7.6.7. ResponseMangler Handler Module

The ResponseMangler is a special handler module, that can modify the response of an HTTP request. This way privacyIDEA can change the data sent back to the client, depending on certain conditions.

All actions take a JSON pointer, which looks like a path variable like /result/value.

7.6.7.1. Possible Actions

7.6.7.1.1. delete

This action simply deletes the given JSON pointer from the response.

Note

All keys underneath a node are deleted, to. So if the event handler deletes /detail, the entries /detail/message and ``/detail/error``will also be deleted.

Example

You can use this to delete /detail/googleurl, /detail/oathurl and /detail/otpkey in a /token/init event to hide the created QR code from the helpdesk admin. This way the QR code could be used internally, but could be hidden from the administrator.

7.6.7.1.2. set

This action is used to add additional pointers to the JSON response or to modify existing entries. Existing entries are overwritten.

This action takes the additional attributes type and value.

The value can be returned as a string, an integer or a boolean.

7.6.7.2. Code

This is the event handler module that can mangle the JSON response. We can add or delete key or even subtrees in the JSON response of a request.

The key is identified by a JSON Pointer (see https://tools.ietf.org/html/rfc6901)

class privacyidea.lib.eventhandler.responsemangler.ACTION_TYPE[source]

Allowed actions

DELETE = 'delete'
SET = 'set'
class privacyidea.lib.eventhandler.responsemangler.ResponseManglerEventHandler[source]

An Eventhandler needs to return a list of actions, which it can handle.

It also returns a list of allowed action and conditions

It returns an identifier, which can be used in the eventhandlig definitions

property actions

This method returns a dictionary of allowed actions and possible options in this handler module.

Returns

dict with actions

property allowed_positions

This returns the allowed positions of the event handler definition. The ResponseMangler can only be located at the “post” position

Returns

list of allowed positions

description = 'This event handler can mangle the JSON response.'
do(action, options=None)[source]

This method executes the defined action in the given event.

Parameters
  • action

  • options (dict) – Contains the flask parameters g, request, response and the handler_def configuration

Returns

identifier = 'ResponseMangler'