search

simpleidserver / SimpleIdServer

OpenID, OAuth 2.0, SCIM2.0, UMA2.0, FAPI, CIBA & OPENBANKING Framework for ASP.NET Core
https://simpleidserver.com/
Apache License 2.0
708 stars 92 forks source link

[SCIM] member is showing the userName and not displayName #544

Closed danflomin closed 1 year ago

danflomin commented 1 year ago

Hello, how are you?

I found a regression in the following flow (while working with master branch).

  1. POST user
  2. POST group with user in it
  3. PATCH group to add existing member into it

Then the user's display name, and the group's member display name (which is the same user) have different display names. The member display name shows the userName instead.

I'll appreciate your help with it.

Kind regards Dan

simpleidserver commented 1 year ago

Hello !

Unfortunately , I cannot reproduce this issue on the master branch, the group doesn't contain the property members.display.

First request - Add a user :

HTTP POST : https://localhost:5003/Users

{
    "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
    "externalId": "external",
    "userName": "{{$guid}}",
    "displayName":"coucou",
    "name": {
        "formatted": "formatted",
        "givenName": "givenName",
        "middleName": "middleName",
        "familyName": "familyName"
    }
}

Second request - Add a group :

HTTP POST : https://localhost:5003/Groups
{
    "schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
    "displayName": "{{$guid}}",
    "members": [
        { "value": "{{userId}}"  }
    ]
}

Third request - Assign a user to the group :

HTTP PATCH : https://localhost:5003/Groups/{{groupId}}
{   
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:PatchOp"
    ],
    "Operations": [
        {
            "op": "add",
            "path": "members",
            "value": {
                "value": "{{userId}}"
            }
        }
    ]
}

Result :

{
    "id": "e29080a3-ff29-4db3-90e2-11ddb7019495",
    "members": [
        {
            "type": "User",
            "value": "56354f8b-9750-4353-9a74-9e8a09dfa04d",
            "$ref": "https://localhost:5003/Users/56354f8b-9750-4353-9a74-9e8a09dfa04d"
        },
        {
            "value": "6a215b55-d1a2-4594-a410-2dfba98ad49e",
            "type": "User",
            "$ref": "https://localhost:5003/Users/6a215b55-d1a2-4594-a410-2dfba98ad49e"
        }
    ],
    "displayName": "3d5ade3e-159c-4c11-8a2a-f83411dc2bf2",
    "meta": {
        "resourceType": "Group",
        "created": "2023-07-06T18:58:01.5656923",
        "lastModified": "2023-07-06T18:58:11.3964934",
        "version": 1,
        "location": "https://localhost:5003/Groups/e29080a3-ff29-4db3-90e2-11ddb7019495"
    },
    "schemas": [
        "urn:ietf:params:scim:schemas:core:2.0:Group"
    ]
}

According to the RFC7643 https://www.rfc-editor.org/rfc/rfc7643.html, there is no property named members.display in the Group schema, therefore the members property should not contain display. Did-you override the schema ? If it is the case, can-you please explain your changes ?

Kind regards,

SID

danflomin commented 1 year ago

Hello,

I have this attribute for a member in a group.

{
          "name": "display",
          "type": "string",
          "multiValued": false,
          "required": false,
          "caseExact": false,
          "mutability": "immutable",
          "returned": "default",
          "uniqueness": "none",
          "description": "Member display name."
        }

I see it is not reproducing consistently.

Can you think of something that can cause this behavior?

Kind regards Dan

danflomin commented 1 year ago

Looks like it was an issue on my end :(

Sorry 🙏