diff --git a/docs/keto/cli/keto-check.md b/docs/keto/cli/keto-check.md index ab432b988..ead796f54 100644 --- a/docs/keto/cli/keto-check.md +++ b/docs/keto/cli/keto-check.md @@ -9,6 +9,7 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto check Check whether a subject has a relation on an object @@ -40,5 +41,4 @@ keto check [flags] ### SEE ALSO -* [keto](keto) - Global and consistent permission and authorization server - +- [keto](keto) - Global and consistent permission and authorization server diff --git a/docs/keto/cli/keto-expand.md b/docs/keto/cli/keto-expand.md index 032e454c6..cfa28375b 100644 --- a/docs/keto/cli/keto-expand.md +++ b/docs/keto/cli/keto-expand.md @@ -9,6 +9,7 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto expand Expand a subject set @@ -40,5 +41,4 @@ keto expand [flags] ### SEE ALSO -* [keto](keto) - Global and consistent permission and authorization server - +- [keto](keto) - Global and consistent permission and authorization server diff --git a/docs/keto/cli/keto-migrate-down.md b/docs/keto/cli/keto-migrate-down.md index a5c3098c5..f088f6e93 100644 --- a/docs/keto/cli/keto-migrate-down.md +++ b/docs/keto/cli/keto-migrate-down.md @@ -9,14 +9,14 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto migrate down Migrate the database down ### Synopsis -Migrate the database down a specific amount of steps. -Pass 0 steps to fully migrate down. +Migrate the database down a specific amount of steps. Pass 0 steps to fully migrate down. ``` keto migrate down [flags] @@ -39,5 +39,4 @@ keto migrate down [flags] ### SEE ALSO -* [keto migrate](keto-migrate) - Commands to migrate the database - +- [keto migrate](keto-migrate) - Commands to migrate the database diff --git a/docs/keto/cli/keto-migrate-status.md b/docs/keto/cli/keto-migrate-status.md index 5738f4021..04ec33dff 100644 --- a/docs/keto/cli/keto-migrate-status.md +++ b/docs/keto/cli/keto-migrate-status.md @@ -9,14 +9,14 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto migrate status Get the current migration status ### Synopsis -Get the current migration status. -This does not affect namespaces. Use `keto namespace migrate status` for migrating namespaces. +Get the current migration status. This does not affect namespaces. Use `keto namespace migrate status` for migrating namespaces. ``` keto migrate status [flags] @@ -38,5 +38,4 @@ keto migrate status [flags] ### SEE ALSO -* [keto migrate](keto-migrate) - Commands to migrate the database - +- [keto migrate](keto-migrate) - Commands to migrate the database diff --git a/docs/keto/cli/keto-migrate-up.md b/docs/keto/cli/keto-migrate-up.md index b6b4b4d7c..6b927a18a 100644 --- a/docs/keto/cli/keto-migrate-up.md +++ b/docs/keto/cli/keto-migrate-up.md @@ -9,6 +9,7 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto migrate up Migrate the database up @@ -17,14 +18,13 @@ Migrate the database up Run this command on a fresh SQL installation and when you upgrade Ory Keto from version v0.7.x and later. -It is recommended to run this command close to the SQL instance (e.g. same subnet) instead of over the public internet. -This decreases risk of failure and decreases time required. +It is recommended to run this command close to the SQL instance (e.g. same subnet) instead of over the public internet. This +decreases risk of failure and decreases time required. -### WARNING ### +### WARNING Before running this command on an existing database, create a back up! - ``` keto migrate up [flags] ``` @@ -46,5 +46,4 @@ keto migrate up [flags] ### SEE ALSO -* [keto migrate](keto-migrate) - Commands to migrate the database - +- [keto migrate](keto-migrate) - Commands to migrate the database diff --git a/docs/keto/cli/keto-migrate.md b/docs/keto/cli/keto-migrate.md index 066a576fc..31826c596 100644 --- a/docs/keto/cli/keto-migrate.md +++ b/docs/keto/cli/keto-migrate.md @@ -9,14 +9,14 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto migrate Commands to migrate the database ### Synopsis -Commands to migrate the database. -This does not affect namespaces. Use `keto namespace migrate` for migrating namespaces. +Commands to migrate the database. This does not affect namespaces. Use `keto namespace migrate` for migrating namespaces. ### Options @@ -32,8 +32,7 @@ This does not affect namespaces. Use `keto namespace migrate` for migrating name ### SEE ALSO -* [keto](keto) - Global and consistent permission and authorization server -* [keto migrate down](keto-migrate-down) - Migrate the database down -* [keto migrate status](keto-migrate-status) - Get the current migration status -* [keto migrate up](keto-migrate-up) - Migrate the database up - +- [keto](keto) - Global and consistent permission and authorization server +- [keto migrate down](keto-migrate-down) - Migrate the database down +- [keto migrate status](keto-migrate-status) - Get the current migration status +- [keto migrate up](keto-migrate-up) - Migrate the database up diff --git a/docs/keto/cli/keto-namespace-migrate-legacy.md b/docs/keto/cli/keto-namespace-migrate-legacy.md index 18ee88de0..f60af2ced 100644 --- a/docs/keto/cli/keto-namespace-migrate-legacy.md +++ b/docs/keto/cli/keto-namespace-migrate-legacy.md @@ -9,16 +9,16 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto namespace migrate legacy Migrate a namespace from v0.6.x to v0.7.x and later. ### Synopsis -Migrate a legacy namespaces from v0.6.x to the v0.7.x and later. -This step only has to be executed once. -If no namespace is specified, all legacy namespaces will be migrated. -Please ensure that namespace IDs did not change in the config file and you have a backup in case something goes wrong! +Migrate a legacy namespaces from v0.6.x to the v0.7.x and later. This step only has to be executed once. If no namespace is +specified, all legacy namespaces will be migrated. Please ensure that namespace IDs did not change in the config file and you have +a backup in case something goes wrong! ``` keto namespace migrate legacy [] [flags] @@ -44,5 +44,4 @@ keto namespace migrate legacy [] [flags] ### SEE ALSO -* [keto namespace migrate](keto-namespace-migrate) - Migrate a namespace - +- [keto namespace migrate](keto-namespace-migrate) - Migrate a namespace diff --git a/docs/keto/cli/keto-namespace-migrate.md b/docs/keto/cli/keto-namespace-migrate.md index 2343a2b23..5eaba0368 100644 --- a/docs/keto/cli/keto-namespace-migrate.md +++ b/docs/keto/cli/keto-namespace-migrate.md @@ -9,6 +9,7 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto namespace migrate Migrate a namespace @@ -27,6 +28,5 @@ Migrate a namespace ### SEE ALSO -* [keto namespace](keto-namespace) - Read and manipulate namespaces -* [keto namespace migrate legacy](keto-namespace-migrate-legacy) - Migrate a namespace from v0.6.x to v0.7.x and later. - +- [keto namespace](keto-namespace) - Read and manipulate namespaces +- [keto namespace migrate legacy](keto-namespace-migrate-legacy) - Migrate a namespace from v0.6.x to v0.7.x and later. diff --git a/docs/keto/cli/keto-namespace-validate.md b/docs/keto/cli/keto-namespace-validate.md index 1672e101b..1626c850b 100644 --- a/docs/keto/cli/keto-namespace-validate.md +++ b/docs/keto/cli/keto-namespace-validate.md @@ -9,16 +9,15 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto namespace validate Validate namespace definitions ### Synopsis -validate -Validates namespace definitions. Parses namespace yaml files or configuration -files passed via the configuration flag. Returns human readable errors. Useful for -debugging. +validate Validates namespace definitions. Parses namespace yaml files or configuration files passed via the configuration flag. +Returns human readable errors. Useful for debugging. ``` keto namespace validate [ ...] | validate -c [flags] @@ -38,5 +37,4 @@ keto namespace validate [ ...] | validate -c + ## keto namespace Read and manipulate namespaces @@ -27,7 +28,6 @@ Read and manipulate namespaces ### SEE ALSO -* [keto](keto) - Global and consistent permission and authorization server -* [keto namespace migrate](keto-namespace-migrate) - Migrate a namespace -* [keto namespace validate](keto-namespace-validate) - Validate namespace definitions - +- [keto](keto) - Global and consistent permission and authorization server +- [keto namespace migrate](keto-namespace-migrate) - Migrate a namespace +- [keto namespace validate](keto-namespace-validate) - Validate namespace definitions diff --git a/docs/keto/cli/keto-relation-tuple-create.md b/docs/keto/cli/keto-relation-tuple-create.md index 7fae0d6e1..c500bbae0 100644 --- a/docs/keto/cli/keto-relation-tuple-create.md +++ b/docs/keto/cli/keto-relation-tuple-create.md @@ -9,15 +9,15 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto relation-tuple create Create relation tuples from JSON files ### Synopsis -Create relation tuples from JSON files. -A directory will be traversed and all relation tuples will be created. -Pass the special filename `-` to read from STD_IN. +Create relation tuples from JSON files. A directory will be traversed and all relation tuples will be created. Pass the special +filename `-` to read from STD_IN. ``` keto relation-tuple create [] [flags] @@ -41,5 +41,4 @@ keto relation-tuple create [] [flags] ### SEE ALSO -* [keto relation-tuple](keto-relation-tuple) - Read and manipulate relation tuples - +- [keto relation-tuple](keto-relation-tuple) - Read and manipulate relation tuples diff --git a/docs/keto/cli/keto-relation-tuple-delete-all.md b/docs/keto/cli/keto-relation-tuple-delete-all.md index 627a7e7a1..28cfdc01e 100644 --- a/docs/keto/cli/keto-relation-tuple-delete-all.md +++ b/docs/keto/cli/keto-relation-tuple-delete-all.md @@ -9,14 +9,15 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto relation-tuple delete-all Delete ALL relation tuples matching the relation query. ### Synopsis -Delete all relation tuples matching the relation query. -It is recommended to first run the command without the `--force` flag to verify that the operation is safe. +Delete all relation tuples matching the relation query. It is recommended to first run the command without the `--force` flag to +verify that the operation is safe. ``` keto relation-tuple delete-all [flags] @@ -46,5 +47,4 @@ keto relation-tuple delete-all [flags] ### SEE ALSO -* [keto relation-tuple](keto-relation-tuple) - Read and manipulate relation tuples - +- [keto relation-tuple](keto-relation-tuple) - Read and manipulate relation tuples diff --git a/docs/keto/cli/keto-relation-tuple-delete.md b/docs/keto/cli/keto-relation-tuple-delete.md index 0b27a4c4e..b7c8bf330 100644 --- a/docs/keto/cli/keto-relation-tuple-delete.md +++ b/docs/keto/cli/keto-relation-tuple-delete.md @@ -9,14 +9,14 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto relation-tuple delete Delete relation tuples defined in JSON files ### Synopsis -Delete relation tuples defined in the given JSON files. -A directory will be traversed and all relation tuples will be deleted. +Delete relation tuples defined in the given JSON files. A directory will be traversed and all relation tuples will be deleted. Pass the special filename `-` to read from STD_IN. ``` @@ -41,5 +41,4 @@ keto relation-tuple delete [] [flags] ### SEE ALSO -* [keto relation-tuple](keto-relation-tuple) - Read and manipulate relation tuples - +- [keto relation-tuple](keto-relation-tuple) - Read and manipulate relation tuples diff --git a/docs/keto/cli/keto-relation-tuple-get.md b/docs/keto/cli/keto-relation-tuple-get.md index a46ac4358..fed5d6a97 100644 --- a/docs/keto/cli/keto-relation-tuple-get.md +++ b/docs/keto/cli/keto-relation-tuple-get.md @@ -9,14 +9,14 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto relation-tuple get Get relation tuples ### Synopsis -Get relation tuples matching the given partial tuple. -Returns paginated results. +Get relation tuples matching the given partial tuple. Returns paginated results. ``` keto relation-tuple get [flags] @@ -47,5 +47,4 @@ keto relation-tuple get [flags] ### SEE ALSO -* [keto relation-tuple](keto-relation-tuple) - Read and manipulate relation tuples - +- [keto relation-tuple](keto-relation-tuple) - Read and manipulate relation tuples diff --git a/docs/keto/cli/keto-relation-tuple-parse.md b/docs/keto/cli/keto-relation-tuple-parse.md index efc6baaae..e922ed821 100644 --- a/docs/keto/cli/keto-relation-tuple-parse.md +++ b/docs/keto/cli/keto-relation-tuple-parse.md @@ -9,15 +9,15 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto relation-tuple parse Parse human readable relation tuples ### Synopsis -Parse human readable relation tuples as used in the documentation. -Supports various output formats. Especially useful for piping into other commands by using `--format json`. -Ignores comments (starting with `//`) and blank lines. +Parse human readable relation tuples as used in the documentation. Supports various output formats. Especially useful for piping +into other commands by using `--format json`. Ignores comments (starting with `//`) and blank lines. ``` keto relation-tuple parse [flags] @@ -39,5 +39,4 @@ keto relation-tuple parse [flags] ### SEE ALSO -* [keto relation-tuple](keto-relation-tuple) - Read and manipulate relation tuples - +- [keto relation-tuple](keto-relation-tuple) - Read and manipulate relation tuples diff --git a/docs/keto/cli/keto-relation-tuple.md b/docs/keto/cli/keto-relation-tuple.md index 248526b84..fed4769f3 100644 --- a/docs/keto/cli/keto-relation-tuple.md +++ b/docs/keto/cli/keto-relation-tuple.md @@ -9,6 +9,7 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto relation-tuple Read and manipulate relation tuples @@ -27,10 +28,9 @@ Read and manipulate relation tuples ### SEE ALSO -* [keto](keto) - Global and consistent permission and authorization server -* [keto relation-tuple create](keto-relation-tuple-create) - Create relation tuples from JSON files -* [keto relation-tuple delete](keto-relation-tuple-delete) - Delete relation tuples defined in JSON files -* [keto relation-tuple delete-all](keto-relation-tuple-delete-all) - Delete ALL relation tuples matching the relation query. -* [keto relation-tuple get](keto-relation-tuple-get) - Get relation tuples -* [keto relation-tuple parse](keto-relation-tuple-parse) - Parse human readable relation tuples - +- [keto](keto) - Global and consistent permission and authorization server +- [keto relation-tuple create](keto-relation-tuple-create) - Create relation tuples from JSON files +- [keto relation-tuple delete](keto-relation-tuple-delete) - Delete relation tuples defined in JSON files +- [keto relation-tuple delete-all](keto-relation-tuple-delete-all) - Delete ALL relation tuples matching the relation query. +- [keto relation-tuple get](keto-relation-tuple-get) - Get relation tuples +- [keto relation-tuple parse](keto-relation-tuple-parse) - Parse human readable relation tuples diff --git a/docs/keto/cli/keto-serve.md b/docs/keto/cli/keto-serve.md index 0f2394ba7..2f7b6d06c 100644 --- a/docs/keto/cli/keto-serve.md +++ b/docs/keto/cli/keto-serve.md @@ -9,6 +9,7 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto serve Starts the server and serves the HTTP REST and gRPC APIs @@ -19,8 +20,8 @@ This command opens the network ports and listens to HTTP and gRPC API requests. ## Configuration -ORY Keto can be configured using environment variables as well as a configuration file. For more information -on configuration options, open the configuration documentation: +ORY Keto can be configured using environment variables as well as a configuration file. For more information on configuration +options, open the configuration documentation: >> https://www.ory.sh/keto/docs/reference/configuration << @@ -43,5 +44,4 @@ keto serve [flags] ### SEE ALSO -* [keto](keto) - Global and consistent permission and authorization server - +- [keto](keto) - Global and consistent permission and authorization server diff --git a/docs/keto/cli/keto-status.md b/docs/keto/cli/keto-status.md index b36ab1267..12b9ef56b 100644 --- a/docs/keto/cli/keto-status.md +++ b/docs/keto/cli/keto-status.md @@ -9,6 +9,7 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto status Get the status of the upstream Keto instance @@ -40,5 +41,4 @@ keto status [flags] ### SEE ALSO -* [keto](keto) - Global and consistent permission and authorization server - +- [keto](keto) - Global and consistent permission and authorization server diff --git a/docs/keto/cli/keto-version.md b/docs/keto/cli/keto-version.md index c7d6f27fb..d126276de 100644 --- a/docs/keto/cli/keto-version.md +++ b/docs/keto/cli/keto-version.md @@ -9,6 +9,7 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto version Show the build version, build time, and git hash @@ -31,5 +32,4 @@ keto version [flags] ### SEE ALSO -* [keto](keto) - Global and consistent permission and authorization server - +- [keto](keto) - Global and consistent permission and authorization server diff --git a/docs/keto/cli/keto.md b/docs/keto/cli/keto.md index d582696ba..7dec0347e 100644 --- a/docs/keto/cli/keto.md +++ b/docs/keto/cli/keto.md @@ -9,6 +9,7 @@ This file is auto-generated. To improve this file please make your change against the appropriate "./cmd/*.go" file. --> + ## keto Global and consistent permission and authorization server @@ -22,12 +23,11 @@ Global and consistent permission and authorization server ### SEE ALSO -* [keto check](keto-check) - Check whether a subject has a relation on an object -* [keto expand](keto-expand) - Expand a subject set -* [keto migrate](keto-migrate) - Commands to migrate the database -* [keto namespace](keto-namespace) - Read and manipulate namespaces -* [keto relation-tuple](keto-relation-tuple) - Read and manipulate relation tuples -* [keto serve](keto-serve) - Starts the server and serves the HTTP REST and gRPC APIs -* [keto status](keto-status) - Get the status of the upstream Keto instance -* [keto version](keto-version) - Show the build version, build time, and git hash - +- [keto check](keto-check) - Check whether a subject has a relation on an object +- [keto expand](keto-expand) - Expand a subject set +- [keto migrate](keto-migrate) - Commands to migrate the database +- [keto namespace](keto-namespace) - Read and manipulate namespaces +- [keto relation-tuple](keto-relation-tuple) - Read and manipulate relation tuples +- [keto serve](keto-serve) - Starts the server and serves the HTTP REST and gRPC APIs +- [keto status](keto-status) - Get the status of the upstream Keto instance +- [keto version](keto-version) - Show the build version, build time, and git hash diff --git a/docs/oathkeeper/api-access-rules.md b/docs/oathkeeper/api-access-rules.md index 92c708828..bdff7ba05 100644 --- a/docs/oathkeeper/api-access-rules.md +++ b/docs/oathkeeper/api-access-rules.md @@ -82,6 +82,9 @@ Access Rules have four principal keys: - `match` (object): Defines the URL(s) this Access Rule should match. - `methods` (string[]): Array of HTTP methods (for example GET, POST, PUT, DELETE, ...). + - `headers` (map[string]string): Map of HTTP headers to match. If the header you are matching against is of array type (like a + User-Agent header), the value you define must match any of the element of the array. The match is an equality and does not + support regular expressions. - `url` (string): The URL that should be matched. You can use regular expressions or glob patterns in this field to match more than one url. The matching strategy (glob or regexp) is defined in the global configuration file as `access_rules.matching_strategy`. This matcher ignores query parameters. Regular expressions (or glob patterns) are @@ -133,6 +136,9 @@ Rule in JSON format: "strip_path": "/api/v1" }, "match": { + "headers": { + "Content-Type": "application+v2.json" + }, "url": "http://my-app/some-route/<.*>", "methods": ["GET", "POST"] }, @@ -153,6 +159,8 @@ upstream: preserve_host: true strip_path: /api/v1 match: + headers: + Content-Type: application+v2.json url: http://my-app/some-route/<.*> methods: - GET @@ -193,6 +201,7 @@ authenticators: "strip_path": "/api/v1" }, "match": { + "headers": {}, "url": "http://my-app/some-route/<.*>", "methods": ["GET", "POST"] }, diff --git a/package.json b/package.json index db4c662f9..78f8cdd41 100644 --- a/package.json +++ b/package.json @@ -84,6 +84,7 @@ "memfs": "^3.4.2", "npm-run-all": "^4.1.5", "path-to-regexp": "^6.2.0", + "prettier": "2.6.2", "raw-loader": "^4.0.2", "text-runner": "^5.0.0", "wait-on": "^6.0.0",