-
Notifications
You must be signed in to change notification settings - Fork 39
Return resources on Bulk Responses
This is an additional feature not defined by the SCIM specification.
The Bulk endpoint would normally only return the status codes and error messages of the different bulk requests togehter with its ids. But the SCIM-SDK server implementation supports a feature that allows to return created or updated resources within the bulk response.
This feature must be explicitly enabled.
ServiceProvider.builder()
.bulkConfig(BulkConfig.builder()
.supported(true)
.maxOperations(10)
.returnResourcesEnabled(true)
.build())
.build();
This allows a client to ask the server to return the resource that is being created or modified during a bulk request by adding the additional request property returnResource: true
. Here is an example of a BulkRequest that utilizes this feature in order to return the second resource only:
{
"schemas" : [ "urn:ietf:params:scim:api:messages:2.0:BulkRequest" ],
"failOnErrors" : 1,
"Operations" : [ {
"method" : "PATCH",
"path" : "/Tenants",
"data" : {
"schemas" : [ "urn:ietf:params:scim:api:messages:2.0:PatchOp" ],
"Operations" : [ {
"path" : "myAppConfig",
"op" : "add",
"value" : [ {
"type" : "MyAppConfiguration",
"value" : "bulkId:1"
} ]
} ]
}
}, {
"method" : "PUT",
"bulkId" : "1",
"path" : "/MyAppConfiguration/1",
"data" : {
"schemas" : [ "urn:governikus:params:scim:schemas:custom:2.0:MyAppConfiguration" ],
"id" : "1",
"meta" : {
"version" : "W/\"9\""
},
"baseUrl" : "https://localhost",
"keycloakDiscoveryEndpoint" : "https://my-keycloak",
"keycloakClientId" : "my-app",
"keycloakClientSecret" : "my-secret"
},
"returnResource" : true
} ]
}
This will return the updated resource within the BulkResponse under the response
key:
{
"schemas" : [ "urn:ietf:params:scim:api:messages:2.0:BulkResponse" ],
"Operations" : [ {
"method" : "PUT",
"bulkId" : "1",
"id" : "1",
"version" : "W/\"6\"",
"location" : "https://localhost:10446/admin-api/scim/v2/MyAppConfiguration/1",
"status" : 200,
"response" : {
"schemas" : [ "urn:governikus:params:scim:schemas:custom:2.0:MyAppConfiguration" ],
"id" : "1",
"baseUrl" : "https://localhost",
"keycloakDiscoveryEndpoint" : "https://my-keycloak",
"keycloakClientId" : "my-app",
"keycloakClientSecret" : "my-secret"
"meta" : {
"resourceType" : "MyAppConfiguration",
"created" : "2022-08-18T10:51:20.000Z",
"lastModified" : "2022-08-19T06:22:40.148Z",
"location" : "https://localhost:10446/admin-api/scim/v2/MyAppConfiguration/1",
"version" : "W/\"6\""
}
}
}, {
"method" : "PATCH",
"id" : "1",
"version" : "W/\"47\"",
"location" : "https://localhost:10446/admin-api/scim/v2/Tenants/1",
"status" : 200
} ]
}
It is possible to enable this feature by default, so that resources are always returned from the Bulk endpoint by modifying the BulkConfig a bit more:
ServiceProvider.builder()
.bulkConfig(BulkConfig.builder()
.supported(true)
.maxOperations(10)
.returnResourcesEnabled(true)
.returnResourcesByDefault(true)
.build())
.build();
You can disable this feature for specific resource-types. If you have enabled this feature but do not want a client to be able to return resources on specific endpoint you can disable this feature by doing this:
public ResourceType samlConfigurationResource()
{
SamlConfigHandler samlConfigHandler = new SamlConfigHandler();
ResourceType resourceType = resourceEndpoint.registerEndpoint(new SamlConfigEndpoint(samlConfigHandler));
resourceType.getFeatures().setBlockReturnResourcesOnBulk(false);
return resourceType;
}