Provide more documentation about Oathkeeper URL matching #2395
Description
Preflight checklist
- I could not find a solution in the existing issues, docs, nor discussions.
- I agree to follow this project's Code of Conduct.
- I have read and am following this repository's Contribution Guidelines.
- I have joined the Ory Community Slack.
- I am signed up to the Ory Security Patch Newsletter.
Ory Network Project
No response
Describe your problem
Hello everyone!
I've been working with Ory for a few months now, integrating it into a project I'm doing. When I started using Oathkeeper I was very confused at first by mainly URL matching - the use of < and > for routes was foreign to me instead of just regular regexes and such.
Recently I noticed that when I use regex groups for routes they seemed to get duplicated. Turns out that when you have a URL matcher in a format such as https://example.org/<(resource1|resource2)> both the () regex group got interpreted and the <> regex as well - turns out that anything you wrap in <> is not just a regex but automatically a group as well (at least from what I observed).
Describe your ideal solution
In my opinion Oathkeeper needs more detailed documentation about regexes - at the very least noting that any <> regex is also a group could prove to be helpful to many people. Another thing that could greatly help in designing Oathkeeper rules would be some kind of regex playground (think regex101.com) that would allow people to use Oathkeeper's regex syntax and get immediate feedback on what URLs match their rules (by providing test strings).
Workarounds or alternatives
This isn't really a bug (at least it doesn't seem like one), just might be useful to note in docs. A workaround to getting duplicate regex groups in places where they overlap could be to use a non-capturing group (?:GROUP). This way when we have overlapping <> and () we only get one regex capture group.
Version
Oathkeeper v0.40.9
Additional Context
No response