Merge pull request #1292 from mposolda/ldap2
Ldap enhancements + Make admin requests to have RealmModel and ClientModel available
This commit is contained in:
commit
90cb3acd2f
16 changed files with 104 additions and 39 deletions
|
@ -35,11 +35,6 @@ public abstract class AbstractLDAPFederationMapperFactory implements UserFederat
|
||||||
public void postInit(KeycloakSessionFactory factory) {
|
public void postInit(KeycloakSessionFactory factory) {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public List<ProviderConfigProperty> getConfigProperties() {
|
|
||||||
throw new IllegalStateException("Method not supported for this implementation");
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void close() {
|
public void close() {
|
||||||
}
|
}
|
||||||
|
|
|
@ -46,7 +46,7 @@ public class FullNameLDAPFederationMapperFactory extends AbstractLDAPFederationM
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public List<ProviderConfigProperty> getConfigProperties(RealmModel realm) {
|
public List<ProviderConfigProperty> getConfigProperties() {
|
||||||
return configProperties;
|
return configProperties;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -59,7 +59,10 @@ public class RoleLDAPFederationMapperFactory extends AbstractLDAPFederationMappe
|
||||||
"If true, then LDAP role mappings will be mapped to realm role mappings in Keycloak. Otherwise it will be mapped to client role mappings", ProviderConfigProperty.BOOLEAN_TYPE, "true");
|
"If true, then LDAP role mappings will be mapped to realm role mappings in Keycloak. Otherwise it will be mapped to client role mappings", ProviderConfigProperty.BOOLEAN_TYPE, "true");
|
||||||
configProperties.add(useRealmRolesMappings);
|
configProperties.add(useRealmRolesMappings);
|
||||||
|
|
||||||
// NOTE: ClientID will be computed dynamically from available clients
|
ProviderConfigProperty clientIdProperty = createConfigProperty(RoleLDAPFederationMapper.CLIENT_ID, "Client ID",
|
||||||
|
"Client ID of client to which LDAP role mappings will be mapped. Applicable just if 'Use Realm Roles Mapping' is false",
|
||||||
|
ProviderConfigProperty.CLIENT_LIST_TYPE, null);
|
||||||
|
configProperties.add(clientIdProperty);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -78,18 +81,8 @@ public class RoleLDAPFederationMapperFactory extends AbstractLDAPFederationMappe
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public List<ProviderConfigProperty> getConfigProperties(RealmModel realm) {
|
public List<ProviderConfigProperty> getConfigProperties() {
|
||||||
List<ProviderConfigProperty> props = new ArrayList<ProviderConfigProperty>(configProperties);
|
return configProperties;
|
||||||
|
|
||||||
Map<String, ClientModel> clients = realm.getClientNameMap();
|
|
||||||
List<String> clientIds = new ArrayList<String>(clients.keySet());
|
|
||||||
|
|
||||||
ProviderConfigProperty clientIdProperty = createConfigProperty(RoleLDAPFederationMapper.CLIENT_ID, "Client ID",
|
|
||||||
"Client ID of client to which LDAP role mappings will be mapped. Applicable just if 'Use Realm Roles Mapping' is false",
|
|
||||||
ProviderConfigProperty.LIST_TYPE, clientIds);
|
|
||||||
props.add(clientIdProperty);
|
|
||||||
|
|
||||||
return props;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
@ -48,7 +48,7 @@ public class UserAttributeLDAPFederationMapperFactory extends AbstractLDAPFedera
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public List<ProviderConfigProperty> getConfigProperties(RealmModel realm) {
|
public List<ProviderConfigProperty> getConfigProperties() {
|
||||||
return configProperties;
|
return configProperties;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -984,7 +984,10 @@ module.config([ '$routeProvider', function($routeProvider) {
|
||||||
},
|
},
|
||||||
mapper : function(UserFederationMapperLoader) {
|
mapper : function(UserFederationMapperLoader) {
|
||||||
return UserFederationMapperLoader();
|
return UserFederationMapperLoader();
|
||||||
}
|
},
|
||||||
|
clients : function(ClientListLoader) {
|
||||||
|
return ClientListLoader();
|
||||||
|
},
|
||||||
},
|
},
|
||||||
controller : 'UserFederationMapperCtrl'
|
controller : 'UserFederationMapperCtrl'
|
||||||
})
|
})
|
||||||
|
@ -1000,6 +1003,9 @@ module.config([ '$routeProvider', function($routeProvider) {
|
||||||
mapperTypes : function(UserFederationMapperTypesLoader) {
|
mapperTypes : function(UserFederationMapperTypesLoader) {
|
||||||
return UserFederationMapperTypesLoader();
|
return UserFederationMapperTypesLoader();
|
||||||
},
|
},
|
||||||
|
clients : function(ClientListLoader) {
|
||||||
|
return ClientListLoader();
|
||||||
|
}
|
||||||
},
|
},
|
||||||
controller : 'UserFederationMapperCreateCtrl'
|
controller : 'UserFederationMapperCreateCtrl'
|
||||||
})
|
})
|
||||||
|
|
|
@ -754,10 +754,11 @@ module.controller('UserFederationMapperListCtrl', function($scope, $location, No
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
module.controller('UserFederationMapperCtrl', function($scope, realm, provider, mapperTypes, mapper, UserFederationMapper, Notifications, Dialog, $location) {
|
module.controller('UserFederationMapperCtrl', function($scope, realm, provider, mapperTypes, mapper, clients, UserFederationMapper, Notifications, Dialog, $location) {
|
||||||
console.log('UserFederationMapperCtrl');
|
console.log('UserFederationMapperCtrl');
|
||||||
$scope.realm = realm;
|
$scope.realm = realm;
|
||||||
$scope.provider = provider;
|
$scope.provider = provider;
|
||||||
|
$scope.clients = clients;
|
||||||
$scope.create = false;
|
$scope.create = false;
|
||||||
$scope.mapper = angular.copy(mapper);
|
$scope.mapper = angular.copy(mapper);
|
||||||
$scope.changed = false;
|
$scope.changed = false;
|
||||||
|
@ -780,10 +781,10 @@ module.controller('UserFederationMapperCtrl', function($scope, realm, provider,
|
||||||
$location.url("/realms/" + realm.realm + '/user-federation/providers/' + provider.providerName + '/' + provider.id + '/mappers/' + mapper.id);
|
$location.url("/realms/" + realm.realm + '/user-federation/providers/' + provider.providerName + '/' + provider.id + '/mappers/' + mapper.id);
|
||||||
Notifications.success("Your changes have been saved.");
|
Notifications.success("Your changes have been saved.");
|
||||||
}, function(error) {
|
}, function(error) {
|
||||||
if (error.status == 400) {
|
if (error.status == 400 && error.data.error_description) {
|
||||||
Notifications.error('Error in configuration of mapper: ' + error.data.error_description);
|
Notifications.error('Error in configuration of mapper: ' + error.data.error_description);
|
||||||
} else {
|
} else {
|
||||||
Notification.error('Unexpected error when creating mapper');
|
Notifications.error('Unexpected error when creating mapper');
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
@ -808,10 +809,11 @@ module.controller('UserFederationMapperCtrl', function($scope, realm, provider,
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
module.controller('UserFederationMapperCreateCtrl', function($scope, realm, provider, mapperTypes, UserFederationMapper, Notifications, Dialog, $location) {
|
module.controller('UserFederationMapperCreateCtrl', function($scope, realm, provider, mapperTypes, clients, UserFederationMapper, Notifications, Dialog, $location) {
|
||||||
console.log('UserFederationMapperCreateCtrl');
|
console.log('UserFederationMapperCreateCtrl');
|
||||||
$scope.realm = realm;
|
$scope.realm = realm;
|
||||||
$scope.provider = provider;
|
$scope.provider = provider;
|
||||||
|
$scope.clients = clients;
|
||||||
$scope.create = true;
|
$scope.create = true;
|
||||||
$scope.mapper = { federationProviderDisplayName: provider.displayName, config: {}};
|
$scope.mapper = { federationProviderDisplayName: provider.displayName, config: {}};
|
||||||
$scope.mapperTypes = mapperTypes;
|
$scope.mapperTypes = mapperTypes;
|
||||||
|
@ -844,10 +846,10 @@ module.controller('UserFederationMapperCreateCtrl', function($scope, realm, prov
|
||||||
$location.url('/realms/' + realm.realm +'/user-federation/providers/' + provider.providerName + '/' + provider.id + '/mappers/' + id);
|
$location.url('/realms/' + realm.realm +'/user-federation/providers/' + provider.providerName + '/' + provider.id + '/mappers/' + id);
|
||||||
Notifications.success("Mapper has been created.");
|
Notifications.success("Mapper has been created.");
|
||||||
}, function(error) {
|
}, function(error) {
|
||||||
if (error.status == 400) {
|
if (error.status == 400 && error.data.error_description) {
|
||||||
Notifications.error('Error in configuration of mapper: ' + error.data.error_description);
|
Notifications.error('Error in configuration of mapper: ' + error.data.error_description);
|
||||||
} else {
|
} else {
|
||||||
Notification.error('Unexpected error when creating mapper');
|
Notifications.error('Unexpected error when creating mapper');
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
|
@ -47,7 +47,7 @@
|
||||||
<div data-ng-repeat="option in mapperType.properties" class="form-group">
|
<div data-ng-repeat="option in mapperType.properties" class="form-group">
|
||||||
<label class="col-md-2 control-label">{{option.label}}</label>
|
<label class="col-md-2 control-label">{{option.label}}</label>
|
||||||
|
|
||||||
<div class="col-sm-4" data-ng-hide="option.type == 'boolean' || option.type == 'List'">
|
<div class="col-sm-4" data-ng-show="option.type == 'String'">
|
||||||
<input class="form-control" type="text" data-ng-model="mapper.config[ option.name ]">
|
<input class="form-control" type="text" data-ng-model="mapper.config[ option.name ]">
|
||||||
</div>
|
</div>
|
||||||
<div class="col-sm-4" data-ng-show="option.type == 'boolean'">
|
<div class="col-sm-4" data-ng-show="option.type == 'boolean'">
|
||||||
|
@ -58,6 +58,11 @@
|
||||||
<option value="" selected> Select one... </option>
|
<option value="" selected> Select one... </option>
|
||||||
</select>
|
</select>
|
||||||
</div>
|
</div>
|
||||||
|
<div class="col-sm-4" data-ng-show="option.type == 'ClientList'">
|
||||||
|
<select ng-model="mapper.config[ option.name ]" ng-options="client.clientId as client.clientId for client in clients">
|
||||||
|
<option value="" selected> Select one... </option>
|
||||||
|
</select>
|
||||||
|
</div>
|
||||||
<kc-tooltip>{{option.helpText}}</kc-tooltip>
|
<kc-tooltip>{{option.helpText}}</kc-tooltip>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
|
@ -31,6 +31,4 @@ public interface UserFederationMapperFactory extends ProviderFactory<UserFederat
|
||||||
*/
|
*/
|
||||||
void validateConfig(UserFederationMapperModel mapperModel) throws MapperConfigValidationException;
|
void validateConfig(UserFederationMapperModel mapperModel) throws MapperConfigValidationException;
|
||||||
|
|
||||||
// TODO: Remove this and add realm to the method on ConfiguredProvider?
|
|
||||||
List<ProviderConfigProperty> getConfigProperties(RealmModel realm);
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -71,6 +71,6 @@ public class LDAPConstants {
|
||||||
public static final String CUSTOM_ATTRIBUTE_EXPIRY_DATE = "expiryDate";
|
public static final String CUSTOM_ATTRIBUTE_EXPIRY_DATE = "expiryDate";
|
||||||
public static final String ENTRY_UUID = "entryUUID";
|
public static final String ENTRY_UUID = "entryUUID";
|
||||||
public static final String OBJECT_GUID = "objectGUID";
|
public static final String OBJECT_GUID = "objectGUID";
|
||||||
public static final String CREATE_TIMESTAMP = "createTimeStamp";
|
public static final String CREATE_TIMESTAMP = "createTimestamp";
|
||||||
public static final String MODIFY_TIMESTAMP = "modifyTimeStamp";
|
public static final String MODIFY_TIMESTAMP = "modifyTimestamp";
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,6 +8,7 @@ public class ProviderConfigProperty {
|
||||||
public static final String BOOLEAN_TYPE="boolean";
|
public static final String BOOLEAN_TYPE="boolean";
|
||||||
public static final String STRING_TYPE="String";
|
public static final String STRING_TYPE="String";
|
||||||
public static final String LIST_TYPE="List";
|
public static final String LIST_TYPE="List";
|
||||||
|
public static final String CLIENT_LIST_TYPE="ClientList";
|
||||||
|
|
||||||
protected String name;
|
protected String name;
|
||||||
protected String label;
|
protected String label;
|
||||||
|
|
|
@ -118,6 +118,9 @@ public class ClientsResource {
|
||||||
if (clientModel == null) {
|
if (clientModel == null) {
|
||||||
throw new NotFoundException("Could not find client: " + name);
|
throw new NotFoundException("Could not find client: " + name);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
session.getContext().setClient(clientModel);
|
||||||
|
|
||||||
ClientResource clientResource = new ClientResource(realm, auth, clientModel, session, adminEvent);
|
ClientResource clientResource = new ClientResource(realm, auth, clientModel, session, adminEvent);
|
||||||
ResteasyProviderFactory.getInstance().injectProperties(clientResource);
|
ResteasyProviderFactory.getInstance().injectProperties(clientResource);
|
||||||
return clientResource;
|
return clientResource;
|
||||||
|
|
|
@ -438,8 +438,8 @@ public class RealmAdminResource {
|
||||||
/**
|
/**
|
||||||
* Query admin events. Returns all admin events, or will query based on URL query parameters listed here
|
* Query admin events. Returns all admin events, or will query based on URL query parameters listed here
|
||||||
*
|
*
|
||||||
* @param client app or oauth client name
|
* @param authRealm
|
||||||
* @param operationTypes operation type
|
* @param authClient
|
||||||
* @param authUser user id
|
* @param authUser user id
|
||||||
* @param authIpAddress
|
* @param authIpAddress
|
||||||
* @param resourcePath
|
* @param resourcePath
|
||||||
|
|
|
@ -227,6 +227,7 @@ public class RealmsAdminResource {
|
||||||
}
|
}
|
||||||
|
|
||||||
AdminEventBuilder adminEvent = new AdminEventBuilder(realm, auth, session, clientConnection);
|
AdminEventBuilder adminEvent = new AdminEventBuilder(realm, auth, session, clientConnection);
|
||||||
|
session.getContext().setRealm(realm);
|
||||||
|
|
||||||
RealmAdminResource adminResource = new RealmAdminResource(realmAuth, realm, tokenManager, adminEvent);
|
RealmAdminResource adminResource = new RealmAdminResource(realmAuth, realm, tokenManager, adminEvent);
|
||||||
ResteasyProviderFactory.getInstance().injectProperties(adminResource);
|
ResteasyProviderFactory.getInstance().injectProperties(adminResource);
|
||||||
|
|
|
@ -171,7 +171,7 @@ public class UserFederationProviderResource {
|
||||||
rep.setCategory(mapperFactory.getDisplayCategory());
|
rep.setCategory(mapperFactory.getDisplayCategory());
|
||||||
rep.setName(mapperFactory.getDisplayType());
|
rep.setName(mapperFactory.getDisplayType());
|
||||||
rep.setHelpText(mapperFactory.getHelpText());
|
rep.setHelpText(mapperFactory.getHelpText());
|
||||||
List<ProviderConfigProperty> configProperties = mapperFactory.getConfigProperties(realm);
|
List<ProviderConfigProperty> configProperties = mapperFactory.getConfigProperties();
|
||||||
for (ProviderConfigProperty prop : configProperties) {
|
for (ProviderConfigProperty prop : configProperties) {
|
||||||
ConfigPropertyRepresentation propRep = new ConfigPropertyRepresentation();
|
ConfigPropertyRepresentation propRep = new ConfigPropertyRepresentation();
|
||||||
propRep.setName(prop.getName());
|
propRep.setName(prop.getName());
|
||||||
|
|
|
@ -13,6 +13,10 @@ import org.keycloak.federation.ldap.LDAPFederationProvider;
|
||||||
import org.keycloak.federation.ldap.LDAPFederationProviderFactory;
|
import org.keycloak.federation.ldap.LDAPFederationProviderFactory;
|
||||||
import org.keycloak.federation.ldap.LDAPUtils;
|
import org.keycloak.federation.ldap.LDAPUtils;
|
||||||
import org.keycloak.federation.ldap.idm.model.LDAPObject;
|
import org.keycloak.federation.ldap.idm.model.LDAPObject;
|
||||||
|
import org.keycloak.federation.ldap.mappers.FullNameLDAPFederationMapper;
|
||||||
|
import org.keycloak.federation.ldap.mappers.FullNameLDAPFederationMapperFactory;
|
||||||
|
import org.keycloak.federation.ldap.mappers.UserAttributeLDAPFederationMapper;
|
||||||
|
import org.keycloak.federation.ldap.mappers.UserAttributeLDAPFederationMapperFactory;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.LDAPConstants;
|
import org.keycloak.models.LDAPConstants;
|
||||||
|
@ -20,9 +24,11 @@ import org.keycloak.models.ModelReadOnlyException;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.UserCredentialModel;
|
import org.keycloak.models.UserCredentialModel;
|
||||||
import org.keycloak.models.UserCredentialValueModel;
|
import org.keycloak.models.UserCredentialValueModel;
|
||||||
|
import org.keycloak.models.UserFederationMapperModel;
|
||||||
import org.keycloak.models.UserFederationProvider;
|
import org.keycloak.models.UserFederationProvider;
|
||||||
import org.keycloak.models.UserFederationProviderModel;
|
import org.keycloak.models.UserFederationProviderModel;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
|
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
import org.keycloak.testsuite.OAuthClient;
|
import org.keycloak.testsuite.OAuthClient;
|
||||||
import org.keycloak.testsuite.pages.AccountPasswordPage;
|
import org.keycloak.testsuite.pages.AccountPasswordPage;
|
||||||
|
@ -36,7 +42,9 @@ import org.keycloak.testsuite.rule.WebResource;
|
||||||
import org.keycloak.testsuite.rule.WebRule;
|
import org.keycloak.testsuite.rule.WebRule;
|
||||||
import org.openqa.selenium.WebDriver;
|
import org.openqa.selenium.WebDriver;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
|
||||||
|
@ -264,6 +272,55 @@ public class FederationProvidersIntegrationTest {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testFullNameMapper() {
|
||||||
|
KeycloakSession session = keycloakRule.startSession();
|
||||||
|
UserFederationMapperModel firstNameMapper = null;
|
||||||
|
|
||||||
|
try {
|
||||||
|
RealmModel appRealm = new RealmManager(session).getRealmByName("test");
|
||||||
|
|
||||||
|
// assert that user "fullnameUser" is not in local DB
|
||||||
|
Assert.assertNull(session.users().getUserByUsername("fullname", appRealm));
|
||||||
|
|
||||||
|
// Add the user with some fullName into LDAP directly. Ensure that fullName is saved into "cn" attribute in LDAP (currently mapped to model firstName)
|
||||||
|
LDAPFederationProvider ldapFedProvider = FederationTestUtils.getLdapProvider(session, ldapModel);
|
||||||
|
FederationTestUtils.addLDAPUser(ldapFedProvider, appRealm, "fullname", "James Dee", "Dee", "fullname@email.org", "4578");
|
||||||
|
|
||||||
|
// add fullname mapper to the provider and remove "firstNameMapper"
|
||||||
|
UserFederationMapperModel fullNameMapperModel = KeycloakModelUtils.createUserFederationMapperModel("full name", ldapModel.getId(), FullNameLDAPFederationMapperFactory.PROVIDER_ID,
|
||||||
|
FullNameLDAPFederationMapper.LDAP_FULL_NAME_ATTRIBUTE, LDAPConstants.CN,
|
||||||
|
UserAttributeLDAPFederationMapper.READ_ONLY, "false");
|
||||||
|
appRealm.addUserFederationMapper(fullNameMapperModel);
|
||||||
|
|
||||||
|
firstNameMapper = appRealm.getUserFederationMapperByName(ldapModel.getId(), "first name");
|
||||||
|
appRealm.removeUserFederationMapper(firstNameMapper);
|
||||||
|
|
||||||
|
// Assert user is successfully imported in Keycloak DB now with correct firstName and lastName
|
||||||
|
FederationTestUtils.assertUserImported(session.users(), appRealm, "fullname", "James", "Dee", "fullname@email.org", "4578");
|
||||||
|
} finally {
|
||||||
|
keycloakRule.stopSession(session, true);
|
||||||
|
}
|
||||||
|
|
||||||
|
session = keycloakRule.startSession();
|
||||||
|
try {
|
||||||
|
RealmModel appRealm = new RealmManager(session).getRealmByName("test");
|
||||||
|
|
||||||
|
// Remove "fullnameUser" to assert he is removed from LDAP. Revert mappers to previous state
|
||||||
|
UserModel fullnameUser = session.users().getUserByUsername("fullname", appRealm);
|
||||||
|
session.users().removeUser(appRealm, fullnameUser);
|
||||||
|
|
||||||
|
// Revert mappers
|
||||||
|
UserFederationMapperModel fullNameMapperModel = appRealm.getUserFederationMapperByName(ldapModel.getId(), "full name");
|
||||||
|
appRealm.removeUserFederationMapper(fullNameMapperModel);
|
||||||
|
|
||||||
|
firstNameMapper.setId(null);
|
||||||
|
appRealm.addUserFederationMapper(firstNameMapper);
|
||||||
|
} finally {
|
||||||
|
keycloakRule.stopSession(session, true);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testReadonly() {
|
public void testReadonly() {
|
||||||
KeycloakSession session = keycloakRule.startSession();
|
KeycloakSession session = keycloakRule.startSession();
|
||||||
|
|
|
@ -91,9 +91,13 @@ class FederationTestUtils {
|
||||||
}
|
}
|
||||||
|
|
||||||
public static void addZipCodeLDAPMapper(RealmModel realm, UserFederationProviderModel providerModel) {
|
public static void addZipCodeLDAPMapper(RealmModel realm, UserFederationProviderModel providerModel) {
|
||||||
UserFederationMapperModel mapperModel = KeycloakModelUtils.createUserFederationMapperModel("zipCodeMapper", providerModel.getId(), UserAttributeLDAPFederationMapperFactory.PROVIDER_ID,
|
addUserAttributeMapper(realm, providerModel, "zipCodeMapper", "postal_code", LDAPConstants.POSTAL_CODE);
|
||||||
UserAttributeLDAPFederationMapper.USER_MODEL_ATTRIBUTE, "postal_code",
|
}
|
||||||
UserAttributeLDAPFederationMapper.LDAP_ATTRIBUTE, LDAPConstants.POSTAL_CODE,
|
|
||||||
|
public static void addUserAttributeMapper(RealmModel realm, UserFederationProviderModel providerModel, String mapperName, String userModelAttributeName, String ldapAttributeName) {
|
||||||
|
UserFederationMapperModel mapperModel = KeycloakModelUtils.createUserFederationMapperModel(mapperName, providerModel.getId(), UserAttributeLDAPFederationMapperFactory.PROVIDER_ID,
|
||||||
|
UserAttributeLDAPFederationMapper.USER_MODEL_ATTRIBUTE, userModelAttributeName,
|
||||||
|
UserAttributeLDAPFederationMapper.LDAP_ATTRIBUTE, ldapAttributeName,
|
||||||
UserAttributeLDAPFederationMapper.READ_ONLY, "false");
|
UserAttributeLDAPFederationMapper.READ_ONLY, "false");
|
||||||
realm.addUserFederationMapper(mapperModel);
|
realm.addUserFederationMapper(mapperModel);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue