simpleidserver
[SCIM] add names with PATCH has wrong hierarchy
Hello, how are you?
Steps to reproduce:
- POST a user with no
name.*attributes. - PATCH the user with the following body
{
"Operations": [
{
"op": "add",
"value": {
"name.givenName": "Sabina",
"name.familyName": "Priscilla",
"name.formatted": "Cristopher",
"name.middleName": "Fannie",
"name.honorificPrefix": "Wilbert",
"name.honorificSuffix": "Wilber"
}
}
],
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
]
}
Now, when you GET the user, you don't get a hierarchy of name, you just get the flattened attributes like this:
{
"id": "afcb616a-42ac-4d8f-a1cd-74e5eff6e62e",
"userName": "dschrute222",
"honorificSuffix": "Wilber",
"honorificPrefix": "Wilbert",
"middleName": "Fannie",
"givenName": "Sabina",
"familyName": "Priscilla",
"formatted": "Cristopher",
"emails": [
{
"value": "[email protected]",
"primary": true,
"type": "work"
}
],
"groups": [],
"externalId": "dschrute",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
]
}
I think this is an issue, right?
Kind regards Dan
Hello,
Indeed there is an issue.
The HTTP PATCH request shouldn't be processed by the SCIM endpoint, because the value property contains a list of path for example : 'name.givenName'.
In fact, According to the RFC https://www.rfc-editor.org/rfc/rfc7644#section-3.5.2.1, the value MAY be a quoted value, or it may be a JSON object containing the sub-attributes of the complex attribute.
I'm going to fix this issue and ignore the path properties.
The issue is fixed in the branch release/v3.0.4.
Finally, It will be possible to pass path into the value property.
Request like this will be supported:
{
"Operations": [
{
"op": "add",
"value": {
"name.givenName": "Sabina",
"name.familyName": "Priscilla",
"name.formatted": "Cristopher",
"name.middleName": "Fannie",
"name.honorificPrefix": "Wilbert",
"name.honorificSuffix": "Wilber"
}
}
],
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
]
}