blob: 07fb7593b2ac4e08a95b590129091d312c660e3a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
{-# LANGUAGE OverloadedStrings #-}
module Sproxy.Application.OAuth2.Common (
AccessTokenBody(..)
, OAuth2Client(..)
, OAuth2Provider
) where
import Control.Applicative (empty)
import Data.Aeson (FromJSON, parseJSON, Value(Object), (.:))
import Data.ByteString(ByteString)
import Sproxy.Application.Cookie (AuthUser)
data OAuth2Client = OAuth2Client {
oauth2Description :: String
, oauth2AuthorizeURL
:: ByteString -- state
-> ByteString -- redirect url
-> ByteString
, oauth2Authenticate
:: ByteString -- code
-> ByteString -- redirect url
-> IO AuthUser
}
type OAuth2Provider = (ByteString, ByteString) -> OAuth2Client
-- | RFC6749. We ignore optional token_type ("Bearer" from Google, omitted by LinkedIn)
-- and expires_in because we don't use them, *and* expires_in creates troubles:
-- it's an integer from Google and string from LinkedIn (sic!)
data AccessTokenBody = AccessTokenBody {
accessToken :: String
} deriving (Eq, Show)
instance FromJSON AccessTokenBody where
parseJSON (Object v) = AccessTokenBody
<$> v .: "access_token"
parseJSON _ = empty
|