Code Issues Merge Requests Branches Tags Releases Compare Graph

fix(auth): request transition:generic scope for write permissions

Author: Aaron Steven White
Commit f17e474e5077cbd0d2f7679788ed83acf08abcc9
Parent: be23e44b74
Structural diff unavailable

These commits were pushed via plain git push, so no pre-parsed schemas are available. Install git-remote-cospan and re-push via panproto:// to see scope-level changes, breaking change detection, and semantic diffs.

brew install panproto/tap/git-remote-cospan
4 files changed +6 -6
@@ -436,7 +436,7 @@ checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b"
436436 
437437 [[package]]
438438 name = "cospan-appview"
439-version = "0.2.2"
439+version = "0.2.3"
440440 dependencies = [
441441  "anyhow",
442442  "async-trait",
@@ -479,7 +479,7 @@ dependencies = [
479479 
480480 [[package]]
481481 name = "cospan-codegen"
482-version = "0.2.2"
482+version = "0.2.3"
483483 dependencies = [
484484  "anyhow",
485485  "panproto-core",
@@ -493,7 +493,7 @@ dependencies = [
493493 
494494 [[package]]
495495 name = "cospan-node"
496-version = "0.2.2"
496+version = "0.2.3"
497497 dependencies = [
498498  "anyhow",
499499  "async-trait",
@@ -7,7 +7,7 @@ members = [
77 resolver = "2"
88 
99 [workspace.package]
10-version = "0.2.3"
10+version = "0.2.4"
1111 edition = "2024"
1212 license = "AGPL-3.0-or-later"
1313 repository = "https://github.com/cospan-dev/cospan"
@@ -40,7 +40,7 @@ export async function getOAuthClient(): Promise<BrowserOAuthClient> {
4040 
4141 export async function login(handle: string): Promise<void> {
4242 	const client = await getOAuthClient();
43-	const url = await client.authorize(handle, { scope: 'atproto' });
43+	const url = await client.authorize(handle, { scope: 'atproto transition:generic' });
4444 	window.location.assign(url.toString());
4545 }
4646
@@ -54,7 +54,7 @@ async fn client_metadata(State(state): State<Arc<AppState>>) -> impl IntoRespons
5454         ],
5555         "grant_types": ["authorization_code", "refresh_token"],
5656         "response_types": ["code"],
57-        "scope": "atproto",
57+        "scope": "atproto transition:generic",
5858         "application_type": "web",
5959         "token_endpoint_auth_method": "none",
6060         "dpop_bound_access_tokens": true,
Back to repository
cospan · schematic version control on atproto built on AT Protocol