Class AbstractPairwiseSubMapper
- java.lang.Object
-
- org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper
-
- org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper
-
- All Implemented Interfaces:
OIDCAccessTokenMapper
,OIDCIDTokenMapper
,UserInfoTokenMapper
,ProtocolMapper
,ConfiguredProvider
,Provider
,ProviderFactory<ProtocolMapper>
- Direct Known Subclasses:
SHA256PairwiseSubMapper
public abstract class AbstractPairwiseSubMapper extends AbstractOIDCProtocolMapper implements OIDCAccessTokenMapper, OIDCIDTokenMapper, UserInfoTokenMapper
Set the 'sub' claim to pairwise .- Author:
- Martin Hardselius
-
-
Field Summary
Fields Modifier and Type Field Description static String
PROVIDER_ID_SUFFIX
-
Fields inherited from class org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper
TOKEN_MAPPER_CATEGORY
-
-
Constructor Summary
Constructors Constructor Description AbstractPairwiseSubMapper()
-
Method Summary
-
Methods inherited from class org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper
close, create, getProtocol, init, postInit, setClaim, setClaim, setClaim, transformAccessTokenResponse
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.keycloak.provider.ConfiguredProvider
getConfig, getHelpText
-
Methods inherited from interface org.keycloak.protocol.ProtocolMapper
getDisplayType, getPriority
-
Methods inherited from interface org.keycloak.provider.ProviderFactory
getConfigMetadata, order
-
-
-
-
Field Detail
-
PROVIDER_ID_SUFFIX
public static final String PROVIDER_ID_SUFFIX
- See Also:
- Constant Field Values
-
-
Method Detail
-
getIdPrefix
public abstract String getIdPrefix()
-
generateSub
public abstract String generateSub(ProtocolMapperModel mappingModel, String sectorIdentifier, String localSub)
Generates a pairwise subject identifier.- Parameters:
mappingModel
-sectorIdentifier
- client sector identifierlocalSub
- local subject identifier (user id)- Returns:
- A pairwise subject identifier
-
getAdditionalConfigProperties
public List<ProviderConfigProperty> getAdditionalConfigProperties()
Override to add additional provider configuration properties. By default, a pairwise sub mapper will only contain configuration for a sector identifier URI.- Returns:
- A list of provider configuration properties.
-
validateAdditionalConfig
public void validateAdditionalConfig(KeycloakSession session, RealmModel realm, ProtocolMapperContainerModel mapperContainer, ProtocolMapperModel mapperModel) throws ProtocolMapperConfigException
Override to add additional configuration validation. Called when instance of mapperModel is created/updated for this protocolMapper through admin endpoint.- Parameters:
session
-realm
-mapperContainer
- client or clientScopemapperModel
-- Throws:
ProtocolMapperConfigException
- if configuration provided in mapperModel is not valid
-
getDisplayCategory
public final String getDisplayCategory()
- Specified by:
getDisplayCategory
in interfaceProtocolMapper
-
transformIDToken
public IDToken transformIDToken(IDToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
- Specified by:
transformIDToken
in interfaceOIDCIDTokenMapper
- Overrides:
transformIDToken
in classAbstractOIDCProtocolMapper
-
transformAccessToken
public AccessToken transformAccessToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
- Specified by:
transformAccessToken
in interfaceOIDCAccessTokenMapper
- Overrides:
transformAccessToken
in classAbstractOIDCProtocolMapper
-
transformUserInfoToken
public AccessToken transformUserInfoToken(AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx)
- Specified by:
transformUserInfoToken
in interfaceUserInfoTokenMapper
- Overrides:
transformUserInfoToken
in classAbstractOIDCProtocolMapper
-
getConfigProperties
public final List<ProviderConfigProperty> getConfigProperties()
- Specified by:
getConfigProperties
in interfaceConfiguredProvider
-
validateConfig
public final void validateConfig(KeycloakSession session, RealmModel realm, ProtocolMapperContainerModel mapperContainer, ProtocolMapperModel mapperModel) throws ProtocolMapperConfigException
Description copied from interface:ProtocolMapper
Called when instance of mapperModel is created/updated for this protocolMapper through admin endpoint- Specified by:
validateConfig
in interfaceProtocolMapper
mapperContainer
- client or clientTemplate- Throws:
ProtocolMapperConfigException
- if configuration provided in mapperModel is not valid
-
getId
public final String getId()
- Specified by:
getId
in interfaceProviderFactory<ProtocolMapper>
-
-