{-# LANGUAGE FlexibleContexts #-} {-# LANGUAGE OverloadedStrings #-} {-# LANGUAGE QuasiQuotes #-} module Authenticate ( logout , loginPage , redirectToLoginPage , validAuth ) where import Data.ByteString (ByteString) import Data.Monoid ((<>)) import Network.HTTP.Toolkit (Response, BodyReader) import Network.HTTP.Types (found302, ok200, urlEncode) import System.Posix.Time (epochTime) import Text.InterpolatedString.Perl6 (qc) import Text.Read (readMaybe) import qualified Data.ByteString.UTF8 as UTF8 import Authenticate.Token (AuthToken(..), tokenDigest) import Authenticate.Types (AuthConfig(..)) import Cookies (invalidateCookie) import HTTP (mkResponse, mkHtmlResponse) import qualified Authenticate.Google as Google import qualified Authenticate.LinkedIn as LinkedIn redirectToLoginPage :: ByteString -> ByteString -> IO (Response BodyReader) redirectToLoginPage base path = mkResponse found302 [ ("Location", base <> "/sproxy/login?state=" <> urlEncode True path) ] "" loginPage :: AuthConfig -> ByteString -> ByteString -> IO (Response BodyReader) loginPage c base path = mkHtmlResponse ok200 body where google :: ByteString google = maybe "" (\u -> [qc|
|]) (Google.authUrl c base path) linkedin :: ByteString linkedin = maybe "" (\u -> [qc||]) (LinkedIn.authUrl c base path) body = [qc|