Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions specs/authorization/authorization.openapi.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -143,6 +143,8 @@ components:
- ALGORITHM_HPQT_XWING
- ALGORITHM_HPQT_SECP256R1_MLKEM768
- ALGORITHM_HPQT_SECP384R1_MLKEM1024
- ALGORITHM_MLKEM_768
- ALGORITHM_MLKEM_1024
description: Supported key algorithms.
policy.KasPublicKeyAlgEnum:
type: string
Expand All @@ -157,6 +159,8 @@ components:
- KAS_PUBLIC_KEY_ALG_ENUM_HPQT_XWING
- KAS_PUBLIC_KEY_ALG_ENUM_HPQT_SECP256R1_MLKEM768
- KAS_PUBLIC_KEY_ALG_ENUM_HPQT_SECP384R1_MLKEM1024
- KAS_PUBLIC_KEY_ALG_ENUM_MLKEM_768
- KAS_PUBLIC_KEY_ALG_ENUM_MLKEM_1024
policy.SourceType:
type: string
title: SourceType
Expand Down
4 changes: 4 additions & 0 deletions specs/authorization/v2/authorization.openapi.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -178,6 +178,8 @@ components:
- ALGORITHM_HPQT_XWING
- ALGORITHM_HPQT_SECP256R1_MLKEM768
- ALGORITHM_HPQT_SECP384R1_MLKEM1024
- ALGORITHM_MLKEM_768
- ALGORITHM_MLKEM_1024
description: Supported key algorithms.
policy.KasPublicKeyAlgEnum:
type: string
Expand All @@ -192,6 +194,8 @@ components:
- KAS_PUBLIC_KEY_ALG_ENUM_HPQT_XWING
- KAS_PUBLIC_KEY_ALG_ENUM_HPQT_SECP256R1_MLKEM768
- KAS_PUBLIC_KEY_ALG_ENUM_HPQT_SECP384R1_MLKEM1024
- KAS_PUBLIC_KEY_ALG_ENUM_MLKEM_768
- KAS_PUBLIC_KEY_ALG_ENUM_MLKEM_1024
policy.SourceType:
type: string
title: SourceType
Expand Down
46 changes: 6 additions & 40 deletions specs/policy/actions/actions.openapi.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -206,6 +206,8 @@ components:
- ALGORITHM_HPQT_XWING
- ALGORITHM_HPQT_SECP256R1_MLKEM768
- ALGORITHM_HPQT_SECP384R1_MLKEM1024
- ALGORITHM_MLKEM_768
- ALGORITHM_MLKEM_1024
description: Supported key algorithms.
policy.AttributeRuleTypeEnum:
type: string
Expand All @@ -222,28 +224,6 @@ components:
- CONDITION_BOOLEAN_TYPE_ENUM_UNSPECIFIED
- CONDITION_BOOLEAN_TYPE_ENUM_AND
- CONDITION_BOOLEAN_TYPE_ENUM_OR
policy.ConditionComparisonOperatorEnum:
type: string
title: ConditionComparisonOperatorEnum
enum:
- CONDITION_COMPARISON_OPERATOR_ENUM_UNSPECIFIED
- CONDITION_COMPARISON_OPERATOR_ENUM_EQUALS
- CONDITION_COMPARISON_OPERATOR_ENUM_CONTAINS
- CONDITION_COMPARISON_OPERATOR_ENUM_STARTS_WITH
- CONDITION_COMPARISON_OPERATOR_ENUM_ENDS_WITH
description: |-
How a selector result is compared against a comparison value. Replaces the all-in-one
SubjectMappingOperatorEnum by separating the comparison from the quantifier (see
ConditionQuantifierEnum) and case sensitivity.
policy.ConditionQuantifierEnum:
type: string
title: ConditionQuantifierEnum
enum:
- CONDITION_QUANTIFIER_ENUM_UNSPECIFIED
- CONDITION_QUANTIFIER_ENUM_ANY
- CONDITION_QUANTIFIER_ENUM_ALL
- CONDITION_QUANTIFIER_ENUM_NONE
description: How matches are aggregated across the comparison set (subject_external_values).
policy.KasPublicKeyAlgEnum:
type: string
title: KasPublicKeyAlgEnum
Expand All @@ -257,6 +237,8 @@ components:
- KAS_PUBLIC_KEY_ALG_ENUM_HPQT_XWING
- KAS_PUBLIC_KEY_ALG_ENUM_HPQT_SECP256R1_MLKEM768
- KAS_PUBLIC_KEY_ALG_ENUM_HPQT_SECP384R1_MLKEM1024
- KAS_PUBLIC_KEY_ALG_ENUM_MLKEM_768
- KAS_PUBLIC_KEY_ALG_ENUM_MLKEM_1024
policy.SourceType:
type: string
title: SourceType
Expand Down Expand Up @@ -540,10 +522,7 @@ components:
from idP/LDAP)
operator:
title: operator
description: |-
Deprecated: use comparison + quantifier (+ case_insensitive) instead. Normalized to the
decomposed fields in the service layer for backward compatibility.
deprecated: true
description: the evaluation operator of relation
$ref: '#/components/schemas/policy.SubjectMappingOperatorEnum'
subjectExternalValues:
type: array
Expand All @@ -556,23 +535,10 @@ components:
list of comparison values for the result of applying the
subject_external_selector_value on a flattened Entity Representation
(Subject), evaluated by the operator
comparison:
title: comparison
description: how each selector result is compared to subject_external_values entries
$ref: '#/components/schemas/policy.ConditionComparisonOperatorEnum'
quantifier:
title: quantifier
description: how matches are aggregated across subject_external_values
$ref: '#/components/schemas/policy.ConditionQuantifierEnum'
caseInsensitive:
title: case_insensitive
description: |-
when set true, comparison is case-insensitive; unset is treated as case-sensitive. Modeled as
BoolValue so an explicit false is distinguishable from unset, leaving room to change the default.
$ref: '#/components/schemas/google.protobuf.BoolValue'
title: Condition
required:
- subjectExternalSelectorValue
- operator
additionalProperties: false
description: |-
*
Expand Down
Loading