@atproto/pds 0.5.12 → 0.5.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (326) hide show
  1. package/CHANGELOG.md +53 -0
  2. package/dist/api/app/bsky/notification/index.d.ts.map +1 -1
  3. package/dist/api/app/bsky/notification/index.js +2 -0
  4. package/dist/api/app/bsky/notification/index.js.map +1 -1
  5. package/dist/api/app/bsky/notification/unregisterPush.d.ts +4 -0
  6. package/dist/api/app/bsky/notification/unregisterPush.d.ts.map +1 -0
  7. package/dist/api/app/bsky/notification/unregisterPush.js +48 -0
  8. package/dist/api/app/bsky/notification/unregisterPush.js.map +1 -0
  9. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts +6 -0
  10. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts.map +1 -1
  11. package/dist/lexicons/app/bsky/actor/defs.defs.js +1 -0
  12. package/dist/lexicons/app/bsky/actor/defs.defs.js.map +1 -1
  13. package/package.json +42 -38
  14. package/build.templates.cjs +0 -22
  15. package/example.env +0 -42
  16. package/jest.config.cjs +0 -27
  17. package/src/account-manager/account-manager.ts +0 -916
  18. package/src/account-manager/db/index.ts +0 -21
  19. package/src/account-manager/db/migrations/001-init.ts +0 -115
  20. package/src/account-manager/db/migrations/002-account-deactivation.ts +0 -17
  21. package/src/account-manager/db/migrations/003-privileged-app-passwords.ts +0 -12
  22. package/src/account-manager/db/migrations/004-oauth.ts +0 -122
  23. package/src/account-manager/db/migrations/005-oauth-account-management.ts +0 -136
  24. package/src/account-manager/db/migrations/006-oauth-permission-sets.ts +0 -20
  25. package/src/account-manager/db/migrations/007-lexicon-failures-index.ts +0 -14
  26. package/src/account-manager/db/migrations/index.ts +0 -17
  27. package/src/account-manager/db/schema/account-device.ts +0 -14
  28. package/src/account-manager/db/schema/account.ts +0 -16
  29. package/src/account-manager/db/schema/actor.ts +0 -17
  30. package/src/account-manager/db/schema/app-password.ts +0 -13
  31. package/src/account-manager/db/schema/authorization-request.ts +0 -30
  32. package/src/account-manager/db/schema/authorized-client.ts +0 -23
  33. package/src/account-manager/db/schema/device.ts +0 -18
  34. package/src/account-manager/db/schema/email-token.ts +0 -19
  35. package/src/account-manager/db/schema/index.ts +0 -43
  36. package/src/account-manager/db/schema/invite-code.ts +0 -24
  37. package/src/account-manager/db/schema/lexicon.ts +0 -15
  38. package/src/account-manager/db/schema/refresh-token.ts +0 -11
  39. package/src/account-manager/db/schema/repo-root.ts +0 -12
  40. package/src/account-manager/db/schema/token.ts +0 -38
  41. package/src/account-manager/db/schema/used-refresh-token.ts +0 -13
  42. package/src/account-manager/helpers/account-device.ts +0 -63
  43. package/src/account-manager/helpers/account.ts +0 -355
  44. package/src/account-manager/helpers/auth.ts +0 -222
  45. package/src/account-manager/helpers/authorization-request.ts +0 -90
  46. package/src/account-manager/helpers/authorized-client.ts +0 -75
  47. package/src/account-manager/helpers/device.ts +0 -47
  48. package/src/account-manager/helpers/email-token.ts +0 -87
  49. package/src/account-manager/helpers/invite.ts +0 -263
  50. package/src/account-manager/helpers/lexicon.ts +0 -67
  51. package/src/account-manager/helpers/password.ts +0 -136
  52. package/src/account-manager/helpers/repo.ts +0 -24
  53. package/src/account-manager/helpers/scrypt.ts +0 -53
  54. package/src/account-manager/helpers/token.ts +0 -158
  55. package/src/account-manager/helpers/used-refresh-token.ts +0 -30
  56. package/src/account-manager/oauth-store.ts +0 -880
  57. package/src/account-manager/scope-reference-getter.ts +0 -106
  58. package/src/actor-store/actor-store-reader.ts +0 -45
  59. package/src/actor-store/actor-store-resources.ts +0 -8
  60. package/src/actor-store/actor-store-transactor.ts +0 -31
  61. package/src/actor-store/actor-store-writer.ts +0 -17
  62. package/src/actor-store/actor-store.ts +0 -210
  63. package/src/actor-store/blob/reader.ts +0 -160
  64. package/src/actor-store/blob/transactor.ts +0 -383
  65. package/src/actor-store/db/index.ts +0 -20
  66. package/src/actor-store/db/migrations/001-init.ts +0 -105
  67. package/src/actor-store/db/migrations/index.ts +0 -5
  68. package/src/actor-store/db/schema/account-pref.ts +0 -11
  69. package/src/actor-store/db/schema/backlink.ts +0 -9
  70. package/src/actor-store/db/schema/blob.ts +0 -14
  71. package/src/actor-store/db/schema/index.ts +0 -23
  72. package/src/actor-store/db/schema/record-blob.ts +0 -8
  73. package/src/actor-store/db/schema/record.ts +0 -14
  74. package/src/actor-store/db/schema/repo-block.ts +0 -10
  75. package/src/actor-store/db/schema/repo-root.ts +0 -10
  76. package/src/actor-store/migrate.ts +0 -39
  77. package/src/actor-store/preference/reader.ts +0 -48
  78. package/src/actor-store/preference/transactor.ts +0 -55
  79. package/src/actor-store/preference/util.ts +0 -39
  80. package/src/actor-store/record/reader.ts +0 -374
  81. package/src/actor-store/record/transactor.ts +0 -111
  82. package/src/actor-store/repo/reader.ts +0 -31
  83. package/src/actor-store/repo/sql-repo-reader.ts +0 -150
  84. package/src/actor-store/repo/sql-repo-transactor.ts +0 -105
  85. package/src/actor-store/repo/transactor.ts +0 -227
  86. package/src/api/app/bsky/actor/getPreferences.ts +0 -57
  87. package/src/api/app/bsky/actor/getProfile.ts +0 -41
  88. package/src/api/app/bsky/actor/getProfiles.ts +0 -51
  89. package/src/api/app/bsky/actor/index.ts +0 -13
  90. package/src/api/app/bsky/actor/putPreferences.ts +0 -62
  91. package/src/api/app/bsky/feed/getActorLikes.ts +0 -63
  92. package/src/api/app/bsky/feed/getAuthorFeed.ts +0 -84
  93. package/src/api/app/bsky/feed/getFeed.ts +0 -47
  94. package/src/api/app/bsky/feed/getPostThread.ts +0 -251
  95. package/src/api/app/bsky/feed/getTimeline.ts +0 -50
  96. package/src/api/app/bsky/feed/index.ts +0 -15
  97. package/src/api/app/bsky/index.ts +0 -11
  98. package/src/api/app/bsky/notification/index.ts +0 -7
  99. package/src/api/app/bsky/notification/registerPush.ts +0 -71
  100. package/src/api/app/bsky/util/resolver.ts +0 -20
  101. package/src/api/com/atproto/admin/deleteAccount.ts +0 -22
  102. package/src/api/com/atproto/admin/disableAccountInvites.ts +0 -18
  103. package/src/api/com/atproto/admin/disableInviteCodes.ts +0 -21
  104. package/src/api/com/atproto/admin/enableAccountInvites.ts +0 -18
  105. package/src/api/com/atproto/admin/getAccountInfo.ts +0 -32
  106. package/src/api/com/atproto/admin/getAccountInfos.ts +0 -34
  107. package/src/api/com/atproto/admin/getInviteCodes.ts +0 -126
  108. package/src/api/com/atproto/admin/getSubjectStatus.ts +0 -76
  109. package/src/api/com/atproto/admin/index.ts +0 -31
  110. package/src/api/com/atproto/admin/sendEmail.ts +0 -47
  111. package/src/api/com/atproto/admin/updateAccountEmail.ts +0 -32
  112. package/src/api/com/atproto/admin/updateAccountHandle.ts +0 -47
  113. package/src/api/com/atproto/admin/updateAccountPassword.ts +0 -34
  114. package/src/api/com/atproto/admin/updateSubjectStatus.ts +0 -68
  115. package/src/api/com/atproto/admin/util.ts +0 -66
  116. package/src/api/com/atproto/identity/getRecommendedDidCredentials.ts +0 -50
  117. package/src/api/com/atproto/identity/index.ts +0 -17
  118. package/src/api/com/atproto/identity/requestPlcOperationSignature.ts +0 -59
  119. package/src/api/com/atproto/identity/resolveHandle.ts +0 -50
  120. package/src/api/com/atproto/identity/signPlcOperation.ts +0 -85
  121. package/src/api/com/atproto/identity/submitPlcOperation.ts +0 -65
  122. package/src/api/com/atproto/identity/updateHandle.ts +0 -66
  123. package/src/api/com/atproto/index.ts +0 -19
  124. package/src/api/com/atproto/moderation/createReport.ts +0 -41
  125. package/src/api/com/atproto/moderation/index.ts +0 -7
  126. package/src/api/com/atproto/repo/applyWrites.ts +0 -226
  127. package/src/api/com/atproto/repo/createRecord.ts +0 -143
  128. package/src/api/com/atproto/repo/deleteRecord.ts +0 -122
  129. package/src/api/com/atproto/repo/describeRepo.ts +0 -43
  130. package/src/api/com/atproto/repo/getRecord.ts +0 -40
  131. package/src/api/com/atproto/repo/importRepo.ts +0 -101
  132. package/src/api/com/atproto/repo/index.ts +0 -25
  133. package/src/api/com/atproto/repo/listMissingBlobs.ts +0 -29
  134. package/src/api/com/atproto/repo/listRecords.ts +0 -36
  135. package/src/api/com/atproto/repo/putRecord.ts +0 -211
  136. package/src/api/com/atproto/repo/uploadBlob.ts +0 -60
  137. package/src/api/com/atproto/server/activateAccount.ts +0 -37
  138. package/src/api/com/atproto/server/checkAccountStatus.ts +0 -51
  139. package/src/api/com/atproto/server/confirmEmail.ts +0 -39
  140. package/src/api/com/atproto/server/createAccount.ts +0 -327
  141. package/src/api/com/atproto/server/createAppPassword.ts +0 -53
  142. package/src/api/com/atproto/server/createInviteCode.ts +0 -38
  143. package/src/api/com/atproto/server/createInviteCodes.ts +0 -42
  144. package/src/api/com/atproto/server/createSession.ts +0 -97
  145. package/src/api/com/atproto/server/deactivateAccount.ts +0 -41
  146. package/src/api/com/atproto/server/deleteAccount.ts +0 -85
  147. package/src/api/com/atproto/server/deleteSession.ts +0 -23
  148. package/src/api/com/atproto/server/describeServer.ts +0 -29
  149. package/src/api/com/atproto/server/getAccountInviteCodes.ts +0 -142
  150. package/src/api/com/atproto/server/getServiceAuth.ts +0 -111
  151. package/src/api/com/atproto/server/getSession.ts +0 -80
  152. package/src/api/com/atproto/server/index.ts +0 -55
  153. package/src/api/com/atproto/server/listAppPasswords.ts +0 -45
  154. package/src/api/com/atproto/server/refreshSession.ts +0 -72
  155. package/src/api/com/atproto/server/requestAccountDelete.ts +0 -66
  156. package/src/api/com/atproto/server/requestEmailConfirmation.ts +0 -68
  157. package/src/api/com/atproto/server/requestEmailUpdate.ts +0 -86
  158. package/src/api/com/atproto/server/requestPasswordReset.ts +0 -52
  159. package/src/api/com/atproto/server/reserveSigningKey.ts +0 -15
  160. package/src/api/com/atproto/server/resetPassword.ts +0 -50
  161. package/src/api/com/atproto/server/revokeAppPassword.ts +0 -42
  162. package/src/api/com/atproto/server/updateEmail.ts +0 -52
  163. package/src/api/com/atproto/server/util.ts +0 -136
  164. package/src/api/com/atproto/sync/deprecated/getCheckout.ts +0 -27
  165. package/src/api/com/atproto/sync/deprecated/getHead.ts +0 -33
  166. package/src/api/com/atproto/sync/getBlob.ts +0 -61
  167. package/src/api/com/atproto/sync/getBlocks.ts +0 -37
  168. package/src/api/com/atproto/sync/getLatestCommit.ts +0 -33
  169. package/src/api/com/atproto/sync/getRecord.ts +0 -49
  170. package/src/api/com/atproto/sync/getRepo.ts +0 -75
  171. package/src/api/com/atproto/sync/getRepoStatus.ts +0 -34
  172. package/src/api/com/atproto/sync/index.ts +0 -27
  173. package/src/api/com/atproto/sync/listBlobs.ts +0 -33
  174. package/src/api/com/atproto/sync/listRepos.ts +0 -74
  175. package/src/api/com/atproto/sync/subscribeRepos.ts +0 -73
  176. package/src/api/com/atproto/sync/util.ts +0 -37
  177. package/src/api/com/atproto/temp/checkSignupQueue.ts +0 -34
  178. package/src/api/com/atproto/temp/index.ts +0 -7
  179. package/src/api/index.ts +0 -10
  180. package/src/api/proxy.ts +0 -44
  181. package/src/app-view.ts +0 -24
  182. package/src/auth-output.ts +0 -52
  183. package/src/auth-routes.ts +0 -64
  184. package/src/auth-scope.ts +0 -40
  185. package/src/auth-verifier.ts +0 -668
  186. package/src/background.ts +0 -65
  187. package/src/basic-routes.ts +0 -52
  188. package/src/bsky-app-view.ts +0 -33
  189. package/src/config/config.ts +0 -553
  190. package/src/config/env.ts +0 -167
  191. package/src/config/index.ts +0 -3
  192. package/src/config/secrets.ts +0 -54
  193. package/src/context.ts +0 -523
  194. package/src/crawlers.ts +0 -46
  195. package/src/db/cast.ts +0 -52
  196. package/src/db/db.ts +0 -140
  197. package/src/db/index.ts +0 -4
  198. package/src/db/migrator.ts +0 -40
  199. package/src/db/pagination.ts +0 -132
  200. package/src/db/tables/moderation.ts +0 -80
  201. package/src/db/util.ts +0 -108
  202. package/src/did-cache/db/index.ts +0 -21
  203. package/src/did-cache/db/migrations.ts +0 -17
  204. package/src/did-cache/db/schema.ts +0 -9
  205. package/src/did-cache/index.ts +0 -131
  206. package/src/disk-blobstore.ts +0 -172
  207. package/src/error.ts +0 -19
  208. package/src/handle/explicit-slurs.ts +0 -22
  209. package/src/handle/index.ts +0 -49
  210. package/src/handle/reserved.ts +0 -1059
  211. package/src/image/image-url-builder.ts +0 -16
  212. package/src/index.ts +0 -189
  213. package/src/lexicons.ts +0 -4
  214. package/src/logger.ts +0 -35
  215. package/src/mailer/index.ts +0 -111
  216. package/src/mailer/moderation.ts +0 -33
  217. package/src/mailer/templates/confirm-email.d.ts +0 -4
  218. package/src/mailer/templates/confirm-email.hbs +0 -158
  219. package/src/mailer/templates/delete-account.d.ts +0 -4
  220. package/src/mailer/templates/delete-account.hbs +0 -156
  221. package/src/mailer/templates/plc-operation.d.ts +0 -4
  222. package/src/mailer/templates/plc-operation.hbs +0 -153
  223. package/src/mailer/templates/reset-password.d.ts +0 -4
  224. package/src/mailer/templates/reset-password.hbs +0 -154
  225. package/src/mailer/templates/update-email.d.ts +0 -4
  226. package/src/mailer/templates/update-email.hbs +0 -153
  227. package/src/mailer/templates.ts +0 -17
  228. package/src/pipethrough.ts +0 -716
  229. package/src/rate-limits.ts +0 -59
  230. package/src/read-after-write/index.ts +0 -3
  231. package/src/read-after-write/types.ts +0 -35
  232. package/src/read-after-write/util.ts +0 -101
  233. package/src/read-after-write/viewer.ts +0 -290
  234. package/src/redis.ts +0 -25
  235. package/src/repo/index.ts +0 -2
  236. package/src/repo/prepare.ts +0 -266
  237. package/src/repo/types.ts +0 -65
  238. package/src/scripts/README.md +0 -40
  239. package/src/scripts/index.ts +0 -20
  240. package/src/scripts/publish-identity.ts +0 -60
  241. package/src/scripts/rebuild-repo.ts +0 -119
  242. package/src/scripts/rotate-keys.ts +0 -146
  243. package/src/scripts/sequencer-recovery/index.ts +0 -23
  244. package/src/scripts/sequencer-recovery/recoverer.ts +0 -297
  245. package/src/scripts/sequencer-recovery/recovery-db.ts +0 -65
  246. package/src/scripts/sequencer-recovery/repair-repos.ts +0 -49
  247. package/src/scripts/sequencer-recovery/user-queues.ts +0 -44
  248. package/src/scripts/util.ts +0 -7
  249. package/src/sequencer/db/index.ts +0 -21
  250. package/src/sequencer/db/migrations/001-init.ts +0 -35
  251. package/src/sequencer/db/migrations/index.ts +0 -5
  252. package/src/sequencer/db/schema.ts +0 -19
  253. package/src/sequencer/events.ts +0 -199
  254. package/src/sequencer/index.ts +0 -3
  255. package/src/sequencer/outbox.ts +0 -123
  256. package/src/sequencer/sequencer.ts +0 -290
  257. package/src/util/compression.ts +0 -16
  258. package/src/util/debug.ts +0 -10
  259. package/src/util/http.ts +0 -31
  260. package/src/util/types.ts +0 -7
  261. package/src/well-known.ts +0 -30
  262. package/test.env +0 -2
  263. package/tests/__snapshots__/takedown-appeal.test.ts.snap +0 -43
  264. package/tests/_oauth_client_assets_middleware.ts +0 -23
  265. package/tests/_puppeteer.ts +0 -147
  266. package/tests/_types.d.ts +0 -16
  267. package/tests/_util.ts +0 -191
  268. package/tests/account-deactivation.test.ts +0 -204
  269. package/tests/account-deletion.test.ts +0 -300
  270. package/tests/account-manager.test.ts +0 -462
  271. package/tests/account-migration.test.ts +0 -221
  272. package/tests/account-status.test.ts +0 -206
  273. package/tests/account.test.ts +0 -595
  274. package/tests/app-passwords.test.ts +0 -262
  275. package/tests/auth.test.ts +0 -405
  276. package/tests/blob-deletes.test.ts +0 -204
  277. package/tests/create-post.test.ts +0 -79
  278. package/tests/crud.test.ts +0 -1595
  279. package/tests/db.test.ts +0 -170
  280. package/tests/email-confirmation.test.ts +0 -227
  281. package/tests/entryway-mock.ts +0 -323
  282. package/tests/entryway.test.ts +0 -145
  283. package/tests/file-uploads.test.ts +0 -301
  284. package/tests/get-service-auth.test.ts +0 -81
  285. package/tests/handle-validation.test.ts +0 -56
  286. package/tests/handles.test.ts +0 -274
  287. package/tests/invite-codes.test.ts +0 -367
  288. package/tests/invites-admin.test.ts +0 -252
  289. package/tests/moderation.test.ts +0 -280
  290. package/tests/moderator-auth.test.ts +0 -177
  291. package/tests/oauth.test.ts +0 -334
  292. package/tests/plc-operations.test.ts +0 -239
  293. package/tests/preferences.test.ts +0 -352
  294. package/tests/proxied/__snapshots__/admin.test.ts.snap +0 -516
  295. package/tests/proxied/__snapshots__/feedgen.test.ts.snap +0 -215
  296. package/tests/proxied/__snapshots__/views.test.ts.snap +0 -4456
  297. package/tests/proxied/admin.test.ts +0 -340
  298. package/tests/proxied/feedgen.test.ts +0 -66
  299. package/tests/proxied/notif.test.ts +0 -85
  300. package/tests/proxied/procedures.test.ts +0 -175
  301. package/tests/proxied/proxy-catchall.test.ts +0 -256
  302. package/tests/proxied/proxy-header.test.ts +0 -239
  303. package/tests/proxied/proxy-oauth-aud.test.ts +0 -182
  304. package/tests/proxied/read-after-write.test.ts +0 -382
  305. package/tests/proxied/views.test.ts +0 -608
  306. package/tests/races.test.ts +0 -89
  307. package/tests/rate-limits.test.ts +0 -70
  308. package/tests/recovery.test.ts +0 -180
  309. package/tests/seeds/basic.ts +0 -165
  310. package/tests/seeds/follows.ts +0 -57
  311. package/tests/seeds/likes.ts +0 -14
  312. package/tests/seeds/reposts.ts +0 -18
  313. package/tests/seeds/thread.ts +0 -40
  314. package/tests/seeds/users-bulk.ts +0 -246
  315. package/tests/seeds/users.ts +0 -67
  316. package/tests/sequencer.test.ts +0 -251
  317. package/tests/server.test.ts +0 -151
  318. package/tests/sync/invertible-ops.test.ts +0 -99
  319. package/tests/sync/list.test.ts +0 -43
  320. package/tests/sync/subscribe-repos.test.ts +0 -672
  321. package/tests/sync/sync.test.ts +0 -316
  322. package/tests/takedown-appeal.test.ts +0 -166
  323. package/tsconfig.build.json +0 -9
  324. package/tsconfig.build.tsbuildinfo +0 -1
  325. package/tsconfig.json +0 -7
  326. package/tsconfig.tests.json +0 -8
@@ -1,33 +0,0 @@
1
- import { InvalidRequestError, Server } from '@atproto/xrpc-server'
2
- import { isUserOrAdmin } from '../../../../auth-verifier.js'
3
- import { AppContext } from '../../../../context.js'
4
- import { com } from '../../../../lexicons/index.js'
5
- import { assertRepoAvailability } from './util.js'
6
-
7
- export default function (server: Server, ctx: AppContext) {
8
- server.add(com.atproto.sync.getLatestCommit, {
9
- auth: ctx.authVerifier.authorizationOrAdminTokenOptional({
10
- authorize: () => {
11
- // always allow
12
- },
13
- }),
14
- handler: async ({ params, auth }) => {
15
- const { did } = params
16
- await assertRepoAvailability(ctx, did, isUserOrAdmin(auth, did))
17
-
18
- const root = await ctx.actorStore.read(did, (store) =>
19
- store.repo.storage.getRootDetailed(),
20
- )
21
- if (root === null) {
22
- throw new InvalidRequestError(
23
- `Could not find root for DID: ${did}`,
24
- 'RepoNotFound',
25
- )
26
- }
27
- return {
28
- encoding: 'application/json' as const,
29
- body: { cid: root.cid.toString(), rev: root.rev },
30
- }
31
- },
32
- })
33
- }
@@ -1,49 +0,0 @@
1
- import stream from 'node:stream'
2
- import { byteIterableToStream } from '@atproto/common'
3
- import * as repo from '@atproto/repo'
4
- import { InvalidRequestError, Server } from '@atproto/xrpc-server'
5
- import { SqlRepoReader } from '../../../../actor-store/repo/sql-repo-reader.js'
6
- import { isUserOrAdmin } from '../../../../auth-verifier.js'
7
- import { AppContext } from '../../../../context.js'
8
- import { com } from '../../../../lexicons/index.js'
9
- import { assertRepoAvailability } from './util.js'
10
-
11
- export default function (server: Server, ctx: AppContext) {
12
- server.add(com.atproto.sync.getRecord, {
13
- auth: ctx.authVerifier.authorizationOrAdminTokenOptional({
14
- authorize: () => {
15
- // always allow
16
- },
17
- }),
18
- handler: async ({ params, auth }) => {
19
- const { did, collection, rkey } = params
20
- await assertRepoAvailability(ctx, did, isUserOrAdmin(auth, did))
21
-
22
- // must open up the db outside of store interface so that we can close the file handle after finished streaming
23
- const actorDb = await ctx.actorStore.openDb(did)
24
-
25
- let carStream: stream.Readable
26
- try {
27
- const storage = new SqlRepoReader(actorDb)
28
- const commit = await storage.getRoot()
29
-
30
- if (!commit) {
31
- throw new InvalidRequestError(`Could not find repo for DID: ${did}`)
32
- }
33
- const carIter = repo.getRecords(storage, commit, [{ collection, rkey }])
34
- carStream = byteIterableToStream(carIter)
35
- } catch (err) {
36
- actorDb.close()
37
- throw err
38
- }
39
- const closeDb = () => actorDb.close()
40
- carStream.on('error', closeDb)
41
- carStream.on('close', closeDb)
42
-
43
- return {
44
- encoding: 'application/vnd.ipld.car' as const,
45
- body: carStream,
46
- }
47
- },
48
- })
49
- }
@@ -1,75 +0,0 @@
1
- import stream from 'node:stream'
2
- import {
3
- MINUTE,
4
- byteIterableToStream,
5
- coalesceByteStream,
6
- } from '@atproto/common'
7
- import { InvalidRequestError, Server } from '@atproto/xrpc-server'
8
- import {
9
- RepoRootNotFoundError,
10
- SqlRepoReader,
11
- } from '../../../../actor-store/repo/sql-repo-reader.js'
12
- import { AuthScope } from '../../../../auth-scope.js'
13
- import { isUserOrAdmin } from '../../../../auth-verifier.js'
14
- import { AppContext } from '../../../../context.js'
15
- import { com } from '../../../../lexicons/index.js'
16
- import { assertRepoAvailability } from './util.js'
17
-
18
- const CAR_STREAM_CHUNK_SIZE = 64 * 1024
19
-
20
- export default function (server: Server, ctx: AppContext) {
21
- server.add(com.atproto.sync.getRepo, {
22
- auth: ctx.authVerifier.authorizationOrAdminTokenOptional({
23
- additional: [AuthScope.Takendown],
24
- authorize: () => {
25
- // always allow
26
- },
27
- }),
28
- rateLimit: {
29
- durationMs: 5 * MINUTE,
30
- points: 6000,
31
- },
32
- handler: async ({ req, params, auth }) => {
33
- const { did, since } = params
34
- await assertRepoAvailability(ctx, did, isUserOrAdmin(auth, did))
35
-
36
- const carStream = await getCarStream(ctx, did, since)
37
-
38
- return {
39
- encoding: 'application/vnd.ipld.car' as const,
40
- // @NOTE If the client asked for compression (via "accept-encoding"), we
41
- // coalesce the CAR stream into larger chunks to improve compression
42
- // efficiency. See https://github.com/bluesky-social/atproto/pull/5078
43
- //
44
- // @TODO This would be better handled by xrpc-server and/or the
45
- // compression middleware instead of manually coalescing the stream.
46
- body: req.headers['accept-encoding']
47
- ? coalesceByteStream(carStream, CAR_STREAM_CHUNK_SIZE)
48
- : carStream,
49
- }
50
- },
51
- })
52
- }
53
-
54
- export const getCarStream = async (
55
- ctx: AppContext,
56
- did: string,
57
- since?: string,
58
- ): Promise<stream.Readable> => {
59
- const actorDb = await ctx.actorStore.openDb(did)
60
- try {
61
- const storage = new SqlRepoReader(actorDb)
62
- const carIter = await storage.getCarStream(since)
63
- const carStream = byteIterableToStream(carIter)
64
- const closeDb = () => actorDb.close()
65
- carStream.on('error', closeDb)
66
- carStream.on('close', closeDb)
67
- return carStream
68
- } catch (err) {
69
- await actorDb.close()
70
- if (err instanceof RepoRootNotFoundError) {
71
- throw new InvalidRequestError(`Could not find repo for DID: ${did}`)
72
- }
73
- throw err
74
- }
75
- }
@@ -1,34 +0,0 @@
1
- import { Server } from '@atproto/xrpc-server'
2
- import { formatAccountStatus } from '../../../../account-manager/account-manager.js'
3
- import { AppContext } from '../../../../context.js'
4
- import { com } from '../../../../lexicons/index.js'
5
- import { assertRepoAvailability } from './util.js'
6
-
7
- export default function (server: Server, ctx: AppContext) {
8
- server.add(com.atproto.sync.getRepoStatus, {
9
- handler: async ({ params }) => {
10
- const { did } = params
11
- const account = await assertRepoAvailability(ctx, did, true)
12
-
13
- const { active, status } = formatAccountStatus(account)
14
-
15
- let rev: string | undefined = undefined
16
- if (active) {
17
- const root = await ctx.actorStore.read(did, (store) =>
18
- store.repo.storage.getRootDetailed(),
19
- )
20
- rev = root.rev
21
- }
22
-
23
- return {
24
- encoding: 'application/json' as const,
25
- body: {
26
- did,
27
- active,
28
- status,
29
- rev,
30
- },
31
- }
32
- },
33
- })
34
- }
@@ -1,27 +0,0 @@
1
- import { Server } from '@atproto/xrpc-server'
2
- import { AppContext } from '../../../../context.js'
3
- import getCheckout from './deprecated/getCheckout.js'
4
- import getHead from './deprecated/getHead.js'
5
- import getBlob from './getBlob.js'
6
- import getBlocks from './getBlocks.js'
7
- import getLatestCommit from './getLatestCommit.js'
8
- import getRecord from './getRecord.js'
9
- import getRepo from './getRepo.js'
10
- import getRepoStatus from './getRepoStatus.js'
11
- import listBlobs from './listBlobs.js'
12
- import listRepos from './listRepos.js'
13
- import subscribeRepos from './subscribeRepos.js'
14
-
15
- export default function (server: Server, ctx: AppContext) {
16
- getBlob(server, ctx)
17
- getBlocks(server, ctx)
18
- getLatestCommit(server, ctx)
19
- getRepoStatus(server, ctx)
20
- getRecord(server, ctx)
21
- getRepo(server, ctx)
22
- subscribeRepos(server, ctx)
23
- listBlobs(server, ctx)
24
- listRepos(server, ctx)
25
- getCheckout(server, ctx)
26
- getHead(server, ctx)
27
- }
@@ -1,33 +0,0 @@
1
- import { Server } from '@atproto/xrpc-server'
2
- import { AuthScope } from '../../../../auth-scope.js'
3
- import { isUserOrAdmin } from '../../../../auth-verifier.js'
4
- import { AppContext } from '../../../../context.js'
5
- import { com } from '../../../../lexicons/index.js'
6
- import { assertRepoAvailability } from './util.js'
7
-
8
- export default function (server: Server, ctx: AppContext) {
9
- server.add(com.atproto.sync.listBlobs, {
10
- auth: ctx.authVerifier.authorizationOrAdminTokenOptional({
11
- additional: [AuthScope.Takendown],
12
- authorize: () => {
13
- // always allow
14
- },
15
- }),
16
- handler: async ({ params, auth }) => {
17
- const { did, since, limit, cursor } = params
18
- await assertRepoAvailability(ctx, did, isUserOrAdmin(auth, did))
19
-
20
- const blobCids = await ctx.actorStore.read(did, (store) =>
21
- store.repo.blob.listBlobs({ since, limit, cursor }),
22
- )
23
-
24
- return {
25
- encoding: 'application/json' as const,
26
- body: {
27
- cursor: blobCids.at(-1),
28
- cids: blobCids,
29
- },
30
- }
31
- },
32
- })
33
- }
@@ -1,74 +0,0 @@
1
- import { InvalidRequestError, Server } from '@atproto/xrpc-server'
2
- import { formatAccountStatus } from '../../../../account-manager/account-manager.js'
3
- import { AppContext } from '../../../../context.js'
4
- import { Cursor, GenericKeyset, paginate } from '../../../../db/pagination.js'
5
- import { com } from '../../../../lexicons/index.js'
6
-
7
- export default function (server: Server, ctx: AppContext) {
8
- server.add(com.atproto.sync.listRepos, async ({ params }) => {
9
- const { limit, cursor } = params
10
- const db = ctx.accountManager.db
11
- const { ref } = db.db.dynamic
12
- let builder = db.db
13
- .selectFrom('actor')
14
- .innerJoin('repo_root', 'repo_root.did', 'actor.did')
15
- .select([
16
- 'actor.did as did',
17
- 'repo_root.cid as head',
18
- 'repo_root.rev as rev',
19
- 'actor.createdAt as createdAt',
20
- 'actor.deactivatedAt as deactivatedAt',
21
- 'actor.takedownRef as takedownRef',
22
- ])
23
- const keyset = new TimeDidKeyset(ref('actor.createdAt'), ref('actor.did'))
24
- builder = paginate(builder, {
25
- limit,
26
- cursor,
27
- keyset,
28
- direction: 'asc',
29
- tryIndex: true,
30
- })
31
- const res = await builder.execute()
32
- const repos = res.map((row): com.atproto.sync.listRepos.Repo => {
33
- const { active, status } = formatAccountStatus(row)
34
- return {
35
- did: row.did,
36
- head: row.head,
37
- rev: row.rev ?? '',
38
- active,
39
- status,
40
- }
41
- })
42
- return {
43
- encoding: 'application/json' as const,
44
- body: {
45
- cursor: keyset.packFromResult(res),
46
- repos,
47
- },
48
- }
49
- })
50
- }
51
-
52
- type TimeDidResult = { createdAt: string; did: string }
53
-
54
- export class TimeDidKeyset extends GenericKeyset<TimeDidResult, Cursor> {
55
- labelResult(result: TimeDidResult): Cursor {
56
- return { primary: result.createdAt, secondary: result.did }
57
- }
58
- labeledResultToCursor(labeled: Cursor) {
59
- return {
60
- primary: new Date(labeled.primary).getTime().toString(),
61
- secondary: labeled.secondary,
62
- }
63
- }
64
- cursorToLabeledResult(cursor: Cursor) {
65
- const primaryDate = new Date(parseInt(cursor.primary, 10))
66
- if (isNaN(primaryDate.getTime())) {
67
- throw new InvalidRequestError('Malformed cursor')
68
- }
69
- return {
70
- primary: primaryDate.toISOString(),
71
- secondary: cursor.secondary,
72
- }
73
- }
74
- }
@@ -1,73 +0,0 @@
1
- import { InvalidRequestError, Server } from '@atproto/xrpc-server'
2
- import { AppContext } from '../../../../context.js'
3
- import { com } from '../../../../lexicons/index.js'
4
- import { httpLogger } from '../../../../logger.js'
5
- import { Outbox } from '../../../../sequencer/outbox.js'
6
-
7
- export default function (server: Server, ctx: AppContext) {
8
- server.add(
9
- com.atproto.sync.subscribeRepos,
10
- async function* ({
11
- params,
12
- signal,
13
- }): AsyncGenerator<com.atproto.sync.subscribeRepos.$Message> {
14
- const { cursor } = params
15
- const outbox = new Outbox(ctx.sequencer, {
16
- maxBufferSize: ctx.cfg.subscription.maxBuffer,
17
- })
18
- httpLogger.info({ cursor }, 'request to com.atproto.sync.subscribeRepos')
19
-
20
- const backfillTime = new Date(
21
- Date.now() - ctx.cfg.subscription.repoBackfillLimitMs,
22
- ).toISOString()
23
- let outboxCursor: number | undefined = undefined
24
- if (cursor !== undefined) {
25
- const [next, curr] = await Promise.all([
26
- ctx.sequencer.next(cursor),
27
- ctx.sequencer.curr(),
28
- ])
29
- if (cursor > (curr ?? 0)) {
30
- throw new InvalidRequestError('Cursor in the future.', 'FutureCursor')
31
- } else if (next && next.sequencedAt < backfillTime) {
32
- // if cursor is before backfill time, find earliest cursor from backfill window
33
- yield com.atproto.sync.subscribeRepos.info.$build({
34
- name: 'OutdatedCursor',
35
- message: 'Requested cursor exceeded limit. Possibly missing events',
36
- })
37
- const startEvt = await ctx.sequencer.earliestAfterTime(backfillTime)
38
- outboxCursor = startEvt?.seq ? startEvt.seq - 1 : undefined
39
- } else {
40
- outboxCursor = cursor
41
- }
42
- }
43
-
44
- for await (const evt of outbox.events(outboxCursor, signal)) {
45
- if (evt.type === 'commit') {
46
- yield com.atproto.sync.subscribeRepos.commit.$build({
47
- seq: evt.seq,
48
- time: evt.time,
49
- ...evt.evt,
50
- })
51
- } else if (evt.type === 'sync') {
52
- yield com.atproto.sync.subscribeRepos.sync.$build({
53
- seq: evt.seq,
54
- time: evt.time,
55
- ...evt.evt,
56
- })
57
- } else if (evt.type === 'identity') {
58
- yield com.atproto.sync.subscribeRepos.identity.$build({
59
- seq: evt.seq,
60
- time: evt.time,
61
- ...evt.evt,
62
- })
63
- } else if (evt.type === 'account') {
64
- yield com.atproto.sync.subscribeRepos.account.$build({
65
- seq: evt.seq,
66
- time: evt.time,
67
- ...evt.evt,
68
- })
69
- }
70
- }
71
- },
72
- )
73
- }
@@ -1,37 +0,0 @@
1
- import { AtIdentifierString } from '@atproto/syntax'
2
- import { InvalidRequestError } from '@atproto/xrpc-server'
3
- import { ActorAccount } from '../../../../account-manager/helpers/account.js'
4
- import { AppContext } from '../../../../context.js'
5
-
6
- export const assertRepoAvailability = async (
7
- ctx: AppContext,
8
- handleOrDid: AtIdentifierString,
9
- isAdminOrSelf: boolean,
10
- ): Promise<ActorAccount> => {
11
- const account = await ctx.accountManager.getAccount(handleOrDid, {
12
- includeDeactivated: true,
13
- includeTakenDown: true,
14
- })
15
- if (!account) {
16
- throw new InvalidRequestError(
17
- `Could not find repo for DID: ${handleOrDid}`,
18
- 'RepoNotFound',
19
- )
20
- }
21
- if (isAdminOrSelf) {
22
- return account
23
- }
24
- if (account.takedownRef) {
25
- throw new InvalidRequestError(
26
- `Repo has been takendown: ${handleOrDid}`,
27
- 'RepoTakendown',
28
- )
29
- }
30
- if (account.deactivatedAt) {
31
- throw new InvalidRequestError(
32
- `Repo has been deactivated: ${handleOrDid}`,
33
- 'RepoDeactivated',
34
- )
35
- }
36
- return account
37
- }
@@ -1,34 +0,0 @@
1
- import { ForbiddenError, Server } from '@atproto/xrpc-server'
2
- import { AuthScope } from '../../../../auth-scope.js'
3
- import { AppContext } from '../../../../context.js'
4
- import { com } from '../../../../lexicons/index.js'
5
-
6
- // THIS IS A TEMPORARY UNSPECCED ROUTE
7
- export default function (server: Server, ctx: AppContext) {
8
- server.add(com.atproto.temp.checkSignupQueue, {
9
- auth: ctx.authVerifier.authorization({
10
- additional: [AuthScope.SignupQueued],
11
- authorize: () => {
12
- throw new ForbiddenError(
13
- 'OAuth credentials are not supported for this endpoint',
14
- )
15
- },
16
- }),
17
- handler: async ({ req }) => {
18
- if (!ctx.entrywayClient) {
19
- return {
20
- encoding: 'application/json' as const,
21
- body: {
22
- activated: true,
23
- },
24
- }
25
- }
26
-
27
- const { headers } = ctx.entrywayPassthruHeaders(req)
28
-
29
- return ctx.entrywayClient.xrpc(com.atproto.temp.checkSignupQueue, {
30
- headers,
31
- })
32
- },
33
- })
34
- }
@@ -1,7 +0,0 @@
1
- import { Server } from '@atproto/xrpc-server'
2
- import { AppContext } from '../../../../context.js'
3
- import checkSignupQueue from './checkSignupQueue.js'
4
-
5
- export default function (server: Server, ctx: AppContext) {
6
- checkSignupQueue(server, ctx)
7
- }
package/src/api/index.ts DELETED
@@ -1,10 +0,0 @@
1
- import { Server } from '@atproto/xrpc-server'
2
- import { AppContext } from '../context.js'
3
- import appBsky from './app/bsky/index.js'
4
- import comAtproto from './com/atproto/index.js'
5
-
6
- export default function (server: Server, ctx: AppContext) {
7
- comAtproto(server, ctx)
8
- appBsky(server, ctx)
9
- return server
10
- }
package/src/api/proxy.ts DELETED
@@ -1,44 +0,0 @@
1
- import { IncomingMessage } from 'node:http'
2
- import express from 'express'
3
- import { InvalidRequestError } from '@atproto/xrpc-server'
4
-
5
- export function authPassthru(req: IncomingMessage) {
6
- const { authorization } = req.headers
7
-
8
- if (authorization) {
9
- // DPoP requests are bound to the endpoint being called. Allowing them to be
10
- // proxied would require that the receiving end allows DPoP proof not
11
- // created for him. Since proxying is mainly there to support legacy
12
- // clients, and DPoP is a new feature, we don't support DPoP requests
13
- // through the proxy.
14
-
15
- // This is fine since app views are usually called using the requester's
16
- // credentials when "auth.credentials.type === 'access'", which is the only
17
- // case were DPoP is used.
18
- const [type] = authorization.split(' ', 1)
19
- if (!type) {
20
- throw new InvalidRequestError('Invalid authorization header')
21
- }
22
- if (type.toLowerCase() === 'dpop' || req.headers['dpop']) {
23
- throw new InvalidRequestError('DPoP requests cannot be proxied')
24
- }
25
-
26
- return { headers: { authorization } }
27
- }
28
- }
29
-
30
- // @NOTE this function may mutate its params input
31
- // future improvement here would be to forward along all untrusted ips rather than just the first (req.ip)
32
- export const forwardedFor = (
33
- req: express.Request,
34
- params: HeadersParam | undefined,
35
- ) => {
36
- const result: HeadersParam = params ?? { headers: {} }
37
- const ip = req.ip
38
- if (ip) {
39
- result.headers['x-forwarded-for'] = ip
40
- }
41
- return result
42
- }
43
-
44
- type HeadersParam = { headers: Record<string, string> }
package/src/app-view.ts DELETED
@@ -1,24 +0,0 @@
1
- import { format } from 'node:util'
2
- import { Client } from '@atproto/lex'
3
-
4
- export type AppViewOptions = {
5
- url: string
6
- did: string
7
- cdnUrlPattern?: string
8
- }
9
-
10
- export class AppView {
11
- public did: string
12
- public client: Client
13
- private cdnUrlPattern?: string
14
-
15
- constructor(options: AppViewOptions) {
16
- this.did = options.did
17
- this.client = new Client({ service: options.url })
18
- this.cdnUrlPattern = options.cdnUrlPattern
19
- }
20
-
21
- getImageUrl(pattern: string, did: string, cid: string): string | undefined {
22
- if (this.cdnUrlPattern) return format(this.cdnUrlPattern, pattern, did, cid)
23
- }
24
- }
@@ -1,52 +0,0 @@
1
- import { ScopePermissions } from '@atproto/oauth-scopes'
2
- import { DidString } from '@atproto/syntax'
3
- import { AuthScope } from './auth-scope.js'
4
-
5
- export type UnauthenticatedOutput = {
6
- credentials: null
7
- }
8
-
9
- export type AdminTokenOutput = {
10
- credentials: {
11
- type: 'admin_token'
12
- }
13
- }
14
-
15
- export type ModServiceOutput = {
16
- credentials: {
17
- type: 'mod_service'
18
- did: DidString
19
- }
20
- }
21
-
22
- export type AccessOutput<S extends AuthScope = AuthScope> = {
23
- credentials: {
24
- type: 'access'
25
- did: DidString
26
- scope: S
27
- }
28
- }
29
-
30
- export type OAuthOutput = {
31
- credentials: {
32
- type: 'oauth'
33
- did: DidString
34
- permissions: ScopePermissions
35
- }
36
- }
37
-
38
- export type RefreshOutput = {
39
- credentials: {
40
- type: 'refresh'
41
- did: DidString
42
- scope: AuthScope.Refresh
43
- tokenId: string
44
- }
45
- }
46
-
47
- export type UserServiceAuthOutput = {
48
- credentials: {
49
- type: 'user_service_auth'
50
- did: DidString
51
- }
52
- }
@@ -1,64 +0,0 @@
1
- import { Router } from 'express'
2
- import {
3
- HandleUnavailableError,
4
- InvalidRequestError,
5
- SecondAuthenticationFactorRequiredError,
6
- UseDpopNonceError,
7
- oauthMiddleware,
8
- oauthProtectedResourceMetadataSchema,
9
- } from '@atproto/oauth-provider'
10
- import { AppContext } from './context.js'
11
- import { oauthLogger, reqSerializer } from './logger.js'
12
-
13
- export const createRouter = ({ oauthProvider, cfg }: AppContext): Router => {
14
- const router = Router()
15
-
16
- const oauthProtectedResourceMetadata =
17
- oauthProtectedResourceMetadataSchema.parse({
18
- resource: cfg.service.publicUrl,
19
- authorization_servers: [cfg.entryway?.url ?? cfg.service.publicUrl],
20
- bearer_methods_supported: ['header'],
21
- scopes_supported: [],
22
- resource_documentation: 'https://atproto.com',
23
- })
24
-
25
- if (
26
- !cfg.service.devMode &&
27
- !oauthProtectedResourceMetadata.resource.startsWith('https://')
28
- ) {
29
- throw new Error('Resource URL must use the https scheme')
30
- }
31
-
32
- router.get('/.well-known/oauth-protected-resource', (req, res) => {
33
- res.setHeader('Access-Control-Allow-Origin', '*')
34
- res.setHeader('Access-Control-Allow-Method', '*')
35
- res.setHeader('Access-Control-Allow-Headers', '*')
36
- res.status(200).json(oauthProtectedResourceMetadata)
37
- })
38
-
39
- if (oauthProvider) {
40
- router.use(
41
- oauthMiddleware(oauthProvider, {
42
- onError: (req, res, err, msg) => {
43
- if (!ignoreError(err)) {
44
- oauthLogger.error({ err, req: reqSerializer(req) }, msg)
45
- }
46
- },
47
- }),
48
- )
49
- }
50
-
51
- return router
52
- }
53
-
54
- function ignoreError(err: unknown): boolean {
55
- if (err instanceof InvalidRequestError) {
56
- return err.error_description === 'Invalid identifier or password'
57
- }
58
-
59
- return (
60
- err instanceof UseDpopNonceError ||
61
- err instanceof HandleUnavailableError ||
62
- err instanceof SecondAuthenticationFactorRequiredError
63
- )
64
- }