diff --git a/flake.lock b/flake.lock index b0296f5f3..01ac3b175 100644 --- a/flake.lock +++ b/flake.lock @@ -516,7 +516,6 @@ "serversession": "serversession", "xss-sanitize": "xss-sanitize", "yesod": "yesod", - "yesod-auth-oauth2": "yesod-auth-oauth2", "zip-stream": "zip-stream" } }, @@ -602,23 +601,6 @@ "url": "https://gitlab.uniworx.de/haskell/yesod.git" } }, - "yesod-auth-oauth2": { - "flake": false, - "locked": { - "lastModified": 1717165233, - "narHash": "sha256-j12y/Tjqv6aqQDqjlXElECmormeAgnjZ8WIfnEGZHvU=", - "ref": "ghc-8.10.4", - "rev": "1a67089e5c075ca9474a647bbf26c3354c49036a", - "revCount": 416, - "type": "git", - "url": "https://gitlab.uniworx.de/haskell/yesod-auth-oauth2.git" - }, - "original": { - "ref": "ghc-8.10.4", - "type": "git", - "url": "https://gitlab.uniworx.de/haskell/yesod-auth-oauth2.git" - } - }, "zip-stream": { "flake": false, "locked": { diff --git a/flake.nix b/flake.nix index ba356dbe0..96d62d5ae 100644 --- a/flake.nix +++ b/flake.nix @@ -76,10 +76,11 @@ url = "git+https://gitlab.uniworx.de/haskell/yesod.git?ref=uni2work"; flake = false; }; - yesod-auth-oauth2 = { - url = "git+https://gitlab.uniworx.de/haskell/yesod-auth-oauth2.git?ref=ghc-8.10.4"; - flake = false; - }; + # TODO: does not function due to missing dependencies in snapshot + # yesod-auth-oauth2 = { + # url = "git+https://gitlab.uniworx.de/haskell/yesod-auth-oauth2.git?ref=ghc-8.10.4"; + # flake = false; + # }; cryptonite = { url = "git+https://gitlab.uniworx.de/haskell/cryptonite.git?ref=uni2work"; flake = false; diff --git a/nix/uniworx/backend.nix b/nix/uniworx/backend.nix index fdd129cd9..722f912a8 100644 --- a/nix/uniworx/backend.nix +++ b/nix/uniworx/backend.nix @@ -7,7 +7,7 @@ with prev.lib; let - haskellInputs = ["encoding" "memcached-binary" "conduit-resumablesink" "HaskellNet-SSL" "ldap-client" "serversession" "xss-sanitize" "colonnade" "minio-hs" "cryptoids" "zip-stream" "yesod" "cryptonite" "esqueleto" "yesod-auth-oauth2"]; + haskellInputs = ["encoding" "memcached-binary" "conduit-resumablesink" "HaskellNet-SSL" "ldap-client" "serversession" "xss-sanitize" "colonnade" "minio-hs" "cryptoids" "zip-stream" "yesod" "cryptonite" "esqueleto"]; in { uniworx = final.haskell-nix.stackProject { src = prev.stdenv.mkDerivation { @@ -54,7 +54,6 @@ in { yesod-form.src = "${inputs.yesod}/yesod-form"; yesod-auth.src = "${inputs.yesod}/yesod-auth"; yesod-test.src = "${inputs.yesod}/yesod-test"; - yesod-auth-oauth2.src = inputs.yesod-auth-oauth2; cryptonite.src = inputs.cryptonite; esqueleto.src = inputs.esqueleto; }; diff --git a/src/Application.hs b/src/Application.hs index 61adb291f..225957aa7 100644 --- a/src/Application.hs +++ b/src/Application.hs @@ -101,7 +101,7 @@ import UnliftIO.Pool import qualified Web.ServerSession.Backend.Acid as Acid import Web.ServerSession.Core (StorageException(..)) -import Yesod.Auth.OAuth2.AzureADv2 (oauth2AzureADv2Scoped) +import Yesod.Auth.OAuth2.AzureAD (oauth2AzureADScoped) import Yesod.Auth.Util.PasswordStore import qualified Yesod.Core.Types as Yesod (Logger(..)) @@ -328,7 +328,7 @@ makeFoundation appSettings''@AppSettings{..} = do #ifdef DEVELOPMENT oauth2Plugins <- liftIO $ sequence [ (azureMockServer . fromJust) <$> lookupEnv "OAUTH2_SERVER_PORT" - , return $ oauth2AzureADv2Scoped ["openid", "profile", "offline_access"] "42" "42" "shhh" + , return $ oauth2AzureADScoped ["openid", "profile", "offline_access"] "42" "shhh" ] #else -- let -- Auth Plugins @@ -346,7 +346,7 @@ makeFoundation appSettings''@AppSettings{..} = do oauth2Plugins <- if | UserAuthConfSingleSource (AuthSourceConfAzureAdV2 AzureConf{..}) <- appUserAuthConf -> do $logInfoS "OAuth2" "Successfully parsed OAuth2 config from AppSettings" - return . singleton $ oauth2AzureADv2Scoped (Set.toList azureConfScopes) (tshow azureConfClientId) azureConfClientSecret + return . singleton $ oauth2AzureADScoped (Set.toList azureConfScopes) (tshow azureConfClientId) azureConfClientSecret | otherwise -> do when appSingleSignOn $ do $logErrorS "OAuth2" "SingleSignOn via AzureADv2 is enabled, but user-auth config could not be parsed!" diff --git a/src/Auth/OAuth2.hs b/src/Auth/OAuth2.hs index d7cddca2b..765fe7636 100644 --- a/src/Auth/OAuth2.hs +++ b/src/Auth/OAuth2.hs @@ -122,15 +122,15 @@ instance FromJSON UserID where azureMockServer :: YesodAuth m => String -> AuthPlugin m azureMockServer port = let oa = OAuth2 - { oauth2ClientId = "42" - , oauth2ClientSecret = Just "shhh" - , oauth2AuthorizeEndpoint = fromString (mockServerURL <> "/auth") + { oauthClientId = "42" + , oauthClientSecret = Just "shhh" + , oauthOAuthorizeEndpoint = fromString (mockServerURL <> "/auth") `withQuery` [ scopeParam " " ["openid", "profile", "email", "offline_access"] -- TODO read scopes from config , ("response_type", "code id_token") , ("nonce", "Foo") -- TODO generate meaningful value ] - , oauth2TokenEndpoint = fromString $ mockServerURL <> "/token" - , oauth2RedirectUri = Nothing -- TODO use approot as redirect uri? + , oauthAccessTokenEndpoint = fromString $ mockServerURL <> "/token" + , oauthCallback = Nothing -- TODO use approot as redirect uri? } mockServerURL = "http://localhost:" <> fromString port profileSrc = fromString $ mockServerURL <> "/users/me" diff --git a/stack-flake.yaml b/stack-flake.yaml index 38c9f3c75..dfd2ddefb 100644 --- a/stack-flake.yaml +++ b/stack-flake.yaml @@ -45,7 +45,6 @@ extra-deps: - @yesod@/yesod-auth - @yesod@/yesod-test - @yesod@/yesod - - @yesod-auth-oauth2@ - @cryptonite@ - @esqueleto@ @@ -56,6 +55,8 @@ extra-deps: subdirs: - gearhash - fastcdc + - git: https://github.com/freckle/yesod-auth-oauth2.git + commit: 342dac80e40b10f07694a7e9aa8bab6d03ed6d66 - classy-prelude-yesod-1.5.0@sha256:8f7e183bdfd6d2ea9674284c4f285294ab086aff60d9be4e5d7d2f3c1a2b05b7,1330 - acid-state-0.16.0.1@sha256:d43f6ee0b23338758156c500290c4405d769abefeb98e9bc112780dae09ece6f,6207 diff --git a/stack.yaml b/stack.yaml index ae115f3a8..dc195001f 100644 --- a/stack.yaml +++ b/stack.yaml @@ -88,8 +88,8 @@ extra-deps: - yesod-eventsource - yesod-websockets - - git: https://gitlab.uniworx.de/haskell/yesod-auth-oauth2.git - commit: da676b530887306b645d0170f82e7dd0611d9601 + - git: https://github.com/freckle/yesod-auth-oauth2 + commit: 342dac80e40b10f07694a7e9aa8bab6d03ed6d66 - git: https://gitlab.uniworx.de/haskell/cryptonite.git commit: 71a630edaf5f22c464e24fac8d9d310f4055ea1f diff --git a/stack.yaml.lock b/stack.yaml.lock index 790fa625f..40712391d 100644 --- a/stack.yaml.lock +++ b/stack.yaml.lock @@ -416,16 +416,16 @@ packages: git: https://gitlab.uniworx.de/haskell/yesod.git subdir: yesod-websockets - completed: - commit: da676b530887306b645d0170f82e7dd0611d9601 - git: https://gitlab.uniworx.de/haskell/yesod-auth-oauth2.git + commit: 342dac80e40b10f07694a7e9aa8bab6d03ed6d66 + git: https://github.com/freckle/yesod-auth-oauth2 name: yesod-auth-oauth2 pantry-tree: - sha256: cac5ec87651ea76e9052742b0a05598f7133ce405a8052c813c81741b3b2d667 - size: 4652 - version: 0.7.3.0 + sha256: 22e8be5c8128e2f0fb976cb904ac93cefb49e6feef6bcadb7746641be11dcb13 + size: 3054 + version: 0.6.3.4 original: - commit: da676b530887306b645d0170f82e7dd0611d9601 - git: https://gitlab.uniworx.de/haskell/yesod-auth-oauth2.git + commit: 342dac80e40b10f07694a7e9aa8bab6d03ed6d66 + git: https://github.com/freckle/yesod-auth-oauth2 - completed: commit: 71a630edaf5f22c464e24fac8d9d310f4055ea1f git: https://gitlab.uniworx.de/haskell/cryptonite.git