Fix patch replace when path is omitted

[jasonopslevel]

This PR is to fix a particular request from Okta, but is likely more widely useful. We came across this when Okta attempts to deactivate a User. They use a PATCH request like so:

curl --location --request PATCH '$SCIM_URL/Users/$USER_ID' \
--header 'Content-Type:  application/scim+json' \
--header 'Authorization: Bearer $SCIM_TOKEN' \
--data-raw '   {
     "schemas":
       ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
     "Operations":[{
       "op":"replace",
       "value": {
         "active": false
       }
     }]
   }    '

This wasn't working as intended, however a request like this was working:

curl --location --request PATCH '$SCIM_URL/Users/$USER_ID' \
--header 'Content-Type:  application/scim+json' \
--header 'Authorization: Bearer $SCIM_TOKEN' \
--data-raw '   {
     "schemas":
       ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
       "Operations": [{
           "op": "Replace",
           "path": "active",
           "value": false
        }]
   }'    

[pond]

Thanks. Strange payload but reading RFC 7644 3.5.2 it does say that path is optional for operation add or replace, though isn't too clear on what that would mean and proceeds to talk at length about what path might be but not talk much at all about value. The reference to RFC 6902 is unhelpful as this contains only examples with a path.

Your interpretation is certainly reasonable based on the Okta payload and the patch, with tests, looks good, so thanks for the contribution. It ought to work well enough for similar value-only cases with compatible nested structures under value too, but we'll have to wait and see what kind of things get sent in practice by various services "in the wild", I guess!

[pond]

This is now pushed as v1.3.1 for Rails 6 and v2.1.1 for Rails 7.