@atproto/pds 0.5.5 → 0.5.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (256) hide show
  1. package/CHANGELOG.md +31 -0
  2. package/dist/account-manager/account-manager.d.ts +51 -13
  3. package/dist/account-manager/account-manager.d.ts.map +1 -1
  4. package/dist/account-manager/account-manager.js +86 -26
  5. package/dist/account-manager/account-manager.js.map +1 -1
  6. package/dist/account-manager/db/migrations/005-oauth-account-management.d.ts.map +1 -1
  7. package/dist/account-manager/db/migrations/005-oauth-account-management.js +3 -4
  8. package/dist/account-manager/db/migrations/005-oauth-account-management.js.map +1 -1
  9. package/dist/account-manager/db/schema/authorization-request.d.ts +2 -2
  10. package/dist/account-manager/db/schema/authorization-request.d.ts.map +1 -1
  11. package/dist/account-manager/db/schema/authorization-request.js.map +1 -1
  12. package/dist/account-manager/db/schema/authorized-client.d.ts +2 -2
  13. package/dist/account-manager/db/schema/authorized-client.d.ts.map +1 -1
  14. package/dist/account-manager/db/schema/authorized-client.js.map +1 -1
  15. package/dist/account-manager/db/schema/token.d.ts +2 -2
  16. package/dist/account-manager/db/schema/token.d.ts.map +1 -1
  17. package/dist/account-manager/db/schema/token.js.map +1 -1
  18. package/dist/account-manager/helpers/account-device.d.ts +23 -196
  19. package/dist/account-manager/helpers/account-device.d.ts.map +1 -1
  20. package/dist/account-manager/helpers/account-device.js +3 -3
  21. package/dist/account-manager/helpers/account-device.js.map +1 -1
  22. package/dist/account-manager/helpers/account.d.ts +14 -4
  23. package/dist/account-manager/helpers/account.d.ts.map +1 -1
  24. package/dist/account-manager/helpers/account.js +17 -11
  25. package/dist/account-manager/helpers/account.js.map +1 -1
  26. package/dist/account-manager/helpers/auth.js +1 -1
  27. package/dist/account-manager/helpers/auth.js.map +1 -1
  28. package/dist/account-manager/helpers/authorization-request.d.ts +83 -5
  29. package/dist/account-manager/helpers/authorization-request.d.ts.map +1 -1
  30. package/dist/account-manager/helpers/authorization-request.js +8 -8
  31. package/dist/account-manager/helpers/authorization-request.js.map +1 -1
  32. package/dist/account-manager/helpers/authorized-client.d.ts +5 -4
  33. package/dist/account-manager/helpers/authorized-client.d.ts.map +1 -1
  34. package/dist/account-manager/helpers/authorized-client.js +3 -0
  35. package/dist/account-manager/helpers/authorized-client.js.map +1 -1
  36. package/dist/account-manager/helpers/device.d.ts +9 -3
  37. package/dist/account-manager/helpers/device.d.ts.map +1 -1
  38. package/dist/account-manager/helpers/device.js +4 -4
  39. package/dist/account-manager/helpers/device.js.map +1 -1
  40. package/dist/account-manager/helpers/invite.d.ts +35 -2
  41. package/dist/account-manager/helpers/invite.d.ts.map +1 -1
  42. package/dist/account-manager/helpers/lexicon.d.ts.map +1 -1
  43. package/dist/account-manager/helpers/lexicon.js +6 -0
  44. package/dist/account-manager/helpers/lexicon.js.map +1 -1
  45. package/dist/account-manager/helpers/password.d.ts +1 -0
  46. package/dist/account-manager/helpers/password.d.ts.map +1 -1
  47. package/dist/account-manager/helpers/password.js +3 -0
  48. package/dist/account-manager/helpers/password.js.map +1 -1
  49. package/dist/account-manager/helpers/token.d.ts +72 -1031
  50. package/dist/account-manager/helpers/token.d.ts.map +1 -1
  51. package/dist/account-manager/helpers/token.js +13 -10
  52. package/dist/account-manager/helpers/token.js.map +1 -1
  53. package/dist/account-manager/helpers/used-refresh-token.d.ts +6 -2
  54. package/dist/account-manager/helpers/used-refresh-token.d.ts.map +1 -1
  55. package/dist/account-manager/oauth-store.d.ts +17 -13
  56. package/dist/account-manager/oauth-store.d.ts.map +1 -1
  57. package/dist/account-manager/oauth-store.js +89 -39
  58. package/dist/account-manager/oauth-store.js.map +1 -1
  59. package/dist/actor-store/blob/reader.d.ts.map +1 -1
  60. package/dist/actor-store/blob/reader.js +2 -3
  61. package/dist/actor-store/blob/reader.js.map +1 -1
  62. package/dist/actor-store/record/reader.js +3 -3
  63. package/dist/actor-store/record/reader.js.map +1 -1
  64. package/dist/actor-store/repo/sql-repo-reader.d.ts +5 -1
  65. package/dist/actor-store/repo/sql-repo-reader.d.ts.map +1 -1
  66. package/dist/actor-store/repo/sql-repo-reader.js.map +1 -1
  67. package/dist/api/com/atproto/admin/updateSubjectStatus.d.ts.map +1 -1
  68. package/dist/api/com/atproto/admin/updateSubjectStatus.js +12 -4
  69. package/dist/api/com/atproto/admin/updateSubjectStatus.js.map +1 -1
  70. package/dist/api/com/atproto/server/activateAccount.d.ts.map +1 -1
  71. package/dist/api/com/atproto/server/activateAccount.js +25 -31
  72. package/dist/api/com/atproto/server/activateAccount.js.map +1 -1
  73. package/dist/api/com/atproto/server/deactivateAccount.d.ts.map +1 -1
  74. package/dist/api/com/atproto/server/deactivateAccount.js +3 -4
  75. package/dist/api/com/atproto/server/deactivateAccount.js.map +1 -1
  76. package/dist/api/com/atproto/server/deleteAccount.d.ts.map +1 -1
  77. package/dist/api/com/atproto/server/deleteAccount.js +51 -37
  78. package/dist/api/com/atproto/server/deleteAccount.js.map +1 -1
  79. package/dist/api/com/atproto/server/util.d.ts +25 -6
  80. package/dist/api/com/atproto/server/util.d.ts.map +1 -1
  81. package/dist/api/com/atproto/server/util.js.map +1 -1
  82. package/dist/background.d.ts +12 -6
  83. package/dist/background.d.ts.map +1 -1
  84. package/dist/background.js +32 -13
  85. package/dist/background.js.map +1 -1
  86. package/dist/config/config.d.ts +2 -1
  87. package/dist/config/config.d.ts.map +1 -1
  88. package/dist/config/config.js +4 -1
  89. package/dist/config/config.js.map +1 -1
  90. package/dist/context.d.ts.map +1 -1
  91. package/dist/context.js +5 -32
  92. package/dist/context.js.map +1 -1
  93. package/dist/db/migrator.d.ts +4 -3
  94. package/dist/db/migrator.d.ts.map +1 -1
  95. package/dist/db/migrator.js +1 -1
  96. package/dist/db/migrator.js.map +1 -1
  97. package/dist/db/pagination.d.ts +2 -1
  98. package/dist/db/pagination.d.ts.map +1 -1
  99. package/dist/db/pagination.js +2 -2
  100. package/dist/db/pagination.js.map +1 -1
  101. package/dist/db/util.d.ts +3 -3
  102. package/dist/db/util.d.ts.map +1 -1
  103. package/dist/db/util.js.map +1 -1
  104. package/dist/index.d.ts +1 -0
  105. package/dist/index.d.ts.map +1 -1
  106. package/dist/index.js +33 -11
  107. package/dist/index.js.map +1 -1
  108. package/dist/lexicons/app/bsky/notification/defs.defs.d.ts +5 -0
  109. package/dist/lexicons/app/bsky/notification/defs.defs.d.ts.map +1 -1
  110. package/dist/lexicons/app/bsky/notification/defs.defs.js +1 -0
  111. package/dist/lexicons/app/bsky/notification/defs.defs.js.map +1 -1
  112. package/dist/lexicons/chat/bsky/notification/defs.d.ts +2 -0
  113. package/dist/lexicons/chat/bsky/notification/defs.d.ts.map +1 -0
  114. package/dist/lexicons/chat/bsky/notification/defs.defs.d.ts +20 -0
  115. package/dist/lexicons/chat/bsky/notification/defs.defs.d.ts.map +1 -0
  116. package/dist/lexicons/chat/bsky/notification/defs.defs.js +19 -0
  117. package/dist/lexicons/chat/bsky/notification/defs.defs.js.map +1 -0
  118. package/dist/lexicons/chat/bsky/notification/defs.js +5 -0
  119. package/dist/lexicons/chat/bsky/notification/defs.js.map +1 -0
  120. package/dist/lexicons/chat/bsky/notification/getPreferences.d.ts +3 -0
  121. package/dist/lexicons/chat/bsky/notification/getPreferences.d.ts.map +1 -0
  122. package/dist/lexicons/chat/bsky/notification/getPreferences.defs.d.ts +18 -0
  123. package/dist/lexicons/chat/bsky/notification/getPreferences.defs.d.ts.map +1 -0
  124. package/dist/lexicons/chat/bsky/notification/getPreferences.defs.js +16 -0
  125. package/dist/lexicons/chat/bsky/notification/getPreferences.defs.js.map +1 -0
  126. package/dist/lexicons/chat/bsky/notification/getPreferences.js +6 -0
  127. package/dist/lexicons/chat/bsky/notification/getPreferences.js.map +1 -0
  128. package/dist/lexicons/chat/bsky/notification/putPreferences.d.ts +3 -0
  129. package/dist/lexicons/chat/bsky/notification/putPreferences.d.ts.map +1 -0
  130. package/dist/lexicons/chat/bsky/notification/putPreferences.defs.d.ts +27 -0
  131. package/dist/lexicons/chat/bsky/notification/putPreferences.defs.d.ts.map +1 -0
  132. package/dist/lexicons/chat/bsky/notification/putPreferences.defs.js +22 -0
  133. package/dist/lexicons/chat/bsky/notification/putPreferences.defs.js.map +1 -0
  134. package/dist/lexicons/chat/bsky/notification/putPreferences.js +6 -0
  135. package/dist/lexicons/chat/bsky/notification/putPreferences.js.map +1 -0
  136. package/dist/lexicons/chat/bsky/notification.d.ts +4 -0
  137. package/dist/lexicons/chat/bsky/notification.d.ts.map +1 -0
  138. package/dist/lexicons/chat/bsky/notification.js +7 -0
  139. package/dist/lexicons/chat/bsky/notification.js.map +1 -0
  140. package/dist/lexicons/chat/bsky.d.ts +1 -0
  141. package/dist/lexicons/chat/bsky.d.ts.map +1 -1
  142. package/dist/lexicons/chat/bsky.js +1 -0
  143. package/dist/lexicons/chat/bsky.js.map +1 -1
  144. package/dist/lexicons/tools/ozone/report/defs.defs.d.ts +4 -0
  145. package/dist/lexicons/tools/ozone/report/defs.defs.d.ts.map +1 -1
  146. package/dist/lexicons/tools/ozone/report/defs.defs.js +2 -0
  147. package/dist/lexicons/tools/ozone/report/defs.defs.js.map +1 -1
  148. package/dist/lexicons/tools/ozone/report/queryActivities.d.ts +3 -0
  149. package/dist/lexicons/tools/ozone/report/queryActivities.d.ts.map +1 -0
  150. package/dist/lexicons/tools/ozone/report/queryActivities.defs.d.ts +42 -0
  151. package/dist/lexicons/tools/ozone/report/queryActivities.defs.d.ts.map +1 -0
  152. package/dist/lexicons/tools/ozone/report/queryActivities.defs.js +31 -0
  153. package/dist/lexicons/tools/ozone/report/queryActivities.defs.js.map +1 -0
  154. package/dist/lexicons/tools/ozone/report/queryActivities.js +6 -0
  155. package/dist/lexicons/tools/ozone/report/queryActivities.js.map +1 -0
  156. package/dist/lexicons/tools/ozone/report.d.ts +1 -0
  157. package/dist/lexicons/tools/ozone/report.d.ts.map +1 -1
  158. package/dist/lexicons/tools/ozone/report.js +1 -0
  159. package/dist/lexicons/tools/ozone/report.js.map +1 -1
  160. package/dist/mailer/index.d.ts +2 -0
  161. package/dist/mailer/index.d.ts.map +1 -1
  162. package/dist/mailer/index.js +2 -0
  163. package/dist/mailer/index.js.map +1 -1
  164. package/dist/pipethrough.d.ts +3 -0
  165. package/dist/pipethrough.d.ts.map +1 -1
  166. package/dist/pipethrough.js +32 -0
  167. package/dist/pipethrough.js.map +1 -1
  168. package/dist/scripts/sequencer-recovery/recovery-db.js.map +1 -1
  169. package/dist/sequencer/events.d.ts.map +1 -1
  170. package/dist/sequencer/events.js +6 -13
  171. package/dist/sequencer/events.js.map +1 -1
  172. package/dist/sequencer/sequencer.d.ts +1 -1
  173. package/dist/sequencer/sequencer.d.ts.map +1 -1
  174. package/dist/sequencer/sequencer.js.map +1 -1
  175. package/package.json +14 -14
  176. package/src/account-manager/account-manager.ts +135 -36
  177. package/src/account-manager/db/migrations/005-oauth-account-management.ts +6 -5
  178. package/src/account-manager/db/schema/authorization-request.ts +2 -1
  179. package/src/account-manager/db/schema/authorized-client.ts +6 -2
  180. package/src/account-manager/db/schema/token.ts +2 -2
  181. package/src/account-manager/helpers/account-device.ts +5 -11
  182. package/src/account-manager/helpers/account.ts +39 -16
  183. package/src/account-manager/helpers/auth.ts +2 -2
  184. package/src/account-manager/helpers/authorization-request.ts +12 -8
  185. package/src/account-manager/helpers/authorized-client.ts +12 -6
  186. package/src/account-manager/helpers/device.ts +4 -4
  187. package/src/account-manager/helpers/lexicon.ts +8 -3
  188. package/src/account-manager/helpers/password.ts +6 -0
  189. package/src/account-manager/helpers/token.ts +17 -11
  190. package/src/account-manager/oauth-store.ts +129 -61
  191. package/src/actor-store/blob/reader.ts +8 -5
  192. package/src/actor-store/record/reader.ts +3 -3
  193. package/src/actor-store/repo/sql-repo-reader.ts +1 -1
  194. package/src/api/com/atproto/admin/updateSubjectStatus.ts +16 -4
  195. package/src/api/com/atproto/server/activateAccount.ts +27 -49
  196. package/src/api/com/atproto/server/deactivateAccount.ts +3 -7
  197. package/src/api/com/atproto/server/deleteAccount.ts +60 -43
  198. package/src/api/com/atproto/server/util.ts +24 -7
  199. package/src/background.ts +49 -18
  200. package/src/config/config.ts +7 -2
  201. package/src/context.ts +6 -40
  202. package/src/db/migrator.ts +2 -1
  203. package/src/db/pagination.ts +7 -7
  204. package/src/db/util.ts +5 -2
  205. package/src/index.ts +31 -13
  206. package/src/mailer/index.ts +4 -2
  207. package/src/pipethrough.ts +38 -1
  208. package/src/scripts/sequencer-recovery/recovery-db.ts +1 -1
  209. package/src/sequencer/events.ts +8 -13
  210. package/src/sequencer/sequencer.ts +1 -3
  211. package/tests/_util.ts +8 -25
  212. package/tests/account-deactivation.test.ts +1 -1
  213. package/tests/account-deletion.test.ts +1 -1
  214. package/tests/account-manager.test.ts +79 -0
  215. package/tests/account-migration.test.ts +2 -2
  216. package/tests/account-status.test.ts +206 -0
  217. package/tests/account.test.ts +1 -1
  218. package/tests/app-passwords.test.ts +1 -1
  219. package/tests/auth.test.ts +1 -1
  220. package/tests/blob-deletes.test.ts +1 -1
  221. package/tests/create-post.test.ts +1 -1
  222. package/tests/crud.test.ts +1 -1
  223. package/tests/db.test.ts +4 -4
  224. package/tests/email-confirmation.test.ts +1 -1
  225. package/tests/file-uploads.test.ts +2 -2
  226. package/tests/get-service-auth.test.ts +1 -1
  227. package/tests/handles.test.ts +1 -1
  228. package/tests/invite-codes.test.ts +1 -1
  229. package/tests/invites-admin.test.ts +1 -1
  230. package/tests/moderation.test.ts +1 -1
  231. package/tests/moderator-auth.test.ts +1 -1
  232. package/tests/oauth.test.ts +91 -0
  233. package/tests/plc-operations.test.ts +1 -1
  234. package/tests/preferences.test.ts +1 -1
  235. package/tests/proxied/admin.test.ts +1 -1
  236. package/tests/proxied/feedgen.test.ts +1 -1
  237. package/tests/proxied/notif.test.ts +6 -13
  238. package/tests/proxied/procedures.test.ts +1 -1
  239. package/tests/proxied/proxy-catchall.test.ts +9 -8
  240. package/tests/proxied/proxy-header.test.ts +12 -8
  241. package/tests/proxied/proxy-oauth-aud.test.ts +17 -10
  242. package/tests/proxied/read-after-write.test.ts +4 -5
  243. package/tests/proxied/views.test.ts +1 -1
  244. package/tests/races.test.ts +1 -1
  245. package/tests/rate-limits.test.ts +1 -1
  246. package/tests/recovery.test.ts +1 -1
  247. package/tests/seeds/basic.ts +2 -2
  248. package/tests/seeds/users.ts +4 -1
  249. package/tests/sequencer.test.ts +1 -1
  250. package/tests/server.test.ts +9 -12
  251. package/tests/sync/invertible-ops.test.ts +1 -1
  252. package/tests/sync/list.test.ts +1 -1
  253. package/tests/sync/subscribe-repos.test.ts +1 -1
  254. package/tests/sync/sync.test.ts +1 -1
  255. package/tests/takedown-appeal.test.ts +1 -1
  256. package/tsconfig.build.tsbuildinfo +1 -1
@@ -1,39 +1,33 @@
1
- import { INVALID_HANDLE } from '@atproto/syntax';
2
- import { ForbiddenError, InvalidRequestError, } from '@atproto/xrpc-server';
1
+ import { ForbiddenError } from '@atproto/xrpc-server';
3
2
  import { ACCESS_FULL } from '../../../../auth-scope.js';
4
3
  import { com } from '../../../../lexicons/index.js';
5
- import { assertValidDidDocumentForService } from './util.js';
6
4
  export default function (server, ctx) {
7
- server.add(com.atproto.server.activateAccount, {
8
- auth: ctx.authVerifier.authorization({
9
- scopes: ACCESS_FULL,
10
- authorize: () => {
11
- throw new ForbiddenError('OAuth credentials are not supported for this endpoint');
12
- },
13
- }),
14
- handler: async ({ req, auth }) => {
15
- // in the case of entryway, the full flow is activateAccount (PDS) -> activateAccount (Entryway) -> updateSubjectStatus(PDS)
16
- if (ctx.entrywayClient) {
5
+ const { entrywayClient } = ctx;
6
+ const auth = ctx.authVerifier.authorization({
7
+ scopes: ACCESS_FULL,
8
+ authorize: () => {
9
+ throw new ForbiddenError('OAuth credentials are not supported for this endpoint');
10
+ },
11
+ });
12
+ if (entrywayClient) {
13
+ // in the case of entryway, the full flow is activateAccount (PDS) -> activateAccount (Entryway) -> updateSubjectStatus(PDS)
14
+ server.add(com.atproto.server.activateAccount, {
15
+ auth,
16
+ handler: async ({ req }) => {
17
17
  const { headers } = ctx.entrywayPassthruHeaders(req);
18
- await ctx.entrywayClient.xrpc(com.atproto.server.activateAccount, {
18
+ await entrywayClient.xrpc(com.atproto.server.activateAccount, {
19
19
  headers,
20
20
  });
21
- return;
22
- }
23
- const requester = auth.credentials.did;
24
- await assertValidDidDocumentForService(ctx, requester);
25
- const account = await ctx.accountManager.getAccount(requester, {
26
- includeDeactivated: true,
27
- });
28
- if (!account) {
29
- throw new InvalidRequestError('user not found', 'AccountNotFound');
30
- }
31
- await ctx.accountManager.activateAccount(requester);
32
- const syncData = await ctx.actorStore.read(requester, (store) => store.repo.getSyncEventData());
33
- // @NOTE: we're over-emitting for now for backwards compatibility, can reduce this in the future
34
- const status = await ctx.accountManager.getAccountStatus(requester);
35
- await ctx.sequencer.sequenceAccountActivation(requester, account.handle ?? INVALID_HANDLE, status, syncData);
36
- },
37
- });
21
+ },
22
+ });
23
+ }
24
+ else {
25
+ server.add(com.atproto.server.activateAccount, {
26
+ auth,
27
+ handler: async ({ auth }) => {
28
+ await ctx.accountManager.activateAccount(auth.credentials.did);
29
+ },
30
+ });
31
+ }
38
32
  }
39
33
  //# sourceMappingURL=activateAccount.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"activateAccount.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/activateAccount.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAA;AAChD,OAAO,EACL,cAAc,EACd,mBAAmB,GAEpB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAA;AAEvD,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AACnD,OAAO,EAAE,gCAAgC,EAAE,MAAM,WAAW,CAAA;AAE5D,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,EAAE;QAC7C,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,MAAM,EAAE,WAAW;YACnB,SAAS,EAAE,GAAG,EAAE;gBACd,MAAM,IAAI,cAAc,CACtB,uDAAuD,CACxD,CAAA;YACH,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE;YAC/B,4HAA4H;YAC5H,IAAI,GAAG,CAAC,cAAc,EAAE,CAAC;gBACvB,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAA;gBACpD,MAAM,GAAG,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,EAAE;oBAChE,OAAO;iBACR,CAAC,CAAA;gBACF,OAAM;YACR,CAAC;YAED,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAA;YAEtC,MAAM,gCAAgC,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;YAEtD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,UAAU,CAAC,SAAS,EAAE;gBAC7D,kBAAkB,EAAE,IAAI;aACzB,CAAC,CAAA;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,mBAAmB,CAAC,gBAAgB,EAAE,iBAAiB,CAAC,CAAA;YACpE,CAAC;YAED,MAAM,GAAG,CAAC,cAAc,CAAC,eAAe,CAAC,SAAS,CAAC,CAAA;YAEnD,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,KAAK,EAAE,EAAE,CAC9D,KAAK,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAC9B,CAAA;YAED,gGAAgG;YAChG,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAA;YACnE,MAAM,GAAG,CAAC,SAAS,CAAC,yBAAyB,CAC3C,SAAS,EACT,OAAO,CAAC,MAAM,IAAI,cAAc,EAChC,MAAM,EACN,QAAQ,CACT,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { INVALID_HANDLE } from '@atproto/syntax'\nimport {\n ForbiddenError,\n InvalidRequestError,\n Server,\n} from '@atproto/xrpc-server'\nimport { ACCESS_FULL } from '../../../../auth-scope.js'\nimport { AppContext } from '../../../../context.js'\nimport { com } from '../../../../lexicons/index.js'\nimport { assertValidDidDocumentForService } from './util.js'\n\nexport default function (server: Server, ctx: AppContext) {\n server.add(com.atproto.server.activateAccount, {\n auth: ctx.authVerifier.authorization({\n scopes: ACCESS_FULL,\n authorize: () => {\n throw new ForbiddenError(\n 'OAuth credentials are not supported for this endpoint',\n )\n },\n }),\n handler: async ({ req, auth }) => {\n // in the case of entryway, the full flow is activateAccount (PDS) -> activateAccount (Entryway) -> updateSubjectStatus(PDS)\n if (ctx.entrywayClient) {\n const { headers } = ctx.entrywayPassthruHeaders(req)\n await ctx.entrywayClient.xrpc(com.atproto.server.activateAccount, {\n headers,\n })\n return\n }\n\n const requester = auth.credentials.did\n\n await assertValidDidDocumentForService(ctx, requester)\n\n const account = await ctx.accountManager.getAccount(requester, {\n includeDeactivated: true,\n })\n if (!account) {\n throw new InvalidRequestError('user not found', 'AccountNotFound')\n }\n\n await ctx.accountManager.activateAccount(requester)\n\n const syncData = await ctx.actorStore.read(requester, (store) =>\n store.repo.getSyncEventData(),\n )\n\n // @NOTE: we're over-emitting for now for backwards compatibility, can reduce this in the future\n const status = await ctx.accountManager.getAccountStatus(requester)\n await ctx.sequencer.sequenceAccountActivation(\n requester,\n account.handle ?? INVALID_HANDLE,\n status,\n syncData,\n )\n },\n })\n}\n"]}
1
+ {"version":3,"file":"activateAccount.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/activateAccount.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAU,MAAM,sBAAsB,CAAA;AAC7D,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAA;AAEvD,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AAEnD,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,EAAE,cAAc,EAAE,GAAG,GAAG,CAAA;IAE9B,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;QAC1C,MAAM,EAAE,WAAW;QACnB,SAAS,EAAE,GAAG,EAAE;YACd,MAAM,IAAI,cAAc,CACtB,uDAAuD,CACxD,CAAA;QACH,CAAC;KACF,CAAC,CAAA;IAEF,IAAI,cAAc,EAAE,CAAC;QACnB,4HAA4H;QAC5H,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,EAAE;YAC7C,IAAI;YACJ,OAAO,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE;gBACzB,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAA;gBACpD,MAAM,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,EAAE;oBAC5D,OAAO;iBACR,CAAC,CAAA;YACJ,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,EAAE;YAC7C,IAAI;YACJ,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;gBAC1B,MAAM,GAAG,CAAC,cAAc,CAAC,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;YAChE,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC","sourcesContent":["import { ForbiddenError, Server } from '@atproto/xrpc-server'\nimport { ACCESS_FULL } from '../../../../auth-scope.js'\nimport { AppContext } from '../../../../context.js'\nimport { com } from '../../../../lexicons/index.js'\n\nexport default function (server: Server, ctx: AppContext) {\n const { entrywayClient } = ctx\n\n const auth = ctx.authVerifier.authorization({\n scopes: ACCESS_FULL,\n authorize: () => {\n throw new ForbiddenError(\n 'OAuth credentials are not supported for this endpoint',\n )\n },\n })\n\n if (entrywayClient) {\n // in the case of entryway, the full flow is activateAccount (PDS) -> activateAccount (Entryway) -> updateSubjectStatus(PDS)\n server.add(com.atproto.server.activateAccount, {\n auth,\n handler: async ({ req }) => {\n const { headers } = ctx.entrywayPassthruHeaders(req)\n await entrywayClient.xrpc(com.atproto.server.activateAccount, {\n headers,\n })\n },\n })\n } else {\n server.add(com.atproto.server.activateAccount, {\n auth,\n handler: async ({ auth }) => {\n await ctx.accountManager.activateAccount(auth.credentials.did)\n },\n })\n }\n}\n"]}
@@ -1 +1 @@
1
- {"version":3,"file":"deactivateAccount.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deactivateAccount.ts"],"names":[],"mappings":"AAAA,OAAO,EAAkB,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAE7D,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AAGnD,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QAuCvD"}
1
+ {"version":3,"file":"deactivateAccount.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deactivateAccount.ts"],"names":[],"mappings":"AAAA,OAAO,EAAkB,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAE7D,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AAGnD,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QAmCvD"}
@@ -27,10 +27,9 @@ export default function (server, ctx) {
27
27
  server.add(com.atproto.server.deactivateAccount, {
28
28
  auth,
29
29
  handler: async ({ input: { body }, auth }) => {
30
- const requester = auth.credentials.did;
31
- await ctx.accountManager.deactivateAccount(requester, body.deleteAfter ?? null);
32
- const status = await ctx.accountManager.getAccountStatus(requester);
33
- await ctx.sequencer.sequenceAccount(requester, status);
30
+ await ctx.accountManager.deactivateAccount(auth.credentials.did, {
31
+ deleteAfter: body.deleteAfter ?? null,
32
+ });
34
33
  },
35
34
  });
36
35
  }
@@ -1 +1 @@
1
- {"version":3,"file":"deactivateAccount.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deactivateAccount.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAU,MAAM,sBAAsB,CAAA;AAC7D,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAElE,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AAEnD,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,EAAE,cAAc,EAAE,GAAG,GAAG,CAAA;IAE9B,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;QAC1C,UAAU,EAAE,CAAC,SAAS,CAAC,SAAS,CAAC;QACjC,MAAM,EAAE,WAAW;QACnB,SAAS,EAAE,GAAG,EAAE;YACd,MAAM,IAAI,cAAc,CACtB,uDAAuD,CACxD,CAAA;QACH,CAAC;KACF,CAAC,CAAA;IAEF,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,EAAE;YAC/C,IAAI;YACJ,gIAAgI;YAChI,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE;gBAC1C,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAA;gBACpD,MAAM,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,EAAE;oBAC9D,OAAO;oBACP,IAAI;iBACL,CAAC,CAAA;YACJ,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,EAAE;YAC/C,IAAI;YACJ,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;gBAC3C,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAA;gBACtC,MAAM,GAAG,CAAC,cAAc,CAAC,iBAAiB,CACxC,SAAS,EACT,IAAI,CAAC,WAAW,IAAI,IAAI,CACzB,CAAA;gBACD,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAA;gBACnE,MAAM,GAAG,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;YACxD,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC","sourcesContent":["import { ForbiddenError, Server } from '@atproto/xrpc-server'\nimport { ACCESS_FULL, AuthScope } from '../../../../auth-scope.js'\nimport { AppContext } from '../../../../context.js'\nimport { com } from '../../../../lexicons/index.js'\n\nexport default function (server: Server, ctx: AppContext) {\n const { entrywayClient } = ctx\n\n const auth = ctx.authVerifier.authorization({\n additional: [AuthScope.Takendown],\n scopes: ACCESS_FULL,\n authorize: () => {\n throw new ForbiddenError(\n 'OAuth credentials are not supported for this endpoint',\n )\n },\n })\n\n if (entrywayClient) {\n server.add(com.atproto.server.deactivateAccount, {\n auth,\n // in the case of entryway, the full flow is deactivateAccount (PDS) -> deactivateAccount (Entryway) -> updateSubjectStatus(PDS)\n handler: async ({ input: { body }, req }) => {\n const { headers } = ctx.entrywayPassthruHeaders(req)\n await entrywayClient.xrpc(com.atproto.server.deactivateAccount, {\n headers,\n body,\n })\n },\n })\n } else {\n server.add(com.atproto.server.deactivateAccount, {\n auth,\n handler: async ({ input: { body }, auth }) => {\n const requester = auth.credentials.did\n await ctx.accountManager.deactivateAccount(\n requester,\n body.deleteAfter ?? null,\n )\n const status = await ctx.accountManager.getAccountStatus(requester)\n await ctx.sequencer.sequenceAccount(requester, status)\n },\n })\n }\n}\n"]}
1
+ {"version":3,"file":"deactivateAccount.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deactivateAccount.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAU,MAAM,sBAAsB,CAAA;AAC7D,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAElE,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AAEnD,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,EAAE,cAAc,EAAE,GAAG,GAAG,CAAA;IAE9B,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;QAC1C,UAAU,EAAE,CAAC,SAAS,CAAC,SAAS,CAAC;QACjC,MAAM,EAAE,WAAW;QACnB,SAAS,EAAE,GAAG,EAAE;YACd,MAAM,IAAI,cAAc,CACtB,uDAAuD,CACxD,CAAA;QACH,CAAC;KACF,CAAC,CAAA;IAEF,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,EAAE;YAC/C,IAAI;YACJ,gIAAgI;YAChI,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE;gBAC1C,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAA;gBACpD,MAAM,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,EAAE;oBAC9D,OAAO;oBACP,IAAI;iBACL,CAAC,CAAA;YACJ,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,EAAE;YAC/C,IAAI;YACJ,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;gBAC3C,MAAM,GAAG,CAAC,cAAc,CAAC,iBAAiB,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE;oBAC/D,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,IAAI;iBACtC,CAAC,CAAA;YACJ,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC","sourcesContent":["import { ForbiddenError, Server } from '@atproto/xrpc-server'\nimport { ACCESS_FULL, AuthScope } from '../../../../auth-scope.js'\nimport { AppContext } from '../../../../context.js'\nimport { com } from '../../../../lexicons/index.js'\n\nexport default function (server: Server, ctx: AppContext) {\n const { entrywayClient } = ctx\n\n const auth = ctx.authVerifier.authorization({\n additional: [AuthScope.Takendown],\n scopes: ACCESS_FULL,\n authorize: () => {\n throw new ForbiddenError(\n 'OAuth credentials are not supported for this endpoint',\n )\n },\n })\n\n if (entrywayClient) {\n server.add(com.atproto.server.deactivateAccount, {\n auth,\n // in the case of entryway, the full flow is deactivateAccount (PDS) -> deactivateAccount (Entryway) -> updateSubjectStatus(PDS)\n handler: async ({ input: { body }, req }) => {\n const { headers } = ctx.entrywayPassthruHeaders(req)\n await entrywayClient.xrpc(com.atproto.server.deactivateAccount, {\n headers,\n body,\n })\n },\n })\n } else {\n server.add(com.atproto.server.deactivateAccount, {\n auth,\n handler: async ({ input: { body }, auth }) => {\n await ctx.accountManager.deactivateAccount(auth.credentials.did, {\n deleteAfter: body.deleteAfter ?? null,\n })\n },\n })\n }\n}\n"]}
@@ -1 +1 @@
1
- {"version":3,"file":"deleteAccount.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deleteAccount.ts"],"names":[],"mappings":"AACA,OAAO,EAGL,MAAM,EACP,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AAGnD,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QAyDvD"}
1
+ {"version":3,"file":"deleteAccount.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deleteAccount.ts"],"names":[],"mappings":"AACA,OAAO,EAIL,MAAM,EACP,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AAGnD,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QAyEvD"}
@@ -4,47 +4,61 @@ import { OLD_PASSWORD_MAX_LENGTH } from '../../../../account-manager/helpers/scr
4
4
  import { com } from '../../../../lexicons/index.js';
5
5
  export default function (server, ctx) {
6
6
  const { entrywayClient } = ctx;
7
- server.add(com.atproto.server.deleteAccount, {
8
- rateLimit: {
9
- durationMs: 5 * MINUTE,
10
- points: 50,
11
- },
12
- handler: async ({ input: { body }, req }) => {
13
- const { did, password, token } = body;
14
- const account = await ctx.accountManager.getAccount(did, {
15
- includeDeactivated: true,
16
- includeTakenDown: true,
17
- });
18
- if (!account) {
19
- throw new InvalidRequestError('account not found');
20
- }
21
- if (entrywayClient) {
7
+ const rateLimit = {
8
+ durationMs: 5 * MINUTE,
9
+ points: 50,
10
+ };
11
+ if (entrywayClient) {
12
+ server.add(com.atproto.server.deleteAccount, {
13
+ rateLimit,
14
+ handler: async ({ input: { body }, req }) => {
15
+ const account = await ctx.accountManager.getAccount(body.did, {
16
+ includeDeactivated: true,
17
+ includeTakenDown: true,
18
+ });
19
+ if (!account) {
20
+ throw new InvalidRequestError('account not found');
21
+ }
22
22
  const { headers } = ctx.entrywayPassthruHeaders(req);
23
23
  await entrywayClient.xrpc(com.atproto.server.deleteAccount, {
24
24
  body,
25
25
  headers,
26
26
  });
27
- return;
28
- }
29
- if (password.length > OLD_PASSWORD_MAX_LENGTH) {
30
- throw new InvalidRequestError('Invalid password length.');
31
- }
32
- const validPass = await ctx.accountManager.verifyAccountPassword(did, password);
33
- if (!validPass) {
34
- throw new AuthRequiredError('Invalid did or password');
35
- }
36
- await ctx.accountManager.assertValidEmailToken(did, 'delete_account', token);
37
- // @NOTE Order matters here: first "unlink" the account by removing it
38
- // from the account manager database ("source of truth"), then notify the
39
- // sequencer, and finally cleanup files from the file system.
40
- await ctx.accountManager.deleteAccount(did);
41
- try {
42
- await ctx.sequencer.sequenceAccountDeletion(did);
43
- }
44
- finally {
45
- await ctx.actorStore.destroy(did);
46
- }
47
- },
48
- });
27
+ },
28
+ });
29
+ }
30
+ else {
31
+ server.add(com.atproto.server.deleteAccount, {
32
+ rateLimit,
33
+ handler: async ({ input: { body } }) => {
34
+ const { did, password, token } = body;
35
+ if (password.length > OLD_PASSWORD_MAX_LENGTH) {
36
+ throw new AuthRequiredError('Password too long. Consider resetting your password.');
37
+ }
38
+ const account = await ctx.accountManager.getAccount(did, {
39
+ includeDeactivated: true,
40
+ includeTakenDown: true,
41
+ });
42
+ if (!account) {
43
+ throw new InvalidRequestError('account not found');
44
+ }
45
+ const validPass = await ctx.accountManager.verifyAccountPassword(did, password);
46
+ if (!validPass) {
47
+ throw new AuthRequiredError('Invalid did or password');
48
+ }
49
+ await ctx.accountManager.assertValidEmailToken(did, 'delete_account', token);
50
+ // @NOTE Order matters here: first "unlink" the account by removing it
51
+ // from the account manager database ("source of truth"), then notify the
52
+ // sequencer, and finally cleanup files from the file system.
53
+ await ctx.accountManager.deleteAccount(did);
54
+ try {
55
+ await ctx.sequencer.sequenceAccountDeletion(did);
56
+ }
57
+ finally {
58
+ await ctx.actorStore.destroy(did);
59
+ }
60
+ },
61
+ });
62
+ }
49
63
  }
50
64
  //# sourceMappingURL=deleteAccount.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"deleteAccount.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deleteAccount.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AACxC,OAAO,EACL,iBAAiB,EACjB,mBAAmB,GAEpB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EAAE,uBAAuB,EAAE,MAAM,+CAA+C,CAAA;AAEvF,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AAEnD,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,EAAE,cAAc,EAAE,GAAG,GAAG,CAAA;IAE9B,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,EAAE;QAC3C,SAAS,EAAE;YACT,UAAU,EAAE,CAAC,GAAG,MAAM;YACtB,MAAM,EAAE,EAAE;SACX;QACD,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE;YAC1C,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAA;YAErC,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,UAAU,CAAC,GAAG,EAAE;gBACvD,kBAAkB,EAAE,IAAI;gBACxB,gBAAgB,EAAE,IAAI;aACvB,CAAC,CAAA;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,mBAAmB,CAAC,mBAAmB,CAAC,CAAA;YACpD,CAAC;YAED,IAAI,cAAc,EAAE,CAAC;gBACnB,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAA;gBACpD,MAAM,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,EAAE;oBAC1D,IAAI;oBACJ,OAAO;iBACR,CAAC,CAAA;gBACF,OAAM;YACR,CAAC;YAED,IAAI,QAAQ,CAAC,MAAM,GAAG,uBAAuB,EAAE,CAAC;gBAC9C,MAAM,IAAI,mBAAmB,CAAC,0BAA0B,CAAC,CAAA;YAC3D,CAAC;YAED,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,qBAAqB,CAC9D,GAAG,EACH,QAAQ,CACT,CAAA;YACD,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,MAAM,IAAI,iBAAiB,CAAC,yBAAyB,CAAC,CAAA;YACxD,CAAC;YAED,MAAM,GAAG,CAAC,cAAc,CAAC,qBAAqB,CAC5C,GAAG,EACH,gBAAgB,EAChB,KAAK,CACN,CAAA;YAED,sEAAsE;YACtE,yEAAyE;YACzE,6DAA6D;YAC7D,MAAM,GAAG,CAAC,cAAc,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;YAC3C,IAAI,CAAC;gBACH,MAAM,GAAG,CAAC,SAAS,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAA;YAClD,CAAC;oBAAS,CAAC;gBACT,MAAM,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YACnC,CAAC;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { MINUTE } from '@atproto/common'\nimport {\n AuthRequiredError,\n InvalidRequestError,\n Server,\n} from '@atproto/xrpc-server'\nimport { OLD_PASSWORD_MAX_LENGTH } from '../../../../account-manager/helpers/scrypt.js'\nimport { AppContext } from '../../../../context.js'\nimport { com } from '../../../../lexicons/index.js'\n\nexport default function (server: Server, ctx: AppContext) {\n const { entrywayClient } = ctx\n\n server.add(com.atproto.server.deleteAccount, {\n rateLimit: {\n durationMs: 5 * MINUTE,\n points: 50,\n },\n handler: async ({ input: { body }, req }) => {\n const { did, password, token } = body\n\n const account = await ctx.accountManager.getAccount(did, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n if (!account) {\n throw new InvalidRequestError('account not found')\n }\n\n if (entrywayClient) {\n const { headers } = ctx.entrywayPassthruHeaders(req)\n await entrywayClient.xrpc(com.atproto.server.deleteAccount, {\n body,\n headers,\n })\n return\n }\n\n if (password.length > OLD_PASSWORD_MAX_LENGTH) {\n throw new InvalidRequestError('Invalid password length.')\n }\n\n const validPass = await ctx.accountManager.verifyAccountPassword(\n did,\n password,\n )\n if (!validPass) {\n throw new AuthRequiredError('Invalid did or password')\n }\n\n await ctx.accountManager.assertValidEmailToken(\n did,\n 'delete_account',\n token,\n )\n\n // @NOTE Order matters here: first \"unlink\" the account by removing it\n // from the account manager database (\"source of truth\"), then notify the\n // sequencer, and finally cleanup files from the file system.\n await ctx.accountManager.deleteAccount(did)\n try {\n await ctx.sequencer.sequenceAccountDeletion(did)\n } finally {\n await ctx.actorStore.destroy(did)\n }\n },\n })\n}\n"]}
1
+ {"version":3,"file":"deleteAccount.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/deleteAccount.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AACxC,OAAO,EACL,iBAAiB,EACjB,mBAAmB,GAGpB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EAAE,uBAAuB,EAAE,MAAM,+CAA+C,CAAA;AAEvF,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AAEnD,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,EAAE,cAAc,EAAE,GAAG,GAAG,CAAA;IAE9B,MAAM,SAAS,GAAoB;QACjC,UAAU,EAAE,CAAC,GAAG,MAAM;QACtB,MAAM,EAAE,EAAE;KACX,CAAA;IAED,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,EAAE;YAC3C,SAAS;YACT,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE;gBAC1C,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE;oBAC5D,kBAAkB,EAAE,IAAI;oBACxB,gBAAgB,EAAE,IAAI;iBACvB,CAAC,CAAA;gBACF,IAAI,CAAC,OAAO,EAAE,CAAC;oBACb,MAAM,IAAI,mBAAmB,CAAC,mBAAmB,CAAC,CAAA;gBACpD,CAAC;gBAED,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAA;gBACpD,MAAM,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,EAAE;oBAC1D,IAAI;oBACJ,OAAO;iBACR,CAAC,CAAA;YACJ,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,EAAE;YAC3C,SAAS;YACT,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE;gBACrC,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAA;gBAErC,IAAI,QAAQ,CAAC,MAAM,GAAG,uBAAuB,EAAE,CAAC;oBAC9C,MAAM,IAAI,iBAAiB,CACzB,sDAAsD,CACvD,CAAA;gBACH,CAAC;gBAED,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,UAAU,CAAC,GAAG,EAAE;oBACvD,kBAAkB,EAAE,IAAI;oBACxB,gBAAgB,EAAE,IAAI;iBACvB,CAAC,CAAA;gBACF,IAAI,CAAC,OAAO,EAAE,CAAC;oBACb,MAAM,IAAI,mBAAmB,CAAC,mBAAmB,CAAC,CAAA;gBACpD,CAAC;gBAED,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,qBAAqB,CAC9D,GAAG,EACH,QAAQ,CACT,CAAA;gBACD,IAAI,CAAC,SAAS,EAAE,CAAC;oBACf,MAAM,IAAI,iBAAiB,CAAC,yBAAyB,CAAC,CAAA;gBACxD,CAAC;gBAED,MAAM,GAAG,CAAC,cAAc,CAAC,qBAAqB,CAC5C,GAAG,EACH,gBAAgB,EAChB,KAAK,CACN,CAAA;gBAED,sEAAsE;gBACtE,yEAAyE;gBACzE,6DAA6D;gBAC7D,MAAM,GAAG,CAAC,cAAc,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;gBAC3C,IAAI,CAAC;oBACH,MAAM,GAAG,CAAC,SAAS,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAA;gBAClD,CAAC;wBAAS,CAAC;oBACT,MAAM,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;gBACnC,CAAC;YACH,CAAC;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC","sourcesContent":["import { MINUTE } from '@atproto/common'\nimport {\n AuthRequiredError,\n InvalidRequestError,\n MethodRateLimit,\n Server,\n} from '@atproto/xrpc-server'\nimport { OLD_PASSWORD_MAX_LENGTH } from '../../../../account-manager/helpers/scrypt.js'\nimport { AppContext } from '../../../../context.js'\nimport { com } from '../../../../lexicons/index.js'\n\nexport default function (server: Server, ctx: AppContext) {\n const { entrywayClient } = ctx\n\n const rateLimit: MethodRateLimit = {\n durationMs: 5 * MINUTE,\n points: 50,\n }\n\n if (entrywayClient) {\n server.add(com.atproto.server.deleteAccount, {\n rateLimit,\n handler: async ({ input: { body }, req }) => {\n const account = await ctx.accountManager.getAccount(body.did, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n if (!account) {\n throw new InvalidRequestError('account not found')\n }\n\n const { headers } = ctx.entrywayPassthruHeaders(req)\n await entrywayClient.xrpc(com.atproto.server.deleteAccount, {\n body,\n headers,\n })\n },\n })\n } else {\n server.add(com.atproto.server.deleteAccount, {\n rateLimit,\n handler: async ({ input: { body } }) => {\n const { did, password, token } = body\n\n if (password.length > OLD_PASSWORD_MAX_LENGTH) {\n throw new AuthRequiredError(\n 'Password too long. Consider resetting your password.',\n )\n }\n\n const account = await ctx.accountManager.getAccount(did, {\n includeDeactivated: true,\n includeTakenDown: true,\n })\n if (!account) {\n throw new InvalidRequestError('account not found')\n }\n\n const validPass = await ctx.accountManager.verifyAccountPassword(\n did,\n password,\n )\n if (!validPass) {\n throw new AuthRequiredError('Invalid did or password')\n }\n\n await ctx.accountManager.assertValidEmailToken(\n did,\n 'delete_account',\n token,\n )\n\n // @NOTE Order matters here: first \"unlink\" the account by removing it\n // from the account manager database (\"source of truth\"), then notify the\n // sequencer, and finally cleanup files from the file system.\n await ctx.accountManager.deleteAccount(did)\n try {\n await ctx.sequencer.sequenceAccountDeletion(did)\n } finally {\n await ctx.actorStore.destroy(did)\n }\n },\n })\n }\n}\n"]}
@@ -1,11 +1,30 @@
1
- import { DidDocument } from '@atproto/identity';
1
+ import * as plc from '@did-plc/lib';
2
+ import * as crypto from '@atproto/crypto';
3
+ import { DidDocument, IdResolver } from '@atproto/identity';
4
+ import { ActorStore } from '../../../../actor-store/actor-store.js';
2
5
  import { ServerConfig } from '../../../../config/index.js';
3
- import { AppContext } from '../../../../context.js';
4
6
  export declare const genInvCode: (cfg: ServerConfig) => string;
5
7
  export declare const genInvCodes: (cfg: ServerConfig, count: number) => string[];
6
8
  export declare const getRandomToken: () => string;
7
- export declare const safeResolveDidDoc: (ctx: AppContext, did: string, forceRefresh?: boolean) => Promise<DidDocument | undefined>;
8
- export declare const didDocForSession: (ctx: AppContext, did: string, forceRefresh?: boolean) => Promise<DidDocument | undefined>;
9
- export declare const isValidDidDocForService: (ctx: AppContext, did: string) => Promise<boolean>;
10
- export declare const assertValidDidDocumentForService: (ctx: AppContext, did: string) => Promise<void>;
9
+ export declare const safeResolveDidDoc: (ctx: {
10
+ idResolver: IdResolver;
11
+ }, did: string, forceRefresh?: boolean) => Promise<DidDocument | undefined>;
12
+ export declare const didDocForSession: (ctx: {
13
+ idResolver: IdResolver;
14
+ cfg: ServerConfig;
15
+ }, did: string, forceRefresh?: boolean) => Promise<DidDocument | undefined>;
16
+ export declare const isValidDidDocForService: (ctx: {
17
+ plcClient: plc.Client;
18
+ idResolver: IdResolver;
19
+ cfg: ServerConfig;
20
+ plcRotationKey: crypto.Keypair;
21
+ actorStore: ActorStore;
22
+ }, did: string) => Promise<boolean>;
23
+ export declare const assertValidDidDocumentForService: (ctx: {
24
+ plcClient: plc.Client;
25
+ idResolver: IdResolver;
26
+ cfg: ServerConfig;
27
+ plcRotationKey: crypto.Keypair;
28
+ actorStore: ActorStore;
29
+ }, did: string) => Promise<void>;
11
30
  //# sourceMappingURL=util.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/util.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAE/C,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAA;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AAOnD,eAAO,MAAM,UAAU,QAAS,YAAY,KAAG,MAE9C,CAAA;AAED,eAAO,MAAM,WAAW,QAAS,YAAY,SAAS,MAAM,KAAG,MAAM,EAMpE,CAAA;AAGD,eAAO,MAAM,cAAc,cAG1B,CAAA;AAED,eAAO,MAAM,iBAAiB,QACvB,UAAU,OACV,MAAM,iBACI,OAAO,KACrB,OAAO,CAAC,WAAW,GAAG,SAAS,CAOjC,CAAA;AAED,eAAO,MAAM,gBAAgB,QACtB,UAAU,OACV,MAAM,iBACI,OAAO,KACrB,OAAO,CAAC,WAAW,GAAG,SAAS,CAGjC,CAAA;AAED,eAAO,MAAM,uBAAuB,QAC7B,UAAU,OACV,MAAM,KACV,OAAO,CAAC,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,gCAAgC,QACtC,UAAU,OACV,MAAM,kBAmBZ,CAAA"}
1
+ {"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/util.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,GAAG,MAAM,cAAc,CAAA;AAEnC,OAAO,KAAK,MAAM,MAAM,iBAAiB,CAAA;AACzC,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAE3D,OAAO,EAAE,UAAU,EAAE,MAAM,wCAAwC,CAAA;AACnE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAA;AAO1D,eAAO,MAAM,UAAU,QAAS,YAAY,KAAG,MAE9C,CAAA;AAED,eAAO,MAAM,WAAW,QAAS,YAAY,SAAS,MAAM,KAAG,MAAM,EAMpE,CAAA;AAGD,eAAO,MAAM,cAAc,cAG1B,CAAA;AAED,eAAO,MAAM,iBAAiB,QACvB;IAAE,UAAU,EAAE,UAAU,CAAA;CAAE,OAC1B,MAAM,iBACI,OAAO,KACrB,OAAO,CAAC,WAAW,GAAG,SAAS,CAOjC,CAAA;AAED,eAAO,MAAM,gBAAgB,QACtB;IAAE,UAAU,EAAE,UAAU,CAAC;IAAC,GAAG,EAAE,YAAY,CAAA;CAAE,OAC7C,MAAM,iBACI,OAAO,KACrB,OAAO,CAAC,WAAW,GAAG,SAAS,CAGjC,CAAA;AAED,eAAO,MAAM,uBAAuB,QAC7B;IACH,SAAS,EAAE,GAAG,CAAC,MAAM,CAAA;IACrB,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,EAAE,YAAY,CAAA;IACjB,cAAc,EAAE,MAAM,CAAC,OAAO,CAAA;IAC9B,UAAU,EAAE,UAAU,CAAA;CACvB,OACI,MAAM,KACV,OAAO,CAAC,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,gCAAgC,QACtC;IACH,SAAS,EAAE,GAAG,CAAC,MAAM,CAAA;IACrB,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,EAAE,YAAY,CAAA;IACjB,cAAc,EAAE,MAAM,CAAC,OAAO,CAAA;IAC9B,UAAU,EAAE,UAAU,CAAA;CACvB,OACI,MAAM,kBAmBZ,CAAA"}
@@ -1 +1 @@
1
- {"version":3,"file":"util.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/util.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAClE,OAAO,KAAK,MAAM,MAAM,iBAAiB,CAAA;AAEzC,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAA;AAG1D,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAA;AAElD,mDAAmD;AACnD,gEAAgE;AAChE,2BAA2B;AAC3B,0CAA0C;AAC1C,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,GAAiB,EAAU,EAAE;IACtD,OAAO,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,GAAG,GAAG,cAAc,EAAE,CAAA;AAC3E,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,GAAiB,EAAE,KAAa,EAAY,EAAE;IACxE,MAAM,KAAK,GAAa,EAAE,CAAA;IAC1B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC;QAC/B,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAA;IAC7B,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,mDAAmD;AACnD,MAAM,CAAC,MAAM,cAAc,GAAG,GAAG,EAAE;IACjC,MAAM,KAAK,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACxD,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;AACrD,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,GAAe,EACf,GAAW,EACX,YAAsB,EACY,EAAE;IACpC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;QAClE,OAAO,MAAM,IAAI,SAAS,CAAA;IAC5B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,UAAU,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,2BAA2B,CAAC,CAAA;IAC5D,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,EACnC,GAAe,EACf,GAAW,EACX,YAAsB,EACY,EAAE;IACpC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,uBAAuB;QAAE,OAAM;IACrD,OAAO,iBAAiB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,CAAC,CAAA;AAClD,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,uBAAuB,GAAG,KAAK,EAC1C,GAAe,EACf,GAAW,EACO,EAAE;IACpB,IAAI,CAAC;QACH,MAAM,gCAAgC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;QAChD,OAAO,IAAI,CAAA;IACb,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,gCAAgC,GAAG,KAAK,EACnD,GAAe,EACf,GAAW,EACX,EAAE;IACF,IAAI,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC9B,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,SAAS,CAAC,eAAe,CAAC,GAAG,CAAC,CAAA;QACzD,MAAM,sBAAsB,CAAC,GAAG,EAAE,GAAG,EAAE;YACrC,WAAW,EAAE,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,QAAQ;YACvD,UAAU,EAAE,QAAQ,CAAC,mBAAmB,CAAC,SAAS,CAAC;YACnD,YAAY,EAAE,QAAQ,CAAC,YAAY;SACpC,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;QAC5D,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,mBAAmB,CAAC,uBAAuB,CAAC,CAAA;QACxD,CAAC;QACD,MAAM,sBAAsB,CAAC,GAAG,EAAE,GAAG,EAAE;YACrC,WAAW,EAAE,cAAc,CAAC,QAAQ,CAAC;YACrC,UAAU,EAAE,gBAAgB,CAAC,QAAQ,CAAC;SACvC,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAA;AAED,MAAM,sBAAsB,GAAG,KAAK,EAClC,GAAe,EACf,GAAW,EACX,QAIC,EACD,EAAE;IACF,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,QAAQ,CAAA;IAE1D,MAAM,cAAc,GAClB,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,cAAc,IAAI,GAAG,CAAC,cAAc,CAAC,GAAG,EAAE,CAAA;IAC9D,IAAI,YAAY,KAAK,SAAS,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QACzE,MAAM,IAAI,mBAAmB,CAC3B,kDAAkD,CACnD,CAAA;IACH,CAAC;IAED,IAAI,CAAC,WAAW,IAAI,WAAW,KAAK,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QAC9D,MAAM,IAAI,mBAAmB,CAC3B,yEAAyE,CAC1E,CAAA;IACH,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IACjD,IAAI,CAAC,UAAU,IAAI,UAAU,KAAK,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC;QAChD,MAAM,IAAI,mBAAmB,CAC3B,sEAAsE,CACvE,CAAA;IACH,CAAC;AACH,CAAC,CAAA","sourcesContent":["import { getPdsEndpoint, getSigningDidKey } from '@atproto/common'\nimport * as crypto from '@atproto/crypto'\nimport { DidDocument } from '@atproto/identity'\nimport { InvalidRequestError } from '@atproto/xrpc-server'\nimport { ServerConfig } from '../../../../config/index.js'\nimport { AppContext } from '../../../../context.js'\nimport { httpLogger } from '../../../../logger.js'\n\n// generate an invite code preceded by the hostname\n// with '.'s replaced by '-'s so it is not mistakable for a link\n// ex: bsky-app-abc23-567xy\n// regex: bsky-app-[a-z2-7]{5}-[a-z2-7]{5}\nexport const genInvCode = (cfg: ServerConfig): string => {\n return cfg.service.hostname.replaceAll('.', '-') + '-' + getRandomToken()\n}\n\nexport const genInvCodes = (cfg: ServerConfig, count: number): string[] => {\n const codes: string[] = []\n for (let i = 0; i < count; i++) {\n codes.push(genInvCode(cfg))\n }\n return codes\n}\n\n// Formatted xxxxx-xxxxx where digits are in base32\nexport const getRandomToken = () => {\n const token = crypto.randomStr(8, 'base32').slice(0, 10)\n return token.slice(0, 5) + '-' + token.slice(5, 10)\n}\n\nexport const safeResolveDidDoc = async (\n ctx: AppContext,\n did: string,\n forceRefresh?: boolean,\n): Promise<DidDocument | undefined> => {\n try {\n const didDoc = await ctx.idResolver.did.resolve(did, forceRefresh)\n return didDoc ?? undefined\n } catch (err) {\n httpLogger.warn({ err, did }, 'failed to resolve did doc')\n }\n}\n\nexport const didDocForSession = async (\n ctx: AppContext,\n did: string,\n forceRefresh?: boolean,\n): Promise<DidDocument | undefined> => {\n if (!ctx.cfg.identity.enableDidDocWithSession) return\n return safeResolveDidDoc(ctx, did, forceRefresh)\n}\n\nexport const isValidDidDocForService = async (\n ctx: AppContext,\n did: string,\n): Promise<boolean> => {\n try {\n await assertValidDidDocumentForService(ctx, did)\n return true\n } catch {\n return false\n }\n}\n\nexport const assertValidDidDocumentForService = async (\n ctx: AppContext,\n did: string,\n) => {\n if (did.startsWith('did:plc')) {\n const resolved = await ctx.plcClient.getDocumentData(did)\n await assertValidDocContents(ctx, did, {\n pdsEndpoint: resolved.services['atproto_pds']?.endpoint,\n signingKey: resolved.verificationMethods['atproto'],\n rotationKeys: resolved.rotationKeys,\n })\n } else {\n const resolved = await ctx.idResolver.did.resolve(did, true)\n if (!resolved) {\n throw new InvalidRequestError('Could not resolve DID')\n }\n await assertValidDocContents(ctx, did, {\n pdsEndpoint: getPdsEndpoint(resolved),\n signingKey: getSigningDidKey(resolved),\n })\n }\n}\n\nconst assertValidDocContents = async (\n ctx: AppContext,\n did: string,\n contents: {\n signingKey?: string\n pdsEndpoint?: string\n rotationKeys?: string[]\n },\n) => {\n const { signingKey, pdsEndpoint, rotationKeys } = contents\n\n const plcRotationKey =\n ctx.cfg.entryway?.plcRotationKey ?? ctx.plcRotationKey.did()\n if (rotationKeys !== undefined && !rotationKeys.includes(plcRotationKey)) {\n throw new InvalidRequestError(\n 'Server rotation key not included in PLC DID data',\n )\n }\n\n if (!pdsEndpoint || pdsEndpoint !== ctx.cfg.service.publicUrl) {\n throw new InvalidRequestError(\n 'DID document atproto_pds service endpoint does not match PDS public url',\n )\n }\n\n const keypair = await ctx.actorStore.keypair(did)\n if (!signingKey || signingKey !== keypair.did()) {\n throw new InvalidRequestError(\n 'DID document verification method does not match expected signing key',\n )\n }\n}\n"]}
1
+ {"version":3,"file":"util.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/util.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAClE,OAAO,KAAK,MAAM,MAAM,iBAAiB,CAAA;AAEzC,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAA;AAG1D,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAA;AAElD,mDAAmD;AACnD,gEAAgE;AAChE,2BAA2B;AAC3B,0CAA0C;AAC1C,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,GAAiB,EAAU,EAAE;IACtD,OAAO,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,GAAG,GAAG,cAAc,EAAE,CAAA;AAC3E,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,GAAiB,EAAE,KAAa,EAAY,EAAE;IACxE,MAAM,KAAK,GAAa,EAAE,CAAA;IAC1B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC;QAC/B,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAA;IAC7B,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,mDAAmD;AACnD,MAAM,CAAC,MAAM,cAAc,GAAG,GAAG,EAAE;IACjC,MAAM,KAAK,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACxD,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;AACrD,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAG,KAAK,EACpC,GAA+B,EAC/B,GAAW,EACX,YAAsB,EACY,EAAE;IACpC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;QAClE,OAAO,MAAM,IAAI,SAAS,CAAA;IAC5B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,UAAU,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,2BAA2B,CAAC,CAAA;IAC5D,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,EACnC,GAAkD,EAClD,GAAW,EACX,YAAsB,EACY,EAAE;IACpC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,uBAAuB;QAAE,OAAM;IACrD,OAAO,iBAAiB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,CAAC,CAAA;AAClD,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,uBAAuB,GAAG,KAAK,EAC1C,GAMC,EACD,GAAW,EACO,EAAE;IACpB,IAAI,CAAC;QACH,MAAM,gCAAgC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;QAChD,OAAO,IAAI,CAAA;IACb,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,gCAAgC,GAAG,KAAK,EACnD,GAMC,EACD,GAAW,EACX,EAAE;IACF,IAAI,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC9B,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,SAAS,CAAC,eAAe,CAAC,GAAG,CAAC,CAAA;QACzD,MAAM,sBAAsB,CAAC,GAAG,EAAE,GAAG,EAAE;YACrC,WAAW,EAAE,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,QAAQ;YACvD,UAAU,EAAE,QAAQ,CAAC,mBAAmB,CAAC,SAAS,CAAC;YACnD,YAAY,EAAE,QAAQ,CAAC,YAAY;SACpC,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;QAC5D,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,mBAAmB,CAAC,uBAAuB,CAAC,CAAA;QACxD,CAAC;QACD,MAAM,sBAAsB,CAAC,GAAG,EAAE,GAAG,EAAE;YACrC,WAAW,EAAE,cAAc,CAAC,QAAQ,CAAC;YACrC,UAAU,EAAE,gBAAgB,CAAC,QAAQ,CAAC;SACvC,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAA;AAED,MAAM,sBAAsB,GAAG,KAAK,EAClC,GAIC,EACD,GAAW,EACX,QAIC,EACD,EAAE;IACF,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,QAAQ,CAAA;IAE1D,MAAM,cAAc,GAClB,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,cAAc,IAAI,GAAG,CAAC,cAAc,CAAC,GAAG,EAAE,CAAA;IAC9D,IAAI,YAAY,KAAK,SAAS,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QACzE,MAAM,IAAI,mBAAmB,CAC3B,kDAAkD,CACnD,CAAA;IACH,CAAC;IAED,IAAI,CAAC,WAAW,IAAI,WAAW,KAAK,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QAC9D,MAAM,IAAI,mBAAmB,CAC3B,yEAAyE,CAC1E,CAAA;IACH,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IACjD,IAAI,CAAC,UAAU,IAAI,UAAU,KAAK,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC;QAChD,MAAM,IAAI,mBAAmB,CAC3B,sEAAsE,CACvE,CAAA;IACH,CAAC;AACH,CAAC,CAAA","sourcesContent":["import * as plc from '@did-plc/lib'\nimport { getPdsEndpoint, getSigningDidKey } from '@atproto/common'\nimport * as crypto from '@atproto/crypto'\nimport { DidDocument, IdResolver } from '@atproto/identity'\nimport { InvalidRequestError } from '@atproto/xrpc-server'\nimport { ActorStore } from '../../../../actor-store/actor-store.js'\nimport { ServerConfig } from '../../../../config/index.js'\nimport { httpLogger } from '../../../../logger.js'\n\n// generate an invite code preceded by the hostname\n// with '.'s replaced by '-'s so it is not mistakable for a link\n// ex: bsky-app-abc23-567xy\n// regex: bsky-app-[a-z2-7]{5}-[a-z2-7]{5}\nexport const genInvCode = (cfg: ServerConfig): string => {\n return cfg.service.hostname.replaceAll('.', '-') + '-' + getRandomToken()\n}\n\nexport const genInvCodes = (cfg: ServerConfig, count: number): string[] => {\n const codes: string[] = []\n for (let i = 0; i < count; i++) {\n codes.push(genInvCode(cfg))\n }\n return codes\n}\n\n// Formatted xxxxx-xxxxx where digits are in base32\nexport const getRandomToken = () => {\n const token = crypto.randomStr(8, 'base32').slice(0, 10)\n return token.slice(0, 5) + '-' + token.slice(5, 10)\n}\n\nexport const safeResolveDidDoc = async (\n ctx: { idResolver: IdResolver },\n did: string,\n forceRefresh?: boolean,\n): Promise<DidDocument | undefined> => {\n try {\n const didDoc = await ctx.idResolver.did.resolve(did, forceRefresh)\n return didDoc ?? undefined\n } catch (err) {\n httpLogger.warn({ err, did }, 'failed to resolve did doc')\n }\n}\n\nexport const didDocForSession = async (\n ctx: { idResolver: IdResolver; cfg: ServerConfig },\n did: string,\n forceRefresh?: boolean,\n): Promise<DidDocument | undefined> => {\n if (!ctx.cfg.identity.enableDidDocWithSession) return\n return safeResolveDidDoc(ctx, did, forceRefresh)\n}\n\nexport const isValidDidDocForService = async (\n ctx: {\n plcClient: plc.Client\n idResolver: IdResolver\n cfg: ServerConfig\n plcRotationKey: crypto.Keypair\n actorStore: ActorStore\n },\n did: string,\n): Promise<boolean> => {\n try {\n await assertValidDidDocumentForService(ctx, did)\n return true\n } catch {\n return false\n }\n}\n\nexport const assertValidDidDocumentForService = async (\n ctx: {\n plcClient: plc.Client\n idResolver: IdResolver\n cfg: ServerConfig\n plcRotationKey: crypto.Keypair\n actorStore: ActorStore\n },\n did: string,\n) => {\n if (did.startsWith('did:plc')) {\n const resolved = await ctx.plcClient.getDocumentData(did)\n await assertValidDocContents(ctx, did, {\n pdsEndpoint: resolved.services['atproto_pds']?.endpoint,\n signingKey: resolved.verificationMethods['atproto'],\n rotationKeys: resolved.rotationKeys,\n })\n } else {\n const resolved = await ctx.idResolver.did.resolve(did, true)\n if (!resolved) {\n throw new InvalidRequestError('Could not resolve DID')\n }\n await assertValidDocContents(ctx, did, {\n pdsEndpoint: getPdsEndpoint(resolved),\n signingKey: getSigningDidKey(resolved),\n })\n }\n}\n\nconst assertValidDocContents = async (\n ctx: {\n cfg: ServerConfig\n plcRotationKey: crypto.Keypair\n actorStore: ActorStore\n },\n did: string,\n contents: {\n signingKey?: string\n pdsEndpoint?: string\n rotationKeys?: string[]\n },\n) => {\n const { signingKey, pdsEndpoint, rotationKeys } = contents\n\n const plcRotationKey =\n ctx.cfg.entryway?.plcRotationKey ?? ctx.plcRotationKey.did()\n if (rotationKeys !== undefined && !rotationKeys.includes(plcRotationKey)) {\n throw new InvalidRequestError(\n 'Server rotation key not included in PLC DID data',\n )\n }\n\n if (!pdsEndpoint || pdsEndpoint !== ctx.cfg.service.publicUrl) {\n throw new InvalidRequestError(\n 'DID document atproto_pds service endpoint does not match PDS public url',\n )\n }\n\n const keypair = await ctx.actorStore.keypair(did)\n if (!signingKey || signingKey !== keypair.did()) {\n throw new InvalidRequestError(\n 'DID document verification method does not match expected signing key',\n )\n }\n}\n"]}
@@ -1,12 +1,18 @@
1
1
  import PQueue from 'p-queue';
2
- export declare class BackgroundQueue {
3
- queue: InstanceType<typeof PQueue>;
4
- destroyed: boolean;
5
- constructor();
6
- add(task: Task): void;
2
+ type Task<TContext> = (ctx: TContext, signal: AbortSignal) => Promise<void>;
3
+ export type BackgroundQueueOptions = NonNullable<ConstructorParameters<typeof PQueue>[0]> & {
4
+ concurrency: number;
5
+ };
6
+ export declare class BackgroundQueue<TContext = unknown> {
7
+ private readonly context;
8
+ private abortController;
9
+ private queue;
10
+ get signal(): AbortSignal;
11
+ get destroyed(): boolean;
12
+ constructor(context: TContext, options?: BackgroundQueueOptions);
13
+ add(task: Task<TContext>): void;
7
14
  processAll(): Promise<void>;
8
15
  destroy(): Promise<void>;
9
16
  }
10
- type Task = () => Promise<void>;
11
17
  export {};
12
18
  //# sourceMappingURL=background.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"background.d.ts","sourceRoot":"","sources":["../src/background.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,SAAS,CAAA;AAK5B,qBAAa,eAAe;IAC1B,KAAK,EAAE,YAAY,CAAC,OAAO,MAAM,CAAC,CAAiC;IACnE,SAAS,UAAQ;IACjB,cAAgB;IAEhB,GAAG,CAAC,IAAI,EAAE,IAAI,QASb;IAEK,UAAU,kBAEf;IAIK,OAAO,kBAGZ;CACF;AAED,KAAK,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA"}
1
+ {"version":3,"file":"background.d.ts","sourceRoot":"","sources":["../src/background.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,SAAS,CAAA;AAI5B,KAAK,IAAI,CAAC,QAAQ,IAAI,CAAC,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;AAE3E,MAAM,MAAM,sBAAsB,GAAG,WAAW,CAC9C,qBAAqB,CAAC,OAAO,MAAM,CAAC,CAAC,CAAC,CAAC,CACxC,GAAG;IACF,WAAW,EAAE,MAAM,CAAA;CACpB,CAAA;AAMD,qBAAa,eAAe,CAAC,QAAQ,GAAG,OAAO;IAa3C,OAAO,CAAC,QAAQ,CAAC,OAAO;IAZ1B,OAAO,CAAC,eAAe,CAAwB;IAC/C,OAAO,CAAC,KAAK,CAAQ;IAErB,IAAW,MAAM,IAAI,WAAW,CAE/B;IAED,IAAW,SAAS,YAEnB;IAED,YACmB,OAAO,EAAE,QAAQ,EAClC,OAAO,CAAC,EAAE,sBAAsB,EAGjC;IAED,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,QAYvB;IAEK,UAAU,kBAGf;IAIK,OAAO,kBAOZ;CACF"}
@@ -1,29 +1,48 @@
1
1
  import PQueue from 'p-queue';
2
2
  import { dbLogger } from './logger.js';
3
- // A simple queue for in-process, out-of-band/backgrounded work
3
+ // @NOTE Keep this in sync with the BackgroundQueue in
4
+ // - packages/bsky/src/data-plane/server/background.ts
5
+ // - packages/ozone/src/background.ts
6
+ // - packages/pds/src/background.ts
4
7
  export class BackgroundQueue {
5
- constructor() {
6
- this.queue = new PQueue({ concurrency: 5 });
7
- this.destroyed = false;
8
+ get signal() {
9
+ return this.abortController.signal;
10
+ }
11
+ get destroyed() {
12
+ return this.signal.aborted;
13
+ }
14
+ constructor(context, options) {
15
+ this.context = context;
16
+ this.abortController = new AbortController();
17
+ this.queue = new PQueue(options);
8
18
  }
9
19
  add(task) {
10
- if (this.destroyed) {
20
+ if (this.destroyed)
11
21
  return;
12
- }
13
- this.queue
14
- .add(() => task())
15
- .catch((err) => {
16
- dbLogger.error({ err }, 'background queue task failed');
22
+ this.queue.add(async () => {
23
+ try {
24
+ // The task will receive a signal allowing it to abort if the
25
+ // backgroundQueue is destroyed.
26
+ await task(this.context, this.signal);
27
+ }
28
+ catch (err) {
29
+ dbLogger.error({ err }, 'background queue task failed');
30
+ }
17
31
  });
18
32
  }
19
33
  async processAll() {
20
- await this.queue.onIdle();
34
+ const { queue } = this;
35
+ while (queue.size || queue.pending)
36
+ await queue.onIdle();
21
37
  }
22
38
  // On destroy we stop accepting new tasks, but complete all pending/in-progress tasks.
23
39
  // The application calls this only once http connections have drained (tasks no longer being added).
24
40
  async destroy() {
25
- this.destroyed = true;
26
- await this.queue.onIdle();
41
+ if (this.destroyed) {
42
+ dbLogger.warn('BackgroundQueue.destroy() called multiple times');
43
+ }
44
+ this.abortController.abort();
45
+ return this.processAll();
27
46
  }
28
47
  }
29
48
  //# sourceMappingURL=background.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"background.js","sourceRoot":"","sources":["../src/background.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,SAAS,CAAA;AAC5B,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAA;AAEtC,+DAA+D;AAE/D,MAAM,OAAO,eAAe;IAG1B;QAFA,UAAK,GAAgC,IAAI,MAAM,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAA;QACnE,cAAS,GAAG,KAAK,CAAA;IACF,CAAC;IAEhB,GAAG,CAAC,IAAU;QACZ,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,OAAM;QACR,CAAC;QACD,IAAI,CAAC,KAAK;aACP,GAAG,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC;aACjB,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACb,QAAQ,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,EAAE,8BAA8B,CAAC,CAAA;QACzD,CAAC,CAAC,CAAA;IACN,CAAC;IAED,KAAK,CAAC,UAAU;QACd,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAA;IAC3B,CAAC;IAED,sFAAsF;IACtF,oGAAoG;IACpG,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,SAAS,GAAG,IAAI,CAAA;QACrB,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAA;IAC3B,CAAC;CACF","sourcesContent":["import PQueue from 'p-queue'\nimport { dbLogger } from './logger.js'\n\n// A simple queue for in-process, out-of-band/backgrounded work\n\nexport class BackgroundQueue {\n queue: InstanceType<typeof PQueue> = new PQueue({ concurrency: 5 })\n destroyed = false\n constructor() {}\n\n add(task: Task) {\n if (this.destroyed) {\n return\n }\n this.queue\n .add(() => task())\n .catch((err) => {\n dbLogger.error({ err }, 'background queue task failed')\n })\n }\n\n async processAll() {\n await this.queue.onIdle()\n }\n\n // On destroy we stop accepting new tasks, but complete all pending/in-progress tasks.\n // The application calls this only once http connections have drained (tasks no longer being added).\n async destroy() {\n this.destroyed = true\n await this.queue.onIdle()\n }\n}\n\ntype Task = () => Promise<void>\n"]}
1
+ {"version":3,"file":"background.js","sourceRoot":"","sources":["../src/background.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,SAAS,CAAA;AAC5B,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAA;AAWtC,sDAAsD;AACtD,sDAAsD;AACtD,qCAAqC;AACrC,mCAAmC;AACnC,MAAM,OAAO,eAAe;IAI1B,IAAW,MAAM;QACf,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,CAAA;IACpC,CAAC;IAED,IAAW,SAAS;QAClB,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAA;IAC5B,CAAC;IAED,YACmB,OAAiB,EAClC,OAAgC;QADf,YAAO,GAAP,OAAO,CAAU;QAZ5B,oBAAe,GAAG,IAAI,eAAe,EAAE,CAAA;QAe7C,IAAI,CAAC,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,CAAA;IAClC,CAAC;IAED,GAAG,CAAC,IAAoB;QACtB,IAAI,IAAI,CAAC,SAAS;YAAE,OAAM;QAE1B,IAAI,CAAC,KAAK,CAAC,GAAG,CAAO,KAAK,IAAI,EAAE;YAC9B,IAAI,CAAC;gBACH,6DAA6D;gBAC7D,gCAAgC;gBAChC,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,CAAA;YACvC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,QAAQ,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,EAAE,8BAA8B,CAAC,CAAA;YACzD,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,UAAU;QACd,MAAM,EAAE,KAAK,EAAE,GAAG,IAAI,CAAA;QACtB,OAAO,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,OAAO;YAAE,MAAM,KAAK,CAAC,MAAM,EAAE,CAAA;IAC1D,CAAC;IAED,sFAAsF;IACtF,oGAAoG;IACpG,KAAK,CAAC,OAAO;QACX,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,QAAQ,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAA;QAClE,CAAC;QAED,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAA;QAC5B,OAAO,IAAI,CAAC,UAAU,EAAE,CAAA;IAC1B,CAAC;CACF","sourcesContent":["import PQueue from 'p-queue'\nimport { dbLogger } from './logger.js'\n// A simple queue for in-process, out-of-band/backgrounded work\n\ntype Task<TContext> = (ctx: TContext, signal: AbortSignal) => Promise<void>\n\nexport type BackgroundQueueOptions = NonNullable<\n ConstructorParameters<typeof PQueue>[0]\n> & {\n concurrency: number\n}\n\n// @NOTE Keep this in sync with the BackgroundQueue in\n// - packages/bsky/src/data-plane/server/background.ts\n// - packages/ozone/src/background.ts\n// - packages/pds/src/background.ts\nexport class BackgroundQueue<TContext = unknown> {\n private abortController = new AbortController()\n private queue: PQueue\n\n public get signal(): AbortSignal {\n return this.abortController.signal\n }\n\n public get destroyed() {\n return this.signal.aborted\n }\n\n constructor(\n private readonly context: TContext,\n options?: BackgroundQueueOptions,\n ) {\n this.queue = new PQueue(options)\n }\n\n add(task: Task<TContext>) {\n if (this.destroyed) return\n\n this.queue.add<void>(async () => {\n try {\n // The task will receive a signal allowing it to abort if the\n // backgroundQueue is destroyed.\n await task(this.context, this.signal)\n } catch (err) {\n dbLogger.error({ err }, 'background queue task failed')\n }\n })\n }\n\n async processAll() {\n const { queue } = this\n while (queue.size || queue.pending) await queue.onIdle()\n }\n\n // On destroy we stop accepting new tasks, but complete all pending/in-progress tasks.\n // The application calls this only once http connections have drained (tasks no longer being added).\n async destroy() {\n if (this.destroyed) {\n dbLogger.warn('BackgroundQueue.destroy() called multiple times')\n }\n\n this.abortController.abort()\n return this.processAll()\n }\n}\n"]}
@@ -1,4 +1,5 @@
1
1
  import { BrandingInput as BrandingConfig, HcaptchaConfig } from '@atproto/oauth-provider';
2
+ import { DidString } from '@atproto/syntax';
2
3
  import { ServerEnvironment } from './env.js';
3
4
  export type { BrandingConfig };
4
5
  export declare const envToCfg: (env: ServerEnvironment) => ServerConfig;
@@ -29,7 +30,7 @@ export type ServiceConfig = {
29
30
  port: number;
30
31
  hostname: string;
31
32
  publicUrl: string;
32
- did: string;
33
+ did: DidString;
33
34
  version?: string;
34
35
  privacyPolicyUrl?: string;
35
36
  termsOfServiceUrl?: string;
@@ -1 +1 @@
1
- {"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/config/config.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,aAAa,IAAI,cAAc,EAC/B,cAAc,EACf,MAAM,yBAAyB,CAAA;AAEhC,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAA;AAE5C,YAAY,EAAE,cAAc,EAAE,CAAA;AAK9B,eAAO,MAAM,QAAQ,QAAS,iBAAiB,KAAG,YAqWjD,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,OAAO,EAAE,aAAa,CAAA;IACtB,EAAE,EAAE,cAAc,CAAA;IAClB,UAAU,EAAE,gBAAgB,CAAA;IAC5B,SAAS,EAAE,iBAAiB,GAAG,mBAAmB,CAAA;IAClD,QAAQ,EAAE,cAAc,CAAA;IACxB,QAAQ,EAAE,cAAc,GAAG,IAAI,CAAA;IAC/B,OAAO,EAAE,aAAa,CAAA;IACtB,KAAK,EAAE,WAAW,GAAG,IAAI,CAAA;IACzB,eAAe,EAAE,WAAW,GAAG,IAAI,CAAA;IACnC,YAAY,EAAE,kBAAkB,CAAA;IAChC,WAAW,EAAE,iBAAiB,GAAG,IAAI,CAAA;IACrC,UAAU,EAAE,gBAAgB,GAAG,IAAI,CAAA;IACnC,aAAa,EAAE,mBAAmB,GAAG,IAAI,CAAA;IACzC,KAAK,EAAE,kBAAkB,GAAG,IAAI,CAAA;IAChC,UAAU,EAAE,gBAAgB,CAAA;IAC5B,QAAQ,EAAE,MAAM,EAAE,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,QAAQ,EAAE,cAAc,CAAA;IACxB,KAAK,EAAE,WAAW,CAAA;IAClB,OAAO,EAAE,qBAAqB,CAAA;CAC/B,CAAA;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;IACjB,GAAG,EAAE,MAAM,CAAA;IACX,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,gBAAgB,EAAE,OAAO,CAAA;IACzB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,eAAe,EAAE,MAAM,CAAA;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,OAAO,EAAE,OAAO,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,YAAY,EAAE,MAAM,CAAA;IACpB,cAAc,EAAE,MAAM,CAAA;IACtB,aAAa,EAAE,MAAM,CAAA;IACrB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IACjB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,QAAQ,EAAE,IAAI,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,WAAW,CAAC,EAAE;QACZ,WAAW,EAAE,MAAM,CAAA;QACnB,eAAe,EAAE,MAAM,CAAA;KACxB,CAAA;CACF,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,MAAM,EAAE,MAAM,CAAA;IACd,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,WAAW,EAAE,MAAM,CAAA;IACnB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;IAC7B,oBAAoB,EAAE,MAAM,EAAE,CAAA;IAC9B,uBAAuB,CAAC,EAAE,MAAM,EAAE,CAAA;IAClC,uBAAuB,EAAE,OAAO,CAAA;CACjC,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,eAAe,EAAE,MAAM,CAAA;IACvB,cAAc,EAAE,MAAM,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,qBAAqB,EAAE,OAAO,CAAA;IAC9B,eAAe,EAAE,MAAM,CAAA;CACxB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,qBAAqB,EAAE,OAAO,CAAA;IAC9B,UAAU,EAAE,OAAO,CAAA;IACnB,cAAc,EAAE,MAAM,CAAA;IACtB,WAAW,EAAE,MAAM,CAAA;IACnB,eAAe,EAAE,MAAM,CAAA;IACvB,UAAU,EAAE,MAAM,CAAA;IAElB;;;;;;OAMG;IACH,gBAAgB,EAAE,OAAO,CAAA;CAC1B,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,CAAC,EAAE;QACT,QAAQ,CAAC,EAAE,cAAc,CAAA;QACzB,QAAQ,EAAE,cAAc,CAAA;QACxB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;KAC1B,CAAA;CACF,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,YAAY,CAAC,EAAE,OAAO,MAAM,IAAI,MAAM,EAAE,CAAA;CACzC,CAAA;AAED,MAAM,MAAM,aAAa,GACrB;IACE,QAAQ,EAAE,IAAI,CAAA;IACd,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,KAAK,EAAE,MAAM,CAAA;CACd,GACD;IACE,QAAQ,EAAE,KAAK,CAAA;CAChB,CAAA;AAEL,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,EAAE,MAAM,CAAA;IACf,WAAW,EAAE,MAAM,CAAA;IACnB,uBAAuB,EAAE,OAAO,CAAA;CACjC,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,SAAS,EAAE,MAAM,CAAA;IACjB,mBAAmB,EAAE,MAAM,CAAA;CAC5B,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,gBAAgB,GACxB;IACE,OAAO,EAAE,IAAI,CAAA;IACb,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;CACrB,GACD;IAAE,OAAO,EAAE,KAAK,CAAA;CAAE,CAAA;AAEtB,MAAM,MAAM,iBAAiB,GAAG;IAC9B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA"}
1
+ {"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/config/config.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,aAAa,IAAI,cAAc,EAC/B,cAAc,EACf,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,SAAS,EAA8B,MAAM,iBAAiB,CAAA;AACvE,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAA;AAE5C,YAAY,EAAE,cAAc,EAAE,CAAA;AAK9B,eAAO,MAAM,QAAQ,QAAS,iBAAiB,KAAG,YA0WjD,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,OAAO,EAAE,aAAa,CAAA;IACtB,EAAE,EAAE,cAAc,CAAA;IAClB,UAAU,EAAE,gBAAgB,CAAA;IAC5B,SAAS,EAAE,iBAAiB,GAAG,mBAAmB,CAAA;IAClD,QAAQ,EAAE,cAAc,CAAA;IACxB,QAAQ,EAAE,cAAc,GAAG,IAAI,CAAA;IAC/B,OAAO,EAAE,aAAa,CAAA;IACtB,KAAK,EAAE,WAAW,GAAG,IAAI,CAAA;IACzB,eAAe,EAAE,WAAW,GAAG,IAAI,CAAA;IACnC,YAAY,EAAE,kBAAkB,CAAA;IAChC,WAAW,EAAE,iBAAiB,GAAG,IAAI,CAAA;IACrC,UAAU,EAAE,gBAAgB,GAAG,IAAI,CAAA;IACnC,aAAa,EAAE,mBAAmB,GAAG,IAAI,CAAA;IACzC,KAAK,EAAE,kBAAkB,GAAG,IAAI,CAAA;IAChC,UAAU,EAAE,gBAAgB,CAAA;IAC5B,QAAQ,EAAE,MAAM,EAAE,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,QAAQ,EAAE,cAAc,CAAA;IACxB,KAAK,EAAE,WAAW,CAAA;IAClB,OAAO,EAAE,qBAAqB,CAAA;CAC/B,CAAA;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;IACjB,GAAG,EAAE,SAAS,CAAA;IACd,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,gBAAgB,EAAE,OAAO,CAAA;IACzB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,eAAe,EAAE,MAAM,CAAA;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,OAAO,EAAE,OAAO,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,YAAY,EAAE,MAAM,CAAA;IACpB,cAAc,EAAE,MAAM,CAAA;IACtB,aAAa,EAAE,MAAM,CAAA;IACrB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IACjB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,QAAQ,EAAE,IAAI,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,WAAW,CAAC,EAAE;QACZ,WAAW,EAAE,MAAM,CAAA;QACnB,eAAe,EAAE,MAAM,CAAA;KACxB,CAAA;CACF,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,MAAM,EAAE,MAAM,CAAA;IACd,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,WAAW,EAAE,MAAM,CAAA;IACnB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;IAC7B,oBAAoB,EAAE,MAAM,EAAE,CAAA;IAC9B,uBAAuB,CAAC,EAAE,MAAM,EAAE,CAAA;IAClC,uBAAuB,EAAE,OAAO,CAAA;CACjC,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,eAAe,EAAE,MAAM,CAAA;IACvB,cAAc,EAAE,MAAM,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,qBAAqB,EAAE,OAAO,CAAA;IAC9B,eAAe,EAAE,MAAM,CAAA;CACxB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,qBAAqB,EAAE,OAAO,CAAA;IAC9B,UAAU,EAAE,OAAO,CAAA;IACnB,cAAc,EAAE,MAAM,CAAA;IACtB,WAAW,EAAE,MAAM,CAAA;IACnB,eAAe,EAAE,MAAM,CAAA;IACvB,UAAU,EAAE,MAAM,CAAA;IAElB;;;;;;OAMG;IACH,gBAAgB,EAAE,OAAO,CAAA;CAC1B,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,CAAC,EAAE;QACT,QAAQ,CAAC,EAAE,cAAc,CAAA;QACzB,QAAQ,EAAE,cAAc,CAAA;QACxB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;KAC1B,CAAA;CACF,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,YAAY,CAAC,EAAE,OAAO,MAAM,IAAI,MAAM,EAAE,CAAA;CACzC,CAAA;AAED,MAAM,MAAM,aAAa,GACrB;IACE,QAAQ,EAAE,IAAI,CAAA;IACd,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,KAAK,EAAE,MAAM,CAAA;CACd,GACD;IACE,QAAQ,EAAE,KAAK,CAAA;CAChB,CAAA;AAEL,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,EAAE,MAAM,CAAA;IACf,WAAW,EAAE,MAAM,CAAA;IACnB,uBAAuB,EAAE,OAAO,CAAA;CACjC,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,SAAS,EAAE,MAAM,CAAA;IACjB,mBAAmB,EAAE,MAAM,CAAA;CAC5B,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,gBAAgB,GACxB;IACE,OAAO,EAAE,IAAI,CAAA;IACb,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;CACrB,GACD;IAAE,OAAO,EAAE,KAAK,CAAA;CAAE,CAAA;AAEtB,MAAM,MAAM,iBAAiB,GAAG;IAC9B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA"}
@@ -1,7 +1,7 @@
1
1
  import assert from 'node:assert';
2
2
  import path from 'node:path';
3
3
  import { DAY, HOUR, SECOND } from '@atproto/common';
4
- import { ensureValidDid } from '@atproto/syntax';
4
+ import { ensureValidDid, isValidDid } from '@atproto/syntax';
5
5
  // off-config but still from env:
6
6
  // logging: LOG_LEVEL, LOG_SYSTEMS, LOG_ENABLED, LOG_DESTINATION
7
7
  export const envToCfg = (env) => {
@@ -11,6 +11,9 @@ export const envToCfg = (env) => {
11
11
  ? `http://localhost:${port}`
12
12
  : `https://${hostname}`;
13
13
  const did = env.serviceDid ?? `did:web:${hostname}`;
14
+ if (!isValidDid(did)) {
15
+ throw new Error(`Invalid service DID: ${did}`);
16
+ }
14
17
  const serviceCfg = {
15
18
  port,
16
19
  hostname,