org.keycloak.storage.ldap.mappers.membership.UserRolesRetrieveStrategy.GetRolesFromUserMemberOfAttribute クラス

org.keycloak.storage.ldap.mappers.membership.UserRolesRetrieveStrategy.GetRolesFromUserMemberOfAttribute の継承関係図

org.keycloak.storage.ldap.mappers.membership.UserRolesRetrieveStrategy.GetRolesFromUserMemberOfAttribute 連携図

公開メンバ関数
List< LDAPObject >	getLDAPRoleMappings (CommonLDAPGroupMapper roleOrGroupMapper, LDAPObject ldapUser, LDAPConfig ldapConfig)
void	beforeUserLDAPQuery (CommonLDAPGroupMapper roleOrGroupMapper, LDAPQuery query)

詳解

Roles of user will be retrieved from "memberOf" attribute of our user

関数詳解

beforeUserLDAPQuery()

void org.keycloak.storage.ldap.mappers.membership.UserRolesRetrieveStrategy.GetRolesFromUserMemberOfAttribute.beforeUserLDAPQuery ( CommonLDAPGroupMapper  roleOrGroupMapper, LDAPQuery  query  )

inline

org.keycloak.storage.ldap.mappers.membership.UserRolesRetrieveStrategyを実装しています。

                                                                                                  {
            String memberOfLdapAttrName = roleOrGroupMapper.getConfig().getMemberOfLdapAttribute();

            query.addReturningLdapAttribute(memberOfLdapAttrName);
            query.addReturningReadOnlyLdapAttribute(memberOfLdapAttrName);
        }

getLDAPRoleMappings()

List<LDAPObject> org.keycloak.storage.ldap.mappers.membership.UserRolesRetrieveStrategy.GetRolesFromUserMemberOfAttribute.getLDAPRoleMappings ( CommonLDAPGroupMapper  roleOrGroupMapper, LDAPObject  ldapUser, LDAPConfig  ldapConfig  )

inline

org.keycloak.storage.ldap.mappers.membership.UserRolesRetrieveStrategyを実装しています。

                                                                                                                                         {
            String memberOfLdapAttrName = roleOrGroupMapper.getConfig().getMemberOfLdapAttribute();

            Set<String> memberOfValues = ldapUser.getAttributeAsSet(memberOfLdapAttrName);
            if (memberOfValues == null) {
                return Collections.emptyList();
            }

            List<LDAPObject> roles = new LinkedList<>();
            LDAPDn parentDn = LDAPDn.fromString(roleOrGroupMapper.getConfig().getLDAPGroupsDn());

            for (String roleDn : memberOfValues) {
                LDAPDn roleDN = LDAPDn.fromString(roleDn);
                if (roleDN.isDescendantOf(parentDn)) {
                    LDAPObject role = new LDAPObject();
                    role.setDn(roleDN);

                    String firstDN = roleDN.getFirstRdnAttrName();
                    if (firstDN.equalsIgnoreCase(roleOrGroupMapper.getConfig().getLDAPGroupNameLdapAttribute())) {
                        role.setRdnAttributeName(firstDN);
                        role.setSingleAttribute(firstDN, roleDN.getFirstRdnAttrValue());
                        roles.add(role);
                    }
                }
            }
            return roles;
        }

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/federation/src/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/membership/UserRolesRetrieveStrategy.java