Re: [Dev] [IAM] Loading Function Libraries to Authentication Scripts

2018-12-03 Thread Anuradha Karunarathna 
Hi all,

The implementation of loading function libraries to authentication script
is changed according to the given suggestion. Even though *require() * is
not part of the standard JavaScript API, but it is in Node.js to load
modules. Since this requirement is also similar to that, using require() is
intuitive.

Here, a separate javascript function is written to define the require()
function. That function is stored in a separate file and it is loaded when
the authentication framework bundle is activating. Then it is evaluated
just before evaluating the authentication script, by the same nashorn
engine which evaluates the authentication script.
In order to avoid namespace clashing issues, each function library needs to
be exported and imported explicitly.

There are three options to write function libraries.

1. Write multiple functions in one file and export them. Following syntax
needs to be used to export the functions.

module.exports. =



or

exports. = 


ex:


function getAge(birthDate) {

var today = new Date();

var age = today.getFullYear() - birthDate.getFullYear();

var m = today.getMonth() - birthDate.getMonth();

if (m < 0 || (m === 0 && today.getDate()  Hi Anuradha,
> I think require() [1] function better suited for this.
> Reason is that many other dynamic language based on JS uses it and seems
> intuitive.
>
> [1]
> https://stackoverflow.com/questions/9901082/what-is-this-javascript-require
>
> Cheers,
> Ruwan
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IAM] Loading Function Libraries to Authentication Scripts

2018-10-11 Thread Ruwan Abeykoon 
Hi Anuradha,
I think require() [1] function better suited for this.
Reason is that many other dynamic language based on JS uses it and seems
intuitive.

[1]
https://stackoverflow.com/questions/9901082/what-is-this-javascript-require

Cheers,
Ruwan
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [IAM] Loading Function Libraries to Authentication Scripts

2018-10-10 Thread Anuradha Karunarathna 
Hi All,


I’m working on a project to use function libraries in adaptive
authentication scripts and a component to manage function
libraries(add/list/delete/edit/export/import) [1]. I have implemented a
carbon component to manage function libraries with add/list/delete and edit
features[2].

Then, I researched possible ways to include the implemented function
libraries to adaptive authentication scripts and make the functions in the
library could be used in the authentication scripts.  Nashorn – (the new
default JavaScript engine for the JVM as of Java 8.)[3] has the capability
to load and evaluate additional script files quite easily with ‘load()’
function. It loads and evaluates script from a file or a URL or a script
object.

load(file path of the function library);

or

load(URL to the function library);

or

load({script:”function library script”, name:”library name”});

needs to be added on top of the authentication script.

However, directly using load function in authentication script is not a
user-friendly option. If so, the user needs to know either file path to the
needed function library, or URL or the content and the name of the function
library. Therefore,  I added a new function under core functions in
adaptive authentication JS API reference[4] as “loadLocalLibrary(‘’)” . Inside that function, retrieving the relevant function
library from database and load() function evaluation is done. Then, the
user has to add “loadLocalLibrary(‘’);” on top of
the authentication script or before an usage of a function in the function
library. Hence, the user needs to know only the function library name.

Moreover, over the three options available to load and evaluate the script,
script object method is selected.


Reasons to reject the other two methods:

File path: need to write a file with the content of the loaded function
library from DB. So, file writings inside the IS cause for security issues.

URL: Need an addition REST service and having a network call is an overhead.


engine.eval(“load({name:“library name”, script:“function library
script”})”) is used inside the loadLocalLibrary(String name) core function
to evaluate the function library script.


This diagram illustrates the above described process.


If you have any other possible solutions or suggestions regarding the above
scenario, feel free to discuss.

References

[1] [IAM]Function Library for adaptive authentication

[2]https://github.com/AnuradhaSK/Function-Library-Manager

[3]https://docs.oracle.com/javase/9/nashorn/JSNUG.pdf

[4]
https://docs.wso2.com/display/IS570/Adaptive+Authentication+JS+API+Reference#AdaptiveAuthenticationJSAPIReference-Corefunctions


*Anuradha Karunarathna*
Intern-Software Engineering | WSO2,inc.
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev