@atproto/pds 0.5.4 → 0.5.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (330) hide show
  1. package/CHANGELOG.md +43 -0
  2. package/dist/account-manager/account-manager.d.ts +52 -14
  3. package/dist/account-manager/account-manager.d.ts.map +1 -1
  4. package/dist/account-manager/account-manager.js +86 -26
  5. package/dist/account-manager/account-manager.js.map +1 -1
  6. package/dist/account-manager/db/index.d.ts.map +1 -1
  7. package/dist/account-manager/db/migrations/005-oauth-account-management.d.ts.map +1 -1
  8. package/dist/account-manager/db/migrations/005-oauth-account-management.js +3 -4
  9. package/dist/account-manager/db/migrations/005-oauth-account-management.js.map +1 -1
  10. package/dist/account-manager/db/migrations/index.d.ts.map +1 -1
  11. package/dist/account-manager/db/schema/authorization-request.d.ts +2 -2
  12. package/dist/account-manager/db/schema/authorization-request.d.ts.map +1 -1
  13. package/dist/account-manager/db/schema/authorization-request.js.map +1 -1
  14. package/dist/account-manager/db/schema/authorized-client.d.ts +2 -2
  15. package/dist/account-manager/db/schema/authorized-client.d.ts.map +1 -1
  16. package/dist/account-manager/db/schema/authorized-client.js.map +1 -1
  17. package/dist/account-manager/db/schema/token.d.ts +2 -2
  18. package/dist/account-manager/db/schema/token.d.ts.map +1 -1
  19. package/dist/account-manager/db/schema/token.js.map +1 -1
  20. package/dist/account-manager/helpers/account-device.d.ts +23 -196
  21. package/dist/account-manager/helpers/account-device.d.ts.map +1 -1
  22. package/dist/account-manager/helpers/account-device.js +3 -3
  23. package/dist/account-manager/helpers/account-device.js.map +1 -1
  24. package/dist/account-manager/helpers/account.d.ts +20 -10
  25. package/dist/account-manager/helpers/account.d.ts.map +1 -1
  26. package/dist/account-manager/helpers/account.js +17 -11
  27. package/dist/account-manager/helpers/account.js.map +1 -1
  28. package/dist/account-manager/helpers/auth.d.ts.map +1 -1
  29. package/dist/account-manager/helpers/auth.js +1 -1
  30. package/dist/account-manager/helpers/auth.js.map +1 -1
  31. package/dist/account-manager/helpers/authorization-request.d.ts +83 -5
  32. package/dist/account-manager/helpers/authorization-request.d.ts.map +1 -1
  33. package/dist/account-manager/helpers/authorization-request.js +8 -8
  34. package/dist/account-manager/helpers/authorization-request.js.map +1 -1
  35. package/dist/account-manager/helpers/authorized-client.d.ts +5 -4
  36. package/dist/account-manager/helpers/authorized-client.d.ts.map +1 -1
  37. package/dist/account-manager/helpers/authorized-client.js +3 -0
  38. package/dist/account-manager/helpers/authorized-client.js.map +1 -1
  39. package/dist/account-manager/helpers/device.d.ts +10 -4
  40. package/dist/account-manager/helpers/device.d.ts.map +1 -1
  41. package/dist/account-manager/helpers/device.js +4 -4
  42. package/dist/account-manager/helpers/device.js.map +1 -1
  43. package/dist/account-manager/helpers/email-token.d.ts.map +1 -1
  44. package/dist/account-manager/helpers/invite.d.ts +35 -2
  45. package/dist/account-manager/helpers/invite.d.ts.map +1 -1
  46. package/dist/account-manager/helpers/lexicon.d.ts.map +1 -1
  47. package/dist/account-manager/helpers/lexicon.js +6 -0
  48. package/dist/account-manager/helpers/lexicon.js.map +1 -1
  49. package/dist/account-manager/helpers/password.d.ts +1 -0
  50. package/dist/account-manager/helpers/password.d.ts.map +1 -1
  51. package/dist/account-manager/helpers/password.js +3 -0
  52. package/dist/account-manager/helpers/password.js.map +1 -1
  53. package/dist/account-manager/helpers/repo.d.ts.map +1 -1
  54. package/dist/account-manager/helpers/scrypt.d.ts.map +1 -1
  55. package/dist/account-manager/helpers/token.d.ts +72 -1031
  56. package/dist/account-manager/helpers/token.d.ts.map +1 -1
  57. package/dist/account-manager/helpers/token.js +13 -10
  58. package/dist/account-manager/helpers/token.js.map +1 -1
  59. package/dist/account-manager/helpers/used-refresh-token.d.ts +6 -2
  60. package/dist/account-manager/helpers/used-refresh-token.d.ts.map +1 -1
  61. package/dist/account-manager/oauth-store.d.ts +17 -13
  62. package/dist/account-manager/oauth-store.d.ts.map +1 -1
  63. package/dist/account-manager/oauth-store.js +89 -39
  64. package/dist/account-manager/oauth-store.js.map +1 -1
  65. package/dist/account-manager/scope-reference-getter.d.ts.map +1 -1
  66. package/dist/account-manager/scope-reference-getter.js.map +1 -1
  67. package/dist/actor-store/actor-store-reader.d.ts.map +1 -1
  68. package/dist/actor-store/actor-store-reader.js.map +1 -1
  69. package/dist/actor-store/actor-store-transactor.d.ts.map +1 -1
  70. package/dist/actor-store/actor-store-transactor.js.map +1 -1
  71. package/dist/actor-store/actor-store-writer.d.ts.map +1 -1
  72. package/dist/actor-store/actor-store.d.ts.map +1 -1
  73. package/dist/actor-store/actor-store.js.map +1 -1
  74. package/dist/actor-store/blob/reader.d.ts.map +1 -1
  75. package/dist/actor-store/blob/reader.js +2 -3
  76. package/dist/actor-store/blob/reader.js.map +1 -1
  77. package/dist/actor-store/blob/transactor.d.ts.map +1 -1
  78. package/dist/actor-store/blob/transactor.js.map +1 -1
  79. package/dist/actor-store/db/index.d.ts.map +1 -1
  80. package/dist/actor-store/db/migrations/index.d.ts.map +1 -1
  81. package/dist/actor-store/migrate.d.ts.map +1 -1
  82. package/dist/actor-store/preference/reader.d.ts.map +1 -1
  83. package/dist/actor-store/preference/reader.js.map +1 -1
  84. package/dist/actor-store/preference/transactor.d.ts.map +1 -1
  85. package/dist/actor-store/record/reader.d.ts +3 -3
  86. package/dist/actor-store/record/reader.d.ts.map +1 -1
  87. package/dist/actor-store/record/reader.js +3 -3
  88. package/dist/actor-store/record/reader.js.map +1 -1
  89. package/dist/actor-store/record/transactor.d.ts.map +1 -1
  90. package/dist/actor-store/record/transactor.js.map +1 -1
  91. package/dist/actor-store/repo/reader.d.ts.map +1 -1
  92. package/dist/actor-store/repo/reader.js.map +1 -1
  93. package/dist/actor-store/repo/sql-repo-reader.d.ts +5 -1
  94. package/dist/actor-store/repo/sql-repo-reader.d.ts.map +1 -1
  95. package/dist/actor-store/repo/sql-repo-reader.js.map +1 -1
  96. package/dist/actor-store/repo/sql-repo-transactor.d.ts.map +1 -1
  97. package/dist/actor-store/repo/transactor.d.ts.map +1 -1
  98. package/dist/actor-store/repo/transactor.js.map +1 -1
  99. package/dist/api/app/bsky/util/resolver.d.ts +4 -4
  100. package/dist/api/app/bsky/util/resolver.d.ts.map +1 -1
  101. package/dist/api/com/atproto/admin/getInviteCodes.d.ts.map +1 -1
  102. package/dist/api/com/atproto/admin/updateSubjectStatus.d.ts.map +1 -1
  103. package/dist/api/com/atproto/admin/updateSubjectStatus.js +12 -4
  104. package/dist/api/com/atproto/admin/updateSubjectStatus.js.map +1 -1
  105. package/dist/api/com/atproto/server/activateAccount.d.ts.map +1 -1
  106. package/dist/api/com/atproto/server/activateAccount.js +25 -31
  107. package/dist/api/com/atproto/server/activateAccount.js.map +1 -1
  108. package/dist/api/com/atproto/server/deactivateAccount.d.ts.map +1 -1
  109. package/dist/api/com/atproto/server/deactivateAccount.js +3 -4
  110. package/dist/api/com/atproto/server/deactivateAccount.js.map +1 -1
  111. package/dist/api/com/atproto/server/deleteAccount.d.ts.map +1 -1
  112. package/dist/api/com/atproto/server/deleteAccount.js +51 -37
  113. package/dist/api/com/atproto/server/deleteAccount.js.map +1 -1
  114. package/dist/api/com/atproto/server/util.d.ts +25 -6
  115. package/dist/api/com/atproto/server/util.d.ts.map +1 -1
  116. package/dist/api/com/atproto/server/util.js.map +1 -1
  117. package/dist/api/com/atproto/sync/getRepo.d.ts.map +1 -1
  118. package/dist/api/com/atproto/sync/listRepos.d.ts.map +1 -1
  119. package/dist/api/com/atproto/sync/util.d.ts.map +1 -1
  120. package/dist/api/proxy.d.ts.map +1 -1
  121. package/dist/app-view.d.ts.map +1 -1
  122. package/dist/auth-routes.d.ts.map +1 -1
  123. package/dist/auth-verifier.d.ts.map +1 -1
  124. package/dist/background.d.ts.map +1 -1
  125. package/dist/basic-routes.d.ts.map +1 -1
  126. package/dist/bsky-app-view.d.ts.map +1 -1
  127. package/dist/config/config.d.ts +2 -1
  128. package/dist/config/config.d.ts.map +1 -1
  129. package/dist/config/config.js +4 -1
  130. package/dist/config/config.js.map +1 -1
  131. package/dist/config/env.d.ts.map +1 -1
  132. package/dist/config/secrets.d.ts.map +1 -1
  133. package/dist/context.d.ts.map +1 -1
  134. package/dist/context.js +1 -1
  135. package/dist/context.js.map +1 -1
  136. package/dist/crawlers.d.ts.map +1 -1
  137. package/dist/db/db.d.ts.map +1 -1
  138. package/dist/db/migrator.d.ts +4 -3
  139. package/dist/db/migrator.d.ts.map +1 -1
  140. package/dist/db/migrator.js +1 -1
  141. package/dist/db/migrator.js.map +1 -1
  142. package/dist/db/pagination.d.ts +3 -2
  143. package/dist/db/pagination.d.ts.map +1 -1
  144. package/dist/db/pagination.js +2 -2
  145. package/dist/db/pagination.js.map +1 -1
  146. package/dist/db/util.d.ts +3 -3
  147. package/dist/db/util.d.ts.map +1 -1
  148. package/dist/db/util.js.map +1 -1
  149. package/dist/did-cache/db/index.d.ts.map +1 -1
  150. package/dist/did-cache/db/migrations.d.ts.map +1 -1
  151. package/dist/did-cache/index.d.ts.map +1 -1
  152. package/dist/did-cache/index.js.map +1 -1
  153. package/dist/disk-blobstore.d.ts.map +1 -1
  154. package/dist/disk-blobstore.js.map +1 -1
  155. package/dist/handle/explicit-slurs.d.ts.map +1 -1
  156. package/dist/handle/index.d.ts.map +1 -1
  157. package/dist/image/image-url-builder.d.ts.map +1 -1
  158. package/dist/image/image-url-builder.js.map +1 -1
  159. package/dist/index.d.ts.map +1 -1
  160. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts +75 -155
  161. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts.map +1 -1
  162. package/dist/lexicons/app/bsky/actor/profile.defs.d.ts +100 -300
  163. package/dist/lexicons/app/bsky/actor/profile.defs.d.ts.map +1 -1
  164. package/dist/lexicons/app/bsky/actor/status.defs.d.ts +40 -40
  165. package/dist/lexicons/app/bsky/actor/status.defs.d.ts.map +1 -1
  166. package/dist/lexicons/app/bsky/authCreatePosts.defs.d.ts +1 -1
  167. package/dist/lexicons/app/bsky/authDeleteContent.defs.d.ts +1 -1
  168. package/dist/lexicons/app/bsky/authFullApp.defs.d.ts +1 -1
  169. package/dist/lexicons/app/bsky/authManageFeedDeclarations.defs.d.ts +1 -1
  170. package/dist/lexicons/app/bsky/authManageLabelerService.defs.d.ts +1 -1
  171. package/dist/lexicons/app/bsky/authManageModeration.defs.d.ts +1 -1
  172. package/dist/lexicons/app/bsky/authManageNotifications.defs.d.ts +1 -1
  173. package/dist/lexicons/app/bsky/authManageProfile.defs.d.ts +1 -1
  174. package/dist/lexicons/app/bsky/authViewAll.defs.d.ts +1 -1
  175. package/dist/lexicons/app/bsky/draft/defs.defs.d.ts +4 -4
  176. package/dist/lexicons/app/bsky/draft/defs.defs.d.ts.map +1 -1
  177. package/dist/lexicons/app/bsky/embed/external.defs.d.ts +10 -10
  178. package/dist/lexicons/app/bsky/embed/gallery.defs.d.ts +10 -42
  179. package/dist/lexicons/app/bsky/embed/gallery.defs.d.ts.map +1 -1
  180. package/dist/lexicons/app/bsky/embed/images.defs.d.ts +10 -10
  181. package/dist/lexicons/app/bsky/embed/record.defs.d.ts +10 -10
  182. package/dist/lexicons/app/bsky/embed/recordWithMedia.defs.d.ts +10 -10
  183. package/dist/lexicons/app/bsky/embed/video.defs.d.ts +50 -162
  184. package/dist/lexicons/app/bsky/embed/video.defs.d.ts.map +1 -1
  185. package/dist/lexicons/app/bsky/feed/generator.defs.d.ts +80 -160
  186. package/dist/lexicons/app/bsky/feed/generator.defs.d.ts.map +1 -1
  187. package/dist/lexicons/app/bsky/feed/like.defs.d.ts +30 -30
  188. package/dist/lexicons/app/bsky/feed/like.defs.d.ts.map +1 -1
  189. package/dist/lexicons/app/bsky/feed/post.defs.d.ts +80 -200
  190. package/dist/lexicons/app/bsky/feed/post.defs.d.ts.map +1 -1
  191. package/dist/lexicons/app/bsky/feed/postgate.defs.d.ts +40 -80
  192. package/dist/lexicons/app/bsky/feed/postgate.defs.d.ts.map +1 -1
  193. package/dist/lexicons/app/bsky/feed/repost.defs.d.ts +30 -30
  194. package/dist/lexicons/app/bsky/feed/repost.defs.d.ts.map +1 -1
  195. package/dist/lexicons/app/bsky/feed/threadgate.defs.d.ts +30 -30
  196. package/dist/lexicons/app/bsky/feed/threadgate.defs.d.ts.map +1 -1
  197. package/dist/lexicons/app/bsky/graph/block.defs.d.ts +20 -20
  198. package/dist/lexicons/app/bsky/graph/block.defs.d.ts.map +1 -1
  199. package/dist/lexicons/app/bsky/graph/follow.defs.d.ts +30 -30
  200. package/dist/lexicons/app/bsky/graph/follow.defs.d.ts.map +1 -1
  201. package/dist/lexicons/app/bsky/graph/list.defs.d.ts +60 -60
  202. package/dist/lexicons/app/bsky/graph/list.defs.d.ts.map +1 -1
  203. package/dist/lexicons/app/bsky/graph/listblock.defs.d.ts +20 -20
  204. package/dist/lexicons/app/bsky/graph/listblock.defs.d.ts.map +1 -1
  205. package/dist/lexicons/app/bsky/graph/listitem.defs.d.ts +20 -20
  206. package/dist/lexicons/app/bsky/graph/listitem.defs.d.ts.map +1 -1
  207. package/dist/lexicons/app/bsky/graph/starterpack.defs.d.ts +50 -90
  208. package/dist/lexicons/app/bsky/graph/starterpack.defs.d.ts.map +1 -1
  209. package/dist/lexicons/app/bsky/graph/verification.defs.d.ts +30 -30
  210. package/dist/lexicons/app/bsky/graph/verification.defs.d.ts.map +1 -1
  211. package/dist/lexicons/app/bsky/labeler/service.defs.d.ts +50 -130
  212. package/dist/lexicons/app/bsky/labeler/service.defs.d.ts.map +1 -1
  213. package/dist/lexicons/app/bsky/notification/declaration.defs.d.ts +10 -10
  214. package/dist/lexicons/app/bsky/notification/declaration.defs.d.ts.map +1 -1
  215. package/dist/lexicons/app/bsky/richtext/facet.defs.d.ts +10 -10
  216. package/dist/lexicons/chat/bsky/actor/declaration.defs.d.ts +20 -20
  217. package/dist/lexicons/chat/bsky/actor/declaration.defs.d.ts.map +1 -1
  218. package/dist/lexicons/chat/bsky/authFullChatClient.defs.d.ts +1 -1
  219. package/dist/lexicons/chat/bsky/convo/defs.defs.d.ts +17 -0
  220. package/dist/lexicons/chat/bsky/convo/defs.defs.d.ts.map +1 -1
  221. package/dist/lexicons/chat/bsky/convo/defs.defs.js +11 -0
  222. package/dist/lexicons/chat/bsky/convo/defs.defs.js.map +1 -1
  223. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.d.ts +1 -1
  224. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.d.ts.map +1 -1
  225. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.js +1 -0
  226. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.js.map +1 -1
  227. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.d.ts +1 -1
  228. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.d.ts.map +1 -1
  229. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.js +1 -0
  230. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.js.map +1 -1
  231. package/dist/lexicons/chat/bsky/embed/joinLink.defs.d.ts +10 -42
  232. package/dist/lexicons/chat/bsky/embed/joinLink.defs.d.ts.map +1 -1
  233. package/dist/lexicons/com/atproto/lexicon/schema.defs.d.ts +10 -10
  234. package/dist/lexicons/com/atproto/lexicon/schema.defs.d.ts.map +1 -1
  235. package/dist/lexicons/com/atproto/repo/strongRef.defs.d.ts +10 -10
  236. package/dist/lexicons/com/germnetwork/declaration.defs.d.ts +40 -120
  237. package/dist/lexicons/com/germnetwork/declaration.defs.d.ts.map +1 -1
  238. package/dist/lexicons/site/standard/document.defs.d.ts +130 -450
  239. package/dist/lexicons/site/standard/document.defs.d.ts.map +1 -1
  240. package/dist/lexicons/site/standard/graph/recommend.defs.d.ts +10 -10
  241. package/dist/lexicons/site/standard/graph/recommend.defs.d.ts.map +1 -1
  242. package/dist/lexicons/site/standard/graph/subscription.defs.d.ts +20 -60
  243. package/dist/lexicons/site/standard/graph/subscription.defs.d.ts.map +1 -1
  244. package/dist/lexicons/site/standard/publication.defs.d.ts +60 -220
  245. package/dist/lexicons/site/standard/publication.defs.d.ts.map +1 -1
  246. package/dist/lexicons/site/standard/theme/basic.defs.d.ts +10 -10
  247. package/dist/lexicons/site/standard/theme/basic.defs.d.ts.map +1 -1
  248. package/dist/lexicons/tools/ozone/moderation/queryStatuses.defs.d.ts +2 -2
  249. package/dist/lexicons/tools/ozone/set/querySets.defs.d.ts +2 -2
  250. package/dist/logger.d.ts +14 -14
  251. package/dist/logger.d.ts.map +1 -1
  252. package/dist/mailer/index.d.ts +2 -0
  253. package/dist/mailer/index.d.ts.map +1 -1
  254. package/dist/mailer/index.js +2 -0
  255. package/dist/mailer/index.js.map +1 -1
  256. package/dist/mailer/moderation.d.ts.map +1 -1
  257. package/dist/pipethrough.d.ts +1 -1
  258. package/dist/pipethrough.d.ts.map +1 -1
  259. package/dist/pipethrough.js.map +1 -1
  260. package/dist/rate-limits.d.ts.map +1 -1
  261. package/dist/read-after-write/util.d.ts.map +1 -1
  262. package/dist/read-after-write/viewer.d.ts +8 -8
  263. package/dist/read-after-write/viewer.d.ts.map +1 -1
  264. package/dist/read-after-write/viewer.js.map +1 -1
  265. package/dist/redis.d.ts.map +1 -1
  266. package/dist/repo/prepare.d.ts.map +1 -1
  267. package/dist/repo/types.d.ts.map +1 -1
  268. package/dist/repo/types.js.map +1 -1
  269. package/dist/scripts/index.d.ts.map +1 -1
  270. package/dist/scripts/publish-identity.d.ts.map +1 -1
  271. package/dist/scripts/rebuild-repo.d.ts.map +1 -1
  272. package/dist/scripts/rotate-keys.d.ts.map +1 -1
  273. package/dist/scripts/sequencer-recovery/index.d.ts.map +1 -1
  274. package/dist/scripts/sequencer-recovery/recoverer.d.ts.map +1 -1
  275. package/dist/scripts/sequencer-recovery/recoverer.js.map +1 -1
  276. package/dist/scripts/sequencer-recovery/recovery-db.d.ts.map +1 -1
  277. package/dist/scripts/sequencer-recovery/recovery-db.js.map +1 -1
  278. package/dist/scripts/sequencer-recovery/repair-repos.d.ts.map +1 -1
  279. package/dist/scripts/sequencer-recovery/user-queues.d.ts.map +1 -1
  280. package/dist/scripts/util.d.ts.map +1 -1
  281. package/dist/sequencer/db/index.d.ts.map +1 -1
  282. package/dist/sequencer/db/migrations/index.d.ts.map +1 -1
  283. package/dist/sequencer/events.d.ts +19 -19
  284. package/dist/sequencer/events.d.ts.map +1 -1
  285. package/dist/sequencer/events.js +6 -13
  286. package/dist/sequencer/events.js.map +1 -1
  287. package/dist/sequencer/outbox.d.ts.map +1 -1
  288. package/dist/sequencer/outbox.js.map +1 -1
  289. package/dist/sequencer/sequencer.d.ts +1 -1
  290. package/dist/sequencer/sequencer.d.ts.map +1 -1
  291. package/dist/sequencer/sequencer.js.map +1 -1
  292. package/dist/util/debug.d.ts.map +1 -1
  293. package/dist/well-known.d.ts.map +1 -1
  294. package/package.json +26 -27
  295. package/src/account-manager/account-manager.ts +135 -36
  296. package/src/account-manager/db/migrations/005-oauth-account-management.ts +6 -5
  297. package/src/account-manager/db/schema/authorization-request.ts +2 -1
  298. package/src/account-manager/db/schema/authorized-client.ts +6 -2
  299. package/src/account-manager/db/schema/token.ts +2 -2
  300. package/src/account-manager/helpers/account-device.ts +5 -11
  301. package/src/account-manager/helpers/account.ts +39 -16
  302. package/src/account-manager/helpers/auth.ts +2 -2
  303. package/src/account-manager/helpers/authorization-request.ts +12 -8
  304. package/src/account-manager/helpers/authorized-client.ts +12 -6
  305. package/src/account-manager/helpers/device.ts +4 -4
  306. package/src/account-manager/helpers/lexicon.ts +8 -3
  307. package/src/account-manager/helpers/password.ts +6 -0
  308. package/src/account-manager/helpers/token.ts +17 -11
  309. package/src/account-manager/oauth-store.ts +129 -61
  310. package/src/actor-store/blob/reader.ts +8 -5
  311. package/src/actor-store/record/reader.ts +3 -3
  312. package/src/actor-store/repo/sql-repo-reader.ts +1 -1
  313. package/src/api/com/atproto/admin/updateSubjectStatus.ts +16 -4
  314. package/src/api/com/atproto/server/activateAccount.ts +27 -49
  315. package/src/api/com/atproto/server/deactivateAccount.ts +3 -7
  316. package/src/api/com/atproto/server/deleteAccount.ts +60 -43
  317. package/src/api/com/atproto/server/util.ts +24 -7
  318. package/src/config/config.ts +7 -2
  319. package/src/context.ts +2 -3
  320. package/src/db/migrator.ts +2 -1
  321. package/src/db/pagination.ts +7 -7
  322. package/src/db/util.ts +5 -2
  323. package/src/mailer/index.ts +4 -2
  324. package/src/scripts/sequencer-recovery/recovery-db.ts +1 -1
  325. package/src/sequencer/events.ts +8 -13
  326. package/src/sequencer/sequencer.ts +1 -3
  327. package/tests/account-manager.test.ts +79 -0
  328. package/tests/account-status.test.ts +206 -0
  329. package/tests/oauth.test.ts +91 -0
  330. package/tsconfig.build.tsbuildinfo +1 -1
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/account-manager/db/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AAEtD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAElD,cAAc,mBAAmB,CAAA;AAEjC,MAAM,MAAM,SAAS,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAA;AAEhD,eAAO,MAAM,KAAK,GAChB,UAAU,MAAM,EAChB,kCAAgC,KAC/B,SAKF,CAAA;AAED,eAAO,MAAM,WAAW,GAAI,IAAI,SAAS,6BAExC,CAAA"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/account-manager/db/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AAEtD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAElD,cAAc,mBAAmB,CAAA;AAEjC,MAAM,MAAM,SAAS,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAA;AAEhD,eAAO,MAAM,KAAK,aACN,MAAM,yCAEf,SAKF,CAAA;AAED,eAAO,MAAM,WAAW,OAAQ,SAAS,6BAExC,CAAA"}
@@ -1 +1 @@
1
- {"version":3,"file":"005-oauth-account-management.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/migrations/005-oauth-account-management.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAE/B,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AAC5D,OAAO,EAAE,OAAO,EAAE,WAAW,EAAa,MAAM,sBAAsB,CAAA;AAUtE,wBAAsB,EAAE,CACtB,EAAE,EAAE,MAAM,CAAC;IACT,OAAO,EAAE;QACP,GAAG,EAAE,MAAM,CAAA;KACZ,CAAA;IACD,cAAc,EAAE;QACd,GAAG,EAAE,MAAM,CAAA;QACX,QAAQ,EAAE,QAAQ,CAAA;QAElB,QAAQ,EAAE,CAAC,GAAG,CAAC,CAAA;QACf,eAAe,EAAE,MAAM,CAAA;QACvB,iBAAiB,EAAE,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAA;KAC3C,CAAA;IACD,cAAc,EAAE;QACd,GAAG,EAAE,MAAM,CAAA;QACX,QAAQ,EAAE,QAAQ,CAAA;QAElB,SAAS,EAAE,OAAO,CAAA;QAClB,SAAS,EAAE,OAAO,CAAA;KACnB,CAAA;CACF,CAAC,GACD,OAAO,CAAC,IAAI,CAAC,CA+Ff;AAED,wBAAsB,IAAI,CAAC,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAG7D"}
1
+ {"version":3,"file":"005-oauth-account-management.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/migrations/005-oauth-account-management.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAE/B,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AAC5D,OAAO,EAAE,OAAO,EAAE,WAAW,EAAa,MAAM,sBAAsB,CAAA;AAUtE,wBAAsB,EAAE,CACtB,EAAE,EAAE,MAAM,CAAC;IACT,OAAO,EAAE;QACP,GAAG,EAAE,MAAM,CAAA;KACZ,CAAA;IACD,cAAc,EAAE;QACd,GAAG,EAAE,MAAM,CAAA;QACX,QAAQ,EAAE,QAAQ,CAAA;QAElB,QAAQ,EAAE,CAAC,GAAG,CAAC,CAAA;QACf,eAAe,EAAE,MAAM,CAAA;QACvB,iBAAiB,EAAE,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAA;KAC3C,CAAA;IACD,cAAc,EAAE;QACd,GAAG,EAAE,MAAM,CAAA;QACX,QAAQ,EAAE,QAAQ,CAAA;QAElB,SAAS,EAAE,OAAO,CAAA;QAClB,SAAS,EAAE,OAAO,CAAA;KACnB,CAAA;CACF,CAAC,GACD,OAAO,CAAC,IAAI,CAAC,CAgGf;AAED,wBAAsB,IAAI,CAAC,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAG7D"}
@@ -47,13 +47,12 @@ export async function up(db) {
47
47
  .select('authenticatedAt as createdAt') // Best we can do
48
48
  .select('authenticatedAt as updatedAt')
49
49
  .where('remember', '=', 1)
50
- .whereExists((qb) =>
50
+ .where(({ exists, selectFrom }) =>
51
51
  // device_account does not have fkey on account.did,
52
52
  // so we satisfy account_device_did_fk with this condition.
53
- qb
54
- .selectFrom('account')
53
+ exists(selectFrom('account')
55
54
  .selectAll()
56
- .whereRef('account.did', '=', 'device_account.did')))
55
+ .whereRef('account.did', '=', 'device_account.did'))))
57
56
  .onConflict((oc) => oc.doNothing())
58
57
  .execute();
59
58
  // @NOTE No need to create an index on "deviceId" for "account_device" because
@@ -1 +1 @@
1
- {"version":3,"file":"005-oauth-account-management.js","sourceRoot":"","sources":["../../../../src/account-manager/db/migrations/005-oauth-account-management.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AAEtC,OAAO,EAAwB,SAAS,EAAE,MAAM,sBAAsB,CAAA;AAEtE,iEAAiE;AACjE,mEAAmE;AACnE,qEAAqE;AACrE,mEAAmE;AACnE,2DAA2D;AAC3D,yBAAyB;AACzB,sEAAsE;AAEtE,MAAM,CAAC,KAAK,UAAU,EAAE,CACtB,EAmBE;IAEF,wEAAwE;IACxE,kDAAkD;IAClD,MAAM,EAAE;SACL,UAAU,CAAC,gBAAgB,CAAC;SAC5B,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;SACzB,KAAK,CAAC,iBAAiB,EAAE,GAAG,EAAE,SAAS,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC;SACrE,OAAO,EAAE,CAAA;IAEZ,4BAA4B;IAC5B,qEAAqE;IACrE,MAAM,EAAE,CAAC,MAAM;SACZ,WAAW,CAAC,gBAAgB,CAAC;SAC7B,WAAW,EAAE;SACb,SAAS,CAAC,KAAK,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACnD,SAAS,CAAC,UAAU,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACxD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,uBAAuB,CAAC,mBAAmB,EAAE;QAC5C,UAAU,EAAE,kEAAkE;QAC9E,KAAK;KACN,CAAC;SACD,uBAAuB,CACtB,uBAAuB,EACvB,CAAC,KAAK,CAAC,EACP,SAAS,EACT,CAAC,KAAK,CAAC;IACP,qEAAqE;IACrE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CACnD;SACA,uBAAuB,CACtB,6BAA6B,EAC7B,CAAC,UAAU,CAAC,EACZ,QAAQ,EACR,CAAC,IAAI,CAAC;IACN,qEAAqE;IACrE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CACnD;SACA,OAAO,EAAE,CAAA;IAEZ,+CAA+C;IAC/C,oEAAoE;IACpE,MAAM,EAAE;SACL,UAAU,CAAC,gBAAgB,CAAC;SAC5B,OAAO,CAAC,CAAC,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC;SACtD,UAAU,CACT,EAAE;SACC,UAAU,CAAC,gBAAgB,CAAC;SAC5B,MAAM,CAAC,KAAK,CAAC;SACb,MAAM,CAAC,UAAU,CAAC;SAClB,MAAM,CAAC,8BAA8B,CAAC,CAAC,iBAAiB;SACxD,MAAM,CAAC,8BAA8B,CAAC;SACtC,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;SACzB,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE;IAClB,oDAAoD;IACpD,2DAA2D;IAC3D,EAAE;SACC,UAAU,CAAC,SAAS,CAAC;SACrB,SAAS,EAAE;SACX,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE,oBAAoB,CAAC,CACtD,CACJ;SACA,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;SAClC,OAAO,EAAE,CAAA;IAEZ,8EAA8E;IAC9E,uDAAuD;IAEvD,MAAM,EAAE,CAAC,MAAM;SACZ,WAAW,CAAC,wBAAwB,CAAC;SACrC,EAAE,CAAC,gBAAgB,CAAC;SACpB,MAAM,CAAC,KAAK,CAAC;SACb,OAAO,EAAE,CAAA;IAEZ,MAAM,EAAE,CAAC,MAAM;SACZ,WAAW,CAAC,mBAAmB,CAAC;SAChC,SAAS,CAAC,KAAK,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACnD,SAAS,CAAC,UAAU,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACxD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,SAAS,CAAC,MAAM,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACpD,uBAAuB,CAAC,sBAAsB,EAAE,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;SACpE,uBAAuB,CACtB,0BAA0B,EAC1B,CAAC,KAAK,CAAC,EACP,SAAS,EACT,CAAC,KAAK,CAAC;IACP,qEAAqE;IACrE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CACnD;SACA,OAAO,EAAE,CAAA;IAEZ,4EAA4E;IAC5E,4EAA4E;IAC5E,oCAAoC;AACtC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI,CAAC,EAAmB;IAC5C,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,OAAO,EAAE,CAAA;IACxD,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,OAAO,EAAE,CAAA;AACvD,CAAC","sourcesContent":["import { Kysely } from 'kysely'\nimport { HOUR } from '@atproto/common'\nimport { ClientId, DeviceId } from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded, toDateISO } from '../../../db/index.js'\n\n// @NOTE this migration has been updated to be idempotent through\n// the insertInto('account_device') step. this allows users to roll\n// forward if the migration partially succeeded on first run, failing\n// on a fk constraint during the insertInto('account_device') step.\n// this previously occurred under the following conditions:\n// a. a user was deleted\n// b. this user used oauth functionality with \"remember me\" selected.\n\nexport async function up(\n db: Kysely<{\n account: {\n did: string\n }\n device_account: {\n did: string\n deviceId: DeviceId\n\n remember: 0 | 1\n authenticatedAt: string\n authorizedClients: JsonEncoded<ClientId[]>\n }\n account_device: {\n did: string\n deviceId: DeviceId\n\n createdAt: DateISO\n updatedAt: DateISO\n }\n }>,\n): Promise<void> {\n // Security: Delete any leftover device accounts that are not remembered\n // @NOTE idempotent, see note at top of migration.\n await db\n .deleteFrom('device_account')\n .where('remember', '=', 0)\n .where('authenticatedAt', '<', toDateISO(new Date(Date.now() - HOUR)))\n .execute()\n\n // replaces \"device_account\"\n // @NOTE idempotent from ifNotExists(), see note at top of migration.\n await db.schema\n .createTable('account_device')\n .ifNotExists()\n .addColumn('did', 'varchar', (col) => col.notNull())\n .addColumn('deviceId', 'varchar', (col) => col.notNull())\n .addColumn('createdAt', 'varchar', (col) => col.notNull())\n .addColumn('updatedAt', 'varchar', (col) => col.notNull())\n .addPrimaryKeyConstraint('account_device_pk', [\n 'deviceId', // first because this table will be joined from the \"device\" table\n 'did',\n ])\n .addForeignKeyConstraint(\n 'account_device_did_fk',\n ['did'],\n 'account',\n ['did'],\n // cascade on delete, future-proofing on update (fk can't be altered)\n (qb) => qb.onDelete('cascade').onUpdate('cascade'),\n )\n .addForeignKeyConstraint(\n 'account_device_device_id_fk',\n ['deviceId'],\n 'device',\n ['id'],\n // cascade on delete, future-proofing on update (fk can't be altered)\n (qb) => qb.onDelete('cascade').onUpdate('cascade'),\n )\n .execute()\n\n // Migrate \"device_account\" to \"account_device\"\n // @NOTE idempotent from onConflict(): see note at top of migration.\n await db\n .insertInto('account_device')\n .columns(['did', 'deviceId', 'createdAt', 'updatedAt'])\n .expression(\n db\n .selectFrom('device_account')\n .select('did')\n .select('deviceId')\n .select('authenticatedAt as createdAt') // Best we can do\n .select('authenticatedAt as updatedAt')\n .where('remember', '=', 1)\n .whereExists((qb) =>\n // device_account does not have fkey on account.did,\n // so we satisfy account_device_did_fk with this condition.\n qb\n .selectFrom('account')\n .selectAll()\n .whereRef('account.did', '=', 'device_account.did'),\n ),\n )\n .onConflict((oc) => oc.doNothing())\n .execute()\n\n // @NOTE No need to create an index on \"deviceId\" for \"account_device\" because\n // it is the first column in the primary key constraint\n\n await db.schema\n .createIndex('account_device_did_idx')\n .on('account_device')\n .column('did')\n .execute()\n\n await db.schema\n .createTable('authorized_client')\n .addColumn('did', 'varchar', (col) => col.notNull())\n .addColumn('clientId', 'varchar', (col) => col.notNull())\n .addColumn('createdAt', 'varchar', (col) => col.notNull())\n .addColumn('updatedAt', 'varchar', (col) => col.notNull())\n .addColumn('data', 'varchar', (col) => col.notNull())\n .addPrimaryKeyConstraint('authorized_client_pk', ['did', 'clientId'])\n .addForeignKeyConstraint(\n 'authorized_client_did_fk',\n ['did'],\n 'account',\n ['did'],\n // cascade on delete, future-proofing on update (fk can't be altered)\n (qb) => qb.onDelete('cascade').onUpdate('cascade'),\n )\n .execute()\n\n // We don't migrate the \"device_account\" authorized clients. Users will need\n // to reauthorize the client during the next oauth flow (minor inconvenience\n // for authenticated clients users).\n}\n\nexport async function down(db: Kysely<unknown>): Promise<void> {\n await db.schema.dropTable('authorized_client').execute()\n await db.schema.dropTable('account_device').execute()\n}\n"]}
1
+ {"version":3,"file":"005-oauth-account-management.js","sourceRoot":"","sources":["../../../../src/account-manager/db/migrations/005-oauth-account-management.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AAEtC,OAAO,EAAwB,SAAS,EAAE,MAAM,sBAAsB,CAAA;AAEtE,iEAAiE;AACjE,mEAAmE;AACnE,qEAAqE;AACrE,mEAAmE;AACnE,2DAA2D;AAC3D,yBAAyB;AACzB,sEAAsE;AAEtE,MAAM,CAAC,KAAK,UAAU,EAAE,CACtB,EAmBE;IAEF,wEAAwE;IACxE,kDAAkD;IAClD,MAAM,EAAE;SACL,UAAU,CAAC,gBAAgB,CAAC;SAC5B,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;SACzB,KAAK,CAAC,iBAAiB,EAAE,GAAG,EAAE,SAAS,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC;SACrE,OAAO,EAAE,CAAA;IAEZ,4BAA4B;IAC5B,qEAAqE;IACrE,MAAM,EAAE,CAAC,MAAM;SACZ,WAAW,CAAC,gBAAgB,CAAC;SAC7B,WAAW,EAAE;SACb,SAAS,CAAC,KAAK,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACnD,SAAS,CAAC,UAAU,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACxD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,uBAAuB,CAAC,mBAAmB,EAAE;QAC5C,UAAU,EAAE,kEAAkE;QAC9E,KAAK;KACN,CAAC;SACD,uBAAuB,CACtB,uBAAuB,EACvB,CAAC,KAAK,CAAC,EACP,SAAS,EACT,CAAC,KAAK,CAAC;IACP,qEAAqE;IACrE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CACnD;SACA,uBAAuB,CACtB,6BAA6B,EAC7B,CAAC,UAAU,CAAC,EACZ,QAAQ,EACR,CAAC,IAAI,CAAC;IACN,qEAAqE;IACrE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CACnD;SACA,OAAO,EAAE,CAAA;IAEZ,+CAA+C;IAC/C,oEAAoE;IACpE,MAAM,EAAE;SACL,UAAU,CAAC,gBAAgB,CAAC;SAC5B,OAAO,CAAC,CAAC,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC;SACtD,UAAU,CACT,EAAE;SACC,UAAU,CAAC,gBAAgB,CAAC;SAC5B,MAAM,CAAC,KAAK,CAAC;SACb,MAAM,CAAC,UAAU,CAAC;SAClB,MAAM,CAAC,8BAA8B,CAAC,CAAC,iBAAiB;SACxD,MAAM,CAAC,8BAA8B,CAAC;SACtC,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;SACzB,KAAK,CAAC,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE;IAChC,oDAAoD;IACpD,2DAA2D;IAC3D,MAAM,CACJ,UAAU,CAAC,SAAS,CAAC;SAClB,SAAS,EAAE;SACX,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE,oBAAoB,CAAC,CACtD,CACF,CACJ;SACA,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;SAClC,OAAO,EAAE,CAAA;IAEZ,8EAA8E;IAC9E,uDAAuD;IAEvD,MAAM,EAAE,CAAC,MAAM;SACZ,WAAW,CAAC,wBAAwB,CAAC;SACrC,EAAE,CAAC,gBAAgB,CAAC;SACpB,MAAM,CAAC,KAAK,CAAC;SACb,OAAO,EAAE,CAAA;IAEZ,MAAM,EAAE,CAAC,MAAM;SACZ,WAAW,CAAC,mBAAmB,CAAC;SAChC,SAAS,CAAC,KAAK,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACnD,SAAS,CAAC,UAAU,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACxD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACzD,SAAS,CAAC,MAAM,EAAE,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;SACpD,uBAAuB,CAAC,sBAAsB,EAAE,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;SACpE,uBAAuB,CACtB,0BAA0B,EAC1B,CAAC,KAAK,CAAC,EACP,SAAS,EACT,CAAC,KAAK,CAAC;IACP,qEAAqE;IACrE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CACnD;SACA,OAAO,EAAE,CAAA;IAEZ,4EAA4E;IAC5E,4EAA4E;IAC5E,oCAAoC;AACtC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI,CAAC,EAAmB;IAC5C,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,OAAO,EAAE,CAAA;IACxD,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,OAAO,EAAE,CAAA;AACvD,CAAC","sourcesContent":["import { Kysely } from 'kysely'\nimport { HOUR } from '@atproto/common'\nimport { ClientId, DeviceId } from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded, toDateISO } from '../../../db/index.js'\n\n// @NOTE this migration has been updated to be idempotent through\n// the insertInto('account_device') step. this allows users to roll\n// forward if the migration partially succeeded on first run, failing\n// on a fk constraint during the insertInto('account_device') step.\n// this previously occurred under the following conditions:\n// a. a user was deleted\n// b. this user used oauth functionality with \"remember me\" selected.\n\nexport async function up(\n db: Kysely<{\n account: {\n did: string\n }\n device_account: {\n did: string\n deviceId: DeviceId\n\n remember: 0 | 1\n authenticatedAt: string\n authorizedClients: JsonEncoded<ClientId[]>\n }\n account_device: {\n did: string\n deviceId: DeviceId\n\n createdAt: DateISO\n updatedAt: DateISO\n }\n }>,\n): Promise<void> {\n // Security: Delete any leftover device accounts that are not remembered\n // @NOTE idempotent, see note at top of migration.\n await db\n .deleteFrom('device_account')\n .where('remember', '=', 0)\n .where('authenticatedAt', '<', toDateISO(new Date(Date.now() - HOUR)))\n .execute()\n\n // replaces \"device_account\"\n // @NOTE idempotent from ifNotExists(), see note at top of migration.\n await db.schema\n .createTable('account_device')\n .ifNotExists()\n .addColumn('did', 'varchar', (col) => col.notNull())\n .addColumn('deviceId', 'varchar', (col) => col.notNull())\n .addColumn('createdAt', 'varchar', (col) => col.notNull())\n .addColumn('updatedAt', 'varchar', (col) => col.notNull())\n .addPrimaryKeyConstraint('account_device_pk', [\n 'deviceId', // first because this table will be joined from the \"device\" table\n 'did',\n ])\n .addForeignKeyConstraint(\n 'account_device_did_fk',\n ['did'],\n 'account',\n ['did'],\n // cascade on delete, future-proofing on update (fk can't be altered)\n (qb) => qb.onDelete('cascade').onUpdate('cascade'),\n )\n .addForeignKeyConstraint(\n 'account_device_device_id_fk',\n ['deviceId'],\n 'device',\n ['id'],\n // cascade on delete, future-proofing on update (fk can't be altered)\n (qb) => qb.onDelete('cascade').onUpdate('cascade'),\n )\n .execute()\n\n // Migrate \"device_account\" to \"account_device\"\n // @NOTE idempotent from onConflict(): see note at top of migration.\n await db\n .insertInto('account_device')\n .columns(['did', 'deviceId', 'createdAt', 'updatedAt'])\n .expression(\n db\n .selectFrom('device_account')\n .select('did')\n .select('deviceId')\n .select('authenticatedAt as createdAt') // Best we can do\n .select('authenticatedAt as updatedAt')\n .where('remember', '=', 1)\n .where(({ exists, selectFrom }) =>\n // device_account does not have fkey on account.did,\n // so we satisfy account_device_did_fk with this condition.\n exists(\n selectFrom('account')\n .selectAll()\n .whereRef('account.did', '=', 'device_account.did'),\n ),\n ),\n )\n .onConflict((oc) => oc.doNothing())\n .execute()\n\n // @NOTE No need to create an index on \"deviceId\" for \"account_device\" because\n // it is the first column in the primary key constraint\n\n await db.schema\n .createIndex('account_device_did_idx')\n .on('account_device')\n .column('did')\n .execute()\n\n await db.schema\n .createTable('authorized_client')\n .addColumn('did', 'varchar', (col) => col.notNull())\n .addColumn('clientId', 'varchar', (col) => col.notNull())\n .addColumn('createdAt', 'varchar', (col) => col.notNull())\n .addColumn('updatedAt', 'varchar', (col) => col.notNull())\n .addColumn('data', 'varchar', (col) => col.notNull())\n .addPrimaryKeyConstraint('authorized_client_pk', ['did', 'clientId'])\n .addForeignKeyConstraint(\n 'authorized_client_did_fk',\n ['did'],\n 'account',\n ['did'],\n // cascade on delete, future-proofing on update (fk can't be altered)\n (qb) => qb.onDelete('cascade').onUpdate('cascade'),\n )\n .execute()\n\n // We don't migrate the \"device_account\" authorized clients. Users will need\n // to reauthorize the client during the next oauth flow (minor inconvenience\n // for authenticated clients users).\n}\n\nexport async function down(db: Kysely<unknown>): Promise<void> {\n await db.schema.dropTable('authorized_client').execute()\n await db.schema.dropTable('account_device').execute()\n}\n"]}
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/migrations/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,eAAe,CAAA;AACvC,OAAO,KAAK,MAAM,MAAM,+BAA+B,CAAA;AACvD,OAAO,KAAK,MAAM,MAAM,mCAAmC,CAAA;AAC3D,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAA;AACxC,OAAO,KAAK,MAAM,MAAM,mCAAmC,CAAA;AAC3D,OAAO,KAAK,MAAM,MAAM,gCAAgC,CAAA;AACxD,OAAO,KAAK,MAAM,MAAM,iCAAiC,CAAA;;;;;;;;;;AAEzD,wBAQC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/migrations/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,eAAe,CAAA;AACvC,OAAO,KAAK,MAAM,MAAM,+BAA+B,CAAA;AACvD,OAAO,KAAK,MAAM,MAAM,mCAAmC,CAAA;AAC3D,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAA;AACxC,OAAO,KAAK,MAAM,MAAM,mCAAmC,CAAA;AAC3D,OAAO,KAAK,MAAM,MAAM,gCAAgC,CAAA;AACxD,OAAO,KAAK,MAAM,MAAM,iCAAiC,CAAA;;IAGvD,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK"}
@@ -1,9 +1,9 @@
1
1
  import { Selectable } from 'kysely';
2
- import { ClientAuth, ClientAuthLegacy, Code, DeviceId, OAuthAuthorizationRequestParameters, OAuthClientId, RequestId } from '@atproto/oauth-provider';
2
+ import { ClientAuth, ClientAuthLegacy, Code, DeviceId, Did, OAuthAuthorizationRequestParameters, OAuthClientId, RequestId } from '@atproto/oauth-provider';
3
3
  import { DateISO, JsonEncoded } from '../../../db/index.js';
4
4
  export interface AuthorizationRequest {
5
5
  id: RequestId;
6
- did: string | null;
6
+ did: Did | null;
7
7
  deviceId: DeviceId | null;
8
8
  clientId: OAuthClientId;
9
9
  clientAuth: JsonEncoded<null | ClientAuth | ClientAuthLegacy>;
@@ -1 +1 @@
1
- {"version":3,"file":"authorization-request.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorization-request.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,OAAO,EACL,UAAU,EACV,gBAAgB,EAChB,IAAI,EACJ,QAAQ,EACR,mCAAmC,EACnC,aAAa,EACb,SAAS,EACV,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAA;AAE3D,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,SAAS,CAAA;IACb,GAAG,EAAE,MAAM,GAAG,IAAI,CAAA;IAClB,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAA;IAEzB,QAAQ,EAAE,aAAa,CAAA;IACvB,UAAU,EAAE,WAAW,CAAC,IAAI,GAAG,UAAU,GAAG,gBAAgB,CAAC,CAAA;IAC7D,UAAU,EAAE,WAAW,CAAC,mCAAmC,CAAC,CAAA;IAC5D,SAAS,EAAE,OAAO,CAAA;IAClB,IAAI,EAAE,IAAI,GAAG,IAAI,CAAA;CAClB;AAED,MAAM,MAAM,yBAAyB,GAAG,UAAU,CAAC,oBAAoB,CAAC,CAAA;AAExE,eAAO,MAAM,SAAS,0BAA0B,CAAA;AAEhD,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,oBAAoB,CAAA;CAAE,CAAA"}
1
+ {"version":3,"file":"authorization-request.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorization-request.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,OAAO,EACL,UAAU,EACV,gBAAgB,EAChB,IAAI,EACJ,QAAQ,EACR,GAAG,EACH,mCAAmC,EACnC,aAAa,EACb,SAAS,EACV,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAA;AAE3D,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,SAAS,CAAA;IACb,GAAG,EAAE,GAAG,GAAG,IAAI,CAAA;IACf,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAA;IAEzB,QAAQ,EAAE,aAAa,CAAA;IACvB,UAAU,EAAE,WAAW,CAAC,IAAI,GAAG,UAAU,GAAG,gBAAgB,CAAC,CAAA;IAC7D,UAAU,EAAE,WAAW,CAAC,mCAAmC,CAAC,CAAA;IAC5D,SAAS,EAAE,OAAO,CAAA;IAClB,IAAI,EAAE,IAAI,GAAG,IAAI,CAAA;CAClB;AAED,MAAM,MAAM,yBAAyB,GAAG,UAAU,CAAC,oBAAoB,CAAC,CAAA;AAExE,eAAO,MAAM,SAAS,0BAA0B,CAAA;AAEhD,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,oBAAoB,CAAA;CAAE,CAAA"}
@@ -1 +1 @@
1
- {"version":3,"file":"authorization-request.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorization-request.ts"],"names":[],"mappings":"AA0BA,MAAM,CAAC,MAAM,SAAS,GAAG,uBAAuB,CAAA","sourcesContent":["import { Selectable } from 'kysely'\nimport {\n ClientAuth,\n ClientAuthLegacy,\n Code,\n DeviceId,\n OAuthAuthorizationRequestParameters,\n OAuthClientId,\n RequestId,\n} from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/index.js'\n\nexport interface AuthorizationRequest {\n id: RequestId\n did: string | null\n deviceId: DeviceId | null\n\n clientId: OAuthClientId\n clientAuth: JsonEncoded<null | ClientAuth | ClientAuthLegacy>\n parameters: JsonEncoded<OAuthAuthorizationRequestParameters>\n expiresAt: DateISO\n code: Code | null\n}\n\nexport type AuthorizationRequestEntry = Selectable<AuthorizationRequest>\n\nexport const tableName = 'authorization_request'\n\nexport type PartialDB = { [tableName]: AuthorizationRequest }\n"]}
1
+ {"version":3,"file":"authorization-request.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorization-request.ts"],"names":[],"mappings":"AA2BA,MAAM,CAAC,MAAM,SAAS,GAAG,uBAAuB,CAAA","sourcesContent":["import { Selectable } from 'kysely'\nimport {\n ClientAuth,\n ClientAuthLegacy,\n Code,\n DeviceId,\n Did,\n OAuthAuthorizationRequestParameters,\n OAuthClientId,\n RequestId,\n} from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/index.js'\n\nexport interface AuthorizationRequest {\n id: RequestId\n did: Did | null\n deviceId: DeviceId | null\n\n clientId: OAuthClientId\n clientAuth: JsonEncoded<null | ClientAuth | ClientAuthLegacy>\n parameters: JsonEncoded<OAuthAuthorizationRequestParameters>\n expiresAt: DateISO\n code: Code | null\n}\n\nexport type AuthorizationRequestEntry = Selectable<AuthorizationRequest>\n\nexport const tableName = 'authorization_request'\n\nexport type PartialDB = { [tableName]: AuthorizationRequest }\n"]}
@@ -1,8 +1,8 @@
1
1
  import { Selectable } from 'kysely';
2
- import { AuthorizedClientData, OAuthClientId } from '@atproto/oauth-provider';
2
+ import { AuthorizedClientData, Did, OAuthClientId } from '@atproto/oauth-provider';
3
3
  import { DateISO, JsonEncoded } from '../../../db/index.js';
4
4
  export interface AuthorizedClient {
5
- did: string;
5
+ did: Did;
6
6
  clientId: OAuthClientId;
7
7
  createdAt: DateISO;
8
8
  updatedAt: DateISO;
@@ -1 +1 @@
1
- {"version":3,"file":"authorized-client.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorized-client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,OAAO,EAAE,oBAAoB,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAA;AAC7E,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAA;AAE3D,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,MAAM,CAAA;IACX,QAAQ,EAAE,aAAa,CAAA;IAEvB,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAElB,IAAI,EAAE,WAAW,CAAC,oBAAoB,CAAC,CAAA;CACxC;AAED,MAAM,MAAM,qBAAqB,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAA;AAEhE,eAAO,MAAM,SAAS,sBAAsB,CAAA;AAE5C,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,gBAAgB,CAAA;CAAE,CAAA"}
1
+ {"version":3,"file":"authorized-client.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorized-client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,OAAO,EACL,oBAAoB,EACpB,GAAG,EACH,aAAa,EACd,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAA;AAE3D,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,GAAG,CAAA;IACR,QAAQ,EAAE,aAAa,CAAA;IAEvB,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAElB,IAAI,EAAE,WAAW,CAAC,oBAAoB,CAAC,CAAA;CACxC;AAED,MAAM,MAAM,qBAAqB,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAA;AAEhE,eAAO,MAAM,SAAS,sBAAsB,CAAA;AAE5C,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,gBAAgB,CAAA;CAAE,CAAA"}
@@ -1 +1 @@
1
- {"version":3,"file":"authorized-client.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorized-client.ts"],"names":[],"mappings":"AAgBA,MAAM,CAAC,MAAM,SAAS,GAAG,mBAAmB,CAAA","sourcesContent":["import { Selectable } from 'kysely'\nimport { AuthorizedClientData, OAuthClientId } from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/index.js'\n\nexport interface AuthorizedClient {\n did: string\n clientId: OAuthClientId\n\n createdAt: DateISO\n updatedAt: DateISO\n\n data: JsonEncoded<AuthorizedClientData>\n}\n\nexport type AuthorizedClientEntry = Selectable<AuthorizedClient>\n\nexport const tableName = 'authorized_client'\n\nexport type PartialDB = { [tableName]: AuthorizedClient }\n"]}
1
+ {"version":3,"file":"authorized-client.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/authorized-client.ts"],"names":[],"mappings":"AAoBA,MAAM,CAAC,MAAM,SAAS,GAAG,mBAAmB,CAAA","sourcesContent":["import { Selectable } from 'kysely'\nimport {\n AuthorizedClientData,\n Did,\n OAuthClientId,\n} from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/index.js'\n\nexport interface AuthorizedClient {\n did: Did\n clientId: OAuthClientId\n\n createdAt: DateISO\n updatedAt: DateISO\n\n data: JsonEncoded<AuthorizedClientData>\n}\n\nexport type AuthorizedClientEntry = Selectable<AuthorizedClient>\n\nexport const tableName = 'authorized_client'\n\nexport type PartialDB = { [tableName]: AuthorizedClient }\n"]}
@@ -1,9 +1,9 @@
1
1
  import { Generated, Selectable } from 'kysely';
2
- import { ClientAuth, ClientAuthLegacy, Code, DeviceId, OAuthAuthorizationDetails, OAuthAuthorizationRequestParameters, OAuthClientId, RefreshToken, Sub, TokenId } from '@atproto/oauth-provider';
2
+ import { ClientAuth, ClientAuthLegacy, Code, DeviceId, Did, OAuthAuthorizationDetails, OAuthAuthorizationRequestParameters, OAuthClientId, RefreshToken, TokenId } from '@atproto/oauth-provider';
3
3
  import { DateISO, JsonEncoded } from '../../../db/cast.js';
4
4
  export interface Token {
5
5
  id: Generated<number>;
6
- did: Sub;
6
+ did: Did;
7
7
  tokenId: TokenId;
8
8
  createdAt: DateISO;
9
9
  updatedAt: DateISO;
@@ -1 +1 @@
1
- {"version":3,"file":"token.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/token.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AAC9C,OAAO,EACL,UAAU,EACV,gBAAgB,EAChB,IAAI,EACJ,QAAQ,EACR,yBAAyB,EACzB,mCAAmC,EACnC,aAAa,EACb,YAAY,EACZ,GAAG,EACH,OAAO,EACR,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;AAE1D,MAAM,WAAW,KAAK;IACpB,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,CAAA;IACrB,GAAG,EAAE,GAAG,CAAA;IAER,OAAO,EAAE,OAAO,CAAA;IAChB,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAClB,QAAQ,EAAE,aAAa,CAAA;IACvB,UAAU,EAAE,WAAW,CAAC,UAAU,GAAG,gBAAgB,CAAC,CAAA;IACtD,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAA;IACzB,UAAU,EAAE,WAAW,CAAC,mCAAmC,CAAC,CAAA;IAC5D,OAAO,EAAE,WAAW,CAAC,yBAAyB,CAAC,GAAG,IAAI,CAAA;IACtD,IAAI,EAAE,IAAI,GAAG,IAAI,CAAA;IACjB,mBAAmB,EAAE,YAAY,GAAG,IAAI,CAAA;IACxC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;CACrB;AAED,MAAM,MAAM,UAAU,GAAG,UAAU,CAAC,KAAK,CAAC,CAAA;AAE1C,eAAO,MAAM,SAAS,UAAU,CAAA;AAEhC,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,KAAK,CAAA;CAAE,CAAA"}
1
+ {"version":3,"file":"token.d.ts","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/token.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AAC9C,OAAO,EACL,UAAU,EACV,gBAAgB,EAChB,IAAI,EACJ,QAAQ,EACR,GAAG,EACH,yBAAyB,EACzB,mCAAmC,EACnC,aAAa,EACb,YAAY,EACZ,OAAO,EACR,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;AAE1D,MAAM,WAAW,KAAK;IACpB,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,CAAA;IACrB,GAAG,EAAE,GAAG,CAAA;IAER,OAAO,EAAE,OAAO,CAAA;IAChB,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,OAAO,CAAA;IAClB,QAAQ,EAAE,aAAa,CAAA;IACvB,UAAU,EAAE,WAAW,CAAC,UAAU,GAAG,gBAAgB,CAAC,CAAA;IACtD,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAA;IACzB,UAAU,EAAE,WAAW,CAAC,mCAAmC,CAAC,CAAA;IAC5D,OAAO,EAAE,WAAW,CAAC,yBAAyB,CAAC,GAAG,IAAI,CAAA;IACtD,IAAI,EAAE,IAAI,GAAG,IAAI,CAAA;IACjB,mBAAmB,EAAE,YAAY,GAAG,IAAI,CAAA;IACxC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;CACrB;AAED,MAAM,MAAM,UAAU,GAAG,UAAU,CAAC,KAAK,CAAC,CAAA;AAE1C,eAAO,MAAM,SAAS,UAAU,CAAA;AAEhC,MAAM,MAAM,SAAS,GAAG;IAAE,CAAC,SAAS,CAAC,EAAE,KAAK,CAAA;CAAE,CAAA"}
@@ -1 +1 @@
1
- {"version":3,"file":"token.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/token.ts"],"names":[],"mappings":"AAmCA,MAAM,CAAC,MAAM,SAAS,GAAG,OAAO,CAAA","sourcesContent":["import { Generated, Selectable } from 'kysely'\nimport {\n ClientAuth,\n ClientAuthLegacy,\n Code,\n DeviceId,\n OAuthAuthorizationDetails,\n OAuthAuthorizationRequestParameters,\n OAuthClientId,\n RefreshToken,\n Sub,\n TokenId,\n} from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/cast.js'\n\nexport interface Token {\n id: Generated<number>\n did: Sub\n\n tokenId: TokenId\n createdAt: DateISO\n updatedAt: DateISO\n expiresAt: DateISO\n clientId: OAuthClientId\n clientAuth: JsonEncoded<ClientAuth | ClientAuthLegacy>\n deviceId: DeviceId | null\n parameters: JsonEncoded<OAuthAuthorizationRequestParameters>\n details: JsonEncoded<OAuthAuthorizationDetails> | null\n code: Code | null\n currentRefreshToken: RefreshToken | null\n scope: string | null\n}\n\nexport type TokenEntry = Selectable<Token>\n\nexport const tableName = 'token'\n\nexport type PartialDB = { [tableName]: Token }\n"]}
1
+ {"version":3,"file":"token.js","sourceRoot":"","sources":["../../../../src/account-manager/db/schema/token.ts"],"names":[],"mappings":"AAmCA,MAAM,CAAC,MAAM,SAAS,GAAG,OAAO,CAAA","sourcesContent":["import { Generated, Selectable } from 'kysely'\nimport {\n ClientAuth,\n ClientAuthLegacy,\n Code,\n DeviceId,\n Did,\n OAuthAuthorizationDetails,\n OAuthAuthorizationRequestParameters,\n OAuthClientId,\n RefreshToken,\n TokenId,\n} from '@atproto/oauth-provider'\nimport { DateISO, JsonEncoded } from '../../../db/cast.js'\n\nexport interface Token {\n id: Generated<number>\n did: Did\n\n tokenId: TokenId\n createdAt: DateISO\n updatedAt: DateISO\n expiresAt: DateISO\n clientId: OAuthClientId\n clientAuth: JsonEncoded<ClientAuth | ClientAuthLegacy>\n deviceId: DeviceId | null\n parameters: JsonEncoded<OAuthAuthorizationRequestParameters>\n details: JsonEncoded<OAuthAuthorizationDetails> | null\n code: Code | null\n currentRefreshToken: RefreshToken | null\n scope: string | null\n}\n\nexport type TokenEntry = Selectable<Token>\n\nexport const tableName = 'token'\n\nexport type PartialDB = { [tableName]: Token }\n"]}
@@ -1,217 +1,44 @@
1
- import { DeviceId } from '@atproto/oauth-provider';
1
+ import { DeviceId, Did } from '@atproto/oauth-provider';
2
2
  import { AccountDb } from '../db/index.js';
3
3
  export declare function upsertQB(db: AccountDb, deviceId: DeviceId, did: string): import("kysely").InsertQueryBuilder<import("../db/index.js").DatabaseSchema, "account_device", import("kysely").InsertResult>;
4
4
  export declare function selectQB(db: AccountDb, filter: {
5
- sub?: string;
5
+ did?: Did;
6
6
  deviceId?: DeviceId;
7
7
  }): import("kysely").SelectQueryBuilder<{
8
- lexicon: import("../db/index.js").Lexicon;
9
- account: import("kysely").Nullable<import("../db/index.js").Account>;
10
- actor: import("../db/index.js").Actor;
11
- app_password: import("../db/index.js").AppPassword;
12
- invite_code: import("../db/index.js").InviteCode;
13
- invite_code_use: import("../db/index.js").InviteCodeUse;
14
- refresh_token: import("../db/index.js").RefreshToken;
15
- repo_root: import("../db/index.js").RepoRoot;
16
- email_token: import("../db/index.js").EmailToken;
17
- token: import("../db/index.js").Token;
18
- authorization_request: import("../db/index.js").AuthorizationRequest;
19
- device: import("../db/index.js").Device;
20
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
21
- account_device: import("../db/index.js").AccountDevice;
22
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
23
- }, "account" | "actor" | "device" | "account_device", import("kysely/dist/esm/util/type-utils.js").MergePartial<import("kysely/dist/esm/util/type-utils.js").MergePartial<Partial<Omit<{}, never>> & Partial<Omit<Partial<Omit<{}, never>>, never>> & import("kysely").Selection<{
24
- lexicon: import("../db/index.js").Lexicon;
25
- account: import("kysely").Nullable<import("../db/index.js").Account>;
26
- actor: import("../db/index.js").Actor;
27
- app_password: import("../db/index.js").AppPassword;
28
- invite_code: import("../db/index.js").InviteCode;
29
- invite_code_use: import("../db/index.js").InviteCodeUse;
30
- refresh_token: import("../db/index.js").RefreshToken;
31
- repo_root: import("../db/index.js").RepoRoot;
32
- email_token: import("../db/index.js").EmailToken;
33
- token: import("../db/index.js").Token;
34
- authorization_request: import("../db/index.js").AuthorizationRequest;
35
- device: import("../db/index.js").Device;
36
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
37
- account_device: import("../db/index.js").AccountDevice;
38
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
39
- }, "account" | "actor", "actor.did" | "account.email" | "account.invitesDisabled" | "account.emailConfirmedAt" | "actor.handle" | "actor.createdAt" | "actor.deleteAfter" | "actor.deactivatedAt" | "actor.takedownRef"> & import("kysely").Selection<{
40
- lexicon: import("../db/index.js").Lexicon;
41
- account: import("kysely").Nullable<import("../db/index.js").Account>;
42
- actor: import("../db/index.js").Actor;
43
- app_password: import("../db/index.js").AppPassword;
44
- invite_code: import("../db/index.js").InviteCode;
45
- invite_code_use: import("../db/index.js").InviteCodeUse;
46
- refresh_token: import("../db/index.js").RefreshToken;
47
- repo_root: import("../db/index.js").RepoRoot;
48
- email_token: import("../db/index.js").EmailToken;
49
- token: import("../db/index.js").Token;
50
- authorization_request: import("../db/index.js").AuthorizationRequest;
51
- device: import("../db/index.js").Device;
52
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
53
- account_device: import("../db/index.js").AccountDevice;
54
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
55
- }, "account" | "actor" | "account_device", "account_device.deviceId" | "account_device.createdAt as adCreatedAt" | "account_device.updatedAt as adUpdatedAt"> & import("kysely").Selection<{
56
- lexicon: import("../db/index.js").Lexicon;
57
- account: import("kysely").Nullable<import("../db/index.js").Account>;
58
- actor: import("../db/index.js").Actor;
59
- app_password: import("../db/index.js").AppPassword;
60
- invite_code: import("../db/index.js").InviteCode;
61
- invite_code_use: import("../db/index.js").InviteCodeUse;
62
- refresh_token: import("../db/index.js").RefreshToken;
63
- repo_root: import("../db/index.js").RepoRoot;
64
- email_token: import("../db/index.js").EmailToken;
65
- token: import("../db/index.js").Token;
66
- authorization_request: import("../db/index.js").AuthorizationRequest;
67
- device: import("../db/index.js").Device;
68
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
69
- account_device: import("../db/index.js").AccountDevice;
70
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
71
- }, "account" | "actor" | "device" | "account_device", "device.sessionId" | "device.userAgent" | "device.ipAddress" | "device.lastSeenAt">, Partial<Omit<{}, never>> & Partial<Omit<Partial<Omit<{}, never>>, never>> & import("kysely").Selection<{
72
- lexicon: import("../db/index.js").Lexicon;
73
- account: import("kysely").Nullable<import("../db/index.js").Account>;
74
- actor: import("../db/index.js").Actor;
75
- app_password: import("../db/index.js").AppPassword;
76
- invite_code: import("../db/index.js").InviteCode;
77
- invite_code_use: import("../db/index.js").InviteCodeUse;
78
- refresh_token: import("../db/index.js").RefreshToken;
79
- repo_root: import("../db/index.js").RepoRoot;
80
- email_token: import("../db/index.js").EmailToken;
81
- token: import("../db/index.js").Token;
82
- authorization_request: import("../db/index.js").AuthorizationRequest;
83
- device: import("../db/index.js").Device;
84
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
85
- account_device: import("../db/index.js").AccountDevice;
86
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
87
- }, "account" | "actor", "actor.did" | "account.email" | "account.invitesDisabled" | "account.emailConfirmedAt" | "actor.handle" | "actor.createdAt" | "actor.deleteAfter" | "actor.deactivatedAt" | "actor.takedownRef"> & import("kysely").Selection<{
88
- lexicon: import("../db/index.js").Lexicon;
89
- account: import("kysely").Nullable<import("../db/index.js").Account>;
90
- actor: import("../db/index.js").Actor;
91
- app_password: import("../db/index.js").AppPassword;
92
- invite_code: import("../db/index.js").InviteCode;
93
- invite_code_use: import("../db/index.js").InviteCodeUse;
94
- refresh_token: import("../db/index.js").RefreshToken;
95
- repo_root: import("../db/index.js").RepoRoot;
96
- email_token: import("../db/index.js").EmailToken;
97
- token: import("../db/index.js").Token;
98
- authorization_request: import("../db/index.js").AuthorizationRequest;
99
- device: import("../db/index.js").Device;
100
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
101
- account_device: import("../db/index.js").AccountDevice;
102
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
103
- }, "account" | "actor" | "account_device", "account_device.deviceId" | "account_device.createdAt as adCreatedAt" | "account_device.updatedAt as adUpdatedAt"> & import("kysely").Selection<{
104
- lexicon: import("../db/index.js").Lexicon;
105
8
  account: import("kysely").Nullable<import("../db/index.js").Account>;
106
- actor: import("../db/index.js").Actor;
107
- app_password: import("../db/index.js").AppPassword;
108
- invite_code: import("../db/index.js").InviteCode;
109
- invite_code_use: import("../db/index.js").InviteCodeUse;
110
- refresh_token: import("../db/index.js").RefreshToken;
111
- repo_root: import("../db/index.js").RepoRoot;
112
- email_token: import("../db/index.js").EmailToken;
113
- token: import("../db/index.js").Token;
114
- authorization_request: import("../db/index.js").AuthorizationRequest;
115
- device: import("../db/index.js").Device;
116
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
117
9
  account_device: import("../db/index.js").AccountDevice;
118
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
119
- }, "account" | "actor" | "device" | "account_device", "device.sessionId" | "device.userAgent" | "device.ipAddress" | "device.lastSeenAt">>, import("kysely/dist/esm/util/type-utils.js").MergePartial<Partial<Omit<{}, never>> & Partial<Omit<Partial<Omit<{}, never>>, never>> & import("kysely").Selection<{
120
- lexicon: import("../db/index.js").Lexicon;
121
- account: import("kysely").Nullable<import("../db/index.js").Account>;
122
10
  actor: import("../db/index.js").Actor;
123
11
  app_password: import("../db/index.js").AppPassword;
124
- invite_code: import("../db/index.js").InviteCode;
125
- invite_code_use: import("../db/index.js").InviteCodeUse;
126
- refresh_token: import("../db/index.js").RefreshToken;
127
- repo_root: import("../db/index.js").RepoRoot;
128
- email_token: import("../db/index.js").EmailToken;
129
- token: import("../db/index.js").Token;
130
12
  authorization_request: import("../db/index.js").AuthorizationRequest;
131
- device: import("../db/index.js").Device;
132
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
133
- account_device: import("../db/index.js").AccountDevice;
134
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
135
- }, "account" | "actor", "actor.did" | "account.email" | "account.invitesDisabled" | "account.emailConfirmedAt" | "actor.handle" | "actor.createdAt" | "actor.deleteAfter" | "actor.deactivatedAt" | "actor.takedownRef"> & import("kysely").Selection<{
136
- lexicon: import("../db/index.js").Lexicon;
137
- account: import("kysely").Nullable<import("../db/index.js").Account>;
138
- actor: import("../db/index.js").Actor;
139
- app_password: import("../db/index.js").AppPassword;
140
- invite_code: import("../db/index.js").InviteCode;
141
- invite_code_use: import("../db/index.js").InviteCodeUse;
142
- refresh_token: import("../db/index.js").RefreshToken;
143
- repo_root: import("../db/index.js").RepoRoot;
144
- email_token: import("../db/index.js").EmailToken;
145
- token: import("../db/index.js").Token;
146
- authorization_request: import("../db/index.js").AuthorizationRequest;
147
- device: import("../db/index.js").Device;
148
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
149
- account_device: import("../db/index.js").AccountDevice;
150
13
  authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
151
- }, "account" | "actor" | "account_device", "account_device.deviceId" | "account_device.createdAt as adCreatedAt" | "account_device.updatedAt as adUpdatedAt"> & import("kysely").Selection<{
152
- lexicon: import("../db/index.js").Lexicon;
153
- account: import("kysely").Nullable<import("../db/index.js").Account>;
154
- actor: import("../db/index.js").Actor;
155
- app_password: import("../db/index.js").AppPassword;
156
- invite_code: import("../db/index.js").InviteCode;
157
- invite_code_use: import("../db/index.js").InviteCodeUse;
158
- refresh_token: import("../db/index.js").RefreshToken;
159
- repo_root: import("../db/index.js").RepoRoot;
160
- email_token: import("../db/index.js").EmailToken;
161
- token: import("../db/index.js").Token;
162
- authorization_request: import("../db/index.js").AuthorizationRequest;
163
14
  device: import("../db/index.js").Device;
164
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
165
- account_device: import("../db/index.js").AccountDevice;
166
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
167
- }, "account" | "actor" | "device" | "account_device", "device.sessionId" | "device.userAgent" | "device.ipAddress" | "device.lastSeenAt">, Partial<Omit<{}, never>> & Partial<Omit<Partial<Omit<{}, never>>, never>> & import("kysely").Selection<{
168
- lexicon: import("../db/index.js").Lexicon;
169
- account: import("kysely").Nullable<import("../db/index.js").Account>;
170
- actor: import("../db/index.js").Actor;
171
- app_password: import("../db/index.js").AppPassword;
172
- invite_code: import("../db/index.js").InviteCode;
173
- invite_code_use: import("../db/index.js").InviteCodeUse;
174
- refresh_token: import("../db/index.js").RefreshToken;
175
- repo_root: import("../db/index.js").RepoRoot;
176
15
  email_token: import("../db/index.js").EmailToken;
177
- token: import("../db/index.js").Token;
178
- authorization_request: import("../db/index.js").AuthorizationRequest;
179
- device: import("../db/index.js").Device;
180
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
181
- account_device: import("../db/index.js").AccountDevice;
182
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
183
- }, "account" | "actor", "actor.did" | "account.email" | "account.invitesDisabled" | "account.emailConfirmedAt" | "actor.handle" | "actor.createdAt" | "actor.deleteAfter" | "actor.deactivatedAt" | "actor.takedownRef"> & import("kysely").Selection<{
184
- lexicon: import("../db/index.js").Lexicon;
185
- account: import("kysely").Nullable<import("../db/index.js").Account>;
186
- actor: import("../db/index.js").Actor;
187
- app_password: import("../db/index.js").AppPassword;
188
16
  invite_code: import("../db/index.js").InviteCode;
189
17
  invite_code_use: import("../db/index.js").InviteCodeUse;
190
- refresh_token: import("../db/index.js").RefreshToken;
191
- repo_root: import("../db/index.js").RepoRoot;
192
- email_token: import("../db/index.js").EmailToken;
193
- token: import("../db/index.js").Token;
194
- authorization_request: import("../db/index.js").AuthorizationRequest;
195
- device: import("../db/index.js").Device;
196
- used_refresh_token: import("../db/index.js").UsedRefreshToken;
197
- account_device: import("../db/index.js").AccountDevice;
198
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
199
- }, "account" | "actor" | "account_device", "account_device.deviceId" | "account_device.createdAt as adCreatedAt" | "account_device.updatedAt as adUpdatedAt"> & import("kysely").Selection<{
200
18
  lexicon: import("../db/index.js").Lexicon;
201
- account: import("kysely").Nullable<import("../db/index.js").Account>;
202
- actor: import("../db/index.js").Actor;
203
- app_password: import("../db/index.js").AppPassword;
204
- invite_code: import("../db/index.js").InviteCode;
205
- invite_code_use: import("../db/index.js").InviteCodeUse;
206
19
  refresh_token: import("../db/index.js").RefreshToken;
207
20
  repo_root: import("../db/index.js").RepoRoot;
208
- email_token: import("../db/index.js").EmailToken;
209
21
  token: import("../db/index.js").Token;
210
- authorization_request: import("../db/index.js").AuthorizationRequest;
211
- device: import("../db/index.js").Device;
212
22
  used_refresh_token: import("../db/index.js").UsedRefreshToken;
213
- account_device: import("../db/index.js").AccountDevice;
214
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
215
- }, "account" | "actor" | "device" | "account_device", "device.sessionId" | "device.userAgent" | "device.ipAddress" | "device.lastSeenAt">>>>;
216
- export declare function removeQB(db: AccountDb, deviceId: DeviceId, did: string): import("kysely").DeleteQueryBuilder<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "account_device">, "account_device", import("kysely").DeleteResult>;
23
+ }, "account" | "account_device" | "actor" | "device", Partial<Omit<unknown, never>> & {
24
+ createdAt: string;
25
+ deactivatedAt: string | null;
26
+ deleteAfter: string | null;
27
+ did: `did:${string}:${string}`;
28
+ email: string | null;
29
+ emailConfirmedAt: import("@atproto/syntax").DatetimeString | null;
30
+ handle: `${string}.${string}` | null;
31
+ invitesDisabled: 0 | 1 | null;
32
+ takedownRef: string | null;
33
+ } & {
34
+ adCreatedAt: `${string}T${string}Z`;
35
+ adUpdatedAt: `${string}T${string}Z`;
36
+ deviceId: `dev-${string}`;
37
+ } & {
38
+ ipAddress: string;
39
+ lastSeenAt: `${string}T${string}Z`;
40
+ sessionId: `ses-${string}`;
41
+ userAgent: string | null;
42
+ } & Partial<Omit<unknown, "adCreatedAt" | "adUpdatedAt" | "createdAt" | "deactivatedAt" | "deleteAfter" | "deviceId" | "did" | "email" | "emailConfirmedAt" | "handle" | "invitesDisabled" | "ipAddress" | "lastSeenAt" | "sessionId" | "takedownRef" | "userAgent">>>;
43
+ export declare function removeQB(db: AccountDb, deviceId: DeviceId, did: string): import("kysely").DeleteQueryBuilder<import("../db/index.js").DatabaseSchema, "account_device", import("kysely").DeleteResult>;
217
44
  //# sourceMappingURL=account-device.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"account-device.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/account-device.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AAGlD,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAG1C,wBAAgB,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,iIAiBtE;AAED,wBAAgB,QAAQ,CACtB,EAAE,EAAE,SAAS,EACb,MAAM,EAAE;IACN,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,QAAQ,CAAC,EAAE,QAAQ,CAAA;CACpB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;6IA8BF;AAED,wBAAgB,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,0MAKtE"}
1
+ {"version":3,"file":"account-device.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/account-device.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAA;AAEvD,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAG1C,wBAAgB,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,iIAiBtE;AAED,wBAAgB,QAAQ,CACtB,EAAE,EAAE,SAAS,EACb,MAAM,EAAE;IAAE,GAAG,CAAC,EAAE,GAAG,CAAC;IAAC,QAAQ,CAAC,EAAE,QAAQ,CAAA;CAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;uQA4B3C;AAED,wBAAgB,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,iIAKtE"}
@@ -18,7 +18,7 @@ export function upsertQB(db, deviceId, did) {
18
18
  }));
19
19
  }
20
20
  export function selectQB(db, filter) {
21
- assert(filter.sub != null || filter.deviceId != null, 'Either sub or deviceId must be provided');
21
+ assert(filter.did != null || filter.deviceId != null, 'Either sub or deviceId must be provided');
22
22
  return (selectAccountQB(db, { includeDeactivated: true })
23
23
  // note: query planner should use "account_device_pk" index
24
24
  .innerJoin('account_device', 'account_device.did', 'actor.did')
@@ -34,8 +34,8 @@ export function selectQB(db, filter) {
34
34
  'device.ipAddress',
35
35
  'device.lastSeenAt',
36
36
  ])
37
- .if(filter.sub != null, (qb) => qb.where('actor.did', '=', filter.sub))
38
- .if(filter.deviceId != null, (qb) => qb.where('account_device.deviceId', '=', filter.deviceId)));
37
+ .$if(filter.did != null, (qb) => qb.where('actor.did', '=', filter.did))
38
+ .$if(filter.deviceId != null, (qb) => qb.where('account_device.deviceId', '=', filter.deviceId)));
39
39
  }
40
40
  export function removeQB(db, deviceId, did) {
41
41
  return db.db
@@ -1 +1 @@
1
- {"version":3,"file":"account-device.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/account-device.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAA;AAGhC,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAE7C,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAE9C,MAAM,UAAU,QAAQ,CAAC,EAAa,EAAE,QAAkB,EAAE,GAAW;IACrE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IAEtB,OAAO,EAAE,CAAC,EAAE;SACT,UAAU,CAAC,gBAAgB,CAAC;SAC5B,MAAM,CAAC;QACN,GAAG;QACH,QAAQ;QACR,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;QACzB,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;KAC1B,CAAC;SACD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE;IACjB,UAAU;IACV,EAAE,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,WAAW,CAAC;QAC1C,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;KAC1B,CAAC,CACH,CAAA;AACL,CAAC;AAED,MAAM,UAAU,QAAQ,CACtB,EAAa,EACb,MAGC;IAED,MAAM,CACJ,MAAM,CAAC,GAAG,IAAI,IAAI,IAAI,MAAM,CAAC,QAAQ,IAAI,IAAI,EAC7C,yCAAyC,CAC1C,CAAA;IAED,OAAO,CACL,eAAe,CAAC,EAAE,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC;QAC/C,2DAA2D;SAC1D,SAAS,CAAC,gBAAgB,EAAE,oBAAoB,EAAE,WAAW,CAAC;SAC9D,MAAM,CAAC;QACN,yBAAyB;QACzB,yCAAyC;QACzC,yCAAyC;KAC1C,CAAC;SACD,SAAS,CAAC,QAAQ,EAAE,WAAW,EAAE,yBAAyB,CAAC;SAC3D,MAAM,CAAC;QACN,kBAAkB;QAClB,kBAAkB;QAClB,kBAAkB;QAClB,mBAAmB;KACpB,CAAC;SACD,EAAE,CAAC,MAAM,CAAC,GAAG,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAC7B,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,CAAC,GAAiB,CAAC,CACrD;SACA,EAAE,CAAC,MAAM,CAAC,QAAQ,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAClC,EAAE,CAAC,KAAK,CAAC,yBAAyB,EAAE,GAAG,EAAE,MAAM,CAAC,QAAS,CAAC,CAC3D,CACJ,CAAA;AACH,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,EAAa,EAAE,QAAkB,EAAE,GAAW;IACrE,OAAO,EAAE,CAAC,EAAE;SACT,UAAU,CAAC,gBAAgB,CAAC;SAC5B,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,QAAQ,CAAC;SAChC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;AAC3B,CAAC","sourcesContent":["import assert from 'node:assert'\nimport { DeviceId } from '@atproto/oauth-provider'\nimport { DidString } from '@atproto/syntax'\nimport { toDateISO } from '../../db/index.js'\nimport { AccountDb } from '../db/index.js'\nimport { selectAccountQB } from './account.js'\n\nexport function upsertQB(db: AccountDb, deviceId: DeviceId, did: string) {\n const now = new Date()\n\n return db.db\n .insertInto('account_device')\n .values({\n did,\n deviceId,\n createdAt: toDateISO(now),\n updatedAt: toDateISO(now),\n })\n .onConflict((oc) =>\n // uses pk\n oc.columns(['deviceId', 'did']).doUpdateSet({\n updatedAt: toDateISO(now),\n }),\n )\n}\n\nexport function selectQB(\n db: AccountDb,\n filter: {\n sub?: string\n deviceId?: DeviceId\n },\n) {\n assert(\n filter.sub != null || filter.deviceId != null,\n 'Either sub or deviceId must be provided',\n )\n\n return (\n selectAccountQB(db, { includeDeactivated: true })\n // note: query planner should use \"account_device_pk\" index\n .innerJoin('account_device', 'account_device.did', 'actor.did')\n .select([\n 'account_device.deviceId',\n 'account_device.createdAt as adCreatedAt',\n 'account_device.updatedAt as adUpdatedAt',\n ])\n .innerJoin('device', 'device.id', 'account_device.deviceId')\n .select([\n 'device.sessionId',\n 'device.userAgent',\n 'device.ipAddress',\n 'device.lastSeenAt',\n ])\n .if(filter.sub != null, (qb) =>\n qb.where('actor.did', '=', filter.sub! as DidString),\n )\n .if(filter.deviceId != null, (qb) =>\n qb.where('account_device.deviceId', '=', filter.deviceId!),\n )\n )\n}\n\nexport function removeQB(db: AccountDb, deviceId: DeviceId, did: string) {\n return db.db\n .deleteFrom('account_device')\n .where('deviceId', '=', deviceId)\n .where('did', '=', did)\n}\n"]}
1
+ {"version":3,"file":"account-device.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/account-device.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAA;AAEhC,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAE7C,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAE9C,MAAM,UAAU,QAAQ,CAAC,EAAa,EAAE,QAAkB,EAAE,GAAW;IACrE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IAEtB,OAAO,EAAE,CAAC,EAAE;SACT,UAAU,CAAC,gBAAgB,CAAC;SAC5B,MAAM,CAAC;QACN,GAAG;QACH,QAAQ;QACR,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;QACzB,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;KAC1B,CAAC;SACD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE;IACjB,UAAU;IACV,EAAE,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,WAAW,CAAC;QAC1C,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;KAC1B,CAAC,CACH,CAAA;AACL,CAAC;AAED,MAAM,UAAU,QAAQ,CACtB,EAAa,EACb,MAA0C;IAE1C,MAAM,CACJ,MAAM,CAAC,GAAG,IAAI,IAAI,IAAI,MAAM,CAAC,QAAQ,IAAI,IAAI,EAC7C,yCAAyC,CAC1C,CAAA;IAED,OAAO,CACL,eAAe,CAAC,EAAE,EAAE,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC;QAC/C,2DAA2D;SAC1D,SAAS,CAAC,gBAAgB,EAAE,oBAAoB,EAAE,WAAW,CAAC;SAC9D,MAAM,CAAC;QACN,yBAAyB;QACzB,yCAAyC;QACzC,yCAAyC;KAC1C,CAAC;SACD,SAAS,CAAC,QAAQ,EAAE,WAAW,EAAE,yBAAyB,CAAC;SAC3D,MAAM,CAAC;QACN,kBAAkB;QAClB,kBAAkB;QAClB,kBAAkB;QAClB,mBAAmB;KACpB,CAAC;SACD,GAAG,CAAC,MAAM,CAAC,GAAG,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,CAAC,GAAI,CAAC,CAAC;SACxE,GAAG,CAAC,MAAM,CAAC,QAAQ,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CACnC,EAAE,CAAC,KAAK,CAAC,yBAAyB,EAAE,GAAG,EAAE,MAAM,CAAC,QAAS,CAAC,CAC3D,CACJ,CAAA;AACH,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,EAAa,EAAE,QAAkB,EAAE,GAAW;IACrE,OAAO,EAAE,CAAC,EAAE;SACT,UAAU,CAAC,gBAAgB,CAAC;SAC5B,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,QAAQ,CAAC;SAChC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;AAC3B,CAAC","sourcesContent":["import assert from 'node:assert'\nimport { DeviceId, Did } from '@atproto/oauth-provider'\nimport { toDateISO } from '../../db/index.js'\nimport { AccountDb } from '../db/index.js'\nimport { selectAccountQB } from './account.js'\n\nexport function upsertQB(db: AccountDb, deviceId: DeviceId, did: string) {\n const now = new Date()\n\n return db.db\n .insertInto('account_device')\n .values({\n did,\n deviceId,\n createdAt: toDateISO(now),\n updatedAt: toDateISO(now),\n })\n .onConflict((oc) =>\n // uses pk\n oc.columns(['deviceId', 'did']).doUpdateSet({\n updatedAt: toDateISO(now),\n }),\n )\n}\n\nexport function selectQB(\n db: AccountDb,\n filter: { did?: Did; deviceId?: DeviceId },\n) {\n assert(\n filter.did != null || filter.deviceId != null,\n 'Either sub or deviceId must be provided',\n )\n\n return (\n selectAccountQB(db, { includeDeactivated: true })\n // note: query planner should use \"account_device_pk\" index\n .innerJoin('account_device', 'account_device.did', 'actor.did')\n .select([\n 'account_device.deviceId',\n 'account_device.createdAt as adCreatedAt',\n 'account_device.updatedAt as adUpdatedAt',\n ])\n .innerJoin('device', 'device.id', 'account_device.deviceId')\n .select([\n 'device.sessionId',\n 'device.userAgent',\n 'device.ipAddress',\n 'device.lastSeenAt',\n ])\n .$if(filter.did != null, (qb) => qb.where('actor.did', '=', filter.did!))\n .$if(filter.deviceId != null, (qb) =>\n qb.where('account_device.deviceId', '=', filter.deviceId!),\n )\n )\n}\n\nexport function removeQB(db: AccountDb, deviceId: DeviceId, did: string) {\n return db.db\n .deleteFrom('account_device')\n .where('deviceId', '=', deviceId)\n .where('did', '=', did)\n}\n"]}
@@ -21,23 +21,33 @@ export declare enum AccountStatus {
21
21
  Deleted = "deleted",
22
22
  Deactivated = "deactivated"
23
23
  }
24
- export declare const selectAccountQB: (db: AccountDb, flags?: AvailabilityFlags) => import("kysely").QueryBuilderWithSelection<{
25
- lexicon: import("../db/index.js").Lexicon;
24
+ export declare const selectAccountQB: (db: AccountDb, flags?: AvailabilityFlags) => import("kysely").SelectQueryBuilder<{
26
25
  account: import("kysely").Nullable<import("../db/index.js").Account>;
26
+ account_device: import("../db/index.js").AccountDevice;
27
27
  actor: import("../db/index.js").Actor;
28
28
  app_password: import("../db/index.js").AppPassword;
29
+ authorization_request: import("../db/index.js").AuthorizationRequest;
30
+ authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
31
+ device: import("../db/index.js").Device;
32
+ email_token: import("../db/index.js").EmailToken;
29
33
  invite_code: import("../db/index.js").InviteCode;
30
34
  invite_code_use: import("../db/index.js").InviteCodeUse;
35
+ lexicon: import("../db/index.js").Lexicon;
31
36
  refresh_token: import("../db/index.js").RefreshToken;
32
37
  repo_root: import("../db/index.js").RepoRoot;
33
- email_token: import("../db/index.js").EmailToken;
34
38
  token: import("../db/index.js").Token;
35
- authorization_request: import("../db/index.js").AuthorizationRequest;
36
- device: import("../db/index.js").Device;
37
39
  used_refresh_token: import("../db/index.js").UsedRefreshToken;
38
- account_device: import("../db/index.js").AccountDevice;
39
- authorized_client: import("../db/schema/authorized-client.js").AuthorizedClient;
40
- }, "account" | "actor", import("kysely/dist/esm/util/type-utils.js").MergePartial<Partial<Omit<{}, never>>, Partial<Omit<{}, never>>>, "actor.did" | "account.email" | "account.invitesDisabled" | "account.emailConfirmedAt" | "actor.handle" | "actor.createdAt" | "actor.deleteAfter" | "actor.deactivatedAt" | "actor.takedownRef">;
40
+ }, "account" | "actor", Partial<Omit<unknown, never>> & {
41
+ createdAt: string;
42
+ deactivatedAt: string | null;
43
+ deleteAfter: string | null;
44
+ did: `did:${string}:${string}`;
45
+ email: string | null;
46
+ emailConfirmedAt: DatetimeString | null;
47
+ handle: `${string}.${string}` | null;
48
+ invitesDisabled: 0 | 1 | null;
49
+ takedownRef: string | null;
50
+ }>;
41
51
  export declare const getAccount: (db: AccountDb, handleOrDid: AtIdentifierString, flags?: AvailabilityFlags) => Promise<ActorAccount | null>;
42
52
  export declare const getAccounts: (db: AccountDb, dids: DidString[], flags?: AvailabilityFlags) => Promise<Map<string, ActorAccount>>;
43
53
  export declare const getAccountByEmail: (db: AccountDb, email: string, flags?: AvailabilityFlags) => Promise<ActorAccount | null>;
@@ -60,8 +70,8 @@ export declare const getAccountAdminStatus: (db: AccountDb, did: DidString) => P
60
70
  deactivated: com.atproto.admin.defs.StatusAttr;
61
71
  } | null>;
62
72
  export declare const updateAccountTakedownStatus: (db: AccountDb, did: DidString, takedown: com.atproto.admin.defs.StatusAttr) => Promise<void>;
63
- export declare const deactivateAccount: (db: AccountDb, did: DidString, deleteAfter: string | null) => Promise<void>;
64
- export declare const activateAccount: (db: AccountDb, did: DidString) => Promise<void>;
73
+ export declare const deactivateAccount: (db: AccountDb, did: DidString, deleteAfter: string | null) => Promise<boolean>;
74
+ export declare const activateAccount: (db: AccountDb, did: DidString, flags?: AvailabilityFlags) => Promise<boolean>;
65
75
  export declare const formatAccountStatus: (account: null | {
66
76
  takedownRef: string | null;
67
77
  deactivatedAt: string | null;
@@ -1 +1 @@
1
- {"version":3,"file":"account.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/account.ts"],"names":[],"mappings":"AACA,OAAO,EACL,kBAAkB,EAClB,cAAc,EACd,SAAS,EACT,YAAY,EAGb,MAAM,cAAc,CAAA;AAErB,OAAO,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AAEtD,qBAAa,sBAAuB,SAAQ,KAAK;IAC/C,IAAI,SAA2B;gBAE7B,OAAO,SAAwE,EAC/E,OAAO,CAAC,EAAE,YAAY;CAIzB;AAED,MAAM,MAAM,YAAY,GAAG,UAAU,GAAG;IACtC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAA;IAC/B,eAAe,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAA;CAC9B,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,kBAAkB,CAAC,EAAE,OAAO,CAAA;CAC7B,CAAA;AAED,oBAAY,aAAa;IACvB,MAAM,WAAW;IACjB,SAAS,cAAc;IACvB,SAAS,cAAc;IACvB,OAAO,YAAY;IACnB,WAAW,gBAAgB;CAC5B;AAED,eAAO,MAAM,eAAe,GAAI,IAAI,SAAS,EAAE,QAAQ,iBAAiB;;;;;;;;;;;;;;;;uUAqBvE,CAAA;AAED,eAAO,MAAM,UAAU,GACrB,IAAI,SAAS,EACb,aAAa,kBAAkB,EAC/B,QAAQ,iBAAiB,KACxB,OAAO,CAAC,YAAY,GAAG,IAAI,CAW7B,CAAA;AAED,eAAO,MAAM,WAAW,GACtB,IAAI,SAAS,EACb,MAAM,SAAS,EAAE,EACjB,QAAQ,iBAAiB,KACxB,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC,CAgBnC,CAAA;AAED,eAAO,MAAM,iBAAiB,GAC5B,IAAI,SAAS,EACb,OAAO,MAAM,EACb,QAAQ,iBAAiB,KACxB,OAAO,CAAC,YAAY,GAAG,IAAI,CAK7B,CAAA;AAED,eAAO,MAAM,aAAa,GACxB,IAAI,SAAS,EACb,MAAM;IACJ,GAAG,EAAE,SAAS,CAAA;IACd,MAAM,EAAE,YAAY,CAAA;IACpB,WAAW,CAAC,EAAE,OAAO,CAAA;CACtB,kBAqBF,CAAA;AAED,eAAO,MAAM,eAAe,GAC1B,IAAI,SAAS,EACb,MAAM;IACJ,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,CAAA;IACb,cAAc,EAAE,MAAM,CAAA;CACvB,kBAiBF,CAAA;AAED,eAAO,MAAM,aAAa,GACxB,IAAI,SAAS,EACb,KAAK,SAAS,KACb,OAAO,CAAC,IAAI,CAkBd,CAAA;AAED,eAAO,MAAM,YAAY,GACvB,IAAI,SAAS,EACb,KAAK,SAAS,EACd,QAAQ,YAAY,kBAsBrB,CAAA;AAED,eAAO,MAAM,WAAW,GACtB,IAAI,SAAS,EACb,KAAK,SAAS,EACd,OAAO,MAAM,kBAkBd,CAAA;AAED,eAAO,MAAM,mBAAmB,GAC9B,IAAI,SAAS,EACb,KAAK,SAAS,EACd,kBAAkB,cAAc,kBAQjC,CAAA;AAED,eAAO,MAAM,qBAAqB,GAChC,IAAI,SAAS,EACb,KAAK,SAAS,KACb,OAAO,CAAC;IACT,QAAQ,EAAE,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAA;IAC3C,WAAW,EAAE,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAA;CAC/C,GAAG,IAAI,CAYP,CAAA;AAED,eAAO,MAAM,2BAA2B,GACtC,IAAI,SAAS,EACb,KAAK,SAAS,EACd,UAAU,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,kBAQ5C,CAAA;AAED,eAAO,MAAM,iBAAiB,GAC5B,IAAI,SAAS,EACb,KAAK,SAAS,EACd,aAAa,MAAM,GAAG,IAAI,kBAW3B,CAAA;AAED,eAAO,MAAM,eAAe,GAAU,IAAI,SAAS,EAAE,KAAK,SAAS,kBAUlE,CAAA;AAED,eAAO,MAAM,mBAAmB,GAC9B,SAAS,IAAI,GAAG;IACd,WAAW,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,aAAa,EAAE,MAAM,GAAG,IAAI,CAAA;CAC7B;;;;;;;;;;;;CAWF,CAAA"}
1
+ {"version":3,"file":"account.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/account.ts"],"names":[],"mappings":"AACA,OAAO,EACL,kBAAkB,EAClB,cAAc,EACd,SAAS,EACT,YAAY,EAGb,MAAM,cAAc,CAAA;AAErB,OAAO,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AAEtD,qBAAa,sBAAuB,SAAQ,KAAK;IAC/C,IAAI,SAA2B;IAC/B,YACE,OAAO,SAAwE,EAC/E,OAAO,CAAC,EAAE,YAAY,EAGvB;CACF;AAED,MAAM,MAAM,YAAY,GAAG,UAAU,GAAG;IACtC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAA;IAC/B,eAAe,EAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAA;CAC9B,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,kBAAkB,CAAC,EAAE,OAAO,CAAA;CAC7B,CAAA;AAED,oBAAY,aAAa;IACvB,MAAM,WAAW;IACjB,SAAS,cAAc;IACvB,SAAS,cAAc;IACvB,OAAO,YAAY;IACnB,WAAW,gBAAgB;CAC5B;AAED,eAAO,MAAM,eAAe,OAAQ,SAAS,UAAU,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;EAuBvE,CAAA;AAED,eAAO,MAAM,UAAU,OACjB,SAAS,eACA,kBAAkB,UACvB,iBAAiB,KACxB,OAAO,CAAC,YAAY,GAAG,IAAI,CAW7B,CAAA;AAED,eAAO,MAAM,WAAW,OAClB,SAAS,QACP,SAAS,EAAE,UACT,iBAAiB,KACxB,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC,CAgBnC,CAAA;AAED,eAAO,MAAM,iBAAiB,OACxB,SAAS,SACN,MAAM,UACL,iBAAiB,KACxB,OAAO,CAAC,YAAY,GAAG,IAAI,CAK7B,CAAA;AAED,eAAO,MAAM,aAAa,OACpB,SAAS,QACP;IACJ,GAAG,EAAE,SAAS,CAAA;IACd,MAAM,EAAE,YAAY,CAAA;IACpB,WAAW,CAAC,EAAE,OAAO,CAAA;CACtB,kBAqBF,CAAA;AAED,eAAO,MAAM,eAAe,OACtB,SAAS,QACP;IACJ,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,CAAA;IACb,cAAc,EAAE,MAAM,CAAA;CACvB,kBAiBF,CAAA;AAED,eAAO,MAAM,aAAa,OACpB,SAAS,OACR,SAAS,KACb,OAAO,CAAC,IAAI,CAkBd,CAAA;AAED,eAAO,MAAM,YAAY,OACnB,SAAS,OACR,SAAS,UACN,YAAY,kBA0BrB,CAAA;AAED,eAAO,MAAM,WAAW,OAClB,SAAS,OACR,SAAS,SACP,MAAM,kBAkBd,CAAA;AAED,eAAO,MAAM,mBAAmB,OAC1B,SAAS,OACR,SAAS,oBACI,cAAc,kBAQjC,CAAA;AAED,eAAO,MAAM,qBAAqB,OAC5B,SAAS,OACR,SAAS,KACb,OAAO,CAAC;IACT,QAAQ,EAAE,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAA;IAC3C,WAAW,EAAE,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAA;CAC/C,GAAG,IAAI,CAYP,CAAA;AAED,eAAO,MAAM,2BAA2B,OAClC,SAAS,OACR,SAAS,YACJ,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,kBAQ5C,CAAA;AAED,eAAO,MAAM,iBAAiB,OACxB,SAAS,OACR,SAAS,eACD,MAAM,GAAG,IAAI,KACzB,OAAO,CAAC,OAAO,CAYjB,CAAA;AAED,eAAO,MAAM,eAAe,OACtB,SAAS,OACR,SAAS,UACN,iBAAiB,KACxB,OAAO,CAAC,OAAO,CAqBjB,CAAA;AAED,eAAO,MAAM,mBAAmB,YACrB,IAAI,GAAG;IACd,WAAW,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,aAAa,EAAE,MAAM,GAAG,IAAI,CAAA;CAC7B;;;;;;;;;;;;CAWF,CAAA"}