33[ ![ FIWARE Security] ( https://nexus.lab.fiware.org/repository/raw/public/badges/chapters/security.svg )] ( https://github.com/FIWARE/catalogue/blob/master/security/README.md )
44[ ![ License: MIT] ( https://img.shields.io/github/license/fiware/tutorials.XACML-Access-Rules.svg )] ( https://opensource.org/licenses/MIT )
55[ ![ Support badge] ( https://img.shields.io/badge/tag-fiware-orange.svg?logo=stackoverflow )] ( https://stackoverflow.com/questions/tagged/fiware )
6- [ ![ FIWARE Security] ( https://img.shields.io/badge/XACML-3.0-ff7059.svg )] ( https://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html )
7- <br />
8- [ ![ Documentation] ( https://img.shields.io/readthedocs/fiware-tutorials.svg )] ( https://fiware-tutorials.rtfd.io )
6+ [ ![ XACML 3.0] ( https://img.shields.io/badge/XACML-3.0-ff7059.svg )] ( https://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html )
7+ <br /> [ ![ Documentation] ( https://img.shields.io/readthedocs/fiware-tutorials.svg )] ( https://fiware-tutorials.rtfd.io )
98
109<!-- prettier-ignore -->
1110
2524
2625[ ![ Run in Postman] ( https://run.pstmn.io/button.svg )] ( https://app.getpostman.com/run-collection/724e8e1ab1af11063d15 )
2726
28- # コンテンツ
27+ ## コンテンツ
2928
3029<details >
3130<summary >詳細 <b >(クリックして拡大)</b ></summary >
6160 - [ 高度な認可 - サンプル・コード] ( #advanced-authorization---sample-code )
6261 - [ 高度な認可 - PEP Proxy] ( #advanced-authorization---pep-proxy )
6362 - [ PDP - 高度な許可 - 例の実行] ( #pdp---advanced-authorization---running-the-example )
63+ - [ 次のステップ] ( #next-steps )
6464
6565</details >
6666
@@ -1179,28 +1179,19 @@ Authzforce が判断を下すために必要なすべての情報が提供され
11791179` ` ` javascript
11801180function authorizeAdvancedXACML(req, res, next, resource = req.url) {
11811181 const keyrockUserUrl =
1182- "http://keyrock/user?access_token=" +
1183- req.session.access_token +
1184- "&app_id=" +
1185- clientId +
1186- "&authzforce=true";
1182+ "http://keyrock/user?access_token=" + req.session.access_token + "&app_id=" + clientId + "&authzforce=true";
11871183
11881184 return oa
11891185 .get(keyrockUserUrl)
1190- .then(response => {
1186+ .then(( response) => {
11911187 const user = JSON.parse(response);
1192- return azf.policyDomainRequest(
1193- user.app_azf_domain,
1194- user.roles,
1195- resource,
1196- req.method
1197- );
1188+ return azf.policyDomainRequest(user.app_azf_domain, user.roles, resource, req.method);
11981189 })
1199- .then(authzforceResponse => {
1190+ .then(( authzforceResponse) => {
12001191 res.locals.authorized = authzforceResponse === "Permit";
12011192 return next();
12021193 })
1203- .catch(error => {
1194+ .catch(( error) => {
12041195 debug(error);
12051196 res.locals.authorized = false;
12061197 return next();
@@ -1233,16 +1224,12 @@ function policyDomainRequest(domain, roles, resource, action) {
12331224 };
12341225
12351226 return new Promise((resolve, reject) => {
1236- request(options, function(error, response, body) {
1227+ request(options, function (error, response, body) {
12371228 let decision;
1238- xml2js.parseString(
1239- body,
1240- { tagNameProcessors: [xml2js.processors.stripPrefix] },
1241- function(err, jsonRes) {
1242- // The decision is found within the /Response/Result[0]/Decision[0] XPath
1243- decision = jsonRes.Response.Result[0].Decision[0];
1244- }
1245- );
1229+ xml2js.parseString(body, { tagNameProcessors: [xml2js.processors.stripPrefix] }, function (err, jsonRes) {
1230+ // The decision is found within the /Response/Result[0]/Decision[0] XPath
1231+ decision = jsonRes.Response.Result[0].Decision[0];
1232+ });
12461233 decision = String(decision);
12471234 return error ? reject(error) : resolve(decision);
12481235 });
@@ -1332,6 +1319,8 @@ Charlie は、the **security** ロールを持っています
13321319 - ベルを鳴らす - アクセスが**許可**されます -
13331320 これは security ユーザに許可されます
13341321
1322+ <a name="next-steps"></a>
1323+
13351324# 次のステップ
13361325
13371326高度な機能を追加することで、アプリケーションに複雑さを加える方法を知りたいですか
@@ -1343,4 +1332,12 @@ Charlie は、the **security** ロールを持っています
13431332
13441333# # License
13451334
1346- [MIT](LICENSE) © 2018-2020 FIWARE Foundation e.V.
1335+ [MIT](LICENSE) © 2018-2022 FIWARE Foundation e.V.
1336+
1337+ ---
1338+
1339+ # ## Footnotes
1340+
1341+ <a name="footnote1"></a>
1342+
1343+ - [Wikipedia : XACML](https://en.wikipedia.org/wiki/XACML) - "eXtensible Access Control Markup Language" の略です。
0 commit comments