this repo has no description
add some maintainer notes
+26
+26
atproto/auth/oauth/HACKING.md
+26
atproto/auth/oauth/HACKING.md
···
1
+
2
+
## Package Structure
3
+
4
+
`oauth.ClientApp`
5
+
- represents an overall application or service; helps establish and manage oauth.ClientSession
6
+
- wraps and manages client metadata, client attestation secret (for confidential clients), request and session storage
7
+
8
+
`oauth.ClientSession`
9
+
- represents an established user session, wrapping DPoP key, tokens, and other metadata
10
+
- implements client.AuthMethod, for use with ApiClient
11
+
- automates token refresh; for confidential clients requires ref to client secret
12
+
- triggers callback when session data are updated (nonce, tokens)
13
+
14
+
`oauth.OAuthStore`
15
+
- interface for persistent storage systems for auth request and session metadata, including secrets and DPoP private keys
16
+
17
+
`oauth.Resolver`
18
+
- currently always resolves direct from the network; may add flexible caching or interface abstraction in the future
19
+
20
+
21
+
## Implementation Details
22
+
23
+
- starts DPoP at PAR (specification is flexible about this)
24
+
- requires ES256 (P-256) for DPoP and client attestation private keys; though flexible interface types are used in the API
25
+
- scopes are configured as part of client metadata, and the same for each session
26
+