a collection of lightweight TypeScript packages for AT Protocol, the protocol powering Bluesky
atproto
bluesky
typescript
npm
feat(oauth-browser-client): support passing nonce in client assertion fetcher
+9
-3
+5
.changeset/eight-files-listen.md
+5
.changeset/eight-files-listen.md
+2
-2
packages/oauth/browser-client/lib/agents/server-agent.ts
+2
-2
packages/oauth/browser-client/lib/agents/server-agent.ts
···
47
47
const assertion = await fetchClientAssertion({
48
48
jkt: jkt,
49
49
aud: this.#metadata.issuer,
50
-
createDpopProof: async (url) => {
50
+
createDpopProof: async (url, nonce) => {
51
51
const sign = createDPoPSignage(this.#dpopKey);
52
-
return await sign('POST', url, undefined, undefined);
52
+
return await sign('POST', url, nonce, undefined);
53
53
},
54
54
});
55
55
+2
-1
packages/oauth/browser-client/lib/types/client-assertion.ts
+2
-1
packages/oauth/browser-client/lib/types/client-assertion.ts
···
15
15
* create a DPoP proof to prove you possess the key for the claimed jkt.
16
16
*
17
17
* @param htu origin and pathname to your backend
18
+
* @param nonce optional DPoP nonce from the server
18
19
* @returns DPoP proof that can be included in the assertion
19
20
*/
20
-
createDpopProof: (htu: string) => Promise<string>;
21
+
createDpopProof: (htu: string, nonce?: string) => Promise<string>;
21
22
}
22
23
23
24
export type ClientAssertionFetcher = (