Attribute Release Policy - Script Engines
Usage
This feature is deprecated and is scheduled to be removed in the future.
Use alternative script engine implementations and other programming languages to configure attribute release policies. This approach
takes advantage of scripting functionality built into the Java platform via additional libraries and drivers. While Groovy should be
natively supported by CAS, the following module is required in the overlay to include support for additional languages
such as Python, etc.
1
2
3
4
5
| <dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-script-engines</artifactId>
<version>${cas.version}</version>
</dependency>
|
1
| implementation "org.apereo.cas:cas-server-support-script-engines:${project.'cas.version'}"
|
1
2
3
4
5
6
7
8
9
| dependencyManagement {
imports {
mavenBom "org.apereo.cas:cas-server-support-bom:${project.'cas.version'}"
}
}
dependencies {
implementation "org.apereo.cas:cas-server-support-script-engines"
}
|
1
2
3
4
5
6
7
8
9
10
| dependencies {
/*
The following platform references should be included automatically and are listed here for reference only.
implementation enforcedPlatform("org.apereo.cas:cas-server-support-bom:${project.'cas.version'}")
implementation platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)
*/
implementation "org.apereo.cas:cas-server-support-script-engines"
}
|
The service definition then may be designed as:
1
2
3
4
5
6
7
8
9
10
| {
"@class" : "org.apereo.cas.services.CasRegisteredService",
"serviceId" : "sample",
"name" : "sample",
"id" : 300,
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ScriptedRegisteredServiceAttributeReleasePolicy",
"scriptFile" : "classpath:/script.[py|js|groovy]"
}
}
|
The configuration of this component qualifies to use
the Spring Expression Language syntax. The scripts
need to design a run
function that receives a list of parameters. The collection of current attributes in process
as well as a logger object are passed to this function. The result must produce a map whose key
s are attributes names
and whose value
s are a list of attribute values.
As an example, the script itself may be designed in Groovy as:
1
2
3
4
5
6
7
8
9
| import java.util.*
def Map<String, List<Object>> run(final Object... args) {
def currentAttributes = args[0]
def logger = args[1]
logger.debug("Current attributes received are {}", currentAttributes)
return[username:["something"], likes:["cheese", "food"], id:[1234,2,3,4,5], another:"attribute"]
}
|
Here’s the same script written in Python:
1
2
3
4
5
| def run(*Params):
Attributes = Params[0]
Logger = Params[1]
# Calculate attributes and return a new dictionary of attributes...
return ...
|
You are also allowed to stuff inlined groovy scripts into the scriptFile
attribute. The script
has access to the collection of resolved attributes
as well as a logger
object.
1
2
3
4
5
6
7
8
9
10
| {
"@class" : "org.apereo.cas.services.CasRegisteredService",
"serviceId" : "sample",
"name" : "sample",
"id" : 300,
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ScriptedRegisteredServiceAttributeReleasePolicy",
"scriptFile" : "groovy { return attributes }"
}
}
|