAAC,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;oBAC3D,CAAC;yBAAM,CAAC;wBACN,MAAM,GAAG,CAAA;oBACX,CAAC;gBACH,CAAC,CAAC,CAAA;gBAEJ,MAAM,GAAG,CAAC,SAAS,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;gBAE/C,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAA;YAC1B,CAAC,CACF,CAAA;YAED,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;gBACpB,MAAM,GAAG,CAAC,cAAc;qBACrB,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC;qBAC3C,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;oBACb,QAAQ,CAAC,KAAK,CACZ,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,EAC9C,+BAA+B,CAChC,CAAA;gBACH,CAAC,CAAC,CAAA;YACN,CAAC;YAED,OAAO;gBACL,QAAQ,EAAE,kBAAkB;gBAC5B,IAAI,EAAE;oBACJ,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE;oBACzB,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE;oBACzB,MAAM,EAAE,MAAM;wBACZ,CAAC,CAAC;4BACE,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE;4BAC1B,GAAG,EAAE,MAAM,CAAC,GAAG;yBAChB;wBACH,CAAC,CAAC,SAAS;oBACb,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;iBACzC;aACF,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC;AAED,0BAA0B;AAC1B,KAAK,UAAU,0BAA0B,CACvC,UAAgC,EAChC,MAAc;IAEd,IAAI,eAAe,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QACnC,MAAM,CAAC,MAAM,GAAG,MAAM,iBAAiB,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;IACpE,CAAC;IACD,IAAI,eAAe,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QACnC,MAAM,CAAC,MAAM,GAAG,MAAM,iBAAiB,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;IACpE,CAAC;AACH,CAAC;AAED,KAAK,UAAU,iBAAiB,CAC9B,UAAgC,EAChC,UAAyB;IAEzB,MAAM,GAAG,GAAG,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;IACpC,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,CAAA;IAC5D,OAAO;QACL,KAAK,EAAE,MAAM;QACb,QAAQ,EAAE,UAAU,CAAC,QAAQ;QAC7B,GAAG;QACH,IAAI,EAAE,IAAI,CAAC,IAAI;KAChB,CAAA;AACH,CAAC","sourcesContent":["import { atUri } from '@atproto/lex'\nimport {\n LegacyBlobRef,\n LexMap,\n TypedBlobRef,\n isLegacyBlobRef,\n parseCid,\n} from '@atproto/lex-data'\nimport {\n AuthRequiredError,\n InvalidRequestError,\n Server,\n} from '@atproto/xrpc-server'\nimport { ActorStoreTransactor } from '../../../../actor-store/actor-store-transactor.js'\nimport { AppContext } from '../../../../context.js'\nimport { app, com } from '../../../../lexicons/index.js'\nimport { dbLogger } from '../../../../logger.js'\nimport {\n BadCommitSwapError,\n BadRecordSwapError,\n InvalidRecordError,\n PreparedCreate,\n PreparedUpdate,\n prepareCreate,\n prepareUpdate,\n} from '../../../../repo/index.js'\n\nexport default function (server: Server, ctx: AppContext) {\n server.add(com.atproto.repo.putRecord, {\n auth: ctx.authVerifier.authorization({\n // @NOTE the \"checkTakedown\" and \"checkDeactivated\" checks are typically\n // performed during auth. However, since this method's \"repo\" parameter\n // can be a handle, we will need to fetch the account again to ensure that\n // the handle matches the DID from the request's credentials. In order to\n // avoid fetching the account twice (during auth, and then again in the\n // controller), the checks are disabled here:\n\n // checkTakedown: true,\n // checkDeactivated: true,\n authorize: () => {\n // Performed in the handler as it requires the request body\n },\n }),\n rateLimit: [\n {\n name: 'repo-write-hour',\n calcKey: ({ auth }) => auth.credentials.did,\n calcPoints: () => 2,\n },\n {\n name: 'repo-write-day',\n calcKey: ({ auth }) => auth.credentials.did,\n calcPoints: () => 2,\n },\n ],\n opts: {\n jsonLimit: 1_000_000,\n },\n handler: async ({ auth, input }) => {\n const {\n repo,\n collection,\n rkey,\n record,\n validate,\n swapCommit,\n swapRecord,\n } = input.body\n\n const account = await ctx.authVerifier.findAccount(repo, {\n checkDeactivated: true,\n checkTakedown: true,\n })\n\n const did = account.did\n if (did !== auth.credentials.did) {\n throw new AuthRequiredError()\n }\n\n // We can't compute permissions based on the request payload (\"input\") in\n // the 'auth' phase, so we do it here.\n if (auth.credentials.type === 'oauth') {\n auth.credentials.permissions.assertRepo({\n action: 'create',\n collection,\n })\n auth.credentials.permissions.assertRepo({\n action: 'update',\n collection,\n })\n }\n\n const uri = atUri(did, collection, rkey)\n const swapCommitCid = swapCommit ? parseCid(swapCommit) : undefined\n const swapRecordCid =\n typeof swapRecord === 'string' ? parseCid(swapRecord) : swapRecord\n\n const { commit, write } = await ctx.actorStore.transact(\n did,\n async (actorTxn) => {\n const current = await actorTxn.record.getRecord(uri, null, true)\n const isUpdate = current !== null\n\n // @TODO temporaray hack for legacy blob refs in profiles - remove after migrating legacy blobs\n if (isUpdate && collection === app.bsky.actor.profile.$type) {\n await updateProfileLegacyBlobRef(actorTxn, record)\n }\n\n const writeInfo = {\n did,\n collection,\n rkey,\n record,\n swapCid: swapRecordCid,\n validate,\n }\n\n let write: PreparedCreate | PreparedUpdate\n try {\n write = isUpdate\n ? await prepareUpdate(writeInfo)\n : await prepareCreate(writeInfo)\n } catch (err) {\n if (err instanceof InvalidRecordError) {\n throw new InvalidRequestError(err.message)\n }\n throw err\n }\n\n // no-op\n if (current && current.cid === write.cid.toString()) {\n return {\n commit: null,\n write,\n }\n }\n\n const commit = await actorTxn.repo\n .processWrites([write], swapCommitCid)\n .catch((err) => {\n if (\n err instanceof BadCommitSwapError ||\n err instanceof BadRecordSwapError\n ) {\n throw new InvalidRequestError(err.message, 'InvalidSwap')\n } else {\n throw err\n }\n })\n\n await ctx.sequencer.sequenceCommit(did, commit)\n\n return { commit, write }\n },\n )\n\n if (commit !== null) {\n await ctx.accountManager\n .updateRepoRoot(did, commit.cid, commit.rev)\n .catch((err) => {\n dbLogger.error(\n { err, did, cid: commit.cid, rev: commit.rev },\n 'failed to update account root',\n )\n })\n }\n\n return {\n encoding: 'application/json',\n body: {\n uri: write.uri.toString(),\n cid: write.cid.toString(),\n commit: commit\n ? {\n cid: commit.cid.toString(),\n rev: commit.rev,\n }\n : undefined,\n validationStatus: write.validationStatus,\n },\n }\n },\n })\n}\n\n// WARNING: mutates object\nasync function updateProfileLegacyBlobRef(\n actorStore: ActorStoreTransactor,\n record: LexMap,\n): Promise<void> {\n if (isLegacyBlobRef(record.avatar)) {\n record.avatar = await upgradeLegacyBlob(actorStore, record.avatar)\n }\n if (isLegacyBlobRef(record.banner)) {\n record.banner = await upgradeLegacyBlob(actorStore, record.banner)\n }\n}\n\nasync function upgradeLegacyBlob(\n actorStore: ActorStoreTransactor,\n legacyBlob: LegacyBlobRef,\n): Promise<TypedBlobRef> {\n const ref = parseCid(legacyBlob.cid)\n const blob = await actorStore.repo.blob.getBlobMetadata(ref)\n return {\n $type: 'blob',\n mimeType: legacyBlob.mimeType,\n ref,\n size: blob.size,\n }\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getServiceAuth.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getServiceAuth.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"getServiceAuth.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getServiceAuth.ts"],"names":[],"mappings":"AAGA,OAAO,EAEL,MAAM,EAEP,MAAM,sBAAsB,CAAA;AAM7B,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AAOnD,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QA0FvD"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { HOUR, MINUTE } from '@atproto/common';
|
|
2
|
+
import { isAtprotoDid, isAtprotoDidRefAbsolute } from '@atproto/did';
|
|
2
3
|
import { InvalidRequestError, createServiceJwt, } from '@atproto/xrpc-server';
|
|
3
4
|
import { AuthScope, isAccessPrivileged, isTakendown, } from '../../../../auth-scope.js';
|
|
4
5
|
import { com } from '../../../../lexicons/index.js';
|
|
@@ -16,6 +17,9 @@ export default function (server, ctx) {
|
|
|
16
17
|
const did = auth.credentials.did;
|
|
17
18
|
// @NOTE "exp" is expressed in seconds since epoch, not milliseconds
|
|
18
19
|
const { aud, exp, lxm = null } = params;
|
|
20
|
+
if (!isAtprotoDid(aud) && !isAtprotoDidRefAbsolute(aud)) {
|
|
21
|
+
throw new InvalidRequestError('aud must be a valid atproto DID or did#serviceId reference');
|
|
22
|
+
}
|
|
19
23
|
// Takendown accounts should not be able to generate service auth tokens except for methods necessary for account migration
|
|
20
24
|
if (auth.credentials.type === 'access') {
|
|
21
25
|
// @NOTE We should probably use "ForbiddenError" here. Using
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getServiceAuth.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getServiceAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;
|
|
1
|
+
{"version":3,"file":"getServiceAuth.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getServiceAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAC9C,OAAO,EAAE,YAAY,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAA;AAEpE,OAAO,EACL,mBAAmB,EAEnB,gBAAgB,GACjB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EACL,SAAS,EACT,kBAAkB,EAClB,WAAW,GACZ,MAAM,2BAA2B,CAAA;AAElC,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AACnD,OAAO,EACL,kBAAkB,EAClB,iBAAiB,GAClB,MAAM,4BAA4B,CAAA;AAEnC,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,EAAE;QAC5C,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAElC;YACA,UAAU,EAAE,CAAC,SAAS,CAAC,SAAS,CAAC;YACjC,SAAS,EAAE,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;gBACrC,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,MAAM,CAAA;gBACjC,WAAW,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAA;YACrC,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE;YAClC,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAA;YAEhC,oEAAoE;YACpE,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,GAAG,IAAI,EAAE,GAAG,MAAM,CAAA;YAEvC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,EAAE,CAAC;gBACxD,MAAM,IAAI,mBAAmB,CAC3B,4DAA4D,CAC7D,CAAA;YACH,CAAC;YAED,2HAA2H;YAC3H,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvC,4DAA4D;gBAC5D,4CAA4C;gBAC5C,IACE,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC;oBACnC,GAAG,KAAK,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,EAC7C,CAAC;oBACD,MAAM,IAAI,mBAAmB,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAA;gBAClE,CAAC;gBAED,qEAAqE;gBACrE,mCAAmC;gBACnC,IACE,GAAG,IAAI,IAAI;oBACX,kBAAkB,CAAC,GAAG,CAAC,GAAG,CAAC;oBAC3B,CAAC,kBAAkB,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,EAC3C,CAAC;oBACD,MAAM,IAAI,mBAAmB,CAC3B,iFAAiF,GAAG,EAAE,CACvF,CAAA;gBACH,CAAC;YACH,CAAC;YAED,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,IAAI,GAAG,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;gBACpC,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC;oBACb,MAAM,IAAI,mBAAmB,CAC3B,uBAAuB,EACvB,eAAe,CAChB,CAAA;gBACH,CAAC;qBAAM,IAAI,IAAI,GAAG,IAAI,EAAE,CAAC;oBACvB,MAAM,IAAI,mBAAmB,CAC3B,2EAA2E,EAC3E,eAAe,CAChB,CAAA;gBACH,CAAC;qBAAM,IAAI,CAAC,GAAG,IAAI,IAAI,GAAG,MAAM,EAAE,CAAC;oBACjC,MAAM,IAAI,mBAAmB,CAC3B,wFAAwF,EACxF,eAAe,CAChB,CAAA;gBACH,CAAC;YACH,CAAC;YAED,IAAI,GAAG,IAAI,iBAAiB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBACtC,MAAM,IAAI,mBAAmB,CAC3B,2EAA2E,GAAG,EAAE,CACjF,CAAA;YACH,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YAEjD,MAAM,KAAK,GAAG,MAAM,gBAAgB,CAAC;gBACnC,GAAG,EAAE,GAAG;gBACR,GAAG;gBACH,GAAG;gBACH,GAAG;gBACH,OAAO;aACR,CAAC,CAAA;YACF,OAAO;gBACL,QAAQ,EAAE,kBAA2B;gBACrC,IAAI,EAAE;oBACJ,KAAK;iBACN;aACF,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { HOUR, MINUTE } from '@atproto/common'\nimport { isAtprotoDid, isAtprotoDidRefAbsolute } from '@atproto/did'\nimport { l } from '@atproto/lex'\nimport {\n InvalidRequestError,\n Server,\n createServiceJwt,\n} from '@atproto/xrpc-server'\nimport {\n AuthScope,\n isAccessPrivileged,\n isTakendown,\n} from '../../../../auth-scope.js'\nimport { AppContext } from '../../../../context.js'\nimport { com } from '../../../../lexicons/index.js'\nimport {\n PRIVILEGED_METHODS,\n PROTECTED_METHODS,\n} from '../../../../pipethrough.js'\n\nexport default function (server: Server, ctx: AppContext) {\n server.add(com.atproto.server.getServiceAuth, {\n auth: ctx.authVerifier.authorization<\n l.InferMethodParams<typeof com.atproto.server.getServiceAuth.main>\n >({\n additional: [AuthScope.Takendown],\n authorize: (permissions, { params }) => {\n const { aud, lxm = '*' } = params\n permissions.assertRpc({ aud, lxm })\n },\n }),\n handler: async ({ params, auth }) => {\n const did = auth.credentials.did\n\n // @NOTE \"exp\" is expressed in seconds since epoch, not milliseconds\n const { aud, exp, lxm = null } = params\n\n if (!isAtprotoDid(aud) && !isAtprotoDidRefAbsolute(aud)) {\n throw new InvalidRequestError(\n 'aud must be a valid atproto DID or did#serviceId reference',\n )\n }\n\n // Takendown accounts should not be able to generate service auth tokens except for methods necessary for account migration\n if (auth.credentials.type === 'access') {\n // @NOTE We should probably use \"ForbiddenError\" here. Using\n // \"InvalidRequestError\" for legacy reasons.\n if (\n isTakendown(auth.credentials.scope) &&\n lxm !== com.atproto.server.createAccount.$lxm\n ) {\n throw new InvalidRequestError('Bad token scope', 'InvalidToken')\n }\n\n // @NOTE \"oauth\" based credentials already checked through permission\n // set in \"authorize\" method above.\n if (\n lxm != null &&\n PRIVILEGED_METHODS.has(lxm) &&\n !isAccessPrivileged(auth.credentials.scope)\n ) {\n throw new InvalidRequestError(\n `insufficient access to request a service auth token for the following method: ${lxm}`,\n )\n }\n }\n\n if (exp) {\n const diff = exp * 1000 - Date.now()\n if (diff < 0) {\n throw new InvalidRequestError(\n 'expiration is in past',\n 'BadExpiration',\n )\n } else if (diff > HOUR) {\n throw new InvalidRequestError(\n 'cannot request a token with an expiration more than an hour in the future',\n 'BadExpiration',\n )\n } else if (!lxm && diff > MINUTE) {\n throw new InvalidRequestError(\n 'cannot request a method-less token with an expiration more than a minute in the future',\n 'BadExpiration',\n )\n }\n }\n\n if (lxm && PROTECTED_METHODS.has(lxm)) {\n throw new InvalidRequestError(\n `cannot request a service auth token for the following protected method: ${lxm}`,\n )\n }\n\n const keypair = await ctx.actorStore.keypair(did)\n\n const token = await createServiceJwt({\n iss: did,\n aud,\n exp,\n lxm,\n keypair,\n })\n return {\n encoding: 'application/json' as const,\n body: {\n token,\n },\n }\n },\n })\n}\n"]}
|
package/dist/config/config.d.ts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
|
-
import { BrandingInput, HcaptchaConfig } from '@atproto/oauth-provider';
|
|
1
|
+
import { BrandingInput as BrandingConfig, HcaptchaConfig } from '@atproto/oauth-provider';
|
|
2
2
|
import { ServerEnvironment } from './env.js';
|
|
3
|
+
export type { BrandingConfig };
|
|
3
4
|
export declare const envToCfg: (env: ServerEnvironment) => ServerConfig;
|
|
4
5
|
export type ServerConfig = {
|
|
5
6
|
service: ServiceConfig;
|
|
@@ -20,6 +21,7 @@ export type ServerConfig = {
|
|
|
20
21
|
crawlers: string[];
|
|
21
22
|
fetch: FetchConfig;
|
|
22
23
|
proxy: ProxyConfig;
|
|
24
|
+
branding: BrandingConfig;
|
|
23
25
|
oauth: OAuthConfig;
|
|
24
26
|
lexicon: LexiconResolverConfig;
|
|
25
27
|
};
|
|
@@ -105,7 +107,7 @@ export type OAuthConfig = {
|
|
|
105
107
|
issuer: string;
|
|
106
108
|
provider?: {
|
|
107
109
|
hcaptcha?: HcaptchaConfig;
|
|
108
|
-
branding:
|
|
110
|
+
branding: BrandingConfig;
|
|
109
111
|
trustedClients?: string[];
|
|
110
112
|
};
|
|
111
113
|
};
|
|
@@ -122,6 +124,7 @@ export type InvitesConfig = {
|
|
|
122
124
|
export type EmailConfig = {
|
|
123
125
|
smtpUrl: string;
|
|
124
126
|
fromAddress: string;
|
|
127
|
+
disableConfirmationLink: boolean;
|
|
125
128
|
};
|
|
126
129
|
export type SubscriptionConfig = {
|
|
127
130
|
maxBuffer: number;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/config/config.ts"],"names":[],"mappings":"AAGA,OAAO,
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/config/config.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,aAAa,IAAI,cAAc,EAC/B,cAAc,EACf,MAAM,yBAAyB,CAAA;AAEhC,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAA;AAE5C,YAAY,EAAE,cAAc,EAAE,CAAA;AAK9B,eAAO,MAAM,QAAQ,GAAI,KAAK,iBAAiB,KAAG,YAqWjD,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,OAAO,EAAE,aAAa,CAAA;IACtB,EAAE,EAAE,cAAc,CAAA;IAClB,UAAU,EAAE,gBAAgB,CAAA;IAC5B,SAAS,EAAE,iBAAiB,GAAG,mBAAmB,CAAA;IAClD,QAAQ,EAAE,cAAc,CAAA;IACxB,QAAQ,EAAE,cAAc,GAAG,IAAI,CAAA;IAC/B,OAAO,EAAE,aAAa,CAAA;IACtB,KAAK,EAAE,WAAW,GAAG,IAAI,CAAA;IACzB,eAAe,EAAE,WAAW,GAAG,IAAI,CAAA;IACnC,YAAY,EAAE,kBAAkB,CAAA;IAChC,WAAW,EAAE,iBAAiB,GAAG,IAAI,CAAA;IACrC,UAAU,EAAE,gBAAgB,GAAG,IAAI,CAAA;IACnC,aAAa,EAAE,mBAAmB,GAAG,IAAI,CAAA;IACzC,KAAK,EAAE,kBAAkB,GAAG,IAAI,CAAA;IAChC,UAAU,EAAE,gBAAgB,CAAA;IAC5B,QAAQ,EAAE,MAAM,EAAE,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,QAAQ,EAAE,cAAc,CAAA;IACxB,KAAK,EAAE,WAAW,CAAA;IAClB,OAAO,EAAE,qBAAqB,CAAA;CAC/B,CAAA;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;IACjB,GAAG,EAAE,MAAM,CAAA;IACX,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,gBAAgB,EAAE,OAAO,CAAA;IACzB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,eAAe,EAAE,MAAM,CAAA;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,OAAO,EAAE,OAAO,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,YAAY,EAAE,MAAM,CAAA;IACpB,cAAc,EAAE,MAAM,CAAA;IACtB,aAAa,EAAE,MAAM,CAAA;IACrB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IACjB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,QAAQ,EAAE,IAAI,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,WAAW,CAAC,EAAE;QACZ,WAAW,EAAE,MAAM,CAAA;QACnB,eAAe,EAAE,MAAM,CAAA;KACxB,CAAA;CACF,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,MAAM,EAAE,MAAM,CAAA;IACd,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,WAAW,EAAE,MAAM,CAAA;IACnB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;IAC7B,oBAAoB,EAAE,MAAM,EAAE,CAAA;IAC9B,uBAAuB,CAAC,EAAE,MAAM,EAAE,CAAA;IAClC,uBAAuB,EAAE,OAAO,CAAA;CACjC,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,eAAe,EAAE,MAAM,CAAA;IACvB,cAAc,EAAE,MAAM,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,qBAAqB,EAAE,OAAO,CAAA;IAC9B,eAAe,EAAE,MAAM,CAAA;CACxB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,qBAAqB,EAAE,OAAO,CAAA;IAC9B,UAAU,EAAE,OAAO,CAAA;IACnB,cAAc,EAAE,MAAM,CAAA;IACtB,WAAW,EAAE,MAAM,CAAA;IACnB,eAAe,EAAE,MAAM,CAAA;IACvB,UAAU,EAAE,MAAM,CAAA;IAElB;;;;;;OAMG;IACH,gBAAgB,EAAE,OAAO,CAAA;CAC1B,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,CAAC,EAAE;QACT,QAAQ,CAAC,EAAE,cAAc,CAAA;QACzB,QAAQ,EAAE,cAAc,CAAA;QACxB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;KAC1B,CAAA;CACF,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,YAAY,CAAC,EAAE,OAAO,MAAM,IAAI,MAAM,EAAE,CAAA;CACzC,CAAA;AAED,MAAM,MAAM,aAAa,GACrB;IACE,QAAQ,EAAE,IAAI,CAAA;IACd,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,KAAK,EAAE,MAAM,CAAA;CACd,GACD;IACE,QAAQ,EAAE,KAAK,CAAA;CAChB,CAAA;AAEL,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,EAAE,MAAM,CAAA;IACf,WAAW,EAAE,MAAM,CAAA;IACnB,uBAAuB,EAAE,OAAO,CAAA;CACjC,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,SAAS,EAAE,MAAM,CAAA;IACjB,mBAAmB,EAAE,MAAM,CAAA;CAC5B,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,gBAAgB,GACxB;IACE,OAAO,EAAE,IAAI,CAAA;IACb,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;CACrB,GACD;IAAE,OAAO,EAAE,KAAK,CAAA;CAAE,CAAA;AAEtB,MAAM,MAAM,iBAAiB,GAAG;IAC9B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA"}
|
package/dist/config/config.js
CHANGED
|
@@ -132,6 +132,7 @@ export const envToCfg = (env) => {
|
|
|
132
132
|
emailCfg = {
|
|
133
133
|
smtpUrl: env.emailSmtpUrl,
|
|
134
134
|
fromAddress: env.emailFromAddress,
|
|
135
|
+
disableConfirmationLink: env.emailDisableConfirmationLink ?? false,
|
|
135
136
|
};
|
|
136
137
|
}
|
|
137
138
|
let moderationEmailCfg;
|
|
@@ -145,6 +146,7 @@ export const envToCfg = (env) => {
|
|
|
145
146
|
moderationEmailCfg = {
|
|
146
147
|
smtpUrl: env.moderationEmailSmtpUrl,
|
|
147
148
|
fromAddress: env.moderationEmailAddress,
|
|
149
|
+
disableConfirmationLink: false,
|
|
148
150
|
};
|
|
149
151
|
}
|
|
150
152
|
const subscriptionCfg = {
|
|
@@ -209,6 +211,52 @@ export const envToCfg = (env) => {
|
|
|
209
211
|
: 0,
|
|
210
212
|
preferCompressed: env.proxyPreferCompressed ?? false,
|
|
211
213
|
};
|
|
214
|
+
const brandingCfg = {
|
|
215
|
+
name: env.serviceName ?? `${hostname} PDS`,
|
|
216
|
+
logo: env.logoUrl,
|
|
217
|
+
colors: {
|
|
218
|
+
light: env.lightColor,
|
|
219
|
+
dark: env.darkColor,
|
|
220
|
+
contrastSaturation: env.contrastSaturation,
|
|
221
|
+
primary: env.primaryColor,
|
|
222
|
+
primaryContrast: env.primaryColorContrast,
|
|
223
|
+
primaryHue: env.primaryColorHue,
|
|
224
|
+
error: env.errorColor,
|
|
225
|
+
errorContrast: env.errorColorContrast,
|
|
226
|
+
errorHue: env.errorColorHue,
|
|
227
|
+
warning: env.warningColor,
|
|
228
|
+
warningContrast: env.warningColorContrast,
|
|
229
|
+
warningHue: env.warningColorHue,
|
|
230
|
+
info: env.infoColor,
|
|
231
|
+
infoContrast: env.infoColorContrast,
|
|
232
|
+
infoHue: env.infoColorHue,
|
|
233
|
+
success: env.successColor,
|
|
234
|
+
successContrast: env.successColorContrast,
|
|
235
|
+
successHue: env.successColorHue,
|
|
236
|
+
},
|
|
237
|
+
links: [
|
|
238
|
+
{
|
|
239
|
+
title: { en: 'Home', fr: 'Accueil' },
|
|
240
|
+
href: env.homeUrl,
|
|
241
|
+
rel: 'canonical', // Prevents login page from being indexed
|
|
242
|
+
},
|
|
243
|
+
{
|
|
244
|
+
title: { en: 'Terms of Service' },
|
|
245
|
+
href: env.termsOfServiceUrl,
|
|
246
|
+
rel: 'terms-of-service',
|
|
247
|
+
},
|
|
248
|
+
{
|
|
249
|
+
title: { en: 'Privacy Policy' },
|
|
250
|
+
href: env.privacyPolicyUrl,
|
|
251
|
+
rel: 'privacy-policy',
|
|
252
|
+
},
|
|
253
|
+
{
|
|
254
|
+
title: { en: 'Support' },
|
|
255
|
+
href: env.supportUrl,
|
|
256
|
+
rel: 'help',
|
|
257
|
+
},
|
|
258
|
+
].filter((f) => f.href != null && f.href !== ''),
|
|
259
|
+
};
|
|
212
260
|
const oauthCfg = entrywayCfg
|
|
213
261
|
? {
|
|
214
262
|
issuer: entrywayCfg.url,
|
|
@@ -226,52 +274,7 @@ export const envToCfg = (env) => {
|
|
|
226
274
|
tokenSalt: env.hcaptchaTokenSalt,
|
|
227
275
|
}
|
|
228
276
|
: undefined,
|
|
229
|
-
branding:
|
|
230
|
-
name: env.serviceName ?? `${hostname} PDS`,
|
|
231
|
-
logo: env.logoUrl,
|
|
232
|
-
colors: {
|
|
233
|
-
light: env.lightColor,
|
|
234
|
-
dark: env.darkColor,
|
|
235
|
-
contrastSaturation: env.contrastSaturation,
|
|
236
|
-
primary: env.primaryColor,
|
|
237
|
-
primaryContrast: env.primaryColorContrast,
|
|
238
|
-
primaryHue: env.primaryColorHue,
|
|
239
|
-
error: env.errorColor,
|
|
240
|
-
errorContrast: env.errorColorContrast,
|
|
241
|
-
errorHue: env.errorColorHue,
|
|
242
|
-
warning: env.warningColor,
|
|
243
|
-
warningContrast: env.warningColorContrast,
|
|
244
|
-
warningHue: env.warningColorHue,
|
|
245
|
-
info: env.infoColor,
|
|
246
|
-
infoContrast: env.infoColorContrast,
|
|
247
|
-
infoHue: env.infoColorHue,
|
|
248
|
-
success: env.successColor,
|
|
249
|
-
successContrast: env.successColorContrast,
|
|
250
|
-
successHue: env.successColorHue,
|
|
251
|
-
},
|
|
252
|
-
links: [
|
|
253
|
-
{
|
|
254
|
-
title: { en: 'Home', fr: 'Accueil' },
|
|
255
|
-
href: env.homeUrl,
|
|
256
|
-
rel: 'canonical', // Prevents login page from being indexed
|
|
257
|
-
},
|
|
258
|
-
{
|
|
259
|
-
title: { en: 'Terms of Service' },
|
|
260
|
-
href: env.termsOfServiceUrl,
|
|
261
|
-
rel: 'terms-of-service',
|
|
262
|
-
},
|
|
263
|
-
{
|
|
264
|
-
title: { en: 'Privacy Policy' },
|
|
265
|
-
href: env.privacyPolicyUrl,
|
|
266
|
-
rel: 'privacy-policy',
|
|
267
|
-
},
|
|
268
|
-
{
|
|
269
|
-
title: { en: 'Support' },
|
|
270
|
-
href: env.supportUrl,
|
|
271
|
-
rel: 'help',
|
|
272
|
-
},
|
|
273
|
-
].filter((f) => f.href != null && f.href !== ''),
|
|
274
|
-
},
|
|
277
|
+
branding: brandingCfg,
|
|
275
278
|
trustedClients: env.trustedOAuthClients,
|
|
276
279
|
},
|
|
277
280
|
};
|
|
@@ -300,6 +303,7 @@ export const envToCfg = (env) => {
|
|
|
300
303
|
fetch: fetchCfg,
|
|
301
304
|
lexicon: lexiconCfg,
|
|
302
305
|
proxy: proxyCfg,
|
|
306
|
+
branding: brandingCfg,
|
|
303
307
|
oauth: oauthCfg,
|
|
304
308
|
};
|
|
305
309
|
};
|