Improve README.md text

Signed-off-by: Marko Strukelj <[email protected]>
strimzi · Dec 15, 2021 · c67a543 · c67a543
1 parent c64b2b6
commit c67a543
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -454,20 +454,20 @@ For example:
 
 See [JsonPathFilterQuery JavaDoc](oauth-common/src/main/java/io/strimzi/kafka/oauth/jsonpath/JsonPathFilterQuery.java) for more information about the syntax.
 
-###### Groups extraction
+###### Group extraction
 
-When using custom authorization (by installing a custom authorizer via) you may want to take user's group membership into account when making the authorization decisions.
-One way is to obtain and inspect a parsed JWT token via `io.strimzi.kafka.oauth.server.OAuthKafkaPrincipal` object available via `AuthorizableRequestContext` passed to your `authorize()` method.
+When using custom authorization (by installing a custom authorizer) you may want to take user's group membership into account when making the authorization decisions.
+One way is to obtain and inspect a parsed JWT token from `io.strimzi.kafka.oauth.server.OAuthKafkaPrincipal` object available through `AuthorizableRequestContext` passed to your `authorize()` method.
 Another way is to configure group extraction at authentication time, and get groups as a list of principals from `OAuthKafkaPrincipal` object.
-There are two configuration parameters for configuring groups extraction:
+There are two configuration parameters for configuring group extraction:
 
 - `oauth.groups.claim` (e.g.: `$.roles.client-roles.kafka`)
 - `oauth.groups.claim.delimiter` (a delimiter to parse the value of the groups claim when it's a single delimited string. E.g.: `,` - that's the default value)
 
 Use `oauth.groups.claim` to specify a JSONPath query pointing to the claim containing an array of strings, or a delimited single string.
 Use `oauth.groups.claim.delimiter` to specify a delimiter to use for parsing groups when they are specified as a delimited string.
 
-By default, no group extraction is performed. When you configure `oauth.groups.claim` the groups extraction is enabled and occurs during authentication.
+By default, no group extraction is performed. When you configure `oauth.groups.claim` the group extraction is enabled and occurs during authentication.
 The extracted groups are stored into `OAuthKafkaPrincipal` object. Here is an example how you can extract them in your custom authorizer:
 ```
     public List<AuthorizationResult> authorize(AuthorizableRequestContext requestContext, List<Action> actions) {