Package de.captaingoldfish.scim.sdk.server.endpoints

Class ResourceEndpoint

  • public final class ResourceEndpoint
extends Object
    author Pascal Knueppel
    created at: 26.10.2019 - 00:05

    This class will receive any request and will then delegate the request to the correct endpoint and resource type

    • Constructor Detail

      • ResourceEndpoint

        public ResourceEndpoint​(ServiceProvider serviceProvider,
                        EndpointDefinition... endpointDefinitions)
        this constructor was introduced for unit tests to add a specific resourceTypeFactory instance which will prevent application context pollution within unit tests

    • Method Detail

      • handleRequest

        public ScimResponse handleRequest​(String requestUrl,
                                  HttpMethod httpMethod,
                                  String requestBody,
                                  Map<String,​String> httpHeaders)
        this method will resolve the SCIM request based on the given information
        Parameters:
        requestUrl - the fully qualified resource URL e.g.: 
                     https://localhost/v2/scim/Users
        
             https://localhost/v2/scim/Users/123456
        
             https://localhost/v2/scim/Users/.search
        
             https://localhost/v2/scim/Users?startIndex=1&count=20&filter=userName+eq+%22chucky%22
        httpMethod - the http method that was used by in the request
        requestBody - the request body of the request, may be null
        httpHeaders - the http request headers, may be null
        Returns:
        the resolved SCIM response

      • handleRequest

        public ScimResponse handleRequest​(String requestUrl,
                                  HttpMethod httpMethod,
                                  String requestBody,
                                  Map<String,​String> httpHeaders,
                                  Authorization authorization)
        this method will resolve the SCIM request based on the given information
        Parameters:
        requestUrl - the fully qualified resource URL e.g.: 
                     https://localhost/v2/scim/Users
        
             https://localhost/v2/scim/Users/123456
        
             https://localhost/v2/scim/Users/.search
        
             https://localhost/v2/scim/Users?startIndex=1&count=20&filter=userName+eq+%22chucky%22
        httpMethod - the http method that was used by in the request
        requestBody - the request body of the request, may be null
        httpHeaders - the http request headers, may be null
        authorization - should return the roles of an user and may contain arbitrary data needed in the handler implementation
        Returns:
        the resolved SCIM response

      • resolveRequest

        protected ScimResponse resolveRequest​(HttpMethod httpMethod,
                                      String requestBody,
                                      UriInfos uriInfos,
                                      Authorization authorization)
        this method will handle the request send by the user by delegating to the corresponding methods
        Parameters:
        httpMethod - the http method that was used by the client
        requestBody - the request body
        uriInfos - the parsed information's of the request url
        authorization - should return the roles of an user and may contain arbitrary data needed in the handler implementation
        Returns:
        a response for the client that is either successful or an error

      • registerEndpoint

        public ResourceType registerEndpoint​(EndpointDefinition endpointDefinition)
        registers a new endpoint
        Parameters:
        endpointDefinition - the endpoint to register that will override an existing one if one is already present

      • getResourceTypeByName

        public Optional<ResourceType> getResourceTypeByName​(String name)
        will get a resource type definition by its name
        Parameters:
        name - the name of the resource type e.g. User, Group, ServiceProviderConfig, ResourceType, Schema
        Returns:
        the resource type if one is registered under the given id

      • getRegisteredResourceTypeNames

        public Set<String> getRegisteredResourceTypeNames()
        Returns:
        the names of all resource types that have been registered

      • createResource

        protected ScimResponse createResource​(String endpoint,
                                      String resourceDocument,
                                      Supplier<String> baseUrlSupplier,
                                      Authorization authorization)
        checks if a resource type exists under the given endpoint and validates the request if it does by the corresponding meta schema. If the validation succeeds the single json nodes expanded with its meta information will be given to the developer custom implementation. The returned object for the response will be validated again and then returned as a SCIM response
        Parameters:
        endpoint - the resource endpoint that was called
        resourceDocument - the resource document
        baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
        authorization -
        Returns:
        the scim response for the client

      • getResource

        protected ScimResponse getResource​(String endpoint,
                                   String id)
        checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type. The returned ResourceNode will then be validated and eventually returned to the client
        Parameters:
        endpoint - the resource endpoint that was called
        id - the id of the resource that was requested
        Returns:
        the scim response for the client

      • getResource

        protected ScimResponse getResource​(String endpoint,
                                   String id,
                                   Map<String,​String> httpHeaders,
                                   Supplier<String> baseUrlSupplier)
        checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type. The returned ResourceNode will then be validated and eventually returned to the client
        Parameters:
        endpoint - the resource endpoint that was called
        id - the id of the resource that was requested
        httpHeaders - the http request headers
        baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
        Returns:
        the scim response for the client

      • getResource

        protected ScimResponse getResource​(String endpoint,
                                   String id,
                                   String attributes,
                                   String excludedAttributes,
                                   Map<String,​String> httpHeaders,
                                   Supplier<String> baseUrlSupplier,
                                   Authorization authorization)
        checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type. The returned ResourceNode will then be validated and eventually returned to the client
        Parameters:
        endpoint - the resource endpoint that was called
        id - the id of the resource that was requested
        attributes - When specified, the default list of attributes SHALL be overridden, and each resource returned MUST contain the minimum set of resource attributes and any attributes or sub-attributes explicitly requested by the "attributes" parameter. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).
        excludedAttributes - When specified, each resource returned MUST contain the minimum set of resource attributes. Additionally, the default set of attributes minus those attributes listed in "excludedAttributes" is returned. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).
        httpHeaders - the http request headers
        baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
        authorization - the authorization information of the current client
        Returns:
        the scim response for the client

      • listResources

        protected ScimResponse listResources​(String endpoint,
                                     String searchRequest,
                                     Supplier<String> baseUrlSupplier,
                                     Authorization authorization)
        Clients MAY execute queries without passing parameters on the URL by using the HTTP POST verb combined with the "/.search" path extension. The inclusion of "/.search" on the end of a valid SCIM endpoint SHALL be used to indicate that the HTTP POST verb is intended to be a query operation.
        Parameters:
        endpoint - the resource endpoint that was called. This string should only contain the resources-endpoint not the "/.search" extension e.g. "/Users" or "Users".
        searchRequest - the JSON request body of the search request if the request was sent over POST
        baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
        authorization - should return the roles of an user and may contain arbitrary data needed in the handler implementation
        Returns:
        a ListResponse with all returned resources or an ErrorResponse

      • listResources

        protected ScimResponse listResources​(String endpoint,
                                     SearchRequest searchRequest,
                                     Supplier<String> baseUrlSupplier,
                                     Authorization authorization)
        Clients MAY execute queries without passing parameters on the URL by using the HTTP POST verb combined with the "/.search" path extension. The inclusion of "/.search" on the end of a valid SCIM endpoint SHALL be used to indicate that the HTTP POST verb is intended to be a query operation.
        Parameters:
        endpoint - the resource endpoint that was called. This string should only contain the resources-endpoint * not the "/.search" extension e.g. "/Users" or "Users".
        searchRequest - the JSON request body of the search request if the request was sent over POST
        baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
        authorization - should return the roles of an user and may contain arbitrary data needed in the handler implementation
        Returns:
        a ListResponse with all returned resources or an ErrorResponse

      • listResources

        protected <T extends ResourceNodeScimResponse listResources​(String endpoint,
                                                              Long startIndex,
                                                              Integer count,
                                                              String filter,
                                                              String sortBy,
                                                              String sortOrder,
                                                              String attributes,
                                                              String excludedAttributes,
                                                              Supplier<String> baseUrlSupplier,
                                                              Authorization authorization)
        Clients MAY execute queries without passing parameters on the URL by using the HTTP POST verb combined with the "/.search" path extension. The inclusion of "/.search" on the end of a valid SCIM endpoint SHALL be used to indicate that the HTTP POST verb is intended to be a query operation.
        Parameters:
        endpoint - the resource endpoint that was called e.g. "/Users" or "Users".
        startIndex - The 1-based index of the first query result. A value less than 1 SHALL be interpreted as 1.
        DEFAULT: 1
        count - Non-negative integer. Specifies the desired maximum number of query results per page, e.g., 10. A negative value SHALL be interpreted as "0". A value of "0" indicates that no resource results are to be returned except for "totalResults".
        DEFAULT: None
        When specified, the service provider MUST NOT return more results than specified, although it MAY return fewer results. If unspecified, the maximum number of results is set by the service provider.
        filter - Filtering is an OPTIONAL parameter for SCIM service providers. Clients MAY discover service provider filter capabilities by looking at the "filter" attribute of the "ServiceProviderConfig" endpoint. Clients MAY request a subset of resources by specifying the "filter" query parameter containing a filter expression. When specified, only those resources matching the filter expression SHALL be returned. The expression language that is used with the filter parameter supports references to attributes and literals.
        sortBy - The "sortBy" parameter specifies the attribute whose value SHALL be used to order the returned responses. If the "sortBy" attribute corresponds to a singular attribute, resources are sorted according to that attribute's value; if it's a multi-valued attribute, resources are sorted by the value of the primary attribute (see Section 2.4 of [RFC7643]), if any, or else the first value in the list, if any. If the attribute is complex, the attribute name must be a path to a sub-attribute in standard attribute notation (Section 3.10), e.g., "sortBy=name.givenName". For all attribute types, if there is no data for the specified "sortBy" value, they are sorted via the "sortOrder" parameter, i.e., they are ordered last if ascending and first if descending.
        sortOrder - The order in which the "sortBy" parameter is applied. Allowed values are "ascending" and "descending". If a value for "sortBy" is provided and no "sortOrder" is specified, "sortOrder" SHALL default to ascending. String type attributes are case insensitive by default, unless the attribute type is defined as a case-exact string. "sortOrder" MUST sort according to the attribute type; i.e., for case-insensitive attributes, sort the result using case-insensitive Unicode alphabetic sort order with no specific locale implied, and for case-exact attribute types, sort the result using case-sensitive Unicode alphabetic sort order.
        attributes - When specified, the default list of attributes SHALL be overridden, and each resource returned MUST contain the minimum set of resource attributes and any attributes or sub-attributes explicitly requested by the "attributes" parameter. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).
        excludedAttributes - When specified, each resource returned MUST contain the minimum set of resource attributes. Additionally, the default set of attributes minus those attributes listed in "excludedAttributes" is returned. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).
        baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
        authorization -
        Returns:
        a ListResponse with all returned resources or an ErrorResponse

      • filterResources

        protected <T extends ResourceNodeList<T> filterResources​(FilterNode filterNode,
                                                           List<T> resourceList,
                                                           ResourceType resourceType)
        this method executes filtering on the given resource list
        Parameters:
        filterNode - the filter expression from the client. Might be null if filtering is disabled
        resourceList - the list that should be filtered
        resourceType - the resource type must have filtering enabled. If filtering is not explicitly enabled the developer must do the filtering manually
        Returns:
        the filtered list or the resourceList

      • updateResource

        protected ScimResponse updateResource​(String endpoint,
                                      String id,
                                      String resourceDocument,
                                      Map<String,​String> httpHeaders,
                                      Supplier<String> baseUrlSupplier,
                                      Authorization authorization)
        checks if a resource type exists under the given endpoint and validates the request if it does by the corresponding meta schema. If the validation succeeds the single json nodes expanded with its meta information will be given to the developer custom implementation. The returned object for the response will be validated again and then returned as a SCIM response
        Parameters:
        endpoint - the resource endpoint that was called
        id - the id of the resource that was requested
        resourceDocument - the resource document
        httpHeaders - the http request headers
        baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
        authorization -
        Returns:
        the scim response for the client

      • deleteResource

        protected ScimResponse deleteResource​(String endpoint,
                                      String id,
                                      Map<String,​String> httpHeaders,
                                      Authorization authorization)
        checks if a resource type exists under the given endpoint and will then give the id to the developers custom implementation stored under the found resource type. If no exception occurred the client will be informed of a successful request
        Parameters:
        endpoint - the resource endpoint that was called
        id - the id of the resource that was requested
        authorization -
        Returns:
        an empty response that does not create a response body

      • patchResource

        protected ScimResponse patchResource​(String endpoint,
                                     String id,
                                     String requestBody,
                                     Map<String,​String> httpHeaders,
                                     Supplier<String> baseUrlSupplier)
        gets the resource that should be patched and will inject the patch operations into the returned resource. After the patch operation has been processed the patched object will be given to the ResourceHandler.updateResource(ResourceNode, Authorization) method
        Parameters:
        endpoint - the resource endpoint that was called
        id - the id of the resource that should be patched
        requestBody - the patch request body
        httpHeaders - the http request headers
        baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
        Returns:
        the updated resource or an error response

      • patchResource

        protected ScimResponse patchResource​(String endpoint,
                                     String id,
                                     String requestBody,
                                     String attributes,
                                     String excludedAttributes,
                                     Map<String,​String> httpHeaders,
                                     Supplier<String> baseUrlSupplier,
                                     Authorization authorization)
        gets the resource that should be patched and will inject the patch operations into the returned resource. After the patch operation has been processed the patched object will be given to the ResourceHandler.updateResource(ResourceNode, Authorization) method
        Parameters:
        endpoint - the resource endpoint that was called
        id - the id of the resource that should be patched
        requestBody - the patch request body
        attributes - When specified, the default list of attributes SHALL be overridden, and each resource returned MUST contain the minimum set of resource attributes and any attributes or sub-attributes explicitly requested by the "attributes" parameter. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).
        excludedAttributes - When specified, each resource returned MUST contain the minimum set of resource attributes. Additionally, the default set of attributes minus those attributes listed in "excludedAttributes" is returned. The query parameter attributes value is a comma-separated list of resource attribute names in standard attribute notation (Section 3.10) form (e.g., userName, name, emails).
        httpHeaders - the http request headers
        baseUrlSupplier - this supplier is an optional attribute that should be used to supply the information of the base URL of this application e.g.: https://example.com/scim/v2. This return value will be used to create the location URL of the resources like 'https://example.com/scim/v2/Users/123456'. If this parameter is not present the application will try to read a hardcoded URL from the service provider configuration that is also an optional attribute. If both ways fail an exception will be thrown
        authorization -
        Returns:
        the updated resource or an error response