Examples with ProtocolMapperModel org.keycloak.models.ProtocolMapperModel used on opensource projects

Example 41 with ProtocolMapperModel

use of org.keycloak.models.ProtocolMapperModel in project keycloak by keycloak.

the class UserRealmRoleMappingMapper method create.

public static ProtocolMapperModel create(String realmRolePrefix, String name, String tokenClaimName, boolean accessToken, boolean idToken, boolean multiValued) {
    ProtocolMapperModel mapper = OIDCAttributeMapperHelper.createClaimMapper(name, "foo", tokenClaimName, "String", accessToken, idToken, false, PROVIDER_ID);
    mapper.getConfig().put(ProtocolMapperUtils.MULTIVALUED, String.valueOf(multiValued));
    mapper.getConfig().put(ProtocolMapperUtils.USER_MODEL_REALM_ROLE_MAPPING_ROLE_PREFIX, realmRolePrefix);
    return mapper;
}

Example 42 with ProtocolMapperModel

use of org.keycloak.models.ProtocolMapperModel in project keycloak by keycloak.

the class ClaimsParameterTokenMapper method createMapper.

public static ProtocolMapperModel createMapper(String name, boolean idToken, boolean userInfo) {
    ProtocolMapperModel mapper = new ProtocolMapperModel();
    mapper.setName(name);
    mapper.setProtocolMapper(PROVIDER_ID);
    mapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
    Map<String, String> config = new HashMap<String, String>();
    if (idToken)
        config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
    if (userInfo)
        config.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
    mapper.setConfig(config);
    return mapper;
}

Example 43 with ProtocolMapperModel

use of org.keycloak.models.ProtocolMapperModel in project keycloak by keycloak.

the class RealmManager method setupAccountManagement.

private void setupAccountManagement(RealmModel realm) {
    ClientModel accountClient = realm.getClientByClientId(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
    if (accountClient == null) {
        accountClient = KeycloakModelUtils.createPublicClient(realm, Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
        accountClient.setName("${client_" + Constants.ACCOUNT_MANAGEMENT_CLIENT_ID + "}");
        accountClient.setEnabled(true);
        accountClient.setAlwaysDisplayInConsole(false);
        accountClient.setFullScopeAllowed(false);
        accountClient.setRootUrl(Constants.AUTH_BASE_URL_PROP);
        String baseUrl = "/realms/" + realm.getName() + "/account/";
        accountClient.setBaseUrl(baseUrl);
        accountClient.addRedirectUri(baseUrl + "*");
        accountClient.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
        for (String role : AccountRoles.DEFAULT) {
            RoleModel roleModel = accountClient.addRole(role);
            roleModel.setDescription("${role_" + role + "}");
            realm.addToDefaultRoles(roleModel);
        }
        RoleModel manageAccountLinks = accountClient.addRole(AccountRoles.MANAGE_ACCOUNT_LINKS);
        manageAccountLinks.setDescription("${role_" + AccountRoles.MANAGE_ACCOUNT_LINKS + "}");
        RoleModel manageAccount = accountClient.getRole(AccountRoles.MANAGE_ACCOUNT);
        manageAccount.addCompositeRole(manageAccountLinks);
        RoleModel viewAppRole = accountClient.addRole(AccountRoles.VIEW_APPLICATIONS);
        viewAppRole.setDescription("${role_" + AccountRoles.VIEW_APPLICATIONS + "}");
        RoleModel viewConsentRole = accountClient.addRole(AccountRoles.VIEW_CONSENT);
        viewConsentRole.setDescription("${role_" + AccountRoles.VIEW_CONSENT + "}");
        RoleModel manageConsentRole = accountClient.addRole(AccountRoles.MANAGE_CONSENT);
        manageConsentRole.setDescription("${role_" + AccountRoles.MANAGE_CONSENT + "}");
        manageConsentRole.addCompositeRole(viewConsentRole);
        KeycloakModelUtils.setupDeleteAccount(accountClient);
        ClientModel accountConsoleClient = realm.getClientByClientId(Constants.ACCOUNT_CONSOLE_CLIENT_ID);
        if (accountConsoleClient == null) {
            accountConsoleClient = KeycloakModelUtils.createPublicClient(realm, Constants.ACCOUNT_CONSOLE_CLIENT_ID);
            accountConsoleClient.setName("${client_" + Constants.ACCOUNT_CONSOLE_CLIENT_ID + "}");
            accountConsoleClient.setEnabled(true);
            accountConsoleClient.setAlwaysDisplayInConsole(false);
            accountConsoleClient.setFullScopeAllowed(false);
            accountConsoleClient.setDirectAccessGrantsEnabled(false);
            accountConsoleClient.setRootUrl(Constants.AUTH_BASE_URL_PROP);
            accountConsoleClient.setBaseUrl(baseUrl);
            accountConsoleClient.addRedirectUri(baseUrl + "*");
            accountConsoleClient.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
            accountConsoleClient.addScopeMapping(accountClient.getRole(AccountRoles.MANAGE_ACCOUNT));
            ProtocolMapperModel audienceMapper = new ProtocolMapperModel();
            audienceMapper.setName(OIDCLoginProtocolFactory.AUDIENCE_RESOLVE);
            audienceMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
            audienceMapper.setProtocolMapper(AudienceResolveProtocolMapper.PROVIDER_ID);
            accountConsoleClient.addProtocolMapper(audienceMapper);
            accountConsoleClient.setAttribute(OIDCConfigAttributes.PKCE_CODE_CHALLENGE_METHOD, "S256");
        }
    }
}

Example 44 with ProtocolMapperModel

use of org.keycloak.models.ProtocolMapperModel in project keycloak by keycloak.

the class UserStorageConsentTest method setupConsent.

public static void setupConsent(KeycloakSession session) {
    RealmModel realm = session.realms().getRealmByName("demo");
    ClientModel product = session.clients().getClientByClientId(realm, "product-portal");
    product.setConsentRequired(true);
    ClientScopeModel clientScope = realm.addClientScope("clientScope");
    clientScope.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
    System.err.println("client scope protocol mappers size: " + clientScope.getProtocolMappersStream().count());
    for (ProtocolMapperModel mapper : product.getProtocolMappersStream().collect(Collectors.toList())) {
        if (mapper.getProtocol().equals(OIDCLoginProtocol.LOGIN_PROTOCOL)) {
            if (mapper.getName().equals(OIDCLoginProtocolFactory.USERNAME) || mapper.getName().equals(OIDCLoginProtocolFactory.EMAIL) || mapper.getName().equals(OIDCLoginProtocolFactory.GIVEN_NAME)) {
                ProtocolMapperModel copy = new ProtocolMapperModel();
                copy.setName(mapper.getName());
                copy.setProtocol(mapper.getProtocol());
                Map<String, String> config = new HashMap<>();
                config.putAll(mapper.getConfig());
                copy.setConfig(config);
                copy.setProtocolMapper(mapper.getProtocolMapper());
                clientScope.addProtocolMapper(copy);
            }
        }
        product.removeProtocolMapper(mapper);
    }
    product.addClientScope(clientScope, true);
}

Example 45 with ProtocolMapperModel

use of org.keycloak.models.ProtocolMapperModel in project keycloak by keycloak.

the class MapProtocolMapperUtils method toModel.

public ProtocolMapperModel toModel(MapProtocolMapperEntity entity) {
    ProtocolMapperModel res = new ProtocolMapperModel();
    res.setId(entity.getId());
    res.setName(entity.getName());
    res.setProtocolMapper(entity.getProtocolMapper());
    res.setConfig(entity.getConfig());
    res.setProtocol(protocol);
    return res;
}