ATProtoKit icon indicating copy to clipboard operation
ATProtoKit copied to clipboard

Published 20 hours ago verified publisher icon MasterJ93

[Feature Request]: Parse and validate session tokens

Open MasterJ93 opened this issue 11 months ago • 1 comments

Summary

Methods related to session tokens will be needed.

Pain points

At this time, ATProtocolConfiguration's getSession and refreshSession has a few lines of code that shouldn't run unless they're absolutely necessary. There needs to be a way for the session tokens to be parsed so as to find out the issue and expiry dates, as well as the signature. The signature should be able to be validated; the public key is located under UserSession.didDocument.verificationMethod[#].publicKeyMultibase.

Considered Alternatives

No response

Is this a breaking change?

No

Library Examples

No response

Additional Context

No response

MasterJ93 avatar Dec 26 '24 03:12 MasterJ93

Version 0.22.0 now allows you to parse the session tokens. However, while this is complete, there is not yet a way to validate the token.

In order to do this, we'll need a cryptography package. Which means this issue is blocked from closing until #88 is completed.

MasterJ93 avatar Jan 14 '25 19:01 MasterJ93

SessionToken is available in ATCryptography now, and will be the new home for that struct. ATProtoKit will soon have its own version deprecated and removed; if you want to still use it, please add ATCryptography as a dependency in your project.

Because of this, I will consider this issue closed.

MasterJ93 avatar Jul 18 '25 22:07 MasterJ93