Clément Delafargue
Clément Delafargue
https://github.com/biscuit-auth/biscuit-web-components now provides a series of embeddable elements: - a token inspector, authorizer and attenuator - a token generator - a datalog playground
Special atoms are no longer needed to scope facts.
There is a protobuf-based format allowing to describe rules, facts & policies, as well as a format for dumping the state and contents of an authorizer. Is this issue still...
If we relax constraints on sets following #135, especially if we allow nesting sets, we won't be able to keep the overloaded methods on sets (which would have been a...
I agree. The tricky part here is that I think we want 3rd-party blocks to have access to authority/verifier facts (so that they can add their own checks), but we...
I think we can completely avoid having a 3rd party token: the idea here is that a token could have — in addition to the authority block — other blocks...
I'll try to work on an example based on the macaroons paper
Here's an example: I want to grant read access to `resource1` on `service1` to anyone who's part of a specific group on `service2`: authority block (signed by `service1`): `right("resource1", "read");...
Done in #103
I have updated the roadmap. For a tl;dr: - for go and java, the current objective is to support v4 blocks (check all, third-party blocks) - as for the spec...