Highly ambitious ATProtocol AppView service and sdks
slices.network
1#!/bin/bash
2
3# OAuth Dynamic Client Registration Script for AT Protocol
4# Registers a new OAuth client with the AIP server per RFC 7591
5# Usage: bash scripts/register-oauth-client.sh
6
7set -e # Exit on any error
8
9# Configuration
10AIP_BASE="${AIP_BASE_URL:-http://localhost:8081}"
11CLIENT_BASE_URL="${CLIENT_BASE_URL:-http://localhost:3001}"
12CLIENT_NAME="${CLIENT_NAME:-Slice Frontend v2}"
13SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
14ROOT_DIR="$(cd "$SCRIPT_DIR/.." && pwd)"
15CONFIG_FILE="$ROOT_DIR/.env"
16
17echo "🚀 OAuth Dynamic Client Registration for Slice Frontend v2"
18echo "AIP Server: $AIP_BASE"
19echo "Client Base URL: $CLIENT_BASE_URL"
20echo "Client Name: $CLIENT_NAME"
21echo
22
23# Check if client is already registered
24if [ -f "$CONFIG_FILE" ]; then
25 echo "⚠️ Existing OAuth client configuration found at $CONFIG_FILE"
26 echo -n "Do you want to register a new client? This will overwrite the existing config. (y/N): "
27 read -r OVERWRITE
28 if [ "$OVERWRITE" != "y" ] && [ "$OVERWRITE" != "Y" ]; then
29 echo "❌ Registration cancelled"
30 exit 1
31 fi
32fi
33
34echo "🔍 Using OAuth registration endpoint..."
35REGISTRATION_ENDPOINT="$AIP_BASE/oauth/clients/register"
36
37echo "✅ Registration endpoint: $REGISTRATION_ENDPOINT"
38echo
39
40# Create client registration request
41echo "📝 Creating client registration request..."
42REDIRECT_URI="$CLIENT_BASE_URL/oauth/callback"
43
44REGISTRATION_REQUEST=$(cat <<EOF
45{
46 "client_name": "$CLIENT_NAME",
47 "redirect_uris": ["$REDIRECT_URI"],
48 "scope": "openid email profile atproto transition:generic account:email blob:image/* repo:network.slices.slice repo:network.slices.lexicon repo:network.slices.actor.profile repo:network.slices.waitlist.request",
49 "grant_types": ["authorization_code", "refresh_token"],
50 "response_types": ["code"],
51 "token_endpoint_auth_method": "client_secret_basic"
52}
53EOF
54)
55
56echo "Registration request:"
57echo "$REGISTRATION_REQUEST" | jq '.' 2>/dev/null || echo "$REGISTRATION_REQUEST"
58echo
59
60# Register the client
61echo "🔄 Registering client with AIP server..."
62REGISTRATION_RESPONSE=$(curl -s -X POST "$REGISTRATION_ENDPOINT" \
63 -H "Content-Type: application/json" \
64 -d "$REGISTRATION_REQUEST" || {
65 echo "❌ Failed to register client with AIP server"
66 echo "Make sure the AIP server is running at $AIP_BASE"
67 exit 1
68 })
69
70echo "Registration response:"
71echo "$REGISTRATION_RESPONSE" | jq '.' 2>/dev/null || echo "$REGISTRATION_RESPONSE"
72echo
73
74# Extract client credentials
75CLIENT_ID=$(echo "$REGISTRATION_RESPONSE" | grep -o '"client_id":"[^"]*' | cut -d'"' -f4)
76CLIENT_SECRET=$(echo "$REGISTRATION_RESPONSE" | grep -o '"client_secret":"[^"]*' | cut -d'"' -f4)
77
78if [ -z "$CLIENT_ID" ] || [ -z "$CLIENT_SECRET" ]; then
79 echo "❌ Failed to extract client credentials from registration response"
80 echo "Expected client_id and client_secret in response"
81 echo "Response was: $REGISTRATION_RESPONSE"
82 exit 1
83fi
84
85echo "✅ Client registered successfully!"
86echo "Client ID: $CLIENT_ID"
87echo "Client Secret: [REDACTED]"
88echo
89
90# Save credentials to .env file
91echo "💾 Saving client credentials to $CONFIG_FILE..."
92cat > "$CONFIG_FILE" <<EOF
93# OAuth Configuration - Server-Side Auth
94# Generated on $(date)
95# AIP Server: $AIP_BASE
96
97# OAuth Client ID
98OAUTH_CLIENT_ID=$CLIENT_ID
99
100# OAuth Client Secret (required for server-side auth)
101OAUTH_CLIENT_SECRET=$CLIENT_SECRET
102
103# OAuth Redirect URI (must match registration)
104OAUTH_REDIRECT_URI=$REDIRECT_URI
105
106# Base URL of your OAuth/Auth server
107OAUTH_AIP_BASE_URL=$AIP_BASE
108
109# Database URL for session storage (optional, defaults to slices.db)
110DATABASE_URL=slices.db
111EOF
112
113echo "✅ Client registration complete!"
114echo
115echo "📋 Summary:"
116echo " - Client ID: $CLIENT_ID"
117echo " - Client Name: $CLIENT_NAME"
118echo " - Redirect URI: $REDIRECT_URI"
119echo " - Scopes: openid profile atproto repo:*"
120echo " - Config saved to: $CONFIG_FILE"
121echo
122echo "🔧 Environment variables saved to $CONFIG_FILE:"
123echo " OAUTH_CLIENT_ID"
124echo " OAUTH_CLIENT_SECRET"
125echo " OAUTH_REDIRECT_URI"
126echo " OAUTH_AIP_BASE_URL"
127echo " DATABASE_URL"
128echo
129echo "💡 Next steps:"
130echo " 1. Start Vite dev server: deno task dev:vite"
131echo " 2. Start Deno server: deno task dev"
132echo " 3. Visit http://localhost:3001"
133echo