|
| List< ProviderConfigProperty > | getConfigProperties () |
| |
| String | getId () |
| |
| String | getDisplayType () |
| |
| String | getDisplayCategory () |
| |
| String | getHelpText () |
| |
| boolean | isSupported () |
| |
| void | validateConfig (KeycloakSession session, RealmModel realm, ProtocolMapperContainerModel client, ProtocolMapperModel mapperModel) throws ProtocolMapperConfigException |
| |
| String | getProtocol () |
| |
| void | close () |
| |
| final ProtocolMapper | create (KeycloakSession session) |
| |
| void | init (Config.Scope config) |
| |
| void | postInit (KeycloakSessionFactory factory) |
| |
| AccessToken | transformUserInfoToken (AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) |
| |
| AccessToken | transformAccessToken (AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) |
| |
| IDToken | transformIDToken (IDToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) |
| |
| default int | order () |
| |
| AccessToken | transformAccessToken (AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) |
| |
| IDToken | transformIDToken (IDToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) |
| |
| AccessToken | transformUserInfoToken (AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) |
| |
|
| static ProtocolMapperModel | create (String name, String userAttribute, String tokenClaimName, String claimType, boolean accessToken, boolean idToken, String script, boolean multiValued) |
| |
OIDC org.keycloak.protocol.ProtocolMapper that uses a provided JavaScript fragment to compute the token claim value.
- 著者
- Thomas Darimont
◆ [static initializer]()
| org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper.[static initializer] |
( |
| ) |
|
|
inlinestaticpackage |
◆ close()
| void org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.close |
( |
| ) |
|
|
inlineinherited |
◆ create() [1/2]
◆ create() [2/2]
| static ProtocolMapperModel org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper.create |
( |
String |
name, |
|
|
String |
userAttribute, |
|
|
String |
tokenClaimName, |
|
|
String |
claimType, |
|
|
boolean |
accessToken, |
|
|
boolean |
idToken, |
|
|
String |
script, |
|
|
boolean |
multiValued |
|
) |
| |
|
inlinestatic |
173 ProtocolMapperModel mapper = OIDCAttributeMapperHelper.createClaimMapper(name, userAttribute,
174 tokenClaimName, claimType,
175 accessToken, idToken,
178 mapper.getConfig().put(
SCRIPT, script);
179 mapper.getConfig().put(ProtocolMapperUtils.MULTIVALUED, String.valueOf(multiValued));
static final String SCRIPT
Definition: ScriptBasedOIDCProtocolMapper.java:53
static final String PROVIDER_ID
Definition: ScriptBasedOIDCProtocolMapper.java:49
◆ getConfigProperties()
| List<ProviderConfigProperty> org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper.getConfigProperties |
( |
| ) |
|
|
inline |
◆ getDisplayCategory()
| String org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper.getDisplayCategory |
( |
| ) |
|
|
inline |
◆ getDisplayType()
| String org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper.getDisplayType |
( |
| ) |
|
|
inline |
◆ getHelpText()
| String org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper.getHelpText |
( |
| ) |
|
|
inline |
◆ getId()
| String org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper.getId |
( |
| ) |
|
|
inline |
◆ getProtocol()
| String org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.getProtocol |
( |
| ) |
|
|
inlineinherited |
◆ init()
| void org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.init |
( |
Config.Scope |
config | ) |
|
|
inlineinherited |
◆ isSupported()
| boolean org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper.isSupported |
( |
| ) |
|
|
inline |
120 return Profile.isFeatureEnabled(Profile.Feature.SCRIPTS);
◆ order()
◆ postInit()
◆ setClaim() [1/2]
◆ setClaim() [2/2]
125 UserModel user = userSession.getUser();
126 String scriptSource = mappingModel.getConfig().get(
SCRIPT);
127 RealmModel realm = userSession.getRealm();
129 ScriptingProvider scripting = keycloakSession.getProvider(ScriptingProvider.class);
130 ScriptModel scriptModel = scripting.createScript(realm.getId(), ScriptModel.TEXT_JAVASCRIPT,
"token-mapper-script_" + mappingModel.getName(), scriptSource, null);
132 EvaluatableScriptAdapter script = scripting.prepareEvaluatableScript(scriptModel);
136 claimValue = script.eval((bindings) -> {
137 bindings.put(
"user", user);
138 bindings.put(
"realm", realm);
139 bindings.put(
"token", token);
140 bindings.put(
"userSession", userSession);
141 bindings.put(
"keycloakSession", keycloakSession);
143 }
catch (Exception ex) {
144 LOGGER.error(
"Error during execution of ProtocolMapper script", ex);
148 OIDCAttributeMapperHelper.mapClaim(token, mappingModel, claimValue);
static final String SCRIPT
Definition: ScriptBasedOIDCProtocolMapper.java:53
static final Logger LOGGER
Definition: ScriptBasedOIDCProtocolMapper.java:51
◆ transformAccessToken() [1/2]
◆ transformAccessToken() [2/2]
77 if (!OIDCAttributeMapperHelper.includeInAccessToken(mappingModel)){
81 setClaim(token, mappingModel, userSession, session);
void setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession)
Definition: AbstractOIDCProtocolMapper.java:105
◆ transformIDToken() [1/2]
◆ transformIDToken() [2/2]
88 if (!OIDCAttributeMapperHelper.includeInIDToken(mappingModel)){
92 setClaim(token, mappingModel, userSession, session);
void setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession)
Definition: AbstractOIDCProtocolMapper.java:105
◆ transformUserInfoToken() [1/2]
◆ transformUserInfoToken() [2/2]
66 if (!OIDCAttributeMapperHelper.includeInUserInfo(mappingModel)) {
70 setClaim(token, mappingModel, userSession, session);
void setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession)
Definition: AbstractOIDCProtocolMapper.java:105
◆ validateConfig()
org.keycloak.protocol.ProtocolMapperを実装しています。
154 String scriptCode = mapperModel.getConfig().get(
SCRIPT);
155 if (scriptCode == null) {
159 ScriptingProvider scripting = session.getProvider(ScriptingProvider.class);
160 ScriptModel scriptModel = scripting.createScript(realm.getId(), ScriptModel.TEXT_JAVASCRIPT, mapperModel.getName() +
"-script", scriptCode,
"");
163 scripting.prepareEvaluatableScript(scriptModel);
164 }
catch (ScriptCompilationException ex) {
165 throw new ProtocolMapperConfigException(
"error",
"{0}", ex.getMessage());
static final String SCRIPT
Definition: ScriptBasedOIDCProtocolMapper.java:53
◆ configProperties
| final List<ProviderConfigProperty> org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper.configProperties |
|
staticprivate |
◆ LOGGER
| final Logger org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper.LOGGER = Logger.getLogger(ScriptBasedOIDCProtocolMapper.class) |
|
staticprivate |
◆ PROVIDER_ID
| final String org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper.PROVIDER_ID = "oidc-script-based-protocol-mapper" |
|
static |
◆ SCRIPT
| final String org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper.SCRIPT = "script" |
|
staticprivate |
◆ TOKEN_MAPPER_CATEGORY
| final String org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.TOKEN_MAPPER_CATEGORY = "Token mapper" |
|
staticinherited |
このクラス詳解は次のファイルから抽出されました:
