yesod-auth-oauth2 0.6.1.1 → 0.6.1.2
raw patch · 3 files changed
+58/−35 lines, 3 filesPVP ok
version bump matches the API change (PVP)
API changes (from Hackage documentation)
Files
- CHANGELOG.md +5/−1
- src/Yesod/Auth/OAuth2/Dispatch.hs +26/−7
- yesod-auth-oauth2.cabal +27/−27
CHANGELOG.md view
@@ -1,6 +1,10 @@-## [*Unreleased*](https://github.com/thoughtbot/yesod-auth-oauth2/compare/v0.6.1.1...master)+## [*Unreleased*](https://github.com/thoughtbot/yesod-auth-oauth2/compare/v0.6.1.2...master) None++## [v0.6.1.2](https://github.com/thoughtbot/yesod-auth-oauth2/compare/v0.6.1.1...v0.6.1.2)++- Don't report our own errors like OAuth2 ErrorResponses ## [v0.6.1.1](https://github.com/thoughtbot/yesod-auth-oauth2/compare/v0.6.1.0...v0.6.1.1)
src/Yesod/Auth/OAuth2/Dispatch.hs view
@@ -9,7 +9,8 @@ module Yesod.Auth.OAuth2.Dispatch ( FetchCreds , dispatchAuthRequest- ) where+ )+where import Control.Exception.Safe import Control.Monad (unless, (<=<))@@ -63,7 +64,7 @@ dispatchCallback :: Text -> OAuth2 -> FetchCreds m -> AuthHandler m TypedContent dispatchCallback name oauth2 getCreds = do csrf <- verifySessionCSRF $ tokenSessionKey name- onErrorResponse errInvalidOAuth+ onErrorResponse $ oauth2HandshakeError name code <- requireGetParam "code" manager <- authHttpManager oauth2' <- withCallbackAndState name oauth2 csrf@@ -72,12 +73,30 @@ setCredsRedirect creds where errLeft :: Show e => IO (Either e a) -> AuthHandler m a- errLeft = either (errInvalidOAuth . unknownError . tshow) pure <=< liftIO+ errLeft = either (unexpectedError name) pure <=< liftIO - errInvalidOAuth :: ErrorResponse -> AuthHandler m a- errInvalidOAuth err = do- $(logError) $ "OAuth2 error (" <> name <> "): " <> tshow err- redirectMessage $ "Unable to log in with OAuth2: " <> erUserMessage err+-- | Handle an OAuth2 @'ErrorResponse'@+--+-- These are things coming from the OAuth2 provider such an Invalid Grant or+-- Invalid Scope and /may/ be user-actionable. We've coded them to have an+-- @'erUserMessage'@ that we are comfortable displaying to the user as part of+-- the redirect, just in case.+--+oauth2HandshakeError :: Text -> ErrorResponse -> AuthHandler m a+oauth2HandshakeError name err = do+ $(logError) $ "Handshake failure in " <> name <> " plugin: " <> tshow err+ redirectMessage $ "OAuth2 handshake failure: " <> erUserMessage err++-- | Handle an unexpected error+--+-- This would be some unexpected exception while processing the callback.+-- Therefore, the user should see an opaque message and the details go only to+-- the server logs.+--+unexpectedError :: Show e => Text -> e -> AuthHandler m a+unexpectedError name err = do+ $(logError) $ "Error in " <> name <> " OAuth2 plugin: " <> tshow err+ redirectMessage "Unexpected error logging in with OAuth2" redirectMessage :: Text -> AuthHandler m a redirectMessage msg = do
yesod-auth-oauth2.cabal view
@@ -1,13 +1,13 @@ cabal-version: 1.12 --- This file has been generated from package.yaml by hpack version 0.31.1.+-- This file has been generated from package.yaml by hpack version 0.31.2. -- -- see: https://github.com/sol/hpack ----- hash: c1c011a70a950aa06a81581631093cff63155d27dfd919ee890ec488597e5bd0+-- hash: e04edfe71067040f559a7ef9bdb8aef187060f21ee13314bbaaec9612a9c5c8d name: yesod-auth-oauth2-version: 0.6.1.1+version: 0.6.1.2 synopsis: OAuth 2.0 authentication plugins description: Library to authenticate with OAuth 2.0 for Yesod web applications. category: Web@@ -32,25 +32,6 @@ default: False library- hs-source-dirs:- src- ghc-options: -Wall- build-depends:- aeson >=0.6 && <1.5- , base >=4.9.0.0 && <5- , bytestring >=0.9.1.4- , errors- , hoauth2 >=1.3.0 && <1.9- , http-client >=0.4.0 && <0.7- , http-conduit >=2.0 && <3.0- , http-types >=0.8 && <0.13- , microlens- , random- , safe-exceptions- , text >=0.7 && <2.0- , uri-bytestring- , yesod-auth >=1.6.0 && <1.7- , yesod-core >=1.6.0 && <1.7 exposed-modules: URI.ByteString.Extension Yesod.Auth.OAuth2@@ -72,10 +53,31 @@ Yesod.Auth.OAuth2.Upcase other-modules: Paths_yesod_auth_oauth2+ hs-source-dirs:+ src+ ghc-options: -Wall+ build-depends:+ aeson >=0.6 && <1.5+ , base >=4.9.0.0 && <5+ , bytestring >=0.9.1.4+ , errors+ , hoauth2 >=1.3.0 && <1.9+ , http-client >=0.4.0 && <0.7+ , http-conduit >=2.0 && <3.0+ , http-types >=0.8 && <0.13+ , microlens+ , random+ , safe-exceptions+ , text >=0.7 && <2.0+ , uri-bytestring+ , yesod-auth >=1.6.0 && <1.7+ , yesod-core >=1.6.0 && <1.7 default-language: Haskell2010 executable yesod-auth-oauth2-example main-is: Main.hs+ other-modules:+ Paths_yesod_auth_oauth2 hs-source-dirs: example ghc-options: -Wall -threaded -rtsopts -with-rtsopts=-N@@ -94,13 +96,14 @@ , yesod-auth-oauth2 if !(flag(example)) buildable: False- other-modules:- Paths_yesod_auth_oauth2 default-language: Haskell2010 test-suite test type: exitcode-stdio-1.0 main-is: Spec.hs+ other-modules:+ URI.ByteString.ExtensionSpec+ Paths_yesod_auth_oauth2 hs-source-dirs: test ghc-options: -Wall@@ -109,7 +112,4 @@ , hspec , uri-bytestring , yesod-auth-oauth2- other-modules:- URI.ByteString.ExtensionSpec- Paths_yesod_auth_oauth2 default-language: Haskell2010