The following section provides a sample code for a Before Create Token worker.
export default async (context: PlatformContext, data: BeforeCreateTokenRequest): Promise<BeforeCreateTokenResponse> => { let status: CreateTokenStatus = CreateTokenStatus.CREATE_TOKEN_UNSPECIFIED; let message = 'Overwritten by worker-service if an error occurs.'; try { // The in-browser HTTP client facilitates making calls to the JFrog REST APIs //To call an external endpoint, use 'await context.clients.axios.get("https://foo.com")' const res = await context.clients.platformHttp.get('/access/api/v1/config/token/default_expiry'); // You should reach this part if the HTTP request status is successful (HTTP Status 399 or lower) if (res.status === 200) { const defaultExpiry = res.data.default_token_expiration; const tokenExpiry = data.tokenSpec.expiresIn; console.log(`Got default token expiry ${defaultExpiry}`); if (data.tokenSpec.scope.includes('applied-permissions/admin') && defaultExpiry > 0 && (!tokenExpiry || (tokenExpiry > defaultExpiry))) { status = CreateTokenStatus.CREATE_TOKEN_STOP; message = 'Admin token generation with expiry greater that default expiry is not allowed'; } else { status = CreateTokenStatus.CREATE_TOKEN_PROCEED; } } else { status = CreateTokenStatus.CREATE_TOKEN_WARN; console.warn(`Request is successful but returned status other than 200. Status code : ${ res.status }`); } } catch(error) { // The platformHttp client throws PlatformHttpClientError if the HTTP request status is 400 or higher status = CreateTokenStatus.CREATE_TOKEN_STOP; console.error(`Request failed with status code ${ error.status || '<none>' } caused by : ${ error.message }`); } return { status, message, } };
Input Parameters
context
Provides baseUrl, token, and clients to communicate with the JFrog Platform (for more information, see PlatformContext).
data
The request with delete details sent by Artifactory.
{ "tokenSpec": { "subject": "user", "owner": "jfwks@000", "scope": [ "applied-permissions/user" ], "audience": [ "*@*" ], "expiresIn": 3600, "refreshable": false, "extension": "extension", "description": "description", "includeReferenceToken": true }, "userContext": { "id": "id", "isToken": false, "realm": "realm" } }
Response
{ "status": CreateTokenStatus.CREATE_TOKEN_PROCEED, "message": "Overwritten by worker-service if an error occurs.", }
Possible Statuses
CreateTokenStatus.CREATE_TOKEN_PROCEED
- The worker allows Artifactory to proceed with creating a token.CreateTokenStatus.CREATE_TOKEN_STOP
- The worker does not allow Artifactory to create a token.CreateTokenStatus.CREATE_TOKEN_WARN
- The worker provides a warning before Artifactory can proceed with creating a token.