Add SCIM system schema

add scim system schema improvements

components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/IdentityResourceTypeResourceManager.java

@@ -22,7 +22,6 @@
 import org.apache.commons.logging.LogFactory;
 import org.json.JSONException;
 import org.json.JSONObject;
-import org.wso2.carbon.identity.scim2.common.handlers.SCIMClaimOperationEventHandler;
 import org.wso2.charon3.core.attributes.MultiValuedAttribute;
 import org.wso2.charon3.core.attributes.SimpleAttribute;
 import org.wso2.charon3.core.encoder.JSONDecoder;
@@ -73,11 +72,8 @@ public SCIMResponse get(String id, UserManager userManager, String attributes, S
      */
     private SCIMResponse getResourceType() {
 
-        JSONEncoder encoder = null;
         try {
-            //obtain the json encoder
-            encoder = getEncoder();
-            //obtain the json decoder
+            JSONEncoder encoder = getEncoder();
             JSONDecoder decoder = getDecoder();
 
             // get the service provider config schema
@@ -109,7 +105,7 @@ private SCIMResponse getResourceType() {
                     groupResourceTypeObject);
             //encode the newly created SCIM Resource Type object.
             String encodedObject;
-            Map<String, String> responseHeaders = new HashMap<String, String>();
+            Map<String, String> responseHeaders = new HashMap<>();
 
             if (resourceTypeObject != null) {
                 //create a deep copy of the resource type object since we are going to change it.
@@ -144,7 +140,6 @@ private SCIMResponse getResourceType() {
      * @param userObject
      * @param groupObject
      * @return
-     * @throws CharonException
      */
     private AbstractSCIMObject buildCombinedResourceType(AbstractSCIMObject userObject, AbstractSCIMObject groupObject)
             throws CharonException {
@@ -185,7 +180,7 @@ private String buildUserResourceTypeJsonBody() throws JSONException {
         userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA,
                 SCIMConstants.USER_CORE_SCHEMA_URI);
 
-        if (SCIMResourceSchemaManager.getInstance().isExtensionSet()) {
+        if (Boolean.TRUE.equals(SCIMResourceSchemaManager.getInstance().isExtensionSet())) {
             JSONObject extensionSchemaObject = new JSONObject();
             extensionSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_SCHEMA,
                     SCIMResourceSchemaManager.getInstance().getExtensionURI());
@@ -194,6 +189,15 @@ private String buildUserResourceTypeJsonBody() throws JSONException {
 
             userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS,
                     extensionSchemaObject);
+
+            JSONObject systemSchemaObject = new JSONObject();
+            systemSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_SCHEMA,
+                    SCIMResourceSchemaManager.getInstance().getSystemSchemaExtensionURI());
+            systemSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_REQUIRED,
+                    SCIMResourceSchemaManager.getInstance().getSystemSchemaExtensionRequired());
+
+            userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS,
+                    systemSchemaObject);
         }
         return userResourceTypeObject.toString();
     }

components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/internal/SCIMCommonComponent.java

@@ -55,6 +55,7 @@
 import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
 import org.wso2.charon3.core.config.SCIMConfigConstants;
 import org.wso2.charon3.core.config.SCIMCustomSchemaExtensionBuilder;
+import org.wso2.charon3.core.config.SCIMSystemSchemaExtensionBuilder;
 import org.wso2.charon3.core.config.SCIMUserSchemaExtensionBuilder;
 import org.wso2.charon3.core.exceptions.CharonException;
 import org.wso2.charon3.core.exceptions.InternalErrorException;
@@ -83,12 +84,13 @@ protected void activate(ComponentContext ctx) {
             SCIMConfigProcessor scimConfigProcessor = SCIMConfigProcessor.getInstance();
             scimConfigProcessor.buildConfigFromFile(filePath);
 
-            // reading user schema extension
+            // Reading user schema extensions.
             if (Boolean.parseBoolean(scimConfigProcessor.getProperty("user-schema-extension-enabled"))) {
                 String schemaFilePath =
                         CarbonUtils.getCarbonConfigDirPath() + File.separator +
                                 SCIMConfigConstants.SCIM_SCHEMA_EXTENSION_CONFIG;
                 SCIMUserSchemaExtensionBuilder.getInstance().buildUserSchemaExtension(schemaFilePath);
+                SCIMSystemSchemaExtensionBuilder.getInstance().buildSystemSchemaExtension(schemaFilePath);
             }
             // If custom schema is enabled, read it root attribute URI from the file config if it is configured.
             if (SCIMCommonUtils.isCustomSchemaEnabled()) {

components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonConstants.java

@@ -47,6 +47,7 @@ public class SCIMCommonConstants {
     public static final String SCIM_USER_CLAIM_DIALECT = "urn:ietf:params:scim:schemas:core:2.0:User";
     public static final String SCIM_ENTERPRISE_USER_CLAIM_DIALECT =
             "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User";
+    public static final String SCIM_SYSTEM_USER_CLAIM_DIALECT = "urn:scim:wso2:schema";
 
     public static final String EQ = "eq";
     public static final String NE = "ne";

components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java

@@ -49,6 +49,7 @@
 import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
 import org.wso2.charon3.core.attributes.SCIMCustomAttribute;
 import org.wso2.charon3.core.config.SCIMCustomSchemaExtensionBuilder;
+import org.wso2.charon3.core.config.SCIMSystemSchemaExtensionBuilder;
 import org.wso2.charon3.core.config.SCIMUserSchemaExtensionBuilder;
 import org.wso2.charon3.core.exceptions.CharonException;
 import org.wso2.charon3.core.exceptions.InternalErrorException;
@@ -451,10 +452,16 @@ public static Map<String, String> getSCIMtoLocalMappings() throws UserStoreExcep
 
             // Get the extension claims, if there are any extensions enabled.
             if (SCIMUserSchemaExtensionBuilder.getInstance().getExtensionSchema() != null) {
-                Map<String, String> extensionClaims = ClaimMetadataHandler.getInstance()
+                Map<String, String> enterpriseExtensionClaims = ClaimMetadataHandler.getInstance()
                         .getMappingsMapFromOtherDialectToCarbon(SCIMUserSchemaExtensionBuilder.getInstance()
                                 .getExtensionSchema().getURI(), null, tenantDomain, false);
-                scimToLocalClaimMap.putAll(extensionClaims);
+                scimToLocalClaimMap.putAll(enterpriseExtensionClaims);
+            }
+            if (SCIMSystemSchemaExtensionBuilder.getInstance().getExtensionSchema() != null) {
+                Map<String, String> systemExtensionClaims = ClaimMetadataHandler.getInstance()
+                        .getMappingsMapFromOtherDialectToCarbon(SCIMSystemSchemaExtensionBuilder.getInstance()
+                                .getExtensionSchema().getURI(), null, tenantDomain, false);
+                scimToLocalClaimMap.putAll(systemExtensionClaims);
             }
 
             String userTenantDomain = getTenantDomain();

components/org.wso2.carbon.identity.scim2.common/src/test/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManagerTest.java

@@ -50,6 +50,7 @@
 import org.wso2.carbon.user.core.UserStoreClientException;
 import org.wso2.carbon.user.core.common.PaginatedUserResponse;
 import org.wso2.carbon.user.core.model.UniqueIDUserClaimSearchEntry;
+import org.wso2.charon3.core.config.SCIMSystemSchemaExtensionBuilder;
 import org.wso2.charon3.core.exceptions.NotImplementedException;
 import org.wso2.charon3.core.extensions.UserManager;
 import org.wso2.charon3.core.objects.plainobjects.UsersGetResponse;
@@ -128,6 +129,8 @@
 import static org.testng.Assert.assertFalse;
 import static org.testng.Assert.assertNotNull;
 import static org.testng.Assert.assertTrue;
+import static org.wso2.charon3.core.schema.SCIMConstants.CUSTOM_USER_SCHEMA_URI;
+import static org.wso2.charon3.core.schema.SCIMConstants.ENTERPRISE_USER_SCHEMA_URI;
 
 /*
  * Unit tests for SCIMUserManager
@@ -207,6 +210,7 @@ public class SCIMUserManagerTest {
     @Mock
     private RolePermissionManagementService mockedRolePermissionManagementService;
     private MockedStatic<SCIMUserSchemaExtensionBuilder> scimUserSchemaExtensionBuilder;
+    private MockedStatic<SCIMSystemSchemaExtensionBuilder> scimSystemSchemaExtensionBuilder;
     private MockedStatic<IdentityUtil> identityUtil;
     private MockedStatic<SCIMCommonUtils> scimCommonUtils;
     private MockedStatic<AttributeMapper> attributeMapper;
@@ -228,11 +232,17 @@ public void setUpMethod() {
         applicationManagementServiceMockedStatic = mockStatic(ApplicationManagementService.class);
         scimCommonComponentHolder = mockStatic(SCIMCommonComponentHolder.class);
         scimUserSchemaExtensionBuilder = mockStatic(SCIMUserSchemaExtensionBuilder.class);
+        scimSystemSchemaExtensionBuilder = mockStatic(SCIMSystemSchemaExtensionBuilder.class);
         claimMetadataHandler = mockStatic(ClaimMetadataHandler.class);
         resourceManagerUtil = mockStatic(ResourceManagerUtil.class);
         SCIMUserSchemaExtensionBuilder mockSCIMUserSchemaExtensionBuilder = mock(SCIMUserSchemaExtensionBuilder.class);
+        SCIMSystemSchemaExtensionBuilder mockSCIMSystemSchemaExtensionBuilder = mock(SCIMSystemSchemaExtensionBuilder.class);
         scimUserSchemaExtensionBuilder.when(SCIMUserSchemaExtensionBuilder::getInstance).thenReturn(mockSCIMUserSchemaExtensionBuilder);
         when(mockSCIMUserSchemaExtensionBuilder.getExtensionSchema()).thenReturn(mockedSCIMAttributeSchema);
+        when(mockedSCIMAttributeSchema.getURI()).thenReturn(ENTERPRISE_USER_SCHEMA_URI)
+                .thenReturn(CUSTOM_USER_SCHEMA_URI);
+        scimSystemSchemaExtensionBuilder.when(SCIMSystemSchemaExtensionBuilder::getInstance).thenReturn(mockSCIMSystemSchemaExtensionBuilder);
+        when(mockSCIMSystemSchemaExtensionBuilder.getExtensionSchema()).thenReturn(mockedSCIMAttributeSchema);
     }
 
     @AfterMethod
@@ -244,6 +254,7 @@ public void tearDown() {
         applicationManagementServiceMockedStatic.close();
         scimCommonComponentHolder.close();
         scimUserSchemaExtensionBuilder.close();
+        scimSystemSchemaExtensionBuilder.close();
         claimMetadataHandler.close();
         resourceManagerUtil.close();
     }

features/org.wso2.carbon.identity.scim2.common.feature/resources/charon-config.xml

@@ -19,7 +19,7 @@
 <provisioning-config>
     <Property name="user-schema-extension-enabled">true</Property>
     <Property name="custom-user-schema-enabled">true</Property>
-    <Property name="custom-user-schema-uri">urn:scim:wso2:schema</Property>
+    <Property name="custom-user-schema-uri">urn:scim:schemas:extension:custom:User</Property>
     <Property name="patch-supported">true</Property>
     <Property name="documentationUri">http://example.com/help/scim.html</Property>
     <Property name="bulk-supported">true</Property>

features/org.wso2.carbon.identity.scim2.common.feature/resources/org.wso2.carbon.identity.scim2.common.feature.default.json

@@ -1,7 +1,7 @@
 {
   "scim2.enable_schema_extension": true,
   "scim2.enable_custom_schema_extension": true,
-  "scim2.custom_user_schema_uri": "urn:scim:wso2:schema",
+  "scim2.custom_user_schema_uri": "urn:scim:schemas:extension:custom:User",
   "scim2.max_bulk_operations": "1000",
   "scim2.max_bulk_payload": "1048576",
   "scim2.documentation_uri": "https://is.docs.wso2.com/en/latest/apis/scim2/",