Closed alexander-durovich-swi closed 3 months ago
Hello,
I have made some modifications in the release/4.0.5
branch to verify if the filter
parameter is filled in when the parameter is present.
Kind regards,
SID
Thank you very much!
Best Regards, Alex
Hello,
From the RFC https://www.rfc-editor.org/rfc/rfc7644#section-3.4.2.2 we see "The filter parameter MUST contain at least one valid expression (see Table 3)":
We understand this as if the filter query parameter is indicated but has empty value (/users?filter=), then we should return BadRequest status code.
At the moment, in such case the ScimRepresentationQueryRepository.FindSCIMRepresentations method is still called with parameter.Filter = null (we use v 4.0.0).
Are you agree that in such case the BadRequest response should be returned? If yes, is it possible to fix this inside SimpleIdserver before calling ScimRepresentationQueryRepository.FindSCIMRepresentations method?
Thank you in advance, Alex