lamp/atproto
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,489 Commits 1 Branch 0 Tags
Commit Graph

179 Commits

Author SHA1 Message Date
Matthieu Sieben
cd4bed3c9e
Cache new nonces from successful retries (#3935) 
* @atproto/oauth-client: cache new nonces from successful retries

* Add changeset

---------

Co-authored-by: Eli Mallon <eli@aquareum.tv>
 2025-06-06 19:29:48 +02:00
github-actions[bot]
623c95d01e
Version packages (#3924) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-06-05 14:59:03 +02:00
Matthieu Sieben
3fa2ee3b6a
Deprecate query & fragment in DPoP proof htu claim (#3879) 
* Properly validate JWK `htu` claim by enforcing URL without query or fragment

* type fix

* Return DPoP validation result from `authenticateRequest`

* Log clients using invalid "htu" claim in DPoP proof

* review comments

* fix lint

* tidy

* rename dpop result to dpop proof
 2025-06-05 14:46:51 +02:00
Matthieu Sieben
a3b24ca77c
Use Form encoded body instead of JSON for OAuth requests (#3919) 
* Parse JSON encoded Authorization Request Parameters

* Use `application/x-www-form-urlencoded` content instead of JSON for OAuth requests

Fixes: #3723

* Pre-process number too

* improved type checking

* Update packages/oauth/oauth-client/src/oauth-server-agent.ts

Co-authored-by: devin ivy <devinivy@gmail.com>

---------

Co-authored-by: devin ivy <devinivy@gmail.com>
 2025-06-05 14:15:42 +02:00
github-actions[bot]
1919d10a22
Version packages (#3920) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-06-04 13:35:53 +02:00
Matthieu Sieben
71b9dcda96
Show account picker instead of welcome screen when user already signed-in (#3916) 
* Show sign-in screen instead of welcome screen when user already signed-in
 2025-06-03 10:10:42 +02:00
Matthieu Sieben
8fa2502e80
Require manual invocation of i18n:extract (#3918) 
Currently, the `lingui extract` command is being run as part of the `build` and `dev` commands. This causes very large diffs in PRs, even when no change are made to `.po` files.

With this change, only running `pnpm i18n` (from the root folder), or `pnpm i18n:extract` (from ui libs that support it) will cause the PO files to be re-computed.
 2025-06-02 19:18:33 +02:00
github-actions[bot]
e05b38a727
Version packages (#3907) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-05-29 15:27:40 -03:00
Matthieu Sieben
06bf684a4a
Add max length limit to passwords (#3900) 
* Add max length limit to passwords

* review changes
 2025-05-29 14:15:45 +02:00
github-actions[bot]
bae3ef91fc
Version packages (#3897) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-05-27 21:31:22 -05:00
Matthieu Sieben
a03f0b906b
Remove un-necessary validation of alg on every dpop token creation (#3877) 2025-05-27 19:36:33 +02:00
github-actions[bot]
d6c40d6559
Version packages (#3878) 2025-05-26 22:04:18 +03:00
Johannes Andersen
ba293da9fe
feat: password reset discovery and sign-in/up autofill (#3888) 
* feat: password reset discovery and sign-in/up autofill

* chore: update translation files
 2025-05-26 13:42:54 +02:00
Matthieu Sieben
36d0d370c2 Remove query & fragment from DPoP proof htu claim 
Fixes: https://github.com/bluesky-social/atproto/issues/3846
 2025-05-21 17:21:26 +02:00
github-actions[bot]
0a2c30dd97
Version packages (#3872) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-05-20 15:15:10 -07:00
Matthieu Sieben
8318c57187
Allow proxying of getSession using OAuth session (#3820) 
* Allow proxying of dpop bound requests by using service auth instead, for the `getSession` endpoint.

* Show `getSession` data in example app

* Add  scope

* strings

* cleanup

* tidy

* tidy

* Add transition:email scope to example app

* strings

* changeset

* pr comments
 2025-05-20 14:37:02 +02:00
Matthieu Sieben
43861a452b
Remove dependency on the Public Suffix List (#3818) 
* Remove dependency on the Public Suffix List

* tidy
 2025-05-20 14:01:10 +02:00
github-actions[bot]
b36014dac5
Version packages (#3803) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-05-05 17:44:12 -03:00
Matthieu Sieben
e1bda27e55
Fix CORS issue on <img> tags (#3810) 2025-04-28 20:30:11 +02:00
Matthieu Sieben
a48b093f0b
Use more consistent UI regardless of profile completion (#3797) 
* Expose `pdsAgent` as global constant

* Use more consistent UI regardless of profile completion

* strings

* Add `OidcUserinfo` type
 2025-04-25 10:10:13 +02:00
github-actions[bot]
2b0c0159a9
Version packages (#3784) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-18 17:31:23 -04:00
devin ivy
d794b06763
Revert hcaptcha COEP requirements (#3783) 
* Revert "Use more secure COEP header when hCaptcha is enabled (#3755)"

This reverts commit 96de2acb301683effe4313cb93d7747f87a73b5e.

* changeset
 2025-04-18 17:12:54 -04:00
github-actions[bot]
8e696dbcbf
Version packages (#3779) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-18 15:37:26 -04:00
Eric Bailey
a70dad5aea
Skip lazy load of hcaptcha for now (#3781) 
* Skip lazy load of hcaptcha for now

* Changeset

* I18n
 2025-04-18 15:20:36 -04:00
Matthieu Sieben
81524fcb00
Minor UI fixes to OAuth flow (#3778) 2025-04-18 19:12:12 +02:00
github-actions[bot]
90e9a20d31
Version packages (#3777) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-18 11:11:53 +02:00
Matthieu Sieben
30f9b6690e
OAuth Provider account page fixes (#3764) 
* Allow `:` chars in url path parts

* Allow customizing contrast and hue colors

* Allow customizing contrast and hue colors

* Use white as primary contrast color

* Fix buttons alignment and labels in "My Devices" section

* Add a `<title>` tag to all pages

* Properly display the "lastSeenAt" date

* Improve display of clients & devices

* tidy

* code split

* Add definition for `ConventionalOAuthClientId`

* Remove hard coded `client_name` from loopback client metadata

* Code factorization

* Fix `<title>` of branding page
 2025-04-18 11:04:34 +02:00
github-actions[bot]
3bdddeb439
Version packages (#3760) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-17 14:04:07 -05:00
Matthieu Sieben
96de2acb30
Use more secure COEP header when hCaptcha is enabled (#3755) 
Refs: https://github.com/hCaptcha/react-hcaptcha/issues/259
 2025-04-17 11:02:32 +02:00
Matthieu Sieben
cf7227f8a1
Update messages.po files (#3759) 
messages
 2025-04-16 16:41:18 +02:00
Matthieu Sieben
0f3899dd52
Minor UI/UX tweaks (#3758) 
* Minor UI/UX tweaks

* Update packages/oauth/oauth-provider-frontend/src/components/Avatar.tsx

Co-authored-by: futur <me@futuristick.ca>

---------

Co-authored-by: futur <me@futuristick.ca>
 2025-04-16 16:39:50 +02:00
github-actions[bot]
231eb48265
Version packages (#3753) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-16 10:45:52 +02:00
Matthieu Sieben
1e461eab03
Fix missing dist files from @atproto/oauth-provider-ui (#3754) 
* Remove reference to missing "bin" executable

* Remove "dependency" on `rollup-plugin-bundle-manifest`

* Fix dependencies

* Explicit exported package `files`

* Update pnpm lock
 2025-04-16 10:25:29 +02:00
github-actions[bot]
bf0faed1f8
Version packages (#3748) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-15 17:35:49 +02:00
Matthieu Sieben
371e04aad2
Account management page (#3659) 
---------

Co-authored-by: Eric Bailey <git@esb.lol>
 2025-04-15 17:15:27 +02:00
Matthieu Sieben
8b98fec885
Hide client id pathname if it is exaclty /oauth-client-metadata.json (#3667) 2025-04-15 16:00:50 +02:00
devin ivy
26a0777167
Oauth: fix typo in jwk error (#3747) 
* oauth: fix typo in jwk error

* changeset

---------

Co-authored-by: Matthieu Sieben <matthieu.sieben@gmail.com>
 2025-04-15 15:59:09 +02:00
github-actions[bot]
6bc8355c40
Version packages (#3710) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-02 18:38:47 -05:00
github-actions[bot]
a26813da21
Version packages (#3703) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-01 15:30:27 -05:00
github-actions[bot]
c16492f253
Version packages (#3693) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-03-28 14:53:46 +01:00
Matthieu Sieben
9b28184cb9
Expose hcaptcha tokens in hook and errors (#3690) 
* Expose hcaptcha tokens in hook and errors

* remove hostname check in hcaptcha
 2025-03-28 14:37:39 +01:00
github-actions[bot]
571164100f
Version packages (#3689) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-03-28 11:08:04 +01:00
Matthieu Sieben
98d8a677ca
Add OAuth HCaptcha hooks (#3688) 2025-03-28 11:04:12 +01:00
github-actions[bot]
01c5e636e3
Version packages (#3682) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-03-27 17:03:04 +01:00
Matthieu Sieben
a5a760c1f0
Allow null hostname in hcaptcha result (#3681) 2025-03-27 16:46:21 +01:00
github-actions[bot]
03ca772612
Version packages (#3658) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-03-21 09:46:44 +01:00
Johannes Andersen
42807cad56
fix(oauth-provider): hCaptcha error codes should be optional (#3656) 
* fix(oauth-provider): hCaptcha error codes should be optional

* fix: hostname can be nullable

* fix: add changesets
 2025-03-21 09:17:51 +01:00
github-actions[bot]
c777ba6d68
Version packages (#3631) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-03-20 15:21:15 +01:00
Matthieu Sieben
49528e83da
OAuth: Allow onSignedUp hook to access hcaptcha result data (#3645) 
* OAuth: Allow `onSignedUp` hook to access hcaptcha result data

* OAuth hcatpcha fixes

* Update .changeset/slimy-flowers-punch.md

Co-authored-by: devin ivy <devinivy@gmail.com>

---------

Co-authored-by: devin ivy <devinivy@gmail.com>
 2025-03-20 14:57:54 +01:00
Matthieu Sieben
cc4122652e
Split OAuth Provider's ui into its own package (#3640) 
* Split OAuth Provider's ui into its own package

* Create distinct entry files for authorization and error pages
 2025-03-19 09:19:27 +01:00