servant-auth 0.3.2.0 → 0.4.10.0
raw patch · 5 files changed
Files
- CHANGELOG.md +12/−1
- Setup.hs +1/−0
- servant-auth.cabal +18/−11
- src/Servant/Auth.hs +26/−5
- src/Servant/Auth/JWT.hs +39/−0
CHANGELOG.md view
@@ -3,9 +3,20 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)-and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).+and this project adheres to [PVP Versioning](https://pvp.haskell.org/). ## [Unreleased]++## [0.4.10.0] - 2026-06-20++- Support for 'ram' dependency. [#1888](https://github.com/haskell-servant/servant/pull/1888)+- Bump lower dependency bounds. [#1876](https://github.com/haskell-servant/servant/pull/1876)++## [0.4.0.0] - 2020-10-06++- Support for GHC 8.10 by @domenkozar+- Support servant 0.18 by @domenkozar+- Move `ToJWT/FromJWT` from servant-auth-server ## [0.3.2.0] - 2018-06-18
Setup.hs view
@@ -1,2 +1,3 @@ import Distribution.Simple+ main = defaultMain
servant-auth.cabal view
@@ -1,5 +1,6 @@+cabal-version: 2.2 name: servant-auth-version: 0.3.2.0+version: 0.4.10.0 synopsis: Authentication combinators for servant description: This package provides an @Auth@ combinator for 'servant'. This combinator allows using different authentication schemes in a straightforward way,@@ -8,32 +9,38 @@ 'servant-auth' additionally provides concrete authentication schemes, such as Basic Access Authentication, JSON Web Tokens, and Cookies. .- For more details on how to use this, see the <http://github.com/haskell-servant/servant-auth#readme README>.+ For more details on how to use this, see the <https://github.com/haskell-servant/servant/tree/master/servant-auth#readme README>. category: Web, Servant, Authentication-homepage: http://github.com/haskell-servant/servant-auth#readme-bug-reports: https://github.com/haskell-servant/servant-auth/issues+homepage: https://github.com/haskell-servant/servant/tree/master/servant-auth#readme+bug-reports: https://github.com/haskell-servant/servant/issues author: Julian K. Arni maintainer: jkarni@gmail.com copyright: (c) Julian K. Arni-license: BSD3+license: BSD-3-Clause license-file: LICENSE-tested-with: GHC == 7.10.3, GHC == 8.0.2, GHC == 8.2.2, GHC==8.4.3+tested-with: GHC ==9.2.8 || ==9.4.8 || ==9.6.6 || ==9.8.4 || ==9.10.1 || ==9.12.1 build-type: Simple-cabal-version: >= 1.10-extra-source-files:+extra-doc-files: CHANGELOG.md source-repository head type: git- location: https://github.com/haskell-servant/servant-auth+ location: https://github.com/haskell-servant/servant library hs-source-dirs: src- default-extensions: AutoDeriveTypeable ConstraintKinds DataKinds DefaultSignatures DeriveFoldable DeriveFunctor DeriveGeneric DeriveTraversable FlexibleContexts FlexibleInstances FunctionalDependencies GADTs KindSignatures MultiParamTypeClasses OverloadedStrings RankNTypes ScopedTypeVariables TypeFamilies TypeOperators+ default-extensions: ConstraintKinds DataKinds DefaultSignatures DeriveFoldable DeriveFunctor DeriveGeneric DeriveTraversable FlexibleContexts FlexibleInstances FunctionalDependencies GADTs KindSignatures MultiParamTypeClasses OverloadedStrings RankNTypes ScopedTypeVariables TypeFamilies TypeOperators ghc-options: -Wall build-depends:- base >= 4.8 && < 4.12+ base >= 4.16.4.0 && < 4.22+ , containers >=0.6.5.1 && < 0.9+ , aeson >= 2.0 && < 3+ , jose >= 0.11 && < 0.14+ , lens >= 5.3 && < 5.4+ , servant >= 0.20.3 && < 0.21+ , text >= 1.2.3.0 && < 2.2 exposed-modules: Servant.Auth+ Servant.Auth.JWT default-language: Haskell2010
src/Servant/Auth.hs view
@@ -1,17 +1,38 @@-{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE CPP #-}+{-# LANGUAGE DataKinds #-}+{-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE TypeOperators #-}+ module Servant.Auth where +import Data.Kind (Type)+import Data.Proxy (Proxy (..))+import Servant.API ((:>))+import Servant.Links (HasLink (..))+ -- * Authentication -- | @Auth [auth1, auth2] val :> api@ represents an API protected *either* by -- @auth1@ or @auth2@-data Auth (auths :: [*]) val+data Auth (auths :: [Type]) val +-- | A @HasLink@ instance for @Auth@+instance HasLink sub => HasLink (Auth (tag :: [Type]) value :> sub)+#if MIN_VERSION_servant(0,14,0)+ where+ type MkLink (Auth (tag :: [Type]) value :> sub) a = MkLink sub a+ toLink toA _ = toLink toA (Proxy :: Proxy sub)+#else+ where+ type MkLink (Auth (tag :: [Type]) value :> sub) = MkLink sub+ toLink _ = toLink (Proxy :: Proxy sub)+#endif+ -- ** Combinators --- | A JSON Web Token (JWT) in the the Authorization header:+-- | A JSON Web Token (JWT) in the Authorization header: ----- @Authorization: Bearer <token>@+-- @Authorization: Bearer \<token\>@ -- -- Note that while the token is signed, it is not encrypted. Therefore do not -- keep in it any information you would not like the client to know.@@ -24,11 +45,11 @@ -- header, for XSRF protection. data Cookie - -- We could use 'servant''s BasicAuth, but then we don't get control over the -- documentation, and we'd have to polykind everything. (Also, we don't -- currently depend on servant!) --+ -- | Basic Auth. data BasicAuth
+ src/Servant/Auth/JWT.hs view
@@ -0,0 +1,39 @@+{-# LANGUAGE CPP #-}++module Servant.Auth.JWT where++import Control.Lens ((^.))+import qualified Crypto.JWT as Jose+import Data.Aeson (FromJSON, Result (..), ToJSON, fromJSON, toJSON)+#if MIN_VERSION_aeson(2,0,0)+import qualified Data.Map as KM+#else+import qualified Data.HashMap.Strict as KM+#endif++import qualified Data.Text as T++-- This should probably also be from ClaimSet+--++-- | How to decode data from a JWT.+--+-- The default implementation assumes the data is stored in the unregistered+-- @dat@ claim, and uses the @FromJSON@ instance to decode value from there.+class FromJWT a where+ decodeJWT :: Jose.ClaimsSet -> Either T.Text a+ default decodeJWT :: FromJSON a => Jose.ClaimsSet -> Either T.Text a+ decodeJWT m = case KM.lookup "dat" (m ^. Jose.unregisteredClaims) of+ Nothing -> Left "Missing 'dat' claim"+ Just v -> case fromJSON v of+ Error e -> Left $ T.pack e+ Success a -> Right a++-- | How to encode data from a JWT.+--+-- The default implementation stores data in the unregistered @dat@ claim, and+-- uses the type's @ToJSON@ instance to encode the data.+class ToJWT a where+ encodeJWT :: a -> Jose.ClaimsSet+ default encodeJWT :: ToJSON a => a -> Jose.ClaimsSet+ encodeJWT a = Jose.addClaim "dat" (toJSON a) Jose.emptyClaimsSet