lamp/atproto
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,489 Commits 1 Branch 0 Tags
Commit Graph

80 Commits

Author SHA1 Message Date
github-actions[bot]
4c4ee7208f
Version packages (#4218) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-09-23 08:30:58 +02:00
github-actions[bot]
d91988fe79
Version packages (#4192) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-09-10 15:15:55 +02:00
github-actions[bot]
e216e87859
Version packages (#4167) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-09-09 12:29:10 +02:00
github-actions[bot]
39b319be94
Version packages (#4157) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-09-02 10:36:51 +02:00
github-actions[bot]
c2dc0ec11b
Version packages (#4154) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-08-29 16:05:17 +02:00
github-actions[bot]
920f895807
Version packages (#4152) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-08-29 12:54:51 +02:00
Matthieu Sieben
f9dc9aa4c9
Permission set (#4108) 
* Export constants and type assertion utilities

* Add permission set support to oauth provider

* improve permission set parsing

* Rename `PermissionSet` to `ScopePermissions`

* Improve performance of NSID validation

* Add support for `permission-set` in lexicon document

* Validate NSID syntax using `@atproto/syntax`

* Export all types used in public interfaces (from `lexicon-resolver`)

* Small performance improvement

* Rework scope parsing utilities to work with Lexicon defined permissions

* file rename

* fixup! Rework scope parsing utilities to work with Lexicon defined permissions

* removed outdated comment

* removed outdated comment

* fix comment typo

* Improve `SimpleStore` api

* permission-set NSID auth scopes

* Remove dev dependency on dev-env

* fix build script

* pnpm-lock

* Improve fetch-node unicast protection

* Explicitly set the `redirect: "follow"` `fetch()` option

* Add delay when building oauth-provider-ui in watch mode

* Remove external dependencies from auth-scopes

* Add customizable lexicon authority to pds (for dev purposes)

* fix pds migration

* update permission-set icon

* Add support for `include:` syntax in scopes

* tidy

* Renaming of "resource" concept to better reflect the fact that not all oauth scope values are about resources

* changeset

* ui improvmeents

* i18n

* ui imporvements

* add `AtprotoAudience` type

* Enforce proper formatting of audience (atproto supported did + fragment part)

* tidy

* tidy

* tidy

* fix ci ?

* ci fix ?

* tidy ?

* Apply consistent outline around focusable items

* Use `inheritAud: true` to control `aud` inheritance

* Update packages/oauth/oauth-provider/src/lexicon/lexicon-manager.ts

Co-authored-by: devin ivy <devinivy@gmail.com>

* Review comments

* Add `nsid` property to `LexiconResolutionError`

* improve nsid validation

* i18n

* Improve oauth scope parsing

* Simplify lex scope parsing

* tidy

* docs

* tidy

* ci

* Code simplification

* tidy

* improve type safety

* improve deps graph

* naming

* Improve tests and package structure

* Improve error when resolving a non permission-set

* improve nsid parsing perfs

* benchmark

* Refactor ozone and lexicon into using a common service profile mechanism

* improve perfs

* ci fix (?)

* tidy

* Allow storage of valid lexicons in lexicon store

* Improve handling of lexicon resolution failures

* review comment

* Test both regexp and non regexp based nsid validation

* properly detect presence of port number in https did:web

* Re-enable logging of `safeFetch` requests

* tidy

---------

Co-authored-by: devin ivy <devinivy@gmail.com>
 2025-08-29 12:19:19 +02:00
github-actions[bot]
d02d43c05b
Version packages (#4102) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-08-13 15:22:03 +02:00
github-actions[bot]
f8667835db
Version packages (#4099) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-08-13 10:30:51 +02:00
github-actions[bot]
174f86da5f
Version packages (#4094) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-08-12 14:45:00 +02:00
Matthieu Sieben
1899b1fc16
OAuth scopes (#3806) 
* style: prefix `id` and `uri` with `request` where applicable

* Dynamically validate OAuth scopes

* Allow configuring trusted OAuth clients

* Improve client validation

* Rework authorization to work with permissions

* Review changes

* fix permissions

* tidy

* Drop authorization result

* unused code cleanup

* fix preferences auth

* remove redundant check in `applyWrites`

* style

* Remove need to specify "scopes" in authorized auth strategy

* fixup! Remove need to specify "scopes" in authorized auth strategy

* split authorized and oauth auth methods

* Require explicit opt-in for takendown

* fix tests

* rollback redundant permissions mechanism

* tidy

* Fix tests

* tidy

* tidy

* pr changes

* remove hack allowing access to full preferences

* always specify authorize method

* Add OAuth scope parsing & matching

* tidy

* add support for oauth scopes in client

* review changes

* Small xrpc-server optimizations

* pr comments

* Review comments

* refactor: move oauth scopes parser & checker in own package

* code simplification

* Allow multiple collections in `repo` scopes.
Allow wildcard action in `repo` scopes.
Require action in `repo` scopes.

* Rename `emailUpdate` to `email-update` in `account` scope params.
Add wildcard (`*`) in `account` and `identity` scopes.

* tidy

* add oauth-scopes package to PDS Dockerfile

* unit tests

* Syntax rework

* adapt to latest scope definition

* Add missing tests

* Render scopes in UI

* fix build

* fixes and tests

* improve ui

* tidy

* tidy

* ui improvements

* tidy

* fr messages

* tidy

* improve consent screen ui

* fix test

* tidy

* improve dx

* Remove `transition:` scopes from `scopes_supported` authorization server metadata

* Hide blob scope if no repo scope present

* changeset

* Remove the `action` param from the `identity` scope

* fix html syntax

* simplified wording

* Make `account:email` scope optional (#4089)

* Make `account:email` scope optional

* tidy

* tidy

* tidy

* tidy

* fix

* tidy

* review comments

* tidy

* refactor: remove redundant tests for identity scope parsing and matching

* minor ui fixes

* fix "back" label not translated

* ui improvements

* fix tests
 2025-08-12 13:13:14 +02:00
Matthieu Sieben
43fbeda63e
Update cookie dependency (#4092) 2025-08-12 09:49:14 +02:00
github-actions[bot]
b70f62c6b9
Version packages (#3988) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-06-24 06:17:02 -07:00
github-actions[bot]
9f9a08648b
Version packages (#3975) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-06-19 20:43:13 +02:00
github-actions[bot]
b4cb1ebac9
Version packages (#3959) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-06-17 15:50:58 +02:00
github-actions[bot]
71a0a026c1
Version packages (#3947) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-06-13 13:49:11 -05:00
github-actions[bot]
c2b57e3f65
Version packages (#3944) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-06-11 16:49:12 -05:00
Matthieu Sieben
192f3ab89c
Improve login_hint handling (#3933) 
* Return atproto handle in identity resolution result

* Use resolved handle or did instead of raw input as "login_hint"

* Normalize and validate `login_hint` in oauth request properties
 2025-06-10 11:57:49 +02:00
github-actions[bot]
623c95d01e
Version packages (#3924) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-06-05 14:59:03 +02:00
github-actions[bot]
1919d10a22
Version packages (#3920) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-06-04 13:35:53 +02:00
github-actions[bot]
e05b38a727
Version packages (#3907) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-05-29 15:27:40 -03:00
github-actions[bot]
d6c40d6559
Version packages (#3878) 2025-05-26 22:04:18 +03:00
github-actions[bot]
0a2c30dd97
Version packages (#3872) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-05-20 15:15:10 -07:00
Matthieu Sieben
43861a452b
Remove dependency on the Public Suffix List (#3818) 
* Remove dependency on the Public Suffix List

* tidy
 2025-05-20 14:01:10 +02:00
github-actions[bot]
b36014dac5
Version packages (#3803) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-05-05 17:44:12 -03:00
github-actions[bot]
2b0c0159a9
Version packages (#3784) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-18 17:31:23 -04:00
github-actions[bot]
8e696dbcbf
Version packages (#3779) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-18 15:37:26 -04:00
github-actions[bot]
90e9a20d31
Version packages (#3777) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-18 11:11:53 +02:00
github-actions[bot]
3bdddeb439
Version packages (#3760) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-17 14:04:07 -05:00
github-actions[bot]
231eb48265
Version packages (#3753) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-16 10:45:52 +02:00
Matthieu Sieben
1e461eab03
Fix missing dist files from @atproto/oauth-provider-ui (#3754) 
* Remove reference to missing "bin" executable

* Remove "dependency" on `rollup-plugin-bundle-manifest`

* Fix dependencies

* Explicit exported package `files`

* Update pnpm lock
 2025-04-16 10:25:29 +02:00
github-actions[bot]
bf0faed1f8
Version packages (#3748) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-15 17:35:49 +02:00
Matthieu Sieben
371e04aad2
Account management page (#3659) 
---------

Co-authored-by: Eric Bailey <git@esb.lol>
 2025-04-15 17:15:27 +02:00
github-actions[bot]
6bc8355c40
Version packages (#3710) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-02 18:38:47 -05:00
github-actions[bot]
a26813da21
Version packages (#3703) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-01 15:30:27 -05:00
github-actions[bot]
c16492f253
Version packages (#3693) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-03-28 14:53:46 +01:00
github-actions[bot]
571164100f
Version packages (#3689) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-03-28 11:08:04 +01:00
github-actions[bot]
01c5e636e3
Version packages (#3682) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-03-27 17:03:04 +01:00
github-actions[bot]
03ca772612
Version packages (#3658) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-03-21 09:46:44 +01:00
github-actions[bot]
c777ba6d68
Version packages (#3631) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-03-20 15:21:15 +01:00
Matthieu Sieben
cc4122652e
Split OAuth Provider's ui into its own package (#3640) 
* Split OAuth Provider's ui into its own package

* Create distinct entry files for authorization and error pages
 2025-03-19 09:19:27 +01:00
github-actions[bot]
48f194ffa2
Version packages (#3623) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-03-10 17:30:48 -04:00
Matthieu Sieben
9e3eace8f9
Validate OAuth sign-up handle using @atproto/syntax (#3622) 
* Validate OAuth sign-up handle using @atproto/syntax

Fixes #3619

* Improve input validation
 2025-03-10 14:58:35 +01:00
github-actions[bot]
72a5265e05
Version packages (#3613) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2025-03-07 18:21:03 -05:00
github-actions[bot]
f46554bcb8
Version packages (#3591) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2025-03-07 11:03:00 -05:00
Matthieu Sieben
850e39843c
OAuth: Reset password & Sign-up (#2945) 
* Adds "password reset" during OAuth flows
* Adds "Sign up" during OAuth flows
* Adds support for multiple languages in the OAuth flow
* Adds "fr" translation for the OAuth flow

Co-authored-by: devin ivy <devinivy@gmail.com>
Co-authored-by: Eric Bailey <git@esb.lol>
 2025-03-07 09:41:06 +01:00
github-actions[bot]
78caefd7d4
Version packages (#3578) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2025-02-24 17:47:09 -05:00
Matthieu Sieben
82d5a2d361
OAuthProvider: Update "trustProxy" options to allow function (#3557) 
* OAuthProvider: Update "trustProxy" options to allow function

* DeviceManager options can now be passed as argument to the OAuthProvider constructor

* Only trust one level of proxying when computing IP during OAuthFlows

* Prevent invalid use of trustProxy config

* tidy

* make the code compliant with legacy behavior
 2025-02-24 17:12:16 -05:00
github-actions[bot]
f1d323a6ef
Version packages (#3539) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2025-02-14 14:24:57 +01:00
github-actions[bot]
a3d2204a7e
Version packages (#3533) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2025-02-14 10:57:36 +01:00