bretton.dev
-296
lib/services/oauth_service.dart
-296
lib/services/oauth_service.dart
···
-337
packages/atproto_oauth_flutter/CHUNK3_IMPLEMENTATION_REPORT.md
-337
packages/atproto_oauth_flutter/CHUNK3_IMPLEMENTATION_REPORT.md
···-Successfully ported the **atProto Identity Resolution Layer** from TypeScript to Dart with full 1:1 API compatibility. This is the **most critical component for atProto decentralization**, enabling users to host their data on any Personal Data Server (PDS) instead of being locked to bsky.social.-- `/home/bretton/Code/coves_flutter/packages/atproto_oauth_flutter/test/identity_resolver_test.dart`-- `/home/bretton/Code/coves_flutter/packages/atproto_oauth_flutter/example/identity_resolver_example.dart`-- `/home/bretton/Code/coves_flutter/packages/atproto_oauth_flutter/lib/src/identity/README.md`-This implementation enables true atProto decentralization by ensuring apps discover where each user's data lives, rather than hardcoding centralized servers.-**Next Steps:** Integrate this into the OAuth client (Chunk 4+) to complete the full OAuth flow with proper PDS discovery.
-373
packages/atproto_oauth_flutter/CHUNK_5_IMPLEMENTATION.md
-373
packages/atproto_oauth_flutter/CHUNK_5_IMPLEMENTATION.md
···-This chunk implements the session management layer for atproto OAuth in Dart, providing a complete 1:1 port of the TypeScript implementation from `@atproto/oauth-client`.-**Problem**: `OAuthSession` needs `SessionGetter`, but `SessionGetter` returns `Session` objects that are used by `OAuthSession`.-**Solution**: Created `SessionGetterInterface` in `oauth_session.dart` as an abstract interface. `SessionGetter` in `session_getter.dart` will implement this interface in later chunks when all dependencies are available.-| `SessionGetter.getSession(sub, refresh?)` | `SessionGetter.getSession(sub, [refresh])` | Identical API |-| `SessionGetter.addEventListener('updated', ...)` | `SessionGetter.onUpdated.listen(...)` | Stream-based |-| `SessionGetter.addEventListener('deleted', ...)` | `SessionGetter.onDeleted.listen(...)` | Stream-based |-| `session.fetchHandler(pathname, init?)` | `session.fetchHandler(pathname, {method, headers, body})` | Named parameters |-These are intentional - this chunk focuses on the session management *structure*, with concrete implementations following in later chunks.-The code is production-ready structurally and awaits concrete implementations from subsequent chunks.
-102
packages/atproto_oauth_flutter/IMPLEMENTATION_PLAN.md
-102
packages/atproto_oauth_flutter/IMPLEMENTATION_PLAN.md
···-- `src/oauth-authorization-server-metadata-resolver.ts` → `lib/src/oauth/authorization_server_metadata_resolver.dart`-- `src/oauth-protected-resource-metadata-resolver.ts` → `lib/src/oauth/protected_resource_metadata_resolver.dart`
-394
packages/atproto_oauth_flutter/IMPLEMENTATION_STATUS.md
-394
packages/atproto_oauth_flutter/IMPLEMENTATION_STATUS.md
···-This is a **complete 1:1 port** of the TypeScript `@atproto/oauth-client` package to Dart/Flutter.
-1238
packages/atproto_oauth_flutter/README.md
-1238
packages/atproto_oauth_flutter/README.md
···-**Official AT Protocol OAuth client for Flutter** - A complete 1:1 port of the TypeScript `@atproto/oauth-client` package.-`atproto_oauth_flutter` is a complete OAuth 2.0 + OpenID Connect client for the AT Protocol, designed specifically for Flutter applications. It handles the full authentication lifecycle including:-The existing `atproto_oauth` package has a **critical flaw**: it **hardcodes `bsky.social`** as the OAuth provider. This breaks the decentralized nature of the AT Protocol.-**Bottom line:** This is the only Flutter package that properly implements decentralized atProto OAuth.-OAuth requires deep linking to redirect back to your app after authentication. You must configure both platforms:-Then create an `apple-app-site-association` file on your server at `https://example.com/.well-known/apple-app-site-association`.-**For HTTPS universal links**, also create a `assetlinks.json` file at `https://example.com/.well-known/assetlinks.json`.-**⚠️ Important:** If you're using declarative routing packages like `go_router` or `auto_route`, you MUST configure them to ignore OAuth callback deep links. Otherwise, the router will intercept the callback and OAuth will fail with "User canceled login".-When the OAuth server redirects back to your app with the authorization code, your router may try to handle the deep link before `flutter_web_auth_2` can capture it. This causes the OAuth flow to fail.-The key is to **not process URIs with your custom OAuth scheme** - let `flutter_web_auth_2` handle them.-- `responseMode` - How OAuth parameters are returned: `query` (default, URL query string) or `fragment` (URL fragment)-- `allowHttp` - Allow HTTP connections for development (default: `false`, **never use in production**)-- `input` - Handle (e.g., `"alice.bsky.social"`), DID (e.g., `"did:plc:..."`), PDS URL, or auth server URL-- `options` - Additional OAuth parameters (optional, see [AuthorizeOptions](#authorizeoptions))-- `scope` - Requested scope (default: `"atproto"`, recommended: `"atproto transition:generic"`)-**atProto is decentralized.** Users can host their data on any PDS. Your app should work with ALL of them.-- **Based on:** Official Bluesky [`@atproto/oauth-client`](https://github.com/bluesky-social/atproto/tree/main/packages/oauth/oauth-client)
-220
packages/atproto_oauth_flutter/example/flutter_oauth_example.dart
-220
packages/atproto_oauth_flutter/example/flutter_oauth_example.dart
···
-104
packages/atproto_oauth_flutter/example/identity_resolver_example.dart
-104
packages/atproto_oauth_flutter/example/identity_resolver_example.dart
···
-104
packages/atproto_oauth_flutter/lib/atproto_oauth_flutter.dart
-104
packages/atproto_oauth_flutter/lib/atproto_oauth_flutter.dart
···
-977
packages/atproto_oauth_flutter/lib/src/client/oauth_client.dart
-977
packages/atproto_oauth_flutter/lib/src/client/oauth_client.dart
···
-2
packages/atproto_oauth_flutter/lib/src/constants.dart
-2
packages/atproto_oauth_flutter/lib/src/constants.dart
-593
packages/atproto_oauth_flutter/lib/src/dpop/fetch_dpop.dart
-593
packages/atproto_oauth_flutter/lib/src/dpop/fetch_dpop.dart
···
-14
packages/atproto_oauth_flutter/lib/src/errors/auth_method_unsatisfiable_error.dart
-14
packages/atproto_oauth_flutter/lib/src/errors/auth_method_unsatisfiable_error.dart
···
-10
packages/atproto_oauth_flutter/lib/src/errors/errors.dart
-10
packages/atproto_oauth_flutter/lib/src/errors/errors.dart
···
-51
packages/atproto_oauth_flutter/lib/src/errors/oauth_callback_error.dart
-51
packages/atproto_oauth_flutter/lib/src/errors/oauth_callback_error.dart
···
-47
packages/atproto_oauth_flutter/lib/src/errors/oauth_resolver_error.dart
-47
packages/atproto_oauth_flutter/lib/src/errors/oauth_resolver_error.dart
···
-62
packages/atproto_oauth_flutter/lib/src/errors/oauth_response_error.dart
-62
packages/atproto_oauth_flutter/lib/src/errors/oauth_response_error.dart
···
-22
packages/atproto_oauth_flutter/lib/src/errors/token_invalid_error.dart
-22
packages/atproto_oauth_flutter/lib/src/errors/token_invalid_error.dart
···
-21
packages/atproto_oauth_flutter/lib/src/errors/token_refresh_error.dart
-21
packages/atproto_oauth_flutter/lib/src/errors/token_refresh_error.dart
···
-22
packages/atproto_oauth_flutter/lib/src/errors/token_revoked_error.dart
-22
packages/atproto_oauth_flutter/lib/src/errors/token_revoked_error.dart
···
-263
packages/atproto_oauth_flutter/lib/src/identity/README.md
-263
packages/atproto_oauth_flutter/lib/src/identity/README.md
···-This module implements the **critical identity resolution functionality** for atProto decentralization. It resolves atProto handles and DIDs to discover where user data is actually stored (their Personal Data Server).-Main interface for resolving identities. Use `AtprotoIdentityResolver` for the standard implementation.
-29
packages/atproto_oauth_flutter/lib/src/identity/constants.dart
-29
packages/atproto_oauth_flutter/lib/src/identity/constants.dart
···
-156
packages/atproto_oauth_flutter/lib/src/identity/did_document.dart
-156
packages/atproto_oauth_flutter/lib/src/identity/did_document.dart
···
-251
packages/atproto_oauth_flutter/lib/src/identity/did_helpers.dart
-251
packages/atproto_oauth_flutter/lib/src/identity/did_helpers.dart
···
-257
packages/atproto_oauth_flutter/lib/src/identity/did_resolver.dart
-257
packages/atproto_oauth_flutter/lib/src/identity/did_resolver.dart
···
-35
packages/atproto_oauth_flutter/lib/src/identity/handle_helpers.dart
-35
packages/atproto_oauth_flutter/lib/src/identity/handle_helpers.dart
···-// Pattern: ([a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?
-202
packages/atproto_oauth_flutter/lib/src/identity/handle_resolver.dart
-202
packages/atproto_oauth_flutter/lib/src/identity/handle_resolver.dart
···
-47
packages/atproto_oauth_flutter/lib/src/identity/identity.dart
-47
packages/atproto_oauth_flutter/lib/src/identity/identity.dart
···
-366
packages/atproto_oauth_flutter/lib/src/identity/identity_resolver.dart
-366
packages/atproto_oauth_flutter/lib/src/identity/identity_resolver.dart
···
-53
packages/atproto_oauth_flutter/lib/src/identity/identity_resolver_error.dart
-53
packages/atproto_oauth_flutter/lib/src/identity/identity_resolver_error.dart
···
-248
packages/atproto_oauth_flutter/lib/src/oauth/authorization_server_metadata_resolver.dart
-248
packages/atproto_oauth_flutter/lib/src/oauth/authorization_server_metadata_resolver.dart
···
-285
packages/atproto_oauth_flutter/lib/src/oauth/client_auth.dart
-285
packages/atproto_oauth_flutter/lib/src/oauth/client_auth.dart
···-? 'Client authentication method "$method" requires at least one "$fallbackAlg" signing key with a "kid" property'-: 'Authorization server requires "$method" authentication method, but does not support "$fallbackAlg" algorithm.',-'The ATProto OAuth spec requires that client use either "none" or "private_key_jwt" authentication method.' +-? ' You might want to explicitly set "token_endpoint_auth_method" to one of those values in the client metadata document.'
-307
packages/atproto_oauth_flutter/lib/src/oauth/oauth_resolver.dart
-307
packages/atproto_oauth_flutter/lib/src/oauth/oauth_resolver.dart
···
-519
packages/atproto_oauth_flutter/lib/src/oauth/oauth_server_agent.dart
-519
packages/atproto_oauth_flutter/lib/src/oauth/oauth_server_agent.dart
···-' Cached nonce: ${cachedNonce != null ? "✅ ${cachedNonce.substring(0, 20)}..." : "❌ not found"}',-/// [endpoint] is the endpoint name (e.g., 'token', 'revocation', 'pushed_authorization_request').
-117
packages/atproto_oauth_flutter/lib/src/oauth/oauth_server_factory.dart
-117
packages/atproto_oauth_flutter/lib/src/oauth/oauth_server_factory.dart
···
-196
packages/atproto_oauth_flutter/lib/src/oauth/protected_resource_metadata_resolver.dart
-196
packages/atproto_oauth_flutter/lib/src/oauth/protected_resource_metadata_resolver.dart
···-'Unsecure resource metadata URL ($protocol) only allowed in development and test environments',
-213
packages/atproto_oauth_flutter/lib/src/oauth/validate_client_metadata.dart
-213
packages/atproto_oauth_flutter/lib/src/oauth/validate_client_metadata.dart
···
-330
packages/atproto_oauth_flutter/lib/src/platform/README.md
-330
packages/atproto_oauth_flutter/lib/src/platform/README.md
···-The platform layer provides concrete implementations of all the abstract interfaces needed for OAuth to work on Flutter:-For most Flutter apps, this is fine. For advanced use cases, implement a platform-specific lock.-Cache TTLs are fixed (1 minute for most caches). Consider making these configurable if your app has different caching requirements.
-435
packages/atproto_oauth_flutter/lib/src/platform/flutter_key.dart
-435
packages/atproto_oauth_flutter/lib/src/platform/flutter_key.dart
···
-302
packages/atproto_oauth_flutter/lib/src/platform/flutter_oauth_client.dart
-302
packages/atproto_oauth_flutter/lib/src/platform/flutter_oauth_client.dart
···
-141
packages/atproto_oauth_flutter/lib/src/platform/flutter_oauth_router_helper.dart
-141
packages/atproto_oauth_flutter/lib/src/platform/flutter_oauth_router_helper.dart
···-// Extract URI from the state object (works with any router's state object that has a 'uri' property)
-91
packages/atproto_oauth_flutter/lib/src/platform/flutter_runtime.dart
-91
packages/atproto_oauth_flutter/lib/src/platform/flutter_runtime.dart
···
-341
packages/atproto_oauth_flutter/lib/src/platform/flutter_stores.dart
-341
packages/atproto_oauth_flutter/lib/src/platform/flutter_stores.dart
···
-280
packages/atproto_oauth_flutter/lib/src/runtime/runtime.dart
-280
packages/atproto_oauth_flutter/lib/src/runtime/runtime.dart
···
-167
packages/atproto_oauth_flutter/lib/src/runtime/runtime_implementation.dart
-167
packages/atproto_oauth_flutter/lib/src/runtime/runtime_implementation.dart
···-/// This ensures that only one execution of the function can run at a time for a given lock name.
-395
packages/atproto_oauth_flutter/lib/src/session/oauth_session.dart
-395
packages/atproto_oauth_flutter/lib/src/session/oauth_session.dart
···
-42
packages/atproto_oauth_flutter/lib/src/session/session.dart
-42
packages/atproto_oauth_flutter/lib/src/session/session.dart
···
-644
packages/atproto_oauth_flutter/lib/src/session/session_getter.dart
-644
packages/atproto_oauth_flutter/lib/src/session/session_getter.dart
···
-112
packages/atproto_oauth_flutter/lib/src/session/state_store.dart
-112
packages/atproto_oauth_flutter/lib/src/session/state_store.dart
···
-352
packages/atproto_oauth_flutter/lib/src/types.dart
-352
packages/atproto_oauth_flutter/lib/src/types.dart
···
-195
packages/atproto_oauth_flutter/lib/src/util.dart
-195
packages/atproto_oauth_flutter/lib/src/util.dart
···
-100
packages/atproto_oauth_flutter/lib/src/utils/lock.dart
-100
packages/atproto_oauth_flutter/lib/src/utils/lock.dart
···
-530
packages/atproto_oauth_flutter/pubspec.lock
-530
packages/atproto_oauth_flutter/pubspec.lock
···
-24
packages/atproto_oauth_flutter/pubspec.yaml
-24
packages/atproto_oauth_flutter/pubspec.yaml
···
-245
packages/atproto_oauth_flutter/test/identity_resolver_test.dart
-245
packages/atproto_oauth_flutter/test/identity_resolver_test.dart
···