Maintainer | krdlab@gmail.com |
---|---|
Stability | experimental |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Synopsis
- getAuthenticationRequestUrl :: (MonadThrow m, MonadCatch m) => OIDC -> Scope -> Maybe State -> Parameters -> m URI
- getValidTokens :: (MonadThrow m, MonadCatch m, MonadIO m, FromJSON a) => SessionStore m -> OIDC -> Manager -> State -> Code -> m (Tokens a)
- prepareAuthenticationRequestUrl :: (MonadThrow m, MonadCatch m) => SessionStore m -> OIDC -> Scope -> Parameters -> m URI
- requestTokens :: FromJSON a => OIDC -> Maybe Nonce -> Code -> Manager -> IO (Tokens a)
- validateClaims :: Text -> Text -> IntDate -> Maybe Nonce -> IdTokenClaims a -> IO ()
- getCurrentIntDate :: IO IntDate
Documentation
getAuthenticationRequestUrl Source #
:: (MonadThrow m, MonadCatch m) | |
=> OIDC | |
-> Scope | used to specify what are privileges requested for tokens. (use |
-> Maybe State | used for CSRF mitigation. (recommended parameter) |
-> Parameters | Optional parameters |
-> m URI |
Warning: This function doesn't manage state and nonce. Use prepareAuthenticationRequestUrl only unless your IdP doesn't support state and/or nonce.
Make URL for Authorization Request.
getValidTokens :: (MonadThrow m, MonadCatch m, MonadIO m, FromJSON a) => SessionStore m -> OIDC -> Manager -> State -> Code -> m (Tokens a) Source #
Get and validate access token and with code and state stored in the SessionStore
.
Then deletes session info by sessionStoreDelete
.
prepareAuthenticationRequestUrl Source #
:: (MonadThrow m, MonadCatch m) | |
=> SessionStore m | |
-> OIDC | |
-> Scope | used to specify what are privileges requested for tokens. (use |
-> Parameters | Optional parameters |
-> m URI |
Make URL for Authorization Request after generating state and nonce from SessionStore
.
requestTokens :: FromJSON a => OIDC -> Maybe Nonce -> Code -> Manager -> IO (Tokens a) Source #
Warning: This function doesn't manage state and nonce. Use getValidTokens only unless your IdP doesn't support state and/or nonce.
Request and validate tokens.
This function requests ID Token and Access Token to a OP's token endpoint, and validates the received ID Token.
Returned Tokens
value is a valid.
If a HTTP error has occurred or a tokens validation has failed, this function throws OpenIdException
.
For testing
validateClaims :: Text -> Text -> IntDate -> Maybe Nonce -> IdTokenClaims a -> IO () Source #
getCurrentIntDate :: IO IntDate Source #