September 21, 2010
My first task when working on Haskellers.com was to set up OpenID authentication. My authenticate package only supports OpenID 1, so I looked into the openid package. Unfortunately, it didn't work out of the box for me. As I started digging, the reason appeared to be the HTTPS connections.
It's really unfortunate that while so many of our tools in Haskell are incredibly advanced, our HTTP client libraries are lackluster. When originally writing the authenticate package, I stumbled upon this lack of HTTPS support. I say stumble because the library not once advertises its lack of support, nor does it complain when you try to download something from an HTTPS URL. Instead, it simply connects over vanilla HTTP. I've also been less than satisfied with the complexities involved in the HTTP library's API.
The other mainstream solution is the curl package. This also suffers from some warts: the API is basically a mirror of the C library. I've coded against that library before, and I don't feel like doing it again in Haskell. It also introduces a dependency on a system library, which is something I'm trying to avoid whenever possible for Yesod.
So I wrote a package called http-wget which simply wraps around the wget executable. This is an ugly hack, but at least it worked, and I could make a nice, simple API. However, this isn't a real solution, and as I was trying to get the openid package to work, I realized we finally just need a working package capable of making HTTPS connections.
So I'd like to announce the first release of http-enumerator. It uses attoparsec, enumerator and OpenSSL to try and deliver a simple, efficient API. This release is definitely an experimental release, so don't start using it in your production code. I have tested it with the authenticate package, and I have no trouble accessing Facebook's graph API, which is a promising sign.
I am intending on making changes to the API still, and I'd appreciate feedback from others. If you have a chance, take a look and tell me what you think. Also, since it depends on the hsopenssl package it still introduces a system library dependency. I'd like to experiment at some point with providing an alternate package that embeds a mini SSL library such as MatrixSSL.