Transformation Procedures

Transformation Procedures are used to transform one set of attributes into another set of attributes. The most common transformation is name-transformation. I.e. performing an operation on the subject of an authentication.

Advanced operations on the username can be performed using transformation procedures.

Listing 251 Structure of Transformation Procedures
1
2
3
4
5
6
7
function result(transformationContext) {
  var attributes = transformationContext.attributesMap;

    // transform the incoming attributes

  return attributes;
}

Important

The main function of a transformation procedure must be called result.

Common API

Transformation procedures have access to all of the Common Procedure API.

Function

The result function takes one argument, the context object which provides it with all information and helpers it may require.

The context object has type TransformationProcedureContext.

result(transformationContext)

The main function of a transformation procedure

Arguments:
  • transformationContext – The context object for transformations.
Returns:

Attributes which is a Map of attributes.

Return Value

The returned value should be a JavaScript map with the transformed attributes. Any attribute can be transformed by adding, removing and renaming attributes on the incoming map. If name transformation is performed, the resulting object must contain a subject attribute when transformation is complete.

Examples

Transformation can usually be done without using procedures, but some tasks are easier to perform with a transformation procedure.

Listing 252 Transforming a username
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
function result(transformationContext) {
  var attributes = transformationContext.attributeMap;

  //Example: To add @example.com to each username, do:
  attributes.subject = attributes.subject + '@example.com';

  //Example: To add extra attributes
  attributes.newAttribute = "foobar";

  return  attributes;
}