Class AbstractPairwiseSubMapper
- java.lang.Object
-
- org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper
-
- org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper
-
- All Implemented Interfaces:
OIDCAccessTokenMapper,OIDCIDTokenMapper,UserInfoTokenMapper,ProtocolMapper,ConfiguredProvider,Provider,ProviderFactory<ProtocolMapper>
- Direct Known Subclasses:
SHA256PairwiseSubMapper
public abstract class AbstractPairwiseSubMapper extends AbstractOIDCProtocolMapper implements OIDCAccessTokenMapper, OIDCIDTokenMapper, UserInfoTokenMapper
Set the 'sub' claim to pairwise .- Author:
- Martin Hardselius
-
-
Field Summary
Fields Modifier and Type Field Description static StringPROVIDER_ID_SUFFIX-
Fields inherited from class org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper
TOKEN_MAPPER_CATEGORY
-
-
Constructor Summary
Constructors Constructor Description AbstractPairwiseSubMapper()
-
Method Summary
-
Methods inherited from class org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper
close, create, getProtocol, init, postInit, setClaim, setClaim, setClaim, transformAccessTokenResponse
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.provider.ConfiguredProvider
getConfig, getHelpText
-
Methods inherited from interface org.keycloak.protocol.ProtocolMapper
getDisplayType, getPriority
-
Methods inherited from interface org.keycloak.provider.ProviderFactory
getConfigMetadata, order
-
-
-
-
Field Detail
-
PROVIDER_ID_SUFFIX
public static final String PROVIDER_ID_SUFFIX
- See Also:
- Constant Field Values
-
-
Method Detail
-
getIdPrefix
public abstract String getIdPrefix()
-
generateSub
public abstract String generateSub(ProtocolMapperModel mappingModel, String sectorIdentifier, String localSub)
Generates a pairwise subject identifier.- Parameters:
mappingModel-sectorIdentifier- client sector identifierlocalSub- local subject identifier (user id)- Returns:
- A pairwise subject identifier
-
getAdditionalConfigProperties
public List<ProviderConfigProperty> getAdditionalConfigProperties()
Override to add additional provider configuration properties. By default, a pairwise sub mapper will only contain configuration for a sector identifier URI.- Returns:
- A list of provider configuration properties.
-
validateAdditionalConfig
public void validateAdditionalConfig(KeycloakSession session, RealmModel realm, ProtocolMapperContainerModel mapperContainer, ProtocolMapperModel mapperModel) throws ProtocolMapperConfigException
Override to add additional configuration validation. Called when instance of mapperModel is created/updated for this protocolMapper through admin endpoint.- Parameters:
session-realm-mapperContainer- client or clientScopemapperModel-- Throws:
ProtocolMapperConfigException- if configuration provided in mapperModel is not valid
-
getDisplayCategory
public final String getDisplayCategory()
- Specified by:
getDisplayCategoryin interfaceProtocolMapper
-
transformIDToken
public IDToken transformIDToken(IDToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
- Specified by:
transformIDTokenin interfaceOIDCIDTokenMapper- Overrides:
transformIDTokenin classAbstractOIDCProtocolMapper
-
transformAccessToken
public AccessToken transformAccessToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
- Specified by:
transformAccessTokenin interfaceOIDCAccessTokenMapper- Overrides:
transformAccessTokenin classAbstractOIDCProtocolMapper
-
transformUserInfoToken
public AccessToken transformUserInfoToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
- Specified by:
transformUserInfoTokenin interfaceUserInfoTokenMapper- Overrides:
transformUserInfoTokenin classAbstractOIDCProtocolMapper
-
getConfigProperties
public final List<ProviderConfigProperty> getConfigProperties()
- Specified by:
getConfigPropertiesin interfaceConfiguredProvider
-
validateConfig
public final void validateConfig(KeycloakSession session, RealmModel realm, ProtocolMapperContainerModel mapperContainer, ProtocolMapperModel mapperModel) throws ProtocolMapperConfigException
Description copied from interface:ProtocolMapperCalled when instance of mapperModel is created/updated for this protocolMapper through admin endpoint- Specified by:
validateConfigin interfaceProtocolMappermapperContainer- client or clientTemplate- Throws:
ProtocolMapperConfigException- if configuration provided in mapperModel is not valid
-
getId
public final String getId()
- Specified by:
getIdin interfaceProviderFactory<ProtocolMapper>
-
-