search

wso2 / product-is

Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
748 stars 729 forks source link

SCIM2 Me user provisioning with invalid email address should not provision the user #6293

Closed ShanikaWickramasinghe closed 2 weeks ago

ShanikaWickramasinghe commented 5 years ago

Suggested Labels Affected/wso2is5.9.0alpha US-JDBC DB-MSSQL Priority/Normal Severity/Major

Steps to Reproduce Provision a user with invalid email address using SCIM2 ME endpoint url -v -k --data '{"schemas":[],"name":{"familyName":"Johnson","givenName":"Alex"},"userName":"abcde","password":"123456","emails":[{"primary":true,"value":"alex.j","type":"home"},{"value":"alex_j@wso2.com","type":"work"}],"EnterpriseUser":{"employeeNumber":"123A","manager":{"value":"Taylor"}}}' --header "Content-Type:application/json" https://192.168.108.66:9443/t/wso2.com/scim2/Me Response {"emails":[{"type":"work","value":"alex_j@wso2.com"},{"type":"home","value":"alex.j"}],"meta":{"created":"2019-08-31T11:31:42.358Z","location":"https://192.168.108.66:9443/t/wso2.com/scim2/Users/e683f44f-401b-4e96-bc46-15b630f9dce2","lastModified":"2019-08-31T11:31:42.358Z","resourceType":"User"},"schemas":["urn:ietf:params:scim:schemas:core:2.0:User","urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"],"roles":[{"type":"default","value":"Internal/everyone"}],"name":{"givenName":"Alex","familyName":"Johnson"},"id":"e683f44f-401b-4e96-bc46-15b630f9dce2","userName":"abcde"} Observation User should not be provisioned if the email is invalid. But user will be succesfully provisioned with invalid email showing 200 ok .

isharak commented 2 weeks ago

This issue is being closed due to extended inactivity. Please feel free to reopen it if further attention is needed. Thank you for helping us keep the issue list relevant and focused!