diff --git a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/IdentityResourceTypeResourceManager.java b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/IdentityResourceTypeResourceManager.java index 6e4b23c45..009a05bf3 100644 --- a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/IdentityResourceTypeResourceManager.java +++ b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/IdentityResourceTypeResourceManager.java @@ -20,6 +20,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.json.JSONArray; import org.json.JSONException; import org.json.JSONObject; import org.wso2.charon3.core.attributes.MultiValuedAttribute; @@ -72,8 +73,11 @@ public SCIMResponse get(String id, UserManager userManager, String attributes, S */ private SCIMResponse getResourceType() { + JSONEncoder encoder = null; try { - JSONEncoder encoder = getEncoder(); + //obtain the json encoder + encoder = getEncoder(); + //obtain the json decoder JSONDecoder decoder = getDecoder(); // get the service provider config schema @@ -105,7 +109,7 @@ private SCIMResponse getResourceType() { groupResourceTypeObject); //encode the newly created SCIM Resource Type object. String encodedObject; - Map responseHeaders = new HashMap<>(); + Map responseHeaders = new HashMap(); if (resourceTypeObject != null) { //create a deep copy of the resource type object since we are going to change it. @@ -140,6 +144,7 @@ private SCIMResponse getResourceType() { * @param userObject * @param groupObject * @return + * @throws CharonException */ private AbstractSCIMObject buildCombinedResourceType(AbstractSCIMObject userObject, AbstractSCIMObject groupObject) throws CharonException { @@ -171,6 +176,8 @@ private AbstractSCIMObject buildCombinedResourceType(AbstractSCIMObject userObje private String buildUserResourceTypeJsonBody() throws JSONException { JSONObject userResourceTypeObject = new JSONObject(); + SCIMResourceSchemaManager schemaManager = SCIMResourceSchemaManager.getInstance(); + userResourceTypeObject.put(SCIMConstants.CommonSchemaConstants.SCHEMAS, SCIMConstants.RESOURCE_TYPE_SCHEMA_URI); userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.ID, SCIMConstants.USER); userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.NAME, SCIMConstants.USER); @@ -180,25 +187,27 @@ private String buildUserResourceTypeJsonBody() throws JSONException { userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA, SCIMConstants.USER_CORE_SCHEMA_URI); - if (Boolean.TRUE.equals(SCIMResourceSchemaManager.getInstance().isExtensionSet())) { - JSONObject extensionSchemaObject = new JSONObject(); - extensionSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_SCHEMA, - SCIMResourceSchemaManager.getInstance().getExtensionURI()); - extensionSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_REQUIRED, - SCIMResourceSchemaManager.getInstance().getExtensionRequired()); - - userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS, - extensionSchemaObject); - - JSONObject systemSchemaObject = new JSONObject(); - systemSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_SCHEMA, - SCIMResourceSchemaManager.getInstance().getSystemSchemaExtensionURI()); - systemSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_REQUIRED, - SCIMResourceSchemaManager.getInstance().getSystemSchemaExtensionRequired()); - - userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS, - systemSchemaObject); + if (Boolean.TRUE.equals(schemaManager.isExtensionSet())) { + JSONObject extensionSchemaObject = createSchemaExtensionObject( + schemaManager.getExtensionURI(), schemaManager.getExtensionRequired()); + if (Boolean.TRUE.equals(schemaManager.isSystemUserExtensionEnabled())) { + JSONArray schemaExtensions = new JSONArray(); + schemaExtensions.put(extensionSchemaObject); + schemaExtensions.put(createSchemaExtensionObject( + schemaManager.getSystemSchemaExtensionURI(), schemaManager.getSystemSchemaExtensionRequired())); + userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS, schemaExtensions); + } else { + userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS, extensionSchemaObject); + } } return userResourceTypeObject.toString(); } + + private JSONObject createSchemaExtensionObject(String schemaURI, boolean isRequired) throws JSONException { + + JSONObject extensionSchemaObject = new JSONObject(); + extensionSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_SCHEMA, schemaURI); + extensionSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_REQUIRED, isRequired); + return extensionSchemaObject; + } } diff --git a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java index b77709359..8076c6fa2 100644 --- a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java +++ b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java @@ -372,8 +372,8 @@ public User createUser(User user, Map requiredAttributes) // Therefore, checking for possible client exception. Throwable ex = ExceptionUtils.getRootCause(e); if (ex instanceof UserStoreClientException) { - String errorMessage = String.format("Error in adding the user: %s. %s", - maskIfRequired(user.getUserName()), ex.getMessage()); + String errorMessage = String.format("Error in adding the user: " + maskIfRequired(user.getUserName()) + + ". %s", ex.getMessage()); if (log.isDebugEnabled()) { log.debug(errorMessage, ex); } @@ -523,7 +523,7 @@ public void deleteUser(String userId) throws NotFoundException, CharonException, } // Get the username of the user with this id. org.wso2.carbon.user.core.common.User coreUser = null; - String userName; + String userName = null; try { // Set thread local property to signal the downstream SCIMUserOperationListener @@ -5767,8 +5767,7 @@ public List getSystemUserSchema() throws CharonException { List systemUserSchemaAttributesList = null; - // We are using the same configuration to enable/disable system user schema as the enterprise user schema. - if (SCIMCommonUtils.isEnterpriseUserExtensionEnabled()) { + if (SCIMCommonUtils.isSystemUserExtensionEnabled()) { Map scimClaimToLocalClaimMap = getMappedLocalClaimsForDialect(SCIMCommonConstants.SCIM_SYSTEM_USER_CLAIM_DIALECT, tenantDomain); @@ -6464,7 +6463,7 @@ public List getCustomUserSchemaAttributes() throws CharonException { * Returns SCIM2 custom AttributeSchema of the tenant. * * @return Returns scim2 custom schema - * @throws CharonException CharonException + * @throws CharonException */ @Override public AttributeSchema getCustomUserSchemaExtension() throws CharonException { diff --git a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/internal/SCIMCommonComponent.java b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/internal/SCIMCommonComponent.java index 4e7df27fa..e7ffa5e64 100644 --- a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/internal/SCIMCommonComponent.java +++ b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/internal/SCIMCommonComponent.java @@ -84,12 +84,17 @@ protected void activate(ComponentContext ctx) { SCIMConfigProcessor scimConfigProcessor = SCIMConfigProcessor.getInstance(); scimConfigProcessor.buildConfigFromFile(filePath); - // Reading user schema extensions. + // Reading schema extensions. if (Boolean.parseBoolean(scimConfigProcessor.getProperty("user-schema-extension-enabled"))) { String schemaFilePath = CarbonUtils.getCarbonConfigDirPath() + File.separator + SCIMConfigConstants.SCIM_SCHEMA_EXTENSION_CONFIG; SCIMUserSchemaExtensionBuilder.getInstance().buildUserSchemaExtension(schemaFilePath); + } + if (Boolean.parseBoolean(scimConfigProcessor.getProperty("system-schema-extension-enabled"))) { + String schemaFilePath = + CarbonUtils.getCarbonConfigDirPath() + File.separator + + SCIMConfigConstants.SCIM_SCHEMA_EXTENSION_CONFIG; SCIMSystemSchemaExtensionBuilder.getInstance().buildSystemSchemaExtension(schemaFilePath); } // If custom schema is enabled, read it root attribute URI from the file config if it is configured. diff --git a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonConstants.java b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonConstants.java index ad51c9959..93d3402f2 100644 --- a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonConstants.java +++ b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonConstants.java @@ -80,6 +80,7 @@ public class SCIMCommonConstants { public static final String BULK_MAX_PAYLOAD_SIZE = "bulk-maxPayloadSize"; public static final String FILTER_MAX_RESULTS = "filter-maxResults"; public static final String ENTERPRISE_USER_EXTENSION_ENABLED = "user-schema-extension-enabled"; + public static final String SYSTEM_USER_EXTENSION_ENABLED = "system-schema-extension-enabled"; public static final String PAGINATION_DEFAULT_COUNT = "pagination-default-count"; public static final String CUSTOM_USER_SCHEMA_ENABLED = "custom-user-schema-enabled"; public static final String CUSTOM_USER_SCHEMA_URI = "custom-user-schema-uri"; diff --git a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java index 034a66bc6..20874304d 100644 --- a/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java +++ b/components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java @@ -628,6 +628,17 @@ public static boolean isEnterpriseUserExtensionEnabled() { .getProperty(SCIMCommonConstants.ENTERPRISE_USER_EXTENSION_ENABLED)); } + /** + * Check if SCIM system user extension has been enabled. + * + * @return True if system user extension enabled + */ + public static boolean isSystemUserExtensionEnabled() { + + return Boolean.parseBoolean(SCIMConfigProcessor.getInstance() + .getProperty(SCIMCommonConstants.SYSTEM_USER_EXTENSION_ENABLED)); + } + /** * Checks whether the identity.xml config is available to enable group based user filtering improvements. * diff --git a/features/org.wso2.carbon.identity.scim2.common.feature/resources/charon-config.xml b/features/org.wso2.carbon.identity.scim2.common.feature/resources/charon-config.xml index 350f2445b..fbe38a159 100644 --- a/features/org.wso2.carbon.identity.scim2.common.feature/resources/charon-config.xml +++ b/features/org.wso2.carbon.identity.scim2.common.feature/resources/charon-config.xml @@ -18,6 +18,7 @@ true + true true urn:scim:schemas:extension:custom:User true diff --git a/features/org.wso2.carbon.identity.scim2.common.feature/resources/charon-config.xml.j2 b/features/org.wso2.carbon.identity.scim2.common.feature/resources/charon-config.xml.j2 index 24f611a72..1897ff5d8 100644 --- a/features/org.wso2.carbon.identity.scim2.common.feature/resources/charon-config.xml.j2 +++ b/features/org.wso2.carbon.identity.scim2.common.feature/resources/charon-config.xml.j2 @@ -19,6 +19,11 @@ {{scim2.enable_schema_extension}} + {% if scim2.enable_system_schema_extension is defined %} + {{scim2.enable_system_schema_extension}} + {% else %} + {{scim2.enable_schema_extension}} + {% endif %} {{scim2.enable_custom_schema_extension}} {{scim2.custom_user_schema_uri}} {{scim2.max_bulk_operations}}