aboutsummaryrefslogtreecommitdiffhomepage
path: root/src/Crypto/Macaroon
diff options
context:
space:
mode:
Diffstat (limited to 'src/Crypto/Macaroon')
-rw-r--r--src/Crypto/Macaroon/Verifier.hs10
1 files changed, 7 insertions, 3 deletions
diff --git a/src/Crypto/Macaroon/Verifier.hs b/src/Crypto/Macaroon/Verifier.hs
index 4eedff5..02cb448 100644
--- a/src/Crypto/Macaroon/Verifier.hs
+++ b/src/Crypto/Macaroon/Verifier.hs
@@ -14,14 +14,14 @@ Portability : portable
14-} 14-}
15module Crypto.Macaroon.Verifier ( 15module Crypto.Macaroon.Verifier (
16 Verified(..) 16 Verified(..)
17 , CaveatVerifier(..) 17 , CaveatVerifier
18 , (<???>) 18 , (<???>)
19 , verifyMacaroon
19 , verifySig 20 , verifySig
20 , verifyExact 21 , verifyExact
21 , verifyFun 22 , verifyFun
22 , verifyCavs
23 -- , module Data.Attoparsec.ByteString
24 , module Data.Attoparsec.ByteString.Char8 23 , module Data.Attoparsec.ByteString.Char8
24 , verifyCavs
25) where 25) where
26 26
27 27
@@ -66,6 +66,10 @@ verifySig k m = bool Failed Ok $
66 hash s c = toBytes (hmac s (vid c `BS.append` cid c) :: HMAC SHA256) 66 hash s c = toBytes (hmac s (vid c `BS.append` cid c) :: HMAC SHA256)
67 derivedKey = toBytes (hmac "macaroons-key-generator" k :: HMAC SHA256) 67 derivedKey = toBytes (hmac "macaroons-key-generator" k :: HMAC SHA256)
68 68
69verifyMacaroon :: Key -> [CaveatVerifier] -> Macaroon -> Verified
70verifyMacaroon secret verifiers m = verifySig secret m `mappend` verifyCavs verifiers m
71
72
69verifyCavs :: [CaveatVerifier] -> Macaroon -> Verified 73verifyCavs :: [CaveatVerifier] -> Macaroon -> Verified
70verifyCavs verifiers m = foldMap (\c -> fromMaybe Failed $ foldMap (($ c) . vFun) verifiers) (caveats m) 74verifyCavs verifiers m = foldMap (\c -> fromMaybe Failed $ foldMap (($ c) . vFun) verifiers) (caveats m)
71 75