From 483fa377e9594a58b5918f3f90a15d7b42c4d1ae Mon Sep 17 00:00:00 2001
From: Swen Kooij <swenkooij@gmail.com>
Date: Fri, 9 Apr 2021 23:02:34 +0300
Subject: [PATCH] fix attribute importer and user template mapper for
 Facebook/Google (#482)

---
 keycloak/identity_provider_mapper.go                |  2 ++
 ...k_attribute_importer_identity_provider_mapper.go | 13 ++++++++++++-
 ...er_template_importer_identity_provider_mapper.go |  8 +++++++-
 3 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/keycloak/identity_provider_mapper.go b/keycloak/identity_provider_mapper.go
index eb986958a..37e40205e 100644
--- a/keycloak/identity_provider_mapper.go
+++ b/keycloak/identity_provider_mapper.go
@@ -11,6 +11,7 @@ import (
 
 type IdentityProviderMapperConfig struct {
 	UserAttribute         string                 `json:"user.attribute,omitempty"`
+	UserAttributeName     string                 `json:"userAttribute,omitempty"`
 	Claim                 string                 `json:"claim,omitempty"`
 	ClaimValue            string                 `json:"claim.value,omitempty"`
 	HardcodedAttribute    string                 `json:"attribute,omitempty"`
@@ -19,6 +20,7 @@ type IdentityProviderMapperConfig struct {
 	AttributeFriendlyName string                 `json:"attribute.friendly.name,omitempty"`
 	Template              string                 `json:"template,omitempty"`
 	Role                  string                 `json:"role,omitempty"`
+	JsonField             string                 `json:"jsonField,omitEmpty"`
 	ExtraConfig           map[string]interface{} `json:"-"`
 }
 
diff --git a/provider/resource_keycloak_attribute_importer_identity_provider_mapper.go b/provider/resource_keycloak_attribute_importer_identity_provider_mapper.go
index f53464e03..4633fb622 100644
--- a/provider/resource_keycloak_attribute_importer_identity_provider_mapper.go
+++ b/provider/resource_keycloak_attribute_importer_identity_provider_mapper.go
@@ -70,7 +70,12 @@ func getAttributeImporterIdentityProviderMapperFromData(data *schema.ResourceDat
 		if _, ok := data.GetOk("claim_name"); !ok {
 			return nil, fmt.Errorf(`provider.keycloak: keycloak_attribute_importer_identity_provider_mapper: %s: "claim_name": should be set for %s identity provider`, data.Get("name").(string), identityProvider.ProviderId)
 		}
+
 		rec.Config.Claim = data.Get("claim_name").(string)
+	} else if identityProvider.ProviderId == "facebook" || identityProvider.ProviderId == "google" {
+		rec.IdentityProviderMapper = fmt.Sprintf("%s-user-attribute-mapper", identityProvider.ProviderId)
+		rec.Config.JsonField = data.Get("claim_name").(string)
+		rec.Config.UserAttributeName = data.Get("user_attribute").(string)
 	} else {
 		return nil, fmt.Errorf(`provider.keycloak: keycloak_attribute_importer_identity_provider_mapper: %s: "%s" identity provider is not supported yet`, data.Get("name").(string), identityProvider.ProviderId)
 	}
@@ -79,10 +84,16 @@ func getAttributeImporterIdentityProviderMapperFromData(data *schema.ResourceDat
 
 func setAttributeImporterIdentityProviderMapperData(data *schema.ResourceData, identityProviderMapper *keycloak.IdentityProviderMapper) error {
 	setIdentityProviderMapperData(data, identityProviderMapper)
+
+	claimName := identityProviderMapper.Config.Claim
+	if claimName == "" {
+		claimName = identityProviderMapper.Config.JsonField
+	}
+
 	data.Set("attribute_name", identityProviderMapper.Config.Attribute)
 	data.Set("user_attribute", identityProviderMapper.Config.UserAttribute)
 	data.Set("attribute_friendly_name", identityProviderMapper.Config.AttributeFriendlyName)
-	data.Set("claim_name", identityProviderMapper.Config.Claim)
+	data.Set("claim_name", claimName)
 	data.Set("extra_config", identityProviderMapper.Config.ExtraConfig)
 	return nil
 }
diff --git a/provider/resource_keycloak_user_template_importer_identity_provider_mapper.go b/provider/resource_keycloak_user_template_importer_identity_provider_mapper.go
index a4fff4820..455933358 100644
--- a/provider/resource_keycloak_user_template_importer_identity_provider_mapper.go
+++ b/provider/resource_keycloak_user_template_importer_identity_provider_mapper.go
@@ -36,7 +36,13 @@ func getUserTemplateImporterIdentityProviderMapperFromData(data *schema.Resource
 	if err != nil {
 		return nil, handleNotFoundError(err, data)
 	}
-	rec.IdentityProviderMapper = fmt.Sprintf("%s-username-idp-mapper", identityProvider.ProviderId)
+
+	if identityProvider.ProviderId == "facebook" || identityProvider.ProviderId == "google" {
+		rec.IdentityProviderMapper = "oidc-username-idp-mapper"
+	} else {
+		rec.IdentityProviderMapper = fmt.Sprintf("%s-username-idp-mapper", identityProvider.ProviderId)
+	}
+
 	rec.Config = &keycloak.IdentityProviderMapperConfig{
 		Template:    data.Get("template").(string),
 		ExtraConfig: extraConfig,