Охіh&  !  ‹Й                    	  
                                               !  "  #  $  %  &  '  (  )  *  +  ,  -  .  /  0  1  2  3  4  5  6  7  8  9  :  ;  <  =  >  ?  @  A  B  C  D  E  F  G  H           Safe-Inferred"8;?  Z               Safe-Inferred"8;?С г   ї
I ms-graph-api3Possible exception states of authentication requestJ ms-graph-apiм decoded claims from the JWT token, valid (at least) for the Google OpenID implementation as of February 2021K ms-graph-api/intended audience of the token (== API key ID ) ms-graph-apisub fieldL ms-graph-api#NB Validation is not a monad thoughM ms-graph-apiDecode and validate the aud,  N and nbf fields of the JWTO ms-graph-apiValidate the aud,  N and nbf fieldsP ms-graph-apiFails if the  Niry field is not at least nsecs seconds in the futureQ ms-graph-api(Fails if the current time is before the nbf  time (= token is not yet valid)R ms-graph-apiFails if the aud4ience field is not equal to the supplied ApiAudienceM  ms-graph-apiН intended token audience (its meaning depends on the OAuth identity provider ) ms-graph-apiК buffer period to allow for API roundtrip delays (defaults to 0 if Nothing) ms-graph-api;JWT-encoded string, e.g. the contents of the id_token fieldO  ms-graph-apiН intended token audience (its meaning depends on the OAuth identity provider )P  ms-graph-apidefaults to 0 if NothingR  ms-graph-api/intended audience of the token (== API key ID ) ms-graph-apidecoded from the JWT0ISTUVWXJYZ[\]^_K`abcdefghijklLMOPQRmnopqrstuvwx            Safe-Inferred"%&18;?М С Ъ и п   
	 ms-graph-apiЙ https://learn.microsoft.com/en-us/azure/active-directory/develop/userinfo  ms-graph-apiapplication name ms-graph-apiapp client ID : see $https://stackoverflow.com/a/70670961  ms-graph-apiapp client secret " ms-graph-apiOAuth2 and OIDC scopes	 ms-graph-apiOAuth2 state (a random string, 4https://www.rfc-editor.org/rfc/rfc6749#section-10.12  )
 ms-graph-apiOAuth2 redirect URI ms-graph-apiNB : OIDC scopes openid and offline_accessЮ  are ALWAYS requested since the library assumes we have access to refresh tokens and ID tokensy ms-graph-apiО https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration   ms-graph-apiOAuth configuration	
	
           Safe-Inferred"168;?С г   D	 ms-graph-apitransactional token storez ms-graph-api The JWT identity token from the X-MS-TOKEN-AAD-ID-TOKENГ  header injected by App Service can be decoded for its claims e.g. sub0 (which is unique for each user for a given app)дhttps://bogdan.bynapse.com/azure/the-app-service-token-store-was-added-to-app-service-authentication-authorization-and-it-is-a-repository-of-oauth-tokens-associated-with-your-app-users-when-a-user-logs-into-your-app-via-an-iden/ Р https://stackoverflow.com/questions/46757665/authentication-for-azure-functions/  ms-graph-api'Decode the App Service ID token header X-MS-TOKEN-AAD-ID-TOKEN:, look its user up in the local token store, supply token t to continuation. If the user subП  cannot be found in the token store the browser is redirected to the login URI.Special case of  z ms-graph-apiLogin endpointsee  { ms-graph-apilogin endpoint handler ms-graph-api2The identity provider redirects the client to the reply& endpoint as part of the OAuth flow : й https://learn.microsoft.com/en-us/graph/auth-v2-user?view=graph-rest-1.0&tabs=http#authorization-response see  | ms-graph-apiе 1) the ExchangeToken arrives with the redirect once the user has approved the scopes in the browser
 й https://learn.microsoft.com/en-us/graph/auth-v2-user?view=graph-rest-1.0&tabs=http#authorization-response } ms-graph-apiDecode and validate ID token
 м https://learn.microsoft.com/en-us/azure/active-directory/develop/userinfo#consider-using-an-id-token-instead ~ ms-graph-apiЗ Lift ExceptT to ActionM which is basically the handler Monad in Scotty.	z  ms-graph-api-look up the UserSub's token, do stuff with it ms-graph-api	login URI ms-graph-apicall MSGraph APIs with token t, etc. ms-graph-apie.g. "/login" ms-graph-apie.g. "/oauth/reply"| ms-graph-apialso called code. Expires in 10 minutes ms-graph-apiuser id ms-graph-api	new token ms-graph-apitoken expires in ms-graph-apiuser identifier e.g. sub ms-graph-apiuser identifier e.g. sub}  ms-graph-api-appears in the OAuth2Token if scopes include openid ms-graph-api(sub)		           Safe-Inferred"18;?  } ms-graph-apia collection of items with key value! ms-graph-api)POST https://graph.microsoft.com/v1.0/..." ms-graph-api(GET https://graph.microsoft.com/v1.0/...# ms-graph-api(GET https://graph.microsoft.com/v1.0/...р Returns the response body as a bytestring, e.g. for endpoints that download files or general bytestring payloads$ ms-graph-api-drop the prefix and lowercase first charactere.g. userDisplayName -> displayNameЂ ms-graph-api-drop the prefix and lowercase first characterЃ ms-graph-apiь Drops the given prefix from a list.
   It returns the original sequence if the sequence doesn't start with the given prefix.Н dropPrefix "Mr. " "Mr. Men" == "Men"
dropPrefix "Mr. " "Dr. Men" == "Dr. Men"!  ms-graph-apiURI path segments ms-graph-apirequest body"  ms-graph-apiURI path segments#  ms-graph-apiURI path segments$  ms-graph-apirecord prefixЂ  ms-graph-apirecord name prefix ms-graph-apiJSON field name  !"#$"#!  $           Safe-Inferred"8;?  ·. ms-graph-apiGet user informationGET /users/{user-id}Ъ https://learn.microsoft.com/en-us/graph/api/user-get?view=graph-rest-1.0&tabs=http#request / ms-graph-api!Get information on signed-in userџCalling the /me endpoint requires a signed-in user and therefore a delegated permission. Application permissions are not supported when using the /me endpoint.GET /meЬ https://learn.microsoft.com/en-us/graph/api/user-get?view=graph-rest-1.0&tabs=http#request-1 .  ms-graph-apiuser id)-,+*././)-,+*           Safe-Inferred"8;?  з5 ms-graph-api.download a complete file from user's directory%GET /me/drive/items/{item-id}/contentз https://learn.microsoft.com/en-us/graph/api/driveitem-get-content?view=graph-rest-1.0&tabs=http#request 6 ms-graph-apidownload a file from a drive.GET /drives/{drive-id}/items/{item-id}/contentз https://learn.microsoft.com/en-us/graph/api/driveitem-get-content?view=graph-rest-1.0&tabs=http#request 5  ms-graph-apiitem ID6  ms-graph-apidrive ID ms-graph-apifile ID5656           Safe-Inferred"8;?  s> ms-graph-apiGet drive of current user? ms-graph-api5List children in the root of the current user's drive–https://learn.microsoft.com/en-us/graph/api/driveitem-list-children?view=graph-rest-1.0&tabs=http#list-children-in-the-root-of-the-current-users-drive @ ms-graph-api5List children in the root of the current user's drive/GET /drives/{drive-id}/items/{item-id}/children–https://learn.microsoft.com/en-us/graph/api/driveitem-list-children?view=graph-rest-1.0&tabs=http#list-children-in-the-root-of-the-current-users-drive @  ms-graph-apidrive ID ms-graph-apiitem ID
7:98;=<>?@
>?@;=<7:98  ‚ 	
                                                               !   "   #   $   %   &   '  (  (   )   *   +   ,   -   .   /   0   1  2  2   3   4   5   +   6   7   8   9   :   ;   <   =  >  >   ?   @  A  A   B   C   D   E   F   G   H   I   J   K   L   M  N  O  P   Q   R ST U   V   W   X   Y  Z  [  \  ]  ^  _   `   a   b   c   d   e  O   f  P  g   h  g   i     j   k   l   m   n   o   p   q   r   s   t   u   v   w   x   y   z   {   |   }   ~      Ђ   Ѓ   ‚   ѓ   „…+ms-graph-api-0.3.0.0-J8fAZ9YhmoPK6rVlP5rmuGMSGraphAPI.Internal.CommonNetwork.OAuth2.SessionNetwork.OAuth2.Provider.AzureADMSGraphAPI.UserMSGraphAPI.Files.DriveItemsMSGraphAPI.DriveMSGraphAPI.AuthNetwork.OAuth2.JWT req-3.13.0-Z6GuU1Shmz9y57HLYa14xNetwork.HTTP.ReqrunReqUserSubAzureADUserOAuthCfg$sel:oacAppName:OAuthCfg$sel:oacClientId:OAuthCfg$sel:oacClientSecret:OAuthCfg$sel:oacScopes:OAuthCfg$sel:oacAuthState:OAuthCfg$sel:oacRedirectURI:OAuthCfgAzureAD
azureADApp$fFromJSONAzureADUser$fEqAzureADUser$fOrdAzureADUser$fShowAzureADUser$fEqAzureAD$fShowAzureADTokensScottyActionwithAADUserloginEndpointreplyEndpoint
expireUser
lookupUser$fShowOAuthSessionError$fExceptionOAuthSessionError$fEqOAuthSessionError
CollectioncValuepostgetgetLbsaesonOptions$fFromJSONCollection$fEqCollection$fShowCollection$fGenericCollectionUseruIduUserPrincipalNameuDisplayNamegetMe$fFromJSONUser$fEqUser	$fOrdUser
$fShowUser$fGenericUserdownloadFileMedownloadFile	DriveItemdiNamediSizeDrivedId
getDriveMegetDriveItemsMegetDriveItemChildren$fFromJSONDrive$fFromJSONDriveItem$fEqDriveItem$fShowDriveItem$fGenericDriveItem	$fEqDrive$fShowDrive$fGenericDriveJWTException	JWTClaimsApiAudiencebindValidationdecodeValidateJWTbase	GHC.FloatexpvalidateJWTvalidateExpvalidateNbfvalidateAud	JENoTokenJEClaimNotFoundJEMalformedJWTJEAudienceNotFoundJENotYetValidJEExpiredTokenjcEmailjcSubjcNbfjcIatjcExpjcAudapiAudience	UserEmail	userEmailuserSub	jwtClaimsdecValidSubdecValidExpdecValidNbfdecValidEmaildecValidAud	decodeJWTdecAuddecExpdecIatdecNbfdecSubdecEmailclaimNotFoundfromAudfromNumericDatefromStringOrUriepochdefaultAzureADIdpaadHeaderIdTokenloginHfetchUpdateTokendecValidIdTokenexcepttToActionMupdateToken
recordName
dropPrefix