SimpleIdServer [SCIM] PATCH `Add` operation on already exists resource

If an already exists member is re-added an 409 error response with duplicate reference error is returned. According to the Add Operation RFC:

Input example:

{
  schemas: ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
  Operations: [{
    op: "add",
    path:"members",
    value: [{
      value: ...,
      display: ...
    }]
  }]
}

Mar 24 '22 09:03 ZahiC

Hello,

Indeed there is an issue. We are working on it.

Kind Regards,

SimpleIdServer

Mar 24 '22 14:03 simpleidserver

The issue is fixed in the branch "release/2.0.6".

Mar 24 '22 16:03 simpleidserver

Hi, since All() returns true on empty enumerations, I suspect this line should check Any() first? return filteredChildren.Any() && ...

Mar 25 '22 13:03 JWMB

I've tested the 2.0.6 branch, and the added conditional above seemed to be needed - otherwise exceptions will be thrown even for the "duplicate" existence of e.g. the property "members".

Also the response code is still 409 instead of the spec's a success response SHOULD be returned. This thread suggests 204.

(As an asider, Azure ADs group provisioning flow seems strange at times; after adding users to groups successfully, it still retries the PATCH operations. Perhaps it expects a slightly different response to the GET Groups/Get [id] request, will look into it next week)

Mar 26 '22 08:03 JWMB

Hello,

First thank you for your feedback. Indeed, the condition must be updated otherwise unexpected conditions can occurred. We are going to update the branch "release/2.0.6" to fix this issue.

Kind Regards,

SimpleIdServer

Mar 26 '22 08:03 simpleidserver

Some changes have been made in the branch "release/2.0.6":

Returns "204" instead of 409
Add "Any" checks

Mar 28 '22 11:03 simpleidserver