Skip to content

docs: clarify token precedence and silently-ignored inputs#6

Merged
kjdev merged 1 commit into
mainfrom
docs/readme
Jun 9, 2026
Merged

docs: clarify token precedence and silently-ignored inputs#6
kjdev merged 1 commit into
mainfrom
docs/readme

Conversation

@kjdev

@kjdev kjdev commented Jun 9, 2026

Copy link
Copy Markdown
Owner

Summary by CodeRabbit

  • Documentation
    • Clarified token handling: when both identity and access tokens are supplied, the extension uses the identity token; noted this differs from AVP claim-mapping behavior.
    • Reframed dynamic identity sources: token verification and delegation responsibility is borne by the caller.
    • Made entity tags and tag keys limitations explicit: tags APIs unavailable and tag keys are silently ignored.
    • Clarified context support: only contextMap is supported; cedarJson is ignored.

@coderabbitai

coderabbitai Bot commented Jun 9, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 95c93271-a5e7-4a80-bfca-43b19c843e85

📥 Commits

Reviewing files that changed from the base of the PR and between 14bba2a and 2c1d92c.

📒 Files selected for processing (1)
  • README.md
✅ Files skipped from review due to trivial changes (1)
  • README.md

📝 Walkthrough

Walkthrough

README updated to clarify isAuthorizedWithToken() token precedence (uses identityToken when both tokens present) and to expand unsupported features: entity tags are ignored and cedarJson-based context is unsupported (only contextMap is accepted).

Changes

AVP Compatibility Documentation

Layer / File(s) Summary
AVP compatibility and unsupported features clarification
README.md
Clarifies isAuthorizedWithToken() precedence: identityToken is used and accessToken ignored when both provided. Expands unsupported features to state entity tags keys are silently ignored and context via cedarJson is unsupported (only contextMap works).

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

A rabbit hops through docs with care,
Tokens sorted with a gentle stare—
When two arrive at the gate,
Identity leads, access will wait.
🐰✨

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The PR title accurately describes the main documentation changes: clarifying token precedence behavior and documenting silently-ignored inputs.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch docs/readme

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
README.md (1)

356-357: ⚡ Quick win

Clarify the exact key path as context.cedarJson for consistency with the request shape section.

This is already correct behavior-wise; specifying the nested path makes it unambiguous for callers.

✏️ Suggested wording
-- Passing `context` as raw Cedar JSON via the `cedarJson` key. Only
-  `contextMap` is supported; a `cedarJson` context is silently ignored.
+- Passing raw Cedar JSON via `context.cedarJson`. Only
+  `context.contextMap` is supported; `context.cedarJson` is silently ignored.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@README.md` around lines 356 - 357, Update the README sentence to explicitly
reference the nested key path as context.cedarJson to match the request shape
section and avoid ambiguity; state that only context.contextMap is supported and
that context.cedarJson (i.e., passing cedar JSON under the context.cedarJson
key) will be silently ignored so callers use context.contextMap instead.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@README.md`:
- Around line 347-348: The README incorrectly refers to a top-level entities[]
array; update the wording to reference the actual request shape
entities.entityList[] so callers know to provide the list under the entityList
key; also keep the note about Entity tags (.hasTag() / .getTag()) and state that
a tags key on an entities.entityList[] entry is silently ignored rather than
raising an error to avoid integration mistakes.

---

Nitpick comments:
In `@README.md`:
- Around line 356-357: Update the README sentence to explicitly reference the
nested key path as context.cedarJson to match the request shape section and
avoid ambiguity; state that only context.contextMap is supported and that
context.cedarJson (i.e., passing cedar JSON under the context.cedarJson key)
will be silently ignored so callers use context.contextMap instead.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d9b02110-3986-48b8-a649-814335157b6b

📥 Commits

Reviewing files that changed from the base of the PR and between 42bada6 and 14bba2a.

📒 Files selected for processing (1)
  • README.md

Comment thread README.md Outdated
- Explain that isAuthorizedWithToken uses identityToken and ignores
  accessToken, and how this differs from AVP.
- Note that a tags key on entities[] entries is silently ignored.
- Note that a cedarJson context key is silently ignored; only
  contextMap is supported.
@kjdev

kjdev commented Jun 9, 2026

Copy link
Copy Markdown
Owner Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jun 9, 2026

Copy link
Copy Markdown
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@kjdev kjdev merged commit e49781f into main Jun 9, 2026
7 checks passed
@kjdev kjdev deleted the docs/readme branch June 9, 2026 04:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant