module Network.TLS.Session (
    SessionManager (..),
    noSessionManager,
) where

import Network.TLS.Types

-- | A session manager
data SessionManager = SessionManager
    { SessionManager -> SessionIDorTicket -> IO (Maybe SessionData)
sessionResume :: SessionIDorTicket -> IO (Maybe SessionData)
    -- ^ Used on TLS 1.2\/1.3 servers to lookup 'SessionData' with 'SessionID' or to decrypt 'Ticket' to get 'SessionData'.
    , SessionManager -> SessionIDorTicket -> IO (Maybe SessionData)
sessionResumeOnlyOnce :: SessionIDorTicket -> IO (Maybe SessionData)
    -- ^ Used for 0RTT on TLS 1.3 servers to lookup 'SessionData' with 'SessionID' or to decrypt 'Ticket' to get 'SessionData'.
    , SessionManager
-> SessionIDorTicket -> SessionData -> IO (Maybe SessionIDorTicket)
sessionEstablish :: SessionID -> SessionData -> IO (Maybe Ticket)
    -- ^ Used TLS 1.2\/1.3 servers\/clients to store 'SessionData' with 'SessionID' or to encrypt 'SessionData' to get 'Ticket'. In the client side, 'Nothing' should be returned. For clients, only this field should be set with 'noSessionManager'.
    , SessionManager -> SessionIDorTicket -> IO ()
sessionInvalidate :: SessionID -> IO ()
    -- ^ Used TLS 1.2\/1.3 servers to delete 'SessionData' with 'SessionID' if @sessionUseTicket@ is 'True'.
    , SessionManager -> Bool
sessionUseTicket :: Bool
    -- ^ Used on TLS 1.2 servers to decide to use 'SessionID' or 'Ticket'. Note that TLS 1.3 servers always use session tickets.
    }

-- | The session manager to do nothing.
noSessionManager :: SessionManager
noSessionManager :: SessionManager
noSessionManager =
    SessionManager
        { sessionResume :: SessionIDorTicket -> IO (Maybe SessionData)
sessionResume = \SessionIDorTicket
_ -> Maybe SessionData -> IO (Maybe SessionData)
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return Maybe SessionData
forall a. Maybe a
Nothing
        , sessionResumeOnlyOnce :: SessionIDorTicket -> IO (Maybe SessionData)
sessionResumeOnlyOnce = \SessionIDorTicket
_ -> Maybe SessionData -> IO (Maybe SessionData)
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return Maybe SessionData
forall a. Maybe a
Nothing
        , sessionEstablish :: SessionIDorTicket -> SessionData -> IO (Maybe SessionIDorTicket)
sessionEstablish = \SessionIDorTicket
_ SessionData
_ -> Maybe SessionIDorTicket -> IO (Maybe SessionIDorTicket)
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return Maybe SessionIDorTicket
forall a. Maybe a
Nothing
        , sessionInvalidate :: SessionIDorTicket -> IO ()
sessionInvalidate = \SessionIDorTicket
_ -> () -> IO ()
forall a. a -> IO a
forall (m :: * -> *) a. Monad m => a -> m a
return ()
        , -- Don't send NewSessionTicket in TLS 1.2 by default.
          -- Send NewSessionTicket with SessionID in TLS 1.3 by default.
          sessionUseTicket :: Bool
sessionUseTicket = Bool
False
        }