Ensure presence of DPoP related response headers (#2711)
Ensure presence of DPoP related response headers (#2711) * fix(pds): ensure presence of DPoP related response headers * Expose the request context for AuthVerifier and StreamAuthVerifier as distinct types * Properly type ReqCtx for stream auth
prettier ignore changelogs, as changesets not resolving prettier conf…
prettier ignore changelogs, as changesets not resolving prettier config properly
Update changeset to better reflect changes (#2707)
Update changeset to better reflect changes (#2707) * Update changeset to better reflect changes * Remove un-necessary packages from changeset * codegen * expose lexicons instead of schemas * export a copy of the internal lexicon * typo * fix minor typos in changesets --------- Co-authored-by: Devin Ivy <devinivy@gmail.com>
Client SDK rework (#2483)
Client SDK rework (#2483) * feat(api): support creation of oauth based AtpAgents * oauth: misc fixes for confidential clients * fix(xprc): remove ReadableStream.from polyfill * OAuth docs tweaks (#2679) * OAuth: clarification about client_name being shown * OAuth: re-write handle resolution privacy concern * avoid relying on ReadableStream.from in xrpc-server tests * feat(oauth-types): expose "ALLOW_UNSECURE_ORIGINS" constant * feat(handle-resolver): expose "AtprotoIdentityDidMethods" type * fix(oauth-client): ensure that the oauth metadata document contains client_id_metadata_document_supported * fix(oauth-types): prevent unknown query string in loopback client id * fix(identity-resolver): check that handle is in did doc's "alsoKnownAs" * feat(oauth-client:oauth-resolver): allow logging in using either the PDS URL or Entryway URL * fix(oauth-client): return better error in case of invalid "oauth-protected-resource" status code * refactor(did): group atproto specific checks in own * feat(api): relax typing of "appLabelers" and "labelers" AtpClient properties * allow any did as labeller (for tests mainly) * fix(api): allow to override "atproto-proxy" on a per-request basis * remove release candidate versions from changelog * update changeset for api and xrpc packages * Add missing changeset * revert RC versions * Proper wording in OAUTH.md api example * remove "pre" changeset file * xrpc: restore original behavior of setHEader and unsetHeader * docs: add comment for XrpcClient 's constructor arg * feat(api): expose "schemas" publicly * feat(api): allow customizing the whatwg fetch function of the AtpAgent * docs(api): improve migration docs * docs: change reference to BskyAgent to AtpAgent * docs: mention the breaking change regarding setSessionPersistHandler * fix(api): better split AtpClient concerns * fix(xrpc): remove unused import * refactor(api): simplify class hierarchu by removeing AtpClient * fix(api): mock proper method for facets detection * restore ability to restore session asynchronously * feat(api): allow instantiating Agent with same argument as super class * docs(api): properly extend Agent class * style(xrpc): var name * docs(api): remove "async" to header getter --------- Co-authored-by: Devin Ivy <devinivy@gmail.com> Co-authored-by: bnewbold <bnewbold@robocracy.org> Co-authored-by: Hailey <me@haileyok.com>
Allow aud of pds or entryway for service auth tokens on pds (#2694)
Allow aud of pds or entryway for service auth tokens on pds (#2694) allow aud of pds or entryway for service auth tokens on pds