Package com.xebialabs.platform.sso.oidc.policy

Interface ClaimsToGrantedAuthoritiesPolicy

All Known Implementing Classes:

DefaultClaimsToGrantedAuthoritiesPolicy

public interface ClaimsToGrantedAuthoritiesPolicy

Policy to convert OIDC claims to GrantedAuthorities.

See: http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims

Method Summary

Modifier and Type	Method	Description
List<org.springframework.security.core.GrantedAuthority>	claimsToGrantedAuthorities(Map<String,Object> oidcClaims)	Derive the GrantedAuthoritys from the claims provided by the IDP.

Method Details

claimsToGrantedAuthorities

List<org.springframework.security.core.GrantedAuthority> claimsToGrantedAuthorities(Map<String,Object> oidcClaims)

Derive the GrantedAuthoritys from the claims provided by the IDP.

It seems there's no real standard claim for groups/roles. In Okta it seems to be named 'groups' in KeyCloak it can be configured and filled with Groups or Roles.

Parameters:

oidcClaims - a map with the claims (Values can be strings, integers, ..)

Returns:

the list with GrantedAuthoritys