cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

IdentityNow Rule Guide - Web Services After Operation Rule

IdentityNow Rule Guide - Web Services After Operation Rule

Purpose


This rule is used to calculate attributes after a web-service operation call.

 

Execution

  • Connector Execution - This rule executes within the Virtual Appliance and may offer special abilities to perform connector-related functions, and may offer managed connections to sources.
  • Logging - Logging statements are viewable within the ccg.log on the Virtual Appliance and by SailPoint personnel.

 

 

Input

Argument Type

Purpose

application sailpoint.object.Application

Application whose data file is being processed

processedResponseObject List<Map<String, Object>> This object is List of Map (account/group). The map contains key as identityAttribute of the application schema and value is all the account/group attributes (schema) passed by the connector after parsing the respective API response.
requestEndPoint sailpoint.connector.webservices.EndPoint Current request information; contains the header, body, context url, method type, response attribute map, successful response code
restClient sailpoint.connector.webservices.WebServicesClient A WebServicesClient (HttpClient) object that would enable the user to call the Web Services API target system.
rawResponseObject String String object which holds the raw response returned from the target system which can be in JSON or XML form.

 

Output

Argument Type

Purpose

updatedAccountOrGroupList java.util.Map

The Map object returned from the After Operation Rule may contain any or all of the following:

  • Updated list of account / group resource objects; identified by key data
  • Attribute values to be updated into application via connector state map; identified by key connectorStateMap

Each resource (account/group) object is of type Map which contains key-value pair, where key represents the schema attribute name and value represents the account/group attribute value.

 

Template

 

 

 

 

 

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule name="Example Rule" type="WebServiceAfterOperationRule">
  <Description>Describe your rule here.</Description>
  <Source><![CDATA[

  // Add your logic here.

  ]]></Source>
</Rule>

 

 

 

 

 

 

Example

 

 

 

 

 

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule name="Example Rule" type="WebServiceAfterOperationRule">
  <Description>This rule is used by the  Web Services connector after performing any operation like testconnection, aggregation etc.</Description>
  <Source><![CDATA[
import connector.common.JsonUtil;
    import java.util.HashMap;
    import java.util.Map.Entry;
    import java.util.Map;
    import java.util.List;
    import java.util.ArrayList;
    import javax.net.ssl.HttpsURLConnection;
    import java.io.BufferedReader;
    import java.io.PrintStream;
    import java.io.StringWriter;
    import java.text.SimpleDateFormat;
    import sailpoint.tools.GeneralException;

Map updatedMapInfo = new HashMap();
List list = new ArrayList();
ArrayList<String> Roles = new ArrayList<String>();
Map response = (Map) JsonUtil.toMap(rawResponseObject);
int RoleSize = 0;
String newName;
List Finallist = new ArrayList();
List workspace = new ArrayList();

log.error("RULEWS response at start" + response);
if (response.get("data") != null) {

     list = (ArrayList) response.get("data");

     for(int d = 0; d < list.size(); d++ ){

         Map responseMap = (Map) list.get(d);

         if (responseMap.get("attributes") != null) {
            Map newmap = new HashMap();
             Map data = (Map) responseMap.get("attributes");
             newmap.put("firstName", data.get("firstName"));
             newmap.put("lastName",data.get("lastName"));
             newmap.put("displayName",data.get("displayName"));
             newmap.put("userName",data.get("userName"));
             newmap.put("email",data.get("email"));

             if (data.get("workspaceMemberships") != null) {

                 ArrayList Workspacedetail = (ArrayList) data.get("workspaceMemberships");

                 for (int i = 0; i < Workspacedetail.size(); i++) {

                     Map work = (Map) Workspacedetail.get(i);

                     for (int w = 0; w < work.size(); w++) {

                         if (work.get("workspaceName") != null) {

                            workspace.add(work.get("workspaceName"));

                             Roles = (ArrayList) work.get("workspaceRoles");

                             for (int r = 0; r < Roles.size(); r++) {

                                 if (Roles.get(r) != null) {
                                     newName = Roles.get(r).toString() + " - " + work.get("workspaceName");

                                     if(newName != null) {
                                         Roles.set(r, newName);
                                         newmap.put("workspaceRoles", Roles);

                                     }

                                 }
                             }
                         }
                         break;
                     }
                 }
             }

             Finallist.add(newmap);

         }
    }

}
log.error("RULEWS newmap at end" + newmap);
log.error("RULEWS Finallist at end" + Finallist);

log.error("RULEWS processedResponseObject Before is " + processedResponseObject);

updatedMapInfo.put("data", Finallist);
log.error("RULEWS updatedMapInfo is " + updatedMapInfo);

return updatedMapInfo;
log.error("RULEWS processedResponseObject after is " + processedResponseObject);​
  ]]></Source>
</Rule>

 

 

 

Web Services Class used in Before/After Operation Rule

This section describes the following types of Web Services class:

  • WebServicesClient
  • EndPoint Class

NOTE: The Web Services Classes mentioned in this section are general guidelines. New classes/methods would be added.

WebServicesClient

The following table list the different rules and their description:

Rule Description

Constructor Detail

WebServicesClient

Default constructor.

public WebServicesClient()

Constructor that configures the client using the given args.

public WebServicesClient(java.util.Map args) throws java.lang.Exception

Throws: java.lang.Exception

Method Detail

configure

Configure connection parameters. See the ARG_* constants.

public void configure(java.util.Map args) throws java.lang.Exception

Throws: java.lang.Exception

executeGet

  • Execute method GET with headers
    public java.lang.String executeGet(java.util.Map headers, java.util.List<java.lang.String> allowedStatuses) throws java.lang.Exception
    Parameters: headers (Request headers) and allowedStatuses (Allowed status codes)

  • Execute method GET with URL and headers
    public java.lang.String executeGet(java.lang.String url, java.util.Map headers, java.util.List<java.lang.String> allowedStatuses) throws java.lang.Exception
    Parameters: url (Request URL), headers (Request headers) and allowedStatuses (Allowed status codes)

Returns: Response object

Throws: java.lang.Exception

executePost

  • Execute method POST with URL, payload and headers
    public java.lang.String executePost(java.lang.String url, java.lang.Object payload, java.util.Map headers, java.util.List<java.lang.String> allowedStatuses) throws java.lang.Exception
    Parameters: url (Request URL), payload (Request body), headers (Request headers) and allowedStatuses (Allowed status codes)

  • Execute method POST with URL and payload
    public java.lang.String executePost(java.lang.String url, java.lang.Object payload, java.util.List<java.lang.String> allowedStatuses) throws java.lang.Exception
    Parameters: url (Request URL), payload (Request body) and allowedStatuses (Allowed status codes)

Returns: Response object

Throws: java.lang.Exception

executePut

  • Execute method PUT with URL and payload
    public java.lang.String executePut(java.lang.String url, java.lang.Object payload, java.util.List<java.lang.String> allowedStatuses) throws java.lang.Exception
    Parameters: url (Request URL), payload (Request body) and allowedStatuses (Allowed status codes)

  • Execute method PUT with URL, payload and headers
    public java.lang.String executePut(java.lang.String url, java.lang.Object payload, java.util.Map headers, java.util.List<java.lang.String> allowedStatuses) throws java.lang.Exception
    Parameters: url (Request URL), payload (Request body), headers (Request headers) and allowedStatuses (Allowed status codes)

Returns: Response object

Throws: java.lang.Exception

executePatch

  • Execute method PATCH with URL and payload
    public java.lang.String executePatch(java.lang.String url, java.lang.Object payload, java.util.List<java.lang.String> allowedStatuses) throws java.lang.Exception
    Parameters: url (Request URL), payload (Request body) and allowedStatuses (Allowed status codes)

  • Execute method PATCH with URL, payload and headers
    public java.lang.String executePatch(java.lang.String url, java.lang.Object payload, java.util.Map headers, java.util.List<java.lang.String> allowedStatuses) throws java.lang.Exception
    Parameters: url (Request URL), payload (Request body), headers (Request headers) and allowedStatuses (Allowed status codes)

Returns: Response object

Throws: java.lang.Exception

getResponseHeaders

Get last executed Request's Response headers.

public java.util.Map<java.lang.String,java.lang.String> getResponseHeaders()

executeDelete

  • Execute method DELETE with URL
    public java.lang.String executeDelete(java.lang.String url, java.util.List<java.lang.String> allowedStatuses) throws java.lang.Exception
    Parameters: url (Request URL) and allowedStatuses (Allowed status codes)

  • Execute method DELETE with URL and headers
    public java.lang.String executeDelete(java.lang.String url, java.util.Map headers, java.util.List<java.lang.String> allowedStatuses) throws java.lang.Exception
    Parameters: url (Request URL), headers (Request headers) and allowedStatuses (Allowed status codes)

Returns: Response object

Throws: java.lang.Exception

 

EndPoint Class

The following table list the different rules and their description:

Rule

Description

Constructor Detail

EndPoint

public EndPoint()

Method Detail

setAfterRule

Setting the after rule name

public void setAfterRule(java.lang.String value)

setBeforeRule

Setting the before rule name

public void setBeforeRule(java.lang.String value)

setParseRule

public void setParseRule(java.lang.String value)

setContextUrl

Set the context url for the particular operation (create user, update user, account aggregation, and so on)

public void setContextUrl(java.lang.String value)

setHttpMethodType

Set the http method (put, post, get, patch and delete) for the particular operation (create user, update user, account aggregation, and so on)

public void setHttpMethodType(java.lang.String value)

setOperationType

Set the operation (Account Aggregation, Group Aggregation, Create Account etc) for the particular operation record (create user, update user, account aggregation, and so on)

public void setOperationType(java.lang.String value)

setRootPath

Set the root of the JSON response returned from the managed system (Managed system) for the particular operation (create user, update user, account aggregation, and so on)

public void setRootPath(java.lang.String value)

setFullUrl

set the complete url (endpoint) of the operation that need to be performed for the particular operation (create user, update user, account aggregation, and so on)

public void setFullUrl(java.lang.String value)

setBaseUrl

Set the base url (the machine id or IP and the port where the service is executing) for the operation that need to be performed. Ideally this would be common for all the operation.

public void setBaseUrl(java.lang.String value)

setSequenceNumberForEndpoint

Set the Sequence number particular operation (create user, update user, account aggregation, and so on)

public void setSequenceNumberForEndpoint(int value)

setUniqueNameForEndPoint

Set Unique operation name for particular operation (create user, update user, account aggregation, and so on)

public void setUniqueNameForEndPoint(java.lang.String value)

setResMappingObj

Set the Response mapping for the response attribute returned in the JSON response from the managed system (Managed system) for the particular operation like create user, update user, account aggregation, and so on. Here the key would be attribute name (attribute in the schema) and value would be the JSON response path after the root path mentioned above.

public void setResMappingObj(java.util.Map value)

setHeader

Set HTTP header information in the form of key value (For example, key=“ContentType” Value=“Application/JSON”)

public void setHeader(java.util.Map value)

addHeader

Adding key value if header exists or will create header and add

public void addHeader(java.lang.String entry, java.lang.String value)

setBody

Set http body information as a Map. Here the map would contain three keys bodyFormat, bodyFormData and jsonBody. The bodyFormat value can be raw that means user has provided values as raw JSON string else user has provided value in the key value format that must be converted into JSON.

public void setBody(java.util.Map value)

setResponseCode

Set the value of successful response code as list (200, 299, 201). This would be respected by the connector if any other response code would be consider as request failure.

public void setResponseCode(java.util.List value)

getAfterRule

Fetch the name of after rule assigned to the particular operation like create, update user, account aggregation, and so on:

public java.lang.String getAfterRule()

getBeforeRule

Fetch the name of before rule assigned to the particular operation like create, update user, account aggregation, and so on.

public java.lang.String getBeforeRule()

getParseRule

public java.lang.String getParseRule()

getContextUrl

Fetch the contextUrl provided to the particular operation like create, update user, account aggregation, and so on

public java.lang.String getContextUrl()

getHttpMethodType

Fetch the httpMethodType (get,put,post,delete and patch) provided to the particular operation like create, update user, account aggregation, and so on.

public java.lang.String getHttpMethodType()

getOperationType

Fetch the operationType (Account Aggregation,Create Account,Group Aggregation etc) provided to the particular operation like Create, update user, account aggregation, and so on.

public java.lang.String getOperationType()

getRootPath

Fetch the rootPath provided to the particular operation like Create, update user, account aggregation, and so on.

public java.lang.String getRootPath()

getFullUrl

Fetch the fullUrl that is a combination of basicUrl + contextUrl for the particular operation like Create, update user, account aggregation, and so on.

public java.lang.String getFullUrl()

getBaseUrl

Fetch the baseUrl which is common for all operation like Create, update user, account aggregation, and so on.

public java.lang.String getBaseUrl()

getSequenceNumberForEndpoint

Fetch the sequenceNumber for the particular operation (Create, update user, account aggregation, etc) that decide the priority of execution for operation, if there are multiple endpoint of same operation like account aggregation.

public int getSequenceNumberForEndpoint()

getUniqueNameForEndPoint

Fetch the uniqueName provided to the particular operation like Create, update user, account aggregation, and so on.

public java.lang.String getUniqueNameForEndPoint()

getResMappingObj

Fetch the responseMapping map that will have key as schema attribute and value as JSON path in the JSON response for particular operation like Create, update user, account aggregation, and so on.

public java.util.Map getResMappingObj()

getHeader

Fetch the Http header map that holds the header information for particular operation like Create, update user, account aggregation, and so on.

public java.util.Map getHeader()

getBody

Fetch the body map that holds the body information with keys like bodyFormat, jsonBody and bodyFormData. The bodyFormat can have raw or formData value. bodyFormData will have value as map jsonBody will have value as string with whole JSON.

public java.util.Map getBody()

getResponseCode

Fetch the success response code (list) value which will decide whether the operation was successful or not for particular operation like Create, update user, account aggregation, and so on.

public java.util.List getResponseCode()

getAttributes

public sailpoint.object.Attributes getAttributes()

getAttribute

public java.lang.Object getAttribute(java.lang.String name)

getBooleanAttributeValue

public boolean getBooleanAttributeValue(java.lang.String name)

getStringAttributeValue

public java.lang.String getStringAttributeValue(java.lang.String name)

setAttribute

public void setAttribute(java.lang.String name, java.lang.Object value)

getPaginationSteps

Fetch the paging steps as a string which will decide how account/group paging will work.

public java.lang.String getPaginationSteps()

setPaginationSteps

Set the paging steps as a string which will decide how account/group paging would work.

public void setPaginationSteps(java.lang.String paginationSteps)

toString

public java.lang.String toString()

Overrides: toString in class java.lang.Object

getResponseBody

Retrieve last executed Request's Response Body.

public java.lang.String getResponseBody()

setXpathNamespaces

Sets XPath namespaces using the supplied Map object.

public void setXpathNamespaces(Map<String, String> xpathNamespaces)

getXpathNamespaces

Retrieves XPath namespaces.

public Map<String, String> getXpathNamespaces()

getPagingInitialOffset()

Retrieves the initial page offset.

public int getPagingInitialOffset()

setPagingInitialOffset()

Sets the initial paging offset.

public void setPagingInitialOffset(int pagingInitialOffset)

getPagingSize()

Retrieves the page limit.

public int getPagingSize()

setPagingSize

Sets the page limit.

public void setPagingSize(int pagingLimit)

 

NOTE: 

If you are using the rule to filter out resource objects, please enable enableHasMore in connector settings to prevent premature termination of the aggregation if the result object is empty.

 

Labels (2)
Comments

Why is there a sample of before prov rule in this page?

 

Please update to provide an example of AFTER prov rule.  Thanks

Hi,

As input we can used:

* rawResponseObject
* processedResponseObject

For my understanding:  processedResponseObject =(ArrayList) ((Map) JsonUtil.toMap(rawResponseObject)).get("data")
   (if rawResponseObject is a Json String)

- Is that true ?

- Why using rawResponseObject if processedResponseObject contains data ?

- Is there case when processedResponseObject is empty ?

Best regards,

A) How can I mock this? 
B) There is any sample payload that I can use to test the code?

I am seeing below JSON parser error when there is space in schema attribute name. could you please guide us on how we should be writing in response mapping

"message":"Unable to process JSON path 'Position Code'. Error: Use bracket notion ['my prop'] if your property contains blank characters. position: 2

Version history
Revision #:
7 of 7
Last update:
‎Jul 22, 2022 09:00 AM
Updated by: