oppi.li
commits
This is needed as part of the "adversarial PDS migration" flow, because
the existing `goat account service-auth` command requires the origin PDS
to create the token.
```
NAME:
goat account service-auth-offline - create service auth token via locally-held signing key
USAGE:
goat account service-auth-offline [command options] [arguments...]
OPTIONS:
--atproto-signing-key value private key used to sign the token (multibase syntax) [$ATPROTO_SIGNING_KEY]
--iss value the DID of the account issuing the token
--endpoint value, --lxm value restrict token to API endpoint (NSID, optional)
--audience value, --aud value DID of service that will receive and validate token
--duration-sec value validity time window of token (seconds) (default: 0)
--help, -h show help
```
Adds the following new subcommands to `goat plc`, for PLC identity
management without the involvement of a PDS:
```
genesis produce an unsigned genesis operation
calc-did calculate the DID corresponding to a signed PLC operation
sign sign an operation, ready to be submitted
submit submit a signed operation to the PLC directory
update apply updates to a previous operation produce a new one (but don't sign or submit it, yet)
```
I'm going to self-merge this to unblock a project
I think it's unnecessary to specify JSON format everywhere
I've wanted this when writing tests that use the mock directory from
multiple goroutines.
This lexgen's our latest types so we're up-to-date, and fixes up the
breaking changes that occurred as a result (just
`ModerationQueryEvents`, which has two new parameters).
Now `make lexgen` runs cleanly.
This fixes lexgen for empty unions (which it now treats similarly to
`unknown`).
Also handles the special "meta" unknown field in
`tools.ozone.moderation.defs#modTool`, which is a "true" unknown (aka,
it will not have `$type`, similar to plc ops and did docs).
I tested running against atproto main, and the API part worked, but
current lexgen adds yet more params to queryEvents which breaks things.
Don't have any specific burning need for this, just keeping up with
releases.
Go 1.25 is expected in August; we'll probably wait until at least
v1.25.1 and an Alpine release to upgrade.
- tries harder to find a valid handle in alsoKnownAs list (doesn't stop
at the first `at://` if it was not a valid handle)
- normalizes handles when extracting from DID docs / identities
- ensures that bi-directional handle comparisons are done with
normalized handles
- ensures that caching is done with normalized version of handles
- adds some tests for all this
We still rely on knowing whether a lookup was a cache hit or not in some
of our services.
Making a couple internal methods and types private, and gave a couple
sub-types better names.
These are technically API breaking changes, but i'm pretty confident the
internal bits are not being used outside this repo. And the renames
should also not be particularly disruptive (if at all), and best done
sooner than later (eg, before more folks start building on this API
surface).
Description:
This pull request corrects minor typos in documentation and inline
comments to improve clarity and maintain code quality.
re: https://github.com/bluesky-social/atproto/pull/3966
Ran `make lexgen` and just kept stuff related to notification
preferences.
- `net/http` server middleware for "atproto admin auth" (which is just
Basic auth with user "admin), supporting multiple passwords for
operational flexibility (eg, new relay could use this)
- inter-service auth validation, including `net/http` middleware. fairly
complete and correct, though might have some performance issues
(purging/retrying identity resolution; and parsing keys on every
request)
The service auth code is loosely inspired by code in Discover (which is
not open source), which has been running in prod a long time now. For
example the test cases. But that code caches parsed keys much more
aggressively (with an in-process LRU).
There are some TODOs in here about XRPC error responses (aka, reply with
JSON). I'm not sure if we want to manage that here in middleware library
code, or leave it to service error handler to fill in.
The logic around LXM validation/enforcement could also use review, both
of the code and against the atproto XRPC specs.
Note that this package intentionally does not use "XRPC" in
method/variable names, as we are slowly deprecating that terminology.
This is needed as part of the "adversarial PDS migration" flow, because
the existing `goat account service-auth` command requires the origin PDS
to create the token.
```
NAME:
goat account service-auth-offline - create service auth token via locally-held signing key
USAGE:
goat account service-auth-offline [command options] [arguments...]
OPTIONS:
--atproto-signing-key value private key used to sign the token (multibase syntax) [$ATPROTO_SIGNING_KEY]
--iss value the DID of the account issuing the token
--endpoint value, --lxm value restrict token to API endpoint (NSID, optional)
--audience value, --aud value DID of service that will receive and validate token
--duration-sec value validity time window of token (seconds) (default: 0)
--help, -h show help
```
Adds the following new subcommands to `goat plc`, for PLC identity
management without the involvement of a PDS:
```
genesis produce an unsigned genesis operation
calc-did calculate the DID corresponding to a signed PLC operation
sign sign an operation, ready to be submitted
submit submit a signed operation to the PLC directory
update apply updates to a previous operation produce a new one (but don't sign or submit it, yet)
```
This fixes lexgen for empty unions (which it now treats similarly to
`unknown`).
Also handles the special "meta" unknown field in
`tools.ozone.moderation.defs#modTool`, which is a "true" unknown (aka,
it will not have `$type`, similar to plc ops and did docs).
I tested running against atproto main, and the API part worked, but
current lexgen adds yet more params to queryEvents which breaks things.
- tries harder to find a valid handle in alsoKnownAs list (doesn't stop
at the first `at://` if it was not a valid handle)
- normalizes handles when extracting from DID docs / identities
- ensures that bi-directional handle comparisons are done with
normalized handles
- ensures that caching is done with normalized version of handles
- adds some tests for all this
Making a couple internal methods and types private, and gave a couple
sub-types better names.
These are technically API breaking changes, but i'm pretty confident the
internal bits are not being used outside this repo. And the renames
should also not be particularly disruptive (if at all), and best done
sooner than later (eg, before more folks start building on this API
surface).
- `net/http` server middleware for "atproto admin auth" (which is just
Basic auth with user "admin), supporting multiple passwords for
operational flexibility (eg, new relay could use this)
- inter-service auth validation, including `net/http` middleware. fairly
complete and correct, though might have some performance issues
(purging/retrying identity resolution; and parsing keys on every
request)
The service auth code is loosely inspired by code in Discover (which is
not open source), which has been running in prod a long time now. For
example the test cases. But that code caches parsed keys much more
aggressively (with an in-process LRU).
There are some TODOs in here about XRPC error responses (aka, reply with
JSON). I'm not sure if we want to manage that here in middleware library
code, or leave it to service error handler to fill in.
The logic around LXM validation/enforcement could also use review, both
of the code and against the atproto XRPC specs.
Note that this package intentionally does not use "XRPC" in
method/variable names, as we are slowly deprecating that terminology.