-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Marco Zocca
committed
Oct 4, 2023
1 parent
6811525
commit 71e8f49
Showing
13 changed files
with
1,919 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
-- | A lightweight oauth2 Haskell binding. | ||
-- See Readme for more details | ||
-- | ||
module Network.OAuth.OAuth2 | ||
( module Network.OAuth.OAuth2.HttpClient, | ||
module Network.OAuth.OAuth2.AuthorizationRequest, | ||
module Network.OAuth.OAuth2.TokenRequest, | ||
module Network.OAuth.OAuth2.Internal, | ||
) | ||
where | ||
|
||
{- | ||
Hiding Errors data type from default. | ||
Shall qualified import given the naming collision. | ||
-} | ||
import Network.OAuth.OAuth2.AuthorizationRequest hiding (Errors(..)) | ||
import Network.OAuth.OAuth2.HttpClient | ||
import Network.OAuth.OAuth2.Internal | ||
import Network.OAuth.OAuth2.TokenRequest hiding (Errors(..)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
{-# LANGUAGE DeriveGeneric #-} | ||
{-# LANGUAGE OverloadedStrings #-} | ||
|
||
-- | Bindings Authorization part of The OAuth 2.0 Authorization Framework | ||
-- RFC6749 <https://www.rfc-editor.org/rfc/rfc6749> | ||
module Network.OAuth.OAuth2.AuthorizationRequest where | ||
|
||
import Data.Aeson | ||
import Data.Function (on) | ||
import qualified Data.List as List | ||
import qualified Data.Text.Encoding as T | ||
import GHC.Generics (Generic) | ||
import Lens.Micro (over) | ||
import Network.OAuth.OAuth2.Internal | ||
import URI.ByteString | ||
|
||
-------------------------------------------------- | ||
|
||
-- * Errors | ||
|
||
-------------------------------------------------- | ||
|
||
instance FromJSON Errors where | ||
parseJSON = genericParseJSON defaultOptions {constructorTagModifier = camelTo2 '_', allNullaryToStringTag = True} | ||
|
||
instance ToJSON Errors where | ||
toEncoding = genericToEncoding defaultOptions {constructorTagModifier = camelTo2 '_', allNullaryToStringTag = True} | ||
|
||
-- | Authorization Code Grant Error Responses https://tools.ietf.org/html/rfc6749#section-4.1.2.1 | ||
-- I found hard time to figure a way to test the authorization error flow | ||
-- When anything wrong in @/authorize@ request (redirect to OAuth2 provider), | ||
-- it will end-up at the Provider page hence no way for this library to parse error response. | ||
-- In other words, @/authorize@ ends up with 4xx or 5xx. | ||
-- Revisit this whenever find a case OAuth2 provider redirects back to Relying party with errors. | ||
data Errors | ||
= InvalidRequest | ||
| UnauthorizedClient | ||
| AccessDenied | ||
| UnsupportedResponseType | ||
| InvalidScope | ||
| ServerError | ||
| TemporarilyUnavailable | ||
deriving (Show, Eq, Generic) | ||
|
||
-------------------------------------------------- | ||
|
||
-- * URLs | ||
|
||
-------------------------------------------------- | ||
|
||
-- | See 'authorizationUrlWithParams' | ||
authorizationUrl :: OAuth2 -> URI | ||
authorizationUrl = authorizationUrlWithParams [] | ||
|
||
-- | Prepare the authorization URL. Redirect to this URL | ||
-- asking for user interactive authentication. | ||
-- | ||
-- @since 2.6.0 | ||
authorizationUrlWithParams :: QueryParams -> OAuth2 -> URI | ||
authorizationUrlWithParams qs oa = over (queryL . queryPairsL) (++ queryParts) (oauth2AuthorizeEndpoint oa) | ||
where | ||
queryParts = | ||
List.nubBy ((==) `on` fst) $ | ||
qs | ||
++ [ ("client_id", T.encodeUtf8 $ oauth2ClientId oa), | ||
("response_type", "code"), | ||
("redirect_uri", serializeURIRef' $ oauth2RedirectUri oa) | ||
] |
Oops, something went wrong.