search

mitodl / keycloak-scim

SCIM client plugin for Keycloak
Apache License 2.0
25 stars 2 forks source link

Populates first and late name, user created after email verification #40

Closed collinpreston closed 3 months ago

collinpreston commented 4 months ago

What are the relevant tickets?

https://github.com/mitodl/keycloak-scim/issues/39

Description (What does it do?)

  1. Maps Keycloak user's first and last name to the correct attributes in the SCIM extension. This ensures that all SCIM requests for creating users will include the first and last name.
  2. Users are only provisioned via SCIM when they have verified their email address.

How can this be tested?

Setup

  1. Keycloak running locally.
  2. This branch is built and the resulting jar file is placed within the "providers" folder in your keycloak instance. (instructions: https://docs.google.com/document/d/17tJ-C2EwWoSpJWZKjuhMVgsqGtyPH0IN9KakXvSKU0M/edit?pli=1#heading=h.k62uq36ldhsa)
  3. MIT Open is running locally. An admin user is created and an access token, like the one shown below, is created. Screenshot 2024-03-08 at 10 10 15 AM
  4. Your local instance of Keycloak is configured with the ol login theme, browser flow matching what is in QA as of this PRs creation date, SMTP email provider configured, and SCIM federation is configured to work with your local MIT Open instance, shown below. Screenshot 2024-03-08 at 10 12 07 AM

Test

  1. Follow the registration flow in Keycloak.
  2. Before completing the email verification step, verify that no user has been provisioned in MIT Open via SCIM.
  3. After completing the email verification step, verify that a user has been provisioned in MIT Open via SCIM. Verify that the user has their first and last name populated.