GithubHelp home page GithubHelp logo

Comments (7)

Captain-P-Goldfish avatar Captain-P-Goldfish commented on August 16, 2024

This is a bit difficult. The specification says that some providers MAY include the common attributes. I intentionally built it like this for 2 reasons:

  1. It is easier to keep full control on your schema so you do not need to define attributes like externalId if you do not need it.
  2. The schemas are only registered once in the SchemaFactory class. So if we create a simple new extension-schema for the user endpoint with new custom-attributes we probably do not want to have an id or externalId and also no a meta-Attribute definition on it.

If somehow possible I would ask the Azure support to support this case based on this snippet from the specification:

For backward compatibility, some existing schema definitions MAY list
   common attributes as part of the schema.  The attribute
   characteristics (see [Section 2.2](https://datatracker.ietf.org/doc/html/rfc7643#section-2.2)) listed here SHALL take precedence
   over older definitions that may be included in existing schemas.

RFC7643 section 3.1: https://datatracker.ietf.org/doc/html/rfc7643#section-3.1

Common Attributes

   Each SCIM resource (Users, Groups, etc.) includes the following
   common attributes.  With the exception of the "ServiceProviderConfig"
   and "ResourceType" server discovery endpoints and their associated
   resources, these attributes MUST be defined for all resources,
   including any extended resource types.  When accepted by a service
   provider (e.g., after a SCIM create), the attributes "id" and "meta"
   (and its associated sub-attributes) MUST be assigned values by the
   service provider.  Common attributes are considered to be part of
   every base resource schema and do not use their own "schemas" URI.

   For backward compatibility, some existing schema definitions MAY list
   common attributes as part of the schema.  The attribute
   characteristics (see [Section 2.2](https://datatracker.ietf.org/doc/html/rfc7643#section-2.2)) listed here SHALL take precedence
   over older definitions that may be included in existing schemas.

   id
      A unique identifier for a SCIM resource as defined by the service
      provider.  Each representation of the resource MUST include a
      non-empty "id" value.  This identifier MUST be unique across the
      SCIM service provider's entire set of resources.  It MUST be a
      stable, non-reassignable identifier that does not change when the
      same resource is returned in subsequent requests.  The value of
      the "id" attribute is always issued by the service provider and
      MUST NOT be specified by the client.  The string "bulkId" is a
      reserved keyword and MUST NOT be used within any unique identifier
      value.  The attribute characteristics are "caseExact" as "true", a
      mutability of "readOnly", and a "returned" characteristic of
      "always".  See [Section 9](https://datatracker.ietf.org/doc/html/rfc7643#section-9) for additional considerations regarding
      privacy.

If that is not possible some parts of the API need to be changed in order to get this to work.

from scim-sdk.

ekos2001 avatar ekos2001 commented on August 16, 2024

Unfortunatelly, I'm not working for Azure. I can try to send a request to their support team and ask, but I think it may take a while.
Could you recommend some kind of a workaround without changing of the API code?

from scim-sdk.

Captain-P-Goldfish avatar Captain-P-Goldfish commented on August 16, 2024

Is this happening when Azure is reading the /Schemas endpoint?
It is possible to override the endpoint if you register it with your own definition. In this case you could extend the original endpoint and manipulate the outgoing result.

from scim-sdk.

Captain-P-Goldfish avatar Captain-P-Goldfish commented on August 16, 2024

you could do it like this:

resourceEndpoint.registerEndpoint(new MyCustomSchemaEndpointDefinition(resourceEndpoint.getResourceTypeFactory()));

you can see the original code-part in ResourceEndpointHandler line 107

registerEndpoint(new SchemaEndpointDefinition(resourceTypeFactory));

from scim-sdk.

ekos2001 avatar ekos2001 commented on August 16, 2024

Is this happening when Azure is reading the /Schemas endpoint?

Yes

It is possible to override the endpoint if you register it with your own definition. In this case you could extend the original endpoint and manipulate the outgoing result.

Thank you, will try

from scim-sdk.

Captain-P-Goldfish avatar Captain-P-Goldfish commented on August 16, 2024

Here is a simple example how I would do it. It is important that the schema objects are getting copied!

public class CustomSchemasHandler extends SchemaHandler
{

  public CustomSchemasHandler(ResourceTypeFactory resourceTypeFactory)
  {
    super(resourceTypeFactory);
  }


  @Override
  public Schema getResource(String id,
                            List<SchemaAttribute> attributes,
                            List<SchemaAttribute> excludedAttributes,
                            Context context)
  {
    Schema registeredSchema = super.getResource(id, attributes, excludedAttributes, context);
    Schema copiedSchema = JsonHelper.copyResourceToObject(registeredSchema, Schema.class);
    return makeChangesToSchema(copiedSchema);
  }

  @Override
  public PartialListResponse<Schema> listResources(long startIndex,
                                                   int count,
                                                   FilterNode filter,
                                                   SchemaAttribute sortBy,
                                                   SortOrder sortOrder,
                                                   List<SchemaAttribute> attributes,
                                                   List<SchemaAttribute> excludedAttributes,
                                                   Context context)
  {
    PartialListResponse<Schema> originalListResponse = super.listResources(startIndex,
                                                                           count,
                                                                           filter,
                                                                           sortBy,
                                                                           sortOrder,
                                                                           attributes,
                                                                           excludedAttributes,
                                                                           context);
    List<Schema> copiedSchemas = originalListResponse.getResources()
                                                     .stream()
                                                     .map(schema -> JsonHelper.copyResourceToObject(schema,
                                                                                                    Schema.class))
                                                     .map(this::makeChangesToSchema)
                                                     .collect(Collectors.toList());

    PartialListResponse<Schema> copiedListResponse = PartialListResponse.<Schema> builder()
                                                                        .totalResults(originalListResponse.getTotalResults())
                                                                        .resources(copiedSchemas)
                                                                        .build();
    return copiedListResponse;
  }

  /**
   * TODO make adjustments to Schema
   */
  private Schema makeChangesToSchema(Schema schema)
  {
    // TODO make adjustments to Schema
    // ...
    return schema;
  }
}

from scim-sdk.

ekos2001 avatar ekos2001 commented on August 16, 2024

Thank you for your response

from scim-sdk.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.