[英]Keycloak: get identity provider info
I have spring boot app and I use keycloak as auth.我有 Spring Boot 应用程序,我使用keycloak作为身份验证。 provider.
提供者。
For my realm I have set FACEBOOK or GOOGLE as identity providers .对于我的领域,我已将FACEBOOK 或 GOOGLE设置为身份提供者。
I wonder how can I find out what identity provider user used - NOT via keycloak admin console, BUT in runtime.我想知道如何找出用户使用的身份提供者 - 不是通过 keycloak 管理控制台,而是在运行时。
eg.:例如:
user A - FACEBOOK用户 A - 脸书
user B - FACEBOOK用户 B - 脸书
user C - GOOGLE用户 C - 谷歌
You can set a "User Session Note" mapper to your client's mappers.您可以为客户端的映射器设置“用户会话注释”映射器。 Set the User Session Note field to: identity_provider
将用户会话注释字段设置为:identity_provider
Note: you can use identity_provider_identity in User Session Note field to get its username from to identity provider https://www.keycloak.org/docs/latest/server_admin/index.html#available-user-session-data注意:您可以在 User Session Note 字段中使用 identity_provider_identity 从身份提供者获取其用户名https://www.keycloak.org/docs/latest/server_admin/index.html#available-user-session-data
Map metadata given in the access token, such as facebook/google user id, and import these to the keycloak user.映射访问令牌中给出的元数据,例如 facebook/google 用户 ID,并将这些元数据导入 keycloak 用户。 If you then provide this metadata to the clients, they can see which identity broker that was used.
如果您随后将此元数据提供给客户端,他们可以查看使用了哪个身份代理。
https://keycloak.gitbooks.io/server-adminstration-guide/content/topics/identity-broker/mappers.html https://keycloak.gitbooks.io/server-adminstration-guide/content/topics/identity-broker/mappers.html
I know this question is old, but I found an alternative solution to your problem (given that you attempt to reach the information via Java / Spring).我知道这个问题很旧,但我找到了解决您问题的替代方法(假设您尝试通过 Java/Spring 获取信息)。 Say that that you have concrete variables
user
, realm
and session
of type UserModel
, RealmModel
and KeyCloakSession
, respectively.假设您有分别为
UserModel
、 RealmModel
和KeyCloakSession
类型的具体变量user
、 realm
和session
。 Then you can obtain the set of all federated identities associated to your user:然后您可以获得与您的用户关联的所有联合身份的集合:
Set<FederatedIdentityModel> identitySet = session.users().getFederatedIdentities(user, realm);
Each instance of FederatedIdentityModel
has a #getIdentityProvider
method allowing you to obtain the name of your IdP in question. FederatedIdentityModel
每个实例都有一个#getIdentityProvider
方法,允许您获取相关 IdP 的名称。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.