CustomizerScript.groovy revision 85228c8f36d756625d95699bb40938ca5e6f2015
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller/*
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller *
7f6887b5c5e1d621fbbb48d93b8ac940521d1e38Jason Lemay * Copyright (c) 2014 ForgeRock AS. All Rights Reserved
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller *
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * The contents of this file are subject to the terms
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * of the Common Development and Distribution License
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * (the License). You may not use this file except in
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * compliance with the License.
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller *
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * You can obtain a copy of the License at
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * http://forgerock.org/license/CDDLv1.0.html
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * See the License for the specific language governing
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * permission and limitations under the License.
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller *
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * When distributing Covered Code, include this CDDL
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * Header Notice in each file and include the License file
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * at http://forgerock.org/license/CDDLv1.0.html
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * If applicable, add the following below the CDDL Header,
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * with the fields enclosed by brackets [] replaced by
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * your own identifying information:
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller * "Portions Copyrighted [year] [name of copyright owner]"
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller */
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller
7f6887b5c5e1d621fbbb48d93b8ac940521d1e38Jason Lemaypackage org.forgerock.openicf.connectors.scriptedcrest
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmiller
7f6887b5c5e1d621fbbb48d93b8ac940521d1e38Jason Lemayimport org.apache.http.HttpHost
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmillerimport org.apache.http.auth.AuthScope
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmillerimport org.apache.http.auth.AuthenticationException
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmillerimport org.apache.http.auth.InvalidCredentialsException
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmillerimport org.apache.http.auth.UsernamePasswordCredentials
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmillerimport org.apache.http.client.CredentialsProvider
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmillerimport org.apache.http.client.config.RequestConfig
7f6887b5c5e1d621fbbb48d93b8ac940521d1e38Jason Lemayimport org.apache.http.client.methods.HttpUriRequest
7f6887b5c5e1d621fbbb48d93b8ac940521d1e38Jason Lemayimport org.apache.http.client.protocol.HttpClientContext
7f6887b5c5e1d621fbbb48d93b8ac940521d1e38Jason Lemayimport org.apache.http.conn.routing.HttpRoute
7f6887b5c5e1d621fbbb48d93b8ac940521d1e38Jason Lemayimport org.apache.http.impl.auth.BasicScheme
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmillerimport org.apache.http.impl.client.BasicAuthCache
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmillerimport org.apache.http.impl.client.BasicCookieStore
18f2985c5be44e17aff0b118ee2c6f18967fa150Brendan Mmillerimport org.apache.http.impl.client.BasicCredentialsProvider
18f2985c5be44e17aff0b118ee2c6f18967fa150Brendan Mmillerimport org.apache.http.impl.nio.client.HttpAsyncClientBuilder
18f2985c5be44e17aff0b118ee2c6f18967fa150Brendan Mmillerimport org.apache.http.impl.nio.conn.PoolingNHttpClientConnectionManager
7dcb2f62e25d05f2afeb4e79f10102350d7c2c7bBrendan Mmillerimport org.apache.http.impl.nio.reactor.DefaultConnectingIOReactor
import org.apache.http.nio.reactor.ConnectingIOReactor
import org.forgerock.json.fluent.JsonValue
import org.forgerock.json.resource.Context
import org.forgerock.json.resource.QueryResult
import org.forgerock.json.resource.Resource
import org.identityconnectors.common.security.GuardedString
import org.forgerock.openicf.connectors.scriptedcrest.ScriptedCRESTConfiguration.AuthMethod
/**
* A customizer script defines the custom closures to interact with the default implementation and customize it.
*/
customize {
init { HttpAsyncClientBuilder builder ->
//SEE: http://hc.apache.org/httpcomponents-asyncclient-4.0.x/httpasyncclient/examples/org/apache/http/examples/nio/client/AsyncClientConfiguration.java
def c = delegate as ScriptedCRESTConfiguration
def httpHost = new HttpHost(c.serviceAddress?.host, c.serviceAddress?.port, c.serviceAddress?.scheme);
ConnectingIOReactor ioReactor = new DefaultConnectingIOReactor();
PoolingNHttpClientConnectionManager cm = new PoolingNHttpClientConnectionManager(ioReactor);
// Increase max total connection to 200
cm.setMaxTotal(200);
// Increase default max connection per route to 20
cm.setDefaultMaxPerRoute(20);
// Increase max connections for httpHost to 50
cm.setMaxPerRoute(new HttpRoute(httpHost), 50);
builder.setConnectionManager(cm)
// configure timeout on the entire client
RequestConfig requestConfig = RequestConfig.custom().build();
builder.setDefaultRequestConfig(requestConfig)
//PROXY
if (c.proxyAddress != null) {
HttpHost proxy = new HttpHost(c.proxyAddress.host, c.proxyAddress.port, c.proxyAddress.scheme);
RequestConfig config = RequestConfig.custom().setProxy(proxy).build();
builder.setDefaultRequestConfig(config)
}
// Authentication
final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
switch (AuthMethod.valueOf(c.defaultAuthMethod)) {
case AuthMethod.BASIC_PREEMPTIVE:
case AuthMethod.BASIC:
// It's part of the http client spec to request the resource anonymously
// first and respond to the 401 with the Authorization header.
c.password.access(
{
credentialsProvider.setCredentials(new AuthScope(httpHost.getHostName(), httpHost.getPort()),
new UsernamePasswordCredentials(c.username, new String(it)));
} as GuardedString.Accessor
);
builder.setDefaultCredentialsProvider(credentialsProvider);
break;
case AuthMethod.NONE:
break;
default:
throw new IllegalArgumentException();
}
c.propertyBag.put(HttpClientContext.COOKIE_STORE, new BasicCookieStore());
}
release {
propertyBag.clear()
}
beforeRequest { Context context, HttpClientContext clientContext, HttpUriRequest request ->
clientContext.setCookieStore(propertyBag.get(HttpClientContext.COOKIE_STORE))
def c = delegate as ScriptedCRESTConfiguration
if (AuthMethod.valueOf(c.defaultAuthMethod).equals(AuthMethod.BASIC_PREEMPTIVE)){
def authCache = new BasicAuthCache();
authCache.put(new HttpHost(c.serviceAddress?.host, c.serviceAddress?.port, c.serviceAddress?.scheme), new BasicScheme());
clientContext.setAuthCache(authCache)
}
}
onFail { Context context, HttpClientContext clientContext, HttpUriRequest request, Exception ex ->
if (true) {
completed(new HashMap<String, Object>())
} else {
if (ex instanceof InvalidCredentialsException) {
failed(ex)
} else if (ex instanceof AuthenticationException) {
failed(ex)
} else {
failed(ex)
}
}
}
onComplete { Object result ->
if (result instanceof JsonValue) {
} else if (result instanceof Resource) {
} else if (result instanceof QueryResult) {
}
completed(result)
}
}