Migrate decision node scripts to next-generation scripts
Different bindings are available to the decision node script depending on the scripting engine version; legacy or next-generation.
Complete the steps described in Migrate to next-generation scripts, using the examples listed in the following table as a guide when updating the bindings:
| Binding | Next-generation change | ||
|---|---|---|---|
New. Use static method To send callbacks, instead of calling |
|||
New. Instead of creating a |
|||
Uses native JavaScript objects, similar to the Fetch API. |
|||
Class changed from Use
|
|||
New. Generate JWT assertions in scripts. |
|||
New. Validate JWT assertions in scripts. |
|||
Logger is now based on |
|||
The |
|||
New. Use this binding to access the |
|||
New. Access the request cookies directly using this binding. |
action
var fr = JavaImporter(
org.forgerock.openam.auth.node.api.Action);
// Journey continues along the "false" path
action = fr.Action.goTo("false").build(); 1 // Journey continues along the "false" path
action.goTo("false"); 11 No need to import the Action class to access the goTo method. Instead, call the goTo method directly on the action binding.
callbacksBuilder
var fr = JavaImporter( 1
org.forgerock.openam.auth.node.api.Action,
javax.security.auth.callback.NameCallback,
javax.security.auth.callback.PasswordCallback,
java.lang.String
);
if (callbacks.isEmpty()) {
// Request callbacks
action = fr.Action.send( 2
new fr.NameCallback("User Name"),
new fr.PasswordCallback("Password", false)).build();
} else {
// Callbacks returned with credentials
var username =
fr.String(callbacks.get(0).getName());
var password =
fr.String(callbacks.get(1).getPassword());
sharedState.put("username", username);
if (password === null || !password) {
action = fr.Action.goTo("false").build();
} else { 3
transientState.put("password", password);
action = fr.Action.goTo("true").build(); 4
}
}if (callbacks.isEmpty()) { 1
// Request callbacks
callbacksBuilder.nameCallback(
"User Name", "User Name");
callbacksBuilder.passwordCallback(
"Password", false);
} else {
// Callbacks returned with credentials
var username =
callbacks.getNameCallbacks().get(0);
var password =
callbacks.getPasswordCallbacks().get(0);
nodeState.putShared("username", username);
if (password === null || !password) {
action.goTo("false"); 2
} else {
nodeState.putTransient("password", 3
password);
action.goTo("true"); 4
}
}1 Use the callbacksBuilder object instead of importing Callback classes.
2 No need to explicitly call send(). The script sends every callback added to the callbacksBuilder when it completes.
3 Use nodeState.putShared() instead of sharedState.put() and nodeState.putTransient() instead of transientState.put().
4 No need to set the outcome, because action.goTo() was invoked.
idRepository
Get an identity from the idRepository object to access attribute values.
Learn more in Access profile data.
var uuid = "3f5ab61c-1587-44b3-b7d4-675e5159fcca";
var mail = idRepository.getAttribute(
uuid, "mail"); 1 2
idRepository.setAttribute(username, "mail",
["new@example.com"]); 3var uuid = "3f5ab61c-1587-44b3-b7d4-675e5159fcca";
var identity =
idRepository.getIdentity(uuid); 1
var mail =
identity.getAttributeValues("mail"); 2
// Does NOT automatically persist data
identity.setAttribute("mail",
["new@example.com"]); 3
// persists data (throws an exception if setAttribute failed)
try {
identity.store(); 4
} catch(e) {
logger.error("Unable to persist attribute. " + e);
}1 The idRepository object is no longer used to get attribute values. Instead, use the getIdentity() method of the new org.forgerock.openam.scripting.api.identity.ScriptIdentityRepository interface to get the identity object.
2 Use the identity object, instead of idRepository, to get or set attribute values.
3 Adding or setting attributes on the identity object does not persist data.
4 You must explicitly persist changes by calling the store method.
For more information about the idRepository binding, refer to Access profile data.
nodeState
// var username = sharedState.get("username");
1
var username =
nodeState.get("username").asString(); 2
var attributes = 3
nodeState.get("objectAttributes").asMap();var username = nodeState.get("username"); 2
var attributes =
nodeState.getObject("objectAttributes"); 31 Deprecated sharedState and transientState bindings are no longer available. Use nodeState.get() instead. To store state values, use nodeState.putShared() or nodeState.putTransient() instead of sharedState.put() and transientState.put().
2 No need to call methods such as asString() or asMap().
3 New getObject() method to retrieve a map with values stored across different states.
The map is immutable.
|
To get the UUID from |
For more information about the nodeState binding, refer to Access shared state data.