Package io.jmix.oidc.claimsmapper

Class DefaultClaimsRolesMapper

java.lang.Object
io.jmix.oidc.claimsmapper.BaseClaimsRolesMapper
io.jmix.oidc.claimsmapper.DefaultClaimsRolesMapper
All Implemented Interfaces:
ClaimsRolesMapper
public class DefaultClaimsRolesMapper extends BaseClaimsRolesMapper
Default ClaimsRolesMapper implementation that takes OidcUser role names and transforms roles names to resource and row-level roles using role name prefixes.

Roles names are taken from a special claim. Claim name is taken from the rolesClaimName property. The default value is taken from the OidcProperties.DefaultClaimsRolesMapperConfig.getRolesClaimName() and may be changed using the corresponding application property.

Role names from the user attribute are mapped to the resource and row-level roles using resourceRolePrefix and rowLevelRolePrefix prefixes, e.g. if the resourceRolePrefix is "resource$" then OIDC role with the name "resource$system-full-access" will be mapped to Jmix role with the "system-full-access" code.