Edits authorization documentation

Edits the documentation for both technical details, as well as content
and flow.

Author: weierophinney

README.md

@@ -3,14 +3,15 @@
 [![Build Status](https://secure.travis-ci.org/zendframework/zend-expressive-authorization.svg?branch=master)](https://secure.travis-ci.org/zendframework/zend-expressive-authorization)
 [![Coverage Status](https://coveralls.io/repos/github/zendframework/zend-expressive-authorization/badge.svg?branch=master)](https://coveralls.io/github/zendframework/zend-expressive-authorization?branch=master)
 
-Zend-expressive-authorization is a middleware for [Expressive](https://github.com/zendframework/zend-expressive)
-and [PSR-7](http://www.php-fig.org/psr/psr-7/) applications for authorize
+Zend-expressive-authorization provides middleware for [Expressive](https://github.com/zendframework/zend-expressive)
+and [PSR-7](http://www.php-fig.org/psr/psr-7/) applications for authorizing
 specific routes based on [ACL](https://en.wikipedia.org/wiki/Access_control_list)
 or [RBAC](https://en.wikipedia.org/wiki/Role-based_access_control) systems.
 
 ## Installation
 
-You can install the *zend-expressive-authorization* library with composer:
+You can install the zend-expressive-authorization library with
+[Composer](https://getcomposer.org):
 
 ```bash
 $ composer require zendframework/zend-expressive-authorization

docs/book/v1/auth-adapter.md

@@ -1,51 +1,63 @@
 # Authorization adapters
 
-You can choose an authorization adapter through the service container
-configuration.
-
-You need to specify the service for authentication using the name
-`Zend\Expressive\Authorization\AuthorizationInterface`.
-
-For instance, using [zend-servicemanager](https://github.com/zendframework/zend-servicemanager)
-you can easily configure the authorization using aliases. Below is an example of
-configuration using an ACL or RBAC adapter.
-
-
-```
-use Zend\Expressive\Authorization\AuthorizationInterface;
-use Zend\Expressive\Authorization\Acl\ZendAcl;
-use Zend\Expressive\Authorization\Rbac\ZendRbac;
-
-return [
-    // ...
-    'dependencies' => [
-        // ...
-        'aliases' => [
-            // ...
-            AuthorizationInterface::class => ZendAcl::class,
-            // or AuthorizationInterface::class => ZendRbac::class
-        ]
-    ]
-];
-```
-
-The RBAC adapter is managed by [zend-expressive-authorization-rbac](https://github.com/zendframework/zend-expressive-authorization-rbac)
-and ACL is managed by [zend-expressive-authorization-acl](https://github.com/zendframework/zend-expressive-authorization-acl/)
-library.
-
-If you want to use one of these adapters, you need to install via composer:
+You can configure the authorization adapter to use via your service container
+configuration. Specifically, you can either map the service name
+`Zend\Expressive\Authorization\AuthorizationInterface` to a factory, or alias it
+to the appropriate service.
+
+For instance, using [Expressive container configuration](https://docs.zendframework.com/zend-expressive/v3/features/container/config/),
+you could select the zend-expressive-authorization-acl adapter in either of the
+following ways:
+
+- Using an alias:
+  ```php
+  use Zend\Expressive\Authorization\AuthorizationInterface;
+  use Zend\Expressive\Authorization\Acl\ZendAcl;
+  
+  return [
+      'dependencies' => [
+          // Using an alias:
+          'aliases' => [
+              AuthorizationInterface::class => ZendAcl::class,
+          ],
+      ],
+  ];
+  ```
+
+- Mapping to a factory:
+  ```php
+  use Zend\Expressive\Authorization\AuthorizationInterface;
+  use Zend\Expressive\Authorization\Acl\ZendAclFactory;
+  
+  return [
+      'dependencies' => [
+          // Using an alias:
+          'factories' => [
+              AuthorizationInterface::class => ZendAclFactory::class,
+          ],
+      ],
+  ];
+  ```
+
+We provide two different adapters.
+
+- The RBAC adapter is provided by [zend-expressive-authorization-rbac](https://github.com/zendframework/zend-expressive-authorization-rbac).
+- The ACL adapter is provided by [zend-expressive-authorization-acl](https://github.com/zendframework/zend-expressive-authorization-acl/).
+
+Each adapter is installable via [Composer](https://getcomposer.org):
 
 ```bash
-composer require zendframework/zend-expressive-authorization-rbac
+$ composer require zendframework/zend-expressive-authorization-rbac
 # or
-composer require zendframework/zend-expressive-authorization-acl
+$ composer require zendframework/zend-expressive-authorization-acl
 ```
 
-In both these adapters, we used the **route name** as resource. This means, you
-can specify if a role is authorized to access a specific HTTP route or not.
-This is just a general idea for implementing an authorization system. You can
-create your own system implementing the [AuthorizationInterface](https://github.com/zendframework/zend-expressive-authorization/blob/master/src/AuthorizationInterface.php),
-as reported above.
+In each adapter, we use the **route name** as the resource. This means you
+can specify if a role is authorized to access a specific HTTP _route_.
+However, this is just one approach to implementing an authorization system; you
+can create your own system by implementing the
+[AuthorizationInterface](https://github.com/zendframework/zend-expressive-authorization/blob/master/src/AuthorizationInterface.php).
 
-For more information about these adapters please read the [RBAC documentation](https://docs.zendframework.com/zend-expressive-authorization-rbac/)
+For more information on the adapters, please read the
+[RBAC documentation](https://docs.zendframework.com/zend-expressive-authorization-rbac/)
 and the [ACL documentation](https://docs.zendframework.com/zend-expressive-authorization-acl/).

docs/book/v1/intro.md

@@ -1,19 +1,20 @@
 # Zend Expressive Authorization
 
-This component provides authorization abstraction middleware for [PSR-7](https://www.php-fig.org/psr/psr-7/)
-applications.
+This component provides authorization middleware for [PSR-7](https://www.php-fig.org/psr/psr-7/)
+and [PSR-15](https://www.php-fig.org/psr/psr-15/) applications.
 
-An authorization system needs authentication first. To verify that an identity
-has access to something (i.e. is authorized) we need to have an identity,
-if authenticated.
+An authorization system first needs authentication: to verify that an identity
+has access to something (i.e., is authorized) we first need the _identity_, which
+is provided during authentication.
 
-You can easily implement an authentication system using [zend-expressive-authentication](https://github.com/zendframework/zend-expressive-authentication)
-library. This library provides an `AuthenticationMiddleware` class that verify
-credentials using the HTTP request and store an identity as [PSR-7 attribute](https://docs.zendframework.com/zend-expressive/v2/cookbook/passing-data-between-middleware/).
+Authentication is provided via the package
+[zend-expressive-authentication](https://docs.zendframework.com/zend-expressive-authentication/).
+That library provides an `AuthenticationMiddleware` class that verify
+credentials using the HTTP request, and stores the identity via a [PSR-7 request attribute](https://docs.zendframework.com/zend-expressive/v2/cookbook/passing-data-between-middleware/).
 
-The identity attribute generated by [zend-expressive-authentication](https://github.com/zendframework/zend-expressive-authentication)
-is named `Zend\Expressive\Authentication\UserInterface` and it contains a
-`UserInterface` object.
+The identity generated by zend-expressive-authentication is stored as the
+request attribute `Zend\Expressive\Authentication\UserInterface` as a
+`UserInterface` implementation. That interface looks like the following:
 
 ```php
 namespace Zend\Expressive\Authentication;
@@ -24,34 +25,39 @@ interface UserInterface
      * Get the unique user identity (id, username, email address or ...)
      */
     public function getIdentity() : string;
+
     /**
      * Get all user roles
      *
      * @return Iterable
      */
     public function getRoles() : iterable;
+
     /**
      * Get a detail $name if present, $default otherwise
      */
     public function getDetail(string $name, $default = null);
+
     /**
      * Get all the details, if any
      */
     public function getDetails() : array;
 }
 ```
 
-**Zend Expressive Authorization** consumes this identity attribute.
-It checks if a user's role (of the `UserInterface` object) is authorized
-(granted) to execute the HTTP request.
+zend-expressive-authorization consumes this identity attribute.  It checks if a
+user's role (as retrieved from the `UserInterface` object) is authorized
+(granted) to the perform the current HTTP request.
+
+Authorization is performed using the `isGranted()` method of the
+[AuthorizationInterface](https://github.com/zendframework/zend-expressive-authorization/blob/master/src/AuthorizationInterface.php).
 
-The authorization is performed using the `isGranted()` function of the [AuthorizationInterface](https://github.com/zendframework/zend-expressive-authorization/blob/master/src/AuthorizationInterface.php).
+We offer two adapters:
 
-We offer two adapters: [zend-expressive-authorization-rbac](https://github.com/zendframework/zend-expressive-authorization-rbac)
-for implementing a Role-Based Access Control ([RBAC](https://en.wikipedia.org/wiki/Role-based_access_control))
-and [zend-expressive-authorization-acl](https://github.com/zendframework/zend-expressive-authorization-acl/)
-for implementing an Access Control List ([ACL](https://en.wikipedia.org/wiki/Access_control_list)).
+- [zend-expressive-authorization-rbac](https://github.com/zendframework/zend-expressive-authorization-rbac),
+  which implements Role-Based Access Controls ([RBAC](https://en.wikipedia.org/wiki/Role-based_access_control))
+- [zend-expressive-authorization-acl](https://github.com/zendframework/zend-expressive-authorization-acl/),
+  which implements an Access Control List ([ACL](https://en.wikipedia.org/wiki/Access_control_list)).
 
-> If you want to know more about authentication using middleware in PHP
-> we suggest to read [Authorize users using Middleware](https://framework.zend.com/blog/2017-05-04-authorization-middleware.html)
-> blog post.
+> If you want to know more about authentication using middleware in PHP,
+> we suggest reading the blog post ["Authorize users using Middleware"](https://framework.zend.com/blog/2017-05-04-authorization-middleware.html).