Re: [Dev] [IS 6.0.0] [SCIM 2.0] Extend SCIM2.0 meta data in the SCIM response to include User Life cycle State
Hi, I have implemented this by adding "state" attribute from a SCIM extension and adding it to the response separately. I will send a PR and will get it merged. There is a RM issue to track this in [1]. When I'm upgrading the identity.mgt.version in scim2 repository [2] , found several issues in SCIM response codes and created a JIRA for that in [3], but still couldn't work on fixing those. [1] https://redmine.wso2.com/issues/5815 [2] https://github.com/wso2-extensions/identity-inbound-provisioning-scim2 [3] https://wso2.org/jira/browse/IDENTITY-5817 Thanks and Regards On Fri, Mar 24, 2017 at 12:16 PM, Sagara Gunathungawrote: > > > On Wed, Mar 1, 2017 at 1:58 PM, Gayan Gunawardana wrote: > >> >> >> On Wed, Mar 1, 2017 at 1:38 PM, Indunil Upeksha Rathnayake < >> indu...@wso2.com> wrote: >> >>> Hi, >>> >>> In IS 6.0.0 with SCIM 2.0 support, we are planning to Extend SCIM2.0 >>> meta data in the SCIM response to include User Life cycle State. Currently, >>> in database level, "state" parameter is getting saved in the "IDM_USER" >>> table (Refer [1]). >>> >>> As per the SCIM2 Core specification(Refer [2]), there are specifically >>> defined sub attributes for the "meta" attribute. So that, I think it's >>> invalid to include "state" inside the meta attributes in the response as >>> below. >>> >>> "meta":{*"state":"CREATED"*, "created":"2017-02-28T11:50:12Z","location" >>> :"http://localhost:9292/scim/v2/Users/1.945a6def-d139-4abc-9090- >>> e4dd10217580","lastModified":"2017-02-28T11:50:12Z","resourceType": >>> "User"} >>> >>> "state" is not defined as a core attribute in the specification, so that >>> it need to be considered as an extended attribute and need to be added from >>> a SCIM extension. If so, "state" can't be added for the list of meta >>> attributes since, extended attributes are kept in their own sub-attribute >>> namespace identified by the schema extension URI [2]. >>> >> Meta attributes are common set of attributes shared across all entities >> such as User, Group ...etc. IMO we shouldn't and we can't include "state" >> attribute under meta attributes. >> >>> >>> Is it appropriate to add "state" attribute from a SCIM extension and add >>> it to the response separately as below? >>> >> >>> {"meta":{"created":"2017-02-28T11:50:12Z","location":"http:/ >>> /localhost:9292/scim/v2/Users/1.945a6def-d139-4abc-9090-e4dd10217580", >>> "lastModified":"2017-02-28T11:50:12Z","resourceType":"User"},"schemas":[ >>> "urn:ietf:params:scim:schemas:core:2.0:User","urn:ietf:params: >>> scim:schemas:extension:enterprise:2.0:User"],"name":{"familyName": >>> "user1"},"id":"1.945a6def-d139-4abc-9090-e4dd10217580","userName":"user >>> 1", *"EnterpriseUser"**:{"state":"CREATED"}*} >>> >>> +1 to have enterprise user extension for "state" attribute. What are the >> available values for "state" attribute and also check "active" attribute in >> standard schema. >> > > +1 As we use SCIM 2.0 schema and protocol as IS user mgt remote API we > have to extend the schema/protocol based on our remote API requirements. > BTW in this specific case for 'state' we can't predefine all possible > values because we are getting those state values from SCXML file and user > can define new state values in addition to default values we ship. > > Have we done this improvement ? do we have a RM to track the progress ? > > Thanks ! > >> Appreciate your ideas. >>> >>> [1] https://github.com/wso2/carbon-identity-mgt/blob/master/ >>> feature/org.wso2.carbon.identity.mgt.feature/resources/ >>> dbscripts/identity-mgt/h2.sql#L29 >>> [2] https://tools.ietf.org/html/rfc7643#section-3.1 >>> >>> Thanks and Regards >>> -- >>> Indunil Upeksha Rathnayake >>> Software Engineer | WSO2 Inc >>> Emailindu...@wso2.com >>> Mobile 0772182255 >>> >> >> >> >> -- >> Gayan Gunawardana >> Software Engineer; WSO2 Inc.; http://wso2.com/ >> Email: ga...@wso2.com >> Mobile: +94 (71) 8020933 >> > > > > -- > Sagara Gunathunga > > Associate Director / Architect; WSO2, Inc.; http://wso2.com > V.P Apache Web Services;http://ws.apache.org/ > Linkedin; http://www.linkedin.com/in/ssagara > Blog ; http://ssagara.blogspot.com > > -- Indunil Upeksha Rathnayake Software Engineer | WSO2 Inc Emailindu...@wso2.com Mobile 0772182255 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [IS 6.0.0] [SCIM 2.0] Extend SCIM2.0 meta data in the SCIM response to include User Life cycle State
On Wed, Mar 1, 2017 at 1:58 PM, Gayan Gunawardanawrote: > > > On Wed, Mar 1, 2017 at 1:38 PM, Indunil Upeksha Rathnayake < > indu...@wso2.com> wrote: > >> Hi, >> >> In IS 6.0.0 with SCIM 2.0 support, we are planning to Extend SCIM2.0 meta >> data in the SCIM response to include User Life cycle State. Currently, in >> database level, "state" parameter is getting saved in the "IDM_USER" table >> (Refer [1]). >> >> As per the SCIM2 Core specification(Refer [2]), there are specifically >> defined sub attributes for the "meta" attribute. So that, I think it's >> invalid to include "state" inside the meta attributes in the response as >> below. >> >> "meta":{*"state":"CREATED"*, "created":"2017-02-28T11:50:12Z","location": >> "http://localhost:9292/scim/v2/Users/1.945a6def-d139-4abc-9090- >> e4dd10217580","lastModified":"2017-02-28T11:50:12Z","resourceType":"User" >> } >> >> "state" is not defined as a core attribute in the specification, so that >> it need to be considered as an extended attribute and need to be added from >> a SCIM extension. If so, "state" can't be added for the list of meta >> attributes since, extended attributes are kept in their own sub-attribute >> namespace identified by the schema extension URI [2]. >> > Meta attributes are common set of attributes shared across all entities > such as User, Group ...etc. IMO we shouldn't and we can't include "state" > attribute under meta attributes. > >> >> Is it appropriate to add "state" attribute from a SCIM extension and add >> it to the response separately as below? >> > >> {"meta":{"created":"2017-02-28T11:50:12Z","location":"http:/ >> /localhost:9292/scim/v2/Users/1.945a6def-d139-4abc-9090-e4dd10217580", >> "lastModified":"2017-02-28T11:50:12Z","resourceType":"User"},"schemas":[ >> "urn:ietf:params:scim:schemas:core:2.0:User","urn: >> ietf:params:scim:schemas:extension:enterprise:2.0:User"],"name":{ >> "familyName":"user1"},"id":"1.945a6def-d139-4abc-9090-e4dd10217580", >> "userName":"user1", *"EnterpriseUser"**:{"state":"CREATED"}*} >> >> +1 to have enterprise user extension for "state" attribute. What are the > available values for "state" attribute and also check "active" attribute in > standard schema. > +1 As we use SCIM 2.0 schema and protocol as IS user mgt remote API we have to extend the schema/protocol based on our remote API requirements. BTW in this specific case for 'state' we can't predefine all possible values because we are getting those state values from SCXML file and user can define new state values in addition to default values we ship. Have we done this improvement ? do we have a RM to track the progress ? Thanks ! > Appreciate your ideas. >> >> [1] https://github.com/wso2/carbon-identity-mgt/blob/master/ >> feature/org.wso2.carbon.identity.mgt.feature/resources >> /dbscripts/identity-mgt/h2.sql#L29 >> [2] https://tools.ietf.org/html/rfc7643#section-3.1 >> >> Thanks and Regards >> -- >> Indunil Upeksha Rathnayake >> Software Engineer | WSO2 Inc >> Emailindu...@wso2.com >> Mobile 0772182255 >> > > > > -- > Gayan Gunawardana > Software Engineer; WSO2 Inc.; http://wso2.com/ > Email: ga...@wso2.com > Mobile: +94 (71) 8020933 > -- Sagara Gunathunga Associate Director / Architect; WSO2, Inc.; http://wso2.com V.P Apache Web Services;http://ws.apache.org/ Linkedin; http://www.linkedin.com/in/ssagara Blog ; http://ssagara.blogspot.com ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [IS 6.0.0] [SCIM 2.0] Extend SCIM2.0 meta data in the SCIM response to include User Life cycle State
On Wed, Mar 1, 2017 at 1:38 PM, Indunil Upeksha Rathnayakewrote: > Hi, > > In IS 6.0.0 with SCIM 2.0 support, we are planning to Extend SCIM2.0 meta > data in the SCIM response to include User Life cycle State. Currently, in > database level, "state" parameter is getting saved in the "IDM_USER" table > (Refer [1]). > > As per the SCIM2 Core specification(Refer [2]), there are specifically > defined sub attributes for the "meta" attribute. So that, I think it's > invalid to include "state" inside the meta attributes in the response as > below. > > "meta":{*"state":"CREATED"*, "created":"2017-02-28T11:50:12Z","location":" > http://localhost:9292/scim/v2/Users/1.945a6def-d139-4abc-9090-e4dd10217580 > ","lastModified":"2017-02-28T11:50:12Z","resourceType":"User"} > > "state" is not defined as a core attribute in the specification, so that > it need to be considered as an extended attribute and need to be added from > a SCIM extension. If so, "state" can't be added for the list of meta > attributes since, extended attributes are kept in their own sub-attribute > namespace identified by the schema extension URI [2]. > Meta attributes are common set of attributes shared across all entities such as User, Group ...etc. IMO we shouldn't and we can't include "state" attribute under meta attributes. > > Is it appropriate to add "state" attribute from a SCIM extension and add > it to the response separately as below? > > {"meta":{"created":"2017-02-28T11:50:12Z","location":"http > ://localhost:9292/scim/v2/Users/1.945a6def-d139-4abc-9090-e4dd10217580"," > lastModified":"2017-02-28T11:50:12Z","resourceType":"User"},"schemas":[ > "urn:ietf:params:scim:schemas:core:2.0:User"," > urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"],"name":{ > "familyName":"user1"},"id":"1.945a6def-d139-4abc-9090-e4dd10217580", > "userName":"user1", *"EnterpriseUser"**:{"state":"CREATED"}*} > > +1 to have enterprise user extension for "state" attribute. What are the available values for "state" attribute and also check "active" attribute in standard schema. > Appreciate your ideas. > > [1] https://github.com/wso2/carbon-identity-mgt/blob/ > master/feature/org.wso2.carbon.identity.mgt.feature/ > resources/dbscripts/identity-mgt/h2.sql#L29 > [2] https://tools.ietf.org/html/rfc7643#section-3.1 > > Thanks and Regards > -- > Indunil Upeksha Rathnayake > Software Engineer | WSO2 Inc > Emailindu...@wso2.com > Mobile 0772182255 > -- Gayan Gunawardana Software Engineer; WSO2 Inc.; http://wso2.com/ Email: ga...@wso2.com Mobile: +94 (71) 8020933 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [IS 6.0.0] [SCIM 2.0] Extend SCIM2.0 meta data in the SCIM response to include User Life cycle State
Hi, In IS 6.0.0 with SCIM 2.0 support, we are planning to Extend SCIM2.0 meta data in the SCIM response to include User Life cycle State. Currently, in database level, "state" parameter is getting saved in the "IDM_USER" table (Refer [1]). As per the SCIM2 Core specification(Refer [2]), there are specifically defined sub attributes for the "meta" attribute. So that, I think it's invalid to include "state" inside the meta attributes in the response as below. "meta":{*"state":"CREATED"*, "created":"2017-02-28T11:50:12Z","location":" http://localhost:9292/scim/v2/Users/1.945a6def-d139-4abc-9090-e4dd10217580;, "lastModified":"2017-02-28T11:50:12Z","resourceType":"User"} "state" is not defined as a core attribute in the specification, so that it need to be considered as an extended attribute and need to be added from a SCIM extension. If so, "state" can't be added for the list of meta attributes since, extended attributes are kept in their own sub-attribute namespace identified by the schema extension URI [2]. Is it appropriate to add "state" attribute from a SCIM extension and add it to the response separately as below? {"meta":{"created":"2017-02-28T11:50:12Z","location":" http://localhost:9292/scim/v2/Users/1.945a6def-d139-4abc-9090-e4dd10217580;, "lastModified":"2017-02-28T11:50:12Z","resourceType":"User"},"schemas":[ "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"],"name":{ "familyName":"user1"},"id":"1.945a6def-d139-4abc-9090-e4dd10217580", "userName":"user1", *"EnterpriseUser"**:{"state":"CREATED"}*} Appreciate your ideas. [1] https://github.com/wso2/carbon-identity-mgt/blob/master/feature/org.wso2.carbon.identity.mgt.feature/resources/dbscripts/identity-mgt/h2.sql#L29 [2] https://tools.ietf.org/html/rfc7643#section-3.1 Thanks and Regards -- Indunil Upeksha Rathnayake Software Engineer | WSO2 Inc Emailindu...@wso2.com Mobile 0772182255 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev