Portability	non-portable
Stability	experimental
Maintainer	me@jspha.com
Safe Haskell	None

Network.OAuth.Types.Credentials

Contents

Tokens and their parameterization
- Deserialization
Credentials and credential construction
Accessors

Description

Credentials, Creds, are built from Tokens, public/private key pairs, and come in 3 varieties.

Client: Represents a particular client or consumer, used as part of every transaction that client signs.
Temporary: Resource token representing a short-lived grant to access a restricted set of server resources on behalf of the user. Typically used as part of a authorization negotiation protocol.
Permanent: Resource token representing a long-lived grant to access an authorized set of server resources on behalf of the user. Outside of access negotiation this is the most common kind of resource Token.

Synopsis

Tokens and their parameterization

data Token ty Source

Tokens are public, private key pairs and come in many varieties, Client, Temporary, and Permanent.

Constructors

Token !Key !Secret

Instances

Typeable1 Token
Eq (Token ty)
Data ty => Data (Token ty)
Ord (Token ty)
Show (Token ty)
ToJSON (Token ty)	Produces a JSON object using keys named `oauth_token` and `oauth_token_secret`.
FromJSON (Token ty)	Parses a JSON object with keys `oauth_token` and `oauth_token_secret`, the standard format for OAuth 1.0.

type Key = ByteString Source

Token Keys are public keys which allow a server to uniquely identify a particular Token.

type Secret = ByteString Source

Token Secrets are private keys which the Token uses for cryptographic purposes.

data Client Source

Client Credentials and Tokens are assigned to a particular client by the server and are used for all requests sent by that client. They form the core component of resource specific credentials.

Instances

Data Client
Typeable Client

data Temporary Source

Temporary Tokens and Credentials are created during authorization protocols and are rarely meant to be kept for more than a few minutes. Typically they are authorized to access only a very select set of server resources. During "three-legged authorization" in OAuth 1.0 they are used to generate the authorization request URI the client sends and, after that, in the Permanent Token request.

Instances

Data Temporary
Typeable Temporary
ResourceToken Temporary

data Permanent Source

Permanent Tokens and Credentials are the primary means of accessing server resources. They must be maintained by the client for each user who authorizes that client to access resources on their behalf.

Instances

Data Permanent
Typeable Permanent
ResourceToken Permanent

class ResourceToken tk Source

Instances

ResourceToken Permanent
ResourceToken Temporary

Deserialization

fromUrlEncoded :: ByteString -> Maybe (Bool, Token ty)Source

Parses a www-form-urlencoded stream to produce a Token if possible. The first result value is whether or not the token data is OAuth 1.0a compatible.

>>> fromUrlEncoded "oauth_token=key&oauth_token_secret=secret"
Just (False, Token "key" "secret")

>>> fromUrlEncoded "oauth_token=key&oauth_token_secret=secret&oauth_callback_confirmed=true"
Just (True, Token "key" "secret")

Credentials and credential construction

data Cred ty Source

Credentials pair a Client Token and either a Temporary or Permanent token corresponding to a particular set of user resources on the server.

Instances

Typeable1 Cred
Eq (Cred ty)
Data ty => Data (Cred ty)
Ord (Cred ty)
Show (Cred ty)

clientCred :: Token Client -> Cred Client Source

temporaryCred :: Token Temporary -> Cred Client -> Cred Temporary Source

permanentCred :: Token Permanent -> Cred Client -> Cred Permanent Source

Accessors

key :: Lens (Token ty) (Token ty) Key Key Source

secret :: Lens (Token ty) (Token ty) Secret Secret Source

clientToken :: Lens (Cred ty) (Cred ty) (Token Client) (Token Client)Source

All Creds have Client Token information.

resourceToken :: (ResourceToken ty, ResourceToken ty') => Lens (Cred ty) (Cred ty') (Token ty) (Token ty')Source

Some Creds have resource Token information, i.e. either Temporary or Permanent credentials. This lens can be used to change the type of a Cred.

getResourceTokenDef :: Cred ty -> Token tySource

OAuth assumes that, by default, any credential has a resource Token that is by default completely blank. In this way we can talk about the resource Token of even Client Creds.

>>> getResourceTokenDef (clientCred $ Token "key" "secret")
Token "" ""

signingKey :: Cred ty -> ByteString Source

Produce a signingKey from a set of credentials. This is a URL encoded string built from the client secret and the token secret.

If no token secret exists then the blank string is used.

\secret -> signingKey (clientCred $ Token "key" secret) == (pctEncode secret <> "&" <> "")