Skip to content

Commit

Permalink
Correct mapper type and fields for attribute import for Google/Facebook
Browse files Browse the repository at this point in the history 
GET /auth/admin/realms/<realm>/identity-provider/instances/google/mapper-types
GET /auth/admin/realms/<realm>/identity-provider/instances/facebook/mapper-types

Return the type of the user template mapper to be
`<provider id>-user-attribute-mapper`.
Not `<provider id>-user-attribute-idp-mapper`.

The correct fields are also `jsonField` and `userAttribute`.
  • Loading branch information
@Photonios
Photonios committed Feb 5, 2021
1 parent 2f932ef commit 5f46c7a
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 0 deletions.
2 changes: 2 additions & 0 deletions keycloak/identity_provider_mapper.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (

type IdentityProviderMapperConfig struct {
UserAttribute string `json:"user.attribute,omitempty"`
UserAttributeName string `json:"userAttribute,omitempty"`
Claim string `json:"claim,omitempty"`
ClaimValue string `json:"claim.value,omitempty"`
HardcodedAttribute string `json:"attribute,omitempty"`
Expand All @@ -19,6 +20,7 @@ type IdentityProviderMapperConfig struct {
AttributeFriendlyName string `json:"attribute.friendly.name,omitempty"`
Template string `json:"template,omitempty"`
Role string `json:"role,omitempty"`
JsonField string `json:"jsonField,omitEmpty"`
ExtraConfig map[string]interface{} `json:"-"`
}

Expand Down
5 changes: 5 additions & 0 deletions provider/resource_keycloak_attribute_importer_identity_provider_mapper.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,12 @@ func getAttributeImporterIdentityProviderMapperFromData(data *schema.ResourceDat
if _, ok := data.GetOk("claim_name"); !ok {
return nil, fmt.Errorf(`provider.keycloak: keycloak_attribute_importer_identity_provider_mapper: %s: "claim_name": should be set for %s identity provider`, data.Get("name").(string), identityProvider.ProviderId)
}

rec.Config.Claim = data.Get("claim_name").(string)
} else if identityProvider.ProviderId == "facebook" || identityProvider.ProviderId == "google" {
rec.IdentityProviderMapper = fmt.Sprintf("%s-user-attribute-mapper", identityProvider.ProviderId)
rec.Config.JsonField = data.Get("claim_name").(string)
rec.Config.UserAttributeName = data.Get("user_attribute").(string)
} else {
return nil, fmt.Errorf(`provider.keycloak: keycloak_attribute_importer_identity_provider_mapper: %s: "%s" identity provider is not supported yet`, data.Get("name").(string), identityProvider.ProviderId)
}
Expand Down

0 comments on commit 5f46c7a

Please sign in to comment.