org.keycloak.broker.saml.mappers.UserAttributeStatementMapper の継承関係図

org.keycloak.broker.saml.mappers.UserAttributeStatementMapper 連携図

公開メンバ関数
List< ProviderConfigProperty >	getConfigProperties ()

String	getId ()

String []	getCompatibleProviders ()

String	getDisplayCategory ()

String	getDisplayType ()

void	preprocessFederatedIdentity (KeycloakSession session, RealmModel realm, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

void	updateBrokeredUser (KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

String	getHelpText ()

静的公開変数類
static final String	ATTRIBUTE_NAME_PATTERN = "attribute.name.pattern"

static final String	USER_ATTRIBUTE_FIRST_NAME = "user.attribute.firstName"

static final String	USER_ATTRIBUTE_LAST_NAME = "user.attribute.lastName"

static final String	USER_ATTRIBUTE_EMAIL = "user.attribute.email"

static final String	USER_ATTRIBUTE_LANGUAGE = "user.attribute.language"

static final String	PROVIDER_ID = "saml-user-attributestatement-idp-mapper"

静的関数
	[static initializer]

非公開メンバ関数
Optional< Pattern >	getAttributePattern (IdentityProviderMapperModel mapperModel)

List< AttributeType >	findAttributesInContext (BrokeredIdentityContext context, Optional< Pattern > attributePattern)

void	setIfNotEmpty (Consumer< String > consumer, List< String > values)

静的非公開変数類
static final String	USER_ATTR_LOCALE = "locale"

static final String []	COMPATIBLE_PROVIDERS = {SAMLIdentityProviderFactory.PROVIDER_ID}

static final List< ProviderConfigProperty >	CONFIG_PROPERTIES = new ArrayList<>()

static final String	USE_FRIENDLY_NAMES = "use.friendly.names"

詳解

著者: Frederik Libert

関数詳解

◆ [static initializer]()

org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.[static initializer] ( )

inlinestaticpackage

◆ findAttributesInContext()

List<AttributeType> org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.findAttributesInContext	(	BrokeredIdentityContext	context,
		Optional< Pattern >	attributePattern
	)

inlineprivate

                                                                                                                              {
         AssertionType assertion = (AssertionType) context.getContextData().get(SAMLEndpoint.SAML_ASSERTION);
 
         return assertion.getAttributeStatements().stream()//
             .flatMap(statement -> statement.getAttributes().stream())//
             .filter(item -> !attributePattern.isPresent() || attributePattern.get().matcher(item.getAttribute().getName()).matches())//
             .map(ASTChoiceType::getAttribute)//
             .collect(Collectors.toList());
     }

◆ getAttributePattern()

Optional<Pattern> org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getAttributePattern ( IdentityProviderMapperModel mapperModel )

inlineprivate

                                                                                            {
         String attributePatternConfig = mapperModel.getConfig().get(ATTRIBUTE_NAME_PATTERN);
         return Optional.ofNullable(attributePatternConfig != null ? Pattern.compile(attributePatternConfig) : null);
     }

◆ getCompatibleProviders()

String [] org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getCompatibleProviders ( )

inline

                                              {
         return COMPATIBLE_PROVIDERS.clone();
     }

◆ getConfigProperties()

List<ProviderConfigProperty> org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getConfigProperties ( )

inline

                                                               {
         return CONFIG_PROPERTIES;
     }

◆ getDisplayCategory()

String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getDisplayCategory ( )

inline

                                        {
         return "AttributeStatement Importer";
     }

◆ getDisplayType()

String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getDisplayType ( )

inline

                                    {
         return "AttributeStatement Importer";
     }

◆ getHelpText()

String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getHelpText ( )

inline

                                 {
         return "Import all saml attributes found in attributestatements in assertion into user properties or attributes.";
     }

◆ getId()

String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.getId ( )

inline

                           {
         return PROVIDER_ID;
     }

◆ preprocessFederatedIdentity()

void org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.preprocessFederatedIdentity	(	KeycloakSession	session,
		RealmModel	realm,
		IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inline

                                                                                                                                                                  {
         String firstNameAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_FIRST_NAME);
         String lastNameAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_LAST_NAME);
         String emailAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_EMAIL);
         String langAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_LANGUAGE);
         Boolean useFriendlyNames = Boolean.valueOf(mapperModel.getConfig().get(USE_FRIENDLY_NAMES));
         List<AttributeType> attributesInContext = findAttributesInContext(context, getAttributePattern(mapperModel));
         for (AttributeType a : attributesInContext) {
             String attribute = useFriendlyNames ? a.getFriendlyName() : a.getName();
             List<String> attributeValuesInContext = a.getAttributeValue().stream().filter(Objects::nonNull).map(Object::toString).collect(Collectors.toList());
             if (!attributeValuesInContext.isEmpty()) {
                 // set as attribute anyway
                 context.setUserAttribute(attribute, attributeValuesInContext);
                 // set as special field ?
                 if (Objects.equals(attribute, emailAttribute)) {
                     setIfNotEmpty(context::setEmail, attributeValuesInContext);
                 } else if (Objects.equals(attribute, firstNameAttribute)) {
                     setIfNotEmpty(context::setFirstName, attributeValuesInContext);
                 } else if (Objects.equals(attribute, lastNameAttribute)) {
                     setIfNotEmpty(context::setLastName, attributeValuesInContext);
                 } else if (Objects.equals(attribute, langAttribute)) {
                     context.setUserAttribute(USER_ATTR_LOCALE, attributeValuesInContext);
                 } 
             }
         }
     }

◆ setIfNotEmpty()

void org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.setIfNotEmpty	(	Consumer< String >	consumer,
		List< String >	values
	)

inlineprivate

                                                                                {
         if (values != null && !values.isEmpty()) {
             consumer.accept(values.get(0));
         }
     }

◆ updateBrokeredUser()

void org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.updateBrokeredUser	(	KeycloakSession	session,
		RealmModel	realm,
		UserModel	user,
		IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inline

                                                                                                                                                                         {
         String firstNameAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_FIRST_NAME);
         String lastNameAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_LAST_NAME);
         String emailAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_EMAIL);
         String langAttribute = mapperModel.getConfig().get(USER_ATTRIBUTE_LANGUAGE);
         Boolean useFriendlyNames = Boolean.valueOf(mapperModel.getConfig().get(USE_FRIENDLY_NAMES));
         List<AttributeType> attributesInContext = findAttributesInContext(context, getAttributePattern(mapperModel));
 
         Set<String> assertedUserAttributes = new HashSet<String>();
         for (AttributeType a : attributesInContext) {
             String attribute = useFriendlyNames ? a.getFriendlyName() : a.getName();
             List<String> attributeValuesInContext = a.getAttributeValue().stream().filter(Objects::nonNull).map(Object::toString).collect(Collectors.toList());
             List<String> currentAttributeValues = user.getAttributes().get(attribute);
             if (attributeValuesInContext == null) {
                 // attribute no longer sent by brokered idp, remove it
                 user.removeAttribute(attribute);
             } else if (currentAttributeValues == null) {
                 // new attribute sent by brokered idp, add it
                 user.setAttribute(attribute, attributeValuesInContext);
             } else if (!CollectionUtil.collectionEquals(attributeValuesInContext, currentAttributeValues)) {
                 // attribute sent by brokered idp has different values as before, update it
                 user.setAttribute(attribute, attributeValuesInContext);
             }
             if (Objects.equals(attribute, emailAttribute)) {
                 setIfNotEmpty(context::setEmail, attributeValuesInContext);
             } else if (Objects.equals(attribute, firstNameAttribute)) {
                 setIfNotEmpty(context::setFirstName, attributeValuesInContext);
             } else if (Objects.equals(attribute, lastNameAttribute)) {
                 setIfNotEmpty(context::setLastName, attributeValuesInContext);
             } else if (Objects.equals(attribute, langAttribute)) {
                 if(attributeValuesInContext == null) {
                     user.removeAttribute(USER_ATTR_LOCALE);
                 } else {
                     user.setAttribute(USER_ATTR_LOCALE, attributeValuesInContext);
                 }
                 assertedUserAttributes.add(USER_ATTR_LOCALE);
             } 
             // Mark attribute as handled
             assertedUserAttributes.add(attribute);
         }
         // Remove user attributes that were not referenced in assertion.
         user.getAttributes().keySet().stream().filter(a -> !assertedUserAttributes.contains(a)).forEach(a -> user.removeAttribute(a));
     }

メンバ詳解

◆ ATTRIBUTE_NAME_PATTERN

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.ATTRIBUTE_NAME_PATTERN = "attribute.name.pattern"

static

◆ COMPATIBLE_PROVIDERS

final String [] org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.COMPATIBLE_PROVIDERS = {SAMLIdentityProviderFactory.PROVIDER_ID}

staticprivate

◆ CONFIG_PROPERTIES

final List<ProviderConfigProperty> org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.CONFIG_PROPERTIES = new ArrayList<>()

staticprivate

◆ PROVIDER_ID

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.PROVIDER_ID = "saml-user-attributestatement-idp-mapper"

static

◆ USE_FRIENDLY_NAMES

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USE_FRIENDLY_NAMES = "use.friendly.names"

staticprivate

◆ USER_ATTR_LOCALE

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTR_LOCALE = "locale"

staticprivate

◆ USER_ATTRIBUTE_EMAIL

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_EMAIL = "user.attribute.email"

static

◆ USER_ATTRIBUTE_FIRST_NAME

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_FIRST_NAME = "user.attribute.firstName"

static

◆ USER_ATTRIBUTE_LANGUAGE

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_LANGUAGE = "user.attribute.language"

static

◆ USER_ATTRIBUTE_LAST_NAME

final String org.keycloak.broker.saml.mappers.UserAttributeStatementMapper.USER_ATTRIBUTE_LAST_NAME = "user.attribute.lastName"

static

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/broker/saml/mappers/UserAttributeStatementMapper.java

公開メンバ関数

静的公開変数類

静的関数

非公開メンバ関数

静的非公開変数類

詳解

関数詳解

◆ [static initializer]()

◆ findAttributesInContext()

◆ getAttributePattern()

◆ getCompatibleProviders()

◆ getConfigProperties()

◆ getDisplayCategory()

◆ getDisplayType()

◆ getHelpText()

◆ getId()

◆ preprocessFederatedIdentity()

◆ setIfNotEmpty()

◆ updateBrokeredUser()

メンバ詳解

◆ ATTRIBUTE_NAME_PATTERN

◆ COMPATIBLE_PROVIDERS

◆ CONFIG_PROPERTIES

◆ PROVIDER_ID

◆ USE_FRIENDLY_NAMES

◆ USER_ATTR_LOCALE

◆ USER_ATTRIBUTE_EMAIL

◆ USER_ATTRIBUTE_FIRST_NAME

◆ USER_ATTRIBUTE_LANGUAGE

◆ USER_ATTRIBUTE_LAST_NAME