@atproto/pds 0.5.4 → 0.5.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (330) hide show
  1. package/CHANGELOG.md +43 -0
  2. package/dist/account-manager/account-manager.d.ts +52 -14
  3. package/dist/account-manager/account-manager.d.ts.map +1 -1
  4. package/dist/account-manager/account-manager.js +86 -26
  5. package/dist/account-manager/account-manager.js.map +1 -1
  6. package/dist/account-manager/db/index.d.ts.map +1 -1
  7. package/dist/account-manager/db/migrations/005-oauth-account-management.d.ts.map +1 -1
  8. package/dist/account-manager/db/migrations/005-oauth-account-management.js +3 -4
  9. package/dist/account-manager/db/migrations/005-oauth-account-management.js.map +1 -1
  10. package/dist/account-manager/db/migrations/index.d.ts.map +1 -1
  11. package/dist/account-manager/db/schema/authorization-request.d.ts +2 -2
  12. package/dist/account-manager/db/schema/authorization-request.d.ts.map +1 -1
  13. package/dist/account-manager/db/schema/authorization-request.js.map +1 -1
  14. package/dist/account-manager/db/schema/authorized-client.d.ts +2 -2
  15. package/dist/account-manager/db/schema/authorized-client.d.ts.map +1 -1
  16. package/dist/account-manager/db/schema/authorized-client.js.map +1 -1
  17. package/dist/account-manager/db/schema/token.d.ts +2 -2
  18. package/dist/account-manager/db/schema/token.d.ts.map +1 -1
  19. package/dist/account-manager/db/schema/token.js.map +1 -1
  20. package/dist/account-manager/helpers/account-device.d.ts +23 -196
  21. package/dist/account-manager/helpers/account-device.d.ts.map +1 -1
  22. package/dist/account-manager/helpers/account-device.js +3 -3
  23. package/dist/account-manager/helpers/account-device.js.map +1 -1
  24. package/dist/account-manager/helpers/account.d.ts +20 -10
  25. package/dist/account-manager/helpers/account.d.ts.map +1 -1
  26. package/dist/account-manager/helpers/account.js +17 -11
  27. package/dist/account-manager/helpers/account.js.map +1 -1
  28. package/dist/account-manager/helpers/auth.d.ts.map +1 -1
  29. package/dist/account-manager/helpers/auth.js +1 -1
  30. package/dist/account-manager/helpers/auth.js.map +1 -1
  31. package/dist/account-manager/helpers/authorization-request.d.ts +83 -5
  32. package/dist/account-manager/helpers/authorization-request.d.ts.map +1 -1
  33. package/dist/account-manager/helpers/authorization-request.js +8 -8
  34. package/dist/account-manager/helpers/authorization-request.js.map +1 -1
  35. package/dist/account-manager/helpers/authorized-client.d.ts +5 -4
  36. package/dist/account-manager/helpers/authorized-client.d.ts.map +1 -1
  37. package/dist/account-manager/helpers/authorized-client.js +3 -0
  38. package/dist/account-manager/helpers/authorized-client.js.map +1 -1
  39. package/dist/account-manager/helpers/device.d.ts +10 -4
  40. package/dist/account-manager/helpers/device.d.ts.map +1 -1
  41. package/dist/account-manager/helpers/device.js +4 -4
  42. package/dist/account-manager/helpers/device.js.map +1 -1
  43. package/dist/account-manager/helpers/email-token.d.ts.map +1 -1
  44. package/dist/account-manager/helpers/invite.d.ts +35 -2
  45. package/dist/account-manager/helpers/invite.d.ts.map +1 -1
  46. package/dist/account-manager/helpers/lexicon.d.ts.map +1 -1
  47. package/dist/account-manager/helpers/lexicon.js +6 -0
  48. package/dist/account-manager/helpers/lexicon.js.map +1 -1
  49. package/dist/account-manager/helpers/password.d.ts +1 -0
  50. package/dist/account-manager/helpers/password.d.ts.map +1 -1
  51. package/dist/account-manager/helpers/password.js +3 -0
  52. package/dist/account-manager/helpers/password.js.map +1 -1
  53. package/dist/account-manager/helpers/repo.d.ts.map +1 -1
  54. package/dist/account-manager/helpers/scrypt.d.ts.map +1 -1
  55. package/dist/account-manager/helpers/token.d.ts +72 -1031
  56. package/dist/account-manager/helpers/token.d.ts.map +1 -1
  57. package/dist/account-manager/helpers/token.js +13 -10
  58. package/dist/account-manager/helpers/token.js.map +1 -1
  59. package/dist/account-manager/helpers/used-refresh-token.d.ts +6 -2
  60. package/dist/account-manager/helpers/used-refresh-token.d.ts.map +1 -1
  61. package/dist/account-manager/oauth-store.d.ts +17 -13
  62. package/dist/account-manager/oauth-store.d.ts.map +1 -1
  63. package/dist/account-manager/oauth-store.js +89 -39
  64. package/dist/account-manager/oauth-store.js.map +1 -1
  65. package/dist/account-manager/scope-reference-getter.d.ts.map +1 -1
  66. package/dist/account-manager/scope-reference-getter.js.map +1 -1
  67. package/dist/actor-store/actor-store-reader.d.ts.map +1 -1
  68. package/dist/actor-store/actor-store-reader.js.map +1 -1
  69. package/dist/actor-store/actor-store-transactor.d.ts.map +1 -1
  70. package/dist/actor-store/actor-store-transactor.js.map +1 -1
  71. package/dist/actor-store/actor-store-writer.d.ts.map +1 -1
  72. package/dist/actor-store/actor-store.d.ts.map +1 -1
  73. package/dist/actor-store/actor-store.js.map +1 -1
  74. package/dist/actor-store/blob/reader.d.ts.map +1 -1
  75. package/dist/actor-store/blob/reader.js +2 -3
  76. package/dist/actor-store/blob/reader.js.map +1 -1
  77. package/dist/actor-store/blob/transactor.d.ts.map +1 -1
  78. package/dist/actor-store/blob/transactor.js.map +1 -1
  79. package/dist/actor-store/db/index.d.ts.map +1 -1
  80. package/dist/actor-store/db/migrations/index.d.ts.map +1 -1
  81. package/dist/actor-store/migrate.d.ts.map +1 -1
  82. package/dist/actor-store/preference/reader.d.ts.map +1 -1
  83. package/dist/actor-store/preference/reader.js.map +1 -1
  84. package/dist/actor-store/preference/transactor.d.ts.map +1 -1
  85. package/dist/actor-store/record/reader.d.ts +3 -3
  86. package/dist/actor-store/record/reader.d.ts.map +1 -1
  87. package/dist/actor-store/record/reader.js +3 -3
  88. package/dist/actor-store/record/reader.js.map +1 -1
  89. package/dist/actor-store/record/transactor.d.ts.map +1 -1
  90. package/dist/actor-store/record/transactor.js.map +1 -1
  91. package/dist/actor-store/repo/reader.d.ts.map +1 -1
  92. package/dist/actor-store/repo/reader.js.map +1 -1
  93. package/dist/actor-store/repo/sql-repo-reader.d.ts +5 -1
  94. package/dist/actor-store/repo/sql-repo-reader.d.ts.map +1 -1
  95. package/dist/actor-store/repo/sql-repo-reader.js.map +1 -1
  96. package/dist/actor-store/repo/sql-repo-transactor.d.ts.map +1 -1
  97. package/dist/actor-store/repo/transactor.d.ts.map +1 -1
  98. package/dist/actor-store/repo/transactor.js.map +1 -1
  99. package/dist/api/app/bsky/util/resolver.d.ts +4 -4
  100. package/dist/api/app/bsky/util/resolver.d.ts.map +1 -1
  101. package/dist/api/com/atproto/admin/getInviteCodes.d.ts.map +1 -1
  102. package/dist/api/com/atproto/admin/updateSubjectStatus.d.ts.map +1 -1
  103. package/dist/api/com/atproto/admin/updateSubjectStatus.js +12 -4
  104. package/dist/api/com/atproto/admin/updateSubjectStatus.js.map +1 -1
  105. package/dist/api/com/atproto/server/activateAccount.d.ts.map +1 -1
  106. package/dist/api/com/atproto/server/activateAccount.js +25 -31
  107. package/dist/api/com/atproto/server/activateAccount.js.map +1 -1
  108. package/dist/api/com/atproto/server/deactivateAccount.d.ts.map +1 -1
  109. package/dist/api/com/atproto/server/deactivateAccount.js +3 -4
  110. package/dist/api/com/atproto/server/deactivateAccount.js.map +1 -1
  111. package/dist/api/com/atproto/server/deleteAccount.d.ts.map +1 -1
  112. package/dist/api/com/atproto/server/deleteAccount.js +51 -37
  113. package/dist/api/com/atproto/server/deleteAccount.js.map +1 -1
  114. package/dist/api/com/atproto/server/util.d.ts +25 -6
  115. package/dist/api/com/atproto/server/util.d.ts.map +1 -1
  116. package/dist/api/com/atproto/server/util.js.map +1 -1
  117. package/dist/api/com/atproto/sync/getRepo.d.ts.map +1 -1
  118. package/dist/api/com/atproto/sync/listRepos.d.ts.map +1 -1
  119. package/dist/api/com/atproto/sync/util.d.ts.map +1 -1
  120. package/dist/api/proxy.d.ts.map +1 -1
  121. package/dist/app-view.d.ts.map +1 -1
  122. package/dist/auth-routes.d.ts.map +1 -1
  123. package/dist/auth-verifier.d.ts.map +1 -1
  124. package/dist/background.d.ts.map +1 -1
  125. package/dist/basic-routes.d.ts.map +1 -1
  126. package/dist/bsky-app-view.d.ts.map +1 -1
  127. package/dist/config/config.d.ts +2 -1
  128. package/dist/config/config.d.ts.map +1 -1
  129. package/dist/config/config.js +4 -1
  130. package/dist/config/config.js.map +1 -1
  131. package/dist/config/env.d.ts.map +1 -1
  132. package/dist/config/secrets.d.ts.map +1 -1
  133. package/dist/context.d.ts.map +1 -1
  134. package/dist/context.js +1 -1
  135. package/dist/context.js.map +1 -1
  136. package/dist/crawlers.d.ts.map +1 -1
  137. package/dist/db/db.d.ts.map +1 -1
  138. package/dist/db/migrator.d.ts +4 -3
  139. package/dist/db/migrator.d.ts.map +1 -1
  140. package/dist/db/migrator.js +1 -1
  141. package/dist/db/migrator.js.map +1 -1
  142. package/dist/db/pagination.d.ts +3 -2
  143. package/dist/db/pagination.d.ts.map +1 -1
  144. package/dist/db/pagination.js +2 -2
  145. package/dist/db/pagination.js.map +1 -1
  146. package/dist/db/util.d.ts +3 -3
  147. package/dist/db/util.d.ts.map +1 -1
  148. package/dist/db/util.js.map +1 -1
  149. package/dist/did-cache/db/index.d.ts.map +1 -1
  150. package/dist/did-cache/db/migrations.d.ts.map +1 -1
  151. package/dist/did-cache/index.d.ts.map +1 -1
  152. package/dist/did-cache/index.js.map +1 -1
  153. package/dist/disk-blobstore.d.ts.map +1 -1
  154. package/dist/disk-blobstore.js.map +1 -1
  155. package/dist/handle/explicit-slurs.d.ts.map +1 -1
  156. package/dist/handle/index.d.ts.map +1 -1
  157. package/dist/image/image-url-builder.d.ts.map +1 -1
  158. package/dist/image/image-url-builder.js.map +1 -1
  159. package/dist/index.d.ts.map +1 -1
  160. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts +75 -155
  161. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts.map +1 -1
  162. package/dist/lexicons/app/bsky/actor/profile.defs.d.ts +100 -300
  163. package/dist/lexicons/app/bsky/actor/profile.defs.d.ts.map +1 -1
  164. package/dist/lexicons/app/bsky/actor/status.defs.d.ts +40 -40
  165. package/dist/lexicons/app/bsky/actor/status.defs.d.ts.map +1 -1
  166. package/dist/lexicons/app/bsky/authCreatePosts.defs.d.ts +1 -1
  167. package/dist/lexicons/app/bsky/authDeleteContent.defs.d.ts +1 -1
  168. package/dist/lexicons/app/bsky/authFullApp.defs.d.ts +1 -1
  169. package/dist/lexicons/app/bsky/authManageFeedDeclarations.defs.d.ts +1 -1
  170. package/dist/lexicons/app/bsky/authManageLabelerService.defs.d.ts +1 -1
  171. package/dist/lexicons/app/bsky/authManageModeration.defs.d.ts +1 -1
  172. package/dist/lexicons/app/bsky/authManageNotifications.defs.d.ts +1 -1
  173. package/dist/lexicons/app/bsky/authManageProfile.defs.d.ts +1 -1
  174. package/dist/lexicons/app/bsky/authViewAll.defs.d.ts +1 -1
  175. package/dist/lexicons/app/bsky/draft/defs.defs.d.ts +4 -4
  176. package/dist/lexicons/app/bsky/draft/defs.defs.d.ts.map +1 -1
  177. package/dist/lexicons/app/bsky/embed/external.defs.d.ts +10 -10
  178. package/dist/lexicons/app/bsky/embed/gallery.defs.d.ts +10 -42
  179. package/dist/lexicons/app/bsky/embed/gallery.defs.d.ts.map +1 -1
  180. package/dist/lexicons/app/bsky/embed/images.defs.d.ts +10 -10
  181. package/dist/lexicons/app/bsky/embed/record.defs.d.ts +10 -10
  182. package/dist/lexicons/app/bsky/embed/recordWithMedia.defs.d.ts +10 -10
  183. package/dist/lexicons/app/bsky/embed/video.defs.d.ts +50 -162
  184. package/dist/lexicons/app/bsky/embed/video.defs.d.ts.map +1 -1
  185. package/dist/lexicons/app/bsky/feed/generator.defs.d.ts +80 -160
  186. package/dist/lexicons/app/bsky/feed/generator.defs.d.ts.map +1 -1
  187. package/dist/lexicons/app/bsky/feed/like.defs.d.ts +30 -30
  188. package/dist/lexicons/app/bsky/feed/like.defs.d.ts.map +1 -1
  189. package/dist/lexicons/app/bsky/feed/post.defs.d.ts +80 -200
  190. package/dist/lexicons/app/bsky/feed/post.defs.d.ts.map +1 -1
  191. package/dist/lexicons/app/bsky/feed/postgate.defs.d.ts +40 -80
  192. package/dist/lexicons/app/bsky/feed/postgate.defs.d.ts.map +1 -1
  193. package/dist/lexicons/app/bsky/feed/repost.defs.d.ts +30 -30
  194. package/dist/lexicons/app/bsky/feed/repost.defs.d.ts.map +1 -1
  195. package/dist/lexicons/app/bsky/feed/threadgate.defs.d.ts +30 -30
  196. package/dist/lexicons/app/bsky/feed/threadgate.defs.d.ts.map +1 -1
  197. package/dist/lexicons/app/bsky/graph/block.defs.d.ts +20 -20
  198. package/dist/lexicons/app/bsky/graph/block.defs.d.ts.map +1 -1
  199. package/dist/lexicons/app/bsky/graph/follow.defs.d.ts +30 -30
  200. package/dist/lexicons/app/bsky/graph/follow.defs.d.ts.map +1 -1
  201. package/dist/lexicons/app/bsky/graph/list.defs.d.ts +60 -60
  202. package/dist/lexicons/app/bsky/graph/list.defs.d.ts.map +1 -1
  203. package/dist/lexicons/app/bsky/graph/listblock.defs.d.ts +20 -20
  204. package/dist/lexicons/app/bsky/graph/listblock.defs.d.ts.map +1 -1
  205. package/dist/lexicons/app/bsky/graph/listitem.defs.d.ts +20 -20
  206. package/dist/lexicons/app/bsky/graph/listitem.defs.d.ts.map +1 -1
  207. package/dist/lexicons/app/bsky/graph/starterpack.defs.d.ts +50 -90
  208. package/dist/lexicons/app/bsky/graph/starterpack.defs.d.ts.map +1 -1
  209. package/dist/lexicons/app/bsky/graph/verification.defs.d.ts +30 -30
  210. package/dist/lexicons/app/bsky/graph/verification.defs.d.ts.map +1 -1
  211. package/dist/lexicons/app/bsky/labeler/service.defs.d.ts +50 -130
  212. package/dist/lexicons/app/bsky/labeler/service.defs.d.ts.map +1 -1
  213. package/dist/lexicons/app/bsky/notification/declaration.defs.d.ts +10 -10
  214. package/dist/lexicons/app/bsky/notification/declaration.defs.d.ts.map +1 -1
  215. package/dist/lexicons/app/bsky/richtext/facet.defs.d.ts +10 -10
  216. package/dist/lexicons/chat/bsky/actor/declaration.defs.d.ts +20 -20
  217. package/dist/lexicons/chat/bsky/actor/declaration.defs.d.ts.map +1 -1
  218. package/dist/lexicons/chat/bsky/authFullChatClient.defs.d.ts +1 -1
  219. package/dist/lexicons/chat/bsky/convo/defs.defs.d.ts +17 -0
  220. package/dist/lexicons/chat/bsky/convo/defs.defs.d.ts.map +1 -1
  221. package/dist/lexicons/chat/bsky/convo/defs.defs.js +11 -0
  222. package/dist/lexicons/chat/bsky/convo/defs.defs.js.map +1 -1
  223. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.d.ts +1 -1
  224. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.d.ts.map +1 -1
  225. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.js +1 -0
  226. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.js.map +1 -1
  227. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.d.ts +1 -1
  228. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.d.ts.map +1 -1
  229. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.js +1 -0
  230. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.js.map +1 -1
  231. package/dist/lexicons/chat/bsky/embed/joinLink.defs.d.ts +10 -42
  232. package/dist/lexicons/chat/bsky/embed/joinLink.defs.d.ts.map +1 -1
  233. package/dist/lexicons/com/atproto/lexicon/schema.defs.d.ts +10 -10
  234. package/dist/lexicons/com/atproto/lexicon/schema.defs.d.ts.map +1 -1
  235. package/dist/lexicons/com/atproto/repo/strongRef.defs.d.ts +10 -10
  236. package/dist/lexicons/com/germnetwork/declaration.defs.d.ts +40 -120
  237. package/dist/lexicons/com/germnetwork/declaration.defs.d.ts.map +1 -1
  238. package/dist/lexicons/site/standard/document.defs.d.ts +130 -450
  239. package/dist/lexicons/site/standard/document.defs.d.ts.map +1 -1
  240. package/dist/lexicons/site/standard/graph/recommend.defs.d.ts +10 -10
  241. package/dist/lexicons/site/standard/graph/recommend.defs.d.ts.map +1 -1
  242. package/dist/lexicons/site/standard/graph/subscription.defs.d.ts +20 -60
  243. package/dist/lexicons/site/standard/graph/subscription.defs.d.ts.map +1 -1
  244. package/dist/lexicons/site/standard/publication.defs.d.ts +60 -220
  245. package/dist/lexicons/site/standard/publication.defs.d.ts.map +1 -1
  246. package/dist/lexicons/site/standard/theme/basic.defs.d.ts +10 -10
  247. package/dist/lexicons/site/standard/theme/basic.defs.d.ts.map +1 -1
  248. package/dist/lexicons/tools/ozone/moderation/queryStatuses.defs.d.ts +2 -2
  249. package/dist/lexicons/tools/ozone/set/querySets.defs.d.ts +2 -2
  250. package/dist/logger.d.ts +14 -14
  251. package/dist/logger.d.ts.map +1 -1
  252. package/dist/mailer/index.d.ts +2 -0
  253. package/dist/mailer/index.d.ts.map +1 -1
  254. package/dist/mailer/index.js +2 -0
  255. package/dist/mailer/index.js.map +1 -1
  256. package/dist/mailer/moderation.d.ts.map +1 -1
  257. package/dist/pipethrough.d.ts +1 -1
  258. package/dist/pipethrough.d.ts.map +1 -1
  259. package/dist/pipethrough.js.map +1 -1
  260. package/dist/rate-limits.d.ts.map +1 -1
  261. package/dist/read-after-write/util.d.ts.map +1 -1
  262. package/dist/read-after-write/viewer.d.ts +8 -8
  263. package/dist/read-after-write/viewer.d.ts.map +1 -1
  264. package/dist/read-after-write/viewer.js.map +1 -1
  265. package/dist/redis.d.ts.map +1 -1
  266. package/dist/repo/prepare.d.ts.map +1 -1
  267. package/dist/repo/types.d.ts.map +1 -1
  268. package/dist/repo/types.js.map +1 -1
  269. package/dist/scripts/index.d.ts.map +1 -1
  270. package/dist/scripts/publish-identity.d.ts.map +1 -1
  271. package/dist/scripts/rebuild-repo.d.ts.map +1 -1
  272. package/dist/scripts/rotate-keys.d.ts.map +1 -1
  273. package/dist/scripts/sequencer-recovery/index.d.ts.map +1 -1
  274. package/dist/scripts/sequencer-recovery/recoverer.d.ts.map +1 -1
  275. package/dist/scripts/sequencer-recovery/recoverer.js.map +1 -1
  276. package/dist/scripts/sequencer-recovery/recovery-db.d.ts.map +1 -1
  277. package/dist/scripts/sequencer-recovery/recovery-db.js.map +1 -1
  278. package/dist/scripts/sequencer-recovery/repair-repos.d.ts.map +1 -1
  279. package/dist/scripts/sequencer-recovery/user-queues.d.ts.map +1 -1
  280. package/dist/scripts/util.d.ts.map +1 -1
  281. package/dist/sequencer/db/index.d.ts.map +1 -1
  282. package/dist/sequencer/db/migrations/index.d.ts.map +1 -1
  283. package/dist/sequencer/events.d.ts +19 -19
  284. package/dist/sequencer/events.d.ts.map +1 -1
  285. package/dist/sequencer/events.js +6 -13
  286. package/dist/sequencer/events.js.map +1 -1
  287. package/dist/sequencer/outbox.d.ts.map +1 -1
  288. package/dist/sequencer/outbox.js.map +1 -1
  289. package/dist/sequencer/sequencer.d.ts +1 -1
  290. package/dist/sequencer/sequencer.d.ts.map +1 -1
  291. package/dist/sequencer/sequencer.js.map +1 -1
  292. package/dist/util/debug.d.ts.map +1 -1
  293. package/dist/well-known.d.ts.map +1 -1
  294. package/package.json +26 -27
  295. package/src/account-manager/account-manager.ts +135 -36
  296. package/src/account-manager/db/migrations/005-oauth-account-management.ts +6 -5
  297. package/src/account-manager/db/schema/authorization-request.ts +2 -1
  298. package/src/account-manager/db/schema/authorized-client.ts +6 -2
  299. package/src/account-manager/db/schema/token.ts +2 -2
  300. package/src/account-manager/helpers/account-device.ts +5 -11
  301. package/src/account-manager/helpers/account.ts +39 -16
  302. package/src/account-manager/helpers/auth.ts +2 -2
  303. package/src/account-manager/helpers/authorization-request.ts +12 -8
  304. package/src/account-manager/helpers/authorized-client.ts +12 -6
  305. package/src/account-manager/helpers/device.ts +4 -4
  306. package/src/account-manager/helpers/lexicon.ts +8 -3
  307. package/src/account-manager/helpers/password.ts +6 -0
  308. package/src/account-manager/helpers/token.ts +17 -11
  309. package/src/account-manager/oauth-store.ts +129 -61
  310. package/src/actor-store/blob/reader.ts +8 -5
  311. package/src/actor-store/record/reader.ts +3 -3
  312. package/src/actor-store/repo/sql-repo-reader.ts +1 -1
  313. package/src/api/com/atproto/admin/updateSubjectStatus.ts +16 -4
  314. package/src/api/com/atproto/server/activateAccount.ts +27 -49
  315. package/src/api/com/atproto/server/deactivateAccount.ts +3 -7
  316. package/src/api/com/atproto/server/deleteAccount.ts +60 -43
  317. package/src/api/com/atproto/server/util.ts +24 -7
  318. package/src/config/config.ts +7 -2
  319. package/src/context.ts +2 -3
  320. package/src/db/migrator.ts +2 -1
  321. package/src/db/pagination.ts +7 -7
  322. package/src/db/util.ts +5 -2
  323. package/src/mailer/index.ts +4 -2
  324. package/src/scripts/sequencer-recovery/recovery-db.ts +1 -1
  325. package/src/sequencer/events.ts +8 -13
  326. package/src/sequencer/sequencer.ts +1 -3
  327. package/tests/account-manager.test.ts +79 -0
  328. package/tests/account-status.test.ts +206 -0
  329. package/tests/oauth.test.ts +91 -0
  330. package/tsconfig.build.tsbuildinfo +1 -1
@@ -0,0 +1,206 @@
1
+ import { jest } from '@jest/globals'
2
+ import { TestNetworkNoAppView } from '@atproto/dev-env'
3
+ import { Client } from '@atproto/lex'
4
+ import { com } from '../src/lexicons/index.js'
5
+
6
+ describe('account-status', () => {
7
+ let network: TestNetworkNoAppView
8
+ let client: Client
9
+
10
+ beforeAll(async () => {
11
+ network = await TestNetworkNoAppView.create({
12
+ dbPostgresSchema: 'account_status',
13
+ })
14
+ client = network.pds.getClient()
15
+ })
16
+
17
+ afterEach(async () => {
18
+ await network.processAll()
19
+ })
20
+
21
+ afterAll(async () => {
22
+ await network.close()
23
+ })
24
+
25
+ it('takedown + activation triggers an error', async () => {
26
+ const { did } = await client.call(com.atproto.server.createAccount, {
27
+ handle: 'iris.test',
28
+ email: 'iris@test.com',
29
+ password: 'password',
30
+ })
31
+
32
+ await expect(
33
+ client.call(
34
+ com.atproto.admin.updateSubjectStatus,
35
+ {
36
+ subject: com.atproto.admin.defs.repoRef.$build({ did }),
37
+ takedown: { applied: true },
38
+ deactivated: { applied: false },
39
+ },
40
+ { headers: { authorization: network.pds.adminAuth() } },
41
+ ),
42
+ ).rejects.toMatchObject({
43
+ error: 'InvalidRequest',
44
+ message: 'Cannot activate and takedown an account at the same time',
45
+ })
46
+ })
47
+
48
+ it('activating a taken down account causes an error', async () => {
49
+ const { did } = await client.call(com.atproto.server.createAccount, {
50
+ handle: 'iris2.test',
51
+ email: 'iris2@test.com',
52
+ password: 'password',
53
+ })
54
+
55
+ const mock = jest.spyOn(network.pds.ctx.sequencer, 'sequenceEvts')
56
+
57
+ // First deactivate
58
+ await client.call(
59
+ com.atproto.admin.updateSubjectStatus,
60
+ {
61
+ subject: com.atproto.admin.defs.repoRef.$build({ did }),
62
+ deactivated: { applied: true },
63
+ },
64
+ { headers: { authorization: network.pds.adminAuth() } },
65
+ )
66
+
67
+ expect(mock).toHaveBeenCalledTimes(1)
68
+
69
+ // Then takedown
70
+ await client.call(
71
+ com.atproto.admin.updateSubjectStatus,
72
+ {
73
+ subject: com.atproto.admin.defs.repoRef.$build({ did }),
74
+ takedown: { applied: true },
75
+ },
76
+ { headers: { authorization: network.pds.adminAuth() } },
77
+ )
78
+
79
+ expect(mock).toHaveBeenCalledTimes(2)
80
+
81
+ // Then remove the takedown
82
+ await client.call(
83
+ com.atproto.admin.updateSubjectStatus,
84
+ {
85
+ subject: com.atproto.admin.defs.repoRef.$build({ did }),
86
+ takedown: { applied: false },
87
+ },
88
+ { headers: { authorization: network.pds.adminAuth() } },
89
+ )
90
+
91
+ expect(mock).toHaveBeenCalledTimes(3)
92
+
93
+ // Then try to activate again (should work now)
94
+ await client.call(
95
+ com.atproto.admin.updateSubjectStatus,
96
+ {
97
+ subject: com.atproto.admin.defs.repoRef.$build({ did }),
98
+ deactivated: { applied: false },
99
+ },
100
+ { headers: { authorization: network.pds.adminAuth() } },
101
+ )
102
+
103
+ expect(mock).toHaveBeenCalledTimes(4)
104
+
105
+ // Attempt login to ensure account is active
106
+ await client.call(com.atproto.server.createSession, {
107
+ identifier: 'iris2.test',
108
+ password: 'password',
109
+ })
110
+
111
+ // @TODO use "using" (requires updating jest)
112
+ mock.mockRestore()
113
+ })
114
+
115
+ it('sequences an account status event when calling updateSubjectStatus without changing the status', async () => {
116
+ const { did } = await client.call(com.atproto.server.createAccount, {
117
+ handle: 'iris3.test',
118
+ email: 'iris3@test.com',
119
+ password: 'password',
120
+ })
121
+
122
+ const mock = jest.spyOn(network.pds.ctx.sequencer, 'sequenceEvts')
123
+
124
+ // Update the account status without changing the status (should still sequence an event)
125
+ await client.call(
126
+ com.atproto.admin.updateSubjectStatus,
127
+ {
128
+ subject: com.atproto.admin.defs.repoRef.$build({ did }),
129
+ },
130
+ { headers: { authorization: network.pds.adminAuth() } },
131
+ )
132
+
133
+ expect(mock).toHaveBeenCalledTimes(1)
134
+
135
+ // @TODO use "using" (requires updating jest)
136
+ mock.mockRestore()
137
+ })
138
+
139
+ it('allows to takedown, then deactivate, an account', async () => {
140
+ const { did } = await client.call(com.atproto.server.createAccount, {
141
+ handle: 'iris4.test',
142
+ email: 'iris4@test.com',
143
+ password: 'password',
144
+ })
145
+
146
+ await client.call(
147
+ com.atproto.admin.updateSubjectStatus,
148
+ {
149
+ subject: com.atproto.admin.defs.repoRef.$build({ did }),
150
+ takedown: { applied: true },
151
+ },
152
+ { headers: { authorization: network.pds.adminAuth() } },
153
+ )
154
+
155
+ await client.call(
156
+ com.atproto.admin.updateSubjectStatus,
157
+ {
158
+ subject: com.atproto.admin.defs.repoRef.$build({ did }),
159
+ deactivated: { applied: true },
160
+ },
161
+ { headers: { authorization: network.pds.adminAuth() } },
162
+ )
163
+
164
+ const status = await client.call(
165
+ com.atproto.admin.getSubjectStatus,
166
+ { did },
167
+ { headers: { authorization: network.pds.adminAuth() } },
168
+ )
169
+
170
+ expect(status).toEqual({
171
+ subject: com.atproto.admin.defs.repoRef.$build({ did }),
172
+ takedown: { applied: true, ref: expect.any(String) },
173
+ deactivated: { applied: true },
174
+ })
175
+ })
176
+
177
+ it('throws when trying to activate a takedown account', async () => {
178
+ const { did } = await client.call(com.atproto.server.createAccount, {
179
+ handle: 'iris5.test',
180
+ email: 'iris5@test.com',
181
+ password: 'password',
182
+ })
183
+
184
+ await client.call(
185
+ com.atproto.admin.updateSubjectStatus,
186
+ {
187
+ subject: com.atproto.admin.defs.repoRef.$build({ did }),
188
+ takedown: { applied: true },
189
+ },
190
+ { headers: { authorization: network.pds.adminAuth() } },
191
+ )
192
+
193
+ await expect(
194
+ client.call(
195
+ com.atproto.admin.updateSubjectStatus,
196
+ {
197
+ subject: com.atproto.admin.defs.repoRef.$build({ did }),
198
+ deactivated: { applied: false },
199
+ },
200
+ { headers: { authorization: network.pds.adminAuth() } },
201
+ ),
202
+ ).rejects.toMatchObject({
203
+ error: 'AccountNotFound',
204
+ })
205
+ })
206
+ })
@@ -160,6 +160,7 @@ describe('oauth', () => {
160
160
  const [params] = sendTemplateMock.mock.lastCall!
161
161
  expect(params).toEqual({
162
162
  handle: 'alice.test',
163
+ locale: 'fr',
163
164
  token: expect.any(String),
164
165
  })
165
166
 
@@ -240,4 +241,94 @@ describe('oauth', () => {
240
241
 
241
242
  await page.waitForNetworkIdle()
242
243
  })
244
+
245
+ it('revokes OAuth sessions on deactivation & requires re-activation on sign-in', async () => {
246
+ await using page = await PageHelper.from(browser, { languages })
247
+
248
+ // Sign into the client (the device session is remembered, so the flow
249
+ // jumps straight to the consent screen).
250
+ await page.goto(appUrl)
251
+
252
+ await page.assertTitle('OAuth Client Example')
253
+
254
+ await page.navigationAction(async () => {
255
+ const input = await page.typeInInput('identifier', 'alice.test')
256
+ await input.press('Enter')
257
+ })
258
+
259
+ await page.assertTitle('Autoriser')
260
+
261
+ await page.navigationClick('Autoriser')
262
+
263
+ await page.assertTitle('OAuth Client Example')
264
+
265
+ await page.ensureTextVisibility('Token info', 'h2')
266
+
267
+ // While the client page is still open, deactivate the account through
268
+ // the account manager in another page.
269
+ {
270
+ await using accountPage = await PageHelper.from(browser, { languages })
271
+
272
+ await accountPage.goto(new URL('/account', network.pds.url))
273
+
274
+ await accountPage.assertTitle('Mon compte Atmosphère')
275
+
276
+ await accountPage.clickOnText('Compte utilisateur', 'a')
277
+
278
+ await accountPage.clickOnText('Désactiver le compte')
279
+
280
+ await accountPage.clickOnText('Oui, désactiver')
281
+
282
+ await accountPage.waitForNetworkIdle()
283
+
284
+ await accountPage.ensureTextVisibility('Réactiver le compte', 'span')
285
+
286
+ await network.processAll()
287
+ }
288
+
289
+ // Back in the client: deactivation revoked every OAuth session, so
290
+ // refreshing the credentials logs the user out.
291
+ await page.clickOnText('refresh').catch((_err) => {
292
+ // The OAuth app may have refreshed the session on it's own, causing the
293
+ // page to reset before the click is processed, which throws an error.
294
+ })
295
+
296
+ await page.waitForNetworkIdle()
297
+
298
+ await page.ensureTextVisibility('Login with the Atmosphere', 'h2')
299
+
300
+ // Signing back in with the deactivated account asks the user to
301
+ // re-activate it before the flow can proceed.
302
+ // @NOTE The PDS is used directly as issuer (rather than resolving the
303
+ // handle) because handle resolution does not work for deactivated
304
+ // accounts.
305
+
306
+ await page.navigationClick(`Login with ${new URL(network.pds.url).host}`)
307
+
308
+ await page.ensureTextVisibility('Se connecter en tant que...')
309
+
310
+ await page.clickOnText('alice.test', 'span')
311
+
312
+ await page.assertTitle('Heureux de vous revoir!')
313
+
314
+ await page.ensureTextVisibility('Vous avez précédemment désactivé')
315
+
316
+ await page.clickOnText('Oui, réactiver mon compte')
317
+
318
+ // Deactivation also cleared the authorized clients, so consent is
319
+ // required again.
320
+ await page.assertTitle('Autoriser')
321
+
322
+ await page.navigationClick('Autoriser')
323
+
324
+ await page.assertTitle('OAuth Client Example')
325
+
326
+ await page.ensureTextVisibility('Token info', 'h2')
327
+
328
+ await page.clickOnAriaLabel('User menu')
329
+
330
+ await page.clickOnText('Sign out')
331
+
332
+ await page.waitForNetworkIdle()
333
+ })
243
334
  })