flo-bit.dev / blento
your personal website on atproto - mirror blento.app
fork atom
blento / src / lib / atproto / metadata.ts
at improve-oauth-permissions 44 lines 1.3 kB view raw
Florian improve oauth permissions
9688ce00
1import { resolve } from '$app/paths'; 2import { permissions, REDIRECT_PATH, SITE } from './settings'; 3 4function constructScope() { 5 const repos = permissions.collections.map((collection) => 'repo:' + collection).join(' '); 6 7 let rpcs = ''; 8 for (const [key, value] of Object.entries(permissions.rpc ?? {})) { 9 if (Array.isArray(value)) { 10 rpcs += value.map((lxm) => 'rpc?lxm=' + lxm + '&aud=' + key).join(' '); 11 } else { 12 rpcs += 'rpc?lxm=' + value + '&aud=' + key; 13 } 14 } 15 16 let blobScope: string | undefined = undefined; 17 if (Array.isArray(permissions.blobs) && permissions.blobs.length > 0) { 18 blobScope = 'blob?' + permissions.blobs.map((b) => 'accept=' + b).join('&'); 19 } else if (permissions.blobs && permissions.blobs.length > 0) { 20 blobScope = 'blob:' + permissions.blobs; 21 } 22 23 const scope = [ 24 'atproto', 25 repos, 26 rpcs, 27 blobScope, 28 'include:app.bsky.authCreatePosts include:site.standard.authFull' 29 ] 30 .filter((v) => v?.trim()) 31 .join(' '); 32 return scope; 33} 34 35export const metadata = { 36 client_id: SITE + resolve('/oauth-client-metadata.json'), 37 redirect_uris: [SITE + resolve(REDIRECT_PATH)], 38 scope: constructScope(), 39 grant_types: ['authorization_code', 'refresh_token'], 40 response_types: ['code'], 41 token_endpoint_auth_method: 'none', 42 application_type: 'web', 43 dpop_bound_access_tokens: true 44};