- Preface
- Required Configuration
- Handlers
- Filters
- AllowOnlyFilter
- AssignmentFilter
- CapturedUserPasswordFilter
- CertificateThumbprintFilter
- ClientCredentialsOAuth2ClientFilter
- ConditionalFilter
- ConditionEnforcementFilter
- ChainOfFilters
- CookieFilter
- CorsFilter
- CrossDomainSingleSignOnFilter
- CryptoHeaderFilter
- CsrfFilter
- DateHeaderFilter
- EntityExtractFilter
- FapiInteractionIdFilter
- FileAttributesFilter
- ForwardedRequestFilter
- HeaderFilter
- HttpBasicAuthenticationClientFilter
- HttpBasicAuthFilter
- IdTokenValidationFilter
- JwtBuilderFilter
- JwtValidationFilter
- LocationHeaderFilter
- OAuth2ClientFilter
- OAuth2ResourceServerFilter
- PasswordReplayFilter
- PolicyEnforcementFilter
- ScriptableFilter
- SessionInfoFilter
- SetCookieUpdateFilter
- SingleSignOnFilter
- SqlAttributesFilter
- StaticRequestFilter
- SwitchFilter
- ThrottlingFilter
- TokenTransformationFilter
- UmaFilter
- UriPathRewriteFilter
- UserProfileFilter
- Decorators
- Audit Framework
- Monitoring
- Throttling Policies
- Miscellaneous Configuration Objects
- Property Value Substitution
- Expressions
- Expressions
- Functions
- array
- boolean
- contains
- decodeBase64
- decodeBase64url
- digestSha256
- encodeBase64
- encodeBase64url
- fileToUrl
- formDecodeParameterNameOrValue
- formEncodeParameterNameOrValue
- indexOf
- integer
- integerWithRadix
- ipMatch
- join
- keyMatch
- length
- matchingGroups
- matches
- pathToUrl
- pemCertificate
- read
- readProperties
- readWithCharset
- split
- toJson
- toLowerCase
- toString
- toUpperCase
- trim
- urlDecode
- urlEncode
- urlDecodeFragment
- urlDecodePathElement
- urlDecodeQueryParameterNameOrValue
- urlDecodeUserInfo
- urlEncodeFragment
- urlEncodePathElement
- urlEncodeQueryParameterNameOrValue
- urlEncodeUserInfo
- More Information
- Patterns
- Scripts
- Properties
- Requests, Responses, and Contexts
- AttributesContext
- CapturedUserPasswordContext
- ClientContext
- Contexts
- CdSsoContext
- CdSsoFailureContext
- JwtBuilderContext
- JwtValidationContext
- JwtValidationErrorContext
- OAuth2Context
- PolicyDecisionContext
- Request
- Response
- SessionContext
- SessionInfoContext
- SsoTokenContext
- Status
- StsContext
- TransactionIdContext
- URI
- UriRouterContext
- UserProfileContext
- Access Token Resolvers
- Secret Stores
- Supported Standards
ScriptableFilter
Processes requests and responses by using a Groovy script.
When a ScriptableFilter processes a request, it can execute return next.handle(context, request) to call the next filter or handler in the current chain and return the value from the call. Actions on the response must be performed in the Promise's callback methods.
Scripts must return a Promise<Response, NeverThrowsException> or a Response.
This section describes the usage of ScriptableFilter, and refers to the following sections of the documentation:
For information about script properties, available global objects, and automatically imported classes, see Scripts.
For information about creating scriptable objects in Studio, see "Scripting in Studio" and "Configuring Scriptable Throttling".
Usage
{
"name": string,
"type": "ScriptableFilter",
"config": {
"type": string,
"file": expression, // Use either "file"
"source": string or array of strings, // or "source", but not both.
"args": object,
"clientHandler": Handler reference
}
}Properties
For information about properties for ScriptableFilter, see Scripts.
Examples
See the following examples of scriptable filters:
For an example scriptable filter that recovers policy advices from AM, see the
failureHandlerproperty of "PolicyEnforcementFilter".For an example scriptable filter that calls a groovy file to include headers for cross-origin requests in UMA, see "Setting Up the UMA Example".