Is it possible to set 401 or 403 status

[christinedraper]

I'm using the auth.passThrough option, so I need to be able to handle returning 401 or 403 but I'm not sure how to do this - could you give me a pointer?

I've figured out that throwing an error with a name field ends up as a 400 with the scimType set to the name, except for uniqueness which returns 409. An error without a name is a 500. But I couldn't find an option to override the status.

[jelhub]

Plugin return error as exceptions that will be included in the SCIM error message. There is currently no good way to let scimgateway return plugin status code. As you mentioned, plugin can set err.name="uniqueness" that will result in status code 409 DuplicateKey

For auth.passThrough, status code 401 will be returned by scimgateway and prevent revealing SCIM error message if exception message returned by plugin contains: "statusCode":401

If you are using REST this will be out-of-the box. Using other protocol, you may as a workaround include text "statusCode":401 in the exception message.

Ref: https://github.com/jelhub/scimgateway/blob/master/lib/scimgateway.js#L322-L336

[christinedraper]

Thanks for the quick reply. It would be great to be able to return a 403, too.

[jelhub]

Now fixed in v4.2.11 Error message from plugin that contains string "statusCode":XXX will return HTTP status code XXX

[christinedraper]

Brilliant! I'll give it a go later this week.

[jelhub]

Please note:

v4.2.15

[Added]

• Plugin can set error statusCode returned by scimgateway through error object key err.name. This can be done by adding suffix #code to err.name where code is HTTP status code e.g., err.name += '#401'. This can be useful for auth.PassThrough and other scenarios like createUser where user already exist (409) and modifyUser where user does not exist (404)

  This change replace statusCode logic introduced in v4.2.11