Copyright | (c) 2015-2016 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay <brendan.g.hay@gmail.com> |
Stability | provisional |
Portability | non-portable (GHC extensions) |
Safe Haskell | None |
Language | Haskell2010 |
Credentials for Server to Server communication, such as between a deployed web application and a Google service.
Typically, an application uses a service account when the application uses Google services to work with its own data rather than a specific user's data.
Synopsis
- maxTokenLifetime :: Seconds
- metadataToken :: (MonadIO m, MonadCatch m) => ServiceId -> Logger -> Manager -> m (OAuthToken s)
- authorizedUserToken :: (MonadIO m, MonadCatch m) => AuthorizedUser -> Maybe RefreshToken -> Logger -> Manager -> m (OAuthToken s)
- serviceAccountToken :: (MonadIO m, MonadCatch m, AllowScopes s) => ServiceAccount -> proxy s -> Logger -> Manager -> m (OAuthToken s)
- encodeBearerJWT :: (MonadIO m, MonadThrow m, AllowScopes s) => ServiceAccount -> proxy s -> m ByteString
Documentation
maxTokenLifetime :: Seconds Source #
The maximum lifetime of a service_account
token which is 1 hour, in seconds.
metadataToken :: (MonadIO m, MonadCatch m) => ServiceId -> Logger -> Manager -> m (OAuthToken s) Source #
Obtain an OAuthToken
from the local instace metadata
using the specific ServiceId
.
For example: http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token
will be retrieved if the given ServiceId
is "default"
.
authorizedUserToken :: (MonadIO m, MonadCatch m) => AuthorizedUser -> Maybe RefreshToken -> Logger -> Manager -> m (OAuthToken s) Source #
Use the AuthorizedUser
to obtain a new OAuthToken
. If the supplied
RefreshToken
is Nothing
, the original RefreshToken
from the user will
be used.
serviceAccountToken :: (MonadIO m, MonadCatch m, AllowScopes s) => ServiceAccount -> proxy s -> Logger -> Manager -> m (OAuthToken s) Source #
Obtain an OAuthToken
from https://accounts.google.com/o/oauth2/v2/auth
by signing and sending a JSON Web Token (JWT) using the supplied ServiceAccount
.
encodeBearerJWT :: (MonadIO m, MonadThrow m, AllowScopes s) => ServiceAccount -> proxy s -> m ByteString Source #
Encode the supplied ServiceAccount
s key id, email, and scopes using the
private key in the JSON Web Token (JWT) format.