@atproto/pds 0.5.12 → 0.5.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (326) hide show
  1. package/CHANGELOG.md +53 -0
  2. package/dist/api/app/bsky/notification/index.d.ts.map +1 -1
  3. package/dist/api/app/bsky/notification/index.js +2 -0
  4. package/dist/api/app/bsky/notification/index.js.map +1 -1
  5. package/dist/api/app/bsky/notification/unregisterPush.d.ts +4 -0
  6. package/dist/api/app/bsky/notification/unregisterPush.d.ts.map +1 -0
  7. package/dist/api/app/bsky/notification/unregisterPush.js +48 -0
  8. package/dist/api/app/bsky/notification/unregisterPush.js.map +1 -0
  9. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts +6 -0
  10. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts.map +1 -1
  11. package/dist/lexicons/app/bsky/actor/defs.defs.js +1 -0
  12. package/dist/lexicons/app/bsky/actor/defs.defs.js.map +1 -1
  13. package/package.json +42 -38
  14. package/build.templates.cjs +0 -22
  15. package/example.env +0 -42
  16. package/jest.config.cjs +0 -27
  17. package/src/account-manager/account-manager.ts +0 -916
  18. package/src/account-manager/db/index.ts +0 -21
  19. package/src/account-manager/db/migrations/001-init.ts +0 -115
  20. package/src/account-manager/db/migrations/002-account-deactivation.ts +0 -17
  21. package/src/account-manager/db/migrations/003-privileged-app-passwords.ts +0 -12
  22. package/src/account-manager/db/migrations/004-oauth.ts +0 -122
  23. package/src/account-manager/db/migrations/005-oauth-account-management.ts +0 -136
  24. package/src/account-manager/db/migrations/006-oauth-permission-sets.ts +0 -20
  25. package/src/account-manager/db/migrations/007-lexicon-failures-index.ts +0 -14
  26. package/src/account-manager/db/migrations/index.ts +0 -17
  27. package/src/account-manager/db/schema/account-device.ts +0 -14
  28. package/src/account-manager/db/schema/account.ts +0 -16
  29. package/src/account-manager/db/schema/actor.ts +0 -17
  30. package/src/account-manager/db/schema/app-password.ts +0 -13
  31. package/src/account-manager/db/schema/authorization-request.ts +0 -30
  32. package/src/account-manager/db/schema/authorized-client.ts +0 -23
  33. package/src/account-manager/db/schema/device.ts +0 -18
  34. package/src/account-manager/db/schema/email-token.ts +0 -19
  35. package/src/account-manager/db/schema/index.ts +0 -43
  36. package/src/account-manager/db/schema/invite-code.ts +0 -24
  37. package/src/account-manager/db/schema/lexicon.ts +0 -15
  38. package/src/account-manager/db/schema/refresh-token.ts +0 -11
  39. package/src/account-manager/db/schema/repo-root.ts +0 -12
  40. package/src/account-manager/db/schema/token.ts +0 -38
  41. package/src/account-manager/db/schema/used-refresh-token.ts +0 -13
  42. package/src/account-manager/helpers/account-device.ts +0 -63
  43. package/src/account-manager/helpers/account.ts +0 -355
  44. package/src/account-manager/helpers/auth.ts +0 -222
  45. package/src/account-manager/helpers/authorization-request.ts +0 -90
  46. package/src/account-manager/helpers/authorized-client.ts +0 -75
  47. package/src/account-manager/helpers/device.ts +0 -47
  48. package/src/account-manager/helpers/email-token.ts +0 -87
  49. package/src/account-manager/helpers/invite.ts +0 -263
  50. package/src/account-manager/helpers/lexicon.ts +0 -67
  51. package/src/account-manager/helpers/password.ts +0 -136
  52. package/src/account-manager/helpers/repo.ts +0 -24
  53. package/src/account-manager/helpers/scrypt.ts +0 -53
  54. package/src/account-manager/helpers/token.ts +0 -158
  55. package/src/account-manager/helpers/used-refresh-token.ts +0 -30
  56. package/src/account-manager/oauth-store.ts +0 -880
  57. package/src/account-manager/scope-reference-getter.ts +0 -106
  58. package/src/actor-store/actor-store-reader.ts +0 -45
  59. package/src/actor-store/actor-store-resources.ts +0 -8
  60. package/src/actor-store/actor-store-transactor.ts +0 -31
  61. package/src/actor-store/actor-store-writer.ts +0 -17
  62. package/src/actor-store/actor-store.ts +0 -210
  63. package/src/actor-store/blob/reader.ts +0 -160
  64. package/src/actor-store/blob/transactor.ts +0 -383
  65. package/src/actor-store/db/index.ts +0 -20
  66. package/src/actor-store/db/migrations/001-init.ts +0 -105
  67. package/src/actor-store/db/migrations/index.ts +0 -5
  68. package/src/actor-store/db/schema/account-pref.ts +0 -11
  69. package/src/actor-store/db/schema/backlink.ts +0 -9
  70. package/src/actor-store/db/schema/blob.ts +0 -14
  71. package/src/actor-store/db/schema/index.ts +0 -23
  72. package/src/actor-store/db/schema/record-blob.ts +0 -8
  73. package/src/actor-store/db/schema/record.ts +0 -14
  74. package/src/actor-store/db/schema/repo-block.ts +0 -10
  75. package/src/actor-store/db/schema/repo-root.ts +0 -10
  76. package/src/actor-store/migrate.ts +0 -39
  77. package/src/actor-store/preference/reader.ts +0 -48
  78. package/src/actor-store/preference/transactor.ts +0 -55
  79. package/src/actor-store/preference/util.ts +0 -39
  80. package/src/actor-store/record/reader.ts +0 -374
  81. package/src/actor-store/record/transactor.ts +0 -111
  82. package/src/actor-store/repo/reader.ts +0 -31
  83. package/src/actor-store/repo/sql-repo-reader.ts +0 -150
  84. package/src/actor-store/repo/sql-repo-transactor.ts +0 -105
  85. package/src/actor-store/repo/transactor.ts +0 -227
  86. package/src/api/app/bsky/actor/getPreferences.ts +0 -57
  87. package/src/api/app/bsky/actor/getProfile.ts +0 -41
  88. package/src/api/app/bsky/actor/getProfiles.ts +0 -51
  89. package/src/api/app/bsky/actor/index.ts +0 -13
  90. package/src/api/app/bsky/actor/putPreferences.ts +0 -62
  91. package/src/api/app/bsky/feed/getActorLikes.ts +0 -63
  92. package/src/api/app/bsky/feed/getAuthorFeed.ts +0 -84
  93. package/src/api/app/bsky/feed/getFeed.ts +0 -47
  94. package/src/api/app/bsky/feed/getPostThread.ts +0 -251
  95. package/src/api/app/bsky/feed/getTimeline.ts +0 -50
  96. package/src/api/app/bsky/feed/index.ts +0 -15
  97. package/src/api/app/bsky/index.ts +0 -11
  98. package/src/api/app/bsky/notification/index.ts +0 -7
  99. package/src/api/app/bsky/notification/registerPush.ts +0 -71
  100. package/src/api/app/bsky/util/resolver.ts +0 -20
  101. package/src/api/com/atproto/admin/deleteAccount.ts +0 -22
  102. package/src/api/com/atproto/admin/disableAccountInvites.ts +0 -18
  103. package/src/api/com/atproto/admin/disableInviteCodes.ts +0 -21
  104. package/src/api/com/atproto/admin/enableAccountInvites.ts +0 -18
  105. package/src/api/com/atproto/admin/getAccountInfo.ts +0 -32
  106. package/src/api/com/atproto/admin/getAccountInfos.ts +0 -34
  107. package/src/api/com/atproto/admin/getInviteCodes.ts +0 -126
  108. package/src/api/com/atproto/admin/getSubjectStatus.ts +0 -76
  109. package/src/api/com/atproto/admin/index.ts +0 -31
  110. package/src/api/com/atproto/admin/sendEmail.ts +0 -47
  111. package/src/api/com/atproto/admin/updateAccountEmail.ts +0 -32
  112. package/src/api/com/atproto/admin/updateAccountHandle.ts +0 -47
  113. package/src/api/com/atproto/admin/updateAccountPassword.ts +0 -34
  114. package/src/api/com/atproto/admin/updateSubjectStatus.ts +0 -68
  115. package/src/api/com/atproto/admin/util.ts +0 -66
  116. package/src/api/com/atproto/identity/getRecommendedDidCredentials.ts +0 -50
  117. package/src/api/com/atproto/identity/index.ts +0 -17
  118. package/src/api/com/atproto/identity/requestPlcOperationSignature.ts +0 -59
  119. package/src/api/com/atproto/identity/resolveHandle.ts +0 -50
  120. package/src/api/com/atproto/identity/signPlcOperation.ts +0 -85
  121. package/src/api/com/atproto/identity/submitPlcOperation.ts +0 -65
  122. package/src/api/com/atproto/identity/updateHandle.ts +0 -66
  123. package/src/api/com/atproto/index.ts +0 -19
  124. package/src/api/com/atproto/moderation/createReport.ts +0 -41
  125. package/src/api/com/atproto/moderation/index.ts +0 -7
  126. package/src/api/com/atproto/repo/applyWrites.ts +0 -226
  127. package/src/api/com/atproto/repo/createRecord.ts +0 -143
  128. package/src/api/com/atproto/repo/deleteRecord.ts +0 -122
  129. package/src/api/com/atproto/repo/describeRepo.ts +0 -43
  130. package/src/api/com/atproto/repo/getRecord.ts +0 -40
  131. package/src/api/com/atproto/repo/importRepo.ts +0 -101
  132. package/src/api/com/atproto/repo/index.ts +0 -25
  133. package/src/api/com/atproto/repo/listMissingBlobs.ts +0 -29
  134. package/src/api/com/atproto/repo/listRecords.ts +0 -36
  135. package/src/api/com/atproto/repo/putRecord.ts +0 -211
  136. package/src/api/com/atproto/repo/uploadBlob.ts +0 -60
  137. package/src/api/com/atproto/server/activateAccount.ts +0 -37
  138. package/src/api/com/atproto/server/checkAccountStatus.ts +0 -51
  139. package/src/api/com/atproto/server/confirmEmail.ts +0 -39
  140. package/src/api/com/atproto/server/createAccount.ts +0 -327
  141. package/src/api/com/atproto/server/createAppPassword.ts +0 -53
  142. package/src/api/com/atproto/server/createInviteCode.ts +0 -38
  143. package/src/api/com/atproto/server/createInviteCodes.ts +0 -42
  144. package/src/api/com/atproto/server/createSession.ts +0 -97
  145. package/src/api/com/atproto/server/deactivateAccount.ts +0 -41
  146. package/src/api/com/atproto/server/deleteAccount.ts +0 -85
  147. package/src/api/com/atproto/server/deleteSession.ts +0 -23
  148. package/src/api/com/atproto/server/describeServer.ts +0 -29
  149. package/src/api/com/atproto/server/getAccountInviteCodes.ts +0 -142
  150. package/src/api/com/atproto/server/getServiceAuth.ts +0 -111
  151. package/src/api/com/atproto/server/getSession.ts +0 -80
  152. package/src/api/com/atproto/server/index.ts +0 -55
  153. package/src/api/com/atproto/server/listAppPasswords.ts +0 -45
  154. package/src/api/com/atproto/server/refreshSession.ts +0 -72
  155. package/src/api/com/atproto/server/requestAccountDelete.ts +0 -66
  156. package/src/api/com/atproto/server/requestEmailConfirmation.ts +0 -68
  157. package/src/api/com/atproto/server/requestEmailUpdate.ts +0 -86
  158. package/src/api/com/atproto/server/requestPasswordReset.ts +0 -52
  159. package/src/api/com/atproto/server/reserveSigningKey.ts +0 -15
  160. package/src/api/com/atproto/server/resetPassword.ts +0 -50
  161. package/src/api/com/atproto/server/revokeAppPassword.ts +0 -42
  162. package/src/api/com/atproto/server/updateEmail.ts +0 -52
  163. package/src/api/com/atproto/server/util.ts +0 -136
  164. package/src/api/com/atproto/sync/deprecated/getCheckout.ts +0 -27
  165. package/src/api/com/atproto/sync/deprecated/getHead.ts +0 -33
  166. package/src/api/com/atproto/sync/getBlob.ts +0 -61
  167. package/src/api/com/atproto/sync/getBlocks.ts +0 -37
  168. package/src/api/com/atproto/sync/getLatestCommit.ts +0 -33
  169. package/src/api/com/atproto/sync/getRecord.ts +0 -49
  170. package/src/api/com/atproto/sync/getRepo.ts +0 -75
  171. package/src/api/com/atproto/sync/getRepoStatus.ts +0 -34
  172. package/src/api/com/atproto/sync/index.ts +0 -27
  173. package/src/api/com/atproto/sync/listBlobs.ts +0 -33
  174. package/src/api/com/atproto/sync/listRepos.ts +0 -74
  175. package/src/api/com/atproto/sync/subscribeRepos.ts +0 -73
  176. package/src/api/com/atproto/sync/util.ts +0 -37
  177. package/src/api/com/atproto/temp/checkSignupQueue.ts +0 -34
  178. package/src/api/com/atproto/temp/index.ts +0 -7
  179. package/src/api/index.ts +0 -10
  180. package/src/api/proxy.ts +0 -44
  181. package/src/app-view.ts +0 -24
  182. package/src/auth-output.ts +0 -52
  183. package/src/auth-routes.ts +0 -64
  184. package/src/auth-scope.ts +0 -40
  185. package/src/auth-verifier.ts +0 -668
  186. package/src/background.ts +0 -65
  187. package/src/basic-routes.ts +0 -52
  188. package/src/bsky-app-view.ts +0 -33
  189. package/src/config/config.ts +0 -553
  190. package/src/config/env.ts +0 -167
  191. package/src/config/index.ts +0 -3
  192. package/src/config/secrets.ts +0 -54
  193. package/src/context.ts +0 -523
  194. package/src/crawlers.ts +0 -46
  195. package/src/db/cast.ts +0 -52
  196. package/src/db/db.ts +0 -140
  197. package/src/db/index.ts +0 -4
  198. package/src/db/migrator.ts +0 -40
  199. package/src/db/pagination.ts +0 -132
  200. package/src/db/tables/moderation.ts +0 -80
  201. package/src/db/util.ts +0 -108
  202. package/src/did-cache/db/index.ts +0 -21
  203. package/src/did-cache/db/migrations.ts +0 -17
  204. package/src/did-cache/db/schema.ts +0 -9
  205. package/src/did-cache/index.ts +0 -131
  206. package/src/disk-blobstore.ts +0 -172
  207. package/src/error.ts +0 -19
  208. package/src/handle/explicit-slurs.ts +0 -22
  209. package/src/handle/index.ts +0 -49
  210. package/src/handle/reserved.ts +0 -1059
  211. package/src/image/image-url-builder.ts +0 -16
  212. package/src/index.ts +0 -189
  213. package/src/lexicons.ts +0 -4
  214. package/src/logger.ts +0 -35
  215. package/src/mailer/index.ts +0 -111
  216. package/src/mailer/moderation.ts +0 -33
  217. package/src/mailer/templates/confirm-email.d.ts +0 -4
  218. package/src/mailer/templates/confirm-email.hbs +0 -158
  219. package/src/mailer/templates/delete-account.d.ts +0 -4
  220. package/src/mailer/templates/delete-account.hbs +0 -156
  221. package/src/mailer/templates/plc-operation.d.ts +0 -4
  222. package/src/mailer/templates/plc-operation.hbs +0 -153
  223. package/src/mailer/templates/reset-password.d.ts +0 -4
  224. package/src/mailer/templates/reset-password.hbs +0 -154
  225. package/src/mailer/templates/update-email.d.ts +0 -4
  226. package/src/mailer/templates/update-email.hbs +0 -153
  227. package/src/mailer/templates.ts +0 -17
  228. package/src/pipethrough.ts +0 -716
  229. package/src/rate-limits.ts +0 -59
  230. package/src/read-after-write/index.ts +0 -3
  231. package/src/read-after-write/types.ts +0 -35
  232. package/src/read-after-write/util.ts +0 -101
  233. package/src/read-after-write/viewer.ts +0 -290
  234. package/src/redis.ts +0 -25
  235. package/src/repo/index.ts +0 -2
  236. package/src/repo/prepare.ts +0 -266
  237. package/src/repo/types.ts +0 -65
  238. package/src/scripts/README.md +0 -40
  239. package/src/scripts/index.ts +0 -20
  240. package/src/scripts/publish-identity.ts +0 -60
  241. package/src/scripts/rebuild-repo.ts +0 -119
  242. package/src/scripts/rotate-keys.ts +0 -146
  243. package/src/scripts/sequencer-recovery/index.ts +0 -23
  244. package/src/scripts/sequencer-recovery/recoverer.ts +0 -297
  245. package/src/scripts/sequencer-recovery/recovery-db.ts +0 -65
  246. package/src/scripts/sequencer-recovery/repair-repos.ts +0 -49
  247. package/src/scripts/sequencer-recovery/user-queues.ts +0 -44
  248. package/src/scripts/util.ts +0 -7
  249. package/src/sequencer/db/index.ts +0 -21
  250. package/src/sequencer/db/migrations/001-init.ts +0 -35
  251. package/src/sequencer/db/migrations/index.ts +0 -5
  252. package/src/sequencer/db/schema.ts +0 -19
  253. package/src/sequencer/events.ts +0 -199
  254. package/src/sequencer/index.ts +0 -3
  255. package/src/sequencer/outbox.ts +0 -123
  256. package/src/sequencer/sequencer.ts +0 -290
  257. package/src/util/compression.ts +0 -16
  258. package/src/util/debug.ts +0 -10
  259. package/src/util/http.ts +0 -31
  260. package/src/util/types.ts +0 -7
  261. package/src/well-known.ts +0 -30
  262. package/test.env +0 -2
  263. package/tests/__snapshots__/takedown-appeal.test.ts.snap +0 -43
  264. package/tests/_oauth_client_assets_middleware.ts +0 -23
  265. package/tests/_puppeteer.ts +0 -147
  266. package/tests/_types.d.ts +0 -16
  267. package/tests/_util.ts +0 -191
  268. package/tests/account-deactivation.test.ts +0 -204
  269. package/tests/account-deletion.test.ts +0 -300
  270. package/tests/account-manager.test.ts +0 -462
  271. package/tests/account-migration.test.ts +0 -221
  272. package/tests/account-status.test.ts +0 -206
  273. package/tests/account.test.ts +0 -595
  274. package/tests/app-passwords.test.ts +0 -262
  275. package/tests/auth.test.ts +0 -405
  276. package/tests/blob-deletes.test.ts +0 -204
  277. package/tests/create-post.test.ts +0 -79
  278. package/tests/crud.test.ts +0 -1595
  279. package/tests/db.test.ts +0 -170
  280. package/tests/email-confirmation.test.ts +0 -227
  281. package/tests/entryway-mock.ts +0 -323
  282. package/tests/entryway.test.ts +0 -145
  283. package/tests/file-uploads.test.ts +0 -301
  284. package/tests/get-service-auth.test.ts +0 -81
  285. package/tests/handle-validation.test.ts +0 -56
  286. package/tests/handles.test.ts +0 -274
  287. package/tests/invite-codes.test.ts +0 -367
  288. package/tests/invites-admin.test.ts +0 -252
  289. package/tests/moderation.test.ts +0 -280
  290. package/tests/moderator-auth.test.ts +0 -177
  291. package/tests/oauth.test.ts +0 -334
  292. package/tests/plc-operations.test.ts +0 -239
  293. package/tests/preferences.test.ts +0 -352
  294. package/tests/proxied/__snapshots__/admin.test.ts.snap +0 -516
  295. package/tests/proxied/__snapshots__/feedgen.test.ts.snap +0 -215
  296. package/tests/proxied/__snapshots__/views.test.ts.snap +0 -4456
  297. package/tests/proxied/admin.test.ts +0 -340
  298. package/tests/proxied/feedgen.test.ts +0 -66
  299. package/tests/proxied/notif.test.ts +0 -85
  300. package/tests/proxied/procedures.test.ts +0 -175
  301. package/tests/proxied/proxy-catchall.test.ts +0 -256
  302. package/tests/proxied/proxy-header.test.ts +0 -239
  303. package/tests/proxied/proxy-oauth-aud.test.ts +0 -182
  304. package/tests/proxied/read-after-write.test.ts +0 -382
  305. package/tests/proxied/views.test.ts +0 -608
  306. package/tests/races.test.ts +0 -89
  307. package/tests/rate-limits.test.ts +0 -70
  308. package/tests/recovery.test.ts +0 -180
  309. package/tests/seeds/basic.ts +0 -165
  310. package/tests/seeds/follows.ts +0 -57
  311. package/tests/seeds/likes.ts +0 -14
  312. package/tests/seeds/reposts.ts +0 -18
  313. package/tests/seeds/thread.ts +0 -40
  314. package/tests/seeds/users-bulk.ts +0 -246
  315. package/tests/seeds/users.ts +0 -67
  316. package/tests/sequencer.test.ts +0 -251
  317. package/tests/server.test.ts +0 -151
  318. package/tests/sync/invertible-ops.test.ts +0 -99
  319. package/tests/sync/list.test.ts +0 -43
  320. package/tests/sync/subscribe-repos.test.ts +0 -672
  321. package/tests/sync/sync.test.ts +0 -316
  322. package/tests/takedown-appeal.test.ts +0 -166
  323. package/tsconfig.build.json +0 -9
  324. package/tsconfig.build.tsbuildinfo +0 -1
  325. package/tsconfig.json +0 -7
  326. package/tsconfig.tests.json +0 -8
@@ -1,595 +0,0 @@
1
- import assert from 'node:assert'
2
- import { EventEmitter, once } from 'node:events'
3
- import Mail from 'nodemailer/lib/mailer'
4
- import { AtpAgent, ComAtprotoServerResetPassword } from '@atproto/api'
5
- import * as crypto from '@atproto/crypto'
6
- import { TestNetworkNoAppView } from '@atproto/dev-env'
7
- import { IdResolver } from '@atproto/identity'
8
- import { isDidString } from '@atproto/lex'
9
- import { DidString } from '@atproto/syntax'
10
- import { AppContext } from '../src/index.js'
11
- import { ServerMailer } from '../src/mailer/index.js'
12
-
13
- const email = 'alice@test.com'
14
- const handle = 'alice.test'
15
- const password = 'test123'
16
- const passwordAlt = 'test456'
17
- const minsToMs = 60 * 1000
18
-
19
- describe('account', () => {
20
- let network: TestNetworkNoAppView
21
- let ctx: AppContext
22
- let agent: AtpAgent
23
- let mailer: ServerMailer
24
- let idResolver: IdResolver
25
- const mailCatcher = new EventEmitter()
26
- let _origSendMail
27
-
28
- const tryHandle = async (handle: string) => {
29
- await agent.api.com.atproto.server.createAccount({
30
- email: 'john@test.com',
31
- handle,
32
- password: 'test123',
33
- })
34
- }
35
-
36
- beforeAll(async () => {
37
- network = await TestNetworkNoAppView.create({
38
- dbPostgresSchema: 'account',
39
- pds: {
40
- contactEmailAddress: 'abuse@example.com',
41
- termsOfServiceUrl: 'https://example.com/tos',
42
- privacyPolicyUrl: 'https://example.com/privacy-policy',
43
- },
44
- })
45
- // @ts-expect-error Error due to circular dependency with the dev-env package
46
- mailer = network.pds.ctx.mailer
47
- // @ts-expect-error Error due to circular dependency with the dev-env package
48
- ctx = network.pds.ctx
49
- idResolver = network.pds.ctx.idResolver
50
- agent = network.pds.getAgent()
51
-
52
- // Catch emails for use in tests
53
- _origSendMail = mailer.transporter.sendMail
54
- mailer.transporter.sendMail = async (opts) => {
55
- const result = await _origSendMail.call(mailer.transporter, opts)
56
- mailCatcher.emit('mail', opts)
57
- return result
58
- }
59
- })
60
-
61
- afterAll(async () => {
62
- mailer.transporter.sendMail = _origSendMail
63
- await network?.close()
64
- })
65
-
66
- it('serves the accounts system config', async () => {
67
- const res = await agent.api.com.atproto.server.describeServer({})
68
- expect(res.data.inviteCodeRequired).toBe(false)
69
- expect(res.data.availableUserDomains[0]).toBe('.test')
70
- expect(typeof res.data.inviteCodeRequired).toBe('boolean')
71
- expect(res.data.links?.privacyPolicy).toBe(
72
- 'https://example.com/privacy-policy',
73
- )
74
- expect(res.data.links?.termsOfService).toBe('https://example.com/tos')
75
- expect(res.data.contact?.email).toBe('abuse@example.com')
76
- })
77
-
78
- it('fails on invalid handles', async () => {
79
- const promise = agent.api.com.atproto.server.createAccount({
80
- email: 'bad-handle@test.com',
81
- handle: 'did:bad-handle.test',
82
- password: 'asdf',
83
- })
84
- await expect(promise).rejects.toMatchObject({
85
- error: 'InvalidRequest',
86
- message: expect.stringContaining('handle'),
87
- // - Input/handle must be a valid handle
88
- })
89
- })
90
-
91
- describe('email validation', () => {
92
- it('succeeds on allowed emails', async () => {
93
- const promise = agent.api.com.atproto.server.createAccount({
94
- email: 'ok-email@gmail.com',
95
- handle: 'ok-email.test',
96
- password: 'asdf',
97
- })
98
- await expect(promise).resolves.toBeTruthy()
99
- })
100
-
101
- it('fails on disallowed emails', async () => {
102
- const promise = agent.api.com.atproto.server.createAccount({
103
- email: 'bad-email@disposeamail.com',
104
- handle: 'bad-email.test',
105
- password: 'asdf',
106
- })
107
- await expect(promise).rejects.toMatchObject({
108
- error: 'InvalidRequest',
109
- message: expect.stringContaining('email'),
110
- // - This email address is not supported, please use a different email.
111
- })
112
- })
113
- })
114
-
115
- let did: DidString
116
- let jwt: string
117
-
118
- it('creates an account', async () => {
119
- const res = await agent.api.com.atproto.server.createAccount({
120
- email,
121
- handle,
122
- password,
123
- })
124
-
125
- expect(typeof res.data.accessJwt).toBe('string')
126
- assert(isDidString(res.data.did), 'Did is not a valid DidString')
127
- expect(res.data.handle).toEqual(handle)
128
-
129
- did = res.data.did
130
- jwt = res.data.accessJwt
131
- })
132
-
133
- it('generates a properly formatted PLC DID', async () => {
134
- const didData = await idResolver.did.resolveAtprotoData(did)
135
- const signingKey = await network.pds.ctx.actorStore.keypair(did)
136
-
137
- expect(didData.did).toBe(did)
138
- expect(didData.handle).toBe(handle)
139
- expect(didData.signingKey).toBe(signingKey.did())
140
- expect(didData.pds).toBe(network.pds.url)
141
- })
142
-
143
- it('allows a custom set recovery key', async () => {
144
- const recoveryKey = (await crypto.P256Keypair.create()).did()
145
- const res = await agent.api.com.atproto.server.createAccount({
146
- email: 'custom-recovery@test.com',
147
- handle: 'custom-recovery.test',
148
- password: 'custom-recovery',
149
- recoveryKey,
150
- })
151
-
152
- const didData = await ctx.plcClient.getDocumentData(res.data.did)
153
-
154
- expect(didData.rotationKeys).toEqual([
155
- recoveryKey,
156
- ctx.cfg.identity.recoveryDidKey,
157
- ctx.plcRotationKey.did(),
158
- ])
159
- })
160
-
161
- // @NOTE currently disabled until we allow a user to resver a keypair before migration
162
- // it('allows a user to bring their own DID', async () => {
163
- // const userKey = await crypto.Secp256k1Keypair.create()
164
- // const handle = 'byo-did.test'
165
- // const did = await ctx.plcClient.createDid({
166
- // signingKey: ctx.repoSigningKey.did(),
167
- // handle,
168
- // rotationKeys: [
169
- // userKey.did(),
170
- // ctx.cfg.identity.recoveryDidKey ?? '',
171
- // ctx.plcRotationKey.did(),
172
- // ],
173
- // pds: network.pds.url,
174
- // signer: userKey,
175
- // })
176
-
177
- // const res = await agent.api.com.atproto.server.createAccount({
178
- // email: 'byo-did@test.com',
179
- // handle,
180
- // did,
181
- // password: 'byo-did-pass',
182
- // })
183
-
184
- // expect(res.data.handle).toEqual(handle)
185
- // expect(res.data.did).toEqual(did)
186
- // })
187
-
188
- // it('requires that the did a user brought be correctly set up for the server', async () => {
189
- // const userKey = await crypto.Secp256k1Keypair.create()
190
- // const baseDidInfo = {
191
- // signingKey: ctx.repoSigningKey.did(),
192
- // handle: 'byo-did.test',
193
- // rotationKeys: [
194
- // userKey.did(),
195
- // ctx.cfg.identity.recoveryDidKey ?? '',
196
- // ctx.plcRotationKey.did(),
197
- // ],
198
- // pds: ctx.cfg.service.publicUrl,
199
- // signer: userKey,
200
- // }
201
- // const baseAccntInfo = {
202
- // email: 'byo-did@test.com',
203
- // handle: 'byo-did.test',
204
- // password: 'byo-did-pass',
205
- // }
206
-
207
- // const did1 = await ctx.plcClient.createDid({
208
- // ...baseDidInfo,
209
- // handle: 'different-handle.test',
210
- // })
211
- // const attempt1 = agent.api.com.atproto.server.createAccount({
212
- // ...baseAccntInfo,
213
- // did: did1,
214
- // })
215
- // await expect(attempt1).rejects.toThrow(
216
- // 'provided handle does not match DID document handle',
217
- // )
218
-
219
- // const did2 = await ctx.plcClient.createDid({
220
- // ...baseDidInfo,
221
- // pds: 'https://other-pds.com',
222
- // })
223
- // const attempt2 = agent.api.com.atproto.server.createAccount({
224
- // ...baseAccntInfo,
225
- // did: did2,
226
- // })
227
- // await expect(attempt2).rejects.toThrow(
228
- // 'DID document pds endpoint does not match service endpoint',
229
- // )
230
-
231
- // const did3 = await ctx.plcClient.createDid({
232
- // ...baseDidInfo,
233
- // rotationKeys: [userKey.did()],
234
- // })
235
- // const attempt3 = agent.api.com.atproto.server.createAccount({
236
- // ...baseAccntInfo,
237
- // did: did3,
238
- // })
239
- // await expect(attempt3).rejects.toThrow(
240
- // 'PLC DID does not include service rotation key',
241
- // )
242
-
243
- // const did4 = await ctx.plcClient.createDid({
244
- // ...baseDidInfo,
245
- // signingKey: userKey.did(),
246
- // })
247
- // const attempt4 = agent.api.com.atproto.server.createAccount({
248
- // ...baseAccntInfo,
249
- // did: did4,
250
- // })
251
- // await expect(attempt4).rejects.toThrow(
252
- // 'DID document signing key does not match service signing key',
253
- // )
254
- // })
255
-
256
- it('allows administrative email updates', async () => {
257
- await agent.api.com.atproto.admin.updateAccountEmail(
258
- {
259
- account: handle,
260
- email: 'alIce-NEw@teST.com',
261
- },
262
- {
263
- encoding: 'application/json',
264
- headers: network.pds.adminAuthHeaders(),
265
- },
266
- )
267
-
268
- const accnt = await ctx.accountManager.getAccount(handle)
269
- expect(accnt?.email).toBe('alice-new@test.com')
270
-
271
- await agent.api.com.atproto.admin.updateAccountEmail(
272
- {
273
- account: did,
274
- email,
275
- },
276
- {
277
- encoding: 'application/json',
278
- headers: network.pds.adminAuthHeaders(),
279
- },
280
- )
281
-
282
- const accnt2 = await ctx.accountManager.getAccount(handle)
283
- expect(accnt2?.email).toBe(email)
284
- })
285
-
286
- it('disallows duplicate email addresses and handles', async () => {
287
- const email = 'bob@test.com'
288
- const handle = 'bob.test'
289
- const password = 'test123'
290
- await agent.api.com.atproto.server.createAccount({
291
- email,
292
- handle,
293
- password,
294
- })
295
-
296
- await expect(
297
- agent.api.com.atproto.server.createAccount({
298
- email: email.toUpperCase(),
299
- handle: 'carol.test',
300
- password,
301
- }),
302
- ).rejects.toThrow('Email already taken: BOB@TEST.COM')
303
-
304
- await expect(
305
- agent.api.com.atproto.server.createAccount({
306
- email: 'carol@test.com',
307
- handle: handle.toUpperCase(),
308
- password,
309
- }),
310
- ).rejects.toThrow('Handle already taken: bob.test')
311
- })
312
-
313
- it('validates input through lexicon schema', async () => {
314
- for (const invalidHandle of [
315
- 'did:john',
316
- 'jo_hn.test',
317
- 'jo!hn.test',
318
- 'jo%hn.test',
319
- 'jo&hn.test',
320
- 'jo*hn.test',
321
- 'jo|hn.test',
322
- 'jo:hn.test',
323
- 'jo/hn.test',
324
- ]) {
325
- await expect(tryHandle(invalidHandle)).rejects.toMatchObject({
326
- error: 'InvalidRequest',
327
- message: expect.stringContaining('handle'),
328
- })
329
- }
330
- })
331
-
332
- it('disallows improperly formatted handles', async () => {
333
- await expect(tryHandle('j.test')).rejects.toMatchObject({
334
- error: 'InvalidHandle',
335
- message: 'Handle too short',
336
- })
337
- await expect(
338
- tryHandle('jayromy-johnber12345678910.test'),
339
- ).rejects.toMatchObject({
340
- error: 'InvalidHandle',
341
- message: 'Handle too long',
342
- })
343
- })
344
-
345
- it('disallows reserved handles', async () => {
346
- await expect(tryHandle('john.bsky.io')).rejects.toMatchObject({
347
- error: 'UnsupportedDomain',
348
- message: 'Not a supported handle domain',
349
- })
350
- })
351
-
352
- it('disallows reserved handles', async () => {
353
- await expect(tryHandle('about.test')).rejects.toMatchObject({
354
- error: 'HandleNotAvailable',
355
- message: 'Reserved handle',
356
- })
357
- await expect(tryHandle('atp.test')).rejects.toMatchObject({
358
- error: 'HandleNotAvailable',
359
- message: 'Reserved handle',
360
- })
361
- })
362
-
363
- it('handles racing signups for same handle', async () => {
364
- const COUNT = 10
365
-
366
- let successes = 0
367
- let failures = 0
368
- const promises: Promise<unknown>[] = []
369
- for (let i = 0; i < COUNT; i++) {
370
- const attempt = async () => {
371
- try {
372
- await agent.api.com.atproto.server.createAccount({
373
- email: `matching@test.com`,
374
- handle: `matching.test`,
375
- password: `password`,
376
- })
377
- successes++
378
- } catch (err) {
379
- failures++
380
- }
381
- }
382
- promises.push(attempt())
383
- }
384
- await Promise.all(promises)
385
- expect(successes).toBe(1)
386
- expect(failures).toBe(9)
387
- })
388
-
389
- it('fails on unauthenticated requests', async () => {
390
- await expect(agent.api.com.atproto.server.getSession({})).rejects.toThrow()
391
- })
392
-
393
- it('logs in', async () => {
394
- const res = await agent.api.com.atproto.server.createSession({
395
- identifier: handle,
396
- password,
397
- })
398
- jwt = res.data.accessJwt
399
- expect(typeof jwt).toBe('string')
400
- expect(res.data.handle).toBe('alice.test')
401
- expect(res.data.did).toBe(did)
402
- expect(res.data.email).toBe(email)
403
- })
404
-
405
- it('can perform authenticated requests', async () => {
406
- // @TODO each test should be able to run independently & concurrently
407
- agent.api.setHeader('authorization', `Bearer ${jwt}`)
408
- const res = await agent.api.com.atproto.server.getSession({})
409
- expect(res.data.did).toBe(did)
410
- expect(res.data.handle).toBe(handle)
411
- expect(res.data.email).toBe(email)
412
- })
413
-
414
- const getMailFrom = async (promise): Promise<Mail.Options> => {
415
- const result = await Promise.all([once(mailCatcher, 'mail'), promise])
416
- return result[0][0]
417
- }
418
-
419
- const getTokenFromMail = (mail: Mail.Options) =>
420
- mail.html?.toString().match(/>([a-z0-9]{5}-[a-z0-9]{5})</i)?.[1]
421
-
422
- it('can reset account password', async () => {
423
- const mail = await getMailFrom(
424
- agent.api.com.atproto.server.requestPasswordReset({ email }),
425
- )
426
-
427
- expect(mail.to).toEqual(email)
428
- expect(mail.html).toContain('Reset password')
429
- expect(mail.html).toContain('alice.test')
430
-
431
- const token = getTokenFromMail(mail)
432
-
433
- if (token === undefined) {
434
- return expect(token).toBeDefined()
435
- }
436
-
437
- await agent.api.com.atproto.server.resetPassword({
438
- token,
439
- password: passwordAlt,
440
- })
441
-
442
- // Logs in with new password and not previous password
443
- await expect(
444
- agent.api.com.atproto.server.createSession({
445
- identifier: handle,
446
- password,
447
- }),
448
- ).rejects.toThrow('Invalid identifier or password')
449
-
450
- await expect(
451
- agent.api.com.atproto.server.createSession({
452
- identifier: handle,
453
- password: passwordAlt,
454
- }),
455
- ).resolves.toBeDefined()
456
- })
457
-
458
- it('allows only single-use of password reset token', async () => {
459
- const mail = await getMailFrom(
460
- agent.api.com.atproto.server.requestPasswordReset({ email }),
461
- )
462
-
463
- const token = getTokenFromMail(mail)
464
-
465
- if (token === undefined) {
466
- return expect(token).toBeDefined()
467
- }
468
-
469
- // Reset back from passwordAlt to password
470
- await agent.api.com.atproto.server.resetPassword({ token, password })
471
-
472
- // Reuse of token fails
473
- await expect(
474
- agent.api.com.atproto.server.resetPassword({ token, password }),
475
- ).rejects.toThrow(ComAtprotoServerResetPassword.InvalidTokenError)
476
-
477
- // Logs in with new password and not previous password
478
- await expect(
479
- agent.api.com.atproto.server.createSession({
480
- identifier: handle,
481
- password: passwordAlt,
482
- }),
483
- ).rejects.toThrow('Invalid identifier or password')
484
-
485
- await expect(
486
- agent.api.com.atproto.server.createSession({
487
- identifier: handle,
488
- password,
489
- }),
490
- ).resolves.toBeDefined()
491
- })
492
-
493
- it('changing password invalidates past refresh tokens', async () => {
494
- const mail = await getMailFrom(
495
- agent.api.com.atproto.server.requestPasswordReset({ email }),
496
- )
497
-
498
- expect(mail.to).toEqual(email)
499
- expect(mail.html).toContain('Reset password')
500
- expect(mail.html).toContain('alice.test')
501
-
502
- const token = getTokenFromMail(mail)
503
-
504
- if (token === undefined) {
505
- return expect(token).toBeDefined()
506
- }
507
-
508
- const session = await agent.api.com.atproto.server.createSession({
509
- identifier: handle,
510
- password,
511
- })
512
-
513
- await agent.api.com.atproto.server.resetPassword({
514
- token: token.toLowerCase(), // Reset should work case-insensitively
515
- password,
516
- })
517
-
518
- await expect(
519
- agent.api.com.atproto.server.refreshSession(undefined, {
520
- headers: { authorization: `Bearer ${session.data.refreshJwt}` },
521
- }),
522
- ).rejects.toThrow('Token has been revoked')
523
- })
524
-
525
- it('allows only unexpired password reset tokens', async () => {
526
- await agent.api.com.atproto.server.requestPasswordReset({ email })
527
-
528
- const res = await ctx.accountManager.db.db
529
- .updateTable('email_token')
530
- .where('purpose', '=', 'reset_password')
531
- .where('did', '=', did)
532
- .set({
533
- requestedAt: new Date(Date.now() - 16 * minsToMs).toISOString(),
534
- })
535
- .returning(['token'])
536
- .executeTakeFirst()
537
- if (!res?.token) {
538
- throw new Error('Missing reset token')
539
- }
540
-
541
- // Use of expired token fails
542
- await expect(
543
- agent.api.com.atproto.server.resetPassword({
544
- token: res.token,
545
- password: passwordAlt,
546
- }),
547
- ).rejects.toThrow(ComAtprotoServerResetPassword.ExpiredTokenError)
548
-
549
- // Still logs in with previous password
550
- await expect(
551
- agent.api.com.atproto.server.createSession({
552
- identifier: handle,
553
- password: passwordAlt,
554
- }),
555
- ).rejects.toThrow('Invalid identifier or password')
556
-
557
- await expect(
558
- agent.api.com.atproto.server.createSession({
559
- identifier: handle,
560
- password,
561
- }),
562
- ).resolves.toBeDefined()
563
- })
564
-
565
- it('allows an admin to update password', async () => {
566
- const tryUnauthed = agent.api.com.atproto.admin.updateAccountPassword({
567
- did,
568
- password: 'new-admin-pass',
569
- })
570
- await expect(tryUnauthed).rejects.toThrow('Authentication Required')
571
-
572
- await agent.api.com.atproto.admin.updateAccountPassword(
573
- { did, password: 'new-admin-password' },
574
- {
575
- headers: network.pds.adminAuthHeaders(),
576
- encoding: 'application/json',
577
- },
578
- )
579
-
580
- // old password fails
581
- await expect(
582
- agent.api.com.atproto.server.createSession({
583
- identifier: did,
584
- password,
585
- }),
586
- ).rejects.toThrow('Invalid identifier or password')
587
-
588
- await expect(
589
- agent.api.com.atproto.server.createSession({
590
- identifier: did,
591
- password: 'new-admin-password',
592
- }),
593
- ).resolves.toBeDefined()
594
- })
595
- })