Portability | non-portable |
---|---|
Stability | experimental |
Maintainer | me@jspha.com |
Safe Haskell | None |
Network.OAuth provides simple OAuth signed requests atop Network.HTTP.Client. This module exports a simplified interface atop the monadic interface defined in Network.OAuth.Stateful.
If more control is needed, the low-level functions for creating, customizing,
and managing OAuth Cred
entials, Token
s, and parameter sets (Oa
)
are using them to sign Request
s are
available in Network.OAuth.Types.Params,
Network.OAuth.Types.Credentials, and Network.OAuth.Signing.
- oauth :: MonadIO m => Request -> OAuthT ty m Request
- simpleOAuth :: (MonadIO m, MonadCatch m) => String -> Params -> OAuthT ty m (Response ByteString)
- data Params
- type Query = [QueryItem]
- type QueryItem = (ByteString, Maybe ByteString)
- data OAuthT ty m a
- runOAuthT :: (MonadIO m, MonadCatch m) => Cred ty -> Server -> OAuthT ty m a -> m a
- runOAuthT' :: (MonadIO m, MonadCatch m) => ManagerSettings -> Cred ty -> Server -> OAuthT ty m a -> m a
- data Server = Server {}
- data ParameterMethod
- data SignatureMethod
- data Version
- defaultServer :: Server
- data Permanent
- data Temporary
- data Client
- data Cred ty
- data Token ty = Token !Key !Secret
- clientCred :: Token Client -> Cred Client
- temporaryCred :: Token Temporary -> Cred Client -> Cred Temporary
- permanentCred :: Token Permanent -> Cred Client -> Cred Permanent
- key :: Lens (Token ty) (Token ty) Key Key
- secret :: Lens (Token ty) (Token ty) Secret Secret
- clientToken :: Lens (Cred ty) (Cred ty) (Token Client) (Token Client)
- resourceToken :: (ResourceToken ty, ResourceToken ty') => Lens (Cred ty) (Cred ty') (Token ty) (Token ty')
The basic monadic API
oauth :: MonadIO m => Request -> OAuthT ty m RequestSource
Generate default OAuth parameters and use them to sign a request. This is the simplest OAuth method.
Simplified requests layer
simpleOAuth :: (MonadIO m, MonadCatch m) => String -> Params -> OAuthT ty m (Response ByteString)Source
Send an OAuth GET request to a particular URI. Throws an exception if the URI cannot be parsed or if errors occur during the request.
Params
quickly set the parameterization of a Request
, either
a GET
request with a query string or a POST
request with
a www-form-urlencoded
body.
Query.
General form: a=b&c=d, but if the value is Nothing, it becomes a&c=d.
type QueryItem = (ByteString, Maybe ByteString)
Query item
OAuth Monad
A simple monad suitable for basic OAuth requests.
runOAuthT' :: (MonadIO m, MonadCatch m) => ManagerSettings -> Cred ty -> Server -> OAuthT ty m a -> m aSource
OAuth Configuration
The Server
information contains details which parameterize how a
particular server wants to interpret OAuth requests.
data ParameterMethod Source
The OAuth spec suggest that the OAuth parameter be passed via the
Authorization
header, but allows for other methods of
transmission (see section 3.5. Parameter Transmission) so we
select the 'Server'\'s preferred method with this type.
AuthorizationHeader | Place the |
RequestEntityBody | Augment the |
QueryString | Augment the |
data SignatureMethod Source
OAuth has progressed through several versions since its inception. In particular, there are two community editions "OAuth Core 1.0" (2007) and "OAuth Core 1.0a" (2009) along with the IETF Official version RFC 5849 (2010) which is confusingly named OAuth 1.0.
/Servers which only implement the obsoleted community edition "OAuth Core 1.0" are susceptible to a session fixation attack./
If at all possible, choose the RFC 5849 version (the OAuth1
value) as
it is the modern standard. Some servers may only be compliant with an
earlier OAuth version---this should be tested against each server, in
particular the protocols defined in Network.OAuth.ThreeLegged.
OAuthCommunity1 | OAuth Core 1.0 Community Edition |
OAuthCommunity1a | OAuth Core 1.0 Community Edition, Revision A |
OAuth1 | RFC 5849 |
The default Server
parameterization uses OAuth recommended parameters.
Credential managerment
Temporary
Token
s and Cred
entials are created during authorization
protocols and are rarely meant to be kept for more than a few minutes.
Typically they are authorized to access only a very select set of server
resources. During "three-legged authorization" in OAuth 1.0 they are used
to generate the authorization request URI the client sends and, after that,
in the Permanent
Token
request.
Typeable1 Token | |
Eq (Token ty) | |
Data ty => Data (Token ty) | |
Ord (Token ty) | |
Show (Token ty) | |
ToJSON (Token ty) | Produces a JSON object using keys named |
FromJSON (Token ty) | Parses a JSON object with keys |
Access lenses
resourceToken :: (ResourceToken ty, ResourceToken ty') => Lens (Cred ty) (Cred ty') (Token ty) (Token ty')Source