-- | <<images/oz.png>>
--
-- Oz is a web authorization protocol based on industry best
-- practices. Oz combines the "Network.Hawk" authentication protocol
-- with the "Network.Iron" encryption protocol to provide a simple to
-- use and secure solution for granting and authenticating third-party
-- access to an API on behalf of a user or an application.
--
-- For making Oz-authenticated requests, import the
-- "Network.Oz.Client" module, which provides wrappers around
-- "Network.Wreq".
--
-- When implementing an Oz-authenticated application, import
-- "Network.Oz.Application" and use 'Network.Oz.Application.ozApp' to
-- provide a WAI 'Network.Wai.Application' and plug it into your
-- application. The endpoints will handle issuing tickets.
--
-- 'Network.Oz.Server.authenticate' checks tickets provided with
-- 'Network.Wai.Request's.
--
-- == How it works
--
-- 1. The application uses its previously issued Hawk credentials to
--    authenticate with the server and request an application
--    ticket. If valid, the server issues an application ticket. (see
--    'Network.Oz.Application.app' endpoint)
-- 2. The application directs the user to grant it authorization by
--    providing the user with its application identifier. The user
--    authenticates with the server, reviews the authorization grant
--    and its scope, and if approved the server returns an rsvp. (see
--    'Network.Oz.Ticket.rsvp' function)
-- 3. The user returns to the application with the rsvp which the
--    application uses to request a new user-specific ticket. If
--    valid, the server returns a new ticket. (see
--    'Network.Oz.Application.rsvp' endpoint)
-- 4. The application uses the user-ticket to access the user's
--    protected resources. (see 'Network.Oz.Server.authenticate'
--    function)
--

module Network.Oz
  ( module Network.Oz.Types
  ) where

import           Network.Oz.Types