public static void addOrUpdateGroupMapper(
RealmModel realm,
UserFederationProviderModel providerModel,
LDAPGroupMapperMode mode,
String descriptionAttrName,
String... otherConfigOptions) {
UserFederationMapperModel mapperModel =
realm.getUserFederationMapperByName(providerModel.getId(), "groupsMapper");
if (mapperModel != null) {
mapperModel.getConfig().put(GroupMapperConfig.MODE, mode.toString());
updateGroupMapperConfigOptions(mapperModel, otherConfigOptions);
realm.updateUserFederationMapper(mapperModel);
} else {
String baseDn = providerModel.getConfig().get(LDAPConstants.BASE_DN);
mapperModel =
KeycloakModelUtils.createUserFederationMapperModel(
"groupsMapper",
providerModel.getId(),
GroupLDAPFederationMapperFactory.PROVIDER_ID,
GroupMapperConfig.GROUPS_DN,
"ou=Groups," + baseDn,
GroupMapperConfig.MAPPED_GROUP_ATTRIBUTES,
descriptionAttrName,
GroupMapperConfig.PRESERVE_GROUP_INHERITANCE,
"true",
GroupMapperConfig.MODE,
mode.toString());
updateGroupMapperConfigOptions(mapperModel, otherConfigOptions);
realm.addUserFederationMapper(mapperModel);
}
}
public static void addOrUpdateRoleLDAPMappers(
RealmModel realm,
UserFederationProviderModel providerModel,
RoleLDAPFederationMapper.Mode mode) {
UserFederationMapperModel mapperModel =
realm.getUserFederationMapperByName(providerModel.getId(), "realmRolesMapper");
if (mapperModel != null) {
mapperModel.getConfig().put(RoleLDAPFederationMapper.MODE, mode.toString());
realm.updateUserFederationMapper(mapperModel);
} else {
String baseDn = providerModel.getConfig().get(LDAPConstants.BASE_DN);
mapperModel =
KeycloakModelUtils.createUserFederationMapperModel(
"realmRolesMapper",
providerModel.getId(),
RoleLDAPFederationMapperFactory.PROVIDER_ID,
RoleLDAPFederationMapper.ROLES_DN,
"ou=RealmRoles," + baseDn,
RoleLDAPFederationMapper.USE_REALM_ROLES_MAPPING,
"true",
RoleLDAPFederationMapper.MODE,
mode.toString());
realm.addUserFederationMapper(mapperModel);
}
mapperModel = realm.getUserFederationMapperByName(providerModel.getId(), "financeRolesMapper");
if (mapperModel != null) {
mapperModel.getConfig().put(RoleLDAPFederationMapper.MODE, mode.toString());
realm.updateUserFederationMapper(mapperModel);
} else {
String baseDn = providerModel.getConfig().get(LDAPConstants.BASE_DN);
mapperModel =
KeycloakModelUtils.createUserFederationMapperModel(
"financeRolesMapper",
providerModel.getId(),
RoleLDAPFederationMapperFactory.PROVIDER_ID,
RoleLDAPFederationMapper.ROLES_DN,
"ou=FinanceRoles," + baseDn,
RoleLDAPFederationMapper.USE_REALM_ROLES_MAPPING,
"false",
RoleLDAPFederationMapper.CLIENT_ID,
"finance",
RoleLDAPFederationMapper.MODE,
mode.toString());
realm.addUserFederationMapper(mapperModel);
}
}
public static UserFederationMapperModel addUserAttributeMapper(
RealmModel realm,
UserFederationProviderModel providerModel,
String mapperName,
String userModelAttributeName,
String ldapAttributeName) {
UserFederationMapperModel mapperModel =
KeycloakModelUtils.createUserFederationMapperModel(
mapperName,
providerModel.getId(),
UserAttributeLDAPFederationMapperFactory.PROVIDER_ID,
UserAttributeLDAPFederationMapper.USER_MODEL_ATTRIBUTE,
userModelAttributeName,
UserAttributeLDAPFederationMapper.LDAP_ATTRIBUTE,
ldapAttributeName,
UserAttributeLDAPFederationMapper.READ_ONLY,
"false",
UserAttributeLDAPFederationMapper.ALWAYS_READ_VALUE_FROM_LDAP,
"false",
UserAttributeLDAPFederationMapper.IS_MANDATORY_IN_LDAP,
"false");
return realm.addUserFederationMapper(mapperModel);
}