1berry/atproto
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,335 Commits 212 Branches 1,351 Tags
Commit Graph

2335 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matthieu Sieben
3fa2ee3b6a
Deprecate query & fragment in DPoP proof htu claim (#3879) 
* Properly validate JWK `htu` claim by enforcing URL without query or fragment

* type fix

* Return DPoP validation result from `authenticateRequest`

* Log clients using invalid "htu" claim in DPoP proof

* review comments

* fix lint

* tidy

* rename dpop result to dpop proof
 2025-06-05 14:46:51 +02:00
Matthieu Sieben
a3b24ca77c
Use Form encoded body instead of JSON for OAuth requests (#3919) 
* Parse JSON encoded Authorization Request Parameters

* Use `application/x-www-form-urlencoded` content instead of JSON for OAuth requests

Fixes: #3723

* Pre-process number too

* improved type checking

* Update packages/oauth/oauth-client/src/oauth-server-agent.ts

Co-authored-by: devin ivy <devinivy@gmail.com>

---------

Co-authored-by: devin ivy <devinivy@gmail.com>
 2025-06-05 14:15:42 +02:00
Matthieu Sieben
9214bd0170
Improve logging of XRPC errors (#3699) 
* Improve logging of XRPC errors

* strip stack of non internal errors

* Review comments
 2025-06-04 17:03:16 +02:00
github-actions[bot]
1919d10a22
Version packages (#3920) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@atproto/dev-env@0.3.137 @atproto/oauth-provider-ui@0.1.7 @atproto/oauth-provider@0.7.10 @atproto/pds@0.4.143 		2025-06-04 13:35:53 +02:00
rafael
b9616f63bf
[bsync] Rename operation endpoint properties (#3921) 2025-06-03 14:23:35 -03:00
Matthieu Sieben
71b9dcda96
Show account picker instead of welcome screen when user already signed-in (#3916) 
* Show sign-in screen instead of welcome screen when user already signed-in
 2025-06-03 10:10:42 +02:00
Matthieu Sieben
8fa2502e80
Require manual invocation of i18n:extract (#3918) 
Currently, the `lingui extract` command is being run as part of the `build` and `dev` commands. This causes very large diffs in PRs, even when no change are made to `.po` files.

With this change, only running `pnpm i18n` (from the root folder), or `pnpm i18n:extract` (from ui libs that support it) will cause the PO files to be re-computed.
 2025-06-02 19:18:33 +02:00
Foysal Ahamed
e2f1dfd3da
Fix flaky team test in ozone suite (#3917) 2025-06-02 16:45:02 +02:00
github-actions[bot]
45e8717e19
Version packages (#3914) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@atproto/api@0.15.12 @atproto/bsky@0.0.154 @atproto/bsync@0.0.20 @atproto/dev-env@0.3.136 @atproto/ozone@0.1.115 @atproto/pds@0.4.142 		2025-05-31 16:37:17 -03:00
Eric Bailey
a5cd018bd5
Unify getPostThreadV2 and getPostThreadHiddenV2 responses (#3912) 
Co-authored-by: rafael <rafael@blueskyweb.xyz>
 2025-05-31 16:25:25 -03:00
github-actions[bot]
e05b38a727
Version packages (#3907) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@atproto/api@0.15.11 @atproto/bsky@0.0.153 @atproto/dev-env@0.3.135 @atproto/lex-cli@0.8.2 @atproto/oauth-provider@0.7.9 @atproto/ozone@0.1.114 @atproto/pds@0.4.141 		2025-05-29 15:27:40 -03:00
rafael
a978681fde
changeset (#3910) 2025-05-29 15:20:29 -03:00
rafael
f6d5a467e7
Fix handling following users in threads v2 (#3909) 2025-05-29 13:01:11 -03:00
Samuel Newman
d880665e63
Fixed codegen for arrays of strings with known values (#3906) 
* fix codegen for arrays of strings of knownValue

* changeset
 2025-05-29 08:42:56 -07:00
Matthieu Sieben
06bf684a4a
Add max length limit to passwords (#3900) 
* Add max length limit to passwords

* review changes
 2025-05-29 14:15:45 +02:00
rafael
cb8bf1838f
app.bsky.unspecced.getPostThreadV2 filtering (#3905) 2025-05-29 00:32:11 -03:00
Foysal Ahamed
498f3c0738
🐛 Fetch record from pds if appview fails to find it for ozone (#3892) 
* 🐛 Fetch record from pds if appview fails to find it for ozone

*  Resolve and etch from pds without auth

* ♻️ Refactor and cleanup

*  Fix tests

*  Fix tests

* 🚨 Fix linter issue

* 🧹 Cleanup
 2025-05-28 21:39:28 +02:00
Jim Calabro
e474623d3f
Add Generic Bsync Proto (#3887) 
Co-authored-by: rafael <rafael@blueskyweb.xyz>
 2025-05-28 11:37:04 -03:00
Foysal Ahamed
37b5a4ef29
🐛 Add missing union ref to ozone mod subject (#3605) 2025-05-28 10:30:54 +02:00
Foysal Ahamed
fe2a1d12bb
🐛 Add datetime format in lexicon def for createdAt field on grantVerification input (#3829) 2025-05-28 10:30:43 +02:00
github-actions[bot]
bae3ef91fc
Version packages (#3897) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@atproto/api@0.15.10 @atproto/bsky@0.0.152 @atproto/dev-env@0.3.134 @atproto/oauth-client-browser@0.3.19 @atproto/oauth-client-node@0.2.20 @atproto/oauth-client@0.3.19 @atproto/ozone@0.1.113 @atproto/pds@0.4.140 		2025-05-27 21:31:22 -05:00
rafael
1dae6c59ab
Add app.bsky.unspecced.getPostThreadV2 (#3825) 
Co-authored-by: Eric Bailey <git@esb.lol>
 2025-05-27 22:12:12 -03:00
Matthieu Sieben
a03f0b906b
Remove un-necessary validation of alg on every dpop token creation (#3877) 2025-05-27 19:36:33 +02:00
github-actions[bot]
d6c40d6559
Version packages (#3878) @atproto/api@0.15.9 @atproto/bsky@0.0.151 @atproto/dev-env@0.3.133 @atproto/oauth-client-browser@0.3.18 @atproto/oauth-client-node@0.2.19 @atproto/oauth-client@0.3.18 @atproto/oauth-provider-frontend@0.1.5 @atproto/oauth-provider-ui@0.1.6 @atproto/oauth-provider@0.7.8 @atproto/ozone@0.1.112 @atproto/pds@0.4.139 2025-05-26 22:04:18 +03:00
Samuel Newman
79a75bb1ed
Referred likes lexicon changes (#3882) 2025-05-26 19:28:59 +03:00
Matthieu Sieben
d1e3e68dd9 changeset 2025-05-26 13:45:09 +02:00
Johannes Andersen
ba293da9fe
feat: password reset discovery and sign-in/up autofill (#3888) 
* feat: password reset discovery and sign-in/up autofill

* chore: update translation files
 2025-05-26 13:42:54 +02:00
Matthieu Sieben
e939f8e466 Revert "Refactor route rate limiter builder" 
This reverts commit da433bd0ca55c044c0e1c804717124a4ca40b791.
 2025-05-23 14:51:39 +02:00
Matthieu Sieben
da433bd0ca Refactor route rate limiter builder 2025-05-23 14:50:52 +02:00
Matthieu Sieben
36d0d370c2 Remove query & fragment from DPoP proof htu claim 
Fixes: https://github.com/bluesky-social/atproto/issues/3846
 2025-05-21 17:21:26 +02:00
bnewbold
24e20b96c6
lexicons: update searchPosts to indicate it isn't always available publicly (#3844) 
* update searchPost description to clarify it may or may not be public

* codegen
 2025-05-20 21:04:40 -07:00
github-actions[bot]
0a2c30dd97
Version packages (#3872) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@atproto-labs/did-resolver@0.1.13 @atproto-labs/fetch-node@0.1.9 @atproto-labs/fetch@0.2.3 @atproto-labs/handle-resolver-node@0.1.16 @atproto-labs/identity-resolver@0.1.17 @atproto-labs/pipe@0.1.1 @atproto/api@0.15.8 @atproto/bsky@0.0.150 @atproto/dev-env@0.3.132 @atproto/oauth-client-browser-example@0.0.4 @atproto/oauth-client-browser@0.3.17 @atproto/oauth-client-node@0.2.18 @atproto/oauth-client@0.3.17 @atproto/oauth-provider-ui@0.1.5 @atproto/oauth-provider@0.7.7 @atproto/ozone@0.1.111 @atproto/pds@0.4.138 		2025-05-20 15:15:10 -07:00
hailey
80f402f366
add reqId to interactions (#3869) 2025-05-20 14:45:19 -07:00
Matthieu Sieben
8318c57187
Allow proxying of getSession using OAuth session (#3820) 
* Allow proxying of dpop bound requests by using service auth instead, for the `getSession` endpoint.

* Show `getSession` data in example app

* Add  scope

* strings

* cleanup

* tidy

* tidy

* Add transition:email scope to example app

* strings

* changeset

* pr comments
 2025-05-20 14:37:02 +02:00
Matthieu Sieben
36dbd41551
Fix potential memory leak (#3819) 
* Fix potential memory leak

* pr comment
 2025-05-20 14:08:16 +02:00
Matthieu Sieben
43861a452b
Remove dependency on the Public Suffix List (#3818) 
* Remove dependency on the Public Suffix List

* tidy
 2025-05-20 14:01:10 +02:00
Matthieu Sieben
5050b6550e
Allow implicit redirects in safe fetch wrap (#3821) 2025-05-20 13:36:38 +02:00
Matthieu Sieben
eab7c9fb8a
Use the PDS's hostname as fallback PDS "name" in the auth screen (#3868) 2025-05-20 13:32:48 +02:00
github-actions[bot]
f476003709
Version packages (#3854) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@atproto/api@0.15.7 @atproto/bsky@0.0.149 @atproto/dev-env@0.3.131 @atproto/ozone@0.1.110 @atproto/pds@0.4.137 		2025-05-16 17:20:57 -03:00
rafael
86b3153884
Add liveNow to app.bsky.unspecced.getConfig (#3860) 2025-05-16 17:01:37 -03:00
devin ivy
efc64ba925
pds: client ip relative to trusted ips (#3850) 
* pds: client ip relative to trusted ips

* changeset
 2025-05-13 12:29:13 -07:00
Daiki Mizukami
81fb69ac65
Add @context for multikey to service DID documents (#3666) 2025-05-09 17:36:00 -07:00
github-actions[bot]
251f661c00
Version packages (#3841) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@atproto/dev-env@0.3.130 @atproto/pds@0.4.136 		2025-05-08 21:51:09 -04:00
devin ivy
088d06204f
pds: fix account management migration, partial failure in some cases (#3840) 
* pds: fix account management migration which had a partial failure in some cases

* changeset
 2025-05-08 21:45:45 -04:00
bnewbold
fb283edbaf
use legally registered name for company (#3834) 2025-05-06 10:43:57 -07:00
github-actions[bot]
b36014dac5
Version packages (#3803) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@atproto-labs/xrpc-utils@0.0.14 @atproto/api@0.15.6 @atproto/aws@0.2.21 @atproto/bsky@0.0.148 @atproto/bsync@0.0.19 @atproto/common-web@0.4.2 @atproto/common@0.4.11 @atproto/dev-env@0.3.129 @atproto/identity@0.4.8 @atproto/lex-cli@0.8.1 @atproto/lexicon@0.4.11 @atproto/oauth-client-browser-example@0.0.3 @atproto/oauth-client-browser@0.3.16 @atproto/oauth-client-node@0.2.17 @atproto/oauth-client@0.3.16 @atproto/oauth-provider-api@0.1.2 @atproto/oauth-provider-frontend@0.1.4 @atproto/oauth-provider-ui@0.1.4 @atproto/oauth-provider@0.7.6 @atproto/oauth-types@0.2.7 @atproto/ozone@0.1.109 @atproto/pds@0.4.135 @atproto/repo@0.8.1 @atproto/sync@0.1.23 @atproto/xrpc-server@0.7.18 @atproto/xrpc@0.7.0 		2025-05-05 17:44:12 -03:00
rafael
3a65b68f7d
Actor status lexicon and views (#3824) 2025-05-05 17:35:10 -03:00
rafael
7049117ea2
Fix takendown blocklists application (#3807) 2025-04-30 14:03:05 -03:00
Foysal Ahamed
5fd7ef0bf6
🐛 Ignore expired labels when queried from ozone database (#3786) 
* 🐛 Ignore expired labels when queried from ozone database

* 🚨 remove unused imports
 2025-04-30 17:58:08 +02:00
rafael
ab4e72084d
Handle resolution improvements (#3816) 
* Handle resolution improvements

On PDS, only perform resolution if appview is not configured.
On appview, never perform resolution, only rely on dataplane.

* changeset

* appview: add lookup_unidirectional to GetDidsByHandles

* appview: plumb lookup_unidirectional for handle lookup

* note

---------

Co-authored-by: Devin Ivy <devinivy@gmail.com>
 2025-04-29 08:58:55 -04:00