public class ProviderRoleMapping extends Object
| Constructor and Description |
|---|
ProviderRoleMapping() |
ProviderRoleMapping(boolean mapOauthScopes) |
ProviderRoleMapping(boolean mapOauthScopes,
Map<String,String> roleMappings) |
| Modifier and Type | Method and Description |
|---|---|
ProviderRoleMapping |
addRoleMapping(String oauthScope,
String roleName) |
Map<CoreSecurityRoles,String> |
convertGroupMappingKeysToCoreSecurityRoles() |
Map<CoreSecurityRoles,String> |
convertRoleMappingKeysToCoreSecurityRoles() |
String |
getGroupClaim() |
Map<String,String> |
getGroupMappings() |
String |
getOauthScopePrefix() |
String |
getPrincipalClaimName() |
Map<String,String> |
getRoleMappings()
When using OAuth2 with enabled
setMapOauthScopes(boolean), you can optionally specify a custom
mapping of OAuth scopes to role names as they exist in the Data Flow application. |
String |
getRolePrefix() |
boolean |
isMapGroupClaims() |
boolean |
isMapOauthScopes() |
boolean |
isParseOauthScopePathParts() |
void |
setGroupClaim(String groupClaim) |
void |
setGroupMappings(Map<String,String> groupMappings) |
void |
setMapGroupClaims(boolean mapGroupClaims) |
void |
setMapOauthScopes(boolean mapOauthScopes)
If set to true, Oauth scopes will be mapped to corresponding Data Flow roles.
|
void |
setOauthScopePrefix(String oauthScopePrefix) |
void |
setParseOauthScopePathParts(boolean parseOauthScopePathParts)
Sets whether or not to treat OAuth scopes as URIs during the role mapping.
|
void |
setPrincipalClaimName(String principalClaimName) |
void |
setRolePrefix(String rolePrefix)
Sets the prefix which should be added to the authority name (if it doesn't already
exist).
|
public ProviderRoleMapping()
public ProviderRoleMapping(boolean mapOauthScopes)
public boolean isParseOauthScopePathParts()
public void setParseOauthScopePathParts(boolean parseOauthScopePathParts)
true the OAuth scope will be treated as a URI and the leading part will be ignored (eg. 'api://dataflow-server/dataflow.create' will result in 'dataflow.create').
When set to false the OAuth scope will be used as-is. This is useful in cases where the scope is not a URI and contains '/' leading characters.parseOauthScopePathParts - whether or not to treat OAuth scopes as URIs during the role mappingpublic boolean isMapOauthScopes()
public void setMapOauthScopes(boolean mapOauthScopes)
mapOauthScopes - If not set defaults to falsepublic boolean isMapGroupClaims()
public void setMapGroupClaims(boolean mapGroupClaims)
public Map<String,String> getRoleMappings()
setMapOauthScopes(boolean), you can optionally specify a custom
mapping of OAuth scopes to role names as they exist in the Data Flow application. If not
set, then the OAuth scopes themselves must match the role names:
public ProviderRoleMapping addRoleMapping(String oauthScope, String roleName)
public String getGroupClaim()
public void setGroupClaim(String groupClaim)
public String getPrincipalClaimName()
public void setPrincipalClaimName(String principalClaimName)
public Map<CoreSecurityRoles,String> convertGroupMappingKeysToCoreSecurityRoles()
public Map<CoreSecurityRoles,String> convertRoleMappingKeysToCoreSecurityRoles()
CoreSecurityRoles as key and the associated role name (String) as value.public void setRolePrefix(String rolePrefix)
rolePrefix - Must not be nullpublic String getOauthScopePrefix()
public void setOauthScopePrefix(String oauthScopePrefix)
oauthScopePrefix - Must not be nullpublic String getRolePrefix()
Copyright © 2023 Pivotal Software, Inc.. All rights reserved.