Java Code Examples for org.keycloak.representations.idm.ClientRepresentation#setClientId()
The following examples show how to use
org.keycloak.representations.idm.ClientRepresentation#setClientId() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: CustomAuthFlowCookieTest.java From keycloak with Apache License 2.0 | 6 votes |
|
@Before
@Override
public void beforeTest() {
super.beforeTest();
ClientRepresentation testApp = new ClientRepresentation();
testApp.setClientId("test-app");
testApp.setEnabled(true);
testApp.setBaseUrl(APP_ROOT);
testApp.setRedirectUris(Arrays.asList(new String[]{APP_ROOT + "/*"}));
testApp.setAdminUrl(APP_ROOT + "/logout");
testApp.setSecret("password");
Response response = testRealmResource().clients().create(testApp);
assertEquals(201, response.getStatus());
getCleanup().addClientUuid(ApiUtil.getCreatedId(response));
response.close();
}
Example 2
| Source File: KeycloakTestResource.java From quarkus with Apache License 2.0 | 6 votes |
|
private static ClientRepresentation createClient(String clientId) {
ClientRepresentation client = new ClientRepresentation();
client.setClientId(clientId);
client.setPublicClient(false);
client.setSecret("secret");
client.setDirectAccessGrantsEnabled(true);
client.setEnabled(true);
client.setAuthorizationServicesEnabled(true);
ResourceServerRepresentation authorizationSettings = new ResourceServerRepresentation();
authorizationSettings.setResources(new ArrayList<>());
authorizationSettings.setPolicies(new ArrayList<>());
configurePermissionResourcePermission(authorizationSettings);
configureClaimBasedPermission(authorizationSettings);
configureHttpResponseClaimBasedPermission(authorizationSettings);
configureBodyClaimBasedPermission(authorizationSettings);
configurePaths(authorizationSettings);
client.setAuthorizationSettings(authorizationSettings);
return client;
}
Example 3
| Source File: KeycloakTestResource.java From quarkus with Apache License 2.0 | 5 votes |
|
private static ClientRepresentation createClient(String clientId) {
ClientRepresentation client = new ClientRepresentation();
client.setClientId(clientId);
client.setPublicClient(false);
client.setSecret("secret");
client.setDirectAccessGrantsEnabled(true);
client.setEnabled(true);
client.setAuthorizationServicesEnabled(true);
ResourceServerRepresentation authorizationSettings = new ResourceServerRepresentation();
authorizationSettings.setResources(new ArrayList<>());
authorizationSettings.setPolicies(new ArrayList<>());
configurePermissionResourcePermission(authorizationSettings);
configureClaimBasedPermission(authorizationSettings);
configureHttpResponseClaimBasedPermission(authorizationSettings);
configureBodyClaimBasedPermission(authorizationSettings);
configurePaths(authorizationSettings);
configureScopePermission(authorizationSettings);
client.setAuthorizationSettings(authorizationSettings);
return client;
}
Example 4
| Source File: ClientScopeTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Test
public void defaultOptionalClientScopeCanBeAssignedToClientAsDefaultScope() {
// Create optional client scope
ClientScopeRepresentation optionalClientScope = new ClientScopeRepresentation();
optionalClientScope.setName("optional-client-scope");
optionalClientScope.setProtocol("openid-connect");
String optionalClientScopeId = createClientScope(optionalClientScope);
getCleanup().addClientScopeId(optionalClientScopeId);
testRealmResource().addDefaultOptionalClientScope(optionalClientScopeId);
assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.defaultOptionalClientScopePath(optionalClientScopeId), ResourceType.CLIENT_SCOPE);
// Ensure that scope is optional
List<String> realmOptionalScopes = getClientScopeNames(testRealmResource().getDefaultOptionalClientScopes());
Assert.assertTrue(realmOptionalScopes.contains("optional-client-scope"));
// Create client
ClientRepresentation client = new ClientRepresentation();
client.setClientId("test-client");
client.setDefaultClientScopes(Collections.singletonList("optional-client-scope"));
String clientUuid = createClient(client);
getCleanup().addClientUuid(clientUuid);
// Ensure that default optional client scope is a default scope of the client
List<String> clientDefaultScopes = getClientScopeNames(testRealmResource().clients().get(clientUuid).getDefaultClientScopes());
Assert.assertTrue(clientDefaultScopes.contains("optional-client-scope"));
// Ensure that no optional scopes are assigned to the client, even if there are default optional scopes!
List<String> clientOptionalScopes = getClientScopeNames(testRealmResource().clients().get(clientUuid).getOptionalClientScopes());
Assert.assertTrue(clientOptionalScopes.isEmpty());
// Unassign optional client scope from realm for cleanup
testRealmResource().removeDefaultOptionalClientScope(optionalClientScopeId);
assertAdminEvents.assertEvent(getRealmId(), OperationType.DELETE, AdminEventPaths.defaultOptionalClientScopePath(optionalClientScopeId), ResourceType.CLIENT_SCOPE);
}
Example 5
| Source File: AdapterInstallationConfigTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Before
@Override
public void before() throws Exception {
super.before();
client = new ClientRepresentation();
client.setEnabled(true);
client.setClientId("RegistrationAccessTokenTest");
client.setSecret("RegistrationAccessTokenTestClientSecret");
client.setPublicClient(false);
client.setRegistrationAccessToken("RegistrationAccessTokenTestRegistrationAccessToken");
client.setRootUrl("http://root");
client = createClient(client);
client.setSecret("RegistrationAccessTokenTestClientSecret");
getCleanup().addClientUuid(client.getId());
client2 = new ClientRepresentation();
client2.setEnabled(true);
client2.setClientId("RegistrationAccessTokenTest2");
client2.setSecret("RegistrationAccessTokenTestClientSecret");
client2.setPublicClient(false);
client2.setRegistrationAccessToken("RegistrationAccessTokenTestRegistrationAccessToken");
client2.setRootUrl("http://root");
client2 = createClient(client2);
getCleanup().addClientUuid(client2.getId());
clientPublic = new ClientRepresentation();
clientPublic.setEnabled(true);
clientPublic.setClientId("RegistrationAccessTokenTestPublic");
clientPublic.setPublicClient(true);
clientPublic.setRegistrationAccessToken("RegistrationAccessTokenTestRegistrationAccessTokenPublic");
clientPublic.setRootUrl("http://root");
clientPublic = createClient(clientPublic);
getCleanup().addClientUuid(clientPublic.getId());
}
Example 6
| Source File: ConcurrencyTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Test
public void createClientRole() throws Throwable {
ClientRepresentation c = new ClientRepresentation();
c.setClientId("client");
Response response = adminClient.realm(REALM_NAME).clients().create(c);
final String clientId = ApiUtil.getCreatedId(response);
response.close();
AtomicInteger uniqueCounter = new AtomicInteger();
concurrentTest(new CreateClientRole(uniqueCounter, clientId));
}
Example 7
| Source File: ClientInvalidationClusterTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Override
protected ClientRepresentation testEntityUpdates(ClientRepresentation client, boolean backendFailover) {
// clientId
client.setClientId(client.getClientId() + "_updated");
client = updateEntityOnCurrentFailNode(client, "clientId");
verifyEntityUpdateDuringFailover(client, backendFailover);
// name
client.setName(client.getName() + "_updated");
client = updateEntityOnCurrentFailNode(client, "name");
verifyEntityUpdateDuringFailover(client, backendFailover);
return client;
}
Example 8
| Source File: CredentialsTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Test
public void testGetAndRegenerateRegistrationAccessToken() {
ClientRepresentation rep = accountClient.toRepresentation();
String oldToken = rep.getRegistrationAccessToken();
String newToken = accountClient.regenerateRegistrationAccessToken().getRegistrationAccessToken();
assertNull(oldToken); // registration access token not saved in ClientRep
assertNotNull(newToken); // it's only available via regenerateRegistrationAccessToken()
assertNull(accountClient.toRepresentation().getRegistrationAccessToken());
// Test event
ClientRepresentation testedRep = new ClientRepresentation();
testedRep.setClientId(rep.getClientId());
testedRep.setRegistrationAccessToken(newToken);
assertAdminEvents.assertEvent(getRealmId(), OperationType.ACTION, AdminEventPaths.clientRegenerateRegistrationAccessTokenPath(accountClientDbId), testedRep, ResourceType.CLIENT);
}
Example 9
| Source File: ClientRegistrationTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Test
public void updateClientNotFound() throws ClientRegistrationException {
authManageClients();
try {
ClientRepresentation client = new ClientRepresentation();
client.setClientId("invalid");
reg.update(client);
fail("Expected 404");
} catch (ClientRegistrationException e) {
assertEquals(404, ((HttpErrorException) e.getCause()).getStatusLine().getStatusCode());
}
}
Example 10
| Source File: AbstractClientTest.java From keycloak with Apache License 2.0 | 5 votes |
|
protected String createSamlClient(String name) {
ClientRepresentation clientRep = new ClientRepresentation();
clientRep.setClientId(name);
clientRep.setName(name);
clientRep.setProtocol("saml");
return createClient(clientRep);
}
Example 11
| Source File: AbstractClientTest.java From keycloak with Apache License 2.0 | 5 votes |
|
protected ClientRepresentation createOidcClientRep(String name) {
ClientRepresentation clientRep = new ClientRepresentation();
clientRep.setClientId(name);
clientRep.setName(name);
clientRep.setProtocol("openid-connect");
return clientRep;
}
Example 12
| Source File: PartialImportTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Before
public void createClientForClientRoles() {
ClientRepresentation client = new ClientRepresentation();
client.setClientId(CLIENT_ROLES_CLIENT);
client.setName(CLIENT_ROLES_CLIENT);
client.setProtocol("openid-connect");
try (Response resp = testRealmResource().clients().create(client)) {
// for some reason, findAll() will later fail unless readEntity is called here
resp.readEntity(String.class);
//testRealmResource().clients().findAll();
}
}
Example 13
| Source File: KeycloakRealmResourceManager.java From quarkus with Apache License 2.0 | 5 votes |
|
private static ClientRepresentation createClient(String clientId) {
ClientRepresentation client = new ClientRepresentation();
client.setClientId(clientId);
client.setEnabled(true);
client.setRedirectUris(Arrays.asList("*"));
client.setClientAuthenticatorType("client-secret");
client.setSecret("secret");
return client;
}
Example 14
| Source File: PartialImportTest.java From keycloak with Apache License 2.0 | 5 votes |
|
private void addClients(boolean withServiceAccounts) throws IOException {
List<ClientRepresentation> clients = new ArrayList<>();
List<UserRepresentation> serviceAccounts = new ArrayList<>();
for (int i = 0; i < NUM_ENTITIES; i++) {
ClientRepresentation client = new ClientRepresentation();
client.setClientId(CLIENT_PREFIX + i);
client.setName(CLIENT_PREFIX + i);
clients.add(client);
if (withServiceAccounts) {
client.setServiceAccountsEnabled(true);
client.setBearerOnly(false);
client.setPublicClient(false);
client.setAuthorizationSettings(resourceServerSampleSettings);
client.setAuthorizationServicesEnabled(true);
// create the user service account
UserRepresentation serviceAccount = new UserRepresentation();
serviceAccount.setUsername(ServiceAccountConstants.SERVICE_ACCOUNT_USER_PREFIX + client.getClientId());
serviceAccount.setEnabled(true);
serviceAccount.setEmail(serviceAccount.getUsername() + "@placeholder.org");
serviceAccount.setServiceAccountClientId(client.getClientId());
serviceAccounts.add(serviceAccount);
}
}
if (withServiceAccounts) {
if (piRep.getUsers() == null) {
piRep.setUsers(new ArrayList<>());
}
piRep.getUsers().addAll(serviceAccounts);
}
piRep.setClients(clients);
}
Example 15
| Source File: InvalidationCrossDCTest.java From keycloak with Apache License 2.0 | 5 votes |
|
@Test
public void clientListInvalidationTest() throws Exception {
enableDcOnLoadBalancer(DC.FIRST);
enableDcOnLoadBalancer(DC.SECOND);
List<ClientRepresentation> dc0List = getAdminClientForStartedNodeInDc(0).realms().realm(REALM_NAME).clients().findAll();
List<ClientRepresentation> dc1List = getAdminClientForStartedNodeInDc(1).realms().realm(REALM_NAME).clients().findAll();
// Test same clients on both DCs
Assert.assertEquals(dc0List.size(), dc1List.size());
int initialSize = dc0List.size();
// Create client on DC0
ClientRepresentation rep = new ClientRepresentation();
rep.setClientId("some-new-client");
rep.setEnabled(true);
Response response = getAdminClientForStartedNodeInDc(0).realms().realm(REALM_NAME).clients().create(rep);
Assert.assertEquals(201, response.getStatus());
response.close();
// Assert updated on both DC0 and DC1 (here retry is needed. We need to wait until invalidation message arrives)
dc0List = getAdminClientForStartedNodeInDc(0).realms().realm(REALM_NAME).clients().findAll();
Assert.assertEquals(initialSize + 1, dc0List.size());
AtomicInteger i = new AtomicInteger(0);
Retry.execute(() -> {
i.incrementAndGet();
List<ClientRepresentation> dc1Listt = getAdminClientForStartedNodeInDc(1).realms().realm(REALM_NAME).clients().findAll();
Assert.assertEquals(initialSize + 1, dc1Listt.size());
}, 50, 50);
log.infof("clientListInvalidationTest: Passed after '%d' iterations", i.get());
}
Example 16
| Source File: ClientManager.java From keycloak with Apache License 2.0 | 4 votes |
|
public void renameTo(String newName) {
ClientRepresentation app = clientResource.toRepresentation();
app.setClientId(newName);
clientResource.update(app);
}
Example 17
| Source File: ClientTest.java From keycloak with Apache License 2.0 | 4 votes |
|
@Test
public void updateClient() {
ClientRepresentation client = createClient();
ClientRepresentation newClient = new ClientRepresentation();
newClient.setId(client.getId());
newClient.setClientId(client.getClientId());
newClient.setBaseUrl("http://baseurl");
realm.clients().get(client.getId()).update(newClient);
assertAdminEvents.assertEvent(realmId, OperationType.UPDATE, AdminEventPaths.clientResourcePath(client.getId()), newClient, ResourceType.CLIENT);
ClientRepresentation storedClient = realm.clients().get(client.getId()).toRepresentation();
assertClient(client, storedClient);
newClient.setSecret("new-secret");
realm.clients().get(client.getId()).update(newClient);
assertAdminEvents.assertEvent(realmId, OperationType.UPDATE, AdminEventPaths.clientResourcePath(client.getId()), newClient, ResourceType.CLIENT);
storedClient = realm.clients().get(client.getId()).toRepresentation();
assertClient(client, storedClient);
}
Example 18
| Source File: ClientTest.java From keycloak with Apache License 2.0 | 4 votes |
|
@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void updateClientWithProtocolMapper() {
ClientRepresentation rep = new ClientRepresentation();
rep.setClientId("my-app");
ProtocolMapperRepresentation fooMapper = new ProtocolMapperRepresentation();
fooMapper.setName("foo");
fooMapper.setProtocol("openid-connect");
fooMapper.setProtocolMapper("oidc-hardcoded-claim-mapper");
rep.setProtocolMappers(Collections.singletonList(fooMapper));
Response response = realm.clients().create(rep);
response.close();
String id = ApiUtil.getCreatedId(response);
getCleanup().addClientUuid(id);
ClientResource clientResource = realm.clients().get(id);
assertNotNull(clientResource);
ClientRepresentation client = clientResource.toRepresentation();
List<ProtocolMapperRepresentation> protocolMappers = client.getProtocolMappers();
assertEquals(1, protocolMappers.size());
ProtocolMapperRepresentation mapper = protocolMappers.get(0);
assertEquals("foo", mapper.getName());
ClientRepresentation newClient = new ClientRepresentation();
newClient.setId(client.getId());
newClient.setClientId(client.getClientId());
ProtocolMapperRepresentation barMapper = new ProtocolMapperRepresentation();
barMapper.setName("bar");
barMapper.setProtocol("openid-connect");
barMapper.setProtocolMapper("oidc-hardcoded-role-mapper");
protocolMappers.add(barMapper);
newClient.setProtocolMappers(protocolMappers);
realm.clients().get(client.getId()).update(newClient);
ClientRepresentation storedClient = realm.clients().get(client.getId()).toRepresentation();
assertClient(client, storedClient);
}
Example 19
| Source File: UserTest.java From keycloak with Apache License 2.0 | 4 votes |
|
@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void sendResetPasswordEmailWithRedirect() throws IOException {
UserRepresentation userRep = new UserRepresentation();
userRep.setEnabled(true);
userRep.setUsername("user1");
userRep.setEmail("[email protected]");
String id = createUser(userRep);
UserResource user = realm.users().get(id);
ClientRepresentation client = new ClientRepresentation();
client.setClientId("myclient");
client.setRedirectUris(new LinkedList<>());
client.getRedirectUris().add("http://myclient.com/*");
client.setName("myclient");
client.setEnabled(true);
Response response = realm.clients().create(client);
String createdId = ApiUtil.getCreatedId(response);
assertAdminEvents.assertEvent(realmId, OperationType.CREATE, AdminEventPaths.clientResourcePath(createdId), client, ResourceType.CLIENT);
List<String> actions = new LinkedList<>();
actions.add(UserModel.RequiredAction.UPDATE_PASSWORD.name());
try {
// test that an invalid redirect uri is rejected.
user.executeActionsEmail("myclient", "http://unregistered-uri.com/", actions);
fail("Expected failure");
} catch (ClientErrorException e) {
assertEquals(400, e.getResponse().getStatus());
ErrorRepresentation error = e.getResponse().readEntity(ErrorRepresentation.class);
Assert.assertEquals("Invalid redirect uri.", error.getErrorMessage());
}
user.executeActionsEmail("myclient", "http://myclient.com/home.html", actions);
assertAdminEvents.assertEvent(realmId, OperationType.ACTION, AdminEventPaths.userResourcePath(id) + "/execute-actions-email", ResourceType.USER);
Assert.assertEquals(1, greenMail.getReceivedMessages().length);
MimeMessage message = greenMail.getReceivedMessages()[0];
String link = MailUtils.getPasswordResetEmailLink(message);
driver.navigate().to(link);
proceedPage.assertCurrent();
Assert.assertThat(proceedPage.getInfo(), Matchers.containsString("Update Password"));
proceedPage.clickProceedLink();
passwordUpdatePage.assertCurrent();
passwordUpdatePage.changePassword("new-pass", "new-pass");
assertEquals("Your account has been updated.", driver.findElement(By.id("kc-page-title")).getText());
String pageSource = driver.getPageSource();
// check to make sure the back link is set.
Assert.assertTrue(pageSource.contains("http://myclient.com/home.html"));
driver.navigate().to(link);
assertEquals("We are sorry...", PageUtils.getPageTitle(driver));
}
Example 20
| Source File: KcOidcBrokerConfiguration.java From keycloak with Apache License 2.0 | 4 votes |
|
@Override
public List<ClientRepresentation> createProviderClients() {
ClientRepresentation client = new ClientRepresentation();
client.setId(CLIENT_ID);
client.setClientId(getIDPClientIdInProviderRealm());
client.setName(CLIENT_ID);
client.setSecret(CLIENT_SECRET);
client.setEnabled(true);
client.setRedirectUris(Collections.singletonList(getConsumerRoot() +
"/auth/realms/" + REALM_CONS_NAME + "/broker/" + IDP_OIDC_ALIAS + "/endpoint/*"));
client.setAdminUrl(getConsumerRoot() +
"/auth/realms/" + REALM_CONS_NAME + "/broker/" + IDP_OIDC_ALIAS + "/endpoint");
ProtocolMapperRepresentation emailMapper = new ProtocolMapperRepresentation();
emailMapper.setName("email");
emailMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
emailMapper.setProtocolMapper(UserPropertyMapper.PROVIDER_ID);
Map<String, String> emailMapperConfig = emailMapper.getConfig();
emailMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, "email");
emailMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, "email");
emailMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
emailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
emailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
emailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
ProtocolMapperRepresentation nestedAttrMapper = new ProtocolMapperRepresentation();
nestedAttrMapper.setName("attribute - nested claim");
nestedAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
nestedAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
Map<String, String> nestedEmailMapperConfig = nestedAttrMapper.getConfig();
nestedEmailMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, "nested.email");
nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, "nested.email");
nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
ProtocolMapperRepresentation dottedAttrMapper = new ProtocolMapperRepresentation();
dottedAttrMapper.setName("attribute - claim with dot in name");
dottedAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
dottedAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
Map<String, String> dottedEmailMapperConfig = dottedAttrMapper.getConfig();
dottedEmailMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, "dotted.email");
dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, "dotted\\.email");
dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
ProtocolMapperRepresentation userAttrMapper = new ProtocolMapperRepresentation();
userAttrMapper.setName("attribute - name");
userAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
userAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
Map<String, String> userAttrMapperConfig = userAttrMapper.getConfig();
userAttrMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, ATTRIBUTE_TO_MAP_NAME);
userAttrMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, ATTRIBUTE_TO_MAP_NAME);
userAttrMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
userAttrMapperConfig.put(ProtocolMapperUtils.MULTIVALUED, "true");
ProtocolMapperRepresentation userAttrMapper2 = new ProtocolMapperRepresentation();
userAttrMapper2.setName("attribute - name - 2");
userAttrMapper2.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
userAttrMapper2.setProtocolMapper(UserAttributeMapper.PROVIDER_ID);
Map<String, String> userAttrMapperConfig2 = userAttrMapper2.getConfig();
userAttrMapperConfig2.put(ProtocolMapperUtils.USER_ATTRIBUTE, ATTRIBUTE_TO_MAP_NAME_2);
userAttrMapperConfig2.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, ATTRIBUTE_TO_MAP_NAME_2);
userAttrMapperConfig2.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE);
userAttrMapperConfig2.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
userAttrMapperConfig2.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
userAttrMapperConfig2.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
userAttrMapperConfig2.put(ProtocolMapperUtils.MULTIVALUED, "true");
ProtocolMapperRepresentation hardcodedJsonClaim = new ProtocolMapperRepresentation();
hardcodedJsonClaim.setName("json-mapper");
hardcodedJsonClaim.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
hardcodedJsonClaim.setProtocolMapper(HardcodedClaim.PROVIDER_ID);
Map<String, String> hardcodedJsonClaimMapperConfig = hardcodedJsonClaim.getConfig();
hardcodedJsonClaimMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, KcOidcBrokerConfiguration.USER_INFO_CLAIM);
hardcodedJsonClaimMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, "JSON");
hardcodedJsonClaimMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
hardcodedJsonClaimMapperConfig.put(HardcodedClaim.CLAIM_VALUE, "{\"" + HARDOCDED_CLAIM + "\": \"" + HARDOCDED_VALUE + "\"}");
client.setProtocolMappers(Arrays.asList(emailMapper, userAttrMapper, userAttrMapper2, nestedAttrMapper, dottedAttrMapper, hardcodedJsonClaim));
return Collections.singletonList(client);
}
