evbogue.com
ANProto over ATProto -- using Bluesky PDSes to store ANProto messages and blobs
1# Setup and Configuration
2
3## Prerequisites
4- Node.js v18+
5- NPM
6
7## Local Development
8
91. **Clone & Install**:
10 ```bash
11 git clone <repo>
12 cd atproto-oauth-demo
13 npm install
14 ```
15
162. **Public URL**:
17 OAuth requires a publicly reachable or explicitly defined callback URL. For `localhost`, strict matching is enforced.
18
19 In `src/client.ts`, the `client_id` is constructed specifically for localhost development to avoid needing a public domain:
20 ```typescript
21 client_id: 'http://localhost?redirect_uri=http%3A%2F%2F127.0.0.1%3A3000%2Foauth%2Fcallback&scope=atproto'
22 ```
23 *Note: This is a "Loopback Client" technique. In production, your Client ID will be your website's URL (e.g., `https://myapp.com/client-metadata.json`).*
24
253. **Run**:
26 ```bash
27 npm run dev
28 ```
29
30## Production Deployment
31
321. **Domain**: You need a public domain (e.g., `https://myapp.com`).
332. **Metadata Endpoint**: You must serve the client metadata at a known URL (usually `https://myapp.com/.well-known/oauth-client-metadata` or similar, or just referenced by the ID).
343. **Update `src/client.ts`**:
35 ```typescript
36 clientMetadata: {
37 client_name: 'My App',
38 client_id: 'https://myapp.com/client-metadata.json', // The URL where this JSON is served
39 client_uri: 'https://myapp.com',
40 redirect_uris: ['https://myapp.com/oauth/callback'],
41 // ...
42 }
43 ```
444. **Serve Metadata**: Ensure your app actually serves this JSON at the `client_id` URL (if using URL-based IDs). The demo app serves it at `/oauth-client-metadata.json`.
45
465. **Environment Variables**:
47 Move secrets (like cookie passwords) to `.env` files.