feat(jans-lock): implement fetch policy stores #9423
Conversation
DryRun Security SummaryThe pull request covers various changes to the "cedarling" component of the Jans project, which is responsible for authorization and policy management, including updates to the Expand for full summarySummary: The code changes in this pull request cover various aspects of the Jans project's "cedarling" component, which is responsible for authorization and policy management. The changes include updates to the From an application security perspective, the key points to highlight are:
Overall, the changes appear to be focused on improving the structure, organization, and flexibility of the cedarling component, but it's crucial to review the implementation details to ensure that the application's security posture is maintained. Files Changed:
Code AnalysisWe ran Riskiness🟢 Risk threshold not exceeded. |
mo-auto
added
the
area-documentation
…letion The cedarling_mvp branch was merged and subsequently deleted. This commit rebases the current changes from the main branch to keep the branch up to date. list of rebased commits: rust demo code without connect to python cargo improvements fix format rule add to gitignore files that is used in debug process add parsing roles from token and it mapping remove unused text in readme added guide how to build add python binding python example hotfix make Id in python example more illustrative update to make tokens field jti optional fix readme file feat: store the sample policy stores in demo folder #9373 Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com> rename role mapper to token mapper add loading policy store from file or json show in example that we can use setter use single quote for action in python example update python bindings to use object Request added crate init_engine refactor authz, move some parts to init_engine added skip check clippy::enum_variant_names Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com>
For some reason my git client start but out. Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com>
Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com>
also updated the python binding. also renamed the enum PolicyStoreConfig::LocalJson to JsonRaw Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com>
…ibrary Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com>
olehbozhok
force-pushed
the
jans-cedaling-issue-9365
branch
from
932bf56 to
1e39cd8
Compare
SafinWasi
changed the title
… init PolicyStore using methods: - from_raw_json - from_filepath - from_remote_uri Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com>
…r windows we no need to install maturin[patchelf] Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com>
olehbozhok
force-pushed
the
jans-cedaling-issue-9365
branch
from
4ac0aaa to
9909ad0
Compare
…he userinfo token Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com>
…ted among the available packages. Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com>
…uild-essential for cedarling_python Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com>
olehbozhok
force-pushed
the
jans-cedaling-issue-9365
branch
from
8c10d07 to
9e9fa6b
Compare
|
|
|
|
|
|
|
* chore(jans-cedarling): rebase from main after cedarling_mvp branch deletion The cedarling_mvp branch was merged and subsequently deleted. This commit rebases the current changes from the main branch to keep the branch up to date. list of rebased commits: rust demo code without connect to python cargo improvements fix format rule add to gitignore files that is used in debug process add parsing roles from token and it mapping remove unused text in readme added guide how to build add python binding python example hotfix make Id in python example more illustrative update to make tokens field jti optional fix readme file feat: store the sample policy stores in demo folder #9373 Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com> rename role mapper to token mapper add loading policy store from file or json show in example that we can use setter use single quote for action in python example update python bindings to use object Request added crate init_engine refactor authz, move some parts to init_engine added skip check clippy::enum_variant_names Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * chore: delete Readme.md For some reason my git client start but out. Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * chore(chedarling) rename PolicyStoreEntry to PolicyStore Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * feat(cedarling): added load PolicyStore from file and URI also updated the python binding. also renamed the enum PolicyStoreConfig::LocalJson to JsonRaw Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * docs(cedarling-python): added section Classes and Methods in python library Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * docs(cedarling): added to python binding documentation example how to init PolicyStore using methods: - from_raw_json - from_filepath - from_remote_uri Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * docs(cedarling): added to python binding documentation notice that for windows we no need to install maturin[patchelf] Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * docs(cedarling): added example how to extract the "role" claim from the userinfo token Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * docs(cedarling): added note that we should see `cedarling_python` listed among the available packages. Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> * doc(cedarling): added note that user on linux maybe need to install build-essential for cedarling_python Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> --------- Signed-off-by: Oleh Bohzok <olehbozhok@gmail.com> Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com> Former-commit-id: cea08b5
Prepare
Description
Target issue
Issue
closes #9365
Implementation Details
The unit test will be implemented in the issue#9353
Test and Document the changes
Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with
docs:to indicate documentation changes or if the below checklist is not selected.