+29

Cargo.lock

··· 1644 1644 checksum = "0cc23270f6e1808e30a928bdc84dea0b9b4136a8bc82338574f23baf47bbd280" 1645 1645 1646 1646 [[package]] 1647 1647 + name = "gloo-storage" 1648 1648 + version = "0.3.0" 1649 1649 + source = "registry+https://github.com/rust-lang/crates.io-index" 1650 1650 + checksum = "fbc8031e8c92758af912f9bc08fbbadd3c6f3cfcbf6b64cdf3d6a81f0139277a" 1651 1651 + dependencies = [ 1652 1652 + "gloo-utils", 1653 1653 + "js-sys", 1654 1654 + "serde", 1655 1655 + "serde_json", 1656 1656 + "thiserror 1.0.69", 1657 1657 + "wasm-bindgen", 1658 1658 + "web-sys", 1659 1659 + ] 1660 1660 + 1661 1661 + [[package]] 1662 1662 + name = "gloo-utils" 1663 1663 + version = "0.2.0" 1664 1664 + source = "registry+https://github.com/rust-lang/crates.io-index" 1665 1665 + checksum = "0b5555354113b18c547c1d3a98fbf7fb32a9ff4f6fa112ce823a21641a0ba3aa" 1666 1666 + dependencies = [ 1667 1667 + "js-sys", 1668 1668 + "serde", 1669 1669 + "serde_json", 1670 1670 + "wasm-bindgen", 1671 1671 + "web-sys", 1672 1672 + ] 1673 1673 + 1674 1674 + [[package]] 1647 1675 name = "group" 1648 1676 version = "0.13.0" 1649 1677 source = "registry+https://github.com/rust-lang/crates.io-index" ··· 2239 2267 "bytes", 2240 2268 "clap", 2241 2269 "getrandom 0.2.16", 2270 2270 + "gloo-storage", 2242 2271 "http", 2243 2272 "image", 2244 2273 "jacquard-api",

+4 -13

crates/jacquard-oauth/src/loopback.rs

··· 1 1 #![cfg(feature = "loopback")] 2 2 3 3 use crate::{ 4 4 - atproto::AtprotoClientMetadata, 5 4 authstore::ClientAuthStore, 6 5 client::OAuthClient, 7 6 dpop::DpopExt, 8 7 error::{CallbackError, OAuthError}, 9 8 resolver::OAuthResolver, 10 10 - scopes::Scope, 11 9 types::{AuthorizeOptions, CallbackParams}, 12 10 }; 13 11 use jacquard_common::{IntoStatic, cowstr::ToCowStr}; ··· 122 120 local_addr.port(), 123 121 )) 124 122 .unwrap(); 125 125 - let client_data = crate::session::ClientData { 126 126 - keyset: self.registry.client_data.keyset.clone(), 127 127 - config: AtprotoClientMetadata::new_localhost( 128 128 - Some(vec![redirect.clone()]), 129 129 - Some(vec![ 130 130 - Scope::Atproto, 131 131 - Scope::Transition(crate::scopes::TransitionScope::Generic), 132 132 - ]), 133 133 - ), 134 134 - }; 135 123 124 124 + let mut client_data = self.registry.client_data.clone(); 125 125 + // Ensure the redirect URI is set correctly for the loopback server 126 126 + client_data.config.redirect_uris = vec![redirect]; 136 127 // Build client using store and resolver 137 128 let flow_client = OAuthClient::new_with_shared( 138 129 self.registry.store.clone(), 139 130 self.client.clone(), 140 140 - client_data.clone(), 131 131 + client_data, 141 132 ); 142 133 143 134 // Start auth and get authorization URL

+4 -1

crates/jacquard/Cargo.toml

··· 157 157 jose-jwk = { workspace = true, features = ["p256"] } 158 158 tracing = { workspace = true, optional = true } 159 159 n0-future = { workspace = true, optional = true } 160 160 - 160 160 + gloo-storage = "0.3" 161 161 162 162 [target.'cfg(not(target_family = "wasm"))'.dependencies] 163 163 jacquard-identity = { version = "0.9", path = "../jacquard-identity", features = ["cache"] } ··· 170 170 171 171 [target.'cfg(target_family = "wasm")'.dependencies] 172 172 getrandom = { version = "0.2", features = ["js"] } 173 173 + 174 174 + [target.'cfg(all(target_family = "wasm", target_os = "unknown"))'.dependencies] 175 175 + gloo-storage = "0.3" 173 176 174 177 [dev-dependencies] 175 178 clap.workspace = true

+16 -1

crates/jacquard/src/client.rs

··· 16 16 //! - [`token`] - Token storage and persistence 17 17 //! - [`vec_update`] - Trait for fetch-modify-put patterns on array endpoints 18 18 19 19 + //pub mod bff_session; 19 20 /// App-password session implementation with auto-refresh 20 21 pub mod credential_session; 21 22 /// Agent error type ··· 460 461 /// App password session information from `com.atproto.server.createSession` 461 462 /// 462 463 /// Contains the access and refresh tokens along with user identity information. 463 463 - #[derive(Debug, Clone)] 464 464 + #[derive(Debug, Clone, serde::Serialize, serde::Deserialize)] 464 465 pub struct AtpSession { 465 466 /// Access token (JWT) used for authenticated requests 467 467 + #[serde(borrow)] 466 468 pub access_jwt: CowStr<'static>, 467 469 /// Refresh token (JWT) used to obtain new access tokens 468 470 pub refresh_jwt: CowStr<'static>, ··· 470 472 pub did: Did<'static>, 471 473 /// User's handle (e.g., "alice.bsky.social") 472 474 pub handle: Handle<'static>, 475 475 + } 476 476 + 477 477 + impl IntoStatic for AtpSession { 478 478 + type Output = Self; 479 479 + 480 480 + fn into_static(self) -> Self { 481 481 + Self { 482 482 + access_jwt: self.access_jwt.into_static(), 483 483 + refresh_jwt: self.refresh_jwt.into_static(), 484 484 + did: self.did.into_static(), 485 485 + handle: self.handle.into_static(), 486 486 + } 487 487 + } 473 488 } 474 489 475 490 #[cfg(feature = "api")]

+241

crates/jacquard/src/client/bff_session.rs

··· 1 1 + //! Session implementation for front-end clients that proxy to a dedicated backend 2 2 + //! 3 3 + 4 4 + //#[cfg(target_arch = "wasm32")] 5 5 + use crate::client::SessionStoreError; 6 6 + //#[cfg(target_arch = "wasm32")] 7 7 + use crate::client::{AtpSession, credential_session::SessionKey}; 8 8 + //#[cfg(target_arch = "wasm32")] 9 9 + use gloo_storage::{LocalStorage, SessionStorage, Storage}; 10 10 + //#[cfg(target_arch = "wasm32")] 11 11 + use jacquard_common::{session::SessionStore, types::string::Did}; 12 12 + #[cfg(target_arch = "wasm32")] 13 13 + use jacquard_oauth::authstore::ClientAuthStore; 14 14 + #[cfg(target_arch = "wasm32")] 15 15 + use jacquard_oauth::session::{AuthRequestData, ClientSessionData}; 16 16 + //#[cfg(target_arch = "wasm32")] 17 17 + use std::future::Future; 18 18 + 19 19 + //#[cfg(target_arch = "wasm32")] 20 20 + #[derive(Clone)] 21 21 + pub struct BrowserAuthStore; 22 22 + 23 23 + //#[cfg(target_arch = "wasm32")] 24 24 + impl BrowserAuthStore { 25 25 + pub fn new() -> Self { 26 26 + Self 27 27 + } 28 28 + 29 29 + fn session_key(did: &Did<'_>, session_id: &str) -> String { 30 30 + format!("session_{}_{}", did.as_ref(), session_id) 31 31 + } 32 32 + 33 33 + fn auth_req_key(state: &str) -> String { 34 34 + format!("auth_req_{}", state) 35 35 + } 36 36 + } 37 37 + 38 38 + #[cfg(target_arch = "wasm32")] 39 39 + impl ClientAuthStore for BrowserAuthStore { 40 40 + fn get_session( 41 41 + &self, 42 42 + did: &Did<'_>, 43 43 + session_id: &str, 44 44 + ) -> impl Future<Output = Result<Option<ClientSessionData<'_>>, SessionStoreError>> { 45 45 + let key = Self::session_key(did, session_id); 46 46 + async move { 47 47 + match LocalStorage::get::<serde_json::Value>(&key) { 48 48 + Ok(value) => { 49 49 + let data: ClientSessionData<'static> = 50 50 + jacquard::from_json_value::<ClientSessionData>(value).map_err(|e| { 51 51 + SessionStoreError::Other(format!("Deserialize error: {}", e).into()) 52 52 + })?; 53 53 + Ok(Some(data)) 54 54 + } 55 55 + Err(gloo_storage::errors::StorageError::KeyNotFound(_)) => Ok(None), 56 56 + Err(e) => Err(SessionStoreError::Other( 57 57 + format!("LocalStorage error: {}", e).into(), 58 58 + )), 59 59 + } 60 60 + } 61 61 + } 62 62 + 63 63 + fn upsert_session( 64 64 + &self, 65 65 + session: ClientSessionData<'_>, 66 66 + ) -> impl Future<Output = Result<(), SessionStoreError>> { 67 67 + async move { 68 68 + use jacquard::IntoStatic; 69 69 + 70 70 + let key = Self::session_key(&session.account_did, &session.session_id); 71 71 + let static_session = session.into_static(); 72 72 + 73 73 + let value = serde_json::to_value(&static_session) 74 74 + .map_err(|e| SessionStoreError::Other(format!("Serialize error: {}", e).into()))?; 75 75 + 76 76 + LocalStorage::set(&key, &value).map_err(|e| { 77 77 + SessionStoreError::Other(format!("LocalStorage error: {}", e).into()) 78 78 + })?; 79 79 + 80 80 + Ok(()) 81 81 + } 82 82 + } 83 83 + 84 84 + fn delete_session( 85 85 + &self, 86 86 + did: &Did<'_>, 87 87 + session_id: &str, 88 88 + ) -> impl Future<Output = Result<(), SessionStoreError>> { 89 89 + let key = Self::session_key(did, session_id); 90 90 + async move { 91 91 + LocalStorage::delete(&key); 92 92 + Ok(()) 93 93 + } 94 94 + } 95 95 + 96 96 + fn get_auth_req_info( 97 97 + &self, 98 98 + state: &str, 99 99 + ) -> impl Future<Output = Result<Option<AuthRequestData<'_>>, SessionStoreError>> { 100 100 + let key = Self::auth_req_key(state); 101 101 + async move { 102 102 + match LocalStorage::get::<serde_json::Value>(&key) { 103 103 + Ok(value) => { 104 104 + let data: AuthRequestData<'static> = 105 105 + jacquard::from_json_value::<AuthRequestData>(value).map_err(|e| { 106 106 + SessionStoreError::Other(format!("Deserialize error: {}", e).into()) 107 107 + })?; 108 108 + Ok(Some(data)) 109 109 + } 110 110 + Err(gloo_storage::errors::StorageError::KeyNotFound(err)) => { 111 111 + tracing::debug!("gloo error: {}", err); 112 112 + Ok(None) 113 113 + } 114 114 + Err(e) => Err(SessionStoreError::Other( 115 115 + format!("SessionStorage error: {}", e).into(), 116 116 + )), 117 117 + } 118 118 + } 119 119 + } 120 120 + 121 121 + fn save_auth_req_info( 122 122 + &self, 123 123 + auth_req_info: &AuthRequestData<'_>, 124 124 + ) -> impl Future<Output = Result<(), SessionStoreError>> { 125 125 + async move { 126 126 + use jacquard::IntoStatic; 127 127 + 128 128 + let key = Self::auth_req_key(&auth_req_info.state); 129 129 + let static_info = auth_req_info.clone().into_static(); 130 130 + 131 131 + let value = serde_json::to_value(&static_info) 132 132 + .map_err(|e| SessionStoreError::Other(format!("Serialize error: {}", e).into()))?; 133 133 + 134 134 + LocalStorage::set(&key, &value).map_err(|e| { 135 135 + SessionStoreError::Other(format!("SessionStorage error: {}", e).into()) 136 136 + })?; 137 137 + 138 138 + Ok(()) 139 139 + } 140 140 + } 141 141 + 142 142 + fn delete_auth_req_info( 143 143 + &self, 144 144 + state: &str, 145 145 + ) -> impl Future<Output = Result<(), SessionStoreError>> { 146 146 + let key = Self::auth_req_key(state); 147 147 + async move { 148 148 + LocalStorage::delete(&key); 149 149 + Ok(()) 150 150 + } 151 151 + } 152 152 + } 153 153 + 154 154 + #[cfg(target_arch = "wasm32")] 155 155 + impl SessionStore<SessionKey, AtpSession> for BrowserAuthStore { 156 156 + fn get(&self, key: &SessionKey) -> impl Future<Output = Option<AtpSession>> + Send { 157 157 + let key = Self::session_key(&key.0, &key.1); 158 158 + async move { 159 159 + match LocalStorage::get::<serde_json::Value>(&key) { 160 160 + Ok(value) => { 161 161 + let data: AtpSession = crate::from_json_value::<AtpSession>(value).ok()?; 162 162 + Some(data) 163 163 + } 164 164 + Err(gloo_storage::errors::StorageError::KeyNotFound(_)) => None, 165 165 + Err(_) => None, 166 166 + } 167 167 + } 168 168 + } 169 169 + 170 170 + fn set( 171 171 + &self, 172 172 + key: SessionKey, 173 173 + session: AtpSession, 174 174 + ) -> impl Future<Output = Result<(), SessionStoreError>> + Send { 175 175 + async move { 176 176 + let key = Self::session_key(&key.0, &key.1); 177 177 + 178 178 + let value = serde_json::to_value(&session) 179 179 + .map_err(|e| SessionStoreError::Other(format!("Serialize error: {}", e).into()))?; 180 180 + 181 181 + LocalStorage::set(&key, &value).map_err(|e| { 182 182 + SessionStoreError::Other(format!("LocalStorage error: {}", e).into()) 183 183 + })?; 184 184 + 185 185 + Ok(()) 186 186 + } 187 187 + } 188 188 + 189 189 + fn del(&self, key: &SessionKey) -> impl Future<Output = Result<(), SessionStoreError>> + Send { 190 190 + let key = Self::session_key(&key.0, &key.1); 191 191 + async move { 192 192 + LocalStorage::delete(&key); 193 193 + Ok(()) 194 194 + } 195 195 + } 196 196 + } 197 197 + 198 198 + /// This might seem a little silly, and it sort of is, but the intended use here is for proxying requests to another client 199 199 + #[cfg(target_arch = "wasm32")] 200 200 + impl SessionStore<SessionKey, SessionKey> for BrowserAuthStore { 201 201 + fn get(&self, key: &SessionKey) -> impl Future<Output = Option<SessionKey>> + Send { 202 202 + let key = Self::session_key(&key.0, &key.1); 203 203 + async move { 204 204 + match LocalStorage::get::<serde_json::Value>(&key) { 205 205 + Ok(value) => { 206 206 + let data: SessionKey = crate::from_json_value::<SessionKey>(value).ok()?; 207 207 + Some(data) 208 208 + } 209 209 + Err(gloo_storage::errors::StorageError::KeyNotFound(_)) => None, 210 210 + Err(_) => None, 211 211 + } 212 212 + } 213 213 + } 214 214 + 215 215 + fn set( 216 216 + &self, 217 217 + key: SessionKey, 218 218 + session: SessionKey, 219 219 + ) -> impl Future<Output = Result<(), SessionStoreError>> + Send { 220 220 + async move { 221 221 + let key = Self::session_key(&key.0, &key.1); 222 222 + 223 223 + let value = serde_json::to_value(&session) 224 224 + .map_err(|e| SessionStoreError::Other(format!("Serialize error: {}", e).into()))?; 225 225 + 226 226 + LocalStorage::set(&key, &value).map_err(|e| { 227 227 + SessionStoreError::Other(format!("LocalStorage error: {}", e).into()) 228 228 + })?; 229 229 + 230 230 + Ok(()) 231 231 + } 232 232 + } 233 233 + 234 234 + fn del(&self, key: &SessionKey) -> impl Future<Output = Result<(), SessionStoreError>> + Send { 235 235 + let key = Self::session_key(&key.0, &key.1); 236 236 + async move { 237 237 + LocalStorage::delete(&key); 238 238 + Ok(()) 239 239 + } 240 240 + } 241 241 + }