-}
module Crypto.Macaroon.Verifier.Internal where
+import Control.Applicative
import Control.Monad
import Control.Monad.IO.Class
import Crypto.Hash
import Crypto.Macaroon.Internal
-- | Type representing different validation errors.
--- Only 'ParseError' and 'ValidatorError' are exported, 'SigMismatch' and
--- 'NoVerifier' are used internally and should not be used by the user
+-- Only 'ParseError' and 'ValidatorError' are exported, @SigMismatch@ and
+-- @NoVerifier@ are used internally and should not be used by the user
data ValidationError = SigMismatch -- ^ Signatures do not match
| NoVerifier -- ^ No verifier can handle a given caveat
| ParseError String -- ^ A verifier had a parse error
| ValidatorError String -- ^ A verifier failed
deriving (Show,Eq)
--- | The 'Monoid' instance is written so 'SigMismatch' is an annihilator,
--- and 'NoVerifier' is the identity element
+-- | The 'Monoid' instance is written so @SigMismatch@ is an annihilator,
+-- and @NoVerifier@ is the identity element
instance Monoid ValidationError where
mempty = NoVerifier
NoVerifier `mappend` e = e
derivedKey = toBytes (hmac "macaroons-key-generator" k :: HMAC SHA256)
-- | Given a list of verifiers, verify each caveat of the given macaroon
-verifyCavs :: MonadIO m
+verifyCavs :: (Functor m, MonadIO m)
=> [Caveat -> m (Maybe (Either ValidationError ()))]
-> Macaroon
-> m (Either ValidationError Macaroon)