diff --git a/Network/Wreq.hs b/Network/Wreq.hs index 325d903..0c78f7c 100644 --- a/Network/Wreq.hs +++ b/Network/Wreq.hs @@ -88,6 +88,8 @@ module Network.Wreq , Lens.auth , basicAuth , oauth1Auth + , oauth1Temp + , oauth1ReqAccessToken , oauth2Bearer , oauth2Token , awsAuth @@ -463,13 +465,30 @@ basicAuth = BasicAuth -- | OAuth1 authentication. This consists of a consumer token, -- a consumer secret, a token and a token secret -oauth1Auth :: S.ByteString -- ^ Consumer token - -> S.ByteString -- ^ Consumer secret - -> S.ByteString -- ^ OAuth token - -> S.ByteString -- ^ OAuth token secret - -> Auth +oauth1Auth :: S.ByteString -- ^ Consumer token + -> S.ByteString -- ^ Consumer secret + -> S.ByteString -- ^ OAuth token + -> S.ByteString -- ^ OAuth token secret + -> Auth oauth1Auth = OAuth1 +-- | OAuth1 temporary token authentication. This consists of +-- a consumer token, a consumer secret and a callback URI +oauth1Temp :: S.ByteString -- ^ Consumer token + -> S.ByteString -- ^ Consumer secret + -> S.ByteString -- ^ Callback URI + -> Auth +oauth1Temp = OAuth1Temp + +-- | OAuth1 access token authentication. Used to make requests +-- to exchange temporary tokens for access tokens +oauth1ReqAccessToken :: S.ByteString -- ^ Consumer token + -> S.ByteString -- ^ Consumer secret + -> S.ByteString -- ^ Temporary token + -> S.ByteString -- ^ Temporary secret + -> S.ByteString -- ^ OAuth Verifier + -> Auth +oauth1ReqAccessToken = OAuth1ReqAccessToken -- | An OAuth2 bearer token. This is treated by many services as the -- equivalent of a username and password. diff --git a/Network/Wreq/Internal.hs b/Network/Wreq/Internal.hs index be5a10e..7c85f87 100644 --- a/Network/Wreq/Internal.hs +++ b/Network/Wreq/Internal.hs @@ -117,8 +117,10 @@ prepare modify opts url = do signRequest :: Request -> IO Request signRequest = maybe return f $ auth opts where - f (AWSAuth versn key secret) = AWS.signRequest versn key secret - f oauth1Credentials@(OAuth1 _ _ _ _) = OAuth1.signRequest oauth1Credentials + f (AWSAuth versn key secret) = AWS.signRequest versn key secret + f creds@(OAuth1{}) = OAuth1.signRequest creds + f creds@(OAuth1Temp{}) = OAuth1.signRequest creds + f creds@(OAuth1ReqAccessToken{}) = OAuth1.signRequest creds f _ = return @@ -138,8 +140,8 @@ setAuth = maybe id f . auth f (OAuth2Bearer token) = setHeader "Authorization" ("Bearer " <> token) f (OAuth2Token token) = setHeader "Authorization" ("token " <> token) -- for AWS request signature, see Internal/AWS - f (AWSAuth _ _ _) = id - f (OAuth1 _ _ _ _) = id + f (AWSAuth _ _ _) = id + f _ = id setProxy :: Options -> Request -> Request setProxy = maybe id f . proxy diff --git a/Network/Wreq/Internal/OAuth1.hs b/Network/Wreq/Internal/OAuth1.hs index 8ee3dca..1d527b3 100644 --- a/Network/Wreq/Internal/OAuth1.hs +++ b/Network/Wreq/Internal/OAuth1.hs @@ -1,3 +1,5 @@ +{-# LANGUAGE OverloadedStrings #-} + module Network.Wreq.Internal.OAuth1 ( signRequest @@ -5,13 +7,32 @@ module Network.Wreq.Internal.OAuth1 import Network.HTTP.Client (Request(..)) import Network.Wreq.Internal.Types (Auth(..)) -import Web.Authenticate.OAuth ( signOAuth, newOAuth, oauthConsumerKey - , oauthConsumerSecret, newCredential) +import Web.Authenticate.OAuth ( signOAuth + , newOAuth + , oauthConsumerKey + , oauthConsumerSecret + , newCredential + , oauthCallback + , emptyCredential + , injectVerifier + , insert) + signRequest :: Auth -> Request -> IO Request signRequest (OAuth1 consumerToken consumerSecret token tokenSecret) requestToSign = signOAuth app creds requestToSign where - app = newOAuth { oauthConsumerKey = consumerToken, oauthConsumerSecret = consumerSecret } + app = newOAuth { oauthConsumerKey = consumerToken, oauthConsumerSecret = consumerSecret } creds = newCredential token tokenSecret - +signRequest (OAuth1Temp consumerToken consumerSecret callbackUri) requestToSign = signOAuth app creds requestToSign + where + app = newOAuth { oauthConsumerKey = consumerToken + , oauthConsumerSecret = consumerSecret + , oauthCallback = Just callbackUri } + creds = insert "oauth_callback" callbackUri emptyCredential +signRequest (OAuth1ReqAccessToken consumerToken consumerSecret requestToken requestTokenSecret oauthVerifier) requestToSign + = signOAuth app creds requestToSign + where + app = newOAuth { oauthConsumerKey = consumerToken + , oauthConsumerSecret = consumerSecret } + creds = injectVerifier oauthVerifier $ newCredential requestToken requestTokenSecret signRequest _ requestToSign = return requestToSign diff --git a/Network/Wreq/Internal/Types.hs b/Network/Wreq/Internal/Types.hs index 97ce97b..c301971 100644 --- a/Network/Wreq/Internal/Types.hs +++ b/Network/Wreq/Internal/Types.hs @@ -178,6 +178,19 @@ data Auth = BasicAuth S.ByteString S.ByteString -- ^ Amazon Web Services request signing -- AWSAuthVersion key secret | OAuth1 S.ByteString S.ByteString S.ByteString S.ByteString + -- ^ OAuth1 authentication to access protected requests + -- OAuth1 consumerToken consumerSecret token tokenSecret + -- consumerToken and consumerSecret are specific to your application + -- token and tokenSecret are specific to the (protected) resource-owner + | OAuth1Temp S.ByteString S.ByteString S.ByteString + -- ^ OAuth1Temp authentication used to request temporary credentials + -- to request an access token pair + -- OAuth1Temp consumerToken consumerSecret callbackUri + | OAuth1ReqAccessToken S.ByteString S.ByteString S.ByteString S.ByteString S.ByteString + -- ^ OAuth1RequestAccessToken used to request an access token + -- using a pair of (already procured) temporary credentials + -- OAuth1RequestAccessToken consumerToken consumerSecret tempToken tempSecret oauthVerifier + deriving (Eq, Show, Typeable) data AWSAuthVersion = AWSv4