FSharp.ATProto
ClientDiscovery Module
Client metadata discovery, PKCE validation, and client assertion validation.
Types
| Type | Description |
|
A simple cache for client metadata with configurable TTL. |
Functions and values
| Function or value |
Description
|
Full Usage:
fetchClientMetadata httpClient clientId
Parameters:
HttpClient
clientId : string
Returns: Task<Result<ClientMetadata, OAuthServerError>>
|
Fetch client metadata from the client_id URL. Loopback clients return default metadata without an HTTP fetch. Non-loopback clients must use HTTPS.
|
Full Usage:
isLoopbackClient clientId
Parameters:
string
Returns: bool
|
Check if a client_id URL is a loopback client (http://localhost or http://127.0.0.1). Loopback clients get special treatment per the AT Protocol OAuth spec.
|
Full Usage:
validateClientAssertion assertionType assertion _expectedClientId
Parameters:
string
assertion : string
_expectedClientId : string
Returns: Result<unit, OAuthServerError>
|
Validate a client assertion for confidential clients. Checks that the assertion type is correct and the assertion is non-empty. Full JWT validation is a stretch goal.
|
Full Usage:
validateClientMetadata metadata
Parameters:
ClientMetadata
Returns: Result<unit, OAuthServerError>
|
Validate that client metadata meets AT Protocol OAuth requirements.
|
Full Usage:
validatePkceS256 verifier challenge
Parameters:
string
challenge : string
Returns: bool
|
Verify an S256 PKCE code challenge against the given verifier. Hashes the verifier with SHA-256, base64url encodes it, and compares with the challenge.
|