oauthenticated-0.2.1.0: Simple OAuth for http-client

Copyright(c) Joseph Abrahamson 2013
LicenseMIT
Maintainerme@jspha.com
Stabilityexperimental
Portabilitynon-portable
Safe HaskellNone
LanguageHaskell2010

Network.OAuth.Signing

Contents

Description

Signing forms the core process for OAuth. Given a Request about to be sent, Server parameters, and a full Oa we append a set of parameters to the Request which turns it into a signed OAuth request.

Synopsis

Primary interface

The oauth and sign commands can be used as low level signing primitives, and they are indeed used to build the Network.OAuth.Stateful interface exported by default.

oauth :: (MonadIO m, MonadRandom m) => Cred ty -> Server -> Request -> m Request Source #

Sign a request with a fresh set of parameters.

sign :: Oa ty -> Server -> Request -> Request Source #

Sign a request given generated parameters

Low-level interface

The low-level interface is used to build oauth and sign and can be useful for testing.

makeSignature :: SignatureMethod -> ByteString -> ByteString -> ByteString Source #

augmentRequest :: ParameterMethod -> Query -> Request -> Request Source #

Augments whatever component of the Request is specified by ParameterMethod with one built from the apropriate OAuth parameters (passed as a Query).

Currently this actually replaces the Authorization header if one exists. This may be a bad idea if the realm parameter is pre-set, perhaps.

TODO: Parse Authorization header and augment it.

Currently this actually replaces the entity body if one exists. This is definitely just me being lazy.

TODO: Try to parse entity body and augment it.

canonicalBaseString :: Oa ty -> Server -> Request -> ByteString Source #

canonicalParams :: Oa ty -> Server -> Request -> ByteString Source #

oauthParams :: Oa ty -> Server -> Query Source #

canonicalUri :: Request -> ByteString Source #

bodyParams :: Request -> Query Source #

Queries a Request body and tries to interpret it as a set of OAuth valid parameters. It makes the assumption that if the body type is a streaming variety or impure then it is not a set of OAuth parameters--- dropping this assumption would prevent this from being pure.

queryParams :: Request -> Query Source #