yesod-auth-oauth-1.6.0.1/Yesod/0000755000000000000000000000000012624746305014337 5ustar0000000000000000yesod-auth-oauth-1.6.0.1/Yesod/Auth/0000755000000000000000000000000013360572144015234 5ustar0000000000000000yesod-auth-oauth-1.6.0.1/Yesod/Auth/OAuth.hs0000644000000000000000000001531313360572144016613 0ustar0000000000000000{-# LANGUAGE DeriveDataTypeable, OverloadedStrings, QuasiQuotes #-} {-# LANGUAGE FlexibleContexts #-} {-# LANGUAGE LambdaCase #-} {-# LANGUAGE RankNTypes #-} {-# LANGUAGE GADTs #-} {-# LANGUAGE ScopedTypeVariables #-} module Yesod.Auth.OAuth ( authOAuth , oauthUrl , authTwitter , authTwitterUsingUserId , twitterUrl , authTumblr , tumblrUrl , module Web.Authenticate.OAuth ) where import Control.Applicative as A ((<$>), (<*>)) import Control.Arrow ((***)) import UnliftIO.Exception import Control.Monad.IO.Class import UnliftIO (MonadUnliftIO) import Data.ByteString (ByteString) import Data.Maybe import Data.Text (Text) import qualified Data.Text as T import Data.Text.Encoding (decodeUtf8With, encodeUtf8) import Data.Text.Encoding.Error (lenientDecode) import Web.Authenticate.OAuth import Yesod.Auth import Yesod.Form import Yesod.Core data YesodOAuthException = CredentialError String Credential | SessionError String deriving (Show, Typeable) instance Exception YesodOAuthException oauthUrl :: Text -> AuthRoute oauthUrl name = PluginR name ["forward"] authOAuth :: forall master. YesodAuth master => OAuth -- ^ 'OAuth' data-type for signing. -> (Credential -> IO (Creds master)) -- ^ How to extract ident. -> AuthPlugin master authOAuth oauth mkCreds = AuthPlugin name dispatch login where name = T.pack $ oauthServerName oauth url = PluginR name [] lookupTokenSecret = bsToText . fromMaybe "" . lookup "oauth_token_secret" . unCredential oauthSessionName :: Text oauthSessionName = "__oauth_token_secret" dispatch :: ( MonadHandler m , master ~ HandlerSite m , Auth ~ SubHandlerSite m , MonadUnliftIO m ) => Text -> [Text] -> m TypedContent dispatch "GET" ["forward"] = do render <- getUrlRender tm <- getRouteToParent let oauth' = oauth { oauthCallback = Just $ encodeUtf8 $ render $ tm url } manager <- authHttpManager tok <- getTemporaryCredential oauth' manager setSession oauthSessionName $ lookupTokenSecret tok redirect $ authorizeUrl oauth' tok dispatch "GET" [] = do tokSec <- lookupSession oauthSessionName >>= \case Just t -> return t Nothing -> liftIO $ fail "lookupSession could not find session" deleteSession oauthSessionName reqTok <- if oauthVersion oauth == OAuth10 then do oaTok <- runInputGet $ ireq textField "oauth_token" return $ Credential [ ("oauth_token", encodeUtf8 oaTok) , ("oauth_token_secret", encodeUtf8 tokSec) ] else do (verifier, oaTok) <- runInputGet $ (,) A.<$> ireq textField "oauth_verifier" A.<*> ireq textField "oauth_token" return $ Credential [ ("oauth_verifier", encodeUtf8 verifier) , ("oauth_token", encodeUtf8 oaTok) , ("oauth_token_secret", encodeUtf8 tokSec) ] manager <- authHttpManager accTok <- getAccessToken oauth reqTok manager creds <- liftIO $ mkCreds accTok setCredsRedirect creds dispatch _ _ = notFound login tm = do render <- getUrlRender let oaUrl = render $ tm $ oauthUrl name [whamlet| Login via #{name} |] mkExtractCreds :: Text -> String -> Credential -> IO (Creds m) mkExtractCreds name idName (Credential dic) = do let mcrId = decodeUtf8With lenientDecode <$> lookup (encodeUtf8 $ T.pack idName) dic case mcrId of Just crId -> return $ Creds name crId $ map (bsToText *** bsToText) dic Nothing -> throwIO $ CredentialError ("key not found: " ++ idName) (Credential dic) authTwitter' :: YesodAuth m => ByteString -- ^ Consumer Key -> ByteString -- ^ Consumer Secret -> String -> AuthPlugin m authTwitter' key secret idName = authOAuth (newOAuth { oauthServerName = "twitter" , oauthRequestUri = "https://api.twitter.com/oauth/request_token" , oauthAccessTokenUri = "https://api.twitter.com/oauth/access_token" , oauthAuthorizeUri = "https://api.twitter.com/oauth/authorize" , oauthSignatureMethod = HMACSHA1 , oauthConsumerKey = key , oauthConsumerSecret = secret , oauthVersion = OAuth10a }) (mkExtractCreds "twitter" idName) -- | This plugin uses Twitter's /screen_name/ as ID, which shouldn't be used for authentication because it is mutable. authTwitter :: YesodAuth m => ByteString -- ^ Consumer Key -> ByteString -- ^ Consumer Secret -> AuthPlugin m authTwitter key secret = authTwitter' key secret "screen_name" {-# DEPRECATED authTwitter "Use authTwitterUsingUserID instead" #-} -- | Twitter plugin which uses Twitter's /user_id/ as ID. -- -- For more information, see: https://github.com/yesodweb/yesod/pull/1168 -- -- @since 1.4.1 authTwitterUsingUserId :: YesodAuth m => ByteString -- ^ Consumer Key -> ByteString -- ^ Consumer Secret -> AuthPlugin m authTwitterUsingUserId key secret = authTwitter' key secret "user_id" twitterUrl :: AuthRoute twitterUrl = oauthUrl "twitter" authTumblr :: YesodAuth m => ByteString -- ^ Consumer Key -> ByteString -- ^ Consumer Secret -> AuthPlugin m authTumblr key secret = authOAuth (newOAuth { oauthServerName = "tumblr" , oauthRequestUri = "http://www.tumblr.com/oauth/request_token" , oauthAccessTokenUri = "http://www.tumblr.com/oauth/access_token" , oauthAuthorizeUri = "http://www.tumblr.com/oauth/authorize" , oauthSignatureMethod = HMACSHA1 , oauthConsumerKey = key , oauthConsumerSecret = secret , oauthVersion = OAuth10a }) (mkExtractCreds "tumblr" "name") tumblrUrl :: AuthRoute tumblrUrl = oauthUrl "tumblr" bsToText :: ByteString -> Text bsToText = decodeUtf8With lenientDecode yesod-auth-oauth-1.6.0.1/LICENSE0000644000000000000000000000207512624746305014265 0ustar0000000000000000Copyright (c) 2012 Michael Snoyman, http://www.yesodweb.com/ Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. yesod-auth-oauth-1.6.0.1/Setup.lhs0000755000000000000000000000021712624746305015067 0ustar0000000000000000#!/usr/bin/env runhaskell > module Main where > import Distribution.Simple > import System.Cmd (system) > main :: IO () > main = defaultMain yesod-auth-oauth-1.6.0.1/yesod-auth-oauth.cabal0000644000000000000000000000240213360572144017432 0ustar0000000000000000name: yesod-auth-oauth version: 1.6.0.1 license: BSD3 license-file: LICENSE author: Hiromi Ishii maintainer: Michael Litchard synopsis: OAuth Authentication for Yesod. category: Web, Yesod stability: Stable cabal-version: >= 1.6.0 build-type: Simple homepage: http://www.yesodweb.com/ description: API docs and the README are available at extra-source-files: README.md ChangeLog.md flag ghc7 library if flag(ghc7) build-depends: base >= 4.3 && < 5 cpp-options: -DGHC7 else build-depends: base >= 4 && < 4.3 build-depends: authenticate-oauth >= 1.5 && < 1.7 , bytestring >= 0.9.1.4 , text >= 0.7 , unliftio , yesod-auth >= 1.6 && < 1.7 , yesod-core >= 1.6 && < 1.7 , yesod-form >= 1.6 && < 1.7 exposed-modules: Yesod.Auth.OAuth ghc-options: -Wall source-repository head type: git location: https://github.com/yesodweb/yesod yesod-auth-oauth-1.6.0.1/README.md0000644000000000000000000000006512771733342014534 0ustar0000000000000000## yesod-auth-oauth Oauth Authentication for Yesod. yesod-auth-oauth-1.6.0.1/ChangeLog.md0000644000000000000000000000046313360572144015424 0ustar0000000000000000## 1.6.0.1 * Compile with GHC 8.6 [#1561](https://github.com/yesodweb/yesod/pull/1561) ## 1.6.0 * Upgrade to yesod-core 1.6.0 ## 1.4.2 * Fix warnings ## 1.4.1 * change OAuth Twitter ID, screen_name → user_id [#1168](https://github.com/yesodweb/yesod/pull/1168) ## 1.4.0.2 * Compile with GHC 7.10