(
serverUrl: string,
opts?: { fetchFn?: FetchLike },
)
| 133 | * validation (mix-up protection — TODO: upstream to SDK). |
| 134 | */ |
| 135 | export async function discoverProtectedResource( |
| 136 | serverUrl: string, |
| 137 | opts?: { fetchFn?: FetchLike }, |
| 138 | ): Promise<ProtectedResourceMetadata> { |
| 139 | let prm |
| 140 | try { |
| 141 | prm = await discoverOAuthProtectedResourceMetadata( |
| 142 | serverUrl, |
| 143 | undefined, |
| 144 | opts?.fetchFn ?? defaultFetch, |
| 145 | ) |
| 146 | } catch (e) { |
| 147 | throw new Error( |
| 148 | `XAA: PRM discovery failed: ${e instanceof Error ? e.message : String(e)}`, |
| 149 | ) |
| 150 | } |
| 151 | if (!prm.resource || !prm.authorization_servers?.[0]) { |
| 152 | throw new Error( |
| 153 | 'XAA: PRM discovery failed: PRM missing resource or authorization_servers', |
| 154 | ) |
| 155 | } |
| 156 | if (normalizeUrl(prm.resource) !== normalizeUrl(serverUrl)) { |
| 157 | throw new Error( |
| 158 | `XAA: PRM discovery failed: PRM resource mismatch: expected ${serverUrl}, got ${prm.resource}`, |
| 159 | ) |
| 160 | } |
| 161 | return { |
| 162 | resource: prm.resource, |
| 163 | authorization_servers: prm.authorization_servers, |
| 164 | } |
| 165 | } |
| 166 | |
| 167 | export type AuthorizationServerMetadata = { |
| 168 | issuer: string |
no test coverage detected