SimpleIdServer icon indicating copy to clipboard operation
SimpleIdServer copied to clipboard
verified publisher icon simpleidserver

SCIM swagger documentation empty and wrong response http codes

Open LazaroOnline opened this issue 3 years ago • 3 comments

The swagger documentation for SCIM appears empty without any method description and the response http codes listed are the generic values that aren't correct: 200 Success 401 Unauthorized 403 Forbidden

The 200 Success is only the case for a few methods, but others like /Users/{id} DELETE doesn't return 200, but 204 NoContent instead, as well as 404 NotFound which is not listed in the swagger docs. Many methods (like GET /Users) may return 400 BadResponse and that is also not listed in swagger. POST /Users may return 409 Conflict if the userName already exist, but that is not documented in swagger as a response nor in the method description.

See the current swagger docs at the moment: image

For some methods like GET /Users, the "filter" attribute would be good if it had a description like:

Filter expression from the SCIM 2.0 specification (RFC 7644) (case in-sensitive) https://www.rfc-editor.org/rfc/rfc7644#section-3.4.2.2

and some example values like: userName Eq "peter" userName sw "pe" and groups pr

You can see other project's SCIM API documentation have a nice description with valid examples, but beware that http responses are different in different implementations.

I find specially useful to have a working example of the request body when there is a schema required like: "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"]

LazaroOnline avatar Aug 19 '22 10:08 LazaroOnline

Hello,

Following changes have been made in the branch "master" and "release/v2.0.16" :

  • Add documentation to every operations.
  • Display enumeration values : descending & ascending.
  • Add example to filter parameter.
  • Display only required attributes in the sample JSON.
  • Set schema to urn:ietf:params:scim:schemas:core:2.0:User in the JSON example.
  • Update all the HTTP status.

KR,

Sid

simpleidserver avatar Aug 22 '22 14:08 simpleidserver

Using SimpleIdServer v2.0.17, the response code now comes in the swagger documentation, however there are a couple of endpoints that are missing the response "400 BadRequest" in the swagger doc, like these ones:

  • POST /Users
  • POST /Users/.search

LazaroOnline avatar Sep 20 '22 02:09 LazaroOnline

I checked the version v2.0.17 and "400 BadRequest" is returned by "POST /Users" but not by "POST /Users/.search". Some changes have been made in the master branch to fix this issue.

image

simpleidserver avatar Sep 20 '22 11:09 simpleidserver