rename authorisation to authorization

Author: TomPallister

README.md

@@ -30,7 +30,7 @@ A quick list of Ocelot's capabilities for more information see the [documentatio
 * Kubernetes 
 * WebSockets
 * Authentication
-* Authorisation
+* Authorization
 * Rate Limiting
 * Caching
 * Retry policies / QoS

docs/features/authentication.rst

@@ -1,7 +1,7 @@
 Authentication
 ==============
 
-In order to authenticate Routes and subsequently use any of Ocelot's claims based features such as authorisation or modifying the request with values from the token. Users must register authentication services in their Startup.cs as usual but they provide a scheme (authentication provider key) with each registration e.g.
+In order to authenticate Routes and subsequently use any of Ocelot's claims based features such as authorization or modifying the request with values from the token. Users must register authentication services in their Startup.cs as usual but they provide a scheme (authentication provider key) with each registration e.g.
 
 .. code-block:: csharp
 

docs/features/authorisation.rst renamed to docs/features/authorization.rst

@@ -1,15 +1,15 @@
-Authorisation
+Authorization
 =============
 
-Ocelot supports claims based authorisation which is run post authentication. This means if you have a route you want to authorise you can add the following to you Route configuration.
+Ocelot supports claims based authorization which is run post authentication. This means if you have a route you want to authorize you can add the following to you Route configuration.
 
 .. code-block:: json
 
     "RouteClaimsRequirement": {
         "UserType": "registered"
     }
 
-In this example when the authorisation middleware is called Ocelot will check to seeif the user has the claim type UserType and if the value of that claim is registered. If it isn't then the user will not be authorised and the response will be 403 forbidden.
+In this example when the authorization middleware is called Ocelot will check to seeif the user has the claim type UserType and if the value of that claim is registered. If it isn't then the user will not be authorized and the response will be 403 forbidden.
 
 
 

docs/features/claimstransformation.rst

@@ -3,7 +3,7 @@ Claims Transformation
 
 Ocelot allows the user to access claims and transform them into headers, query string parameters, other claims and change downstream paths. This is only available once a user has been authenticated.
 
-After the user is authenticated we run the claims to claims transformation middleware. This allows the user to transform claims before the authorisation middleware is called. After the user is authorised first we call the claims to headers middleware, thenthe claims to query string parameters middleware, and Finally the claims to downstream pathmiddleware.
+After the user is authenticated we run the claims to claims transformation middleware. This allows the user to transform claims before the authorization middleware is called. After the user is authorized first we call the claims to headers middleware, thenthe claims to query string parameters middleware, and Finally the claims to downstream pathmiddleware.
 
 The syntax for performing the transforms is the same for each process. In the Route configuration a json dictionary is added with a specific name either AddClaimsToRequest, AddHeadersToRequest, AddQueriesToRequest, or ChangeDownstreamPathTemplate.
 

docs/features/errorcodes.rst

@@ -3,7 +3,7 @@ Http Error Status Codes
 
 Ocelot will return HTTP status error codes based on internal logic in certain siturations:
 - 401 if the authentication middleware runs and the user is not authenticated.
-- 403 if the authorisation middleware runs and the user is unauthenticated, claim value not authroised, scope not authorised, user doesnt have required claim or cannot find claim.
+- 403 if the authorization middleware runs and the user is unauthenticated, claim value not authroised, scope not authorized, user doesnt have required claim or cannot find claim.
 - 503 if the downstream request times out.
 - 499 if the request is cancelled by the client.
 - 404 if unable to find a downstream route.

docs/features/middlewareinjection.rst

@@ -31,9 +31,9 @@ The user can set functions against the following.
 
 * AuthenticationMiddleware - This overrides Ocelots authentication middleware.
 
-* PreAuthorisationMiddleware - This allows the user to run pre authorisation logic and then call Ocelot's authorisation middleware.
+* PreAuthorizationMiddleware - This allows the user to run pre authorization logic and then call Ocelot's authorization middleware.
 
-* AuthorisationMiddleware - This overrides Ocelots authorisation middleware.
+* AuthorizationMiddleware - This overrides Ocelots authorization middleware.
 
 * PreQueryStringBuilderMiddleware - This allows the user to manipulate the query string on the http request before it is passed to Ocelots request creator.
 

docs/features/requestid.rst

@@ -44,8 +44,8 @@ Below is an example of the logging when set at Debug level for a normal request.
           requestId: asdf, previousRequestId: no previous request id, message: downstream template is {downstreamRoute.Data.Route.DownstreamPath},
     dbug: Ocelot.RateLimit.Middleware.ClientRateLimitMiddleware[0]
           requestId: asdf, previousRequestId: no previous request id, message: EndpointRateLimiting is not enabled for Ocelot.Values.PathTemplate,
-    dbug: Ocelot.Authorisation.Middleware.AuthorisationMiddleware[0]
-          requestId: 1234, previousRequestId: asdf, message: /posts/{postId} route does not require user to be authorised,
+    dbug: Ocelot.Authorization.Middleware.AuthorizationMiddleware[0]
+          requestId: 1234, previousRequestId: asdf, message: /posts/{postId} route does not require user to be authorized,
     dbug: Ocelot.DownstreamUrlCreator.Middleware.DownstreamUrlCreatorMiddleware[0]
           requestId: 1234, previousRequestId: asdf, message: downstream url is {downstreamUrl.Data.Value},
     dbug: Ocelot.Request.Middleware.HttpRequestBuilderMiddleware[0]

docs/features/websockets.rst

@@ -102,7 +102,7 @@ Unfortunately a lot of Ocelot's features are non websocket specific such as head
 9. Claims Transformation
 10. Caching
 11. Authentication - If anyone requests it we might be able to do something with basic authentication.
-12. Authorisation
+12. Authorization
 
 I'm not 100% sure what will happen with this feature when it get's into the wild so please make sure you test thoroughly! 
 

docs/index.rst

@@ -26,7 +26,7 @@ Thanks for taking a look at the Ocelot documentation. Please use the left hand n
    features/servicefabric
    features/kubernetes
    features/authentication
-   features/authorisation
+   features/authorization
    features/websockets
    features/administration
    features/ratelimiting

samples/OcelotGraphQL/README.md

@@ -1,7 +1,7 @@
 # Ocelot using GraphQL example
 
 Loads of people keep asking me if Ocelot will every support GraphQL, in my mind Ocelot and GraphQL are two different things that can work together. 
-I would not try and implement GraphQL in Ocelot instead I would either have Ocelot in front of GraphQL to handle things like authorisation / authentication or I would 
+I would not try and implement GraphQL in Ocelot instead I would either have Ocelot in front of GraphQL to handle things like authorization / authentication or I would 
 bring in the awesome [graphql-dotnet](https://github.com/graphql-dotnet/graphql-dotnet) library and use it in a [DelegatingHandler](http://ocelot.readthedocs.io/en/latest/features/delegatinghandlers.html). This way you could have Ocelot and GraphQL without the extra hop to GraphQL. This same is an example of how to do that. 
 
 ## Example

src/Ocelot/Authorisation/ClaimValueNotAuthorisedError.cs

@@ -0,0 +1,13 @@
+namespace Ocelot.Authorization
+{
+    using Ocelot.Errors;
+    using System.Net;
+
+    public class ClaimValueNotAuthorizedError : Error
+    {
+        public ClaimValueNotAuthorizedError(string message)
+            : base(message, OcelotErrorCode.ClaimValueNotAuthorizedError, 403)
+        {
+        }
+    }
+}

src/Ocelot/Authorisation/Middleware/AuthorisationMiddlewareMiddlewareExtensions.cs

@@ -1,4 +1,4 @@
-namespace Ocelot.Authorisation
+namespace Ocelot.Authorization
 {
     using Ocelot.Infrastructure.Claims.Parser;
     using Ocelot.DownstreamRouteFinder.UrlMatcher;
@@ -8,16 +8,16 @@
     using System.Security.Claims;
     using System.Text.RegularExpressions;
 
-    public class ClaimsAuthoriser : IClaimsAuthoriser
+    public class ClaimsAuthorizer : IClaimsAuthorizer
     {
         private readonly IClaimsParser _claimsParser;
 
-        public ClaimsAuthoriser(IClaimsParser claimsParser)
+        public ClaimsAuthorizer(IClaimsParser claimsParser)
         {
             _claimsParser = claimsParser;
         }
 
-        public Response<bool> Authorise(
+        public Response<bool> Authorize(
             ClaimsPrincipal claimsPrincipal,
             Dictionary<string, string> routeClaimsRequirement,
             List<PlaceholderNameAndValue> urlPathPlaceholderNameAndValues
@@ -45,10 +45,10 @@ List<PlaceholderNameAndValue> urlPathPlaceholderNameAndValues
                         {
                             // match
                             var actualValue = matchingPlaceholders[0].Value;
-                            var authorised = values.Data.Contains(actualValue);
-                            if (!authorised)
+                            var authorized = values.Data.Contains(actualValue);
+                            if (!authorized)
                             {
-                                return new ErrorResponse<bool>(new ClaimValueNotAuthorisedError(
+                                return new ErrorResponse<bool>(new ClaimValueNotAuthorizedError(
                                     $"dynamic claim value for {variableName} of {string.Join(", ", values.Data)} is not the same as required value: {actualValue}"));
                             }
                         }
@@ -57,23 +57,23 @@ List<PlaceholderNameAndValue> urlPathPlaceholderNameAndValues
                             // config error
                             if (matchingPlaceholders.Length == 0)
                             {
-                                return new ErrorResponse<bool>(new ClaimValueNotAuthorisedError(
+                                return new ErrorResponse<bool>(new ClaimValueNotAuthorizedError(
                                     $"config error: requires variable claim value: {variableName} placeholders does not contain that variable: {string.Join(", ", urlPathPlaceholderNameAndValues.Select(p => p.Name))}"));
                             }
                             else
                             {
-                                return new ErrorResponse<bool>(new ClaimValueNotAuthorisedError(
+                                return new ErrorResponse<bool>(new ClaimValueNotAuthorizedError(
                                     $"config error: requires variable claim value: {required.Value} but placeholders are ambiguous: {string.Join(", ", urlPathPlaceholderNameAndValues.Where(p => p.Name.Equals(variableName)).Select(p => p.Value))}"));
                             }
                         }
                     }
                     else
                     {
                         // static claim
-                        var authorised = values.Data.Contains(required.Value);
-                        if (!authorised)
+                        var authorized = values.Data.Contains(required.Value);
+                        if (!authorized)
                         {
-                            return new ErrorResponse<bool>(new ClaimValueNotAuthorisedError(
+                            return new ErrorResponse<bool>(new ClaimValueNotAuthorizedError(
                                        $"claim value: {string.Join(", ", values.Data)} is not the same as required value: {required.Value} for type: {required.Key}"));
                         }
                     }

src/Ocelot/Authorisation/ScopeNotAuthorisedError.cs

@@ -2,16 +2,16 @@
 using Ocelot.Responses;
 using System.Security.Claims;
 
-namespace Ocelot.Authorisation
+namespace Ocelot.Authorization
 {
     using System.Collections.Generic;
 
-    public interface IClaimsAuthoriser
+    public interface IClaimsAuthorizer
     {
-        Response<bool> Authorise(
+        Response<bool> Authorize(
             ClaimsPrincipal claimsPrincipal,
             Dictionary<string, string> routeClaimsRequirement,
-            List<PlaceholderNameAndValue> urlPathPlaceholderNameAndValues
+            List<PlaceholderNameAndValue> urlPathPlaceholderNameAndValues
         );
     }
-}
+}

src/Ocelot/Authorization/ClaimValueNotAuthorizedError.cs

@@ -1,12 +1,12 @@
 using Ocelot.Responses;
 using System.Security.Claims;
 
-namespace Ocelot.Authorisation
+namespace Ocelot.Authorization
 {
     using System.Collections.Generic;
 
-    public interface IScopesAuthoriser
+    public interface IScopesAuthorizer
     {
-        Response<bool> Authorise(ClaimsPrincipal claimsPrincipal, List<string> routeAllowedScopes);
+        Response<bool> Authorize(ClaimsPrincipal claimsPrincipal, List<string> routeAllowedScopes);
     }
-}
+}