This module contains support for the OpenID authentication standard. See http://www.openid.net for details of the protocol. At the moment, only the basic v2 authentication is supported. Also, we only support OpenID 2.0 HTML discovery, not Yadis nor XRI.
Only DH-SHA1 is used for the cryptography. This used to be SHA256, but Yahoo doesn't support it (boo!)
References in this module are to the OpenID v2 spec http://openid.net/specs/openid-authentication-2_0.html
- data OpenIDDiscovery = OpenIDDiscovery {}
- data CheckIDType
- data Handle
- data Key
- findKey :: ByteString -> Handle -> STM (Maybe Key)
- discover :: URL -> IO OpenIDDiscovery
- associate :: OpenIDDiscovery -> IO (Handle, Key)
- checkID :: CheckIDType -> URL -> OpenIDDiscovery -> Handle -> ByteString -> Maybe ByteString -> URL
- processCheckIDReply :: Map ByteString ByteString -> IO (Either String ByteString)
Types
data OpenIDDiscovery Source
This is the result of Discovery: the OP local identity and the server HTTP endpoint.
data CheckIDType Source
There are two types of checkid calls.
The type of an OpenID handle. Handles are used to identify sessions between the consumer and OP.
Actions
findKey :: ByteString -> Handle -> STM (Maybe Key)Source
Lookup a key given the hostname of the OP and the handle. Generally used after an indirect request to check a signature from an OP.
discover :: URL -> IO OpenIDDiscoverySource
Use HTML discovery to find the OpenID information for a given URL
associate :: OpenIDDiscovery -> IO (Handle, Key)Source
Perform an association with a discovered OP and return either an error message or a handle, a key and the number of seconds from now when the handle will expire.
Internally this uses a cache so associate
may not actually involve an
HTTP request to the OP.
:: CheckIDType | |
-> URL | claimed id |
-> OpenIDDiscovery | OP-local id |
-> Handle | assoc handle |
-> ByteString | return to URL |
-> Maybe ByteString | trust realm |
-> URL | URL |
Construct a checkid call
:: Map ByteString ByteString | the arguments |
-> IO (Either String ByteString) |