4 releases 4 tags

RSS feed

• v0.3.0 1b4bb50af9

  Compare

  v0.3.0 Stable

  Grandiras released this 2026-02-21 01:15:21 +00:00 | 3 commits to main since this release

  Added

  • Cookie-based OAuth for Blazor — Standard cookie authentication that works with <AuthorizeView>, [Authorize], and all built-in Blazor auth patterns

    • AddAtProtoAuthentication() — registers OAuth service and options
    • MapAtProtoOAuth() — maps /atproto/login, /atproto/callback, /atproto/logout endpoints
    • Auto-generated loopback client_id for zero-config development
    • Configurable claims via ClaimsFactory option
    • Default claims: DID, handle, PDS URL, auth method

  • Server-side AT Protocol access — Backend API integration via IAtProtoClientFactory

    • AddAtProtoServer() — registers token store, client factory, and HTTP client
    • IAtProtoClientFactory — creates per-request authenticated AtProtoClient from stored OAuth tokens
    • IAtProtoTokenStore — interface for multi-user server-side token storage
    • FileAtProtoTokenStore (default) — persistent file-based token storage with ASP.NET Core Data Protection encryption
    • InMemoryAtProtoTokenStore — volatile in-memory store for development/testing
    • AddAtProtoServer(string tokenDirectory) overload for custom token storage directory
    • AtProtoTokenData — serializable token data including DPoP private key
    • Blazor OAuth service automatically stores/removes tokens when IAtProtoTokenStore is registered

  • Rewritten LoginForm component — Pure HTML form that submits to the login endpoint

    • Fully customizable labels for localization
    • Optional PDS URL input for custom PDS connections
    • Auto-displays OAuth callback errors

  • ServerIntegrationSample — New sample showing Blazor OAuth + backend AT Proto access

    • Minimal API endpoints (/api/profile, /api/timeline)
    • Blazor pages using IAtProtoClientFactory directly
    • Profile and timeline views

  Fixed

  • DPoP nonce handling — AtProtoClientFactory now passes null DPoP nonces instead of stale stored values; the XRPC client's retry logic acquires fresh nonces on first request, preventing use_dpop_nonce 401 errors

  Changed

  • ATProtoNet.Blazor.csproj — Replaced individual NuGet package references with <FrameworkReference Include="Microsoft.AspNetCore.App" />
  • ATProtoNet.Server ServiceCollectionExtensions — Added AddAtProtoServer() for OAuth-based multi-user access; default token store changed from InMemoryAtProtoTokenStore to FileAtProtoTokenStore; improved docs on existing AddAtProto() and AddAtProtoScoped() methods

  Removed

  • BREAKING: AddAtProtoBlazor() extension method — replaced by AddAtProtoAuthentication()
  • BREAKING: AtProtoAuthStateProvider — no longer needed; standard ServerAuthenticationStateProvider works via cookies
  • BREAKING: OAuthCallback component — callback is now an HTTP endpoint mapped by MapAtProtoOAuth()
  • BREAKING: PdsOption model — PDS selection is now a simple text input in LoginForm
  • BREAKING: BlazorServiceCollectionExtensions class — replaced by AtProtoAuthenticationExtensions

  Downloads

  • Source code (ZIP)
    0 downloads
  • Source code (TAR.GZ)
    0 downloads
• v0.2.0 1a5e41f286

  Compare

  v0.2.0 Stable

  Grandiras released this 2026-02-20 23:39:00 +00:00 | 4 commits to main since this release

  Added

  • OAuth Authentication — Full AT Protocol OAuth implementation

    • DPoP (RFC 9449) — proof-of-possession bound tokens with ES256 (P-256) key pairs
    • Pushed Authorization Requests (RFC 9126) — secure authorization initiation
    • PKCE (RFC 7636) — S256 code challenge for public clients
    • Authorization Server Discovery — full resolution chain (Handle → DID → PDS → AS)
    • Identity verification — DID/issuer consistency checks after token exchange
    • Token refresh with DPoP binding
    • OAuthClient orchestrator with StartAuthorizationAsync() / CompleteAuthorizationAsync()
    • AuthorizationServerDiscovery for handle, DID, and PDS resolution
    • DPoPProofGenerator for ES256 DPoP proof JWT generation
    • PkceGenerator for PKCE S256 code verifier and challenge generation
    • Complete OAuthModels — client metadata, server metadata, token responses, DID documents

  • Dynamic PDS Selection — Connect to any AT Protocol PDS at runtime

    • AtProtoClient.SetPdsUrl() — change PDS URL dynamically
    • AtProtoClient.ApplyOAuthSessionAsync() — apply OAuth session with DPoP tokens
    • XrpcClient.SetBaseUrl() — runtime base URL changes
    • OAuth flow automatically resolves user's PDS from their identity

  • Blazor OAuth Components

    • LoginForm — redesigned with PDS selector, OAuth toggle, custom PDS URL input
    • OAuthCallback — callback handler component for OAuth redirect
    • PdsOption — model for PDS dropdown options
    • AtProtoAuthStateProvider — OAuth-aware auth state with StartOAuthLoginAsync() and CompleteOAuthLoginAsync()
    • AddAtProtoBlazor() — now registers OAuthClient when OAuth options are configured

  • Security hardening

    • Handle format validation (SSRF prevention)
    • DID:web host validation (private IP blocking)
    • Redirect URI HTTPS enforcement (localhost exception for dev)
    • DID format validation on token response sub claim
    • Pending authorization cleanup (10-minute expiry, 100 max entries)
    • DPoP private key export security documentation

  • Sample project

    • samples/BlazorOAuthSample — minimal Blazor Server app demonstrating OAuth login with loopback client

  • Documentation

    • OAuth authentication guide (docs/oauth.md) with loopback client development section
    • Updated Blazor, session management, and getting started guides
    • Updated README with OAuth sections

  • Tests

    • 50 new unit tests for OAuth components (DPoP, PKCE, models, dynamic PDS)
    • Total: 268 unit tests

  Downloads

  • Source code (ZIP)
    0 downloads
  • Source code (TAR.GZ)
    0 downloads
• v0.1.1 4d9a0bae77

  Compare

  v0.1.1 — AT Protocol-compliant Timestamps Stable

  Grandiras released this 2026-02-20 18:41:46 +00:00 | 8 commits to main since this release

  What's Changed

  Fixed

  • Timestamp formatting: All timestamps now use AT Protocol spec-compliant millisecond precision (2026-02-20T18:19:03.889Z) instead of the overly precise 7-digit format (2026-02-20T18:19:03.8899309Z) previously generated by DateTime.ToString("o").

  Added

  • AtProtoJsonDefaults.FormatTimestamp(DateTime) — formats any DateTime to AT Proto spec-compliant string.
  • AtProtoJsonDefaults.NowTimestamp() — returns the current UTC time as an AT Proto timestamp.

  Packages

  Install from the Forgejo NuGet registry:

  <PackageReference Include="ATProtoNet" Version="0.1.1" />
  <PackageReference Include="ATProtoNet.Server" Version="0.1.1" />
  <PackageReference Include="ATProtoNet.Blazor" Version="0.1.1" />
  

  Full changelog: v0.1.0...v0.1.1

  Downloads

  • Source code (ZIP)
    0 downloads
  • Source code (TAR.GZ)
    0 downloads
• v0.1.0 ff011610f2

  Compare

  v0.1.0 Stable

  Grandiras released this 2026-02-19 22:50:09 +00:00 | 17 commits to main since this release

  ATProto.NET v0.1.0 — Initial Release

  A comprehensive .NET SDK for the AT Protocol with focus on custom lexicon applications.

  Packages

  Install from the Forgejo NuGet registry:

  <PackageReference Include="ATProtoNet" Version="0.1.0" />
  <PackageReference Include="ATProtoNet.Server" Version="0.1.0" />
  <PackageReference Include="ATProtoNet.Blazor" Version="0.1.0" />
  

  Highlights

  • RecordCollection<T> — typed CRUD for custom lexicon records
  • Custom XRPC — call any AT Proto endpoint with QueryAsync/ProcedureAsync
  • Identity types — Did, Handle, AtUri, Nsid, Cid, Tid, RecordKey
  • Session management — auto-refresh, persistence via ISessionStore
  • ASP.NET Core — DI, authentication handler
  • Blazor — login, profile, feed components
  • Firehose — real-time event streaming
  • 218 unit tests, 20 integration tests passing against real PDS

  See the documentation for full guides.

  Downloads

  • Source code (ZIP)
    0 downloads
  • Source code (TAR.GZ)
    0 downloads

  ---

  • ATProtoNet.0.1.0.nupkg
    0 downloads · 2026-02-19 22:50:26 +00:00 · 128 KiB
  • ATProtoNet.Blazor.0.1.0.nupkg
    0 downloads · 2026-02-19 22:50:26 +00:00 · 23 KiB
  • ATProtoNet.Server.0.1.0.nupkg
    0 downloads · 2026-02-19 22:50:26 +00:00 · 14 KiB