[keycloak-user] Groups as array of objects (Script Mapper ? )

Dmitry Telegin dt at acutus.pro
Sun Jul 22 22:04:46 EDT 2018 

Hi Daniel,

Not sure if Script Mapper allows for that, but you could definitely
solve this with a custom ProtocolMapper. Use the "Group Membership"
mapper as a reference, but return an array of objects instead of an
array of strings.

Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training

Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info at acutus.pro

On Fri, 2018-07-20 at 14:26 +0200, Daniel Teixeira wrote:
> Hello,
> I am trying to configure my userinfo token to get the groups, as an
> array
> of objects.
> Currently if I add the "Group Membership" mapper in my client, an
> array of
> Strings with the groups is returns.
> 
> {
>   "name": "Dummy User",
>   "groups": ["group1", "group2", "group3"]
>    ...
> }
> 
> But what I need for a SSO Confluence plugin to work is the following
> format:
> (The name of the attributes don't matter, but I need an array of
> objects
> for the groups)
> 
> {
>   "name": "Dummy User",
>   "groups": [ {"group_name": "group1"},
>                    {"group_name": "group2"},
>                    {"group_name": "group3"}  ]
>  ...
> }
> 
> So I have tried to created Script Mapper as follows:
> 
> *var groups = [];*
> *user.getGroups().forEach(function(groupModel) {*
> *    var groupName = groupModel.getName();*
> *    groups.push({"group_name": groupName});*
> *})*
> 
> *token.setOtherClaims("groups", groups);*
> 
> 
> But this script produces a token as following:
> 
> {
>   "name": "Dummy User",
>   "groups": {
>     "0": {
>       "group_name": "group1"
>     },
>     "1": {
>       "group_name": "group2"
>     },
>     "2": {
>       "group_name": "group3"
>     }
>   },
>   ....
> }
> 
> Which is not an array of object, but a map of objects.
> I have tried to toggle the option multivalued but it didn't change
> anything.
> 
> Is there a way to have an array?
> Could someone help me with that?
> Thanks in advance!
> 
> Cheers,
> Daniel Teixeira
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list