Package org.keycloak.broker.provider

Interface IdentityProviderMapper

All Superinterfaces:

ConfiguredProvider, Provider, ProviderFactory<IdentityProviderMapper>

All Known Implementing Classes:

AbstractAttributeToGroupMapper, AbstractAttributeToRoleMapper, AbstractClaimMapper, AbstractClaimToGroupMapper, AbstractClaimToRoleMapper, AbstractIdentityProviderMapper, AbstractJsonUserAttributeMapper, AdvancedAttributeToGroupMapper, AdvancedAttributeToRoleMapper, AdvancedClaimToGroupMapper, AdvancedClaimToRoleMapper, AttributeToRoleMapper, ClaimToRoleMapper, ExternalKeycloakRoleToRoleMapper, FacebookUserAttributeMapper, GitHubUserAttributeMapper, GoogleUserAttributeMapper, HardcodedAttributeMapper, HardcodedRoleMapper, HardcodedUserSessionAttributeMapper, InstagramUserAttributeMapper, LinkedInUserAttributeMapper, MicrosoftUserAttributeMapper, OpenshiftV4AttributeMapper, PayPalUserAttributeMapper, StackoverflowUserAttributeMapper, UserAttributeMapper, UserAttributeMapper, UsernameTemplateMapper, UsernameTemplateMapper, XPathAttributeMapper

public interface IdentityProviderMapper
extends Provider, ProviderFactory<IdentityProviderMapper>, ConfiguredProvider

Version:

$Revision: 1 $

Author:

Bill Burke

Field Summary

Fields

Modifier and Type	Field	Description
static String	ANY_PROVIDER
static Set<IdentityProviderSyncMode>	DEFAULT_IDENTITY_PROVIDER_MAPPER_SYNC_MODES

Method Summary

Modifier and Type	Method	Description
String[]	getCompatibleProviders()
String	getDisplayCategory()
String	getDisplayType()
void	importNewUser(KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)	Called after UserModel is created for first time for this user.
void	preprocessFederatedIdentity(KeycloakSession session, RealmModel realm, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)	Called to determine what keycloak username and email to use to process the login request from the external IDP.
default boolean	supportsSyncMode(IdentityProviderSyncMode syncMode)
void	updateBrokeredUser(KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)	Called when this user has logged in before and has already been imported.
void	updateBrokeredUserLegacy(KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)	Called when this user has logged in before and has already been imported.

Methods inherited from interface org.keycloak.provider.ConfiguredProvider

getConfig, getConfigProperties, getHelpText

Methods inherited from interface org.keycloak.provider.Provider

close

Methods inherited from interface org.keycloak.provider.ProviderFactory

close, create, getConfigMetadata, getId, init, order, postInit

Field Detail

ANY_PROVIDER

static final String ANY_PROVIDER

See Also:

Constant Field Values

DEFAULT_IDENTITY_PROVIDER_MAPPER_SYNC_MODES

static final Set<IdentityProviderSyncMode> DEFAULT_IDENTITY_PROVIDER_MAPPER_SYNC_MODES

Method Detail

getCompatibleProviders

String[] getCompatibleProviders()

getDisplayCategory

String getDisplayCategory()

getDisplayType

String getDisplayType()

supportsSyncMode

default boolean supportsSyncMode(IdentityProviderSyncMode syncMode)

preprocessFederatedIdentity

void preprocessFederatedIdentity(KeycloakSession session,
                                 RealmModel realm,
                                 IdentityProviderMapperModel mapperModel,
                                 BrokeredIdentityContext context)

Called to determine what keycloak username and email to use to process the login request from the external IDP. It's called before "FirstBrokerLogin" flow, so can be used to map attributes to BrokeredIdentityContext ( BrokeredIdentityContext.setUserAttribute ), which will be available on "Review Profile" page and in authenticators during FirstBrokerLogin flow

Parameters:

session -

realm -

mapperModel -

context -

importNewUser

void importNewUser(KeycloakSession session,
                   RealmModel realm,
                   UserModel user,
                   IdentityProviderMapperModel mapperModel,
                   BrokeredIdentityContext context)

Called after UserModel is created for first time for this user. Called after "FirstBrokerLogin" flow

Parameters:

session -

realm -

user -

mapperModel -

context -

updateBrokeredUserLegacy

void updateBrokeredUserLegacy(KeycloakSession session,
                              RealmModel realm,
                              UserModel user,
                              IdentityProviderMapperModel mapperModel,
                              BrokeredIdentityContext context)

Called when this user has logged in before and has already been imported. Legacy behaviour. When updating the mapper to correctly update brokered users in all sync modes, move the old behavior into this method.

Parameters:

session -

realm -

user -

mapperModel -

context -

updateBrokeredUser

void updateBrokeredUser(KeycloakSession session,
                        RealmModel realm,
                        UserModel user,
                        IdentityProviderMapperModel mapperModel,
                        BrokeredIdentityContext context)

Called when this user has logged in before and has already been imported.

Parameters:

session -

realm -

user -

mapperModel -

context -