-20

atproto/identity/did.go

reviewed

··· 13 13 "github.com/bluesky-social/indigo/atproto/syntax" 14 14 ) 15 15 16 16 - type DIDDocument struct { 17 17 - DID syntax.DID `json:"id"` 18 18 - AlsoKnownAs []string `json:"alsoKnownAs,omitempty"` 19 19 - VerificationMethod []DocVerificationMethod `json:"verificationMethod,omitempty"` 20 20 - Service []DocService `json:"service,omitempty"` 21 21 - } 22 22 - 23 23 - type DocVerificationMethod struct { 24 24 - ID string `json:"id"` 25 25 - Type string `json:"type"` 26 26 - Controller string `json:"controller"` 27 27 - PublicKeyMultibase string `json:"publicKeyMultibase"` 28 28 - } 29 29 - 30 30 - type DocService struct { 31 31 - ID string `json:"id"` 32 32 - Type string `json:"type"` 33 33 - ServiceEndpoint string `json:"serviceEndpoint"` 34 34 - } 35 35 - 36 16 // WARNING: this does *not* bi-directionally verify account metadata; it only implements direct DID-to-DID-document lookup for the supported DID methods, and parses the resulting DID Doc into an Identity struct 37 17 func (d *BaseDirectory) ResolveDID(ctx context.Context, did syntax.DID) (*DIDDocument, error) { 38 18 start := time.Now()

atproto/identity/did_test.go atproto/identity/diddoc_text.go

reviewed

+25

atproto/identity/diddoc.go

reviewed

··· 1 1 + package identity 2 2 + 3 3 + import ( 4 4 + "github.com/bluesky-social/indigo/atproto/syntax" 5 5 + ) 6 6 + 7 7 + type DIDDocument struct { 8 8 + DID syntax.DID `json:"id"` 9 9 + AlsoKnownAs []string `json:"alsoKnownAs,omitempty"` 10 10 + VerificationMethod []DocVerificationMethod `json:"verificationMethod,omitempty"` 11 11 + Service []DocService `json:"service,omitempty"` 12 12 + } 13 13 + 14 14 + type DocVerificationMethod struct { 15 15 + ID string `json:"id"` 16 16 + Type string `json:"type"` 17 17 + Controller string `json:"controller"` 18 18 + PublicKeyMultibase string `json:"publicKeyMultibase"` 19 19 + } 20 20 + 21 21 + type DocService struct { 22 22 + ID string `json:"id"` 23 23 + Type string `json:"type"` 24 24 + ServiceEndpoint string `json:"serviceEndpoint"` 25 25 + }

+81

atproto/identity/directory.go

reviewed

··· 1 1 + package identity 2 2 + 3 3 + import ( 4 4 + "context" 5 5 + "errors" 6 6 + "net" 7 7 + "net/http" 8 8 + "time" 9 9 + 10 10 + "github.com/bluesky-social/indigo/atproto/syntax" 11 11 + ) 12 12 + 13 13 + // API for doing account lookups by DID or handle, with bi-directional verification handled automatically. Almost all atproto services and clients should use an implementation of this interface instead of resolving handles or DIDs separately 14 14 + // 15 15 + // Handles which fail to resolve, or don't match DID alsoKnownAs, are an error. DIDs which resolve but the handle does not resolve back to the DID return an Identity where the Handle is the special `handle.invalid` value. 16 16 + // 17 17 + // Some example implementations of this interface could be: 18 18 + // - basic direct resolution on every call 19 19 + // - local in-memory caching layer to reduce network hits 20 20 + // - API client, which just makes requests to PDS (or other remote service) 21 21 + // - client for shared network cache (eg, Redis) 22 22 + type Directory interface { 23 23 + LookupHandle(ctx context.Context, h syntax.Handle) (*Identity, error) 24 24 + LookupDID(ctx context.Context, d syntax.DID) (*Identity, error) 25 25 + Lookup(ctx context.Context, i syntax.AtIdentifier) (*Identity, error) 26 26 + 27 27 + // Flushes any cache of the indicated identifier. If directory is not using caching, can ignore this. 28 28 + Purge(ctx context.Context, i syntax.AtIdentifier) error 29 29 + } 30 30 + 31 31 + // Indicates that handle resolution failed. A wrapped error may provide more context. This is only returned when looking up a handle, not when looking up a DID. 32 32 + var ErrHandleResolutionFailed = errors.New("handle resolution failed") 33 33 + 34 34 + // Indicates that resolution process completed successfully, but handle does not exist. This is only returned when looking up a handle, not when looking up a DID. 35 35 + var ErrHandleNotFound = errors.New("handle not found") 36 36 + 37 37 + // Indicates that resolution process completed successfully, handle mapped to a different DID. This is only returned when looking up a handle, not when looking up a DID. 38 38 + var ErrHandleMismatch = errors.New("handle/DID mismatch") 39 39 + 40 40 + // Indicates that DID document did not include any handle ("alsoKnownAs"). This is only returned when looking up a handle, not when looking up a DID. 41 41 + var ErrHandleNotDeclared = errors.New("DID document did not declare a handle") 42 42 + 43 43 + // Handle top-level domain (TLD) is one of the special "Reserved" suffixes, and not allowed for atproto use 44 44 + var ErrHandleReservedTLD = errors.New("handle top-level domain is disallowed") 45 45 + 46 46 + // Indicates that resolution process completed successfully, but the DID does not exist. 47 47 + var ErrDIDNotFound = errors.New("DID not found") 48 48 + 49 49 + // Indicates that DID resolution process failed. A wrapped error may provide more context. 50 50 + var ErrDIDResolutionFailed = errors.New("DID resolution failed") 51 51 + 52 52 + // Indicates that DID document did not include a public key with the specified ID 53 53 + var ErrKeyNotDeclared = errors.New("DID document did not declare a relevant public key") 54 54 + 55 55 + var DefaultPLCURL = "https://plc.directory" 56 56 + 57 57 + // Returns a reasonable Directory implementation for applications 58 58 + func DefaultDirectory() Directory { 59 59 + base := BaseDirectory{ 60 60 + PLCURL: DefaultPLCURL, 61 61 + HTTPClient: http.Client{ 62 62 + Timeout: time.Second * 10, 63 63 + Transport: &http.Transport{ 64 64 + // would want this around 100ms for services doing lots of handle resolution. Impacts PLC connections as well, but not too bad. 65 65 + IdleConnTimeout: time.Millisecond * 1000, 66 66 + MaxIdleConns: 100, 67 67 + }, 68 68 + }, 69 69 + Resolver: net.Resolver{ 70 70 + Dial: func(ctx context.Context, network, address string) (net.Conn, error) { 71 71 + d := net.Dialer{Timeout: time.Second * 3} 72 72 + return d.DialContext(ctx, network, address) 73 73 + }, 74 74 + }, 75 75 + TryAuthoritativeDNS: true, 76 76 + // primary Bluesky PDS instance only supports HTTP resolution method 77 77 + SkipDNSDomainSuffixes: []string{".bsky.social"}, 78 78 + } 79 79 + cached := NewCacheDirectory(&base, 250_000, time.Hour*24, time.Minute*2, time.Minute*5) 80 80 + return &cached 81 81 + }

-75

atproto/identity/identity.go

reviewed

··· 1 1 package identity 2 2 3 3 import ( 4 4 - "context" 5 5 - "errors" 6 4 "fmt" 7 7 - "net" 8 8 - "net/http" 9 5 "net/url" 10 6 "strings" 11 11 - "time" 12 7 13 8 "github.com/bluesky-social/indigo/atproto/crypto" 14 9 "github.com/bluesky-social/indigo/atproto/syntax" 15 10 16 11 "github.com/mr-tron/base58" 17 12 ) 18 18 - 19 19 - // API for doing account lookups by DID or handle, with bi-directional verification handled automatically. Almost all atproto services and clients should use an implementation of this interface instead of resolving handles or DIDs separately 20 20 - // 21 21 - // Handles which fail to resolve, or don't match DID alsoKnownAs, are an error. DIDs which resolve but the handle does not resolve back to the DID return an Identity where the Handle is the special `handle.invalid` value. 22 22 - // 23 23 - // Some example implementations of this interface could be: 24 24 - // - basic direct resolution on every call 25 25 - // - local in-memory caching layer to reduce network hits 26 26 - // - API client, which just makes requests to PDS (or other remote service) 27 27 - // - client for shared network cache (eg, Redis) 28 28 - type Directory interface { 29 29 - LookupHandle(ctx context.Context, h syntax.Handle) (*Identity, error) 30 30 - LookupDID(ctx context.Context, d syntax.DID) (*Identity, error) 31 31 - Lookup(ctx context.Context, i syntax.AtIdentifier) (*Identity, error) 32 32 - 33 33 - // Flushes any cache of the indicated identifier. If directory is not using caching, can ignore this. 34 34 - Purge(ctx context.Context, i syntax.AtIdentifier) error 35 35 - } 36 36 - 37 37 - // Indicates that handle resolution failed. A wrapped error may provide more context. This is only returned when looking up a handle, not when looking up a DID. 38 38 - var ErrHandleResolutionFailed = errors.New("handle resolution failed") 39 39 - 40 40 - // Indicates that resolution process completed successfully, but handle does not exist. This is only returned when looking up a handle, not when looking up a DID. 41 41 - var ErrHandleNotFound = errors.New("handle not found") 42 42 - 43 43 - // Indicates that resolution process completed successfully, handle mapped to a different DID. This is only returned when looking up a handle, not when looking up a DID. 44 44 - var ErrHandleMismatch = errors.New("handle/DID mismatch") 45 45 - 46 46 - // Indicates that DID document did not include any handle ("alsoKnownAs"). This is only returned when looking up a handle, not when looking up a DID. 47 47 - var ErrHandleNotDeclared = errors.New("DID document did not declare a handle") 48 48 - 49 49 - // Handle top-level domain (TLD) is one of the special "Reserved" suffixes, and not allowed for atproto use 50 50 - var ErrHandleReservedTLD = errors.New("handle top-level domain is disallowed") 51 51 - 52 52 - // Indicates that resolution process completed successfully, but the DID does not exist. 53 53 - var ErrDIDNotFound = errors.New("DID not found") 54 54 - 55 55 - // Indicates that DID resolution process failed. A wrapped error may provide more context. 56 56 - var ErrDIDResolutionFailed = errors.New("DID resolution failed") 57 57 - 58 58 - // Indicates that DID document did not include a public key with the specified ID 59 59 - var ErrKeyNotDeclared = errors.New("DID document did not declare a relevant public key") 60 60 - 61 61 - var DefaultPLCURL = "https://plc.directory" 62 62 - 63 63 - // Returns a reasonable Directory implementation for applications 64 64 - func DefaultDirectory() Directory { 65 65 - base := BaseDirectory{ 66 66 - PLCURL: DefaultPLCURL, 67 67 - HTTPClient: http.Client{ 68 68 - Timeout: time.Second * 10, 69 69 - Transport: &http.Transport{ 70 70 - // would want this around 100ms for services doing lots of handle resolution. Impacts PLC connections as well, but not too bad. 71 71 - IdleConnTimeout: time.Millisecond * 1000, 72 72 - MaxIdleConns: 100, 73 73 - }, 74 74 - }, 75 75 - Resolver: net.Resolver{ 76 76 - Dial: func(ctx context.Context, network, address string) (net.Conn, error) { 77 77 - d := net.Dialer{Timeout: time.Second * 3} 78 78 - return d.DialContext(ctx, network, address) 79 79 - }, 80 80 - }, 81 81 - TryAuthoritativeDNS: true, 82 82 - // primary Bluesky PDS instance only supports HTTP resolution method 83 83 - SkipDNSDomainSuffixes: []string{".bsky.social"}, 84 84 - } 85 85 - cached := NewCacheDirectory(&base, 250_000, time.Hour*24, time.Minute*2, time.Minute*5) 86 86 - return &cached 87 87 - } 88 13 89 14 // Represents an atproto identity. Could be a regular user account, or a service account (eg, feed generator) 90 15 type Identity struct {