示例#1
0
 public static void addOrUpdateGroupMapper(
     RealmModel realm,
     UserFederationProviderModel providerModel,
     LDAPGroupMapperMode mode,
     String descriptionAttrName,
     String... otherConfigOptions) {
   UserFederationMapperModel mapperModel =
       realm.getUserFederationMapperByName(providerModel.getId(), "groupsMapper");
   if (mapperModel != null) {
     mapperModel.getConfig().put(GroupMapperConfig.MODE, mode.toString());
     updateGroupMapperConfigOptions(mapperModel, otherConfigOptions);
     realm.updateUserFederationMapper(mapperModel);
   } else {
     String baseDn = providerModel.getConfig().get(LDAPConstants.BASE_DN);
     mapperModel =
         KeycloakModelUtils.createUserFederationMapperModel(
             "groupsMapper",
             providerModel.getId(),
             GroupLDAPFederationMapperFactory.PROVIDER_ID,
             GroupMapperConfig.GROUPS_DN,
             "ou=Groups," + baseDn,
             GroupMapperConfig.MAPPED_GROUP_ATTRIBUTES,
             descriptionAttrName,
             GroupMapperConfig.PRESERVE_GROUP_INHERITANCE,
             "true",
             GroupMapperConfig.MODE,
             mode.toString());
     updateGroupMapperConfigOptions(mapperModel, otherConfigOptions);
     realm.addUserFederationMapper(mapperModel);
   }
 }
  public static void addOrUpdateRoleLDAPMappers(
      RealmModel realm,
      UserFederationProviderModel providerModel,
      RoleLDAPFederationMapper.Mode mode) {
    UserFederationMapperModel mapperModel =
        realm.getUserFederationMapperByName(providerModel.getId(), "realmRolesMapper");
    if (mapperModel != null) {
      mapperModel.getConfig().put(RoleLDAPFederationMapper.MODE, mode.toString());
      realm.updateUserFederationMapper(mapperModel);
    } else {
      String baseDn = providerModel.getConfig().get(LDAPConstants.BASE_DN);
      mapperModel =
          KeycloakModelUtils.createUserFederationMapperModel(
              "realmRolesMapper",
              providerModel.getId(),
              RoleLDAPFederationMapperFactory.PROVIDER_ID,
              RoleLDAPFederationMapper.ROLES_DN,
              "ou=RealmRoles," + baseDn,
              RoleLDAPFederationMapper.USE_REALM_ROLES_MAPPING,
              "true",
              RoleLDAPFederationMapper.MODE,
              mode.toString());
      realm.addUserFederationMapper(mapperModel);
    }

    mapperModel = realm.getUserFederationMapperByName(providerModel.getId(), "financeRolesMapper");
    if (mapperModel != null) {
      mapperModel.getConfig().put(RoleLDAPFederationMapper.MODE, mode.toString());
      realm.updateUserFederationMapper(mapperModel);
    } else {
      String baseDn = providerModel.getConfig().get(LDAPConstants.BASE_DN);
      mapperModel =
          KeycloakModelUtils.createUserFederationMapperModel(
              "financeRolesMapper",
              providerModel.getId(),
              RoleLDAPFederationMapperFactory.PROVIDER_ID,
              RoleLDAPFederationMapper.ROLES_DN,
              "ou=FinanceRoles," + baseDn,
              RoleLDAPFederationMapper.USE_REALM_ROLES_MAPPING,
              "false",
              RoleLDAPFederationMapper.CLIENT_ID,
              "finance",
              RoleLDAPFederationMapper.MODE,
              mode.toString());
      realm.addUserFederationMapper(mapperModel);
    }
  }
示例#3
0
 public static UserFederationMapperModel addUserAttributeMapper(
     RealmModel realm,
     UserFederationProviderModel providerModel,
     String mapperName,
     String userModelAttributeName,
     String ldapAttributeName) {
   UserFederationMapperModel mapperModel =
       KeycloakModelUtils.createUserFederationMapperModel(
           mapperName,
           providerModel.getId(),
           UserAttributeLDAPFederationMapperFactory.PROVIDER_ID,
           UserAttributeLDAPFederationMapper.USER_MODEL_ATTRIBUTE,
           userModelAttributeName,
           UserAttributeLDAPFederationMapper.LDAP_ATTRIBUTE,
           ldapAttributeName,
           UserAttributeLDAPFederationMapper.READ_ONLY,
           "false",
           UserAttributeLDAPFederationMapper.ALWAYS_READ_VALUE_FROM_LDAP,
           "false",
           UserAttributeLDAPFederationMapper.IS_MANDATORY_IN_LDAP,
           "false");
   return realm.addUserFederationMapper(mapperModel);
 }