Obtain Request URL in groovy script module

This topic has 2 replies, 2 voices, and was last updated 4 months, 2 weeks ago by Jatinder Singh.

  • Author
    Posts
  • #28008
     udbolla
    Participant

    Hi

    we do have a requirement to do some operations in JWT token attributes based on where the request is coming from (App basis).

    I have used getHostname function like below

    William Hepler (ForgeRock Support)
    May 27, 2020, 9:16:20 PM GMT+1
    Uma,

    We were able to test using the following format:

    logger.warning(“**** session attribute ” + session.getHostName() + ” ****”);
    This would return

    WARNING: OpenAMScopeValidator.getUserInfo(): Got an empty result for claim=locale
    OAuth2Provider:05/27/2020 02:05:52:317 PM MDT: Thread[ScriptEvaluator-0,5,main]: TransactionId[856bd7ef-d577-41f3-a8e4-e0561445f56c-6321]
    WARNING: **** session attribute 192.168.122.1 ****

    It is giving an IP address, how can i obtain where the request is coming from like https://xyz.com.

    Thank you
    Uma

    #28010
     Jatinder Singh
    Participant

    If you want to find client’s IP address/host, one of the options is to use X-Forwarded-for headers. And if you want to rely on X-Forwarded-for headers for your authentication/authorization, you need to do your due-diligence and make the effort to ensure it’s the real client ip address and not a spoofed one. Essentially you want your proxy to reach into a request > find the actual ip/host and set those values in the X-Forwarded-for headers.

    Hope this helps!

    #28011
     Jatinder Singh
    Participant

    I forgot to mention the second part. Once you have those headers set by your proxy, you can access them through a request object like below.

    CustomScopeValidator.java

    
    request.getRequest().getHeaders() // request is of type OAuth2Request
    
Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?