update links to ietf docs (#4273)

Author: aaronpk

packages/oauth/oauth-client/src/oauth-authorization-server-metadata-resolver.ts

@@ -108,7 +108,7 @@ export class OAuthAuthorizationServerMetadataResolver extends CachedGetter<
     }
 
     // ATPROTO requires client_id_metadata_document
-    // http://drafts.aaronpk.com/draft-parecki-oauth-client-id-metadata-document/draft-parecki-oauth-client-id-metadata-document.html
+    // https://datatracker.ietf.org/doc/draft-ietf-oauth-client-id-metadata-document/
     if (metadata.client_id_metadata_document_supported !== true) {
       throw new TypeError(
         `Authorization server "${issuer}" does not support client_id_metadata_document`,

packages/oauth/oauth-client/src/oauth-client.ts

@@ -131,7 +131,7 @@ export class OAuthClient extends CustomEventTarget<OAuthClientEventMap> {
       throw new TypeError(`Failed to fetch client metadata: ${response.status}`)
     }
 
-    // https://drafts.aaronpk.com/draft-parecki-oauth-client-id-metadata-document/draft-parecki-oauth-client-id-metadata-document.html#section-4.1
+    // https://www.ietf.org/archive/id/draft-ietf-oauth-client-id-metadata-document-00.html#section-4.1
     const mime = response.headers.get('content-type')?.split(';')[0].trim()
     if (mime !== 'application/json') {
       response.body?.cancel?.()

packages/oauth/oauth-client/src/oauth-protected-resource-metadata-resolver.ts

@@ -27,7 +27,7 @@ export type OAuthProtectedResourceMetadataResolverConfig = {
 }
 
 /**
- * @see {@link https://datatracker.ietf.org/doc/html/draft-ietf-oauth-resource-metadata-05}
+ * @see {@link https://www.rfc-editor.org/rfc/rfc9728.html}
  */
 export class OAuthProtectedResourceMetadataResolver extends CachedGetter<
   string,
@@ -82,7 +82,7 @@ export class OAuthProtectedResourceMetadataResolver extends CachedGetter<
 
     const response = await this.fetch(request)
 
-    // https://datatracker.ietf.org/doc/html/draft-ietf-oauth-resource-metadata-05#section-3.2
+    // https://www.rfc-editor.org/rfc/rfc9728.html#section-3.2
     if (response.status !== 200) {
       await cancelBody(response, 'log')
       throw await FetchResponseError.from(
@@ -107,7 +107,7 @@ export class OAuthProtectedResourceMetadataResolver extends CachedGetter<
       await response.json(),
     )
 
-    // https://datatracker.ietf.org/doc/html/draft-ietf-oauth-resource-metadata-05#section-3.3
+    // https://www.rfc-editor.org/rfc/rfc9728.html#section-3.3
     if (metadata.resource !== origin) {
       throw new TypeError(`Invalid issuer ${metadata.resource}`)
     }

packages/oauth/oauth-client/src/oauth-resolver.ts

@@ -158,7 +158,7 @@ export class OAuthResolver {
         options,
       )
 
-      // https://datatracker.ietf.org/doc/html/draft-ietf-oauth-resource-metadata-05#section-4
+      // https://www.rfc-editor.org/rfc/rfc9728.html#section-4
       if (asMetadata.protected_resources) {
         if (!asMetadata.protected_resources.includes(rsMetadata.resource)) {
           throw new OAuthResolverError(

packages/oauth/oauth-provider/src/client/client-manager.ts

@@ -36,7 +36,7 @@ import { Client } from './client.js'
 
 const fetchMetadataHandler = pipe(
   fetchOkProcessor(),
-  // https://drafts.aaronpk.com/draft-parecki-oauth-client-id-metadata-document/draft-parecki-oauth-client-id-metadata-document.html#section-4.1
+  // https://www.ietf.org/archive/id/draft-ietf-oauth-client-id-metadata-document-00.html#section-4.1
   fetchJsonProcessor('application/json', true),
   fetchJsonZodProcessor(oauthClientMetadataSchema),
 )
@@ -724,7 +724,7 @@ export class ClientManager {
     metadata: OAuthClientMetadata,
   ): OAuthClientMetadata {
     if (!metadata.client_id) {
-      // https://drafts.aaronpk.com/draft-parecki-oauth-client-id-metadata-document/draft-parecki-oauth-client-id-metadata-document.html
+      // https://www.ietf.org/archive/id/draft-ietf-oauth-client-id-metadata-document-00.html
       throw new InvalidClientMetadataError(
         `client_id is required for discoverable clients`,
       )
@@ -733,7 +733,7 @@ export class ClientManager {
     const clientIdUrl = parseDiscoverableClientId(clientId)
 
     if (metadata.client_uri) {
-      // https://drafts.aaronpk.com/draft-parecki-oauth-client-id-metadata-document/draft-parecki-oauth-client-id-metadata-document.html
+      // https://www.ietf.org/archive/id/draft-ietf-oauth-client-id-metadata-document-00.html
       //
       // The client_uri must be a parent of the client_id URL. This might be
       // relaxed in the future.
@@ -773,7 +773,7 @@ export class ClientManager {
         // > where two apps claim the same private-use URI scheme (where one
         // > app is acting maliciously).
 
-        // https://drafts.aaronpk.com/draft-parecki-oauth-client-id-metadata-document/draft-parecki-oauth-client-id-metadata-document.html
+        // https://www.ietf.org/archive/id/draft-ietf-oauth-client-id-metadata-document-00.html
         //
         // Fully qualified domain name (FQDN) of the client_id, in reverse
         // order. This could be relaxed to allow same apex domain names, or

packages/oauth/oauth-provider/src/metadata/build-metadata.ts

@@ -122,10 +122,10 @@ export function buildMetadata(
     authorization_details_types_supported:
       customMetadata?.authorization_details_types_supported,
 
-    // https://datatracker.ietf.org/doc/html/draft-ietf-oauth-resource-metadata-05#section-4
+    // https://www.rfc-editor.org/rfc/rfc9728.html#section-4
     protected_resources: customMetadata?.protected_resources,
 
-    // https://drafts.aaronpk.com/draft-parecki-oauth-client-id-metadata-document/draft-parecki-oauth-client-id-metadata-document.html
+    // https://www.ietf.org/archive/id/draft-ietf-oauth-client-id-metadata-document-00.html
     client_id_metadata_document_supported: true,
   })
 }

packages/oauth/oauth-types/src/oauth-authorization-server-metadata.ts

@@ -67,10 +67,10 @@ export const oauthAuthorizationServerMetadataSchema = z.object({
   // https://datatracker.ietf.org/doc/html/rfc9449#section-5.1
   dpop_signing_alg_values_supported: z.array(z.string()).optional(),
 
-  // https://datatracker.ietf.org/doc/html/draft-ietf-oauth-resource-metadata-05#section-4
+  // https://www.rfc-editor.org/rfc/rfc9728.html#section-4
   protected_resources: z.array(webUriSchema).optional(),
 
-  // https://drafts.aaronpk.com/draft-parecki-oauth-client-id-metadata-document/draft-parecki-oauth-client-id-metadata-document.html
+  // https://www.ietf.org/archive/id/draft-ietf-oauth-client-id-metadata-document-00.html
   client_id_metadata_document_supported: z.boolean().optional(),
 })
 

packages/oauth/oauth-types/src/oauth-client-id-discoverable.ts

@@ -4,7 +4,7 @@ import { httpsUriSchema } from './uri.js'
 import { extractUrlPath, isHostnameIP } from './util.js'
 
 /**
- * @see {@link https://drafts.aaronpk.com/draft-parecki-oauth-client-id-metadata-document/draft-parecki-oauth-client-id-metadata-document.html}
+ * @see {@link https://www.ietf.org/archive/id/draft-ietf-oauth-client-id-metadata-document-00.html}
  */
 export const oauthClientIdDiscoverableSchema = z
   .intersection(oauthClientIdSchema, httpsUriSchema)

packages/oauth/oauth-types/src/oauth-protected-resource-metadata.ts

@@ -3,7 +3,7 @@ import { oauthIssuerIdentifierSchema } from './oauth-issuer-identifier.js'
 import { webUriSchema } from './uri.js'
 
 /**
- * @see {@link https://datatracker.ietf.org/doc/html/draft-ietf-oauth-resource-metadata-05#name-protected-resource-metadata-r}
+ * @see {@link https://www.rfc-editor.org/rfc/rfc9728.html#section-3.2}
  */
 export const oauthProtectedResourceMetadataSchema = z.object({
   /**