Package org.keycloak.protocol.oidc.mappers

Class ScriptBasedOIDCProtocolMapper

java.lang.Object

org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper

org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper

All Implemented Interfaces:

OIDCAccessTokenMapper, OIDCAccessTokenResponseMapper, OIDCIDTokenMapper, UserInfoTokenMapper, ProtocolMapper, ConfiguredProvider, EnvironmentDependentProviderFactory, Provider, ProviderFactory<ProtocolMapper>

Direct Known Subclasses:

DeployedScriptOIDCProtocolMapper

public class ScriptBasedOIDCProtocolMapper
extends AbstractOIDCProtocolMapper
implements OIDCAccessTokenMapper, OIDCIDTokenMapper, UserInfoTokenMapper, OIDCAccessTokenResponseMapper, EnvironmentDependentProviderFactory

OIDC ProtocolMapper that uses a provided JavaScript fragment to compute the token claim value.

Author:

Thomas Darimont

Field Summary

Fields

Modifier and Type	Field	Description
static String	PROVIDER_ID
static String	SCRIPT

Fields inherited from class org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper

TOKEN_MAPPER_CATEGORY

Constructor Summary

Constructors

Constructor	Description
ScriptBasedOIDCProtocolMapper()

Method Summary

Modifier and Type	Method	Description
static ProtocolMapperModel	create(String name, String userAttribute, String tokenClaimName, String claimType, boolean accessToken, boolean idToken, String script, boolean multiValued)
List<ProviderConfigProperty>	getConfigProperties()
String	getDisplayCategory()
String	getDisplayType()
String	getHelpText()
String	getId()
int	getPriority()	Priority of this protocolMapper implementation.
protected String	getScriptCode(ProtocolMapperModel mapperModel)
boolean	isSupported()
protected void	setClaim(AccessTokenResponse accessTokenResponse, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)	Intended to be overridden in ProtocolMapper implementations to add claims to an token.
protected void	setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx)	Intended to be overridden in ProtocolMapper implementations to add claims to an token.
void	validateConfig(KeycloakSession session, RealmModel realm, ProtocolMapperContainerModel client, ProtocolMapperModel mapperModel)	Called when instance of mapperModel is created/updated for this protocolMapper through admin endpoint

Methods inherited from class org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper

close, create, getProtocol, init, postInit, setClaim, transformAccessToken, transformAccessTokenResponse, transformIDToken, transformUserInfoToken

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.provider.ConfiguredProvider

getConfig

Methods inherited from interface org.keycloak.provider.EnvironmentDependentProviderFactory

isSupported

Methods inherited from interface org.keycloak.protocol.oidc.mappers.OIDCAccessTokenMapper

transformAccessToken

Methods inherited from interface org.keycloak.protocol.oidc.mappers.OIDCAccessTokenResponseMapper

transformAccessTokenResponse

Methods inherited from interface org.keycloak.protocol.oidc.mappers.OIDCIDTokenMapper

transformIDToken

Methods inherited from interface org.keycloak.provider.ProviderFactory

getConfigMetadata, order

Methods inherited from interface org.keycloak.protocol.oidc.mappers.UserInfoTokenMapper

transformUserInfoToken

Field Detail

PROVIDER_ID

public static final String PROVIDER_ID

See Also:

Constant Field Values

SCRIPT

public static final String SCRIPT

See Also:

Constant Field Values

Constructor Detail

ScriptBasedOIDCProtocolMapper

public ScriptBasedOIDCProtocolMapper()

Method Detail

getConfigProperties

public List<ProviderConfigProperty> getConfigProperties()

Specified by:

getConfigProperties in interface ConfiguredProvider

getId

public String getId()

Specified by:

getId in interface ProviderFactory<ProtocolMapper>

getDisplayType

public String getDisplayType()

Specified by:

getDisplayType in interface ProtocolMapper

getDisplayCategory

public String getDisplayCategory()

Specified by:

getDisplayCategory in interface ProtocolMapper

getHelpText

public String getHelpText()

Specified by:

getHelpText in interface ConfiguredProvider

isSupported

public boolean isSupported()

Specified by:

isSupported in interface EnvironmentDependentProviderFactory

Returns:

true if the provider is supported and should be available, false otherwise

getPriority

public int getPriority()

Description copied from interface: ProtocolMapper

Priority of this protocolMapper implementation. Lower goes first.

Specified by:

getPriority in interface ProtocolMapper

Returns:

setClaim

protected void setClaim(IDToken token,
                        ProtocolMapperModel mappingModel,
                        UserSessionModel userSession,
                        KeycloakSession keycloakSession,
                        ClientSessionContext clientSessionCtx)

Description copied from class: AbstractOIDCProtocolMapper

Intended to be overridden in ProtocolMapper implementations to add claims to an token.

Overrides:

setClaim in class AbstractOIDCProtocolMapper

setClaim

protected void setClaim(AccessTokenResponse accessTokenResponse,
                        ProtocolMapperModel mappingModel,
                        UserSessionModel userSession,
                        KeycloakSession keycloakSession,
                        ClientSessionContext clientSessionCtx)

Description copied from class: AbstractOIDCProtocolMapper

Intended to be overridden in ProtocolMapper implementations to add claims to an token.

Overrides:

setClaim in class AbstractOIDCProtocolMapper

validateConfig

public void validateConfig(KeycloakSession session,
                           RealmModel realm,
                           ProtocolMapperContainerModel client,
                           ProtocolMapperModel mapperModel)
                    throws ProtocolMapperConfigException

Description copied from interface: ProtocolMapper

Called when instance of mapperModel is created/updated for this protocolMapper through admin endpoint

Specified by:

validateConfig in interface ProtocolMapper

client - client or clientTemplate

Throws:

ProtocolMapperConfigException - if configuration provided in mapperModel is not valid

getScriptCode

protected String getScriptCode(ProtocolMapperModel mapperModel)

create

public static ProtocolMapperModel create(String name,
                                         String userAttribute,
                                         String tokenClaimName,
                                         String claimType,
                                         boolean accessToken,
                                         boolean idToken,
                                         String script,
                                         boolean multiValued)