Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: Cedarling Overview edits for readability. #9030

Merged
merged 2 commits into from
Jul 25, 2024
Merged

docs: Cedarling Overview edits for readability. #9030

merged 2 commits into from
Jul 25, 2024

Conversation

nynymike
Copy link
Contributor 

Signed-off-by: Michael Schwartz

### Prepare

- [x] Read [PR guidelines](https://github.com/JanssenProject/jans/blob/main/docs/CONTRIBUTING.md#prs)
- [x] Read [license information](https://github.com/JanssenProject/jans/blob/main/LICENSE)

-------------------

### Description

#### Target issue

https://github.com/JanssenProject/jans/issues/8831

#### Implementation Details

Just edits for readability

-------------------
### Test and Document the changes
- [x] Static code analysis has been run locally and issues have been fixed
- [x] Relevant unit and integration tests have been added/updated
- [x] Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)



Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with `docs:` to indicate documentation changes or if the below checklist is not selected.
- [x] **I confirm that there is no impact on the docs due to the code changes in this PR.**

@nynymike
docs: Cedarling Overview edits for readability.
07eba3b 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Michael Schwartz
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Jul 24, 2024
edited
Loading

DryRun Security Summary

The code change introduces the Cedarling, a local, autonomous Policy Decision Point (PDP) component that runs as a WebAssembly (WASM) module and is responsible for authorizing access requests based on enterprise-approved policies defined in the Cedar policy syntax, providing a robust and flexible authorization mechanism for the application.

Expand for full summary

Summary:

The code change introduces the Cedarling, a local, autonomous Policy Decision Point (PDP) component that runs as a WebAssembly (WASM) module. The Cedarling is responsible for authorizing access requests based on enterprise-approved policies defined in the Cedar policy syntax. From an application security perspective, the key features of the Cedarling include JWT-based authorization, the use of the PARC (Principal, Action, Resource, Context) syntax for defining authorization rules, audit logging of authorization decisions, token validation, external policy store management, and flexible deployment options (browser-based or cloud function). These security-focused capabilities help separate security concerns from the application logic, leverage industry-standard protocols and practices, and provide a robust and flexible authorization mechanism for the application.

Files Changed:

  • docs/admin/lock/cedarling.md: This file provides an overview of the Cedarling component, including details on its JWT-based authorization, Cedar policy syntax, audit logging, token validation, policy store management, and deployment flexibility. The changes introduce the Cedarling as a security-focused authorization mechanism that can be integrated into the application.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@mo-auto mo-auto added the area-documentation Documentation needs to change as part of issue or PR label Jul 24, 2024
@mo-auto mo-auto enabled auto-merge (squash) July 24, 2024 20:34
@mzico mzico self-requested a review July 25, 2024 19:58
@mo-auto mo-auto merged commit 16b2c3f into main Jul 25, 2024
11 checks passed
@mo-auto mo-auto deleted the mike-cedarling-docs-02 branch July 25, 2024 20:10
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@nynymike @moabu
docs: Cedarling Overview edits for readability. (#9030)
f38ca4e 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Michael Schwartz

Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>
Former-commit-id: 16b2c3f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mo-auto mo-auto mo-auto approved these changes

@mzico mzico mzico approved these changes

Assignees
No one assigned
Labels
area-documentation Documentation needs to change as part of issue or PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nynymike @mzico @mo-auto @moabu