Package com.xebialabs.platform.sso.oidc.policy

Interface ClaimsToGrantedAuthoritiesPolicy

  • All Known Implementing Classes:
    DefaultClaimsToGrantedAuthoritiesPolicy
    public interface ClaimsToGrantedAuthoritiesPolicy
    Policy to convert OIDC claims to GrantedAuthorities.

    See: http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      java.util.List<org.springframework.security.core.GrantedAuthority> claimsToGrantedAuthorities​(java.util.Map<java.lang.String,​java.lang.Object> oidcClaims)
      Derive the GrantedAuthoritys from the claims provided by the IDP.

    • Method Detail

      • claimsToGrantedAuthorities

        java.util.List<org.springframework.security.core.GrantedAuthority> claimsToGrantedAuthorities​(java.util.Map<java.lang.String,​java.lang.Object> oidcClaims)
        Derive the GrantedAuthoritys from the claims provided by the IDP.

        It seems there's no real standard claim for groups/roles. In Okta it seems to be named 'groups' in KeyCloak it can be configured and filled with Groups or Roles.

        Parameters:
        oidcClaims - a map with the claims (Values can be strings, integers, ..)
        Returns:
        the list with GrantedAuthoritys