Network.OAuth.Consumer

Contents

Description

A Haskell library that implements oauth authentication protocol as defined in http://tools.ietf.org/html/draft-hammer-oauth-10.

According to the RFC [1]: OAuth provides a method for clients to access server resources on behalf of a resource owner (such as a different client or an end- user). It also provides a process for end-users to authorize third- party access to their server resources without sharing their credentials (typically, a username and password pair), using user- agent redirections.

The following code should perform a request using 3 legged oauth, provided the parameters are defined correctly:

  reqUrl   = fromJust . parseURL $ "https://service.provider/request_token"
  accUrl   = fromJust . parseURL $ "https://service.provider/access_token"
  srvUrl   = fromJust . parseURL $ "http://service/path/to/resource/"
  authUrl  = ("http://service.provider/authorize?oauth_token="++) . findWithDefault ("oauth_token","") . oauthParams
  app      = Application "consumerKey" "consumerSec" OOB
  response = runOAuth $ do ignite app
                           oauthRequest PLAINTEXT Nothing reqUrl
                           cliAskAuthorization authUrl
                           oauthRequest PLAINTEXT Nothing accUrl
                           serviceRequest HMACSHA1 (Just "realm") srvUrl

Synopsis

Types

data Token Source

The OAuth Token.

Instances

Eq Token
Binary Token

data Application Source

Identifies the application.

Constructors

Application
Fields consKey :: String consSec :: String callback :: OAuthCallback

Instances

Eq Application
Show Application
Binary Application

data OAuthCallback Source

Callback used in oauth authorization

Constructors

URL String
OOB

Instances

Eq OAuthCallback
Show OAuthCallback
Binary OAuthCallback

data SigMethod Source

Available signature methods.

Constructors

PLAINTEXT	The `PLAINTEXT` consumer_key token_secret method does not provide any security protection and SHOULD only be used over a secure channel such as HTTPS. It does not use the Signature Base String.
HMACSHA1	The `HMAC_SHA1` consumer_key token_secret signature method uses the HMAC-SHA1 signature algorithm as defined in http://tools.ietf.org/html/rfc2104 where the Signature Base String is the text and the key is the concatenated values (each first encoded per Parameter Encoding) of the Consumer Secret and Token Secret, separated by an & character (ASCII code 38) even if empty.

Instances

Show SigMethod

type Realm = String Source

The optional authentication realm. Refer to http://oauth.net/core/1.0/#auth_header_authorization for more information.

type Nonce = String Source

Random string that is unique amongst requests. Refer to http://oauth.net/core/1.0/#nonce for more information.

type Timestamp = String Source

Unix timestamp (seconds since epoch). Refer to http://oauth.net/core/1.0/#nonce for more information.

type OAuthMonad m a = StateT Token m aSource

The OAuth monad.

OAuthMonad related functions

runOAuth :: (MonadIO m, HttpClient m) => OAuthMonad m a -> m aSource

Execute the oauth monad and returns the value it produced.

oauthRequest :: (MonadIO m, HttpClient m) => SigMethod -> Maybe Realm -> Request -> OAuthMonad m (Either String Token)Source

Executes an oauth request which is intended to upgrade/refresh the current token. Use this combinator to get either a request token or an access token.

serviceRequest :: (MonadIO m, HttpClient m) => SigMethod -> Maybe Realm -> Request -> OAuthMonad m Response Source

Performs a signed request with the available token.

cliAskAuthorization :: MonadIO m => (Token -> String) -> OAuthMonad m ()Source

Probably this is just useful for testing. It asks the user (stdout/stdin) to authorize the application and provide the oauth_verifier.

ignite :: MonadIO m => Application -> OAuthMonad m ()Source

Transforms an application into a token.

getToken :: Monad m => OAuthMonad m Token Source

Extracts the token from the OAuthMonad.

putToken :: Monad m => Token -> OAuthMonad m ()Source

Alias to the put function.

Token related functions

twoLegged :: Token -> Bool Source

Returns true if the token is able to perform 2-legged oauth requests.

threeLegged :: Token -> Bool Source

Tests whether or not the current token is able to perform 3-legged requests.

signature :: SigMethod -> Token -> Request -> String Source

Signs a request using a given signature method. This expects the request to be a valid request already (for instance, none and timestamp are not set).

injectOAuthVerifier :: String -> Token -> Token Source

Injects the oauth_verifier into the token. Usually this means the user has authorized the app to access his data.

fromApplication :: Application -> Token Source

Transforms an application into a token

fromResponse :: Response -> Token -> Either String Token Source

Receives a response possibly from a service provider and updates the token. As a matter effect, assumes the content-type is application/x-www-form-urlencoded (because some service providers send it as text/plain) and if the status is [200..300) updates the token accordingly.

authorization :: SigMethod -> Maybe Realm -> Nonce -> Timestamp -> Token -> Request -> String Source

Computes the authorization header and updates the request.