---
title: Groovy script examples
description: The following examples show possible uses for Groovy scripts.
component: pingaccess
version: 9.0
page_id: pingaccess:reference_guides:pa_groovy_script_examples
canonical_url: https://docs.pingidentity.com/pingaccess/9.0/reference_guides/pa_groovy_script_examples.html
revdate: February 6, 2023
section_ids:
  oauth-policy-context-example: OAuth Policy context example
---

# Groovy script examples

The following examples show possible uses for Groovy scripts.

## OAuth Policy context example

In some instances, it might be necessary to transmit identity information to sites to provide details of the user attempting to access a site. In such instances, Groovy scripts can be used to inject identity information into various portions of the HTTP request *(tooltip: \<div class="paragraph">
\<p>A client transaction sent over HTTP to the server specifying a request method, such as GET, POST, and DELETE, to execute against a resource or resources on the server.\</p>
\</div>)* to the target.

In this example, the site is expecting the identity of the user to be conveyed through the `User` HTTP header *(tooltip: \<div class="paragraph">
\<p>A section of an HTTP request or response that conveys additional information relevant to the client or server in the transaction.\</p>
\</div>)*. You can accomplish this using the OAuth *(tooltip: \<div class="paragraph">
\<p>A standard framework that enables an application (OAuth client) to obtain access tokens from an OAuth authorization server for the purpose of retrieving protected resources on a resource server.\</p>
\</div>)* Groovy script rule and the following Groovy script:

```
user=policyCtx?.context.get("oauth_token")?.attributes?.get("user")?.get(0)
exc?.request?.header?.add("User", "$user")
pass()
```

* More complex Groovy script logic

  ```
  test = exc?.request?.header?.getFirstValue("test");
  if(test != null && test.equals("foo"))
  {
    //rule will fail evaluation if Test header has value 'foo'
    fail()
  }
  else
  {
    //rule will pass evaluation is Test header has value of anything else
    //or isn't present
    pass()
  }
  ```

* Set an exchange property named `com.pingidentity.policy.error.info`

  This value will be available for the `$info` variable in error templates when an error is encountered. The `$info` variable can be set by a Groovy Script rule or an OAuth Groovy script rule.

  ```
  exc?.setProperty("com.pingidentity.policy.error.info", "this value will be passed to the template in $info variable")
  not(anything())
  ```

* Create a whitelisting rule for certain characters

  ```
  if (!exc?.request?.uri?.matches("[\\p{Po}\\p{N}\\p{Z}\\p{L}\\p{M}\\p{Zs}\\./_\\-\\()\\{\\}\\[\\]]*"))
   {
    fail()
   }
   else
   {
    pass()
   }
  ```

* Add a cookie to the response

  ```
  // Construct the cookie value
  value = "cookie-value"
  cookieHeaderFieldValue = "ResponseTestCookie=${value}; Path=/"

  // Add the cookie on to the response
  exc?.response?.header?.add("Set-Cookie", cookieHeaderFieldValue)

  pass()
  ```

* Combine an `AND` and `OR`, invoking an existing rule matcher

  ```
  if ((anyOf(containsWebSessionAttribute("engineering", "true"), containsWebSessionAttribute("marketing", "true")) && (containsWebSessionAttribute("manager", "true")))
  {pass()
  }
  else{
  fail()
  }
  ```