Java Code Examples for org.keycloak.representations.idm.ClientRepresentation#setClientId()
The following examples show how to use
org.keycloak.representations.idm.ClientRepresentation#setClientId() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: CustomAuthFlowCookieTest.java From keycloak with Apache License 2.0 | 6 votes |
@Before @Override public void beforeTest() { super.beforeTest(); ClientRepresentation testApp = new ClientRepresentation(); testApp.setClientId("test-app"); testApp.setEnabled(true); testApp.setBaseUrl(APP_ROOT); testApp.setRedirectUris(Arrays.asList(new String[]{APP_ROOT + "/*"})); testApp.setAdminUrl(APP_ROOT + "/logout"); testApp.setSecret("password"); Response response = testRealmResource().clients().create(testApp); assertEquals(201, response.getStatus()); getCleanup().addClientUuid(ApiUtil.getCreatedId(response)); response.close(); }
Example 2
Source File: KeycloakTestResource.java From quarkus with Apache License 2.0 | 6 votes |
private static ClientRepresentation createClient(String clientId) { ClientRepresentation client = new ClientRepresentation(); client.setClientId(clientId); client.setPublicClient(false); client.setSecret("secret"); client.setDirectAccessGrantsEnabled(true); client.setEnabled(true); client.setAuthorizationServicesEnabled(true); ResourceServerRepresentation authorizationSettings = new ResourceServerRepresentation(); authorizationSettings.setResources(new ArrayList<>()); authorizationSettings.setPolicies(new ArrayList<>()); configurePermissionResourcePermission(authorizationSettings); configureClaimBasedPermission(authorizationSettings); configureHttpResponseClaimBasedPermission(authorizationSettings); configureBodyClaimBasedPermission(authorizationSettings); configurePaths(authorizationSettings); client.setAuthorizationSettings(authorizationSettings); return client; }
Example 3
Source File: KeycloakTestResource.java From quarkus with Apache License 2.0 | 5 votes |
private static ClientRepresentation createClient(String clientId) { ClientRepresentation client = new ClientRepresentation(); client.setClientId(clientId); client.setPublicClient(false); client.setSecret("secret"); client.setDirectAccessGrantsEnabled(true); client.setEnabled(true); client.setAuthorizationServicesEnabled(true); ResourceServerRepresentation authorizationSettings = new ResourceServerRepresentation(); authorizationSettings.setResources(new ArrayList<>()); authorizationSettings.setPolicies(new ArrayList<>()); configurePermissionResourcePermission(authorizationSettings); configureClaimBasedPermission(authorizationSettings); configureHttpResponseClaimBasedPermission(authorizationSettings); configureBodyClaimBasedPermission(authorizationSettings); configurePaths(authorizationSettings); configureScopePermission(authorizationSettings); client.setAuthorizationSettings(authorizationSettings); return client; }
Example 4
Source File: ClientScopeTest.java From keycloak with Apache License 2.0 | 5 votes |
@Test public void defaultOptionalClientScopeCanBeAssignedToClientAsDefaultScope() { // Create optional client scope ClientScopeRepresentation optionalClientScope = new ClientScopeRepresentation(); optionalClientScope.setName("optional-client-scope"); optionalClientScope.setProtocol("openid-connect"); String optionalClientScopeId = createClientScope(optionalClientScope); getCleanup().addClientScopeId(optionalClientScopeId); testRealmResource().addDefaultOptionalClientScope(optionalClientScopeId); assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.defaultOptionalClientScopePath(optionalClientScopeId), ResourceType.CLIENT_SCOPE); // Ensure that scope is optional List<String> realmOptionalScopes = getClientScopeNames(testRealmResource().getDefaultOptionalClientScopes()); Assert.assertTrue(realmOptionalScopes.contains("optional-client-scope")); // Create client ClientRepresentation client = new ClientRepresentation(); client.setClientId("test-client"); client.setDefaultClientScopes(Collections.singletonList("optional-client-scope")); String clientUuid = createClient(client); getCleanup().addClientUuid(clientUuid); // Ensure that default optional client scope is a default scope of the client List<String> clientDefaultScopes = getClientScopeNames(testRealmResource().clients().get(clientUuid).getDefaultClientScopes()); Assert.assertTrue(clientDefaultScopes.contains("optional-client-scope")); // Ensure that no optional scopes are assigned to the client, even if there are default optional scopes! List<String> clientOptionalScopes = getClientScopeNames(testRealmResource().clients().get(clientUuid).getOptionalClientScopes()); Assert.assertTrue(clientOptionalScopes.isEmpty()); // Unassign optional client scope from realm for cleanup testRealmResource().removeDefaultOptionalClientScope(optionalClientScopeId); assertAdminEvents.assertEvent(getRealmId(), OperationType.DELETE, AdminEventPaths.defaultOptionalClientScopePath(optionalClientScopeId), ResourceType.CLIENT_SCOPE); }
Example 5
Source File: AdapterInstallationConfigTest.java From keycloak with Apache License 2.0 | 5 votes |
@Before @Override public void before() throws Exception { super.before(); client = new ClientRepresentation(); client.setEnabled(true); client.setClientId("RegistrationAccessTokenTest"); client.setSecret("RegistrationAccessTokenTestClientSecret"); client.setPublicClient(false); client.setRegistrationAccessToken("RegistrationAccessTokenTestRegistrationAccessToken"); client.setRootUrl("http://root"); client = createClient(client); client.setSecret("RegistrationAccessTokenTestClientSecret"); getCleanup().addClientUuid(client.getId()); client2 = new ClientRepresentation(); client2.setEnabled(true); client2.setClientId("RegistrationAccessTokenTest2"); client2.setSecret("RegistrationAccessTokenTestClientSecret"); client2.setPublicClient(false); client2.setRegistrationAccessToken("RegistrationAccessTokenTestRegistrationAccessToken"); client2.setRootUrl("http://root"); client2 = createClient(client2); getCleanup().addClientUuid(client2.getId()); clientPublic = new ClientRepresentation(); clientPublic.setEnabled(true); clientPublic.setClientId("RegistrationAccessTokenTestPublic"); clientPublic.setPublicClient(true); clientPublic.setRegistrationAccessToken("RegistrationAccessTokenTestRegistrationAccessTokenPublic"); clientPublic.setRootUrl("http://root"); clientPublic = createClient(clientPublic); getCleanup().addClientUuid(clientPublic.getId()); }
Example 6
Source File: ConcurrencyTest.java From keycloak with Apache License 2.0 | 5 votes |
@Test public void createClientRole() throws Throwable { ClientRepresentation c = new ClientRepresentation(); c.setClientId("client"); Response response = adminClient.realm(REALM_NAME).clients().create(c); final String clientId = ApiUtil.getCreatedId(response); response.close(); AtomicInteger uniqueCounter = new AtomicInteger(); concurrentTest(new CreateClientRole(uniqueCounter, clientId)); }
Example 7
Source File: ClientInvalidationClusterTest.java From keycloak with Apache License 2.0 | 5 votes |
@Override protected ClientRepresentation testEntityUpdates(ClientRepresentation client, boolean backendFailover) { // clientId client.setClientId(client.getClientId() + "_updated"); client = updateEntityOnCurrentFailNode(client, "clientId"); verifyEntityUpdateDuringFailover(client, backendFailover); // name client.setName(client.getName() + "_updated"); client = updateEntityOnCurrentFailNode(client, "name"); verifyEntityUpdateDuringFailover(client, backendFailover); return client; }
Example 8
Source File: CredentialsTest.java From keycloak with Apache License 2.0 | 5 votes |
@Test public void testGetAndRegenerateRegistrationAccessToken() { ClientRepresentation rep = accountClient.toRepresentation(); String oldToken = rep.getRegistrationAccessToken(); String newToken = accountClient.regenerateRegistrationAccessToken().getRegistrationAccessToken(); assertNull(oldToken); // registration access token not saved in ClientRep assertNotNull(newToken); // it's only available via regenerateRegistrationAccessToken() assertNull(accountClient.toRepresentation().getRegistrationAccessToken()); // Test event ClientRepresentation testedRep = new ClientRepresentation(); testedRep.setClientId(rep.getClientId()); testedRep.setRegistrationAccessToken(newToken); assertAdminEvents.assertEvent(getRealmId(), OperationType.ACTION, AdminEventPaths.clientRegenerateRegistrationAccessTokenPath(accountClientDbId), testedRep, ResourceType.CLIENT); }
Example 9
Source File: ClientRegistrationTest.java From keycloak with Apache License 2.0 | 5 votes |
@Test public void updateClientNotFound() throws ClientRegistrationException { authManageClients(); try { ClientRepresentation client = new ClientRepresentation(); client.setClientId("invalid"); reg.update(client); fail("Expected 404"); } catch (ClientRegistrationException e) { assertEquals(404, ((HttpErrorException) e.getCause()).getStatusLine().getStatusCode()); } }
Example 10
Source File: AbstractClientTest.java From keycloak with Apache License 2.0 | 5 votes |
protected String createSamlClient(String name) { ClientRepresentation clientRep = new ClientRepresentation(); clientRep.setClientId(name); clientRep.setName(name); clientRep.setProtocol("saml"); return createClient(clientRep); }
Example 11
Source File: AbstractClientTest.java From keycloak with Apache License 2.0 | 5 votes |
protected ClientRepresentation createOidcClientRep(String name) { ClientRepresentation clientRep = new ClientRepresentation(); clientRep.setClientId(name); clientRep.setName(name); clientRep.setProtocol("openid-connect"); return clientRep; }
Example 12
Source File: PartialImportTest.java From keycloak with Apache License 2.0 | 5 votes |
@Before public void createClientForClientRoles() { ClientRepresentation client = new ClientRepresentation(); client.setClientId(CLIENT_ROLES_CLIENT); client.setName(CLIENT_ROLES_CLIENT); client.setProtocol("openid-connect"); try (Response resp = testRealmResource().clients().create(client)) { // for some reason, findAll() will later fail unless readEntity is called here resp.readEntity(String.class); //testRealmResource().clients().findAll(); } }
Example 13
Source File: KeycloakRealmResourceManager.java From quarkus with Apache License 2.0 | 5 votes |
private static ClientRepresentation createClient(String clientId) { ClientRepresentation client = new ClientRepresentation(); client.setClientId(clientId); client.setEnabled(true); client.setRedirectUris(Arrays.asList("*")); client.setClientAuthenticatorType("client-secret"); client.setSecret("secret"); return client; }
Example 14
Source File: PartialImportTest.java From keycloak with Apache License 2.0 | 5 votes |
private void addClients(boolean withServiceAccounts) throws IOException { List<ClientRepresentation> clients = new ArrayList<>(); List<UserRepresentation> serviceAccounts = new ArrayList<>(); for (int i = 0; i < NUM_ENTITIES; i++) { ClientRepresentation client = new ClientRepresentation(); client.setClientId(CLIENT_PREFIX + i); client.setName(CLIENT_PREFIX + i); clients.add(client); if (withServiceAccounts) { client.setServiceAccountsEnabled(true); client.setBearerOnly(false); client.setPublicClient(false); client.setAuthorizationSettings(resourceServerSampleSettings); client.setAuthorizationServicesEnabled(true); // create the user service account UserRepresentation serviceAccount = new UserRepresentation(); serviceAccount.setUsername(ServiceAccountConstants.SERVICE_ACCOUNT_USER_PREFIX + client.getClientId()); serviceAccount.setEnabled(true); serviceAccount.setEmail(serviceAccount.getUsername() + "@placeholder.org"); serviceAccount.setServiceAccountClientId(client.getClientId()); serviceAccounts.add(serviceAccount); } } if (withServiceAccounts) { if (piRep.getUsers() == null) { piRep.setUsers(new ArrayList<>()); } piRep.getUsers().addAll(serviceAccounts); } piRep.setClients(clients); }
Example 15
Source File: InvalidationCrossDCTest.java From keycloak with Apache License 2.0 | 5 votes |
@Test public void clientListInvalidationTest() throws Exception { enableDcOnLoadBalancer(DC.FIRST); enableDcOnLoadBalancer(DC.SECOND); List<ClientRepresentation> dc0List = getAdminClientForStartedNodeInDc(0).realms().realm(REALM_NAME).clients().findAll(); List<ClientRepresentation> dc1List = getAdminClientForStartedNodeInDc(1).realms().realm(REALM_NAME).clients().findAll(); // Test same clients on both DCs Assert.assertEquals(dc0List.size(), dc1List.size()); int initialSize = dc0List.size(); // Create client on DC0 ClientRepresentation rep = new ClientRepresentation(); rep.setClientId("some-new-client"); rep.setEnabled(true); Response response = getAdminClientForStartedNodeInDc(0).realms().realm(REALM_NAME).clients().create(rep); Assert.assertEquals(201, response.getStatus()); response.close(); // Assert updated on both DC0 and DC1 (here retry is needed. We need to wait until invalidation message arrives) dc0List = getAdminClientForStartedNodeInDc(0).realms().realm(REALM_NAME).clients().findAll(); Assert.assertEquals(initialSize + 1, dc0List.size()); AtomicInteger i = new AtomicInteger(0); Retry.execute(() -> { i.incrementAndGet(); List<ClientRepresentation> dc1Listt = getAdminClientForStartedNodeInDc(1).realms().realm(REALM_NAME).clients().findAll(); Assert.assertEquals(initialSize + 1, dc1Listt.size()); }, 50, 50); log.infof("clientListInvalidationTest: Passed after '%d' iterations", i.get()); }
Example 16
Source File: ClientManager.java From keycloak with Apache License 2.0 | 4 votes |
public void renameTo(String newName) { ClientRepresentation app = clientResource.toRepresentation(); app.setClientId(newName); clientResource.update(app); }
Example 17
Source File: ClientTest.java From keycloak with Apache License 2.0 | 4 votes |
@Test public void updateClient() { ClientRepresentation client = createClient(); ClientRepresentation newClient = new ClientRepresentation(); newClient.setId(client.getId()); newClient.setClientId(client.getClientId()); newClient.setBaseUrl("http://baseurl"); realm.clients().get(client.getId()).update(newClient); assertAdminEvents.assertEvent(realmId, OperationType.UPDATE, AdminEventPaths.clientResourcePath(client.getId()), newClient, ResourceType.CLIENT); ClientRepresentation storedClient = realm.clients().get(client.getId()).toRepresentation(); assertClient(client, storedClient); newClient.setSecret("new-secret"); realm.clients().get(client.getId()).update(newClient); assertAdminEvents.assertEvent(realmId, OperationType.UPDATE, AdminEventPaths.clientResourcePath(client.getId()), newClient, ResourceType.CLIENT); storedClient = realm.clients().get(client.getId()).toRepresentation(); assertClient(client, storedClient); }
Example 18
Source File: ClientTest.java From keycloak with Apache License 2.0 | 4 votes |
@Test @AuthServerContainerExclude(AuthServer.REMOTE) public void updateClientWithProtocolMapper() { ClientRepresentation rep = new ClientRepresentation(); rep.setClientId("my-app"); ProtocolMapperRepresentation fooMapper = new ProtocolMapperRepresentation(); fooMapper.setName("foo"); fooMapper.setProtocol("openid-connect"); fooMapper.setProtocolMapper("oidc-hardcoded-claim-mapper"); rep.setProtocolMappers(Collections.singletonList(fooMapper)); Response response = realm.clients().create(rep); response.close(); String id = ApiUtil.getCreatedId(response); getCleanup().addClientUuid(id); ClientResource clientResource = realm.clients().get(id); assertNotNull(clientResource); ClientRepresentation client = clientResource.toRepresentation(); List<ProtocolMapperRepresentation> protocolMappers = client.getProtocolMappers(); assertEquals(1, protocolMappers.size()); ProtocolMapperRepresentation mapper = protocolMappers.get(0); assertEquals("foo", mapper.getName()); ClientRepresentation newClient = new ClientRepresentation(); newClient.setId(client.getId()); newClient.setClientId(client.getClientId()); ProtocolMapperRepresentation barMapper = new ProtocolMapperRepresentation(); barMapper.setName("bar"); barMapper.setProtocol("openid-connect"); barMapper.setProtocolMapper("oidc-hardcoded-role-mapper"); protocolMappers.add(barMapper); newClient.setProtocolMappers(protocolMappers); realm.clients().get(client.getId()).update(newClient); ClientRepresentation storedClient = realm.clients().get(client.getId()).toRepresentation(); assertClient(client, storedClient); }
Example 19
Source File: UserTest.java From keycloak with Apache License 2.0 | 4 votes |
@Test @AuthServerContainerExclude(AuthServer.REMOTE) public void sendResetPasswordEmailWithRedirect() throws IOException { UserRepresentation userRep = new UserRepresentation(); userRep.setEnabled(true); userRep.setUsername("user1"); userRep.setEmail("[email protected]"); String id = createUser(userRep); UserResource user = realm.users().get(id); ClientRepresentation client = new ClientRepresentation(); client.setClientId("myclient"); client.setRedirectUris(new LinkedList<>()); client.getRedirectUris().add("http://myclient.com/*"); client.setName("myclient"); client.setEnabled(true); Response response = realm.clients().create(client); String createdId = ApiUtil.getCreatedId(response); assertAdminEvents.assertEvent(realmId, OperationType.CREATE, AdminEventPaths.clientResourcePath(createdId), client, ResourceType.CLIENT); List<String> actions = new LinkedList<>(); actions.add(UserModel.RequiredAction.UPDATE_PASSWORD.name()); try { // test that an invalid redirect uri is rejected. user.executeActionsEmail("myclient", "http://unregistered-uri.com/", actions); fail("Expected failure"); } catch (ClientErrorException e) { assertEquals(400, e.getResponse().getStatus()); ErrorRepresentation error = e.getResponse().readEntity(ErrorRepresentation.class); Assert.assertEquals("Invalid redirect uri.", error.getErrorMessage()); } user.executeActionsEmail("myclient", "http://myclient.com/home.html", actions); assertAdminEvents.assertEvent(realmId, OperationType.ACTION, AdminEventPaths.userResourcePath(id) + "/execute-actions-email", ResourceType.USER); Assert.assertEquals(1, greenMail.getReceivedMessages().length); MimeMessage message = greenMail.getReceivedMessages()[0]; String link = MailUtils.getPasswordResetEmailLink(message); driver.navigate().to(link); proceedPage.assertCurrent(); Assert.assertThat(proceedPage.getInfo(), Matchers.containsString("Update Password")); proceedPage.clickProceedLink(); passwordUpdatePage.assertCurrent(); passwordUpdatePage.changePassword("new-pass", "new-pass"); assertEquals("Your account has been updated.", driver.findElement(By.id("kc-page-title")).getText()); String pageSource = driver.getPageSource(); // check to make sure the back link is set. Assert.assertTrue(pageSource.contains("http://myclient.com/home.html")); driver.navigate().to(link); assertEquals("We are sorry...", PageUtils.getPageTitle(driver)); }
Example 20
Source File: KcOidcBrokerConfiguration.java From keycloak with Apache License 2.0 | 4 votes |
@Override public List<ClientRepresentation> createProviderClients() { ClientRepresentation client = new ClientRepresentation(); client.setId(CLIENT_ID); client.setClientId(getIDPClientIdInProviderRealm()); client.setName(CLIENT_ID); client.setSecret(CLIENT_SECRET); client.setEnabled(true); client.setRedirectUris(Collections.singletonList(getConsumerRoot() + "/auth/realms/" + REALM_CONS_NAME + "/broker/" + IDP_OIDC_ALIAS + "/endpoint/*")); client.setAdminUrl(getConsumerRoot() + "/auth/realms/" + REALM_CONS_NAME + "/broker/" + IDP_OIDC_ALIAS + "/endpoint"); ProtocolMapperRepresentation emailMapper = new ProtocolMapperRepresentation(); emailMapper.setName("email"); emailMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL); emailMapper.setProtocolMapper(UserPropertyMapper.PROVIDER_ID); Map<String, String> emailMapperConfig = emailMapper.getConfig(); emailMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, "email"); emailMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, "email"); emailMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE); emailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true"); emailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true"); emailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true"); ProtocolMapperRepresentation nestedAttrMapper = new ProtocolMapperRepresentation(); nestedAttrMapper.setName("attribute - nested claim"); nestedAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL); nestedAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID); Map<String, String> nestedEmailMapperConfig = nestedAttrMapper.getConfig(); nestedEmailMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, "nested.email"); nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, "nested.email"); nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE); nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true"); nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true"); nestedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true"); ProtocolMapperRepresentation dottedAttrMapper = new ProtocolMapperRepresentation(); dottedAttrMapper.setName("attribute - claim with dot in name"); dottedAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL); dottedAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID); Map<String, String> dottedEmailMapperConfig = dottedAttrMapper.getConfig(); dottedEmailMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, "dotted.email"); dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, "dotted\\.email"); dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE); dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true"); dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true"); dottedEmailMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true"); ProtocolMapperRepresentation userAttrMapper = new ProtocolMapperRepresentation(); userAttrMapper.setName("attribute - name"); userAttrMapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL); userAttrMapper.setProtocolMapper(UserAttributeMapper.PROVIDER_ID); Map<String, String> userAttrMapperConfig = userAttrMapper.getConfig(); userAttrMapperConfig.put(ProtocolMapperUtils.USER_ATTRIBUTE, ATTRIBUTE_TO_MAP_NAME); userAttrMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, ATTRIBUTE_TO_MAP_NAME); userAttrMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE); userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true"); userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true"); userAttrMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true"); userAttrMapperConfig.put(ProtocolMapperUtils.MULTIVALUED, "true"); ProtocolMapperRepresentation userAttrMapper2 = new ProtocolMapperRepresentation(); userAttrMapper2.setName("attribute - name - 2"); userAttrMapper2.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL); userAttrMapper2.setProtocolMapper(UserAttributeMapper.PROVIDER_ID); Map<String, String> userAttrMapperConfig2 = userAttrMapper2.getConfig(); userAttrMapperConfig2.put(ProtocolMapperUtils.USER_ATTRIBUTE, ATTRIBUTE_TO_MAP_NAME_2); userAttrMapperConfig2.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, ATTRIBUTE_TO_MAP_NAME_2); userAttrMapperConfig2.put(OIDCAttributeMapperHelper.JSON_TYPE, ProviderConfigProperty.STRING_TYPE); userAttrMapperConfig2.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true"); userAttrMapperConfig2.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true"); userAttrMapperConfig2.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true"); userAttrMapperConfig2.put(ProtocolMapperUtils.MULTIVALUED, "true"); ProtocolMapperRepresentation hardcodedJsonClaim = new ProtocolMapperRepresentation(); hardcodedJsonClaim.setName("json-mapper"); hardcodedJsonClaim.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL); hardcodedJsonClaim.setProtocolMapper(HardcodedClaim.PROVIDER_ID); Map<String, String> hardcodedJsonClaimMapperConfig = hardcodedJsonClaim.getConfig(); hardcodedJsonClaimMapperConfig.put(OIDCAttributeMapperHelper.TOKEN_CLAIM_NAME, KcOidcBrokerConfiguration.USER_INFO_CLAIM); hardcodedJsonClaimMapperConfig.put(OIDCAttributeMapperHelper.JSON_TYPE, "JSON"); hardcodedJsonClaimMapperConfig.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true"); hardcodedJsonClaimMapperConfig.put(HardcodedClaim.CLAIM_VALUE, "{\"" + HARDOCDED_CLAIM + "\": \"" + HARDOCDED_VALUE + "\"}"); client.setProtocolMappers(Arrays.asList(emailMapper, userAttrMapper, userAttrMapper2, nestedAttrMapper, dottedAttrMapper, hardcodedJsonClaim)); return Collections.singletonList(client); }