Casbin vs oso: What are the differences?

Introduction

In this Markdown document, we will compare Casbin and oso, two popular open-source authorization libraries. We will highlight the key differences between these two libraries and provide specific descriptions for each difference.

1. Modeling Language: Casbin uses a custom policy language called the access control model (ACM), which allows defining authorization rules using objects, actions, and subjects. On the other hand, oso uses a declarative policy language that uses plain English to define authorization rules, making it more accessible and easier to understand for non-technical users.

2. Object-Oriented Design: Casbin is designed with an object-oriented approach, where policies are managed as objects and can be easily modified. oso, on the other hand, is designed with a data-centric approach, where policies are stored in a unified knowledge graph. This design difference results in Casbin being more flexible and customizable, while oso offers better traceability and auditability.

3. Language Support: Casbin supports multiple programming languages, including Go, Java, Python, Node.js, and others, allowing developers to integrate it into their preferred language. oso, on the other hand, initially targeted the Python ecosystem but has recently expanded its language support to include Ruby, JavaScript, and others. Casbin offers a wider range of supported languages compared to oso.

4. Data Sources: Casbin allows policies to be fetched from various data sources like files, databases, or even APIs, providing flexibility in policy management. oso, on the other hand, primarily relies on code-based policy management and does not yet offer extensive support for fetching policies from external data sources.

5. Community and Adoption: Casbin has a larger and more established community with a well-documented ecosystem, making it easier to find help, documentation, and integrations. oso, being a relatively newer library, has a smaller community but is gaining traction in specific domains like web application development and infrastructure management.

6. Flexible Control: Casbin offers fine-grained control over the enforcement of authorization rules, allowing developers to easily customize and extend the library's capabilities. oso follows a more opinionated approach, focusing on ease of use and providing out-of-the-box authorization capabilities for common use cases, which may limit flexibility in certain scenarios.

In summary, Casbin and oso differ in their modeling language, design approaches, language support, data source flexibility, community size, and level of control. While Casbin provides a more flexible and customizable solution with broader language support and community adoption, oso offers an easy-to-understand declarative policy language and better traceability. Choose the library based on your specific needs and preferences.