biscuit-auth/biscuit
1
1
Fork 0
mirror of https://github.com/biscuit-auth/biscuit.git synced 2024-09-11 06:15:30 +03:00
Code Issues Packages Projects Releases Wiki Activity

rename verifier to authorizer

Browse Source
This commit is contained in:
Geoffroy Couprie 2021-10-05 23:45:38 +02:00
parent a4cddcec8e
commit 16357ce0fd
5 changed files with 70 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
samples/v2/README.md
View File

@ -28,12 +28,12 @@ check if resource($0), operation("read"), right($0, "read");
### validation
verifier code:
authorizer code:
```
resource("file1");
```
verifier world:
authorizer world:
```
World {
facts: {
@ -232,13 +232,13 @@ owner("alice", "file2");
### validation
verifier code:
authorizer code:
```
resource("file2");
operation("read");
```
verifier world:
authorizer world:
```
World {
facts: {
@ -292,13 +292,13 @@ right("file2", "read");
### validation
verifier code:
authorizer code:
```
resource("file2");
operation("read");
```
verifier world:
authorizer world:
```
World {
facts: {
@ -344,14 +344,14 @@ check if time($date), $date <= 2018-12-20T00:00:00+00:00;
### validation
verifier code:
authorizer code:
```
resource("file1");
operation("read");
time(2020-12-21T09:23:12+00:00);
```
verifier world:
authorizer world:
```
World {
facts: {
@ -374,7 +374,7 @@ result: `Err(["Block(FailedBlockCheck { block_id: 1, check_id: 1, rule: \"check
------------------------------
## verifier scope: test10_verifier_scope.bc
## authorizer scope: test10_authorizer_scope.bc
### token
authority:
@ -395,7 +395,7 @@ right("file2", "read");
### validation
verifier code:
authorizer code:
```
resource("file2");
operation("read");
@ -403,7 +403,7 @@ operation("read");
check if right($0, $1), resource($0), operation($1);
```
verifier world:
authorizer world:
```
World {
facts: {
@ -424,12 +424,12 @@ World {
}
```
result: `Err(["Verifier(FailedVerifierCheck { check_id: 0, rule: \"check if right($0, $1), resource($0), operation($1)\" })"])`
result: `Err(["Authorizer(FailedAuthorizerCheck { check_id: 0, rule: \"check if right($0, $1), resource($0), operation($1)\" })"])`
------------------------------
## verifier authority checks: test11_verifier_authority_caveats.bc
## authorizer authority checks: test11_authorizer_authority_caveats.bc
### token
authority:
@ -443,7 +443,7 @@ right("file1", "read");
### validation
verifier code:
authorizer code:
```
resource("file2");
operation("read");
@ -451,7 +451,7 @@ operation("read");
check if right($0, $1), resource($0), operation($1);
```
verifier world:
authorizer world:
```
World {
facts: {
@ -470,7 +470,7 @@ World {
}
```
result: `Err(["Verifier(FailedVerifierCheck { check_id: 0, rule: \"check if right($0, $1), resource($0), operation($1)\" })"])`
result: `Err(["Authorizer(FailedAuthorizerCheck { check_id: 0, rule: \"check if right($0, $1), resource($0), operation($1)\" })"])`
------------------------------
@ -489,13 +489,13 @@ check if resource("file1");
### validation for "file1"
verifier code:
authorizer code:
```
resource("file1");
operation("read");
```
verifier world:
authorizer world:
```
World {
facts: {
@ -514,13 +514,13 @@ World {
result: `Ok(0)`
### validation for "file2"
verifier code:
authorizer code:
```
resource("file2");
operation("read");
```
verifier world:
authorizer world:
```
World {
facts: {
@ -565,13 +565,13 @@ check if valid_date($0), resource($0);
### validation for "file1"
verifier code:
authorizer code:
```
resource("file1");
time(2020-12-21T09:23:12+00:00);
```
verifier world:
authorizer world:
```
World {
facts: {
@ -594,13 +594,13 @@ World {
result: `Ok(0)`
### validation for "file2"
verifier code:
authorizer code:
```
resource("file2");
time(2020-12-21T09:23:12+00:00);
```
verifier world:
authorizer world:
```
World {
facts: {
@ -638,12 +638,12 @@ check if resource($0), $0.matches("file[0-9]+.txt");
### validation for "file1"
verifier code:
authorizer code:
```
resource("file1");
```
verifier world:
authorizer world:
```
World {
facts: {
@ -661,12 +661,12 @@ World {
result: `Err(["Block(FailedBlockCheck { block_id: 0, check_id: 0, rule: \"check if resource($0), $0.matches(\\\"file[0-9]+.txt\\\")\" })"])`
### validation for "file123"
verifier code:
authorizer code:
```
resource("file123.txt");
```
verifier world:
authorizer world:
```
World {
facts: {
@ -700,13 +700,13 @@ must_be_present("hello");
### validation
verifier code:
authorizer code:
```
check if must_be_present($0) or must_be_present($0);
```
verifier world:
authorizer world:
```
World {
facts: {
@ -749,11 +749,11 @@ check1("test");
### validation
verifier code:
authorizer code:
```
```
verifier world:
authorizer world:
```
World {
facts: {
@ -814,11 +814,11 @@ check if [hex:12ab, hex:34de].contains(hex:34de);
### validation
verifier code:
authorizer code:
```
```
verifier world:
authorizer world:
```
World {
facts: {
@ -858,12 +858,12 @@ operation($unbound, "read") <- operation($any1, $any2);
### validation
verifier code:
authorizer code:
```
operation("write");
```
verifier world:
authorizer world:
```
World {
facts: {
@ -905,12 +905,12 @@ operation("read") <- operation($any);
### validation
verifier code:
authorizer code:
```
operation("write");
```
verifier world:
authorizer world:
```
World {
facts: {
@ -955,13 +955,13 @@ check if resource($0), operation("read"), right($0, "read");
### validation
verifier code:
authorizer code:
```
resource("file1");
operation("read");
```
verifier world:
authorizer world:
```
World {
facts: {

58
samples/v2/samples.json
View File

@ -45,7 +45,7 @@
"Block(FailedBlockCheck { block_id: 1, check_id: 0, rule: \"check if resource($0), operation(\\\"read\\\"), right($0, \\\"read\\\")\" })"
]
},
"verifier_code": "resource(\"file1\");\n"
"authorizer_code": "resource(\"file1\");\n"
}
}
},
@ -76,7 +76,7 @@
"Format(Signature(InvalidSignature(\"signature error\")))"
]
},
"verifier_code": ""
"authorizer_code": ""
}
}
},
@ -109,7 +109,7 @@
"Format(InvalidSignatureSize(16))"
]
},
"verifier_code": ""
"authorizer_code": ""
}
}
},
@ -142,7 +142,7 @@
"Format(Signature(InvalidSignature(\"signature error\")))"
]
},
"verifier_code": ""
"authorizer_code": ""
}
}
},
@ -175,7 +175,7 @@
"Format(Signature(InvalidSignature(\"signature error\")))"
]
},
"verifier_code": ""
"authorizer_code": ""
}
}
},
@ -214,7 +214,7 @@
"Format(Signature(InvalidSignature(\"signature error\")))"
]
},
"verifier_code": ""
"authorizer_code": ""
}
}
},
@ -271,7 +271,7 @@
"Block(FailedBlockCheck { block_id: 1, check_id: 0, rule: \"check if resource($0), operation(\\\"read\\\"), right($0, \\\"read\\\")\" })"
]
},
"verifier_code": "resource(\"file2\");\noperation(\"read\");\n"
"authorizer_code": "resource(\"file2\");\noperation(\"read\");\n"
}
}
},
@ -323,7 +323,7 @@
"Block(FailedBlockCheck { block_id: 1, check_id: 0, rule: \"check if resource($0), operation(\\\"read\\\"), right($0, \\\"read\\\")\" })"
]
},
"verifier_code": "resource(\"file2\");\noperation(\"read\");\n"
"authorizer_code": "resource(\"file2\");\noperation(\"read\");\n"
}
}
},
@ -367,13 +367,13 @@
"Block(FailedBlockCheck { block_id: 1, check_id: 1, rule: \"check if time($date), $date <= 2018-12-20T00:00:00+00:00\" })"
]
},
"verifier_code": "resource(\"file1\");\noperation(\"read\");\ntime(2020-12-21T09:23:12+00:00);\n"
"authorizer_code": "resource(\"file1\");\noperation(\"read\");\ntime(2020-12-21T09:23:12+00:00);\n"
}
}
},
{
"title": "verifier scope",
"filename": "test10_verifier_scope.bc",
"title": "authorizer scope",
"filename": "test10_authorizer_scope.bc",
"token": [
{
"symbols": [
@ -410,16 +410,16 @@
},
"result": {
"Err": [
"Verifier(FailedVerifierCheck { check_id: 0, rule: \"check if right($0, $1), resource($0), operation($1)\" })"
"Authorizer(FailedAuthorizerCheck { check_id: 0, rule: \"check if right($0, $1), resource($0), operation($1)\" })"
]
},
"verifier_code": "resource(\"file2\");\noperation(\"read\");\n\ncheck if right($0, $1), resource($0), operation($1);\n"
"authorizer_code": "resource(\"file2\");\noperation(\"read\");\n\ncheck if right($0, $1), resource($0), operation($1);\n"
}
}
},
{
"title": "verifier authority checks",
"filename": "test11_verifier_authority_caveats.bc",
"title": "authorizer authority checks",
"filename": "test11_authorizer_authority_caveats.bc",
"token": [
{
"symbols": [
@ -448,10 +448,10 @@
},
"result": {
"Err": [
"Verifier(FailedVerifierCheck { check_id: 0, rule: \"check if right($0, $1), resource($0), operation($1)\" })"
"Authorizer(FailedAuthorizerCheck { check_id: 0, rule: \"check if right($0, $1), resource($0), operation($1)\" })"
]
},
"verifier_code": "resource(\"file2\");\noperation(\"read\");\n\ncheck if right($0, $1), resource($0), operation($1);\n"
"authorizer_code": "resource(\"file2\");\noperation(\"read\");\n\ncheck if right($0, $1), resource($0), operation($1);\n"
}
}
},
@ -484,7 +484,7 @@
"result": {
"Ok": 0
},
"verifier_code": "resource(\"file1\");\noperation(\"read\");\n"
"authorizer_code": "resource(\"file1\");\noperation(\"read\");\n"
},
"file2": {
"world": {
@ -504,7 +504,7 @@
"Block(FailedBlockCheck { block_id: 0, check_id: 0, rule: \"check if resource(\\\"file1\\\")\" })"
]
},
"verifier_code": "resource(\"file2\");\noperation(\"read\");\n"
"authorizer_code": "resource(\"file2\");\noperation(\"read\");\n"
}
}
},
@ -552,7 +552,7 @@
"result": {
"Ok": 0
},
"verifier_code": "resource(\"file1\");\ntime(2020-12-21T09:23:12+00:00);\n"
"authorizer_code": "resource(\"file1\");\ntime(2020-12-21T09:23:12+00:00);\n"
},
"file2": {
"world": {
@ -575,7 +575,7 @@
"Block(FailedBlockCheck { block_id: 1, check_id: 0, rule: \"check if valid_date($0), resource($0)\" })"
]
},
"verifier_code": "resource(\"file2\");\ntime(2020-12-21T09:23:12+00:00);\n"
"authorizer_code": "resource(\"file2\");\ntime(2020-12-21T09:23:12+00:00);\n"
}
}
},
@ -610,7 +610,7 @@
"Block(FailedBlockCheck { block_id: 0, check_id: 0, rule: \"check if resource($0), $0.matches(\\\"file[0-9]+.txt\\\")\" })"
]
},
"verifier_code": "resource(\"file1\");\n"
"authorizer_code": "resource(\"file1\");\n"
},
"file123": {
"world": {
@ -627,7 +627,7 @@
"result": {
"Ok": 0
},
"verifier_code": "resource(\"file123.txt\");\n"
"authorizer_code": "resource(\"file123.txt\");\n"
}
}
},
@ -661,7 +661,7 @@
"result": {
"Ok": 0
},
"verifier_code": "\ncheck if must_be_present($0) or must_be_present($0);\n"
"authorizer_code": "\ncheck if must_be_present($0) or must_be_present($0);\n"
}
}
},
@ -701,7 +701,7 @@
"Block(FailedBlockCheck { block_id: 0, check_id: 0, rule: \"check if resource(\\\"hello\\\")\" })"
]
},
"verifier_code": ""
"authorizer_code": ""
}
}
},
@ -739,7 +739,7 @@
"result": {
"Ok": 0
},
"verifier_code": ""
"authorizer_code": ""
}
}
},
@ -783,7 +783,7 @@
"FailedLogic(InvalidBlockRule(0, \"operation($unbound, \\\"read\\\") <- operation($any1, $any2)\"))"
]
},
"verifier_code": "operation(\"write\");\n"
"authorizer_code": "operation(\"write\");\n"
}
}
},
@ -826,7 +826,7 @@
"Block(FailedBlockCheck { block_id: 0, check_id: 0, rule: \"check if operation(\\\"read\\\")\" })"
]
},
"verifier_code": "operation(\"write\");\n"
"authorizer_code": "operation(\"write\");\n"
}
}
},
@ -872,7 +872,7 @@
"result": {
"Ok": 0
},
"verifier_code": "resource(\"file1\");\noperation(\"read\");\n"
"authorizer_code": "resource(\"file1\");\noperation(\"read\");\n"
}
}
}

0
samples/v2/test10_verifier_scope.bc → samples/v2/test10_authorizer_scope.bc
View File

0
samples/v2/test11_verifier_authority_caveats.bc → samples/v2/test11_authorizer_authority_caveats.bc
View File

2
schema.proto
View File

@ -194,7 +194,7 @@ message Policy {
required Kind kind = 2;
}
message VerifierPolicies {
message AuthorizerPolicies {
repeated string symbols = 1;
optional uint32 version = 2;
repeated FactV2 facts = 3;