mirror of https://github.com/jacekkow/keycloak-protocol-cas
view | history | commit | commitdiff
Matthias Piepkorn
2017-01-27 513246cc7262ee2c63599608764cea538f6413f6
commit | author | age
7f7e0c 1 package org.keycloak.protocol.cas.mappers;
MP 2
513246 3 import org.keycloak.models.GroupModel;
7f7e0c 4 import org.keycloak.models.ProtocolMapperModel;
513246 5 import org.keycloak.models.UserSessionModel;
MP 6 import org.keycloak.models.utils.ModelToRepresentation;
7f7e0c 7 import org.keycloak.protocol.cas.CASLoginProtocol;
MP 8 import org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper;
9 import org.keycloak.provider.ProviderConfigProperty;
10
513246 11 import java.util.*;
7f7e0c 12
MP 13 public class GroupMembershipMapper extends AbstractCASProtocolMapper {
14     private static final List<ProviderConfigProperty> configProperties = new ArrayList<ProviderConfigProperty>();
15
16     static {
17         OIDCAttributeMapperHelper.addTokenClaimNameConfig(configProperties);
18         ProviderConfigProperty property1 = new ProviderConfigProperty();
19         property1.setName("full.path");
20         property1.setLabel("Full group path");
21         property1.setType(ProviderConfigProperty.BOOLEAN_TYPE);
22         property1.setDefaultValue("true");
23         property1.setHelpText("Include full path to group i.e. /top/level1/level2, false will just specify the group name");
24         configProperties.add(property1);
25     }
26
27     public static final String PROVIDER_ID = "cas-group-membership-mapper";
28
29
30     @Override
31     public List<ProviderConfigProperty> getConfigProperties() {
32         return configProperties;
33     }
34
35     @Override
36     public String getId() {
37         return PROVIDER_ID;
38     }
39
40     @Override
41     public String getDisplayType() {
42         return "Group Membership";
43     }
44
45     @Override
46     public String getHelpText() {
47         return "Map user group membership";
48     }
49
513246 50     @Override
MP 51     public void setAttribute(Map<String, Object> attributes, ProtocolMapperModel mappingModel, UserSessionModel userSession) {
52         List<String> membership = new LinkedList<>();
53         boolean fullPath = useFullPath(mappingModel);
54         for (GroupModel group : userSession.getUser().getGroups()) {
55             if (fullPath) {
56                 membership.add(ModelToRepresentation.buildGroupPath(group));
57             } else {
58                 membership.add(group.getName());
59             }
60         }
61         String protocolClaim = mappingModel.getConfig().get(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME);
62
63         attributes.put(protocolClaim, membership);
64     }
65
7f7e0c 66     public static boolean useFullPath(ProtocolMapperModel mappingModel) {
MP 67         return "true".equals(mappingModel.getConfig().get("full.path"));
68     }
69
70     public static ProtocolMapperModel create(String name, String tokenClaimName,
71                                              boolean consentRequired, String consentText, boolean fullPath) {
72         ProtocolMapperModel mapper = new ProtocolMapperModel();
73         mapper.setName(name);
74         mapper.setProtocolMapper(PROVIDER_ID);
75         mapper.setProtocol(CASLoginProtocol.LOGIN_PROTOCOL);
76         mapper.setConsentRequired(consentRequired);
77         mapper.setConsentText(consentText);
78         Map<String, String> config = new HashMap<String, String>();
79         config.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, tokenClaimName);
80         config.put("full.path", Boolean.toString(fullPath));
81         mapper.setConfig(config);
82
83         return mapper;
84     }
85 }