cleanup

ddebrunner · ddebrunner · commit cb2070c340e5 · 2024-06-19T18:13:07.000-04:00
diff --git a/protection/jwt-claims/README.md b/protection/jwt-claims/README.md
@@ -2,12 +2,13 @@
 
 This snippet shows how JWT claims can be used for field arguments.
 
-This examples demonstrates an number of StepZen capabilities:
+This examples demonstrates a number of StepZen capabilities:
 
 - Authorization using JWT
 - Field access rules
 - Field visibility rules
 - `@value` directive with access to JWT claims
+  - https://www.ibm.com/docs/en/api-connect/ace/saas?topic=directives-directive-value
 - Reshaping
 
 ## Restricting access through JWT claims.
@@ -17,7 +18,7 @@ is used as a customer's identifier. Thus the customer can only view their own in
 the backend database includes all customers.
 
 The field `Query.customer` provides an identifier lookup to all customers. This field is restricted
-from been executed by an authenticated user by field visibility and access rules.
+from being executed by field visibility and access rules.
 
 Instead a field `Query.me` is exposed with no field arguments that invokes `Query.customer`
 with the customer identifier pulled from the `sub` claim in the request's JWT.
@@ -27,9 +28,12 @@ This script has access to field arguments of its annotated field (in this case n
 Thus it returns the `sub` claim which is then automatically mapped as a scalar value to the sole argument of
 the next step in the sequence (`Query.customer(id:)`).
 
-Note these concepts could be combined with field access through RBAC rules (see XXXX)
+An alternate version of `Query._myid` exists `Query._my_id_jsonata` showing that scripts can be implemented in JSONata.
+The default langauge is ECMAScript.
+
+Note these concepts could be combined with field access through ABAC rules (see `protection/simpleABACSample`)
 so that `Query.customer` could be exposed, but only customer service reps could call it
-with an arbitary identifier.
+with any customer identifier.
 
 ## Try it out!
 
@@ -44,6 +48,7 @@ Run the [sample operations](operations.graphql):
 JWT with `sub: 5`.
 
 JWT: https://jwt.io/#debugger-io?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1In0.LE_mbGsS2FbxF41r4wOYKhWdBoYhnIk0-6d6U7ibF-A
+
 Secret Key: development-only
 
 ```
@@ -53,6 +58,7 @@ stepzen request -f operations.graphql --operation-name=Customer --header "Author
 JWT with `sub: 9`.
 
 JWT: https://jwt.io/#debugger-io?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1In0.LE_mbGsS2FbxF41r4wOYKhWdBoYhnIk0-6d6U7ibF-A
+
 Secret Key: development-only
 
 ```
