Copyright	(c) Justin Le 2017
License	MIT
Maintainer	justin@jle.im
Stability	unstable
Portability	portable
Safe Haskell	None
Language	Haskell2010

Authenticator.Vault

Description

Types for storing, serializing, accessing OTP keys. Gratuitous type-level programming here for no reason because I have issues.

Based off of https://github.com/google/google-authenticator.

Synopsis

data Mode
- = HOTP
- | TOTP
data SMode :: Mode -> Type where
- SHOTP :: SMode HOTP
- STOTP :: SMode TOTP
withSMode :: Mode -> (forall m. SMode m -> r) -> r
fromSMode :: SMode m -> Mode
data HashAlgo
- = HASHA1
- | HASHA256
- | HASHA512
parseAlgo :: String -> Maybe HashAlgo
data Secret :: Mode -> Type where
- Sec :: {..} -> Secret m
newtype OTPDigits = OTPDigits {
- otpDigits :: OTPDigits
}
pattern OTPDigitsInt :: OTPDigits -> Int
data family ModeState :: Mode -> Type
type SomeSecretState = DSum SMode (Secret :*: ModeState)
newtype Vault = Vault {
- vaultList :: [SomeSecretState]
}
_Vault :: Functor f => ([SomeSecretState] -> f [SomeSecretState]) -> Vault -> f Vault
hotp :: Secret HOTP -> ModeState HOTP -> (Text, ModeState HOTP)
totp :: Secret TOTP -> IO Text
totp_ :: Secret TOTP -> POSIXTime -> Text
otp :: SMode m -> Secret m -> ModeState m -> IO (Text, ModeState m)
someSecret :: Functor f => (forall m. SMode m -> Secret m -> ModeState m -> f (ModeState m)) -> SomeSecretState -> f SomeSecretState
vaultSecrets :: Applicative f => (forall m. SMode m -> Secret m -> ModeState m -> f (ModeState m)) -> Vault -> f Vault
describeSecret :: Secret m -> Text
secretURI :: Parser SomeSecretState
parseSecretURI :: String -> Either String SomeSecretState

Documentation

data Mode Source #

OTP generation mode

Constructors

HOTP	Counter-based
TOTP	Time-based

Instances

Show Mode Source #
Instance details Defined in Authenticator.Vault Methods showsPrec :: Int -> Mode -> ShowS # show :: Mode -> String # showList :: [Mode] -> ShowS #
Generic Mode Source #
Instance details Defined in Authenticator.Vault Associated Types type Rep Mode :: Type -> Type # Methods from :: Mode -> Rep Mode x # to :: Rep Mode x -> Mode #
ToJSON SomeSecretState Source #
Instance details Defined in Authenticator.Vault Methods toJSON :: SomeSecretState -> Value # toEncoding :: SomeSecretState -> Encoding # toJSONList :: [SomeSecretState] -> Value # toEncodingList :: [SomeSecretState] -> Encoding #
ToJSON Mode Source #
Instance details Defined in Authenticator.Vault Methods toJSON :: Mode -> Value # toEncoding :: Mode -> Encoding # toJSONList :: [Mode] -> Value # toEncodingList :: [Mode] -> Encoding #
Binary SomeSecretState Source #
Instance details Defined in Authenticator.Vault Methods put :: SomeSecretState -> Put # get :: Get SomeSecretState # putList :: [SomeSecretState] -> Put #
Binary Mode Source #
Instance details Defined in Authenticator.Vault Methods put :: Mode -> Put # get :: Get Mode # putList :: [Mode] -> Put #
GShow SMode Source #
Instance details Defined in Authenticator.Vault Methods gshowsPrec :: Int -> SMode a -> ShowS #
type Rep Mode Source #
Instance details Defined in Authenticator.Vault type Rep Mode = D1 (MetaData "Mode" "Authenticator.Vault" "otp-authenticator-0.1.1.0-inplace" False) (C1 (MetaCons "HOTP" PrefixI False) (U1 :: Type -> Type) :+: C1 (MetaCons "TOTP" PrefixI False) (U1 :: Type -> Type))

data SMode :: Mode -> Type where Source #

Singleton for Mode

Constructors

SHOTP :: SMode HOTP
STOTP :: SMode TOTP

Instances

ToJSON SomeSecretState Source #
Instance details Defined in Authenticator.Vault Methods toJSON :: SomeSecretState -> Value # toEncoding :: SomeSecretState -> Encoding # toJSONList :: [SomeSecretState] -> Value # toEncodingList :: [SomeSecretState] -> Encoding #
Binary SomeSecretState Source #
Instance details Defined in Authenticator.Vault Methods put :: SomeSecretState -> Put # get :: Get SomeSecretState # putList :: [SomeSecretState] -> Put #
GShow SMode Source #
Instance details Defined in Authenticator.Vault Methods gshowsPrec :: Int -> SMode a -> ShowS #
Show (SMode m) Source #
Instance details Defined in Authenticator.Vault Methods showsPrec :: Int -> SMode m -> ShowS # show :: SMode m -> String # showList :: [SMode m] -> ShowS #

withSMode :: Mode -> (forall m. SMode m -> r) -> r Source #

Reify a Mode to its singleton

fromSMode :: SMode m -> Mode Source #

Reflect a SMode to its value.

data HashAlgo Source #

Which OTP-approved hash algorithm to use?

Constructors

HASHA1
HASHA256
HASHA512

Instances

Show HashAlgo Source #
Instance details Defined in Authenticator.Vault Methods showsPrec :: Int -> HashAlgo -> ShowS # show :: HashAlgo -> String # showList :: [HashAlgo] -> ShowS #
Generic HashAlgo Source #
Instance details Defined in Authenticator.Vault Associated Types type Rep HashAlgo :: Type -> Type # Methods from :: HashAlgo -> Rep HashAlgo x # to :: Rep HashAlgo x -> HashAlgo #
ToJSON HashAlgo Source #
Instance details Defined in Authenticator.Vault Methods toJSON :: HashAlgo -> Value # toEncoding :: HashAlgo -> Encoding # toJSONList :: [HashAlgo] -> Value # toEncodingList :: [HashAlgo] -> Encoding #
Binary HashAlgo Source #
Instance details Defined in Authenticator.Vault Methods put :: HashAlgo -> Put # get :: Get HashAlgo # putList :: [HashAlgo] -> Put #
type Rep HashAlgo Source #
Instance details Defined in Authenticator.Vault type Rep HashAlgo = D1 (MetaData "HashAlgo" "Authenticator.Vault" "otp-authenticator-0.1.1.0-inplace" False) (C1 (MetaCons "HASHA1" PrefixI False) (U1 :: Type -> Type) :+: (C1 (MetaCons "HASHA256" PrefixI False) (U1 :: Type -> Type) :+: C1 (MetaCons "HASHA512" PrefixI False) (U1 :: Type -> Type)))

parseAlgo :: String -> Maybe HashAlgo Source #

Parse a hash algorithm string into the appropriate HashAlgo.

data Secret :: Mode -> Type where Source #

A standards-compliant secret key type. Well, almost. It doesn't include configuration for the time period if it's time-based.

Constructors

Sec
Fields :: { secAccount :: Text , secIssuer :: Maybe Text , secAlgo :: HashAlgo , secDigits :: OTPDigits , secKey :: ByteString } -> Secret m

Instances

ToJSON SomeSecretState Source #
Instance details Defined in Authenticator.Vault Methods toJSON :: SomeSecretState -> Value # toEncoding :: SomeSecretState -> Encoding # toJSONList :: [SomeSecretState] -> Value # toEncodingList :: [SomeSecretState] -> Encoding #
Binary SomeSecretState Source #
Instance details Defined in Authenticator.Vault Methods put :: SomeSecretState -> Put # get :: Get SomeSecretState # putList :: [SomeSecretState] -> Put #
Show (Secret a) Source #
Instance details Defined in Authenticator.Vault Methods showsPrec :: Int -> Secret a -> ShowS # show :: Secret a -> String # showList :: [Secret a] -> ShowS #
Generic (Secret a) Source #
Instance details Defined in Authenticator.Vault Associated Types type Rep (Secret a) :: Type -> Type # Methods from :: Secret a -> Rep (Secret a) x # to :: Rep (Secret a) x -> Secret a #
ToJSON (Secret m) Source #
Instance details Defined in Authenticator.Vault Methods toJSON :: Secret m -> Value # toEncoding :: Secret m -> Encoding # toJSONList :: [Secret m] -> Value # toEncodingList :: [Secret m] -> Encoding #
Binary (Secret m) Source #
Instance details Defined in Authenticator.Vault Methods put :: Secret m -> Put # get :: Get (Secret m) # putList :: [Secret m] -> Put #
type Rep (Secret a) Source #
Instance details Defined in Authenticator.Vault type Rep (Secret a) = D1 (MetaData "Secret" "Authenticator.Vault" "otp-authenticator-0.1.1.0-inplace" False) (C1 (MetaCons "Sec" PrefixI True) ((S1 (MetaSel (Just "secAccount") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 Text) :: S1 (MetaSel (Just "secIssuer") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 (Maybe Text))) :: (S1 (MetaSel (Just "secAlgo") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 HashAlgo) :: (S1 (MetaSel (Just "secDigits") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 OTPDigits) :: S1 (MetaSel (Just "secKey") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 ByteString)))))

newtype OTPDigits Source #

Newtype wrapper to provide Eq, Ord, Binary, and ToJSON instances. You can convert to and from this and the Int representation using OTPDigitsInt

Constructors

OTPDigits
Fields otpDigits :: OTPDigits

Instances

Eq OTPDigits Source #
Instance details Defined in Authenticator.Vault Methods (==) :: OTPDigits -> OTPDigits -> Bool # (/=) :: OTPDigits -> OTPDigits -> Bool #
Ord OTPDigits Source #
Instance details Defined in Authenticator.Vault Methods compare :: OTPDigits -> OTPDigits -> Ordering # (<) :: OTPDigits -> OTPDigits -> Bool # (<=) :: OTPDigits -> OTPDigits -> Bool # (>) :: OTPDigits -> OTPDigits -> Bool # (>=) :: OTPDigits -> OTPDigits -> Bool # max :: OTPDigits -> OTPDigits -> OTPDigits # min :: OTPDigits -> OTPDigits -> OTPDigits #
Show OTPDigits Source #
Instance details Defined in Authenticator.Vault Methods showsPrec :: Int -> OTPDigits -> ShowS # show :: OTPDigits -> String # showList :: [OTPDigits] -> ShowS #
ToJSON OTPDigits Source #
Instance details Defined in Authenticator.Vault Methods toJSON :: OTPDigits -> Value # toEncoding :: OTPDigits -> Encoding # toJSONList :: [OTPDigits] -> Value # toEncodingList :: [OTPDigits] -> Encoding #
Binary OTPDigits Source #
Instance details Defined in Authenticator.Vault Methods put :: OTPDigits -> Put # get :: Get OTPDigits # putList :: [OTPDigits] -> Put #

pattern OTPDigitsInt :: OTPDigits -> Int Source #

data family ModeState :: Mode -> Type Source #

A data family consisting of the state required by each mode.

Instances

ToJSON SomeSecretState Source #
Instance details Defined in Authenticator.Vault Methods toJSON :: SomeSecretState -> Value # toEncoding :: SomeSecretState -> Encoding # toJSONList :: [SomeSecretState] -> Value # toEncodingList :: [SomeSecretState] -> Encoding #
Binary SomeSecretState Source #
Instance details Defined in Authenticator.Vault Methods put :: SomeSecretState -> Put # get :: Get SomeSecretState # putList :: [SomeSecretState] -> Put #
Show (ModeState HOTP) Source #
Instance details Defined in Authenticator.Vault Methods showsPrec :: Int -> ModeState HOTP -> ShowS # show :: ModeState HOTP -> String # showList :: [ModeState HOTP] -> ShowS #
Show (ModeState TOTP) Source #
Instance details Defined in Authenticator.Vault Methods showsPrec :: Int -> ModeState TOTP -> ShowS # show :: ModeState TOTP -> String # showList :: [ModeState TOTP] -> ShowS #
Generic (ModeState HOTP) Source #
Instance details Defined in Authenticator.Vault Associated Types type Rep (ModeState HOTP) :: Type -> Type # Methods from :: ModeState HOTP -> Rep (ModeState HOTP) x # to :: Rep (ModeState HOTP) x -> ModeState HOTP #
Generic (ModeState TOTP) Source #
Instance details Defined in Authenticator.Vault Associated Types type Rep (ModeState TOTP) :: Type -> Type # Methods from :: ModeState TOTP -> Rep (ModeState TOTP) x # to :: Rep (ModeState TOTP) x -> ModeState TOTP #
ToJSON (ModeState HOTP) Source #
Instance details Defined in Authenticator.Vault Methods toJSON :: ModeState HOTP -> Value # toEncoding :: ModeState HOTP -> Encoding # toJSONList :: [ModeState HOTP] -> Value # toEncodingList :: [ModeState HOTP] -> Encoding #
ToJSON (ModeState TOTP) Source #
Instance details Defined in Authenticator.Vault Methods toJSON :: ModeState TOTP -> Value # toEncoding :: ModeState TOTP -> Encoding # toJSONList :: [ModeState TOTP] -> Value # toEncodingList :: [ModeState TOTP] -> Encoding #
Binary (ModeState HOTP) Source #
Instance details Defined in Authenticator.Vault Methods put :: ModeState HOTP -> Put # get :: Get (ModeState HOTP) # putList :: [ModeState HOTP] -> Put #
Binary (ModeState TOTP) Source #
Instance details Defined in Authenticator.Vault Methods put :: ModeState TOTP -> Put # get :: Get (ModeState TOTP) # putList :: [ModeState TOTP] -> Put #
data ModeState HOTP Source #	For `HOTP` (counter-based) mode, the state is the current counter.
Instance details Defined in Authenticator.Vault data ModeState HOTP = HOTPState { hotpCounter :: Word64 }
data ModeState TOTP Source #	For `TOTP` (time-based) mode, there is no state.
Instance details Defined in Authenticator.Vault data ModeState TOTP = TOTPState
type Rep (ModeState HOTP) Source #
Instance details Defined in Authenticator.Vault type Rep (ModeState HOTP) = D1 (MetaData "ModeState" "Authenticator.Vault" "otp-authenticator-0.1.1.0-inplace" False) (C1 (MetaCons "HOTPState" PrefixI True) (S1 (MetaSel (Just "hotpCounter") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 Word64)))
type Rep (ModeState TOTP) Source #
Instance details Defined in Authenticator.Vault type Rep (ModeState TOTP) = D1 (MetaData "ModeState" "Authenticator.Vault" "otp-authenticator-0.1.1.0-inplace" False) (C1 (MetaCons "TOTPState" PrefixI False) (U1 :: Type -> Type))

type SomeSecretState = DSum SMode (Secret :*: ModeState) Source #

A Secret coupled with its ModeState, existentially quantified over its Mode.

newtype Vault Source #

A list of secrets and their states, of various modes.

Constructors

Vault
Fields vaultList :: [SomeSecretState]

Instances

Generic Vault Source #
Instance details Defined in Authenticator.Vault Associated Types type Rep Vault :: Type -> Type # Methods from :: Vault -> Rep Vault x # to :: Rep Vault x -> Vault #
ToJSON Vault Source #
Instance details Defined in Authenticator.Vault Methods toJSON :: Vault -> Value # toEncoding :: Vault -> Encoding # toJSONList :: [Vault] -> Value # toEncodingList :: [Vault] -> Encoding #
Binary Vault Source #
Instance details Defined in Authenticator.Vault Methods put :: Vault -> Put # get :: Get Vault # putList :: [Vault] -> Put #
type Rep Vault Source #
Instance details Defined in Authenticator.Vault type Rep Vault = D1 (MetaData "Vault" "Authenticator.Vault" "otp-authenticator-0.1.1.0-inplace" True) (C1 (MetaCons "Vault" PrefixI True) (S1 (MetaSel (Just "vaultList") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 [SomeSecretState])))

_Vault :: Functor f => ([SomeSecretState] -> f [SomeSecretState]) -> Vault -> f Vault Source #

A lens into the list of SomeSecretStates in a Vault. Should be an Iso but we don't want a lens dependency now, do we.

hotp :: Secret HOTP -> ModeState HOTP -> (Text, ModeState HOTP) Source #

Generate an HTOP (counter-based) code, returning a modified state.

totp :: Secret TOTP -> IO Text Source #

Generate a TOTP (time-based) code in IO for the current time.

totp_ :: Secret TOTP -> POSIXTime -> Text Source #

(Purely) generate a TOTP (time-based) code, for a given time.

otp :: SMode m -> Secret m -> ModeState m -> IO (Text, ModeState m) Source #

Abstract over both hotp and totp.

someSecret :: Functor f => (forall m. SMode m -> Secret m -> ModeState m -> f (ModeState m)) -> SomeSecretState -> f SomeSecretState Source #

Some sort of RankN lens and traversal over a SomeSecret. Allows you to traverse (effectfully map) over the ModeState in a SomeSecretState, with access to the Secret as well.

With this you can implement getters and setters. It's also used by the library to update the ModeState in IO.

vaultSecrets :: Applicative f => (forall m. SMode m -> Secret m -> ModeState m -> f (ModeState m)) -> Vault -> f Vault Source #

A RankN traversal over all of the Secrets and ModeStates in a Vault.

describeSecret :: Secret m -> Text Source #

Print out the metadata (account name and issuer) of a Secret.

secretURI :: Parser SomeSecretState Source #

A parser for a otpauth URI.

parseSecretURI :: String -> Either String SomeSecretState Source #

Parse a valid otpauth URI and initialize its state.

See https://github.com/google/google-authenticator/wiki/Key-Uri-Format