001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2014-2015 ForgeRock AS.
015 */
016package org.forgerock.openig.filter;
017
018import static org.forgerock.openig.el.Bindings.bindings;
019
020import org.forgerock.http.Filter;
021import org.forgerock.http.Handler;
022import org.forgerock.http.protocol.Request;
023import org.forgerock.http.protocol.Response;
024import org.forgerock.openig.heap.Heap;
025import org.forgerock.openig.heap.HeapException;
026import org.forgerock.openig.script.AbstractScriptableHeapObject;
027import org.forgerock.openig.script.Script;
028import org.forgerock.services.context.Context;
029import org.forgerock.util.promise.NeverThrowsException;
030import org.forgerock.util.promise.Promise;
031
032/**
033 * A scriptable filter. This filter acts as a simple wrapper around the
034 * scripting engine. Scripts are provided with the following variable bindings:
035 * <ul>
036 * <li>{@link java.util.Map globals} - the Map of global variables which persist across
037 * successive invocations of the script
038 * <li>{@link org.forgerock.services.context.Context context} - the associated request context
039 * <li>{@link Request request} - the HTTP request
040 * <li>{@link org.forgerock.http.Client http} - an HTTP client which may be used for
041 * performing outbound HTTP requests
042 * <li>{@link org.forgerock.openig.ldap.LdapClient ldap} - an OpenIG LDAP client which may be used for
043 * performing LDAP requests such as LDAP authentication
044 * <li>{@link org.forgerock.openig.log.Logger logger} - the OpenIG logger
045 * <li>{@link Handler next} - the next handler in the filter chain.
046 * </ul>
047 * Like Java based filters, scripts are free to choose whether or not they
048 * forward the request to the next handler or, instead, return a response
049 * immediately.
050 * <p>Contains also easy access to {@code attributes} from the {@link org.forgerock.services.context.AttributesContext},
051 * e.g: {@code attributes.user = "jackson"}, instead of {@code contexts.attributes.attributes.user = "jackson"}.
052 * <p>In the same way, it gives access to {@code session} from the {@link org.forgerock.http.session.SessionContext},
053 * for example, you can use: {@code session.put(...)}, instead of {@code contexts.session.session.put(...)}.
054 * <p>
055 * <b>NOTE:</b> at the moment only Groovy is supported.
056 * <p><b>NOTE:</b> As of OpenIG 4.0, {@code exchange.request} and {@code exchange.response} are not set anymore.
057 */
058public class ScriptableFilter extends AbstractScriptableHeapObject implements Filter {
059
060    @Override
061    public Promise<Response, NeverThrowsException> filter(final Context context,
062                                                          final Request request,
063                                                          final Handler next) {
064        // Delegates filtering to the script.
065        return runScript(bindings(context, request), next, context);
066    }
067
068    /**
069     * Creates and initializes a scriptable filter in a heap environment.
070     */
071    public static class Heaplet extends AbstractScriptableHeaplet {
072        @Override
073        public ScriptableFilter newInstance(Script script, Heap heap) throws HeapException {
074            return new ScriptableFilter(script, heap);
075        }
076    }
077
078    ScriptableFilter(final Script compiledScript, Heap heap) {
079        super(compiledScript, heap);
080    }
081}