@commonpub/server 2.48.0 → 2.49.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/federation/oauth.d.ts +53 -1
- package/dist/federation/oauth.d.ts.map +1 -1
- package/dist/federation/oauth.js +84 -2
- package/dist/federation/oauth.js.map +1 -1
- package/dist/identity/__tests__/health.test.d.ts +2 -0
- package/dist/identity/__tests__/health.test.d.ts.map +1 -0
- package/dist/identity/__tests__/health.test.js +113 -0
- package/dist/identity/__tests__/health.test.js.map +1 -0
- package/dist/identity/__tests__/router.test.d.ts +2 -0
- package/dist/identity/__tests__/router.test.d.ts.map +1 -0
- package/dist/identity/__tests__/router.test.js +163 -0
- package/dist/identity/__tests__/router.test.js.map +1 -0
- package/dist/identity/fediClient.d.ts +82 -0
- package/dist/identity/fediClient.d.ts.map +1 -0
- package/dist/identity/fediClient.js +40 -0
- package/dist/identity/fediClient.js.map +1 -0
- package/dist/identity/health.d.ts +42 -0
- package/dist/identity/health.d.ts.map +1 -0
- package/dist/identity/health.js +43 -0
- package/dist/identity/health.js.map +1 -0
- package/dist/identity/index.d.ts +17 -0
- package/dist/identity/index.d.ts.map +1 -0
- package/dist/identity/index.js +14 -0
- package/dist/identity/index.js.map +1 -0
- package/dist/identity/router.d.ts +79 -0
- package/dist/identity/router.d.ts.map +1 -0
- package/dist/identity/router.js +72 -0
- package/dist/identity/router.js.map +1 -0
- package/dist/index.d.ts +4 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/package.json +7 -7
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { type OAuthAuthorizeRequest, type OAuthTokenRequest, type OAuthDynamicRegistrationRequest } from '@commonpub/protocol';
|
|
2
|
+
import type { Scope, SoftwareKind } from '@commonpub/auth';
|
|
2
3
|
import type { DB } from '../types.js';
|
|
3
4
|
export interface AuthorizeResult {
|
|
4
5
|
/** Authorization code to return to the client */
|
|
@@ -47,14 +48,65 @@ export interface RegisteredClient {
|
|
|
47
48
|
* In v1, this is done manually by admins. Returns client credentials for storage.
|
|
48
49
|
*/
|
|
49
50
|
export declare function registerOAuthClient(db: DB, instanceDomain: string, redirectUris: string[]): Promise<RegisteredClient>;
|
|
51
|
+
/**
|
|
52
|
+
* Optional grant attached to a `linkFederatedAccount` call. When present,
|
|
53
|
+
* the access token is encrypted at rest via `@commonpub/infra/tokenCrypto`
|
|
54
|
+
* and stored in `federated_accounts.access_token_ciphertext` + `access_token_iv`.
|
|
55
|
+
*
|
|
56
|
+
* Phase 1a clients (the v1 SSO callback) call `linkFederatedAccount`
|
|
57
|
+
* WITHOUT a grant — those rows store profile info only and remain
|
|
58
|
+
* display-only "linked profile" records. Phase 1b's flow attaches a
|
|
59
|
+
* grant with the bearer it just exchanged, enabling delegated actions
|
|
60
|
+
* via FediClient.
|
|
61
|
+
*/
|
|
62
|
+
export interface FederatedAccountGrant {
|
|
63
|
+
/** OAuth bearer access token, plain text. Encrypted before storage. */
|
|
64
|
+
accessToken: string;
|
|
65
|
+
/** Granted scopes. Filtered through `coerceScopes` to drop unknowns. */
|
|
66
|
+
scopes: ReadonlyArray<Scope | string>;
|
|
67
|
+
/** Detected remote AP server software. Validated via `isSoftwareKind`. */
|
|
68
|
+
softwareKind: SoftwareKind | string;
|
|
69
|
+
}
|
|
50
70
|
/**
|
|
51
71
|
* Link a federated account to a local user after successful OAuth callback.
|
|
72
|
+
*
|
|
73
|
+
* Backward-compatible: if `grant` is omitted, the row is created/updated
|
|
74
|
+
* with profile fields only — same as the v1 SSO behaviour. Existing
|
|
75
|
+
* callers (callback.get.ts, link.post.ts) keep working unchanged.
|
|
76
|
+
*
|
|
77
|
+
* When `grant` IS passed:
|
|
78
|
+
* - access token is encrypted (ChaCha20-Poly1305) before insert/update
|
|
79
|
+
* - scopes filtered to known values, default `[]`
|
|
80
|
+
* - softwareKind validated, falls back to `'unknown'` on bad input
|
|
81
|
+
* - `last_verified_at` set to now (we just got a fresh token)
|
|
82
|
+
* - `revoked_at` cleared to null (re-linking after a revocation lifts the soft-revoke)
|
|
83
|
+
*
|
|
84
|
+
* Identity-hijacking guard: if the actor URI is already linked to a
|
|
85
|
+
* DIFFERENT local user, this throws `Error('already linked to another
|
|
86
|
+
* account')` — same as before.
|
|
52
87
|
*/
|
|
53
88
|
export declare function linkFederatedAccount(db: DB, userId: string, actorUri: string, instanceDomain: string, profile?: {
|
|
54
89
|
preferredUsername?: string;
|
|
55
90
|
displayName?: string;
|
|
56
91
|
avatarUrl?: string;
|
|
57
|
-
}): Promise<void>;
|
|
92
|
+
}, grant?: FederatedAccountGrant): Promise<void>;
|
|
93
|
+
/**
|
|
94
|
+
* Read and decrypt the access token for a federated_accounts row. Returns
|
|
95
|
+
* null if there is no token stored, the row is revoked, or the row id
|
|
96
|
+
* does not exist. Never throws on missing rows / missing tokens — only
|
|
97
|
+
* on actual decryption failures (key change, tampered ciphertext).
|
|
98
|
+
*
|
|
99
|
+
* Used by Phase 1b's FediClient factory to construct authenticated
|
|
100
|
+
* Mastodon-API clients on demand.
|
|
101
|
+
*/
|
|
102
|
+
export declare function getDecryptedAccessToken(db: DB, federatedAccountId: string): Promise<string | null>;
|
|
103
|
+
/**
|
|
104
|
+
* Soft-revoke a federated account's grant. Marks `revoked_at = now()`;
|
|
105
|
+
* keeps the row for audit but blocks `getDecryptedAccessToken` from
|
|
106
|
+
* returning the token. Used by Phase 1b's 401-detection wrapper and by
|
|
107
|
+
* the user-facing "Unlink" action.
|
|
108
|
+
*/
|
|
109
|
+
export declare function revokeFederatedAccountGrant(db: DB, federatedAccountId: string): Promise<void>;
|
|
58
110
|
/**
|
|
59
111
|
* Find a local user linked to a federated account by actor URI.
|
|
60
112
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../../src/federation/oauth.ts"],"names":[],"mappings":"AAcA,OAAO,EAIL,KAAK,qBAAqB,EAC1B,KAAK,iBAAiB,EACtB,KAAK,+BAA+B,EACrC,MAAM,qBAAqB,CAAC;AAC7B,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AAYtC,MAAM,WAAW,eAAe;IAC9B,iDAAiD;IACjD,IAAI,EAAE,MAAM,CAAC;IACb,4CAA4C;IAC5C,WAAW,EAAE,MAAM,CAAC;IACpB,sCAAsC;IACtC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,WAAW;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,QAAQ,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,2CAA2C;IAC3C,IAAI,EAAE;QACJ,EAAE,EAAE,MAAM,CAAC;QACX,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;QAC3B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;QACzB,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC;CACH;AAED;;;;GAIG;AACH,wBAAsB,gBAAgB,CACpC,EAAE,EAAE,EAAE,EACN,MAAM,EAAE,qBAAqB,EAC7B,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,eAAe,GAAG;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,gBAAgB,EAAE,MAAM,CAAA;CAAE,CAAC,CA8BxE;AAED;;;GAGG;AACH,wBAAsB,oBAAoB,CACxC,EAAE,EAAE,EAAE,EACN,MAAM,EAAE,iBAAiB,EACzB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,WAAW,GAAG;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,gBAAgB,EAAE,MAAM,CAAA;CAAE,CAAC,CAsDpE;AAID,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;;GAGG;AACH,wBAAsB,mBAAmB,CACvC,EAAE,EAAE,EAAE,EACN,cAAc,EAAE,MAAM,EACtB,YAAY,EAAE,MAAM,EAAE,GACrB,OAAO,CAAC,gBAAgB,CAAC,CAY3B;AAED
|
|
1
|
+
{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../../src/federation/oauth.ts"],"names":[],"mappings":"AAcA,OAAO,EAIL,KAAK,qBAAqB,EAC1B,KAAK,iBAAiB,EACtB,KAAK,+BAA+B,EACrC,MAAM,qBAAqB,CAAC;AAC7B,OAAO,KAAK,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAG3D,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AAYtC,MAAM,WAAW,eAAe;IAC9B,iDAAiD;IACjD,IAAI,EAAE,MAAM,CAAC;IACb,4CAA4C;IAC5C,WAAW,EAAE,MAAM,CAAC;IACpB,sCAAsC;IACtC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,WAAW;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,QAAQ,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,2CAA2C;IAC3C,IAAI,EAAE;QACJ,EAAE,EAAE,MAAM,CAAC;QACX,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;QAC3B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;QACzB,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC;CACH;AAED;;;;GAIG;AACH,wBAAsB,gBAAgB,CACpC,EAAE,EAAE,EAAE,EACN,MAAM,EAAE,qBAAqB,EAC7B,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,eAAe,GAAG;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,gBAAgB,EAAE,MAAM,CAAA;CAAE,CAAC,CA8BxE;AAED;;;GAGG;AACH,wBAAsB,oBAAoB,CACxC,EAAE,EAAE,EAAE,EACN,MAAM,EAAE,iBAAiB,EACzB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,WAAW,GAAG;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,gBAAgB,EAAE,MAAM,CAAA;CAAE,CAAC,CAsDpE;AAID,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;;GAGG;AACH,wBAAsB,mBAAmB,CACvC,EAAE,EAAE,EAAE,EACN,cAAc,EAAE,MAAM,EACtB,YAAY,EAAE,MAAM,EAAE,GACrB,OAAO,CAAC,gBAAgB,CAAC,CAY3B;AAED;;;;;;;;;;GAUG;AACH,MAAM,WAAW,qBAAqB;IACpC,uEAAuE;IACvE,WAAW,EAAE,MAAM,CAAC;IACpB,wEAAwE;IACxE,MAAM,EAAE,aAAa,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC;IACtC,0EAA0E;IAC1E,YAAY,EAAE,YAAY,GAAG,MAAM,CAAC;CACrC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,oBAAoB,CACxC,EAAE,EAAE,EAAE,EACN,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,EAChB,cAAc,EAAE,MAAM,EACtB,OAAO,CAAC,EAAE;IAAE,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,EAClF,KAAK,CAAC,EAAE,qBAAqB,GAC5B,OAAO,CAAC,IAAI,CAAC,CA0Cf;AA8BD;;;;;;;;GAQG;AACH,wBAAsB,uBAAuB,CAC3C,EAAE,EAAE,EAAE,EACN,kBAAkB,EAAE,MAAM,GACzB,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAexB;AAED;;;;;GAKG;AACH,wBAAsB,2BAA2B,CAC/C,EAAE,EAAE,EAAE,EACN,kBAAkB,EAAE,MAAM,GACzB,OAAO,CAAC,IAAI,CAAC,CAKf;AAED;;GAEG;AACH,wBAAsB,0BAA0B,CAC9C,EAAE,EAAE,EAAE,EACN,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAAC,CAYtD;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CACpC,EAAE,EAAE,EAAE,GACL,OAAO,CAAC,KAAK,CAAC;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAC;IAAC,cAAc,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,IAAI,CAAA;CAAE,CAAC,CAAC,CAS3F;AAID;;;GAGG;AACH,wBAAsB,0BAA0B,CAC9C,EAAE,EAAE,EAAE,EACN,OAAO,EAAE,+BAA+B,GACvC,OAAO,CAAC;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,GAAG;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,gBAAgB,EAAE,MAAM,CAAA;CAAE,CAAC,CAkBnG;AAMD;;;GAGG;AACH,wBAAsB,yBAAyB,CAAC,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAUzE;AAED,4DAA4D;AAC5D,wBAAsB,kBAAkB,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAgB9E;AAED,iEAAiE;AACjE,wBAAsB,qBAAqB,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAOjF;AAED;;GAEG;AACH,wBAAsB,eAAe,CACnC,EAAE,EAAE,EAAE,EACN,MAAM,EAAE;IAAE,QAAQ,EAAE;QAAE,UAAU,CAAC,EAAE,OAAO,CAAA;KAAE,CAAC;IAAC,IAAI,EAAE;QAAE,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAA;CAAE,EACrF,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,OAAO,CAAC,CASlB;AAOD,MAAM,WAAW,eAAe;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,wBAAsB,eAAe,CACnC,EAAE,EAAE,EAAE,EACN,KAAK,EAAE,IAAI,CAAC,eAAe,EAAE,WAAW,CAAC,GACxC,OAAO,CAAC,MAAM,CAAC,CAajB;AAED;;GAEG;AACH,wBAAsB,iBAAiB,CACrC,EAAE,EAAE,EAAE,EACN,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC,CAiBjC;AAED;;GAEG;AACH,wBAAsB,oBAAoB,CACxC,KAAK,EAAE,eAAe,EACtB,IAAI,EAAE,MAAM,GACX,OAAO,CAAC;IACT,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;QAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;CAChH,GAAG,IAAI,CAAC,CAoCR;AAID,MAAM,WAAW,sBAAsB;IACrC,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,IAAI,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;;;GAIG;AACH,wBAAsB,sBAAsB,CAC1C,EAAE,EAAE,EAAE,EACN,MAAM,EAAE,MAAM,EACd,SAAS,CAAC,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,sBAAsB,CAAC,CAajC;AAOD,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;;GAIG;AACH,wBAAsB,gBAAgB,CACpC,EAAE,EAAE,EAAE,EACN,IAAI,EAAE,IAAI,CAAC,eAAe,EAAE,WAAW,CAAC,GACvC,OAAO,CAAC,MAAM,CAAC,CAUjB;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,EAAE,EAAE,EAAE,EACN,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC,CAejC"}
|
package/dist/federation/oauth.js
CHANGED
|
@@ -6,6 +6,8 @@
|
|
|
6
6
|
import { eq } from 'drizzle-orm';
|
|
7
7
|
import { oauthClients, users, sessions, federatedAccounts, instanceSettings, } from '@commonpub/schema';
|
|
8
8
|
import { validateAuthorizeRequest, validateTokenRequest, validateDynamicRegistration, } from '@commonpub/protocol';
|
|
9
|
+
import { isSoftwareKind, coerceScopes } from '@commonpub/auth';
|
|
10
|
+
import { encryptToken, decryptToken } from '@commonpub/infra';
|
|
9
11
|
import { storeAuthCode, consumeAuthCode } from '../oauthCodes.js';
|
|
10
12
|
/** Generate a cryptographically secure random token (hex-encoded, 256 bits) */
|
|
11
13
|
function generateSecureToken() {
|
|
@@ -116,8 +118,27 @@ export async function registerOAuthClient(db, instanceDomain, redirectUris) {
|
|
|
116
118
|
}
|
|
117
119
|
/**
|
|
118
120
|
* Link a federated account to a local user after successful OAuth callback.
|
|
121
|
+
*
|
|
122
|
+
* Backward-compatible: if `grant` is omitted, the row is created/updated
|
|
123
|
+
* with profile fields only — same as the v1 SSO behaviour. Existing
|
|
124
|
+
* callers (callback.get.ts, link.post.ts) keep working unchanged.
|
|
125
|
+
*
|
|
126
|
+
* When `grant` IS passed:
|
|
127
|
+
* - access token is encrypted (ChaCha20-Poly1305) before insert/update
|
|
128
|
+
* - scopes filtered to known values, default `[]`
|
|
129
|
+
* - softwareKind validated, falls back to `'unknown'` on bad input
|
|
130
|
+
* - `last_verified_at` set to now (we just got a fresh token)
|
|
131
|
+
* - `revoked_at` cleared to null (re-linking after a revocation lifts the soft-revoke)
|
|
132
|
+
*
|
|
133
|
+
* Identity-hijacking guard: if the actor URI is already linked to a
|
|
134
|
+
* DIFFERENT local user, this throws `Error('already linked to another
|
|
135
|
+
* account')` — same as before.
|
|
119
136
|
*/
|
|
120
|
-
export async function linkFederatedAccount(db, userId, actorUri, instanceDomain, profile) {
|
|
137
|
+
export async function linkFederatedAccount(db, userId, actorUri, instanceDomain, profile, grant) {
|
|
138
|
+
// If a grant was provided, prepare the encrypted token + validated
|
|
139
|
+
// scopes/softwareKind once. We do this outside the existence check so
|
|
140
|
+
// an encryption failure (missing key, etc.) fails fast before any DB I/O.
|
|
141
|
+
const grantFields = grant ? buildGrantFields(grant) : null;
|
|
121
142
|
// Check if already linked
|
|
122
143
|
const existing = await db
|
|
123
144
|
.select()
|
|
@@ -129,7 +150,7 @@ export async function linkFederatedAccount(db, userId, actorUri, instanceDomain,
|
|
|
129
150
|
if (existing[0].userId !== userId) {
|
|
130
151
|
throw new Error('This federated identity is already linked to another account');
|
|
131
152
|
}
|
|
132
|
-
// Update profile info for the same user
|
|
153
|
+
// Update profile info for the same user, plus grant if provided
|
|
133
154
|
await db
|
|
134
155
|
.update(federatedAccounts)
|
|
135
156
|
.set({
|
|
@@ -137,6 +158,7 @@ export async function linkFederatedAccount(db, userId, actorUri, instanceDomain,
|
|
|
137
158
|
...(profile?.preferredUsername && { preferredUsername: profile.preferredUsername }),
|
|
138
159
|
...(profile?.displayName && { displayName: profile.displayName }),
|
|
139
160
|
...(profile?.avatarUrl && { avatarUrl: profile.avatarUrl }),
|
|
161
|
+
...(grantFields ?? {}),
|
|
140
162
|
})
|
|
141
163
|
.where(eq(federatedAccounts.actorUri, actorUri));
|
|
142
164
|
}
|
|
@@ -149,9 +171,69 @@ export async function linkFederatedAccount(db, userId, actorUri, instanceDomain,
|
|
|
149
171
|
displayName: profile?.displayName,
|
|
150
172
|
avatarUrl: profile?.avatarUrl,
|
|
151
173
|
lastSyncedAt: new Date(),
|
|
174
|
+
...(grantFields ?? {}),
|
|
152
175
|
});
|
|
153
176
|
}
|
|
154
177
|
}
|
|
178
|
+
/**
|
|
179
|
+
* Validate + encrypt the grant. Centralised so INSERT and UPDATE share
|
|
180
|
+
* exactly the same rules. Returns the columns to spread into the
|
|
181
|
+
* Drizzle .set() / .values() call.
|
|
182
|
+
*/
|
|
183
|
+
function buildGrantFields(grant) {
|
|
184
|
+
const enc = encryptToken(grant.accessToken);
|
|
185
|
+
const safeScopes = coerceScopes(grant.scopes);
|
|
186
|
+
const safeKind = isSoftwareKind(grant.softwareKind) ? grant.softwareKind : 'unknown';
|
|
187
|
+
return {
|
|
188
|
+
accessTokenCiphertext: enc.ciphertext,
|
|
189
|
+
accessTokenIv: enc.iv,
|
|
190
|
+
scopes: [...safeScopes],
|
|
191
|
+
softwareKind: safeKind,
|
|
192
|
+
lastVerifiedAt: new Date(),
|
|
193
|
+
// Re-linking lifts a soft-revocation: any prior revoked_at is cleared
|
|
194
|
+
// because we just successfully re-authenticated.
|
|
195
|
+
revokedAt: null,
|
|
196
|
+
};
|
|
197
|
+
}
|
|
198
|
+
/**
|
|
199
|
+
* Read and decrypt the access token for a federated_accounts row. Returns
|
|
200
|
+
* null if there is no token stored, the row is revoked, or the row id
|
|
201
|
+
* does not exist. Never throws on missing rows / missing tokens — only
|
|
202
|
+
* on actual decryption failures (key change, tampered ciphertext).
|
|
203
|
+
*
|
|
204
|
+
* Used by Phase 1b's FediClient factory to construct authenticated
|
|
205
|
+
* Mastodon-API clients on demand.
|
|
206
|
+
*/
|
|
207
|
+
export async function getDecryptedAccessToken(db, federatedAccountId) {
|
|
208
|
+
const [row] = await db
|
|
209
|
+
.select({
|
|
210
|
+
ct: federatedAccounts.accessTokenCiphertext,
|
|
211
|
+
iv: federatedAccounts.accessTokenIv,
|
|
212
|
+
revokedAt: federatedAccounts.revokedAt,
|
|
213
|
+
})
|
|
214
|
+
.from(federatedAccounts)
|
|
215
|
+
.where(eq(federatedAccounts.id, federatedAccountId))
|
|
216
|
+
.limit(1);
|
|
217
|
+
if (!row)
|
|
218
|
+
return null;
|
|
219
|
+
if (row.revokedAt)
|
|
220
|
+
return null;
|
|
221
|
+
if (!row.ct || !row.iv)
|
|
222
|
+
return null;
|
|
223
|
+
return decryptToken({ ciphertext: row.ct, iv: row.iv });
|
|
224
|
+
}
|
|
225
|
+
/**
|
|
226
|
+
* Soft-revoke a federated account's grant. Marks `revoked_at = now()`;
|
|
227
|
+
* keeps the row for audit but blocks `getDecryptedAccessToken` from
|
|
228
|
+
* returning the token. Used by Phase 1b's 401-detection wrapper and by
|
|
229
|
+
* the user-facing "Unlink" action.
|
|
230
|
+
*/
|
|
231
|
+
export async function revokeFederatedAccountGrant(db, federatedAccountId) {
|
|
232
|
+
await db
|
|
233
|
+
.update(federatedAccounts)
|
|
234
|
+
.set({ revokedAt: new Date() })
|
|
235
|
+
.where(eq(federatedAccounts.id, federatedAccountId));
|
|
236
|
+
}
|
|
155
237
|
/**
|
|
156
238
|
* Find a local user linked to a federated account by actor URI.
|
|
157
239
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../src/federation/oauth.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,EAAE,EAAW,MAAM,aAAa,CAAC;AAC1C,OAAO,EACL,YAAY,EAEZ,KAAK,EACL,QAAQ,EACR,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,wBAAwB,EACxB,oBAAoB,EACpB,2BAA2B,GAI5B,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAElE,+EAA+E;AAC/E,SAAS,mBAAmB;IAC1B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC9B,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC5E,CAAC;AA2BD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,EAAM,EACN,MAA6B,EAC7B,MAAc,EACd,MAAc;IAEd,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,EAAE;SACtB,MAAM,EAAE;SACR,IAAI,CAAC,YAAY,CAAC;SAClB,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;SACjD,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,MAAM,WAAW,GAAG,MAAM;QACxB,CAAC,CAAC;YACE,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,YAAY,EAAE,MAAM,CAAC,YAAwB;YAC7C,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC;QACH,CAAC,CAAC,IAAI,CAAC;IAET,uBAAuB;IACvB,MAAM,eAAe,GAAG,wBAAwB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACtE,IAAI,eAAe;QAAE,OAAO,eAAe,CAAC;IAE5C,8EAA8E;IAC9E,MAAM,IAAI,GAAG,mBAAmB,EAAE,CAAC;IACnC,MAAM,aAAa,CAAC,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAE3E,OAAO;QACL,IAAI;QACJ,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,KAAK,EAAE,MAAM,CAAC,KAAK;KACpB,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,EAAM,EACN,MAAyB,EACzB,MAAc;IAEd,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,EAAE;SACtB,MAAM,EAAE;SACR,IAAI,CAAC,YAAY,CAAC;SAClB,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;SACjD,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,MAAM,WAAW,GAAG,MAAM;QACxB,CAAC,CAAC;YACE,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,YAAY,EAAE,MAAM,CAAC,YAAwB;YAC7C,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC;QACH,CAAC,CAAC,IAAI,CAAC;IAET,uBAAuB;IACvB,MAAM,eAAe,GAAG,oBAAoB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAClE,IAAI,eAAe;QAAE,OAAO,eAAe,CAAC;IAE5C,qCAAqC;IACrC,MAAM,UAAU,GAAG,MAAM,eAAe,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAC/F,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,EAAE,KAAK,EAAE,eAAe,EAAE,gBAAgB,EAAE,uCAAuC,EAAE,CAAC;IAC/F,CAAC;IAED,mBAAmB;IACnB,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,EAAE;SACpB,MAAM,EAAE;SACR,IAAI,CAAC,KAAK,CAAC;SACX,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC;SACtC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,CAAC;IACvE,CAAC;IAED,mDAAmD;IACnD,MAAM,WAAW,GAAG,mBAAmB,EAAE,CAAC;IAC1C,MAAM,QAAQ,GAAG,WAAW,MAAM,UAAU,IAAI,CAAC,QAAQ,EAAE,CAAC;IAE5D,OAAO;QACL,WAAW;QACX,SAAS,EAAE,QAAQ;QACnB,SAAS,EAAE,IAAI;QACf,IAAI,EAAE;YACJ,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,SAAS,EAAE,IAAI,CAAC,SAAS,IAAI,IAAI;YACjC,QAAQ;SACT;KACF,CAAC;AACJ,CAAC;AASD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,EAAM,EACN,cAAsB,EACtB,YAAsB;IAEtB,MAAM,QAAQ,GAAG,QAAQ,mBAAmB,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;IAC9D,MAAM,YAAY,GAAG,SAAS,mBAAmB,EAAE,EAAE,CAAC;IAEtD,MAAM,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,MAAM,CAAC;QACnC,QAAQ;QACR,YAAY;QACZ,YAAY;QACZ,cAAc;KACf,CAAC,CAAC;IAEH,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;AACpC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,EAAM,EACN,MAAc,EACd,QAAgB,EAChB,cAAsB,EACtB,OAAkF;IAElF,0BAA0B;IAC1B,MAAM,QAAQ,GAAG,MAAM,EAAE;SACtB,MAAM,EAAE;SACR,IAAI,CAAC,iBAAiB,CAAC;SACvB,KAAK,CAAC,EAAE,CAAC,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;SAC/C,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,qEAAqE;QACrE,IAAI,QAAQ,CAAC,CAAC,CAAE,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAClF,CAAC;QAED,wCAAwC;QACxC,MAAM,EAAE;aACL,MAAM,CAAC,iBAAiB,CAAC;aACzB,GAAG,CAAC;YACH,YAAY,EAAE,IAAI,IAAI,EAAE;YACxB,GAAG,CAAC,OAAO,EAAE,iBAAiB,IAAI,EAAE,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,EAAE,CAAC;YACnF,GAAG,CAAC,OAAO,EAAE,WAAW,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC;YACjE,GAAG,CAAC,OAAO,EAAE,SAAS,IAAI,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC;SAC5D,CAAC;aACD,KAAK,CAAC,EAAE,CAAC,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC;IACrD,CAAC;SAAM,CAAC;QACN,MAAM,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,MAAM,CAAC;YACxC,MAAM;YACN,QAAQ;YACR,cAAc;YACd,iBAAiB,EAAE,OAAO,EAAE,iBAAiB;YAC7C,WAAW,EAAE,OAAO,EAAE,WAAW;YACjC,SAAS,EAAE,OAAO,EAAE,SAAS;YAC7B,YAAY,EAAE,IAAI,IAAI,EAAE;SACzB,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,EAAM,EACN,QAAgB;IAEhB,MAAM,IAAI,GAAG,MAAM,EAAE;SAClB,MAAM,CAAC;QACN,MAAM,EAAE,iBAAiB,CAAC,MAAM;QAChC,QAAQ,EAAE,KAAK,CAAC,QAAQ;KACzB,CAAC;SACD,IAAI,CAAC,iBAAiB,CAAC;SACvB,SAAS,CAAC,KAAK,EAAE,EAAE,CAAC,iBAAiB,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;SACxD,KAAK,CAAC,EAAE,CAAC,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;SAC/C,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,EAAM;IAEN,OAAO,EAAE;SACN,MAAM,CAAC;QACN,EAAE,EAAE,YAAY,CAAC,EAAE;QACnB,QAAQ,EAAE,YAAY,CAAC,QAAQ;QAC/B,cAAc,EAAE,YAAY,CAAC,cAAc;QAC3C,SAAS,EAAE,YAAY,CAAC,SAAS;KAClC,CAAC;SACD,IAAI,CAAC,YAAY,CAAC,CAAC;AACxB,CAAC;AAED,sCAAsC;AAEtC;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,EAAM,EACN,OAAwC;IAExC,MAAM,eAAe,GAAG,2BAA2B,CAAC,OAAO,CAAC,CAAC;IAC7D,IAAI,eAAe;QAAE,OAAO,eAAe,CAAC;IAE5C,0DAA0D;IAC1D,MAAM,CAAC,QAAQ,CAAC,GAAG,MAAM,EAAE;SACxB,MAAM,EAAE;SACR,IAAI,CAAC,YAAY,CAAC;SAClB,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,cAAc,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;SAC9D,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC,QAAQ,EAAE,YAAY,EAAE,QAAQ,CAAC,YAAY,EAAE,CAAC;IAC9E,CAAC;IAED,sBAAsB;IACtB,MAAM,MAAM,GAAG,MAAM,mBAAmB,CAAC,EAAE,EAAE,OAAO,CAAC,cAAc,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;IAC3F,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,uDAAuD;AAEvD,MAAM,qBAAqB,GAAG,mBAAmB,CAAC;AAElD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAAC,EAAM;IACpD,MAAM,IAAI,GAAG,MAAM,EAAE;SAClB,MAAM,EAAE;SACR,IAAI,CAAC,gBAAgB,CAAC;SACtB,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,qBAAqB,CAAC,CAAC;SACtD,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IACjC,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAE,CAAC,KAAK,CAAC;IAC7B,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAiB,CAAC,CAAC,CAAC,EAAE,CAAC;AACvD,CAAC;AAED,4DAA4D;AAC5D,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,EAAM,EAAE,MAAc;IAC7D,MAAM,OAAO,GAAG,MAAM,yBAAyB,CAAC,EAAE,CAAC,CAAC;IACpD,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO;IACrC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAErB,MAAM,QAAQ,GAAG,MAAM,EAAE;SACtB,MAAM,EAAE;SACR,IAAI,CAAC,gBAAgB,CAAC;SACtB,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,qBAAqB,CAAC,CAAC;SACtD,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,qBAAqB,CAAC,CAAC,CAAC;IACnH,CAAC;SAAM,CAAC;QACN,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAC3F,CAAC;AACH,CAAC;AAED,iEAAiE;AACjE,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,EAAM,EAAE,MAAc;IAChE,MAAM,OAAO,GAAG,MAAM,yBAAyB,CAAC,EAAE,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC;IAEnD,IAAI,QAAQ,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM;QAAE,OAAO,CAAC,YAAY;IAE5D,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,qBAAqB,CAAC,CAAC,CAAC;AACpH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,EAAM,EACN,MAAqF,EACrF,MAAc;IAEd,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU;QAAE,OAAO,KAAK,CAAC;IAE9C,yBAAyB;IACzB,IAAI,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAEhE,uBAAuB;IACvB,MAAM,MAAM,GAAG,MAAM,yBAAyB,CAAC,EAAE,CAAC,CAAC;IACnD,OAAO,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;AACjC,CAAC;AAED,4DAA4D;AAE5D,MAAM,kBAAkB,GAAG,cAAc,CAAC;AAC1C,MAAM,kBAAkB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,aAAa;AAWxD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,EAAM,EACN,KAAyC;IAEzC,MAAM,UAAU,GAAG,mBAAmB,EAAE,CAAC;IACzC,MAAM,GAAG,GAAG,GAAG,kBAAkB,GAAG,UAAU,EAAE,CAAC;IAEjD,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,MAAM,CAAC;QACvC,GAAG;QACH,KAAK,EAAE;YACL,GAAG,KAAK;YACR,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,kBAAkB;SAC3C;KACF,CAAC,CAAC;IAEH,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,EAAM,EACN,UAAkB;IAElB,MAAM,GAAG,GAAG,GAAG,kBAAkB,GAAG,UAAU,EAAE,CAAC;IAEjD,gDAAgD;IAChD,MAAM,OAAO,GAAG,MAAM,EAAE;SACrB,MAAM,CAAC,gBAAgB,CAAC;SACxB,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;SACpC,SAAS,EAAE,CAAC;IAEf,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtC,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAE,CAAC,KAAwB,CAAC;IAEnD,eAAe;IACf,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC;IAE9C,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,KAAsB,EACtB,IAAY;IAKZ,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,KAAK,CAAC,aAAa,EAAE;YAChD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,UAAU,EAAE,oBAAoB;gBAChC,IAAI;gBACJ,SAAS,EAAE,KAAK,CAAC,QAAQ;gBACzB,aAAa,EAAE,KAAK,CAAC,YAAY;gBACjC,YAAY,EAAE,KAAK,CAAC,WAAW;aAChC,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE;YAAE,OAAO,IAAI,CAAC;QAE9B,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAG/B,CAAC;QAEF,IAAI,CAAC,IAAI,CAAC,YAAY,IAAI,CAAC,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAC;QAElD,OAAO;YACL,WAAW,EAAE,IAAI,CAAC,YAAY;YAC9B,IAAI,EAAE;gBACJ,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE;gBAChB,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ;gBAC5B,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,IAAI;gBAC1C,SAAS,EAAE,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI;gBACtC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,WAAW,KAAK,CAAC,cAAc,UAAU,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE;aAC9F;SACF,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAUD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,EAAM,EACN,MAAc,EACd,SAAkB,EAClB,SAAkB;IAElB,MAAM,YAAY,GAAG,mBAAmB,EAAE,CAAC;IAC3C,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,qCAAqC;IAEvG,MAAM,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC;QAC/B,MAAM;QACN,KAAK,EAAE,YAAY;QACnB,SAAS;QACT,SAAS,EAAE,SAAS,IAAI,IAAI;QAC5B,SAAS,EAAE,SAAS,IAAI,IAAI;KAC7B,CAAC,CAAC;IAEH,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC;AAC7C,CAAC;AAED,8BAA8B;AAE9B,MAAM,mBAAmB,GAAG,eAAe,CAAC;AAC5C,MAAM,mBAAmB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,aAAa;AAWzD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,EAAM,EACN,IAAwC;IAExC,MAAM,KAAK,GAAG,mBAAmB,EAAE,CAAC;IACpC,MAAM,GAAG,GAAG,GAAG,mBAAmB,GAAG,KAAK,EAAE,CAAC;IAE7C,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,MAAM,CAAC;QACvC,GAAG;QACH,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,mBAAmB,EAAE;KAChE,CAAC,CAAC;IAEH,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,EAAM,EACN,KAAa;IAEb,MAAM,GAAG,GAAG,GAAG,mBAAmB,GAAG,KAAK,EAAE,CAAC;IAE7C,2CAA2C;IAC3C,MAAM,OAAO,GAAG,MAAM,EAAE;SACrB,MAAM,CAAC,gBAAgB,CAAC;SACxB,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;SACpC,SAAS,EAAE,CAAC;IAEf,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtC,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAE,CAAC,KAAwB,CAAC;IAClD,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC;IAE7C,OAAO,IAAI,CAAC;AACd,CAAC"}
|
|
1
|
+
{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../src/federation/oauth.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,EAAE,EAAW,MAAM,aAAa,CAAC;AAC1C,OAAO,EACL,YAAY,EAEZ,KAAK,EACL,QAAQ,EACR,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,wBAAwB,EACxB,oBAAoB,EACpB,2BAA2B,GAI5B,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAE9D,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAElE,+EAA+E;AAC/E,SAAS,mBAAmB;IAC1B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC9B,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC5E,CAAC;AA2BD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,EAAM,EACN,MAA6B,EAC7B,MAAc,EACd,MAAc;IAEd,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,EAAE;SACtB,MAAM,EAAE;SACR,IAAI,CAAC,YAAY,CAAC;SAClB,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;SACjD,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,MAAM,WAAW,GAAG,MAAM;QACxB,CAAC,CAAC;YACE,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,YAAY,EAAE,MAAM,CAAC,YAAwB;YAC7C,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC;QACH,CAAC,CAAC,IAAI,CAAC;IAET,uBAAuB;IACvB,MAAM,eAAe,GAAG,wBAAwB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACtE,IAAI,eAAe;QAAE,OAAO,eAAe,CAAC;IAE5C,8EAA8E;IAC9E,MAAM,IAAI,GAAG,mBAAmB,EAAE,CAAC;IACnC,MAAM,aAAa,CAAC,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAE3E,OAAO;QACL,IAAI;QACJ,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,KAAK,EAAE,MAAM,CAAC,KAAK;KACpB,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,EAAM,EACN,MAAyB,EACzB,MAAc;IAEd,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,EAAE;SACtB,MAAM,EAAE;SACR,IAAI,CAAC,YAAY,CAAC;SAClB,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;SACjD,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,MAAM,WAAW,GAAG,MAAM;QACxB,CAAC,CAAC;YACE,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,YAAY,EAAE,MAAM,CAAC,YAAwB;YAC7C,cAAc,EAAE,MAAM,CAAC,cAAc;SACtC;QACH,CAAC,CAAC,IAAI,CAAC;IAET,uBAAuB;IACvB,MAAM,eAAe,GAAG,oBAAoB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAClE,IAAI,eAAe;QAAE,OAAO,eAAe,CAAC;IAE5C,qCAAqC;IACrC,MAAM,UAAU,GAAG,MAAM,eAAe,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAC/F,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,EAAE,KAAK,EAAE,eAAe,EAAE,gBAAgB,EAAE,uCAAuC,EAAE,CAAC;IAC/F,CAAC;IAED,mBAAmB;IACnB,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,EAAE;SACpB,MAAM,EAAE;SACR,IAAI,CAAC,KAAK,CAAC;SACX,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC;SACtC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,CAAC;IACvE,CAAC;IAED,mDAAmD;IACnD,MAAM,WAAW,GAAG,mBAAmB,EAAE,CAAC;IAC1C,MAAM,QAAQ,GAAG,WAAW,MAAM,UAAU,IAAI,CAAC,QAAQ,EAAE,CAAC;IAE5D,OAAO;QACL,WAAW;QACX,SAAS,EAAE,QAAQ;QACnB,SAAS,EAAE,IAAI;QACf,IAAI,EAAE;YACJ,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,SAAS,EAAE,IAAI,CAAC,SAAS,IAAI,IAAI;YACjC,QAAQ;SACT;KACF,CAAC;AACJ,CAAC;AASD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,EAAM,EACN,cAAsB,EACtB,YAAsB;IAEtB,MAAM,QAAQ,GAAG,QAAQ,mBAAmB,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;IAC9D,MAAM,YAAY,GAAG,SAAS,mBAAmB,EAAE,EAAE,CAAC;IAEtD,MAAM,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,MAAM,CAAC;QACnC,QAAQ;QACR,YAAY;QACZ,YAAY;QACZ,cAAc;KACf,CAAC,CAAC;IAEH,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;AACpC,CAAC;AAsBD;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,EAAM,EACN,MAAc,EACd,QAAgB,EAChB,cAAsB,EACtB,OAAkF,EAClF,KAA6B;IAE7B,mEAAmE;IACnE,sEAAsE;IACtE,0EAA0E;IAC1E,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAE3D,0BAA0B;IAC1B,MAAM,QAAQ,GAAG,MAAM,EAAE;SACtB,MAAM,EAAE;SACR,IAAI,CAAC,iBAAiB,CAAC;SACvB,KAAK,CAAC,EAAE,CAAC,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;SAC/C,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,qEAAqE;QACrE,IAAI,QAAQ,CAAC,CAAC,CAAE,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;QAClF,CAAC;QAED,gEAAgE;QAChE,MAAM,EAAE;aACL,MAAM,CAAC,iBAAiB,CAAC;aACzB,GAAG,CAAC;YACH,YAAY,EAAE,IAAI,IAAI,EAAE;YACxB,GAAG,CAAC,OAAO,EAAE,iBAAiB,IAAI,EAAE,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,EAAE,CAAC;YACnF,GAAG,CAAC,OAAO,EAAE,WAAW,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC;YACjE,GAAG,CAAC,OAAO,EAAE,SAAS,IAAI,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC;YAC3D,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;SACvB,CAAC;aACD,KAAK,CAAC,EAAE,CAAC,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC;IACrD,CAAC;SAAM,CAAC;QACN,MAAM,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,MAAM,CAAC;YACxC,MAAM;YACN,QAAQ;YACR,cAAc;YACd,iBAAiB,EAAE,OAAO,EAAE,iBAAiB;YAC7C,WAAW,EAAE,OAAO,EAAE,WAAW;YACjC,SAAS,EAAE,OAAO,EAAE,SAAS;YAC7B,YAAY,EAAE,IAAI,IAAI,EAAE;YACxB,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;SACvB,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,gBAAgB,CAAC,KAA4B;IAQpD,MAAM,GAAG,GAAG,YAAY,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAC5C,MAAM,UAAU,GAAG,YAAY,CAAC,KAAK,CAAC,MAA+B,CAAC,CAAC;IACvE,MAAM,QAAQ,GAAG,cAAc,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;IACrF,OAAO;QACL,qBAAqB,EAAE,GAAG,CAAC,UAAU;QACrC,aAAa,EAAE,GAAG,CAAC,EAAE;QACrB,MAAM,EAAE,CAAC,GAAG,UAAU,CAAC;QACvB,YAAY,EAAE,QAAQ;QACtB,cAAc,EAAE,IAAI,IAAI,EAAE;QAC1B,sEAAsE;QACtE,iDAAiD;QACjD,SAAS,EAAE,IAAI;KAChB,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,EAAM,EACN,kBAA0B;IAE1B,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE;SACnB,MAAM,CAAC;QACN,EAAE,EAAE,iBAAiB,CAAC,qBAAqB;QAC3C,EAAE,EAAE,iBAAiB,CAAC,aAAa;QACnC,SAAS,EAAE,iBAAiB,CAAC,SAAS;KACvC,CAAC;SACD,IAAI,CAAC,iBAAiB,CAAC;SACvB,KAAK,CAAC,EAAE,CAAC,iBAAiB,CAAC,EAAE,EAAE,kBAAkB,CAAC,CAAC;SACnD,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,IAAI,GAAG,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC;IAC/B,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,EAAE;QAAE,OAAO,IAAI,CAAC;IACpC,OAAO,YAAY,CAAC,EAAE,UAAU,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;AAC1D,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAC/C,EAAM,EACN,kBAA0B;IAE1B,MAAM,EAAE;SACL,MAAM,CAAC,iBAAiB,CAAC;SACzB,GAAG,CAAC,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;SAC9B,KAAK,CAAC,EAAE,CAAC,iBAAiB,CAAC,EAAE,EAAE,kBAAkB,CAAC,CAAC,CAAC;AACzD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,EAAM,EACN,QAAgB;IAEhB,MAAM,IAAI,GAAG,MAAM,EAAE;SAClB,MAAM,CAAC;QACN,MAAM,EAAE,iBAAiB,CAAC,MAAM;QAChC,QAAQ,EAAE,KAAK,CAAC,QAAQ;KACzB,CAAC;SACD,IAAI,CAAC,iBAAiB,CAAC;SACvB,SAAS,CAAC,KAAK,EAAE,EAAE,CAAC,iBAAiB,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC,CAAC;SACxD,KAAK,CAAC,EAAE,CAAC,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;SAC/C,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,EAAM;IAEN,OAAO,EAAE;SACN,MAAM,CAAC;QACN,EAAE,EAAE,YAAY,CAAC,EAAE;QACnB,QAAQ,EAAE,YAAY,CAAC,QAAQ;QAC/B,cAAc,EAAE,YAAY,CAAC,cAAc;QAC3C,SAAS,EAAE,YAAY,CAAC,SAAS;KAClC,CAAC;SACD,IAAI,CAAC,YAAY,CAAC,CAAC;AACxB,CAAC;AAED,sCAAsC;AAEtC;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,EAAM,EACN,OAAwC;IAExC,MAAM,eAAe,GAAG,2BAA2B,CAAC,OAAO,CAAC,CAAC;IAC7D,IAAI,eAAe;QAAE,OAAO,eAAe,CAAC;IAE5C,0DAA0D;IAC1D,MAAM,CAAC,QAAQ,CAAC,GAAG,MAAM,EAAE;SACxB,MAAM,EAAE;SACR,IAAI,CAAC,YAAY,CAAC;SAClB,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,cAAc,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;SAC9D,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC,QAAQ,EAAE,YAAY,EAAE,QAAQ,CAAC,YAAY,EAAE,CAAC;IAC9E,CAAC;IAED,sBAAsB;IACtB,MAAM,MAAM,GAAG,MAAM,mBAAmB,CAAC,EAAE,EAAE,OAAO,CAAC,cAAc,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;IAC3F,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,uDAAuD;AAEvD,MAAM,qBAAqB,GAAG,mBAAmB,CAAC;AAElD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAAC,EAAM;IACpD,MAAM,IAAI,GAAG,MAAM,EAAE;SAClB,MAAM,EAAE;SACR,IAAI,CAAC,gBAAgB,CAAC;SACtB,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,qBAAqB,CAAC,CAAC;SACtD,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IACjC,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAE,CAAC,KAAK,CAAC;IAC7B,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAiB,CAAC,CAAC,CAAC,EAAE,CAAC;AACvD,CAAC;AAED,4DAA4D;AAC5D,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,EAAM,EAAE,MAAc;IAC7D,MAAM,OAAO,GAAG,MAAM,yBAAyB,CAAC,EAAE,CAAC,CAAC;IACpD,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO;IACrC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAErB,MAAM,QAAQ,GAAG,MAAM,EAAE;SACtB,MAAM,EAAE;SACR,IAAI,CAAC,gBAAgB,CAAC;SACtB,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,qBAAqB,CAAC,CAAC;SACtD,KAAK,CAAC,CAAC,CAAC,CAAC;IAEZ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,qBAAqB,CAAC,CAAC,CAAC;IACnH,CAAC;SAAM,CAAC;QACN,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAC3F,CAAC;AACH,CAAC;AAED,iEAAiE;AACjE,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,EAAM,EAAE,MAAc;IAChE,MAAM,OAAO,GAAG,MAAM,yBAAyB,CAAC,EAAE,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC;IAEnD,IAAI,QAAQ,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM;QAAE,OAAO,CAAC,YAAY;IAE5D,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,qBAAqB,CAAC,CAAC,CAAC;AACpH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,EAAM,EACN,MAAqF,EACrF,MAAc;IAEd,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU;QAAE,OAAO,KAAK,CAAC;IAE9C,yBAAyB;IACzB,IAAI,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAEhE,uBAAuB;IACvB,MAAM,MAAM,GAAG,MAAM,yBAAyB,CAAC,EAAE,CAAC,CAAC;IACnD,OAAO,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;AACjC,CAAC;AAED,4DAA4D;AAE5D,MAAM,kBAAkB,GAAG,cAAc,CAAC;AAC1C,MAAM,kBAAkB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,aAAa;AAWxD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,EAAM,EACN,KAAyC;IAEzC,MAAM,UAAU,GAAG,mBAAmB,EAAE,CAAC;IACzC,MAAM,GAAG,GAAG,GAAG,kBAAkB,GAAG,UAAU,EAAE,CAAC;IAEjD,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,MAAM,CAAC;QACvC,GAAG;QACH,KAAK,EAAE;YACL,GAAG,KAAK;YACR,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,kBAAkB;SAC3C;KACF,CAAC,CAAC;IAEH,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,EAAM,EACN,UAAkB;IAElB,MAAM,GAAG,GAAG,GAAG,kBAAkB,GAAG,UAAU,EAAE,CAAC;IAEjD,gDAAgD;IAChD,MAAM,OAAO,GAAG,MAAM,EAAE;SACrB,MAAM,CAAC,gBAAgB,CAAC;SACxB,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;SACpC,SAAS,EAAE,CAAC;IAEf,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtC,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAE,CAAC,KAAwB,CAAC;IAEnD,eAAe;IACf,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC;IAE9C,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,KAAsB,EACtB,IAAY;IAKZ,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,KAAK,CAAC,aAAa,EAAE;YAChD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,UAAU,EAAE,oBAAoB;gBAChC,IAAI;gBACJ,SAAS,EAAE,KAAK,CAAC,QAAQ;gBACzB,aAAa,EAAE,KAAK,CAAC,YAAY;gBACjC,YAAY,EAAE,KAAK,CAAC,WAAW;aAChC,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE;YAAE,OAAO,IAAI,CAAC;QAE9B,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAG/B,CAAC;QAEF,IAAI,CAAC,IAAI,CAAC,YAAY,IAAI,CAAC,IAAI,CAAC,IAAI;YAAE,OAAO,IAAI,CAAC;QAElD,OAAO;YACL,WAAW,EAAE,IAAI,CAAC,YAAY;YAC9B,IAAI,EAAE;gBACJ,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE;gBAChB,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ;gBAC5B,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,IAAI;gBAC1C,SAAS,EAAE,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI;gBACtC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,WAAW,KAAK,CAAC,cAAc,UAAU,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE;aAC9F;SACF,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAUD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,EAAM,EACN,MAAc,EACd,SAAkB,EAClB,SAAkB;IAElB,MAAM,YAAY,GAAG,mBAAmB,EAAE,CAAC;IAC3C,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,qCAAqC;IAEvG,MAAM,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC;QAC/B,MAAM;QACN,KAAK,EAAE,YAAY;QACnB,SAAS;QACT,SAAS,EAAE,SAAS,IAAI,IAAI;QAC5B,SAAS,EAAE,SAAS,IAAI,IAAI;KAC7B,CAAC,CAAC;IAEH,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC;AAC7C,CAAC;AAED,8BAA8B;AAE9B,MAAM,mBAAmB,GAAG,eAAe,CAAC;AAC5C,MAAM,mBAAmB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,aAAa;AAWzD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,EAAM,EACN,IAAwC;IAExC,MAAM,KAAK,GAAG,mBAAmB,EAAE,CAAC;IACpC,MAAM,GAAG,GAAG,GAAG,mBAAmB,GAAG,KAAK,EAAE,CAAC;IAE7C,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,MAAM,CAAC;QACvC,GAAG;QACH,KAAK,EAAE,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,mBAAmB,EAAE;KAChE,CAAC,CAAC;IAEH,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,EAAM,EACN,KAAa;IAEb,MAAM,GAAG,GAAG,GAAG,mBAAmB,GAAG,KAAK,EAAE,CAAC;IAE7C,2CAA2C;IAC3C,MAAM,OAAO,GAAG,MAAM,EAAE;SACrB,MAAM,CAAC,gBAAgB,CAAC;SACxB,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;SACpC,SAAS,EAAE,CAAC;IAEf,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtC,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAE,CAAC,KAAwB,CAAC;IAClD,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC;IAE7C,OAAO,IAAI,CAAC;AACd,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"health.test.d.ts","sourceRoot":"","sources":["../../../src/identity/__tests__/health.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,113 @@
|
|
|
1
|
+
import { describe, it, expect, beforeEach, afterEach } from 'vitest';
|
|
2
|
+
import { checkIdentityConfig, assertIdentityConfig } from '../health.js';
|
|
3
|
+
const VALID_KEY = '0'.repeat(64);
|
|
4
|
+
// Minimal CommonPubConfig builder — kept inline (rather than importing
|
|
5
|
+
// @commonpub/test-utils) so this test file doesn't add a workspace dep
|
|
6
|
+
// that @commonpub/server otherwise doesn't need.
|
|
7
|
+
function makeConfig(idOverrides = {}) {
|
|
8
|
+
return {
|
|
9
|
+
instance: {
|
|
10
|
+
domain: 'test.example.com',
|
|
11
|
+
name: 'Test',
|
|
12
|
+
description: 'Test instance',
|
|
13
|
+
},
|
|
14
|
+
features: {
|
|
15
|
+
content: true, social: true, hubs: true, docs: true, video: true,
|
|
16
|
+
contests: false, events: false, learning: true, explainers: true,
|
|
17
|
+
editorial: true, federation: false, seamlessFederation: false,
|
|
18
|
+
federateHubs: false, admin: false, emailNotifications: false,
|
|
19
|
+
publicApi: false,
|
|
20
|
+
identity: {
|
|
21
|
+
linkRemoteAccounts: false,
|
|
22
|
+
signInWithRemote: false,
|
|
23
|
+
actingAs: false,
|
|
24
|
+
remoteInteract: false,
|
|
25
|
+
remotePublish: false,
|
|
26
|
+
...idOverrides,
|
|
27
|
+
},
|
|
28
|
+
},
|
|
29
|
+
auth: {
|
|
30
|
+
emailPassword: true,
|
|
31
|
+
magicLink: false,
|
|
32
|
+
passkeys: false,
|
|
33
|
+
},
|
|
34
|
+
docs: {
|
|
35
|
+
searchLanguage: 'english',
|
|
36
|
+
},
|
|
37
|
+
};
|
|
38
|
+
}
|
|
39
|
+
describe('checkIdentityConfig', () => {
|
|
40
|
+
let originalKey;
|
|
41
|
+
beforeEach(() => {
|
|
42
|
+
originalKey = process.env.CPUB_FED_TOKEN_KEY;
|
|
43
|
+
});
|
|
44
|
+
afterEach(() => {
|
|
45
|
+
if (originalKey === undefined)
|
|
46
|
+
delete process.env.CPUB_FED_TOKEN_KEY;
|
|
47
|
+
else
|
|
48
|
+
process.env.CPUB_FED_TOKEN_KEY = originalKey;
|
|
49
|
+
});
|
|
50
|
+
it('ok when no identity flags are enabled', () => {
|
|
51
|
+
delete process.env.CPUB_FED_TOKEN_KEY;
|
|
52
|
+
const result = checkIdentityConfig(makeConfig());
|
|
53
|
+
expect(result).toEqual({ ok: true, errors: [] });
|
|
54
|
+
});
|
|
55
|
+
it('ok when only `actingAs` is enabled (no token I/O)', () => {
|
|
56
|
+
delete process.env.CPUB_FED_TOKEN_KEY;
|
|
57
|
+
const result = checkIdentityConfig(makeConfig({ actingAs: true }));
|
|
58
|
+
expect(result.ok).toBe(true);
|
|
59
|
+
});
|
|
60
|
+
it('errors when linkRemoteAccounts is on without key', () => {
|
|
61
|
+
delete process.env.CPUB_FED_TOKEN_KEY;
|
|
62
|
+
const result = checkIdentityConfig(makeConfig({ linkRemoteAccounts: true }));
|
|
63
|
+
expect(result.ok).toBe(false);
|
|
64
|
+
expect(result.errors[0]).toMatch(/CPUB_FED_TOKEN_KEY/);
|
|
65
|
+
});
|
|
66
|
+
it('errors when signInWithRemote is on without key', () => {
|
|
67
|
+
delete process.env.CPUB_FED_TOKEN_KEY;
|
|
68
|
+
const result = checkIdentityConfig(makeConfig({ signInWithRemote: true }));
|
|
69
|
+
expect(result.ok).toBe(false);
|
|
70
|
+
});
|
|
71
|
+
it('errors when remoteInteract is on without key', () => {
|
|
72
|
+
delete process.env.CPUB_FED_TOKEN_KEY;
|
|
73
|
+
const result = checkIdentityConfig(makeConfig({ remoteInteract: true }));
|
|
74
|
+
expect(result.ok).toBe(false);
|
|
75
|
+
});
|
|
76
|
+
it('errors when remotePublish is on without key', () => {
|
|
77
|
+
delete process.env.CPUB_FED_TOKEN_KEY;
|
|
78
|
+
const result = checkIdentityConfig(makeConfig({ remotePublish: true }));
|
|
79
|
+
expect(result.ok).toBe(false);
|
|
80
|
+
});
|
|
81
|
+
it('ok when token-using flag is on AND key is configured', () => {
|
|
82
|
+
process.env.CPUB_FED_TOKEN_KEY = VALID_KEY;
|
|
83
|
+
const result = checkIdentityConfig(makeConfig({ linkRemoteAccounts: true, remotePublish: true }));
|
|
84
|
+
expect(result.ok).toBe(true);
|
|
85
|
+
});
|
|
86
|
+
it('errors when key is malformed (wrong length)', () => {
|
|
87
|
+
process.env.CPUB_FED_TOKEN_KEY = '0'.repeat(63);
|
|
88
|
+
const result = checkIdentityConfig(makeConfig({ linkRemoteAccounts: true }));
|
|
89
|
+
expect(result.ok).toBe(false);
|
|
90
|
+
expect(result.errors[0]).toMatch(/CPUB_FED_TOKEN_KEY/);
|
|
91
|
+
});
|
|
92
|
+
});
|
|
93
|
+
describe('assertIdentityConfig', () => {
|
|
94
|
+
let originalKey;
|
|
95
|
+
beforeEach(() => {
|
|
96
|
+
originalKey = process.env.CPUB_FED_TOKEN_KEY;
|
|
97
|
+
});
|
|
98
|
+
afterEach(() => {
|
|
99
|
+
if (originalKey === undefined)
|
|
100
|
+
delete process.env.CPUB_FED_TOKEN_KEY;
|
|
101
|
+
else
|
|
102
|
+
process.env.CPUB_FED_TOKEN_KEY = originalKey;
|
|
103
|
+
});
|
|
104
|
+
it('does not throw when ok', () => {
|
|
105
|
+
process.env.CPUB_FED_TOKEN_KEY = VALID_KEY;
|
|
106
|
+
expect(() => assertIdentityConfig(makeConfig({ linkRemoteAccounts: true }))).not.toThrow();
|
|
107
|
+
});
|
|
108
|
+
it('throws with all errors joined when not ok', () => {
|
|
109
|
+
delete process.env.CPUB_FED_TOKEN_KEY;
|
|
110
|
+
expect(() => assertIdentityConfig(makeConfig({ linkRemoteAccounts: true }))).toThrow(/misconfigured.*CPUB_FED_TOKEN_KEY/s);
|
|
111
|
+
});
|
|
112
|
+
});
|
|
113
|
+
//# sourceMappingURL=health.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"health.test.js","sourceRoot":"","sources":["../../../src/identity/__tests__/health.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AAErE,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAEzE,MAAM,SAAS,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AAEjC,uEAAuE;AACvE,uEAAuE;AACvE,iDAAiD;AACjD,SAAS,UAAU,CAAC,cAAgE,EAAE;IACpF,OAAO;QACL,QAAQ,EAAE;YACR,MAAM,EAAE,kBAAkB;YAC1B,IAAI,EAAE,MAAM;YACZ,WAAW,EAAE,eAAe;SAC7B;QACD,QAAQ,EAAE;YACR,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI;YAChE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI;YAChE,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,kBAAkB,EAAE,KAAK;YAC7D,YAAY,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,kBAAkB,EAAE,KAAK;YAC5D,SAAS,EAAE,KAAK;YAChB,QAAQ,EAAE;gBACR,kBAAkB,EAAE,KAAK;gBACzB,gBAAgB,EAAE,KAAK;gBACvB,QAAQ,EAAE,KAAK;gBACf,cAAc,EAAE,KAAK;gBACrB,aAAa,EAAE,KAAK;gBACpB,GAAG,WAAW;aACf;SACF;QACD,IAAI,EAAE;YACJ,aAAa,EAAE,IAAI;YACnB,SAAS,EAAE,KAAK;YAChB,QAAQ,EAAE,KAAK;SAChB;QACD,IAAI,EAAE;YACJ,cAAc,EAAE,SAAS;SAC1B;KACF,CAAC;AACJ,CAAC;AAED,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,IAAI,WAA+B,CAAC;IAEpC,UAAU,CAAC,GAAG,EAAE;QACd,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,WAAW,KAAK,SAAS;YAAE,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;;YAChE,OAAO,CAAC,GAAG,CAAC,kBAAkB,GAAG,WAAW,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;QACtC,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,EAAE,CAAC,CAAC;QACjD,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IACnD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;QACtC,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QACnE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;QAC1D,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;QACtC,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,CAAC,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC7E,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC9B,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;QACtC,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,CAAC,EAAE,gBAAgB,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC3E,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;QACtD,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;QACtC,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,CAAC,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QACzE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;QACtC,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,CAAC,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QACxE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;QAC9D,OAAO,CAAC,GAAG,CAAC,kBAAkB,GAAG,SAAS,CAAC;QAC3C,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,CAAC,EAAE,kBAAkB,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAClG,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,OAAO,CAAC,GAAG,CAAC,kBAAkB,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAChD,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,CAAC,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC7E,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC9B,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,IAAI,WAA+B,CAAC;IAEpC,UAAU,CAAC,GAAG,EAAE;QACd,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,WAAW,KAAK,SAAS;YAAE,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;;YAChE,OAAO,CAAC,GAAG,CAAC,kBAAkB,GAAG,WAAW,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,OAAO,CAAC,GAAG,CAAC,kBAAkB,GAAG,SAAS,CAAC;QAC3C,MAAM,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC,UAAU,CAAC,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;IAC7F,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;QACtC,MAAM,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC,UAAU,CAAC,EAAE,kBAAkB,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,oCAAoC,CAAC,CAAC;IAC7H,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"router.test.d.ts","sourceRoot":"","sources":["../../../src/identity/__tests__/router.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,163 @@
|
|
|
1
|
+
import { describe, it, expect, vi, afterEach } from 'vitest';
|
|
2
|
+
import { run, ActionUnavailable, InsufficientScopes, LinkedIdentityRevoked, } from '../router.js';
|
|
3
|
+
import { setFediClientFactory, } from '../fediClient.js';
|
|
4
|
+
// Reset the factory between tests so leakage between cases is impossible.
|
|
5
|
+
afterEach(() => setFediClientFactory(null));
|
|
6
|
+
const fakeEvent = {};
|
|
7
|
+
const NATIVE = {
|
|
8
|
+
kind: 'native',
|
|
9
|
+
id: 'u1',
|
|
10
|
+
userId: 'u1',
|
|
11
|
+
username: 'moheeb',
|
|
12
|
+
instance: 'deveco.io',
|
|
13
|
+
actorUri: 'https://deveco.io/users/moheeb',
|
|
14
|
+
handle: '@moheeb@deveco.io',
|
|
15
|
+
};
|
|
16
|
+
function makeLinked(overrides = {}) {
|
|
17
|
+
return {
|
|
18
|
+
kind: 'linked',
|
|
19
|
+
id: 'fa1',
|
|
20
|
+
userId: 'u1',
|
|
21
|
+
username: 'moheeb',
|
|
22
|
+
instance: 'commonpub.io',
|
|
23
|
+
actorUri: 'https://commonpub.io/users/moheeb',
|
|
24
|
+
handle: '@moheeb@commonpub.io',
|
|
25
|
+
scopes: ['read', 'write'],
|
|
26
|
+
softwareKind: 'cpub',
|
|
27
|
+
revokedAt: null,
|
|
28
|
+
...overrides,
|
|
29
|
+
};
|
|
30
|
+
}
|
|
31
|
+
function makeAction(opts = {}) {
|
|
32
|
+
return {
|
|
33
|
+
name: opts.name ?? 'test-action',
|
|
34
|
+
scopes: opts.scopes ?? [],
|
|
35
|
+
local: opts.local ?? vi.fn(async () => 'local-result'),
|
|
36
|
+
remote: opts.remote,
|
|
37
|
+
};
|
|
38
|
+
}
|
|
39
|
+
describe('run() — native identity', () => {
|
|
40
|
+
it('dispatches to action.local', async () => {
|
|
41
|
+
const local = vi.fn(async () => 'OK');
|
|
42
|
+
const action = makeAction({ local });
|
|
43
|
+
const result = await run(fakeEvent, NATIVE, action, undefined);
|
|
44
|
+
expect(result).toBe('OK');
|
|
45
|
+
expect(local).toHaveBeenCalledOnce();
|
|
46
|
+
expect(local).toHaveBeenCalledWith(fakeEvent, NATIVE, undefined);
|
|
47
|
+
});
|
|
48
|
+
it('passes input through unchanged', async () => {
|
|
49
|
+
const local = vi.fn(async (_e, _id, x) => x.hello);
|
|
50
|
+
const action = {
|
|
51
|
+
name: 'test',
|
|
52
|
+
scopes: [],
|
|
53
|
+
local,
|
|
54
|
+
};
|
|
55
|
+
const result = await run(fakeEvent, NATIVE, action, { hello: 'world' });
|
|
56
|
+
expect(result).toBe('world');
|
|
57
|
+
});
|
|
58
|
+
it('does NOT check scopes for native (scopes are linked-only)', async () => {
|
|
59
|
+
const action = makeAction({ scopes: ['publish'] });
|
|
60
|
+
// Native passes through even though "scopes: ['publish']" is declared.
|
|
61
|
+
const result = await run(fakeEvent, NATIVE, action, undefined);
|
|
62
|
+
expect(result).toBe('local-result');
|
|
63
|
+
});
|
|
64
|
+
});
|
|
65
|
+
describe('run() — linked identity', () => {
|
|
66
|
+
it('throws ActionUnavailable when the action has no remote half', async () => {
|
|
67
|
+
const action = makeAction(); // no remote
|
|
68
|
+
await expect(run(fakeEvent, makeLinked(), action, undefined))
|
|
69
|
+
.rejects.toBeInstanceOf(ActionUnavailable);
|
|
70
|
+
await expect(run(fakeEvent, makeLinked(), action, undefined))
|
|
71
|
+
.rejects.toMatchObject({ action: 'test-action', reason: 'not-proxiable' });
|
|
72
|
+
});
|
|
73
|
+
it('throws LinkedIdentityRevoked when the grant is revoked', async () => {
|
|
74
|
+
const remote = vi.fn(async () => 'remote-result');
|
|
75
|
+
const action = makeAction({ remote });
|
|
76
|
+
const revoked = makeLinked({ revokedAt: new Date() });
|
|
77
|
+
await expect(run(fakeEvent, revoked, action, undefined))
|
|
78
|
+
.rejects.toBeInstanceOf(LinkedIdentityRevoked);
|
|
79
|
+
expect(remote).not.toHaveBeenCalled();
|
|
80
|
+
});
|
|
81
|
+
it('throws InsufficientScopes when granted scopes do not cover required', async () => {
|
|
82
|
+
const remote = vi.fn(async () => 'remote-result');
|
|
83
|
+
const action = makeAction({ scopes: ['publish'], remote });
|
|
84
|
+
const linked = makeLinked({ scopes: ['read', 'write'] });
|
|
85
|
+
try {
|
|
86
|
+
await run(fakeEvent, linked, action, undefined);
|
|
87
|
+
throw new Error('expected throw');
|
|
88
|
+
}
|
|
89
|
+
catch (err) {
|
|
90
|
+
expect(err).toBeInstanceOf(InsufficientScopes);
|
|
91
|
+
expect(err.required).toEqual(['publish']);
|
|
92
|
+
expect(err.granted).toEqual(['read', 'write']);
|
|
93
|
+
}
|
|
94
|
+
expect(remote).not.toHaveBeenCalled();
|
|
95
|
+
});
|
|
96
|
+
it('throws when no FediClient factory is registered', async () => {
|
|
97
|
+
// Phase 1a default state: no factory. Reaching getFediClient must
|
|
98
|
+
// surface a clear, actionable error rather than silently no-op'ing.
|
|
99
|
+
const remote = vi.fn(async () => 'remote-result');
|
|
100
|
+
const action = makeAction({ scopes: ['read'], remote });
|
|
101
|
+
const linked = makeLinked({ scopes: ['read', 'write'] });
|
|
102
|
+
await expect(run(fakeEvent, linked, action, undefined))
|
|
103
|
+
.rejects.toThrow(/factory not registered/);
|
|
104
|
+
expect(remote).not.toHaveBeenCalled();
|
|
105
|
+
});
|
|
106
|
+
it('dispatches to action.remote with the factory-built client', async () => {
|
|
107
|
+
// The crucial chain-completeness test: Phase 1b plugs in a factory,
|
|
108
|
+
// and run() must thread the constructed client through to the
|
|
109
|
+
// action's remote handler with the linked identity unchanged.
|
|
110
|
+
const fakeClient = {
|
|
111
|
+
account: { verifyCredentials: vi.fn(async () => ({ id: '1', username: 'm', acct: 'm@host' })) },
|
|
112
|
+
};
|
|
113
|
+
const factory = vi.fn(async () => fakeClient);
|
|
114
|
+
setFediClientFactory(factory);
|
|
115
|
+
const remote = vi.fn(async (client, _id, _input) => {
|
|
116
|
+
// Verify it's actually the registered factory's client
|
|
117
|
+
expect(client).toBe(fakeClient);
|
|
118
|
+
return 'remote-result';
|
|
119
|
+
});
|
|
120
|
+
const action = makeAction({ scopes: ['read'], remote });
|
|
121
|
+
const linked = makeLinked({ scopes: ['read', 'write'] });
|
|
122
|
+
const result = await run(fakeEvent, linked, action, undefined);
|
|
123
|
+
expect(result).toBe('remote-result');
|
|
124
|
+
expect(factory).toHaveBeenCalledOnce();
|
|
125
|
+
expect(factory).toHaveBeenCalledWith(linked);
|
|
126
|
+
expect(remote).toHaveBeenCalledOnce();
|
|
127
|
+
});
|
|
128
|
+
it('propagates factory errors as-is (no silent swallow)', async () => {
|
|
129
|
+
setFediClientFactory(async () => { throw new Error('database unreachable'); });
|
|
130
|
+
const action = makeAction({ scopes: ['read'], remote: vi.fn() });
|
|
131
|
+
const linked = makeLinked({ scopes: ['read'] });
|
|
132
|
+
await expect(run(fakeEvent, linked, action, undefined))
|
|
133
|
+
.rejects.toThrow(/database unreachable/);
|
|
134
|
+
});
|
|
135
|
+
});
|
|
136
|
+
describe('error classes', () => {
|
|
137
|
+
it('ActionUnavailable carries action + reason', () => {
|
|
138
|
+
const e = new ActionUnavailable('publish', 'no-token');
|
|
139
|
+
expect(e.name).toBe('ActionUnavailable');
|
|
140
|
+
expect(e.action).toBe('publish');
|
|
141
|
+
expect(e.reason).toBe('no-token');
|
|
142
|
+
expect(e.message).toContain('publish');
|
|
143
|
+
expect(e.message).toContain('no-token');
|
|
144
|
+
});
|
|
145
|
+
it('InsufficientScopes carries required + granted', () => {
|
|
146
|
+
const e = new InsufficientScopes('publish', ['publish'], ['read']);
|
|
147
|
+
expect(e.required).toEqual(['publish']);
|
|
148
|
+
expect(e.granted).toEqual(['read']);
|
|
149
|
+
expect(e.message).toContain('publish');
|
|
150
|
+
});
|
|
151
|
+
it('LinkedIdentityRevoked carries identity reference', () => {
|
|
152
|
+
const id = makeLinked({ revokedAt: new Date() });
|
|
153
|
+
const e = new LinkedIdentityRevoked(id);
|
|
154
|
+
expect(e.identity).toBe(id);
|
|
155
|
+
expect(e.message).toContain(id.handle);
|
|
156
|
+
});
|
|
157
|
+
// Sanity: typeof Identity narrowing works at runtime
|
|
158
|
+
it('Identity union still includes both kinds', () => {
|
|
159
|
+
const ids = [NATIVE, makeLinked()];
|
|
160
|
+
expect(ids.map(i => i.kind).sort()).toEqual(['linked', 'native']);
|
|
161
|
+
});
|
|
162
|
+
});
|
|
163
|
+
//# sourceMappingURL=router.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"router.test.js","sourceRoot":"","sources":["../../../src/identity/__tests__/router.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AAO7D,OAAO,EACL,GAAG,EACH,iBAAiB,EACjB,kBAAkB,EAClB,qBAAqB,GAEtB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,oBAAoB,GAGrB,MAAM,kBAAkB,CAAC;AAE1B,0EAA0E;AAC1E,SAAS,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC;AAK5C,MAAM,SAAS,GAAc,EAAE,CAAC;AAEhC,MAAM,MAAM,GAAmB;IAC7B,IAAI,EAAE,QAAQ;IACd,EAAE,EAAE,IAAI;IACR,MAAM,EAAE,IAAI;IACZ,QAAQ,EAAE,QAAQ;IAClB,QAAQ,EAAE,WAAW;IACrB,QAAQ,EAAE,gCAAgC;IAC1C,MAAM,EAAE,mBAAmB;CAC5B,CAAC;AAEF,SAAS,UAAU,CAAC,YAAqC,EAAE;IACzD,OAAO;QACL,IAAI,EAAE,QAAQ;QACd,EAAE,EAAE,KAAK;QACT,MAAM,EAAE,IAAI;QACZ,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,cAAc;QACxB,QAAQ,EAAE,mCAAmC;QAC7C,MAAM,EAAE,sBAAsB;QAC9B,MAAM,EAAE,CAAC,MAAM,EAAE,OAAO,CAAY;QACpC,YAAY,EAAE,MAAM;QACpB,SAAS,EAAE,IAAI;QACf,GAAG,SAAS;KACb,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAA4B,OAK3C,EAAE;IACJ,OAAO;QACL,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,aAAa;QAChC,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,EAAE;QACzB,KAAK,EAAE,IAAI,CAAC,KAAK,IAAK,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,cAAsB,CAA2D;QACzH,MAAM,EAAE,IAAI,CAAC,MAAM;KACpB,CAAC;AACJ,CAAC;AAED,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;IACvC,EAAE,CAAC,4BAA4B,EAAE,KAAK,IAAI,EAAE;QAC1C,MAAM,KAAK,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,IAAI,CAAC,CAAC;QACtC,MAAM,MAAM,GAAG,UAAU,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;QACrC,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QAC/D,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,CAAC,KAAK,CAAC,CAAC,oBAAoB,EAAE,CAAC;QACrC,MAAM,CAAC,KAAK,CAAC,CAAC,oBAAoB,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;QAC9C,MAAM,KAAK,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,EAAa,EAAE,GAAG,EAAE,CAAoB,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QACjF,MAAM,MAAM,GAAsD;YAChE,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE,EAAE;YACV,KAAK;SACN,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;QACxE,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2DAA2D,EAAE,KAAK,IAAI,EAAE;QACzE,MAAM,MAAM,GAAG,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACnD,uEAAuE;QACvE,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QAC/D,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;IACvC,EAAE,CAAC,6DAA6D,EAAE,KAAK,IAAI,EAAE;QAC3E,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC,CAAC,YAAY;QACzC,MAAM,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,UAAU,EAAE,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;aAC1D,OAAO,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;QAC7C,MAAM,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,UAAU,EAAE,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;aAC1D,OAAO,CAAC,aAAa,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC,CAAC;IAC/E,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,MAAM,MAAM,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,eAAe,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;QACtC,MAAM,OAAO,GAAG,UAAU,CAAC,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC,CAAC;QACtD,MAAM,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;aACrD,OAAO,CAAC,cAAc,CAAC,qBAAqB,CAAC,CAAC;QACjD,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qEAAqE,EAAE,KAAK,IAAI,EAAE;QACnF,MAAM,MAAM,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,eAAe,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;QAC3D,MAAM,MAAM,GAAG,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;QACzD,IAAI,CAAC;YACH,MAAM,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;YAChD,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,kBAAkB,CAAC,CAAC;YAC/C,MAAM,CAAE,GAA0B,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;YAClE,MAAM,CAAE,GAA0B,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;QACzE,CAAC;QACD,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,kEAAkE;QAClE,oEAAoE;QACpE,MAAM,MAAM,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,eAAe,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;QACxD,MAAM,MAAM,GAAG,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;QACzD,MAAM,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;aACpD,OAAO,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC;QAC7C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2DAA2D,EAAE,KAAK,IAAI,EAAE;QACzE,oEAAoE;QACpE,8DAA8D;QAC9D,8DAA8D;QAC9D,MAAM,UAAU,GAAe;YAC7B,OAAO,EAAE,EAAE,iBAAiB,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,EAAE;SAChG,CAAC;QACF,MAAM,OAAO,GAAsB,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC;QACjE,oBAAoB,CAAC,OAAO,CAAC,CAAC;QAE9B,MAAM,MAAM,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,MAAkB,EAAE,GAAG,EAAE,MAAM,EAAE,EAAE;YAC7D,uDAAuD;YACvD,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAChC,OAAO,eAAe,CAAC;QACzB,CAAC,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;QACxD,MAAM,MAAM,GAAG,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;QAEzD,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QAC/D,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACrC,MAAM,CAAC,OAAO,CAAC,CAAC,oBAAoB,EAAE,CAAC;QACvC,MAAM,CAAC,OAAO,CAAC,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;QAC7C,MAAM,CAAC,MAAM,CAAC,CAAC,oBAAoB,EAAE,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;QACnE,oBAAoB,CAAC,KAAK,IAAI,EAAE,GAAG,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/E,MAAM,MAAM,GAAG,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACjE,MAAM,MAAM,GAAG,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAChD,MAAM,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;aACpD,OAAO,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,CAAC,GAAG,IAAI,iBAAiB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;QACvD,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACzC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACjC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAClC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACvC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,CAAC,GAAG,IAAI,kBAAkB,CAAC,SAAS,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QACnE,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;QACpC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;QAC1D,MAAM,EAAE,GAAG,UAAU,CAAC,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC,CAAC;QACjD,MAAM,CAAC,GAAG,IAAI,qBAAqB,CAAC,EAAE,CAAC,CAAC;QACxC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC5B,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,qDAAqD;IACrD,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;QAClD,MAAM,GAAG,GAAe,CAAC,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC;QAC/C,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC;IACpE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* FediClient — opaque, protocol-agnostic facade for calling a remote
|
|
3
|
+
* Fediverse instance as a linked identity. Phase 1a defines the
|
|
4
|
+
* interface; Phase 1b plumbs in the megalodon-backed implementation.
|
|
5
|
+
*
|
|
6
|
+
* Why opaque: callers (action handlers) should never see the bearer
|
|
7
|
+
* token, never call `fetch` directly, never know whether the remote
|
|
8
|
+
* is Mastodon vs Pleroma vs CommonPub. They write `client.statuses.create({ ... })`
|
|
9
|
+
* and the wrapper handles authentication, software-specific quirks,
|
|
10
|
+
* 401-detection-as-revocation, audit logging, and rate-limit backoff.
|
|
11
|
+
*
|
|
12
|
+
* The interface is intentionally narrow — only the actions we proxy.
|
|
13
|
+
* Add methods as Phase 4 (delegated actions) opens specific surfaces.
|
|
14
|
+
*
|
|
15
|
+
* See docs/sessions/136-cross-instance-identity-plan.md.
|
|
16
|
+
*/
|
|
17
|
+
import type { LinkedIdentity } from '@commonpub/auth';
|
|
18
|
+
/**
|
|
19
|
+
* The minimal account shape returned by a verify-credentials call. All
|
|
20
|
+
* Mastodon-API-compatible servers expose this at GET /api/v1/accounts/verify_credentials.
|
|
21
|
+
* CommonPub instances expose the same shape via the OAuth token-exchange
|
|
22
|
+
* response (per existing `processTokenExchange`).
|
|
23
|
+
*/
|
|
24
|
+
export interface VerifiedAccount {
|
|
25
|
+
/** Stable id at the remote (string for Mastodon API compat). */
|
|
26
|
+
id: string;
|
|
27
|
+
/** Bare username, no @host. */
|
|
28
|
+
username: string;
|
|
29
|
+
/** Full handle: `user@host`. Mastodon-API field name. */
|
|
30
|
+
acct: string;
|
|
31
|
+
/** Display name (optional). */
|
|
32
|
+
displayName?: string;
|
|
33
|
+
/** Avatar URL (optional). */
|
|
34
|
+
avatar?: string;
|
|
35
|
+
/** Canonical AP actor URI when known. */
|
|
36
|
+
url?: string;
|
|
37
|
+
}
|
|
38
|
+
export interface FediClient {
|
|
39
|
+
/** Phase 1: only the verification call lands here. Phase 4 expands. */
|
|
40
|
+
account: {
|
|
41
|
+
verifyCredentials(): Promise<VerifiedAccount>;
|
|
42
|
+
};
|
|
43
|
+
}
|
|
44
|
+
/**
|
|
45
|
+
* A FediClient factory. Phase 1b will register a real implementation
|
|
46
|
+
* via `setFediClientFactory` at app init; the factory closes over the
|
|
47
|
+
* DB handle, decryption key, audit logger, and any other dependencies
|
|
48
|
+
* a real client needs without forcing those onto `run()`'s call sites.
|
|
49
|
+
*
|
|
50
|
+
* Tests register mock factories per-case via `setFediClientFactory`
|
|
51
|
+
* and clear with `setFediClientFactory(null)` in afterEach.
|
|
52
|
+
*/
|
|
53
|
+
export type FediClientFactory = (identity: LinkedIdentity) => Promise<FediClient>;
|
|
54
|
+
/**
|
|
55
|
+
* Register the FediClient factory. Called once at app init by Phase 1b's
|
|
56
|
+
* Nitro plugin (something like `setFediClientFactory(makeMastodonFactory(useDB(), tokenKey))`).
|
|
57
|
+
*
|
|
58
|
+
* Pass `null` to clear (used in tests).
|
|
59
|
+
*
|
|
60
|
+
* Why factory-registration instead of explicit DI through `run()`:
|
|
61
|
+
* - keeps `run()`'s signature simple — no DB / audit-logger cruft
|
|
62
|
+
* leaking into every call site
|
|
63
|
+
* - keeps `@commonpub/server` framework-agnostic — no h3 / Nuxt
|
|
64
|
+
* specific globals
|
|
65
|
+
* - app init is the natural place to wire dependencies once
|
|
66
|
+
*/
|
|
67
|
+
export declare function setFediClientFactory(factory: FediClientFactory | null): void;
|
|
68
|
+
/**
|
|
69
|
+
* Construct a FediClient for a linked identity. Delegates to the
|
|
70
|
+
* registered factory; throws if no factory has been registered (i.e.,
|
|
71
|
+
* Phase 1b plumbing isn't in place yet, or the test forgot to call
|
|
72
|
+
* `setFediClientFactory`).
|
|
73
|
+
*
|
|
74
|
+
* The Phase 1b factory will:
|
|
75
|
+
* 1. Read federated_accounts row for `identity.id`
|
|
76
|
+
* 2. Decrypt access_token via `decryptToken` (@commonpub/infra)
|
|
77
|
+
* 3. Construct megalodon client based on `identity.softwareKind`
|
|
78
|
+
* 4. Wrap with 401-detection (mark revoked_at on auth failure),
|
|
79
|
+
* audit logging, and rate-limit handling
|
|
80
|
+
*/
|
|
81
|
+
export declare function getFediClient(identity: LinkedIdentity): Promise<FediClient>;
|
|
82
|
+
//# sourceMappingURL=fediClient.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"fediClient.d.ts","sourceRoot":"","sources":["../../src/identity/fediClient.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AACH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAEtD;;;;;GAKG;AACH,MAAM,WAAW,eAAe;IAC9B,gEAAgE;IAChE,EAAE,EAAE,MAAM,CAAC;IACX,+BAA+B;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,yDAAyD;IACzD,IAAI,EAAE,MAAM,CAAC;IACb,+BAA+B;IAC/B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,6BAA6B;IAC7B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,yCAAyC;IACzC,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,UAAU;IACzB,uEAAuE;IACvE,OAAO,EAAE;QACP,iBAAiB,IAAI,OAAO,CAAC,eAAe,CAAC,CAAC;KAC/C,CAAC;CAKH;AAED;;;;;;;;GAQG;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,QAAQ,EAAE,cAAc,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC;AAIlF;;;;;;;;;;;;GAYG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,iBAAiB,GAAG,IAAI,GAAG,IAAI,CAE5E;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,aAAa,CAAC,QAAQ,EAAE,cAAc,GAAG,OAAO,CAAC,UAAU,CAAC,CAUjF"}
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
let registeredFactory = null;
|
|
2
|
+
/**
|
|
3
|
+
* Register the FediClient factory. Called once at app init by Phase 1b's
|
|
4
|
+
* Nitro plugin (something like `setFediClientFactory(makeMastodonFactory(useDB(), tokenKey))`).
|
|
5
|
+
*
|
|
6
|
+
* Pass `null` to clear (used in tests).
|
|
7
|
+
*
|
|
8
|
+
* Why factory-registration instead of explicit DI through `run()`:
|
|
9
|
+
* - keeps `run()`'s signature simple — no DB / audit-logger cruft
|
|
10
|
+
* leaking into every call site
|
|
11
|
+
* - keeps `@commonpub/server` framework-agnostic — no h3 / Nuxt
|
|
12
|
+
* specific globals
|
|
13
|
+
* - app init is the natural place to wire dependencies once
|
|
14
|
+
*/
|
|
15
|
+
export function setFediClientFactory(factory) {
|
|
16
|
+
registeredFactory = factory;
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Construct a FediClient for a linked identity. Delegates to the
|
|
20
|
+
* registered factory; throws if no factory has been registered (i.e.,
|
|
21
|
+
* Phase 1b plumbing isn't in place yet, or the test forgot to call
|
|
22
|
+
* `setFediClientFactory`).
|
|
23
|
+
*
|
|
24
|
+
* The Phase 1b factory will:
|
|
25
|
+
* 1. Read federated_accounts row for `identity.id`
|
|
26
|
+
* 2. Decrypt access_token via `decryptToken` (@commonpub/infra)
|
|
27
|
+
* 3. Construct megalodon client based on `identity.softwareKind`
|
|
28
|
+
* 4. Wrap with 401-detection (mark revoked_at on auth failure),
|
|
29
|
+
* audit logging, and rate-limit handling
|
|
30
|
+
*/
|
|
31
|
+
export async function getFediClient(identity) {
|
|
32
|
+
if (!registeredFactory) {
|
|
33
|
+
throw new Error(`FediClient factory not registered. ` +
|
|
34
|
+
`Phase 1b: call setFediClientFactory(...) at app init. ` +
|
|
35
|
+
`Tests: register a mock via setFediClientFactory(async () => mockClient). ` +
|
|
36
|
+
`See docs/sessions/136-cross-instance-identity-plan.md.`);
|
|
37
|
+
}
|
|
38
|
+
return registeredFactory(identity);
|
|
39
|
+
}
|
|
40
|
+
//# sourceMappingURL=fediClient.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"fediClient.js","sourceRoot":"","sources":["../../src/identity/fediClient.ts"],"names":[],"mappings":"AA6DA,IAAI,iBAAiB,GAA6B,IAAI,CAAC;AAEvD;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAAiC;IACpE,iBAAiB,GAAG,OAAO,CAAC;AAC9B,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,QAAwB;IAC1D,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CACb,qCAAqC;YACrC,wDAAwD;YACxD,2EAA2E;YAC3E,wDAAwD,CACzD,CAAC;IACJ,CAAC;IACD,OAAO,iBAAiB,CAAC,QAAQ,CAAC,CAAC;AACrC,CAAC"}
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Identity-configuration startup invariants.
|
|
3
|
+
*
|
|
4
|
+
* Cross-instance delegated authorization stores OAuth bearer tokens at
|
|
5
|
+
* rest under a symmetric key (`CPUB_FED_TOKEN_KEY`). If any feature
|
|
6
|
+
* flag that *uses* tokens is enabled but the key is missing, the
|
|
7
|
+
* operator has misconfigured the deploy — better to refuse to start
|
|
8
|
+
* than to fail at first OAuth callback when a real user is mid-sign-in.
|
|
9
|
+
*
|
|
10
|
+
* Phase 1b plugs this into a Nitro plugin that runs at app init:
|
|
11
|
+
*
|
|
12
|
+
* // layers/base/server/plugins/identity-startup.ts
|
|
13
|
+
* export default defineNitroPlugin(() => {
|
|
14
|
+
* assertIdentityConfig(useConfig());
|
|
15
|
+
* });
|
|
16
|
+
*
|
|
17
|
+
* `actingAs` does NOT need the key — it's purely a UI identity-context
|
|
18
|
+
* switcher and doesn't store tokens. Listed exclusion below.
|
|
19
|
+
*/
|
|
20
|
+
import type { CommonPubConfig } from '@commonpub/config';
|
|
21
|
+
export interface IdentityConfigCheckResult {
|
|
22
|
+
ok: boolean;
|
|
23
|
+
errors: ReadonlyArray<string>;
|
|
24
|
+
}
|
|
25
|
+
/**
|
|
26
|
+
* Inspect the config; return the list of identity-related
|
|
27
|
+
* misconfigurations. Empty errors → `ok: true`.
|
|
28
|
+
*
|
|
29
|
+
* Pure function: no env mutation, no I/O beyond reading the env var
|
|
30
|
+
* (which `isTokenKeyConfigured` does without logging the key).
|
|
31
|
+
*/
|
|
32
|
+
export declare function checkIdentityConfig(config: CommonPubConfig): IdentityConfigCheckResult;
|
|
33
|
+
/**
|
|
34
|
+
* Same as `checkIdentityConfig` but throws on any error. Use at
|
|
35
|
+
* Nitro-plugin startup so a misconfigured deploy fails to boot rather
|
|
36
|
+
* than 500-ing on first user OAuth attempt.
|
|
37
|
+
*
|
|
38
|
+
* Error message lists ALL detected problems (not just the first) so
|
|
39
|
+
* operators can fix everything in one go.
|
|
40
|
+
*/
|
|
41
|
+
export declare function assertIdentityConfig(config: CommonPubConfig): void;
|
|
42
|
+
//# sourceMappingURL=health.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"health.d.ts","sourceRoot":"","sources":["../../src/identity/health.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AACH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAGzD,MAAM,WAAW,yBAAyB;IACxC,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;CAC/B;AAeD;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,eAAe,GAAG,yBAAyB,CAatF;AAED;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,eAAe,GAAG,IAAI,CAOlE"}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
import { isTokenKeyConfigured } from '@commonpub/infra';
|
|
2
|
+
/**
|
|
3
|
+
* True iff this flag set requires an active `CPUB_FED_TOKEN_KEY`.
|
|
4
|
+
* `actingAs` alone is fine — it's UI state, not token I/O.
|
|
5
|
+
*/
|
|
6
|
+
function requiresTokenKey(id) {
|
|
7
|
+
return (id.linkRemoteAccounts ||
|
|
8
|
+
id.signInWithRemote ||
|
|
9
|
+
id.remoteInteract ||
|
|
10
|
+
id.remotePublish);
|
|
11
|
+
}
|
|
12
|
+
/**
|
|
13
|
+
* Inspect the config; return the list of identity-related
|
|
14
|
+
* misconfigurations. Empty errors → `ok: true`.
|
|
15
|
+
*
|
|
16
|
+
* Pure function: no env mutation, no I/O beyond reading the env var
|
|
17
|
+
* (which `isTokenKeyConfigured` does without logging the key).
|
|
18
|
+
*/
|
|
19
|
+
export function checkIdentityConfig(config) {
|
|
20
|
+
const errors = [];
|
|
21
|
+
const id = config.features.identity;
|
|
22
|
+
if (requiresTokenKey(id) && !isTokenKeyConfigured()) {
|
|
23
|
+
errors.push('CPUB_FED_TOKEN_KEY env var must be set when any of ' +
|
|
24
|
+
'features.identity.{linkRemoteAccounts, signInWithRemote, remoteInteract, remotePublish} ' +
|
|
25
|
+
'is enabled. Generate with: openssl rand -hex 32');
|
|
26
|
+
}
|
|
27
|
+
return { ok: errors.length === 0, errors };
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* Same as `checkIdentityConfig` but throws on any error. Use at
|
|
31
|
+
* Nitro-plugin startup so a misconfigured deploy fails to boot rather
|
|
32
|
+
* than 500-ing on first user OAuth attempt.
|
|
33
|
+
*
|
|
34
|
+
* Error message lists ALL detected problems (not just the first) so
|
|
35
|
+
* operators can fix everything in one go.
|
|
36
|
+
*/
|
|
37
|
+
export function assertIdentityConfig(config) {
|
|
38
|
+
const result = checkIdentityConfig(config);
|
|
39
|
+
if (!result.ok) {
|
|
40
|
+
throw new Error(`Cross-instance identity misconfigured:\n - ${result.errors.join('\n - ')}`);
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
//# sourceMappingURL=health.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"health.js","sourceRoot":"","sources":["../../src/identity/health.ts"],"names":[],"mappings":"AAoBA,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAOxD;;;GAGG;AACH,SAAS,gBAAgB,CAAC,EAA2C;IACnE,OAAO,CACL,EAAE,CAAC,kBAAkB;QACrB,EAAE,CAAC,gBAAgB;QACnB,EAAE,CAAC,cAAc;QACjB,EAAE,CAAC,aAAa,CACjB,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAuB;IACzD,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC;IAEpC,IAAI,gBAAgB,CAAC,EAAE,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,CAAC;QACpD,MAAM,CAAC,IAAI,CACT,qDAAqD;YACrD,0FAA0F;YAC1F,iDAAiD,CAClD,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,EAAE,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAC7C,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,oBAAoB,CAAC,MAAuB;IAC1D,MAAM,MAAM,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAC3C,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CACb,+CAA+C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAC9E,CAAC;IACJ,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @commonpub/server / identity — cross-instance delegated authorization.
|
|
3
|
+
*
|
|
4
|
+
* Phase 1a foundation: types + action router + FediClient interface.
|
|
5
|
+
* Phase 1b lands the OAuth flow + FediClient implementation.
|
|
6
|
+
* Phase 3 lands resolveIdentityContext middleware.
|
|
7
|
+
* Phase 4 lands ActionRoute declarations for publish/like/follow/comment.
|
|
8
|
+
*
|
|
9
|
+
* See docs/sessions/136-cross-instance-identity-plan.md.
|
|
10
|
+
*/
|
|
11
|
+
export type { ActionRoute } from './router.js';
|
|
12
|
+
export { run, ActionUnavailable, InsufficientScopes, LinkedIdentityRevoked, } from './router.js';
|
|
13
|
+
export type { FediClient, VerifiedAccount, FediClientFactory } from './fediClient.js';
|
|
14
|
+
export { getFediClient, setFediClientFactory } from './fediClient.js';
|
|
15
|
+
export type { IdentityConfigCheckResult } from './health.js';
|
|
16
|
+
export { checkIdentityConfig, assertIdentityConfig } from './health.js';
|
|
17
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/identity/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,YAAY,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EACL,GAAG,EACH,iBAAiB,EACjB,kBAAkB,EAClB,qBAAqB,GACtB,MAAM,aAAa,CAAC;AAErB,YAAY,EAAE,UAAU,EAAE,eAAe,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACtF,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAEtE,YAAY,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC;AAC7D,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @commonpub/server / identity — cross-instance delegated authorization.
|
|
3
|
+
*
|
|
4
|
+
* Phase 1a foundation: types + action router + FediClient interface.
|
|
5
|
+
* Phase 1b lands the OAuth flow + FediClient implementation.
|
|
6
|
+
* Phase 3 lands resolveIdentityContext middleware.
|
|
7
|
+
* Phase 4 lands ActionRoute declarations for publish/like/follow/comment.
|
|
8
|
+
*
|
|
9
|
+
* See docs/sessions/136-cross-instance-identity-plan.md.
|
|
10
|
+
*/
|
|
11
|
+
export { run, ActionUnavailable, InsufficientScopes, LinkedIdentityRevoked, } from './router.js';
|
|
12
|
+
export { getFediClient, setFediClientFactory } from './fediClient.js';
|
|
13
|
+
export { checkIdentityConfig, assertIdentityConfig } from './health.js';
|
|
14
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/identity/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,EACL,GAAG,EACH,iBAAiB,EACjB,kBAAkB,EAClB,qBAAqB,GACtB,MAAM,aAAa,CAAC;AAGrB,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAGtE,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC"}
|
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Action router — the only place that branches on `active.kind === 'linked'`.
|
|
3
|
+
*
|
|
4
|
+
* Every user-facing action gets one ActionRoute declaration with two
|
|
5
|
+
* halves: `local` (run against this instance's DB as the session user)
|
|
6
|
+
* and `remote` (proxied via FediClient to the linked identity's home).
|
|
7
|
+
* The `run()` helper picks the right half based on which identity is
|
|
8
|
+
* currently active in the request context.
|
|
9
|
+
*
|
|
10
|
+
* Adding a new proxiable action = one new file with an ActionRoute.
|
|
11
|
+
* Existing controllers don't grow `if (linked)` branches.
|
|
12
|
+
*
|
|
13
|
+
* See docs/sessions/136-cross-instance-identity-plan.md.
|
|
14
|
+
*/
|
|
15
|
+
import type { Identity, LinkedIdentity, NativeIdentity, Scope } from '@commonpub/auth';
|
|
16
|
+
import type { FediClient } from './fediClient.js';
|
|
17
|
+
/**
|
|
18
|
+
* Event-type generic. The router doesn't care what event/context shape
|
|
19
|
+
* the caller's framework uses — it passes the event through to the
|
|
20
|
+
* `local` handler unchanged. Layer-side code (Nitro/h3) will instantiate
|
|
21
|
+
* `ActionRoute<H3Event, ...>`; framework-agnostic tests use `unknown`.
|
|
22
|
+
*
|
|
23
|
+
* This keeps `@commonpub/server` framework-agnostic (no h3 dep) while
|
|
24
|
+
* still flowing strong types into layer-side controllers.
|
|
25
|
+
*/
|
|
26
|
+
export interface ActionRoute<TEvent, TIn, TOut> {
|
|
27
|
+
/** Stable name — used for audit logs, scope-error messages, metrics. */
|
|
28
|
+
name: string;
|
|
29
|
+
/** Required scopes when running via a linked identity. Ignored for native. */
|
|
30
|
+
scopes: ReadonlyArray<Scope>;
|
|
31
|
+
/** Handler when the active identity is the session's native user. */
|
|
32
|
+
local(event: TEvent, identity: NativeIdentity, input: TIn): Promise<TOut>;
|
|
33
|
+
/**
|
|
34
|
+
* Handler when the active identity is a linked OAuth grant. Optional —
|
|
35
|
+
* actions that should never be proxied (admin, settings, identity
|
|
36
|
+
* management itself) leave this undefined and `run()` throws
|
|
37
|
+
* `ActionUnavailable` if a linked identity tries to invoke.
|
|
38
|
+
*/
|
|
39
|
+
remote?(client: FediClient, identity: LinkedIdentity, input: TIn): Promise<TOut>;
|
|
40
|
+
}
|
|
41
|
+
export declare class ActionUnavailable extends Error {
|
|
42
|
+
readonly action: string;
|
|
43
|
+
readonly reason: string;
|
|
44
|
+
constructor(action: string, reason: string);
|
|
45
|
+
}
|
|
46
|
+
export declare class InsufficientScopes extends Error {
|
|
47
|
+
readonly action: string;
|
|
48
|
+
readonly required: ReadonlyArray<Scope>;
|
|
49
|
+
readonly granted: ReadonlyArray<Scope>;
|
|
50
|
+
constructor(action: string, required: ReadonlyArray<Scope>, granted: ReadonlyArray<Scope>);
|
|
51
|
+
}
|
|
52
|
+
export declare class LinkedIdentityRevoked extends Error {
|
|
53
|
+
readonly identity: LinkedIdentity;
|
|
54
|
+
constructor(identity: LinkedIdentity);
|
|
55
|
+
}
|
|
56
|
+
/**
|
|
57
|
+
* Dispatch an action against the currently active identity.
|
|
58
|
+
*
|
|
59
|
+
* The active identity is *passed in* rather than read from request
|
|
60
|
+
* context here — this keeps `run()` a pure function of its inputs and
|
|
61
|
+
* makes it trivially unit-testable. The middleware that resolves
|
|
62
|
+
* IdentityContext (Phase 3+) will read `event.context.identity.active`
|
|
63
|
+
* and forward it.
|
|
64
|
+
*
|
|
65
|
+
* Behaviour:
|
|
66
|
+
* - `active.kind === 'native'` → call `action.local(event, active, input)`
|
|
67
|
+
* - `active.kind === 'linked'` → check scopes + revocation, then call
|
|
68
|
+
* `action.remote(client, active, input)`
|
|
69
|
+
*
|
|
70
|
+
* Throws `ActionUnavailable` if the action has no `remote` half but a
|
|
71
|
+
* linked identity tries it. Throws `LinkedIdentityRevoked` if the
|
|
72
|
+
* grant is revoked. Throws `InsufficientScopes` if the grant doesn't
|
|
73
|
+
* cover what the action needs.
|
|
74
|
+
*
|
|
75
|
+
* Phase 1a: `getFediClient` is unimplemented; the linked path will
|
|
76
|
+
* throw at client construction. Phase 1b plumbs it in.
|
|
77
|
+
*/
|
|
78
|
+
export declare function run<TEvent, TIn, TOut>(event: TEvent, active: Identity, action: ActionRoute<TEvent, TIn, TOut>, input: TIn): Promise<TOut>;
|
|
79
|
+
//# sourceMappingURL=router.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"router.d.ts","sourceRoot":"","sources":["../../src/identity/router.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AACH,OAAO,KAAK,EACV,QAAQ,EACR,cAAc,EACd,cAAc,EACd,KAAK,EACN,MAAM,iBAAiB,CAAC;AAEzB,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAGlD;;;;;;;;GAQG;AACH,MAAM,WAAW,WAAW,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI;IAC5C,wEAAwE;IACxE,IAAI,EAAE,MAAM,CAAC;IACb,8EAA8E;IAC9E,MAAM,EAAE,aAAa,CAAC,KAAK,CAAC,CAAC;IAC7B,qEAAqE;IACrE,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1E;;;;;OAKG;IACH,MAAM,CAAC,CAAC,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAClF;AAED,qBAAa,iBAAkB,SAAQ,KAAK;IAC1C,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;gBACZ,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;CAM3C;AAED,qBAAa,kBAAmB,SAAQ,KAAK;IAC3C,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,QAAQ,EAAE,aAAa,CAAC,KAAK,CAAC,CAAC;IACxC,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC,KAAK,CAAC,CAAC;gBAC3B,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,aAAa,CAAC,KAAK,CAAC;CAO1F;AAED,qBAAa,qBAAsB,SAAQ,KAAK;IAC9C,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;gBACtB,QAAQ,EAAE,cAAc;CAKrC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAsB,GAAG,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,EACzC,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,QAAQ,EAChB,MAAM,EAAE,WAAW,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,EACtC,KAAK,EAAE,GAAG,GACT,OAAO,CAAC,IAAI,CAAC,CAgBf"}
|
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
import { hasAllScopes, isUsableLinkedIdentity } from '@commonpub/auth';
|
|
2
|
+
import { getFediClient } from './fediClient.js';
|
|
3
|
+
export class ActionUnavailable extends Error {
|
|
4
|
+
action;
|
|
5
|
+
reason;
|
|
6
|
+
constructor(action, reason) {
|
|
7
|
+
super(`Action "${action}" unavailable: ${reason}`);
|
|
8
|
+
this.name = 'ActionUnavailable';
|
|
9
|
+
this.action = action;
|
|
10
|
+
this.reason = reason;
|
|
11
|
+
}
|
|
12
|
+
}
|
|
13
|
+
export class InsufficientScopes extends Error {
|
|
14
|
+
action;
|
|
15
|
+
required;
|
|
16
|
+
granted;
|
|
17
|
+
constructor(action, required, granted) {
|
|
18
|
+
super(`Action "${action}" needs scopes [${required.join(', ')}]; have [${granted.join(', ')}]`);
|
|
19
|
+
this.name = 'InsufficientScopes';
|
|
20
|
+
this.action = action;
|
|
21
|
+
this.required = required;
|
|
22
|
+
this.granted = granted;
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
export class LinkedIdentityRevoked extends Error {
|
|
26
|
+
identity;
|
|
27
|
+
constructor(identity) {
|
|
28
|
+
super(`Linked identity ${identity.handle} is revoked; user must re-link`);
|
|
29
|
+
this.name = 'LinkedIdentityRevoked';
|
|
30
|
+
this.identity = identity;
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
/**
|
|
34
|
+
* Dispatch an action against the currently active identity.
|
|
35
|
+
*
|
|
36
|
+
* The active identity is *passed in* rather than read from request
|
|
37
|
+
* context here — this keeps `run()` a pure function of its inputs and
|
|
38
|
+
* makes it trivially unit-testable. The middleware that resolves
|
|
39
|
+
* IdentityContext (Phase 3+) will read `event.context.identity.active`
|
|
40
|
+
* and forward it.
|
|
41
|
+
*
|
|
42
|
+
* Behaviour:
|
|
43
|
+
* - `active.kind === 'native'` → call `action.local(event, active, input)`
|
|
44
|
+
* - `active.kind === 'linked'` → check scopes + revocation, then call
|
|
45
|
+
* `action.remote(client, active, input)`
|
|
46
|
+
*
|
|
47
|
+
* Throws `ActionUnavailable` if the action has no `remote` half but a
|
|
48
|
+
* linked identity tries it. Throws `LinkedIdentityRevoked` if the
|
|
49
|
+
* grant is revoked. Throws `InsufficientScopes` if the grant doesn't
|
|
50
|
+
* cover what the action needs.
|
|
51
|
+
*
|
|
52
|
+
* Phase 1a: `getFediClient` is unimplemented; the linked path will
|
|
53
|
+
* throw at client construction. Phase 1b plumbs it in.
|
|
54
|
+
*/
|
|
55
|
+
export async function run(event, active, action, input) {
|
|
56
|
+
if (active.kind === 'native') {
|
|
57
|
+
return action.local(event, active, input);
|
|
58
|
+
}
|
|
59
|
+
// active.kind === 'linked'
|
|
60
|
+
if (!action.remote) {
|
|
61
|
+
throw new ActionUnavailable(action.name, 'not-proxiable');
|
|
62
|
+
}
|
|
63
|
+
if (!isUsableLinkedIdentity(active)) {
|
|
64
|
+
throw new LinkedIdentityRevoked(active);
|
|
65
|
+
}
|
|
66
|
+
if (!hasAllScopes(active.scopes, action.scopes)) {
|
|
67
|
+
throw new InsufficientScopes(action.name, action.scopes, active.scopes);
|
|
68
|
+
}
|
|
69
|
+
const client = await getFediClient(active);
|
|
70
|
+
return action.remote(client, active, input);
|
|
71
|
+
}
|
|
72
|
+
//# sourceMappingURL=router.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"router.js","sourceRoot":"","sources":["../../src/identity/router.ts"],"names":[],"mappings":"AAoBA,OAAO,EAAE,YAAY,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AAEvE,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AA2BhD,MAAM,OAAO,iBAAkB,SAAQ,KAAK;IACjC,MAAM,CAAS;IACf,MAAM,CAAS;IACxB,YAAY,MAAc,EAAE,MAAc;QACxC,KAAK,CAAC,WAAW,MAAM,kBAAkB,MAAM,EAAE,CAAC,CAAC;QACnD,IAAI,CAAC,IAAI,GAAG,mBAAmB,CAAC;QAChC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF;AAED,MAAM,OAAO,kBAAmB,SAAQ,KAAK;IAClC,MAAM,CAAS;IACf,QAAQ,CAAuB;IAC/B,OAAO,CAAuB;IACvC,YAAY,MAAc,EAAE,QAA8B,EAAE,OAA6B;QACvF,KAAK,CAAC,WAAW,MAAM,mBAAmB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAChG,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;QACjC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAED,MAAM,OAAO,qBAAsB,SAAQ,KAAK;IACrC,QAAQ,CAAiB;IAClC,YAAY,QAAwB;QAClC,KAAK,CAAC,mBAAmB,QAAQ,CAAC,MAAM,gCAAgC,CAAC,CAAC;QAC1E,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;QACpC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;CACF;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,CAAC,KAAK,UAAU,GAAG,CACvB,KAAa,EACb,MAAgB,EAChB,MAAsC,EACtC,KAAU;IAEV,IAAI,MAAM,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7B,OAAO,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IAC5C,CAAC;IACD,2BAA2B;IAC3B,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,IAAI,iBAAiB,CAAC,MAAM,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC5D,CAAC;IACD,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,EAAE,CAAC;QACpC,MAAM,IAAI,qBAAqB,CAAC,MAAM,CAAC,CAAC;IAC1C,CAAC;IACD,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAChD,MAAM,IAAI,kBAAkB,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IAC1E,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC,CAAC;IAC3C,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;AAC9C,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -64,4 +64,8 @@ export type { SafeFetchOptions } from './import/ssrf.js';
|
|
|
64
64
|
export { SmtpEmailAdapter, ResendEmailAdapter, ConsoleEmailAdapter, emailTemplates, } from './email.js';
|
|
65
65
|
export type { EmailAdapter, EmailMessage } from './email.js';
|
|
66
66
|
export * from './publicApi/index.js';
|
|
67
|
+
export type { ActionRoute, FediClient, VerifiedAccount, FediClientFactory, IdentityConfigCheckResult, } from './identity/index.js';
|
|
68
|
+
export { run, getFediClient, setFediClientFactory, ActionUnavailable, InsufficientScopes, LinkedIdentityRevoked, checkIdentityConfig, assertIdentityConfig, } from './identity/index.js';
|
|
69
|
+
export type { FederatedAccountGrant } from './federation/oauth.js';
|
|
70
|
+
export { getDecryptedAccessToken, revokeFederatedAccountGrant, } from './federation/oauth.js';
|
|
67
71
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACrE,YAAY,EAAE,YAAY,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAGvE,YAAY,EAAE,EAAE,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AACpE,YAAY,EACV,OAAO,EACP,WAAW,EACX,eAAe,EACf,aAAa,EACb,mBAAmB,EACnB,kBAAkB,EAClB,cAAc,EACd,WAAW,EACX,SAAS,EACT,UAAU,EACV,aAAa,EACb,WAAW,EACX,cAAc,EACd,YAAY,EACZ,aAAa,EACb,UAAU,EACV,oBAAoB,EACpB,oBAAoB,EACpB,yBAAyB,EACzB,iBAAiB,EACjB,WAAW,EACX,oBAAoB,EACpB,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,EACd,eAAe,GAChB,MAAM,YAAY,CAAC;AAGpB,YAAY,EACV,kBAAkB,EAClB,kBAAkB,EAClB,cAAc,EACd,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,uBAAuB,EACvB,uBAAuB,EACvB,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACnB,mBAAmB,EACnB,sBAAsB,EACtB,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,EACjB,gBAAgB,EAChB,uBAAuB,EACvB,YAAY,EACZ,eAAe,EACf,iBAAiB,EACjB,iBAAiB,EACjB,WAAW,EACX,aAAa,EACb,UAAU,EACV,OAAO,EACP,UAAU,EACV,UAAU,EACV,OAAO,EACP,QAAQ,EACR,UAAU,EACV,aAAa,EACb,aAAa,EACb,0BAA0B,EAC1B,0BAA0B,GAC3B,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAGxE,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,wBAAwB,EACxB,6BAA6B,EAC7B,mBAAmB,EACnB,SAAS,EACT,mBAAmB,EACnB,UAAU,EACV,gBAAgB,EAChB,eAAe,EACf,oBAAoB,EACpB,mBAAmB,GACpB,MAAM,YAAY,CAAC;AACpB,YAAY,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAGjD,OAAO,EACL,WAAW,EACX,gBAAgB,EAChB,aAAa,EACb,aAAa,EACb,aAAa,EACb,cAAc,EACd,kBAAkB,EAClB,kBAAkB,EAClB,gBAAgB,EAChB,gBAAgB,EAChB,qBAAqB,EACrB,oBAAoB,EACpB,mBAAmB,EACnB,WAAW,EACX,oBAAoB,EACpB,eAAe,EACf,wBAAwB,EACxB,aAAa,EACb,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAG7D,OAAO,EACL,qBAAqB,EACrB,kBAAkB,EAClB,wBAAwB,EACxB,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAG9D,OAAO,EACL,QAAQ,EACR,YAAY,EACZ,SAAS,EACT,SAAS,EACT,SAAS,EACT,OAAO,EACP,QAAQ,EACR,SAAS,EACT,WAAW,EACX,iBAAiB,EACjB,UAAU,EACV,UAAU,EACV,UAAU,EACV,QAAQ,EACR,SAAS,EACT,UAAU,EACV,aAAa,EACb,cAAc,EACd,WAAW,EACX,QAAQ,EACR,UAAU,EACV,YAAY,EACZ,WAAW,EACX,WAAW,EACX,WAAW,EACX,OAAO,EACP,SAAS,EACT,QAAQ,EACR,QAAQ,EACR,YAAY,EACZ,oBAAoB,EACpB,YAAY,EACZ,WAAW,EACX,YAAY,EACZ,cAAc,EACd,UAAU,GACX,MAAM,gBAAgB,CAAC;AACxB,YAAY,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACvE,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,GACpB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EACL,aAAa,EACb,aAAa,EACb,aAAa,EACb,gBAAgB,EAChB,eAAe,EACf,cAAc,EACd,iBAAiB,EACjB,oBAAoB,EACpB,mBAAmB,EACnB,mBAAmB,EACnB,kBAAkB,EAClB,cAAc,GACf,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,eAAe,EACf,aAAa,EACb,kBAAkB,EAClB,cAAc,GACf,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,UAAU,EACV,OAAO,EACT,YAAY,EACV,YAAY,EACZ,aAAa,EACb,aAAa,EACb,cAAc,EACd,cAAc,EACd,gBAAgB,EAChB,kBAAkB,EAClB,UAAU,EACV,YAAY,EACZ,WAAW,EACX,aAAa,EACb,aAAa,EACb,YAAY,EACZ,iBAAiB,EACjB,eAAe,EACf,gBAAgB,GACjB,MAAM,mBAAmB,CAAC;AAC3B,YAAY,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAGtE,OAAO,EACL,SAAS,EACT,aAAa,EACb,UAAU,EACV,UAAU,EACV,UAAU,EACV,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,MAAM,EACN,QAAQ,EACR,kBAAkB,EAClB,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,oBAAoB,EACpB,eAAe,EACf,qBAAqB,GACtB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,cAAc,EACd,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,aAAa,EACb,WAAW,EACX,cAAc,EACd,cAAc,EACd,cAAc,EACd,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,GAChB,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EACL,gBAAgB,EAChB,aAAa,EACb,gBAAgB,EAChB,SAAS,EACT,cAAc,EACd,gBAAgB,EAChB,WAAW,EACX,aAAa,EACb,mBAAmB,EACnB,kBAAkB,EAClB,kBAAkB,EAClB,UAAU,EACV,aAAa,EACb,sBAAsB,GACvB,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EACV,UAAU,EACV,YAAY,EACZ,YAAY,EACZ,aAAa,EACb,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,GACd,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAC1G,YAAY,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAGzD,OAAO,EACL,kBAAkB,EAClB,cAAc,EACd,kBAAkB,EAClB,qBAAqB,EACrB,aAAa,EACb,oBAAoB,EACpB,cAAc,EACd,aAAa,EACb,cAAc,EACd,mBAAmB,EACnB,cAAc,GACf,MAAM,eAAe,CAAC;AACvB,YAAY,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAGpE,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,oBAAoB,EACpB,yBAAyB,GAC1B,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EAAE,cAAc,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAGlF,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAClH,YAAY,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAG3D,OAAO,EAAE,YAAY,EAAE,uBAAuB,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAGjF,OAAO,EACL,uBAAuB,EACvB,0BAA0B,EAC1B,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,EACjB,qBAAqB,EACrB,UAAU,EACV,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,eAAe,EACf,cAAc,EACd,cAAc,EACd,YAAY,EACZ,cAAc,EACd,eAAe,EACf,uBAAuB,EACvB,kBAAkB,EAClB,YAAY,EACZ,YAAY,EACZ,sBAAsB,EACtB,mBAAmB,EACnB,wBAAwB,EACxB,qBAAqB,EACrB,mBAAmB,EACnB,iBAAiB,EACjB,kBAAkB,EAClB,aAAa,EACb,iBAAiB,EACjB,2BAA2B,EAC3B,sBAAsB,EACtB,cAAc,EACd,qBAAqB,EACrB,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,wBAAwB,EACxB,gBAAgB,EAChB,eAAe,EACf,gBAAgB,EAChB,qBAAqB,EACrB,qBAAqB,EACrB,mBAAmB,EACnB,qBAAqB,EACrB,oBAAoB,EACpB,iBAAiB,EACjB,mBAAmB,EACnB,iBAAiB,EACjB,YAAY,EACZ,cAAc,EACd,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,WAAW,EACX,SAAS,EACT,KAAK,YAAY,EACjB,gBAAgB,EAChB,oBAAoB,EACpB,mBAAmB,EACnB,oBAAoB,EACpB,0BAA0B,EAC1B,gBAAgB,EAChB,mBAAmB,EACnB,qBAAqB,EACrB,iBAAiB,EACjB,0BAA0B,EAC1B,eAAe,EACf,iBAAiB,EACjB,oBAAoB,EACpB,sBAAsB,EACtB,gBAAgB,EAChB,kBAAkB,EAClB,yBAAyB,EACzB,kBAAkB,EAClB,qBAAqB,EACrB,eAAe,EACf,KAAK,eAAe,EACpB,KAAK,WAAW,EAChB,KAAK,eAAe,EACpB,KAAK,sBAAsB,EAC3B,KAAK,eAAe,EACpB,KAAK,kBAAkB,EACvB,KAAK,oBAAoB,EACzB,KAAK,wBAAwB,EAC7B,2BAA2B,EAC3B,KAAK,mBAAmB,EACxB,KAAK,cAAc,EACnB,KAAK,eAAe,EACpB,0BAA0B,EAC1B,kBAAkB,EAClB,KAAK,cAAc,EACnB,gBAAgB,EAChB,wBAAwB,EACxB,aAAa,EACb,qBAAqB,EACrB,mBAAmB,EACnB,gBAAgB,EAChB,aAAa,EACb,qBAAqB,EACrB,qBAAqB,EACrB,iBAAiB,EAEjB,iBAAiB,EACjB,eAAe,EACf,yBAAyB,EACzB,eAAe,EACf,aAAa,EACb,eAAe,EACf,iBAAiB,EACjB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,qBAAqB,EACrB,uBAAuB,EACvB,wBAAwB,EACxB,sBAAsB,EACtB,oBAAoB,EACpB,sBAAsB,EACtB,2BAA2B,EAC3B,2BAA2B,EAC3B,qBAAqB,EACrB,uBAAuB,EACvB,4BAA4B,EAC5B,2BAA2B,EAC3B,0BAA0B,EAC1B,gBAAgB,EAChB,2BAA2B,EAC3B,2BAA2B,GAC5B,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAGtF,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,aAAa,EACb,aAAa,EACb,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,EACjB,aAAa,EACb,uBAAuB,EACvB,qBAAqB,EACrB,oBAAoB,GACrB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,eAAe,EACf,aAAa,EACb,cAAc,EACd,kBAAkB,EAClB,gBAAgB,GACjB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,cAAc,GACf,MAAM,qBAAqB,CAAC;AAC7B,YAAY,EACV,SAAS,EACT,gBAAgB,GACjB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,iBAAiB,EACjB,cAAc,EACd,oBAAoB,EACpB,wBAAwB,EACxB,kBAAkB,EAClB,kBAAkB,EAClB,uBAAuB,EACvB,0BAA0B,EAC1B,0BAA0B,GAC3B,MAAM,yBAAyB,CAAC;AACjC,YAAY,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAGvG,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,kBAAkB,EAClB,wBAAwB,EACxB,WAAW,EACX,gBAAgB,EAChB,qBAAqB,EACrB,2BAA2B,GAC5B,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAG1E,OAAO,EACL,UAAU,EACV,YAAY,EACZ,WAAW,EACX,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EACV,aAAa,EACb,WAAW,EACX,YAAY,EACZ,iBAAiB,GAClB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AAGzD,OAAO,EACL,mBAAmB,EACnB,gBAAgB,EAChB,oBAAoB,EACpB,kBAAkB,EAClB,cAAc,EACd,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,gBAAgB,GACjB,MAAM,cAAc,CAAC;AACtB,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAGnD,OAAO,EACL,YAAY,EACZ,cAAc,EACd,cAAc,GACf,MAAM,YAAY,CAAC;AACpB,YAAY,EAAE,cAAc,EAAE,YAAY,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAGjF,OAAO,EACL,mBAAmB,EACnB,mBAAmB,EACnB,qBAAqB,EACrB,gBAAgB,GACjB,MAAM,wBAAwB,CAAC;AAChC,YAAY,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAGrF,OAAO,EACL,UAAU,EACV,cAAc,EACd,WAAW,EACX,WAAW,EACX,WAAW,EACX,kBAAkB,EAClB,SAAS,EACT,UAAU,EACV,iBAAiB,GAClB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,aAAa,EACb,WAAW,EACX,YAAY,EACZ,gBAAgB,EAChB,gBAAgB,EAChB,YAAY,EACZ,WAAW,EACX,SAAS,EACT,cAAc,GACf,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,UAAU,EACV,eAAe,EACf,iBAAiB,EACjB,cAAc,EACd,UAAU,EACV,eAAe,EACf,kBAAkB,EAClB,sBAAsB,EACtB,wBAAwB,EACxB,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,aAAa,EACb,UAAU,EACV,gBAAgB,EAChB,oBAAoB,GACrB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,WAAW,EACX,WAAW,EACX,aAAa,EACb,iBAAiB,GAClB,MAAM,4BAA4B,CAAC;AACpC,YAAY,EAAE,OAAO,EAAE,MAAM,4BAA4B,CAAC;AAG1D,OAAO,EACL,aAAa,EACb,qBAAqB,EACrB,kBAAkB,EAClB,YAAY,EACZ,eAAe,EACf,qBAAqB,GACtB,MAAM,2BAA2B,CAAC;AACnC,YAAY,EACV,mBAAmB,EACnB,oBAAoB,EACpB,WAAW,GACZ,MAAM,2BAA2B,CAAC;AAGnC,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,YAAY,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAC5E,YAAY,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAGzD,OAAO,EACL,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,GACf,MAAM,YAAY,CAAC;AACpB,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAG7D,cAAc,sBAAsB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACrE,YAAY,EAAE,YAAY,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAGvE,YAAY,EAAE,EAAE,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AACpE,YAAY,EACV,OAAO,EACP,WAAW,EACX,eAAe,EACf,aAAa,EACb,mBAAmB,EACnB,kBAAkB,EAClB,cAAc,EACd,WAAW,EACX,SAAS,EACT,UAAU,EACV,aAAa,EACb,WAAW,EACX,cAAc,EACd,YAAY,EACZ,aAAa,EACb,UAAU,EACV,oBAAoB,EACpB,oBAAoB,EACpB,yBAAyB,EACzB,iBAAiB,EACjB,WAAW,EACX,oBAAoB,EACpB,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,EACd,eAAe,GAChB,MAAM,YAAY,CAAC;AAGpB,YAAY,EACV,kBAAkB,EAClB,kBAAkB,EAClB,cAAc,EACd,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,uBAAuB,EACvB,uBAAuB,EACvB,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACnB,mBAAmB,EACnB,sBAAsB,EACtB,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,EACjB,gBAAgB,EAChB,uBAAuB,EACvB,YAAY,EACZ,eAAe,EACf,iBAAiB,EACjB,iBAAiB,EACjB,WAAW,EACX,aAAa,EACb,UAAU,EACV,OAAO,EACP,UAAU,EACV,UAAU,EACV,OAAO,EACP,QAAQ,EACR,UAAU,EACV,aAAa,EACb,aAAa,EACb,0BAA0B,EAC1B,0BAA0B,GAC3B,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAGxE,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,wBAAwB,EACxB,6BAA6B,EAC7B,mBAAmB,EACnB,SAAS,EACT,mBAAmB,EACnB,UAAU,EACV,gBAAgB,EAChB,eAAe,EACf,oBAAoB,EACpB,mBAAmB,GACpB,MAAM,YAAY,CAAC;AACpB,YAAY,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAGjD,OAAO,EACL,WAAW,EACX,gBAAgB,EAChB,aAAa,EACb,aAAa,EACb,aAAa,EACb,cAAc,EACd,kBAAkB,EAClB,kBAAkB,EAClB,gBAAgB,EAChB,gBAAgB,EAChB,qBAAqB,EACrB,oBAAoB,EACpB,mBAAmB,EACnB,WAAW,EACX,oBAAoB,EACpB,eAAe,EACf,wBAAwB,EACxB,aAAa,EACb,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAG7D,OAAO,EACL,qBAAqB,EACrB,kBAAkB,EAClB,wBAAwB,EACxB,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAG9D,OAAO,EACL,QAAQ,EACR,YAAY,EACZ,SAAS,EACT,SAAS,EACT,SAAS,EACT,OAAO,EACP,QAAQ,EACR,SAAS,EACT,WAAW,EACX,iBAAiB,EACjB,UAAU,EACV,UAAU,EACV,UAAU,EACV,QAAQ,EACR,SAAS,EACT,UAAU,EACV,aAAa,EACb,cAAc,EACd,WAAW,EACX,QAAQ,EACR,UAAU,EACV,YAAY,EACZ,WAAW,EACX,WAAW,EACX,WAAW,EACX,OAAO,EACP,SAAS,EACT,QAAQ,EACR,QAAQ,EACR,YAAY,EACZ,oBAAoB,EACpB,YAAY,EACZ,WAAW,EACX,YAAY,EACZ,cAAc,EACd,UAAU,GACX,MAAM,gBAAgB,CAAC;AACxB,YAAY,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACvE,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,GACpB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EACL,aAAa,EACb,aAAa,EACb,aAAa,EACb,gBAAgB,EAChB,eAAe,EACf,cAAc,EACd,iBAAiB,EACjB,oBAAoB,EACpB,mBAAmB,EACnB,mBAAmB,EACnB,kBAAkB,EAClB,cAAc,GACf,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,eAAe,EACf,aAAa,EACb,kBAAkB,EAClB,cAAc,GACf,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,UAAU,EACV,OAAO,EACT,YAAY,EACV,YAAY,EACZ,aAAa,EACb,aAAa,EACb,cAAc,EACd,cAAc,EACd,gBAAgB,EAChB,kBAAkB,EAClB,UAAU,EACV,YAAY,EACZ,WAAW,EACX,aAAa,EACb,aAAa,EACb,YAAY,EACZ,iBAAiB,EACjB,eAAe,EACf,gBAAgB,GACjB,MAAM,mBAAmB,CAAC;AAC3B,YAAY,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAGtE,OAAO,EACL,SAAS,EACT,aAAa,EACb,UAAU,EACV,UAAU,EACV,UAAU,EACV,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,MAAM,EACN,QAAQ,EACR,kBAAkB,EAClB,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,oBAAoB,EACpB,eAAe,EACf,qBAAqB,GACtB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,cAAc,EACd,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,aAAa,EACb,WAAW,EACX,cAAc,EACd,cAAc,EACd,cAAc,EACd,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,GAChB,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EACL,gBAAgB,EAChB,aAAa,EACb,gBAAgB,EAChB,SAAS,EACT,cAAc,EACd,gBAAgB,EAChB,WAAW,EACX,aAAa,EACb,mBAAmB,EACnB,kBAAkB,EAClB,kBAAkB,EAClB,UAAU,EACV,aAAa,EACb,sBAAsB,GACvB,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EACV,UAAU,EACV,YAAY,EACZ,YAAY,EACZ,aAAa,EACb,YAAY,EACZ,WAAW,EACX,cAAc,EACd,aAAa,GACd,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAC1G,YAAY,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAGzD,OAAO,EACL,kBAAkB,EAClB,cAAc,EACd,kBAAkB,EAClB,qBAAqB,EACrB,aAAa,EACb,oBAAoB,EACpB,cAAc,EACd,aAAa,EACb,cAAc,EACd,mBAAmB,EACnB,cAAc,GACf,MAAM,eAAe,CAAC;AACvB,YAAY,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAGpE,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,oBAAoB,EACpB,yBAAyB,GAC1B,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EAAE,cAAc,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAGlF,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAClH,YAAY,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAG3D,OAAO,EAAE,YAAY,EAAE,uBAAuB,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAGjF,OAAO,EACL,uBAAuB,EACvB,0BAA0B,EAC1B,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,EACjB,qBAAqB,EACrB,UAAU,EACV,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,eAAe,EACf,cAAc,EACd,cAAc,EACd,YAAY,EACZ,cAAc,EACd,eAAe,EACf,uBAAuB,EACvB,kBAAkB,EAClB,YAAY,EACZ,YAAY,EACZ,sBAAsB,EACtB,mBAAmB,EACnB,wBAAwB,EACxB,qBAAqB,EACrB,mBAAmB,EACnB,iBAAiB,EACjB,kBAAkB,EAClB,aAAa,EACb,iBAAiB,EACjB,2BAA2B,EAC3B,sBAAsB,EACtB,cAAc,EACd,qBAAqB,EACrB,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,wBAAwB,EACxB,gBAAgB,EAChB,eAAe,EACf,gBAAgB,EAChB,qBAAqB,EACrB,qBAAqB,EACrB,mBAAmB,EACnB,qBAAqB,EACrB,oBAAoB,EACpB,iBAAiB,EACjB,mBAAmB,EACnB,iBAAiB,EACjB,YAAY,EACZ,cAAc,EACd,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,WAAW,EACX,SAAS,EACT,KAAK,YAAY,EACjB,gBAAgB,EAChB,oBAAoB,EACpB,mBAAmB,EACnB,oBAAoB,EACpB,0BAA0B,EAC1B,gBAAgB,EAChB,mBAAmB,EACnB,qBAAqB,EACrB,iBAAiB,EACjB,0BAA0B,EAC1B,eAAe,EACf,iBAAiB,EACjB,oBAAoB,EACpB,sBAAsB,EACtB,gBAAgB,EAChB,kBAAkB,EAClB,yBAAyB,EACzB,kBAAkB,EAClB,qBAAqB,EACrB,eAAe,EACf,KAAK,eAAe,EACpB,KAAK,WAAW,EAChB,KAAK,eAAe,EACpB,KAAK,sBAAsB,EAC3B,KAAK,eAAe,EACpB,KAAK,kBAAkB,EACvB,KAAK,oBAAoB,EACzB,KAAK,wBAAwB,EAC7B,2BAA2B,EAC3B,KAAK,mBAAmB,EACxB,KAAK,cAAc,EACnB,KAAK,eAAe,EACpB,0BAA0B,EAC1B,kBAAkB,EAClB,KAAK,cAAc,EACnB,gBAAgB,EAChB,wBAAwB,EACxB,aAAa,EACb,qBAAqB,EACrB,mBAAmB,EACnB,gBAAgB,EAChB,aAAa,EACb,qBAAqB,EACrB,qBAAqB,EACrB,iBAAiB,EAEjB,iBAAiB,EACjB,eAAe,EACf,yBAAyB,EACzB,eAAe,EACf,aAAa,EACb,eAAe,EACf,iBAAiB,EACjB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,qBAAqB,EACrB,uBAAuB,EACvB,wBAAwB,EACxB,sBAAsB,EACtB,oBAAoB,EACpB,sBAAsB,EACtB,2BAA2B,EAC3B,2BAA2B,EAC3B,qBAAqB,EACrB,uBAAuB,EACvB,4BAA4B,EAC5B,2BAA2B,EAC3B,0BAA0B,EAC1B,gBAAgB,EAChB,2BAA2B,EAC3B,2BAA2B,GAC5B,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAGtF,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,aAAa,EACb,aAAa,EACb,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,EACjB,aAAa,EACb,uBAAuB,EACvB,qBAAqB,EACrB,oBAAoB,GACrB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,eAAe,EACf,aAAa,EACb,cAAc,EACd,kBAAkB,EAClB,gBAAgB,GACjB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,cAAc,GACf,MAAM,qBAAqB,CAAC;AAC7B,YAAY,EACV,SAAS,EACT,gBAAgB,GACjB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,iBAAiB,EACjB,cAAc,EACd,oBAAoB,EACpB,wBAAwB,EACxB,kBAAkB,EAClB,kBAAkB,EAClB,uBAAuB,EACvB,0BAA0B,EAC1B,0BAA0B,GAC3B,MAAM,yBAAyB,CAAC;AACjC,YAAY,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAGvG,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,kBAAkB,EAClB,wBAAwB,EACxB,WAAW,EACX,gBAAgB,EAChB,qBAAqB,EACrB,2BAA2B,GAC5B,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAG1E,OAAO,EACL,UAAU,EACV,YAAY,EACZ,WAAW,EACX,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EACV,aAAa,EACb,WAAW,EACX,YAAY,EACZ,iBAAiB,GAClB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AAGzD,OAAO,EACL,mBAAmB,EACnB,gBAAgB,EAChB,oBAAoB,EACpB,kBAAkB,EAClB,cAAc,EACd,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,gBAAgB,GACjB,MAAM,cAAc,CAAC;AACtB,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAGnD,OAAO,EACL,YAAY,EACZ,cAAc,EACd,cAAc,GACf,MAAM,YAAY,CAAC;AACpB,YAAY,EAAE,cAAc,EAAE,YAAY,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAGjF,OAAO,EACL,mBAAmB,EACnB,mBAAmB,EACnB,qBAAqB,EACrB,gBAAgB,GACjB,MAAM,wBAAwB,CAAC;AAChC,YAAY,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAGrF,OAAO,EACL,UAAU,EACV,cAAc,EACd,WAAW,EACX,WAAW,EACX,WAAW,EACX,kBAAkB,EAClB,SAAS,EACT,UAAU,EACV,iBAAiB,GAClB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,aAAa,EACb,WAAW,EACX,YAAY,EACZ,gBAAgB,EAChB,gBAAgB,EAChB,YAAY,EACZ,WAAW,EACX,SAAS,EACT,cAAc,GACf,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,UAAU,EACV,eAAe,EACf,iBAAiB,EACjB,cAAc,EACd,UAAU,EACV,eAAe,EACf,kBAAkB,EAClB,sBAAsB,EACtB,wBAAwB,EACxB,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,aAAa,EACb,UAAU,EACV,gBAAgB,EAChB,oBAAoB,GACrB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,WAAW,EACX,WAAW,EACX,aAAa,EACb,iBAAiB,GAClB,MAAM,4BAA4B,CAAC;AACpC,YAAY,EAAE,OAAO,EAAE,MAAM,4BAA4B,CAAC;AAG1D,OAAO,EACL,aAAa,EACb,qBAAqB,EACrB,kBAAkB,EAClB,YAAY,EACZ,eAAe,EACf,qBAAqB,GACtB,MAAM,2BAA2B,CAAC;AACnC,YAAY,EACV,mBAAmB,EACnB,oBAAoB,EACpB,WAAW,GACZ,MAAM,2BAA2B,CAAC;AAGnC,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,YAAY,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAC5E,YAAY,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAGzD,OAAO,EACL,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,GACf,MAAM,YAAY,CAAC;AACpB,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAG7D,cAAc,sBAAsB,CAAC;AAQrC,YAAY,EACV,WAAW,EACX,UAAU,EACV,eAAe,EACf,iBAAiB,EACjB,yBAAyB,GAC1B,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EACL,GAAG,EACH,aAAa,EACb,oBAAoB,EACpB,iBAAiB,EACjB,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,oBAAoB,GACrB,MAAM,qBAAqB,CAAC;AAG7B,YAAY,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AACnE,OAAO,EACL,uBAAuB,EACvB,2BAA2B,GAC5B,MAAM,uBAAuB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -69,4 +69,6 @@ export { isPrivateUrl, safeFetch, safeFetchBinary } from './import/ssrf.js';
|
|
|
69
69
|
export { SmtpEmailAdapter, ResendEmailAdapter, ConsoleEmailAdapter, emailTemplates, } from './email.js';
|
|
70
70
|
// Public API (admin-scoped Bearer keys for external consumers)
|
|
71
71
|
export * from './publicApi/index.js';
|
|
72
|
+
export { run, getFediClient, setFediClientFactory, ActionUnavailable, InsufficientScopes, LinkedIdentityRevoked, checkIdentityConfig, assertIdentityConfig, } from './identity/index.js';
|
|
73
|
+
export { getDecryptedAccessToken, revokeFederatedAccountGrant, } from './federation/oauth.js';
|
|
72
74
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,oCAAoC;AACpC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AA2ErE,YAAY;AACZ,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAExE,gBAAgB;AAChB,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,wBAAwB,EACxB,6BAA6B,EAC7B,mBAAmB,EACnB,SAAS,EACT,mBAAmB,EACnB,UAAU,EACV,gBAAgB,EAChB,eAAe,EACf,oBAAoB,EACpB,mBAAmB,GACpB,MAAM,YAAY,CAAC;AAGpB,UAAU;AACV,OAAO,EACL,WAAW,EACX,gBAAgB,EAChB,aAAa,EACb,aAAa,EACb,aAAa,EACb,cAAc,EACd,kBAAkB,EAClB,kBAAkB,EAClB,gBAAgB,EAChB,gBAAgB,EAChB,qBAAqB,EACrB,oBAAoB,EACpB,mBAAmB,EACnB,WAAW,EACX,oBAAoB,EACpB,eAAe,EACf,wBAAwB,EACxB,aAAa,EACb,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAG5B,qBAAqB;AACrB,OAAO,EACL,qBAAqB,EACrB,kBAAkB,EAClB,wBAAwB,EACxB,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,oBAAoB,CAAC;AAG5B,OAAO;AACP,OAAO,EACL,QAAQ,EACR,YAAY,EACZ,SAAS,EACT,SAAS,EACT,SAAS,EACT,OAAO,EACP,QAAQ,EACR,SAAS,EACT,WAAW,EACX,iBAAiB,EACjB,UAAU,EACV,UAAU,EACV,UAAU,EACV,QAAQ,EACR,SAAS,EACT,UAAU,EACV,aAAa,EACb,cAAc,EACd,WAAW,EACX,QAAQ,EACR,UAAU,EACV,YAAY,EACZ,WAAW,EACX,WAAW,EACX,WAAW,EACX,OAAO,EACP,SAAS,EACT,QAAQ,EACR,QAAQ,EACR,YAAY,EACZ,oBAAoB,EACpB,YAAY,EACZ,WAAW,EACX,YAAY,EACZ,cAAc,EACd,UAAU,GACX,MAAM,gBAAgB,CAAC;AAExB,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,GACpB,MAAM,gBAAgB,CAAC;AAExB,WAAW;AACX,OAAO,EACL,aAAa,EACb,aAAa,EACb,aAAa,EACb,gBAAgB,EAChB,eAAe,EACf,cAAc,EACd,iBAAiB,EACjB,oBAAoB,EACpB,mBAAmB,EACnB,mBAAmB,EACnB,kBAAkB,EAClB,cAAc,GACf,MAAM,oBAAoB,CAAC;AAQ5B,SAAS;AACT,OAAO,EACL,UAAU,EACV,OAAO,EACT,YAAY,EACV,YAAY,EACZ,aAAa,EACb,aAAa,EACb,cAAc,EACd,cAAc,EACd,gBAAgB,EAChB,kBAAkB,EAClB,UAAU,EACV,YAAY,EACZ,WAAW,EACX,aAAa,EACb,aAAa,EACb,YAAY,EACZ,iBAAiB,EACjB,eAAe,EACf,gBAAgB,GACjB,MAAM,mBAAmB,CAAC;AAG3B,WAAW;AACX,OAAO,EACL,SAAS,EACT,aAAa,EACb,UAAU,EACV,UAAU,EACV,UAAU,EACV,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,MAAM,EACN,QAAQ,EACR,kBAAkB,EAClB,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,oBAAoB,EACpB,eAAe,EACf,qBAAqB,GACtB,MAAM,qBAAqB,CAAC;AAE7B,OAAO;AACP,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,cAAc,EACd,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,aAAa,EACb,WAAW,EACX,cAAc,EACd,cAAc,EACd,cAAc,EACd,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,GAChB,MAAM,iBAAiB,CAAC;AAEzB,yBAAyB;AACzB,OAAO,EACL,gBAAgB,EAChB,aAAa,EACb,gBAAgB,EAChB,SAAS,EACT,cAAc,EACd,gBAAgB,EAChB,WAAW,EACX,aAAa,EACb,mBAAmB,EACnB,kBAAkB,EAClB,kBAAkB,EAClB,UAAU,EACV,aAAa,EACb,sBAAsB,GACvB,MAAM,kBAAkB,CAAC;AAY1B,UAAU;AACV,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAG1G,WAAW;AACX,OAAO,EACL,kBAAkB,EAClB,cAAc,EACd,kBAAkB,EAClB,qBAAqB,EACrB,aAAa,EACb,oBAAoB,EACpB,cAAc,EACd,aAAa,EACb,cAAc,EACd,mBAAmB,EACnB,cAAc,GACf,MAAM,eAAe,CAAC;AAGvB,2DAA2D;AAC3D,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,oBAAoB,EACpB,yBAAyB,GAC1B,MAAM,kBAAkB,CAAC;AAG1B,4CAA4C;AAC5C,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAGlH,QAAQ;AACR,OAAO,EAAE,YAAY,EAAE,uBAAuB,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAEjF,aAAa;AACb,OAAO,EACL,uBAAuB,EACvB,0BAA0B,EAC1B,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,EACjB,qBAAqB,EACrB,UAAU,EACV,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,eAAe,EACf,cAAc,EACd,cAAc,EACd,YAAY,EACZ,cAAc,EACd,eAAe,EACf,uBAAuB,EACvB,kBAAkB,EAClB,YAAY,EACZ,YAAY,EACZ,sBAAsB,EACtB,mBAAmB,EACnB,wBAAwB,EACxB,qBAAqB,EACrB,mBAAmB,EACnB,iBAAiB,EACjB,kBAAkB,EAClB,aAAa,EACb,iBAAiB,EACjB,2BAA2B,EAC3B,sBAAsB,EACtB,cAAc,EACd,qBAAqB,EACrB,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,wBAAwB,EACxB,gBAAgB,EAChB,eAAe,EACf,gBAAgB,EAChB,qBAAqB,EACrB,qBAAqB,EACrB,mBAAmB,EACnB,qBAAqB,EACrB,oBAAoB,EACpB,iBAAiB,EACjB,mBAAmB,EACnB,iBAAiB,EACjB,YAAY,EACZ,cAAc,EACd,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,WAAW,EACX,SAAS,EAET,gBAAgB,EAChB,oBAAoB,EACpB,mBAAmB,EACnB,oBAAoB,EACpB,0BAA0B,EAC1B,gBAAgB,EAChB,mBAAmB,EACnB,qBAAqB,EACrB,iBAAiB,EACjB,0BAA0B,EAC1B,eAAe,EACf,iBAAiB,EACjB,oBAAoB,EACpB,sBAAsB,EACtB,gBAAgB,EAChB,kBAAkB,EAClB,yBAAyB,EACzB,kBAAkB,EAClB,qBAAqB,EACrB,eAAe,EASf,2BAA2B,EAI3B,0BAA0B,EAC1B,kBAAkB,EAElB,gBAAgB,EAChB,wBAAwB,EACxB,aAAa,EACb,qBAAqB,EACrB,mBAAmB,EACnB,gBAAgB,EAChB,aAAa,EACb,qBAAqB,EACrB,qBAAqB,EACrB,iBAAiB;AACjB,gBAAgB;AAChB,iBAAiB,EACjB,eAAe,EACf,yBAAyB,EACzB,eAAe,EACf,aAAa,EACb,eAAe,EACf,iBAAiB,EACjB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,qBAAqB,EACrB,uBAAuB,EACvB,wBAAwB,EACxB,sBAAsB,EACtB,oBAAoB,EACpB,sBAAsB,EACtB,2BAA2B,EAC3B,2BAA2B,EAC3B,qBAAqB,EACrB,uBAAuB,EACvB,4BAA4B,EAC5B,2BAA2B,EAC3B,0BAA0B,EAC1B,gBAAgB,EAChB,2BAA2B,EAC3B,2BAA2B,GAC5B,MAAM,uBAAuB,CAAC;AAE/B,cAAc;AACd,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAEtF,UAAU;AACV,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,aAAa,EACb,aAAa,EACb,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,EACjB,aAAa,EACb,uBAAuB,EACvB,qBAAqB,EACrB,oBAAoB,GACrB,MAAM,oBAAoB,CAAC;AAQ5B,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,cAAc,GACf,MAAM,qBAAqB,CAAC;AAM7B,eAAe;AACf,OAAO,EACL,iBAAiB,EACjB,cAAc,EACd,oBAAoB,EACpB,wBAAwB,EACxB,kBAAkB,EAClB,kBAAkB,EAClB,uBAAuB,EACvB,0BAA0B,EAC1B,0BAA0B,GAC3B,MAAM,yBAAyB,CAAC;AAGjC,YAAY;AACZ,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,kBAAkB,EAClB,wBAAwB,EACxB,WAAW,EACX,gBAAgB,EAChB,qBAAqB,EACrB,2BAA2B,GAC5B,MAAM,sBAAsB,CAAC;AAG9B,QAAQ;AACR,OAAO,EACL,UAAU,EACV,YAAY,EACZ,WAAW,EACX,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,kBAAkB,CAAC;AAQ1B,OAAO;AACP,OAAO,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AAEzD,UAAU;AACV,OAAO,EACL,mBAAmB,EACnB,gBAAgB,EAChB,oBAAoB,EACpB,kBAAkB,EAClB,cAAc,EACd,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,gBAAgB,GACjB,MAAM,cAAc,CAAC;AAGtB,mBAAmB;AACnB,OAAO,EACL,YAAY,EACZ,cAAc,EACd,cAAc,GACf,MAAM,YAAY,CAAC;AAGpB,WAAW;AACX,OAAO,EACL,mBAAmB,EACnB,mBAAmB,EACnB,qBAAqB,EACrB,gBAAgB,GACjB,MAAM,wBAAwB,CAAC;AAGhC,SAAS;AACT,OAAO,EACL,UAAU,EACV,cAAc,EACd,WAAW,EACX,WAAW,EACX,WAAW,EACX,kBAAkB,EAClB,SAAS,EACT,UAAU,EACV,iBAAiB,GAClB,MAAM,oBAAoB,CAAC;AAa5B,SAAS;AACT,OAAO,EACL,UAAU,EACV,eAAe,EACf,iBAAiB,EACjB,cAAc,EACd,UAAU,EACV,eAAe,EACf,kBAAkB,EAClB,sBAAsB,EACtB,wBAAwB,EACxB,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,oBAAoB,CAAC;AAQ5B,aAAa;AACb,OAAO,EACL,WAAW,EACX,WAAW,EACX,aAAa,EACb,iBAAiB,GAClB,MAAM,4BAA4B,CAAC;AAGpC,SAAS;AACT,OAAO,EACL,aAAa,EACb,qBAAqB,EACrB,kBAAkB,EAClB,YAAY,EACZ,eAAe,EACf,qBAAqB,GACtB,MAAM,2BAA2B,CAAC;AAOnC,SAAS;AACT,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAElD,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAG5E,QAAQ;AACR,OAAO,EACL,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,GACf,MAAM,YAAY,CAAC;AAGpB,+DAA+D;AAC/D,cAAc,sBAAsB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,oCAAoC;AACpC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AA2ErE,YAAY;AACZ,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAExE,gBAAgB;AAChB,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,wBAAwB,EACxB,6BAA6B,EAC7B,mBAAmB,EACnB,SAAS,EACT,mBAAmB,EACnB,UAAU,EACV,gBAAgB,EAChB,eAAe,EACf,oBAAoB,EACpB,mBAAmB,GACpB,MAAM,YAAY,CAAC;AAGpB,UAAU;AACV,OAAO,EACL,WAAW,EACX,gBAAgB,EAChB,aAAa,EACb,aAAa,EACb,aAAa,EACb,cAAc,EACd,kBAAkB,EAClB,kBAAkB,EAClB,gBAAgB,EAChB,gBAAgB,EAChB,qBAAqB,EACrB,oBAAoB,EACpB,mBAAmB,EACnB,WAAW,EACX,oBAAoB,EACpB,eAAe,EACf,wBAAwB,EACxB,aAAa,EACb,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAG5B,qBAAqB;AACrB,OAAO,EACL,qBAAqB,EACrB,kBAAkB,EAClB,wBAAwB,EACxB,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,oBAAoB,CAAC;AAG5B,OAAO;AACP,OAAO,EACL,QAAQ,EACR,YAAY,EACZ,SAAS,EACT,SAAS,EACT,SAAS,EACT,OAAO,EACP,QAAQ,EACR,SAAS,EACT,WAAW,EACX,iBAAiB,EACjB,UAAU,EACV,UAAU,EACV,UAAU,EACV,QAAQ,EACR,SAAS,EACT,UAAU,EACV,aAAa,EACb,cAAc,EACd,WAAW,EACX,QAAQ,EACR,UAAU,EACV,YAAY,EACZ,WAAW,EACX,WAAW,EACX,WAAW,EACX,OAAO,EACP,SAAS,EACT,QAAQ,EACR,QAAQ,EACR,YAAY,EACZ,oBAAoB,EACpB,YAAY,EACZ,WAAW,EACX,YAAY,EACZ,cAAc,EACd,UAAU,GACX,MAAM,gBAAgB,CAAC;AAExB,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,GACpB,MAAM,gBAAgB,CAAC;AAExB,WAAW;AACX,OAAO,EACL,aAAa,EACb,aAAa,EACb,aAAa,EACb,gBAAgB,EAChB,eAAe,EACf,cAAc,EACd,iBAAiB,EACjB,oBAAoB,EACpB,mBAAmB,EACnB,mBAAmB,EACnB,kBAAkB,EAClB,cAAc,GACf,MAAM,oBAAoB,CAAC;AAQ5B,SAAS;AACT,OAAO,EACL,UAAU,EACV,OAAO,EACT,YAAY,EACV,YAAY,EACZ,aAAa,EACb,aAAa,EACb,cAAc,EACd,cAAc,EACd,gBAAgB,EAChB,kBAAkB,EAClB,UAAU,EACV,YAAY,EACZ,WAAW,EACX,aAAa,EACb,aAAa,EACb,YAAY,EACZ,iBAAiB,EACjB,eAAe,EACf,gBAAgB,GACjB,MAAM,mBAAmB,CAAC;AAG3B,WAAW;AACX,OAAO,EACL,SAAS,EACT,aAAa,EACb,UAAU,EACV,UAAU,EACV,UAAU,EACV,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,MAAM,EACN,QAAQ,EACR,kBAAkB,EAClB,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,oBAAoB,EACpB,eAAe,EACf,qBAAqB,GACtB,MAAM,qBAAqB,CAAC;AAE7B,OAAO;AACP,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,cAAc,EACd,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,EACjB,aAAa,EACb,WAAW,EACX,cAAc,EACd,cAAc,EACd,cAAc,EACd,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,GAChB,MAAM,iBAAiB,CAAC;AAEzB,yBAAyB;AACzB,OAAO,EACL,gBAAgB,EAChB,aAAa,EACb,gBAAgB,EAChB,SAAS,EACT,cAAc,EACd,gBAAgB,EAChB,WAAW,EACX,aAAa,EACb,mBAAmB,EACnB,kBAAkB,EAClB,kBAAkB,EAClB,UAAU,EACV,aAAa,EACb,sBAAsB,GACvB,MAAM,kBAAkB,CAAC;AAY1B,UAAU;AACV,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAG1G,WAAW;AACX,OAAO,EACL,kBAAkB,EAClB,cAAc,EACd,kBAAkB,EAClB,qBAAqB,EACrB,aAAa,EACb,oBAAoB,EACpB,cAAc,EACd,aAAa,EACb,cAAc,EACd,mBAAmB,EACnB,cAAc,GACf,MAAM,eAAe,CAAC;AAGvB,2DAA2D;AAC3D,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,oBAAoB,EACpB,yBAAyB,GAC1B,MAAM,kBAAkB,CAAC;AAG1B,4CAA4C;AAC5C,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAGlH,QAAQ;AACR,OAAO,EAAE,YAAY,EAAE,uBAAuB,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAEjF,aAAa;AACb,OAAO,EACL,uBAAuB,EACvB,0BAA0B,EAC1B,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,EACjB,qBAAqB,EACrB,UAAU,EACV,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,eAAe,EACf,cAAc,EACd,cAAc,EACd,YAAY,EACZ,cAAc,EACd,eAAe,EACf,uBAAuB,EACvB,kBAAkB,EAClB,YAAY,EACZ,YAAY,EACZ,sBAAsB,EACtB,mBAAmB,EACnB,wBAAwB,EACxB,qBAAqB,EACrB,mBAAmB,EACnB,iBAAiB,EACjB,kBAAkB,EAClB,aAAa,EACb,iBAAiB,EACjB,2BAA2B,EAC3B,sBAAsB,EACtB,cAAc,EACd,qBAAqB,EACrB,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,wBAAwB,EACxB,gBAAgB,EAChB,eAAe,EACf,gBAAgB,EAChB,qBAAqB,EACrB,qBAAqB,EACrB,mBAAmB,EACnB,qBAAqB,EACrB,oBAAoB,EACpB,iBAAiB,EACjB,mBAAmB,EACnB,iBAAiB,EACjB,YAAY,EACZ,cAAc,EACd,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,WAAW,EACX,SAAS,EAET,gBAAgB,EAChB,oBAAoB,EACpB,mBAAmB,EACnB,oBAAoB,EACpB,0BAA0B,EAC1B,gBAAgB,EAChB,mBAAmB,EACnB,qBAAqB,EACrB,iBAAiB,EACjB,0BAA0B,EAC1B,eAAe,EACf,iBAAiB,EACjB,oBAAoB,EACpB,sBAAsB,EACtB,gBAAgB,EAChB,kBAAkB,EAClB,yBAAyB,EACzB,kBAAkB,EAClB,qBAAqB,EACrB,eAAe,EASf,2BAA2B,EAI3B,0BAA0B,EAC1B,kBAAkB,EAElB,gBAAgB,EAChB,wBAAwB,EACxB,aAAa,EACb,qBAAqB,EACrB,mBAAmB,EACnB,gBAAgB,EAChB,aAAa,EACb,qBAAqB,EACrB,qBAAqB,EACrB,iBAAiB;AACjB,gBAAgB;AAChB,iBAAiB,EACjB,eAAe,EACf,yBAAyB,EACzB,eAAe,EACf,aAAa,EACb,eAAe,EACf,iBAAiB,EACjB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,qBAAqB,EACrB,uBAAuB,EACvB,wBAAwB,EACxB,sBAAsB,EACtB,oBAAoB,EACpB,sBAAsB,EACtB,2BAA2B,EAC3B,2BAA2B,EAC3B,qBAAqB,EACrB,uBAAuB,EACvB,4BAA4B,EAC5B,2BAA2B,EAC3B,0BAA0B,EAC1B,gBAAgB,EAChB,2BAA2B,EAC3B,2BAA2B,GAC5B,MAAM,uBAAuB,CAAC;AAE/B,cAAc;AACd,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAEtF,UAAU;AACV,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,aAAa,EACb,aAAa,EACb,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,EACjB,aAAa,EACb,uBAAuB,EACvB,qBAAqB,EACrB,oBAAoB,GACrB,MAAM,oBAAoB,CAAC;AAQ5B,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,kBAAkB,EAClB,eAAe,EACf,iBAAiB,EACjB,cAAc,GACf,MAAM,qBAAqB,CAAC;AAM7B,eAAe;AACf,OAAO,EACL,iBAAiB,EACjB,cAAc,EACd,oBAAoB,EACpB,wBAAwB,EACxB,kBAAkB,EAClB,kBAAkB,EAClB,uBAAuB,EACvB,0BAA0B,EAC1B,0BAA0B,GAC3B,MAAM,yBAAyB,CAAC;AAGjC,YAAY;AACZ,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,kBAAkB,EAClB,wBAAwB,EACxB,WAAW,EACX,gBAAgB,EAChB,qBAAqB,EACrB,2BAA2B,GAC5B,MAAM,sBAAsB,CAAC;AAG9B,QAAQ;AACR,OAAO,EACL,UAAU,EACV,YAAY,EACZ,WAAW,EACX,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,uBAAuB,GACxB,MAAM,kBAAkB,CAAC;AAQ1B,OAAO;AACP,OAAO,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AAEzD,UAAU;AACV,OAAO,EACL,mBAAmB,EACnB,gBAAgB,EAChB,oBAAoB,EACpB,kBAAkB,EAClB,cAAc,EACd,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,gBAAgB,GACjB,MAAM,cAAc,CAAC;AAGtB,mBAAmB;AACnB,OAAO,EACL,YAAY,EACZ,cAAc,EACd,cAAc,GACf,MAAM,YAAY,CAAC;AAGpB,WAAW;AACX,OAAO,EACL,mBAAmB,EACnB,mBAAmB,EACnB,qBAAqB,EACrB,gBAAgB,GACjB,MAAM,wBAAwB,CAAC;AAGhC,SAAS;AACT,OAAO,EACL,UAAU,EACV,cAAc,EACd,WAAW,EACX,WAAW,EACX,WAAW,EACX,kBAAkB,EAClB,SAAS,EACT,UAAU,EACV,iBAAiB,GAClB,MAAM,oBAAoB,CAAC;AAa5B,SAAS;AACT,OAAO,EACL,UAAU,EACV,eAAe,EACf,iBAAiB,EACjB,cAAc,EACd,UAAU,EACV,eAAe,EACf,kBAAkB,EAClB,sBAAsB,EACtB,wBAAwB,EACxB,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,oBAAoB,CAAC;AAQ5B,aAAa;AACb,OAAO,EACL,WAAW,EACX,WAAW,EACX,aAAa,EACb,iBAAiB,GAClB,MAAM,4BAA4B,CAAC;AAGpC,SAAS;AACT,OAAO,EACL,aAAa,EACb,qBAAqB,EACrB,kBAAkB,EAClB,YAAY,EACZ,eAAe,EACf,qBAAqB,GACtB,MAAM,2BAA2B,CAAC;AAOnC,SAAS;AACT,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAElD,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAG5E,QAAQ;AACR,OAAO,EACL,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,GACf,MAAM,YAAY,CAAC;AAGpB,+DAA+D;AAC/D,cAAc,sBAAsB,CAAC;AAerC,OAAO,EACL,GAAG,EACH,aAAa,EACb,oBAAoB,EACpB,iBAAiB,EACjB,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,oBAAoB,GACrB,MAAM,qBAAqB,CAAC;AAI7B,OAAO,EACL,uBAAuB,EACvB,2BAA2B,GAC5B,MAAM,uBAAuB,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@commonpub/server",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.49.0",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "Framework-agnostic business logic for CommonPub instances",
|
|
6
6
|
"license": "AGPL-3.0-or-later",
|
|
@@ -107,14 +107,14 @@
|
|
|
107
107
|
"isomorphic-dompurify": "^3.3.0",
|
|
108
108
|
"linkedom": "^0.18.12",
|
|
109
109
|
"turndown": "^7.2.4",
|
|
110
|
-
"@commonpub/
|
|
111
|
-
"@commonpub/auth": "0.5.1",
|
|
112
|
-
"@commonpub/config": "0.11.0",
|
|
110
|
+
"@commonpub/config": "0.12.0",
|
|
113
111
|
"@commonpub/editor": "0.7.9",
|
|
114
|
-
"@commonpub/
|
|
115
|
-
"@commonpub/docs": "0.6.2",
|
|
112
|
+
"@commonpub/learning": "0.5.2",
|
|
116
113
|
"@commonpub/protocol": "0.9.9",
|
|
117
|
-
"@commonpub/
|
|
114
|
+
"@commonpub/infra": "0.7.0",
|
|
115
|
+
"@commonpub/schema": "0.16.0",
|
|
116
|
+
"@commonpub/auth": "0.6.0",
|
|
117
|
+
"@commonpub/docs": "0.6.2"
|
|
118
118
|
},
|
|
119
119
|
"peerDependencies": {
|
|
120
120
|
"drizzle-orm": "^0.45.1"
|