alice.mosphere.at / indigo
this repo has no description
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

codespell

bryan newbold b86def38 2656b10d

+7 -7
+3 -3
atproto/auth/oauth/doc.go
··· 9 9 - PAR client submission 10 10 - both public and confidential clients, with support for signed client attestations in the later case 11 11 12 - Most OAuth client applications will use the high-level [ClientApp] and supporting interfaces to manage session logins, persistance, and token refreshes. Lower-level components are designed to be used in isolation if needed. 12 + Most OAuth client applications will use the high-level [ClientApp] and supporting interfaces to manage session logins, persistence, and token refreshes. Lower-level components are designed to be used in isolation if needed. 13 13 14 14 This package does not contain supporting code for atproto permissions or permission sets. It treats scopes as simple strings. 15 15 ··· 38 38 39 39 For a real service, you would want to use a database or other peristant storage instead of [MemStore]. Otherwise all user sessions are dropped every time the process restarts. 40 40 41 - The client metadata document needs to be served at the URL indicated by the `client_id`. This can be done statically, or dynamically generated and served from the configuation: 41 + The client metadata document needs to be served at the URL indicated by the `client_id`. This can be done statically, or dynamically generated and served from the configuration: 42 42 43 43 http.HandleFunc("GET /client-metadata.json", HandleClientMetadata) 44 44 ··· 68 68 http.Redirect(w, r, redirectURL, http.StatusFound) 69 69 } 70 70 71 - The service then waits for a callback request on the configured endpoint. The [ProcessCallback()] method will load the earlier request metadata from the [OAuthStore], send an initial token request to the auth server, and validate that the session is consistent with the identifier from the begining of the login flow. 71 + The service then waits for a callback request on the configured endpoint. The [ProcessCallback()] method will load the earlier request metadata from the [OAuthStore], send an initial token request to the auth server, and validate that the session is consistent with the identifier from the beginning of the login flow. 72 72 73 73 http.HandleFunc("GET /oauth/callback", HandleOAuthCallback) 74 74
+1 -1
atproto/auth/oauth/oauth.go
··· 86 86 return c 87 87 } 88 88 89 - // Creats a basic [ClientConfig] for use with localhost developmnet. Such a client is always public (non-confidential). 89 + // Creates a basic [ClientConfig] for use with localhost developmnet. Such a client is always public (non-confidential). 90 90 // 91 91 // The "scopes" array must include "atproto". 92 92 func NewLocalhostConfig(callbackURL string, scopes []string) ClientConfig {
+1 -1
atproto/auth/oauth/session.go
··· 24 24 25 25 // Persisted information about an OAuth session. Used to resume an active session. 26 26 type ClientSessionData struct { 27 - // Account DID for this session. Assuming only one active session per account, this can be used as "primary key" for storing and retrieving this infromation. 27 + // Account DID for this session. Assuming only one active session per account, this can be used as "primary key" for storing and retrieving this information. 28 28 AccountDID syntax.DID `json:"account_did"` 29 29 30 30 // Identifier to distinguish this particular session for the account. Server backends generally support multiple sessions for the same account. This package will re-use the random 'state' token from the auth flow as the session ID.
+1 -1
atproto/auth/oauth/store.go
··· 8 8 9 9 // Interface for persisting session data and auth request data, required as part of an OAuth client app. 10 10 // 11 - // This interface supports multiple sessions for a single account (DID). This is helpful for traditional web app backends where a single user might log in and have concurrent sessions from mutiple browsers/devices. For situations where multiple sessions are not required, implementations of this interface could ignore the `sessionID` parameters, though this could result in clobbering of active sessions. 11 + // This interface supports multiple sessions for a single account (DID). This is helpful for traditional web app backends where a single user might log in and have concurrent sessions from multiple browsers/devices. For situations where multiple sessions are not required, implementations of this interface could ignore the `sessionID` parameters, though this could result in clobbering of active sessions. 12 12 // 13 13 // For authorization-only (authn-only) applications, the `SaveSession()` method could be a no-op. 14 14 //
+1 -1
atproto/auth/oauth/types.go
··· 388 388 ClientAssertion *string `url:"client_assertion"` 389 389 } 390 390 391 - // Expected respose from Auth Server token endpoint, both for initial token request and for refresh requests. 391 + // Expected response from Auth Server token endpoint, both for initial token request and for refresh requests. 392 392 type TokenResponse struct { 393 393 Subject string `json:"sub"` 394 394