docs(jans-cedarling): new quickstart using tarp #11004
Conversation
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
There was a problem hiding this comment.
Authorization Decision Service (ADS) has emerged more recently to reflect authorization as a cloud-native service rather than a monolithic policy engine embedded in an application. So saying the "Cedarling is an authorization decision service" is a little misleading, and may discourage vendors from implementing an ADS using the Cedarling.
Signed-off-by: Michael Schwartz <mike@gluu.org>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
There was a problem hiding this comment.
This quickstart in its current state is terrible. If I were grading it, I'd give it a D-minus.
It needs high level expectations set at the beginning, like "we are going to present the quickstart in "three steps" -- authoring a policy store, loading the policy store in a test application (Tarp), and testing policy evaluation.
Also, why does it wait until the end to bring up what is the policy, like it's an afterthought? Shouldn't the introduction start with the policy we want to enforce, and an explanation of the use case?
Net-net, this needs major re-thinking on the part of Safin.
|
|
||
| The Janssen Project documentation is currently in development. Topic pages are being created in order of broadest relevance, and this page is coming in the near future. | ||
| In this guide, we'll demonstrate how to use Cedarling as a sidecar for an API Gateway to authorize requests. |
There was a problem hiding this comment.
We are not using the sidecar here. Can you be more specific about what exactly this demo is showing.
|
|
||
| ## Have questions in the meantime? | ||
| ### Sequence diagram |
There was a problem hiding this comment.
I find the sequence diagram here to be not "quick" -- it's also filled with jargon like "DCR", "bootstrap config", "jwks_endpoint", that a new person might not be familiar with...
| Before you begin, make sure you have the following: | ||
|
|
||
| * [Firefox](https://www.mozilla.org/en-US/firefox/windows/) or [Google Chrome](https://www.google.com/chrome/index.html) | ||
| * The latest release of [Jans Tarp](https://github.com/JanssenProject/jans/releases/tag/nightly). Download the zip file for your browser. |
There was a problem hiding this comment.
What would be best here is to provide a link: "How to install Jans Tarp (1 minute video)". @ossdhaval, do we have an updated video?
| To begin using Cedarling, you need to set up a policy store. We’ll use [Agama Lab](https://cloud.gluu.org/agama-lab/login) for this purpose. | ||
|
|
||
| 1. Sign in to [Agama Lab](https://cloud.gluu.org/agama-lab/login) using your GitHub account and click on Policy Designer. | ||
|  |
There was a problem hiding this comment.
Without the context of the wesbite, this screenshot is more confusing than illuminating.
|  | ||
| 4. Open the policy store and navigate to Policies. | ||
| 5. Click `Add Policy`, select `Text Editor`. | ||
|  |
There was a problem hiding this comment.
There is a lot of real-estate taken by screenshots, that lack context. It would be much better to provide one short howto video here.
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
|
|
||
| ## Authentication Flow | ||
|
|
||
| 1. On the Authentication Flow screen, click on the lightning icon to trigger an authentication flow. |
There was a problem hiding this comment.
I think you need another video here to show what success looks like.
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
There was a problem hiding this comment.
I think this still needs work. Perhaps we should wait until the new Tarp version comes out with the authorize_unsigned support, so we can split this into two quickstarts: 1) How to author and test policies using the cedarling; 2) Token Based Access Control ("TBAC") quickstart.
| Before we begin, we need to meet the following requirements: | ||
|
|
||
| * [Firefox](https://www.mozilla.org/en-US/firefox/) or [Google Chrome](https://www.google.com/chrome/index.html) | ||
| * The latest release of [Jans Tarp](https://github.com/JanssenProject/jans/releases/tag/nightly). Download the zip file for your browser and install it. |
There was a problem hiding this comment.
This is a mass of files and issues and it's hard to find out where exactly to download Tarp. Ideally, there should be a links to four different one-minute videos: firefox | chrome v. nightly build | store.
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
…oject/jans into docs-jans-cedarling-quickstart
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
…oject/jans into docs-jans-cedarling-quickstart
Signed-off-by: SafinWasi <6601566+SafinWasi@users.noreply.github.com>
Prepare
Description
Target issue
closes #10974
Implementation Details
Test and Document the changes
N/A
Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with
docs:to indicate documentation changes or if the below checklist is not selected.