org.keycloak.broker.saml.mappers.AttributeToRoleMapper の継承関係図

org.keycloak.broker.saml.mappers.AttributeToRoleMapper 連携図

公開メンバ関数
List< ProviderConfigProperty >	getConfigProperties ()

String	getId ()

String []	getCompatibleProviders ()

String	getDisplayCategory ()

String	getDisplayType ()

void	importNewUser (KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

void	updateBrokeredUser (KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

String	getHelpText ()

静的公開変数類
static final String []	COMPATIBLE_PROVIDERS = {SAMLIdentityProviderFactory.PROVIDER_ID}

static final String	ATTRIBUTE_NAME = "attribute.name"

static final String	ATTRIBUTE_FRIENDLY_NAME = "attribute.friendly.name"

static final String	ATTRIBUTE_VALUE = "attribute.value"

static final String	PROVIDER_ID = "saml-role-idp-mapper"

限定公開メンバ関数
boolean	isAttributePresent (IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

静的関数
	[static initializer]

静的非公開変数類
static final List< ProviderConfigProperty >	configProperties = new ArrayList<ProviderConfigProperty>()

詳解

著者: Bill Burke

バージョン

Revision: 1

関数詳解

◆ [static initializer]()

org.keycloak.broker.saml.mappers.AttributeToRoleMapper.[static initializer] ( )

inlinestaticpackage

◆ getCompatibleProviders()

String [] org.keycloak.broker.saml.mappers.AttributeToRoleMapper.getCompatibleProviders ( )

inline

                                              {
         return COMPATIBLE_PROVIDERS;
     }

◆ getConfigProperties()

List<ProviderConfigProperty> org.keycloak.broker.saml.mappers.AttributeToRoleMapper.getConfigProperties ( )

inline

                                                               {
         return configProperties;
     }

◆ getDisplayCategory()

String org.keycloak.broker.saml.mappers.AttributeToRoleMapper.getDisplayCategory ( )

inline

                                        {
         return "Role Mapper";
     }

◆ getDisplayType()

String org.keycloak.broker.saml.mappers.AttributeToRoleMapper.getDisplayType ( )

inline

                                    {
         return "SAML Attribute to Role";
     }

◆ getHelpText()

String org.keycloak.broker.saml.mappers.AttributeToRoleMapper.getHelpText ( )

inline

                                 {
         return "If a claim exists, grant the user the specified realm or application role.";
     }

◆ getId()

String org.keycloak.broker.saml.mappers.AttributeToRoleMapper.getId ( )

inline

                           {
         return PROVIDER_ID;
     }

◆ importNewUser()

void org.keycloak.broker.saml.mappers.AttributeToRoleMapper.importNewUser	(	KeycloakSession	session,
		RealmModel	realm,
		UserModel	user,
		IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inline

                                                                                                                                                                    {
         String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
         if (isAttributePresent(mapperModel, context)) {
             RoleModel role = KeycloakModelUtils.getRoleFromString(realm, roleName);
             if (role == null) throw new IdentityBrokerException("Unable to find role: " + roleName);
             user.grantRole(role);
         }
     }

◆ isAttributePresent()

boolean org.keycloak.broker.saml.mappers.AttributeToRoleMapper.isAttributePresent	(	IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inlineprotected

                                                                                                                    {
         String name = mapperModel.getConfig().get(ATTRIBUTE_NAME);
         if (name != null && name.trim().equals("")) name = null;
         String friendly = mapperModel.getConfig().get(ATTRIBUTE_FRIENDLY_NAME);
         if (friendly != null && friendly.trim().equals("")) friendly = null;
         String desiredValue = mapperModel.getConfig().get(ATTRIBUTE_VALUE);
         AssertionType assertion = (AssertionType)context.getContextData().get(SAMLEndpoint.SAML_ASSERTION);
         for (AttributeStatementType statement : assertion.getAttributeStatements()) {
             for (AttributeStatementType.ASTChoiceType choice : statement.getAttributes()) {
                 AttributeType attr = choice.getAttribute();
                 if (name != null && !name.equals(attr.getName())) continue;
                 if (friendly != null && !friendly.equals(attr.getFriendlyName())) continue;
                 for (Object val : attr.getAttributeValue()) {
                     if (val.equals(desiredValue)) return true;
                 }
             }
         }
         return false;
     }

◆ updateBrokeredUser()

void org.keycloak.broker.saml.mappers.AttributeToRoleMapper.updateBrokeredUser	(	KeycloakSession	session,
		RealmModel	realm,
		UserModel	user,
		IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inline

                                                                                                                                                                         {
         String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
         RoleModel role = KeycloakModelUtils.getRoleFromString(realm, roleName);
         if (role == null) throw new IdentityBrokerException("Unable to find role: " + roleName);
         if (!isAttributePresent(mapperModel, context)) {
             user.deleteRoleMapping(role);
         }else{
             user.grantRole(role);
         }
 
     }

メンバ詳解

◆ ATTRIBUTE_FRIENDLY_NAME

final String org.keycloak.broker.saml.mappers.AttributeToRoleMapper.ATTRIBUTE_FRIENDLY_NAME = "attribute.friendly.name"

static

◆ ATTRIBUTE_NAME

final String org.keycloak.broker.saml.mappers.AttributeToRoleMapper.ATTRIBUTE_NAME = "attribute.name"

static

◆ ATTRIBUTE_VALUE

final String org.keycloak.broker.saml.mappers.AttributeToRoleMapper.ATTRIBUTE_VALUE = "attribute.value"

static

◆ COMPATIBLE_PROVIDERS

final String [] org.keycloak.broker.saml.mappers.AttributeToRoleMapper.COMPATIBLE_PROVIDERS = {SAMLIdentityProviderFactory.PROVIDER_ID}

static

◆ configProperties

final List<ProviderConfigProperty> org.keycloak.broker.saml.mappers.AttributeToRoleMapper.configProperties = new ArrayList<ProviderConfigProperty>()

staticprivate

◆ PROVIDER_ID

final String org.keycloak.broker.saml.mappers.AttributeToRoleMapper.PROVIDER_ID = "saml-role-idp-mapper"

static

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/broker/saml/mappers/AttributeToRoleMapper.java

公開メンバ関数

静的公開変数類

限定公開メンバ関数

静的関数

静的非公開変数類

詳解

関数詳解

◆ [static initializer]()

◆ getCompatibleProviders()

◆ getConfigProperties()

◆ getDisplayCategory()

◆ getDisplayType()

◆ getHelpText()

◆ getId()

◆ importNewUser()

◆ isAttributePresent()

◆ updateBrokeredUser()

メンバ詳解

◆ ATTRIBUTE_FRIENDLY_NAME

◆ ATTRIBUTE_NAME

◆ ATTRIBUTE_VALUE

◆ COMPATIBLE_PROVIDERS

◆ configProperties

◆ PROVIDER_ID