Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat (jans-cedarling): Support JSON claim values that conform to ValueMap and ListMap formats #10342

Open
djellemah opened this issue Dec 5, 2024 · 1 comment
Open

feat (jans-cedarling): Support JSON claim values that conform to ValueMap and ListMap formats #10342

djellemah opened this issue Dec 5, 2024 · 1 comment
Assignees
@djellemah
Labels
comp-jans-cedarling Touching folder /jans-cedarling kind-feature Issue or PR is a new feature request
Milestone
next-release

Comments

@djellemah
Copy link
Contributor

djellemah commented Dec 5, 2024
edited by nynymike
Loading

This IDP may return a claim that has a JSON value in the token. This is useful in many cases to convey back complex data.

 {`key`: "value"}                    < ValueMap
  
 {"key": ["value"]}                  < ListMap

For example, ListMap can be helpful to avoid role explosion:

"permissions": {
    "Resource1": ["Admin"],
    "Resource2": ["Guest"]
  }

And express polices something like this (syntax may vary if it works):

@desc("Resource 1 Delete Rule")
permit (
  principal is Acme::User,
  action == Acme::Action::"DELETE",
  resource is Acme::Resource::Resource1
) when (
  "Admin" in principal.permissions.Resource1
)

What kind of Cedar schema would be needed for this "permissions" claim?
@djellemah djellemah added comp-jans-cedarling Touching folder /jans-cedarling kind-feature Issue or PR is a new feature request labels Dec 5, 2024
@djellemah djellemah self-assigned this Dec 5, 2024
@nynymike nynymike changed the title Map Record from JWT feat (jans-cedarling): Support JWT claim values in JSON that conform to ValueMap and ListMap formats Dec 5, 2024
@nynymike nynymike changed the title feat (jans-cedarling): Support JWT claim values in JSON that conform to ValueMap and ListMap formats feat (jans-cedarling): Support JSON claim values that conform to ValueMap and ListMap formats Dec 5, 2024
@moabu moabu added this to the next-release milestone Dec 11, 2024
@moabu moabu modified the milestones: 1.2.0, next release Dec 24, 2024
@djellemah
Copy link
Contributor Author

Closing this - the functionality here seems to have been moved into #10549

Re-open if tags are needed.

@moabu moabu modified the milestones: 1.3.0, next-release Jan 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@djellemah djellemah

Labels
comp-jans-cedarling Touching folder /jans-cedarling kind-feature Issue or PR is a new feature request
Projects
None yet
Milestone
next-release
Development

No branches or pull requests
2 participants
@djellemah @moabu