Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement MSC4098: SCIM provisioning #17144

Draft
wants to merge 1 commit into
base: develop
Choose a base branch
from
Draft

Implement MSC4098: SCIM provisioning #17144

wants to merge 1 commit into from
+1,877 −1

Conversation

azmeuk
Copy link

@azmeuk azmeuk commented May 2, 2024
edited

This is an implementation of MSC4098.
It implements a subset of the SCIM provisioning protocol.

Implementation largely takes inspiration (and shameless copied) from synapse/rest/admin/users.py.

What's implemented:

  • The main endpoints:
    • /Users (GET, POST)
    • /Users/<user_id> (GET, PUT, DELETE)
    • /ServiceProviderConfig (GET)
    • /Schemas (GET)
    • /Schemas/<schema_id> (GET)
    • /ResourceTypes (GET)
    • /ResourceTypes/<resource_type_id>
  • pagination
  • The user attributes:
    • userName
    • password
    • emails
    • phoneNumbers
    • displayName
    • photos (as a MXC URI)
    • active

What is defined in the SCIM specs but not implemented here:

It currently lacks a few tests and some documentation. I wanted to open this PR to check wether I am going in the good direction.

What do you think?

Pull Request Checklist

  • Pull request is based on the develop branch
  • Pull request includes a changelog file. The entry should:
    • Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from EventStore to EventWorkerStore.".
    • Use markdown where necessary, mostly for code blocks.
    • End with either a period (.) or an exclamation mark (!).
    • Start with a capital letter.
    • Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry.
  • Code style is correct
    (run the linters)

@azmeuk azmeuk requested a review from a team as a code owner May 2, 2024 14:49
@azmeuk azmeuk marked this pull request as draft May 2, 2024 14:50
@azmeuk azmeuk mentioned this pull request May 2, 2024
Open
@azmeuk azmeuk force-pushed the msc4098-scim branch 4 times, most recently from ea6a6d6 to dd52360 Compare May 3, 2024 16:06
@erikjohnston erikjohnston removed the request for review from a team May 14, 2024 12:14
@erikjohnston
Copy link
Member

(I've taken this out of the review queue as its in draft, let us know if you want feedback)

@azmeuk
Copy link
Author

azmeuk commented May 27, 2024
edited

Hi @erikjohnston
Thank you for your feedback offering. Indeed this is a draft, but I hope to take back the development soon.

There is one design question though. I see that there is a dependency to pydantic in synapse, and I recently published scim2-models that is a library that helps to parse and serialize SCIM2 payloads using pydantic. I think the SCIM implementation would greatly benefit from using scim2-models, as a big part of the specification compliance would be delegated to the library.

Would it be acceptable to add a dependency towards scim2-models in synapse, or should I continue checking and building SCIM2 payloads manually?

@azmeuk azmeuk force-pushed the msc4098-scim branch 3 times, most recently from 5c72be4 to f893967 Compare June 6, 2024 14:06
@azmeuk
feat: SCIM implementation
81d751b 
Implementation of a subset of SCIM endpoint and capabilities as
described in MSC4098.

Signed-off-by: Éloi Rivard <eloi@yaal.coop>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@azmeuk @erikjohnston