Bluesky OAuthlient, with Vanilla JavaScript
This post details integrating Bluesky Authentication (OAuth DPoP) into a serverless client application using only Vanilla JavaScript. It's a conceptual illustration, not a fully functional example due to token expiration.
Introduction
We'll explore how to implement Bluesky authentication in a JavaScript application without relying on external frameworks.
Disclaimer
This is a tutorial demonstrating the process. Due to the ephemeral nature of authentication tokens, it won't function as a standalone, perpetually working example. Please report any errors.
OAuth Authentication
For a serverless application requiring user authentication, we can leverage a third-party authority like Bluesky. This uses the OAuth 2.0 protocol. More details on Bluesky's OAuth implementation can be found in the OAuth - AT Protocol documentation.
Client Metadata
To utilize Bluesky authentication, our application needs to be recognized by Bluesky's authentication servers. This is achieved via a client metadata file (e.g., client-metadata.json
) containing application information. This allows for automated client registration, eliminating the need for manual server registration. The metadata file must be accessible via HTTPS.
An example metadata file (accessible at https://www.php.cn/link/db817217c5d9b196aa39cfeb0ce889e4):
{ "client_id":"https://www.php.cn/link/db817217c5d9b196aa39cfeb0ce889e4", "application_type":"web", "grant_types":[ "authorization_code", "refresh_token" ], "scope":"atproto transition:generic transition:chat.bsky", "response_types":[ "code id_token", "code" ], "redirect_uris":[ "https://madrilenyer.neocities.org/bsky/oauth/callback/" ], "dpop_bound_access_tokens":true, "token_endpoint_auth_method":"none", "client_name":"Madrilenyer Example Browser App", "client_uri":"https://madrilenyer.neocities.org/bsky/" }
This file describes our application to the Bluesky authentication servers.
Core Authentication Requirements
To authenticate a user, we minimally require their Bluesky handle. The handle is the portion of the Bluesky profile URL after https://bsky.app/profile/
.
Retrieving User Data
-
Retrieve DID: Given a user's handle, we can fetch their Decentralized Identifier (DID) using an API call (e.g.,
https://bsky.social/xrpc/com.atproto.identity.resolveHandle?handle=<handle>
). -
Retrieve DID Document: Using the DID, we retrieve the DID Document from the PLC API (
https://plc.directory/<did>
). This document contains the user's PDS (Personal Data Server) URL. -
Retrieve PDS Metadata: The PDS URL (
serviceEndpoint
in the DID Document) is used to fetch the PDS metadata from/.well-known/oauth-protected-resource
. This metadata provides the authorization server URL. -
Authorization Server Discovery: The authorization server URL is used to retrieve its metadata from
/.well-known/oauth-authorization-server
. This metadata contains crucial endpoints like the authorization endpoint, token endpoint, and pushed authorization request (PAR) endpoint.
The subsequent steps involve using the discovered endpoints and PKCE (Proof Key for Code Exchange) to obtain the user's access token, a process involving PAR requests, DPoP (Demonstrate Proof of Possession) for enhanced security, and handling redirects. The detailed Javascript code for these steps, while omitted for brevity, would involve making several API calls and handling the responses. The official Bluesky TypeScript client is a more robust and recommended alternative for production applications.
The above is the detailed content of Bluesky OAuthlient, with Vanilla JavaScript. For more information, please follow other related articles on the PHP Chinese website!

Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

Notepad++7.3.1
Easy-to-use and free code editor

SublimeText3 Chinese version
Chinese version, very easy to use

Zend Studio 13.0.1
Powerful PHP integrated development environment

Dreamweaver CS6
Visual web development tools

SublimeText3 Mac version
God-level code editing software (SublimeText3)

Hot Topics











JavaScript is the cornerstone of modern web development, and its main functions include event-driven programming, dynamic content generation and asynchronous programming. 1) Event-driven programming allows web pages to change dynamically according to user operations. 2) Dynamic content generation allows page content to be adjusted according to conditions. 3) Asynchronous programming ensures that the user interface is not blocked. JavaScript is widely used in web interaction, single-page application and server-side development, greatly improving the flexibility of user experience and cross-platform development.

The latest trends in JavaScript include the rise of TypeScript, the popularity of modern frameworks and libraries, and the application of WebAssembly. Future prospects cover more powerful type systems, the development of server-side JavaScript, the expansion of artificial intelligence and machine learning, and the potential of IoT and edge computing.

Different JavaScript engines have different effects when parsing and executing JavaScript code, because the implementation principles and optimization strategies of each engine differ. 1. Lexical analysis: convert source code into lexical unit. 2. Grammar analysis: Generate an abstract syntax tree. 3. Optimization and compilation: Generate machine code through the JIT compiler. 4. Execute: Run the machine code. V8 engine optimizes through instant compilation and hidden class, SpiderMonkey uses a type inference system, resulting in different performance performance on the same code.

Python is more suitable for beginners, with a smooth learning curve and concise syntax; JavaScript is suitable for front-end development, with a steep learning curve and flexible syntax. 1. Python syntax is intuitive and suitable for data science and back-end development. 2. JavaScript is flexible and widely used in front-end and server-side programming.

JavaScript is the core language of modern web development and is widely used for its diversity and flexibility. 1) Front-end development: build dynamic web pages and single-page applications through DOM operations and modern frameworks (such as React, Vue.js, Angular). 2) Server-side development: Node.js uses a non-blocking I/O model to handle high concurrency and real-time applications. 3) Mobile and desktop application development: cross-platform development is realized through ReactNative and Electron to improve development efficiency.

This article demonstrates frontend integration with a backend secured by Permit, building a functional EdTech SaaS application using Next.js. The frontend fetches user permissions to control UI visibility and ensures API requests adhere to role-base

The shift from C/C to JavaScript requires adapting to dynamic typing, garbage collection and asynchronous programming. 1) C/C is a statically typed language that requires manual memory management, while JavaScript is dynamically typed and garbage collection is automatically processed. 2) C/C needs to be compiled into machine code, while JavaScript is an interpreted language. 3) JavaScript introduces concepts such as closures, prototype chains and Promise, which enhances flexibility and asynchronous programming capabilities.

I built a functional multi-tenant SaaS application (an EdTech app) with your everyday tech tool and you can do the same. First, what’s a multi-tenant SaaS application? Multi-tenant SaaS applications let you serve multiple customers from a sing
