You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
/* * Copyright 2018 Red Hat, Inc. and/or its affiliates * and other contributors as indicated by the @author tags. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0
* * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */
package org.keycloak.social.discord;
import org.jboss.logging.Logger; import org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider; import org.keycloak.broker.oidc.OAuth2IdentityProviderConfig; import org.keycloak.broker.oidc.mappers.AbstractJsonUserAttributeMapper; import org.keycloak.broker.provider.BrokeredIdentityContext; import org.keycloak.broker.provider.IdentityBrokerException; import org.keycloak.broker.provider.util.SimpleHttp; import org.keycloak.broker.social.SocialIdentityProvider; import org.keycloak.events.EventBuilder; import org.keycloak.models.KeycloakSession; import org.keycloak.social.linkedin.LinkedInIdentityProvider;
import com.fasterxml.jackson.databind.JsonNode;
/** * @author <a href="mailto:wadahiro@gmail.com">Hiroyuki Wada</a> */ public class DiscordIdentityProvider extends AbstractOAuth2IdentityProvider<OAuth2IdentityProviderConfig> implements SocialIdentityProvider<OAuth2IdentityProviderConfig> {
private static final Logger log = Logger.getLogger(LinkedInIdentityProvider.class);
public static final String AUTH_URL = "https://discordapp.com/api/oauth2/authorize"; public static final String TOKEN_URL = "https://discordapp.com/api/oauth2/token"; public static final String PROFILE_URL = "https://discordapp.com/api/users/@me"; public static final String DEFAULT_SCOPE = "identify email";
public DiscordIdentityProvider(KeycloakSession session, OAuth2IdentityProviderConfig config) { super(session, config); config.setAuthorizationUrl(AUTH_URL); config.setTokenUrl(TOKEN_URL); config.setUserInfoUrl(PROFILE_URL); }
@Override protected boolean supportsExternalExchange() { return true; }
@Override protected String getProfileEndpointForValidation(EventBuilder event) { return PROFILE_URL; }
@Override protected BrokeredIdentityContext extractIdentityFromProfile(EventBuilder event, JsonNode profile) { BrokeredIdentityContext user = new BrokeredIdentityContext(getJsonProperty(profile, "id"));
user.setUsername(getJsonProperty(profile, "username")); // user.setName(getJsonProperty(profile, "username"));
user.setEmail(getJsonProperty(profile, "email")); user.setIdpConfig(getConfig()); user.setIdp(this);
AbstractJsonUserAttributeMapper.storeUserProfileForMapper(user, profile, getConfig().getAlias());
return user; }
@Override protected BrokeredIdentityContext doGetFederatedIdentity(String accessToken) { log.debug("doGetFederatedIdentity()"); try { JsonNode profile = SimpleHttp.doGet(PROFILE_URL, session).header("Authorization", "Bearer " + accessToken).asJson(); // System.out.println(profile.toString());
return extractIdentityFromProfile(null, profile); } catch (Exception e) { throw new IdentityBrokerException("Could not obtain user profile from discord.", e); } }
@Override protected String getDefaultScopes() { return DEFAULT_SCOPE; } }
|