simpleidserver
commented
8 months ago Hello,
I have made some modifications in the release/4.0.5 branch to verify if the filter parameter is filled in when the parameter is present.
Kind regards,
SID
Closed alexander-durovich-swi closed 3 months ago
simpleidserver
commented
8 months ago Hello,
I have made some modifications in the release/4.0.5 branch to verify if the filter parameter is filled in when the parameter is present.
Kind regards,
SID
alexander-durovich-swi
commented
8 months ago Thank you very much!
Best Regards, Alex
Hello,
From the RFC https://www.rfc-editor.org/rfc/rfc7644#section-3.4.2.2 we see "The filter parameter MUST contain at least one valid expression (see Table 3)":
We understand this as if the filter query parameter is indicated but has empty value (/users?filter=), then we should return BadRequest status code.
At the moment, in such case the ScimRepresentationQueryRepository.FindSCIMRepresentations method is still called with parameter.Filter = null (we use v 4.0.0).
Are you agree that in such case the BadRequest response should be returned? If yes, is it possible to fix this inside SimpleIdserver before calling ScimRepresentationQueryRepository.FindSCIMRepresentations method?
Thank you in advance, Alex