diff options
| author | Julien Tanguy <julien.tanguy@jhome.fr> | 2015-08-17 17:38:24 +0200 |
|---|---|---|
| committer | Julien Tanguy <julien.tanguy@jhome.fr> | 2015-08-17 17:39:31 +0200 |
| commit | 86f3882318d323d1920ca1c7da6e816f0ed376da (patch) | |
| tree | 0e16232125c2fb6c0413d654e6b1537c9813b301 /src/Crypto/Macaroon/Verifier.hs | |
| parent | bf31e29028a4402ea0d2deefdb3b86efd526acd0 (diff) | |
| download | hmacaroons-86f3882318d323d1920ca1c7da6e816f0ed376da.tar.gz hmacaroons-86f3882318d323d1920ca1c7da6e816f0ed376da.tar.zst hmacaroons-86f3882318d323d1920ca1c7da6e816f0ed376da.zip | |
Change verifier api and split Verifier module
- Added haddocks
Diffstat (limited to 'src/Crypto/Macaroon/Verifier.hs')
| -rw-r--r-- | src/Crypto/Macaroon/Verifier.hs | 35 |
1 files changed, 25 insertions, 10 deletions
diff --git a/src/Crypto/Macaroon/Verifier.hs b/src/Crypto/Macaroon/Verifier.hs index 7d5f094..a739437 100644 --- a/src/Crypto/Macaroon/Verifier.hs +++ b/src/Crypto/Macaroon/Verifier.hs | |||
| @@ -52,8 +52,23 @@ import Crypto.Macaroon.Verifier.Internal | |||
| 52 | -- (.>=) :: (MonadIO m, Ord a, Parsable a) => Key -> m a -> Caveat -> m (Maybe (Either ValidationError Caveat)) | 52 | -- (.>=) :: (MonadIO m, Ord a, Parsable a) => Key -> m a -> Caveat -> m (Maybe (Either ValidationError Caveat)) |
| 53 | -- (.>=) = verifyOpBool "Strictly less" (>=) ">=" | 53 | -- (.>=) = verifyOpBool "Strictly less" (>=) ">=" |
| 54 | 54 | ||
| 55 | 55 | -- | Verify a Macaroon's signature and caveats, given the corresponding Secret | |
| 56 | verify :: MonadIO m => Key -> [Caveat -> m (Maybe (Either ValidationError Caveat))] -> Macaroon -> m (Either ValidationError Macaroon) | 56 | -- and verifiers. |
| 57 | -- | ||
| 58 | -- A verifier is a function of type | ||
| 59 | -- @'MonadIO' m => 'Caveat' -> m ('Maybe' ('Either' 'ValidatorError' 'Caveat'))@. | ||
| 60 | -- | ||
| 61 | -- It should return: | ||
| 62 | -- | ||
| 63 | -- * 'Nothing' if the caveat is not related to the verifier | ||
| 64 | -- (for instance a time verifier is given an action caveat); | ||
| 65 | -- * 'Just' ('Left' ('ParseError' reason)) if the verifier is related to the | ||
| 66 | -- caveat, but failed to parse it completely; | ||
| 67 | -- * 'Just' ('Left' ('ValidatorError' reason)) if the verifier is related to the | ||
| 68 | -- caveat, parsed it and invalidated it; | ||
| 69 | -- * 'Just' ('Right' '()') if the verifier has successfully verified the | ||
| 70 | -- given caveat | ||
| 71 | verify :: MonadIO m => Secret -> [Caveat -> m (Maybe (Either ValidationError ()))] -> Macaroon -> m (Either ValidationError Macaroon) | ||
| 57 | verify secret verifiers m = join <$> forM (verifySig secret m) (verifyCavs verifiers) | 72 | verify secret verifiers m = join <$> forM (verifySig secret m) (verifyCavs verifiers) |
| 58 | 73 | ||
| 59 | 74 | ||
| @@ -64,12 +79,12 @@ verify secret verifiers m = join <$> forM (verifySig secret m) (verifyCavs verif | |||
| 64 | -- where | 79 | -- where |
| 65 | -- valueParser = string op *> skipSpace *> takeByteString | 80 | -- valueParser = string op *> skipSpace *> takeByteString |
| 66 | 81 | ||
| 67 | verifyParser :: (MonadIO m) => Key -> Parser a -> (a -> m (Either ValidationError Win)) -> Caveat -> m (Maybe (Either ValidationError Caveat)) | 82 | -- verifyParser :: (MonadIO m) => Key -> Parser a -> (a -> m (Either ValidationError Win)) -> Caveat -> m (Maybe (Either ValidationError Caveat)) |
| 68 | verifyParser k p f c = case parseOnly keyParser . cid $ c of | 83 | -- verifyParser k p f c = case parseOnly keyParser . cid $ c of |
| 69 | Left _ -> return Nothing | 84 | -- Left _ -> return Nothing |
| 70 | Right bs -> Just <$> case parseOnly p bs of | 85 | -- Right bs -> Just <$> case parseOnly p bs of |
| 71 | Left err -> return $ Left $ ParseError err | 86 | -- Left err -> return $ Left $ ParseError err |
| 72 | Right a -> fmap (const c) <$> f a | 87 | -- Right a -> fmap (const c) <$> f a |
| 73 | where | 88 | -- where |
| 74 | keyParser = string k *> skipSpace *> takeByteString | 89 | -- keyParser = string k *> skipSpace *> takeByteString |
| 75 | 90 | ||