Versions Compared

Version Old Version 1 New Version Current
Changes made by

DevPortal Editor (Unlicensed)

Onesait Platform

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

First of all, the Java model is defined in the class “UserClaims.java” and its adapted to the OpenID standard, but you may need some other attributes. Feel free to adapt this class.

Code Block
public class UserClaims {
	public String sub;
	@JsonProperty("practitioner_id")
	public String practitionerId;
	public List<Role> roles;
	public String name;
	@JsonProperty("preferred_username")
	public String preferredUsername;
	@JsonProperty("given_name")
	public String givenName;
	@JsonProperty("family_name")
	public String familyName;
	public String email;
}

Authorities Extractor

To map your IM role to a onesait Platform ROLE, there is a class which manages this mapping: KeycloakAuthoritiesExtractor.java

...

You also need to provide an implementation of a Principal extractor to retrieve the principal’s name (i.e. the user’s unique ID). The default implementation can be found in the KeycloakPrincipalExtractor.java, and as you can see below, it is extracted from the “preferred_username” attribute.

Code Block
public class KeycloakPrincipalExtractor implements PrincipalExtractor {

	private static final String USERNAME = "preferred_username";

	public Object extractPrincipal(Map<String, Object> map) {
		return map.get(USERNAME);
	}

}

OSP User entity mapping

Finally, there’s a @Component class “ClaimsExtractor.java”, which implements the logic to transform an OpenID profile to a OSP User entity. You may only need to adapt this component too if you changed the Java Model, to provide the following Java attributed correctly: fullName, username (userId), mail.

Code Block
@Component
public class ClaimsExtractor {

	private static final String MAIL_SUFFIX = "@keycloak.com";

	private final KeycloakAuthoritiesExtractor authoritiesExtractor = new KeycloakAuthoritiesExtractor();

	private static final ObjectMapper mapper = new ObjectMapper();

	public User mapFromClaims(Map<String, Object> map) throws JsonProcessingException {
		final UserClaims claims = mapper.convertValue(map, UserClaims.class);

		final User user = new User();
		user.setFullName(claims.getName());
		user.setUsername(claims.getPreferredUsername());
		user.setMail(StringUtils.isEmpty(claims.getEmail()) ? claims.getPreferredUsername() + MAIL_SUFFIX
				: claims.getEmail());
		user.setExtraFields(mapper.writeValueAsString(claims));
		user.setPassword(randomPassword());
		user.setRole(authoritiesExtractor.extractRole(map));

		return user;
	}

	private String randomPassword() {
		return RandomStringUtils.randomAlphabetic(1).toUpperCase() + UUID.randomUUID().toString().substring(0, 10)
				+ "$";
	}
}

Compiling the JAR

Next step is to compile the JAR with maven.

...