Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

jans-docs: Lock Updates to README, Cedarling and Lock Master docs. #9042

Merged
merged 6 commits into from
Jul 29, 2024
Merged

jans-docs: Lock Updates to README, Cedarling and Lock Master docs. #9042

merged 6 commits into from
Jul 29, 2024

Conversation

nynymike
Copy link
Contributor

Prepare

Description

Mike's latest updates to the Lock docs and diagrams.

Target issue

#8831

Implementation Details

Just words and pictures

Test and Document the changes

  • Static code analysis has been run locally and issues have been fixed
  • Relevant unit and integration tests have been added/updated
  • Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with docs: to indicate documentation changes or if the below checklist is not selected.

  • I confirm that there is no impact on the docs due to the code changes in this PR.

nynymike added 2 commits July 28, 2024 18:06
@nynymike
Lock Docs Update
b3b3594 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Michael Schwartz
@nynymike
Lock Diagram Update
ae91c66 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Michael Schwartz
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Jul 28, 2024
edited
Loading

DryRun Security Summary

The pull request focuses on updating the documentation for the Janssen Project's authorization and access control platform, the "Janssen Lock" system, including changes to the project's navigation, expansion of the "Lock Master" component documentation, renaming the project, and explaining the distributed authorization model used by the system.

Expand for full summary

Summary:

The code changes in this pull request focus on updating the documentation for the Janssen Project's authorization and access control platform, known as the "Janssen Lock" system. The key changes include:

  1. Removal of several sections related to the "Lock Guide" from the project's navigation, indicating a potential shift in the focus or deprecation of the Lock functionality.
  2. Expansion of the documentation for the "Lock Master" component, providing more details about its architecture, configuration, logging, and OAuth security aspects.
  3. Renaming the project from "Jans Lock" to "Janssen Lock" and providing a more detailed overview of the system's architecture, which consists of Cedarling, Lock Master, and Jans Auth Server components.
  4. Explanation of the distributed authorization model used by Janssen Lock, including the Policy Store, Cedarling, and their roles in the overall system.

From an application security perspective, the changes highlight the importance of the Janssen Lock system in the overall security architecture of the Janssen Project. The use of a declarative policy engine (Cedar), centralized policy management, and JWT token validation are all positive security features that should be thoroughly reviewed and tested to ensure their proper implementation and effectiveness.

Files Changed:

  1. mkdocs.yml: The changes remove several sections related to the "Lock Guide" from the navigation, potentially indicating a shift in the focus or deprecation of the Lock functionality.
  2. docs/admin/lock/lock-master.md: The changes expand the documentation for the "Lock Master" component, providing more details about its architecture, configuration, logging, and OAuth security aspects.
  3. docs/admin/lock/README.md: The changes rename the project from "Jans Lock" to "Janssen Lock" and provide a more detailed overview of the system's architecture and the distributed authorization model used.
  4. docs/admin/lock/cedarling.md: The changes document the Cedarling, which is a WebAssembly-based policy decision point (PDP) that enables developers to define and enforce security policies using the Cedar policy syntax.

Code Analysis

We ran 9 analyzers against 11 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

ossdhaval added 3 commits July 29, 2024 08:46
@ossdhaval
docs(lock): proofread and fix
23f6015 
Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>
@ossdhaval
docs(lock): proofread and fix
0ea2881 
Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>
@ossdhaval
docs(lock): nav changes
de57827 
Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>
ossdhaval
ossdhaval previously approved these changes Jul 29, 2024
View reviewed changes
@ossdhaval ossdhaval requested a review from manojs1978 July 29, 2024 07:31
@ossdhaval
Merge branch 'main' into mike-cedarling-docs-03
6047ffd 
Signed-off-by: Dhaval D <343411+ossdhaval@users.noreply.github.com>
@ossdhaval ossdhaval self-requested a review July 29, 2024 11:06
@yuriyz yuriyz enabled auto-merge (squash) July 29, 2024 11:40
@yuriyz yuriyz merged commit fa9d079 into main Jul 29, 2024
11 checks passed
@yuriyz yuriyz deleted the mike-cedarling-docs-03 branch July 29, 2024 11:41
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@nynymike @ossdhaval
jans-docs: lock updates to README, cedarling and lock master docs. (#…
421a14e 
…9042)

* Lock Docs Update
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Michael Schwartz

* Lock Diagram Update
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Michael Schwartz

* docs(lock): proofread and fix

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(lock): proofread and fix

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(lock): nav changes

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

---------

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>
Signed-off-by: Dhaval D <343411+ossdhaval@users.noreply.github.com>
Co-authored-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>
Former-commit-id: fa9d079
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ossdhaval ossdhaval ossdhaval approved these changes

@yuriyz yuriyz yuriyz approved these changes

@moabu moabu moabu approved these changes

@manojs1978 manojs1978 Awaiting requested review from manojs1978

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nynymike @ossdhaval @yuriyz @moabu