de.captaingoldfish.scim.sdk.server.endpoints

Class ResourceEndpoint

java.lang.Object

de.captaingoldfish.scim.sdk.server.endpoints.ResourceEndpoint

public final class ResourceEndpoint
extends Object

author Pascal Knueppel
created at: 26.10.2019 - 00:05

This class will receive any request and will then delegate the request to the correct endpoint and resource type

Constructor Summary

Constructors

Constructor and Description
ResourceEndpoint(ServiceProvider serviceProvider, EndpointDefinition... endpointDefinitions) this constructor was introduced for unit tests to add a specific resourceTypeFactory instance which will prevent application context pollution within unit tests

Method Summary

Modifier and Type	Method and Description
protected ScimResponse	createResource(String endpoint, String resourceDocument, Supplier<String> baseUrlSupplier, Authorization authorization) checks if a resource type exists under the given endpoint and validates the request if it does by the corresponding meta schema.
protected ScimResponse	deleteResource(String endpoint, String id, Map<String,String> httpHeaders, Authorization authorization) checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type.
protected <T extends ResourceNode> List<T>	filterResources(FilterNode filterNode, List<T> resourceList, ResourceType resourceType) this method executes filtering on the given resource list
protected ScimResponse	getResource(String endpoint, String id) checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type.
protected ScimResponse	getResource(String endpoint, String id, Map<String,String> httpHeaders, Supplier<String> baseUrlSupplier) checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type.
protected ScimResponse	getResource(String endpoint, String id, String attributes, String excludedAttributes, Map<String,String> httpHeaders, Supplier<String> baseUrlSupplier, Authorization authorization) checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type.
ScimResponse	handleRequest(String requestUrl, HttpMethod httpMethod, String requestBody, Map<String,String> httpHeaders) this method will resolve the SCIM request based on the given information
ScimResponse	handleRequest(String requestUrl, HttpMethod httpMethod, String requestBody, Map<String,String> httpHeaders, Authorization authorization) this method will resolve the SCIM request based on the given information
protected <T extends ResourceNode> ScimResponse	listResources(String endpoint, Long startIndex, Integer count, String filter, String sortBy, String sortOrder, String attributes, String excludedAttributes, Supplier<String> baseUrlSupplier, Authorization authorization) Clients MAY execute queries without passing parameters on the URL by using the HTTP POST verb combined with the "/.search" path extension.
protected ScimResponse	listResources(String endpoint, SearchRequest searchRequest, Supplier<String> baseUrlSupplier, Authorization authorization) Clients MAY execute queries without passing parameters on the URL by using the HTTP POST verb combined with the "/.search" path extension.
protected ScimResponse	listResources(String endpoint, String searchRequest, Supplier<String> baseUrlSupplier, Authorization authorization) Clients MAY execute queries without passing parameters on the URL by using the HTTP POST verb combined with the "/.search" path extension.
protected ScimResponse	patchResource(String endpoint, String id, String requestBody, Map<String,String> httpHeaders, Supplier<String> baseUrlSupplier) gets the resource that should be patched and will inject the patch operations into the returned resource.
protected ScimResponse	patchResource(String endpoint, String id, String requestBody, String attributes, String excludedAttributes, Map<String,String> httpHeaders, Supplier<String> baseUrlSupplier, Authorization authorization) gets the resource that should be patched and will inject the patch operations into the returned resource.
ResourceType	registerEndpoint(EndpointDefinition endpointDefinition) registers a new endpoint
protected ScimResponse	resolveRequest(HttpMethod httpMethod, String requestBody, UriInfos uriInfos, Authorization authorization) this method will handle the request send by the user by delegating to the corresponding methods
protected ScimResponse	updateResource(String endpoint, String id, String resourceDocument, Map<String,String> httpHeaders, Supplier<String> baseUrlSupplier, Authorization authorization) checks if a resource type exists under the given endpoint and validates the request if it does by the corresponding meta schema.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ResourceEndpoint

public ResourceEndpoint(ServiceProvider serviceProvider,
                        EndpointDefinition... endpointDefinitions)

this constructor was introduced for unit tests to add a specific resourceTypeFactory instance which will prevent application context pollution within unit tests

Method Detail

handleRequest

public ScimResponse handleRequest(String requestUrl,
                                  HttpMethod httpMethod,
                                  String requestBody,
                                  Map<String,String> httpHeaders)

this method will resolve the SCIM request based on the given information

Parameters:

requestUrl - the fully qualified resource URL e.g.:

             https://localhost/v2/scim/Users

             https://localhost/v2/scim/Users/123456

             https://localhost/v2/scim/Users/.search

             https://localhost/v2/scim/Users?startIndex=1&count=20&filter=userName+eq+%22chucky%22
          

httpMethod - the http method that was used by in the request

requestBody - the request body of the request, may be null

httpHeaders - the http request headers, may be null

Returns:

the resolved SCIM response

handleRequest

public ScimResponse handleRequest(String requestUrl,
                                  HttpMethod httpMethod,
                                  String requestBody,
                                  Map<String,String> httpHeaders,
                                  Authorization authorization)

this method will resolve the SCIM request based on the given information

Parameters:

requestUrl - the fully qualified resource URL e.g.:

             https://localhost/v2/scim/Users

             https://localhost/v2/scim/Users/123456

             https://localhost/v2/scim/Users/.search

             https://localhost/v2/scim/Users?startIndex=1&count=20&filter=userName+eq+%22chucky%22
          

httpMethod - the http method that was used by in the request

requestBody - the request body of the request, may be null

httpHeaders - the http request headers, may be null

authorization - should return the roles of an user and may contain arbitrary data needed in the handler implementation

Returns:

the resolved SCIM response

resolveRequest

protected ScimResponse resolveRequest(HttpMethod httpMethod,
                                      String requestBody,
                                      UriInfos uriInfos,
                                      Authorization authorization)

this method will handle the request send by the user by delegating to the corresponding methods

Parameters:

httpMethod - the http method that was used by the client

requestBody - the request body

uriInfos - the parsed information's of the request url

authorization - should return the roles of an user and may contain arbitrary data needed in the handler implementation

Returns:

a response for the client that is either successful or an error

registerEndpoint

public ResourceType registerEndpoint(EndpointDefinition endpointDefinition)

registers a new endpoint

Parameters:

endpointDefinition - the endpoint to register that will override an existing one if one is already present

createResource

protected ScimResponse createResource(String endpoint,
                                      String resourceDocument,
                                      Supplier<String> baseUrlSupplier,
                                      Authorization authorization)

checks if a resource type exists under the given endpoint and validates the request if it does by the corresponding meta schema. If the validation succeeds the single json nodes expanded with its meta information will be given to the developer custom implementation. The returned object for the response will be validated again and then returned as a SCIM response

Parameters:

endpoint - the resource endpoint that was called

resourceDocument - the resource document

baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown

authorization -

Returns:

the scim response for the client

getResource

protected ScimResponse getResource(String endpoint,
                                   String id)

checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type. The returned ResourceNode will then be validated and eventually returned to the client

Parameters:

endpoint - the resource endpoint that was called

id - the id of the resource that was requested

Returns:

the scim response for the client

getResource

protected ScimResponse getResource(String endpoint,
                                   String id,
                                   Map<String,String> httpHeaders,
                                   Supplier<String> baseUrlSupplier)

checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type. The returned ResourceNode will then be validated and eventually returned to the client

Parameters:

endpoint - the resource endpoint that was called

id - the id of the resource that was requested

httpHeaders - the http request headers

baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown

Returns:

the scim response for the client

getResource

protected ScimResponse getResource(String endpoint,
                                   String id,
                                   String attributes,
                                   String excludedAttributes,
                                   Map<String,String> httpHeaders,
                                   Supplier<String> baseUrlSupplier,
                                   Authorization authorization)

checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type. The returned ResourceNode will then be validated and eventually returned to the client

Parameters:

endpoint - the resource endpoint that was called

id - the id of the resource that was requested

attributes - When specified, the default list of attributes SHALL be overridden, and each resource returned MUST contain the minimum set of resource attributes and any attributes or sub-attributes explicitly requested by the "attributes" parameter. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).

excludedAttributes - When specified, each resource returned MUST contain the minimum set of resource attributes. Additionally, the default set of attributes minus those attributes listed in "excludedAttributes" is returned. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).

httpHeaders - the http request headers

baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown

authorization -

Returns:

the scim response for the client

listResources

protected ScimResponse listResources(String endpoint,
                                     String searchRequest,
                                     Supplier<String> baseUrlSupplier,
                                     Authorization authorization)

Clients MAY execute queries without passing parameters on the URL by using the HTTP POST verb combined with the "/.search" path extension. The inclusion of "/.search" on the end of a valid SCIM endpoint SHALL be used to indicate that the HTTP POST verb is intended to be a query operation.

Parameters:

endpoint - the resource endpoint that was called. This string should only contain the resources-endpoint not the "/.search" extension e.g. "/Users" or "Users".

searchRequest - the JSON request body of the search request if the request was sent over POST

baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown

authorization - should return the roles of an user and may contain arbitrary data needed in the handler implementation

Returns:

a ListResponse with all returned resources or an ErrorResponse

listResources

protected ScimResponse listResources(String endpoint,
                                     SearchRequest searchRequest,
                                     Supplier<String> baseUrlSupplier,
                                     Authorization authorization)

Clients MAY execute queries without passing parameters on the URL by using the HTTP POST verb combined with the "/.search" path extension. The inclusion of "/.search" on the end of a valid SCIM endpoint SHALL be used to indicate that the HTTP POST verb is intended to be a query operation.

Parameters:

endpoint - the resource endpoint that was called. This string should only contain the resources-endpoint * not the "/.search" extension e.g. "/Users" or "Users".

searchRequest - the JSON request body of the search request if the request was sent over POST

baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown

authorization - should return the roles of an user and may contain arbitrary data needed in the handler implementation

Returns:

a ListResponse with all returned resources or an ErrorResponse

listResources

protected <T extends ResourceNode> ScimResponse listResources(String endpoint,
                                                              Long startIndex,
                                                              Integer count,
                                                              String filter,
                                                              String sortBy,
                                                              String sortOrder,
                                                              String attributes,
                                                              String excludedAttributes,
                                                              Supplier<String> baseUrlSupplier,
                                                              Authorization authorization)

Clients MAY execute queries without passing parameters on the URL by using the HTTP POST verb combined with the "/.search" path extension. The inclusion of "/.search" on the end of a valid SCIM endpoint SHALL be used to indicate that the HTTP POST verb is intended to be a query operation.

Parameters:

endpoint - the resource endpoint that was called e.g. "/Users" or "Users".

startIndex - The 1-based index of the first query result. A value less than 1 SHALL be interpreted as 1.
DEFAULT: 1

count - Non-negative integer. Specifies the desired maximum number of query results per page, e.g., 10. A negative value SHALL be interpreted as "0". A value of "0" indicates that no resource results are to be returned except for "totalResults".
DEFAULT: None
When specified, the service provider MUST NOT return more results than specified, although it MAY return fewer results. If unspecified, the maximum number of results is set by the service provider.

filter - Filtering is an OPTIONAL parameter for SCIM service providers. Clients MAY discover service provider filter capabilities by looking at the "filter" attribute of the "ServiceProviderConfig" endpoint. Clients MAY request a subset of resources by specifying the "filter" query parameter containing a filter expression. When specified, only those resources matching the filter expression SHALL be returned. The expression language that is used with the filter parameter supports references to attributes and literals.

sortBy - The "sortBy" parameter specifies the attribute whose value SHALL be used to order the returned responses. If the "sortBy" attribute corresponds to a singular attribute, resources are sorted according to that attribute's value; if it's a multi-valued attribute, resources are sorted by the value of the primary attribute (see Section 2.4 of [RFC7643]), if any, or else the first value in the list, if any. If the attribute is complex, the attribute name must be a path to a sub-attribute in standard attribute notation (Section 3.10), e.g., "sortBy=name.givenName". For all attribute types, if there is no data for the specified "sortBy" value, they are sorted via the "sortOrder" parameter, i.e., they are ordered last if ascending and first if descending.

sortOrder - The order in which the "sortBy" parameter is applied. Allowed values are "ascending" and "descending". If a value for "sortBy" is provided and no "sortOrder" is specified, "sortOrder" SHALL default to ascending. String type attributes are case insensitive by default, unless the attribute type is defined as a case-exact string. "sortOrder" MUST sort according to the attribute type; i.e., for case-insensitive attributes, sort the result using case-insensitive Unicode alphabetic sort order with no specific locale implied, and for case-exact attribute types, sort the result using case-sensitive Unicode alphabetic sort order.

attributes - When specified, the default list of attributes SHALL be overridden, and each resource returned MUST contain the minimum set of resource attributes and any attributes or sub-attributes explicitly requested by the "attributes" parameter. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).

excludedAttributes - When specified, each resource returned MUST contain the minimum set of resource attributes. Additionally, the default set of attributes minus those attributes listed in "excludedAttributes" is returned. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).

baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown

authorization -

Returns:

a ListResponse with all returned resources or an ErrorResponse

filterResources

protected <T extends ResourceNode> List<T> filterResources(FilterNode filterNode,
                                                           List<T> resourceList,
                                                           ResourceType resourceType)

this method executes filtering on the given resource list

Parameters:

filterNode - the filter expression from the client. Might be null if filtering is disabled

resourceList - the list that should be filtered

resourceType - the resource type must have filtering enabled. If filtering is not explicitly enabled the developer must do the filtering manually

Returns:

the filtered list or the resourceList

updateResource

protected ScimResponse updateResource(String endpoint,
                                      String id,
                                      String resourceDocument,
                                      Map<String,String> httpHeaders,
                                      Supplier<String> baseUrlSupplier,
                                      Authorization authorization)

checks if a resource type exists under the given endpoint and validates the request if it does by the corresponding meta schema. If the validation succeeds the single json nodes expanded with its meta information will be given to the developer custom implementation. The returned object for the response will be validated again and then returned as a SCIM response

Parameters:

endpoint - the resource endpoint that was called

id - the id of the resource that was requested

resourceDocument - the resource document

httpHeaders - the http request headers

baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown

authorization -

Returns:

the scim response for the client

deleteResource

protected ScimResponse deleteResource(String endpoint,
                                      String id,
                                      Map<String,String> httpHeaders,
                                      Authorization authorization)

checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type. If no exception occurred the client will be informed of a successful request

Parameters:

endpoint - the resource endpoint that was called

id - the id of the resource that was requested

authorization -

Returns:

an empty response that does not create a response body

patchResource

protected ScimResponse patchResource(String endpoint,
                                     String id,
                                     String requestBody,
                                     Map<String,String> httpHeaders,
                                     Supplier<String> baseUrlSupplier)

gets the resource that should be patched and will inject the patch operations into the returned resource. After the patch operation has been processed the patched object will be given to the ResourceHandler.updateResource(ResourceNode, Authorization) method

Parameters:

endpoint - the resource endpoint that was called

id - the id of the resource that should be patched

requestBody - the patch request body

httpHeaders - the http request headers

baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown

Returns:

the updated resource or an error response

patchResource

protected ScimResponse patchResource(String endpoint,
                                     String id,
                                     String requestBody,
                                     String attributes,
                                     String excludedAttributes,
                                     Map<String,String> httpHeaders,
                                     Supplier<String> baseUrlSupplier,
                                     Authorization authorization)

gets the resource that should be patched and will inject the patch operations into the returned resource. After the patch operation has been processed the patched object will be given to the ResourceHandler.updateResource(ResourceNode, Authorization) method

Parameters:

endpoint - the resource endpoint that was called

id - the id of the resource that should be patched

requestBody - the patch request body

attributes - When specified, the default list of attributes SHALL be overridden, and each resource returned MUST contain the minimum set of resource attributes and any attributes or sub-attributes explicitly requested by the "attributes" parameter. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).

excludedAttributes - When specified, each resource returned MUST contain the minimum set of resource attributes. Additionally, the default set of attributes minus those attributes listed in "excludedAttributes" is returned. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).

httpHeaders - the http request headers

baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown

authorization -

Returns:

the updated resource or an error response