5af5deff55
Version packages ( #4881 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-04-29 15:23:54 +01:00
087515e6a4
Improve oauth client sign-in options ( #4896 )
2026-04-29 15:19:25 +01:00
caad88223f
Version packages ( #4653 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-02-20 09:05:35 +01:00
a23d13268c
OAuth client improvements ( #4642 )
...
* Delete any pre-existing OAuth session when a new one is created (for a given `sub`)
* OAuth client improvements
* tidy
* tidy
* tdy
* remove event-target-polyfill dep
* Update .changeset/neat-humans-fix.md
Co-authored-by: devin ivy <devinivy@gmail.com >
* tidy
---------
Co-authored-by: devin ivy <devinivy@gmail.com >
2026-02-19 15:21:00 +01:00
8a725a9d69
Change workspace version selector from workspace:* to workspace:^
2026-01-28 16:42:44 +01:00
143a5f2251
Version packages ( #4578 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-01-28 16:31:59 +01:00
0093727fc4
Version packages ( #4505 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2026-01-06 15:59:52 +01:00
95bd491ecb
Version packages ( #4466 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-12-30 10:26:18 -06:00
104e6ed37b
Version packages ( #4412 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-12-08 16:05:29 -03:00
dc08244c24
Version packages ( #4386 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-12-02 11:05:55 -06:00
4dede90ea5
Version packages ( #4369 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-11-24 22:26:10 +01:00
261968fd65
New TS SDK ( #4366 )
...
* lex
* packaging
* moke packaging
* revert test changes
* do not build temp
* tidy
* automatically build the list of `@atproto/lex/com` lexicons
* fix build
* Remove "com" export
* ridy
* remove manifest option
* tidy
* rename
* tidy
* tidy
* tidy
* tests
* add procedure params
* stricter tests
* tidy
* Improve ui8 parsing
* tidy
* tidy
* code split
* code split
* fix reserved keywords conflict
* exclude packages/lex/src/tests/lexicons from lint
* reserved keywords
* safe identifier
* fix build
* move lib.js to src/lib.ts
* Move tests dir
* fix ci ?
* increast lint size
* Remove `Record` type alias for recordsz
* fix package json exports
* Add support for unsafe characters in defs and nsids
* tidy
* token tests
* tidy
* name consistency
* remove unused `unknownKeys` params option
* Fix "moving" keys in `DictSchema` (remove `IntersectionSchema`)
* REview comments
* adapt shebang in `env`
* Make sure union object have their $type property set in typings
* fix
* Improve typing of `UnknownTypedObject`
* lex improvements
* code reorg
* split lex-builder
* tidy
* improve packaging
* rename lex-validation to lex-schema
* lex client
* rename prettifier option
* add lex-client as dependency to "lex"
* Export client as part of main export
* re-write example app using @atproto/lex
* add missing lex-client to tsconfig
* tidy
* add "null" schema type
* Smaller bundle code footprint
* tidy
* correctness
* tidy
* code split and improved testing
* tidy
* refactor common utils
* test all implementations
* improve tests
* tidy
* fix build
* fixes
* tidy
* lint
* tests
* tidy
* fix oauth-example app
* tidy
* tidy
* tests
* tidy
* Return an actual `Uint8Array` from `fromBase64Node`
* tidy
* adapt xrpc-server
* Rename `Lex` to `LexValue`
* minor fixes
* fix tests
* fix tests
* tidy
* fix
* tidy
* tidy
* fix `verifyCidForBytes` implementation
* fix imports
* tidy
* split lex-json in own package
* make base64 tests faster
* Add interop tests
* lint error
* tidy
* tidy
* changeset
* implement lex-resolver and lex-install
* remove need for polyfill
* readme
* more details
* tidy
* allow specifying `service` header on a per request basis
* tidy
* tidy
* tidy
* tidy
* add custom/intersection validation schemas
* tidy
* tidy
* remive un-necessary util
* improve typing of `l.object` output
* make "name" required in lexicon method errors
* fix tests
* tidy
* tidy
* add error responses
* update readme
* add "like " to example
* readme improvements
* tidy
* error management improvements
* Improve error results
* tidy
* refactor
* tidy
* lock
* Update binary to `ts-lex`
* tidy
* tidy
* Add "Overview" section
* fix build
* update bin
* readme-improvements
* paul's feedback
* Update packages/lex/lex/README.md
Co-authored-by: Daniel Holmgren <dtholmgren@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Daniel Holmgren <dtholmgren@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Daniel Holmgren <dtholmgren@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Daniel Holmgren <dtholmgren@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Daniel Holmgren <dtholmgren@gmail.com >
* Initial plan
* Address README review comments
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
* Clarify client configuration inheritance behavior
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
* Document allowLegacyBlobs default and compatibility implications (#15 )
* Initial plan
* Add notes about default setting and compatibility for allowLegacyBlobs
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
* Rename `Json` to `JsonValue` in lex-json package (#14 )
* Initial plan
* Rename Json to JsonValue in lex-json package and dependent packages
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
* Remove import alias for JsonValue in ipld.ts
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
* Update packages/lex/lex/README.md
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
* review comments and fixes
* Add lex to the dockerfiles
* tidy
* changeset for lex packages
* tidy
* Tidy
* tidy
* tidy
* Move language parsing to lex-data
* tidy
* doctoc
* error handling
* tidy
* tidy
* tidy
* fix
---------
Co-authored-by: Daniel Holmgren <dtholmgren@gmail.com >
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
2025-11-24 21:01:16 +01:00
33435c2e83
Version packages ( #4298 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-10-24 13:02:23 +02:00
dca500186e
update links to ietf docs ( #4273 )
2025-10-14 14:43:01 -07:00
bd469a6861
Version packages ( #4247 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-10-06 19:13:28 +02:00
e71d265dd4
Minor oauth jwk tweaks ( #4256 )
...
* Minor oauth jwk changes
* tidy
2025-10-06 15:45:05 +02:00
09439d7d68
OAuth client improvements ( #4216 )
...
* wip
* Various OAuth client & API improvements
* pnpm lock
* Minor typing improvements
* ci
* fix
2025-10-02 16:21:17 +02:00
f560cf2266
Allow "use" claims only in public jwk ( #4103 )
...
Disallow use of `use` claim in private JWK (replaced with `key_ops`)
2025-10-02 13:33:56 +02:00
fefe70126d
oauth-client-expo (#4220 )
...
* `oauth-client-expo`
* working on android
* remove example app
* tidy
* tidy
* Do not install full expo
* tidy
* chngeset
* chngeset
* load expo
* tidy
2025-10-02 11:59:16 +02:00
e216e87859
Version packages ( #4167 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-09-09 12:29:10 +02:00
920f895807
Version packages ( #4152 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-08-29 12:54:51 +02:00
86c4699da8
Improve oauth client callback handling ( #4150 )
2025-08-29 12:45:35 +02:00
768e81b232
Version packages ( #4126 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-08-27 13:36:05 -04:00
6231c8730a
Fix #4136 : Support multiple redirect URIs in @atproto/oauth-client ( #4139 )
...
* Fix #4136 : Support multiple redirect URIs in @atproto/oauth-client
* Fix type error in exchangeCode
2025-08-27 14:42:25 +02:00
5188ef3b59
Version packages ( #4116 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-08-20 21:48:51 +02:00
d02d43c05b
Version packages ( #4102 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-08-13 15:22:03 +02:00
f27ae66432
Version packages ( #4024 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-07-11 20:35:18 +02:00
b70f62c6b9
Version packages ( #3988 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-06-24 06:17:02 -07:00
4c2d499178
Identity resolver's resolve() method returns valud consistent with resolveIdentity ( #3982 )
...
* Identity resolver's `resolve()` method returns valud consistent with `com.atproto.identity.resolveIdentity`
* Refactor IdentityResolver into interface
* Update .changeset/few-rivers-chew.md
Co-authored-by: devin ivy <devinivy@gmail.com >
* tidy
---------
Co-authored-by: devin ivy <devinivy@gmail.com >
2025-06-23 16:27:25 +02:00
bc2c578203
Version packages ( #3979 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-06-20 10:54:34 +02:00
9dac8b0c60
Perform a bi-directional check when resolving identity from did ( #3977 )
...
* Perform a bi-directional check when resolving identity from did
* tidy
* Reject did documents containing invalid `alsoKnownAs` ATProto handles
* Use error classes
* tidy
* Improve identity resolution
* tidy
* Allow non-normalized handles in did document
* pnpm-lock
2025-06-20 10:34:53 +02:00
9f9a08648b
Version packages ( #3975 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-06-19 20:43:13 +02:00
90b4775fc9
Re-export all types & utilities needed to instantiate an OAuth client ( #3976 )
...
* Re-export all types & utilities needed to instantiate an OAuth client
* Add `jwkPrivateSchema` to ensure a key is private
* Return object instead of array as result of `findPrivateKey`
* Allow override of default `handleResolver` and `runtimeImplementation` options for NodeOAuthClient
* changeset
* Allow `OAuthClient` to be instantiated with custom `didResolver` instance
2025-06-19 19:27:38 +02:00
71a0a026c1
Version packages ( #3947 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-06-13 13:49:11 -05:00
349b59175e
Properly validate auth during refresh ( #3847 )
...
* Ensure that the credentials used during a refresh correspond to those used to create the OAuth tokens.
* tidy
* Bind the OAuth session to the kid that was used to authenticate the client (private_key_jwt)
* Store the whole authentication method in the client session store rather than the kid only
* tidy
* Improve error reporting in case an invalid `token_endpoint_auth_method` is used in the client metadata document.
* tidy
* tidy
* Improve JAR checks
* tidy
* changeset
* tidy
* Remove schema's `.optional()` modifier when a `.default()` is defined
* tidy
* verify client auth during code exchange
* tidy
* Minor naming improvement
* tidy
* Update .changeset/quiet-pans-fix.md
Co-authored-by: devin ivy <devinivy@gmail.com >
* Update packages/oauth/oauth-client/src/oauth-client-auth.ts
* Use `private_key_jwt` instead of incorrect `client_secret_jwt` as authentication method for confidential clients
* style
* code split
* dead code removal
* Represent missing client auth with a `null` instead of "none" when storing request data.
* Allow storing `null` in authorization_request's `clientAuth` json column
* document
* tidy
* Remove non-standard behavior that allowed client to authenticate through JAR
* Improved error messages
* Parse JSON encoded Authorization Request Parameters
* Use `application/x-www-form-urlencoded` content instead of JSON for OAuth requests
Fixes : #3723
* tidy
* tidy
* tidy
* tidy
* code style
* remove un-necessary checks
* tidy
* Pre-process number too
* improved type checking
* add missing exports
* fix merge conflict
* tidy
* Remove invalid default for `code_challenge_method` authorization request parameter
* tidy
* Delete inaccurate changeset
* PR comment
* tidy
* Update OAuth client credentials factory to return headers and payload separately.
* tidy
* Renamed `clientAuthCheck` to `validateClientAuth`
* Validate presence of DPoP proofs sooner when processing token requests.
Fixes : #3859
* Protect against concurrent use of request code
* tidy
* tidy
* Update packages/oauth/oauth-provider/src/client/client.ts
Co-authored-by: devin ivy <devinivy@gmail.com >
* Review comments
* Add missing `exp` claim in client attestation JWT
* fixup! Review comments
* Review comments
* Refactor: explicit optionality of unsigned JAR issuer & audience
* Use client attestation's `exp` claim to determine the life time of JWT's `jti` nonce.
* Fix PDS: consumeRequestCode should delete request data
* tidy
* tidy
* Unused code removal
* Restore "Native clients must authenticate using "none" method" check
* tidy
* tidy
* cleanup
* comment
* Allow missing DPoP header during PAR request if `dpop_jkt` is provided
* tidy
---------
Co-authored-by: devin ivy <devinivy@gmail.com >
2025-06-12 15:10:17 +02:00
c2b57e3f65
Version packages ( #3944 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-06-11 16:49:12 -05:00
192f3ab89c
Improve login_hint handling ( #3933 )
...
* Return atproto handle in identity resolution result
* Use resolved handle or did instead of raw input as "login_hint"
* Normalize and validate `login_hint` in oauth request properties
2025-06-10 11:57:49 +02:00
4e96e2c7b7
Remove iss claim from DPoP proofs ( #3926 )
2025-06-10 11:56:04 +02:00
93bf69df96
Version packages ( #3936 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-06-06 20:20:02 -03:00
cd4bed3c9e
Cache new nonces from successful retries ( #3935 )
...
* @atproto/oauth-client: cache new nonces from successful retries
* Add changeset
---------
Co-authored-by: Eli Mallon <eli@aquareum.tv >
2025-06-06 19:29:48 +02:00
623c95d01e
Version packages ( #3924 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-06-05 14:59:03 +02:00
a3b24ca77c
Use Form encoded body instead of JSON for OAuth requests ( #3919 )
...
* Parse JSON encoded Authorization Request Parameters
* Use `application/x-www-form-urlencoded` content instead of JSON for OAuth requests
Fixes : #3723
* Pre-process number too
* improved type checking
* Update packages/oauth/oauth-client/src/oauth-server-agent.ts
Co-authored-by: devin ivy <devinivy@gmail.com >
---------
Co-authored-by: devin ivy <devinivy@gmail.com >
2025-06-05 14:15:42 +02:00
bae3ef91fc
Version packages ( #3897 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-05-27 21:31:22 -05:00
a03f0b906b
Remove un-necessary validation of alg on every dpop token creation ( #3877 )
2025-05-27 19:36:33 +02:00
d6c40d6559
Version packages ( #3878 )
2025-05-26 22:04:18 +03:00
36d0d370c2
Remove query & fragment from DPoP proof htu claim
...
Fixes: https://github.com/bluesky-social/atproto/issues/3846
2025-05-21 17:21:26 +02:00
0a2c30dd97
Version packages ( #3872 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-05-20 15:15:10 -07:00
b36014dac5
Version packages ( #3803 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-05-05 17:44:12 -03:00
90e9a20d31
Version packages ( #3777 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-04-18 11:11:53 +02:00
bf0faed1f8
Version packages ( #3748 )
...
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-04-15 17:35:49 +02:00
github-actions[bot]
Matthieu Sieben
Matthieu Sieben
Aaron Parecki
Emelia Smith