Update to latest GHC, Stackage resolver, hoauth2

- Update to ghc-8.8 / lts-16.0
- Update to hoauth2 >= 1.11.0

  - authGetBS has pre-encoded errors a v1.9
  - oauthClientSecret is Maybe at v1.11

- Tweak non-default Resolvers as required

.circleci/config.yml

@@ -22,6 +22,10 @@ workflows:
           <<: *defaults
           name: "ghc-8.6.3 / lts-13.2"
           stack-yaml: stack-lts-13.2.yaml
+      - stack-build/build-test-lint:
+          <<: *defaults
+          name: "ghc-8.8.3 / lts-16.0"
+          stack-yaml: stack-lts-16.0.yaml
 
   # nightly is broken due to persistent/persistent-template situation
   # https://app.circleci.com/pipelines/github/thoughtbot/yesod-auth-oauth2/172/workflows/1b5d2999-369d-411b-837d-9ccae4f4cede/jobs/1273

README.md

@@ -92,7 +92,7 @@ oauth2MySite clientId clientSecret =
   where
     oauth2 = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint = "https://mysite.com/oauth/authorize"
         , oauthAccessTokenEndpoint = "https://mysite.com/oauth/token"
         , oauthCallback = Nothing

package.yaml

@@ -26,7 +26,7 @@ library:
     - bytestring >=0.9.1.4
     - cryptonite
     - errors
-    - hoauth2 >=1.7.0 && <1.9
+    - hoauth2 >=1.11.0 && <1.15
     - http-client >=0.4.0 && <0.7
     - http-conduit >=2.0 && <3.0
     - http-types >=0.8 && <0.13

src/Yesod/Auth/OAuth2/AzureAD.hs

@@ -46,7 +46,7 @@ oauth2AzureADScoped scopes clientId clientSecret =
   where
     oauth2 = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint =
             "https://login.windows.net/common/oauth2/authorize"
                 `withQuery` [ scopeParam "," scopes

src/Yesod/Auth/OAuth2/BattleNet.hs

@@ -52,7 +52,7 @@ oauth2BattleNet widget region clientId clientSecret =
     host = wwwHost $ T.toLower region
     oauth2 = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint = fromRelative "https" host "/oauth/authorize"
         , oauthAccessTokenEndpoint = fromRelative "https" host "/oauth/token"
         , oauthCallback = Nothing

src/Yesod/Auth/OAuth2/Bitbucket.hs

@@ -53,7 +53,7 @@ oauth2BitbucketScoped scopes clientId clientSecret =
   where
     oauth2 = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint =
             "https://bitbucket.com/site/oauth2/authorize"
                 `withQuery` [scopeParam "," scopes]

src/Yesod/Auth/OAuth2/EveOnline.hs

@@ -73,7 +73,7 @@ oauth2EveScoped scopes widgetType clientId clientSecret =
   where
     oauth2 = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint =
             "https://login.eveonline.com/oauth/authorize"
                 `withQuery` [("response_type", "code"), scopeParam " " scopes]

src/Yesod/Auth/OAuth2/GitHub.hs

@@ -47,7 +47,7 @@ oauth2GitHubScoped scopes clientId clientSecret =
   where
     oauth2 = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint =
             "https://github.com/login/oauth/authorize"
                 `withQuery` [scopeParam "," scopes]

src/Yesod/Auth/OAuth2/GitLab.hs

@@ -54,7 +54,7 @@ oauth2GitLabHostScopes host scopes clientId clientSecret =
   where
     oauth2 = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint =
             host
             `withPath` "/oauth/authorize"

src/Yesod/Auth/OAuth2/Google.hs

@@ -65,7 +65,7 @@ oauth2GoogleScoped scopes clientId clientSecret =
   where
     oauth2 = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint =
             "https://accounts.google.com/o/oauth2/auth"
                 `withQuery` [scopeParam " " scopes]

src/Yesod/Auth/OAuth2/Nylas.hs

@@ -52,7 +52,7 @@ oauth2Nylas clientId clientSecret =
   where
     oauth = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint =
             "https://api.nylas.com/oauth/authorize"
                 `withQuery` [ ("response_type", "code")

src/Yesod/Auth/OAuth2/Prelude.hs

@@ -91,11 +91,10 @@ authGetProfile name manager token url = do
     pure (decoded, resp)
 
 -- | Throws a @Left@ result as an @'YesodOAuth2Exception'@
-fromAuthGet
-    :: Text -> Either (OAuth2Error Value) BL.ByteString -> IO BL.ByteString
+fromAuthGet :: Text -> Either BL.ByteString BL.ByteString -> IO BL.ByteString
 fromAuthGet _ (Right bs) = pure bs -- nice
 fromAuthGet name (Left err) =
-    throwIO $ YesodOAuth2Exception.OAuth2Error name $ encode err
+    throwIO $ YesodOAuth2Exception.OAuth2Error name err
 
 -- | Throws a decoding error as an @'YesodOAuth2Exception'@
 fromAuthJSON :: FromJSON a => Text -> BL.ByteString -> IO a

src/Yesod/Auth/OAuth2/Salesforce.hs

@@ -74,7 +74,7 @@ salesforceHelper name profileUri authorizeUri tokenUri scopes clientId clientSec
   where
     oauth2 = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint =
             authorizeUri `withQuery` [scopeParam " " scopes]
         , oauthAccessTokenEndpoint = tokenUri

src/Yesod/Auth/OAuth2/Slack.hs

@@ -66,7 +66,7 @@ oauth2SlackScoped scopes clientId clientSecret =
   where
     oauth2 = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint =
             "https://slack.com/oauth/authorize"
                 `withQuery` [scopeParam "," $ map scopeText scopes]

src/Yesod/Auth/OAuth2/Spotify.hs

@@ -35,7 +35,7 @@ oauth2Spotify scopes clientId clientSecret =
   where
     oauth2 = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint =
             "https://accounts.spotify.com/authorize"
                 `withQuery` [scopeParam " " scopes]

src/Yesod/Auth/OAuth2/Upcase.hs

@@ -42,7 +42,7 @@ oauth2Upcase clientId clientSecret =
   where
     oauth2 = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint = "http://upcase.com/oauth/authorize"
         , oauthAccessTokenEndpoint = "http://upcase.com/oauth/token"
         , oauthCallback = Nothing

src/Yesod/Auth/OAuth2/WordPressDotCom.hs

@@ -38,7 +38,7 @@ oauth2WordPressDotCom clientId clientSecret =
   where
     oauth2 = OAuth2
         { oauthClientId = clientId
-        , oauthClientSecret = clientSecret
+        , oauthClientSecret = Just clientSecret
         , oauthOAuthorizeEndpoint =
             "https://public-api.wordpress.com/oauth2/authorize"
                 `withQuery` [scopeParam "," ["auth"]]

stack-lts-12.2.yaml

@@ -1,8 +1,8 @@
 ---
 resolver: lts-12.2
 extra-deps:
-  - hoauth2-1.8.1
-  - uri-bytestring-aeson-0.1.0.6
+  - hoauth2-1.14.0@sha256:fcb4284fc78950c91d5b548317c51bd99a5ced84f4bb9e6153624b5783e4215f,5628
+  - uri-bytestring-aeson-0.1.0.8@sha256:8c830d995acf092b7c6e46607095917d2fbf0842d2409c8e3c85bf555a723364,1083
 
 # Fix for weeder with stack-2
 ghc-options:
@@ -10,5 +10,5 @@ ghc-options:
     -ddump-to-file
     -ddump-hi
 
-# needed so resourcet can get exceptions-0.10 even though hoauth dislikes it
+# needed because different packages want different Cabal
 allow-newer: true

stack-lts-12.2.yaml.lock

@@ -0,0 +1,26 @@
+# This file was autogenerated by Stack.
+# You should not edit this file by hand.
+# For more information, please see the documentation at:
+#   https://docs.haskellstack.org/en/stable/lock_files
+
+packages:
+- completed:
+    hackage: hoauth2-1.14.0@sha256:fcb4284fc78950c91d5b548317c51bd99a5ced84f4bb9e6153624b5783e4215f,5628
+    pantry-tree:
+      size: 2046
+      sha256: f25e2c2c101312196159dad5a3e2a4c8f549ed2d036d9566b66786d758db7dba
+  original:
+    hackage: hoauth2-1.14.0@sha256:fcb4284fc78950c91d5b548317c51bd99a5ced84f4bb9e6153624b5783e4215f,5628
+- completed:
+    hackage: uri-bytestring-aeson-0.1.0.8@sha256:8c830d995acf092b7c6e46607095917d2fbf0842d2409c8e3c85bf555a723364,1083
+    pantry-tree:
+      size: 330
+      sha256: af6eb6b9c28e17d783904eb657a5937a5f7ebf8e3ee3d8d5a1283f75a9ec5f1d
+  original:
+    hackage: uri-bytestring-aeson-0.1.0.8@sha256:8c830d995acf092b7c6e46607095917d2fbf0842d2409c8e3c85bf555a723364,1083
+snapshots:
+- completed:
+    size: 499199
+    url: https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/12/2.yaml
+    sha256: a322089fb83fcbccca0dbcfa843c91aa07826fa1c6a57a569ba7574e6e95c7f0
+  original: lts-12.2

stack-lts-13.2.yaml

@@ -1,6 +1,9 @@
 ---
 resolver: lts-13.2
 
+extra-deps:
+  - hoauth2-1.14.0@sha256:fcb4284fc78950c91d5b548317c51bd99a5ced84f4bb9e6153624b5783e4215f,5628
+
 # Fix for weeder with stack-2
 ghc-options:
   "$locals":

stack-lts-13.2.yaml.lock

@@ -0,0 +1,19 @@
+# This file was autogenerated by Stack.
+# You should not edit this file by hand.
+# For more information, please see the documentation at:
+#   https://docs.haskellstack.org/en/stable/lock_files
+
+packages:
+- completed:
+    hackage: hoauth2-1.14.0@sha256:fcb4284fc78950c91d5b548317c51bd99a5ced84f4bb9e6153624b5783e4215f,5628
+    pantry-tree:
+      size: 2046
+      sha256: f25e2c2c101312196159dad5a3e2a4c8f549ed2d036d9566b66786d758db7dba
+  original:
+    hackage: hoauth2-1.14.0@sha256:fcb4284fc78950c91d5b548317c51bd99a5ced84f4bb9e6153624b5783e4215f,5628
+snapshots:
+- completed:
+    size: 492864
+    url: https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/13/2.yaml
+    sha256: 586534518d3e7be8617d97ea296f05f497c0b4bb006f100367d66f5c45ae6268
+  original: lts-13.2

stack-lts-16.10.yaml

@@ -0,0 +1,8 @@
+---
+resolver: lts-16.0
+
+# Fix for weeder with stack-2
+ghc-options:
+  "$locals":
+    -ddump-to-file
+    -ddump-hi

stack-lts-16.10.yaml.lock

@@ -0,0 +1,12 @@
+# This file was autogenerated by Stack.
+# You should not edit this file by hand.
+# For more information, please see the documentation at:
+#   https://docs.haskellstack.org/en/stable/lock_files
+
+packages: []
+snapshots:
+- completed:
+    size: 531237
+    url: https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/16/0.yaml
+    sha256: 210e15b7043e2783115afe16b0d54914b1611cdaa73f3ca3ca7f8e0847ff54e5
+  original: lts-16.0

stack.yaml

@@ -1,5 +1,5 @@
 ---
-resolver: lts-13.2
+resolver: lts-16.10
 
 # Fix for weeder with stack-2
 ghc-options:

stack.yaml.lock

@@ -6,7 +6,7 @@
 packages: []
 snapshots:
 - completed:
-    size: 492864
-    url: https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/13/2.yaml
-    sha256: 586534518d3e7be8617d97ea296f05f497c0b4bb006f100367d66f5c45ae6268
-  original: lts-13.2
+    size: 532383
+    url: https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/16/10.yaml
+    sha256: 469d781ab6d2a4eceed6b31b6e4ec842dcd3cd1d11577972e86902603dce24df
+  original: lts-16.10