org.keycloak.protocol.oidc.mappers.RoleNameMapper の継承関係図

org.keycloak.protocol.oidc.mappers.RoleNameMapper 連携図

公開メンバ関数
List< ProviderConfigProperty >	getConfigProperties ()

String	getId ()

String	getDisplayType ()

String	getDisplayCategory ()

String	getHelpText ()

AccessToken	transformAccessToken (AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession)

String	getProtocol ()

void	close ()

final ProtocolMapper	create (KeycloakSession session)

void	init (Config.Scope config)

void	postInit (KeycloakSessionFactory factory)

AccessToken	transformUserInfoToken (AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession)

IDToken	transformIDToken (IDToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession)

静的公開メンバ関数
static ProtocolMapperModel	create (String name, String role, String newName)

静的公開変数類
static final String	ROLE_CONFIG = "role"

static String	NEW_ROLE_NAME = "new.role.name"

static final String	PROVIDER_ID = "oidc-role-name-mapper"

static final String	TOKEN_MAPPER_CATEGORY = "Token mapper"

限定公開メンバ関数
void	setClaim (IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession)

void	setClaim (IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession)

静的関数
	[static initializer]

静的非公開変数類
static final List< ProviderConfigProperty >	configProperties = new ArrayList<ProviderConfigProperty>()

詳解

Map an assigned role to a different position and name in the token

著者: Bill Burke

バージョン

Revision: 1

関数詳解

◆ [static initializer]()

org.keycloak.protocol.oidc.mappers.RoleNameMapper.[static initializer] ( )

inlinestaticpackage

◆ close()

void org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.close ( )

inlineinherited

                         {
 
     }

◆ create() [1/2]

final ProtocolMapper org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.create ( KeycloakSession session )

inlineinherited

                                                                 {
         throw new RuntimeException("UNSUPPORTED METHOD");
     }

◆ create() [2/2]

static ProtocolMapperModel org.keycloak.protocol.oidc.mappers.RoleNameMapper.create	(	String	name,
		String	role,
		String	newName
	)

inlinestatic

                                                              {
         String mapperId = PROVIDER_ID;
         ProtocolMapperModel mapper = new ProtocolMapperModel();
         mapper.setName(name);
         mapper.setProtocolMapper(mapperId);
         mapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
         Map<String, String> config = new HashMap<String, String>();
         config.put(ROLE_CONFIG, role);
         config.put(NEW_ROLE_NAME, newName);
         mapper.setConfig(config);
         return mapper;
 
     }

◆ getConfigProperties()

List<ProviderConfigProperty> org.keycloak.protocol.oidc.mappers.RoleNameMapper.getConfigProperties ( )

inline

                                                               {
         return configProperties;
     }

◆ getDisplayCategory()

String org.keycloak.protocol.oidc.mappers.RoleNameMapper.getDisplayCategory ( )

inline

                                        {
         return TOKEN_MAPPER_CATEGORY;
     }

◆ getDisplayType()

String org.keycloak.protocol.oidc.mappers.RoleNameMapper.getDisplayType ( )

inline

                                    {
         return "Role Name Mapper";
     }

◆ getHelpText()

String org.keycloak.protocol.oidc.mappers.RoleNameMapper.getHelpText ( )

inline

                                 {
         return "Map an assigned role to a new name or position in the token.";
     }

◆ getId()

String org.keycloak.protocol.oidc.mappers.RoleNameMapper.getId ( )

inline

                           {
         return PROVIDER_ID;
     }

◆ getProtocol()

String org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.getProtocol ( )

inlineinherited

                                 {
         return OIDCLoginProtocol.LOGIN_PROTOCOL;
     }

◆ init()

void org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.init ( Config.Scope config )

inlineinherited

55 {

56 }

◆ postInit()

void org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.postInit ( KeycloakSessionFactory factory )

inlineinherited

                                                          {
 
     }

◆ setClaim() [1/2]

void org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.setClaim	(	IDToken	token,
		ProtocolMapperModel	mappingModel,
		UserSessionModel	userSession
	)

inlineprotectedinherited

Intended to be overridden in ProtocolMapper implementations to add claims to an token.

引数

token
mappingModel
userSession

非推奨:: override setClaim(IDToken, ProtocolMapperModel, UserSessionModel, KeycloakSession) instead.

105 {

106 }

◆ setClaim() [2/2]

void org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.setClaim	(	IDToken	token,
		ProtocolMapperModel	mappingModel,
		UserSessionModel	userSession,
		KeycloakSession	keycloakSession
	)

inlineprotectedinherited

Intended to be overridden in ProtocolMapper implementations to add claims to an token.

引数

token
mappingModel
userSession
keycloakSession

                                                                                                                                             {
         // we delegate to the old #setClaim(...) method for backwards compatibility
         setClaim(token, mappingModel, userSession);
     }

◆ transformAccessToken()

AccessToken org.keycloak.protocol.oidc.mappers.RoleNameMapper.transformAccessToken	(	AccessToken	token,
		ProtocolMapperModel	mappingModel,
		KeycloakSession	session,
		UserSessionModel	userSession,
		AuthenticatedClientSessionModel	clientSession
	)

inline

org.keycloak.protocol.oidc.mappers.OIDCAccessTokenMapperを実装しています。

                                                                                                                          {
         String role = mappingModel.getConfig().get(ROLE_CONFIG);
         String newName = mappingModel.getConfig().get(NEW_ROLE_NAME);
 
         String[] scopedRole = KeycloakModelUtils.parseRole(role);
         String[] newScopedRole = KeycloakModelUtils.parseRole(newName);
         String appName = scopedRole[0];
         String roleName = scopedRole[1];
         if (appName != null) {
             AccessToken.Access access = token.getResourceAccess(appName);
             if (access == null) return token;
             if (!access.getRoles().contains(roleName)) return token;
             access.getRoles().remove(roleName);
         } else {
             AccessToken.Access access = token.getRealmAccess();
             if (access == null || !access.getRoles().contains(roleName)) return token;
             access.getRoles().remove(roleName);
         }
 
         String newAppName = newScopedRole[0];
         String newRoleName = newScopedRole[1];
         AccessToken.Access access = null;
         if (newAppName == null) {
             access = token.getRealmAccess();
             if (access == null) {
                 access = new AccessToken.Access();
                 token.setRealmAccess(access);
             }
         } else {
             access = token.addAccess(newAppName);
         }
 
         access.addRole(newRoleName);
         return token;
     }

◆ transformIDToken()

IDToken org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.transformIDToken	(	IDToken	token,
		ProtocolMapperModel	mappingModel,
		KeycloakSession	session,
		UserSessionModel	userSession,
		AuthenticatedClientSessionModel	clientSession
	)

inlineinherited

                                                                                                                  {
 
         if (!OIDCAttributeMapperHelper.includeInIDToken(mappingModel)){
             return token;
         }
 
         setClaim(token, mappingModel, userSession, session);
         return token;
     }

◆ transformUserInfoToken()

AccessToken org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.transformUserInfoToken	(	AccessToken	token,
		ProtocolMapperModel	mappingModel,
		KeycloakSession	session,
		UserSessionModel	userSession,
		AuthenticatedClientSessionModel	clientSession
	)

inlineinherited

                                                                                                                            {
 
         if (!OIDCAttributeMapperHelper.includeInUserInfo(mappingModel)) {
             return token;
         }
 
         setClaim(token, mappingModel, userSession, session);
         return token;
     }

メンバ詳解

◆ configProperties

final List<ProviderConfigProperty> org.keycloak.protocol.oidc.mappers.RoleNameMapper.configProperties = new ArrayList<ProviderConfigProperty>()

staticprivate

◆ NEW_ROLE_NAME

String org.keycloak.protocol.oidc.mappers.RoleNameMapper.NEW_ROLE_NAME = "new.role.name"

static

◆ PROVIDER_ID

final String org.keycloak.protocol.oidc.mappers.RoleNameMapper.PROVIDER_ID = "oidc-role-name-mapper"

static

◆ ROLE_CONFIG

final String org.keycloak.protocol.oidc.mappers.RoleNameMapper.ROLE_CONFIG = "role"

static

◆ TOKEN_MAPPER_CATEGORY

final String org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.TOKEN_MAPPER_CATEGORY = "Token mapper"

staticinherited

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/protocol/oidc/mappers/RoleNameMapper.java

公開メンバ関数

静的公開メンバ関数

静的公開変数類

限定公開メンバ関数

静的関数

静的非公開変数類

詳解

関数詳解

◆ [static initializer]()

◆ close()

◆ create() [1/2]

◆ create() [2/2]

◆ getConfigProperties()

◆ getDisplayCategory()

◆ getDisplayType()

◆ getHelpText()

◆ getId()

◆ getProtocol()

◆ init()

◆ postInit()

◆ setClaim() [1/2]

◆ setClaim() [2/2]

◆ transformAccessToken()

◆ transformIDToken()

◆ transformUserInfoToken()

メンバ詳解

◆ configProperties

◆ NEW_ROLE_NAME

◆ PROVIDER_ID

◆ ROLE_CONFIG

◆ TOKEN_MAPPER_CATEGORY