alice.mosphere.at / indigo
this repo has no description
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

address some review comments (thanks haileyok)

bryan newbold ff165f35 e08116ce

+6 -11
+1 -1
atproto/auth/oauth/doc.go
··· 51 51 } 52 52 } 53 53 54 - The login auth flow starts with a user identifier, which could be an atproto handle, DID, or an auth server URL (eg, a PDS). The high-level [StartAuthFlow()] method will resolve the identifier, send an auth request (PAR) to the server, persist request metadata in the [OAuthStore], and return a redirect URL for the user to visit: 54 + The login auth flow starts with a user identifier, which could be an atproto handle, DID, or an auth server URL (eg, a PDS). The high-level [StartAuthFlow()] method will resolve the identifier, send an auth request (PAR) to the server, persist request metadata in the [OAuthStore], and return a redirect URL for the user to visit (usually the PDS): 55 55 56 56 http.HandleFunc("GET /oauth/login", HandleLogin) 57 57
+1 -7
atproto/auth/oauth/resolver.go
··· 4 4 "context" 5 5 "encoding/json" 6 6 "fmt" 7 - "io" 8 7 "net/http" 9 8 "net/url" 10 9 "time" ··· 66 65 return "", fmt.Errorf("HTTP error fetching protected resource document: %d", resp.StatusCode) 67 66 } 68 67 69 - respBytes, err := io.ReadAll(resp.Body) 70 - if err != nil { 71 - return "", err 72 - } 73 - 74 68 var body ProtectedResourceMetadata 75 - if err := json.Unmarshal(respBytes, &body); err != nil { 69 + if err := json.NewDecoder(resp.Body).Decode(&body); err != nil { 76 70 return "", fmt.Errorf("invalid protected resource document: %w", err) 77 71 } 78 72 if len(body.AuthorizationServers) < 1 {
+1
atproto/auth/oauth/session.go
··· 134 134 return "", fmt.Errorf("token refresh failed: HTTP %d", resp.StatusCode) 135 135 } else if errResp["error"] != "use_dpop_nonce" { 136 136 slog.Warn("token refresh failed", "authServer", tokenURL, "body", errResp, "statusCode", resp.StatusCode) 137 + resp.Body.Close() 137 138 return "", fmt.Errorf("token refresh failed: %s", errResp["error"]) 138 139 } 139 140
+3 -3
atproto/auth/oauth/types.go
··· 165 165 // must include authorization_code and refresh_token (refresh tokens must be supported) 166 166 GrantTypesSupported []string `json:"grant_types_supported"` 167 167 168 - /// must include S256 168 + // must include S256 169 169 CodeChallengeMethodsSupported []string `json:"code_challenge_methods_supported"` 170 170 171 - // must include both none (public client s) and private_key_jwt (confidential clients) 171 + // must include both none (public clients) and private_key_jwt (confidential clients) 172 172 TokenEndpointAuthMethodsSupoorted []string `json:"token_endpoint_auth_methods_supported"` 173 173 174 174 // must not include `none`. Must include ES256 for now. ··· 183 183 // must be true 184 184 RequirePushedAuthorizationRequests bool `json:"require_pushed_authorization_requests"` 185 185 186 - // correspnds be the PAR endpoint URL 186 + // corresponds to the PAR endpoint URL 187 187 PushedAuthorizationRequestEndpoint string `json:"pushed_authorization_request_endpoint"` 188 188 189 189 // currently must include ES256