+290

CLAUDE.md

reviewed

··· 1 1 + # Paperbnd KOReader Plugin 2 2 + 3 3 + A KOReader plugin for syncing reading progress to an AT Protocol PDS using the Popfeed List Item lexicon. 4 4 + 5 5 + ## Overview 6 6 + 7 7 + Paperbnd allows KOReader users to sync their reading progress to their AT Protocol Personal Data Server (PDS) via the Popfeed social reading platform. The plugin tracks page progress and synchronizes it with existing Popfeed book entries. 8 8 + 9 9 + ## Architecture 10 10 + 11 11 + The plugin consists of two main components: 12 12 + 13 13 + ### 1. XRPC Client (`xrpc.lua`) 14 14 + 15 15 + A dedicated module for AT Protocol/XRPC communication that handles: 16 16 + 17 17 + - **Generic XRPC method invocation** with support for GET and POST requests 18 18 + - **PDS resolution** via the Slingshot service (Microcosm) 19 19 + - **Advanced session management** with multi-level token renewal and automatic retry 20 20 + - **Authentication** using handle and app password 21 21 + - **Record operations** (list, get, put) for AT Protocol collections 22 22 + 23 23 + **Key Features:** 24 24 + - Table-based parameters for flexibility (method, params, body, pds, skip_renewal) 25 25 + - Multi-level session renewal: refresh token → app password fallback → automatic retry 26 26 + - Session validation on plugin startup to proactively renew expired tokens 27 27 + - Authorization headers only on POST requests (GET requests never authenticated) 28 28 + - Callback support for persisting refreshed tokens to plugin settings 29 29 + - Handles both 401 and 400 "expired" errors as authentication failures 30 30 + - Prevents infinite recursion during renewal with `skip_renewal` flag 31 31 + 32 32 + ### 2. Main Plugin (`main.lua`) 33 33 + 34 34 + The primary plugin file that integrates with KOReader: 35 35 + 36 36 + - **Settings management** with persistent storage of credentials and book mappings 37 37 + - **Authentication flow** with two-step credential input (handle, then app password) 38 38 + - **Book linking** allows users to select from their existing Popfeed list items 39 39 + - **Progress sync** tracks current page, total pages, and percentage 40 40 + - **Document hooks** for automatic sync on document close 41 41 + - **Menu integration** with conditional menu items based on authentication state 42 42 + 43 43 + ## User Workflow 44 44 + 45 45 + 1. **Set Credentials**: User enters their AT Protocol handle and app password 46 46 + - Plugin resolves PDS URL via Slingshot service 47 47 + - Creates session and stores access/refresh tokens 48 48 + 49 49 + 2. **Link Book**: User selects current document and links it to an existing Popfeed book 50 50 + - Fetches user's list items from their PDS 51 51 + - Filters for books only 52 52 + - Stores mapping between document path and list item rkey 53 53 + 54 54 + 3. **Sync Progress**: Reading progress is synchronized automatically 55 55 + - Updates `bookProgress` field with current page, total pages, and percentage 56 56 + - Updates `listType` to "currently_reading_books" if needed 57 57 + - Can be triggered manually or automatically on document close 58 58 + 59 59 + 4. **Session Management**: Tokens are automatically renewed with multi-level fallback 60 60 + - Session validated at plugin startup to ensure fresh tokens 61 61 + - Authentication errors (401 or 400 "expired") trigger automatic renewal 62 62 + - First attempts refresh with refresh token 63 63 + - Falls back to creating new session with app password if refresh token expired 64 64 + - Original request automatically retried after successful renewal 65 65 + - New tokens saved to settings transparently via callback 66 66 + - No user intervention required at any point 67 67 + 68 68 + ## Technical Details 69 69 + 70 70 + ### Lexicons Used 71 71 + 72 72 + - `social.popfeed.feed.listItem` - Individual book entries with progress tracking 73 73 + - `social.popfeed.feed.list` - Reading lists (e.g., "currently_reading_books") 74 74 + - `com.atproto.server.createSession` - Initial authentication 75 75 + - `com.atproto.server.refreshSession` - Token refresh 76 76 + - `com.atproto.repo.listRecords` - Fetch book collections 77 77 + - `com.atproto.repo.getRecord` - Fetch individual book records 78 78 + - `com.atproto.repo.putRecord` - Update book records with progress 79 79 + 80 80 + ### Data Storage 81 81 + 82 82 + Settings are persisted in `paperbnd.lua` within KOReader's settings directory: 83 83 + - Handle and app password 84 84 + - PDS URL 85 85 + - Access and refresh tokens 86 86 + - User DID (Decentralized Identifier) 87 87 + - Document-to-listItem mappings (document path -> {rkey, title, author}) 88 88 + 89 89 + ### Book Progress Format 90 90 + 91 91 + ```lua 92 92 + bookProgress = { 93 93 + status = "in_progress", 94 94 + percent = 42, -- Calculated percentage 95 95 + currentPage = 150, -- From KOReader document stats 96 96 + totalPages = 357, -- From KOReader document stats 97 97 + updatedAt = "2025-10-20T14:30:00.000Z" -- ISO 8601 timestamp 98 98 + } 99 99 + ``` 100 100 + 101 101 + ## Design Decisions 102 102 + 103 103 + ### Simplicity First 104 104 + - Single-file XRPC client for clean separation of concerns 105 105 + - No future feature speculation - only implemented what's needed 106 106 + - Direct and straightforward code without unnecessary abstractions 107 107 + 108 108 + ### User Book Selection 109 109 + Rather than attempting to match books by ISBN or title, users manually link documents to existing Popfeed list items. This approach: 110 110 + - Avoids complex ISBN DB API integration 111 111 + - Ensures accuracy (user confirms the correct book) 112 112 + - Works with any book format supported by KOReader 113 113 + - Leverages existing Popfeed records as the source of truth 114 114 + 115 115 + ### Advanced Session Management 116 116 + The plugin implements a sophisticated multi-level session management system: 117 117 + 118 118 + **Automatic Renewal Flow:** 119 119 + 1. Authentication error detected (401 or 400 "expired") 120 120 + 2. Attempt to refresh using refresh token 121 121 + 3. If refresh token expired, create new session with stored app password 122 122 + 4. If renewal successful, retry the original request automatically 123 123 + 5. Save new tokens to persistent storage via callback 124 124 + 125 125 + **Session Validation:** 126 126 + - Session checked at plugin startup 127 127 + - Proactively renews expired tokens before user operations 128 128 + - Prevents mid-operation authentication failures 129 129 + 130 130 + **Benefits:** 131 131 + - No manual "Refresh Session" button needed 132 132 + - Tokens can expire for weeks without user intervention 133 133 + - Original requests automatically retried after renewal 134 134 + - Seamless user experience without interruptions 135 135 + - Callback mechanism keeps plugin and XRPC client in sync 136 136 + 137 137 + ### Authentication Strategy 138 138 + - Uses Slingshot service to resolve PDS from handle (no manual PDS entry) 139 139 + - App passwords for security (no main account passwords stored) 140 140 + - Refresh tokens enable long-lived sessions without re-authentication 141 141 + 142 142 + ## Implementation Notes 143 143 + 144 144 + ### Reference Implementation 145 145 + Built by studying the ReadwiseReader KOReader plugin for: 146 146 + - Plugin structure and initialization patterns 147 147 + - UI component creation (menus, dialogs, input forms) 148 148 + - HTTP request handling with `socket.http` and `ltn12` 149 149 + - JSON encoding/decoding with `rapidjson` 150 150 + - Settings persistence with `LuaSettings` 151 151 + - Document metadata access and event hooks 152 152 + 153 153 + ### AT Protocol Specifics 154 154 + - GET requests never require authentication headers 155 155 + - POST requests use Bearer token authentication 156 156 + - Refresh tokens are used as access tokens for the refresh endpoint 157 157 + - Both access and refresh tokens are rotated on each refresh 158 158 + - Session validation uses `com.atproto.server.getSession` endpoint 159 159 + - Authentication errors can return 401 or 400 with "expired" message 160 160 + 161 161 + ### Error Handling 162 162 + - User-friendly error messages via `InfoMessage` widgets 163 163 + - Graceful degradation when operations fail 164 164 + - Network errors handled with appropriate fallbacks 165 165 + 166 166 + ## Code Quality Assessment 167 167 + 168 168 + **Current State (January 2025):** 169 169 + 170 170 + The codebase is well-structured and production-ready with the following characteristics: 171 171 + 172 172 + **Strengths:** 173 173 + - Clean separation of concerns (XRPC client vs. plugin logic) 174 174 + - Comprehensive error handling with user-friendly messages 175 175 + - Robust session management with multiple fallback mechanisms 176 176 + - Proper state synchronization between components via callbacks 177 177 + - No memory leaks or blocking operations 178 178 + - Defensive programming with validation at critical points 179 179 + - Clear function naming and logical organization 180 180 + 181 181 + **Architecture:** 182 182 + - **XRPC Client (299 lines)**: Self-contained networking layer with 11 public methods 183 183 + - **Main Plugin (447 lines)**: UI integration with 17 public methods 184 184 + - **Metadata (5 lines)**: KOReader plugin manifest 185 185 + - **Total**: ~750 lines of well-documented Lua code 186 186 + 187 187 + **Known Limitations:** 188 188 + - One TODO at `main.lua:415` for updating `listUri` when changing reading status 189 189 + - Session validation at startup runs synchronously (could be async but startup is fast enough) 190 190 + - No retry logic for network failures (only authentication failures) 191 191 + - No offline queuing (by design, for simplicity) 192 192 + 193 193 + **Testing Considerations:** 194 194 + - Manual testing required (KOReader plugin environment) 195 195 + - Test scenarios: expired access token, expired refresh token, network errors 196 196 + - Edge cases: malformed responses, missing credentials, unlinked books 197 197 + 198 198 + ## Future Enhancements (Not Implemented) 199 199 + 200 200 + Potential features intentionally left out for simplicity: 201 201 + - Automatic book detection via ISBN 202 202 + - Batch syncing multiple books 203 203 + - Conflict resolution for concurrent edits 204 204 + - Offline queue for syncing when network unavailable 205 205 + - Automatic list URI updates when changing reading status (see TODO in code) 206 206 + - Retry logic for transient network failures 207 207 + - Progress indicators for long-running operations 208 208 + 209 209 + ## Files 210 210 + 211 211 + - `main.lua` - Main plugin with UI and KOReader integration 212 212 + - `xrpc.lua` - XRPC client for AT Protocol communication 213 213 + - `CLAUDE.md` - This documentation file 214 214 + 215 215 + ## Session Management Implementation Details 216 216 + 217 217 + The advanced session management system is the core reliability feature of this plugin: 218 218 + 219 219 + ### XRPCClient Methods (xrpc.lua) 220 220 + 221 221 + **`validateSession()`** (`xrpc.lua:229-242`) 222 222 + - Makes lightweight test request to verify token validity 223 223 + - Returns boolean success status 224 224 + - Uses `skip_renewal` flag to prevent recursion 225 225 + - Called at plugin startup to proactively renew tokens 226 226 + 227 227 + **`refreshSession()`** (`xrpc.lua:245-277`) 228 228 + - Swaps access token with refresh token temporarily 229 229 + - Calls `com.atproto.server.refreshSession` endpoint 230 230 + - Restores old token on failure 231 231 + - Notifies plugin of new tokens via callback 232 232 + - Returns new session or error 233 233 + 234 234 + **`renewSession()`** (`xrpc.lua:280-303`) 235 235 + - Multi-level fallback coordinator 236 236 + - Level 1: Attempts `refreshSession()` 237 237 + - Level 2: Falls back to `createSession()` with app password 238 238 + - Returns boolean success and error message 239 239 + - Central method called by `call()` on auth errors 240 240 + 241 241 + **`call()`** (`xrpc.lua:52-176`) 242 242 + - Generic XRPC request handler 243 243 + - Detects auth errors (401 or 400 "expired") 244 244 + - Calls `renewSession()` on auth failure 245 245 + - Rebuilds request with new authorization header 246 246 + - Retries original request after successful renewal 247 247 + - Single point of entry for all XRPC operations 248 248 + 249 249 + ### Main Plugin Integration (main.lua) 250 250 + 251 251 + **Initialization** (`main.lua:17-51`) 252 252 + - Loads credentials from persistent storage 253 253 + - Configures XRPC client with tokens and app password 254 254 + - Sets callback for automatic token persistence 255 255 + - Triggers startup session validation 256 256 + 257 257 + **Token Callback** (`main.lua:64-68`) 258 258 + - Receives new tokens from XRPC client 259 259 + - Saves to plugin settings immediately 260 260 + - Ensures credentials never get out of sync 261 261 + 262 262 + **Startup Validation** (`main.lua:70-80`) 263 263 + - Runs `validateSession()` when plugin loads 264 264 + - Silent operation (no user-visible errors) 265 265 + - Ensures tokens are fresh before first use 266 266 + 267 267 + ### Flow Example 268 268 + 269 269 + User syncs progress with expired access token: 270 270 + 1. `syncProgress()` calls `xrpc:putRecord()` 271 271 + 2. `putRecord()` calls `call()` with POST body 272 272 + 3. Server returns 401 Unauthorized 273 273 + 4. `call()` detects auth error, calls `renewSession()` 274 274 + 5. `renewSession()` tries `refreshSession()` 275 275 + 6. If refresh token valid: new tokens received, callback fired 276 276 + 7. If refresh token expired: `createSession()` with app password 277 277 + 8. `call()` rebuilds request with new access token 278 278 + 9. `call()` retries POST request 279 279 + 10. Request succeeds, progress synced 280 280 + 11. User sees success message, unaware of token renewal 281 281 + 282 282 + ## Development 283 283 + 284 284 + The plugin was developed collaboratively with Claude (Anthropic's AI assistant) with these priorities: 285 285 + - Clean, readable code 286 286 + - Comprehensive error handling 287 287 + - User experience focused on simplicity 288 288 + - No emojis in documentation or messages 289 289 + - Direct communication style in code comments 290 290 + - Proactive reliability through startup validation

+36

README.md

reviewed

··· 1 1 + # paperbnd.koplugin 2 2 + 3 3 + A [KOReader] plugin for syncing your reading progress to [Paperbnd]/[Popfeed]. 4 4 + 5 5 + This plugin associates a document in KOReader with a 6 6 + `social.popfeed.feed.listItem` record in your Atproto PDS, and then enables 7 7 + you to update that record with your reading progress at the press of a button. 8 8 + 9 9 + Some limitations: 10 10 + 11 11 + - [ ] Progress is only updated when you close the document or press "Sync progress now" 12 12 + - [ ] Books must already be in a `currently_reading_books` list 13 13 + - [ ] Books must be added to your account from the Paperbnd website or Popfeed website/app before they can be linked 14 14 + - [ ] There is no offline queueing; updates while offline will error 15 15 + 16 16 + ## Installation 17 17 + 18 18 + 1. Download/clone this repository 19 19 + 2. Drag the `paperbnd.koplugin` folder into your KOReader plugins directory 20 20 + 3. Restart KOReader 21 21 + 22 22 + ## Usage 23 23 + 24 24 + 1. Create an App Password wherever your Atproto account is managed (Bluesky, Tangled, elsewhere) 25 25 + 2. Open the KOReader menu 26 26 + 3. Navigate to the second page of the first tab 27 27 + 4. Select the "Paperbnd" option 28 28 + 5. Select "Set credentials" 29 29 + 6. Enter your Handle and App Password when prompted 30 30 + 7. Select "Link current book" 31 31 + 8. Select your book from the list 32 32 + 9. From the Paperbnd menu, select "Sync progress now" 33 33 + 34 34 + [Paperbnd]: https://paperbnd.club/ 35 35 + [Popfeed]: https://popfeed.social/ 36 36 + [KOReader]: https://koreader.rocks/

+6

_meta.lua

reviewed

··· 1 1 + local _ = require("gettext") 2 2 + return { 3 3 + name = "paperbnd", 4 4 + fullname = _("Paperbnd"), 5 5 + description = _([[Synchronize reading progress to Paperbnd]]), 6 6 + }

+446

main.lua

reviewed

··· 1 1 + local DataStorage = require("datastorage") 2 2 + local InfoMessage = require("ui/widget/infomessage") 3 3 + local InputDialog = require("ui/widget/inputdialog") 4 4 + local LuaSettings = require("luasettings") 5 5 + local UIManager = require("ui/uimanager") 6 6 + local WidgetContainer = require("ui/widget/container/widgetcontainer") 7 7 + local _ = require("gettext") 8 8 + local T = require("ffi/util").template 9 9 + 10 10 + local XRPCClient = require("xrpc") 11 11 + 12 12 + local Paperbnd = WidgetContainer:extend { 13 13 + name = "paperbnd", 14 14 + is_doc_only = false, 15 15 + } 16 16 + 17 17 + function Paperbnd:init() 18 18 + self.ui.menu:registerToMainMenu(self) 19 19 + 20 20 + -- Load settings 21 21 + self.settings = LuaSettings:open(DataStorage:getSettingsDir() .. "/paperbnd.lua") 22 22 + self.handle = self.settings:readSetting("handle") 23 23 + self.app_password = self.settings:readSetting("app_password") 24 24 + self.pds_url = self.settings:readSetting("pds_url") 25 25 + self.access_token = self.settings:readSetting("access_token") 26 26 + self.refresh_token = self.settings:readSetting("refresh_token") 27 27 + self.did = self.settings:readSetting("did") 28 28 + self.document_mappings = self.settings:readSetting("document_mappings") or {} 29 29 + 30 30 + -- Initialize XRPC client 31 31 + self.xrpc = XRPCClient:new() 32 32 + if self.pds_url then 33 33 + self.xrpc:setPDS(self.pds_url) 34 34 + end 35 35 + if self.access_token then 36 36 + self.xrpc:setAuth(self.access_token, self.refresh_token) 37 37 + end 38 38 + if self.handle and self.app_password then 39 39 + self.xrpc:setCredentials(self.handle, self.app_password) 40 40 + end 41 41 + 42 42 + -- Set up callback for credential updates 43 43 + self.xrpc:setCredentialsCallback(function(access_token, refresh_token) 44 44 + self:onTokenRefresh(access_token, refresh_token) 45 45 + end) 46 46 + 47 47 + -- Validate session at startup if we have credentials 48 48 + if self:isAuthenticated() then 49 49 + self:validateSessionAtStartup() 50 50 + end 51 51 + end 52 52 + 53 53 + function Paperbnd:saveSettings() 54 54 + self.settings:saveSetting("handle", self.handle) 55 55 + self.settings:saveSetting("app_password", self.app_password) 56 56 + self.settings:saveSetting("pds_url", self.pds_url) 57 57 + self.settings:saveSetting("access_token", self.access_token) 58 58 + self.settings:saveSetting("refresh_token", self.refresh_token) 59 59 + self.settings:saveSetting("did", self.did) 60 60 + self.settings:saveSetting("document_mappings", self.document_mappings) 61 61 + self.settings:flush() 62 62 + end 63 63 + 64 64 + function Paperbnd:onTokenRefresh(access_token, refresh_token) 65 65 + self.access_token = access_token 66 66 + self.refresh_token = refresh_token 67 67 + self:saveSettings() 68 68 + end 69 69 + 70 70 + function Paperbnd:validateSessionAtStartup() 71 71 + -- Validate session asynchronously to avoid blocking plugin startup 72 72 + -- This will trigger automatic renewal if the session is expired 73 73 + local valid, err = self.xrpc:validateSession() 74 74 + 75 75 + if not valid then 76 76 + -- Session validation failed, but renewSession will be called 77 77 + -- automatically on the next authenticated request 78 78 + -- No need to show error to user at startup 79 79 + end 80 80 + end 81 81 + 82 82 + function Paperbnd:addToMainMenu(menu_items) 83 83 + menu_items.paperbnd = { 84 84 + text = _("Paperbnd"), 85 85 + sub_item_table = { 86 86 + { 87 87 + text = _("Set credentials"), 88 88 + keep_menu_open = true, 89 89 + callback = function() 90 90 + self:setCredentials() 91 91 + end, 92 92 + }, 93 93 + { 94 94 + text = _("Link current book"), 95 95 + enabled_func = function() 96 96 + return self:isAuthenticated() and self.ui.document ~= nil 97 97 + end, 98 98 + callback = function() 99 99 + self:linkCurrentBook() 100 100 + end, 101 101 + }, 102 102 + { 103 103 + text = _("Sync progress now"), 104 104 + enabled_func = function() 105 105 + return self:isAuthenticated() and self:isCurrentBookLinked() 106 106 + end, 107 107 + callback = function() 108 108 + self:syncProgress() 109 109 + end, 110 110 + }, 111 111 + { 112 112 + text = _("Unlink current book"), 113 113 + enabled_func = function() 114 114 + return self:isCurrentBookLinked() 115 115 + end, 116 116 + callback = function() 117 117 + self:unlinkCurrentBook() 118 118 + end, 119 119 + }, 120 120 + }, 121 121 + } 122 122 + end 123 123 + 124 124 + function Paperbnd:isAuthenticated() 125 125 + return self.handle ~= nil and self.access_token ~= nil and self.did ~= nil 126 126 + end 127 127 + 128 128 + function Paperbnd:getCurrentDocumentPath() 129 129 + if self.ui.document then 130 130 + return self.ui.document.file 131 131 + end 132 132 + return nil 133 133 + end 134 134 + 135 135 + function Paperbnd:isCurrentBookLinked() 136 136 + local doc_path = self:getCurrentDocumentPath() 137 137 + return doc_path ~= nil and self.document_mappings[doc_path] ~= nil 138 138 + end 139 139 + 140 140 + function Paperbnd:setCredentials() 141 141 + local handle_input 142 142 + handle_input = InputDialog:new { 143 143 + title = _("Enter your handle"), 144 144 + input = self.handle or "", 145 145 + buttons = { 146 146 + { 147 147 + { 148 148 + text = _("Cancel"), 149 149 + callback = function() 150 150 + UIManager:close(handle_input) 151 151 + end, 152 152 + }, 153 153 + { 154 154 + text = _("Next"), 155 155 + is_enter_default = true, 156 156 + callback = function() 157 157 + local handle = handle_input:getInputText() 158 158 + UIManager:close(handle_input) 159 159 + 160 160 + if handle and handle ~= "" then 161 161 + self:setAppPassword(handle) 162 162 + end 163 163 + end, 164 164 + }, 165 165 + }, 166 166 + }, 167 167 + } 168 168 + UIManager:show(handle_input) 169 169 + handle_input:onShowKeyboard() 170 170 + end 171 171 + 172 172 + function Paperbnd:setAppPassword(handle) 173 173 + local password_input 174 174 + password_input = InputDialog:new { 175 175 + title = _("Enter your app password"), 176 176 + input = self.app_password or "", 177 177 + text_type = "password", 178 178 + buttons = { 179 179 + { 180 180 + { 181 181 + text = _("Cancel"), 182 182 + callback = function() 183 183 + UIManager:close(password_input) 184 184 + end, 185 185 + }, 186 186 + { 187 187 + text = _("Login"), 188 188 + is_enter_default = true, 189 189 + callback = function() 190 190 + local password = password_input:getInputText() 191 191 + UIManager:close(password_input) 192 192 + 193 193 + if password and password ~= "" then 194 194 + self:authenticate(handle, password) 195 195 + end 196 196 + end, 197 197 + }, 198 198 + }, 199 199 + }, 200 200 + } 201 201 + UIManager:show(password_input) 202 202 + password_input:onShowKeyboard() 203 203 + end 204 204 + 205 205 + function Paperbnd:authenticate(handle, password) 206 206 + UIManager:show(InfoMessage:new { 207 207 + text = _("Authenticating..."), 208 208 + timeout = 1, 209 209 + }) 210 210 + 211 211 + -- Resolve PDS 212 212 + local pds_url, err = self.xrpc:resolvePDS(handle) 213 213 + if err then 214 214 + UIManager:show(InfoMessage:new { 215 215 + text = T(_("Failed to resolve PDS: %1"), err), 216 216 + }) 217 217 + return 218 218 + end 219 219 + 220 220 + self.pds_url = pds_url 221 221 + self.xrpc:setPDS(pds_url) 222 222 + 223 223 + -- Create session 224 224 + local session, err = self.xrpc:createSession(handle, password) 225 225 + if err then 226 226 + UIManager:show(InfoMessage:new { 227 227 + text = T(_("Authentication failed: %1"), err), 228 228 + }) 229 229 + return 230 230 + end 231 231 + 232 232 + self.handle = handle 233 233 + self.app_password = password 234 234 + self.access_token = session.accessJwt 235 235 + self.refresh_token = session.refreshJwt 236 236 + self.did = session.did 237 237 + 238 238 + -- Store credentials in XRPC client for automatic session renewal 239 239 + self.xrpc:setCredentials(handle, password) 240 240 + 241 241 + self:saveSettings() 242 242 + 243 243 + UIManager:show(InfoMessage:new { 244 244 + text = _("Authentication successful!"), 245 245 + }) 246 246 + end 247 247 + 248 248 + function Paperbnd:linkCurrentBook() 249 249 + if not self:isAuthenticated() then 250 250 + UIManager:show(InfoMessage:new { 251 251 + text = _("Please set credentials first"), 252 252 + }) 253 253 + return 254 254 + end 255 255 + 256 256 + UIManager:show(InfoMessage:new { 257 257 + text = _("Fetching your books..."), 258 258 + timeout = 1, 259 259 + }) 260 260 + 261 261 + -- Fetch list items 262 262 + local response, err = self.xrpc:listRecords( 263 263 + self.did, 264 264 + "social.popfeed.feed.listItem", 265 265 + 100, 266 266 + nil 267 267 + ) 268 268 + 269 269 + if err then 270 270 + UIManager:show(InfoMessage:new { 271 271 + text = T(_("Failed to fetch books: %1"), err), 272 272 + }) 273 273 + return 274 274 + end 275 275 + 276 276 + 277 277 + if not response.records or #response.records == 0 then 278 278 + UIManager:show(InfoMessage:new { 279 279 + text = _("No books found in your account"), 280 280 + }) 281 281 + return 282 282 + end 283 283 + 284 284 + -- Filter for books only 285 285 + local books = {} 286 286 + for _, record in ipairs(response.records) do 287 287 + if record.value and record.value.creativeWorkType == "book" and record.value.listType == "currently_reading_books" then 288 288 + table.insert(books, { 289 289 + title = record.value.title or "Unknown", 290 290 + author = record.value.mainCredit or "Unknown", 291 291 + rkey = record.uri:match("([^/]+)$"), 292 292 + record = record.value, 293 293 + }) 294 294 + end 295 295 + end 296 296 + 297 297 + 298 298 + if #books == 0 then 299 299 + UIManager:show(InfoMessage:new { 300 300 + text = _("No books found in your account"), 301 301 + }) 302 302 + return 303 303 + end 304 304 + 305 305 + -- Show selection dialog 306 306 + self:showBookSelectionDialog(books) 307 307 + end 308 308 + 309 309 + function Paperbnd:showBookSelectionDialog(books) 310 310 + local Menu = require("ui/widget/menu") 311 311 + local Screen = require("device").screen 312 312 + 313 313 + local items = {} 314 314 + for _, book in ipairs(books) do 315 315 + table.insert(items, { 316 316 + text = book.title, 317 317 + subtitle = book.author, 318 318 + book = book, 319 319 + }) 320 320 + end 321 321 + 322 322 + local book_menu = Menu:new { 323 323 + title = _("Select a book"), 324 324 + item_table = items, 325 325 + width = Screen:getWidth() - Screen:scaleBySize(100), 326 326 + height = Screen:getHeight() - Screen:scaleBySize(100), 327 327 + fullscreen = true, 328 328 + single_line = false, 329 329 + onMenuSelect = function(menu, item) 330 330 + self:confirmLinkBook(item.book) 331 331 + end, 332 332 + } 333 333 + 334 334 + UIManager:show(book_menu) 335 335 + end 336 336 + 337 337 + function Paperbnd:confirmLinkBook(book) 338 338 + local doc_path = self:getCurrentDocumentPath() 339 339 + if not doc_path then 340 340 + return 341 341 + end 342 342 + 343 343 + self.document_mappings[doc_path] = { 344 344 + rkey = book.rkey, 345 345 + title = book.title, 346 346 + author = book.author, 347 347 + } 348 348 + 349 349 + self:saveSettings() 350 350 + 351 351 + UIManager:show(InfoMessage:new { 352 352 + text = T(_("Linked to: %1"), book.title), 353 353 + }) 354 354 + end 355 355 + 356 356 + function Paperbnd:unlinkCurrentBook() 357 357 + local doc_path = self:getCurrentDocumentPath() 358 358 + if doc_path and self.document_mappings[doc_path] then 359 359 + local book_title = self.document_mappings[doc_path].title 360 360 + self.document_mappings[doc_path] = nil 361 361 + self:saveSettings() 362 362 + 363 363 + UIManager:show(InfoMessage:new { 364 364 + text = T(_("Unlinked: %1"), book_title), 365 365 + }) 366 366 + end 367 367 + end 368 368 + 369 369 + function Paperbnd:syncProgress() 370 370 + if not self:isAuthenticated() then 371 371 + return 372 372 + end 373 373 + 374 374 + local doc_path = self:getCurrentDocumentPath() 375 375 + if not doc_path or not self.document_mappings[doc_path] then 376 376 + return 377 377 + end 378 378 + 379 379 + local mapping = self.document_mappings[doc_path] 380 380 + 381 381 + -- Get document statistics 382 382 + local stats = self.ui.doc_settings:readSetting("stats") or {} 383 383 + local pages = self.ui.document:getPageCount() 384 384 + local current_page = self.ui.paging and self.ui.paging.current_page or 1 385 385 + local percent = math.floor((current_page / pages) * 100) 386 386 + 387 387 + -- Fetch current record 388 388 + local record_response, err = self.xrpc:getRecord( 389 389 + self.did, 390 390 + "social.popfeed.feed.listItem", 391 391 + mapping.rkey 392 392 + ) 393 393 + 394 394 + if err then 395 395 + UIManager:show(InfoMessage:new { 396 396 + text = T(_("Failed to fetch record: %1"), err), 397 397 + }) 398 398 + return 399 399 + end 400 400 + 401 401 + local record = record_response.value 402 402 + 403 403 + -- Update bookProgress 404 404 + record.bookProgress = { 405 405 + status = "in_progress", 406 406 + percent = percent, 407 407 + currentPage = current_page, 408 408 + totalPages = pages, 409 409 + updatedAt = os.date("!%Y-%m-%dT%H:%M:%S.000Z"), 410 410 + } 411 411 + 412 412 + -- If not already in currently_reading, update listType 413 413 + -- if record.listType ~= "currently_reading_books" then 414 414 + -- record.listType = "currently_reading_books" 415 415 + -- TODO: Also update the listUri to point to currently_reading list 416 416 + -- end 417 417 + 418 418 + -- Put updated record 419 419 + local put_response, put_err = self.xrpc:putRecord( 420 420 + self.did, 421 421 + "social.popfeed.feed.listItem", 422 422 + mapping.rkey, 423 423 + record 424 424 + ) 425 425 + 426 426 + if put_err then 427 427 + UIManager:show(InfoMessage:new { 428 428 + text = T(_("Failed to sync progress: %1"), put_err), 429 429 + }) 430 430 + return 431 431 + end 432 432 + 433 433 + UIManager:show(InfoMessage:new { 434 434 + text = T(_("Synced: %1% (%2/%3)"), percent, current_page, pages), 435 435 + timeout = 2, 436 436 + }) 437 437 + end 438 438 + 439 439 + -- Hook into document close to sync progress 440 440 + function Paperbnd:onCloseDocument() 441 441 + if self:isAuthenticated() and self:isCurrentBookLinked() then 442 442 + self:syncProgress() 443 443 + end 444 444 + end 445 445 + 446 446 + return Paperbnd

+353

xrpc.lua

reviewed

··· 1 1 + local http = require("socket.http") 2 2 + local url = require("socket.url") 3 3 + local ltn12 = require("ltn12") 4 4 + local socket = require("socket") 5 5 + local socketutil = require("socketutil") 6 6 + local rapidjson = require("rapidjson") 7 7 + 8 8 + local XRPCClient = { 9 9 + pds_url = nil, 10 10 + handle = nil, 11 11 + app_password = nil, 12 12 + access_token = nil, 13 13 + refresh_token = nil, 14 14 + timeout = 30, 15 15 + on_credentials_updated = nil, -- Callback for when credentials are refreshed 16 16 + } 17 17 + 18 18 + function XRPCClient:new(o) 19 19 + o = o or {} 20 20 + setmetatable(o, self) 21 21 + self.__index = self 22 22 + return o 23 23 + end 24 24 + 25 25 + function XRPCClient:setPDS(pds_url) 26 26 + self.pds_url = pds_url 27 27 + end 28 28 + 29 29 + function XRPCClient:setAuth(access_token, refresh_token) 30 30 + self.access_token = access_token 31 31 + if refresh_token then 32 32 + self.refresh_token = refresh_token 33 33 + end 34 34 + end 35 35 + 36 36 + function XRPCClient:setCredentials(handle, app_password) 37 37 + self.handle = handle 38 38 + self.app_password = app_password 39 39 + end 40 40 + 41 41 + function XRPCClient:setCredentialsCallback(callback) 42 42 + self.on_credentials_updated = callback 43 43 + end 44 44 + 45 45 + -- Notify that credentials were updated 46 46 + function XRPCClient:notifyCredentialsUpdated(access_token, refresh_token) 47 47 + if self.on_credentials_updated then 48 48 + self.on_credentials_updated(access_token, refresh_token) 49 49 + end 50 50 + end 51 51 + 52 52 + function XRPCClient:call(opts) 53 53 + opts = opts or {} 54 54 + local method = opts.method 55 55 + local params = opts.params 56 56 + local body = opts.body 57 57 + local skip_renewal = opts.skip_renewal or false 58 58 + local pds = opts.pds or self.pds_url 59 59 + 60 60 + if not pds then 61 61 + return nil, "PDS URL not set" 62 62 + end 63 63 + 64 64 + local endpoint = pds .. "/xrpc/" .. method 65 65 + 66 66 + -- Add query parameters if provided 67 67 + if params and next(params) then 68 68 + local query_parts = {} 69 69 + for k, v in pairs(params) do 70 70 + table.insert(query_parts, k .. "=" .. url.escape(tostring(v))) 71 71 + end 72 72 + endpoint = endpoint .. "?" .. table.concat(query_parts, "&") 73 73 + end 74 74 + 75 75 + local request_body = nil 76 76 + local source = nil 77 77 + local is_post = body ~= nil 78 78 + local headers = { 79 79 + ["Accept"] = "application/json", 80 80 + } 81 81 + 82 82 + -- Handle request body (POST only) 83 83 + if is_post then 84 84 + headers["Content-Type"] = "application/json" 85 85 + 86 86 + -- Add authorization header for POST requests if token is set 87 87 + if self.access_token then 88 88 + headers["Authorization"] = "Bearer " .. self.access_token 89 89 + end 90 90 + 91 91 + local encoded, err = rapidjson.encode(body) 92 92 + if err then 93 93 + return nil, "Failed to encode JSON: " .. err 94 94 + end 95 95 + request_body = encoded 96 96 + headers["Content-Length"] = tostring(#request_body) 97 97 + source = ltn12.source.string(request_body) 98 98 + end 99 99 + 100 100 + local sink = {} 101 101 + local request = { 102 102 + url = endpoint, 103 103 + method = is_post and "POST" or "GET", 104 104 + sink = ltn12.sink.table(sink), 105 105 + source = source, 106 106 + headers = headers, 107 107 + } 108 108 + 109 109 + socketutil:set_timeout(self.timeout, self.timeout) 110 110 + local code, response_headers = socket.skip(1, http.request(request)) 111 111 + socketutil:reset_timeout() 112 112 + 113 113 + if not code then 114 114 + return nil, "HTTP request failed: " .. tostring(response_headers) 115 115 + end 116 116 + 117 117 + local response_body = table.concat(sink) 118 118 + 119 119 + -- Handle authentication errors with automatic session renewal 120 120 + local is_auth_error = code == 401 or 121 121 + (code == 400 and response_body and string.find(string.lower(response_body), "expired")) 122 122 + 123 123 + if is_auth_error and not skip_renewal then 124 124 + -- Try to renew session (refresh token -> app password fallback) 125 125 + local renewed, renew_err = self:renewSession() 126 126 + 127 127 + if renewed then 128 128 + -- Session renewed successfully, retry the original request 129 129 + -- Rebuild request with new authorization header 130 130 + if is_post and self.access_token then 131 131 + headers["Authorization"] = "Bearer " .. self.access_token 132 132 + end 133 133 + 134 134 + sink = {} 135 135 + request.sink = ltn12.sink.table(sink) 136 136 + if is_post then 137 137 + request.source = ltn12.source.string(request_body) 138 138 + end 139 139 + request.headers = headers 140 140 + 141 141 + socketutil:set_timeout(self.timeout, self.timeout) 142 142 + code, response_headers = socket.skip(1, http.request(request)) 143 143 + socketutil:reset_timeout() 144 144 + 145 145 + if not code then 146 146 + return nil, "HTTP request failed after session renewal: " .. tostring(response_headers) 147 147 + end 148 148 + 149 149 + response_body = table.concat(sink) 150 150 + else 151 151 + -- Could not renew session 152 152 + return nil, "Session expired and renewal failed: " .. (renew_err or "unknown error") 153 153 + end 154 154 + end 155 155 + 156 156 + -- Handle non-200 responses 157 157 + if code ~= 200 then 158 158 + local error_msg 159 159 + if response_body and response_body ~= "" then 160 160 + local error_data, err = rapidjson.decode(response_body) 161 161 + if error_data and error_data.message then 162 162 + error_msg = error_data.message 163 163 + else 164 164 + error_msg = response_body 165 165 + end 166 166 + else 167 167 + error_msg = "HTTP " .. code 168 168 + end 169 169 + 170 170 + return nil, error_msg 171 171 + end 172 172 + 173 173 + -- Decode response 174 174 + if response_body and response_body ~= "" then 175 175 + local decoded, err = rapidjson.decode(response_body) 176 176 + if err then 177 177 + return nil, "Failed to decode JSON response: " .. err 178 178 + end 179 179 + return decoded, nil 180 180 + end 181 181 + 182 182 + return {}, nil 183 183 + end 184 184 + 185 185 + -- Resolve PDS from handle using Slingshot service 186 186 + function XRPCClient:resolvePDS(handle) 187 187 + local response, err = self:call({ 188 188 + method = "com.bad-example.identity.resolveMiniDoc", 189 189 + params = { identifier = handle }, 190 190 + pds = "https://slingshot.microcosm.blue", 191 191 + }) 192 192 + 193 193 + if err or not response then 194 194 + return nil, "Failed to resolve PDS for handle: " .. err 195 195 + end 196 196 + 197 197 + if not response.pds then 198 198 + return nil, "Invalid response from Slingshot service" 199 199 + end 200 200 + 201 201 + return response.pds, nil 202 202 + end 203 203 + 204 204 + -- Create session (login) 205 205 + function XRPCClient:createSession(identifier, password) 206 206 + local response, err = self:call({ 207 207 + method = "com.atproto.server.createSession", 208 208 + body = { 209 209 + identifier = identifier, 210 210 + password = password, 211 211 + }, 212 212 + skip_renewal = true, -- Don't auto-renew during initial login 213 213 + }) 214 214 + 215 215 + if err or not response then 216 216 + return nil, err 217 217 + end 218 218 + 219 219 + if response.accessJwt then 220 220 + self:setAuth(response.accessJwt, response.refreshJwt) 221 221 + -- Note: We don't call notifyCredentialsUpdated here since the caller 222 222 + -- of createSession is expected to handle storing credentials 223 223 + end 224 224 + 225 225 + return response, nil 226 226 + end 227 227 + 228 228 + -- Validate current session by making a test request 229 229 + function XRPCClient:validateSession() 230 230 + if not self.access_token then 231 231 + return false, "No access token" 232 232 + end 233 233 + 234 234 + -- Make a lightweight request to check if session is valid 235 235 + local response, err = self:call({ 236 236 + method = "com.atproto.server.getSession", 237 237 + body = {}, 238 238 + skip_renewal = true, -- Don't auto-renew during validation 239 239 + }) 240 240 + 241 241 + return response ~= nil, err 242 242 + end 243 243 + 244 244 + -- Refresh session using refresh token 245 245 + function XRPCClient:refreshSession() 246 246 + if not self.refresh_token then 247 247 + return nil, "No refresh token available" 248 248 + end 249 249 + 250 250 + -- Temporarily store the current access token 251 251 + local old_access_token = self.access_token 252 252 + 253 253 + -- Use refresh token for this request 254 254 + self.access_token = self.refresh_token 255 255 + 256 256 + local response, err = self:call({ 257 257 + method = "com.atproto.server.refreshSession", 258 258 + body = {}, 259 259 + skip_renewal = true, -- Don't recurse during refresh 260 260 + }) 261 261 + 262 262 + if err or not response then 263 263 + -- Restore old access token on failure 264 264 + self.access_token = old_access_token 265 265 + return nil, err 266 266 + end 267 267 + 268 268 + -- Update tokens with new values 269 269 + if response.accessJwt then 270 270 + self:setAuth(response.accessJwt, response.refreshJwt) 271 271 + self:notifyCredentialsUpdated(response.accessJwt, response.refreshJwt) 272 272 + end 273 273 + 274 274 + return response, nil 275 275 + end 276 276 + 277 277 + -- Renew session with multi-level fallback 278 278 + -- 1. Try to use refresh token 279 279 + -- 2. If refresh token expired, create new session with app password 280 280 + function XRPCClient:renewSession() 281 281 + -- First, try to refresh with refresh token 282 282 + local response, err = self:refreshSession() 283 283 + 284 284 + if response then 285 285 + return true, nil 286 286 + end 287 287 + 288 288 + -- If refresh failed and we have app password, try to create new session 289 289 + if self.handle and self.app_password then 290 290 + local session, session_err = self:createSession(self.handle, self.app_password) 291 291 + 292 292 + if session then 293 293 + -- New session created successfully, tokens already set by createSession 294 294 + self:notifyCredentialsUpdated(session.accessJwt, session.refreshJwt) 295 295 + return true, nil 296 296 + end 297 297 + 298 298 + return false, "Failed to refresh session and create new session: " .. (session_err or "unknown error") 299 299 + end 300 300 + 301 301 + return false, 302 302 + "Failed to refresh session: " .. (err or "unknown error") .. ", and no app password available for fallback" 303 303 + end 304 304 + 305 305 + -- List records from a collection 306 306 + function XRPCClient:listRecords(repo, collection, limit, cursor) 307 307 + local params = { 308 308 + repo = repo, 309 309 + collection = collection, 310 310 + } 311 311 + 312 312 + if limit then 313 313 + params.limit = limit 314 314 + end 315 315 + 316 316 + if cursor then 317 317 + params.cursor = cursor 318 318 + end 319 319 + 320 320 + return self:call({ 321 321 + method = "com.atproto.repo.listRecords", 322 322 + params = params, 323 323 + }) 324 324 + end 325 325 + 326 326 + -- Get a single record 327 327 + function XRPCClient:getRecord(repo, collection, rkey) 328 328 + local params = { 329 329 + repo = repo, 330 330 + collection = collection, 331 331 + rkey = rkey, 332 332 + } 333 333 + 334 334 + return self:call({ 335 335 + method = "com.atproto.repo.getRecord", 336 336 + params = params, 337 337 + }) 338 338 + end 339 339 + 340 340 + -- Put (create or update) a record 341 341 + function XRPCClient:putRecord(repo, collection, rkey, record) 342 342 + return self:call({ 343 343 + method = "com.atproto.repo.putRecord", 344 344 + body = { 345 345 + repo = repo, 346 346 + collection = collection, 347 347 + rkey = rkey, 348 348 + record = record, 349 349 + }, 350 350 + }) 351 351 + end 352 352 + 353 353 + return XRPCClient