* ✨ Add getRepos and getRecords endpoints for bulk fetching
* ✨ Fix issues and add tests for get repos and get records
* ✨ Use the right lxm
* 🐛 Revert changes in lockfile
* ✨ Add getAccountInfos in PDS
* 🐛 Fix type def for repo and record view detail
* ✅ Update snapshots
* ✅ Update snapshots
* ✨ Consolidate error type for com.atproto and tools.ozone getRecord error type
* 🧹 Cleanup
* ✅ Update snapshots
* ✅ Update snapshots
* ✨ Changeset
* pinned posts lexicon
* codegen
* change lexicon, different approach
* codegen 2
* dataplane db migration
* move pinned post lexicon to right place
* add pinned posts optionally to getAuthorFeed
* remove type modification
* Clarify naming, add viewer state, add tests
* return pinnedPost with profileViewDetailed
* allow pinned replies in `posts_and_author_threads`
* clearer variable naming
* annotate type of `items`
* boolean --> varchar
* reuse authorDid in viewerPinned
* simplify test
* make pinned post not top post in test
* update snapshot
* changeset
---------
Co-authored-by: Eric Bailey <git@esb.lol>
Co-authored-by: dholms <dtholmgren@gmail.com>
* Improve reporting of metadata validation error
* Properly validate client metadata scope
* Allow loopback clients to define their scopes through client_id query parameters
* Require definition of "scope" in client metadata document
* Restrict the value used as code_challenge_methods_supported
* Remove `plain` from `code_challenge_methods_supported`
* Prevent use of empty string in unsupported oidc request parameters
* Centralize parsing of client metadata error
* Enfore code_challenge_method=S256 request parameter
* Improve error description in case of invalid loopback client_id
* Enfore single scope query param in loopback clients
* Disable request params scopes defaulting to client metadata scope
* Centralize loopback client validation logic
* add assertion utils for client ids
* Improve invalid client_id error messages from BrowserOAuthClient.from()
* Use scope from client metadata as default value
* Improve client side validation of client metadata
* Allow fetching of source maps files from browser debugger
* Use the clientId to configure the OAuth client
* Allow native clients to use https: redirect uris
* Explicitely forbid MTLS client auth method
* Improve error feedback in case of invalid client_id domain name
* Remove un-spec'ed restrictions on redirect_uris based on the client_uri
* Do not strip query string from URL after oauth redirect in fragment mode
* Add missing "expires_in" property to OAuthParResponse type definition
* Allow non canonical urls to be used as client ID
* Allow client metadata to contain other return type values than "code"
* Properly validate request_uri request parameter
* Improve parsing and validation of client_id's
* Return "invalid_client" on invalid client credentials
* improved error management & reporting
* performance improvement
* Allow loopback client ids to omit the (empty) path parameter
Co-authored-by: devin ivy <devinivy@gmail.com>
* Update email templates
* Update PLC
* Update test with new email string
* Format
* One more test update
* Use handle instead of identifier to match entryway
* Changeset
* Codegen
* Explicitly add Zod (already a peer dep) and validation to api
* Add Nux methods
* Match naming convention
* Remove id, it won't be used
* Add tests
* Use id instead of name, little clearer
* Update API contracts
* Update tests
* Changeset
* Don't mutate
* ✨ Throw specific error for duplicate template name
* 🧹 Cleanup console
* ✨ Throw duplicate template name error from update too
* ✨ Add language to templates
* 📝 Add changeset
* ✨ Add missing event type
* ✨ Add language format in lexicon and error checker in util
* 🚨 fix linter issues
* lexicon: initial lexicons for video embeds in bsky app
* lexicon: fix video caption file size limit
* codegen
* appview: stub out video embed view logic
* api prerelease
* api prerelease
* lexicon: video upload/processing lexicons
* tidy
* lexicon: app.bsky.video lexicons for uploads
* codegen
* api prerelease
* appview: present video embeds on posts
* appview: snaps
* changeset
* appview: fix wiring of video url config
* Add "jwtAlg" option to verifySignature() function
* Verify service JWT header values. Add iat claim to service JWT
* Allow missing 'typ' claim in service auth jwt
* Add, and verify, a "typ" header to access and refresh tokens
* tidy
* Properly identify JWT typ missmatch
* tidy
* exclude known invalid "typ" from service auth headers
* tidy
* tidy changeset
---------
Co-authored-by: devin ivy <devinivy@gmail.com>
* Re-use code definition of oauthResponseTypeSchema
* Generate proper invalid_authorization_details
* Remove OpenID compatibility
* tidy
* properly verify presence of jti claim in client assertion
* Remove non-standard "sub" from OAuthTokenResponse
* Remove nonce from authorization request
* tidy
* Enforce uniqueness of code_challenge
* remove unused "atproto" scope
* Improve reporting of validation errors
* Allow empty set of scopes
* Do not remove scopes not advertised in the AS's "scopes_supported" when building the authorization request.
* Prevent empty scope string
* Remove invalid check from token response
* remove un-necessary session refresh
* Validate scopes characters according to OAuth 2.1 spec
* Mandate the use of "atproto" scope
* Disable ability to list app passwords when using an app password
* Use locally defined authPassthru in com.atproto.admin.* handlers
* provide proper production handle resolver in example
* properly compote login method
* feat(oauth-provider): always rotate session cookie on sign-in
* feat(oauth-provider): do not require consent from first party apps
* update request parameter's prompt before other param validation checks
* feat(oauth-provider): rework display of client name
* feat(oauth-client-browser:example): add token info introspection
* feat(oauth-client-browser:example): allow defining scope globally
* Display requested scopes during the auth flow
* Add, and verify, a "typ" header to access and refresh tokens
* Ignore case when checking for dpop auth scheme
* Add "jwtAlg" option to verifySignature() function
* Verify service JWT header values. Add iat claim to service JWT
* Add support for "transition:generic" and "transition:chat.bsky" oauth scopes in PDS
* oauth-client-browser(example): add scope request
* Add missing "atproto" scope
* Allow missing 'typ' claim in service auth jwt
* Improved 401 feedback
Co-authored-by: devin ivy <devinivy@gmail.com>
* Properly parse scopes upon verification
Co-authored-by: devin ivy <devinivy@gmail.com>
* Rename "atp" to "credential" auth in oauth-client-browser example
* add key to iteration items
* Make CORS protection stronger
* Allow OAuthProvider to define its own CORS policies
* Revert "Allow missing 'typ' claim in service auth jwt"
This reverts commit 15c6b9e2197064eb5de61a96de6497060edb824e.
* Revert "Verify service JWT header values. Add iat claim to service JWT"
This reverts commit 08df8df322a3f4b631c4a63a61d55b2c84c60c11.
* Revert "Add "jwtAlg" option to verifySignature() function"
This reverts commit d0f77354e6904678e7f5d76bb026f07537443ba9.
* Revert "Add, and verify, a "typ" header to access and refresh tokens"
This reverts commit 3e21be9e4b5875caa5e862c11f2196786fb2366d.
* pds: implement protected service auth methods
* Prevent app password management using sessions initiated from an app password.
* Alphabetically sort PROTECTED_METHODS
* Revert changes to app password management permissions
* tidy
---------
Co-authored-by: devin ivy <devinivy@gmail.com>
* Add new postgate lex, hiddeReplies to threadgate, codegen
* Add protobufs
* Add to mock dataplane
* Add matching postgate method to feed hydration methods
* Add to getRecord
* Add to HydrationState
* Fix typo
* Add to mergeStates, fetch embeds in threads
* Integrate into embed views
* Add test for QPs in threads
* Add feed test
* Fix naming convention in protos
* Add #viewRemoved record view, rename postgate.json
* Integrate new view
* Filter hidden replies from feeds
* Filter out replies at the handler level, do not filter for author feeds
* Fix lint
* Move hidden reply check to view layer
* Reduce, reuse, recycle
* Rename to lowercase
* Rename layer vars
* Add quote gate props to postgate (#2693)
* Add quote gate props to postgate
* Consistent naming
* Fix record structure
* Codegen
* Show hidden replies in author feed
* Allow reposts of hidden replies
* Lex and codegen
* Add violates_quote_gate to proto
* Consistent naming, codegen
* Integrate violatesQuotegate and canQuotepost
* Remove rules, codegen
* Hydrate all postgates for all requested posts
* Match other impl
* Add test, need to split these out
* Format
* Hydrate first nested embeds too
* Add postgate test suite
* Add violatesQuoteGate to dataplane
* Ingest and set violatesQuoteGate, return on meta
* Return removed embed for quotes that violate gate
* Add test
* Dedupe URIs before fetching postgates
* Update snaps
* Snap
* Format
* Updating naming conventions for postgate-related attributes
* Correct naming
* Consistency
* Proto too
* Rename to viewDetached
* Codegen
* Rename everything
* Codegen
* Quotes that violate a quote gate can still be quoted themselves
* Couple more renames
* Snaps
* Ensure reply ref is tombstoned for hidden replies
* Split out hidden replies tests and create fresh fixture
* Hydrate threadgates for reply notifications, filter hidden replies
* Remove snap
* Add flaky test
* Rename violatesEmbeddingRules
* Fix flaky test
* Only write to db if violatesEmbeddingRules is true
* DRY up post uri -> gate uri logic
* isThreadgateListRule
* Don't share users object between tests
* No pascal
* Remove default params
* Find -> some
* canQuotepost -> canEmbed, remove optional
* Fix quoteee typo
* await follows
* Throw in post uri -> gate utils
* Ensure fetch threadgates for reply roots
* Don't hydrate threadgates twice
* DRY up uri -> did parsing
* Clean up parsePostgate logic
* Format
* Revert change
* Revert change
* Replace a couple more uri->did conversions
* Only filter replies from feeds if viewer hid them
* Revert, filter out replies that are hidden from feeds
* Remove old test
* Replace uri->did util
* Revert change to unused file
* Only validatePostEmbed and check postgates for post records
* Ensure notifications aren't generated down a hidden reply chain
* Changeset
* Cleanup
* Fix notification filtering logic
* Simplify
* Don't notify for invalid embeds
* Use new APIs
* Add hasPostGate and hasThreadGate flags from dataplane
* Only fetch postgates if post has one
* Only fetch threadgates if post has one or was deleted
* Remove notification filtering
* Don't hydrate threadgates for notifications
* Move hidden replies in feeds to match block handling
* Do no filtering of hidden replies in feeds
* Revert "Don't hydrate threadgates for notifications"
This reverts commit 1dcec0b239a7b9d6800427b26b8ba3e6a54210f9.
* Revert "Remove notification filtering"
This reverts commit 1e7069dfd809d1f18e9f05fd1d422e7399aa1bb0.
* Filter notifications for OP only
* Add additional check to hidden replies test
* Move noty filter logic into method handler
* Update .changeset/perfect-parrots-appear.md
Co-authored-by: devin ivy <devinivy@gmail.com>
* Update packages/bsky/tests/seed/postgates.ts
Co-authored-by: devin ivy <devinivy@gmail.com>
* Another structuredClone
* Update packages/bsky/src/hydration/hydrator.ts
Co-authored-by: devin ivy <devinivy@gmail.com>
* Better comment
* Update packages/bsky/src/data-plane/server/indexing/plugins/post.ts
Co-authored-by: devin ivy <devinivy@gmail.com>
* Regen protos to match dataplane
* Update quotes snap to include embeddingDisabled
* Clarify usage of post uri -> gate utils
---------
Co-authored-by: devin ivy <devinivy@gmail.com>
* add quote count to post_agg, add getPostQuotes
rework schema
rework schema
add getPostQuotes to api
use posts
use posts
codegen
use items instead of quotes
codegen
add getPostQuotes
add quoteCount to response
update lexicon for postview
increment post ags
add quote to post aggs
add quote interface
oops
add quote table migration
* update
* bufgen
* update params
* update to use v2
* logs
* rm comment
* pass cursor
* add index
* Update packages/bsky/src/data-plane/server/db/migrations/20240723T220703655Z-quotes.ts
Co-authored-by: devin ivy <devinivy@gmail.com>
* only if its a post
* tests
* Discard changes to packages/bsky/tests/views/posts.test.ts
* fix client call
* Include new quotes agg in test expectation
* Use new API for headers
* Update packages/bsky/src/data-plane/server/indexing/plugins/post.ts
Co-authored-by: devin ivy <devinivy@gmail.com>
* revert rm
* rm timeout
* cursor test
* Changeset
* Remove pds specific bump
---------
Co-authored-by: devin ivy <devinivy@gmail.com>
Co-authored-by: Eric Bailey <git@esb.lol>
