Skip to end of metadata
Go to start of metadata

 

Here is a custom endpoint sample that shows you how to provision to the repository as well as to an LDAP resource.  A sample use case for this script would be if you wanted to maintain a small subset of data in the repository in comparison to what is in LDAP, and furthermore the stored attributes might be quite different between the two targets.  Using a custom endpoint allows explicit control over what gets saved to each target. 

This example assumes we have an ldap provisioner configured at system/ldap/account. 

Under your conf/ directory, create a custom endpoint config file. 

 

conf/endpoint-demo.json
{
    "context" : "endpoint/demo",
    "type" : "text/javascript",
    "file" : "script/demo.js"
}

 

Next create the script that will handle the incoming endpoint request

 

script/demo.js
logger.info("Endpoint Request {}", request);
/* Take the values passed in and map them to ldap attributes */

function createLDAPProfile(u) {
	var i = {
		  "dn": "uid=" + u._id + ",ou=People,dc=example,dc=com",
		  "cn": u.givenName + " " + u.familyName,
		  "sn": u.familyName,
		  "mail": u.email
		};
	return i;
}
(function () { 
	var u = request.value;
	var id = "managed/user/" + u._id;

	logger.info("Looking for existing managed user " + u._id);
	var old = openidm.read(id);
	logger.info("existing object {}", old);

	// for this demo we delete the user if we find them and then re-create
	if( old != null ) {
		logger.info("****** Deleting existing user {}", id);
		openidm['delete'](id,old._rev);
	}
	var ldapAttrs = createLDAPProfile(u);	
	var ldapPath =  "system/ldap/account/" + ldapAttrs.dn;
	var ldap = openidm.read(ldapPath);

	// delete the ldap entry if it exists
	if( ldap != null ) {
		logger.info("Delete Existing LDAP entry !! {} ", ldap.dn);
		openidm['delete'](ldapPath,ldap._rev);
	}
	var r = openidm.create("managed/user", request.value);
	var r2 = openidm.create("system/ldap/account", ldapAttrs );
	logger.info("managed user result = {} ldap create result = {}", r,r2);
    return r2; 
}());

 

Send your a new endpoint a POST message to test it out. 

#!/bin/bash
source settings.sh
URL=http://localhost:8080/openidm/endpoint/demo
curl -X POST --header "X-OpenIDM-Username: $USERNAME" --header "X-OpenIDM-Password: $PASSWORD"  \
        -d @u1.json $URL

 

 

The file @u1.json contains sample data to POST:

conf/endpoint-demo.json
{
  "employeeNumber": "0987654321",
  "userName" : "u1",  
  "stateProvince": "Manchester",
  "roles": "openidm-authorized",
  "accountStatus": "active",
  "country": "UK",
  "givenName": "Created",
  "address2": "",
  "familyName": "Test",
  "passwordAttempts": "0",
  "_rev": "0",
  "lastPasswordSet": "",
  "postalCode": "",
  "_id": "u1",
  "phoneNumber": "123456789",
  "email": "u1@example.com"
}
  • No labels

3 Comments

  1. Looks good Warren.  Could you elaborate a bit on the use case that this was needed for?

    Thanks!

  2. Updated with use case.