hsoz- Iron, Hawk, Oz: Web auth protocols

Safe HaskellNone



Consider this module to be internal, and don't import directly.



type AuthResult t = AuthResult' (AuthSuccess t) Source #

The end result of authentication.

type AuthResult' r = Either AuthFail r Source #

An intermediate result of authentication.

data AuthFail Source #

Authentication can fail in multiple ways. This type includes the information necessary to generate a suitable response for the client. In the case of a stale timestamp, the client may try another authenticated request.

data AuthSuccess t Source #

Successful authentication produces a set of credentials and "artifacts". Also included in the result is the result of CredentialsFunc.


authValue :: AuthSuccess t -> t Source #

The result of an AuthSuccess.

authFailMessage :: AuthFail -> String Source #

The error message from an AuthFail.

data HawkReq Source #

A package of values containing the attributes of a HTTP request which are relevant to Hawk authentication.

data Credentials Source #

The set of data the server requires for key-based hash verification of artifacts.





Eq Credentials Source # 
Show Credentials Source # 
Generic Credentials Source # 

Associated Types

type Rep Credentials :: * -> * #

type Rep Credentials Source # 
type Rep Credentials = D1 (MetaData "Credentials" "Network.Hawk.Internal.Server.Types" "hsoz-" False) (C1 (MetaCons "Credentials" PrefixI True) ((:*:) (S1 (MetaSel (Just Symbol "scKey") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 Key)) (S1 (MetaSel (Just Symbol "scAlgorithm") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 HawkAlgo))))

type CredentialsFunc m t = ClientId -> m (Either String (Credentials, t)) Source #

A user-supplied callback to get credentials from a client identifier.

type NonceFunc = Key -> POSIXTime -> Nonce -> IO Bool Source #

User-supplied nonce validation function. It should return True if the nonce is valid.

Checking nonces can prevent request replay attacks. If the same key and nonce have already been seen, then the request can be denied.

type Nonce = ByteString Source #

The nonce should be a short sequence of random ASCII characters.