Skip to content

PolicyAgent

Jump to bottom
Zoltan Tarcsay edited this page Oct 4, 2015 · 10 revisions

constructor(config)

The constructor function, whose argument should be an object of config options (listed below).

var config = {
    serverUrl: 'http://openam.example.com:8080/openam',
    appUrl: 'http://app.example.com:8080',
    notificationRoute: '/',
    notificationsEnabled: true,
    username: 'my-agent',
    password: 'changeit',
    realm: '/',
    logLevel: 'info'
};

var agent = new PolicyAgent(config);

Config options

  • serverUrl: The deployment URI of the OpenAM server, e.g. http://openam.example.com:8080/openam,

  • appUrl: The root URL of the application, e.g. http://app.example.com:8080.

  • notificationsEnabled: If enabled, the agent will cache sessions and register a change listener for them in OpenAM. Cached sessions will not be revalidated against OpenAM. The notifications middleware has be added to the express application for notifications to work (adds an /agent/notifications endpoint which can receive notifications from OpenAM).

  • notificationRoute: The route to which the notifications middleware is attached.

    app.use('/foo/bar/baz', agent.notifications);
app.listen(8080);

    In the above case the notificationRoute should be /foo/bar/baz. Notifications will be sent to http://app.example.com:8080/foo/bar/baz/agent/notifications.

  • username: The agent's username in OpenAM

  • password: The agent's password in OpenAM

  • realm: Name of the realm in OpenAM in which the agent profile exists. Default: /

  • errorPage: Callback function; If present, the function's return value will be sent as an error page, otherwise the default error template will be used.

    config = {
    ...
    errorPage: function (status, message, details) {
        return '<html><body><h1>' + status + ' - '  + message + '</h1></body></html>'
    }
    ...
}

  • logger: winston Logger A winstonjs logger instance. If falsy, a new Console logger is created.

  • logLevel: logging level see winston's documentation Default: error. Only used when logger is falsy.

id

Short random ID that lets you differentiate agents in logs, etc.

config

The config object passed to the constructor.

serverInfo

A Promise returned by getServerInfo(). Once resolved, the response is mixed into the serverInfo object.

agentSession

Originally an empty Promise (haha). Whenever a certain client request needs an agent session, the agent will get authenticated and agentSession will become a Promise returned by authenticateAgent(). Once resolved, the response is mixed into the agentSession object.

openAMClient

An instance of OpenAMClient.

notifications

An instance of NotificationHandler that also serves as an EventEmitter. Events are emitted when notifications are received.

notifications.routes

Express middleware that has a single route: /agent/notifications.

Events
  • session: a session service notification is received. Callbacks will be called with a session argument.

authenticateAgent()

Authenticates the policy agent using the credentials in the config object. Returns Promise.

validateSession(sessionId)

Validates a given sessionId against OpenAM and adds a session listener if valid. Returns Promise.

getUserProfile(userId, realm)

Fetches the user profile for a give UID.

getPolicyDecision(params)

Gets policy decisions from OpenAM for the req.originalUrl resource and the application name specified in the agent config (req must be an instance of IncomingRequest). Returns Promise.

registerSessionListener(sessionId)

Constructs a RequestSet document containing a AddSessionListener node for sessionId, and sends it to the SessionService. Returns Promise.

Clone this wiki locally