aboutsummaryrefslogtreecommitdiff
path: root/src/Sproxy/Application/OAuth2/Common.hs
blob: 0324e6210f3b52e6ca5f8157b7b66bce027652c5 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
{-# LANGUAGE OverloadedStrings #-}
module Sproxy.Application.OAuth2.Common (
  AccessTokenBody(..)
, OAuth2Client(..)
, OAuth2Provider
) where

import Control.Applicative (empty)
import Data.Aeson (FromJSON, parseJSON, Value(Object), (.:))
import Data.ByteString(ByteString)
import Data.Text (Text)

import Sproxy.Application.Cookie (AuthUser)

data OAuth2Client = OAuth2Client {
  oauth2Description :: String
, oauth2AuthorizeURL
    :: ByteString -- state
    -> ByteString -- redirect url
    -> ByteString
, oauth2Authenticate
    :: ByteString -- code
    -> ByteString -- redirect url
    -> IO AuthUser
}

type OAuth2Provider = (ByteString, ByteString) -> OAuth2Client

-- | RFC6749. We ignore optional token_type ("Bearer" from Google, omitted by LinkedIn)
--   and expires_in because we don't use them, *and* expires_in creates troubles:
--   it's an integer from Google and string from LinkedIn (sic!)
data AccessTokenBody = AccessTokenBody {
  accessToken :: Text
} deriving (Eq, Show)

instance FromJSON AccessTokenBody where
  parseJSON (Object v) = AccessTokenBody
    <$> v .:  "access_token"
  parseJSON _ = empty