!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~                                                                                                                 ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~                None05QR      None05QR %&'()%&'( '&%()%&'()None!",/059:;<=DIQRT6*the * type is used to represent errors in a language agnostic manner. The errors are translated into human readable form via the I18N translations.7}when creating JSON field names, drop the first character. Since we are using lens, the leading character should always be _.QIan arbitrary, but unique string that the user uses to identify themselvesT"convert a value to a JSON encoded U"convert a value to a JSON encoded V#convert an error to a JSON encoded  FIXME: I18Naan a% address. No validation in performed.o A unique oFVarious configuration options that apply to all authentication methods0can user administrate the authentication system?-enforce username policies, valid email, etc. $ == ok, 'Just Text' == error messageThe shared secret is used to encrypt a users data on a per-user basis. We can invalidate a JWT value by changing the shared secret.a very basic policy for userAcceptable Enforces:Q can not be empty^This value is used to configure the type of new user registrations permitted for this system.'new users can create their own accountsjnew users can apply to create their own accounts, but a moderator must approve them before they are active'only the admin can create a new accountA map which stores the  for each  Generate a Salt from 128 bits of data from  /dev/urandomV, with the system RNG as a fallback. This is the function used to generate salts by  makePassword. Generate a  from  /dev/urandom.see:  Generate a  from .see:  An empty Nthis acid-state value contains the state common to all authentication methods#default session time out in secondsa reasonable initial set the  for ! overwritten any previous secret.get the  for 3set the default inactivity timeout for new sessions3set the default inactivity timeout for new sessionsset the get the  Create a new o. This will allocate a new . The returned o value will have the updated . Create a new o. This will allocate a new . The returned o value will have the updated .Update an existing o. Must already have a valid .Delete o with the specified  look up a o by their Q look up a o by their  look up a o by their aMNOTE: if the email is associated with more than one account this will return &get the entire AuthenticateState valueThe = type represents the encrypted data used to identify a user.get the  for *. Generate one if they don't have one yet.  b is used by the routing system to select which authentication backend should handle this request. is the encrypted form of the 4 which is passed between the server and the client. create a  for oThe  isAuthAdmin? paramater is a function which will be called to determine if o is a user who should be given Administrator privileges. This includes the ability to things such as set the OpenId+ realm, change the registeration mode, etc.decode and verify the . If successful, return the  otherwise . name of the  used to hold the  create a  for o and add a  to the  see also:  delete the  get, decode, and verify the  from the .get, decode, and verify the  from the  Authorization HTTP headerget, decode, and verify the  looking first in the  Authorization header and then in . see also: , get the calls  but returns only the 6a  for AuthenicateURL7Lhelper function which converts a URL for an authentication backend into an &.*+,-./0123456789:ABIJKQRSTUVWX_`abcdefgnopqrstuvw~,default timout in seconds (should be >= 180)  the user#$%&'()*+,-45678*+,-./01234567QRSTUV`abcdopqrst  %&(')*+4567567TUVQRS`dabctopqrs*+,-./01234  %+*)&'(4567* +,-./0123456789:ABIJKQRSTUVWX_`abcdefgnopqrstuvw~  #$%&'()*+,-45678None!",059;<=DQR 9:;<=>EFGHIJK 9:;<=>EFGHIJ >9:;<=HGFEIKJ 9:;<=>EFGHIJKNone 05<=DRv.Get the OpenId realm to use for authenticationw,set the realm used for OpenId AuthenticationIMPORTANT: Changing this value after users have registered is likely to invalidate existing OpenId tokens resulting in users no longer being able to access their old accounts.-LMNOPQRSZ[\]defghipqrstuvwxyz{|}~"LNMOZ[\efghiqrstuvwyz{|}~9SLMNORQP]Z[\diefghprqxstuvw~|}yz{LMNOPQRSZ[\]defghipqrstuvwxyz{|}~NoneNone 059;<=QR  None None!",059;<=DQR None None!",059;<=DR hash a password stringverify a password set the password for  delete the password for Iverify that the supplied password matches the stored hashed password for 3verify that the supplied username/password is valid+ JSON record for new account data<$JSON record for change password dataL JSON record for new account dataRaccount handler[ JSON record for new account dataarequest reset passwordbissueResetTokenfpassword in plain textsalted and hashedpassword in plain texthashed version of password    UserIdthe hashed password UserIdUserIdplain-text password+,-./012345<=>?@ABCDELMNOPQRST[\]^_`abcdelmnopqrT    +,-./012<=>?@ABCLMNOPQR[\]^_`abclmnopo     105432+,-./CBAED<=>?@QPOTSRLMN`edabc[\]^_nmlrqop=      +,-./012345<=>?@ABCDELMNOPQRST[\]^_`abcdelmnopqr None 059;<=QRstuvwxyz{|}~stuvwxyz{|}~stuvwxyz{|}~ s tuvwxyz{|}~ NoneNoneNone9; !"#$%&'()*+,-./0!"#$12345,-6789:;<=>?@AABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijkklmnopqrstuvwxxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@AB6CDEFGHIJKLMNNOPQRSTUVWXXYZ[\]^_`abcdefghijkklmmnnooppqrstuvwxyz{|}~/             /             :                          6                                                                                                ! " # $ % & ' ( ) * * + , - . / 0 1 2 3 4 5 6 7 8 8 9 : ; < = > ? @ A B C D E F G H I J K L M N  O P Q R S T U V W X Y Z /   [ \ ] ^ _ `    a bcdefghijklmnopqrstuvwxyz{h|}~5happstack-authenticate-2.3.4.2-Jbkuvcb1G8fHODJpFAoxmdHappstack.Authenticate.Core+Happstack.Authenticate.Password.PartialsURL)Happstack.Authenticate.OpenId.PartialsURL!Happstack.Authenticate.OpenId.URL"Happstack.Authenticate.OpenId.Core)Happstack.Authenticate.OpenId.Controllers&Happstack.Authenticate.OpenId.Partials#Happstack.Authenticate.OpenId.Route#Happstack.Authenticate.Password.URL+Happstack.Authenticate.Password.Controllers$Happstack.Authenticate.Password.Core(Happstack.Authenticate.Password.Partials%Happstack.Authenticate.Password.Route!Happstack.Authenticate.ControllerHappstack.Authenticate.RouteSystemRandom%userid-0.1.2.7-4KGO4jSSqPcBjthrWEfwc5 Data.UserId succUserIdrUserIdunUserId _unUserIdUserId PartialURL LoginInlineLoginLogoutSignupPasswordChangePasswordRequestResetPasswordFormResetPasswordForm$fEqPartialURL$fOrdPartialURL$fDataPartialURL$fGenericPartialURL rLoginInlinerLoginrLogoutrSignupPasswordrChangePasswordrRequestResetPasswordFormrResetPasswordForm partialURL$fPathInfoPartialURL UsingGoogle UsingYahoo RealmForm$fReadPartialURL$fShowPartialURL rUsingGoogle rUsingYahoo rRealmForm CoreErrorHandlerNotFoundURLDecodeFailedUsernameAlreadyExistsAuthorizationRequired ForbiddenJSONDecodeFailed InvalidUserIdUsernameNotAcceptable InvalidEmail TextErrorHappstackAuthenticateI18N jsonOptions$fToJExprCoreError$fFromJSONCoreError$fToJSONCoreError $fEqCoreError$fOrdCoreError$fReadCoreError$fShowCoreError$fDataCoreError$fGenericCoreError$fSafeCopyCoreError1$fRenderMessageHappstackAuthenticateI18NCoreError $fEqStatus $fOrdStatus $fReadStatus $fShowStatus $fDataStatus$fGenericStatus$fSafeCopyStatus$fFromJSONStatus$fToJSONStatus$fEqJSONResponse$fReadJSONResponse$fShowJSONResponse$fDataJSONResponse$fGenericJSONResponseUsername _unUsernametoJSONResponse toJSONSuccess toJSONError$fFromJSONJSONResponse$fToJSONJSONResponse $fEqUsername $fOrdUsername$fReadUsername$fShowUsername$fDataUsername$fGenericUsername$fSafeCopyUsername unUsernameEmail_unEmail rUsername$fPathInfoUsername$fFromJSONUsername$fToJSONUsername $fEqEmail $fOrdEmail $fReadEmail $fShowEmail $fDataEmail$fGenericEmail$fSafeCopyEmailUser_userId _username_emailunEmail$fPathInfoEmail$fFromJSONEmail $fToJSONEmail$fEqUser $fOrdUser $fReadUser $fShowUser $fDataUser $fGenericUser$fSafeCopyUserAuthenticateConfig _isAuthAdmin_usernameAcceptable _requireEmailIxUserUserIxsemailuserIdusername$fIndexable:User$fFromJSONUser $fToJSONUser$fGenericAuthenticateConfig SharedSecret_unSharedSecret isAuthAdmin requireEmailusernameAcceptableusernamePolicy$fEqSharedSecret$fOrdSharedSecret$fReadSharedSecret$fShowSharedSecret$fDataSharedSecret$fGenericSharedSecret$fSafeCopySharedSecretNewAccountModeOpenRegistrationModeratedRegistrationClosedRegistration SharedSecretsunSharedSecretgenSharedSecretgenSharedSecretDevURandomgenSharedSecretSysRandominitialSharedSecrets$fEqNewAccountMode$fShowNewAccountMode$fGenericNewAccountModeAuthenticateState_sharedSecrets_users _nextUserId_defaultSessionTimeout_newAccountMode$fSafeCopyNewAccountMode$fEqAuthenticateState$fShowAuthenticateState$fGenericAuthenticateState$fSafeCopyAuthenticateStatedefaultSessionTimeoutnewAccountMode nextUserId sharedSecretsusersinitialAuthenticateStateToken _tokenUser_tokenIsAuthAdminGetAuthenticateStateGetUserByEmailGetUserByUserIdGetUserByUsername DeleteUser UpdateUserCreateAnonymousUser CreateUserGetNewAccountModeSetNewAccountModeGetSharedSecretSetSharedSecretGetDefaultSessionTimeoutSetDefaultSessionTimeoutgetOrGenSharedSecret $fQueryEventGetAuthenticateState$fMethodGetAuthenticateState$fSafeCopyGetAuthenticateState$fQueryEventGetUserByEmail$fMethodGetUserByEmail$fSafeCopyGetUserByEmail$fQueryEventGetUserByUserId$fMethodGetUserByUserId$fSafeCopyGetUserByUserId$fQueryEventGetUserByUsername$fMethodGetUserByUsername$fSafeCopyGetUserByUsername$fUpdateEventDeleteUser$fMethodDeleteUser$fSafeCopyDeleteUser$fUpdateEventUpdateUser$fMethodUpdateUser$fSafeCopyUpdateUser $fUpdateEventCreateAnonymousUser$fMethodCreateAnonymousUser$fSafeCopyCreateAnonymousUser$fUpdateEventCreateUser$fMethodCreateUser$fSafeCopyCreateUser$fQueryEventGetNewAccountMode$fMethodGetNewAccountMode$fSafeCopyGetNewAccountMode$fUpdateEventSetNewAccountMode$fMethodSetNewAccountMode$fSafeCopySetNewAccountMode$fQueryEventGetSharedSecret$fMethodGetSharedSecret$fSafeCopyGetSharedSecret$fUpdateEventSetSharedSecret$fMethodSetSharedSecret$fSafeCopySetSharedSecret$$fQueryEventGetDefaultSessionTimeout $fMethodGetDefaultSessionTimeout"$fSafeCopyGetDefaultSessionTimeout%$fUpdateEventSetDefaultSessionTimeout $fMethodSetDefaultSessionTimeout"$fSafeCopySetDefaultSessionTimeout$fIsAcidicAuthenticateState $fEqToken $fOrdToken $fReadToken $fShowToken $fDataToken$fGenericTokenAuthenticationMethod_unAuthenticationMethod TokenTexttokenIsAuthAdmin tokenUser issueTokendecodeAndVerifyTokenauthCookieNameaddTokenCookiedeleteTokenCookiegetTokenCookiegetTokenHeadergetToken getUserId$fFromJSONToken $fToJSONToken$fEqAuthenticationMethod$fOrdAuthenticationMethod$fReadAuthenticationMethod$fShowAuthenticationMethod$fDataAuthenticationMethod$fGenericAuthenticationMethod$fPathInfoAuthenticationMethod$fSafeCopyAuthenticationMethodunAuthenticationMethodAuthenticateURLAuthenticationMethods ControllersAuthenticationHandlersAuthenticationHandlerrAuthenticationMethod$fFromJSONAuthenticationMethod$fToJSONAuthenticationMethod$fEqAuthenticateURL$fOrdAuthenticateURL$fReadAuthenticateURL$fShowAuthenticateURL$fDataAuthenticateURL$fGenericAuthenticateURLrAuthenticationMethods rControllersauthenticateURLnestAuthenticationMethod$fPathInfoAuthenticateURL OpenIdURLPartial BeginDanceReturnToRealmopenIdAuthenticationMethod $fEqOpenIdURL$fOrdOpenIdURL$fDataOpenIdURL$fGenericOpenIdURL$fReadOpenIdURL$fShowOpenIdURLrPartial rBeginDance rReturnTorRealm openIdURL nestOpenIdURL$fPathInfoOpenIdURL OpenIdErrorUnknownIdentifieropenIdErrorMessageE$fToJExprOpenIdError$fFromJSONOpenIdError$fToJSONOpenIdError$fSafeCopyIdentifier$fEqOpenIdError$fOrdOpenIdError$fReadOpenIdError$fShowOpenIdError$fDataOpenIdError$fGenericOpenIdError OpenIdState_1_identifiers_13$fRenderMessageHappstackAuthenticateI18NOpenIdError$fEqOpenIdState_1$fOrdOpenIdState_1$fReadOpenIdState_1$fShowOpenIdState_1$fDataOpenIdState_1$fGenericOpenIdState_1$fSafeCopyOpenIdState_1 OpenIdState _identifiers _openIdRealm identifiers_1$fEqOpenIdState$fOrdOpenIdState$fReadOpenIdState$fShowOpenIdState$fDataOpenIdState$fGenericOpenIdState$fSafeCopyOpenIdState identifiers openIdRealminitialOpenIdStateidentifierToUserIdassociateIdentifierWithUserIdgetOpenIdRealmsetOpenIdRealm$fMigrateOpenIdState SetRealmData_srOpenIdRealmSetOpenIdRealmGetOpenIdRealmAssociateIdentifierWithUserIdIdentifierToUserId$fUpdateEventSetOpenIdRealmD:R:MethodResultSetOpenIdRealm$fMethodSetOpenIdRealm$fSafeCopySetOpenIdRealm$fQueryEventGetOpenIdRealm$fMethodGetOpenIdRealm$fSafeCopyGetOpenIdRealm*$fUpdateEventAssociateIdentifierWithUserId%$fMethodAssociateIdentifierWithUserId'$fSafeCopyAssociateIdentifierWithUserId$fQueryEventIdentifierToUserId$fMethodIdentifierToUserId$fSafeCopyIdentifierToUserId$fIsAcidicOpenIdState$fEqSetRealmData$fOrdSetRealmData$fReadSetRealmData$fShowSetRealmData$fDataSetRealmData$fGenericSetRealmData srOpenIdRealmrealm getIdentifiertoken$fFromJSONSetRealmData$fToJSONSetRealmData openIdCtrl openIdCtrlJs PartialMsgsUsingGoogleMsg UsingYahooMsg SetRealmMsgOpenIdRealmMsgPartial' routePartial usingGoogle usingYahoo realmForm$fEmbedAsAttrRouteTAttr$fEmbedAsChildRouteTPartialMsgs3$fRenderMessageHappstackAuthenticateI18NPartialMsgs routeOpenId initOpenId AccountURLPasswordpasswordAuthenticationMethod$fEqAccountURL$fOrdAccountURL$fReadAccountURL$fShowAccountURL$fDataAccountURL$fGenericAccountURL PasswordURLAccountPasswordRequestReset PasswordResetUsernamePasswordCtrl rPassword accountURL$fPathInfoAccountURL$fEqPasswordURL$fOrdPasswordURL$fDataPasswordURL$fGenericPasswordURLrTokenrAccountrPasswordRequestResetrPasswordResetrUsernamePasswordCtrl passwordURLnestPasswordURL$fPathInfoPasswordURLusernamePasswordCtrlusernamePasswordCtrlJsPasswordConfig _resetLink_domain_passwordAcceptable$fGenericPasswordConfig PasswordErrorNotAuthenticated NotAuthorizedInvalidUsernameInvalidPasswordInvalidUsernamePasswordNoEmailAddressMissingResetTokenInvalidResetTokenPasswordMismatchUnacceptablePasswordpasswordErrorMessageMsgpasswordErrorMessageEdomainpasswordAcceptable resetLink$fToJExprPasswordError$fFromJSONPasswordError$fToJSONPasswordError$fEqPasswordError$fOrdPasswordError$fReadPasswordError$fShowPasswordError$fDataPasswordError$fGenericPasswordError HashedPass _unHashedPass5$fRenderMessageHappstackAuthenticateI18NPasswordError$fEqHashedPass$fOrdHashedPass$fReadHashedPass$fShowHashedPass$fDataHashedPass$fGenericHashedPass$fSafeCopyHashedPass PasswordState _passwords unHashedPass mkHashedPassverifyHashedPass$fEqPasswordState$fOrdPasswordState$fReadPasswordState$fShowPasswordState$fDataPasswordState$fGenericPasswordState$fSafeCopyPasswordState passwordsinitialPasswordState setPassworddeletePasswordverifyPasswordForUserIdUserPass_user _passwordVerifyPasswordForUserIdDeletePassword SetPasswordverifyPassword#$fQueryEventVerifyPasswordForUserId'D:R:MethodResultVerifyPasswordForUserId$fMethodVerifyPasswordForUserId!$fSafeCopyVerifyPasswordForUserId$fUpdateEventDeletePassword$fMethodDeletePassword$fSafeCopyDeletePassword$fUpdateEventSetPassword$fMethodSetPassword$fSafeCopySetPassword$fIsAcidicPasswordState $fEqUserPass $fOrdUserPass$fReadUserPass$fShowUserPass$fDataUserPass$fGenericUserPassNewAccountData_naUser _naPassword_naPasswordConfirmpassworduser$fToJExprUserPass$fFromJSONUserPass$fToJSONUserPass$fEqNewAccountData$fOrdNewAccountData$fReadNewAccountData$fShowNewAccountData$fDataNewAccountData$fGenericNewAccountDataChangePasswordData_cpOldPassword_cpNewPassword_cpNewPasswordConfirm naPasswordnaPasswordConfirmnaUser$fFromJSONNewAccountData$fToJSONNewAccountData$fEqChangePasswordData$fOrdChangePasswordData$fReadChangePasswordData$fShowChangePasswordData$fDataChangePasswordData$fGenericChangePasswordDataRequestResetPasswordData _rrpUsername cpNewPasswordcpNewPasswordConfirm cpOldPasswordaccount$fFromJSONChangePasswordData$fToJSONChangePasswordData$fEqRequestResetPasswordData$fOrdRequestResetPasswordData$fReadRequestResetPasswordData$fShowRequestResetPasswordData$fDataRequestResetPasswordData!$fGenericRequestResetPasswordDataResetPasswordData _rpPassword_rpPasswordConfirm _rpResetToken rrpUsernamepasswordRequestResetissueResetTokensendResetEmail"$fFromJSONRequestResetPasswordData $fToJSONRequestResetPasswordData$fEqResetPasswordData$fOrdResetPasswordData$fReadResetPasswordData$fShowResetPasswordData$fDataResetPasswordData$fGenericResetPasswordData rpPasswordrpPasswordConfirm rpResetToken passwordResetdecodeAndVerifyResetToken$fFromJSONResetPasswordData$fToJSONResetPasswordData UsernameMsgEmailMsg PasswordMsgPasswordConfirmationMsg SignUpMsg SignInMsg LogoutMsgOldPasswordMsgNewPasswordMsgNewPasswordConfirmationMsgChangePasswordMsgRequestPasswordResetMsgsignupPasswordFormusernamePasswordForm logoutFormchangePasswordFormrequestResetPasswordFormresetPasswordForm routePassword initPasswordauthenticateCtrlauthenticateCtrlJsrouteinitAuthentication$fIntegerSupplyRouteT/happstack-server-7.4.6.2-GUePUuwdUGj5rCSr7NnwsjHappstack.Server.Internal.TypesResponsebaseGHC.BaseNothingsetSharedSecretgetSharedSecretsetDefaultSessionTimeoutgetDefaultSessionTimeoutsetNewAccountModegetNewAccountMode createUsercreateAnonymousUser updateUser deleteUsergetUserByUsernamegetUserByUserIdgetUserByEmailgetAuthenticateState Happstack.Server.Internal.CookieCookie4web-routes-boomerang-0.28.4.2-BUcdM3yg02rJnG4dUE0A2PWeb.Routes.BoomerangRouterStatusOkNotOk JSONResponse _jrStatus_jrDatarOkrNotOkjrDatajrStatus rJSONResponse$D:R:MethodResultGetAuthenticateState