Copyright | (c) Joseph Abrahamson 2013 |
---|---|
License | MIT |
Maintainer | me@jspha.com |
Stability | experimental |
Portability | non-portable |
Safe Haskell | None |
Language | Haskell2010 |
Credentials, Cred
s, are built from Token
s, public/private key pairs, and
come in 3 varieties.
Client
: Represents a particular client or consumer, used as part of every transaction that client signs.Temporary
: Resource token representing a short-lived grant to access a restricted set of server resources on behalf of the user. Typically used as part of a authorization negotiation protocol.Permanent
: Resource token representing a long-lived grant to access an authorized set of server resources on behalf of the user. Outside of access negotiation this is the most common kind of resourceToken
.
- data Token ty = Token !Key !Secret
- type Key = ByteString
- type Secret = ByteString
- data Client
- data Temporary
- data Permanent
- class ResourceToken tk
- fromUrlEncoded :: ByteString -> Maybe (Bool, Token ty)
- data Cred ty
- clientCred :: Token Client -> Cred Client
- temporaryCred :: Token Temporary -> Cred Client -> Cred Temporary
- permanentCred :: Token Permanent -> Cred Client -> Cred Permanent
- upgradeCred :: ResourceToken tk => Token tk -> Cred tk' -> Cred tk
- key :: Functor f => (Key -> f Key) -> Token ty -> f (Token ty)
- secret :: Functor f => (Secret -> f Secret) -> Token ty -> f (Token ty)
- clientToken :: Functor f => (Token Client -> f (Token Client)) -> Cred ty -> f (Cred ty)
- resourceToken :: (ResourceToken ty, ResourceToken ty', Functor f) => (Token ty -> f (Token ty')) -> Cred ty -> f (Cred ty')
- getResourceTokenDef :: Cred ty -> Token ty
- signingKey :: Cred ty -> ByteString
Tokens and their parameterization
Eq (Token ty) Source # | |
Data ty => Data (Token ty) Source # | |
Ord (Token ty) Source # | |
Show (Token ty) Source # | |
ToJSON (Token ty) Source # | Produces a JSON object using keys named |
FromJSON (Token ty) Source # | Parses a JSON object with keys |
type Key = ByteString Source #
type Secret = ByteString Source #
Temporary
Token
s and Cred
entials are created during authorization
protocols and are rarely meant to be kept for more than a few minutes.
Typically they are authorized to access only a very select set of server
resources. During "three-legged authorization" in OAuth 1.0 they are used
to generate the authorization request URI the client sends and, after that,
in the Permanent
Token
request.
Deserialization
fromUrlEncoded :: ByteString -> Maybe (Bool, Token ty) Source #
Parses a www-form-urlencoded
stream to produce a Token
if possible.
The first result value is whether or not the token data is OAuth 1.0a
compatible.
>>>
fromUrlEncoded "oauth_token=key&oauth_token_secret=secret"
Just (False, Token "key" "secret")
>>>
fromUrlEncoded "oauth_token=key&oauth_token_secret=secret&oauth_callback_confirmed=true"
Just (True, Token "key" "secret")
Credentials and credential construction
upgradeCred :: ResourceToken tk => Token tk -> Cred tk' -> Cred tk Source #
Accessors
key :: Functor f => (Key -> f Key) -> Token ty -> f (Token ty) Source #
Lens on the key component of a Token
.
secret :: Functor f => (Secret -> f Secret) -> Token ty -> f (Token ty) Source #
Lens on the key secret component of a Token
.
resourceToken :: (ResourceToken ty, ResourceToken ty', Functor f) => (Token ty -> f (Token ty')) -> Cred ty -> f (Cred ty') Source #
getResourceTokenDef :: Cred ty -> Token ty Source #
signingKey :: Cred ty -> ByteString Source #
Produce a signingKey
from a set of credentials. This is a URL
encoded string built from the client secret and the token
secret.
If no token secret exists then the blank string is used.
\secret -> signingKey (clientCred $ Token "key" secret) == (pctEncode secret <> "&" <> "")