···11import { nanoid } from 'nanoid';
2233import type { ActorIdentifier } from '@atcute/lexicons';
44-import type { OAuthAuthorizationServerMetadata } from '@atcute/oauth-types';
44+import type { OAuthAuthorizationServerMetadata, OAuthPrompt } from '@atcute/oauth-types';
5566import { createES256Key } from '../dpop.js';
77import { CLIENT_ID, database, REDIRECT_URI } from '../environment.js';
···2222 target: AuthorizeTargetOptions;
2323 scope: string;
2424 state?: unknown;
2525- prompt?: 'none' | 'login' | 'consent' | 'select_account';
2525+ prompt?: OAuthPrompt | (string & {});
2626 display?: 'page' | 'popup' | 'touch' | 'wap';
2727 locale?: string;
2828}
+12-1
packages/oauth/node-client/lib/oauth-client.ts
···88 FALLBACK_ALG,
99 type ConfidentialClientMetadata,
1010 type OAuthClientMetadata,
1111+ type OAuthPrompt,
1112 type OAuthResponseMode,
1213} from '@atcute/oauth-types';
1314import { Keyset, type PrivateKey } from '@atcute/oauth-keyset';
···8081 /** user-provided state to preserve through flow */
8182 state?: unknown;
8283 /** OIDC prompt parameter */
8383- prompt?: 'none' | 'login' | 'consent' | 'select_account';
8484+ prompt?: OAuthPrompt | (string & {});
8485 /** abort signal */
8586 signal?: AbortSignal;
8687}
···247248 const { identity, metadata } = resolved;
248249249250 signal?.throwIfAborted();
251251+252252+ // validate prompt if server advertises supported values
253253+ if (prompt) {
254254+ const supported = metadata.prompt_values_supported;
255255+ if (supported && !supported.includes(prompt)) {
256256+ throw new TypeError(
257257+ `prompt "${prompt}" not supported by server (supported: ${supported.join(', ')})`,
258258+ );
259259+ }
260260+ }
250261251262 // generate PKCE and DPoP key
252263 const pkce = await generatePkce();
+1
packages/oauth/types/lib/index.ts
···7777 type OAuthCodeChallengeMethod,
7878} from './schemas/oauth-code-challenge-method.js';
7979export { oauthResponseModeSchema, type OAuthResponseMode } from './schemas/oauth-response-mode.js';
8080+export { oauthPromptSchema, type OAuthPrompt } from './schemas/oauth-prompt.js';
80818182// authorization details
8283export {