lamp/atproto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,872 Commits 1 Branch 0 Tags
modify-pds
Commit Graph

173 Commits

Author SHA1 Message Date
github-actions[bot] 5af5deff55 Version packages (#4881) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-29 15:23:54 +01:00
Matthieu Sieben 5d3e248c26 Fix /.well-known/change-password page (#4880) 
* Fix /account/reset-password route

* changeset

* tidy

* improve error reporting

* messages

* name all providers
 2026-04-23 17:58:22 +02:00
github-actions[bot] 98d1d019c1 Version packages (#4867) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-21 11:43:55 -03:00
github-actions[bot] e1d5e63314 Version packages (#4864) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-16 02:10:13 +01:00
David Buchanan c531144d24 OAuth Hooks Enhancements (#4857) 
* onSignInFailed oauth hook

* plumb Account through to onSignInFailed hook

* plumb client ids through to oauth hooks

* pass sub to InvalidCredentialsError, not full Account

* defensively downgrade InvalidCredentialsError to InvalidRequestError after delivering onSignInFailed hook

* changeset

* support InvalidCredentialsError in PDS oauth store, test for enumeration attacks

* changeset

* fix test

* slight simplification
 2026-04-16 02:01:12 +01:00
github-actions[bot] ff9f84e11a Version packages (#4851) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-15 10:06:49 +02:00
Matthieu Sieben 0cfb16b2bf Disable COEP headers when hCaptcha is enabled (#4855) 2026-04-15 08:58:39 +02:00
Matthieu Sieben b3ce11ae2e OAuth provider UI unification (#4820) 
* refactor

* tidy

* tidy
 2026-04-14 16:46:18 +02:00
github-actions[bot] 83b7246439 Version packages (#4833) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-09 10:24:41 -05:00
github-actions[bot] 2203d825e8 Version packages (#4776) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-03-26 09:17:15 -03:00
github-actions[bot] 8445e8a9aa Version packages (#4770) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-03-19 15:53:07 +01:00
github-actions[bot] 13b2aad9b6 Version packages (#4720) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-03-18 16:47:57 -05:00
github-actions[bot] 88326d2833 Version packages (#4703) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-03-03 15:45:46 +01:00
github-actions[bot] cb5f9bfc0c Version packages (#4674) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-02-23 09:37:01 +01:00
github-actions[bot] caad88223f Version packages (#4653) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-02-20 09:05:35 +01:00
github-actions[bot] 23a13d7dde Version packages (#4621) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-02-06 19:09:51 +01:00
Matthieu Sieben fdbbff8543 Fix validation of oauth /authorize params (#4620) 2026-02-06 19:00:34 +01:00
github-actions[bot] 27cdeb4e86 Version packages (#4604) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-02-06 15:12:15 +01:00
Matthieu Sieben a2e4e95847 Use fixed version in oauth-provider UI packages (#4619) 
* Use fixed version in oauth-provider UI packages

* pnpm-lock
 2026-02-06 15:02:12 +01:00
Matthieu Sieben 78fee144ff Throw more detailed error upon CSRF login issue (#4606) 
* Throw more detailed error upon CSRF login issue

* Add cookie support detection mechanism

* lint

* tidy

* Update packages/oauth/oauth-provider-ui/cookie-error-page.html

Co-authored-by: devin ivy <devinivy@gmail.com>

* review comments

* tidy

---------

Co-authored-by: devin ivy <devinivy@gmail.com>
 2026-02-06 14:20:41 +01:00
github-actions[bot] 915f9065d3 Version packages (#4584) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-01-30 14:20:33 -03:00
Matthieu Sieben 8a725a9d69 Change workspace version selector from workspace:* to workspace:^ 2026-01-28 16:42:44 +01:00
github-actions[bot] 143a5f2251 Version packages (#4578) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-01-28 16:31:59 +01:00
github-actions[bot] 595dd20323 Version packages (#4561) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-01-23 13:29:23 -06:00
Matthieu Sieben fa4ef5e815 Fix oauth response when using prompt=select_account with no sessions available (#4569) 
* Fix oauth response when using `prompt=select_account` and no session are available

Fixes #4566

* allow the account to be pre-selected when `prompt=login`
 2026-01-20 09:32:09 +01:00
github-actions[bot] c2615a7eee Version packages (#4530) 2026-01-12 21:13:16 +02:00
github-actions[bot] 0b03086d35 Version packages (#4518) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-01-08 18:12:54 +01:00
github-actions[bot] 0093727fc4 Version packages (#4505) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-01-06 15:59:52 +01:00
github-actions[bot] 8e759970af Version packages (#4497) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-01-02 09:48:32 +01:00
github-actions[bot] 95bd491ecb Version packages (#4466) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-12-30 10:26:18 -06:00
Emelia Smith 5d8e7a6588 Support initiating user registration via OAuth flow with prompt=create (#4461) 
* Add prompt_values_supported to Authorization Server Metadata

* Expose prompt_values_supported in Authorization Server Metadata

* Support selecting view in oauth-provider-ui based on prompt parameter

* Support initiating user registration via prompt=create

* Add support to OAuth Client Browser Example for prompt=create

* Add test coverage for prompt=create
 2025-12-17 14:57:16 +01:00
github-actions[bot] 104e6ed37b Version packages (#4412) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-12-08 16:05:29 -03:00
github-actions[bot] dc08244c24 Version packages (#4386) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-12-02 11:05:55 -06:00
Matthieu Sieben 8012627a12 Migrate OAuth libs to new @atproto/lex utils (#4383) 
* Migrate Oauth libs to new @atproto/lex utils

* pnpm-lock

* tidy

* fix

* tidy

* tidy

* tidy

* tidy

* Implement lex resolution logging through hooks
 2025-12-01 12:24:01 +01:00
Matthieu Sieben be8e6c1f25 Permission-sets pre-release changes (#4382) 
* Remove ability to define `blob` permission in permission sets

* Disallow `rpc` permissions with specific `aud` in permission-sets

* Add `toScopes()` utility on `IncludeScope`

* tidy
 2025-11-25 19:51:02 +01:00
github-actions[bot] 4dede90ea5 Version packages (#4369) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-11-24 22:26:10 +01:00
github-actions[bot] a37a7de809 Version packages (#4302) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-10-27 14:08:11 +01:00
Matthieu Sieben f496fa2c4d Set dark background on authorization pages <body> in dark mode (#4301) 
* Set dark background on authorization pages `<body>` in dark mode

* tidy
 2025-10-24 16:17:46 +02:00
github-actions[bot] 33435c2e83 Version packages (#4298) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-10-24 13:02:23 +02:00
Matthieu Sieben 8ff5ec4caa OAuth client validation improvements (#4289) 
* OAuth client validation improvements

* Remove `isLocalHostname` export

* tidy
 2025-10-24 12:53:03 +02:00
Matthieu Sieben 1e702ea675 Add account data in pwd reset hooks (#4265) 
* Add account data in pwd reset hooks

* tidy

* tidy

* tidy
 2025-10-24 12:50:34 +02:00
Matthieu Sieben 8c03d75b6c Remove un-implemented introspect endpoint from OAuth Server metadata (#4293) 
Remove un-implemented `introspect` endpoint from OAuth Authorization Server metadata
 2025-10-24 12:10:37 +02:00
Aaron Parecki dca500186e update links to ietf docs (#4273) 2025-10-14 14:43:01 -07:00
github-actions[bot] bd469a6861 Version packages (#4247) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-10-06 19:13:28 +02:00
Matthieu Sieben e71d265dd4 Minor oauth jwk tweaks (#4256) 
* Minor oauth jwk changes

* tidy
 2025-10-06 15:45:05 +02:00
github-actions[bot] 778f76320e Version packages (#4229) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-09-26 11:51:16 -05:00
github-actions[bot] 4c4ee7208f Version packages (#4218) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-09-23 08:30:58 +02:00
Matthieu Sieben 7351589a31 Add onResetPasswordRequest and onResetPasswordConfirm hooks (#4217) 2025-09-22 19:38:38 +02:00
github-actions[bot] d91988fe79 Version packages (#4192) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-09-10 15:15:55 +02:00
Matthieu Sieben cf4117966c Fix call to onDecodeToken oauth verifier hook (#4191) 
* Make `DpopProof` readonly

* Improve token verification error details

* Always log warnings when DPOP proof `htu` contains # or ?.

* Add missing initialization of `onDecodeToken` hook

* Add logging around scope dereferencing operations
 2025-09-09 15:56:32 +02:00