packages feed

google-oauth2-jwt 0.1.2.1 → 0.1.3

raw patch · 3 files changed

+24/−25 lines, 3 filesdep ~HsOpenSSLdep ~RSAdep ~base64-bytestringPVP ok

version bump matches the API change (PVP)

Dependency ranges changed: HsOpenSSL, RSA, base64-bytestring, bytestring, text, unix-time

API changes (from Hackage documentation)

Files

README.md view
@@ -1,6 +1,6 @@-# Google-oauth-jwt [![Build Status](https://travis-ci.org/MichelBoucey/google-oauth2-jwt.svg?branch=master)](https://travis-ci.org/MichelBoucey/google-oauth2-jwt)+# Google-oauth2-jwt [![Build Status](https://travis-ci.org/MichelBoucey/google-oauth2-jwt.svg?branch=master)](https://travis-ci.org/MichelBoucey/google-oauth2-jwt) -Google-oauth-jwt implements the creation of the signed JWT for Google Service Accounts,+Google-oauth2-jwt implements the creation of the signed JWT for Google Service Accounts, to make authorized calls to Google APIs from server to server. All details here:  - [https://developers.google.com/identity/protocols/OAuth2ServiceAccount](https://developers.google.com/identity/protocols/OAuth2ServiceAccount)
google-oauth2-jwt.cabal view
@@ -1,5 +1,5 @@ name:                google-oauth2-jwt-version:             0.1.2.1+version:             0.1.3 synopsis:            Get a signed JWT for Google Service Accounts description:         Please see README.md homepage:            https://github.com/MichelBoucey/google-oauth2-jwt@@ -17,12 +17,13 @@   hs-source-dirs:   src   exposed-modules:  Network.Google.OAuth2.JWT   build-depends:    base >= 4.7 && < 5-                  , base64-bytestring >= 1.0.0.1-                  , bytestring >= 0.10.6.0-                  , HsOpenSSL >= 0.11.1.1-                  , RSA >= 2.2.0-                  , text >= 1.2.2.0-                  , unix-time >= 0.3.6+                  , base64-bytestring   >= 1.0.0 && < 1.1+                  , bytestring          >= 0.10.6 && < 0.11+                  , HsOpenSSL           >= 0.11.1.1 && < 0.12+                  , RSA                 >= 2.1.0.3 && < 2.3+                  , text                >= 1.2.2 && < 1.3+                  , unix-time           >= 0.3.6 && < 0.4+   default-language: Haskell2010   GHC-options:      -Wall 
src/Network/Google/OAuth2/JWT.hs view
@@ -84,29 +84,27 @@              -- Google API Console.              -> IO (Either String B.ByteString)              -- ^ Either an error message or a signed JWT.-getSignedJWT iss msub scopes met privateKey = do-  let et = fromIntegral $ fromMaybe 3600 met-  if et >= 1 && et <= 3600+getSignedJWT iss msub scs mxt pk = do+  let xt = fromIntegral (fromMaybe 3600 mxt)+  if xt >= 1 && xt <= 3600     then do-      cs <--        jwtClaimsSet-          (maybe T.empty (\s -> "\"sub\":\"" <> s <> "\",") msub) et+      cs <- do+        let s = maybe T.empty (\e -> "\"sub\":\"" <> e <> "\",") msub+        (t',xt') <- getUnixTime >>=+          \t -> return (toText (utSeconds t),toText (utSeconds t + CTime xt))+        return $+          toJWT $+            "{\"iss\":\"" <> iss <> "\"," <> s <> "\"scope\":\"" <>+            T.intercalate " " scs <> "\",\"aud\":\"https://www.goo\+            \gleapis.com/oauth2/v4/token\",\"exp\":" <> xt' <> ",\"\+            \iat\":" <> t' <> "}"       let i = toJWT "{\"alg\":\"RS256\",\"typ\":\"JWT\"}" <> "." <> cs       return $-        case rsassa_pkcs1_v1_5_sign hashSHA256 privateKey (fromStrict i) of+        case rsassa_pkcs1_v1_5_sign hashSHA256 pk (fromStrict i) of           Right s -> Right (i <> "." <> encode (toStrict s))           Left _  -> Left "RSAError"     else fail "Bad expiration time"   where-    jwtClaimsSet s e = do-      (exp',iat') <- getUnixTime >>=-        \t -> return (toText (utSeconds t + CTime e),toText (utSeconds t))-      return $-        toJWT $-          "{\"iss\":\"" <> iss <> "\"," <> s <> "\"scope\":\""-          <> T.intercalate " " scopes <> "\",\"aud\":\"https:\-          \//www.googleapis.com/oauth2/v4/token\",\"exp\":" <>-          exp' <> ",\"iat\":" <> iat' <> "}"     toText = T.pack . show     toJWT = encode . encodeUtf8