oauth を更新

2025-06-17 00:17:52 +00:00
parent 4ceb19be51
commit c2f425a7a4
1 changed files with 22 additions and 95 deletions
--- a/oauth.md
+++ b/oauth.md
@ -1,99 +1,26 @@
+## 必要な値
+
+pdsに設定する。
+
+```env
+# Entrywayを明示的に無効化
+PDS_ENTRYWAY_URL=
+PDS_ENTRYWAY_DID=
+
+# OAuth Provider設定
+PDS_OAUTH_ISSUER=https://syu.is
+PDS_OAUTH_PROVIDER_ENABLED=true
+
+# その他の必須設定
+PDS_HOSTNAME=syu.is
+PDS_SERVICE_DID=did:web:syu.is
+PDS_PUBLIC_URL=https://syu.is
+```
+
 ```sh
 $ curl -s https://syu.is/.well-known/oauth-authorization-server |jq . 
 ```

-```sh
-{
-  "issuer": "https://syu.is",
-  "request_parameter_supported": true,
-  "request_uri_parameter_supported": true,
-  "require_request_uri_registration": true,
-  "scopes_supported": [
-    "atproto",
-    "transition:email",
-    "transition:generic",
-    "transition:chat.bsky"
-  ],
-  "subject_types_supported": [
-    "public"
-  ],
-  "response_types_supported": [
-    "code"
-  ],
-  "response_modes_supported": [
-    "query",
-    "fragment",
-    "form_post"
-  ],
-  "grant_types_supported": [
-    "authorization_code",
-    "refresh_token"
-  ],
-  "code_challenge_methods_supported": [
-    "S256"
-  ],
-  "ui_locales_supported": [
-    "en-US"
-  ],
-  "display_values_supported": [
-    "page",
-    "popup",
-    "touch"
-  ],
-  "request_object_signing_alg_values_supported": [
-    "RS256",
-    "RS384",
-    "RS512",
-    "PS256",
-    "PS384",
-    "PS512",
-    "ES256",
-    "ES256K",
-    "ES384",
-    "ES512",
-    "none"
-  ],
-  "authorization_response_iss_parameter_supported": true,
-  "request_object_encryption_alg_values_supported": [],
-  "request_object_encryption_enc_values_supported": [],
-  "jwks_uri": "https://syu.is/oauth/jwks",
-  "authorization_endpoint": "https://syu.is/oauth/authorize",
-  "token_endpoint": "https://syu.is/oauth/token",
-  "token_endpoint_auth_methods_supported": [
-    "none",
-    "private_key_jwt"
-  ],
-  "token_endpoint_auth_signing_alg_values_supported": [
-    "RS256",
-    "RS384",
-    "RS512",
-    "PS256",
-    "PS384",
-    "PS512",
-    "ES256",
-    "ES256K",
-    "ES384",
-    "ES512"
-  ],
-  "revocation_endpoint": "https://syu.is/oauth/revoke",
-  "introspection_endpoint": "https://syu.is/oauth/introspect",
-  "pushed_authorization_request_endpoint": "https://syu.is/oauth/par",
-  "require_pushed_authorization_requests": true,
-  "dpop_signing_alg_values_supported": [
-    "RS256",
-    "RS384",
-    "RS512",
-    "PS256",
-    "PS384",
-    "PS512",
-    "ES256",
-    "ES256K",
-    "ES384",
-    "ES512"
-  ],
-  "protected_resources": [
-    "https://syu.is"
-  ],
-  "client_id_metadata_document_supported": true
-}
-```
+[@atproto/oauth-provider](https://github.com/bluesky-social/atproto/tree/main/packages/oauth/oauth-provider)が本体となる。
+
+> https://syu.is/@atproto/oauth-provider/~assets/file.css