Package de.captaingoldfish.scim.sdk.server.endpoints

Class ResourceEndpoint

java.lang.Object
de.captaingoldfish.scim.sdk.server.endpoints.ResourceEndpoint
public final class ResourceEndpoint extends Object
author Pascal Knueppel
created at: 26.10.2019 - 00:05

This class will receive any request and will then delegate the request to the correct endpoint and resource type

  • Constructor Details

    • ResourceEndpoint

      public ResourceEndpoint(ServiceProvider serviceProvider, EndpointDefinition... endpointDefinitions)
      create a resource endpoint with default meta-endpoints
      Parameters:
      serviceProvider - the service provider configuration of this SCIM provider setup
      endpointDefinitions - the endpoint definitions that should be registered additionally to the meta endpoint "/ServiceProviderConfig, /ResourceTypes, /Schemas"

  • Method Details

    • handleRequest

      public ScimResponse handleRequest(String requestUrl, HttpMethod httpMethod, String requestBody, Map<String,String> httpHeaders, Context context)
      this method will resolve the SCIM request based on the given information
      Parameters:
      requestUrl - the fully qualified resource URL e.g.: 
                   https://localhost/v2/scim/Users
      
             https://localhost/v2/scim/Users/123456
      
             https://localhost/v2/scim/Users/.search
      
             https://localhost/v2/scim/Users?startIndex=1&count=20&filter=userName+eq+%22chucky%22
      httpMethod - the http method that was used by in the request
      requestBody - the request body of the request, may be null
      httpHeaders - the http request headers, may be null
      context - an optional context object that will be expanded with additional information of the current request
      Returns:
      the resolved SCIM response

    • handleRequest

      public ScimResponse handleRequest(String requestUrl, HttpMethod httpMethod, String requestBody, Map<String,String> httpHeaders, Consumer<ResourceType> doBeforeExecution, Context context)
      this method will resolve the SCIM request based on the given information
      Parameters:
      requestUrl - the fully qualified resource URL e.g.: 
                   https://localhost/v2/scim/Users
      
             https://localhost/v2/scim/Users/123456
      
             https://localhost/v2/scim/Users/.search
      
             https://localhost/v2/scim/Users?startIndex=1&count=20&filter=userName+eq+%22chucky%22
      httpMethod - the http method that was used by in the request
      requestBody - the request body of the request, may be null
      httpHeaders - the http request headers, may be null
      doBeforeExecution - arbitary code that is executed before the endpoint is called. This might be used to execute authentication on dedicated resource types
      context - an optional context object that will be expanded with additional information of the current request
      Returns:
      the resolved SCIM response

    • handleRequest

      public ScimResponse handleRequest(String requestUrl, HttpMethod httpMethod, String requestBody, Map<String,String> httpHeaders, BiConsumer<ScimResponse,Boolean> doAfterExecution, Context context)
      this method will resolve the SCIM request based on the given information
      Parameters:
      requestUrl - the fully qualified resource URL e.g.: 
                   https://localhost/v2/scim/Users
      
             https://localhost/v2/scim/Users/123456
      
             https://localhost/v2/scim/Users/.search
      
             https://localhost/v2/scim/Users?startIndex=1&count=20&filter=userName+eq+%22chucky%22
      httpMethod - the http method that was used by in the request
      requestBody - the request body of the request, may be null
      httpHeaders - the http request headers, may be null
      doAfterExecution - an optional implementation that can be used to execute arbitrary code after the execution of the request has been finished. First parameter is the response object second is a boolean that tells if the request failed or succeeded.
      context - an optional context object that will be expanded with additional information of the current request
      Returns:
      the resolved SCIM response

    • handleRequest

      public ScimResponse handleRequest(String requestUrl, HttpMethod httpMethod, String requestBody, Map<String,String> httpHeaders, Consumer<ResourceType> doBeforeExecution, BiConsumer<ScimResponse,Boolean> doAfterExecution, Context context)
      this method will resolve the SCIM request based on the given information
      Parameters:
      requestUrl - the fully qualified resource URL e.g.: 
                   https://localhost/v2/scim/Users
      
             https://localhost/v2/scim/Users/123456
      
             https://localhost/v2/scim/Users/.search
      
             https://localhost/v2/scim/Users?startIndex=1&count=20&filter=userName+eq+%22chucky%22
      httpMethod - the http method that was used by in the request
      requestBody - the request body of the request, may be null
      httpHeaders - the http request headers, may be null
      authorization - should return the roles of an user and may contain arbitrary data needed in the handler implementation
      doBeforeExecution - arbitary code that is executed before the endpoint is called. This might be used to execute authentication on dedicated resource types
      doAfterExecution - an optional implementation that can be used to execute arbitrary code after the execution of the request has been finished. First parameter is the response object second is a boolean that tells if the request failed or succeeded.
      context - an optional context object that will be expanded with additional information of the current request
      Returns:
      the resolved SCIM response

    • resolveRequest

      protected ScimResponse resolveRequest(HttpMethod httpMethod, String requestBody, UriInfos uriInfos, Consumer<ResourceType> doBeforeExecution, Context context)
      this method will handle the request send by the user by delegating to the corresponding methods
      Parameters:
      httpMethod - the http method that was used by the client
      requestBody - the request body
      uriInfos - the parsed information's of the request url
      authorization - should return the roles of an user and may contain arbitrary data needed in the handler implementation
      doBeforeExecution - arbitrary code that is executed before the endpoint is called. This might be used to execute authentication on dedicated resource types
      Returns:
      a response for the client that is either successful or an error

    • registerEndpoint

      public ResourceType registerEndpoint(EndpointDefinition endpointDefinition)
      registers a new endpoint
      Parameters:
      endpointDefinition - the endpoint to register that will override an existing one if one is already present

    • getResourceTypeByName

      public Optional<ResourceType> getResourceTypeByName(String name)
      will get a resource type definition by its name
      Parameters:
      name - the name of the resource type e.g. User, Group, ServiceProviderConfig, ResourceType, Schema
      Returns:
      the resource type if one is registered under the given id

    • getRegisteredResourceTypeNames

      public Set<String> getRegisteredResourceTypeNames()
      Returns:
      the names of all resource types that have been registered

    • getRegisteredResourceTypes

      public Set<ResourceType> getRegisteredResourceTypes()
      Returns:
      all registered resource types

    • getRegisteredSchemas

      public Set<Schema> getRegisteredSchemas()
      Returns:
      all resource schemata that have been registered on this SCIM provider

    • createResource

      protected ScimResponse createResource(String endpoint, String resourceDocument, Supplier<String> baseUrlSupplier, Context context)
      checks if a resource type exists under the given endpoint and validates the request if it does by the corresponding meta schema. If the validation succeeds the single json nodes expanded with its meta information will be given to the developer custom implementation. The returned object for the response will be validated again and then returned as a SCIM response
      Parameters:
      endpoint - the resource endpoint that was called
      resourceDocument - the resource document
      baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
      context - the current request context that holds additional useful information. This object is never null
      Returns:
      the scim response for the client

    • getResource

      protected ScimResponse getResource(String endpoint, String id)
      checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type. The returned ResourceNode will then be validated and eventually returned to the client
      Parameters:
      endpoint - the resource endpoint that was called
      id - the id of the resource that was requested
      Returns:
      the scim response for the client

    • getResource

      protected ScimResponse getResource(String endpoint, String id, Map<String,String> httpHeaders, Supplier<String> baseUrlSupplier)
      checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type. The returned ResourceNode will then be validated and eventually returned to the client
      Parameters:
      endpoint - the resource endpoint that was called
      id - the id of the resource that was requested
      httpHeaders - the http request headers
      baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
      Returns:
      the scim response for the client

    • getResource

      protected ScimResponse getResource(String endpoint, String id, String attributes, String excludedAttributes, Map<String,String> httpHeaders, Supplier<String> baseUrlSupplier, Context context)
      checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type. The returned ResourceNode will then be validated and eventually returned to the client
      Parameters:
      endpoint - the resource endpoint that was called
      id - the id of the resource that was requested
      attributes - When specified, the default list of attributes SHALL be overridden, and each resource returned MUST contain the minimum set of resource attributes and any attributes or sub-attributes explicitly requested by the "attributes" parameter. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).
      excludedAttributes - When specified, each resource returned MUST contain the minimum set of resource attributes. Additionally, the default set of attributes minus those attributes listed in "excludedAttributes" is returned. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).
      httpHeaders - the http request headers
      baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
      context - the current request context that holds additional useful information. This object is never null
      Returns:
      the scim response for the client

    • listResources

      protected ScimResponse listResources(String endpoint, String searchRequest, Supplier<String> baseUrlSupplier, Context context)
      Clients MAY execute queries without passing parameters on the URL by using the HTTP POST verb combined with the "/.search" path extension. The inclusion of "/.search" on the end of a valid SCIM endpoint SHALL be used to indicate that the HTTP POST verb is intended to be a query operation.
      Parameters:
      endpoint - the resource endpoint that was called. This string should only contain the resources-endpoint not the "/.search" extension e.g. "/Users" or "Users".
      searchRequest - the JSON request body of the search request if the request was sent over POST
      baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
      context - the current request context that holds additional useful information. This object is never null
      Returns:
      a ListResponse with all returned resources or an ErrorResponse

    • listResources

      protected ScimResponse listResources(String endpoint, SearchRequest searchRequest, Supplier<String> baseUrlSupplier, Context context)
      Clients MAY execute queries without passing parameters on the URL by using the HTTP POST verb combined with the "/.search" path extension. The inclusion of "/.search" on the end of a valid SCIM endpoint SHALL be used to indicate that the HTTP POST verb is intended to be a query operation.
      Parameters:
      endpoint - the resource endpoint that was called. This string should only contain the resources-endpoint * not the "/.search" extension e.g. "/Users" or "Users".
      searchRequest - the JSON request body of the search request if the request was sent over POST
      baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
      context - the current request context that holds additional useful information. This object is never null
      Returns:
      a ListResponse with all returned resources or an ErrorResponse

    • listResources

      protected <T extends ResourceNode> ScimResponse listResources(String endpoint, Long startIndex, Integer count, String filter, String sortBy, String sortOrder, String attributes, String excludedAttributes, Supplier<String> baseUrlSupplier, Context context)
      Clients MAY execute queries without passing parameters on the URL by using the HTTP POST verb combined with the "/.search" path extension. The inclusion of "/.search" on the end of a valid SCIM endpoint SHALL be used to indicate that the HTTP POST verb is intended to be a query operation.
      Parameters:
      endpoint - the resource endpoint that was called e.g. "/Users" or "Users".
      startIndex - The 1-based index of the first query result. A value less than 1 SHALL be interpreted as 1.
      DEFAULT: 1
      count - Non-negative integer. Specifies the desired maximum number of query results per page, e.g., 10. A negative value SHALL be interpreted as "0". A value of "0" indicates that no resource results are to be returned except for "totalResults".
      DEFAULT: None
      When specified, the service provider MUST NOT return more results than specified, although it MAY return fewer results. If unspecified, the maximum number of results is set by the service provider.
      filter - Filtering is an OPTIONAL parameter for SCIM service providers. Clients MAY discover service provider filter capabilities by looking at the "filter" attribute of the "ServiceProviderConfig" endpoint. Clients MAY request a subset of resources by specifying the "filter" query parameter containing a filter expression. When specified, only those resources matching the filter expression SHALL be returned. The expression language that is used with the filter parameter supports references to attributes and literals.
      sortBy - The "sortBy" parameter specifies the attribute whose value SHALL be used to order the returned responses. If the "sortBy" attribute corresponds to a singular attribute, resources are sorted according to that attribute's value; if it's a multi-valued attribute, resources are sorted by the value of the primary attribute (see Section 2.4 of [RFC7643]), if any, or else the first value in the list, if any. If the attribute is complex, the attribute name must be a path to a sub-attribute in standard attribute notation (Section 3.10), e.g., "sortBy=name.givenName". For all attribute types, if there is no data for the specified "sortBy" value, they are sorted via the "sortOrder" parameter, i.e., they are ordered last if ascending and first if descending.
      sortOrder - The order in which the "sortBy" parameter is applied. Allowed values are "ascending" and "descending". If a value for "sortBy" is provided and no "sortOrder" is specified, "sortOrder" SHALL default to ascending. String type attributes are case insensitive by default, unless the attribute type is defined as a case-exact string. "sortOrder" MUST sort according to the attribute type; i.e., for case-insensitive attributes, sort the result using case-insensitive Unicode alphabetic sort order with no specific locale implied, and for case-exact attribute types, sort the result using case-sensitive Unicode alphabetic sort order.
      attributes - When specified, the default list of attributes SHALL be overridden, and each resource returned MUST contain the minimum set of resource attributes and any attributes or sub-attributes explicitly requested by the "attributes" parameter. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).
      excludedAttributes - When specified, each resource returned MUST contain the minimum set of resource attributes. Additionally, the default set of attributes minus those attributes listed in "excludedAttributes" is returned. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).
      baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
      context - the current request context that holds additional useful information. This object is never null
      Returns:
      a ListResponse with all returned resources or an ErrorResponse

    • filterResources

      protected <T extends ResourceNode> List<T> filterResources(FilterNode filterNode, List<T> resourceList, ResourceType resourceType)
      this method executes filtering on the given resource list
      Parameters:
      filterNode - the filter expression from the client. Might be null if filtering is disabled
      resourceList - the list that should be filtered
      resourceType - the resource type must have filtering enabled. If filtering is not explicitly enabled the developer must do the filtering manually
      Returns:
      the filtered list or the resourceList

    • updateResource

      protected ScimResponse updateResource(String endpoint, String id, String resourceDocument, Map<String,String> httpHeaders, Supplier<String> baseUrlSupplier, Context context)
      checks if a resource type exists under the given endpoint and validates the request if it does by the corresponding meta schema. If the validation succeeds the single json nodes expanded with its meta information will be given to the developer custom implementation. The returned object for the response will be validated again and then returned as a SCIM response
      Parameters:
      endpoint - the resource endpoint that was called
      id - the id of the resource that was requested
      resourceDocument - the resource document
      httpHeaders - the http request headers
      baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
      context - the current request context that holds additional useful information. This object is never null
      Returns:
      the scim response for the client

    • deleteResource

      protected ScimResponse deleteResource(String endpoint, String id, Map<String,String> httpHeaders, Context context)
      checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type. If no exception occurred the client will be informed of a successful request
      Parameters:
      endpoint - the resource endpoint that was called
      id - the id of the resource that was requested
      context - the current request context that holds additional useful information. This object is never null
      Returns:
      an empty response that does not create a response body

    • patchResource

      protected ScimResponse patchResource(String endpoint, String id, String requestBody, Map<String,String> httpHeaders, Supplier<String> baseUrlSupplier)
      gets the resource that should be patched and will inject the patch operations into the returned resource. After the patch operation has been processed the patched object will be given to the ResourceHandler.updateResource(ResourceNode, Context) method
      Parameters:
      endpoint - the resource endpoint that was called
      id - the id of the resource that should be patched
      requestBody - the patch request body
      httpHeaders - the http request headers
      baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
      Returns:
      the updated resource or an error response

    • patchResource

      protected ScimResponse patchResource(String endpoint, String id, String requestBody, String attributes, String excludedAttributes, Map<String,String> httpHeaders, Supplier<String> baseUrlSupplier, Context context)
      gets the resource that should be patched and will inject the patch operations into the returned resource. After the patch operation has been processed the patched object will be given to the ResourceHandler.updateResource(ResourceNode, Context) method
      Parameters:
      endpoint - the resource endpoint that was called
      id - the id of the resource that should be patched
      requestBody - the patch request body
      attributes - When specified, the default list of attributes SHALL be overridden, and each resource returned MUST contain the minimum set of resource attributes and any attributes or sub-attributes explicitly requested by the "attributes" parameter. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).
      excludedAttributes - When specified, each resource returned MUST contain the minimum set of resource attributes. Additionally, the default set of attributes minus those attributes listed in "excludedAttributes" is returned. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).
      httpHeaders - the http request headers
      baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
      context - the current request context that holds additional useful information. This object is never null
      Returns:
      the updated resource or an error response

    • getServiceProvider

      public ServiceProvider getServiceProvider()
      each created ResourceEndpointHandler must get hold of a single ServiceProvider instance which holds the configuration of this service provider implementation

    • getResourceTypeFactory

      protected ResourceTypeFactory getResourceTypeFactory()
      this is used to prevent application context pollution in unit tests