keycloak
公開メンバ関数 | 静的公開変数類 | 静的関数 | 非公開メンバ関数 | 静的非公開変数類 | 全メンバ一覧
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper クラス
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper の継承関係図
Inheritance graph
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper 連携図
Collaboration graph

公開メンバ関数

List< ProviderConfigPropertygetConfigProperties ()
 
String getId ()
 
String [] getCompatibleProviders ()
 
String getDisplayCategory ()
 
String getDisplayType ()
 
void preprocessFederatedIdentity (KeycloakSession session, RealmModel realm, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)
 
void updateBrokeredUser (KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)
 
String getHelpText ()
 
void close ()
 
IdentityProviderMapper create (KeycloakSession session)
 
void init (org.keycloak.Config.Scope config)
 
void init (Config.Scope config)
 
void postInit (KeycloakSessionFactory factory)
 
void importNewUser (KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)
 
default int order ()
 

静的公開変数類

static final String ATTRIBUTE_NAME_PATTERN = "attribute.name.pattern"
 
static final String USER_ATTRIBUTE_FIRST_NAME = "user.attribute.firstName"
 
static final String USER_ATTRIBUTE_LAST_NAME = "user.attribute.lastName"
 
static final String USER_ATTRIBUTE_EMAIL = "user.attribute.email"
 
static final String USER_ATTRIBUTE_LANGUAGE = "user.attribute.language"
 
static final String PROVIDER_ID = "saml-user-attributestatement-idp-mapper"
 
static final String ANY_PROVIDER = "*"
 

静的関数

 [static initializer]
 

非公開メンバ関数

Optional< Pattern > getAttributePattern (IdentityProviderMapperModel mapperModel)
 
List< AttributeType > findAttributesInContext (BrokeredIdentityContext context, Optional< Pattern > attributePattern)
 
void setIfNotEmpty (Consumer< String > consumer, List< String > values)
 

静的非公開変数類

static final String USER_ATTR_LOCALE = "locale"
 
static final String [] COMPATIBLE_PROVIDERS = {SAMLIdentityProviderFactory.PROVIDER_ID}
 
static final List< ProviderConfigPropertyCONFIG_PROPERTIES = new ArrayList<>()
 
static final String USE_FRIENDLY_NAMES = "use.friendly.names"
 

詳解

著者
Frederik Libert

関数詳解

◆ [static initializer]()

org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.[static initializer] ( )
inlinestaticpackage

◆ close()

void org.keycloak.broker.provider.AbstractIdentityProviderMapper.close ( )
inlineinherited

org.keycloak.provider.Providerを実装しています。

32  {
33 
34  }

◆ create()

IdentityProviderMapper org.keycloak.broker.provider.AbstractIdentityProviderMapper.create ( KeycloakSession  session)
inlineinherited

org.keycloak.provider.ProviderFactory< T extends Provider >を実装しています。

37  {
38  return null;
39  }

◆ findAttributesInContext()

List<AttributeType> org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.findAttributesInContext ( BrokeredIdentityContext  context,
Optional< Pattern >  attributePattern 
)
inlineprivate
204  {
205  AssertionType assertion = (AssertionType) context.getContextData().get(SAMLEndpoint.SAML_ASSERTION);
206 
207  return assertion.getAttributeStatements().stream()//
208  .flatMap(statement -> statement.getAttributes().stream())//
209  .filter(item -> !attributePattern.isPresent() || attributePattern.get().matcher(item.getAttribute().getName()).matches())//
210  .map(ASTChoiceType::getAttribute)//
211  .collect(Collectors.toList());
212  }

◆ getAttributePattern()

Optional<Pattern> org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getAttributePattern ( IdentityProviderMapperModel  mapperModel)
inlineprivate
199  {
200  String attributePatternConfig = mapperModel.getConfig().get(ATTRIBUTE_NAME_PATTERN);
201  return Optional.ofNullable(attributePatternConfig != null ? Pattern.compile(attributePatternConfig) : null);
202  }
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.ATTRIBUTE_NAME_PATTERN
static final String ATTRIBUTE_NAME_PATTERN
Definition: UserAttributeStatementMapper.java:42

◆ getCompatibleProviders()

String [] org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getCompatibleProviders ( )
inline

org.keycloak.broker.provider.IdentityProviderMapperを実装しています。

107  {
108  return COMPATIBLE_PROVIDERS.clone();
109  }
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.COMPATIBLE_PROVIDERS
static final String [] COMPATIBLE_PROVIDERS
Definition: UserAttributeStatementMapper.java:38

◆ getConfigProperties()

List<ProviderConfigProperty> org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getConfigProperties ( )
inline

org.keycloak.provider.ConfiguredProviderを実装しています。

97  {
98  return CONFIG_PROPERTIES;
99  }
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.CONFIG_PROPERTIES
static final List< ProviderConfigProperty > CONFIG_PROPERTIES
Definition: UserAttributeStatementMapper.java:40

◆ getDisplayCategory()

String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getDisplayCategory ( )
inline

org.keycloak.broker.provider.IdentityProviderMapperを実装しています。

112  {
113  return "AttributeStatement Importer";
114  }

◆ getDisplayType()

String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getDisplayType ( )
inline

org.keycloak.broker.provider.IdentityProviderMapperを実装しています。

117  {
118  return "AttributeStatement Importer";
119  }

◆ getHelpText()

String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getHelpText ( )
inline

org.keycloak.provider.ConfiguredProviderを実装しています。

195  {
196  return "Import all saml attributes found in attributestatements in assertion into user properties or attributes.";
197  }

◆ getId()

String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getId ( )
inline

org.keycloak.provider.ProviderFactory< T extends Provider >を実装しています。

102  {
103  return PROVIDER_ID;
104  }
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.PROVIDER_ID
static final String PROVIDER_ID
Definition: UserAttributeStatementMapper.java:94

◆ importNewUser()

void org.keycloak.broker.provider.AbstractIdentityProviderMapper.importNewUser ( KeycloakSession  session,
RealmModel  realm,
UserModel  user,
IdentityProviderMapperModel  mapperModel,
BrokeredIdentityContext  context 
)
inlineinherited

org.keycloak.broker.provider.IdentityProviderMapperを実装しています。

57  {
58 
59  }

◆ init() [1/2]

void org.keycloak.provider.ProviderFactory< T extends Provider >.init ( Config.Scope  config)
inherited

Only called once when the factory is first created. This config is pulled from keycloak_server.json

引数
config

org.keycloak.storage.ldap.LDAPStorageProviderFactory, org.keycloak.protocol.saml.EntityDescriptorDescriptionConverter, org.keycloak.authentication.authenticators.x509.AbstractX509ClientCertificateAuthenticatorFactory, org.keycloak.authentication.forms.RegistrationUserCreation, org.keycloak.authentication.authenticators.resetcred.ResetCredentialEmail, org.keycloak.authentication.forms.RegistrationRecaptcha, org.keycloak.authentication.authenticators.resetcred.ResetCredentialChooseUser, org.keycloak.authentication.forms.RegistrationProfile, org.keycloak.authentication.forms.RegistrationPassword, org.keycloak.cluster.infinispan.InfinispanClusterProviderFactory, org.keycloak.protocol.saml.installation.KeycloakSamlClientInstallation, org.keycloak.protocol.saml.installation.SamlIDPDescriptorClientInstallation, org.keycloak.authentication.requiredactions.UpdateProfile, org.keycloak.authentication.requiredactions.UpdatePassword, org.keycloak.protocol.oidc.installation.KeycloakOIDCClientInstallation, org.keycloak.protocol.saml.mappers.RoleNameMapper, org.keycloak.connections.httpclient.DefaultHttpClientFactory, org.keycloak.protocol.saml.installation.ModAuthMellonClientInstallation, org.keycloak.federation.kerberos.KerberosFederationProviderFactory, org.keycloak.authentication.requiredactions.VerifyEmail, org.keycloak.authentication.requiredactions.UpdateTotp, org.keycloak.connections.jpa.updater.liquibase.conn.DefaultLiquibaseConnectionProvider, org.keycloak.protocol.oidc.installation.KeycloakOIDCJbossSubsystemClientInstallation, org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory, org.keycloak.protocol.saml.installation.SamlSPDescriptorClientInstallation, org.keycloak.policy.BlacklistPasswordPolicyProviderFactory, org.keycloak.authentication.forms.RegistrationPage, org.keycloak.protocol.saml.profile.ecp.authenticator.HttpBasicAuthenticatorFactory, org.keycloak.authentication.authenticators.browser.IdentityProviderAuthenticatorFactory, org.keycloak.authentication.authenticators.resetcred.AbstractSetRequiredActionAuthenticator, org.keycloak.connections.infinispan.DefaultInfinispanConnectionProviderFactory, org.keycloak.protocol.saml.installation.KeycloakSamlSubsystemInstallation, org.keycloak.keys.infinispan.InfinispanPublicKeyStorageProviderFactory, org.keycloak.theme.ClasspathThemeProviderFactory, org.keycloak.models.cache.infinispan.InfinispanUserCacheProviderFactory, org.keycloak.models.cache.infinispan.InfinispanCacheRealmProviderFactory, org.keycloak.executors.DefaultExecutorsProviderFactory, org.keycloak.authentication.authenticators.browser.ScriptBasedAuthenticatorFactory, org.keycloak.protocol.saml.SamlProtocolFactory, org.keycloak.authentication.authenticators.browser.ConditionalOtpFormAuthenticatorFactory, org.keycloak.protocol.docker.DockerAuthenticatorFactory, org.keycloak.storage.UserStorageProviderFactory< T extends UserStorageProvider >, org.keycloak.storage.client.ClientStorageProviderFactory< T extends ClientStorageProvider >, org.keycloak.authentication.authenticators.directgrant.AbstractDirectGrantAuthenticator, org.keycloak.authentication.authenticators.browser.OTPFormAuthenticatorFactory, org.keycloak.authentication.authenticators.browser.UsernamePasswordFormFactory, org.keycloak.exportimport.KeycloakClientDescriptionConverter, org.keycloak.authentication.authenticators.browser.SpnegoAuthenticatorFactory, org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper, org.keycloak.authentication.authenticators.browser.CookieAuthenticatorFactory, org.keycloak.authentication.requiredactions.TermsAndConditions, org.keycloak.events.email.EmailEventListenerProviderFactory, org.keycloak.authentication.authenticators.broker.IdpReviewProfileAuthenticatorFactory, org.keycloak.protocol.saml.mappers.AbstractSAMLProtocolMapper, org.keycloak.models.session.DisabledUserSessionPersisterProvider, org.keycloak.services.x509.DefaultClientCertificateLookupFactory, org.keycloak.authentication.authenticators.broker.IdpCreateUserIfUniqueAuthenticatorFactory, org.keycloak.authentication.authenticators.cli.CliUsernamePasswordAuthenticatorFactory, org.keycloak.authentication.authenticators.client.AbstractClientAuthenticator, org.keycloak.theme.JarThemeProviderFactory, org.keycloak.authentication.authenticators.challenge.BasicAuthAuthenticatorFactory, org.keycloak.authentication.authenticators.challenge.BasicAuthOTPAuthenticatorFactory, org.keycloak.authentication.authenticators.challenge.NoCookieFlowRedirectAuthenticatorFactory, org.keycloak.connections.jpa.updater.liquibase.lock.LiquibaseDBLockProviderFactory, org.keycloak.models.sessions.infinispan.InfinispanActionTokenStoreProviderFactory, org.keycloak.timer.basic.BasicTimerProviderFactory, org.keycloak.truststore.FileTruststoreProviderFactory, org.keycloak.authentication.authenticators.console.ConsoleUsernamePasswordAuthenticatorFactory, org.keycloak.events.log.JBossLoggingEventListenerProviderFactory, org.keycloak.protocol.oidc.OIDCClientDescriptionConverterFactory, org.keycloak.authentication.authenticators.broker.IdpConfirmLinkAuthenticatorFactory, org.keycloak.authentication.authenticators.broker.IdpEmailVerificationAuthenticatorFactory, org.keycloak.exportimport.singlefile.SingleFileImportProviderFactory, org.keycloak.services.x509.AbstractClientCertificateFromHttpHeadersLookupFactory, org.keycloak.theme.ClasspathThemeResourceProviderFactory, org.keycloak.exportimport.dir.DirExportProviderFactory, org.keycloak.exportimport.singlefile.SingleFileExportProviderFactory, org.keycloak.policy.HashAlgorithmPasswordPolicyProviderFactory, org.keycloak.policy.HistoryPasswordPolicyProviderFactory, org.keycloak.protocol.docker.mapper.DockerAuthV2ProtocolMapper, org.keycloak.authentication.authenticators.broker.IdpAutoLinkAuthenticatorFactory, org.keycloak.models.jpa.session.JpaUserSessionPersisterProviderFactory, org.keycloak.policy.DigitsPasswordPolicyProviderFactory, org.keycloak.policy.LengthPasswordPolicyProviderFactory, org.keycloak.policy.NotUsernamePasswordPolicyProviderFactory, org.keycloak.policy.RegexPatternsPasswordPolicyProviderFactory, org.keycloak.scripting.DefaultScriptingProviderFactory, org.keycloak.credential.hash.Pbkdf2PasswordHashProviderFactory, org.keycloak.events.jpa.JpaEventStoreProviderFactory, org.keycloak.exportimport.dir.DirImportProviderFactory, org.keycloak.transaction.JBossJtaTransactionManagerLookup, org.keycloak.email.freemarker.FreeMarkerEmailTemplateProviderFactory, org.keycloak.forms.account.freemarker.FreeMarkerAccountProviderFactory, org.keycloak.forms.login.freemarker.FreeMarkerLoginFormsProviderFactory, org.keycloak.policy.ForceExpiredPasswordPolicyProviderFactory, org.keycloak.storage.jpa.JpaUserFederatedStorageProviderFactory, org.keycloak.keys.KeyProviderFactory< T extends KeyProvider >, org.keycloak.policy.HashIterationsPasswordPolicyProviderFactory, org.keycloak.protocol.oidc.OIDCWellKnownProviderFactory, org.keycloak.protocol.saml.clientregistration.EntityDescriptorClientRegistrationProviderFactory, org.keycloak.services.clientregistration.oidc.OIDCClientRegistrationProviderFactory, org.keycloak.theme.ExtendingThemeManagerFactory, org.keycloak.theme.FolderThemeProviderFactory, org.keycloak.credential.CredentialProviderFactory< T extends CredentialProvider >, org.keycloak.services.clientregistration.policy.AbstractClientRegistrationPolicyFactory, org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProviderFactory, org.keycloak.policy.LowerCasePasswordPolicyProviderFactory, org.keycloak.policy.SpecialCharsPasswordPolicyProviderFactory, org.keycloak.policy.UpperCasePasswordPolicyProviderFactory, org.keycloak.protocol.oidc.AccessTokenIntrospectionProviderFactory, org.keycloak.provider.wildfly.ModuleThemeProviderFactory, org.keycloak.services.managers.DefaultBruteForceProtectorFactory, org.keycloak.services.migration.DefaultMigrationProviderFactory, org.keycloak.models.jpa.JpaRealmProviderFactory, org.keycloak.models.jpa.JpaUserCredentialStoreFactory, org.keycloak.models.jpa.JpaUserProviderFactory, org.keycloak.protocol.docker.installation.DockerComposeYamlInstallationProvider, org.keycloak.email.DefaultEmailSenderProviderFactory, org.keycloak.policy.DefaultPasswordPolicyManagerProviderFactory, org.keycloak.protocol.AbstractLoginProtocolFactory, org.keycloak.services.clientregistration.AdapterInstallationClientRegistrationProviderFactory, org.keycloak.services.clientregistration.DefaultClientRegistrationProviderFactory, org.keycloak.locale.DefaultLocaleSelectorProviderFactory, org.keycloak.urls.HostnameProviderFactory, org.keycloak.credential.hash.Pbkdf2Sha256PasswordHashProviderFactory, org.keycloak.credential.hash.Pbkdf2Sha512PasswordHashProviderFactory, org.keycloak.crypto.SignatureProviderFactory, org.keycloak.protocol.docker.installation.DockerRegistryConfigFileInstallationProvider, org.keycloak.protocol.docker.installation.DockerVariableOverrideInstallationProvider, org.keycloak.url.FixedHostnameProviderFactory, org.keycloak.theme.DefaultThemeSelectorProviderFactory, org.keycloak.protocol.oidc.ext.OIDCExtProviderFactory (計132項目)で実装されています。

◆ init() [2/2]

void org.keycloak.broker.provider.AbstractIdentityProviderMapper.init ( org.keycloak.Config.Scope  config)
inlineinherited
42  {
43 
44  }

◆ order()

default int org.keycloak.provider.ProviderFactory< T extends Provider >.order ( )
inlineinherited

org.keycloak.protocol.docker.DockerAuthV2ProtocolFactory, org.keycloak.urls.HostnameProviderFactory, org.keycloak.protocol.oidc.ext.OIDCExtProviderFactoryで実装されています。

56  {
57  return 0;
58  }

◆ postInit()

void org.keycloak.broker.provider.AbstractIdentityProviderMapper.postInit ( KeycloakSessionFactory  factory)
inlineinherited

org.keycloak.provider.ProviderFactory< T extends Provider >を実装しています。

47  {
48 
49  }

◆ preprocessFederatedIdentity()

void org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.preprocessFederatedIdentity ( KeycloakSession  session,
RealmModel  realm,
IdentityProviderMapperModel  mapperModel,
BrokeredIdentityContext  context 
)
inline

org.keycloak.broker.provider.IdentityProviderMapperを実装しています。

122  {
123  String firstNameAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_FIRST_NAME);
124  String lastNameAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_LAST_NAME);
125  String emailAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_EMAIL);
126  String langAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_LANGUAGE);
127  Boolean useFriendlyNames = Boolean.valueOf(mapperModel.getConfig().get(USE_FRIENDLY_NAMES));
128  List<AttributeType> attributesInContext = findAttributesInContext(context, getAttributePattern(mapperModel));
129  for (AttributeType a : attributesInContext) {
130  String attribute = useFriendlyNames ? a.getFriendlyName() : a.getName();
131  List<String> attributeValuesInContext = a.getAttributeValue().stream().filter(Objects::nonNull).map(Object::toString).collect(Collectors.toList());
132  if (!attributeValuesInContext.isEmpty()) {
133  // set as attribute anyway
134  context.setUserAttribute(attribute, attributeValuesInContext);
135  // set as special field ?
136  if (Objects.equals(attribute, emailAttribute)) {
137  setIfNotEmpty(context::setEmail, attributeValuesInContext);
138  } else if (Objects.equals(attribute, firstNameAttribute)) {
139  setIfNotEmpty(context::setFirstName, attributeValuesInContext);
140  } else if (Objects.equals(attribute, lastNameAttribute)) {
141  setIfNotEmpty(context::setLastName, attributeValuesInContext);
142  } else if (Objects.equals(attribute, langAttribute)) {
143  context.setUserAttribute(USER_ATTR_LOCALE, attributeValuesInContext);
144  }
145  }
146  }
147  }
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_EMAIL
static final String USER_ATTRIBUTE_EMAIL
Definition: UserAttributeStatementMapper.java:48
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_LAST_NAME
static final String USER_ATTRIBUTE_LAST_NAME
Definition: UserAttributeStatementMapper.java:46
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTR_LOCALE
static final String USER_ATTR_LOCALE
Definition: UserAttributeStatementMapper.java:36
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USE_FRIENDLY_NAMES
static final String USE_FRIENDLY_NAMES
Definition: UserAttributeStatementMapper.java:52
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.findAttributesInContext
List< AttributeType > findAttributesInContext(BrokeredIdentityContext context, Optional< Pattern > attributePattern)
Definition: UserAttributeStatementMapper.java:204
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.setIfNotEmpty
void setIfNotEmpty(Consumer< String > consumer, List< String > values)
Definition: UserAttributeStatementMapper.java:214
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getAttributePattern
Optional< Pattern > getAttributePattern(IdentityProviderMapperModel mapperModel)
Definition: UserAttributeStatementMapper.java:199
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_LANGUAGE
static final String USER_ATTRIBUTE_LANGUAGE
Definition: UserAttributeStatementMapper.java:50
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_FIRST_NAME
static final String USER_ATTRIBUTE_FIRST_NAME
Definition: UserAttributeStatementMapper.java:44

◆ setIfNotEmpty()

void org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.setIfNotEmpty ( Consumer< String >  consumer,
List< String >  values 
)
inlineprivate
214  {
215  if (values != null && !values.isEmpty()) {
216  consumer.accept(values.get(0));
217  }
218  }

◆ updateBrokeredUser()

void org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.updateBrokeredUser ( KeycloakSession  session,
RealmModel  realm,
UserModel  user,
IdentityProviderMapperModel  mapperModel,
BrokeredIdentityContext  context 
)
inline

org.keycloak.broker.provider.IdentityProviderMapperを実装しています。

150  {
151  String firstNameAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_FIRST_NAME);
152  String lastNameAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_LAST_NAME);
153  String emailAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_EMAIL);
154  String langAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_LANGUAGE);
155  Boolean useFriendlyNames = Boolean.valueOf(mapperModel.getConfig().get(USE_FRIENDLY_NAMES));
156  List<AttributeType> attributesInContext = findAttributesInContext(context, getAttributePattern(mapperModel));
157 
158  Set<String> assertedUserAttributes = new HashSet<String>();
159  for (AttributeType a : attributesInContext) {
160  String attribute = useFriendlyNames ? a.getFriendlyName() : a.getName();
161  List<String> attributeValuesInContext = a.getAttributeValue().stream().filter(Objects::nonNull).map(Object::toString).collect(Collectors.toList());
162  List<String> currentAttributeValues = user.getAttributes().get(attribute);
163  if (attributeValuesInContext == null) {
164  // attribute no longer sent by brokered idp, remove it
165  user.removeAttribute(attribute);
166  } else if (currentAttributeValues == null) {
167  // new attribute sent by brokered idp, add it
168  user.setAttribute(attribute, attributeValuesInContext);
169  } else if (!CollectionUtil.collectionEquals(attributeValuesInContext, currentAttributeValues)) {
170  // attribute sent by brokered idp has different values as before, update it
171  user.setAttribute(attribute, attributeValuesInContext);
172  }
173  if (Objects.equals(attribute, emailAttribute)) {
174  setIfNotEmpty(context::setEmail, attributeValuesInContext);
175  } else if (Objects.equals(attribute, firstNameAttribute)) {
176  setIfNotEmpty(context::setFirstName, attributeValuesInContext);
177  } else if (Objects.equals(attribute, lastNameAttribute)) {
178  setIfNotEmpty(context::setLastName, attributeValuesInContext);
179  } else if (Objects.equals(attribute, langAttribute)) {
180  if(attributeValuesInContext == null) {
181  user.removeAttribute(USER_ATTR_LOCALE);
182  } else {
183  user.setAttribute(USER_ATTR_LOCALE, attributeValuesInContext);
184  }
185  assertedUserAttributes.add(USER_ATTR_LOCALE);
186  }
187  // Mark attribute as handled
188  assertedUserAttributes.add(attribute);
189  }
190  // Remove user attributes that were not referenced in assertion.
191  user.getAttributes().keySet().stream().filter(a -> !assertedUserAttributes.contains(a)).forEach(a -> user.removeAttribute(a));
192  }
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_EMAIL
static final String USER_ATTRIBUTE_EMAIL
Definition: UserAttributeStatementMapper.java:48
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_LAST_NAME
static final String USER_ATTRIBUTE_LAST_NAME
Definition: UserAttributeStatementMapper.java:46
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTR_LOCALE
static final String USER_ATTR_LOCALE
Definition: UserAttributeStatementMapper.java:36
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USE_FRIENDLY_NAMES
static final String USE_FRIENDLY_NAMES
Definition: UserAttributeStatementMapper.java:52
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.findAttributesInContext
List< AttributeType > findAttributesInContext(BrokeredIdentityContext context, Optional< Pattern > attributePattern)
Definition: UserAttributeStatementMapper.java:204
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.setIfNotEmpty
void setIfNotEmpty(Consumer< String > consumer, List< String > values)
Definition: UserAttributeStatementMapper.java:214
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getAttributePattern
Optional< Pattern > getAttributePattern(IdentityProviderMapperModel mapperModel)
Definition: UserAttributeStatementMapper.java:199
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_LANGUAGE
static final String USER_ATTRIBUTE_LANGUAGE
Definition: UserAttributeStatementMapper.java:50
org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_FIRST_NAME
static final String USER_ATTRIBUTE_FIRST_NAME
Definition: UserAttributeStatementMapper.java:44

メンバ詳解

◆ ANY_PROVIDER

final String org.keycloak.broker.provider.IdentityProviderMapper.ANY_PROVIDER = "*"
staticinherited

◆ ATTRIBUTE_NAME_PATTERN

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.ATTRIBUTE_NAME_PATTERN = "attribute.name.pattern"
static

◆ COMPATIBLE_PROVIDERS

final String [] org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.COMPATIBLE_PROVIDERS = {SAMLIdentityProviderFactory.PROVIDER_ID}
staticprivate

◆ CONFIG_PROPERTIES

final List<ProviderConfigProperty> org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.CONFIG_PROPERTIES = new ArrayList<>()
staticprivate

◆ PROVIDER_ID

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.PROVIDER_ID = "saml-user-attributestatement-idp-mapper"
static

◆ USE_FRIENDLY_NAMES

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USE_FRIENDLY_NAMES = "use.friendly.names"
staticprivate

◆ USER_ATTR_LOCALE

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTR_LOCALE = "locale"
staticprivate

◆ USER_ATTRIBUTE_EMAIL

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_EMAIL = "user.attribute.email"
static

◆ USER_ATTRIBUTE_FIRST_NAME

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_FIRST_NAME = "user.attribute.firstName"
static

◆ USER_ATTRIBUTE_LANGUAGE

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_LANGUAGE = "user.attribute.language"
static

◆ USER_ATTRIBUTE_LAST_NAME

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_LAST_NAME = "user.attribute.lastName"
static
このクラス詳解は次のファイルから抽出されました:
2018年10月29日(月) 00時34分24秒作成 - keycloak / 構成:   doxygen 1.8.13