Package org.keycloak.broker.oidc.mappers
Class AbstractClaimToRoleMapper
java.lang.Object
org.keycloak.broker.provider.AbstractIdentityProviderMapper
org.keycloak.broker.oidc.mappers.AbstractClaimMapper
org.keycloak.broker.oidc.mappers.AbstractClaimToRoleMapper
- All Implemented Interfaces:
IdentityProviderMapper
,ConfiguredProvider
,Provider
,ProviderFactory<IdentityProviderMapper>
- Direct Known Subclasses:
AdvancedClaimToRoleMapper
,ClaimToRoleMapper
,ExternalKeycloakRoleToRoleMapper
Abstract class that handles the logic for importing and updating brokered users for all mappers that map an OIDC
claim into a
Keycloak
role.- Author:
- Stefan Guilhen, Daniel Fesenmeyer
-
Field Summary
Fields inherited from class org.keycloak.broker.oidc.mappers.AbstractClaimMapper
CLAIM, CLAIM_VALUE
Fields inherited from interface org.keycloak.broker.provider.IdentityProviderMapper
ANY_PROVIDER, DEFAULT_IDENTITY_PROVIDER_MAPPER_SYNC_MODES
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected abstract boolean
applies
(IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) This method must be implemented by subclasses and they must returntrue
if their mapping can be applied (i.e.void
importNewUser
(KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) Called after UserModel is created for first time for this user.void
updateBrokeredUser
(KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) Called when this user has logged in before and has already been imported.void
updateBrokeredUserLegacy
(KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) Called when this user has logged in before and has already been imported.Methods inherited from class org.keycloak.broker.oidc.mappers.AbstractClaimMapper
getClaimValue, getClaimValue, getClaimValue, hasClaimValue, valueEquals
Methods inherited from class org.keycloak.broker.provider.AbstractIdentityProviderMapper
close, create, init, postInit, preprocessFederatedIdentity
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.keycloak.provider.ConfiguredProvider
getConfig, getConfigProperties, getHelpText
Methods inherited from interface org.keycloak.broker.provider.IdentityProviderMapper
getCompatibleProviders, getDisplayCategory, getDisplayType, supportsSyncMode
Methods inherited from interface org.keycloak.provider.ProviderFactory
getConfigMetadata, getId, order
-
Constructor Details
-
AbstractClaimToRoleMapper
public AbstractClaimToRoleMapper()
-
-
Method Details
-
importNewUser
public void importNewUser(KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) Description copied from interface:IdentityProviderMapper
Called after UserModel is created for first time for this user. Called after "FirstBrokerLogin" flow- Specified by:
importNewUser
in interfaceIdentityProviderMapper
- Overrides:
importNewUser
in classAbstractIdentityProviderMapper
-
updateBrokeredUserLegacy
public void updateBrokeredUserLegacy(KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) Description copied from interface:IdentityProviderMapper
Called when this user has logged in before and has already been imported. Legacy behaviour. When updating the mapper to correctly update brokered users in all sync modes, move the old behavior into this method.- Specified by:
updateBrokeredUserLegacy
in interfaceIdentityProviderMapper
- Overrides:
updateBrokeredUserLegacy
in classAbstractIdentityProviderMapper
-
updateBrokeredUser
public void updateBrokeredUser(KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) Description copied from interface:IdentityProviderMapper
Called when this user has logged in before and has already been imported.- Specified by:
updateBrokeredUser
in interfaceIdentityProviderMapper
- Overrides:
updateBrokeredUser
in classAbstractIdentityProviderMapper
-
applies
protected abstract boolean applies(IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) This method must be implemented by subclasses and they must returntrue
if their mapping can be applied (i.e. user has the OIDC claim that should be mapped) orfalse
otherwise.- Parameters:
mapperModel
- a reference to theIdentityProviderMapperModel
.context
- a reference to theBrokeredIdentityContext
.- Returns:
true
if the mapping can be applied orfalse
otherwise.*
-