hY      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~ None!"(3457>KLNyNormally context entries are accessed by their types. In case you need to have multiple values of the same type in your & and need to access them, we provide -. You can think of it as sub-namespaces for s.0This class is used to access context entries in s. 1 returns the first value where the type matches:7getContextEntry (True :. False :. EmptyContext) :: BoolTrueIf the G does not contain an entry of the requested type, you'll get an error:9getContextEntry (True :. False :. EmptyContext) :: String...0 No instance for (HasContextEntry '[] [Char])...4s are used to pass values to combinators. (They are nota meant to be used to pass parameters to your handlers, i.e. they should not replace any custom   %-monad-stack that you're using with T.) If you don't use combinators that require any context entries, you can just use   as always.6If you are using combinators that require a non-empty  you have to use   and pass it a 8 that contains all the values your combinators need. A [ is essentially a heterogenous list and accessing the elements is being done by type (see ). The parameter of the type Z is a type-level list reflecting the types of the contained context entries. To create a ! with entries, use the operator ( ): :type True :. () :. EmptyContext1True :. () :. EmptyContext :: Context '[Bool, ()]   allows you to access Qs. Usually you won't have to use it yourself but instead use a combinator like . This is how   works::set -XFlexibleContexts%let subContext = True :. EmptyContext:type subContextsubContext :: Context '[Bool]klet parentContext = False :. (NamedContext subContext :: NamedContext "subContext" '[Bool]) :. EmptyContext:type parentContextCparentContext :: Context '[Bool, NamedContext "subContext" '[Bool]]VdescendIntoNamedContext (Proxy :: Proxy "subContext") parentContext :: Context '[Bool]True :. EmptyContext        None+ Multiple ChoicesExample: _failingHandler :: Handler () failingHandler = throwErr $ err300 { errBody = "I can't choose." } Moved PermanentlyExample: =failingHandler :: Handler () failingHandler = throwErr err301 FoundExample: =failingHandler :: Handler () failingHandler = throwErr err302 See OtherExample: =failingHandler :: Handler () failingHandler = throwErr err303 Not ModifiedExample: =failingHandler :: Handler () failingHandler = throwErr err304 Use ProxyExample: =failingHandler :: Handler () failingHandler = throwErr err305 Temporary RedirectExample: =failingHandler :: Handler () failingHandler = throwErr err307   Bad RequestExample: rfailingHandler :: Handler () failingHandler = throwErr $ err400 { errBody = "Your request makes no sense to me." }!! UnauthorizedExample: mfailingHandler :: Handler () failingHandler = throwErr $ err401 { errBody = "Your credentials are invalid." }"" Payment RequiredExample: wfailingHandler :: Handler () failingHandler = throwErr $ err402 { errBody = "You have 0 credits. Please give me $$$." }## ForbiddenExample: cfailingHandler :: Handler () failingHandler = throwErr $ err403 { errBody = "Please login first." }$$ Not FoundExample: ^failingHandler :: Handler () failingHandler = throwErr $ err404 { errBody = "(%o% %o5 %;%%;)." }%% Method Not AllowedExample: failingHandler :: Handler () failingHandler = throwErr $ err405 { errBody = "Your account privileges does not allow for this. Please pay $$$." }&& Not AcceptableExample: =failingHandler :: Handler () failingHandler = throwErr err406'' Proxy Authentication RequiredExample: =failingHandler :: Handler () failingHandler = throwErr err407(( ConflictExample: failingHandler :: Handler () failingHandler = throwErr $ err409 { errBody = "Transaction conflicts with 59879cb56c7c159231eeacdd503d755f7e835f74" })) GoneExample: failingHandler :: Handler () failingHandler = throwErr $ err410 { errBody = "I know it was here at some point, but.. I blame bad luck." }** Length RequiredExample: =failingHandler :: Handler () failingHandler = throwErr err411++ Precondition FailedExample: sfailingHandler :: Handler () failingHandler = throwErr $ err412 { errBody = "Precondition fail: x < 42 && y > 57" },, Request Entity Too LargeExample: efailingHandler :: Handler () failingHandler = throwErr $ err413 { errBody = "Request exceeded 64k." }-- Request-URI Too LargeExample: efailingHandler :: Handler () failingHandler = throwErr $ err414 { errBody = "Maximum length is 64." }.. Unsupported Media TypeExample: pfailingHandler :: Handler () failingHandler = throwErr $ err415 { errBody = "Supported media types: gif, png" }// Request range not satisfiableExample: kfailingHandler :: Handler () failingHandler = throwErr $ err416 { errBody = "Valid range is [0, 424242]." }00 Expectation FailedExample: failingHandler :: Handler () failingHandler = throwErr $ err417 { errBody = "I found a quux in the request. This isn't going to work." }11 Internal Server ErrorExample: failingHandler :: Handler () failingHandler = throwErr $ err500 { errBody = "Exception in module A.B.C:55. Have a great day!" }22 Not ImplementedExample: failingHandler :: Handler () failingHandler = throwErr $ err501 { errBody = "/v1/foo is not supported with quux in the request." }33 Bad GatewayExample: failingHandler :: Handler () failingHandler = throwErr $ err502 { errBody = "Tried gateway foo, bar, and baz. None responded." }44 Service UnavailableExample: gfailingHandler :: Handler () failingHandler = throwErr $ err503 { errBody = "We're rewriting in PHP." }55 Gateway Time-outExample: |failingHandler :: Handler () failingHandler = throwErr $ err504 { errBody = "Backend foobar did not respond in 5 seconds." }66 HTTP Version not supportedExample usage: hfailingHandler :: Handler () failingHandler = throwErr $ err505 { errBody = "I support HTTP/4.0 only." }' !"#$%&'()*+,-./01234567& !"#$%&'()*+,-./0123456'7 !"#$%&'()*+,-./0123456" !"#$%&'()*+,-./01234567None !"*->KL8Computations used in a ; can depend on the incoming , may perform 'IO, and result in a 'RouteResult, meaning they can either suceed, fail (with the possibility to recover), or fail fatally.;A ;Y is a representation of a handler with scheduled delayed checks that can trigger errors."Why would we want to delay checks?There are two reasons: In a straight-forward implementation, the order in which we perform checks will determine the error we generate. This is because once an error occurs, we would abort and not perform any subsequent checks, but rather return the current error.This is not a necessity: we could continue doing other checks, and choose the preferred error. However, that would in general mean more checking, which leads us to the other reason. ZWe really want to avoid doing certain checks too early. For example, captures involve parsing, and are much more costly than static route matches. In particular, if several paths contain the "same" capture, we'd like as much as possible to avoid trying the same parse many times. Also tricky is the request body. Again, this involves parsing, but also, WAI makes obtaining the request body a side-effecting operation. We could/can work around this by manually caching the request body, but we'd rather keep the number of times we actually try to decode the request body to an absolute minimum.DWe prefer to have the following relative priorities of error codes: l404 405 (bad method) 401 (unauthorized) 415 (unsupported media type) 400 (bad request) 406 (not acceptable) fTherefore, while routing, we delay most checks so that they will ultimately occur in the right order.A ;A contains three delayed blocks of tests, and the actual handler: Delayed captures. These can actually cause 404, and while they're costly, they should be done first among the delayed checks (at least as long as we do not decouple the check order from the error reporting, see above). Delayed captures can provide inputs to the actual handler.Method check(s). This can cause a 405. On success, it does not provide an input for the handler. Method checks are comparatively cheap.Body and accept header checks. The request body check can cause both 400 and 415. This provides an input to the handler. The accept header check can be performed as the final computation in this block. It can cause a 406.B8The result of matching against a path in the route tree.CKeep trying other paths. The  ServantErr! should only be 404, 405 or 406.DDon't try other paths.HA ; without any stored checks.I Fail with the option to recover.J2Fail fatally, i.e., without any option to recover.K$Gain access to the incoming request.L.Add a capture to the end of the capture block.M2Add a method check to the end of the method block.N/Add an auth check to the end of the auth block.O.Add a body check to the end of the body block.P2Add an accept header check to the beginning of the body block. There is a tradeoff here. In principle, we'd like to take a bad body (400) response take precedence over a failed accept check (406). BUT to allow streaming the body, we cannot run the body check and then still backtrack. We therefore do the accept check before the body check, when we can still backtrack. There are other solutions to this, but they'd be more complicated (such as delaying the body check further so that it can still be run in a situation where we'd otherwise report 406).QyMany combinators extract information that is passed to the handler without the possibility of failure. In such a case, Q can be used.RRun a delayed server. Performs all scheduled operations in order, and passes the results from the capture and body blocks on to the actual handler.wThis should only be called once per request; otherwise the guarantees about effect and HTTP error ordering break down.SRuns a delayed server and the resulting action. Takes a continuation that lets us send a response. Also takes a continuation for how to turn the result of the delayed server into a response.!89:;<=>?@ABCDEFthe request, the field pathInfo may be modified by url routingGHIJKLMNOPQRSTUVWX89:;<=>?@ABCDEFGHIJKLMNOPQRS!FBCDEG;<=>?@AX89:WVUTHIJKLMNOPQRS89:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXNone+-0Y:Datatype wrapping a function used to check authentication.\servant-server's current implementation of basic authentication is not immune to certian kinds of timing attacks. Decoding payloads does not take a fixed amount of time.*The result of authentication/authorizationa.Internal method to make a basic-auth challengebFind and decode an  Authorization& header from the request as Basic AuthcWRun and check basic authentication, returning the appropriate http error per the spec. YZ[\]^_`abc YZ[\]^_`abc \]^_`YZ[abcYZ[\]^_`abcNone!"->dtDatatype used for representing and debugging the structure of a router. Abstracts from the handlers at the leaves.Two n3s can be structurally compared by computing their d using r% and then testing for equality, see s.i$Internal representation of a router.The first argument describes an environment type that is expected as extra input by the routers at the leaves. The environment is filled while running the router, with path components that can be used to process captures.jthe map contains routers for subpaths (first path component used for lookup and removed afterwards), the list contains handlers for the empty path, to be tried in orderk_first path component is passed to the child router in its environment and removed afterwardsl3to be used for routes we do not know anything aboutm&left-biased choice between two routerso5Smart constructor for a single static path component.pJSmart constructor for a leaf, i.e., a router that expects the empty path.q]Smart constructor for the choice between routers. We currently optimize the following cases:_Two static routers can be joined by joining their maps and concatenating their leaf-lists.=Two dynamic routers can be joined by joining their codomains.Choice nodes can be reordered.r"Compute the structure of a router.2Assumes that the request or text being passed in  WithRequest or k7 does not affect the structure of the underlying tree.s%Compare the structure of two routers.t?Provide a textual representation of the structure of a router.u,Apply a transformation to the response of a n.v%Interpret a router as an application.xTry a list of routing applications in order. We stop as soon as one fails fatally or succeeds. If all fail normally, we pick the "best" error.defghijklmnopqrstuvwxydefghijklmnopqrstuvwxynijklmopqdefghrstuvwxydefghijklmnopqrstuvwxyNone+3579>IKLNzA natural transformation from m to n . Used to ~ particular datatypes.Like .Log the contents of P with the function provided as the first argument, and return the value of the WriterT computationLike , but for strict WriterT.Like mmorph's .Like mmorph's .Like mmorph's .Like mmorph's .z{|}~z{|}~}~z{|z{|}~None&'(3457>CKLN Basic Authentication+Make sure the incoming request starts with "/path"5, strip it and pass the rest of the request path to  sublayout. If you use  in one of the endpoints for your API, this automatically requires your server-side handler to be a function that takes an argument of the type specified by . The  Content-Typep header is inspected, and the list provided is used to attempt deserialization. If the request does not have a  Content-Type header, it is treated as application/octet-stream (as specified in  2http://tools.ietf.org/html/rfc7231#section-3.1.1.5RFC7231u. This lets servant worry about extracting it from the request and turning it into a value of the type you specify.All it asks is for a FromJSON instance.Example: type MyApi = "books" :> ReqBody '[JSON] Book :> Post '[JSON] Book server :: Server MyApi server = postBook where postBook :: Book -> Handler Book postBook book = ...insert into your db...KJust pass the request to the underlying application and serve its response.Example: ^type MyApi = "images" :> Raw server :: Server MyApi server = serveDirectory "/var/www/images" If you use  "published" in one of the endpoints for your API, this automatically requires your server-side handler to be a function that takes an argument of type .Example: type MyApi = "books" :> QueryFlag "published" :> Get '[JSON] [Book] server :: Server MyApi server = getBooks where getBooks :: Bool -> Handler [Book] getBooks onlyPublished = ...return all books, or only the ones that are already published, depending on the argument... If you use  "authors" Text in one of the endpoints for your API, this automatically requires your server-side handler to be a function that takes an argument of type [Text].]This lets servant worry about looking up 0 or more values in the query string associated to authors@ and turning each of them into a value of the type you specify.=You can control how the individual values are converted from Text2 to your type by simply providing an instance of  for your type.Example: type MyApi = "books" :> QueryParams "authors" Text :> Get '[JSON] [Book] server :: Server MyApi server = getBooksBy where getBooksBy :: [Text] -> Handler [Book] getBooksBy authors = ...return all books by these authors... If you use  "author" Text in one of the endpoints for your API, this automatically requires your server-side handler to be a function that takes an argument of type  Text.This lets servant worry about looking it up in the query string and turning it into a value of the type you specify, enclosed in ?, because it may not be there and servant would then hand you .,You can control how it'll be converted from Text2 to your type by simply providing an instance of  for your type.Example: )type MyApi = "books" :> QueryParam "author" Text :> Get '[JSON] [Book] server :: Server MyApi server = getBooksBy where getBooksBy :: Maybe Text -> Handler [Book] getBooksBy Nothing = ...return all books... getBooksBy (Just author) = ...return books by the given author... If you use  in one of the endpoints for your API, this automatically requires your server-side handler to be a function that takes an argument of the type specified by u. This lets servant worry about extracting it from the request and turning it into a value of the type you specify.All it asks is for a  instance.Example: Gnewtype Referer = Referer Text deriving (Eq, Show, FromHttpApiData) -- GET /view-my-referer type MyApi = "view-my-referer" :> Header "Referer" Referer :> Get '[JSON] Referer server :: Server MyApi server = viewReferer where viewReferer :: Referer -> Handler referer viewReferer referer = return referer If you use  in one of the endpoints for your API, this automatically requires your server-side handler to be a function that takes an argument of the type specified by the n. This lets servant worry about getting it from the URL and turning it into a value of the type you specify.,You can control how it'll be converted from Text2 to your type by simply providing an instance of  for your type.Example: type MyApi = "books" :> Capture "isbn" Text :> Get '[JSON] Book server :: Server MyApi server = getBook where getBook :: Text -> Handler Book getBook isbn = ... A server for a  bF first tries to match the request against the route represented by a and if it fails tries b7. You must provide a request handler for each route. type MyApi = "books" :> Get '[JSON] [Book] -- GET /books :<|> "books" :> ReqBody Book :> Post '[JSON] Book -- POST /books server :: Server MyApi server = listAllBooks :<|> postBook where listAllBooks = ... postBook book = ...w  !"#$%&'()*+,-./012345689:;<=>?@ABCDEFGHIJKLMNOPQRSYZ[\]^_`abcdefghijklmnopqrstuvwxy None&(4>L2 allows you to implement an API and produce a wai .Example: type MyApi = "books" :> Get '[JSON] [Book] -- GET /books :<|> "books" :> ReqBody Book :> Post '[JSON] Book -- POST /books server :: Server MyApi server = listAllBooks :<|> postBook where listAllBooks = ... postBook book = ... myApi :: Proxy MyApi myApi = Proxy app :: Application app = serve myApi server main :: IO () main = Network.Wai.Handler.Warp.run 8080 app The function  produces a textual description of the internal router layout for debugging purposes. Note that the router layout is determined just by the API, not by the handlers.Example:For the following API type API = "a" :> "d" :> Get '[JSON] () :<|> "b" :> Capture "x" Int :> Get '[JSON] Bool :<|> "c" :> Put '[JSON] Bool :<|> "a" :> "e" :> Get '[JSON] Int :<|> "b" :> Capture "x" Int :> Put '[JSON] Bool :<|> Rawwe get the following output: x/ %% a/ % %% d/ % % %% " % %% e/ % %% " %% b/ % %% <capture>/ % %% " % % % %% " %% c/ % %% " % %% <raw>Explanation of symbols: %2Normal lines reflect static branching via a table.a/%Nodes reflect static path components.% "Leaves reflect endpoints. <capture>/.This is a delayed capture of a path component.<raw>8This is a part of the API we do not know anything about.%Dashed lines suggest a dynamic choice between the part above and below. If there is a success for fatal failure in the first part, that one takes precedence. If both parts fail, the "better" error code will be returned. Variant of  that takes an additional .M  !"#$%&'()*+,-./0123456GYZ[\]^_`uz{|~MG~z{|u  YZ[\]^_` !"#$%&'()*+,-./0123456 None2Serve anything under the specified directory as a  endpoint. Xtype MyApi = "static" :> Raw server :: Server MyApi server = serveDirectory "/var/www" would capture any request to /static/<something> and look for  <something> under /var/www.kIt will do its best to guess the MIME type for that file, based on the extension, and send an appropriate  Content-Type header if possible.If your goal is to serve HTML, CSS and Javascript files that use the rest of the API as a webapp backend, you will most likely not want the static files to be hidden behind a /static/+ prefix. In that case, remember to put the ( handler in the last position, because servant* will try to match the handlers in order.None      !"#$%&'()*+,-./0123456  !"#$%&'()*+,-./0123456GYZ[\]^_`uz{|~ None'+03457>KLN$Handlers for AuthProtected resources4NOTE: THIS API IS EXPERIMENTAL AND SUBJECT TO CHANGEaSpecify the type of data returned after we've authenticated a request. quite often this is some User datatype.4NOTE: THIS API IS EXPERIMENTAL AND SUBJECT TO CHANGE4NOTE: THIS API IS EXPERIMENTAL AND SUBJECT TO CHANGEKnown orphan instance.7 !"#$%&''()*+,-./0123456789:;<=>?@ABCDEFGHIJKLLMNNOPQRSTUVWXYZ[\]^_`abcdefghijkklmnopqrstuvwxyz{|}~            !"#$%&%'%()*)+),)-).)/)0)1)2)3)4)5)6)7)8)9):);)<)=)>)?)@)A)B)C)DEFEGEHEIEIJKJLJMJNJOJPJQJRJSJTJUJUJVJWJXJYZ[\]^_serva_F2NEgbg2GM63lZ1G4jPPI6ServantServant.Server.Internal.Context"Servant.Server.Internal.ServantErr*Servant.Server.Internal.RoutingApplication!Servant.Server.Internal.BasicAuthServant.Server.Internal.RouterServant.Server.Internal.EnterServant.Server.InternalServant.ServerServant.Utils.StaticFiles Servant.Server.Experimental.AuthControl.Monad.Trans.ReaderReaderTenterserveserveWithContextServant.API.WithNamedContextWithNamedContextbase Data.ProxyProxymtl_Aue4leSeVkpKLsfHIV51E8Control.Monad.Error.Class throwError NamedContextHasContextEntrygetContextEntryContext EmptyContext:.descendIntoNamedContext$fHasContextEntry:val$fHasContextEntry:val0 $fEqContext $fEqContext0 $fShowContext$fShowContext0Handler ServantErr errHTTPCodeerrReasonPhraseerrBody errHeadersresponseServantErrerr300err301err302err303err304err305err307err400err401err402err403err404err405err406err407err409err410err411err412err413err414err415err416err417err500err501err502err503err504err505$fExceptionServantErr DelayedIO runDelayedIODelayed capturesDmethodDauthDbodyDserverD RouteResultFail FailFatalRouteRoutingApplication toApplication emptyDelayed delayedFaildelayedFailFatal withRequest addCaptureaddMethodCheck addAuthCheck addBodyCheckaddAcceptCheck passToServer runDelayed runAction$fMonadIODelayedIO$fMonadDelayedIO$fApplicativeDelayedIO$fFunctorDelayedIO$fFunctorDelayedBasicAuthCheckunBasicAuthCheckBasicAuthResult Unauthorized BadPassword NoSuchUser AuthorizedmkBAChallengerHdr decodeBAHdr runBasicAuthRouterStructureStaticRouterStructureCaptureRouterStructureRawRouterStructureChoiceStructureRouter' StaticRouter CaptureRouter RawRouterChoiceRouter pathRouter leafRouterchoicerouterStructure sameStructure routerLayout tweakResponse runRouter runRouterEnv runChoice worseHTTPCode:~>NatunNatEnterliftNat runReaderTNatevalStateTLNatevalStateTSNatlogWriterTSNatlogWriterTLNathoistNatembedNat squashNat generalizeNat $fEnterm:~>n$fCategory(->):~>$fEnter(->)arg(->)$fEnter:<|>arg1:<|>Server HasServerServerTrouteallowedMethodHead allowedMethodprocessMethodRouter methodCheck acceptCheck methodRoutermethodRouterHeaders ct_wildcard#$fHasServer*WithNamedContextcontext$fHasServer*:>context$fHasServer*:>context0$fHasServer*:>context1$fHasServer*:>context2$fHasServer*:>context3$fHasServer*:>context4$fHasServer*:>context5$fHasServer*Rawcontext$fHasServer*:>context6$fHasServer*:>context7$fHasServer*:>context8$fHasServer*:>context9$fHasServer*Verbcontext$fHasServer*Verbcontext0$fHasServer*:>context10$fHasServer*:<|>contextlayoutlayoutWithContextserveDirectory AuthHandler unAuthHandlerAuthServerData mkAuthHandlerwai_AQwO0XKEoDMDIlce1oTtHhNetwork.Wai.InternalRequesttrans_GZTjP9K5WFq01xC9BAGQpFControl.Monad.Trans.Classlift!Control.Monad.Trans.Writer.StrictWriterTmmorp_2Jm5FlYBlmjDhcU1ovZRKPControl.Monad.Morphhoistembedsquash generalizeserva_1ctJRM4YtfI86xjgxsMuatServant.API.ReqBodyReqBodyServant.API.QueryParam QueryFlagghc-prim GHC.TypesBool QueryParamshttpa_3kiLcpdXTUe4CYRpIoinpPWeb.HttpApiData.InternalFromHttpApiData QueryParamGHC.BaseMaybeNothingServant.API.HeaderHeaderServant.API.CaptureCaptureServant.API.Alternative:<|> Network.Wai ApplicationServant.API.RawRaw toQueryParamtoHeader toUrlPiece ToHttpApiDataparseQueryParam parseHeader parseUrlPiecehttpt_2kqnYpPBpbH1f4ygoPM6quNetwork.HTTP.Types.MethodPATCHOPTIONSCONNECTTRACEDELETEPUTHEADPOSTGET StdMethodNetwork.HTTP.Types.Version httpMinor httpMajor HttpVersionnetwo_DarCcUHK1BCJHlIYOjXe67 Network.URI uriFragmenturiQueryuriPath uriAuthority uriSchemeURIServant.Utils.LinkssafeLinklinkURILinkOrIsElem'IsElemtoLinkMkLinkHasLinkServant.API.Sub:>Servant.API.ResponseHeadersgetHeadersHList getResponseHeadersHConsHNilHListbuildHeadersToBuildHeadersTo getHeaders GetHeaders addHeader AddHeaderUndecodableHeader MissingHeaderServant.API.RemoteHost RemoteHostServant.API.IsSecure NotSecureSecureIsSecureServant.API.VerbsVerbGetPostPutDeletePatch PostCreated GetAccepted PostAcceptedDeleteAccepted PatchAccepted PutAcceptedGetNonAuthoritativePostNonAuthoritativeDeleteNonAuthoritativePatchNonAuthoritativePutNonAuthoritative GetNoContent PostNoContentDeleteNoContentPatchNoContent PutNoContentGetResetContentPostResetContentGetPartialContent reflectMethod ReflectMethodServant.API.BasicAuth BasicAuthbasicAuthPasswordbasicAuthUsername BasicAuthDataServant.API.ContentTypesJSON PlainTextFormUrlEncoded OctetStream contentTypeAccept mimeRender MimeRender mimeUnrender MimeUnrender NoContenttoFormUrlEncodedToFormUrlEncodedfromFormUrlEncodedFromFormUrlEncodedServant.API.Experimental.Auth AuthProtectvault_Ds02DFWDupK8kyaJ6uM5fAData.Vault.LazyVault