6.4.2. Create a JAR with the scripts to deploy
JAR files are regular ZIP files with a .jar extension.
In order to make your scripts available to Red Hat Single Sign-On you need to deploy them to the server. For that, you should create a JAR file with the following structure:
META-INF/keycloak-scripts.json my-script-authenticator.js my-script-policy.js my-script-mapper.js
The META-INF/keycloak-scripts.json is a file descriptor that provides metadata information about the scripts you want to deploy. It is a JSON file with the following structure:
{
"authenticators": [
{
"name": "My Authenticator",
"fileName": "my-script-authenticator.js",
"description": "My Authenticator from a JS file"
}
],
"policies": [
{
"name": "My Policy",
"fileName": "my-script-policy.js",
"description": "My Policy from a JS file"
}
],
"mappers": [
{
"name": "My Mapper",
"fileName": "my-script-mapper.js",
"description": "My Mapper from a JS file"
}
]
}This file should reference the different types of script providers that you want to deploy:
authenticatorsFor OpenID Connect Script Authenticators. You can have one or multiple authenticators in the same JAR file
policiesFor JavaScript Policies when using Red Hat Single Sign-On Authorization Services. You can have one or multiple policies in the same JAR file
mappersFor OpenID Connect Script Protocol Mappers. You can have one or multiple mappers in the same JAR file
For each script file in your JAR file you must have a corresponding entry in META-INF/keycloak-scripts.json that maps your scripts files to a specific provider type. For that you should provide the following properties for each entry:
nameA friendly name that will be used to show the scripts through the Red Hat Single Sign-On Administration Console. If not provided, the name of the script file will be used instead
descriptionAn optional text that better describes the intend of the script file
fileNameThe name of the script file. This property is mandatory and should map to a file within the JAR.
