|
abstract String | getIdPrefix () |
|
abstract String | generateSub (ProtocolMapperModel mappingModel, String sectorIdentifier, String localSub) |
|
List< ProviderConfigProperty > | getAdditionalConfigProperties () |
|
void | validateAdditionalConfig (KeycloakSession session, RealmModel realm, ProtocolMapperContainerModel mapperContainer, ProtocolMapperModel mapperModel) throws ProtocolMapperConfigException |
|
final String | getDisplayCategory () |
|
IDToken | transformIDToken (IDToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) |
|
AccessToken | transformAccessToken (AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) |
|
AccessToken | transformUserInfoToken (AccessToken token, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) |
|
final List< ProviderConfigProperty > | getConfigProperties () |
|
final void | validateConfig (KeycloakSession session, RealmModel realm, ProtocolMapperContainerModel mapperContainer, ProtocolMapperModel mapperModel) throws ProtocolMapperConfigException |
|
final String | getId () |
|
String | getProtocol () |
|
void | close () |
|
final ProtocolMapper | create (KeycloakSession session) |
|
void | init (Config.Scope config) |
|
void | postInit (KeycloakSessionFactory factory) |
|
|
void | setIDTokenSubject (IDToken token, String pairwiseSub) |
|
void | setAccessTokenSubject (IDToken token, String pairwiseSub) |
|
void | setUserInfoTokenSubject (IDToken token, String pairwiseSub) |
|
void | setClaim (IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession) |
|
void | setClaim (IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession) |
|
Set the 'sub' claim to pairwise .
- 著者
- Martin Hardselius
◆ close()
void org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.close |
( |
| ) |
|
|
inlineinherited |
◆ create()
final ProtocolMapper org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.create |
( |
KeycloakSession |
session | ) |
|
|
inlineinherited |
51 throw new RuntimeException(
"UNSUPPORTED METHOD");
◆ generateSub()
abstract String org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.generateSub |
( |
ProtocolMapperModel |
mappingModel, |
|
|
String |
sectorIdentifier, |
|
|
String |
localSub |
|
) |
| |
|
abstract |
Generates a pairwise subject identifier.
- 引数
-
mappingModel | |
sectorIdentifier | client sector identifier |
localSub | local subject identifier (user id) |
- 戻り値
- A pairwise subject identifier
◆ getAdditionalConfigProperties()
List<ProviderConfigProperty> org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.getAdditionalConfigProperties |
( |
| ) |
|
|
inline |
Override to add additional provider configuration properties. By default, a pairwise sub mapper will only contain configuration for a sector identifier URI.
- 戻り値
- A list of provider configuration properties.
46 return new LinkedList<>();
◆ getConfigProperties()
final List<ProviderConfigProperty> org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.getConfigProperties |
( |
| ) |
|
|
inline |
98 List<ProviderConfigProperty> configProperties =
new LinkedList<>();
99 configProperties.add(PairwiseSubMapperHelper.createSectorIdentifierConfig());
101 return configProperties;
List< ProviderConfigProperty > getAdditionalConfigProperties()
Definition: AbstractPairwiseSubMapper.java:45
◆ getDisplayCategory()
final String org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.getDisplayCategory |
( |
| ) |
|
|
inline |
63 return AbstractOIDCProtocolMapper.TOKEN_MAPPER_CATEGORY;
◆ getId()
final String org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.getId |
( |
| ) |
|
|
inline |
static final String PROVIDER_ID_SUFFIX
Definition: AbstractPairwiseSubMapper.java:26
abstract String getIdPrefix()
◆ getIdPrefix()
abstract String org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.getIdPrefix |
( |
| ) |
|
|
abstract |
◆ getProtocol()
String org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.getProtocol |
( |
| ) |
|
|
inlineinherited |
41 return OIDCLoginProtocol.LOGIN_PROTOCOL;
◆ getSectorIdentifier()
String org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.getSectorIdentifier |
( |
ClientModel |
client, |
|
|
ProtocolMapperModel |
mappingModel |
|
) |
| |
|
inlineprivate |
105 String sectorIdentifierUri = PairwiseSubMapperHelper.getSectorIdentifierUri(mappingModel);
106 if (sectorIdentifierUri != null && !sectorIdentifierUri.isEmpty()) {
107 return PairwiseSubMapperUtils.resolveValidSectorIdentifier(sectorIdentifierUri);
109 return PairwiseSubMapperUtils.resolveValidSectorIdentifier(client.getRootUrl(), client.getRedirectUris());
◆ init()
void org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.init |
( |
Config.Scope |
config | ) |
|
|
inlineinherited |
◆ postInit()
void org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.postInit |
( |
KeycloakSessionFactory |
factory | ) |
|
|
inlineinherited |
◆ setAccessTokenSubject()
void org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.setAccessTokenSubject |
( |
IDToken |
token, |
|
|
String |
pairwiseSub |
|
) |
| |
|
inlineprotected |
89 token.setSubject(pairwiseSub);
◆ setClaim() [1/2]
void org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.setClaim |
( |
IDToken |
token, |
|
|
ProtocolMapperModel |
mappingModel, |
|
|
UserSessionModel |
userSession |
|
) |
| |
|
inlineprotectedinherited |
◆ setClaim() [2/2]
void org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.setClaim |
( |
IDToken |
token, |
|
|
ProtocolMapperModel |
mappingModel, |
|
|
UserSessionModel |
userSession, |
|
|
KeycloakSession |
keycloakSession |
|
) |
| |
|
inlineprotectedinherited |
Intended to be overridden in ProtocolMapper implementations to add claims to an token.
- 引数
-
token | |
mappingModel | |
userSession | |
keycloakSession | |
117 setClaim(token, mappingModel, userSession);
void setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession)
Definition: AbstractOIDCProtocolMapper.java:105
◆ setIDTokenSubject()
void org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.setIDTokenSubject |
( |
IDToken |
token, |
|
|
String |
pairwiseSub |
|
) |
| |
|
inlineprotected |
85 token.setSubject(pairwiseSub);
◆ setUserInfoTokenSubject()
void org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.setUserInfoTokenSubject |
( |
IDToken |
token, |
|
|
String |
pairwiseSub |
|
) |
| |
|
inlineprotected |
93 token.getOtherClaims().put(
"sub", pairwiseSub);
◆ transformAccessToken()
AccessToken org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.transformAccessToken |
( |
AccessToken |
token, |
|
|
ProtocolMapperModel |
mappingModel, |
|
|
KeycloakSession |
session, |
|
|
UserSessionModel |
userSession, |
|
|
AuthenticatedClientSessionModel |
clientSession |
|
) |
| |
|
inline |
org.keycloak.protocol.oidc.mappers.OIDCAccessTokenMapperを実装しています。
abstract String generateSub(ProtocolMapperModel mappingModel, String sectorIdentifier, String localSub)
String getSectorIdentifier(ClientModel client, ProtocolMapperModel mappingModel)
Definition: AbstractPairwiseSubMapper.java:104
void setAccessTokenSubject(IDToken token, String pairwiseSub)
Definition: AbstractPairwiseSubMapper.java:88
◆ transformIDToken()
IDToken org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.transformIDToken |
( |
IDToken |
token, |
|
|
ProtocolMapperModel |
mappingModel, |
|
|
KeycloakSession |
session, |
|
|
UserSessionModel |
userSession, |
|
|
AuthenticatedClientSessionModel |
clientSession |
|
) |
| |
|
inline |
org.keycloak.protocol.oidc.mappers.OIDCIDTokenMapperを実装しています。
abstract String generateSub(ProtocolMapperModel mappingModel, String sectorIdentifier, String localSub)
String getSectorIdentifier(ClientModel client, ProtocolMapperModel mappingModel)
Definition: AbstractPairwiseSubMapper.java:104
void setIDTokenSubject(IDToken token, String pairwiseSub)
Definition: AbstractPairwiseSubMapper.java:84
◆ transformUserInfoToken()
AccessToken org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.transformUserInfoToken |
( |
AccessToken |
token, |
|
|
ProtocolMapperModel |
mappingModel, |
|
|
KeycloakSession |
session, |
|
|
UserSessionModel |
userSession, |
|
|
AuthenticatedClientSessionModel |
clientSession |
|
) |
| |
|
inline |
org.keycloak.protocol.oidc.mappers.UserInfoTokenMapperを実装しています。
void setUserInfoTokenSubject(IDToken token, String pairwiseSub)
Definition: AbstractPairwiseSubMapper.java:92
abstract String generateSub(ProtocolMapperModel mappingModel, String sectorIdentifier, String localSub)
String getSectorIdentifier(ClientModel client, ProtocolMapperModel mappingModel)
Definition: AbstractPairwiseSubMapper.java:104
◆ validateAdditionalConfig()
void org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.validateAdditionalConfig |
( |
KeycloakSession |
session, |
|
|
RealmModel |
realm, |
|
|
ProtocolMapperContainerModel |
mapperContainer, |
|
|
ProtocolMapperModel |
mapperModel |
|
) |
| throws ProtocolMapperConfigException |
|
inline |
Override to add additional configuration validation. Called when instance of mapperModel is created/updated for this protocolMapper through admin endpoint.
- 引数
-
session | |
realm | |
mapperContainer | client or clientScope |
mapperModel | |
- 例外
-
ProtocolMapperConfigException | if configuration provided in mapperModel is not valid |
◆ validateConfig()
final void org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.validateConfig |
( |
KeycloakSession |
session, |
|
|
RealmModel |
realm, |
|
|
ProtocolMapperContainerModel |
mapperContainer, |
|
|
ProtocolMapperModel |
mapperModel |
|
) |
| throws ProtocolMapperConfigException |
|
inline |
114 ClientModel client = null;
115 if (mapperContainer instanceof ClientModel) {
116 client = (ClientModel) mapperContainer;
117 PairwiseSubMapperValidator.validate(session, client, mapperModel);
void validateAdditionalConfig(KeycloakSession session, RealmModel realm, ProtocolMapperContainerModel mapperContainer, ProtocolMapperModel mapperModel)
Definition: AbstractPairwiseSubMapper.java:58
◆ PROVIDER_ID_SUFFIX
final String org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper.PROVIDER_ID_SUFFIX = "-pairwise-sub-mapper" |
|
static |
◆ TOKEN_MAPPER_CATEGORY
final String org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.TOKEN_MAPPER_CATEGORY = "Token mapper" |
|
staticinherited |
このクラス詳解は次のファイルから抽出されました: