1.23.0

SCIM Server

Features

• Allowing lenient http-header validation for Content-Type application/json. Thx to @haster

Bug Fixes

• Add id to resource before the PATCH-method is called. This is the same as it was before the PATCH-implementation was rebuilt.
• Fix parsing of complex-types in patch-requests if the complex-type was sent as string-attribute instead as an object. This is actually a fallback-feature for being less error-prone in patch-requests.

SCIM Client

Features

• Metadata endpoints are now called by using the GET-method instead of POST-method. Providers like AWS do not support POST on the metadata endpoints

1.22.0

SCIM Server

Features

• MsAzure sub-attribute-path-references in resource-patch-requests are now supported natively and do not require the workaround-implementation anymore.
• It is now possible to implement and inject custom-workarounds for the patch-implementation if needed. see: https://github.com/Captain-P-Goldfish/SCIM-SDK/wiki/Patching-resources#adding-and-modifying-custom-patch-workarounds-since-1220
• Patch is by default getting the current state of the resource from the ResourceHandler.getResource(...)-method and is passing the patched-result to ResourceHandler.updateResource(...). It is now possible to handle the patch-operations manually. This can be used to reduce the overall payload on the requests and reduce problems with concurrent-patch-requests. see: https://github.com/Captain-P-Goldfish/SCIM-SDK/wiki/Patching-resources#catch-patch-operations-and-handle-them-manually-since-1220
• You can now access the complete attribute-register directly from the ResourceType object. Several attribute registers were added:

  @Getter(AccessLevel.PUBLIC)
  private Map<SchemaAttribute, List<SchemaAttribute>> complexRegister = new HashMap<>();
  
  @Getter(AccessLevel.PUBLIC)
  private Map<SchemaAttribute, List<SchemaAttribute>> multivaluedComplexRegister = new HashMap<>();
  
  @Getter(AccessLevel.PUBLIC)
  private List<SchemaAttribute> readOnlyAttributeRegister = new ArrayList<>();
  
  @Getter(AccessLevel.PUBLIC)
  private List<SchemaAttribute> immutableAttributeRegister = new ArrayList<>();

  the same attribute-registers are available from the Schema-object
• Introduced an interceptor concept with the help of @alexandertokarev. This might e.g. be used to add a partial transactional concept to your implementation if you do not want to make the whole request transactional.

Change of behaviour

• Patch Operations on readOnly-attributes will no longer fail but will be ignored. They will not be passed to the patchHandler anymore. This applies also to sub-attributes of readOnly complex-attributes. So if the sub-attribute has a mutability of readWrite, the parent-attribute is readOnly though the patch-operation is ignored.

Bug Fixes

• Fixed #335
• an error was fixed that caused a BadRequestException if a multivalued-complex-attribute was patched with the replace operation that marked a new element as primary.

SCIM Client

Features

• A MetaConfigLoaderBuilder was added. It is now possible to call scimRequestBuilder.loadMetaConfiguration() or scimRequestBuilder.loadMetaConfiguration(MetaConfigRequestDetails metaConfigLoaderDetails) to retrieve all meta-data from the discovery-endpoints of the remote-provider.

Change of behaviour

• The getAll-method of the ListBuilder will now correctly stop to retrieve resources when the configured count-limit is reached. If you set a count-value that exceeds the maxCount value of the remote provider the getAll method will continue to send get-requests until the number of configured resources is retrieved as you have configured it.

Bug Fixes

• Fixed a possible StackOverflow if the getAll-method of the ListBuilder was called.
• Fixed lost BulkResponse-operations due to a concurrency conflict with handling lists. This did only occur if a lot of bulk-requests were sent with the parameter runSplittedRequestsParallel=true. From my experience of operations splitted into 6 parallel requests 4 to 6 BulkResponseOperations were lost. So we have had 100 operations and got 94 to 96 in the result-list.
• Patch requests will now also accept responseCode 204.

Common Modul

Feature

• A new implementation was added to compare ResourceNodes based on specific criteria. The class ResourceComparator can be used to compare ResourceNodes partially by adding the SchemaAttritbutes that should be compared or that should not be compared. You can choose if the given attributes should be included or excluded during comparison.

1.21.1

Bug Fixes

• Added missing constructor parameters for new attributes on ServiceProvider-object (see release notes of 1.21.0)
• The new attributes will be set to true by default which is basically a breaking change. (Was already intended for 1.21.0)

1.21.0

Features server

• Support for usage of schema URIs with the attributes and excludedAttributes parameter (see https://github.com/Captain-P-Goldfish/SCIM-SDK/wiki/Additional-Features#the-attributes-and-excludedattributes-parameter).
• SCIM defines the attributes and excludedAttributes parameter as mutually exclusive. This is no longer the case for the SCIM-SDK as for new feature support of schema URIs on these attributes (see https://github.com/Captain-P-Goldfish/SCIM-SDK/wiki/Additional-Features#the-attributes-and-excludedattributes-parameter).
• New configuration parameters on the ServiceProvider object
  • ignoreRequiredAttributesOnResponse
    • As the name lets suggest: required attributes will not cause errors if missing in a response
  • ignoreRequiredExtensionsOnResponse
    • As the name lets suggest: required extensions will not cause errors if missing in a response

1.20.0

Features server

• Patch remove-operations for simple-arrays do support the following filter now to remove specific values: myArray[value eq "my-value"]. The value my-value will then be remove from the simple-array attribute.
• SchemaAttributes do now support default-values. The ServiceProvider-object can be configured to tell the SCIM-SDK if the default values should be set in a request or in a response or both. See the wiki for more details.

Bug fixes server

• Fixed an error with simple bulkdId fields that caused an error when trying to create several resources in a single request where a bulkId-reference field was having a fixed id instead of a bulkId-reference

1.19.0

Features server

• Added support for MsAzures special filter-expressions like filter=emails[primary eq true].value eq "my@email.de". The part behind the brackets is not defined in SCIM like this but this type of expression is used by MsAzure. This expression is now resolved to a logical and-operation in the FilterNodes.
• Add a new configuration-attribute that allows to toggle another workaround for MsAzure. see #541
• Add a new configuration-attribute that allows to toggle the error-behaviour for invalid-path patch-requests. If an attribute referenced in a patch-request does not exist an error is thrown as defined by RFC7644. The configuration option will prevent the error so that the attribute is simply ignored and not handled. see #539
• It is now possible to implement custom-validators for the response. The abstract ResourceHandler-class does now have a predefined method getResponseValidator(...) that can be overridden.

Bug Fixes server

• Fixed a Bug with binary nodes that occured in schema-validation and when reading the binary node.
• Fixed a Bug that did not throw an error on resource-filtering if an ambigious filter-attribute was used without its fully qualified attribute-name

Features client

• Extended the ScimRequestBuilder by a method to load the complete ServiceProvider configuration. This includes [ServiceProviderConfig, ResourceTypes, Schemas]. use scimRequestBuilder.loadMetaConfiguration()
• Added a new method to the ListRequestBuilder that allows to load all resources from the server with a single method-call scimRequestBuilder().list(...).get().getAll() or scimRequestBuilder().list(...).post().getAll()

Bug Fixes client

• Fixed a Bug that prevented to get the data of a schema-extension from the ServiceProvider if a resource-type-configuration was loaded.

1.18.1

Bug Fixes common

Fixed a Bug that prevented the boolean for the MsAzure sub-value-attribute patch feature from being set if the builder-method was called. see #516

1.18.0

Features server

• A new workaround for MsAzure was added that fixes illegal Patch requests with nested value-sub-nodes. see: #516. This feature must be enabled explicitly in the PatchConfig object of the ServiceProvider object

Bug Fixes server

• A bug was fixed that caused the update-method of a ResourceHandler to be executed at the end of a patch request eventhough no changes were made. This problem occured only on MultivaluedComplexTypes if no effective change was made to the resource.

Features client

• The TLS algorithm for the http-client is now set to TLS1.2 by default and is configurable. see: #517

Bug Fixes client

• Http StatusCode 204 is now accepted as valid status code. see: #519

1.17.0 / 1.17.1

Features server

• Added a post-construct method to class ResourceHandler that can be used to customize the initialization of the resource handlers.
• Added a new method to class ResourceHandler that allows to identify the ResourceType based on the ref-attribute of a resource
• resource IDs in URLs will now be URL-encoded/decoded
• Added a new method to class ScimResponse to generate a jakarta.ws.rs.core.Response object
• Added a new configuration attribute on class ResourceType. It is now possible to change the behaviour of the roles-attribute.
  • Default behaviour: all roles for an endpoint must be present for a user in order to access the endpoint. So lets say you configured the roles user and create on a resource-type to access the create-endpoint. The user must possess both roles to be able to access this endpoint
  • Adjusted behaviour: If the useOrOnRoles-attribute is set on the ResourceType the user must only possess one of the configured roles.
• Added a new convenience method to access the original request-body from the Context object within ResourceHandlers. This was done with the thought in mind that a delete request might have a request-body.

Breaking Changes

• The get and list endpoints have been separated for role-adjustments. So if you have set roles for a get-endpoint on a specific resource-type the list-endpoint will not be affected by it anymore. It must be set explicitly.
• Custom attributes not defined by the SCIM specification on the Schemas resource will not be returned anymore by default from the /Schemas endpoint. This includes attributes like minItems, pattern, minValue etc. Only the attributes from the SCIM spec will be returned by default.

Bug Fixes server

• A bug was fixed that caused modification of the location-attribute within the meta-attribute. This will now only happen if you did not set this attribute manually.
• Fixed a bug that caused multivalued-complex attributes to be removed from the response on create/update requests if the mutability was set to request

Difference between 1.17.0 and 1.17.1

I simply forgot to update third party dependencies. So the release 1.17.1 is with the latest updates of third party libraries.

1.16.0

Features server

• Change some logging messages in the JsonHelper-class from debug to trace
• the SchemaAttributes-methods are now public. This allows dynamic configuration changes during runtime
• The binary type is now supported
• Support ms-azure patch-notation for replace and add-operations
• Support for ms-azure patch-requests with filter-expressions. This feature must be explicitly activated.

Features client

• Make getResource-method in RequestBuilder public. This can be used to easily find the corresponding request-objects of bulk-response-objects
• Add several convenience methods to the BulkBuilder class
• Allow parallel handling of BulkRequests. The client has in inbuilt feature to split a BulkRequest into tiny pieces by honoring the maxOperations-value of the ServiceProvider. These tiny pieces can now be sent multithreaded.
• The expected response-headers of the client can be changed. Normally the client expects to receive the response-header Content-Type: application/scim+json but some providers do not send this header. To prevent the response from being rejected simply override the expectedHeaders in the configuration.
• Add a convenience method to add a list of values in PatchBuilder
• Updated bouncycastle from bcprov-jdk15on to bcprov-jdk18on and bcpkix-jdk15on to bcpkix-jdk18on

Bug Fixes server

• Fix missing operations in bulk-response. If the precondition of a bulk-request failed the following response-objects were not added to the response
• Changed log-message in ResourceTypeFactory. Due to a bug in the equals-method of jackson-JsonNode the comparison of the objects fails and the log-message is erroneously displayed. The message was changed to debug in hope that the comparison bug will be fixed in a later version.
• A Bug was fixed that caused the response to fail with HTTP 500 if the attributes or excludedAttributes parameter was used. The parameters could cause a required-attribute to be missing in the response. Required-attributes will no longer be handled as required in the response if the attributes or excludedAttributes parameter was used.
• Fixed a serious bug in bulk-requests that were introduced with version 1.15.0. If some operations did not have a bulkId it might have happened that some operations were executed twice or more often and other operations were never be processed. This was fixed by implicitly adding bulkIds to all operations that had no assigned by the client.

Bug Fixes client

• Fixed a bug that was caused if a returned bulk-response operation did not have an id. This might happen on singleton-endpoints.