hoauth-0.1.4: src/main/haskell/Network/Protocol/OAuth/Consumer.hs
-- Copyright (c) 2009, Diego Souza
-- All rights reserved.
--
-- Redistribution and use in source and binary forms, with or without
-- modification, are permitted provided that the following conditions are met:
--
-- * Redistributions of source code must retain the above copyright notice,
-- this list of conditions and the following disclaimer.
-- * Redistributions in binary form must reproduce the above copyright notice,
-- this list of conditions and the following disclaimer in the documentation
-- and/or other materials provided with the distribution.
-- * Neither the name of the <ORGANIZATION> nor the names of its contributors
-- may be used to endorse or promote products derived from this software
-- without specific prior written permission.
--
-- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-- WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-- DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-- SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-- CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-- OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-- OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-- | A pure library that implements oauth authentication protocol as defined in <http://oauth.net/core/1.0a>.
--
-- Refer to <http://oauth.net/> for more information about the oauth protocol.
module Network.Protocol.OAuth.Consumer (Token(),Consumer(..),request,response,nonce_and_timestamp,oauth_token,oauth_token_secret,oauth_extra,plaintext_signature,hmacsha1_signature) where
import Network.Protocol.OAuth.Request as R
import qualified Data.ByteString.Lazy as B
import qualified Network.Protocol.OAuth.Signature as S
import qualified Data.Time.Clock as T
import qualified Data.Time.Format as F
import qualified System.Locale as L
import qualified System.UUID.V1 as U
import qualified Text.Printf as P
import qualified Data.Binary as Bn
import qualified Data.List as L
import qualified Control.Monad as M
-- | OAuth uses Tokens generated by the Service Provider instead of the User's credentials in Protected Resources requests.
data Token = Token { oauth_token :: String,
oauth_token_secret :: String,
oauth_extra :: [R.Parameter]
}
deriving (Show,Read,Eq)
-- | The application which needs to authenticate using oauth.
data Consumer =
-- | Creates a consumer with /consumer_key/ and /consumer_secret/
Unauthenticated String String
-- | A consumer with /consumer_key/, /consumer_secret/ and a 'Token'
| Authenticated String String Token
deriving (Show,Read,Eq)
-- | The PLAINTEXT signature for a given consumer
plaintext_signature :: Consumer -> S.Method
plaintext_signature (Authenticated _ s t) = S.PLAINTEXT s ((Just . oauth_token_secret) t)
plaintext_signature (Unauthenticated _ s) = S.PLAINTEXT s Nothing
-- | The HMAC-SHA1 signature for a given consumer
hmacsha1_signature :: Consumer -> S.Method
hmacsha1_signature (Authenticated _ s t) = S.HMAC_SHA1 s ((Just . oauth_token_secret) t)
hmacsha1_signature (Unauthenticated _ s) = S.HMAC_SHA1 s Nothing
-- | Sign a request for oauth request. Use this either to sign requests with a proper Access token or to use the oauth protocol to get a token from service provider.
--
-- The request you provide /must/ contain /oauth_nonce/ and /oauth_timestamp/ parameters properly defined.
request :: (S.Signer s,Show s) => Consumer -> s -> R.Request -> R.Request
request (Unauthenticated ckey _) s r = _oauth ckey s r
request (Authenticated ckey _ tk) s r = let req = r >>+ ("oauth_token", (Just . oauth_token) tk)
in _oauth ckey s req
-- | Process the response of the service provider. The response should be an urlencoded string.
response :: Consumer -> B.ByteString -> Maybe Consumer
response c u = let postdata = R.read_urlencoded u
o_token = (M.join . lookup "oauth_token") postdata
o_token_sec = (M.join . lookup "oauth_token_secret") postdata
o_token_ext = return $ filter (not . flip elem ["oauth_token","oauth_token_secret"] . fst) postdata
token = M.liftM3 Token o_token o_token_sec o_token_ext
in case c
of (Unauthenticated ckey csec) -> M.liftM3 Authenticated (return ckey) (return csec) token
(Authenticated ckey csec _) -> M.liftM3 Authenticated (return ckey) (return csec) token
-- | Generates the oauth_nonce and oauth_timestamp parameters.
nonce_and_timestamp :: Request -> IO Request
nonce_and_timestamp r = do
timestamp <- fmap (F.formatTime L.defaultTimeLocale "%s") T.getCurrentTime
nonce <- fmap (concatMap (P.printf "%02x") . B.unpack . Bn.encode) U.uuid
return (r >>+ ("oauth_nonce",Just nonce) >>+ ("oauth_timestamp",Just timestamp))
_oauth :: (S.Signer s,Show s) => String -> s -> R.Request -> R.Request
_oauth ckey met req = _sign met $ req >>+ ("oauth_consumer_key",Just ckey)
>>+ ("oauth_version",Just "1.0")
>>+ ("oauth_signature_method",(Just . show) met)
_sign :: (S.Signer s,Show s) => s -> R.Request -> R.Request
_sign met req = let sig = S.sign met req
in req >>+ ("oauth_signature",Just sig)