[keycloak-dev] JSON document as claim JSON type on mapper configuration page
Thomas Darimont
thomas.darimont at googlemail.com
Mon Oct 2 05:05:45 EDT 2017
Hello Herbert,
the code that performs the value conversion is here:
org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper#convertToType
At the moment the only way to customize the mapping in the desired way is
to provide your own AbstractOIDCProtocolMapper mapper implementation.
Note that the OIDCAttributeMapperHelper is used by the setClaim method so
you need to avoid using that method, or replace the resulting
string value of your attribute with an object structure which is then later
marshalled as an appropriate json structure.
Cheers,
Thomas
2017-10-02 10:36 GMT+02:00 Muehlburger, Herbert <
herbert.muehlburger at bearingpoint.com>:
> ?Hello,
>
>
> What is the best way to map a JSON document to a Token Claim? Currently I
> can only define "?String" in Claim JSON Type at the Mapper Configuration
> page. But this causes Keycloak to treat the value of my custom user
> attribute field field as string. The value is indeed a JSON document and it
> would be great if there is also a claim JSON type of "JSON Object" which is
> not treated as string and not escaped as happens now.
>
>
> ?Kind regards,
>
> Herbert
>
>
> Herbert Mühlburger
> Senior System Engineer
>
> [http://signature.bearingpoint.com/BrP_Logo.png]
>
> T +43 316 8003
> F +43 316 8003 1080
>
> BearingPoint Technology GmbH
> Seering 6, Block B
> 8141 Premstätten
> Austria
>
> herbert.muehlburger at bearingpoint.com <mailto:herbert.muehlburger@
> bearingpoint.com>
> www.bearingpoint.com<http://www.bearingpoint.com/>
> ________________________________
> BearingPoint Technology GmbH
> Sitz: Premstätten bei Graz
> Firmenbuchgericht: Landesgericht für ZRS Graz
> Firmenbuchnummer: FN 44354b
>
> The information in this email is confidential and may be legally
> privileged. If you are not the intended recipient of this message, any
> review, disclosure, copying, distribution, retention, or any action taken
> or omitted to be taken in reliance on it is prohibited and may be unlawful.
> If you are not the intended recipient, please reply to or forward a copy of
> this message to the sender and delete the message, any attachments, and any
> copies thereof from your system.
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
More information about the keycloak-dev
mailing list