UNPKG

@atproto/oauth-scopes

Version:

A library for manipulating and validating ATproto OAuth scopes in TypeScript.

atproto.com

bluesky-social/atproto

72 lines (60 loc) 2.21 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
// @TODO Refactor in shared location for use with other @atproto packages function isStringSlashString(value: string): value is `${string}/${string}` { const slashIndex = value.indexOf('/') if (slashIndex === -1) return false // Missing slash if (slashIndex === 0) return false // No leading part before the slash if (slashIndex === value.length - 1) return false // No trailing part after the slash if (value.includes('/', slashIndex + 1)) return false // More than one slash if (value.includes(' ')) return false // Spaces are not allowed return true } export type Mime = `${string}/${string}` export function isMime(value: string): value is Mime { return isStringSlashString(value) && !value.includes('*') } export type Accept = '*/*' | `${string}/*` | Mime export function isAccept(value: unknown): value is Accept { if (typeof value !== 'string') return false if (value === '*/*') return true // Fast path for the most common case if (!isStringSlashString(value)) return false return !value.includes('*') || value.endsWith('/*') } /** * @note "unsafe" in that it does not check if either {@link accept} or * {@link mime} are actually valid values (and could, therefore, lead to false * positives if forged values are used). */ function matchesAcceptUnsafe(accept: Accept, mime: Mime): boolean { if (accept === '*/*') { return true } if (accept.endsWith('/*')) { return mime.startsWith(accept.slice(0, -1)) } return accept === mime } export function matchesAccept(accept: Accept, mime: string): boolean { return isMime(mime) && matchesAcceptUnsafe(accept, mime) } /** * @note "unsafe" in that it does not check if either {@link accept} or * {@link mime} are actually valid values (and could, therefore, lead to false * positives if forged values are used). */ function matchesAnyAcceptUnsafe( acceptable: Iterable<Accept>, mime: Mime, ): boolean { for (const accept of acceptable) { if (matchesAcceptUnsafe(accept, mime)) { return true } } return false } export function matchesAnyAccept( acceptable: Iterable<Accept>, mime: string, ): boolean { return isMime(mime) && matchesAnyAcceptUnsafe(acceptable, mime) }