docs: Add Rego language comparison pages #7893
Conversation
✅ Deploy Preview for openpolicyagent ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
There was a problem hiding this comment.
@charlieegan3, these examples are absolutely gorgeous when rendered. I have no quibbles with the content-- I read through all three languages for each example, and the code looks pretty reasonable and/or idiomatic for each language, I think.
The only gripes I foresee will be from folks who have a favorite library that does some/all of an example's validation tasks. For folks rolling fairly vanilla validation and authz code without libraries, these examples should map pretty closely to the level of verbosity they will see in the wild.
I'm marking Approve, because I think this is a solid upgrade for the docs site. One small review comment follows below, just a remark on an example that tripped me up at first:
| return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"]) | ||
| } | ||
|
|
||
| return []byte("pa$$w0rd"), nil |
There was a problem hiding this comment.
I found this function to be a bit inscrutable on its own, and the docs site for golang-jwt/jwt wasn't exactly helpful. However, one of their HMAC examples demonstrates that the func(token *jwt.Token) func exists to extract a secret from the token. This explains what's going on here: the function in this example just hardcodes the returned secret for demonstration purposes.
There was a problem hiding this comment.
Thanks for the review Philip, I did leave a comment for this hard coded password on the java example since it was b64 encoded.
I have in each JWT example tried to use a commonly used package for the code, but perhaps developers are used to even higher level functions.
do you think it warrants a disclaimer of some sort? If so, do you have common libraries in mind that might be good to reference. I suppose we have lib.jwt on the OPA side too if we wanted to do a higher level comparison. https://github.com/StyraOSS/lib.jwt
3 participants
Part of https://blog.openpolicyagent.org/note-from-teemu-tim-and-torin-to-the-open-policy-agent-community-2dbbfe494371.