Safe Haskell | Safe-Inferred |
---|---|
Language | Haskell2010 |
OAuth user session
Synopsis
- withAADUser :: MonadIO m => Tokens UserSub t -> Text -> (t -> Action m ()) -> Action m ()
- loginEndpoint :: MonadIO m => IdpApplication 'AuthorizationCode AzureAD -> RoutePattern -> Scotty m ()
- replyEndpoint :: MonadIO m => IdpApplication 'AuthorizationCode AzureAD -> Tokens UserSub OAuth2Token -> Manager -> RoutePattern -> Scotty m ()
- type Tokens uid t = TVar (TokensData uid t)
- newTokens :: (MonadIO m, Ord uid) => m (Tokens uid t)
- data UserSub
- lookupUser :: (MonadIO m, Ord uid) => Tokens uid t -> uid -> m (Maybe t)
- expireUser :: (MonadIO m, Ord uid) => Tokens uid t -> uid -> m ()
- tokensToList :: MonadIO m => Tokens k a -> m [(k, a)]
- type Scotty = ScottyT Text
- type Action = ActionT Text
Azure App Service
:: MonadIO m | |
=> Tokens UserSub t | |
-> Text | login URI |
-> (t -> Action m ()) | call MSGraph APIs with token |
-> Action m () |
Decode the App Service ID token header X-MS-TOKEN-AAD-ID-TOKEN
, look its user up in the local token store, supply token t
to continuation. If the user sub
cannot be found in the token store the browser is redirected to the login URI.
Special case of aadHeaderIdToken
OAuth2 endpoints
:: MonadIO m | |
=> IdpApplication 'AuthorizationCode AzureAD | |
-> RoutePattern | e.g. |
-> Scotty m () |
Login endpoint
see azureADApp
:: MonadIO m | |
=> IdpApplication 'AuthorizationCode AzureAD | |
-> Tokens UserSub OAuth2Token | |
-> Manager | |
-> RoutePattern | e.g. |
-> Scotty m () |
The identity provider redirects the client to the reply
endpoint as part of the OAuth flow : https://learn.microsoft.com/en-us/graph/auth-v2-user?view=graph-rest-1.0&tabs=http#authorization-response
see azureADApp
In-memory user session
sub
field
Instances
FromJSON UserSub Source # | |
FromJSONKey UserSub Source # | |
Defined in Network.OAuth2.JWT | |
ToJSON UserSub Source # | |
Defined in Network.OAuth2.JWT | |
ToJSONKey UserSub Source # | |
Defined in Network.OAuth2.JWT | |
IsString UserSub Source # | |
Defined in Network.OAuth2.JWT fromString :: String -> UserSub # | |
Generic UserSub Source # | |
Show UserSub Source # | |
Eq UserSub Source # | |
Ord UserSub Source # | |
type Rep UserSub Source # | |
Defined in Network.OAuth2.JWT |
Look up a user identifier and return their current token, if any
Remove a user, i.e. they will have to authenticate once more
tokensToList :: MonadIO m => Tokens k a -> m [(k, a)] Source #
return a list representation of the Tokens
object