úÎ^ªVN£      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~ €  ‚ ƒ „ … † ‡ ˆ ‰ Š ‹ Œ  Ž   ‘ ’ “ ” • – — ˜ ™ š › œ  ž Ÿ   ¡ ¢ None%&*,01234569:;<=?DOQRTNone%&*,01234569:;<=?DOQRTAn  AuthCheck@ is the function used to decide the authentication status (the  ) of a request. Different  AuthCheck^s may be combined as a Monoid or Alternative; the semantics of this is that the *first* non- # result from left to right is used. (The result of an authentication attempt. Authentication succeeded. If an authentication procedure cannot be carried out - if for example it expects a password and username in a header that is not present -  IndefiniteP is returned. This indicates that other authentication methods should be tried.     None%&*,01234569:;<=?DOQRT**D is a convenience function to throw errors across an entire sub-API uthrowAll err400 :: Handler a :<|> Handler b :<|> Handler c == throwError err400 :<|> throwError err400 :<|> err400+for servant >=0.11,for  servant <0.11)*+,-./)*)*/.-,+)*+,-./ Safe%&*,01234569:;<=?DOQRTNone%&*,01234569:;<=?DOQRT0,The policies to use when generating cookies. If *both* 3 and 4 are Nothingk, browsers will treat the cookie as a *session cookie*. These will be deleted when the browser is closed.Note that having the setting Secure? may cause testing failures if you are not testing over HTTPS.2H= means browsers will only send cookies over HTTPS. Default: Secure.35How long from now until the cookie expires. Default: Nothing.4*At what time the cookie expires. Default: Nothing.5BThe URL path and sub-paths for which this cookie is used. Default Just "/".6@ settings. Default:  SameSiteLax.75What name to use for the cookie used for the session.89What name to use for the cookie used for CSRF protection.9BWhat path to use for the cookie used for CSRF protection. Default Just "/".:9What name to use for the header used for CSRF protection.;0Exclude GET request method from CSRF protection.< JWTSettings2 are used to generate cookies, and to verify JWTs.?An aud predicate. The audG is a string or URI that identifies the intended recipient of the JWT.MA  JWTSettings# where the audience always matches.!0123456789:;<=>?@ABCDEFGHIJKLMNOP 0123456789:;<=>?@ABCDEFGIHJKLMNO!JKLGHIDEF@ABC<=>?M0123456789:;PNO 0 123456789:;<=>?@ABCDEFGHIJKLMNOPNone%&*,01234569:;<=?DOQRTiHow to encode data from a JWT.;The default implementation stores data in the unregistered dat claim, and uses the type's ToJSON instance to encode the data.kHow to decode data from a JWT.KThe default implementation assumes the data is stored in the unregistered dat claim, and uses the FromJSON% instance to decode value from there.mA JWT  AuthCheckJ. You likely won't need to use this directly unless you are protecting a Raw endpoint.nHCreates a JWT containing the specified data. The data is stored in the datT claim. The 'Maybe UTCTime' argument indicates the time at which the token expires.ijklmnijklmnkllijjmnijjkllmnNone%&*,01234569:;<=?DOQRTp#Makes a cookie to be used for CSRF.q(Makes a cookie with session information.rÊFor a JWT-serializable session, returns a function that decorates a provided response object with CSRF and session cookies. This should be used when a user successfully authenticates with credentials.t Alias for q.u Alias for s.opqrstuopqrstuopqrstuopqrstuNone%&*,01234569:;<=?DOQRTw[Whether the username exists and the password is correct. Note that, rather than passing a Pass5 to the function, we pass a function that checks an  EncryptedPassf. This is to make sure you don't accidentally do something untoward with the password, like store it.yA £– that asks the client to authenticate via Basic Authentication, should be invoked by an application whenever appropriate. The argument is the realm.vwxyzvwxyzyxvwzvwxyz None%&*,01234569:;<=?DOQRTAppCtx applies the function res to the arguments in ls1 by taking the values from the Context provided.…IsAuth a ctx v indicates that a/ is an auth type that expects all elements of ctxE to be the in the Context and whose authentication check returns an  AuthCheck v.€‚ƒ„…†‡ˆ‰Š‹ŒŽ €‚ƒ„…†‡…†‡ŽŒƒ„‹Š‚€‰ˆ €‚ƒ„…†‡ˆ‰Š‹ŒŽ None%&*+,01234569:;<=?DILOQRT›for servant >=0.11œfor  servant <0.11‘’“”•–—˜™š›œžŸ  ‘’“”•–—™˜š—˜™–•”‘’“ Ÿžœ›š ‘’“”•–—˜™š›œžŸ  None%&*,01234569:;<=?DOQRT¡¡¡None%&*,01234569:;<=?DOQRT¢%Generate a key suitable for use with  defaultConfig.¢B ('&%)*0123456789:;<=>?DEFGIHJKLMNijklmnpqrstuvwxy{|}~ƒ¢D~ {kllijjJKL<=>?Mm|0123456789:;NqspturGHIƒ}vwx('%&DEFy)*¢n¢€   !"#$%&'()*+,-./01234567568569569:;<=>?@AABCDEFGHIJKLLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~€‚ƒ„…†‡ˆ‰Š‹ŒŠ‹Š‹ŽŠ‹  ‘ ’ “ ” • – — ˜ ™ š › œ  ž Ÿ   ¡ ¢ £ € ¥ Š § š © ª « ¬ ­ ® ¯ ° ± ²³Žµ¶·2servant-auth-server-0.3.2.0-2KI0XaNMvwT4925DYuC2HPServant.Auth.Server#Servant.Auth.Server.SetCookieOrphan"Servant.Auth.Server.Internal.Types%Servant.Auth.Server.Internal.ThrowAll(Servant.Auth.Server.Internal.ConfigTypes Servant.Auth.Server.Internal.JWT#Servant.Auth.Server.Internal.Cookie&Servant.Auth.Server.Internal.BasicAuth"Servant.Auth.Server.Internal.Class)Servant.Auth.Server.Internal.AddSetCookieServant.Auth.Server.Internal&Servant.Auth.Server.Internal.FormLogin0data-default-class-0.1.2.0-GsXqKN6o1X9jr0fF5qCVDData.Default.ClassdefDefault"cookie-0.4.3-h0nmscsBGD4GqDsyeJOK0 Web.Cookie SetCookie$fToByteStringSetCookie$fToHttpApiDataSetCookie$fFromHttpApiDataSetCookie AuthCheck runAuthCheck AuthResult BadPassword NoSuchUser Authenticated Indefinite$fMonadPlusAuthCheck$fAlternativeAuthCheck$fMonadTimeAuthCheck$fMonadIOAuthCheck$fMonadReaderRequestAuthCheck$fMonadAuthCheck$fApplicativeAuthCheck$fMonoidAuthCheck$fMonadPlusAuthResult$fAlternativeAuthResult$fMonadAuthResult$fApplicativeAuthResult$fMonoidAuthResult$fEqAuthResult$fShowAuthResult$fReadAuthResult$fGenericAuthResult$fOrdAuthResult$fFunctorAuthResult$fTraversableAuthResult$fFoldableAuthResult$fGenericAuthCheck$fFunctorAuthCheck#servant-0.13-3QP0lLoTXqDB1XZ9VIFDC3Servant.API.BasicAuthbasicAuthUsernamebasicAuthPassword BasicAuthDataThrowAllthrowAll$fThrowAllTagged$fThrowAll(->) $fThrowAllm$fThrowAll(->)0$fThrowAll:<|>CookieSettingscookieIsSecure cookieMaxAge cookieExpires cookiePathcookieSameSitesessionCookieNamexsrfCookieNamexsrfCookiePathxsrfHeaderNamexsrfExcludeGet JWTSettingskeyaudienceMatchesSameSiteAnySiteSameSiteStrict SameSiteLaxIsPasswordCorrectPasswordCorrectPasswordIncorrectIsSecureSecure NotSecureIsMatchMatches DoesNotMatchdefaultJWTSettingsdefaultCookieSettings"jwtSettingsToJwtValidationSettings$fDefaultCookieSettings $fEqIsMatch $fShowIsMatch $fReadIsMatch$fGenericIsMatch $fOrdIsMatch $fEqIsSecure$fShowIsSecure$fReadIsSecure$fGenericIsSecure $fOrdIsSecure$fEqIsPasswordCorrect$fShowIsPasswordCorrect$fReadIsPasswordCorrect$fGenericIsPasswordCorrect$fOrdIsPasswordCorrect $fEqSameSite$fShowSameSite$fReadSameSite$fGenericSameSite $fOrdSameSite$fGenericJWTSettings$fEqCookieSettings$fShowCookieSettings$fGenericCookieSettingsToJWT encodeJWTFromJWT decodeJWT jwtAuthCheckmakeJWTcookieAuthCheckmakeCsrfCookiemakeSessionCookie acceptLoginmakeSessionCookieBS makeCookie makeCookieBSFromBasicAuthDatafromBasicAuthData BasicAuthCfgwwwAuthenticatedErrbasicAuthCheck+servant-auth-0.3.0.1-LjLLtnXoPrFKg7IypOETCn Servant.AuthJWTCookie BasicAuthAuthAppCtxappCtxAppUnappAreAuthsrunAuthsIsAuthAuthArgsrunAuth$fAppCtxctx[]res$fAppCtxctxs:(->)$fAreAuths:ctxsv$fAreAuths[]ctxsv$fIsAuthBasicAuthusr$fIsAuthJWTusr$fIsAuthCookieusr AddSetCookies addSetCookies SetCookieList SetCookieNil SetCookieConsAddSetCookieApiAddSetCookieApiVerbAddSetCookiesApiNatZS mkHeaders$fAddSetCookiesSTaggedTagged$fAddSetCookiesS(->)(->)$fAddSetCookiesS:<|>:<|>$fAddSetCookiesSmm$fAddSetCookiesZorigorig$fAddSetCookiesS(->)(->)0$fHasServerTYPE:>ctxs generateKey)servant-server-0.13-k3HUFHNICTG3vyfEgb6sW"Servant.Server.Internal.ServantErr ServantErr