mirror of https://github.com/jacekkow/keycloak-protocol-cas

Jacek Kowalski
2023-11-24 f3460d82f87591ebf1260e02ef7565f5e8eb00f3
commit | author | age
7f7e0c 1 package org.keycloak.protocol.cas.mappers;
MP 2
89e3d7 3 import org.keycloak.models.*;
513246 4 import org.keycloak.models.utils.ModelToRepresentation;
7f7e0c 5 import org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper;
MP 6 import org.keycloak.provider.ProviderConfigProperty;
7
0ad1a9 8 import java.util.ArrayList;
MP 9 import java.util.LinkedList;
10 import java.util.List;
11 import java.util.Map;
ea9555 12 import java.util.stream.Collectors;
7f7e0c 13
MP 14 public class GroupMembershipMapper extends AbstractCASProtocolMapper {
15     private static final List<ProviderConfigProperty> configProperties = new ArrayList<ProviderConfigProperty>();
16
0ad1a9 17     private static final String FULL_PATH = "full.path";
MP 18
7f7e0c 19     static {
MP 20         OIDCAttributeMapperHelper.addTokenClaimNameConfig(configProperties);
21         ProviderConfigProperty property1 = new ProviderConfigProperty();
0ad1a9 22         property1.setName(FULL_PATH);
7f7e0c 23         property1.setLabel("Full group path");
MP 24         property1.setType(ProviderConfigProperty.BOOLEAN_TYPE);
25         property1.setDefaultValue("true");
26         property1.setHelpText("Include full path to group i.e. /top/level1/level2, false will just specify the group name");
27         configProperties.add(property1);
28     }
29
30     public static final String PROVIDER_ID = "cas-group-membership-mapper";
31
32
33     @Override
34     public List<ProviderConfigProperty> getConfigProperties() {
35         return configProperties;
36     }
37
38     @Override
39     public String getId() {
40         return PROVIDER_ID;
41     }
42
43     @Override
44     public String getDisplayType() {
45         return "Group Membership";
46     }
47
48     @Override
49     public String getHelpText() {
50         return "Map user group membership";
51     }
52
513246 53     @Override
89e3d7 54     public void setAttribute(Map<String, Object> attributes, ProtocolMapperModel mappingModel, UserSessionModel userSession,
MP 55                              KeycloakSession session, ClientSessionContext clientSessionCt) {
513246 56         List<String> membership = new LinkedList<>();
MP 57         boolean fullPath = useFullPath(mappingModel);
ea9555 58         for (GroupModel group : userSession.getUser().getGroupsStream().collect(Collectors.toSet())) {
513246 59             if (fullPath) {
MP 60                 membership.add(ModelToRepresentation.buildGroupPath(group));
61             } else {
62                 membership.add(group.getName());
63             }
64         }
0ad1a9 65         setPlainAttribute(attributes, mappingModel, membership);
513246 66     }
MP 67
7f7e0c 68     public static boolean useFullPath(ProtocolMapperModel mappingModel) {
0ad1a9 69         return "true".equals(mappingModel.getConfig().get(FULL_PATH));
7f7e0c 70     }
MP 71
b8d686 72     public static ProtocolMapperModel create(String name, String tokenClaimName, boolean fullPath) {
0ad1a9 73         ProtocolMapperModel mapper = CASAttributeMapperHelper.createClaimMapper(name, tokenClaimName,
b8d686 74                 "String", PROVIDER_ID);
0ad1a9 75         mapper.getConfig().put(FULL_PATH, Boolean.toString(fullPath));
7f7e0c 76         return mapper;
MP 77     }
78 }