org.keycloak.broker.oidc.mappers.ClaimToRoleMapper の継承関係図

org.keycloak.broker.oidc.mappers.ClaimToRoleMapper 連携図

公開メンバ関数
List< ProviderConfigProperty >	getConfigProperties ()

String	getId ()

String []	getCompatibleProviders ()

String	getDisplayCategory ()

String	getDisplayType ()

void	importNewUser (KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

void	updateBrokeredUser (KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

String	getHelpText ()

boolean	valueEquals (String desiredValue, Object value)

静的公開メンバ関数
static Object	getClaimValue (JsonWebToken token, String claim)

static Object	getClaimValue (IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

static Object	getClaimValue (BrokeredIdentityContext context, String claim)

静的公開変数類
static final String []	COMPATIBLE_PROVIDERS = {KeycloakOIDCIdentityProviderFactory.PROVIDER_ID, OIDCIdentityProviderFactory.PROVIDER_ID}

static final String	PROVIDER_ID = "oidc-role-idp-mapper"

static final String	CLAIM = "claim"

static final String	CLAIM_VALUE = "claim.value"

限定公開メンバ関数
boolean	hasClaimValue (IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

静的関数
	[static initializer]

静的非公開変数類
static final List< ProviderConfigProperty >	configProperties = new ArrayList<ProviderConfigProperty>()

詳解

著者: Bill Burke

バージョン

Revision: 1

関数詳解

◆ [static initializer]()

org.keycloak.broker.oidc.mappers.ClaimToRoleMapper.[static initializer] ( )

inlinestaticpackage

◆ getClaimValue() [1/3]

static Object org.keycloak.broker.oidc.mappers.AbstractClaimMapper.getClaimValue	(	JsonWebToken	token,
		String	claim
	)

inlinestaticinherited

                                                                          {
         List<String> split = OIDCAttributeMapperHelper.splitClaimPath(claim);
         Map<String, Object> jsonObject = token.getOtherClaims();
         final int length = split.size();
         int i = 0;
         for (String component : split) {
             i++;
             if (i == length) {
                 return jsonObject.get(component);
             } else {
                 Object val = jsonObject.get(component);
                 if (!(val instanceof Map)) return null;
                 jsonObject = (Map<String, Object>)val;
             }
         }
         return null;
     }

◆ getClaimValue() [2/3]

static Object org.keycloak.broker.oidc.mappers.AbstractClaimMapper.getClaimValue	(	IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inlinestaticinherited

                                                                                                                  {
         String claim = mapperModel.getConfig().get(CLAIM);
         return getClaimValue(context, claim);
     }

◆ getClaimValue() [3/3]

static Object org.keycloak.broker.oidc.mappers.AbstractClaimMapper.getClaimValue	(	BrokeredIdentityContext	context,
		String	claim
	)

inlinestaticinherited

                                                                                       {
         {  // search access token
             JsonWebToken token = (JsonWebToken)context.getContextData().get(KeycloakOIDCIdentityProvider.VALIDATED_ACCESS_TOKEN);
             if (token != null) {
                 Object value = getClaimValue(token, claim);
                 if (value != null) return value;
             }
 
         }
         {  // search ID Token
             JsonWebToken token = (JsonWebToken)context.getContextData().get(KeycloakOIDCIdentityProvider.VALIDATED_ID_TOKEN);
             if (token != null) {
                 Object value = getClaimValue(token, claim);
                 if (value != null) return value;
             }
 
         }
         {
             // Search the OIDC UserInfo claim set (if any)
             JsonNode profileJsonNode = (JsonNode) context.getContextData().get(OIDCIdentityProvider.USER_INFO);
             Object value = AbstractJsonUserAttributeMapper.getJsonValue(profileJsonNode, claim);
             if (value != null) return value;
         }
         return null;
     }

◆ getCompatibleProviders()

String [] org.keycloak.broker.oidc.mappers.ClaimToRoleMapper.getCompatibleProviders ( )

inline

                                              {
         return COMPATIBLE_PROVIDERS;
     }

◆ getConfigProperties()

List<ProviderConfigProperty> org.keycloak.broker.oidc.mappers.ClaimToRoleMapper.getConfigProperties ( )

inline

                                                               {
         return configProperties;
     }

◆ getDisplayCategory()

String org.keycloak.broker.oidc.mappers.ClaimToRoleMapper.getDisplayCategory ( )

inline

                                        {
         return "Role Importer";
     }

◆ getDisplayType()

String org.keycloak.broker.oidc.mappers.ClaimToRoleMapper.getDisplayType ( )

inline

                                    {
         return "Claim to Role";
     }

◆ getHelpText()

String org.keycloak.broker.oidc.mappers.ClaimToRoleMapper.getHelpText ( )

inline

                                 {
         return "If a claim exists, grant the user the specified realm or application role.";
     }

◆ getId()

String org.keycloak.broker.oidc.mappers.ClaimToRoleMapper.getId ( )

inline

                           {
         return PROVIDER_ID;
     }

◆ hasClaimValue()

boolean org.keycloak.broker.oidc.mappers.AbstractClaimMapper.hasClaimValue	(	IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inlineprotectedinherited

                                                                                                               {
         Object value = getClaimValue(mapperModel, context);
         String desiredValue = mapperModel.getConfig().get(CLAIM_VALUE);
         return valueEquals(desiredValue, value);
     }

◆ importNewUser()

void org.keycloak.broker.oidc.mappers.ClaimToRoleMapper.importNewUser	(	KeycloakSession	session,
		RealmModel	realm,
		UserModel	user,
		IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inline

                                                                                                                                                                    {
         String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
         if (hasClaimValue(mapperModel, context)) {
             RoleModel role = KeycloakModelUtils.getRoleFromString(realm, roleName);
             if (role == null) throw new IdentityBrokerException("Unable to find role: " + roleName);
             user.grantRole(role);
         }
     }

◆ updateBrokeredUser()

void org.keycloak.broker.oidc.mappers.ClaimToRoleMapper.updateBrokeredUser	(	KeycloakSession	session,
		RealmModel	realm,
		UserModel	user,
		IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inline

                                                                                                                                                                         {
         String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
         if (!hasClaimValue(mapperModel, context)) {
             RoleModel role = KeycloakModelUtils.getRoleFromString(realm, roleName);
             if (role == null) throw new IdentityBrokerException("Unable to find role: " + roleName);
             user.deleteRoleMapping(role);
         }
 
     }

◆ valueEquals()

boolean org.keycloak.broker.oidc.mappers.AbstractClaimMapper.valueEquals	(	String	desiredValue,
		Object	value
	)

inlineinherited

                                                                   {
         if (value instanceof String) {
             if (desiredValue.equals(value)) return true;
         } else if (value instanceof Double) {
             try {
                 if (Double.valueOf(desiredValue).equals(value)) return true;
             } catch (Exception e) {
 
             }
         } else if (value instanceof Integer) {
             try {
                 if (Integer.valueOf(desiredValue).equals(value)) return true;
             } catch (Exception e) {
 
             }
         } else if (value instanceof Boolean) {
             try {
                 if (Boolean.valueOf(desiredValue).equals(value)) return true;
             } catch (Exception e) {
 
             }
         } else if (value instanceof List) {
             List list = (List)value;
             for (Object val : list) {
                 if (valueEquals(desiredValue, val)) return true;
             }
         }
         return false;
     }

メンバ詳解

◆ CLAIM

final String org.keycloak.broker.oidc.mappers.AbstractClaimMapper.CLAIM = "claim"

staticinherited

◆ CLAIM_VALUE

final String org.keycloak.broker.oidc.mappers.AbstractClaimMapper.CLAIM_VALUE = "claim.value"

staticinherited

◆ COMPATIBLE_PROVIDERS

final String [] org.keycloak.broker.oidc.mappers.ClaimToRoleMapper.COMPATIBLE_PROVIDERS = {KeycloakOIDCIdentityProviderFactory.PROVIDER_ID, OIDCIdentityProviderFactory.PROVIDER_ID}

static

◆ configProperties

final List<ProviderConfigProperty> org.keycloak.broker.oidc.mappers.ClaimToRoleMapper.configProperties = new ArrayList<ProviderConfigProperty>()

staticprivate

◆ PROVIDER_ID

final String org.keycloak.broker.oidc.mappers.ClaimToRoleMapper.PROVIDER_ID = "oidc-role-idp-mapper"

static

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/broker/oidc/mappers/ClaimToRoleMapper.java

公開メンバ関数

静的公開メンバ関数

静的公開変数類

限定公開メンバ関数

静的関数

静的非公開変数類

詳解

関数詳解

◆ [static initializer]()

◆ getClaimValue() [1/3]

◆ getClaimValue() [2/3]

◆ getClaimValue() [3/3]

◆ getCompatibleProviders()

◆ getConfigProperties()

◆ getDisplayCategory()

◆ getDisplayType()

◆ getHelpText()

◆ getId()

◆ hasClaimValue()

◆ importNewUser()

◆ updateBrokeredUser()

◆ valueEquals()

メンバ詳解

◆ CLAIM

◆ CLAIM_VALUE

◆ COMPATIBLE_PROVIDERS

◆ configProperties

◆ PROVIDER_ID