Class ScriptBasedOIDCProtocolMapper
java.lang.Object
org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper
org.keycloak.protocol.oidc.mappers.ScriptBasedOIDCProtocolMapper
- All Implemented Interfaces:
OIDCAccessTokenMapper,OIDCAccessTokenResponseMapper,OIDCIDTokenMapper,TokenIntrospectionTokenMapper,UserInfoTokenMapper,ProtocolMapper,ConfiguredProvider,EnvironmentDependentProviderFactory,Provider,ProviderFactory<ProtocolMapper>
- Direct Known Subclasses:
DeployedScriptOIDCProtocolMapper
public class ScriptBasedOIDCProtocolMapper
extends AbstractOIDCProtocolMapper
implements OIDCAccessTokenMapper, OIDCIDTokenMapper, UserInfoTokenMapper, OIDCAccessTokenResponseMapper, TokenIntrospectionTokenMapper, EnvironmentDependentProviderFactory
OIDC
ProtocolMapper that uses a provided JavaScript fragment to compute the token claim value.- Author:
- Thomas Darimont
-
Field Summary
FieldsFields inherited from class org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper
TOKEN_MAPPER_CATEGORY -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic ProtocolMapperModelcreate(String name, String userAttribute, String tokenClaimName, String claimType, boolean accessToken, boolean idToken, boolean introspectionEndpoint, String script, boolean multiValued) getId()intPriority of this protocolMapper implementation.protected StringgetScriptCode(ProtocolMapperModel mapperModel) booleanisSupported(Config.Scope config) Check if the provider is supported and should be available based on the provider configuration.protected voidsetClaim(AccessTokenResponse accessTokenResponse, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx) Intended to be overridden inProtocolMapperimplementations to add claims to an token.protected voidsetClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx) Intended to be overridden inProtocolMapperimplementations to add claims to an token.voidvalidateConfig(KeycloakSession session, RealmModel realm, ProtocolMapperContainerModel client, ProtocolMapperModel mapperModel) Called when instance of mapperModel is created/updated for this protocolMapper through admin endpointMethods inherited from class org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper
close, create, getEffectiveModel, getProtocol, getShouldUseLightweightToken, init, postInit, setClaim, transformAccessToken, transformAccessTokenResponse, transformIDToken, transformIntrospectionToken, transformUserInfoTokenMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.keycloak.provider.ConfiguredProvider
getConfigMethods inherited from interface org.keycloak.protocol.oidc.mappers.OIDCAccessTokenMapper
transformAccessTokenMethods inherited from interface org.keycloak.protocol.oidc.mappers.OIDCAccessTokenResponseMapper
transformAccessTokenResponseMethods inherited from interface org.keycloak.protocol.oidc.mappers.OIDCIDTokenMapper
transformIDTokenMethods inherited from interface org.keycloak.provider.ProviderFactory
dependsOn, getConfigMetadata, orderMethods inherited from interface org.keycloak.protocol.oidc.mappers.TokenIntrospectionTokenMapper
transformIntrospectionTokenMethods inherited from interface org.keycloak.protocol.oidc.mappers.UserInfoTokenMapper
transformUserInfoToken
-
Field Details
-
PROVIDER_ID
- See Also:
-
SCRIPT
- See Also:
-
-
Constructor Details
-
ScriptBasedOIDCProtocolMapper
public ScriptBasedOIDCProtocolMapper()
-
-
Method Details
-
getConfigProperties
- Specified by:
getConfigPropertiesin interfaceConfiguredProvider
-
getId
- Specified by:
getIdin interfaceProviderFactory<ProtocolMapper>
-
getDisplayType
- Specified by:
getDisplayTypein interfaceProtocolMapper
-
getDisplayCategory
- Specified by:
getDisplayCategoryin interfaceProtocolMapper
-
getHelpText
- Specified by:
getHelpTextin interfaceConfiguredProvider
-
isSupported
Description copied from interface:EnvironmentDependentProviderFactoryCheck if the provider is supported and should be available based on the provider configuration.- Specified by:
isSupportedin interfaceEnvironmentDependentProviderFactory- Parameters:
config- the provider configuration- Returns:
trueif the provider is supported. Otherwise,false.
-
getPriority
public int getPriority()Description copied from interface:ProtocolMapperPriority of this protocolMapper implementation. Lower goes first.- Specified by:
getPriorityin interfaceProtocolMapper- Returns:
-
setClaim
protected void setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx) Description copied from class:AbstractOIDCProtocolMapperIntended to be overridden inProtocolMapperimplementations to add claims to an token.- Overrides:
setClaimin classAbstractOIDCProtocolMapper
-
setClaim
protected void setClaim(AccessTokenResponse accessTokenResponse, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx) Description copied from class:AbstractOIDCProtocolMapperIntended to be overridden inProtocolMapperimplementations to add claims to an token.- Overrides:
setClaimin classAbstractOIDCProtocolMapper
-
validateConfig
public void validateConfig(KeycloakSession session, RealmModel realm, ProtocolMapperContainerModel client, ProtocolMapperModel mapperModel) throws ProtocolMapperConfigException Description copied from interface:ProtocolMapperCalled when instance of mapperModel is created/updated for this protocolMapper through admin endpoint- Specified by:
validateConfigin interfaceProtocolMapperclient- client or clientTemplate- Throws:
ProtocolMapperConfigException- if configuration provided in mapperModel is not valid
-
getScriptCode
-
create
-