src/client.ts at main · evbogue.com/ANonAT

evbogue.com / ANonAT

ANProto over ATProto -- using Bluesky PDSes to store ANProto messages and blobs

ANonAT / src / client.ts

at main 1.4 kB view raw

 1import { NodeOAuthClient } from '@atproto/oauth-client-node'
 2import { SessionStore, StateStore } from './storage'
 3
 4export const createClient = async () => {
 5  return new NodeOAuthClient({
 6    // This metadata describes your OAuth client to the PDS.
 7    clientMetadata: {
 8        client_name: 'ATProto OAuth Test',
 9        // For localhost development, we use a "Loopback Client ID".
10        // This allows us to test without a public domain or https.
11        // In production, this should be the URL where your metadata is served (e.g., https://myapp.com/client-metadata.json).
12        client_id: 'http://localhost?redirect_uri=http%3A%2F%2F127.0.0.1%3A3000%2Foauth%2Fcallback&scope=atproto%20repo%3Acom.anproto.message.v1%3Faction%3Dcreate',
13        client_uri: 'http://localhost:3000',
14        redirect_uris: ['http://127.0.0.1:3000/oauth/callback'],
15        scope: 'atproto repo:com.anproto.message.v1?action=create',
16        grant_types: ['authorization_code', 'refresh_token'],
17        response_types: ['code'],
18        application_type: 'web',
19        token_endpoint_auth_method: 'none',
20        // DPoP (Demonstrating Proof-of-Possession) binds tokens to a private key, preventing replay attacks if the token is stolen.
21        // This is highly recommended for security.
22        dpop_bound_access_tokens: true,
23    },
24    stateStore: new StateStore(),
25    sessionStore: new SessionStore(),
26  })
27}