Check for unique subject id

CHANGELOG.md

@@ -6,6 +6,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 It is based on Keycloak version 22.
 
+## [1.1.0] - 2024-10-23
+
+### Added
+- Check for unique subject id
+
 ## [1.0.0] - 2024-10-22
 
 ### Added

pom.xml

@@ -6,7 +6,7 @@
 
     <groupId>org.keycloak</groupId>
     <artifactId>keycloak-idp-subjectId-mapper</artifactId>
-    <version>1.0.0</version>
+    <version>1.1.0</version>
 
     <properties>
         <keycloak.version>22.0.5</keycloak.version>

src/main/java/org/keycloak/broker/provider/SubjectIdIdPMapper.java

@@ -29,6 +29,7 @@
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.List;
+import java.util.Map;
 import java.util.Set;
 
 
@@ -67,7 +68,7 @@ public class SubjectIdIdPMapper extends AbstractIdentityProviderMapper {
 
     }
 
-    public static final String PROVIDER_ID = "subject-id-idp-mapper";
+    public static final String PROVIDER_ID = "subject-id-attribute-mapper";
 
     @Override
     public boolean supportsSyncMode(IdentityProviderSyncMode syncMode) {
@@ -105,10 +106,14 @@ public void preprocessFederatedIdentity(KeycloakSession session, RealmModel real
 
         String scope = mapperModel.getConfig().getOrDefault(SCOPE, DEFAULT_SCOPE);
         String attribute = mapperModel.getConfig().getOrDefault(USER_ATTRIBUTE, USERNAME);
+        String value = KeycloakModelUtils.generateId() + "@" + scope;
+        while (session.users().searchForUserStream(realm, Map.of(attribute,value,UserModel.EXACT, "true")).count() >0) {
+            value = KeycloakModelUtils.generateId() + "@" + scope;
+        }
         if (USERNAME.equalsIgnoreCase(attribute)) {
-            context.setUsername(KeycloakModelUtils.generateId() + "@" + scope);
+            context.setUsername(value);
         } else {
-            context.setUserAttribute(attribute, KeycloakModelUtils.generateId() + "@" + scope);
+            context.setUserAttribute(attribute, value);
         }
     }