Package org.keycloak.storage.ldap.mappers

Class UserAttributeLDAPStorageMapper

java.lang.Object

org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapper

org.keycloak.storage.ldap.mappers.UserAttributeLDAPStorageMapper

All Implemented Interfaces:

Provider, LDAPStorageMapper

Direct Known Subclasses:

CertificateLDAPStorageMapper

public class UserAttributeLDAPStorageMapper
extends AbstractLDAPStorageMapper

Author:

Marek Posolda

Field Summary

Fields

Modifier and Type	Field	Description
static String	ALWAYS_READ_VALUE_FROM_LDAP
static String	ATTRIBUTE_DEFAULT_VALUE
static String	FORCE_DEFAULT_VALUE
static String	IS_BINARY_ATTRIBUTE
static String	IS_MANDATORY_IN_LDAP
static String	LDAP_ATTRIBUTE
static String	READ_ONLY
static String	USER_MODEL_ATTRIBUTE

Fields inherited from class org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapper

ldapProvider, mapperModel, session

Constructor Summary

Constructors

Constructor	Description
UserAttributeLDAPStorageMapper(ComponentModel mapperModel, LDAPStorageProvider ldapProvider)

Method Summary

Modifier and Type	Method	Description
void	beforeLDAPQuery(LDAPQuery query)	Called before LDAP Identity query for retrieve LDAP users was executed.
protected void	checkDuplicateEmail(String userModelAttrName, String email, RealmModel realm, KeycloakSession session, UserModel user)
protected void	checkDuplicateUsername(String userModelAttrName, String username, RealmModel realm, KeycloakSession session, UserModel user)
Set<String>	mandatoryAttributeNames()	Method that returns the mandatory attributes that this mapper imposes on the entry.
void	onImportUserFromLDAP(LDAPObject ldapUser, UserModel user, RealmModel realm, boolean isCreate)	Called when importing user from LDAP to local keycloak DB.
void	onRegisterUserToLDAP(LDAPObject ldapUser, UserModel localUser, RealmModel realm)	Called when register new user to LDAP - just after user was created in Keycloak DB
UserModel	proxy(LDAPObject ldapUser, UserModel delegate, RealmModel realm)	Called when invoke proxy on LDAP federation provider
protected void	setPropertyOnUserModel(Property<Object> userModelProperty, UserModel user, String ldapAttrValue)

Methods inherited from class org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapper

close, getGroupMembers, getLdapProvider, getRoleMembers, onAuthenticationFailure, parseBooleanParameter, syncDataFromFederationProviderToKeycloak, syncDataFromKeycloakToFederationProvider

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

USER_MODEL_ATTRIBUTE

public static final String USER_MODEL_ATTRIBUTE

See Also:

Constant Field Values

LDAP_ATTRIBUTE

public static final String LDAP_ATTRIBUTE

See Also:

Constant Field Values

READ_ONLY

public static final String READ_ONLY

See Also:

Constant Field Values

ALWAYS_READ_VALUE_FROM_LDAP

public static final String ALWAYS_READ_VALUE_FROM_LDAP

See Also:

Constant Field Values

IS_MANDATORY_IN_LDAP

public static final String IS_MANDATORY_IN_LDAP

See Also:

Constant Field Values

IS_BINARY_ATTRIBUTE

public static final String IS_BINARY_ATTRIBUTE

See Also:

Constant Field Values

ATTRIBUTE_DEFAULT_VALUE

public static final String ATTRIBUTE_DEFAULT_VALUE

See Also:

Constant Field Values

FORCE_DEFAULT_VALUE

public static final String FORCE_DEFAULT_VALUE

See Also:

Constant Field Values

Constructor Detail

UserAttributeLDAPStorageMapper

public UserAttributeLDAPStorageMapper(ComponentModel mapperModel,
                                      LDAPStorageProvider ldapProvider)

Method Detail

onImportUserFromLDAP

public void onImportUserFromLDAP(LDAPObject ldapUser,
                                 UserModel user,
                                 RealmModel realm,
                                 boolean isCreate)

Description copied from interface: LDAPStorageMapper

Called when importing user from LDAP to local keycloak DB.

isCreate - true if we importing new user from LDAP. False if user already exists in Keycloak, but we are upgrading (syncing) it from LDAP

onRegisterUserToLDAP

public void onRegisterUserToLDAP(LDAPObject ldapUser,
                                 UserModel localUser,
                                 RealmModel realm)

Description copied from interface: LDAPStorageMapper

Called when register new user to LDAP - just after user was created in Keycloak DB

mandatoryAttributeNames

public Set<String> mandatoryAttributeNames()

Description copied from interface: LDAPStorageMapper

Method that returns the mandatory attributes that this mapper imposes on the entry.

Specified by:

mandatoryAttributeNames in interface LDAPStorageMapper

Overrides:

mandatoryAttributeNames in class AbstractLDAPStorageMapper

Returns:

The list of mandatory attributes or null

checkDuplicateEmail

protected void checkDuplicateEmail(String userModelAttrName,
                                   String email,
                                   RealmModel realm,
                                   KeycloakSession session,
                                   UserModel user)

checkDuplicateUsername

protected void checkDuplicateUsername(String userModelAttrName,
                                      String username,
                                      RealmModel realm,
                                      KeycloakSession session,
                                      UserModel user)

proxy

public UserModel proxy(LDAPObject ldapUser,
                       UserModel delegate,
                       RealmModel realm)

Description copied from interface: LDAPStorageMapper

Called when invoke proxy on LDAP federation provider

Returns:

beforeLDAPQuery

public void beforeLDAPQuery(LDAPQuery query)

Description copied from interface: LDAPStorageMapper

Called before LDAP Identity query for retrieve LDAP users was executed. It allows to change query somehow (add returning attributes from LDAP, change conditions etc)

setPropertyOnUserModel

protected void setPropertyOnUserModel(Property<Object> userModelProperty,
                                      UserModel user,
                                      String ldapAttrValue)