[keycloak-dev] How to do default claim mappings?
Stian Thorgersen
stian at redhat.com
Mon Feb 23 08:24:37 EST 2015
----- Original Message -----
> From: "Pedro Igor Silva" <psilva at redhat.com>
> To: "Stian Thorgersen" <stian at redhat.com>
> Cc: "Bill Burke" <bburke at redhat.com>, keycloak-dev at lists.jboss.org
> Sent: Monday, February 23, 2015 2:17:32 PM
> Subject: Re: [keycloak-dev] How to do default claim mappings?
>
> Isn't better review the EventBuilder to provide a more robust event handling
> mech ?
That could be an option, but there needs to at least be two different types of listeners, one for providers to listen to "framework" related events and another for listening to "user/admin" events.
>
>
> ----- Original Message -----
> > From: "Stian Thorgersen" <stian at redhat.com>
> > To: "Bill Burke" <bburke at redhat.com>
> > Cc: keycloak-dev at lists.jboss.org
> > Sent: Monday, February 23, 2015 5:07:32 AM
> > Subject: Re: [keycloak-dev] How to do default claim mappings?
> >
> >
> >
> > ----- Original Message -----
> > > From: "Bill Burke" <bburke at redhat.com>
> > > To: keycloak-dev at lists.jboss.org
> > > Sent: Friday, February 20, 2015 4:47:39 PM
> > > Subject: [keycloak-dev] How to do default claim mappings?
> > >
> > > Per realm and per protocol (saml or OIDC), I'm going to need to register
> > > a set of default claim mappers into storage. ProviderFactorys are
> > > loaded at boot time and each of their init() methods is invoked. I'm
> > > thinking of adding a new method to ProviderFactory
> > >
> > > void preprocess(KeycloakSessionFactory sessionFactory);
> > >
> > > This would be called after all providers have been loaded. This would
> > > allow the OIDC and SAML providers to browser every realm to make sure
> > > the appropriate built in claim mappers have been registered.
> > >
> > > I'm also thinking of adding a RealmCreationListener registration method
> > > on RealmProvider. Within ProviderFactory.preprocess() components could
> > > register themselves with the RealmProvider for realm creation events so
> > > that they could add additional metadata specific to their plugin.
> >
> > preprocess is fine, except it adds a method that most providers won't use
> > and
> > also the name is a bit confusing.
> >
> > RealmCreationListener is fine, but what if we add more and more "events"
> > providers can listen to. We'll get a lot of methods and listener types.
> >
> > What about adding a general purpose event listener framework for providers?
> > We can add
> >
> > * ProviderEventListener ProviderFactory.getProviderEventListener()
> >
> > The bootstrapping process would after calling init on all ProviderFactory,
> > call getProviderEventListener. If it returns null it won't register it, but
> > otherwise it'll add it to the list of listeners.
> >
> > ProviderEventListener would have the following method:
> >
> > * void onEvent(ProviderEvent event)
> >
> > ProviderEvent would have:
> >
> > * EventType type
> > * Map<String, String> details
> >
> > We can add events for:
> >
> > * Providers initialized - replaces preprocess, is invoked when all
> > ProviderFactory init is called (and all ProviderEventListener are
> > registered)
> > * Realm created
> > * Realm deleted
> > * Application created
> > * Application deleted
> > * User created
> > * User deleted
> > * Others?
> >
> >
> > >
> > > --
> > > Bill Burke
> > > JBoss, a division of Red Hat
> > > http://bill.burkecentral.com
> > > _______________________________________________
> > > keycloak-dev mailing list
> > > keycloak-dev at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> > >
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
>
More information about the keycloak-dev
mailing list