Safe Haskell | None |
---|---|
Language | Haskell2010 |
These are functions for checking authenticated requests and sending authenticated responses.
- authenticateRequest :: MonadIO m => AuthReqOpts -> CredentialsFunc m t -> Request -> Maybe ByteString -> m (AuthResult t)
- authenticate :: MonadIO m => AuthOpts -> CredentialsFunc m t -> HawkReq -> m (AuthResult t)
- authenticateBewit :: MonadIO m => AuthReqOpts -> CredentialsFunc m t -> Request -> m (AuthResult t)
- authenticatePayload :: AuthSuccess t -> PayloadInfo -> Either String ()
- data HawkReq = HawkReq {}
- header :: AuthResult t -> Maybe PayloadInfo -> (Status, Header)
- data AuthReqOpts = AuthReqOpts {}
- data AuthOpts = AuthOpts {
- saCheckNonce :: NonceFunc
- saTimestampSkew :: NominalDiffTime
- saIronLocaltimeOffset :: NominalDiffTime
- def :: Default a => a
- module Network.Hawk.Server.Types
Documentation
authenticateRequest :: MonadIO m => AuthReqOpts -> CredentialsFunc m t -> Request -> Maybe ByteString -> m (AuthResult t) Source #
Checks the Authorization
header of a Request
and
(optionally) a payload. The header will be parsed and verified with
the credentials supplied.
If the request payload is provided, it will be verified. If a
payload is not supplied, it can be verified later with
authenticatePayload
.
authenticate :: MonadIO m => AuthOpts -> CredentialsFunc m t -> HawkReq -> m (AuthResult t) Source #
Checks the Authorization
header of a generic request. The
header will be parsed and verified with the credentials
supplied.
If a payload is provided, it will be verified. If the payload is
not supplied, it can be verified later with authenticatePayload
.
authenticateBewit :: MonadIO m => AuthReqOpts -> CredentialsFunc m t -> Request -> m (AuthResult t) Source #
Checks the Authorization
header of a request according to the
"bewit" scheme. See Network.Hawk.URI for a description of that
scheme.
authenticatePayload :: AuthSuccess t -> PayloadInfo -> Either String () Source #
Verifies the payload hash as a separate step after other things have been check. This is useful when the request body is streamed for example.
A package of values containing the attributes of a HTTP request which are relevant to Hawk authentication.
HawkReq | |
|
header :: AuthResult t -> Maybe PayloadInfo -> (Status, Header) Source #
Generates a suitable Server-Authorization
header to send back
to the client. Credentials and artifacts would be provided by a
previous call to authenticateRequest
(or authenticate
).
If a payload is supplied, its hash will be included in the header.
data AuthReqOpts Source #
Bundle of parameters for authenticateRequest
. Provides
information about what the public URL of the server would be. If
the application is served from a HTTP reverse proxy, then the
Host
header might have a different name, or the hostname:port
might need to be overridden.
AuthReqOpts | |
|
Bundle of parameters for authenticate
.
AuthOpts | |
|
module Network.Hawk.Server.Types