@atproto/pds 0.5.4 → 0.5.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (330) hide show
  1. package/CHANGELOG.md +43 -0
  2. package/dist/account-manager/account-manager.d.ts +52 -14
  3. package/dist/account-manager/account-manager.d.ts.map +1 -1
  4. package/dist/account-manager/account-manager.js +86 -26
  5. package/dist/account-manager/account-manager.js.map +1 -1
  6. package/dist/account-manager/db/index.d.ts.map +1 -1
  7. package/dist/account-manager/db/migrations/005-oauth-account-management.d.ts.map +1 -1
  8. package/dist/account-manager/db/migrations/005-oauth-account-management.js +3 -4
  9. package/dist/account-manager/db/migrations/005-oauth-account-management.js.map +1 -1
  10. package/dist/account-manager/db/migrations/index.d.ts.map +1 -1
  11. package/dist/account-manager/db/schema/authorization-request.d.ts +2 -2
  12. package/dist/account-manager/db/schema/authorization-request.d.ts.map +1 -1
  13. package/dist/account-manager/db/schema/authorization-request.js.map +1 -1
  14. package/dist/account-manager/db/schema/authorized-client.d.ts +2 -2
  15. package/dist/account-manager/db/schema/authorized-client.d.ts.map +1 -1
  16. package/dist/account-manager/db/schema/authorized-client.js.map +1 -1
  17. package/dist/account-manager/db/schema/token.d.ts +2 -2
  18. package/dist/account-manager/db/schema/token.d.ts.map +1 -1
  19. package/dist/account-manager/db/schema/token.js.map +1 -1
  20. package/dist/account-manager/helpers/account-device.d.ts +23 -196
  21. package/dist/account-manager/helpers/account-device.d.ts.map +1 -1
  22. package/dist/account-manager/helpers/account-device.js +3 -3
  23. package/dist/account-manager/helpers/account-device.js.map +1 -1
  24. package/dist/account-manager/helpers/account.d.ts +20 -10
  25. package/dist/account-manager/helpers/account.d.ts.map +1 -1
  26. package/dist/account-manager/helpers/account.js +17 -11
  27. package/dist/account-manager/helpers/account.js.map +1 -1
  28. package/dist/account-manager/helpers/auth.d.ts.map +1 -1
  29. package/dist/account-manager/helpers/auth.js +1 -1
  30. package/dist/account-manager/helpers/auth.js.map +1 -1
  31. package/dist/account-manager/helpers/authorization-request.d.ts +83 -5
  32. package/dist/account-manager/helpers/authorization-request.d.ts.map +1 -1
  33. package/dist/account-manager/helpers/authorization-request.js +8 -8
  34. package/dist/account-manager/helpers/authorization-request.js.map +1 -1
  35. package/dist/account-manager/helpers/authorized-client.d.ts +5 -4
  36. package/dist/account-manager/helpers/authorized-client.d.ts.map +1 -1
  37. package/dist/account-manager/helpers/authorized-client.js +3 -0
  38. package/dist/account-manager/helpers/authorized-client.js.map +1 -1
  39. package/dist/account-manager/helpers/device.d.ts +10 -4
  40. package/dist/account-manager/helpers/device.d.ts.map +1 -1
  41. package/dist/account-manager/helpers/device.js +4 -4
  42. package/dist/account-manager/helpers/device.js.map +1 -1
  43. package/dist/account-manager/helpers/email-token.d.ts.map +1 -1
  44. package/dist/account-manager/helpers/invite.d.ts +35 -2
  45. package/dist/account-manager/helpers/invite.d.ts.map +1 -1
  46. package/dist/account-manager/helpers/lexicon.d.ts.map +1 -1
  47. package/dist/account-manager/helpers/lexicon.js +6 -0
  48. package/dist/account-manager/helpers/lexicon.js.map +1 -1
  49. package/dist/account-manager/helpers/password.d.ts +1 -0
  50. package/dist/account-manager/helpers/password.d.ts.map +1 -1
  51. package/dist/account-manager/helpers/password.js +3 -0
  52. package/dist/account-manager/helpers/password.js.map +1 -1
  53. package/dist/account-manager/helpers/repo.d.ts.map +1 -1
  54. package/dist/account-manager/helpers/scrypt.d.ts.map +1 -1
  55. package/dist/account-manager/helpers/token.d.ts +72 -1031
  56. package/dist/account-manager/helpers/token.d.ts.map +1 -1
  57. package/dist/account-manager/helpers/token.js +13 -10
  58. package/dist/account-manager/helpers/token.js.map +1 -1
  59. package/dist/account-manager/helpers/used-refresh-token.d.ts +6 -2
  60. package/dist/account-manager/helpers/used-refresh-token.d.ts.map +1 -1
  61. package/dist/account-manager/oauth-store.d.ts +17 -13
  62. package/dist/account-manager/oauth-store.d.ts.map +1 -1
  63. package/dist/account-manager/oauth-store.js +89 -39
  64. package/dist/account-manager/oauth-store.js.map +1 -1
  65. package/dist/account-manager/scope-reference-getter.d.ts.map +1 -1
  66. package/dist/account-manager/scope-reference-getter.js.map +1 -1
  67. package/dist/actor-store/actor-store-reader.d.ts.map +1 -1
  68. package/dist/actor-store/actor-store-reader.js.map +1 -1
  69. package/dist/actor-store/actor-store-transactor.d.ts.map +1 -1
  70. package/dist/actor-store/actor-store-transactor.js.map +1 -1
  71. package/dist/actor-store/actor-store-writer.d.ts.map +1 -1
  72. package/dist/actor-store/actor-store.d.ts.map +1 -1
  73. package/dist/actor-store/actor-store.js.map +1 -1
  74. package/dist/actor-store/blob/reader.d.ts.map +1 -1
  75. package/dist/actor-store/blob/reader.js +2 -3
  76. package/dist/actor-store/blob/reader.js.map +1 -1
  77. package/dist/actor-store/blob/transactor.d.ts.map +1 -1
  78. package/dist/actor-store/blob/transactor.js.map +1 -1
  79. package/dist/actor-store/db/index.d.ts.map +1 -1
  80. package/dist/actor-store/db/migrations/index.d.ts.map +1 -1
  81. package/dist/actor-store/migrate.d.ts.map +1 -1
  82. package/dist/actor-store/preference/reader.d.ts.map +1 -1
  83. package/dist/actor-store/preference/reader.js.map +1 -1
  84. package/dist/actor-store/preference/transactor.d.ts.map +1 -1
  85. package/dist/actor-store/record/reader.d.ts +3 -3
  86. package/dist/actor-store/record/reader.d.ts.map +1 -1
  87. package/dist/actor-store/record/reader.js +3 -3
  88. package/dist/actor-store/record/reader.js.map +1 -1
  89. package/dist/actor-store/record/transactor.d.ts.map +1 -1
  90. package/dist/actor-store/record/transactor.js.map +1 -1
  91. package/dist/actor-store/repo/reader.d.ts.map +1 -1
  92. package/dist/actor-store/repo/reader.js.map +1 -1
  93. package/dist/actor-store/repo/sql-repo-reader.d.ts +5 -1
  94. package/dist/actor-store/repo/sql-repo-reader.d.ts.map +1 -1
  95. package/dist/actor-store/repo/sql-repo-reader.js.map +1 -1
  96. package/dist/actor-store/repo/sql-repo-transactor.d.ts.map +1 -1
  97. package/dist/actor-store/repo/transactor.d.ts.map +1 -1
  98. package/dist/actor-store/repo/transactor.js.map +1 -1
  99. package/dist/api/app/bsky/util/resolver.d.ts +4 -4
  100. package/dist/api/app/bsky/util/resolver.d.ts.map +1 -1
  101. package/dist/api/com/atproto/admin/getInviteCodes.d.ts.map +1 -1
  102. package/dist/api/com/atproto/admin/updateSubjectStatus.d.ts.map +1 -1
  103. package/dist/api/com/atproto/admin/updateSubjectStatus.js +12 -4
  104. package/dist/api/com/atproto/admin/updateSubjectStatus.js.map +1 -1
  105. package/dist/api/com/atproto/server/activateAccount.d.ts.map +1 -1
  106. package/dist/api/com/atproto/server/activateAccount.js +25 -31
  107. package/dist/api/com/atproto/server/activateAccount.js.map +1 -1
  108. package/dist/api/com/atproto/server/deactivateAccount.d.ts.map +1 -1
  109. package/dist/api/com/atproto/server/deactivateAccount.js +3 -4
  110. package/dist/api/com/atproto/server/deactivateAccount.js.map +1 -1
  111. package/dist/api/com/atproto/server/deleteAccount.d.ts.map +1 -1
  112. package/dist/api/com/atproto/server/deleteAccount.js +51 -37
  113. package/dist/api/com/atproto/server/deleteAccount.js.map +1 -1
  114. package/dist/api/com/atproto/server/util.d.ts +25 -6
  115. package/dist/api/com/atproto/server/util.d.ts.map +1 -1
  116. package/dist/api/com/atproto/server/util.js.map +1 -1
  117. package/dist/api/com/atproto/sync/getRepo.d.ts.map +1 -1
  118. package/dist/api/com/atproto/sync/listRepos.d.ts.map +1 -1
  119. package/dist/api/com/atproto/sync/util.d.ts.map +1 -1
  120. package/dist/api/proxy.d.ts.map +1 -1
  121. package/dist/app-view.d.ts.map +1 -1
  122. package/dist/auth-routes.d.ts.map +1 -1
  123. package/dist/auth-verifier.d.ts.map +1 -1
  124. package/dist/background.d.ts.map +1 -1
  125. package/dist/basic-routes.d.ts.map +1 -1
  126. package/dist/bsky-app-view.d.ts.map +1 -1
  127. package/dist/config/config.d.ts +2 -1
  128. package/dist/config/config.d.ts.map +1 -1
  129. package/dist/config/config.js +4 -1
  130. package/dist/config/config.js.map +1 -1
  131. package/dist/config/env.d.ts.map +1 -1
  132. package/dist/config/secrets.d.ts.map +1 -1
  133. package/dist/context.d.ts.map +1 -1
  134. package/dist/context.js +1 -1
  135. package/dist/context.js.map +1 -1
  136. package/dist/crawlers.d.ts.map +1 -1
  137. package/dist/db/db.d.ts.map +1 -1
  138. package/dist/db/migrator.d.ts +4 -3
  139. package/dist/db/migrator.d.ts.map +1 -1
  140. package/dist/db/migrator.js +1 -1
  141. package/dist/db/migrator.js.map +1 -1
  142. package/dist/db/pagination.d.ts +3 -2
  143. package/dist/db/pagination.d.ts.map +1 -1
  144. package/dist/db/pagination.js +2 -2
  145. package/dist/db/pagination.js.map +1 -1
  146. package/dist/db/util.d.ts +3 -3
  147. package/dist/db/util.d.ts.map +1 -1
  148. package/dist/db/util.js.map +1 -1
  149. package/dist/did-cache/db/index.d.ts.map +1 -1
  150. package/dist/did-cache/db/migrations.d.ts.map +1 -1
  151. package/dist/did-cache/index.d.ts.map +1 -1
  152. package/dist/did-cache/index.js.map +1 -1
  153. package/dist/disk-blobstore.d.ts.map +1 -1
  154. package/dist/disk-blobstore.js.map +1 -1
  155. package/dist/handle/explicit-slurs.d.ts.map +1 -1
  156. package/dist/handle/index.d.ts.map +1 -1
  157. package/dist/image/image-url-builder.d.ts.map +1 -1
  158. package/dist/image/image-url-builder.js.map +1 -1
  159. package/dist/index.d.ts.map +1 -1
  160. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts +75 -155
  161. package/dist/lexicons/app/bsky/actor/defs.defs.d.ts.map +1 -1
  162. package/dist/lexicons/app/bsky/actor/profile.defs.d.ts +100 -300
  163. package/dist/lexicons/app/bsky/actor/profile.defs.d.ts.map +1 -1
  164. package/dist/lexicons/app/bsky/actor/status.defs.d.ts +40 -40
  165. package/dist/lexicons/app/bsky/actor/status.defs.d.ts.map +1 -1
  166. package/dist/lexicons/app/bsky/authCreatePosts.defs.d.ts +1 -1
  167. package/dist/lexicons/app/bsky/authDeleteContent.defs.d.ts +1 -1
  168. package/dist/lexicons/app/bsky/authFullApp.defs.d.ts +1 -1
  169. package/dist/lexicons/app/bsky/authManageFeedDeclarations.defs.d.ts +1 -1
  170. package/dist/lexicons/app/bsky/authManageLabelerService.defs.d.ts +1 -1
  171. package/dist/lexicons/app/bsky/authManageModeration.defs.d.ts +1 -1
  172. package/dist/lexicons/app/bsky/authManageNotifications.defs.d.ts +1 -1
  173. package/dist/lexicons/app/bsky/authManageProfile.defs.d.ts +1 -1
  174. package/dist/lexicons/app/bsky/authViewAll.defs.d.ts +1 -1
  175. package/dist/lexicons/app/bsky/draft/defs.defs.d.ts +4 -4
  176. package/dist/lexicons/app/bsky/draft/defs.defs.d.ts.map +1 -1
  177. package/dist/lexicons/app/bsky/embed/external.defs.d.ts +10 -10
  178. package/dist/lexicons/app/bsky/embed/gallery.defs.d.ts +10 -42
  179. package/dist/lexicons/app/bsky/embed/gallery.defs.d.ts.map +1 -1
  180. package/dist/lexicons/app/bsky/embed/images.defs.d.ts +10 -10
  181. package/dist/lexicons/app/bsky/embed/record.defs.d.ts +10 -10
  182. package/dist/lexicons/app/bsky/embed/recordWithMedia.defs.d.ts +10 -10
  183. package/dist/lexicons/app/bsky/embed/video.defs.d.ts +50 -162
  184. package/dist/lexicons/app/bsky/embed/video.defs.d.ts.map +1 -1
  185. package/dist/lexicons/app/bsky/feed/generator.defs.d.ts +80 -160
  186. package/dist/lexicons/app/bsky/feed/generator.defs.d.ts.map +1 -1
  187. package/dist/lexicons/app/bsky/feed/like.defs.d.ts +30 -30
  188. package/dist/lexicons/app/bsky/feed/like.defs.d.ts.map +1 -1
  189. package/dist/lexicons/app/bsky/feed/post.defs.d.ts +80 -200
  190. package/dist/lexicons/app/bsky/feed/post.defs.d.ts.map +1 -1
  191. package/dist/lexicons/app/bsky/feed/postgate.defs.d.ts +40 -80
  192. package/dist/lexicons/app/bsky/feed/postgate.defs.d.ts.map +1 -1
  193. package/dist/lexicons/app/bsky/feed/repost.defs.d.ts +30 -30
  194. package/dist/lexicons/app/bsky/feed/repost.defs.d.ts.map +1 -1
  195. package/dist/lexicons/app/bsky/feed/threadgate.defs.d.ts +30 -30
  196. package/dist/lexicons/app/bsky/feed/threadgate.defs.d.ts.map +1 -1
  197. package/dist/lexicons/app/bsky/graph/block.defs.d.ts +20 -20
  198. package/dist/lexicons/app/bsky/graph/block.defs.d.ts.map +1 -1
  199. package/dist/lexicons/app/bsky/graph/follow.defs.d.ts +30 -30
  200. package/dist/lexicons/app/bsky/graph/follow.defs.d.ts.map +1 -1
  201. package/dist/lexicons/app/bsky/graph/list.defs.d.ts +60 -60
  202. package/dist/lexicons/app/bsky/graph/list.defs.d.ts.map +1 -1
  203. package/dist/lexicons/app/bsky/graph/listblock.defs.d.ts +20 -20
  204. package/dist/lexicons/app/bsky/graph/listblock.defs.d.ts.map +1 -1
  205. package/dist/lexicons/app/bsky/graph/listitem.defs.d.ts +20 -20
  206. package/dist/lexicons/app/bsky/graph/listitem.defs.d.ts.map +1 -1
  207. package/dist/lexicons/app/bsky/graph/starterpack.defs.d.ts +50 -90
  208. package/dist/lexicons/app/bsky/graph/starterpack.defs.d.ts.map +1 -1
  209. package/dist/lexicons/app/bsky/graph/verification.defs.d.ts +30 -30
  210. package/dist/lexicons/app/bsky/graph/verification.defs.d.ts.map +1 -1
  211. package/dist/lexicons/app/bsky/labeler/service.defs.d.ts +50 -130
  212. package/dist/lexicons/app/bsky/labeler/service.defs.d.ts.map +1 -1
  213. package/dist/lexicons/app/bsky/notification/declaration.defs.d.ts +10 -10
  214. package/dist/lexicons/app/bsky/notification/declaration.defs.d.ts.map +1 -1
  215. package/dist/lexicons/app/bsky/richtext/facet.defs.d.ts +10 -10
  216. package/dist/lexicons/chat/bsky/actor/declaration.defs.d.ts +20 -20
  217. package/dist/lexicons/chat/bsky/actor/declaration.defs.d.ts.map +1 -1
  218. package/dist/lexicons/chat/bsky/authFullChatClient.defs.d.ts +1 -1
  219. package/dist/lexicons/chat/bsky/convo/defs.defs.d.ts +17 -0
  220. package/dist/lexicons/chat/bsky/convo/defs.defs.d.ts.map +1 -1
  221. package/dist/lexicons/chat/bsky/convo/defs.defs.js +11 -0
  222. package/dist/lexicons/chat/bsky/convo/defs.defs.js.map +1 -1
  223. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.d.ts +1 -1
  224. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.d.ts.map +1 -1
  225. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.js +1 -0
  226. package/dist/lexicons/chat/bsky/convo/sendMessage.defs.js.map +1 -1
  227. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.d.ts +1 -1
  228. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.d.ts.map +1 -1
  229. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.js +1 -0
  230. package/dist/lexicons/chat/bsky/convo/sendMessageBatch.defs.js.map +1 -1
  231. package/dist/lexicons/chat/bsky/embed/joinLink.defs.d.ts +10 -42
  232. package/dist/lexicons/chat/bsky/embed/joinLink.defs.d.ts.map +1 -1
  233. package/dist/lexicons/com/atproto/lexicon/schema.defs.d.ts +10 -10
  234. package/dist/lexicons/com/atproto/lexicon/schema.defs.d.ts.map +1 -1
  235. package/dist/lexicons/com/atproto/repo/strongRef.defs.d.ts +10 -10
  236. package/dist/lexicons/com/germnetwork/declaration.defs.d.ts +40 -120
  237. package/dist/lexicons/com/germnetwork/declaration.defs.d.ts.map +1 -1
  238. package/dist/lexicons/site/standard/document.defs.d.ts +130 -450
  239. package/dist/lexicons/site/standard/document.defs.d.ts.map +1 -1
  240. package/dist/lexicons/site/standard/graph/recommend.defs.d.ts +10 -10
  241. package/dist/lexicons/site/standard/graph/recommend.defs.d.ts.map +1 -1
  242. package/dist/lexicons/site/standard/graph/subscription.defs.d.ts +20 -60
  243. package/dist/lexicons/site/standard/graph/subscription.defs.d.ts.map +1 -1
  244. package/dist/lexicons/site/standard/publication.defs.d.ts +60 -220
  245. package/dist/lexicons/site/standard/publication.defs.d.ts.map +1 -1
  246. package/dist/lexicons/site/standard/theme/basic.defs.d.ts +10 -10
  247. package/dist/lexicons/site/standard/theme/basic.defs.d.ts.map +1 -1
  248. package/dist/lexicons/tools/ozone/moderation/queryStatuses.defs.d.ts +2 -2
  249. package/dist/lexicons/tools/ozone/set/querySets.defs.d.ts +2 -2
  250. package/dist/logger.d.ts +14 -14
  251. package/dist/logger.d.ts.map +1 -1
  252. package/dist/mailer/index.d.ts +2 -0
  253. package/dist/mailer/index.d.ts.map +1 -1
  254. package/dist/mailer/index.js +2 -0
  255. package/dist/mailer/index.js.map +1 -1
  256. package/dist/mailer/moderation.d.ts.map +1 -1
  257. package/dist/pipethrough.d.ts +1 -1
  258. package/dist/pipethrough.d.ts.map +1 -1
  259. package/dist/pipethrough.js.map +1 -1
  260. package/dist/rate-limits.d.ts.map +1 -1
  261. package/dist/read-after-write/util.d.ts.map +1 -1
  262. package/dist/read-after-write/viewer.d.ts +8 -8
  263. package/dist/read-after-write/viewer.d.ts.map +1 -1
  264. package/dist/read-after-write/viewer.js.map +1 -1
  265. package/dist/redis.d.ts.map +1 -1
  266. package/dist/repo/prepare.d.ts.map +1 -1
  267. package/dist/repo/types.d.ts.map +1 -1
  268. package/dist/repo/types.js.map +1 -1
  269. package/dist/scripts/index.d.ts.map +1 -1
  270. package/dist/scripts/publish-identity.d.ts.map +1 -1
  271. package/dist/scripts/rebuild-repo.d.ts.map +1 -1
  272. package/dist/scripts/rotate-keys.d.ts.map +1 -1
  273. package/dist/scripts/sequencer-recovery/index.d.ts.map +1 -1
  274. package/dist/scripts/sequencer-recovery/recoverer.d.ts.map +1 -1
  275. package/dist/scripts/sequencer-recovery/recoverer.js.map +1 -1
  276. package/dist/scripts/sequencer-recovery/recovery-db.d.ts.map +1 -1
  277. package/dist/scripts/sequencer-recovery/recovery-db.js.map +1 -1
  278. package/dist/scripts/sequencer-recovery/repair-repos.d.ts.map +1 -1
  279. package/dist/scripts/sequencer-recovery/user-queues.d.ts.map +1 -1
  280. package/dist/scripts/util.d.ts.map +1 -1
  281. package/dist/sequencer/db/index.d.ts.map +1 -1
  282. package/dist/sequencer/db/migrations/index.d.ts.map +1 -1
  283. package/dist/sequencer/events.d.ts +19 -19
  284. package/dist/sequencer/events.d.ts.map +1 -1
  285. package/dist/sequencer/events.js +6 -13
  286. package/dist/sequencer/events.js.map +1 -1
  287. package/dist/sequencer/outbox.d.ts.map +1 -1
  288. package/dist/sequencer/outbox.js.map +1 -1
  289. package/dist/sequencer/sequencer.d.ts +1 -1
  290. package/dist/sequencer/sequencer.d.ts.map +1 -1
  291. package/dist/sequencer/sequencer.js.map +1 -1
  292. package/dist/util/debug.d.ts.map +1 -1
  293. package/dist/well-known.d.ts.map +1 -1
  294. package/package.json +26 -27
  295. package/src/account-manager/account-manager.ts +135 -36
  296. package/src/account-manager/db/migrations/005-oauth-account-management.ts +6 -5
  297. package/src/account-manager/db/schema/authorization-request.ts +2 -1
  298. package/src/account-manager/db/schema/authorized-client.ts +6 -2
  299. package/src/account-manager/db/schema/token.ts +2 -2
  300. package/src/account-manager/helpers/account-device.ts +5 -11
  301. package/src/account-manager/helpers/account.ts +39 -16
  302. package/src/account-manager/helpers/auth.ts +2 -2
  303. package/src/account-manager/helpers/authorization-request.ts +12 -8
  304. package/src/account-manager/helpers/authorized-client.ts +12 -6
  305. package/src/account-manager/helpers/device.ts +4 -4
  306. package/src/account-manager/helpers/lexicon.ts +8 -3
  307. package/src/account-manager/helpers/password.ts +6 -0
  308. package/src/account-manager/helpers/token.ts +17 -11
  309. package/src/account-manager/oauth-store.ts +129 -61
  310. package/src/actor-store/blob/reader.ts +8 -5
  311. package/src/actor-store/record/reader.ts +3 -3
  312. package/src/actor-store/repo/sql-repo-reader.ts +1 -1
  313. package/src/api/com/atproto/admin/updateSubjectStatus.ts +16 -4
  314. package/src/api/com/atproto/server/activateAccount.ts +27 -49
  315. package/src/api/com/atproto/server/deactivateAccount.ts +3 -7
  316. package/src/api/com/atproto/server/deleteAccount.ts +60 -43
  317. package/src/api/com/atproto/server/util.ts +24 -7
  318. package/src/config/config.ts +7 -2
  319. package/src/context.ts +2 -3
  320. package/src/db/migrator.ts +2 -1
  321. package/src/db/pagination.ts +7 -7
  322. package/src/db/util.ts +5 -2
  323. package/src/mailer/index.ts +4 -2
  324. package/src/scripts/sequencer-recovery/recovery-db.ts +1 -1
  325. package/src/sequencer/events.ts +8 -13
  326. package/src/sequencer/sequencer.ts +1 -3
  327. package/tests/account-manager.test.ts +79 -0
  328. package/tests/account-status.test.ts +206 -0
  329. package/tests/oauth.test.ts +91 -0
  330. package/tsconfig.build.tsbuildinfo +1 -1
@@ -21,8 +21,8 @@ export const selectAccountQB = (db, flags) => {
21
21
  return db.db
22
22
  .selectFrom('actor')
23
23
  .leftJoin('account', 'actor.did', 'account.did')
24
- .if(!includeTakenDown, (qb) => qb.where(notSoftDeletedClause(ref('actor'))))
25
- .if(!includeDeactivated, (qb) => qb.where('actor.deactivatedAt', 'is', null))
24
+ .$if(!includeTakenDown, (qb) => qb.where(notSoftDeletedClause(ref('actor'))))
25
+ .$if(!includeDeactivated, (qb) => qb.where('actor.deactivatedAt', 'is', null))
26
26
  .select([
27
27
  'actor.did',
28
28
  'actor.handle',
@@ -37,12 +37,12 @@ export const selectAccountQB = (db, flags) => {
37
37
  };
38
38
  export const getAccount = async (db, handleOrDid, flags) => {
39
39
  const found = await selectAccountQB(db, flags)
40
- .where((qb) => {
40
+ .where((eb) => {
41
41
  if (isDidIdentifier(handleOrDid)) {
42
- return qb.where('actor.did', '=', handleOrDid);
42
+ return eb('actor.did', '=', handleOrDid);
43
43
  }
44
44
  else {
45
- return qb.where('actor.handle', '=', handleOrDid);
45
+ return eb('actor.handle', '=', handleOrDid);
46
46
  }
47
47
  })
48
48
  .executeTakeFirst();
@@ -117,11 +117,11 @@ export const updateHandle = async (db, did, handle) => {
117
117
  .updateTable('actor')
118
118
  .set({ handle })
119
119
  .where('did', '=', did)
120
- .whereNotExists(db.db
120
+ .where(({ not, exists }) => not(exists(db.db
121
121
  .selectFrom('actor')
122
122
  .where('handle', '=', handle)
123
123
  .where('did', '!=', did)
124
- .selectAll()));
124
+ .selectAll()))));
125
125
  if (res.numUpdatedRows < 1) {
126
126
  throw new UserAlreadyExistsError('Handle is already in use, please choose a different handle.');
127
127
  }
@@ -170,22 +170,28 @@ export const updateAccountTakedownStatus = async (db, did, takedown) => {
170
170
  await db.executeWithRetry(db.db.updateTable('actor').set({ takedownRef }).where('did', '=', did));
171
171
  };
172
172
  export const deactivateAccount = async (db, did, deleteAfter) => {
173
- await db.executeWithRetry(db.db
173
+ const [res] = await db.executeWithRetry(db.db
174
174
  .updateTable('actor')
175
175
  .set({
176
176
  deactivatedAt: currentDatetimeString(),
177
177
  deleteAfter,
178
178
  })
179
179
  .where('did', '=', did));
180
+ return res.numUpdatedRows > 0;
180
181
  };
181
- export const activateAccount = async (db, did) => {
182
- await db.executeWithRetry(db.db
182
+ export const activateAccount = async (db, did, flags) => {
183
+ const { includeTakenDown = false, includeDeactivated = true } = flags ?? {};
184
+ const { ref } = db.db.dynamic;
185
+ const [res] = await db.executeWithRetry(db.db
183
186
  .updateTable('actor')
184
187
  .set({
185
188
  deactivatedAt: null,
186
189
  deleteAfter: null,
187
190
  })
188
- .where('did', '=', did));
191
+ .where('did', '=', did)
192
+ .$if(!includeTakenDown, (q) => q.where(notSoftDeletedClause(ref('actor'))))
193
+ .$if(!includeDeactivated, (q) => q.where('actor.deactivatedAt', 'is not', null)));
194
+ return res.numUpdatedRows > 0;
189
195
  };
190
196
  export const formatAccountStatus = (account) => {
191
197
  if (!account) {
@@ -1 +1 @@
1
- {"version":3,"file":"account.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/account.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAA;AACrC,OAAO,EAKL,qBAAqB,EACrB,eAAe,GAChB,MAAM,cAAc,CAAA;AACrB,OAAO,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AAI9E,MAAM,OAAO,sBAAuB,SAAQ,KAAK;IAE/C,YACE,OAAO,GAAG,qEAAqE,EAC/E,OAAsB;QAEtB,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;QALzB,SAAI,GAAG,wBAAwB,CAAA;IAM/B,CAAC;CACF;AAaD,MAAM,CAAN,IAAY,aAMX;AAND,WAAY,aAAa;IACvB,kCAAiB,CAAA;IACjB,wCAAuB,CAAA;IACvB,wCAAuB,CAAA;IACvB,oCAAmB,CAAA;IACnB,4CAA2B,CAAA;AAC7B,CAAC,EANW,aAAa,KAAb,aAAa,QAMxB;AAED,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,EAAa,EAAE,KAAyB,EAAE,EAAE;IAC1E,MAAM,EAAE,gBAAgB,GAAG,KAAK,EAAE,kBAAkB,GAAG,KAAK,EAAE,GAAG,KAAK,IAAI,EAAE,CAAA;IAC5E,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,OAAO,CAAA;IAC7B,OAAO,EAAE,CAAC,EAAE;SACT,UAAU,CAAC,OAAO,CAAC;SACnB,QAAQ,CAAC,SAAS,EAAE,WAAW,EAAE,aAAa,CAAC;SAC/C,EAAE,CAAC,CAAC,gBAAgB,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;SAC3E,EAAE,CAAC,CAAC,kBAAkB,EAAE,CAAC,EAAE,EAAE,EAAE,CAC9B,EAAE,CAAC,KAAK,CAAC,qBAAqB,EAAE,IAAI,EAAE,IAAI,CAAC,CAC5C;SACA,MAAM,CAAC;QACN,WAAW;QACX,cAAc;QACd,iBAAiB;QACjB,mBAAmB;QACnB,qBAAqB;QACrB,mBAAmB;QACnB,eAAe;QACf,0BAA0B;QAC1B,yBAAyB;KAC1B,CAAC,CAAA;AACN,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,UAAU,GAAG,KAAK,EAC7B,EAAa,EACb,WAA+B,EAC/B,KAAyB,EACK,EAAE;IAChC,MAAM,KAAK,GAAG,MAAM,eAAe,CAAC,EAAE,EAAE,KAAK,CAAC;SAC3C,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE;QACZ,IAAI,eAAe,CAAC,WAAW,CAAC,EAAE,CAAC;YACjC,OAAO,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,CAAA;QAChD,CAAC;aAAM,CAAC;YACN,OAAO,EAAE,CAAC,KAAK,CAAC,cAAc,EAAE,GAAG,EAAE,WAAW,CAAC,CAAA;QACnD,CAAC;IACH,CAAC,CAAC;SACD,gBAAgB,EAAE,CAAA;IACrB,OAAO,KAAK,IAAI,IAAI,CAAA;AACtB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,WAAW,GAAG,KAAK,EAC9B,EAAa,EACb,IAAiB,EACjB,KAAyB,EACW,EAAE;IACtC,MAAM,OAAO,GAAG,IAAI,GAAG,EAAwB,CAAA;IAE/C,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACjB,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,EAAE,EAAE,KAAK,CAAC;SAC9C,KAAK,CAAC,WAAW,EAAE,IAAI,EAAE,IAAI,CAAC;SAC9B,OAAO,EAAE,CAAA;IAEZ,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC3B,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;IACnC,CAAC,CAAC,CAAA;IAEF,OAAO,OAAO,CAAA;AAChB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,EAAa,EACb,KAAa,EACb,KAAyB,EACK,EAAE;IAChC,MAAM,KAAK,GAAG,MAAM,eAAe,CAAC,EAAE,EAAE,KAAK,CAAC;SAC3C,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,KAAK,CAAC,WAAW,EAAE,CAAC;SACxC,gBAAgB,EAAE,CAAA;IACrB,OAAO,KAAK,IAAI,IAAI,CAAA;AACtB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,EAChC,EAAa,EACb,IAIC,EACD,EAAE;IACF,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,CAAA;IACzC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;IACtB,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,CAAA;IAC7C,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CAC5C,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,OAAO,CAAC;SACnB,MAAM,CAAC;QACN,GAAG;QACH,MAAM;QACN,SAAS;QACT,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI;QAC7C,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI;KACxE,CAAC;SACD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;SAClC,SAAS,CAAC,KAAK,CAAC,CACpB,CAAA;IACD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,sBAAsB,EAAE,CAAA;IACpC,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,EAClC,EAAa,EACb,IAIC,EACD,EAAE;IACF,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,cAAc,EAAE,GAAG,IAAI,CAAA;IAC3C,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CAC5C,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,SAAS,CAAC;SACrB,MAAM,CAAC;QACN,GAAG;QACH,KAAK,EAAE,KAAK,CAAC,WAAW,EAAE;QAC1B,cAAc;KACf,CAAC;SACD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;SAClC,SAAS,CAAC,KAAK,CAAC,CACpB,CAAA;IACD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,sBAAsB,EAAE,CAAA;IACpC,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,EAChC,EAAa,EACb,GAAc,EACC,EAAE;IACjB,6EAA6E;IAC7E,2DAA2D;IAC3D,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CACrD,CAAA;IACD,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CACvD,CAAA;IACD,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CACzD,CAAA;IACD,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,aAAa,EAAE,GAAG,EAAE,GAAG,CAAC,CAC3D,CAAA;IACD,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,EAAE,GAAG,CAAC,CACvD,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,EAC/B,EAAa,EACb,GAAc,EACd,MAAoB,EACpB,EAAE;IACF,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACrC,EAAE,CAAC,EAAE;SACF,WAAW,CAAC,OAAO,CAAC;SACpB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;SACf,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,cAAc,CACb,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,OAAO,CAAC;SACnB,KAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC;SAC5B,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC;SACvB,SAAS,EAAE,CACf,CACJ,CAAA;IACD,IAAI,GAAG,CAAC,cAAc,GAAG,CAAC,EAAE,CAAC;QAC3B,MAAM,IAAI,sBAAsB,CAC9B,6DAA6D,CAC9D,CAAA;IACH,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,WAAW,GAAG,KAAK,EAC9B,EAAa,EACb,GAAc,EACd,KAAa,EACb,EAAE;IACF,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;aACF,WAAW,CAAC,SAAS,CAAC;aACtB,GAAG,CAAC;YACH,KAAK,EAAE,KAAK,CAAC,WAAW,EAAE;YAC1B,gBAAgB,EAAE,IAAI;SACvB,CAAC;aACD,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAC1B,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,oBAAoB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9B,MAAM,IAAI,sBAAsB,EAAE,CAAA;QACpC,CAAC;QACD,MAAM,GAAG,CAAA;IACX,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,EACtC,EAAa,EACb,GAAc,EACd,gBAAgC,EAChC,EAAE;IACF,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,WAAW,CAAC,SAAS,CAAC;SACtB,GAAG,CAAC,EAAE,gBAAgB,EAAE,CAAC;SACzB,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAC1B,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EACxC,EAAa,EACb,GAAc,EAIN,EAAE;IACV,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,EAAE;SACpB,UAAU,CAAC,OAAO,CAAC;SACnB,MAAM,CAAC,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;SACxC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,gBAAgB,EAAE,CAAA;IACrB,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAA;IACrB,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW;QAC9B,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,WAAW,EAAE;QACzC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAA;IACtB,MAAM,WAAW,GAAG,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAA;IAC9E,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAA;AAClC,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,2BAA2B,GAAG,KAAK,EAC9C,EAAa,EACb,GAAc,EACd,QAA2C,EAC3C,EAAE;IACF,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO;QAClC,CAAC,CAAC,QAAQ,CAAC,GAAG,IAAI,qBAAqB,EAAE;QACzC,CAAC,CAAC,IAAI,CAAA;IACR,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CACvE,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,EAAa,EACb,GAAc,EACd,WAA0B,EAC1B,EAAE;IACF,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,WAAW,CAAC,OAAO,CAAC;SACpB,GAAG,CAAC;QACH,aAAa,EAAE,qBAAqB,EAAE;QACtC,WAAW;KACZ,CAAC;SACD,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAC1B,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,EAAE,EAAa,EAAE,GAAc,EAAE,EAAE;IACrE,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,WAAW,CAAC,OAAO,CAAC;SACpB,GAAG,CAAC;QACH,aAAa,EAAE,IAAI;QACnB,WAAW,EAAE,IAAI;KAClB,CAAC;SACD,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAC1B,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAG,CACjC,OAGC,EACD,EAAE;IACF,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,CAAC,OAAO,EAAW,CAAA;IAClE,CAAC;SAAM,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QAC/B,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,CAAC,SAAS,EAAW,CAAA;IACpE,CAAC;SAAM,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;QACjC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,CAAC,WAAW,EAAW,CAAA;IACtE,CAAC;SAAM,CAAC;QACN,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAW,CAAA;IACrD,CAAC;AACH,CAAC,CAAA","sourcesContent":["import { DAY } from '@atproto/common'\nimport {\n AtIdentifierString,\n DatetimeString,\n DidString,\n HandleString,\n currentDatetimeString,\n isDidIdentifier,\n} from '@atproto/lex'\nimport { isErrUniqueViolation, notSoftDeletedClause } from '../../db/index.js'\nimport { com } from '../../lexicons/index.js'\nimport { AccountDb, ActorEntry } from '../db/index.js'\n\nexport class UserAlreadyExistsError extends Error {\n name = 'UserAlreadyExistsError'\n constructor(\n message = 'This email address is already in use, please use a different email.',\n options?: ErrorOptions,\n ) {\n super(message, options)\n }\n}\n\nexport type ActorAccount = ActorEntry & {\n email: string | null\n emailConfirmedAt: string | null\n invitesDisabled: 0 | 1 | null\n}\n\nexport type AvailabilityFlags = {\n includeTakenDown?: boolean\n includeDeactivated?: boolean\n}\n\nexport enum AccountStatus {\n Active = 'active',\n Takendown = 'takendown',\n Suspended = 'suspended',\n Deleted = 'deleted',\n Deactivated = 'deactivated',\n}\n\nexport const selectAccountQB = (db: AccountDb, flags?: AvailabilityFlags) => {\n const { includeTakenDown = false, includeDeactivated = false } = flags ?? {}\n const { ref } = db.db.dynamic\n return db.db\n .selectFrom('actor')\n .leftJoin('account', 'actor.did', 'account.did')\n .if(!includeTakenDown, (qb) => qb.where(notSoftDeletedClause(ref('actor'))))\n .if(!includeDeactivated, (qb) =>\n qb.where('actor.deactivatedAt', 'is', null),\n )\n .select([\n 'actor.did',\n 'actor.handle',\n 'actor.createdAt',\n 'actor.takedownRef',\n 'actor.deactivatedAt',\n 'actor.deleteAfter',\n 'account.email',\n 'account.emailConfirmedAt',\n 'account.invitesDisabled',\n ])\n}\n\nexport const getAccount = async (\n db: AccountDb,\n handleOrDid: AtIdentifierString,\n flags?: AvailabilityFlags,\n): Promise<ActorAccount | null> => {\n const found = await selectAccountQB(db, flags)\n .where((qb) => {\n if (isDidIdentifier(handleOrDid)) {\n return qb.where('actor.did', '=', handleOrDid)\n } else {\n return qb.where('actor.handle', '=', handleOrDid)\n }\n })\n .executeTakeFirst()\n return found || null\n}\n\nexport const getAccounts = async (\n db: AccountDb,\n dids: DidString[],\n flags?: AvailabilityFlags,\n): Promise<Map<string, ActorAccount>> => {\n const results = new Map<string, ActorAccount>()\n\n if (!dids.length) {\n return results\n }\n\n const accounts = await selectAccountQB(db, flags)\n .where('actor.did', 'in', dids)\n .execute()\n\n accounts.forEach((account) => {\n results.set(account.did, account)\n })\n\n return results\n}\n\nexport const getAccountByEmail = async (\n db: AccountDb,\n email: string,\n flags?: AvailabilityFlags,\n): Promise<ActorAccount | null> => {\n const found = await selectAccountQB(db, flags)\n .where('email', '=', email.toLowerCase())\n .executeTakeFirst()\n return found || null\n}\n\nexport const registerActor = async (\n db: AccountDb,\n opts: {\n did: DidString\n handle: HandleString\n deactivated?: boolean\n },\n) => {\n const { did, handle, deactivated } = opts\n const now = Date.now()\n const createdAt = new Date(now).toISOString()\n const [registered] = await db.executeWithRetry(\n db.db\n .insertInto('actor')\n .values({\n did,\n handle,\n createdAt,\n deactivatedAt: deactivated ? createdAt : null,\n deleteAfter: deactivated ? new Date(now + 3 * DAY).toISOString() : null,\n })\n .onConflict((oc) => oc.doNothing())\n .returning('did'),\n )\n if (!registered) {\n throw new UserAlreadyExistsError()\n }\n}\n\nexport const registerAccount = async (\n db: AccountDb,\n opts: {\n did: string\n email: string\n passwordScrypt: string\n },\n) => {\n const { did, email, passwordScrypt } = opts\n const [registered] = await db.executeWithRetry(\n db.db\n .insertInto('account')\n .values({\n did,\n email: email.toLowerCase(),\n passwordScrypt,\n })\n .onConflict((oc) => oc.doNothing())\n .returning('did'),\n )\n if (!registered) {\n throw new UserAlreadyExistsError()\n }\n}\n\nexport const deleteAccount = async (\n db: AccountDb,\n did: DidString,\n): Promise<void> => {\n // Not done in transaction because it would be too long, prone to contention.\n // Also, this can safely be run multiple times if it fails.\n await db.executeWithRetry(\n db.db.deleteFrom('repo_root').where('did', '=', did),\n )\n await db.executeWithRetry(\n db.db.deleteFrom('email_token').where('did', '=', did),\n )\n await db.executeWithRetry(\n db.db.deleteFrom('refresh_token').where('did', '=', did),\n )\n await db.executeWithRetry(\n db.db.deleteFrom('account').where('account.did', '=', did),\n )\n await db.executeWithRetry(\n db.db.deleteFrom('actor').where('actor.did', '=', did),\n )\n}\n\nexport const updateHandle = async (\n db: AccountDb,\n did: DidString,\n handle: HandleString,\n) => {\n // No-op if the handle is the same, but still returns 1 row affected, so that\n // it can be used to check for existence of the account.\n const [res] = await db.executeWithRetry(\n db.db\n .updateTable('actor')\n .set({ handle })\n .where('did', '=', did)\n .whereNotExists(\n db.db\n .selectFrom('actor')\n .where('handle', '=', handle)\n .where('did', '!=', did)\n .selectAll(),\n ),\n )\n if (res.numUpdatedRows < 1) {\n throw new UserAlreadyExistsError(\n 'Handle is already in use, please choose a different handle.',\n )\n }\n}\n\nexport const updateEmail = async (\n db: AccountDb,\n did: DidString,\n email: string,\n) => {\n try {\n await db.executeWithRetry(\n db.db\n .updateTable('account')\n .set({\n email: email.toLowerCase(),\n emailConfirmedAt: null,\n })\n .where('did', '=', did),\n )\n } catch (err) {\n if (isErrUniqueViolation(err)) {\n throw new UserAlreadyExistsError()\n }\n throw err\n }\n}\n\nexport const setEmailConfirmedAt = async (\n db: AccountDb,\n did: DidString,\n emailConfirmedAt: DatetimeString,\n) => {\n await db.executeWithRetry(\n db.db\n .updateTable('account')\n .set({ emailConfirmedAt })\n .where('did', '=', did),\n )\n}\n\nexport const getAccountAdminStatus = async (\n db: AccountDb,\n did: DidString,\n): Promise<{\n takedown: com.atproto.admin.defs.StatusAttr\n deactivated: com.atproto.admin.defs.StatusAttr\n} | null> => {\n const res = await db.db\n .selectFrom('actor')\n .select(['takedownRef', 'deactivatedAt'])\n .where('did', '=', did)\n .executeTakeFirst()\n if (!res) return null\n const takedown = res.takedownRef\n ? { applied: true, ref: res.takedownRef }\n : { applied: false }\n const deactivated = res.deactivatedAt ? { applied: true } : { applied: false }\n return { takedown, deactivated }\n}\n\nexport const updateAccountTakedownStatus = async (\n db: AccountDb,\n did: DidString,\n takedown: com.atproto.admin.defs.StatusAttr,\n) => {\n const takedownRef = takedown.applied\n ? takedown.ref ?? currentDatetimeString()\n : null\n await db.executeWithRetry(\n db.db.updateTable('actor').set({ takedownRef }).where('did', '=', did),\n )\n}\n\nexport const deactivateAccount = async (\n db: AccountDb,\n did: DidString,\n deleteAfter: string | null,\n) => {\n await db.executeWithRetry(\n db.db\n .updateTable('actor')\n .set({\n deactivatedAt: currentDatetimeString(),\n deleteAfter,\n })\n .where('did', '=', did),\n )\n}\n\nexport const activateAccount = async (db: AccountDb, did: DidString) => {\n await db.executeWithRetry(\n db.db\n .updateTable('actor')\n .set({\n deactivatedAt: null,\n deleteAfter: null,\n })\n .where('did', '=', did),\n )\n}\n\nexport const formatAccountStatus = (\n account: null | {\n takedownRef: string | null\n deactivatedAt: string | null\n },\n) => {\n if (!account) {\n return { active: false, status: AccountStatus.Deleted } as const\n } else if (account.takedownRef) {\n return { active: false, status: AccountStatus.Takendown } as const\n } else if (account.deactivatedAt) {\n return { active: false, status: AccountStatus.Deactivated } as const\n } else {\n return { active: true, status: undefined } as const\n }\n}\n"]}
1
+ {"version":3,"file":"account.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/account.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAA;AACrC,OAAO,EAKL,qBAAqB,EACrB,eAAe,GAChB,MAAM,cAAc,CAAA;AACrB,OAAO,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AAI9E,MAAM,OAAO,sBAAuB,SAAQ,KAAK;IAE/C,YACE,OAAO,GAAG,qEAAqE,EAC/E,OAAsB;QAEtB,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;QALzB,SAAI,GAAG,wBAAwB,CAAA;IAM/B,CAAC;CACF;AAaD,MAAM,CAAN,IAAY,aAMX;AAND,WAAY,aAAa;IACvB,kCAAiB,CAAA;IACjB,wCAAuB,CAAA;IACvB,wCAAuB,CAAA;IACvB,oCAAmB,CAAA;IACnB,4CAA2B,CAAA;AAC7B,CAAC,EANW,aAAa,KAAb,aAAa,QAMxB;AAED,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,EAAa,EAAE,KAAyB,EAAE,EAAE;IAC1E,MAAM,EAAE,gBAAgB,GAAG,KAAK,EAAE,kBAAkB,GAAG,KAAK,EAAE,GAAG,KAAK,IAAI,EAAE,CAAA;IAC5E,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,OAAO,CAAA;IAC7B,OAAO,EAAE,CAAC,EAAE;SACT,UAAU,CAAC,OAAO,CAAC;SACnB,QAAQ,CAAC,SAAS,EAAE,WAAW,EAAE,aAAa,CAAC;SAC/C,GAAG,CAAC,CAAC,gBAAgB,EAAE,CAAC,EAAE,EAAE,EAAE,CAC7B,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAC7C;SACA,GAAG,CAAC,CAAC,kBAAkB,EAAE,CAAC,EAAE,EAAE,EAAE,CAC/B,EAAE,CAAC,KAAK,CAAC,qBAAqB,EAAE,IAAI,EAAE,IAAI,CAAC,CAC5C;SACA,MAAM,CAAC;QACN,WAAW;QACX,cAAc;QACd,iBAAiB;QACjB,mBAAmB;QACnB,qBAAqB;QACrB,mBAAmB;QACnB,eAAe;QACf,0BAA0B;QAC1B,yBAAyB;KAC1B,CAAC,CAAA;AACN,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,UAAU,GAAG,KAAK,EAC7B,EAAa,EACb,WAA+B,EAC/B,KAAyB,EACK,EAAE;IAChC,MAAM,KAAK,GAAG,MAAM,eAAe,CAAC,EAAE,EAAE,KAAK,CAAC;SAC3C,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE;QACZ,IAAI,eAAe,CAAC,WAAW,CAAC,EAAE,CAAC;YACjC,OAAO,EAAE,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,CAAA;QAC1C,CAAC;aAAM,CAAC;YACN,OAAO,EAAE,CAAC,cAAc,EAAE,GAAG,EAAE,WAAW,CAAC,CAAA;QAC7C,CAAC;IACH,CAAC,CAAC;SACD,gBAAgB,EAAE,CAAA;IACrB,OAAO,KAAK,IAAI,IAAI,CAAA;AACtB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,WAAW,GAAG,KAAK,EAC9B,EAAa,EACb,IAAiB,EACjB,KAAyB,EACW,EAAE;IACtC,MAAM,OAAO,GAAG,IAAI,GAAG,EAAwB,CAAA;IAE/C,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACjB,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,EAAE,EAAE,KAAK,CAAC;SAC9C,KAAK,CAAC,WAAW,EAAE,IAAI,EAAE,IAAI,CAAC;SAC9B,OAAO,EAAE,CAAA;IAEZ,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC3B,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;IACnC,CAAC,CAAC,CAAA;IAEF,OAAO,OAAO,CAAA;AAChB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,EAAa,EACb,KAAa,EACb,KAAyB,EACK,EAAE;IAChC,MAAM,KAAK,GAAG,MAAM,eAAe,CAAC,EAAE,EAAE,KAAK,CAAC;SAC3C,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,KAAK,CAAC,WAAW,EAAE,CAAC;SACxC,gBAAgB,EAAE,CAAA;IACrB,OAAO,KAAK,IAAI,IAAI,CAAA;AACtB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,EAChC,EAAa,EACb,IAIC,EACD,EAAE;IACF,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,CAAA;IACzC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;IACtB,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,CAAA;IAC7C,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CAC5C,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,OAAO,CAAC;SACnB,MAAM,CAAC;QACN,GAAG;QACH,MAAM;QACN,SAAS;QACT,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI;QAC7C,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI;KACxE,CAAC;SACD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;SAClC,SAAS,CAAC,KAAK,CAAC,CACpB,CAAA;IACD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,sBAAsB,EAAE,CAAA;IACpC,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,EAClC,EAAa,EACb,IAIC,EACD,EAAE;IACF,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,cAAc,EAAE,GAAG,IAAI,CAAA;IAC3C,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CAC5C,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,SAAS,CAAC;SACrB,MAAM,CAAC;QACN,GAAG;QACH,KAAK,EAAE,KAAK,CAAC,WAAW,EAAE;QAC1B,cAAc;KACf,CAAC;SACD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;SAClC,SAAS,CAAC,KAAK,CAAC,CACpB,CAAA;IACD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,sBAAsB,EAAE,CAAA;IACpC,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,EAChC,EAAa,EACb,GAAc,EACC,EAAE;IACjB,6EAA6E;IAC7E,2DAA2D;IAC3D,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CACrD,CAAA;IACD,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CACvD,CAAA;IACD,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CACzD,CAAA;IACD,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,aAAa,EAAE,GAAG,EAAE,GAAG,CAAC,CAC3D,CAAA;IACD,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,EAAE,GAAG,CAAC,CACvD,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,EAC/B,EAAa,EACb,GAAc,EACd,MAAoB,EACpB,EAAE;IACF,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACrC,EAAE,CAAC,EAAE;SACF,WAAW,CAAC,OAAO,CAAC;SACpB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;SACf,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,KAAK,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,EAAE,EAAE,CACzB,GAAG,CACD,MAAM,CACJ,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,OAAO,CAAC;SACnB,KAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC;SAC5B,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC;SACvB,SAAS,EAAE,CACf,CACF,CACF,CACJ,CAAA;IACD,IAAI,GAAG,CAAC,cAAc,GAAG,CAAC,EAAE,CAAC;QAC3B,MAAM,IAAI,sBAAsB,CAC9B,6DAA6D,CAC9D,CAAA;IACH,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,WAAW,GAAG,KAAK,EAC9B,EAAa,EACb,GAAc,EACd,KAAa,EACb,EAAE;IACF,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;aACF,WAAW,CAAC,SAAS,CAAC;aACtB,GAAG,CAAC;YACH,KAAK,EAAE,KAAK,CAAC,WAAW,EAAE;YAC1B,gBAAgB,EAAE,IAAI;SACvB,CAAC;aACD,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAC1B,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,oBAAoB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9B,MAAM,IAAI,sBAAsB,EAAE,CAAA;QACpC,CAAC;QACD,MAAM,GAAG,CAAA;IACX,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,EACtC,EAAa,EACb,GAAc,EACd,gBAAgC,EAChC,EAAE;IACF,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,WAAW,CAAC,SAAS,CAAC;SACtB,GAAG,CAAC,EAAE,gBAAgB,EAAE,CAAC;SACzB,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAC1B,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EACxC,EAAa,EACb,GAAc,EAIN,EAAE;IACV,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,EAAE;SACpB,UAAU,CAAC,OAAO,CAAC;SACnB,MAAM,CAAC,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;SACxC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,gBAAgB,EAAE,CAAA;IACrB,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAA;IACrB,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW;QAC9B,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,WAAW,EAAE;QACzC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAA;IACtB,MAAM,WAAW,GAAG,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAA;IAC9E,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAA;AAClC,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,2BAA2B,GAAG,KAAK,EAC9C,EAAa,EACb,GAAc,EACd,QAA2C,EAC3C,EAAE;IACF,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO;QAClC,CAAC,CAAC,QAAQ,CAAC,GAAG,IAAI,qBAAqB,EAAE;QACzC,CAAC,CAAC,IAAI,CAAA;IACR,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CACvE,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,EAAa,EACb,GAAc,EACd,WAA0B,EACR,EAAE;IACpB,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACrC,EAAE,CAAC,EAAE;SACF,WAAW,CAAC,OAAO,CAAC;SACpB,GAAG,CAAC;QACH,aAAa,EAAE,qBAAqB,EAAE;QACtC,WAAW;KACZ,CAAC;SACD,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAC1B,CAAA;IAED,OAAO,GAAG,CAAC,cAAc,GAAG,CAAC,CAAA;AAC/B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,EAClC,EAAa,EACb,GAAc,EACd,KAAyB,EACP,EAAE;IACpB,MAAM,EAAE,gBAAgB,GAAG,KAAK,EAAE,kBAAkB,GAAG,IAAI,EAAE,GAAG,KAAK,IAAI,EAAE,CAAA;IAC3E,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,OAAO,CAAA;IAE7B,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACrC,EAAE,CAAC,EAAE;SACF,WAAW,CAAC,OAAO,CAAC;SACpB,GAAG,CAAC;QACH,aAAa,EAAE,IAAI;QACnB,WAAW,EAAE,IAAI;KAClB,CAAC;SACD,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,GAAG,CAAC,CAAC,gBAAgB,EAAE,CAAC,CAAC,EAAE,EAAE,CAC5B,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAC5C;SACA,GAAG,CAAC,CAAC,kBAAkB,EAAE,CAAC,CAAC,EAAE,EAAE,CAC9B,CAAC,CAAC,KAAK,CAAC,qBAAqB,EAAE,QAAQ,EAAE,IAAI,CAAC,CAC/C,CACJ,CAAA;IAED,OAAO,GAAG,CAAC,cAAc,GAAG,CAAC,CAAA;AAC/B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAG,CACjC,OAGC,EACD,EAAE;IACF,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,CAAC,OAAO,EAAW,CAAA;IAClE,CAAC;SAAM,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QAC/B,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,CAAC,SAAS,EAAW,CAAA;IACpE,CAAC;SAAM,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;QACjC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,CAAC,WAAW,EAAW,CAAA;IACtE,CAAC;SAAM,CAAC;QACN,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAW,CAAA;IACrD,CAAC;AACH,CAAC,CAAA","sourcesContent":["import { DAY } from '@atproto/common'\nimport {\n AtIdentifierString,\n DatetimeString,\n DidString,\n HandleString,\n currentDatetimeString,\n isDidIdentifier,\n} from '@atproto/lex'\nimport { isErrUniqueViolation, notSoftDeletedClause } from '../../db/index.js'\nimport { com } from '../../lexicons/index.js'\nimport { AccountDb, ActorEntry } from '../db/index.js'\n\nexport class UserAlreadyExistsError extends Error {\n name = 'UserAlreadyExistsError'\n constructor(\n message = 'This email address is already in use, please use a different email.',\n options?: ErrorOptions,\n ) {\n super(message, options)\n }\n}\n\nexport type ActorAccount = ActorEntry & {\n email: string | null\n emailConfirmedAt: string | null\n invitesDisabled: 0 | 1 | null\n}\n\nexport type AvailabilityFlags = {\n includeTakenDown?: boolean\n includeDeactivated?: boolean\n}\n\nexport enum AccountStatus {\n Active = 'active',\n Takendown = 'takendown',\n Suspended = 'suspended',\n Deleted = 'deleted',\n Deactivated = 'deactivated',\n}\n\nexport const selectAccountQB = (db: AccountDb, flags?: AvailabilityFlags) => {\n const { includeTakenDown = false, includeDeactivated = false } = flags ?? {}\n const { ref } = db.db.dynamic\n return db.db\n .selectFrom('actor')\n .leftJoin('account', 'actor.did', 'account.did')\n .$if(!includeTakenDown, (qb) =>\n qb.where(notSoftDeletedClause(ref('actor'))),\n )\n .$if(!includeDeactivated, (qb) =>\n qb.where('actor.deactivatedAt', 'is', null),\n )\n .select([\n 'actor.did',\n 'actor.handle',\n 'actor.createdAt',\n 'actor.takedownRef',\n 'actor.deactivatedAt',\n 'actor.deleteAfter',\n 'account.email',\n 'account.emailConfirmedAt',\n 'account.invitesDisabled',\n ])\n}\n\nexport const getAccount = async (\n db: AccountDb,\n handleOrDid: AtIdentifierString,\n flags?: AvailabilityFlags,\n): Promise<ActorAccount | null> => {\n const found = await selectAccountQB(db, flags)\n .where((eb) => {\n if (isDidIdentifier(handleOrDid)) {\n return eb('actor.did', '=', handleOrDid)\n } else {\n return eb('actor.handle', '=', handleOrDid)\n }\n })\n .executeTakeFirst()\n return found || null\n}\n\nexport const getAccounts = async (\n db: AccountDb,\n dids: DidString[],\n flags?: AvailabilityFlags,\n): Promise<Map<string, ActorAccount>> => {\n const results = new Map<string, ActorAccount>()\n\n if (!dids.length) {\n return results\n }\n\n const accounts = await selectAccountQB(db, flags)\n .where('actor.did', 'in', dids)\n .execute()\n\n accounts.forEach((account) => {\n results.set(account.did, account)\n })\n\n return results\n}\n\nexport const getAccountByEmail = async (\n db: AccountDb,\n email: string,\n flags?: AvailabilityFlags,\n): Promise<ActorAccount | null> => {\n const found = await selectAccountQB(db, flags)\n .where('email', '=', email.toLowerCase())\n .executeTakeFirst()\n return found || null\n}\n\nexport const registerActor = async (\n db: AccountDb,\n opts: {\n did: DidString\n handle: HandleString\n deactivated?: boolean\n },\n) => {\n const { did, handle, deactivated } = opts\n const now = Date.now()\n const createdAt = new Date(now).toISOString()\n const [registered] = await db.executeWithRetry(\n db.db\n .insertInto('actor')\n .values({\n did,\n handle,\n createdAt,\n deactivatedAt: deactivated ? createdAt : null,\n deleteAfter: deactivated ? new Date(now + 3 * DAY).toISOString() : null,\n })\n .onConflict((oc) => oc.doNothing())\n .returning('did'),\n )\n if (!registered) {\n throw new UserAlreadyExistsError()\n }\n}\n\nexport const registerAccount = async (\n db: AccountDb,\n opts: {\n did: string\n email: string\n passwordScrypt: string\n },\n) => {\n const { did, email, passwordScrypt } = opts\n const [registered] = await db.executeWithRetry(\n db.db\n .insertInto('account')\n .values({\n did,\n email: email.toLowerCase(),\n passwordScrypt,\n })\n .onConflict((oc) => oc.doNothing())\n .returning('did'),\n )\n if (!registered) {\n throw new UserAlreadyExistsError()\n }\n}\n\nexport const deleteAccount = async (\n db: AccountDb,\n did: DidString,\n): Promise<void> => {\n // Not done in transaction because it would be too long, prone to contention.\n // Also, this can safely be run multiple times if it fails.\n await db.executeWithRetry(\n db.db.deleteFrom('repo_root').where('did', '=', did),\n )\n await db.executeWithRetry(\n db.db.deleteFrom('email_token').where('did', '=', did),\n )\n await db.executeWithRetry(\n db.db.deleteFrom('refresh_token').where('did', '=', did),\n )\n await db.executeWithRetry(\n db.db.deleteFrom('account').where('account.did', '=', did),\n )\n await db.executeWithRetry(\n db.db.deleteFrom('actor').where('actor.did', '=', did),\n )\n}\n\nexport const updateHandle = async (\n db: AccountDb,\n did: DidString,\n handle: HandleString,\n) => {\n // No-op if the handle is the same, but still returns 1 row affected, so that\n // it can be used to check for existence of the account.\n const [res] = await db.executeWithRetry(\n db.db\n .updateTable('actor')\n .set({ handle })\n .where('did', '=', did)\n .where(({ not, exists }) =>\n not(\n exists(\n db.db\n .selectFrom('actor')\n .where('handle', '=', handle)\n .where('did', '!=', did)\n .selectAll(),\n ),\n ),\n ),\n )\n if (res.numUpdatedRows < 1) {\n throw new UserAlreadyExistsError(\n 'Handle is already in use, please choose a different handle.',\n )\n }\n}\n\nexport const updateEmail = async (\n db: AccountDb,\n did: DidString,\n email: string,\n) => {\n try {\n await db.executeWithRetry(\n db.db\n .updateTable('account')\n .set({\n email: email.toLowerCase(),\n emailConfirmedAt: null,\n })\n .where('did', '=', did),\n )\n } catch (err) {\n if (isErrUniqueViolation(err)) {\n throw new UserAlreadyExistsError()\n }\n throw err\n }\n}\n\nexport const setEmailConfirmedAt = async (\n db: AccountDb,\n did: DidString,\n emailConfirmedAt: DatetimeString,\n) => {\n await db.executeWithRetry(\n db.db\n .updateTable('account')\n .set({ emailConfirmedAt })\n .where('did', '=', did),\n )\n}\n\nexport const getAccountAdminStatus = async (\n db: AccountDb,\n did: DidString,\n): Promise<{\n takedown: com.atproto.admin.defs.StatusAttr\n deactivated: com.atproto.admin.defs.StatusAttr\n} | null> => {\n const res = await db.db\n .selectFrom('actor')\n .select(['takedownRef', 'deactivatedAt'])\n .where('did', '=', did)\n .executeTakeFirst()\n if (!res) return null\n const takedown = res.takedownRef\n ? { applied: true, ref: res.takedownRef }\n : { applied: false }\n const deactivated = res.deactivatedAt ? { applied: true } : { applied: false }\n return { takedown, deactivated }\n}\n\nexport const updateAccountTakedownStatus = async (\n db: AccountDb,\n did: DidString,\n takedown: com.atproto.admin.defs.StatusAttr,\n) => {\n const takedownRef = takedown.applied\n ? takedown.ref ?? currentDatetimeString()\n : null\n await db.executeWithRetry(\n db.db.updateTable('actor').set({ takedownRef }).where('did', '=', did),\n )\n}\n\nexport const deactivateAccount = async (\n db: AccountDb,\n did: DidString,\n deleteAfter: string | null,\n): Promise<boolean> => {\n const [res] = await db.executeWithRetry(\n db.db\n .updateTable('actor')\n .set({\n deactivatedAt: currentDatetimeString(),\n deleteAfter,\n })\n .where('did', '=', did),\n )\n\n return res.numUpdatedRows > 0\n}\n\nexport const activateAccount = async (\n db: AccountDb,\n did: DidString,\n flags?: AvailabilityFlags,\n): Promise<boolean> => {\n const { includeTakenDown = false, includeDeactivated = true } = flags ?? {}\n const { ref } = db.db.dynamic\n\n const [res] = await db.executeWithRetry(\n db.db\n .updateTable('actor')\n .set({\n deactivatedAt: null,\n deleteAfter: null,\n })\n .where('did', '=', did)\n .$if(!includeTakenDown, (q) =>\n q.where(notSoftDeletedClause(ref('actor'))),\n )\n .$if(!includeDeactivated, (q) =>\n q.where('actor.deactivatedAt', 'is not', null),\n ),\n )\n\n return res.numUpdatedRows > 0\n}\n\nexport const formatAccountStatus = (\n account: null | {\n takedownRef: string | null\n deactivatedAt: string | null\n },\n) => {\n if (!account) {\n return { active: false, status: AccountStatus.Deleted } as const\n } else if (account.takedownRef) {\n return { active: false, status: AccountStatus.Takendown } as const\n } else if (account.deactivatedAt) {\n return { active: false, status: AccountStatus.Deactivated } as const\n } else {\n return { active: true, status: undefined } as const\n }\n}\n"]}
@@ -1 +1 @@
1
- {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/auth.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AAIvC,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAA;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAC1C,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAA;AAE/C,MAAM,MAAM,SAAS,GAAG;IACtB,KAAK,EAAE,SAAS,CAAA;IAChB,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,YAAY,GAAG,SAAS,GAAG;IAAE,KAAK,EAAE,SAAS,CAAC,OAAO,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,CAAA;AAEhF,eAAO,MAAM,YAAY,GAAU,MAAM;IACvC,GAAG,EAAE,MAAM,CAAA;IACX,MAAM,EAAE,SAAS,CAAA;IACjB,UAAU,EAAE,MAAM,CAAA;IAClB,KAAK,CAAC,EAAE,SAAS,CAAA;IACjB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAAA;CAC5B;;;EAOA,CAAA;AAED,eAAO,MAAM,iBAAiB,GAAI,MAAM;IACtC,GAAG,EAAE,MAAM,CAAA;IACX,MAAM,EAAE,SAAS,CAAA;IACjB,UAAU,EAAE,MAAM,CAAA;IAClB,KAAK,CAAC,EAAE,SAAS,CAAA;IACjB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAAA;CAC5B,KAAG,OAAO,CAAC,MAAM,CAkBjB,CAAA;AAED,eAAO,MAAM,kBAAkB,GAAI,MAAM;IACvC,GAAG,EAAE,MAAM,CAAA;IACX,MAAM,EAAE,SAAS,CAAA;IACjB,UAAU,EAAE,MAAM,CAAA;IAClB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAAA;CAC5B,KAAG,OAAO,CAAC,MAAM,CAmBjB,CAAA;AAGD,eAAO,MAAM,kBAAkB,GAAI,KAAK,MAAM,KAG5B,YACjB,CAAA;AAED,eAAO,MAAM,iBAAiB,GAC5B,IAAI,SAAS,EACb,SAAS,YAAY,EACrB,aAAa,eAAe,GAAG,IAAI,2CAcpC,CAAA;AAED,eAAO,MAAM,eAAe,GAAU,IAAI,SAAS,EAAE,IAAI,MAAM;;;;;;;;;SA0B9D,CAAA;AAED,eAAO,MAAM,0BAA0B,GACrC,IAAI,SAAS,EACb,KAAK,MAAM,EACX,KAAK,MAAM,kBAQZ,CAAA;AAED,eAAO,MAAM,qBAAqB,GAChC,IAAI,SAAS,EACb,MAAM;IACJ,EAAE,EAAE,MAAM,CAAA;IACV,SAAS,EAAE,MAAM,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;CACf,kBAgBF,CAAA;AAED,eAAO,MAAM,kBAAkB,GAAU,IAAI,SAAS,EAAE,IAAI,MAAM,qBAKjE,CAAA;AAED,eAAO,MAAM,wBAAwB,GAAU,IAAI,SAAS,EAAE,KAAK,MAAM,qBAKxE,CAAA;AAED,eAAO,MAAM,6BAA6B,GACxC,IAAI,SAAS,EACb,KAAK,MAAM,EACX,aAAa,MAAM,qBAUpB,CAAA;AAED,eAAO,MAAM,iBAAiB,cAE7B,CAAA;AAED,eAAO,MAAM,WAAW,GACtB,aAAa,eAAe,GAAG,IAAI,EACnC,gBAAgB,OAAO,KACtB,SAMF,CAAA;AAED,qBAAa,sBAAuB,SAAQ,KAAK;CAAG"}
1
+ {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/auth.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AAIvC,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAA;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAC1C,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAA;AAE/C,MAAM,MAAM,SAAS,GAAG;IACtB,KAAK,EAAE,SAAS,CAAA;IAChB,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,YAAY,GAAG,SAAS,GAAG;IAAE,KAAK,EAAE,SAAS,CAAC,OAAO,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,CAAA;AAEhF,eAAO,MAAM,YAAY,SAAgB;IACvC,GAAG,EAAE,MAAM,CAAA;IACX,MAAM,EAAE,SAAS,CAAA;IACjB,UAAU,EAAE,MAAM,CAAA;IAClB,KAAK,CAAC,EAAE,SAAS,CAAA;IACjB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAAA;CAC5B;;;EAOA,CAAA;AAED,eAAO,MAAM,iBAAiB,SAAU;IACtC,GAAG,EAAE,MAAM,CAAA;IACX,MAAM,EAAE,SAAS,CAAA;IACjB,UAAU,EAAE,MAAM,CAAA;IAClB,KAAK,CAAC,EAAE,SAAS,CAAA;IACjB,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAAA;CAC5B,KAAG,OAAO,CAAC,MAAM,CAkBjB,CAAA;AAED,eAAO,MAAM,kBAAkB,SAAU;IACvC,GAAG,EAAE,MAAM,CAAA;IACX,MAAM,EAAE,SAAS,CAAA;IACjB,UAAU,EAAE,MAAM,CAAA;IAClB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAAA;CAC5B,KAAG,OAAO,CAAC,MAAM,CAmBjB,CAAA;AAGD,eAAO,MAAM,kBAAkB,QAAS,MAAM,KAG5B,YACjB,CAAA;AAED,eAAO,MAAM,iBAAiB,OACxB,SAAS,WACJ,YAAY,eACR,eAAe,GAAG,IAAI,2CAcpC,CAAA;AAED,eAAO,MAAM,eAAe,OAAc,SAAS,MAAM,MAAM;;;;;;;;;SA0B9D,CAAA;AAED,eAAO,MAAM,0BAA0B,OACjC,SAAS,OACR,MAAM,OACN,MAAM,kBAQZ,CAAA;AAED,eAAO,MAAM,qBAAqB,OAC5B,SAAS,QACP;IACJ,EAAE,EAAE,MAAM,CAAA;IACV,SAAS,EAAE,MAAM,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;CACf,kBAgBF,CAAA;AAED,eAAO,MAAM,kBAAkB,OAAc,SAAS,MAAM,MAAM,qBAKjE,CAAA;AAED,eAAO,MAAM,wBAAwB,OAAc,SAAS,OAAO,MAAM,qBAKxE,CAAA;AAED,eAAO,MAAM,6BAA6B,OACpC,SAAS,OACR,MAAM,eACE,MAAM,qBAUpB,CAAA;AAED,eAAO,MAAM,iBAAiB,cAE7B,CAAA;AAED,eAAO,MAAM,WAAW,gBACT,eAAe,GAAG,IAAI,kBACnB,OAAO,KACtB,SAMF,CAAA;AAED,qBAAa,sBAAuB,SAAQ,KAAK;CAAG"}
@@ -93,7 +93,7 @@ export const addRefreshGracePeriod = async (db, opts) => {
93
93
  const [res] = await db.executeWithRetry(db.db
94
94
  .updateTable('refresh_token')
95
95
  .where('id', '=', id)
96
- .where((inner) => inner.where('nextId', 'is', null).orWhere('nextId', '=', nextId))
96
+ .where((eb) => eb.or([eb('nextId', 'is', null), eb('nextId', '=', nextId)]))
97
97
  .set({ expiresAt, nextId })
98
98
  .returningAll());
99
99
  if (!res) {
@@ -1 +1 @@
1
- {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/auth.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAA;AAEhC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAA;AAC5B,OAAO,KAAK,GAAG,MAAM,aAAa,CAAA;AAClC,OAAO,KAAK,MAAM,MAAM,iBAAiB,CAAA;AACzC,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAA;AAY/C,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,EAAE,IAOlC,EAAE,EAAE;IACH,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,IAAI,CAAA;IAC/D,MAAM,CAAC,SAAS,EAAE,UAAU,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAChD,iBAAiB,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC;QAChE,kBAAkB,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC;KAChE,CAAC,CAAA;IACF,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,CAAA;AAClC,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,IAMjC,EAAmB,EAAE;IACpB,MAAM,EACJ,GAAG,EACH,MAAM,EACN,UAAU,EACV,KAAK,GAAG,SAAS,CAAC,MAAM,EACxB,SAAS,GAAG,SAAS,GACtB,GAAG,IAAI,CAAA;IACR,MAAM,MAAM,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,CAAC;SACvC,kBAAkB,CAAC;QAClB,GAAG,EAAE,QAAQ,EAAE,8CAA8C;QAC7D,GAAG,EAAE,OAAO,EAAE,gCAAgC;KAC/C,CAAC;SACD,WAAW,CAAC,UAAU,CAAC;SACvB,UAAU,CAAC,GAAG,CAAC;SACf,WAAW,EAAE;SACb,iBAAiB,CAAC,SAAS,CAAC,CAAA;IAC/B,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;AAC5B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,IAMlC,EAAmB,EAAE;IACpB,MAAM,EACJ,GAAG,EACH,MAAM,EACN,UAAU,EACV,GAAG,GAAG,iBAAiB,EAAE,EACzB,SAAS,GAAG,QAAQ,GACrB,GAAG,IAAI,CAAA;IACR,MAAM,MAAM,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,SAAS,CAAC,OAAO,EAAE,CAAC;SAC1D,kBAAkB,CAAC;QAClB,GAAG,EAAE,aAAa;QAClB,GAAG,EAAE,OAAO,EAAE,gCAAgC;KAC/C,CAAC;SACD,WAAW,CAAC,UAAU,CAAC;SACvB,UAAU,CAAC,GAAG,CAAC;SACf,MAAM,CAAC,GAAG,CAAC;SACX,WAAW,EAAE;SACb,iBAAiB,CAAC,SAAS,CAAC,CAAA;IAC/B,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;AAC5B,CAAC,CAAA;AAED,kHAAkH;AAClH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,GAAW,EAAE,EAAE;IAChD,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;IACjC,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,KAAK,KAAK,SAAS,CAAC,OAAO,EAAE,qBAAqB,CAAC,CAAA;IACnE,OAAO,KAAqB,CAAA;AAC9B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,EAAa,EACb,OAAqB,EACrB,WAAmC,EACnC,EAAE;IACF,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACxC,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,eAAe,CAAC;SAC3B,MAAM,CAAC;QACN,EAAE,EAAE,OAAO,CAAC,GAAG;QACf,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,eAAe,EAAE,WAAW,EAAE,IAAI;QAClC,SAAS,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;KACtD,CAAC;SACD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,CACtC,CAAA;IACD,OAAO,MAAM,CAAA;AACf,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,EAAE,EAAa,EAAE,EAAU,EAAE,EAAE;IACjE,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,EAAE;SACpB,UAAU,CAAC,eAAe,CAAC;SAC3B,QAAQ,CAAC,cAAc,EAAE,CAAC,IAAI,EAAE,EAAE,CACjC,IAAI;SACD,KAAK,CAAC,kBAAkB,EAAE,GAAG,EAAE,mBAAmB,CAAC;SACnD,KAAK,CAAC,mBAAmB,EAAE,GAAG,EAAE,+BAA+B,CAAC,CACpE;SACA,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC;SACpB,SAAS,CAAC,eAAe,CAAC;SAC1B,MAAM,CAAC,yBAAyB,CAAC;SACjC,gBAAgB,EAAE,CAAA;IACrB,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAA;IACrB,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,GAAG,CAAA;IACnE,OAAO;QACL,EAAE;QACF,GAAG;QACH,SAAS;QACT,MAAM;QACN,WAAW,EAAE,eAAe;YAC1B,CAAC,CAAC;gBACE,IAAI,EAAE,eAAe;gBACrB,UAAU,EAAE,UAAU,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK;aAC5C;YACH,CAAC,CAAC,IAAI;KACT,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,0BAA0B,GAAG,KAAK,EAC7C,EAAa,EACb,GAAW,EACX,GAAW,EACX,EAAE;IACF,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,eAAe,CAAC;SAC3B,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,KAAK,CAAC,WAAW,EAAE,IAAI,EAAE,GAAG,CAAC,CACjC,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EACxC,EAAa,EACb,IAIC,EACD,EAAE;IACF,MAAM,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,IAAI,CAAA;IACtC,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACrC,EAAE,CAAC,EAAE;SACF,WAAW,CAAC,eAAe,CAAC;SAC5B,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC;SACpB,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CACf,KAAK,CAAC,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC,CACjE;SACA,GAAG,CAAC,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC;SAC1B,YAAY,EAAE,CAClB,CAAA;IACD,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,sBAAsB,EAAE,CAAA;IACpC,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,kBAAkB,GAAG,KAAK,EAAE,EAAa,EAAE,EAAU,EAAE,EAAE;IACpE,MAAM,CAAC,EAAE,cAAc,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACpD,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,CACvD,CAAA;IACD,OAAO,cAAc,GAAG,CAAC,CAAA;AAC3B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,wBAAwB,GAAG,KAAK,EAAE,EAAa,EAAE,GAAW,EAAE,EAAE;IAC3E,MAAM,CAAC,EAAE,cAAc,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACpD,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CACzD,CAAA;IACD,OAAO,cAAc,GAAG,CAAC,CAAA;AAC3B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,6BAA6B,GAAG,KAAK,EAChD,EAAa,EACb,GAAW,EACX,WAAmB,EACnB,EAAE;IACF,MAAM,CAAC,EAAE,cAAc,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACpD,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,eAAe,CAAC;SAC3B,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,KAAK,CAAC,iBAAiB,EAAE,GAAG,EAAE,WAAW,CAAC,CAC9C,CAAA;IAED,OAAO,cAAc,GAAG,CAAC,CAAA;AAC3B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,GAAG,EAAE;IACpC,OAAO,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,EAAE,QAAQ,CAAC,CAAA;AACvD,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,WAAW,GAAG,CACzB,WAAmC,EACnC,aAAuB,EACZ,EAAE;IACb,IAAI,aAAa;QAAE,OAAO,SAAS,CAAC,SAAS,CAAA;IAC7C,IAAI,CAAC,WAAW;QAAE,OAAO,SAAS,CAAC,MAAM,CAAA;IACzC,OAAO,WAAW,CAAC,UAAU;QAC3B,CAAC,CAAC,SAAS,CAAC,iBAAiB;QAC7B,CAAC,CAAC,SAAS,CAAC,OAAO,CAAA;AACvB,CAAC,CAAA;AAED,MAAM,OAAO,sBAAuB,SAAQ,KAAK;CAAG","sourcesContent":["import assert from 'node:assert'\nimport { KeyObject } from 'node:crypto'\nimport * as jose from 'jose'\nimport * as ui8 from 'uint8arrays'\nimport * as crypto from '@atproto/crypto'\nimport { AuthScope } from '../../auth-scope.js'\nimport { AccountDb } from '../db/index.js'\nimport { AppPassDescript } from './password.js'\n\nexport type AuthToken = {\n scope: AuthScope\n sub: string\n exp: number\n}\n\nexport type RefreshToken = AuthToken & { scope: AuthScope.Refresh; jti: string }\n\nexport const createTokens = async (opts: {\n did: string\n jwtKey: KeyObject\n serviceDid: string\n scope?: AuthScope\n jti?: string\n expiresIn?: string | number\n}) => {\n const { did, jwtKey, serviceDid, scope, jti, expiresIn } = opts\n const [accessJwt, refreshJwt] = await Promise.all([\n createAccessToken({ did, jwtKey, serviceDid, scope, expiresIn }),\n createRefreshToken({ did, jwtKey, serviceDid, jti, expiresIn }),\n ])\n return { accessJwt, refreshJwt }\n}\n\nexport const createAccessToken = (opts: {\n did: string\n jwtKey: KeyObject\n serviceDid: string\n scope?: AuthScope\n expiresIn?: string | number\n}): Promise<string> => {\n const {\n did,\n jwtKey,\n serviceDid,\n scope = AuthScope.Access,\n expiresIn = '120mins',\n } = opts\n const signer = new jose.SignJWT({ scope })\n .setProtectedHeader({\n typ: 'at+jwt', // https://www.rfc-editor.org/rfc/rfc9068.html\n alg: 'HS256', // only symmetric keys supported\n })\n .setAudience(serviceDid)\n .setSubject(did)\n .setIssuedAt()\n .setExpirationTime(expiresIn)\n return signer.sign(jwtKey)\n}\n\nexport const createRefreshToken = (opts: {\n did: string\n jwtKey: KeyObject\n serviceDid: string\n jti?: string\n expiresIn?: string | number\n}): Promise<string> => {\n const {\n did,\n jwtKey,\n serviceDid,\n jti = getRefreshTokenId(),\n expiresIn = '90days',\n } = opts\n const signer = new jose.SignJWT({ scope: AuthScope.Refresh })\n .setProtectedHeader({\n typ: 'refresh+jwt',\n alg: 'HS256', // only symmetric keys supported\n })\n .setAudience(serviceDid)\n .setSubject(did)\n .setJti(jti)\n .setIssuedAt()\n .setExpirationTime(expiresIn)\n return signer.sign(jwtKey)\n}\n\n// @NOTE unsafe for verification, should only be used w/ direct output from createRefreshToken() or createTokens()\nexport const decodeRefreshToken = (jwt: string) => {\n const token = jose.decodeJwt(jwt)\n assert.ok(token.scope === AuthScope.Refresh, 'not a refresh token')\n return token as RefreshToken\n}\n\nexport const storeRefreshToken = async (\n db: AccountDb,\n payload: RefreshToken,\n appPassword: AppPassDescript | null,\n) => {\n const [result] = await db.executeWithRetry(\n db.db\n .insertInto('refresh_token')\n .values({\n id: payload.jti,\n did: payload.sub,\n appPasswordName: appPassword?.name,\n expiresAt: new Date(payload.exp * 1000).toISOString(),\n })\n .onConflict((oc) => oc.doNothing()), // E.g. when re-granting during a refresh grace period\n )\n return result\n}\n\nexport const getRefreshToken = async (db: AccountDb, id: string) => {\n const res = await db.db\n .selectFrom('refresh_token')\n .leftJoin('app_password', (join) =>\n join\n .onRef('app_password.did', '=', 'refresh_token.did')\n .onRef('app_password.name', '=', 'refresh_token.appPasswordName'),\n )\n .where('id', '=', id)\n .selectAll('refresh_token')\n .select('app_password.privileged')\n .executeTakeFirst()\n if (!res) return null\n const { did, expiresAt, appPasswordName, nextId, privileged } = res\n return {\n id,\n did,\n expiresAt,\n nextId,\n appPassword: appPasswordName\n ? {\n name: appPasswordName,\n privileged: privileged === 1 ? true : false,\n }\n : null,\n }\n}\n\nexport const deleteExpiredRefreshTokens = async (\n db: AccountDb,\n did: string,\n now: string,\n) => {\n await db.executeWithRetry(\n db.db\n .deleteFrom('refresh_token')\n .where('did', '=', did)\n .where('expiresAt', '<=', now),\n )\n}\n\nexport const addRefreshGracePeriod = async (\n db: AccountDb,\n opts: {\n id: string\n expiresAt: string\n nextId: string\n },\n) => {\n const { id, expiresAt, nextId } = opts\n const [res] = await db.executeWithRetry(\n db.db\n .updateTable('refresh_token')\n .where('id', '=', id)\n .where((inner) =>\n inner.where('nextId', 'is', null).orWhere('nextId', '=', nextId),\n )\n .set({ expiresAt, nextId })\n .returningAll(),\n )\n if (!res) {\n throw new ConcurrentRefreshError()\n }\n}\n\nexport const revokeRefreshToken = async (db: AccountDb, id: string) => {\n const [{ numDeletedRows }] = await db.executeWithRetry(\n db.db.deleteFrom('refresh_token').where('id', '=', id),\n )\n return numDeletedRows > 0\n}\n\nexport const revokeRefreshTokensByDid = async (db: AccountDb, did: string) => {\n const [{ numDeletedRows }] = await db.executeWithRetry(\n db.db.deleteFrom('refresh_token').where('did', '=', did),\n )\n return numDeletedRows > 0\n}\n\nexport const revokeAppPasswordRefreshToken = async (\n db: AccountDb,\n did: string,\n appPassName: string,\n) => {\n const [{ numDeletedRows }] = await db.executeWithRetry(\n db.db\n .deleteFrom('refresh_token')\n .where('did', '=', did)\n .where('appPasswordName', '=', appPassName),\n )\n\n return numDeletedRows > 0\n}\n\nexport const getRefreshTokenId = () => {\n return ui8.toString(crypto.randomBytes(32), 'base64')\n}\n\nexport const formatScope = (\n appPassword: AppPassDescript | null,\n isSoftDeleted?: boolean,\n): AuthScope => {\n if (isSoftDeleted) return AuthScope.Takendown\n if (!appPassword) return AuthScope.Access\n return appPassword.privileged\n ? AuthScope.AppPassPrivileged\n : AuthScope.AppPass\n}\n\nexport class ConcurrentRefreshError extends Error {}\n"]}
1
+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/auth.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAA;AAEhC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAA;AAC5B,OAAO,KAAK,GAAG,MAAM,aAAa,CAAA;AAClC,OAAO,KAAK,MAAM,MAAM,iBAAiB,CAAA;AACzC,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAA;AAY/C,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,EAAE,IAOlC,EAAE,EAAE;IACH,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,IAAI,CAAA;IAC/D,MAAM,CAAC,SAAS,EAAE,UAAU,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAChD,iBAAiB,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC;QAChE,kBAAkB,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC;KAChE,CAAC,CAAA;IACF,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,CAAA;AAClC,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,IAMjC,EAAmB,EAAE;IACpB,MAAM,EACJ,GAAG,EACH,MAAM,EACN,UAAU,EACV,KAAK,GAAG,SAAS,CAAC,MAAM,EACxB,SAAS,GAAG,SAAS,GACtB,GAAG,IAAI,CAAA;IACR,MAAM,MAAM,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,CAAC;SACvC,kBAAkB,CAAC;QAClB,GAAG,EAAE,QAAQ,EAAE,8CAA8C;QAC7D,GAAG,EAAE,OAAO,EAAE,gCAAgC;KAC/C,CAAC;SACD,WAAW,CAAC,UAAU,CAAC;SACvB,UAAU,CAAC,GAAG,CAAC;SACf,WAAW,EAAE;SACb,iBAAiB,CAAC,SAAS,CAAC,CAAA;IAC/B,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;AAC5B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,IAMlC,EAAmB,EAAE;IACpB,MAAM,EACJ,GAAG,EACH,MAAM,EACN,UAAU,EACV,GAAG,GAAG,iBAAiB,EAAE,EACzB,SAAS,GAAG,QAAQ,GACrB,GAAG,IAAI,CAAA;IACR,MAAM,MAAM,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,SAAS,CAAC,OAAO,EAAE,CAAC;SAC1D,kBAAkB,CAAC;QAClB,GAAG,EAAE,aAAa;QAClB,GAAG,EAAE,OAAO,EAAE,gCAAgC;KAC/C,CAAC;SACD,WAAW,CAAC,UAAU,CAAC;SACvB,UAAU,CAAC,GAAG,CAAC;SACf,MAAM,CAAC,GAAG,CAAC;SACX,WAAW,EAAE;SACb,iBAAiB,CAAC,SAAS,CAAC,CAAA;IAC/B,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;AAC5B,CAAC,CAAA;AAED,kHAAkH;AAClH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,GAAW,EAAE,EAAE;IAChD,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;IACjC,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,KAAK,KAAK,SAAS,CAAC,OAAO,EAAE,qBAAqB,CAAC,CAAA;IACnE,OAAO,KAAqB,CAAA;AAC9B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,EAAa,EACb,OAAqB,EACrB,WAAmC,EACnC,EAAE;IACF,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACxC,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,eAAe,CAAC;SAC3B,MAAM,CAAC;QACN,EAAE,EAAE,OAAO,CAAC,GAAG;QACf,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,eAAe,EAAE,WAAW,EAAE,IAAI;QAClC,SAAS,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;KACtD,CAAC;SACD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,CACtC,CAAA;IACD,OAAO,MAAM,CAAA;AACf,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,EAAE,EAAa,EAAE,EAAU,EAAE,EAAE;IACjE,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,EAAE;SACpB,UAAU,CAAC,eAAe,CAAC;SAC3B,QAAQ,CAAC,cAAc,EAAE,CAAC,IAAI,EAAE,EAAE,CACjC,IAAI;SACD,KAAK,CAAC,kBAAkB,EAAE,GAAG,EAAE,mBAAmB,CAAC;SACnD,KAAK,CAAC,mBAAmB,EAAE,GAAG,EAAE,+BAA+B,CAAC,CACpE;SACA,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC;SACpB,SAAS,CAAC,eAAe,CAAC;SAC1B,MAAM,CAAC,yBAAyB,CAAC;SACjC,gBAAgB,EAAE,CAAA;IACrB,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAA;IACrB,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,GAAG,CAAA;IACnE,OAAO;QACL,EAAE;QACF,GAAG;QACH,SAAS;QACT,MAAM;QACN,WAAW,EAAE,eAAe;YAC1B,CAAC,CAAC;gBACE,IAAI,EAAE,eAAe;gBACrB,UAAU,EAAE,UAAU,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK;aAC5C;YACH,CAAC,CAAC,IAAI;KACT,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,0BAA0B,GAAG,KAAK,EAC7C,EAAa,EACb,GAAW,EACX,GAAW,EACX,EAAE;IACF,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,eAAe,CAAC;SAC3B,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,KAAK,CAAC,WAAW,EAAE,IAAI,EAAE,GAAG,CAAC,CACjC,CAAA;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EACxC,EAAa,EACb,IAIC,EACD,EAAE;IACF,MAAM,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,IAAI,CAAA;IACtC,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACrC,EAAE,CAAC,EAAE;SACF,WAAW,CAAC,eAAe,CAAC;SAC5B,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC;SACpB,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CACZ,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CAC7D;SACA,GAAG,CAAC,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC;SAC1B,YAAY,EAAE,CAClB,CAAA;IACD,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,sBAAsB,EAAE,CAAA;IACpC,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,kBAAkB,GAAG,KAAK,EAAE,EAAa,EAAE,EAAU,EAAE,EAAE;IACpE,MAAM,CAAC,EAAE,cAAc,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACpD,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,CACvD,CAAA;IACD,OAAO,cAAc,GAAG,CAAC,CAAA;AAC3B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,wBAAwB,GAAG,KAAK,EAAE,EAAa,EAAE,GAAW,EAAE,EAAE;IAC3E,MAAM,CAAC,EAAE,cAAc,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACpD,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CACzD,CAAA;IACD,OAAO,cAAc,GAAG,CAAC,CAAA;AAC3B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,6BAA6B,GAAG,KAAK,EAChD,EAAa,EACb,GAAW,EACX,WAAmB,EACnB,EAAE;IACF,MAAM,CAAC,EAAE,cAAc,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,gBAAgB,CACpD,EAAE,CAAC,EAAE;SACF,UAAU,CAAC,eAAe,CAAC;SAC3B,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC;SACtB,KAAK,CAAC,iBAAiB,EAAE,GAAG,EAAE,WAAW,CAAC,CAC9C,CAAA;IAED,OAAO,cAAc,GAAG,CAAC,CAAA;AAC3B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,GAAG,EAAE;IACpC,OAAO,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,EAAE,QAAQ,CAAC,CAAA;AACvD,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,WAAW,GAAG,CACzB,WAAmC,EACnC,aAAuB,EACZ,EAAE;IACb,IAAI,aAAa;QAAE,OAAO,SAAS,CAAC,SAAS,CAAA;IAC7C,IAAI,CAAC,WAAW;QAAE,OAAO,SAAS,CAAC,MAAM,CAAA;IACzC,OAAO,WAAW,CAAC,UAAU;QAC3B,CAAC,CAAC,SAAS,CAAC,iBAAiB;QAC7B,CAAC,CAAC,SAAS,CAAC,OAAO,CAAA;AACvB,CAAC,CAAA;AAED,MAAM,OAAO,sBAAuB,SAAQ,KAAK;CAAG","sourcesContent":["import assert from 'node:assert'\nimport { KeyObject } from 'node:crypto'\nimport * as jose from 'jose'\nimport * as ui8 from 'uint8arrays'\nimport * as crypto from '@atproto/crypto'\nimport { AuthScope } from '../../auth-scope.js'\nimport { AccountDb } from '../db/index.js'\nimport { AppPassDescript } from './password.js'\n\nexport type AuthToken = {\n scope: AuthScope\n sub: string\n exp: number\n}\n\nexport type RefreshToken = AuthToken & { scope: AuthScope.Refresh; jti: string }\n\nexport const createTokens = async (opts: {\n did: string\n jwtKey: KeyObject\n serviceDid: string\n scope?: AuthScope\n jti?: string\n expiresIn?: string | number\n}) => {\n const { did, jwtKey, serviceDid, scope, jti, expiresIn } = opts\n const [accessJwt, refreshJwt] = await Promise.all([\n createAccessToken({ did, jwtKey, serviceDid, scope, expiresIn }),\n createRefreshToken({ did, jwtKey, serviceDid, jti, expiresIn }),\n ])\n return { accessJwt, refreshJwt }\n}\n\nexport const createAccessToken = (opts: {\n did: string\n jwtKey: KeyObject\n serviceDid: string\n scope?: AuthScope\n expiresIn?: string | number\n}): Promise<string> => {\n const {\n did,\n jwtKey,\n serviceDid,\n scope = AuthScope.Access,\n expiresIn = '120mins',\n } = opts\n const signer = new jose.SignJWT({ scope })\n .setProtectedHeader({\n typ: 'at+jwt', // https://www.rfc-editor.org/rfc/rfc9068.html\n alg: 'HS256', // only symmetric keys supported\n })\n .setAudience(serviceDid)\n .setSubject(did)\n .setIssuedAt()\n .setExpirationTime(expiresIn)\n return signer.sign(jwtKey)\n}\n\nexport const createRefreshToken = (opts: {\n did: string\n jwtKey: KeyObject\n serviceDid: string\n jti?: string\n expiresIn?: string | number\n}): Promise<string> => {\n const {\n did,\n jwtKey,\n serviceDid,\n jti = getRefreshTokenId(),\n expiresIn = '90days',\n } = opts\n const signer = new jose.SignJWT({ scope: AuthScope.Refresh })\n .setProtectedHeader({\n typ: 'refresh+jwt',\n alg: 'HS256', // only symmetric keys supported\n })\n .setAudience(serviceDid)\n .setSubject(did)\n .setJti(jti)\n .setIssuedAt()\n .setExpirationTime(expiresIn)\n return signer.sign(jwtKey)\n}\n\n// @NOTE unsafe for verification, should only be used w/ direct output from createRefreshToken() or createTokens()\nexport const decodeRefreshToken = (jwt: string) => {\n const token = jose.decodeJwt(jwt)\n assert.ok(token.scope === AuthScope.Refresh, 'not a refresh token')\n return token as RefreshToken\n}\n\nexport const storeRefreshToken = async (\n db: AccountDb,\n payload: RefreshToken,\n appPassword: AppPassDescript | null,\n) => {\n const [result] = await db.executeWithRetry(\n db.db\n .insertInto('refresh_token')\n .values({\n id: payload.jti,\n did: payload.sub,\n appPasswordName: appPassword?.name,\n expiresAt: new Date(payload.exp * 1000).toISOString(),\n })\n .onConflict((oc) => oc.doNothing()), // E.g. when re-granting during a refresh grace period\n )\n return result\n}\n\nexport const getRefreshToken = async (db: AccountDb, id: string) => {\n const res = await db.db\n .selectFrom('refresh_token')\n .leftJoin('app_password', (join) =>\n join\n .onRef('app_password.did', '=', 'refresh_token.did')\n .onRef('app_password.name', '=', 'refresh_token.appPasswordName'),\n )\n .where('id', '=', id)\n .selectAll('refresh_token')\n .select('app_password.privileged')\n .executeTakeFirst()\n if (!res) return null\n const { did, expiresAt, appPasswordName, nextId, privileged } = res\n return {\n id,\n did,\n expiresAt,\n nextId,\n appPassword: appPasswordName\n ? {\n name: appPasswordName,\n privileged: privileged === 1 ? true : false,\n }\n : null,\n }\n}\n\nexport const deleteExpiredRefreshTokens = async (\n db: AccountDb,\n did: string,\n now: string,\n) => {\n await db.executeWithRetry(\n db.db\n .deleteFrom('refresh_token')\n .where('did', '=', did)\n .where('expiresAt', '<=', now),\n )\n}\n\nexport const addRefreshGracePeriod = async (\n db: AccountDb,\n opts: {\n id: string\n expiresAt: string\n nextId: string\n },\n) => {\n const { id, expiresAt, nextId } = opts\n const [res] = await db.executeWithRetry(\n db.db\n .updateTable('refresh_token')\n .where('id', '=', id)\n .where((eb) =>\n eb.or([eb('nextId', 'is', null), eb('nextId', '=', nextId)]),\n )\n .set({ expiresAt, nextId })\n .returningAll(),\n )\n if (!res) {\n throw new ConcurrentRefreshError()\n }\n}\n\nexport const revokeRefreshToken = async (db: AccountDb, id: string) => {\n const [{ numDeletedRows }] = await db.executeWithRetry(\n db.db.deleteFrom('refresh_token').where('id', '=', id),\n )\n return numDeletedRows > 0\n}\n\nexport const revokeRefreshTokensByDid = async (db: AccountDb, did: string) => {\n const [{ numDeletedRows }] = await db.executeWithRetry(\n db.db.deleteFrom('refresh_token').where('did', '=', did),\n )\n return numDeletedRows > 0\n}\n\nexport const revokeAppPasswordRefreshToken = async (\n db: AccountDb,\n did: string,\n appPassName: string,\n) => {\n const [{ numDeletedRows }] = await db.executeWithRetry(\n db.db\n .deleteFrom('refresh_token')\n .where('did', '=', did)\n .where('appPasswordName', '=', appPassName),\n )\n\n return numDeletedRows > 0\n}\n\nexport const getRefreshTokenId = () => {\n return ui8.toString(crypto.randomBytes(32), 'base64')\n}\n\nexport const formatScope = (\n appPassword: AppPassDescript | null,\n isSoftDeleted?: boolean,\n): AuthScope => {\n if (isSoftDeleted) return AuthScope.Takendown\n if (!appPassword) return AuthScope.Access\n return appPassword.privileged\n ? AuthScope.AppPassPrivileged\n : AuthScope.AppPass\n}\n\nexport class ConcurrentRefreshError extends Error {}\n"]}
@@ -4,9 +4,87 @@ import { AccountDb, AuthorizationRequest } from '../db/index.js';
4
4
  export declare const rowToRequestData: (row: Selectable<AuthorizationRequest>) => RequestData;
5
5
  export declare const rowToFoundRequestResult: (row: Selectable<AuthorizationRequest>) => FoundRequestResult;
6
6
  export declare const createQB: (db: AccountDb, id: RequestId, data: RequestData) => import("kysely").InsertQueryBuilder<import("../db/index.js").DatabaseSchema, "authorization_request", import("kysely").InsertResult>;
7
- export declare const readQB: (db: AccountDb, id: RequestId) => import("kysely/dist/esm/parser/select-parser.js").SelectAllQueryBuilder<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "authorization_request">, "authorization_request", {}, "authorization_request">;
8
- export declare const updateQB: (db: AccountDb, id: RequestId, { code, sub, deviceId, expiresAt, parameters, ...rest }: UpdateRequestData) => import("kysely").UpdateQueryBuilder<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "authorization_request">, "authorization_request", "authorization_request", import("kysely").UpdateResult>;
9
- export declare const removeOldExpiredQB: (db: AccountDb, delay?: number) => import("kysely").DeleteQueryBuilder<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "authorization_request">, "authorization_request", import("kysely").DeleteResult>;
10
- export declare const removeByIdQB: (db: AccountDb, id: RequestId) => import("kysely").DeleteQueryBuilder<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "authorization_request">, "authorization_request", import("kysely").DeleteResult>;
11
- export declare const consumeByCodeQB: (db: AccountDb, code: Code) => import("kysely").DeleteQueryBuilder<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "authorization_request">, "authorization_request", Selectable<AuthorizationRequest>>;
7
+ export declare const readQB: (db: AccountDb, id: RequestId) => import("kysely").SelectQueryBuilder<import("../db/index.js").DatabaseSchema, "authorization_request", {
8
+ clientAuth: import("../../db/cast.js").JsonEncoded<import("@atproto/oauth-provider").ClientAuthLegacy | import("@atproto/oauth-provider").ClientAuth | null>;
9
+ clientId: string;
10
+ code: `cod-${string}` | null;
11
+ deviceId: `dev-${string}` | null;
12
+ did: `did:${string}:${string}` | null;
13
+ expiresAt: `${string}T${string}Z`;
14
+ id: `req-${string}`;
15
+ parameters: import("../../db/cast.js").JsonEncoded<{
16
+ client_id: string;
17
+ state?: string | undefined;
18
+ redirect_uri?: "http://127.0.0.1" | `${string}.${string}:/${string}` | `http://127.0.0.1#${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}` | `http://127.0.0.1?${string}` | `http://[::1]${string}` | `https://${string}` | undefined;
19
+ scope?: string | undefined;
20
+ response_type: "code" | "code id_token" | "code id_token token" | "code token" | "id_token" | "id_token token" | "none" | "token";
21
+ code_challenge?: string | undefined;
22
+ code_challenge_method?: "S256" | "plain" | undefined;
23
+ dpop_jkt?: string | undefined;
24
+ response_mode?: "form_post" | "fragment" | "query" | undefined;
25
+ nonce?: string | undefined;
26
+ max_age?: number | undefined;
27
+ claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"acr" | "address" | "auth_time" | "birthdate" | "email" | "email_verified" | "family_name" | "gender" | "given_name" | "locale" | "middle_name" | "name" | "nickname" | "nonce" | "phone_number" | "phone_number_verified" | "picture" | "preferred_username" | "profile" | "updated_at" | "website" | "zoneinfo", {
28
+ essential?: boolean | undefined;
29
+ value?: string | number | boolean | undefined;
30
+ values?: (string | number | boolean)[] | undefined;
31
+ } | null>>>> | undefined;
32
+ login_hint?: string | undefined;
33
+ ui_locales?: string | undefined;
34
+ id_token_hint?: `${string}.${string}.${string}` | undefined;
35
+ display?: "page" | "popup" | "touch" | "wap" | undefined;
36
+ prompt?: "consent" | "create" | "login" | "none" | "select_account" | undefined;
37
+ authorization_details?: {
38
+ type: string;
39
+ locations?: `${string}:${string}`[] | undefined;
40
+ actions?: string[] | undefined;
41
+ datatypes?: string[] | undefined;
42
+ identifier?: string | undefined;
43
+ privileges?: string[] | undefined;
44
+ }[] | undefined;
45
+ }>;
46
+ }>;
47
+ export declare const updateQB: (db: AccountDb, id: RequestId, { code, did, deviceId, expiresAt, parameters, ...rest }: UpdateRequestData) => import("kysely").UpdateQueryBuilder<import("../db/index.js").DatabaseSchema, "authorization_request", "authorization_request", import("kysely").UpdateResult>;
48
+ export declare const removeOldExpiredQB: (db: AccountDb, delay?: number) => import("kysely").DeleteQueryBuilder<import("../db/index.js").DatabaseSchema, "authorization_request", import("kysely").DeleteResult>;
49
+ export declare const removeByIdQB: (db: AccountDb, id: RequestId) => import("kysely").DeleteQueryBuilder<import("../db/index.js").DatabaseSchema, "authorization_request", import("kysely").DeleteResult>;
50
+ export declare const consumeByCodeQB: (db: AccountDb, code: Code) => import("kysely").DeleteQueryBuilder<import("../db/index.js").DatabaseSchema, "authorization_request", {
51
+ clientAuth: import("../../db/cast.js").JsonEncoded<import("@atproto/oauth-provider").ClientAuthLegacy | import("@atproto/oauth-provider").ClientAuth | null>;
52
+ clientId: string;
53
+ code: `cod-${string}` | null;
54
+ deviceId: `dev-${string}` | null;
55
+ did: `did:${string}:${string}` | null;
56
+ expiresAt: `${string}T${string}Z`;
57
+ id: `req-${string}`;
58
+ parameters: import("../../db/cast.js").JsonEncoded<{
59
+ client_id: string;
60
+ state?: string | undefined;
61
+ redirect_uri?: "http://127.0.0.1" | `${string}.${string}:/${string}` | `http://127.0.0.1#${string}` | `http://127.0.0.1/${string}` | `http://127.0.0.1:${string}` | `http://127.0.0.1?${string}` | `http://[::1]${string}` | `https://${string}` | undefined;
62
+ scope?: string | undefined;
63
+ response_type: "code" | "code id_token" | "code id_token token" | "code token" | "id_token" | "id_token token" | "none" | "token";
64
+ code_challenge?: string | undefined;
65
+ code_challenge_method?: "S256" | "plain" | undefined;
66
+ dpop_jkt?: string | undefined;
67
+ response_mode?: "form_post" | "fragment" | "query" | undefined;
68
+ nonce?: string | undefined;
69
+ max_age?: number | undefined;
70
+ claims?: Partial<Record<"id_token" | "userinfo", Partial<Record<"acr" | "address" | "auth_time" | "birthdate" | "email" | "email_verified" | "family_name" | "gender" | "given_name" | "locale" | "middle_name" | "name" | "nickname" | "nonce" | "phone_number" | "phone_number_verified" | "picture" | "preferred_username" | "profile" | "updated_at" | "website" | "zoneinfo", {
71
+ essential?: boolean | undefined;
72
+ value?: string | number | boolean | undefined;
73
+ values?: (string | number | boolean)[] | undefined;
74
+ } | null>>>> | undefined;
75
+ login_hint?: string | undefined;
76
+ ui_locales?: string | undefined;
77
+ id_token_hint?: `${string}.${string}.${string}` | undefined;
78
+ display?: "page" | "popup" | "touch" | "wap" | undefined;
79
+ prompt?: "consent" | "create" | "login" | "none" | "select_account" | undefined;
80
+ authorization_details?: {
81
+ type: string;
82
+ locations?: `${string}:${string}`[] | undefined;
83
+ actions?: string[] | undefined;
84
+ datatypes?: string[] | undefined;
85
+ identifier?: string | undefined;
86
+ privileges?: string[] | undefined;
87
+ }[] | undefined;
88
+ }>;
89
+ }>;
12
90
  //# sourceMappingURL=authorization-request.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"authorization-request.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/authorization-request.ts"],"names":[],"mappings":"AACA,OAAO,EAAc,UAAU,EAAE,MAAM,QAAQ,CAAA;AAC/C,OAAO,EACL,IAAI,EACJ,kBAAkB,EAClB,WAAW,EACX,SAAS,EACT,iBAAiB,EAClB,MAAM,yBAAyB,CAAA;AAEhC,OAAO,EAAE,SAAS,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAA;AAEhE,eAAO,MAAM,gBAAgB,GAC3B,KAAK,UAAU,CAAC,oBAAoB,CAAC,KACpC,WAQD,CAAA;AAEF,eAAO,MAAM,uBAAuB,GAClC,KAAK,UAAU,CAAC,oBAAoB,CAAC,KACpC,kBAGD,CAAA;AAiBF,eAAO,MAAM,QAAQ,GAAI,IAAI,SAAS,EAAE,IAAI,SAAS,EAAE,MAAM,WAAW,yIACM,CAAA;AAE9E,eAAO,MAAM,MAAM,GAAI,IAAI,SAAS,EAAE,IAAI,SAAS,2PACyB,CAAA;AAE5E,eAAO,MAAM,QAAQ,GACnB,IAAI,SAAS,EACb,IAAI,SAAS,EACb,yDAAyD,iBAAiB,kPAW3E,CAAA;AAED,eAAO,MAAM,kBAAkB,GAAI,IAAI,SAAS,EAAE,cAAa,yNAMM,CAAA;AAErE,eAAO,MAAM,YAAY,GAAI,IAAI,SAAS,EAAE,IAAI,SAAS,yNACO,CAAA;AAEhE,eAAO,MAAM,eAAe,GAAI,IAAI,SAAS,EAAE,MAAM,IAAI,4NAMtC,CAAA"}
1
+ {"version":3,"file":"authorization-request.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/authorization-request.ts"],"names":[],"mappings":"AACA,OAAO,EAAc,UAAU,EAAE,MAAM,QAAQ,CAAA;AAC/C,OAAO,EACL,IAAI,EACJ,kBAAkB,EAClB,WAAW,EACX,SAAS,EACT,iBAAiB,EAClB,MAAM,yBAAyB,CAAA;AAEhC,OAAO,EAAE,SAAS,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAA;AAEhE,eAAO,MAAM,gBAAgB,QACtB,UAAU,CAAC,oBAAoB,CAAC,KACpC,WAQD,CAAA;AAEF,eAAO,MAAM,uBAAuB,QAC7B,UAAU,CAAC,oBAAoB,CAAC,KACpC,kBAGD,CAAA;AAiBF,eAAO,MAAM,QAAQ,OAAQ,SAAS,MAAM,SAAS,QAAQ,WAAW,yIACM,CAAA;AAE9E,eAAO,MAAM,MAAM,OAAQ,SAAS,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EACyB,CAAA;AAE5E,eAAO,MAAM,QAAQ,OACf,SAAS,MACT,SAAS,2DAC4C,iBAAiB,kKAe3E,CAAA;AAED,eAAO,MAAM,kBAAkB,OAAQ,SAAS,yJAMqB,CAAA;AAErE,eAAO,MAAM,YAAY,OAAQ,SAAS,MAAM,SAAS,yIACO,CAAA;AAEhE,eAAO,MAAM,eAAe,OAAQ,SAAS,QAAQ,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAMtC,CAAA"}
@@ -6,7 +6,7 @@ export const rowToRequestData = (row) => ({
6
6
  parameters: fromJson(row.parameters),
7
7
  expiresAt: fromDateISO(row.expiresAt),
8
8
  deviceId: row.deviceId,
9
- sub: row.did,
9
+ did: row.did,
10
10
  code: row.code,
11
11
  });
12
12
  export const rowToFoundRequestResult = (row) => ({
@@ -15,7 +15,7 @@ export const rowToFoundRequestResult = (row) => ({
15
15
  });
16
16
  const requestDataToRow = (id, data) => ({
17
17
  id,
18
- did: data.sub,
18
+ did: data.did,
19
19
  deviceId: data.deviceId,
20
20
  clientId: data.clientId,
21
21
  clientAuth: toJson(data.clientAuth),
@@ -25,15 +25,15 @@ const requestDataToRow = (id, data) => ({
25
25
  });
26
26
  export const createQB = (db, id, data) => db.db.insertInto('authorization_request').values(requestDataToRow(id, data));
27
27
  export const readQB = (db, id) => db.db.selectFrom('authorization_request').where('id', '=', id).selectAll();
28
- export const updateQB = (db, id, { code, sub, deviceId, expiresAt, parameters, ...rest }) => {
28
+ export const updateQB = (db, id, { code, did, deviceId, expiresAt, parameters, ...rest }) => {
29
29
  assert(!Object.keys(rest).length, 'Unexpected fields in UpdateRequestData');
30
30
  return db.db
31
31
  .updateTable('authorization_request')
32
- .if(code !== undefined, (qb) => qb.set({ code }))
33
- .if(sub !== undefined, (qb) => qb.set({ did: sub }))
34
- .if(deviceId !== undefined, (qb) => qb.set({ deviceId }))
35
- .if(expiresAt != null, (qb) => qb.set({ expiresAt: toDateISO(expiresAt) }))
36
- .if(parameters != null, (qb) => qb.set({ parameters: toJson(parameters) }))
32
+ .$if(code !== undefined, (qb) => qb.set({ code }))
33
+ .$if(did !== undefined, (qb) => qb.set({ did }))
34
+ .$if(deviceId !== undefined, (qb) => qb.set({ deviceId }))
35
+ .$if(expiresAt != null, (qb) => qb.set({ expiresAt: toDateISO(expiresAt) }))
36
+ .$if(parameters != null, (qb) => qb.set({ parameters: toJson(parameters) }))
37
37
  .where('id', '=', id);
38
38
  };
39
39
  export const removeOldExpiredQB = (db, delay = 600e3) =>
@@ -1 +1 @@
1
- {"version":3,"file":"authorization-request.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/authorization-request.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAA;AAShC,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAG5E,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC9B,GAAqC,EACxB,EAAE,CAAC,CAAC;IACjB,QAAQ,EAAE,GAAG,CAAC,QAAQ;IACtB,UAAU,EAAE,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC;IACpC,UAAU,EAAE,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC;IACpC,SAAS,EAAE,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC;IACrC,QAAQ,EAAE,GAAG,CAAC,QAAQ;IACtB,GAAG,EAAE,GAAG,CAAC,GAAG;IACZ,IAAI,EAAE,GAAG,CAAC,IAAI;CACf,CAAC,CAAA;AAEF,MAAM,CAAC,MAAM,uBAAuB,GAAG,CACrC,GAAqC,EACjB,EAAE,CAAC,CAAC;IACxB,SAAS,EAAE,GAAG,CAAC,EAAE;IACjB,IAAI,EAAE,gBAAgB,CAAC,GAAG,CAAC;CAC5B,CAAC,CAAA;AAEF,MAAM,gBAAgB,GAAG,CACvB,EAAa,EACb,IAAiB,EACiB,EAAE,CAAC,CAAC;IACtC,EAAE;IACF,GAAG,EAAE,IAAI,CAAC,GAAG;IACb,QAAQ,EAAE,IAAI,CAAC,QAAQ;IAEvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;IACvB,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC;IACnC,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC;IACnC,SAAS,EAAE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC;IACpC,IAAI,EAAE,IAAI,CAAC,IAAI;CAChB,CAAC,CAAA;AAEF,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,EAAa,EAAE,EAAa,EAAE,IAAiB,EAAE,EAAE,CAC1E,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,uBAAuB,CAAC,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,CAAA;AAE9E,MAAM,CAAC,MAAM,MAAM,GAAG,CAAC,EAAa,EAAE,EAAa,EAAE,EAAE,CACrD,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,uBAAuB,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,SAAS,EAAE,CAAA;AAE5E,MAAM,CAAC,MAAM,QAAQ,GAAG,CACtB,EAAa,EACb,EAAa,EACb,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,IAAI,EAAqB,EAC1E,EAAE;IACF,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,wCAAwC,CAAC,CAAA;IAC3E,OAAO,EAAE,CAAC,EAAE;SACT,WAAW,CAAC,uBAAuB,CAAC;SACpC,EAAE,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;SAChD,EAAE,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;SACnD,EAAE,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;SACxD,EAAE,CAAC,SAAS,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,SAAS,CAAC,SAAU,CAAC,EAAE,CAAC,CAAC;SAC3E,EAAE,CAAC,UAAU,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,UAAW,CAAC,EAAE,CAAC,CAAC;SAC3E,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,CAAA;AACzB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,EAAa,EAAE,KAAK,GAAG,KAAK,EAAE,EAAE;AACjE,uEAAuE;AACvE,yEAAyE;AACzE,EAAE,CAAC,EAAE;KACF,UAAU,CAAC,uBAAuB,CAAC;IACpC,oDAAoD;KACnD,KAAK,CAAC,WAAW,EAAE,GAAG,EAAE,SAAS,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;AAErE,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,EAAa,EAAE,EAAa,EAAE,EAAE,CAC3D,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,uBAAuB,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,CAAA;AAEhE,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,EAAa,EAAE,IAAU,EAAE,EAAE,CAC3D,EAAE,CAAC,EAAE;KACF,UAAU,CAAC,uBAAuB,CAAC;IACpC,6EAA6E;KAC5E,KAAK,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;KACxB,KAAK,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,CAAC;KAC7B,YAAY,EAAE,CAAA","sourcesContent":["import assert from 'node:assert'\nimport { Insertable, Selectable } from 'kysely'\nimport {\n Code,\n FoundRequestResult,\n RequestData,\n RequestId,\n UpdateRequestData,\n} from '@atproto/oauth-provider'\nimport { fromDateISO, fromJson, toDateISO, toJson } from '../../db/index.js'\nimport { AccountDb, AuthorizationRequest } from '../db/index.js'\n\nexport const rowToRequestData = (\n row: Selectable<AuthorizationRequest>,\n): RequestData => ({\n clientId: row.clientId,\n clientAuth: fromJson(row.clientAuth),\n parameters: fromJson(row.parameters),\n expiresAt: fromDateISO(row.expiresAt),\n deviceId: row.deviceId,\n sub: row.did,\n code: row.code,\n})\n\nexport const rowToFoundRequestResult = (\n row: Selectable<AuthorizationRequest>,\n): FoundRequestResult => ({\n requestId: row.id,\n data: rowToRequestData(row),\n})\n\nconst requestDataToRow = (\n id: RequestId,\n data: RequestData,\n): Insertable<AuthorizationRequest> => ({\n id,\n did: data.sub,\n deviceId: data.deviceId,\n\n clientId: data.clientId,\n clientAuth: toJson(data.clientAuth),\n parameters: toJson(data.parameters),\n expiresAt: toDateISO(data.expiresAt),\n code: data.code,\n})\n\nexport const createQB = (db: AccountDb, id: RequestId, data: RequestData) =>\n db.db.insertInto('authorization_request').values(requestDataToRow(id, data))\n\nexport const readQB = (db: AccountDb, id: RequestId) =>\n db.db.selectFrom('authorization_request').where('id', '=', id).selectAll()\n\nexport const updateQB = (\n db: AccountDb,\n id: RequestId,\n { code, sub, deviceId, expiresAt, parameters, ...rest }: UpdateRequestData,\n) => {\n assert(!Object.keys(rest).length, 'Unexpected fields in UpdateRequestData')\n return db.db\n .updateTable('authorization_request')\n .if(code !== undefined, (qb) => qb.set({ code }))\n .if(sub !== undefined, (qb) => qb.set({ did: sub }))\n .if(deviceId !== undefined, (qb) => qb.set({ deviceId }))\n .if(expiresAt != null, (qb) => qb.set({ expiresAt: toDateISO(expiresAt!) }))\n .if(parameters != null, (qb) => qb.set({ parameters: toJson(parameters!) }))\n .where('id', '=', id)\n}\n\nexport const removeOldExpiredQB = (db: AccountDb, delay = 600e3) =>\n // We allow some delay for the expiration time so that expired requests\n // can still be returned to the OAuthProvider library for error handling.\n db.db\n .deleteFrom('authorization_request')\n // uses \"authorization_request_expires_at_idx\" index\n .where('expiresAt', '<', toDateISO(new Date(Date.now() - delay)))\n\nexport const removeByIdQB = (db: AccountDb, id: RequestId) =>\n db.db.deleteFrom('authorization_request').where('id', '=', id)\n\nexport const consumeByCodeQB = (db: AccountDb, code: Code) =>\n db.db\n .deleteFrom('authorization_request')\n // uses \"authorization_request_code_idx\" partial index (hence the null check)\n .where('code', '=', code)\n .where('code', 'is not', null)\n .returningAll()\n"]}
1
+ {"version":3,"file":"authorization-request.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/authorization-request.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAA;AAShC,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAG5E,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC9B,GAAqC,EACxB,EAAE,CAAC,CAAC;IACjB,QAAQ,EAAE,GAAG,CAAC,QAAQ;IACtB,UAAU,EAAE,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC;IACpC,UAAU,EAAE,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC;IACpC,SAAS,EAAE,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC;IACrC,QAAQ,EAAE,GAAG,CAAC,QAAQ;IACtB,GAAG,EAAE,GAAG,CAAC,GAAG;IACZ,IAAI,EAAE,GAAG,CAAC,IAAI;CACf,CAAC,CAAA;AAEF,MAAM,CAAC,MAAM,uBAAuB,GAAG,CACrC,GAAqC,EACjB,EAAE,CAAC,CAAC;IACxB,SAAS,EAAE,GAAG,CAAC,EAAE;IACjB,IAAI,EAAE,gBAAgB,CAAC,GAAG,CAAC;CAC5B,CAAC,CAAA;AAEF,MAAM,gBAAgB,GAAG,CACvB,EAAa,EACb,IAAiB,EACiB,EAAE,CAAC,CAAC;IACtC,EAAE;IACF,GAAG,EAAE,IAAI,CAAC,GAAG;IACb,QAAQ,EAAE,IAAI,CAAC,QAAQ;IAEvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;IACvB,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC;IACnC,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC;IACnC,SAAS,EAAE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC;IACpC,IAAI,EAAE,IAAI,CAAC,IAAI;CAChB,CAAC,CAAA;AAEF,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,EAAa,EAAE,EAAa,EAAE,IAAiB,EAAE,EAAE,CAC1E,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,uBAAuB,CAAC,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,CAAA;AAE9E,MAAM,CAAC,MAAM,MAAM,GAAG,CAAC,EAAa,EAAE,EAAa,EAAE,EAAE,CACrD,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,uBAAuB,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,SAAS,EAAE,CAAA;AAE5E,MAAM,CAAC,MAAM,QAAQ,GAAG,CACtB,EAAa,EACb,EAAa,EACb,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,IAAI,EAAqB,EAC1E,EAAE;IACF,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,wCAAwC,CAAC,CAAA;IAC3E,OAAO,EAAE,CAAC,EAAE;SACT,WAAW,CAAC,uBAAuB,CAAC;SACpC,GAAG,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;SACjD,GAAG,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;SAC/C,GAAG,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;SACzD,GAAG,CAAC,SAAS,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAC7B,EAAE,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,SAAS,CAAC,SAAU,CAAC,EAAE,CAAC,CAC7C;SACA,GAAG,CAAC,UAAU,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAC9B,EAAE,CAAC,GAAG,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,UAAW,CAAC,EAAE,CAAC,CAC5C;SACA,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,CAAA;AACzB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,EAAa,EAAE,KAAK,GAAG,KAAK,EAAE,EAAE;AACjE,uEAAuE;AACvE,yEAAyE;AACzE,EAAE,CAAC,EAAE;KACF,UAAU,CAAC,uBAAuB,CAAC;IACpC,oDAAoD;KACnD,KAAK,CAAC,WAAW,EAAE,GAAG,EAAE,SAAS,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;AAErE,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,EAAa,EAAE,EAAa,EAAE,EAAE,CAC3D,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,uBAAuB,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,CAAA;AAEhE,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,EAAa,EAAE,IAAU,EAAE,EAAE,CAC3D,EAAE,CAAC,EAAE;KACF,UAAU,CAAC,uBAAuB,CAAC;IACpC,6EAA6E;KAC5E,KAAK,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;KACxB,KAAK,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,CAAC;KAC7B,YAAY,EAAE,CAAA","sourcesContent":["import assert from 'node:assert'\nimport { Insertable, Selectable } from 'kysely'\nimport {\n Code,\n FoundRequestResult,\n RequestData,\n RequestId,\n UpdateRequestData,\n} from '@atproto/oauth-provider'\nimport { fromDateISO, fromJson, toDateISO, toJson } from '../../db/index.js'\nimport { AccountDb, AuthorizationRequest } from '../db/index.js'\n\nexport const rowToRequestData = (\n row: Selectable<AuthorizationRequest>,\n): RequestData => ({\n clientId: row.clientId,\n clientAuth: fromJson(row.clientAuth),\n parameters: fromJson(row.parameters),\n expiresAt: fromDateISO(row.expiresAt),\n deviceId: row.deviceId,\n did: row.did,\n code: row.code,\n})\n\nexport const rowToFoundRequestResult = (\n row: Selectable<AuthorizationRequest>,\n): FoundRequestResult => ({\n requestId: row.id,\n data: rowToRequestData(row),\n})\n\nconst requestDataToRow = (\n id: RequestId,\n data: RequestData,\n): Insertable<AuthorizationRequest> => ({\n id,\n did: data.did,\n deviceId: data.deviceId,\n\n clientId: data.clientId,\n clientAuth: toJson(data.clientAuth),\n parameters: toJson(data.parameters),\n expiresAt: toDateISO(data.expiresAt),\n code: data.code,\n})\n\nexport const createQB = (db: AccountDb, id: RequestId, data: RequestData) =>\n db.db.insertInto('authorization_request').values(requestDataToRow(id, data))\n\nexport const readQB = (db: AccountDb, id: RequestId) =>\n db.db.selectFrom('authorization_request').where('id', '=', id).selectAll()\n\nexport const updateQB = (\n db: AccountDb,\n id: RequestId,\n { code, did, deviceId, expiresAt, parameters, ...rest }: UpdateRequestData,\n) => {\n assert(!Object.keys(rest).length, 'Unexpected fields in UpdateRequestData')\n return db.db\n .updateTable('authorization_request')\n .$if(code !== undefined, (qb) => qb.set({ code }))\n .$if(did !== undefined, (qb) => qb.set({ did }))\n .$if(deviceId !== undefined, (qb) => qb.set({ deviceId }))\n .$if(expiresAt != null, (qb) =>\n qb.set({ expiresAt: toDateISO(expiresAt!) }),\n )\n .$if(parameters != null, (qb) =>\n qb.set({ parameters: toJson(parameters!) }),\n )\n .where('id', '=', id)\n}\n\nexport const removeOldExpiredQB = (db: AccountDb, delay = 600e3) =>\n // We allow some delay for the expiration time so that expired requests\n // can still be returned to the OAuthProvider library for error handling.\n db.db\n .deleteFrom('authorization_request')\n // uses \"authorization_request_expires_at_idx\" index\n .where('expiresAt', '<', toDateISO(new Date(Date.now() - delay)))\n\nexport const removeByIdQB = (db: AccountDb, id: RequestId) =>\n db.db.deleteFrom('authorization_request').where('id', '=', id)\n\nexport const consumeByCodeQB = (db: AccountDb, code: Code) =>\n db.db\n .deleteFrom('authorization_request')\n // uses \"authorization_request_code_idx\" partial index (hence the null check)\n .where('code', '=', code)\n .where('code', 'is not', null)\n .returningAll()\n"]}
@@ -1,6 +1,7 @@
1
- import { AuthorizedClientData, AuthorizedClients, ClientId, Sub } from '@atproto/oauth-provider';
1
+ import { AuthorizedClientData, AuthorizedClients, ClientId, Did } from '@atproto/oauth-provider';
2
2
  import { AccountDb } from '../db/index.js';
3
- export declare function upsert(db: AccountDb, did: string, clientId: ClientId, data: AuthorizedClientData): Promise<import("kysely").InsertResult>;
4
- export declare function getAuthorizedClients(db: AccountDb, did: string): Promise<AuthorizedClients>;
5
- export declare function getAuthorizedClientsMulti(db: AccountDb, dids: Iterable<string>): Promise<Map<Sub, AuthorizedClients>>;
3
+ export declare function upsert(db: AccountDb, did: Did, clientId: ClientId, data: AuthorizedClientData): Promise<import("kysely").InsertResult>;
4
+ export declare function getAuthorizedClients(db: AccountDb, did: Did): Promise<AuthorizedClients>;
5
+ export declare function deleteAllAuthorizedClients(db: AccountDb, did: Did): Promise<void>;
6
+ export declare function getAuthorizedClientsMulti(db: AccountDb, dids: Iterable<Did>): Promise<Map<Did, AuthorizedClients>>;
6
7
  //# sourceMappingURL=authorized-client.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"authorized-client.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/authorized-client.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,QAAQ,EACR,GAAG,EACJ,MAAM,yBAAyB,CAAA;AAEhC,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAE1C,wBAAsB,MAAM,CAC1B,EAAE,EAAE,SAAS,EACb,GAAG,EAAE,MAAM,EACX,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE,oBAAoB,0CAqB3B;AAED,wBAAsB,oBAAoB,CACxC,EAAE,EAAE,SAAS,EACb,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,iBAAiB,CAAC,CAE5B;AAED,wBAAsB,yBAAyB,CAC7C,EAAE,EAAE,SAAS,EACb,IAAI,EAAE,QAAQ,CAAC,MAAM,CAAC,GACrB,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAC,CAsBtC"}
1
+ {"version":3,"file":"authorized-client.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/authorized-client.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,QAAQ,EACR,GAAG,EACJ,MAAM,yBAAyB,CAAA;AAEhC,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAE1C,wBAAsB,MAAM,CAC1B,EAAE,EAAE,SAAS,EACb,GAAG,EAAE,GAAG,EACR,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE,oBAAoB,0CAqB3B;AAED,wBAAsB,oBAAoB,CACxC,EAAE,EAAE,SAAS,EACb,GAAG,EAAE,GAAG,GACP,OAAO,CAAC,iBAAiB,CAAC,CAE5B;AAED,wBAAsB,0BAA0B,CAAC,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,GAAG,iBAIvE;AAED,wBAAsB,yBAAyB,CAC7C,EAAE,EAAE,SAAS,EACb,IAAI,EAAE,QAAQ,CAAC,GAAG,CAAC,GAClB,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAC,CAsBtC"}
@@ -21,6 +21,9 @@ export async function upsert(db, did, clientId, data) {
21
21
  export async function getAuthorizedClients(db, did) {
22
22
  return (await getAuthorizedClientsMulti(db, [did])).get(did);
23
23
  }
24
+ export async function deleteAllAuthorizedClients(db, did) {
25
+ await db.executeWithRetry(db.db.deleteFrom('authorized_client').where('did', '=', did));
26
+ }
24
27
  export async function getAuthorizedClientsMulti(db, dids) {
25
28
  // Using a Map will ensure unicity of dids (through unicity of keys)
26
29
  const map = new Map(Array.from(dids, (did) => [did, new Map()]));
@@ -1 +1 @@
1
- {"version":3,"file":"authorized-client.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/authorized-client.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAG/D,MAAM,CAAC,KAAK,UAAU,MAAM,CAC1B,EAAa,EACb,GAAW,EACX,QAAkB,EAClB,IAA0B;IAE1B,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IAEtB,OAAO,EAAE,CAAC,EAAE;SACT,UAAU,CAAC,mBAAmB,CAAC;SAC/B,MAAM,CAAC;QACN,GAAG;QACH,QAAQ;QACR,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;QACzB,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;QACzB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;KACnB,CAAC;SACD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE;IACjB,kCAAkC;IAClC,EAAE,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,WAAW,CAAC;QAC1C,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;QACzB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;KACnB,CAAC,CACH;SACA,gBAAgB,EAAE,CAAA;AACvB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,EAAa,EACb,GAAW;IAEX,OAAO,CAAC,MAAM,yBAAyB,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAE,CAAA;AAC/D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,EAAa,EACb,IAAsB;IAEtB,oEAAoE;IACpE,MAAM,GAAG,GAAG,IAAI,GAAG,CACjB,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC,CAC5C,CAAA;IAED,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;QACb,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,EAAE;aACtB,UAAU,CAAC,mBAAmB,CAAC;aAC/B,MAAM,CAAC,KAAK,CAAC;aACb,MAAM,CAAC,UAAU,CAAC;aAClB,MAAM,CAAC,MAAM,CAAC;YACf,8BAA8B;aAC7B,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;aACnC,OAAO,EAAE,CAAA;QAEZ,KAAK,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,KAAK,EAAE,CAAC;YAC5C,GAAG,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC,GAAG,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAA;QAC7C,CAAC;IACH,CAAC;IAED,OAAO,GAAG,CAAA;AACZ,CAAC","sourcesContent":["import {\n AuthorizedClientData,\n AuthorizedClients,\n ClientId,\n Sub,\n} from '@atproto/oauth-provider'\nimport { fromJson, toDateISO, toJson } from '../../db/index.js'\nimport { AccountDb } from '../db/index.js'\n\nexport async function upsert(\n db: AccountDb,\n did: string,\n clientId: ClientId,\n data: AuthorizedClientData,\n) {\n const now = new Date()\n\n return db.db\n .insertInto('authorized_client')\n .values({\n did,\n clientId,\n createdAt: toDateISO(now),\n updatedAt: toDateISO(now),\n data: toJson(data),\n })\n .onConflict((oc) =>\n // uses \"authorized_client_pk\" idx\n oc.columns(['did', 'clientId']).doUpdateSet({\n updatedAt: toDateISO(now),\n data: toJson(data),\n }),\n )\n .executeTakeFirst()\n}\n\nexport async function getAuthorizedClients(\n db: AccountDb,\n did: string,\n): Promise<AuthorizedClients> {\n return (await getAuthorizedClientsMulti(db, [did])).get(did)!\n}\n\nexport async function getAuthorizedClientsMulti(\n db: AccountDb,\n dids: Iterable<string>,\n): Promise<Map<Sub, AuthorizedClients>> {\n // Using a Map will ensure unicity of dids (through unicity of keys)\n const map = new Map<Sub, AuthorizedClients>(\n Array.from(dids, (did) => [did, new Map()]),\n )\n\n if (map.size) {\n const found = await db.db\n .selectFrom('authorized_client')\n .select('did')\n .select('clientId')\n .select('data')\n // uses \"authorized_client_pk\"\n .where('did', 'in', [...map.keys()])\n .execute()\n\n for (const { did, clientId, data } of found) {\n map.get(did)!.set(clientId, fromJson(data))\n }\n }\n\n return map\n}\n"]}
1
+ {"version":3,"file":"authorized-client.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/authorized-client.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAG/D,MAAM,CAAC,KAAK,UAAU,MAAM,CAC1B,EAAa,EACb,GAAQ,EACR,QAAkB,EAClB,IAA0B;IAE1B,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IAEtB,OAAO,EAAE,CAAC,EAAE;SACT,UAAU,CAAC,mBAAmB,CAAC;SAC/B,MAAM,CAAC;QACN,GAAG;QACH,QAAQ;QACR,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;QACzB,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;QACzB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;KACnB,CAAC;SACD,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE;IACjB,kCAAkC;IAClC,EAAE,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,WAAW,CAAC;QAC1C,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;QACzB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;KACnB,CAAC,CACH;SACA,gBAAgB,EAAE,CAAA;AACvB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,EAAa,EACb,GAAQ;IAER,OAAO,CAAC,MAAM,yBAAyB,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAE,CAAA;AAC/D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAAC,EAAa,EAAE,GAAQ;IACtE,MAAM,EAAE,CAAC,gBAAgB,CACvB,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,mBAAmB,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,CAC7D,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,EAAa,EACb,IAAmB;IAEnB,oEAAoE;IACpE,MAAM,GAAG,GAAG,IAAI,GAAG,CACjB,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC,CAC5C,CAAA;IAED,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;QACb,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,EAAE;aACtB,UAAU,CAAC,mBAAmB,CAAC;aAC/B,MAAM,CAAC,KAAK,CAAC;aACb,MAAM,CAAC,UAAU,CAAC;aAClB,MAAM,CAAC,MAAM,CAAC;YACf,8BAA8B;aAC7B,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;aACnC,OAAO,EAAE,CAAA;QAEZ,KAAK,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,KAAK,EAAE,CAAC;YAC5C,GAAG,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC,GAAG,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAA;QAC7C,CAAC;IACH,CAAC;IAED,OAAO,GAAG,CAAA;AACZ,CAAC","sourcesContent":["import {\n AuthorizedClientData,\n AuthorizedClients,\n ClientId,\n Did,\n} from '@atproto/oauth-provider'\nimport { fromJson, toDateISO, toJson } from '../../db/index.js'\nimport { AccountDb } from '../db/index.js'\n\nexport async function upsert(\n db: AccountDb,\n did: Did,\n clientId: ClientId,\n data: AuthorizedClientData,\n) {\n const now = new Date()\n\n return db.db\n .insertInto('authorized_client')\n .values({\n did,\n clientId,\n createdAt: toDateISO(now),\n updatedAt: toDateISO(now),\n data: toJson(data),\n })\n .onConflict((oc) =>\n // uses \"authorized_client_pk\" idx\n oc.columns(['did', 'clientId']).doUpdateSet({\n updatedAt: toDateISO(now),\n data: toJson(data),\n }),\n )\n .executeTakeFirst()\n}\n\nexport async function getAuthorizedClients(\n db: AccountDb,\n did: Did,\n): Promise<AuthorizedClients> {\n return (await getAuthorizedClientsMulti(db, [did])).get(did)!\n}\n\nexport async function deleteAllAuthorizedClients(db: AccountDb, did: Did) {\n await db.executeWithRetry(\n db.db.deleteFrom('authorized_client').where('did', '=', did),\n )\n}\n\nexport async function getAuthorizedClientsMulti(\n db: AccountDb,\n dids: Iterable<Did>,\n): Promise<Map<Did, AuthorizedClients>> {\n // Using a Map will ensure unicity of dids (through unicity of keys)\n const map = new Map<Did, AuthorizedClients>(\n Array.from(dids, (did) => [did, new Map()]),\n )\n\n if (map.size) {\n const found = await db.db\n .selectFrom('authorized_client')\n .select('did')\n .select('clientId')\n .select('data')\n // uses \"authorized_client_pk\"\n .where('did', 'in', [...map.keys()])\n .execute()\n\n for (const { did, clientId, data } of found) {\n map.get(did)!.set(clientId, fromJson(data))\n }\n }\n\n return map\n}\n"]}
@@ -1,9 +1,15 @@
1
1
  import { Selectable } from 'kysely';
2
2
  import { DeviceData, DeviceId } from '@atproto/oauth-provider';
3
3
  import { AccountDb, Device } from '../db/index.js';
4
- export declare const rowToDeviceData: (row: Omit<Selectable<Device>, "id">) => DeviceData;
4
+ export declare const rowToDeviceData: (row: Omit<Selectable<Device>, 'id'>) => DeviceData;
5
5
  export declare const createQB: (db: AccountDb, deviceId: DeviceId, { sessionId, userAgent, ipAddress, lastSeenAt }: DeviceData) => import("kysely").InsertQueryBuilder<import("../db/index.js").DatabaseSchema, "device", import("kysely").InsertResult>;
6
- export declare const readQB: (db: AccountDb, deviceId: DeviceId) => import("kysely/dist/esm/parser/select-parser.js").SelectAllQueryBuilder<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "device">, "device", {}, "device">;
7
- export declare const updateQB: (db: AccountDb, deviceId: DeviceId, { sessionId, userAgent, ipAddress, lastSeenAt }: Partial<DeviceData>) => import("kysely").UpdateQueryBuilder<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "device">, "device", "device", import("kysely").UpdateResult>;
8
- export declare const removeQB: (db: AccountDb, deviceId: DeviceId) => import("kysely").DeleteQueryBuilder<import("kysely/dist/esm/parser/table-parser.js").From<import("../db/index.js").DatabaseSchema, "device">, "device", import("kysely").DeleteResult>;
6
+ export declare const readQB: (db: AccountDb, deviceId: DeviceId) => import("kysely").SelectQueryBuilder<import("../db/index.js").DatabaseSchema, "device", {
7
+ id: `dev-${string}`;
8
+ ipAddress: string;
9
+ lastSeenAt: `${string}T${string}Z`;
10
+ sessionId: `ses-${string}`;
11
+ userAgent: string | null;
12
+ }>;
13
+ export declare const updateQB: (db: AccountDb, deviceId: DeviceId, { sessionId, userAgent, ipAddress, lastSeenAt }: Partial<DeviceData>) => import("kysely").UpdateQueryBuilder<import("../db/index.js").DatabaseSchema, "device", "device", import("kysely").UpdateResult>;
14
+ export declare const removeQB: (db: AccountDb, deviceId: DeviceId) => import("kysely").DeleteQueryBuilder<import("../db/index.js").DatabaseSchema, "device", import("kysely").DeleteResult>;
9
15
  //# sourceMappingURL=device.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"device.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/device.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AAE9D,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAA;AAElD,eAAO,MAAM,eAAe,GAC1B,KAAK,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,KAClC,UAKD,CAAA;AAEF,eAAO,MAAM,QAAQ,GACnB,IAAI,SAAS,EACb,UAAU,QAAQ,EAClB,iDAAiD,UAAU,0HAQzD,CAAA;AAEJ,eAAO,MAAM,MAAM,GAAI,IAAI,SAAS,EAAE,UAAU,QAAQ,8MACW,CAAA;AAEnE,eAAO,MAAM,QAAQ,GACnB,IAAI,SAAS,EACb,UAAU,QAAQ,EAClB,iDAAiD,OAAO,CAAC,UAAU,CAAC,qMAUvC,CAAA;AAE/B,eAAO,MAAM,QAAQ,GAAI,IAAI,SAAS,EAAE,UAAU,QAAQ,2LACH,CAAA"}
1
+ {"version":3,"file":"device.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/device.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAA;AAE9D,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAA;AAElD,eAAO,MAAM,eAAe,QACrB,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,KAClC,UAKD,CAAA;AAEF,eAAO,MAAM,QAAQ,OACf,SAAS,YACH,QAAQ,mDAC+B,UAAU,0HAQzD,CAAA;AAEJ,eAAO,MAAM,MAAM,OAAQ,SAAS,YAAY,QAAQ;;;;;;EACW,CAAA;AAEnE,eAAO,MAAM,QAAQ,OACf,SAAS,YACH,QAAQ,mDAC+B,OAAO,CAAC,UAAU,CAAC,oIAUvC,CAAA;AAE/B,eAAO,MAAM,QAAQ,OAAQ,SAAS,YAAY,QAAQ,0HACH,CAAA"}
@@ -15,10 +15,10 @@ export const createQB = (db, deviceId, { sessionId, userAgent, ipAddress, lastSe
15
15
  export const readQB = (db, deviceId) => db.db.selectFrom('device').where('id', '=', deviceId).selectAll();
16
16
  export const updateQB = (db, deviceId, { sessionId, userAgent, ipAddress, lastSeenAt }) => db.db
17
17
  .updateTable('device')
18
- .if(sessionId != null, (qb) => qb.set({ sessionId }))
19
- .if(userAgent != null, (qb) => qb.set({ userAgent }))
20
- .if(ipAddress != null, (qb) => qb.set({ ipAddress }))
21
- .if(lastSeenAt != null, (qb) => qb.set({ lastSeenAt: toDateISO(lastSeenAt) }))
18
+ .$if(sessionId != null, (qb) => qb.set({ sessionId }))
19
+ .$if(userAgent != null, (qb) => qb.set({ userAgent }))
20
+ .$if(ipAddress != null, (qb) => qb.set({ ipAddress }))
21
+ .$if(lastSeenAt != null, (qb) => qb.set({ lastSeenAt: toDateISO(lastSeenAt) }))
22
22
  .where('id', '=', deviceId);
23
23
  export const removeQB = (db, deviceId) => db.db.deleteFrom('device').where('id', '=', deviceId);
24
24
  //# sourceMappingURL=device.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"device.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/device.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAG1D,MAAM,CAAC,MAAM,eAAe,GAAG,CAC7B,GAAmC,EACvB,EAAE,CAAC,CAAC;IAChB,SAAS,EAAE,GAAG,CAAC,SAAS;IACxB,SAAS,EAAE,GAAG,CAAC,SAAS;IACxB,SAAS,EAAE,GAAG,CAAC,SAAS;IACxB,UAAU,EAAE,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC;CACxC,CAAC,CAAA;AAEF,MAAM,CAAC,MAAM,QAAQ,GAAG,CACtB,EAAa,EACb,QAAkB,EAClB,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,EAAc,EAC3D,EAAE,CACF,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC;IAChC,EAAE,EAAE,QAAQ;IACZ,SAAS;IACT,SAAS;IACT,SAAS;IACT,UAAU,EAAE,SAAS,CAAC,UAAU,CAAC;CAClC,CAAC,CAAA;AAEJ,MAAM,CAAC,MAAM,MAAM,GAAG,CAAC,EAAa,EAAE,QAAkB,EAAE,EAAE,CAC1D,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC,SAAS,EAAE,CAAA;AAEnE,MAAM,CAAC,MAAM,QAAQ,GAAG,CACtB,EAAa,EACb,QAAkB,EAClB,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,EAAuB,EACpE,EAAE,CACF,EAAE,CAAC,EAAE;KACF,WAAW,CAAC,QAAQ,CAAC;KACrB,EAAE,CAAC,SAAS,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC;KACpD,EAAE,CAAC,SAAS,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC;KACpD,EAAE,CAAC,SAAS,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC;KACpD,EAAE,CAAC,UAAU,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAC7B,EAAE,CAAC,GAAG,CAAC,EAAE,UAAU,EAAE,SAAS,CAAC,UAAW,CAAC,EAAE,CAAC,CAC/C;KACA,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAA;AAE/B,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,EAAa,EAAE,QAAkB,EAAE,EAAE,CAC5D,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAA","sourcesContent":["import { Selectable } from 'kysely'\nimport { DeviceData, DeviceId } from '@atproto/oauth-provider'\nimport { fromDateISO, toDateISO } from '../../db/index.js'\nimport { AccountDb, Device } from '../db/index.js'\n\nexport const rowToDeviceData = (\n row: Omit<Selectable<Device>, 'id'>,\n): DeviceData => ({\n sessionId: row.sessionId,\n userAgent: row.userAgent,\n ipAddress: row.ipAddress,\n lastSeenAt: fromDateISO(row.lastSeenAt),\n})\n\nexport const createQB = (\n db: AccountDb,\n deviceId: DeviceId,\n { sessionId, userAgent, ipAddress, lastSeenAt }: DeviceData,\n) =>\n db.db.insertInto('device').values({\n id: deviceId,\n sessionId,\n userAgent,\n ipAddress,\n lastSeenAt: toDateISO(lastSeenAt),\n })\n\nexport const readQB = (db: AccountDb, deviceId: DeviceId) =>\n db.db.selectFrom('device').where('id', '=', deviceId).selectAll()\n\nexport const updateQB = (\n db: AccountDb,\n deviceId: DeviceId,\n { sessionId, userAgent, ipAddress, lastSeenAt }: Partial<DeviceData>,\n) =>\n db.db\n .updateTable('device')\n .if(sessionId != null, (qb) => qb.set({ sessionId }))\n .if(userAgent != null, (qb) => qb.set({ userAgent }))\n .if(ipAddress != null, (qb) => qb.set({ ipAddress }))\n .if(lastSeenAt != null, (qb) =>\n qb.set({ lastSeenAt: toDateISO(lastSeenAt!) }),\n )\n .where('id', '=', deviceId)\n\nexport const removeQB = (db: AccountDb, deviceId: DeviceId) =>\n db.db.deleteFrom('device').where('id', '=', deviceId)\n"]}
1
+ {"version":3,"file":"device.js","sourceRoot":"","sources":["../../../src/account-manager/helpers/device.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAG1D,MAAM,CAAC,MAAM,eAAe,GAAG,CAC7B,GAAmC,EACvB,EAAE,CAAC,CAAC;IAChB,SAAS,EAAE,GAAG,CAAC,SAAS;IACxB,SAAS,EAAE,GAAG,CAAC,SAAS;IACxB,SAAS,EAAE,GAAG,CAAC,SAAS;IACxB,UAAU,EAAE,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC;CACxC,CAAC,CAAA;AAEF,MAAM,CAAC,MAAM,QAAQ,GAAG,CACtB,EAAa,EACb,QAAkB,EAClB,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,EAAc,EAC3D,EAAE,CACF,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC;IAChC,EAAE,EAAE,QAAQ;IACZ,SAAS;IACT,SAAS;IACT,SAAS;IACT,UAAU,EAAE,SAAS,CAAC,UAAU,CAAC;CAClC,CAAC,CAAA;AAEJ,MAAM,CAAC,MAAM,MAAM,GAAG,CAAC,EAAa,EAAE,QAAkB,EAAE,EAAE,CAC1D,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC,SAAS,EAAE,CAAA;AAEnE,MAAM,CAAC,MAAM,QAAQ,GAAG,CACtB,EAAa,EACb,QAAkB,EAClB,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,EAAuB,EACpE,EAAE,CACF,EAAE,CAAC,EAAE;KACF,WAAW,CAAC,QAAQ,CAAC;KACrB,GAAG,CAAC,SAAS,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC;KACrD,GAAG,CAAC,SAAS,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC;KACrD,GAAG,CAAC,SAAS,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC;KACrD,GAAG,CAAC,UAAU,IAAI,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,CAC9B,EAAE,CAAC,GAAG,CAAC,EAAE,UAAU,EAAE,SAAS,CAAC,UAAW,CAAC,EAAE,CAAC,CAC/C;KACA,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAA;AAE/B,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,EAAa,EAAE,QAAkB,EAAE,EAAE,CAC5D,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAA","sourcesContent":["import { Selectable } from 'kysely'\nimport { DeviceData, DeviceId } from '@atproto/oauth-provider'\nimport { fromDateISO, toDateISO } from '../../db/index.js'\nimport { AccountDb, Device } from '../db/index.js'\n\nexport const rowToDeviceData = (\n row: Omit<Selectable<Device>, 'id'>,\n): DeviceData => ({\n sessionId: row.sessionId,\n userAgent: row.userAgent,\n ipAddress: row.ipAddress,\n lastSeenAt: fromDateISO(row.lastSeenAt),\n})\n\nexport const createQB = (\n db: AccountDb,\n deviceId: DeviceId,\n { sessionId, userAgent, ipAddress, lastSeenAt }: DeviceData,\n) =>\n db.db.insertInto('device').values({\n id: deviceId,\n sessionId,\n userAgent,\n ipAddress,\n lastSeenAt: toDateISO(lastSeenAt),\n })\n\nexport const readQB = (db: AccountDb, deviceId: DeviceId) =>\n db.db.selectFrom('device').where('id', '=', deviceId).selectAll()\n\nexport const updateQB = (\n db: AccountDb,\n deviceId: DeviceId,\n { sessionId, userAgent, ipAddress, lastSeenAt }: Partial<DeviceData>,\n) =>\n db.db\n .updateTable('device')\n .$if(sessionId != null, (qb) => qb.set({ sessionId }))\n .$if(userAgent != null, (qb) => qb.set({ userAgent }))\n .$if(ipAddress != null, (qb) => qb.set({ ipAddress }))\n .$if(lastSeenAt != null, (qb) =>\n qb.set({ lastSeenAt: toDateISO(lastSeenAt!) }),\n )\n .where('id', '=', deviceId)\n\nexport const removeQB = (db: AccountDb, deviceId: DeviceId) =>\n db.db.deleteFrom('device').where('id', '=', deviceId)\n"]}
@@ -1 +1 @@
1
- {"version":3,"file":"email-token.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/email-token.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAyB,MAAM,cAAc,CAAA;AAG/D,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AAE7D,eAAO,MAAM,gBAAgB,GAC3B,IAAI,SAAS,EACb,KAAK,SAAS,EACd,SAAS,iBAAiB,KACzB,OAAO,CAAC,MAAM,CAYhB,CAAA;AAED,eAAO,MAAM,gBAAgB,GAC3B,IAAI,SAAS,EACb,KAAK,SAAS,EACd,SAAS,iBAAiB,kBAQ3B,CAAA;AAED,eAAO,MAAM,oBAAoB,GAAU,IAAI,SAAS,EAAE,KAAK,SAAS,kBAIvE,CAAA;AAED,eAAO,MAAM,gBAAgB,GAC3B,IAAI,SAAS,EACb,KAAK,SAAS,EACd,SAAS,iBAAiB,EAC1B,OAAO,MAAM,EACb,sBAA2B,kBAgB5B,CAAA;AAED,eAAO,MAAM,0BAA0B,GACrC,IAAI,SAAS,EACb,SAAS,iBAAiB,EAC1B,OAAO,MAAM,EACb,sBAA2B,KAC1B,OAAO,CAAC,SAAS,CAenB,CAAA"}
1
+ {"version":3,"file":"email-token.d.ts","sourceRoot":"","sources":["../../../src/account-manager/helpers/email-token.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAyB,MAAM,cAAc,CAAA;AAG/D,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AAE7D,eAAO,MAAM,gBAAgB,OACvB,SAAS,OACR,SAAS,WACL,iBAAiB,KACzB,OAAO,CAAC,MAAM,CAYhB,CAAA;AAED,eAAO,MAAM,gBAAgB,OACvB,SAAS,OACR,SAAS,WACL,iBAAiB,kBAQ3B,CAAA;AAED,eAAO,MAAM,oBAAoB,OAAc,SAAS,OAAO,SAAS,kBAIvE,CAAA;AAED,eAAO,MAAM,gBAAgB,OACvB,SAAS,OACR,SAAS,WACL,iBAAiB,SACnB,MAAM,0CAiBd,CAAA;AAED,eAAO,MAAM,0BAA0B,OACjC,SAAS,WACJ,iBAAiB,SACnB,MAAM,6BAEZ,OAAO,CAAC,SAAS,CAenB,CAAA"}