packages feed

yesod-auth-oauth2 0.4.0.1 → 0.4.1.0

raw patch · 3 files changed

+72/−12 lines, 3 filesPVP ok

version bump matches the API change (PVP)

API changes (from Hackage documentation)

+ Yesod.Auth.OAuth2.ErrorResponse: AccessDenied :: ErrorName
+ Yesod.Auth.OAuth2.ErrorResponse: ErrorResponse :: ErrorName -> Maybe Text -> Maybe Text -> ErrorResponse
+ Yesod.Auth.OAuth2.ErrorResponse: InvalidRequest :: ErrorName
+ Yesod.Auth.OAuth2.ErrorResponse: InvalidScope :: ErrorName
+ Yesod.Auth.OAuth2.ErrorResponse: ServerError :: ErrorName
+ Yesod.Auth.OAuth2.ErrorResponse: TemporarilyUnavailable :: ErrorName
+ Yesod.Auth.OAuth2.ErrorResponse: UnauthorizedClient :: ErrorName
+ Yesod.Auth.OAuth2.ErrorResponse: Unknown :: Text -> ErrorName
+ Yesod.Auth.OAuth2.ErrorResponse: UnsupportedResponseType :: ErrorName
+ Yesod.Auth.OAuth2.ErrorResponse: [erDescription] :: ErrorResponse -> Maybe Text
+ Yesod.Auth.OAuth2.ErrorResponse: [erName] :: ErrorResponse -> ErrorName
+ Yesod.Auth.OAuth2.ErrorResponse: [erURI] :: ErrorResponse -> Maybe Text
+ Yesod.Auth.OAuth2.ErrorResponse: data ErrorName
+ Yesod.Auth.OAuth2.ErrorResponse: data ErrorResponse
+ Yesod.Auth.OAuth2.ErrorResponse: instance GHC.Show.Show Yesod.Auth.OAuth2.ErrorResponse.ErrorName
+ Yesod.Auth.OAuth2.ErrorResponse: instance GHC.Show.Show Yesod.Auth.OAuth2.ErrorResponse.ErrorResponse
+ Yesod.Auth.OAuth2.ErrorResponse: onErrorResponse :: MonadHandler m => (ErrorResponse -> m a) -> m ()

Files

src/Yesod/Auth/OAuth2/Dispatch.hs view
@@ -9,7 +9,7 @@     ) where  import Control.Exception.Safe (throwString, tryIO)-import Control.Monad (unless)+import Control.Monad (unless, (<=<)) import Data.Monoid ((<>)) import Data.Text (Text) import qualified Data.Text as T@@ -19,6 +19,7 @@ import System.Random (newStdGen, randomRs) import URI.ByteString.Extension import Yesod.Auth+import Yesod.Auth.OAuth2.ErrorResponse (onErrorResponse) import Yesod.Core  -- | How to take an @'OAuth2Token'@ and retrieve user credentials@@ -56,6 +57,7 @@ dispatchCallback :: Text -> OAuth2 -> FetchCreds m -> AuthHandler m TypedContent dispatchCallback name oauth2 getCreds = do     csrf <- verifySessionCSRF $ tokenSessionKey name+    onErrorResponse errInvalidOAuth     code <- requireGetParam "code"     manager <- lift $ getsYesod authHttpManager     oauth2' <- withCallbackAndState name oauth2 csrf@@ -65,15 +67,12 @@   where     -- On a Left result, log it and return an opaque permission-denied     denyLeft :: (MonadHandler m, MonadLogger m, Show e) => IO (Either e a) -> m a-    denyLeft act = do-        result <- liftIO act-        either-            (\err -> do-                $(logError) $ T.pack $ "OAuth2 error: " <> show err-                permissionDenied "Invalid OAuth2 authentication attempt"-            )-            return-            result+    denyLeft = either errInvalidOAuth pure <=< liftIO++    errInvalidOAuth :: (MonadHandler m, MonadLogger m, Show e) => e -> m a+    errInvalidOAuth err = do+        $(logError) $ T.pack $ "OAuth2 error: " <> show err+        permissionDenied "Invalid OAuth2 authentication attempt"  withCallbackAndState :: Text -> OAuth2 -> Text -> AuthHandler m OAuth2 withCallbackAndState name oauth2 csrf = do
+ src/Yesod/Auth/OAuth2/ErrorResponse.hs view
@@ -0,0 +1,60 @@+{-# LANGUAGE OverloadedStrings #-}+-- | OAuth callback error response+--+-- <https://tools.ietf.org/html/rfc6749#section-4.1.2.1>+--+module Yesod.Auth.OAuth2.ErrorResponse+    ( ErrorResponse(..)+    , ErrorName(..)+    , onErrorResponse+    ) where++import Data.Foldable (traverse_)+import Data.Text (Text)+import Data.Traversable (for)+import Yesod.Core (MonadHandler, lookupGetParam)++data ErrorName+    = InvalidRequest+    | UnauthorizedClient+    | AccessDenied+    | UnsupportedResponseType+    | InvalidScope+    | ServerError+    | TemporarilyUnavailable+    | Unknown Text+    deriving Show++data ErrorResponse = ErrorResponse+    { erName :: ErrorName+    , erDescription :: Maybe Text+    , erURI :: Maybe Text+    }+    deriving Show++-- | Check query parameters for an error, if found run the given action+--+-- The action is expected to use a short-circuit response function like+-- @'permissionDenied'@, hence this returning @()@.+--+onErrorResponse :: MonadHandler m => (ErrorResponse -> m a) -> m ()+onErrorResponse f = traverse_ f =<< checkErrorResponse++checkErrorResponse :: MonadHandler m => m (Maybe ErrorResponse)+checkErrorResponse = do+    merror <- lookupGetParam "error"++    for merror $ \err -> ErrorResponse+        <$> pure (readErrorName err)+        <*> lookupGetParam "error_description"+        <*> lookupGetParam "error_uri"++readErrorName :: Text -> ErrorName+readErrorName "invalid_request" = InvalidRequest+readErrorName "unauthorized_client" = UnauthorizedClient+readErrorName "access_denied" = AccessDenied+readErrorName "unsupported_response_type" = UnsupportedResponseType+readErrorName "invalid_scope" = InvalidScope+readErrorName "server_error" = ServerError+readErrorName "temporarily_unavailable" = TemporarilyUnavailable+readErrorName x = Unknown x
yesod-auth-oauth2.cabal view
@@ -2,10 +2,10 @@ -- -- see: https://github.com/sol/hpack ----- hash: d175e5c0f1cc9ab1436a5288b11c394c23922e9bb4e9cf2cbf49033dcfd9f84f+-- hash: 2abd54f1d50a9de6207536db36d9e0d29146b6f7e9f8b6495dc9f4377f83bc84  name:           yesod-auth-oauth2-version:        0.4.0.1+version:        0.4.1.0 synopsis:       OAuth 2.0 authentication plugins description:    Library to authenticate with OAuth 2.0 for Yesod web applications. category:       Web@@ -54,6 +54,7 @@       Yesod.Auth.OAuth2.BattleNet       Yesod.Auth.OAuth2.Bitbucket       Yesod.Auth.OAuth2.Dispatch+      Yesod.Auth.OAuth2.ErrorResponse       Yesod.Auth.OAuth2.EveOnline       Yesod.Auth.OAuth2.Github       Yesod.Auth.OAuth2.Google