Portability | non-portable |
---|---|
Stability | experimental |
Maintainer | me@jspha.com |
Safe Haskell | None |
The "Three-legged OAuth" protocol implementing RFC 5849's Redirection-Based Authorization.
- data ThreeLegged = ThreeLegged {}
- parseThreeLegged :: String -> String -> String -> Callback -> Maybe ThreeLegged
- data Callback
- type Verifier = ByteString
- requestTemporaryToken :: CPRG gen => Cred Client -> Server -> ThreeLegged -> Manager -> gen -> IO (Response (Either ByteString (Token Temporary)), gen)
- buildAuthorizationUrl :: Cred Temporary -> ThreeLegged -> URI
- requestPermanentToken :: CPRG gen => Cred Temporary -> Server -> Verifier -> ThreeLegged -> Manager -> gen -> IO (Response (Either ByteString (Token Permanent)), gen)
- requestTemporaryTokenRaw :: CPRG gen => Cred Client -> Server -> ThreeLegged -> Manager -> gen -> IO (Response ByteString, gen)
- requestPermanentTokenRaw :: CPRG gen => Cred Temporary -> Server -> Verifier -> ThreeLegged -> Manager -> gen -> IO (Response ByteString, gen)
- requestTokenProtocol :: Cred Client -> Server -> ThreeLegged -> (URI -> IO Verifier) -> IO (Maybe (Cred Permanent))
- requestTokenProtocol' :: ManagerSettings -> Cred Client -> Server -> ThreeLegged -> (URI -> IO Verifier) -> IO (Maybe (Cred Permanent))
Configuration types
data ThreeLegged Source
Data parameterizing the "Three-legged OAuth" redirection-based authorization protocol. These parameters cover the protocol as described in the community editions OAuth Core 1.0 and OAuth Core 1.0a as well as RFC 5849.
ThreeLegged | |
|
parseThreeLegged :: String -> String -> String -> Callback -> Maybe ThreeLeggedSource
Convenience method for creating a ThreeLegged
configuration from
a trio of URLs and a Callback
. Returns Nothing
if one of the
callback URLs could not be parsed correctly.
When performing the second leg of the three-leg token request workflow,
the user must pass the oauth_verifier
code back to the client. In order to
ensure that this protocol is secure, OAuth demands that the client
associates this "callback method" with the temporary credentials generated
for the workflow. This Callback
method may be a URL where the parameters
are returned to or the string "oob"
which indicates that the user is
responsible for returning the oauth_verifier
to the client OutOfBand
.
type Verifier = ByteStringSource
Actions
requestTemporaryToken :: CPRG gen => Cred Client -> Server -> ThreeLegged -> Manager -> gen -> IO (Response (Either ByteString (Token Temporary)), gen)Source
Returns the raw result if the Response
could not be parsed as
a valid Token
. Importantly, in RFC 5849 compliant modes this
requires that the token response includes callback_confirmed=true
. See
also requestTemporaryTokenRaw
.
Throws HttpException
s.
buildAuthorizationUrl :: Cred Temporary -> ThreeLegged -> URISource
Produce a URI
which the user should be directed to in order to
authorize a set of Temporary
Cred
s.
requestPermanentToken :: CPRG gen => Cred Temporary -> Server -> Verifier -> ThreeLegged -> Manager -> gen -> IO (Response (Either ByteString (Token Permanent)), gen)Source
Returns Nothing
if the response could not be decoded as a Token
.
See also requestPermanentTokenRaw
.
Throws HttpException
s.
Raw forms
requestTemporaryTokenRaw :: CPRG gen => Cred Client -> Server -> ThreeLegged -> Manager -> gen -> IO (Response ByteString, gen)Source
Request a Temporary
Token
based on the parameters of
a ThreeLegged
protocol. This returns the raw response which should be
encoded as www-form-urlencoded
.
Throws HttpException
s.
requestPermanentTokenRaw :: CPRG gen => Cred Temporary -> Server -> Verifier -> ThreeLegged -> Manager -> gen -> IO (Response ByteString, gen)Source
Request a 'Permanent Token
based on the parameters of
a ThreeLegged
protocol. This returns the raw response which should be
encoded as www-form-urlencoded
.
Throws HttpException
s.
Example system
requestTokenProtocol :: Cred Client -> Server -> ThreeLegged -> (URI -> IO Verifier) -> IO (Maybe (Cred Permanent))Source
Performs an interactive token request provided credentials,
configuration, and a way to convert a user authorization URI
into
a Verifier
out of band. Does not use any kind of TLS protection---it
will throw a TlsNotSupported
exception if TLS is required.
Throws HttpException
s.
requestTokenProtocol' :: ManagerSettings -> Cred Client -> Server -> ThreeLegged -> (URI -> IO Verifier) -> IO (Maybe (Cred Permanent))Source
Like requestTokenProtocol
but allows for specification of the
ManagerSettings
.