···22'@atcute/xrpc-server': patch
33---
4455-refactor(xrpc-server): clean up Valita schemas
55+clean up Valita schemas
-63
packages/oauth/browser-client/CHANGELOG.md
···11# @atcute/oauth-browser-client
2233-## 2.0.0-next.0
44-55-### Major Changes
66-77-- 82eb851: handle and DID document resolution are now externalized.
88-99- although we've provided a "guide" on how to do your own handle resolution, the client itself still
1010- had to make its own resolution for post-authorization verification checks. this change finally
1111- makes it possible for you to supply a resolver for the client to use, and you're required to
1212- provide them.
1313-1414- after upgrading, you would supply an `identityResolver` to `configureOAuth`. the helper
1515- `defaultIdentityResolver` composes handle and DID document resolvers if you still want the default
1616- behavior; using `@atcute/identity-resolver` implementations is recommended for this.
1717-1818- ```ts
1919- import { configureOAuth, defaultIdentityResolver } from '@atcute/oauth-browser-client';
2020-2121- import {
2222- CompositeDidDocumentResolver,
2323- PlcDidDocumentResolver,
2424- WebDidDocumentResolver,
2525- XrpcHandleResolver,
2626- } from '@atcute/identity-resolver';
2727-2828- configureOAuth({
2929- // ... existing config
3030-3131- identityResolver: defaultIdentityResolver({
3232- // AT Protocol handles resolve via DNS TXT record or HTTP well-known endpoints.
3333- // since web apps lack direct DNS access and face CORS restrictions, we're using
3434- // Bluesky's AppView for this example.
3535- //
3636- // NOTE: Bluesky may log handle resolutions and requester info per their privacy
3737- // policy. consider the privacy implications of this arrangement and change this
3838- // setup if unsuitable for your use case.
3939- handleResolver: new XrpcHandleResolver({ serviceUrl: 'https://public.api.bsky.app' }),
4040-4141- didDocumentResolver: new CompositeDidDocumentResolver({
4242- methods: {
4343- plc: new PlcDidDocumentResolver(),
4444- web: new WebDidDocumentResolver(),
4545- },
4646- }),
4747- }),
4848- });
4949-5050- the resolved identity now includes both the did and a canonical handle (or `handle.invalid` if it
5151- can't be verified), which we use for `login_hint` to better match the reference OAuth client.
5252- ```
5353-5454- `resolveFromIdentity` and `resolveFromService` has been removed as a result. instead, pass the
5555- target directly to `createAuthorizationUrl`.
5656-5757- ```ts
5858- const authUrl = await createAuthorizationUrl({
5959- target: { type: 'account', identifier: 'mary.my.id' },
6060- // or { type: 'pds', serviceUrl: 'https://bsky.social' }
6161-6262- // ... existing options
6363- });
6464- ```
6565-663## 1.0.27
674685### Patch Changes