packages feed

google-oauth2-jwt 0.1.0.0 → 0.1.1.0

raw patch · 2 files changed

+10/−13 lines, 2 filesPVP: major bump suggested

API removals or changes: PVP suggests a major version bump

API changes (from Hackage documentation)

- Network.Google.OAuth2.JWT: getJWT :: Email -> Maybe Email -> [Scope] -> Maybe Int -> PrivateKey -> IO (Either String ByteString)
+ Network.Google.OAuth2.JWT: getSignedJWT :: Email -> Maybe Email -> [Scope] -> Maybe Int -> PrivateKey -> IO (Either String ByteString)

Files

google-oauth2-jwt.cabal view
@@ -1,5 +1,5 @@ name:                google-oauth2-jwt-version:             0.1.0.0+version:             0.1.1.0 synopsis:            Get a signed JWT for Google Service Accounts description:         Please see README.md homepage:            https://github.com/MichelBoucey/google-oauth2-jwt
src/Network/Google/OAuth2/JWT.hs view
@@ -12,7 +12,7 @@ import qualified Data.ByteString            as B import           Data.ByteString.Base64.URL (encode) import           Data.ByteString.Lazy       (fromStrict, toStrict)-import           Data.Maybe                 (fromJust)+import           Data.Maybe                 (fromMaybe, fromJust) import           Data.Monoid                ((<>)) import qualified Data.Text                  as T import           Data.Text.Encoding@@ -37,7 +37,7 @@ fromPEMString :: String -> IO PrivateKey fromPEMString s =     fromJust . toKeyPair <$> readPrivateKey s PwNone-        >>= \k -> return $ PrivateKey+        >>= \k -> return PrivateKey             { private_pub =                   PublicKey { public_size = rsaSize k                             , public_n    = rsaN k@@ -56,7 +56,7 @@ -- -- >grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion= ---getJWT :: Email+getSignedJWT :: Email        -- ^ The email address of the service account.        -> Maybe Email        -- ^ The email address of the user for which the@@ -69,18 +69,15 @@        -- ^ The private key obtained from the Google API Console.        -> IO (Either String B.ByteString)        -- ^ Either an error message or a signed JWT.-getJWT iss msub scopes mexp privateKey = do-    let expt = fromIntegral $-                  case mexp of-                      Just e  -> e-                      Nothing -> 3600+getSignedJWT iss msub scopes mexp privateKey = do+    let expt = fromIntegral $ fromMaybe 3600 mexp     cs <- jwtClaimsSet               (maybe T.empty (\s -> "\"sub\":\"" <> s <> "\",") msub) expt     let i = jwtHeader <> "." <> cs-    return $ do+    return $         if expt > 0 && expt <= 3600 then             case rsassa_pkcs1_v1_5_sign hashSHA256 privateKey (fromStrict i) of-                Right s -> Right $ i <> "." <> (encode $ toStrict s)+                Right s -> Right $ i <> "." <> encode (toStrict s)                 Left _  -> Left "RSAError"                                     else Left "Bad expiration time"   where@@ -96,6 +93,6 @@             <> T.intercalate " " scopes <> "\",\"aud\":\"https://ww\                \w.googleapis.com/oauth2/v4/token\",\"exp\":" <> exp'             <> ",\"iat\":" <> iat' <> "}"-    toText = (T.pack . show)-    toJWT = (encode . encodeUtf8)+    toText = T.pack . show+    toJWT = encode . encodeUtf8