Copyright	(c) Joseph Abrahamson 2013
License	MIT
Maintainer	me@jspha.com
Stability	experimental
Portability	non-portable
Safe Haskell	None
Language	Haskell2010

Network.OAuth.Types.Credentials

Contents

Tokens and their parameterization
- Deserialization
Credentials and credential construction
Accessors

Description

Credentials, Creds, are built from Tokens, public/private key pairs, and come in 3 varieties.

Client: Represents a particular client or consumer, used as part of every transaction that client signs.
Temporary: Resource token representing a short-lived grant to access a restricted set of server resources on behalf of the user. Typically used as part of a authorization negotiation protocol.
Permanent: Resource token representing a long-lived grant to access an authorized set of server resources on behalf of the user. Outside of access negotiation this is the most common kind of resource Token.

Synopsis

Tokens and their parameterization

data Token ty Source

Tokens are public, private key pairs and come in many varieties, Client, Temporary, and Permanent.

Constructors

Token !Key !Secret

Instances

Eq (Token ty)
Data ty => Data (Token ty)
Ord (Token ty)
Show (Token ty)
ToJSON (Token ty)	Produces a JSON object using keys named `oauth_token` and `oauth_token_secret`.
FromJSON (Token ty)	Parses a JSON object with keys `oauth_token` and `oauth_token_secret`, the standard format for OAuth 1.0.
Typeable (* -> *) Token

type Key = ByteString Source

Token Keys are public keys which allow a server to uniquely identify a particular Token.

type Secret = ByteString Source

Token Secrets are private keys which the Token uses for cryptographic purposes.

data Client Source

Client Credentials and Tokens are assigned to a particular client by the server and are used for all requests sent by that client. They form the core component of resource specific credentials.

Instances

Data Client
Typeable * Client

data Temporary Source

Temporary Tokens and Credentials are created during authorization protocols and are rarely meant to be kept for more than a few minutes. Typically they are authorized to access only a very select set of server resources. During "three-legged authorization" in OAuth 1.0 they are used to generate the authorization request URI the client sends and, after that, in the Permanent Token request.

Instances

Data Temporary
ResourceToken Temporary
Typeable * Temporary

data Permanent Source

Permanent Tokens and Credentials are the primary means of accessing server resources. They must be maintained by the client for each user who authorizes that client to access resources on their behalf.

Instances

Data Permanent
ResourceToken Permanent
Typeable * Permanent

class ResourceToken tk Source

Instances

ResourceToken Permanent
ResourceToken Temporary

Deserialization

fromUrlEncoded :: ByteString -> Maybe (Bool, Token ty) Source

Parses a www-form-urlencoded stream to produce a Token if possible. The first result value is whether or not the token data is OAuth 1.0a compatible.

>>> fromUrlEncoded "oauth_token=key&oauth_token_secret=secret"
Just (False, Token "key" "secret")

>>> fromUrlEncoded "oauth_token=key&oauth_token_secret=secret&oauth_callback_confirmed=true"
Just (True, Token "key" "secret")

Credentials and credential construction

data Cred ty Source

Credentials pair a Client Token and either a Temporary or Permanent token corresponding to a particular set of user resources on the server.

Instances

Eq (Cred ty)
Data ty => Data (Cred ty)
Ord (Cred ty)
Show (Cred ty)
Typeable (* -> *) Cred

clientCred :: Token Client -> Cred Client Source

temporaryCred :: Token Temporary -> Cred Client -> Cred Temporary Source

permanentCred :: Token Permanent -> Cred Client -> Cred Permanent Source

upgradeCred :: ResourceToken tk => Token tk -> Cred tk' -> Cred tk Source

Accessors

key :: Functor f => (Key -> f Key) -> Token ty -> f (Token ty) Source

Lens on the key component of a Token.

secret :: Functor f => (Secret -> f Secret) -> Token ty -> f (Token ty) Source

Lens on the key secret component of a Token.

clientToken :: Functor f => (Token Client -> f (Token Client)) -> Cred ty -> f (Cred ty) Source

A lens on the client Token in any Cred.

resourceToken :: (ResourceToken ty, ResourceToken ty', Functor f) => (Token ty -> f (Token ty')) -> Cred ty -> f (Cred ty') Source

A lens focused on the resource Token when available. The only instances of ResourceToken are Temporary and Permanent. This can be used to upgrade Temporary Creds to Permanent Creds.

getResourceTokenDef :: Cred ty -> Token ty Source

OAuth assumes that, by default, any credential has a resource Token that is by default completely blank. In this way we can talk about the resource Token of even Client Creds.

>>> getResourceTokenDef (clientCred $ Token "key" "secret")
Token "" ""

signingKey :: Cred ty -> ByteString Source

Produce a signingKey from a set of credentials. This is a URL encoded string built from the client secret and the token secret.

If no token secret exists then the blank string is used.

\secret -> signingKey (clientCred $ Token "key" secret) == (pctEncode secret <> "&" <> "")