+30

atproto/client/password_auth.go

reviewed

··· 144 144 return nil 145 145 } 146 146 147 147 + func (a *PasswordAuth) Logout(ctx context.Context, c *http.Client) error { 148 148 + _, refreshToken := a.GetTokens() 149 149 + 150 150 + u := a.Session.Host + "/xrpc/com.atproto.server.deleteSession" 151 151 + req, err := http.NewRequestWithContext(ctx, http.MethodPost, u, nil) 152 152 + if err != nil { 153 153 + return err 154 154 + } 155 155 + // NOTE: could try to pull User-Agent from a request and pass that through to here 156 156 + req.Header.Set("User-Agent", "indigo-sdk") 157 157 + 158 158 + // NOTE: using refresh token here, not access token 159 159 + req.Header.Set("Authorization", "Bearer "+refreshToken) 160 160 + 161 161 + resp, err := c.Do(req) 162 162 + if err != nil { 163 163 + return err 164 164 + } 165 165 + defer resp.Body.Close() 166 166 + 167 167 + if !(resp.StatusCode >= 200 && resp.StatusCode < 300) { 168 168 + var eb ErrorBody 169 169 + if err := json.NewDecoder(resp.Body).Decode(&eb); err != nil { 170 170 + return &APIError{StatusCode: resp.StatusCode} 171 171 + } 172 172 + return eb.APIError(resp.StatusCode) 173 173 + } 174 174 + return nil 175 175 + } 176 176 + 147 177 func LoginWithPassword(ctx context.Context, dir identity.Directory, username syntax.AtIdentifier, password, authToken string) (*APIClient, error) { 148 178 149 179 ident, err := dir.Lookup(ctx, username)

+36

atproto/client/password_auth_test.go

reviewed

··· 37 37 "refreshJwt": "refresh2", 38 38 }) 39 39 return 40 40 + case "/xrpc/com.atproto.server.deleteSession": 41 41 + //fmt.Println("deleteSession handler...") 42 42 + hdr := r.Header.Get("Authorization") 43 43 + if hdr != "Bearer refresh1" { 44 44 + fmt.Printf("refreshSession header: %s\n", hdr) 45 45 + w.Header().Set("WWW-Authenticate", `Bearer`) 46 46 + http.Error(w, "Unauthorized", http.StatusUnauthorized) 47 47 + return 48 48 + } 49 49 + w.Header().Set("Content-Type", "application/json") 50 50 + return 40 51 case "/xrpc/com.atproto.server.createSession": 41 52 if !strings.HasPrefix(r.Header.Get("Content-Type"), "application/json") { 42 53 fmt.Println("createSession Content-Type") ··· 126 137 err = c.Get(ctx, syntax.NSID("com.example.get"), nil, nil) 127 138 assert.NoError(err) 128 139 err = c.Get(ctx, syntax.NSID("com.example.expire"), nil, nil) 140 140 + assert.NoError(err) 141 141 + } 142 142 + 143 143 + { 144 144 + c := ResumePasswordSession(PasswordSessionData{ 145 145 + AccessToken: "access1", 146 146 + RefreshToken: "refresh1", 147 147 + AccountDID: syntax.DID("did:web:account.example.com"), 148 148 + Host: srv.URL, 149 149 + }) 150 150 + 151 151 + err := c.Get(ctx, syntax.NSID("com.example.get"), nil, nil) 152 152 + assert.NoError(err) 153 153 + err = c.Get(ctx, syntax.NSID("com.example.expire"), nil, nil) 154 154 + assert.NoError(err) 155 155 + } 156 156 + 157 157 + { 158 158 + // logout 159 159 + c, err := LoginWithPassword(ctx, &dir, syntax.Handle("user1.example.com").AtIdentifier(), "password1", "") 160 160 + require.NoError(err) 161 161 + 162 162 + passAuth, ok := c.Auth.(*PasswordAuth) 163 163 + require.True(ok) 164 164 + err = passAuth.Logout(ctx, c.Client) 129 165 assert.NoError(err) 130 166 } 131 167