* onSignInFailed oauth hook
* plumb Account through to onSignInFailed hook
* plumb client ids through to oauth hooks
* pass sub to InvalidCredentialsError, not full Account
* defensively downgrade InvalidCredentialsError to InvalidRequestError after delivering onSignInFailed hook
* changeset
* support InvalidCredentialsError in PDS oauth store, test for enumeration attacks
* changeset
* fix test
* slight simplification
* pds: stop probing image dimensions
* remove width and height from BlobMetadata
* remove image dimension checks from tests
* comment out width and height in Blob schema
* Add prompt_values_supported to Authorization Server Metadata
* Expose prompt_values_supported in Authorization Server Metadata
* Support selecting view in oauth-provider-ui based on prompt parameter
* Support initiating user registration via prompt=create
* Add support to OAuth Client Browser Example for prompt=create
* Add test coverage for prompt=create
* Export constants and type assertion utilities
* Add permission set support to oauth provider
* improve permission set parsing
* Rename `PermissionSet` to `ScopePermissions`
* Improve performance of NSID validation
* Add support for `permission-set` in lexicon document
* Validate NSID syntax using `@atproto/syntax`
* Export all types used in public interfaces (from `lexicon-resolver`)
* Small performance improvement
* Rework scope parsing utilities to work with Lexicon defined permissions
* file rename
* fixup! Rework scope parsing utilities to work with Lexicon defined permissions
* removed outdated comment
* removed outdated comment
* fix comment typo
* Improve `SimpleStore` api
* permission-set NSID auth scopes
* Remove dev dependency on dev-env
* fix build script
* pnpm-lock
* Improve fetch-node unicast protection
* Explicitly set the `redirect: "follow"` `fetch()` option
* Add delay when building oauth-provider-ui in watch mode
* Remove external dependencies from auth-scopes
* Add customizable lexicon authority to pds (for dev purposes)
* fix pds migration
* update permission-set icon
* Add support for `include:` syntax in scopes
* tidy
* Renaming of "resource" concept to better reflect the fact that not all oauth scope values are about resources
* changeset
* ui improvmeents
* i18n
* ui imporvements
* add `AtprotoAudience` type
* Enforce proper formatting of audience (atproto supported did + fragment part)
* tidy
* tidy
* tidy
* fix ci ?
* ci fix ?
* tidy ?
* Apply consistent outline around focusable items
* Use `inheritAud: true` to control `aud` inheritance
* Update packages/oauth/oauth-provider/src/lexicon/lexicon-manager.ts
Co-authored-by: devin ivy <devinivy@gmail.com>
* Review comments
* Add `nsid` property to `LexiconResolutionError`
* improve nsid validation
* i18n
* Improve oauth scope parsing
* Simplify lex scope parsing
* tidy
* docs
* tidy
* ci
* Code simplification
* tidy
* improve type safety
* improve deps graph
* naming
* Improve tests and package structure
* Improve error when resolving a non permission-set
* improve nsid parsing perfs
* benchmark
* Refactor ozone and lexicon into using a common service profile mechanism
* improve perfs
* ci fix (?)
* tidy
* Allow storage of valid lexicons in lexicon store
* Improve handling of lexicon resolution failures
* review comment
* Test both regexp and non regexp based nsid validation
* properly detect presence of port number in https did:web
* Re-enable logging of `safeFetch` requests
* tidy
---------
Co-authored-by: devin ivy <devinivy@gmail.com>
* 🚧 WIP
* ✨ Make age assurance state queryable
* ✨ Split age assurance events into 2
* ✨ Implement admin and user state overrides
* ✨ Add blocked as a known value for age assurance state
* ✅ Update test snapshot
* ✅ Update test snapshot
* ✨ Cleanup
* xrpc-server: skip body parsing when input encoding is */*, fix json and text uploads
* changeset
* pds: add tests for text and json uploads
* tidy
* xrpc-server: only create body parser when it will be used
* Improve OAuth Example app
* Improve style
* bsync: Accept NSID with fragment in operation ns (#3954)
* Add `match: MuteWordMatch` to `muted-word` mod decision `cause` (#2934)
* Return MuteWordMatch instead of simple boolean
* Return full mute word with match
* Add MuteWordMatch to decision cause, update a few tests
* Backwards compat
* Tighter types
* Return all mute word matches
* Clean up types
* Rename
* More cleanup of naming
* Remove unneeded changes
* Format
* Add predicate value to matches
* Better migration path
* Changeset
* Import sort
* Tighten up addMuteWord API
Co-authored-by: Matthieu Sieben <matthieusieben@users.noreply.github.com>
* Mute words: handle `Andor` and `and/or` case (#3948)
* Handle Andor case
* Remove useless escape
* Changeset
---------
Co-authored-by: Matthieu Sieben <matthieusieben@users.noreply.github.com>
* Version packages (#3947)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* Update README.md to add some missing details in examples (#3254)
Update README.md
Improve code examples (some OAuth implementation details are missing in these examples)
* Increase oauth session & refresh token lifetimes (#3883)
* Allow HTTPS `redirect_uris` from any origin (#3811)
* bump MST key length from 256 to 1024 chars (#3956)
* bump MST key length from 256 to 1024 chars
* update MST key test
* add a changeset
* Version packages (#3959)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* Rename `filter` -> `include` (#3966)
* rename filter -> include
* changeset
* fix tests
* Minor Fixes: Typo Correction and Comment Update (#3961)
* Update blob-resolver.ts
* Update index.ts
* Appview: sync up protos for notification prefs (#3970)
appview: sync up protos for notification prefs
* Version packages (#3969)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* Fix invalid use of `invalid_client` (#3967)
* Replace slice() with subarray() in car file parsing (#3971)
* Replace slice() with subarray() in car file parsing
* changeset
---------
Co-authored-by: Devin Ivy <devinivy@gmail.com>
* Re-export all types & utilities needed to instantiate an OAuth client (#3976)
* Re-export all types & utilities needed to instantiate an OAuth client
* Add `jwkPrivateSchema` to ensure a key is private
* Return object instead of array as result of `findPrivateKey`
* Allow override of default `handleResolver` and `runtimeImplementation` options for NodeOAuthClient
* changeset
* Allow `OAuthClient` to be instantiated with custom `didResolver` instance
* Version packages (#3975)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* Perform a bi-directional check when resolving identity from did (#3977)
* Perform a bi-directional check when resolving identity from did
* tidy
* Reject did documents containing invalid `alsoKnownAs` ATProto handles
* Use error classes
* tidy
* Improve identity resolution
* tidy
* Allow non-normalized handles in did document
* pnpm-lock
* Version packages (#3979)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* repo: MST should allow tilde in keys (#3981)
* repo: MST should allow tilde in keys
* add changeset
* fic ci
* tidy
* tidy
---------
Co-authored-by: rafael <rafael@blueskyweb.xyz>
Co-authored-by: Eric Bailey <git@esb.lol>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: James Futhey <kidGodzilla@users.noreply.github.com>
Co-authored-by: bnewbold <bnewbold@robocracy.org>
Co-authored-by: Samuel Newman <mozzius@protonmail.com>
Co-authored-by: leopardracer <136604165+leopardracer@users.noreply.github.com>
Co-authored-by: devin ivy <devinivy@gmail.com>
Co-authored-by: Paul Frazee <pfrazee@gmail.com>
* 🐛 Fetch record from pds if appview fails to find it for ozone
* ✨ Resolve and etch from pds without auth
* ♻️ Refactor and cleanup
* ✅ Fix tests
* ✅ Fix tests
* 🚨 Fix linter issue
* 🧹 Cleanup
* First vouch implementation
* Remove unneeded endpoints
* wip
* ✨ wip
* ✨ Process jetstream events through p-queue and add tests
* ✅ Add test for cursor update
* 🐛 Use utc time to update updatedAt
* 🧹 Cleanup
* 🔨 Fix pnpm versioning issues
* ✨ Replace jetstream lib with manual implementation
* ✨ Remove unnecessary 3p dep
* ✨ Add e2e test for jetstream
* 🚨 Fix import
* 🧹 Remove unnecessary property
* ✨ Fix dev-env and add profile to verification view in ozone
* ✅ Add profile type
* ✨ Add backpressure handling to jetstream listener
* ✨ Use WebSocketKeepAlive from xrpc-server and replace partysocket
* ✨ Add a new verifier role to ozone team meber roles
* 📝 Run codegen
* 🐛 Fix auth check
* 🐛 Fix test failure check
* 🚨 Fix json formatting
* 🐛 Fix team role check
* 🚧 Checking failing test
* ✅ Fix tests
* ✨ Address review comments
* ✨ Add xrpc-server to version
* 🚨 Fix linter issue
* 🚨 Fix linter issue
* ✨ Resolve race condition in cursor update
* ✅ Add verification check on profile
* 🐛 Fix missing cid in test and firehose cursor
* ✨ Fix test
* ✨ Add record validation for verification and separate xrpc-server version
* ✨ Return error object for failed revocations
* ✨ Add re-login on expired session case
* 📝 Fix typo
---------
Co-authored-by: rafael <rafael@blueskyweb.xyz>
* Adds "password reset" during OAuth flows
* Adds "Sign up" during OAuth flows
* Adds support for multiple languages in the OAuth flow
* Adds "fr" translation for the OAuth flow
Co-authored-by: devin ivy <devinivy@gmail.com>
Co-authored-by: Eric Bailey <git@esb.lol>
* deprecate blobs & tooBig
* add sync event, deprecate handle & tombstone
* fix up tests
* small tidy
* add test for sync account on account activation
* use new sync event in another place
* remove deprecated events from lexicons
* formatting
* pr cleanup
* changeset
* schema
* reset rate limit codegen
* codegen
* send prev cids on firehose
* fix test
* fix some test compiler errors & add experimental note
* fix linting
* build branch
* add prevData to commit event
* fix cbor undefined err
* add sibling proofs to relevant blocks
* bump depth of obj in test
* fix bug on right sibling proof & add some tests
* another test
* refactor proof construction
* more tests
* factor into fixtures
* fix styles in json
* lint: import ordering
* pr feedback
* add invertible op test
* remove prev from outgoing events
* return to original proof construction
* dont build branch
* changeset
* lex: use 'tid' and 'record-key' formats in lexicons
* more TID formats; and remove redundant maxLength
* add maxLength back, with a comment/description
* revert accidential change to applyWrites
* codegen
* changeset
* update test for invalid record-key
* Make codegen types stricter
* Add .js file extension to import statements in generated code
* Fixes a bug that would clear interests prefs when updating hidden posts prefs.
* Add linting rule to sort imports
* remove spacing between import groups
* changeset
* changeset
* prettier config fine tuning
* forbid use of deprecated imports
* tidy
* Similification of the `pds` package by:
- Removing `DetailedAccountStore` class (moving its logic inside `AccountManager`)
- Factorizes image URL building into its own class (for easy re-use from `AccountManager`)
- Adds an `AppView` class that exposes an `agent: AtpAgent` and url builder function (used by the `ImageUrlBuilder`).
- Reworks the `ActorStore` to avoid circular dependency between `AccountManager` and `LocalViewerCreator` (needed because of first item)
* tidy
* move classes in their own file
devin ivy
David Buchanan
Matthieu Sieben
rafael
Emelia Smith
Eric Bailey
rafael
Foysal Ahamed
Samuel Newman
Daniel Holmgren
bnewbold