blob: ae96e6839778f8f3661b949447c4839890766c79 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
{-# LANGUAGE OverloadedStrings #-}
module Sproxy.Application.OAuth2.Common
( AccessTokenBody(..)
, OAuth2Client(..)
, OAuth2Provider
) where
import Control.Applicative (empty)
import Data.Aeson (FromJSON, Value(Object), (.:), parseJSON)
import Data.ByteString (ByteString)
import Data.Text (Text)
import Sproxy.Application.Cookie (AuthUser)
data OAuth2Client = OAuth2Client
{ oauth2Description :: String
, oauth2AuthorizeURL :: ByteString -- state
-> ByteString -- redirect url
-> ByteString
, oauth2Authenticate :: ByteString -- code
-> ByteString -- redirect url
-> IO AuthUser
}
type OAuth2Provider = (ByteString, ByteString) -> OAuth2Client
-- | RFC6749. We ignore optional token_type ("Bearer" from Google, omitted by LinkedIn)
-- and expires_in because we don't use them, *and* expires_in creates troubles:
-- it's an integer from Google and string from LinkedIn (sic!)
data AccessTokenBody = AccessTokenBody
{ accessToken :: Text
} deriving (Eq, Show)
instance FromJSON AccessTokenBody where
parseJSON (Object v) = AccessTokenBody <$> v .: "access_token"
parseJSON _ = empty
|