org.keycloak.broker.saml.mappers.UserAttributeMapper クラス

org.keycloak.broker.saml.mappers.UserAttributeMapper の継承関係図

org.keycloak.broker.saml.mappers.UserAttributeMapper 連携図

公開メンバ関数
List< ProviderConfigProperty >	getConfigProperties ()
String	getId ()
String []	getCompatibleProviders ()
String	getDisplayCategory ()
String	getDisplayType ()
void	preprocessFederatedIdentity (KeycloakSession session, RealmModel realm, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)
void	updateBrokeredUser (KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)
String	getHelpText ()

静的公開変数類
static final String []	COMPATIBLE_PROVIDERS = {SAMLIdentityProviderFactory.PROVIDER_ID}
static final String	ATTRIBUTE_NAME = "attribute.name"
static final String	ATTRIBUTE_FRIENDLY_NAME = "attribute.friendly.name"
static final String	USER_ATTRIBUTE = "user.attribute"
static final String	PROVIDER_ID = "saml-user-attribute-idp-mapper"

静的関数
	[static initializer]

非公開メンバ関数
String	getAttributeNameFromMapperModel (IdentityProviderMapperModel mapperModel)
void	setIfNotEmpty (Consumer< String > consumer, List< String > values)
Predicate< AttributeStatementType.ASTChoiceType >	elementWith (String attributeName)
List< String >	findAttributeValuesInContext (String attributeName, BrokeredIdentityContext context)

静的非公開変数類
static final List< ProviderConfigProperty >	configProperties = new ArrayList<>()
static final String	EMAIL = "email"
static final String	FIRST_NAME = "firstName"
static final String	LAST_NAME = "lastName"

詳解

著者

Bill Burke

バージョン

Revision

1

関数詳解

[static initializer]()

org.keycloak.broker.saml.mappers.UserAttributeMapper.[static initializer] ( )

inlinestaticpackage

elementWith()

Predicate<AttributeStatementType.ASTChoiceType> org.keycloak.broker.saml.mappers.UserAttributeMapper.elementWith ( String  attributeName )

inlineprivate

                                                                                              {
        return attributeType -> {
            AttributeType attribute = attributeType.getAttribute();
            return Objects.equals(attribute.getName(), attributeName)
                    || Objects.equals(attribute.getFriendlyName(), attributeName);
        };
    }

findAttributeValuesInContext()

List<String> org.keycloak.broker.saml.mappers.UserAttributeMapper.findAttributeValuesInContext ( String  attributeName, BrokeredIdentityContext  context  )

inlineprivate

                                                                                                             {
        AssertionType assertion = (AssertionType) context.getContextData().get(SAMLEndpoint.SAML_ASSERTION);

        return assertion.getAttributeStatements().stream()
                .flatMap(statement -> statement.getAttributes().stream())
                .filter(elementWith(attributeName))
                .flatMap(attributeType -> attributeType.getAttribute().getAttributeValue().stream())
                .filter(Objects::nonNull)
                .map(Object::toString)
                .collect(Collectors.toList());
    }

getAttributeNameFromMapperModel()

String org.keycloak.broker.saml.mappers.UserAttributeMapper.getAttributeNameFromMapperModel ( IdentityProviderMapperModel  mapperModel )

inlineprivate

                                                                                            {
        String attributeName = mapperModel.getConfig().get(ATTRIBUTE_NAME);
        if (attributeName == null) {
            attributeName = mapperModel.getConfig().get(ATTRIBUTE_FRIENDLY_NAME);
        }
        return attributeName;
    }

getCompatibleProviders()

String [] org.keycloak.broker.saml.mappers.UserAttributeMapper.getCompatibleProviders ( )

inline

                                             {
        return COMPATIBLE_PROVIDERS;
    }

getConfigProperties()

List<ProviderConfigProperty> org.keycloak.broker.saml.mappers.UserAttributeMapper.getConfigProperties ( )

inline

                                                              {
        return configProperties;
    }

getDisplayCategory()

String org.keycloak.broker.saml.mappers.UserAttributeMapper.getDisplayCategory ( )

inline

                                       {
        return "Attribute Importer";
    }

getDisplayType()

String org.keycloak.broker.saml.mappers.UserAttributeMapper.getDisplayType ( )

inline

                                   {
        return "Attribute Importer";
    }

getHelpText()

String org.keycloak.broker.saml.mappers.UserAttributeMapper.getHelpText ( )

inline

                                {
        return "Import declared saml attribute if it exists in assertion into the specified user property or attribute.";
    }

getId()

String org.keycloak.broker.saml.mappers.UserAttributeMapper.getId ( )

inline

                          {
        return PROVIDER_ID;
    }

preprocessFederatedIdentity()

void org.keycloak.broker.saml.mappers.UserAttributeMapper.preprocessFederatedIdentity ( KeycloakSession  session, RealmModel  realm, IdentityProviderMapperModel  mapperModel, BrokeredIdentityContext  context  )

inline

                                                                                                                                                                 {
        String attribute = mapperModel.getConfig().get(USER_ATTRIBUTE);
        if (StringUtil.isNullOrEmpty(attribute)) {
            return;
        }
        String attributeName = getAttributeNameFromMapperModel(mapperModel);

        List<String> attributeValuesInContext = findAttributeValuesInContext(attributeName, context);
        if (!attributeValuesInContext.isEmpty()) {
            if (attribute.equalsIgnoreCase(EMAIL)) {
                setIfNotEmpty(context::setEmail, attributeValuesInContext);
            } else if (attribute.equalsIgnoreCase(FIRST_NAME)) {
                setIfNotEmpty(context::setFirstName, attributeValuesInContext);
            } else if (attribute.equalsIgnoreCase(LAST_NAME)) {
                setIfNotEmpty(context::setLastName, attributeValuesInContext);
            } else {
                context.setUserAttribute(attribute, attributeValuesInContext);
            }
        }
    }

setIfNotEmpty()

void org.keycloak.broker.saml.mappers.UserAttributeMapper.setIfNotEmpty ( Consumer< String >  consumer, List< String >  values  )

inlineprivate

                                                                               {
        if (values != null && !values.isEmpty()) {
            consumer.accept(values.get(0));
        }
    }

updateBrokeredUser()

void org.keycloak.broker.saml.mappers.UserAttributeMapper.updateBrokeredUser ( KeycloakSession  session, RealmModel  realm, UserModel  user, IdentityProviderMapperModel  mapperModel, BrokeredIdentityContext  context  )

inline

                                                                                                                                                                        {
        String attribute = mapperModel.getConfig().get(USER_ATTRIBUTE);
        if (StringUtil.isNullOrEmpty(attribute)) {
            return;
        }
        String attributeName = getAttributeNameFromMapperModel(mapperModel);
        List<String> attributeValuesInContext = findAttributeValuesInContext(attributeName, context);
        if (attribute.equalsIgnoreCase(EMAIL)) {
            setIfNotEmpty(user::setEmail, attributeValuesInContext);
        } else if (attribute.equalsIgnoreCase(FIRST_NAME)) {
            setIfNotEmpty(user::setFirstName, attributeValuesInContext);
        } else if (attribute.equalsIgnoreCase(LAST_NAME)) {
            setIfNotEmpty(user::setLastName, attributeValuesInContext);
        } else {
            List<String> currentAttributeValues = user.getAttributes().get(attribute);
            if (attributeValuesInContext == null) {
                // attribute no longer sent by brokered idp, remove it
                user.removeAttribute(attribute);
            } else if (currentAttributeValues == null) {
                // new attribute sent by brokered idp, add it
                user.setAttribute(attribute, attributeValuesInContext);
            } else if (!CollectionUtil.collectionEquals(attributeValuesInContext, currentAttributeValues)) {
                // attribute sent by brokered idp has different values as before, update it
                user.setAttribute(attribute, attributeValuesInContext);
            }
            // attribute allready set
        }
    }

メンバ詳解

ATTRIBUTE_FRIENDLY_NAME

final String org.keycloak.broker.saml.mappers.UserAttributeMapper.ATTRIBUTE_FRIENDLY_NAME = "attribute.friendly.name"

static

ATTRIBUTE_NAME

final String org.keycloak.broker.saml.mappers.UserAttributeMapper.ATTRIBUTE_NAME = "attribute.name"

static

COMPATIBLE_PROVIDERS

final String [] org.keycloak.broker.saml.mappers.UserAttributeMapper.COMPATIBLE_PROVIDERS = {SAMLIdentityProviderFactory.PROVIDER_ID}

static

configProperties

final List<ProviderConfigProperty> org.keycloak.broker.saml.mappers.UserAttributeMapper.configProperties = new ArrayList<>()

staticprivate

EMAIL

final String org.keycloak.broker.saml.mappers.UserAttributeMapper.EMAIL = "email"

staticprivate

FIRST_NAME

final String org.keycloak.broker.saml.mappers.UserAttributeMapper.FIRST_NAME = "firstName"

staticprivate

LAST_NAME

final String org.keycloak.broker.saml.mappers.UserAttributeMapper.LAST_NAME = "lastName"

staticprivate

PROVIDER_ID

final String org.keycloak.broker.saml.mappers.UserAttributeMapper.PROVIDER_ID = "saml-user-attribute-idp-mapper"

static

USER_ATTRIBUTE

final String org.keycloak.broker.saml.mappers.UserAttributeMapper.USER_ATTRIBUTE = "user.attribute"

static

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/broker/saml/mappers/UserAttributeMapper.java