nonbinary.computer
+1
-5
crates/jacquard-oauth/src/atproto.rs
+1
-5
crates/jacquard-oauth/src/atproto.rs
···
242
redirect_uris,
243
application_type,
244
token_endpoint_auth_method: Some(auth_method.into()),
245
-
grant_types: if keyset.is_some() {
246
-
Some(metadata.grant_types.into_iter().map(|v| v.into()).collect())
247
-
} else {
248
-
None
249
-
},
250
response_types: vec!["code".to_cowstr()],
251
scope: Some(Scope::serialize_multiple(metadata.scopes.as_slice())),
252
dpop_bound_access_tokens: Some(true),
···
242
redirect_uris,
243
application_type,
244
token_endpoint_auth_method: Some(auth_method.into()),
245
+
grant_types: Some(metadata.grant_types.into_iter().map(|v| v.into()).collect()),
246
response_types: vec!["code".to_cowstr()],
247
scope: Some(Scope::serialize_multiple(metadata.scopes.as_slice())),
248
dpop_bound_access_tokens: Some(true),
+1
-1
crates/jacquard-oauth/src/client.rs
+1
-1
crates/jacquard-oauth/src/client.rs
+5
-5
crates/jacquard-oauth/src/dpop.rs
+5
-5
crates/jacquard-oauth/src/dpop.rs
···
150
/// Extract authorization hash from request headers
151
fn extract_ath(headers: &http::HeaderMap) -> Option<CowStr<'static>> {
152
headers
153
-
.get("Authorization")
154
.filter(|v| v.to_str().is_ok_and(|s| s.starts_with("DPoP ")))
155
.map(|auth| {
156
URL_SAFE_NO_PAD
···
212
213
let next_nonce = response
214
.headers()
215
-
.get("DPoP-Nonce")
216
.and_then(|v| v.to_str().ok())
217
-
.map(|c| CowStr::from(c.to_string()));
218
match &next_nonce {
219
Some(s) if next_nonce != init_nonce => {
220
store_nonce(data_source, is_to_auth_server, s.clone());
···
380
}
381
if !is_to_auth_server && status == 401 {
382
if let Some(www_auth) = headers
383
-
.get("WWW-Authenticate")
384
.and_then(|v| v.to_str().ok())
385
{
386
return www_auth.starts_with("DPoP") && www_auth.contains(r#"error="use_dpop_nonce""#);
···
404
else if response.status() == 401 {
405
if let Some(www_auth) = response
406
.headers()
407
-
.get("WWW-Authenticate")
408
.and_then(|v| v.to_str().ok())
409
{
410
return www_auth.starts_with("DPoP") && www_auth.contains(r#"error="use_dpop_nonce""#);
···
150
/// Extract authorization hash from request headers
151
fn extract_ath(headers: &http::HeaderMap) -> Option<CowStr<'static>> {
152
headers
153
+
.get("authorization")
154
.filter(|v| v.to_str().is_ok_and(|s| s.starts_with("DPoP ")))
155
.map(|auth| {
156
URL_SAFE_NO_PAD
···
212
213
let next_nonce = response
214
.headers()
215
+
.get("dpop-nonce")
216
.and_then(|v| v.to_str().ok())
217
+
.map(|c| CowStr::copy_from_str(c));
218
match &next_nonce {
219
Some(s) if next_nonce != init_nonce => {
220
store_nonce(data_source, is_to_auth_server, s.clone());
···
380
}
381
if !is_to_auth_server && status == 401 {
382
if let Some(www_auth) = headers
383
+
.get("www-authenticate")
384
.and_then(|v| v.to_str().ok())
385
{
386
return www_auth.starts_with("DPoP") && www_auth.contains(r#"error="use_dpop_nonce""#);
···
404
else if response.status() == 401 {
405
if let Some(www_auth) = response
406
.headers()
407
+
.get("www-authenticate")
408
.and_then(|v| v.to_str().ok())
409
{
410
return www_auth.starts_with("DPoP") && www_auth.contains(r#"error="use_dpop_nonce""#);
+4
-5
crates/jacquard-oauth/src/request.rs
+4
-5
crates/jacquard-oauth/src/request.rs
···
311
pub fn is_permanent(&self) -> bool {
312
match &self.kind {
313
RequestErrorKind::NoRefreshToken => true,
314
-
RequestErrorKind::HttpStatusWithBody { body, .. } => {
315
-
body.get("error")
316
-
.and_then(|e| e.as_str())
317
-
.is_some_and(|e| matches!(e, "invalid_grant" | "access_denied"))
318
-
}
319
_ => false,
320
}
321
}
···
311
pub fn is_permanent(&self) -> bool {
312
match &self.kind {
313
RequestErrorKind::NoRefreshToken => true,
314
+
RequestErrorKind::HttpStatusWithBody { body, .. } => body
315
+
.get("error")
316
+
.and_then(|e| e.as_str())
317
+
.is_some_and(|e| matches!(e, "invalid_grant" | "access_denied")),
318
_ => false,
319
}
320
}