julien/remanso-jetstream
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bcea56c529ef84d134d410eeb449184828e6b325
remanso-jetstream/scripts/manage-webhooks.ts
Julien Calixte a3c92254ea refactor(scripts): auto-resolve PDS from handle, drop BSKY_PDS 
Inputs are now just ATPROTO_HANDLE, ATPROTO_APP_PASSWORD, REMANSO_API
(or matching --handle, --app-password, --api). The script resolves the
handle to a DID via public.api.bsky.app, then resolves the DID to a
PDS via plc.directory — same path the server's verifier uses. Works
for any AT Protocol PDS (Bluesky, eurosky, self-hosted) without the
caller having to know the PDS URL.
2026-05-05 12:36:22 +02:00

170 lines
5.3 KiB
TypeScript
Raw Blame History

// Manage webhook subscriptions on the Remanso API. Resolves your PDS from
// your AT Protocol handle, logs in with an app password, then registers or
// deletes webhooks against the Remanso API.
//
// deno task webhooks register --url https://your-receiver --verb bulk-create
// deno task webhooks delete-all
//
// Inputs (env or flag, env preferred):
// ATPROTO_HANDLE / --handle e.g. alice.eurosky.social
// ATPROTO_APP_PASSWORD / --app-password app password (NOT your account password)
// REMANSO_API / --api default: https://api.remanso.space
const HELP = `
Usage:
deno task webhooks register \\
--url <receiver-url> \\
[--verb create|delete|bulk-create] \\
[--method POST] \\
[--token <outbound-bearer>]
deno task webhooks delete-all
Inputs (env or flag, env preferred):
ATPROTO_HANDLE / --handle your AT Protocol handle
ATPROTO_APP_PASSWORD / --app-password app password (NOT your account password)
REMANSO_API / --api default: https://api.remanso.space
Your PDS is resolved automatically from the handle.
`;
type ResolveHandleResponse = { did: string };
type DidDocument = {
service?: { id: string; serviceEndpoint: string }[];
};
type CreateSessionResponse = { did: string; accessJwt: string };
const parseArgs = (args: string[]): Record<string, string> => {
const out: Record<string, string> = {};
for (let i = 0; i < args.length; i++) {
const arg = args[i];
if (!arg.startsWith("--")) continue;
const key = arg.slice(2);
const next = args[i + 1];
if (next === undefined || next.startsWith("--")) {
out[key] = "true";
} else {
out[key] = next;
i++;
}
}
return out;
};
const die = (msg: string): never => {
console.error(`error: ${msg}`);
console.error(HELP);
Deno.exit(1);
};
const resolveHandleToDid = async (handle: string): Promise<string> => {
const url =
`https://public.api.bsky.app/xrpc/com.atproto.identity.resolveHandle?handle=${
encodeURIComponent(handle)
}`;
const res = await fetch(url);
if (!res.ok) {
throw new Error(
`resolveHandle failed for ${handle} (${res.status}): ${await res.text()}`,
);
}
const { did } = await res.json() as ResolveHandleResponse;
return did;
};
const resolveDidToPds = async (did: string): Promise<string> => {
if (!did.startsWith("did:plc:")) {
throw new Error(`Unsupported DID method (server only handles did:plc): ${did}`);
}
const res = await fetch(`https://plc.directory/${did}`);
if (!res.ok) {
throw new Error(`plc.directory lookup failed (${res.status})`);
}
const doc = await res.json() as DidDocument;
const pds = doc.service?.find((s) => s.id === "#atproto_pds");
if (!pds) throw new Error("No #atproto_pds service in DID document");
return pds.serviceEndpoint;
};
const createSession = async (
pds: string,
identifier: string,
password: string,
): Promise<CreateSessionResponse> => {
const res = await fetch(`${pds}/xrpc/com.atproto.server.createSession`, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ identifier, password }),
});
if (!res.ok) {
throw new Error(
`createSession failed (${res.status}): ${await res.text()}`,
);
}
return await res.json();
};
const main = async () => {
const [command, ...rest] = Deno.args;
if (!command || command === "--help" || command === "-h") {
console.log(HELP);
Deno.exit(command ? 0 : 1);
}
const flags = parseArgs(rest);
const handle = flags.handle ?? Deno.env.get("ATPROTO_HANDLE");
const password = flags["app-password"] ??
Deno.env.get("ATPROTO_APP_PASSWORD");
const api = flags.api ?? Deno.env.get("REMANSO_API") ??
"https://api.remanso.space";
if (!handle) die("ATPROTO_HANDLE (or --handle) is required");
if (!password) die("ATPROTO_APP_PASSWORD (or --app-password) is required");
const did = await resolveHandleToDid(handle);
const pds = await resolveDidToPds(did);
console.log(`[resolve] ${handle}${did} via ${pds}`);
const session = await createSession(pds, handle, password);
if (command === "register") {
const url = flags.url ?? die("--url is required for register");
const body: Record<string, unknown> = {
method: flags.method ?? "POST",
url,
};
if (flags.verb) body.verb = flags.verb;
if (flags.token) body.token = flags.token;
const res = await fetch(`${api}/${session.did}/webhooks`, {
method: "POST",
headers: {
"Authorization": `Bearer ${session.accessJwt}`,
"Content-Type": "application/json",
},
body: JSON.stringify(body),
});
if (!res.ok) {
console.error(`register failed (${res.status}): ${await res.text()}`);
Deno.exit(1);
}
console.log(JSON.stringify(await res.json(), null, 2));
return;
}
if (command === "delete-all") {
const res = await fetch(`${api}/${session.did}/webhooks`, {
method: "DELETE",
headers: { "Authorization": `Bearer ${session.accessJwt}` },
});
if (!res.ok) {
console.error(`delete failed (${res.status}): ${await res.text()}`);
Deno.exit(1);
}
console.log(`[done] all webhooks for ${session.did} deleted`);
return;
}
die(`unknown command: ${command}`);
};
await main();
Reference in New Issue View Git Blame Copy Permalink