c3b577de11
Moved methods `transformUserInfoToken`, `transformAccessToken`, `transformIDToken` to the `AbstractOIDCProtocolMapper` base class in order to reduce code duplication. Previously every mapper implemented at least one or two of those methods with exactly the same code. Having those methods in the base class ensures that the code is the same for all mappers. Since the mentioned methods are declared on the `OIDCIDTokenMapper`, `OIDCAccessTokenMapper` and `UserInfoTokenMapper` interfaces `AbstractOIDCProtocolMapper` implementations can now choose how they should be handled by the `TokenManager` by implementing the desired set of interfaces `*TokenMapper`-interfaces. I think this provides a good balance between ease of use, reduced code duplication and ensured backwards compatiblity. Existing protocol mapper implementations will still work since they just implement their own logic for `transformUserInfoToken`, `transformAccessToken`, `transformIDToken`. The "claim" information provided by a `ProtocolMapper` to a `*Token` can now be provided by overriding the `AbstractOIDCProtocolMapper.setClaim` method. Adapted all eligible ProtocolMapper implementations within the `org.keycloak.protocol.oidc.mappers` package accordingly. |
||
---|---|---|
.. | ||
oidc | ||
saml | ||
AuthorizationEndpointBase.java | ||
ProtocolMapperUtils.java | ||
RestartLoginCookie.java |