Client: Represents a particular client or consumer, used as part of every transaction that client signs.
Temporary: Resource token representing a short-lived grant to access a restricted set of server resources on behalf of the user. Typically used as part of a authorization negotiation protocol.
Permanent: Resource token representing a long-lived grant to access an authorized set of server resources on behalf of the user. Outside of access negotiation this is the most common kind of resource
- data Token ty = Token !Key !Secret
- type Key = ByteString
- type Secret = ByteString
- data Client
- data Temporary
- data Permanent
- class ResourceToken tk
- fromUrlEncoded :: ByteString -> Maybe (Bool, Token ty)
- data Cred ty
- clientCred :: Token Client -> Cred Client
- temporaryCred :: Token Temporary -> Cred Client -> Cred Temporary
- permanentCred :: Token Permanent -> Cred Client -> Cred Permanent
- key :: Lens (Token ty) (Token ty) Key Key
- secret :: Lens (Token ty) (Token ty) Secret Secret
- clientToken :: Lens (Cred ty) (Cred ty) (Token Client) (Token Client)
- resourceToken :: (ResourceToken ty, ResourceToken ty') => Lens (Cred ty) (Cred ty') (Token ty) (Token ty')
- getResourceTokenDef :: Cred ty -> Token ty
- signingKey :: Cred ty -> ByteString
Tokens and their parameterization
|Eq (Token ty)|
|Data ty => Data (Token ty)|
|Ord (Token ty)|
|Show (Token ty)|
|ToJSON (Token ty)|
Produces a JSON object using keys named
|FromJSON (Token ty)|
Parses a JSON object with keys
Credentials are created during authorization
protocols and are rarely meant to be kept for more than a few minutes.
Typically they are authorized to access only a very select set of server
resources. During "three-legged authorization" in OAuth 1.0 they are used
to generate the authorization request URI the client sends and, after that,
Credentials are the primary means of accessing
server resources. They must be maintained by the client for each user who
authorizes that client to access resources on their behalf.
www-form-urlencoded stream to produce a
Token if possible.
The first result value is whether or not the token data is OAuth 1.0a
fromUrlEncoded "oauth_token=key&oauth_token_secret=secret"Just (False, Token "key" "secret")
fromUrlEncoded "oauth_token=key&oauth_token_secret=secret&oauth_callback_confirmed=true"Just (True, Token "key" "secret")
Credentials and credential construction
signingKey from a set of credentials. This is a URL
encoded string built from the client secret and the token
If no token secret exists then the blank string is used.
\secret -> signingKey (clientCred $ Token "key" secret) == (pctEncode secret <> "&" <> "")