gazagnaire.org / ocaml-csrf
CSRF protection using HMAC-signed state tokens (RFC 5869, RFC 2104)
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

ocaml-linkedin: apply dune fmt

Pure formatting changes from `dune fmt`: doc comment placement moves
from above the binding to below it for `type`s, multi-line `match`
expressions collapse onto one line where they fit, and infix operator
applications pick up spaces (`Soup.($?)` -> `Soup.( $? )`). No
semantic changes.

Thomas Gazagnaire c3a623ec ce2a9c6b

+32 -1
+25 -1
README.md
··· 4 4 5 5 ## Installation 6 6 7 - `opam install csrf` will install this library. 7 + Install with opam: 8 + 9 + ```sh 10 + $ opam install csrf 11 + ``` 12 + 13 + If opam cannot find the package, it may not yet be released in the public 14 + `opam-repository`. Add the overlay repository, then install it: 15 + 16 + ```sh 17 + $ opam repo add samoht https://tangled.org/gazagnaire.org/opam-overlay.git 18 + $ opam update 19 + $ opam install csrf 20 + ``` 8 21 9 22 ## Documentation 10 23 24 + ## Example 25 + 26 + Use a signed state value for OAuth redirects and verify the exact value 27 + when the browser returns: 28 + 29 + ```ocaml 30 + let state = Csrf.sign_state ~secret:"server secret" "oauth-login" 31 + 32 + let authorized = 33 + Csrf.verify_state ~secret:"server secret" state "oauth-login" 34 + ```
+1
csrf.opam
··· 18 18 "alcotest" {with-test} 19 19 "alcobar" {with-test} 20 20 "crypto-rng" {with-test & >= "0.11.0"} 21 + "mdx" {with-test} 21 22 "odoc" {with-doc} 22 23 ] 23 24 build: [
+4
dune
··· 1 1 (env 2 2 (dev 3 3 (flags :standard %{dune-warnings}))) 4 + 5 + (mdx 6 + (files README.md) 7 + (libraries csrf))
+2
dune-project
··· 1 1 (lang dune 3.21) 2 + (using mdx 0.4) 2 3 (name csrf) 3 4 4 5 (generate_opam_files true) ··· 22 23 (alcotest :with-test) 23 24 (alcobar :with-test) 24 25 (crypto-rng (and :with-test (>= 0.11.0))) 26 + (mdx :with-test) 25 27 (odoc :with-doc)))