From 54c461d158e902d00d7246439ef83a7a49c1ab12 Mon Sep 17 00:00:00 2001 From: Marco Zocca Date: Sat, 17 Jun 2023 22:04:32 +0200 Subject: [PATCH] CI --- .github/workflows/haskell.yml | 2 +- ms-graph-api.cabal | 2 +- src/Network/OAuth2/Session.hs | 8 ++++---- stack.yaml | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/haskell.yml b/.github/workflows/haskell.yml index cad9635..0d8bae6 100644 --- a/.github/workflows/haskell.yml +++ b/.github/workflows/haskell.yml @@ -22,7 +22,7 @@ jobs: uses: actions/checkout@v3 - name: Setup compiler, build and test run: | - stack build --resolver ${{ matrix.stack-resolver }} + stack build --silent --resolver ${{ matrix.stack-resolver }} stack test # - name: Setup Haskell tools diff --git a/ms-graph-api.cabal b/ms-graph-api.cabal index 66e480b..6436f7d 100644 --- a/ms-graph-api.cabal +++ b/ms-graph-api.cabal @@ -32,7 +32,7 @@ library , aeson , bytestring , containers - , hoauth2 >= 2.6.0 + , hoauth2 == 2.6.0 , http-client , http-conduit , http-types diff --git a/src/Network/OAuth2/Session.hs b/src/Network/OAuth2/Session.hs index c194165..8ab6d60 100644 --- a/src/Network/OAuth2/Session.hs +++ b/src/Network/OAuth2/Session.hs @@ -37,9 +37,8 @@ import qualified Data.Map as M (Map, insert, lookup, alter) -- -- heaps -- import qualified Data.Heap as H (Heap, empty, null, size, insert, viewMin, deleteMin, Entry(..), ) -- hoauth2 -import Network.OAuth.OAuth2 (OAuth2Token(..)) +import Network.OAuth.OAuth2 (OAuth2Token(..), AccessToken(..), ExchangeToken(..), RefreshToken(..), OAuth2Error, IdToken(..)) import Network.OAuth2.Experiment (IdpUserInfo, conduitUserInfoRequest, mkAuthorizeRequest, conduitTokenRequest, conduitRefreshTokenRequest, HasRefreshTokenRequest(..), WithExchangeToken, IdpApplication(..), GrantTypeFlow(..)) -import Network.OAuth.OAuth2.Internal (AccessToken(..), ExchangeToken(..), RefreshToken(..), OAuth2Error, IdToken(..)) import Network.OAuth.OAuth2.TokenRequest (Errors) -- http-client import Network.HTTP.Client (Manager) @@ -78,7 +77,7 @@ type Scotty = ScottyT TL.Text -- -- https://learn.microsoft.com/en-us/azure/app-service/configure-authentication-user-identities#access-user-claims-in-app-code --- | The JWT identity token extracted from the headers injected by App Service can be decoded for its claims e.g. @sub@ (which is unique for each user for a given app) +-- | The JWT identity token from the @X-MS-TOKEN-AAD-ID-TOKEN@ header injected by App Service can be decoded for its claims e.g. @sub@ (which is unique for each user for a given app) -- -- https://bogdan.bynapse.com/azure/the-app-service-token-store-was-added-to-app-service-authentication-authorization-and-it-is-a-repository-of-oauth-tokens-associated-with-your-app-users-when-a-user-logs-into-your-app-via-an-iden/ -- @@ -209,7 +208,8 @@ refreshLoop :: (MonadUnliftIO m, Ord uid, HasRefreshTokenRequest a) => refreshLoop ts idpApp mgr uid oaToken = forkFinally (act oaToken) cleanup where cleanup = \case - Left _ -> pure () -- FIXME what to do in case of auth errors? + Left _ -> do + expireUser ts uid -- auth error(s), remove user from memory Right _ -> pure () act oat = do ein <- updateToken ts uid oat -- replace new token in memory diff --git a/stack.yaml b/stack.yaml index 9bf81ca..ceb9350 100644 --- a/stack.yaml +++ b/stack.yaml @@ -36,11 +36,11 @@ packages: # forks / in-progress versions pinned to a git hash. For extra: # extra-deps: -# - hoauth2-2.6.0 +- hoauth2-2.6.0 - validation-selective-0.2.0.0 - selective-0.6 -allow-newer: true +# allow-newer: true # - acme-missiles-0.3