5 -- |Manipulation of WWW authentication.
6 module Network.HTTP.Lucu.Authentication
17 import Data.Ascii (Ascii)
18 import qualified Data.Ascii as A
19 import Data.Attoparsec.Char8
20 import qualified Data.ByteString.Base64 as B64
21 import qualified Data.ByteString.Char8 as C8
22 import Data.Monoid.Unicode
23 import Network.HTTP.Lucu.Parser.Http
24 import Network.HTTP.Lucu.Utils
25 import Prelude.Unicode
27 -- |Authorization challenge to be sent to client with
28 -- \"WWW-Authenticate\" header. See
29 -- 'Network.HTTP.Lucu.Resource.setWWWAuthenticate'.
31 = BasicAuthChallenge !Realm
34 -- |'Realm' is just a string which must not contain any non-ASCII letters.
37 -- |Authorization credential to be sent by client with
38 -- \"Authorization\" header. See
39 -- 'Network.HTTP.Lucu.Resource.getAuthorization'.
41 = BasicAuthCredential !UserID !Password
44 -- |'UserID' is just a string which must not contain colon and any
48 -- |'Password' is just a string which must not contain any non-ASCII
52 -- |Convert an 'AuthChallenge' to 'Ascii'.
53 printAuthChallenge ∷ AuthChallenge → Ascii
54 printAuthChallenge (BasicAuthChallenge realm)
55 = A.fromAsciiBuilder $
56 A.toAsciiBuilder "Basic realm=" ⊕ quoteStr realm
58 authCredentialP ∷ Parser AuthCredential
60 = do _ ← string "Basic"
62 b64 ← takeWhile1 base64
63 case C8.break (≡ ':') (B64.decodeLenient b64) of
66 → fail "no colons in the basic auth credential"
69 p ← asc (C8.tail cPassword)
70 return (BasicAuthCredential u p)
73 base64 = inClass "a-zA-Z0-9+/="
75 asc ∷ C8.ByteString → Parser Ascii
76 asc bs = case A.fromByteString bs of
78 Nothing → fail "Non-ascii character in auth credential"