How to override the user attributes mapping for identity broker (Facebook)


We encounter some problems during the Facebook login. Indeed, if the user doesn’t have any picture in its profile so the Facebook API provides a sample of picture with a big URL length. The consequence is Keycloak encounter a internal server error in this case because the mapping of the picture to an user attributes is broken. The reason is that an user attribute in the default DB schema is mapped with a VARCHAR(256).

So, I would like to prevent us of this error by creating an SPI which the role is to override the mapping mechanism of identity broker fields with the user attributes and avoid to store a bad (too long) property.

According to you, what is the best way to do that or do you have any entry point to use for the SPI ?


If this can help someone I successfully created a SPI which override the default behavior of mapper of Facebook (and others) user attribute mapper.

For that I extended my SPI provider with the class AbstractJsonUserAttributeMapper and implement it with IdentityProviderMapper. In the overrided method preprocessFederatedIdentity you can manage the custom field with own rules.