macaroon-shop-0.1.0.1: A toolkit for working with macaroons
LicenseISC
Maintainerics@gambolingpangolin.com
Stabilityexperimental
Safe HaskellSafe-Inferred
LanguageGHC2021

Authorize.Macaroon

Description

This module contains an implementation of macaroons as described in http://theory.stanford.edu/~ataly/Papers/macaroons.pdf. The serialization, cryptography, and validation semantics are compatible with go-macaroons https://github.com/go-macaroon/macaroon.

Synopsis

Types

data Macaroon Source #

Instances

Instances details
Show Macaroon Source # 
Instance details

Defined in Authorize.Macaroon.Types

Serialize Macaroon Source # 
Instance details

Defined in Authorize.Macaroon.Types

Eq Macaroon Source # 
Instance details

Defined in Authorize.Macaroon.Types

data SealedMacaroon Source #

Couple a macaroon with its discharges. Application developers should only produce these values either by invoking prepareForRequest or by deserializing a client token.

newtype Key Source #

Constructors

Key 

Fields

Instances

Instances details
Show Key Source # 
Instance details

Defined in Authorize.Macaroon.Types

Methods

showsPrec :: Int -> Key -> ShowS #

show :: Key -> String #

showList :: [Key] -> ShowS #

Eq Key Source # 
Instance details

Defined in Authorize.Macaroon.Types

Methods

(==) :: Key -> Key -> Bool #

(/=) :: Key -> Key -> Bool #

Ord Key Source # 
Instance details

Defined in Authorize.Macaroon.Types

Methods

compare :: Key -> Key -> Ordering #

(<) :: Key -> Key -> Bool #

(<=) :: Key -> Key -> Bool #

(>) :: Key -> Key -> Bool #

(>=) :: Key -> Key -> Bool #

max :: Key -> Key -> Key #

min :: Key -> Key -> Key #

ByteArrayAccess Key Source # 
Instance details

Defined in Authorize.Macaroon.Types

Methods

length :: Key -> Int #

withByteArray :: Key -> (Ptr p -> IO a) -> IO a #

copyByteArrayToPtr :: Key -> Ptr p -> IO () #

Core interface

createMacaroon Source #

Arguments

:: Key

signing key

-> MacaroonId

identifier for this macaroon

-> Location

location hint

-> [ByteString]

first party caveats to include

-> Macaroon 

Mint a macaroon

addFirstPartyCaveat :: Macaroon -> ByteString -> Macaroon Source #

A first party caveat corresponds to a proposition that might or might not hold in the validation context of the macaroon.

addThirdPartyCaveat Source #

Arguments

:: Macaroon 
-> Key

third party key

-> Location 
-> ByteString 
-> IO Macaroon 

A third party caveat links the macaroon to an additional key, and must be discharged by a supplementary macaroon in order to validate.

extractThirdPartyCaveats :: Macaroon -> [ByteString] Source #

Get the third party caveats encoded in the macaroon

sealMacaroon Source #

Arguments

:: Macaroon

root macaroon

-> [Macaroon]

discharge macaroons

-> SealedMacaroon 

In order to secure discharge macaroons, they must be bound to the root macaroon before transmission.

createDischargeMacaroon Source #

Arguments

:: Key

discharge key

-> Location

location hint

-> ByteString

caveat to discharge

-> [ByteString]

additional first party caveats to include

-> Macaroon 

Mint a macaroon discharging a third party caveat

verify Source #

Macaroon verification succeeds by producing a set of first party caveats requiring further validation.