From 992e2a7e4a5ec58424938db406c6dd47307a0a7f Mon Sep 17 00:00:00 2001 From: treydock Date: Mon, 25 Nov 2024 10:19:08 -0500 Subject: [PATCH] Allow claim_name and json_type_label with script mappers (#335) --- .../keycloak_client_protocol_mapper/kcadm.rb | 9 ++++++--- .../provider/keycloak_protocol_mapper/kcadm.rb | 12 ++++++++---- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/lib/puppet/provider/keycloak_client_protocol_mapper/kcadm.rb b/lib/puppet/provider/keycloak_client_protocol_mapper/kcadm.rb index f29602db..b3e28d7e 100644 --- a/lib/puppet/provider/keycloak_client_protocol_mapper/kcadm.rb +++ b/lib/puppet/provider/keycloak_client_protocol_mapper/kcadm.rb @@ -44,7 +44,8 @@ def self.instances if protocol_mapper[:type] == 'oidc-usermodel-property-mapper' || protocol_mapper[:type] == 'saml-user-property-mapper' protocol_mapper[:user_attribute] = d['config']['user.attribute'] end - if ['oidc-usermodel-client-role-mapper', 'oidc-usermodel-property-mapper', 'oidc-group-membership-mapper'].include?(protocol_mapper[:type]) + if ['oidc-usermodel-client-role-mapper', 'oidc-usermodel-property-mapper', + 'oidc-group-membership-mapper'].include?(protocol_mapper[:type]) || (protocol_mapper[:protocol] == 'openid-connect' && protocol_mapper[:type] =~ %r{script-.+}) protocol_mapper[:claim_name] = d['config']['claim.name'] protocol_mapper[:json_type_label] = d['config']['jsonType.label'] end @@ -109,7 +110,8 @@ def create if (resource[:type] == 'oidc-usermodel-property-mapper' || resource[:type] == 'saml-user-property-mapper') && resource[:user_attribute] data[:config][:'user.attribute'] = resource[:user_attribute] end - if ['oidc-usermodel-client-role-mapper', 'oidc-usermodel-property-mapper', 'oidc-group-membership-mapper'].include?(resource[:type]) + if ['oidc-usermodel-client-role-mapper', 'oidc-usermodel-property-mapper', + 'oidc-group-membership-mapper'].include?(resource[:type]) || (resource[:protocol] == 'openid-connect' && resource[:type] =~ %r{script-.+}) data[:config][:'claim.name'] = resource[:claim_name] if resource[:claim_name] data[:config][:'jsonType.label'] = resource[:json_type_label] if resource[:json_type_label] end @@ -197,7 +199,8 @@ def flush if (resource[:type] == 'oidc-usermodel-property-mapper' || resource[:type] == 'saml-user-property-mapper') && resource[:user_attribute] config[:'user.attribute'] = resource[:user_attribute] end - if ['oidc-usermodel-client-role-mapper', 'oidc-usermodel-property-mapper', 'oidc-group-membership-mapper'].include?(resource[:type]) + if ['oidc-usermodel-client-role-mapper', 'oidc-usermodel-property-mapper', + 'oidc-group-membership-mapper'].include?(resource[:type]) || (resource[:protocol] == 'openid-connect' && resource[:type] =~ %r{script-.+}) config[:'claim.name'] = resource[:claim_name] if resource[:claim_name] config[:'jsonType.label'] = resource[:json_type_label] if resource[:json_type_label] end diff --git a/lib/puppet/provider/keycloak_protocol_mapper/kcadm.rb b/lib/puppet/provider/keycloak_protocol_mapper/kcadm.rb index 9a86994c..231c0c93 100644 --- a/lib/puppet/provider/keycloak_protocol_mapper/kcadm.rb +++ b/lib/puppet/provider/keycloak_protocol_mapper/kcadm.rb @@ -44,14 +44,16 @@ def self.instances if ['oidc-usermodel-property-mapper', 'saml-user-property-mapper', 'saml-user-attribute-mapper', 'oidc-usermodel-attribute-mapper'].include?(protocol_mapper[:type]) protocol_mapper[:user_attribute] = d['config']['user.attribute'] end - if ['oidc-usermodel-property-mapper', 'oidc-group-membership-mapper', 'oidc-usermodel-attribute-mapper'].include?(protocol_mapper[:type]) + if ['oidc-usermodel-property-mapper', 'oidc-group-membership-mapper', + 'oidc-usermodel-attribute-mapper'].include?(protocol_mapper[:type]) || (protocol_mapper[:protocol] == 'openid-connect' && protocol_mapper[:type] =~ %r{script-.+}) protocol_mapper[:claim_name] = d['config']['claim.name'] protocol_mapper[:json_type_label] = d['config']['jsonType.label'] end if ['oidc-group-membership-mapper', 'saml-group-membership-mapper'].include?(protocol_mapper[:type]) protocol_mapper[:full_path] = d['config']['full.path'] end - if ['saml-group-membership-mapper', 'saml-user-property-mapper', 'saml-user-attribute-mapper'].include?(protocol_mapper[:type]) || protocol_mapper[:type] =~ %r{script-.+} + if ['saml-group-membership-mapper', 'saml-user-property-mapper', + 'saml-user-attribute-mapper'].include?(protocol_mapper[:type]) || (protocol_mapper[:protocol] == 'saml' && protocol_mapper[:type] =~ %r{script-.+}) protocol_mapper[:friendly_name] = d['config']['friendly.name'] end if protocol_mapper[:protocol] == 'openid-connect' @@ -105,7 +107,8 @@ def create if ['oidc-usermodel-property-mapper', 'saml-user-property-mapper', 'saml-user-attribute-mapper', 'oidc-usermodel-attribute-mapper'].include?(resource[:type]) && resource[:user_attribute] data[:config][:'user.attribute'] = resource[:user_attribute] end - if ['oidc-usermodel-property-mapper', 'oidc-group-membership-mapper', 'oidc-usermodel-attribute-mapper'].include?(resource[:type]) + if ['oidc-usermodel-property-mapper', 'oidc-group-membership-mapper', + 'oidc-usermodel-attribute-mapper'].include?(resource[:type]) || (resource[:protocol] == 'openid-connect' && resource[:type] =~ %r{script-.+}) data[:config][:'claim.name'] = resource[:claim_name] if resource[:claim_name] data[:config][:'jsonType.label'] = resource[:json_type_label] if resource[:json_type_label] end @@ -188,7 +191,8 @@ def flush if ['oidc-usermodel-property-mapper', 'saml-user-property-mapper', 'saml-user-attribute-mapper', 'oidc-usermodel-attribute-mapper'].include?(resource[:type]) && resource[:user_attribute] config[:'user.attribute'] = resource[:user_attribute] end - if ['oidc-usermodel-property-mapper', 'oidc-group-membership-mapper', 'oidc-usermodel-attribute-mapper'].include?(resource[:type]) + if ['oidc-usermodel-property-mapper', 'oidc-group-membership-mapper', + 'oidc-usermodel-attribute-mapper'].include?(resource[:type]) || (resource[:protocol] == 'openid-connect' && resource[:type] =~ %r{script-.+}) config[:'claim.name'] = resource[:claim_name] if resource[:claim_name] config[:'jsonType.label'] = resource[:json_type_label] if resource[:json_type_label] end