Охіh&  "©    Н                    	  
                                               !  "  #  $  %  &  '  (  )  *  +  ,  -  .  /  0  1  2  3  4  5  6  7  8  9  :  ;  <  =  >  ?  @  A  B  C  D  E  F  G  H  I  J  K  L           Safe-Inferred"8;?  j               Safe-Inferred"8;?С г   П
M ms-graph-api3Possible exception states of authentication requestN ms-graph-apiм decoded claims from the JWT token, valid (at least) for the Google OpenID implementation as of February 2021O ms-graph-api/intended audience of the token (== API key ID ) ms-graph-apisub fieldP ms-graph-api#NB Validation is not a monad thoughQ ms-graph-apiDecode and validate the aud,  R and nbf fields of the JWTS ms-graph-apiValidate the aud,  R and nbf fieldsT ms-graph-apiFails if the  Riry field is not at least nsecs seconds in the futureU ms-graph-api(Fails if the current time is before the nbf  time (= token is not yet valid)V ms-graph-apiFails if the aud4ience field is not equal to the supplied ApiAudienceQ  ms-graph-apiН intended token audience (its meaning depends on the OAuth identity provider ) ms-graph-apiК buffer period to allow for API roundtrip delays (defaults to 0 if Nothing) ms-graph-api;JWT-encoded string, e.g. the contents of the id_token fieldS  ms-graph-apiН intended token audience (its meaning depends on the OAuth identity provider )T  ms-graph-apidefaults to 0 if NothingV  ms-graph-api/intended audience of the token (== API key ID ) ms-graph-apidecoded from the JWT0MWXYZ[\N]^_`abcOdefghijklmnopPQSTUVqrstuvwxyz{|            Safe-Inferred"%&18;?М С Ъ и п   
*	 ms-graph-apiЙ https://learn.microsoft.com/en-us/azure/active-directory/develop/userinfo  ms-graph-apiapplication name ms-graph-apiapp client ID : see $https://stackoverflow.com/a/70670961  ms-graph-apiapp client secret " ms-graph-apiOAuth2 and OIDC scopes	 ms-graph-apiOAuth2 state (a random string, 4https://www.rfc-editor.org/rfc/rfc6749#section-10.12  )
 ms-graph-apiOAuth2 redirect URI ms-graph-apiNB : OIDC scopes openid and offline_accessЮ  are ALWAYS requested since the library assumes we have access to refresh tokens and ID tokens} ms-graph-apiО https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration   ms-graph-apiOAuth configuration	
	
           Safe-Inferred"168;?С г   µ ms-graph-apitransactional token store~ ms-graph-api The JWT identity token from the X-MS-TOKEN-AAD-ID-TOKENГ  header injected by App Service can be decoded for its claims e.g. sub0 (which is unique for each user for a given app)дhttps://bogdan.bynapse.com/azure/the-app-service-token-store-was-added-to-app-service-authentication-authorization-and-it-is-a-repository-of-oauth-tokens-associated-with-your-app-users-when-a-user-logs-into-your-app-via-an-iden/ Р https://stackoverflow.com/questions/46757665/authentication-for-azure-functions/  ms-graph-api'Decode the App Service ID token header X-MS-TOKEN-AAD-ID-TOKEN:, look its user up in the local token store, supply token t to continuation. If the user subП  cannot be found in the token store the browser is redirected to the login URI.Special case of  ~ ms-graph-apiLogin endpointsee   ms-graph-apilogin endpoint handler ms-graph-api2The identity provider redirects the client to the reply& endpoint as part of the OAuth flow : й https://learn.microsoft.com/en-us/graph/auth-v2-user?view=graph-rest-1.0&tabs=http#authorization-response see  Ђ ms-graph-apiе 1) the ExchangeToken arrives with the redirect once the user has approved the scopes in the browser
 й https://learn.microsoft.com/en-us/graph/auth-v2-user?view=graph-rest-1.0&tabs=http#authorization-response Ѓ ms-graph-api Insert or update a token in the   object ms-graph-api<Remove a user, i.e. they will have to authenticate once more ms-graph-apiА Look up a user identifier and return their current token, if any ms-graph-api$return a list representation of the   object ms-graph-apiCreate an empty   object‚ ms-graph-apiDecode and validate ID token
 м https://learn.microsoft.com/en-us/azure/active-directory/develop/userinfo#consider-using-an-id-token-instead ѓ ms-graph-apiЗ Lift ExceptT to ActionM which is basically the handler Monad in Scotty.	~  ms-graph-api-look up the UserSub's token, do stuff with it ms-graph-api	login URI ms-graph-apicall MSGraph APIs with token t, etc. ms-graph-apie.g. "/login" ms-graph-apie.g. "/oauth/reply"Ђ ms-graph-apialso called code. Expires in 10 minutesЃ ms-graph-apiuser id ms-graph-api	new token ms-graph-apitoken expires in ms-graph-apiuser identifier e.g. sub ms-graph-apiuser identifier e.g. sub‚  ms-graph-api-appears in the OAuth2Token if scopes include openid ms-graph-api(sub)           Safe-Inferred"18;?  т" ms-graph-apia collection of items with key value% ms-graph-api)POST https://graph.microsoft.com/v1.0/...& ms-graph-api(GET https://graph.microsoft.com/v1.0/...' ms-graph-api(GET https://graph.microsoft.com/v1.0/...р Returns the response body as a bytestring, e.g. for endpoints that download files or general bytestring payloads( ms-graph-api-drop the prefix and lowercase first charactere.g. userDisplayName -> displayName„ ms-graph-api-drop the prefix and lowercase first character… ms-graph-apiь Drops the given prefix from a list.
   It returns the original sequence if the sequence doesn't start with the given prefix.Н dropPrefix "Mr. " "Mr. Men" == "Men"
dropPrefix "Mr. " "Dr. Men" == "Dr. Men"%  ms-graph-apiURI path segments ms-graph-apirequest body&  ms-graph-apiURI path segments'  ms-graph-apiURI path segments(  ms-graph-apirecord prefix„  ms-graph-apirecord name prefix ms-graph-apiJSON field name "#$%&'(&'% "#$(           Safe-Inferred"8;?  ,2 ms-graph-apiGet user informationGET /users/{user-id}Ъ https://learn.microsoft.com/en-us/graph/api/user-get?view=graph-rest-1.0&tabs=http#request 3 ms-graph-api!Get information on signed-in userџCalling the /me endpoint requires a signed-in user and therefore a delegated permission. Application permissions are not supported when using the /me endpoint.GET /meЬ https://learn.microsoft.com/en-us/graph/api/user-get?view=graph-rest-1.0&tabs=http#request-1 2  ms-graph-apiuser id-10/.2323-10/.           Safe-Inferred"8;?  \9 ms-graph-api.download a complete file from user's directory%GET /me/drive/items/{item-id}/contentз https://learn.microsoft.com/en-us/graph/api/driveitem-get-content?view=graph-rest-1.0&tabs=http#request : ms-graph-apidownload a file from a drive.GET /drives/{drive-id}/items/{item-id}/contentз https://learn.microsoft.com/en-us/graph/api/driveitem-get-content?view=graph-rest-1.0&tabs=http#request 9  ms-graph-apiitem ID:  ms-graph-apidrive ID ms-graph-apifile ID9:9:           Safe-Inferred"8;?  иB ms-graph-apiGet drive of current userC ms-graph-api5List children in the root of the current user's drive–https://learn.microsoft.com/en-us/graph/api/driveitem-list-children?view=graph-rest-1.0&tabs=http#list-children-in-the-root-of-the-current-users-drive D ms-graph-api5List children in the root of the current user's drive/GET /drives/{drive-id}/items/{item-id}/children–https://learn.microsoft.com/en-us/graph/api/driveitem-list-children?view=graph-rest-1.0&tabs=http#list-children-in-the-root-of-the-current-users-drive D  ms-graph-apidrive ID ms-graph-apiitem ID
;>=<?A@BCD
BCD?A@;>=<  † 	
                                                               !   "   #   $   %   &   '   (   )   *   +  ,  ,   -   .   /   0   1   2   3   4   5  6  6   7   8   9   /   :   ;   <   =   >   ?   @   A  B  B   C   D  E  E   F   G   H   I   J   K   L   M   N   O   P   Q  R  S  T   U   V WX Y   Z   [   \   ]  ^  _  `  a  b  c   d   e   f   g   h   i  S   j  T  k   l  k   m     n   o   p   q   r   s   t   u   v   w   x   y   z   {   |   }   ~      Ђ   Ѓ   ‚   ѓ   „   …   †   ‡   €‰+ms-graph-api-0.4.0.0-B4kYkppYtpeAW8kqAwCuk6MSGraphAPI.Internal.CommonNetwork.OAuth2.SessionNetwork.OAuth2.Provider.AzureADMSGraphAPI.UserMSGraphAPI.Files.DriveItemsMSGraphAPI.DriveMSGraphAPI.AuthNetwork.OAuth2.JWT req-3.13.0-Z6GuU1Shmz9y57HLYa14xNetwork.HTTP.ReqrunReqUserSubAzureADUserOAuthCfg$sel:oacAppName:OAuthCfg$sel:oacClientId:OAuthCfg$sel:oacClientSecret:OAuthCfg$sel:oacScopes:OAuthCfg$sel:oacAuthState:OAuthCfg$sel:oacRedirectURI:OAuthCfgAzureAD
azureADApp$fFromJSONAzureADUser$fEqAzureADUser$fOrdAzureADUser$fShowAzureADUser$fEqAzureAD$fShowAzureADTokensScottyActionwithAADUserloginEndpointreplyEndpoint
expireUser
lookupUsertokensToList	newTokens$fShowOAuthSessionError$fExceptionOAuthSessionError$fEqTokensData$fShowTokensData$fEqOAuthSessionError
CollectioncValuepostgetgetLbsaesonOptions$fFromJSONCollection$fEqCollection$fShowCollection$fGenericCollectionUseruIduUserPrincipalNameuDisplayNamegetMe$fFromJSONUser$fEqUser	$fOrdUser
$fShowUser$fGenericUserdownloadFileMedownloadFile	DriveItemdiNamediSizeDrivedId
getDriveMegetDriveItemsMegetDriveItemChildren$fFromJSONDrive$fFromJSONDriveItem$fEqDriveItem$fShowDriveItem$fGenericDriveItem	$fEqDrive$fShowDrive$fGenericDriveJWTException	JWTClaimsApiAudiencebindValidationdecodeValidateJWTbase	GHC.FloatexpvalidateJWTvalidateExpvalidateNbfvalidateAud	JENoTokenJEClaimNotFoundJEMalformedJWTJEAudienceNotFoundJENotYetValidJEExpiredTokenjcEmailjcSubjcNbfjcIatjcExpjcAudapiAudience	UserEmail	userEmailuserSub	jwtClaimsdecValidSubdecValidExpdecValidNbfdecValidEmaildecValidAud	decodeJWTdecAuddecExpdecIatdecNbfdecSubdecEmailclaimNotFoundfromAudfromNumericDatefromStringOrUriepochdefaultAzureADIdpaadHeaderIdTokenloginHfetchUpdateTokenupdateTokendecValidIdTokenexcepttToActionM
recordName
dropPrefix