| Copyright | (c) Soostone Inc 2020 |
|---|---|
| License | AllRightsReserved |
| Stability | experimental |
| Portability | POSIX |
| Safe Haskell | None |
| Language | Haskell2010 |
Napkin.Auth.GoogleOAuth
Description
Synopsis
- type OAuth2TokenByteString = ByteString
- callbackUrlWhenNoXWindow :: Text
- displayCredentials :: (MonadIO m, MonadCatch m, Katip m) => OAuth2Env -> m (Maybe CredentialsJson)
- findCredentials :: (MonadIO m, MonadCatch m, Katip m) => OAuth2Env -> m (Maybe CredentialsJson)
- authResetWorkflow :: (MonadIO m, MonadCatch m, Katip m) => OAuth2Env -> m (Maybe CredentialsJson)
- toGCredential :: OAuth2Conf -> OAuth2Token -> GCredentials
- urlBuilder :: OAuth2Env -> URI
- o2CodeFromCLI :: OAuth2Env -> IO OAuth2CodeWithSource
- o2CodeUXhandler :: OAuth2Env -> IO OAuth2CodeWithSource
- o2TokenFromO2Code :: (MonadIO m, MonadCatch m, Katip m) => OAuth2Env -> OAuth2CodeWithSource -> m ByteString
- decodeO2Token :: MonadCatch m => OAuth2TokenByteString -> m OAuth2Token
- saveOAuth2Credentials :: MonadIO m => OAuth2Env -> ByteString -> m (Maybe CredentialsJson)
- authWorkflow :: (MonadIO m, MonadCatch m, Katip m) => OAuth2Env -> m (Maybe CredentialsJson)
Documentation
type OAuth2TokenByteString = ByteString #
Alias for OAuth2Token Lazy ByteString received from google oAuth service
callbackUrlWhenNoXWindow :: Text #
the google oAuth default callback URL this value will required the user to manually cut/paste the oAuth code, code received from google oAuth server, into the corresponding browser. We mostly use this approach for headless VMs See docs: https://developers.google.com/youtube/v3/live/guides/auth/installed-apps
displayCredentials :: (MonadIO m, MonadCatch m, Katip m) => OAuth2Env -> m (Maybe CredentialsJson) #
napkin show napkin effective credential file
findCredentials :: (MonadIO m, MonadCatch m, Katip m) => OAuth2Env -> m (Maybe CredentialsJson) #
napkin show napkin effective credential file
authResetWorkflow :: (MonadIO m, MonadCatch m, Katip m) => OAuth2Env -> m (Maybe CredentialsJson) #
napkin reset authentication workflow removes the previously cached napkin auth file for this project
toGCredential :: OAuth2Conf -> OAuth2Token -> GCredentials #
add the required client_id and client_secret to the oAuth token
urlBuilder :: OAuth2Env -> URI #
Build URL to send credentials to google authorization server. See step-3 https://cloud.google.com/community/tutorials/understanding-oauth2-and-deploy-a-basic-auth-srv-to-cloud-functions
o2CodeUXhandler :: OAuth2Env -> IO OAuth2CodeWithSource #
Step 4, Get Authorization code from google Authorization server see https://cloud.google.com/community/tutorials/understanding-oauth2-and-deploy-a-basic-auth-srv-to-cloud-functions
o2TokenFromO2Code :: (MonadIO m, MonadCatch m, Katip m) => OAuth2Env -> OAuth2CodeWithSource -> m ByteString #
Exchange authorization code for access token. Step 5 of the google oauth flow, see diagram https://cloud.google.com/community/tutorials/understanding-oauth2-and-deploy-a-basic-auth-srv-to-cloud-functions
Arguments
| :: MonadCatch m | |
| => OAuth2TokenByteString | oAuth2 token received from google oAuth backend |
| -> m OAuth2Token |
decode oAuth2Token
Arguments
| :: MonadIO m | |
| => OAuth2Env | |
| -> ByteString | Google Credential |
| -> m (Maybe CredentialsJson) |
creates credential file
We 1st create a temp credential file.
if we can create a Bigquery google environment, then the temp file is cashed for future use
authWorkflow :: (MonadIO m, MonadCatch m, Katip m) => OAuth2Env -> m (Maybe CredentialsJson) #
napkin authentication workflow The work-flow : + creates credential file and stores in OS $TMP folder + attempts to create google env and bigquery env + if success, cache the tmp file napkin well know location for future use.