oauth/io.github.kikin81.atproto.oauth/DiscoveryChain

DiscoveryChain

class DiscoveryChain(httpClient: HttpClient, json: Json = Json { ignoreUnknownKeys = true })

Implements the AT Protocol discovery chain:

  1. Handle → DID: HTTP fallback via /.well-known/atproto-did on the handle's domain. (DNS _atproto.<handle> TXT is preferred but requires a DNS library; HTTP fallback covers all cases.)

  2. DID → PDS: Fetch the DID document from plc.directory (for did:plc) or the DID method's resolution endpoint, extract the #atproto_pds service endpoint.

  3. PDS → Auth Server: Fetch /.well-known/oauth-protected-resourceauthorization_servers[0], then /.well-known/oauth-authorization-server → extract all OAuth endpoint URLs.

  4. Bidirectional handle verification: verify the DID document's alsoKnownAs field claims the original handle.

Constructors

Link copied to clipboard
constructor(httpClient: HttpClient, json: Json = Json { ignoreUnknownKeys = true })

Functions

Link copied to clipboard
suspend fun resolve(handleOrDid: String): AuthServerMetadata

Resolves a handle or DID all the way to a fully-populated AuthServerMetadata ready for the OAuth flow.