oauthenticated-0.0.5: Simple OAuth client code built atop http-conduit

Portabilitynon-portable
Stabilityexperimental
Maintainerme@jspha.com
Safe HaskellNone

Network.OAuth.ThreeLegged

Contents

Description

The "Three-legged OAuth" protocol implementing RFC 5849's Redirection-Based Authorization.

Synopsis

Configuration types

data ThreeLegged Source

Data parameterizing the "Three-legged OAuth" redirection-based authorization protocol. These parameters cover the protocol as described in the community editions OAuth Core 1.0 and OAuth Core 1.0a as well as RFC 5849.

Constructors

ThreeLegged 

Fields

temporaryTokenRequest :: Request

Base Request for the "endpoint used by the client to obtain a set of Temporary Credentials" in the form of a Temporary Token. This request is automatically instantiated and performed during the first leg of the ThreeLegged authorization protocol.

resourceOwnerAuthorization :: Request

Base Request for the "endpoint to which the resource owner is redirected to grant authorization". This request must be performed by the user granting token authorization to the client. Transmitting the parameters of this request to the user is out of scope of oauthenticated, but functions are provided to make it easier.

permanentTokenRequest :: Request

Base Request for the "endpoint used by the client to request a set of token credentials using the set of Temporary Credentials". This request is also instantiated and performed by oauthenticated in order to produce a Permanent Token.

callback :: Callback

The Callback parameter configures how the user is intended to communicate the Verifier back to the client.

Instances

parseThreeLegged :: String -> String -> String -> Callback -> Either HttpException ThreeLeggedSource

Convenience method for creating a ThreeLegged configuration from a trio of URLs and a Callback.

data Callback Source

When performing the second leg of the three-leg token request workflow, the user must pass the oauth_verifier code back to the client. In order to ensure that this protocol is secure, OAuth demands that the client associates this "callback method" with the temporary credentials generated for the workflow. This Callback method may be a URL where the parameters are returned to or the string "oob" which indicates that the user is responsible for returning the oauth_verifier to the client OutOfBand.

Constructors

OutOfBand 
Callback Request 

Instances

Show Callback 
Typeable Callback 
QueryValueLike Callback

Prints out in Epoch time format, a printed integer

Actions

requestTemporaryToken :: MonadIO m => ThreeLegged -> OAuthT Client m (Maybe (Token Temporary))Source

Returns Nothing if the response could not be decoded as a Token. Importantly, in RFC 5849 compliant modes this requires that the token response includes callback_confirmed=true. See also requestTemporaryTokenRaw.

buildAuthorizationUrl :: Monad m => ThreeLegged -> OAuthT Temporary m URISource

Produce a URI which the user should be directed to in order to authorize a set of Temporary Creds.

requestPermanentToken :: MonadIO m => ThreeLegged -> Verifier -> OAuthT Temporary m (Maybe (Token Permanent))Source

Returns Nothing if the response could not be decoded as a Token. See also requestPermanentTokenRaw.

Raw forms

requestTemporaryTokenRaw :: MonadIO m => ThreeLegged -> OAuthT Client m ByteStringSource

Request a Temporary Token based on the parameters of a ThreeLegged protocol. This returns the raw response which should be encoded as www-form-urlencoded.

requestPermanentTokenRaw :: MonadIO m => ThreeLegged -> Verifier -> OAuthT Temporary m ByteStringSource

Request a 'Permanent Token based on the parameters of a ThreeLegged protocol. This returns the raw response which should be encoded as www-form-urlencoded.

Example system

requestTokenProtocol :: MonadIO m => ThreeLegged -> OAuthT Client m (Maybe (Token Permanent))Source

Performs an interactive token request over stdin assuming that the verifier code is acquired out-of-band.