Adding a fallback when the type is not provided by the IDP (like AAD)

Captain-P-Goldfish / scim-for-keycloak

a third party module that extends keycloak by SCIM functionality

BSD 3-Clause "New" or "Revised" License

182 stars 46 forks source link

Adding a fallback when the type is not provided by the IDP (like AAD) #74

Open arheom opened 1 year ago

arheom commented 1 year ago

Adding a fallback when the type is not provided by the IDP (like AAD) by checking the existing records, as first the users and groups are added and then the group associations.

Captain-P-Goldfish commented 1 year ago

sorry for the very late reply. I do not think that this solution will work smoothly. There might be some environments with a large amount of groups. So if this is really necessary for some providers I would prefer a way like this one:

EntityManager entityManager = getEntityManager(keycloakSession);
Query query = entityManager.createQuery("select g from GroupEntity g where g.id in :groupIds").setParameter("groupIds", memberIds)...;

This one would be much preferable.

arheom commented 1 year ago

Looks good! I can make the change and test on our environments to make sure all work well.