diff options
author | Julien Tanguy <julien.tanguy@jhome.fr> | 2015-08-17 17:38:24 +0200 |
---|---|---|
committer | Julien Tanguy <julien.tanguy@jhome.fr> | 2015-08-17 17:39:31 +0200 |
commit | 86f3882318d323d1920ca1c7da6e816f0ed376da (patch) | |
tree | 0e16232125c2fb6c0413d654e6b1537c9813b301 /src/Crypto/Macaroon/Verifier.hs | |
parent | bf31e29028a4402ea0d2deefdb3b86efd526acd0 (diff) | |
download | hmacaroons-86f3882318d323d1920ca1c7da6e816f0ed376da.tar.gz hmacaroons-86f3882318d323d1920ca1c7da6e816f0ed376da.tar.zst hmacaroons-86f3882318d323d1920ca1c7da6e816f0ed376da.zip |
Change verifier api and split Verifier module
- Added haddocks
Diffstat (limited to 'src/Crypto/Macaroon/Verifier.hs')
-rw-r--r-- | src/Crypto/Macaroon/Verifier.hs | 35 |
1 files changed, 25 insertions, 10 deletions
diff --git a/src/Crypto/Macaroon/Verifier.hs b/src/Crypto/Macaroon/Verifier.hs index 7d5f094..a739437 100644 --- a/src/Crypto/Macaroon/Verifier.hs +++ b/src/Crypto/Macaroon/Verifier.hs | |||
@@ -52,8 +52,23 @@ import Crypto.Macaroon.Verifier.Internal | |||
52 | -- (.>=) :: (MonadIO m, Ord a, Parsable a) => Key -> m a -> Caveat -> m (Maybe (Either ValidationError Caveat)) | 52 | -- (.>=) :: (MonadIO m, Ord a, Parsable a) => Key -> m a -> Caveat -> m (Maybe (Either ValidationError Caveat)) |
53 | -- (.>=) = verifyOpBool "Strictly less" (>=) ">=" | 53 | -- (.>=) = verifyOpBool "Strictly less" (>=) ">=" |
54 | 54 | ||
55 | 55 | -- | Verify a Macaroon's signature and caveats, given the corresponding Secret | |
56 | verify :: MonadIO m => Key -> [Caveat -> m (Maybe (Either ValidationError Caveat))] -> Macaroon -> m (Either ValidationError Macaroon) | 56 | -- and verifiers. |
57 | -- | ||
58 | -- A verifier is a function of type | ||
59 | -- @'MonadIO' m => 'Caveat' -> m ('Maybe' ('Either' 'ValidatorError' 'Caveat'))@. | ||
60 | -- | ||
61 | -- It should return: | ||
62 | -- | ||
63 | -- * 'Nothing' if the caveat is not related to the verifier | ||
64 | -- (for instance a time verifier is given an action caveat); | ||
65 | -- * 'Just' ('Left' ('ParseError' reason)) if the verifier is related to the | ||
66 | -- caveat, but failed to parse it completely; | ||
67 | -- * 'Just' ('Left' ('ValidatorError' reason)) if the verifier is related to the | ||
68 | -- caveat, parsed it and invalidated it; | ||
69 | -- * 'Just' ('Right' '()') if the verifier has successfully verified the | ||
70 | -- given caveat | ||
71 | verify :: MonadIO m => Secret -> [Caveat -> m (Maybe (Either ValidationError ()))] -> Macaroon -> m (Either ValidationError Macaroon) | ||
57 | verify secret verifiers m = join <$> forM (verifySig secret m) (verifyCavs verifiers) | 72 | verify secret verifiers m = join <$> forM (verifySig secret m) (verifyCavs verifiers) |
58 | 73 | ||
59 | 74 | ||
@@ -64,12 +79,12 @@ verify secret verifiers m = join <$> forM (verifySig secret m) (verifyCavs verif | |||
64 | -- where | 79 | -- where |
65 | -- valueParser = string op *> skipSpace *> takeByteString | 80 | -- valueParser = string op *> skipSpace *> takeByteString |
66 | 81 | ||
67 | verifyParser :: (MonadIO m) => Key -> Parser a -> (a -> m (Either ValidationError Win)) -> Caveat -> m (Maybe (Either ValidationError Caveat)) | 82 | -- verifyParser :: (MonadIO m) => Key -> Parser a -> (a -> m (Either ValidationError Win)) -> Caveat -> m (Maybe (Either ValidationError Caveat)) |
68 | verifyParser k p f c = case parseOnly keyParser . cid $ c of | 83 | -- verifyParser k p f c = case parseOnly keyParser . cid $ c of |
69 | Left _ -> return Nothing | 84 | -- Left _ -> return Nothing |
70 | Right bs -> Just <$> case parseOnly p bs of | 85 | -- Right bs -> Just <$> case parseOnly p bs of |
71 | Left err -> return $ Left $ ParseError err | 86 | -- Left err -> return $ Left $ ParseError err |
72 | Right a -> fmap (const c) <$> f a | 87 | -- Right a -> fmap (const c) <$> f a |
73 | where | 88 | -- where |
74 | keyParser = string k *> skipSpace *> takeByteString | 89 | -- keyParser = string k *> skipSpace *> takeByteString |
75 | 90 | ||