Dima/matrix-js-sdk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Clean up the ValidatedAuthMetadata types (#5175)

Browse Source 
We don't expect oidc-client-ts to provide the `device_authorization_endpoint` in the `OidcMetadata` because it isn't part of the OIDC spec.

As such, I think it makes sense to standardise on defining the metadata fields in `validate.ts` and clarify where they come from.
This commit is contained in:
Hugh Nimmo-Smith
2026-02-02 17:27:33 +00:00
committed by GitHub
parent 21cd5e98c1
commit f301251ff5
2 changed files with 7 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/@types/oidc-client-ts.d.ts
Vendored
-24
View File
@@ -1,24 +0,0 @@
/*
Copyright 2024 The Matrix.org Foundation C.I.C.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
import "oidc-client-ts";
declare module "oidc-client-ts" {
interface OidcMetadata {
// Add the missing device_authorization_endpoint field to the OidcMetadata interface
device_authorization_endpoint?: string;
}
}
src/oidc/validate.ts
+7 -3
View File
@@ -28,6 +28,8 @@ import { OAuthGrantType } from "./index.ts";
*/
export type ValidatedAuthMetadata = Partial<OidcMetadata> &
Pick<
// These values are from [RFC8414](https://datatracker.ietf.org/doc/html/rfc8414#section-2)
// so we can reuse the OidcMetadata definitions from oidc-client-ts
OidcMetadata,
| "issuer"
| "authorization_endpoint"
@@ -37,12 +39,14 @@ export type ValidatedAuthMetadata = Partial<OidcMetadata> &
| "grant_types_supported"
| "code_challenge_methods_supported"
> & {
// MSC4191 extensions to the OIDC spec
// These values aren't part of RFC8414 so we add them here
// Account management fields from stable MSC4191:
account_management_uri?: string;
account_management_actions_supported?: string[];
// The OidcMetadata type from oidc-client-ts does not include `prompt_values_supported`
// even though it is part of the OIDC spec
// Value from [Initiating User Registration via OpenID Connect](https://openid.net/specs/openid-connect-prompt-create-1_0.html):
prompt_values_supported?: string[];
// Experimental MSC4341 value from [RFC8628](https://datatracker.ietf.org/doc/html/rfc8628#section-4):
device_authorization_endpoint?: string;
};
const isRecord = (value: unknown): value is Record<string, unknown> =>