Keycloak创建自定义身份提供程序映射器 [英] Keycloak create a custom identity provider mapper

问题描述

我有一个开放的id提供程序，并且我将此提供程序用作keycloak的身份代理.我想映射从代理发送到keycloak的角色(声明)(keycloak将在其jwt中发送映射的角色).我想知道如何实现并将自定义映射器添加到keycloak(例如hardcodedmapper，keycloak中的attributemapper).我可以这样做吗?谢谢

i have an open id provider and i use this provider as identity broker of keycloak. I want to map roles (claims) which sent from broker to keycloak (and keycloak will sent mapped roles in its jwt). I want to know how to implement and add a custom mapper to keycloak (like hardcodedmapper, attributemapper in keycloak). Can i do this? Thanks

推荐答案

创建新的provider类，我扩展了现有的org.keycloak.broker.saml.mappers.AttributeToRoleMapper类.

Create your new provider class, I extended the existing org.keycloak.broker.saml.mappers.AttributeToRoleMapper class.

构建jar时，请确保jar中有一个名为services的文件夹META-INF文件夹.

When building your jar ensure you have a folder called services within the jars, META-INF folder.

在此文件夹中创建一个名为org.keycloak.broker.provider.IdentityProviderMapper的简单文本文件，在该文件中添加新提供程序类的全名，即package.Classname.

Within this folder create a simple text file called org.keycloak.broker.provider.IdentityProviderMapper, within that file add the full name of your new provider class, i.e. package.Classname.

编译后，将文件拖放到Keycloak根文件夹下的providers文件夹中.重新启动容器.

Once compiled drop the file in the providers folder below the Keycloak root folder. Restart your container.

这篇关于Keycloak创建自定义身份提供程序映射器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！