From 684646e3dbd16682c70b8e5cbeef481f9afa3801 Mon Sep 17 00:00:00 2001
From: Philipp Balzarek <p.balzarek@googlemail.com>
Date: Tue, 12 Jun 2012 20:55:53 +0200
Subject: [PATCH] split auth in auth (takes mechanism list) and simpleAuth
 (defaults to Scram and DigestMd5) swap authzic and authcid parameters in
 DigestMd5

---
 source/Network/Xmpp.hs                        | 36 +++++++++++++------
 .../Network/Xmpp/Sasl/Mechanisms/DigestMd5.hs |  6 ++--
 2 files changed, 28 insertions(+), 14 deletions(-)

diff --git a/source/Network/Xmpp.hs b/source/Network/Xmpp.hs
index a5dc23a..e651f32 100644
--- a/source/Network/Xmpp.hs
+++ b/source/Network/Xmpp.hs
@@ -170,15 +170,29 @@ import           Control.Monad.Error
 connect :: HostName -> Text -> XmppConMonad (Either StreamError ())
 connect  address hostname = xmppRawConnect address hostname >> xmppStartStream
 
+
+-- | Authenticate to the server using the first matching method and bind a
+-- resource.
+auth :: [SaslHandler]
+     -> Maybe Text
+     -> XmppConMonad (Either AuthError Jid)
+auth mechanisms resource = runErrorT $ do
+    ErrorT $ xmppSasl mechanisms
+    jid <- lift $ xmppBind resource
+    lift $ xmppStartSession
+    return jid
+
 -- | Authenticate to the server with the given username and password
--- and bind a resource
-auth  :: Text.Text  -- ^ The username
-      -> Text.Text  -- ^ The password
-      -> Maybe Text -- ^ The desired resource or 'Nothing' to let the server
-                    -- assign one
-      -> XmppConMonad (Either AuthError Jid)
-auth username passwd resource = runErrorT $ do
-        ErrorT $ xmppSasl [scramSha1 username Nothing passwd]
-        jid <- lift $ xmppBind resource
-        lift $ xmppStartSession
-        return jid
+-- and bind a resource.
+--
+-- Prefers SCRAM-SHA1 over DIGEST-MD5.
+simpleAuth  :: Text.Text  -- ^ The username
+            -> Text.Text  -- ^ The password
+            -> Maybe Text -- ^ The desired resource or 'Nothing' to let the
+                          -- server assign one
+            -> XmppConMonad (Either AuthError Jid)
+simpleAuth username passwd resource = flip auth resource $
+        [ -- TODO: scramSha1Plus
+          scramSha1 username Nothing passwd
+        , digestMd5 username Nothing passwd
+        ]
diff --git a/source/Network/Xmpp/Sasl/Mechanisms/DigestMd5.hs b/source/Network/Xmpp/Sasl/Mechanisms/DigestMd5.hs
index 2d0facb..31e68f8 100644
--- a/source/Network/Xmpp/Sasl/Mechanisms/DigestMd5.hs
+++ b/source/Network/Xmpp/Sasl/Mechanisms/DigestMd5.hs
@@ -128,10 +128,10 @@ xmppDigestMd5 authcid authzid password = do
               ha2 = hash ["AUTHENTICATE", digestURI]
           in hash [ha1, nonce, nc, cnonce, qop, ha2]
 
-digestMd5 :: Maybe Text -- Authorization identity (authzid)
-          -> Text -- Authentication identity (authzid)
+digestMd5 :: Text -- Authorization identity (authzid)
+          -> Maybe Text -- Authentication identity (authzid)
           -> Text -- Password (authzid)
           -> SaslHandler
-digestMd5 authzid authcid password = ( "DIGEST-MD5"
+digestMd5 authcid authzid password = ( "DIGEST-MD5"
                                      , xmppDigestMd5 authcid authzid password
                                      )
\ No newline at end of file