Closed xgp closed 1 year ago
Also, another, for a user PATCH:
Request:
{
"Operations": [
{
"op": "replace",
"path": "emails[type eq \"untyped\"].value",
"value": "marguerite_lubowitz@mante.ca"
},
{
"op": "replace",
"path": "emails[type eq \"untyped\"].display",
"value": "I27XLHK4TLTG"
},
{
"op": "replace",
"path": "emails[type eq \"untyped\"].primary",
"value": true
},
{
"op": "replace",
"path": "phoneNumbers[type eq \"untyped\"].value",
"value": "1-991-663-8763"
},
{
"op": "replace",
"path": "phoneNumbers[type eq \"untyped\"].display",
"value": "(233)436-8890 x43220"
},
{
"op": "replace",
"path": "phoneNumbers[type eq \"untyped\"].primary",
"value": "1-648-081-5815 x2534"
},
{
"op": "replace",
"path": "ims[type eq \"untyped\"].value",
"value": "ALJ7NB0U3625"
},
{
"op": "replace",
"path": "ims[type eq \"untyped\"].display",
"value": "VAE88FFVH24Z"
},
{
"op": "replace",
"path": "ims[type eq \"untyped\"].primary",
"value": true
},
{
"op": "replace",
"path": "photos[type eq \"untyped\"].display",
"value": "HK8T4HCWBHSN"
},
{
"op": "replace",
"path": "photos[type eq \"untyped\"].primary",
"value": true
},
{
"op": "replace",
"path": "addresses[type eq \"untyped\"].formatted",
"value": "RJZL3DFWSX3M"
},
{
"op": "replace",
"path": "addresses[type eq \"untyped\"].streetAddress",
"value": "203 William Spring"
},
{
"op": "replace",
"path": "addresses[type eq \"untyped\"].locality",
"value": "YPG6U4Y62YBL"
},
{
"op": "replace",
"path": "addresses[type eq \"untyped\"].region",
"value": "KBH01PEGFB4O"
},
{
"op": "replace",
"path": "addresses[type eq \"untyped\"].postalCode",
"value": "rz5 9oz"
},
{
"op": "replace",
"path": "addresses[type eq \"untyped\"].country",
"value": "San Marino"
},
{
"op": "replace",
"path": "addresses[type eq \"untyped\"].primary",
"value": true
},
{
"op": "replace",
"path": "groups[type eq \"untyped\"].value",
"value": "LVY2CRZVPQ1C"
},
{
"op": "replace",
"path": "groups[type eq \"untyped\"].display",
"value": "S1902RI36DWM"
},
{
"op": "replace",
"path": "entitlements[type eq \"untyped\"].value",
"value": "MH2F7VCC2E5C"
},
{
"op": "replace",
"path": "entitlements[type eq \"untyped\"].primary",
"value": true
},
{
"op": "replace",
"path": "roles[type eq \"untyped\"].value",
"value": "J5J65R9GFGRU"
},
{
"op": "replace",
"path": "roles[type eq \"untyped\"].primary",
"value": true
},
{
"op": "replace",
"path": "x509Certificates[type eq \"untyped\"].value",
"value": "D0EINU3RIKLP"
},
{
"op": "replace",
"path": "x509Certificates[type eq \"untyped\"].primary",
"value": false
},
{
"op": "replace",
"value": {
"externalId": "b4027c7f-3364-40e2-8721-417cf8a1d563",
"userName": "elza.cruickshank@dach.name",
"name.formatted": "Gregoria",
"name.familyName": "Kyleigh",
"name.givenName": "Stanford",
"name.middleName": "Norval",
"name.honorificPrefix": "John",
"name.honorificSuffix": "Walter",
"displayName": "EJ32J8CFWNKC",
"nickName": "ZRMV4MF1KZJW",
"title": "QZTG6EQDRQPL",
"userType": "PLZCH50V7U6Q",
"preferredLanguage": "RIELRC95A12F",
"locale": "5GY8Y9XNXTFT",
"timezone": "IW7ZVVHJNLR3",
"active": true,
"password": "NB8VAD5IGUV3",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:employeeNumber": "0CNCYZKJIAW3",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:costCenter": "GUK6L75W3QY7",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:organization": "AA7UW5OE03YT",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:division": "C6ANAVFC53ZK",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department": "JZ6XPUFR8V5N",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager.displayName": "VYFA294OD19D"
}
}
],
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
]
}
Response:
{
"detail": "No target found for path-filter 'emails[type eq \"untyped\"].value'",
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:Error"
],
"scimType": "noTarget",
"status": 400
}
it should be possible to fix this problem by changing the users-schema. In my opinion the behaviour is wrong though. A boolean node should not be handled like a string. But it should be possible to work around this by changing the roles.primary attribute to type string.
What are you expecting on the replace operation? The RFC clearly states how the replace action should be handled:
RFC7644 chapter 3.5.2.3
If the target location is a multi-valued attribute for which a
value selection filter ("valuePath") has been supplied and no
record match was made, the service provider SHALL indicate failure
by returning HTTP status code 400 and a "scimType" error code of
"noTarget".
from the look ms-azure is expecting another behaviour. This would require an explicit work around within the SCIM-SDK
@Captain-P-Goldfish Thanks for the pointer to the replace operation in the RFC. I couldn't find that, and I was going to send a report/bug to Azure.
When using the MS SCIM validator here https://scimvalidator.microsoft.com/ I get a problem with adding a user that's related to a boolean being in string form.
Is there a way to work around this in code or configuration?
Here's the error:
Here's the request: