packages feed

google-oauth2-jwt 0.3.3 → 0.3.3.1

raw patch · 4 files changed

+39/−40 lines, 4 filesdep ~HsOpenSSLdep ~RSAdep ~basePVP ok

version bump matches the API change (PVP)

Dependency ranges changed: HsOpenSSL, RSA, base, base64-bytestring, bytestring, text

API changes (from Hackage documentation)

Files

LICENSE view
@@ -1,4 +1,4 @@-google-oauth2-jwt - Copyright Michel Boucey (c) 2016-2017+google-oauth2-jwt - Copyright Michel Boucey (c) 2016-2024  All rights reserved. 
README.md view
@@ -1,4 +1,4 @@-# Google-oauth2-jwt [![Build Status](https://travis-ci.org/MichelBoucey/google-oauth2-jwt.svg?branch=master)](https://travis-ci.org/MichelBoucey/google-oauth2-jwt)+# Google-oauth2-jwt ![CI](https://github.com/MichelBoucey/google-oauth2-jwt/actions/workflows/haskell-ci.yml/badge.svg)  Google-oauth2-jwt implements the creation of the signed JWT for Google Service Accounts, to make authorized calls to Google APIs from server to server. All details here:
google-oauth2-jwt.cabal view
@@ -1,5 +1,5 @@ name:                google-oauth2-jwt-version:             0.3.3+version:             0.3.3.1 synopsis:            Get a signed JWT for Google Service Accounts description:         This library implements the creation of the                      signed JWT for Google Service Accounts.@@ -8,29 +8,29 @@ license-file:        LICENSE author:              Michel Boucey maintainer:          michel.boucey@gmail.com-copyright:           (c) 2016-2021 - Michel Boucey+copyright:           (c) 2016-2024 - Michel Boucey category:            Google build-type:          Simple extra-source-files:  README.md cabal-version:       >= 1.10 -Tested-With: GHC ==8.4.4 || ==8.6.5 || ==8.8.4 || ==8.10.4 || ==9.0.1+Tested-With: GHC ==8.8.4 || ==8.10.7 || ==9.0.2 || ==9.2.8 || ==9.4.8 || ==9.6.3 || ==9.8.1 +source-repository head+  type:     git+  location: git://github.com/MichelBoucey/google-oauth2-jwt.git+ library   hs-source-dirs:   src   exposed-modules:  Network.Google.OAuth2.JWT-  build-depends:    base                >= 4.7      && < 5-                  , base64-bytestring   >= 1.0.0    && < 1.2.0.1-                  , bytestring          >= 0.10.6   && < 0.11-                  , HsOpenSSL           >= 0.11.1.1 && < 0.12-                  , RSA                 >= 2.1.0.3  && < 2.5-                  , text                >= 1.2.2    && < 1.3-                  , unix-time           >= 0.3.6    && < 0.5+  build-depends:    base                >= 4.3    && < 5+                  , base64-bytestring   >= 1.0.0  && < 1.3+                  , bytestring          >= 0.10.6 && < 0.13+                  , HsOpenSSL           >= 0.11.7 && < 0.12+                  , RSA                 >= 2.4.1  && < 2.5+                  , text                >= 1.2.2  && < 2.2+                  , unix-time           >= 0.3.6  && < 0.5    default-language: Haskell2010   GHC-options:      -Wall--source-repository head-  type:     git-  location: git://github.com/MichelBoucey/google-oauth2-jwt.git 
src/Network/Google/OAuth2/JWT.hs view
@@ -23,10 +23,9 @@ import           Control.Monad              (unless) import qualified Data.ByteString            as B import           Data.ByteString.Base64.URL (encode)-import           Data.ByteString.Lazy       (fromStrict, toStrict) import           Data.ByteString.Char8      (unpack)-import           Data.Maybe                 (fromMaybe, fromJust)--- import           Data.Monoid                ((<>))+import           Data.ByteString.Lazy       (fromStrict, toStrict)+import           Data.Maybe                 (fromJust, fromMaybe) import qualified Data.Text                  as T import           Data.Text.Encoding         (encodeUtf8) import           Data.UnixTime              (getUnixTime, utSeconds)@@ -59,7 +58,7 @@ -- > fromPEMString :: String -> IO PrivateKey fromPEMString s =-  fromJust . toKeyPair <$> readPrivateKey s PwNone >>=+  readPrivateKey s PwNone >>= (     \k -> return       PrivateKey         { private_pub =@@ -74,7 +73,7 @@         , private_dP   = 0         , private_dQ   = 0         , private_qinv = 0-        }+        }) . fromJust . toKeyPair  -- | Create the signed JWT ready for transmission -- in the access token request as assertion value.@@ -96,23 +95,23 @@   -- Google API Console.   -> IO (Either String SignedJWT)   -- ^ Either an error message or a signed JWT.-getSignedJWT iss msub scs mxt pk = do-  let xt = fromIntegral (fromMaybe 3600 mxt)-  unless (xt >= 1 && xt <= 3600) (fail "Bad expiration time")-  t <- getUnixTime-  let i = header <> "." <> toB64 ("{\"iss\":\"" <> iss <> "\","-          <> maybe T.empty (\e -> "\"sub\":\"" <> e <> "\",") msub-          <> "\"scope\":\"" <> T.intercalate " " scs <> "\",\"aud\-          \\":\"https://www.googleapis.com/oauth2/v4/token\",\"ex\-          \p\":" <> toT (utSeconds t + CTime xt) <> ",\"iat\":"-          <> toT (utSeconds t) <> "}")-  return $-    either-      (return $ Left "RSAError")-      (\s -> return $ SignedJWT $ i <> "." <> encode (toStrict s))-      (rsassa_pkcs1_v1_5_sign hashSHA256 pk $ fromStrict i)-  where-    toT = T.pack . show-    toB64 = encode . encodeUtf8-    header = toB64 "{\"alg\":\"RS256\",\"typ\":\"JWT\"}"+getSignedJWT iss msub scs mxt pk =+  let toT = T.pack . show+      toB64 = encode . encodeUtf8+      header = toB64 "{\"alg\":\"RS256\",\"typ\":\"JWT\"}"+  in do+    let xt = fromIntegral (fromMaybe 3600 mxt)+    unless (xt >= 1 && xt <= 3600) (fail "Bad expiration time")+    t <- getUnixTime+    let i = header <> "." <> toB64 ("{\"iss\":\"" <> iss <> "\","+            <> maybe T.empty (\e -> "\"sub\":\"" <> e <> "\",") msub+            <> "\"scope\":\"" <> T.intercalate " " scs <> "\",\"aud\+            \\":\"https://www.googleapis.com/oauth2/v4/token\",\"ex\+            \p\":" <> toT (utSeconds t + CTime xt) <> ",\"iat\":"+            <> toT (utSeconds t) <> "}")+    return $+      either+        (return $ Left "RSAError")+        (\s -> return $ SignedJWT $ i <> "." <> encode (toStrict s))+        (rsassa_pkcs1_v1_5_sign hashSHA256 pk $ fromStrict i)