+4 -6

base.html

··· 12 12 <header> 13 13 <hgroup> 14 14 <h1>ATProto User Intents Demo</h1> 15 15 - {{ if false }} 16 16 - <!-- XXX --> 17 17 - <p>Hello <span style="font-family: monospace;">@{{ "handle" }}</span>!</p> 18 18 - {{ end }} 19 15 </hgroup> 20 16 <nav> 21 17 <ul> 22 22 - {{ if false }} 23 23 - <!-- XXX --> 18 18 + {{ if . }} 24 19 <li><a href="/intents">Configure Intents</a> 25 20 <li><a href="/oauth/logout">Logout</a> 26 21 {{ else }} ··· 29 24 <li><a href="https://tangled.sh/@bnewbold.net/user-intents">Code</a> 30 25 </ul> 31 26 </nav> 27 27 + {{ if . }} 28 28 + <p>Hello <span style="font-family: monospace; font-weight: bold;">{{ .DID }}</span></p> 29 29 + {{ end }} 32 30 </header> 33 31 <main> 34 32 <section class="content">

+2 -2

declaration.go

··· 16 16 } 17 17 18 18 type DeclarationIntent struct { 19 19 - Allow *bool `json:"allow,omitempty"` 19 19 + Allow *bool `json:"allow,omitempty"` 20 20 UpdatedAt string `json:"updatedAt"` 21 21 } 22 22 ··· 25 25 UpdatedAt string `json:"updatedAt,omitempty"` 26 26 SyntheticContentGeneration *DeclarationIntent `json:"syntheticContentGeneration,omitempty"` 27 27 PublicAccessArchive *DeclarationIntent `json:"publicAccessArchive,omitempty"` 28 28 - BulkDataset *DeclarationIntent `json:"bulkDataset,omitempty"` 28 28 + BulkDataset *DeclarationIntent `json:"bulkDataset,omitempty"` 29 29 ProtocolBridging *DeclarationIntent `json:"protocolBridging,omitempty"` 30 30 }

+12 -12

go.mod

··· 3 3 go 1.24.4 4 4 5 5 require ( 6 6 - github.com/bluesky-social/indigo v0.0.0-20250711090625-c3e99aceec23 6 6 + github.com/bluesky-social/indigo v0.0.0-20250812204950-e303f0977adb 7 7 github.com/gorilla/sessions v1.2.1 8 8 github.com/joho/godotenv v1.5.1 9 9 github.com/urfave/cli/v2 v2.25.7 ··· 12 12 require ( 13 13 github.com/beorn7/perks v1.0.1 // indirect 14 14 github.com/carlmjohnson/versioninfo v0.22.5 // indirect 15 15 - github.com/cespare/xxhash/v2 v2.2.0 // indirect 15 15 + github.com/cespare/xxhash/v2 v2.3.0 // indirect 16 16 github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect 17 17 - github.com/golang-jwt/jwt/v5 v5.2.2 // indirect 17 17 + github.com/golang-jwt/jwt/v5 v5.3.0 // indirect 18 18 github.com/google/go-querystring v1.1.0 // indirect 19 19 github.com/gorilla/securecookie v1.1.1 // indirect 20 20 github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect 21 21 - github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect 22 21 github.com/mr-tron/base58 v1.2.0 // indirect 23 23 - github.com/prometheus/client_golang v1.17.0 // indirect 24 24 - github.com/prometheus/client_model v0.5.0 // indirect 25 25 - github.com/prometheus/common v0.45.0 // indirect 26 26 - github.com/prometheus/procfs v0.12.0 // indirect 22 22 + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect 23 23 + github.com/prometheus/client_golang v1.23.0 // indirect 24 24 + github.com/prometheus/client_model v0.6.2 // indirect 25 25 + github.com/prometheus/common v0.65.0 // indirect 26 26 + github.com/prometheus/procfs v0.17.0 // indirect 27 27 github.com/russross/blackfriday/v2 v2.1.0 // indirect 28 28 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect 29 29 gitlab.com/yawning/secp256k1-voi v0.0.0-20230925100816-f2616030848b // indirect 30 30 gitlab.com/yawning/tuplehash v0.0.0-20230713102510-df83abbf9a02 // indirect 31 31 - golang.org/x/crypto v0.21.0 // indirect 32 32 - golang.org/x/sys v0.22.0 // indirect 33 33 - golang.org/x/time v0.3.0 // indirect 34 34 - google.golang.org/protobuf v1.33.0 // indirect 31 31 + golang.org/x/crypto v0.41.0 // indirect 32 32 + golang.org/x/sys v0.35.0 // indirect 33 33 + golang.org/x/time v0.12.0 // indirect 34 34 + google.golang.org/protobuf v1.36.7 // indirect 35 35 )

+30 -28

go.sum

··· 1 1 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= 2 2 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= 3 3 - github.com/bluesky-social/indigo v0.0.0-20250711090625-c3e99aceec23 h1:uLHTZecIuT3zLU3+qr2qwDWMJIW+r7dpk8cuuJptEL0= 4 4 - github.com/bluesky-social/indigo v0.0.0-20250711090625-c3e99aceec23/go.mod h1:MGLKdNswSvDpcGkkQkUVREBXLwccqsGorapP8R1uifU= 3 3 + github.com/bluesky-social/indigo v0.0.0-20250812204950-e303f0977adb h1:sxuazW7Tqx/mxuM7tUQcBeNGXvLhj/Ugux+cLsSmhSY= 4 4 + github.com/bluesky-social/indigo v0.0.0-20250812204950-e303f0977adb/go.mod h1:n6QE1NDPFoi7PRbMUZmc2y7FibCqiVU4ePpsvhHUBR8= 5 5 github.com/carlmjohnson/versioninfo v0.22.5 h1:O00sjOLUAFxYQjlN/bzYTuZiS0y6fWDQjMRvwtKgwwc= 6 6 github.com/carlmjohnson/versioninfo v0.22.5/go.mod h1:QT9mph3wcVfISUKd0i9sZfVrPviHuSF+cUtLjm2WSf8= 7 7 - github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= 8 8 - github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= 7 7 + github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= 8 8 + github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= 9 9 github.com/cpuguy83/go-md2man/v2 v2.0.3 h1:qMCsGGgs+MAzDFyp9LpAe1Lqy/fY/qCovCm0qnXZOBM= 10 10 github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= 11 11 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= ··· 18 18 github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= 19 19 github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= 20 20 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= 21 21 - github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8= 22 22 - github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= 21 21 + github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo= 22 22 + github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE= 23 23 github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= 24 24 - github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= 25 25 - github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= 24 24 + github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= 25 25 + github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= 26 26 github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= 27 27 github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= 28 28 github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= ··· 71 71 github.com/klauspost/cpuid/v2 v2.2.7/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= 72 72 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= 73 73 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= 74 74 - github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= 75 75 - github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= 76 74 github.com/minio/sha256-simd v1.0.1 h1:6kaan5IFmwTNynnKKpDHe6FWHohJOHhCPchzK49dzMM= 77 75 github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8= 78 76 github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o= ··· 87 85 github.com/multiformats/go-multihash v0.2.3/go.mod h1:dXgKXCXjBzdscBLk9JkjINiEsCKRVch90MdaGiKsvSM= 88 86 github.com/multiformats/go-varint v0.0.7 h1:sWSGR+f/eu5ABZA2ZpYKBILXTTs9JWpdEM/nEGOHFS8= 89 87 github.com/multiformats/go-varint v0.0.7/go.mod h1:r8PUYw/fD/SjBCiKOoDlGF6QawOELpZAu9eioSos/OU= 88 88 + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= 89 89 + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= 90 90 github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= 91 91 github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= 92 92 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 93 93 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 94 94 github.com/polydawn/refmt v0.89.1-0.20221221234430-40501e09de1f h1:VXTQfuJj9vKR4TCkEuWIckKvdHFeJH/huIFJ9/cXOB0= 95 95 github.com/polydawn/refmt v0.89.1-0.20221221234430-40501e09de1f/go.mod h1:/zvteZs/GwLtCgZ4BL6CBsk9IKIlexP43ObX9AxTqTw= 96 96 - github.com/prometheus/client_golang v1.17.0 h1:rl2sfwZMtSthVU752MqfjQozy7blglC+1SOtjMAMh+Q= 97 97 - github.com/prometheus/client_golang v1.17.0/go.mod h1:VeL+gMmOAxkS2IqfCq0ZmHSL+LjWfWDUmp1mBz9JgUY= 98 98 - github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= 99 99 - github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= 100 100 - github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= 101 101 - github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= 102 102 - github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= 103 103 - github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= 96 96 + github.com/prometheus/client_golang v1.23.0 h1:ust4zpdl9r4trLY/gSjlm07PuiBq2ynaXXlptpfy8Uc= 97 97 + github.com/prometheus/client_golang v1.23.0/go.mod h1:i/o0R9ByOnHX0McrTMTyhYvKE4haaf2mW08I+jGAjEE= 98 98 + github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= 99 99 + github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE= 100 100 + github.com/prometheus/common v0.65.0 h1:QDwzd+G1twt//Kwj/Ww6E9FQq1iVMmODnILtW1t2VzE= 101 101 + github.com/prometheus/common v0.65.0/go.mod h1:0gZns+BLRQ3V6NdaerOhMbwwRbNh9hkGINtQAsP5GS8= 102 102 + github.com/prometheus/procfs v0.17.0 h1:FuLQ+05u4ZI+SS/w9+BWEM2TXiHKsUQ9TADiRH7DuK0= 103 103 + github.com/prometheus/procfs v0.17.0/go.mod h1:oPQLaDAMRbA+u8H5Pbfq+dl3VDAvHxMUOVhe0wYB2zw= 104 104 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= 105 105 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= 106 106 github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= 107 107 github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= 108 108 - github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= 109 109 - github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= 108 108 + github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= 109 109 + github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= 110 110 github.com/urfave/cli/v2 v2.25.7 h1:VAzn5oq403l5pHjc4OhD54+XGO9cdKVL/7lDjF+iKUs= 111 111 github.com/urfave/cli/v2 v2.25.7/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= 112 112 github.com/whyrusleeping/cbor-gen v0.2.1-0.20241030202151-b7a6831be65e h1:28X54ciEwwUxyHn9yrZfl5ojgF4CBNLWX7LR0rvBkf4= ··· 127 127 go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ= 128 128 go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= 129 129 go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= 130 130 + go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= 131 131 + go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= 130 132 go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= 131 133 go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= 132 134 go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= 133 135 go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= 134 134 - golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= 135 135 - golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= 136 136 - golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= 137 137 - golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= 138 138 - golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= 139 139 - golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= 136 136 + golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4= 137 137 + golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc= 138 138 + golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI= 139 139 + golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= 140 140 + golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE= 141 141 + golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= 140 142 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 141 143 golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 h1:+cNy6SZtPcJQH3LJVLOSmiC7MMxXNOb3PU/VUEz+EhU= 142 144 golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028/go.mod h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90= 143 143 - google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= 144 144 - google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= 145 145 + google.golang.org/protobuf v1.36.7 h1:IgrO7UwFQGJdRNXH/sQux4R1Dj1WAKcLElzeeRaXV2A= 146 146 + google.golang.org/protobuf v1.36.7/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= 145 147 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= 146 148 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 147 149 lukechampine.com/blake3 v1.2.1 h1:YuqqRuaqsGV71BV/nm9xlI0MKUv4QC54jQnBChWbGnI=

+30 -19

main.go

··· 72 72 73 73 func runServer(cctx *cli.Context) error { 74 74 75 75 - scope := "atproto transition:generic" 75 75 + scopes := []string{"atproto", "transition:generic"} 76 76 bind := ":8080" 77 77 78 78 // TODO: localhost dev mode if hostname is empty ··· 81 81 if hostname == "" { 82 82 config = oauth.NewLocalhostConfig( 83 83 fmt.Sprintf("http://127.0.0.1%s/oauth/callback", bind), 84 84 - scope, 84 84 + scopes, 85 85 ) 86 86 slog.Info("configuring localhost OAuth client", "CallbackURL", config.CallbackURL) 87 87 } else { 88 88 config = oauth.NewPublicConfig( 89 89 fmt.Sprintf("https://%s/oauth/client-metadata.json", hostname), 90 90 fmt.Sprintf("https://%s/oauth/callback", hostname), 91 91 + scopes, 91 92 ) 92 93 } 93 94 ··· 116 117 return nil 117 118 } 118 119 119 119 - func (s *Server) currentSessionDID(r *http.Request) *syntax.DID { 120 120 + func (s *Server) currentSessionDID(r *http.Request) (*syntax.DID, string) { 120 121 sess, _ := s.CookieStore.Get(r, "oauth-demo") 121 122 accountDID, ok := sess.Values["account_did"].(string) 122 123 if !ok || accountDID == "" { 123 123 - return nil 124 124 + return nil, "" 124 125 } 125 126 did, err := syntax.ParseDID(accountDID) 126 127 if err != nil { 127 127 - return nil 128 128 + return nil, "" 129 129 + } 130 130 + sessionID, ok := sess.Values["session_id"].(string) 131 131 + if !ok || sessionID == "" { 132 132 + return nil, "" 128 133 } 129 134 130 130 - return &did 135 135 + return &did, sessionID 131 136 } 132 137 133 138 func strPtr(raw string) *string { ··· 137 142 func (s *Server) ClientMetadata(w http.ResponseWriter, r *http.Request) { 138 143 slog.Info("client metadata request", "url", r.URL, "host", r.Host) 139 144 140 140 - scope := "atproto transition:generic" 141 141 - meta := s.OAuth.Config.ClientMetadata(scope) 145 145 + meta := s.OAuth.Config.ClientMetadata() 142 146 meta.ClientName = strPtr("AI-PREF / Bluesky Demo App") 143 147 meta.ClientURI = strPtr(fmt.Sprintf("https://%s", r.Host)) 144 148 ··· 166 170 } 167 171 168 172 func (s *Server) Homepage(w http.ResponseWriter, r *http.Request) { 169 169 - did := s.currentSessionDID(r) 173 173 + did, _ := s.currentSessionDID(r) 170 174 if did != nil { 171 175 tmplHome.Execute(w, WebInfo{DID: did.String()}) 172 176 return ··· 216 220 // create signed cookie session, indicating account DID 217 221 sess, _ := s.CookieStore.Get(r, "oauth-demo") 218 222 sess.Values["account_did"] = sessData.AccountDID.String() 223 223 + sess.Values["session_id"] = sessData.SessionID 219 224 if err := sess.Save(r, w); err != nil { 220 225 http.Error(w, err.Error(), http.StatusInternalServerError) 221 226 return ··· 226 231 } 227 232 228 233 func (s *Server) OAuthLogout(w http.ResponseWriter, r *http.Request) { 229 229 - // XXX: delete session from auth store 234 234 + 235 235 + // delete session from auth store 236 236 + did, sessionID := s.currentSessionDID(r) 237 237 + if did != nil { 238 238 + if err := s.OAuth.Store.DeleteSession(r.Context(), *did, sessionID); err != nil { 239 239 + slog.Error("failed to delete session", "did", did, "err", err) 240 240 + } 241 241 + } 230 242 231 243 // wipe all secure cookie session data 232 244 sess, _ := s.CookieStore.Get(r, "oauth-demo") ··· 256 268 func (s *Server) UpdateIntents(w http.ResponseWriter, r *http.Request) { 257 269 ctx := r.Context() 258 270 259 259 - did := s.currentSessionDID(r) 271 271 + did, sessionID := s.currentSessionDID(r) 260 272 if did == nil { 261 273 // TODO: suppowed to set a WWW header; and could redirect? 262 274 http.Error(w, "not authenticated", http.StatusUnauthorized) 263 275 return 264 276 } 265 277 266 266 - oauthSess, err := s.OAuth.ResumeSession(ctx, *did) 278 278 + oauthSess, err := s.OAuth.ResumeSession(ctx, *did, sessionID) 267 279 if err != nil { 268 280 http.Error(w, "not authenticated", http.StatusUnauthorized) 269 281 return ··· 298 310 // TODO: have this not clobber current timestamps 299 311 now := syntax.DatetimeNow().String() 300 312 decl := Declaration{ 301 301 - Type: "org.user-intents.demo.declaration", 313 313 + Type: "org.user-intents.demo.declaration", 302 314 UpdatedAt: now, 303 315 SyntheticContentGeneration: &DeclarationIntent{ 304 304 - Allow: parseTriState(r.PostFormValue("syntheticContentGeneration")), 316 316 + Allow: parseTriState(r.PostFormValue("syntheticContentGeneration")), 305 317 UpdatedAt: now, 306 318 }, 307 319 PublicAccessArchive: &DeclarationIntent{ 308 308 - Allow: parseTriState(r.PostFormValue("publicAccessArchive")), 320 320 + Allow: parseTriState(r.PostFormValue("publicAccessArchive")), 309 321 UpdatedAt: now, 310 322 }, 311 323 BulkDataset: &DeclarationIntent{ 312 312 - Allow: parseTriState(r.PostFormValue("bulkDataset")), 324 324 + Allow: parseTriState(r.PostFormValue("bulkDataset")), 313 325 UpdatedAt: now, 314 326 }, 315 327 ProtocolBridging: &DeclarationIntent{ 316 316 - Allow: parseTriState(r.PostFormValue("protocolBridging")), 328 328 + Allow: parseTriState(r.PostFormValue("protocolBridging")), 317 329 UpdatedAt: now, 318 330 }, 319 331 } ··· 323 335 Repo: did.String(), 324 336 Collection: "org.user-intents.demo.declaration", 325 337 Rkey: "self", 326 326 - // XXX: Validate: &nope, 327 327 - Record: decl, 338 338 + Record: decl, 328 339 } 329 340 330 341 slog.Info("updating intents", "did", did, "declaration", decl)