This extension provides a custom mapper which overrides the default "scope" access token JWT claim.
The mapper takes the following "scope" value:
"scope": "foo bar"
And transforms it into Array type:
"scope": ["foo", "bar"]
If you have Docker daemon running on your machine, you can just run KeycloakDevRunner.
It will launch pre-configured Keycloak instance in a temporary Docker container with the following client credentials:
- Client ID: testclient
- Client Secret: testclient
You can use these credentials to authenticate using client credentials grant type and check scopes JWT claim to verify that the mapper is working as expected.
curl --request POST --data 'grant_type=client_credentials&client_id=testclient&client_secret=testclient' http://localhost:8180/realms/test/protocol/openid-connect/token
![Screenshot 2023-07-13 at 12 21 10](https://private-user-images.githubusercontent.com/1240012/253233226-0ecec47c-a7a3-4ea2-96fd-3728fc12788b.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAzNTg3OTksIm5iZiI6MTcyMDM1ODQ5OSwicGF0aCI6Ii8xMjQwMDEyLzI1MzIzMzIyNi0wZWNlYzQ3Yy1hN2EzLTRlYTItOTZmZC0zNzI4ZmMxMjc4OGIucG5nP1gtQW16LUFsZ29yaXRobT1BV1M0LUhNQUMtU0hBMjU2JlgtQW16LUNyZWRlbnRpYWw9QUtJQVZDT0RZTFNBNTNQUUs0WkElMkYyMDI0MDcwNyUyRnVzLWVhc3QtMSUyRnMzJTJGYXdzNF9yZXF1ZXN0JlgtQW16LURhdGU9MjAyNDA3MDdUMTMyMTM5WiZYLUFtei1FeHBpcmVzPTMwMCZYLUFtei1TaWduYXR1cmU9NjhiZjU5MGVkMjAzYTg5YTE0ZjI3NTA0NjI4ZWIyY2JhOTFiYmY1ZTg2YjBhN2IyZTU4ZjZkZGE1YmFmMDQyZSZYLUFtei1TaWduZWRIZWFkZXJzPWhvc3QmYWN0b3JfaWQ9MCZrZXlfaWQ9MCZyZXBvX2lkPTAifQ.O326pS-RgvbrOXwsQIpiy_jba2LFBS_wTo36pnLbVrU)
To build the extension, just run the following command:
./gradlew jar
Then copy resulting JAR file to your Keycloak's providers directory.
cp build/libs/keycloak-custom-scopes-extension-1.0.jar KEYCLOAK_ROOT/providers
Now you can run your Keycloak instance. The custom mapper should appear in available client mappers.
![Screenshot 2023-07-13 at 12 24 16](https://private-user-images.githubusercontent.com/1240012/253230970-917320ca-15b6-4360-9f7a-87536e185293.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAzNTg3OTksIm5iZiI6MTcyMDM1ODQ5OSwicGF0aCI6Ii8xMjQwMDEyLzI1MzIzMDk3MC05MTczMjBjYS0xNWI2LTQzNjAtOWY3YS04NzUzNmUxODUyOTMucG5nP1gtQW16LUFsZ29yaXRobT1BV1M0LUhNQUMtU0hBMjU2JlgtQW16LUNyZWRlbnRpYWw9QUtJQVZDT0RZTFNBNTNQUUs0WkElMkYyMDI0MDcwNyUyRnVzLWVhc3QtMSUyRnMzJTJGYXdzNF9yZXF1ZXN0JlgtQW16LURhdGU9MjAyNDA3MDdUMTMyMTM5WiZYLUFtei1FeHBpcmVzPTMwMCZYLUFtei1TaWduYXR1cmU9MTY5OTA2YzhjNTBjNDA5M2I0YTU0ZTUzOGU0MzQyNDdmMWUwMjA0ODhmY2Q0Yjc2ZDVjZDZmZDk5ZjE3ZTA4NyZYLUFtei1TaWduZWRIZWFkZXJzPWhvc3QmYWN0b3JfaWQ9MCZrZXlfaWQ9MCZyZXBvX2lkPTAifQ.W8itMj0iPUmSOqLxBYXRTKtsKHx-0HpfnVGW4b7PfM4)
![Screenshot 2023-07-13 at 12 24 56](https://private-user-images.githubusercontent.com/1240012/253231307-53a65f6a-1827-4592-97c2-28b0170951c2.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAzNTg3OTksIm5iZiI6MTcyMDM1ODQ5OSwicGF0aCI6Ii8xMjQwMDEyLzI1MzIzMTMwNy01M2E2NWY2YS0xODI3LTQ1OTItOTdjMi0yOGIwMTcwOTUxYzIucG5nP1gtQW16LUFsZ29yaXRobT1BV1M0LUhNQUMtU0hBMjU2JlgtQW16LUNyZWRlbnRpYWw9QUtJQVZDT0RZTFNBNTNQUUs0WkElMkYyMDI0MDcwNyUyRnVzLWVhc3QtMSUyRnMzJTJGYXdzNF9yZXF1ZXN0JlgtQW16LURhdGU9MjAyNDA3MDdUMTMyMTM5WiZYLUFtei1FeHBpcmVzPTMwMCZYLUFtei1TaWduYXR1cmU9NTU1NjJlMDVkYmE5MDIyMTFhNWYxNDAwMzAzZTlmYjJjYjg5MTRmYjdjMDQ4OTgyYjU2NzhiNDA5MThhZTRmMSZYLUFtei1TaWduZWRIZWFkZXJzPWhvc3QmYWN0b3JfaWQ9MCZrZXlfaWQ9MCZyZXBvX2lkPTAifQ.vanyyPbcSJbqL6s2FeuXvF4hPQ7aj0CWmQfCdtag4Z8)
![Screenshot 2023-07-13 at 12 25 08](https://private-user-images.githubusercontent.com/1240012/253231020-25d6829a-6678-4054-aac8-2ee95da5e1d5.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAzNTg3OTksIm5iZiI6MTcyMDM1ODQ5OSwicGF0aCI6Ii8xMjQwMDEyLzI1MzIzMTAyMC0yNWQ2ODI5YS02Njc4LTQwNTQtYWFjOC0yZWU5NWRhNWUxZDUucG5nP1gtQW16LUFsZ29yaXRobT1BV1M0LUhNQUMtU0hBMjU2JlgtQW16LUNyZWRlbnRpYWw9QUtJQVZDT0RZTFNBNTNQUUs0WkElMkYyMDI0MDcwNyUyRnVzLWVhc3QtMSUyRnMzJTJGYXdzNF9yZXF1ZXN0JlgtQW16LURhdGU9MjAyNDA3MDdUMTMyMTM5WiZYLUFtei1FeHBpcmVzPTMwMCZYLUFtei1TaWduYXR1cmU9YjA0ZDUzMjFmZjM0ZjNmNzU0MmQzMDJlYWVlMjJiYzE0ZmY3NzcyODU2MzllNjM1Njk1NTQ2ZjlkZGRkNzk4NSZYLUFtei1TaWduZWRIZWFkZXJzPWhvc3QmYWN0b3JfaWQ9MCZrZXlfaWQ9MCZyZXBvX2lkPTAifQ.QzcFQqMdp_YM7KOR5Kk6hgy7kk_adr05G-diAk0S0BM)