diff -ru orig/authenticate-oauth.cabal new/authenticate-oauth.cabal --- orig/authenticate-oauth.cabal 2014-02-21 07:19:28.878548521 +0200 +++ new/authenticate-oauth.cabal 2014-02-21 07:19:28.000000000 +0200 @@ -19,7 +19,7 @@ , transformers >= 0.1 && < 0.4 , bytestring >= 0.9 , crypto-pubkey-types >= 0.1 && < 0.5 - , RSA >= 1.2 && < 1.3 + , RSA >= 1.2 && < 2.1 , time , data-default , base64-bytestring >= 0.1 && < 1.1 diff -ru orig/Web/Authenticate/OAuth.hs new/Web/Authenticate/OAuth.hs --- orig/Web/Authenticate/OAuth.hs 2014-02-21 07:19:28.874548521 +0200 +++ new/Web/Authenticate/OAuth.hs 2014-02-21 07:19:28.000000000 +0200 @@ -1,5 +1,5 @@ -{-# LANGUAGE CPP, DeriveDataTypeable, FlexibleContexts, MultiParamTypeClasses #-} -{-# LANGUAGE OverloadedStrings, StandaloneDeriving #-} +{-# LANGUAGE DeriveDataTypeable, OverloadedStrings, StandaloneDeriving, FlexibleContexts #-} +{-# LANGUAGE CPP #-} {-# OPTIONS_GHC -Wall -fno-warn-orphans #-} module Web.Authenticate.OAuth ( -- * Data types @@ -15,48 +15,50 @@ authorizeUrl, authorizeUrl', getAccessToken, getTemporaryCredential, getTokenCredential, getTemporaryCredentialWithScope, getAccessTokenProxy, getTemporaryCredentialProxy, - getTokenCredentialProxy, + getTokenCredentialProxy, getAccessToken', getTemporaryCredential', -- * Utility Methods paramEncode, addScope, addMaybeProxy ) where -import Blaze.ByteString.Builder (toByteString, Builder) -import Codec.Crypto.RSA (ha_SHA1, rsassa_pkcs1_v1_5_sign) -import Control.Exception -import Control.Monad -import Control.Monad.IO.Class (MonadIO, liftIO) -import Control.Monad.Trans.Control -import Control.Monad.Trans.Resource -import Crypto.Types.PubKey.RSA (PrivateKey (..), PublicKey (..)) -import Data.ByteString.Base64 -import qualified Data.ByteString.Char8 as BS -import qualified Data.ByteString.Lazy.Char8 as BSL -import Data.Char -import Data.Conduit (Source, ($$), ($=)) -import Data.Conduit.Blaze (builderToByteString) -import qualified Data.Conduit.List as CL -import Data.Default -import Data.Digest.Pure.SHA -import qualified Data.IORef as I -import Data.List (sortBy) -import Data.Maybe -import Data.Time -import Network.HTTP.Conduit -import Network.HTTP.Types (SimpleQuery, parseSimpleQuery) -import Network.HTTP.Types (Header) -import Network.HTTP.Types (renderSimpleQuery, status200) -import Numeric -import System.Random -#if MIN_VERSION_base(4,7,0) -import Data.Data hiding (Proxy (..)) -#else +import Network.HTTP.Conduit import Data.Data +import qualified Data.ByteString.Char8 as BS +import qualified Data.ByteString.Lazy.Char8 as BSL +import Data.Maybe +import Network.HTTP.Types (parseSimpleQuery, SimpleQuery) +import Control.Exception +import Control.Monad +import Data.List (sortBy) +import System.Random +import Data.Char +import Data.Digest.Pure.SHA +import Data.ByteString.Base64 +import Data.Time +import Numeric +#if MIN_VERSION_RSA(2, 0, 0) +import Codec.Crypto.RSA (rsassa_pkcs1_v1_5_sign, hashSHA1) +#else +import Codec.Crypto.RSA (rsassa_pkcs1_v1_5_sign, ha_SHA1) #endif +import Crypto.Types.PubKey.RSA (PrivateKey(..), PublicKey(..)) +import Network.HTTP.Types (Header) +import Blaze.ByteString.Builder (toByteString) +import Control.Monad.IO.Class (MonadIO) +import Network.HTTP.Types (renderSimpleQuery, status200) +import Data.Conduit (($$), ($=), Source) +import qualified Data.Conduit.List as CL +import Data.Conduit.Blaze (builderToByteString) +import Blaze.ByteString.Builder (Builder) +import Control.Monad.IO.Class (liftIO) +import Control.Monad.Trans.Control +import Control.Monad.Trans.Resource +import Data.Default +import qualified Data.IORef as I -- | Data type for OAuth client (consumer). --- --- The constructor for this data type is not exposed. --- Instead, you should use the 'def' method or 'newOAuth' function to retrieve a default instance, +-- +-- The constructor for this data type is not exposed. +-- Instead, you should use the 'def' method or 'newOAuth' function to retrieve a default instance, -- and then use the records below to make modifications. -- This approach allows us to add configuration options without breaking backwards compatibility. data OAuth = OAuth { oauthServerName :: String -- ^ Service name (default: @\"\"@) @@ -71,7 +73,7 @@ , oauthAuthorizeUri :: String -- ^ Uri to authorize (default: @\"\"@). -- You MUST specify if you use 'authorizeUrl' or 'authorizeZUrl''; - -- otherwise you can just leave this empty. + -- otherwise you can just leave this empty. , oauthSignatureMethod :: SignMethod -- ^ Signature Method (default: 'HMACSHA1') , oauthConsumerKey :: BS.ByteString @@ -188,7 +190,7 @@ getTemporaryCredential' hook oa manager = do let req = fromJust $ parseUrl $ oauthRequestUri oa crd = maybe id (insert "oauth_callback") (oauthCallback oa) $ emptyCredential - req' <- signOAuth oa crd $ hook (req { method = "POST" }) + req' <- signOAuth oa crd $ hook (req { method = "POST" }) rsp <- httpLbs req' manager if responseStatus rsp == status200 then do @@ -211,7 +213,7 @@ -> String -- ^ URL to authorize authorizeUrl' f oa cr = oauthAuthorizeUri oa ++ BS.unpack (renderSimpleQuery True queries) where fixed = ("oauth_token", token cr):f oa cr - queries = + queries = case oauthCallback oa of Nothing -> fixed Just callback -> ("oauth_callback", callback):fixed @@ -346,7 +348,11 @@ PLAINTEXT -> return $ BS.intercalate "&" $ map paramEncode [oauthConsumerSecret oa, tokenSecret tok] RSASHA1 pr -> +#if MIN_VERSION_RSA(2, 0, 0) + liftM (encode . toStrict . rsassa_pkcs1_v1_5_sign hashSHA1 pr) (getBaseString tok req) +#else liftM (encode . toStrict . rsassa_pkcs1_v1_5_sign ha_SHA1 pr) (getBaseString tok req) +#endif #if MIN_VERSION_http_conduit(2, 0, 0) addAuthHeader :: BS.ByteString -> Credential -> Request -> Request