your personal website on atproto - mirror
blento.app
flo-bit.dev
1import { resolve } from '$app/paths';
2import { permissions, REDIRECT_PATH, SITE } from './settings';
3
4function constructScope() {
5 const repos = permissions.collections.map((collection) => 'repo:' + collection).join(' ');
6
7 let rpcs = '';
8 for (const [key, value] of Object.entries(permissions.rpc ?? {})) {
9 if (Array.isArray(value)) {
10 rpcs += value.map((lxm) => 'rpc?lxm=' + lxm + '&aud=' + key).join(' ');
11 } else {
12 rpcs += 'rpc?lxm=' + value + '&aud=' + key;
13 }
14 }
15
16 let blobScope: string | undefined = undefined;
17 if (Array.isArray(permissions.blobs) && permissions.blobs.length > 0) {
18 blobScope = 'blob?' + permissions.blobs.map((b) => 'accept=' + b).join('&');
19 } else if (permissions.blobs && permissions.blobs.length > 0) {
20 blobScope = 'blob:' + permissions.blobs;
21 }
22
23 const scope = ['atproto', repos, rpcs, blobScope].filter((v) => v?.trim()).join(' ');
24 return scope;
25}
26
27export const metadata = {
28 client_id: SITE + resolve('/oauth-client-metadata.json'),
29 redirect_uris: [SITE + resolve(REDIRECT_PATH)],
30 scope: constructScope(),
31 grant_types: ['authorization_code', 'refresh_token'],
32 response_types: ['code'],
33 token_endpoint_auth_method: 'none',
34 application_type: 'web',
35 dpop_bound_access_tokens: true
36};