libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-16606 add default value to mandatory LDAP attributes

Browse source
This commit is contained in:
Jiri Lunacek 2020-12-12 23:21:40 +01:00 committed by Hynek Mlnařík
parent c631013031
commit 91a51c2dbe
2 changed files with 14 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/UserAttributeLDAPStorageMapper.java
View file

@ -60,6 +60,7 @@ public class UserAttributeLDAPStorageMapper extends AbstractLDAPStorageMapper {
public static final String ALWAYS_READ_VALUE_FROM_LDAP = "always.read.value.from.ldap";
public static final String IS_MANDATORY_IN_LDAP = "is.mandatory.in.ldap";
public static final String IS_BINARY_ATTRIBUTE = "is.binary.attribute";
public static final String ATTRIBUTE_DEFAULT_VALUE = "attribute.default.value";
public UserAttributeLDAPStorageMapper(ComponentModel mapperModel, LDAPStorageProvider ldapProvider) {
super(mapperModel, ldapProvider);
@ -102,6 +103,7 @@ public class UserAttributeLDAPStorageMapper extends AbstractLDAPStorageMapper {
String userModelAttrName = getUserModelAttribute();
String ldapAttrName = getLdapAttributeName();
boolean isMandatoryInLdap = parseBooleanParameter(mapperModel, IS_MANDATORY_IN_LDAP);
String attributeDefaultValue = getAttributeDefaultValue();
Property<Object> userModelProperty = userModelProperties.get(userModelAttrName.toLowerCase());
@ -112,7 +114,7 @@ public class UserAttributeLDAPStorageMapper extends AbstractLDAPStorageMapper {
if (attrValue == null) {
if (isMandatoryInLdap) {
ldapUser.setSingleAttribute(ldapAttrName, LDAPConstants.EMPTY_ATTRIBUTE_VALUE);
ldapUser.setSingleAttribute(ldapAttrName, attributeDefaultValue);
} else {
ldapUser.setAttribute(ldapAttrName, new LinkedHashSet<String>());
}
@ -126,7 +128,7 @@ public class UserAttributeLDAPStorageMapper extends AbstractLDAPStorageMapper {
if (attrValues.isEmpty()) {
if (isMandatoryInLdap) {
ldapUser.setSingleAttribute(ldapAttrName, LDAPConstants.EMPTY_ATTRIBUTE_VALUE);
ldapUser.setSingleAttribute(ldapAttrName, attributeDefaultValue);
} else {
ldapUser.setAttribute(ldapAttrName, new LinkedHashSet<>());
}
@ -425,6 +427,11 @@ public class UserAttributeLDAPStorageMapper extends AbstractLDAPStorageMapper {
}
}
private String getAttributeDefaultValue() {
String attributeDefaultValue = mapperModel.getConfig().getFirst(ATTRIBUTE_DEFAULT_VALUE);
return (attributeDefaultValue == null || attributeDefaultValue.trim().isEmpty()) ? LDAPConstants.EMPTY_ATTRIBUTE_VALUE : attributeDefaultValue;
}
private String getUserModelAttribute() {
return mapperModel.getConfig().getFirst(USER_MODEL_ATTRIBUTE);
}

6
federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/UserAttributeLDAPStorageMapperFactory.java
View file

@ -72,9 +72,13 @@ public class UserAttributeLDAPStorageMapperFactory extends AbstractLDAPStorageMa
.type(ProviderConfigProperty.BOOLEAN_TYPE).defaultValue("false").add();
}
config.property().name(UserAttributeLDAPStorageMapper.IS_MANDATORY_IN_LDAP).label("Is Mandatory In LDAP")
.helpText("If true, attribute is mandatory in LDAP. Hence if there is no value in Keycloak DB, the empty value will be set to be propagated to LDAP")
.helpText("If true, attribute is mandatory in LDAP. Hence if there is no value in Keycloak DB, the default or empty value will be set to be propagated to LDAP")
.type(ProviderConfigProperty.BOOLEAN_TYPE)
.defaultValue("false").add()
.property().name(UserAttributeLDAPStorageMapper.ATTRIBUTE_DEFAULT_VALUE).label("Attribute default value")
.helpText("If there is no value in Keycloak DB and attribute is mandatory in LDAP, this value will be propagated to LDAP")
.type(ProviderConfigProperty.STRING_TYPE)
.defaultValue("").add()
.property().name(UserAttributeLDAPStorageMapper.IS_BINARY_ATTRIBUTE).label("Is Binary Attribute")
.helpText("Should be true for binary LDAP attributes")
.type(ProviderConfigProperty.BOOLEAN_TYPE)