Supported formats policy operator #210
Description
This policy operator was discussed at the workshop in Stockholm. It just lost the majority of the votes, but I still put it forward here as I personally believe that this operator may turn out to be essential for the ability to process new metadata types without code updates to federation services.
Policy operator value is an expression of the expected format of the resulting metadata parameter:
E.g. string, string array, integer, integer array, boolean or object.
This policy is a match if the resulting metadata value is consistent with the required format. The result of policy processing must use the required value format. This policy operator must be process after all value modifying operators. This operator is allowed to change a single value to an array and is also allowed to do string to integer and integer to string conversions.
Policy merge is identical to "value". Values much match or be absent, everything else is an error.
Rationale
We see a fairly large number of new metadata types emerging that we would like to process handle using OpenID federation. Some policy operators may create uncertainty about the required output format unless the output format is known by the policy processor. One example is if the input metadata parameter is empty and the processed using an "add" policy operator. This would create an uncertainty whether the output should be an array or a single value.
Byt using this policy operator it would be possible to express a metadata policy also for metadata types where the policy engines has not knowledge of the metadata value type without waiting for software updates in all federation services that may need to process this policy.