add scim-skip attribute

This commit is contained in:
Hugo Renard 2022-09-23 17:34:09 +02:00
parent ad8be9cbb7
commit 1e3ae07e72
Signed by: hougo
GPG key ID: 3A285FD470209C59
4 changed files with 6 additions and 0 deletions

View file

@ -25,6 +25,7 @@ public abstract class Adapter<M extends RoleMapperModel, S extends com.unboundid
protected String id;
protected String externalId;
protected Boolean skip = false;
public Adapter(KeycloakSession session, String componentId, String type, Logger logger) {
this.session = session;

View file

@ -14,6 +14,7 @@ import com.unboundid.scim2.common.types.GroupResource;
import com.unboundid.scim2.common.types.Member;
import com.unboundid.scim2.common.types.Meta;
import org.apache.commons.lang.StringUtils;
import org.jboss.logging.Logger;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
@ -50,6 +51,7 @@ public class GroupAdapter extends Adapter<GroupModel, GroupResource> {
.getGroupMembersStream(session.getContext().getRealm(), group)
.map(x -> x.getId())
.collect(Collectors.toSet());
this.skip = StringUtils.equals(group.getFirstAttribute("scim-skip"), "true");
}
@Override

View file

@ -78,6 +78,7 @@ public class ScimClient {
M kcModel) {
var adapter = getAdapter(aClass);
adapter.apply(kcModel);
if (adapter.skip) return;
// If mapping exist then it was created by import so skip.
if (adapter.query("findById", adapter.getId()).getResultList().size() != 0) {
return;
@ -102,6 +103,7 @@ public class ScimClient {
var adapter = getAdapter(aClass);
try {
adapter.apply(kcModel);
if (adapter.skip) return;
var resource = adapter.query("findById", adapter.getId()).getSingleResult();
adapter.apply(resource);
var retry = registry.retry("replace-" + adapter.getId());

View file

@ -110,6 +110,7 @@ public class UserAdapter extends Adapter<UserModel, UserResource> {
var roles = new String[rolesSet.size()];
rolesSet.toArray(roles);
setRoles(roles);
this.skip = StringUtils.equals(user.getFirstAttribute("scim-skip"), "true");
}
@Override