diff options
Diffstat (limited to 'src/Crypto/Macaroon')
-rw-r--r-- | src/Crypto/Macaroon/Verifier.hs | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/Crypto/Macaroon/Verifier.hs b/src/Crypto/Macaroon/Verifier.hs index 4eedff5..02cb448 100644 --- a/src/Crypto/Macaroon/Verifier.hs +++ b/src/Crypto/Macaroon/Verifier.hs | |||
@@ -14,14 +14,14 @@ Portability : portable | |||
14 | -} | 14 | -} |
15 | module Crypto.Macaroon.Verifier ( | 15 | module Crypto.Macaroon.Verifier ( |
16 | Verified(..) | 16 | Verified(..) |
17 | , CaveatVerifier(..) | 17 | , CaveatVerifier |
18 | , (<???>) | 18 | , (<???>) |
19 | , verifyMacaroon | ||
19 | , verifySig | 20 | , verifySig |
20 | , verifyExact | 21 | , verifyExact |
21 | , verifyFun | 22 | , verifyFun |
22 | , verifyCavs | ||
23 | -- , module Data.Attoparsec.ByteString | ||
24 | , module Data.Attoparsec.ByteString.Char8 | 23 | , module Data.Attoparsec.ByteString.Char8 |
24 | , verifyCavs | ||
25 | ) where | 25 | ) where |
26 | 26 | ||
27 | 27 | ||
@@ -66,6 +66,10 @@ verifySig k m = bool Failed Ok $ | |||
66 | hash s c = toBytes (hmac s (vid c `BS.append` cid c) :: HMAC SHA256) | 66 | hash s c = toBytes (hmac s (vid c `BS.append` cid c) :: HMAC SHA256) |
67 | derivedKey = toBytes (hmac "macaroons-key-generator" k :: HMAC SHA256) | 67 | derivedKey = toBytes (hmac "macaroons-key-generator" k :: HMAC SHA256) |
68 | 68 | ||
69 | verifyMacaroon :: Key -> [CaveatVerifier] -> Macaroon -> Verified | ||
70 | verifyMacaroon secret verifiers m = verifySig secret m `mappend` verifyCavs verifiers m | ||
71 | |||
72 | |||
69 | verifyCavs :: [CaveatVerifier] -> Macaroon -> Verified | 73 | verifyCavs :: [CaveatVerifier] -> Macaroon -> Verified |
70 | verifyCavs verifiers m = foldMap (\c -> fromMaybe Failed $ foldMap (($ c) . vFun) verifiers) (caveats m) | 74 | verifyCavs verifiers m = foldMap (\c -> fromMaybe Failed $ foldMap (($ c) . vFun) verifiers) (caveats m) |
71 | 75 | ||