google-oauth2-jwt 0.1.2.1 → 0.1.3
raw patch · 3 files changed
+24/−25 lines, 3 filesdep ~HsOpenSSLdep ~RSAdep ~base64-bytestringPVP ok
version bump matches the API change (PVP)
Dependency ranges changed: HsOpenSSL, RSA, base64-bytestring, bytestring, text, unix-time
API changes (from Hackage documentation)
Files
- README.md +2/−2
- google-oauth2-jwt.cabal +8/−7
- src/Network/Google/OAuth2/JWT.hs +14/−16
README.md view
@@ -1,6 +1,6 @@-# Google-oauth-jwt [](https://travis-ci.org/MichelBoucey/google-oauth2-jwt)+# Google-oauth2-jwt [](https://travis-ci.org/MichelBoucey/google-oauth2-jwt) -Google-oauth-jwt implements the creation of the signed JWT for Google Service Accounts,+Google-oauth2-jwt implements the creation of the signed JWT for Google Service Accounts, to make authorized calls to Google APIs from server to server. All details here: - [https://developers.google.com/identity/protocols/OAuth2ServiceAccount](https://developers.google.com/identity/protocols/OAuth2ServiceAccount)
google-oauth2-jwt.cabal view
@@ -1,5 +1,5 @@ name: google-oauth2-jwt-version: 0.1.2.1+version: 0.1.3 synopsis: Get a signed JWT for Google Service Accounts description: Please see README.md homepage: https://github.com/MichelBoucey/google-oauth2-jwt@@ -17,12 +17,13 @@ hs-source-dirs: src exposed-modules: Network.Google.OAuth2.JWT build-depends: base >= 4.7 && < 5- , base64-bytestring >= 1.0.0.1- , bytestring >= 0.10.6.0- , HsOpenSSL >= 0.11.1.1- , RSA >= 2.2.0- , text >= 1.2.2.0- , unix-time >= 0.3.6+ , base64-bytestring >= 1.0.0 && < 1.1+ , bytestring >= 0.10.6 && < 0.11+ , HsOpenSSL >= 0.11.1.1 && < 0.12+ , RSA >= 2.1.0.3 && < 2.3+ , text >= 1.2.2 && < 1.3+ , unix-time >= 0.3.6 && < 0.4+ default-language: Haskell2010 GHC-options: -Wall
src/Network/Google/OAuth2/JWT.hs view
@@ -84,29 +84,27 @@ -- Google API Console. -> IO (Either String B.ByteString) -- ^ Either an error message or a signed JWT.-getSignedJWT iss msub scopes met privateKey = do- let et = fromIntegral $ fromMaybe 3600 met- if et >= 1 && et <= 3600+getSignedJWT iss msub scs mxt pk = do+ let xt = fromIntegral (fromMaybe 3600 mxt)+ if xt >= 1 && xt <= 3600 then do- cs <-- jwtClaimsSet- (maybe T.empty (\s -> "\"sub\":\"" <> s <> "\",") msub) et+ cs <- do+ let s = maybe T.empty (\e -> "\"sub\":\"" <> e <> "\",") msub+ (t',xt') <- getUnixTime >>=+ \t -> return (toText (utSeconds t),toText (utSeconds t + CTime xt))+ return $+ toJWT $+ "{\"iss\":\"" <> iss <> "\"," <> s <> "\"scope\":\"" <>+ T.intercalate " " scs <> "\",\"aud\":\"https://www.goo\+ \gleapis.com/oauth2/v4/token\",\"exp\":" <> xt' <> ",\"\+ \iat\":" <> t' <> "}" let i = toJWT "{\"alg\":\"RS256\",\"typ\":\"JWT\"}" <> "." <> cs return $- case rsassa_pkcs1_v1_5_sign hashSHA256 privateKey (fromStrict i) of+ case rsassa_pkcs1_v1_5_sign hashSHA256 pk (fromStrict i) of Right s -> Right (i <> "." <> encode (toStrict s)) Left _ -> Left "RSAError" else fail "Bad expiration time" where- jwtClaimsSet s e = do- (exp',iat') <- getUnixTime >>=- \t -> return (toText (utSeconds t + CTime e),toText (utSeconds t))- return $- toJWT $- "{\"iss\":\"" <> iss <> "\"," <> s <> "\"scope\":\""- <> T.intercalate " " scopes <> "\",\"aud\":\"https:\- \//www.googleapis.com/oauth2/v4/token\",\"exp\":" <>- exp' <> ",\"iat\":" <> iat' <> "}" toText = T.pack . show toJWT = encode . encodeUtf8