Add org API client

package.yaml

@@ -110,6 +110,7 @@ dependencies:
 - servant
 - servant-auth
 - servant-client
+- servant-client-core
 - servant-server
 - servant-conduit
 - serialise

share-api.cabal

@@ -187,6 +187,7 @@ library
       Share.Web.Share.Tickets.Impl
       Share.Web.Share.Tickets.Types
       Share.Web.Share.Types
+      Share.Web.Share.Users.API
       Share.Web.Support.API
       Share.Web.Support.Impl
       Share.Web.Support.Types
@@ -310,6 +311,7 @@ library
     , servant
     , servant-auth
     , servant-client
+    , servant-client-core
     , servant-conduit
     , servant-server
     , share-auth
@@ -466,6 +468,7 @@ executable share-api
     , servant
     , servant-auth
     , servant-client
+    , servant-client-core
     , servant-conduit
     , servant-server
     , share-api

share-auth/src/Share/OAuth/Session.hs

@@ -29,6 +29,7 @@ where
 import Control.Applicative
 import Control.Monad.Random
 import Control.Monad.Trans.Maybe (MaybeT (..))
+import Crypto.JWT qualified as JWT
 import Data.Aeson
 import Data.Aeson qualified as Aeson
 import Data.Binary
@@ -46,6 +47,7 @@ import Network.HTTP.Types qualified as Network
 import Network.URI
 import Network.Wai qualified as Wai
 import Servant
+import Servant.Client.Core.Auth qualified as ServantAuth
 import Servant.Server.Experimental.Auth qualified as ServantAuth
 import Share.JWT
 import Share.OAuth.Types
@@ -63,6 +65,8 @@ type AuthenticatedSession = Servant.AuthProtect "require-session"
 
 type instance ServantAuth.AuthServerData (Servant.AuthProtect "require-session") = Session
 
+type instance ServantAuth.AuthClientData (Servant.AuthProtect "require-session") = JWT.SignedJWT
+
 -- | Requires a valid session cookie to be present in the request,
 -- provides the authenticated user's user-id as an argument to the handler
 --
@@ -71,6 +75,8 @@ type AuthenticatedUserId = Servant.AuthProtect "require-user-id"
 
 type instance ServantAuth.AuthServerData (AuthProtect "require-user-id") = UserId
 
+type instance ServantAuth.AuthClientData (AuthProtect "require-user-id") = JWT.SignedJWT
+
 -- | Used for endpoints with optional auth.
 -- Provides 'Just' the session if a valid session cookie is present in the request,
 -- otherwise provides 'Nothing'.
@@ -80,13 +86,17 @@ type MaybeAuthenticatedSession = Servant.AuthProtect "maybe-session"
 
 type instance ServantAuth.AuthServerData (AuthProtect "maybe-session") = Maybe Session
 
+type instance ServantAuth.AuthClientData (AuthProtect "maybe-session") = Maybe JWT.SignedJWT
+
 -- | Used for endpoints with optional auth.
 -- Provides 'Just' the user ID if a valid session cookie is present in the request,
 -- otherwise provides 'Nothing'.
 type MaybeAuthenticatedUserId = Servant.AuthProtect "maybe-user-id"
 
 type instance ServantAuth.AuthServerData (AuthProtect "maybe-user-id") = Maybe UserId
 
+type instance ServantAuth.AuthClientData (AuthProtect "maybe-user-id") = Maybe JWT.SignedJWT
+
 -- | An additional check to perform on a session. Returns True if valid, False otherwise.
 type SessionCheck = (Session -> Handler Bool)
 

share-auth/src/Share/OAuth/Types.hs

@@ -42,15 +42,15 @@ import Data.Text (Text)
 import Data.Text qualified as Text
 import Data.Time (NominalDiffTime)
 import Data.UUID (UUID)
+import GHC.TypeLits (Symbol, symbolVal)
+import Hasql.Interpolate qualified as Hasql
+import Servant
 import Share.JWT.Types
 import Share.OAuth.Scopes
 import Share.Utils.Binary (JSONBinary (..))
 import Share.Utils.IDs
 import Share.Utils.Show (Censored (..))
 import Share.Utils.URI (URIParam)
-import GHC.TypeLits (Symbol, symbolVal)
-import Hasql.Interpolate qualified as Hasql
-import Servant
 import Web.FormUrlEncoded (FromForm (..), ToForm (..))
 import Web.FormUrlEncoded qualified as Form
 
@@ -117,10 +117,17 @@ newtype PKCEVerifier = PKCEVerifier Text
   deriving (Show) via Text
 
 data ResponseType = ResponseTypeCode
+  deriving stock (Show, Eq, Ord)
 
 instance ToJSON ResponseType where
   toJSON ResponseTypeCode = Aeson.String "code"
 
+instance FromJSON ResponseType where
+  parseJSON = Aeson.withText "ResponseType" $ \txt -> do
+    case Text.toLower txt of
+      "code" -> pure ResponseTypeCode
+      _ -> fail $ "Unsupported response_type: " <> Text.unpack txt
+
 instance ToHttpApiData ResponseType where
   toQueryParam = \case
     ResponseTypeCode -> "code"

share-client/LICENSE

@@ -0,0 +1,19 @@
+Copyright (c) 2024, Unison Computing, public benefit corp and contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

share-client/README.md

@@ -0,0 +1 @@
+# share-client

share-client/Setup.hs

@@ -0,0 +1,3 @@
+import Distribution.Simple
+
+main = defaultMain

share-client/package.yaml

@@ -0,0 +1,73 @@
+name:                share-client
+version:             0.1.0.0
+github:              "unisoncomputing/share-api"
+author:              "Unison Computing"
+maintainer:          "Unison Computing"
+copyright:           "2024 Unison Computing"
+
+extra-source-files:
+- README.md
+
+# Metadata used when publishing your package
+# synopsis:            Short description of your package
+# category:            Web
+
+# To avoid duplicated efforts in documentation and dealing with the
+# complications of embedding Haddock markup inside cabal files, it is
+# common to point users to the README.md file.
+description:         Please see the README on GitHub at <https://github.com/unisoncomputing/share-api#readme>
+
+ghc-options:
+- -Wall
+- -Werror
+- -Wno-name-shadowing
+- -Wno-type-defaults
+- -Wno-missing-pattern-synonym-signatures
+- -fprint-expanded-synonyms
+- -fwrite-ide-info
+- -O2
+- -funbox-strict-fields
+
+default-extensions:
+  - ApplicativeDo
+  - BangPatterns
+  - BlockArguments
+  - DeriveFunctor
+  - DeriveGeneric
+  - DeriveFoldable
+  - DeriveTraversable
+  - DerivingStrategies
+  - DerivingVia
+  - DoAndIfThenElse
+  - FlexibleContexts
+  - FlexibleInstances
+  - GeneralizedNewtypeDeriving
+  - InstanceSigs
+  - LambdaCase
+  - MultiParamTypeClasses
+  - NamedFieldPuns
+  - OverloadedStrings
+  - PatternSynonyms
+  - RankNTypes
+  - ScopedTypeVariables
+  - TupleSections
+  - TypeApplications
+  - ViewPatterns
+  - QuasiQuotes
+  - BlockArguments
+  - QuasiQuotes
+  - ImportQualifiedPost
+
+dependencies:
+- base >= 4.7 && < 5
+- jose
+- servant
+- servant-client
+- servant-client-core
+- share-auth
+- share-api
+- text
+- wai
+
+library:
+  source-dirs: src

share-client/share-client.cabal

@@ -0,0 +1,74 @@
+cabal-version: 1.12
+
+-- This file has been generated from package.yaml by hpack version 0.37.0.
+--
+-- see: https://github.com/sol/hpack
+
+name:           share-client
+version:        0.1.0.0
+description:    Please see the README on GitHub at <https://github.com/unisoncomputing/share-api#readme>
+homepage:       https://github.com/unisoncomputing/share-api#readme
+bug-reports:    https://github.com/unisoncomputing/share-api/issues
+author:         Unison Computing
+maintainer:     Unison Computing
+copyright:      2024 Unison Computing
+license:        MIT
+license-file:   LICENSE
+build-type:     Simple
+extra-source-files:
+    README.md
+
+source-repository head
+  type: git
+  location: https://github.com/unisoncomputing/share-api
+
+library
+  exposed-modules:
+      Share.Client.Orgs
+      Share.Client.Users
+      Share.Client.Utils
+  other-modules:
+      Paths_share_client
+  hs-source-dirs:
+      src
+  default-extensions:
+      ApplicativeDo
+      BangPatterns
+      BlockArguments
+      DeriveFunctor
+      DeriveGeneric
+      DeriveFoldable
+      DeriveTraversable
+      DerivingStrategies
+      DerivingVia
+      DoAndIfThenElse
+      FlexibleContexts
+      FlexibleInstances
+      GeneralizedNewtypeDeriving
+      InstanceSigs
+      LambdaCase
+      MultiParamTypeClasses
+      NamedFieldPuns
+      OverloadedStrings
+      PatternSynonyms
+      RankNTypes
+      ScopedTypeVariables
+      TupleSections
+      TypeApplications
+      ViewPatterns
+      QuasiQuotes
+      BlockArguments
+      QuasiQuotes
+      ImportQualifiedPost
+  ghc-options: -Wall -Werror -Wno-name-shadowing -Wno-type-defaults -Wno-missing-pattern-synonym-signatures -fprint-expanded-synonyms -fwrite-ide-info -O2 -funbox-strict-fields
+  build-depends:
+      base >=4.7 && <5
+    , jose
+    , servant
+    , servant-client
+    , servant-client-core
+    , share-api
+    , share-auth
+    , text
+    , wai
+  default-language: Haskell2010