From 5699f4305c4bc9aaf1219b72ee139414c1de2f8d Mon Sep 17 00:00:00 2001
From: Adrian Hoelzl <adrian.hoelzl@sap.com>
Date: Mon, 3 Jun 2024 11:14:26 +0200
Subject: [PATCH] Remove setting properties of new alias explicitly to null in
 ScimAliasHandler

---
 .../uaa/scim/ScimUserAliasHandler.java        | 21 +++++++------------
 1 file changed, 8 insertions(+), 13 deletions(-)

diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/scim/ScimUserAliasHandler.java b/server/src/main/java/org/cloudfoundry/identity/uaa/scim/ScimUserAliasHandler.java
index 864f21213a9..93322266cb0 100644
--- a/server/src/main/java/org/cloudfoundry/identity/uaa/scim/ScimUserAliasHandler.java
+++ b/server/src/main/java/org/cloudfoundry/identity/uaa/scim/ScimUserAliasHandler.java
@@ -88,7 +88,6 @@ protected void setZoneId(final ScimUser entity, final String zoneId) {
     protected ScimUser cloneEntity(final ScimUser originalEntity) {
         final ScimUser aliasUser = new ScimUser();
 
-        aliasUser.setId(null);
         aliasUser.setExternalId(originalEntity.getExternalId());
 
         /* we only allow alias users to be created if their origin IdP has an alias to the same zone, therefore, an IdP
@@ -104,18 +103,6 @@ protected ScimUser cloneEntity(final ScimUser originalEntity) {
         aliasUser.setActive(originalEntity.isActive());
         aliasUser.setVerified(originalEntity.isVerified());
 
-        // idzId and alias properties will be set later
-        aliasUser.setZoneId(null);
-        aliasUser.setAliasId(null);
-        aliasUser.setAliasZid(null);
-
-        /* these timestamps will be overwritten:
-         *  - creation: with current timestamp during persistence (JdbcScimUserProvisioning)
-         *  - update: with values from existing alias entity */
-        aliasUser.setPasswordLastModified(null);
-        aliasUser.setLastLogonTime(null);
-        aliasUser.setPreviousLogonTime(null);
-
         /* password: empty string
          *  - alias users are only allowed for IdPs that also have an alias
          *  - IdPs can only have an alias if they are of type SAML, OIDC or OAuth 2.0
@@ -124,6 +111,14 @@ protected ScimUser cloneEntity(final ScimUser originalEntity) {
         aliasUser.setPassword(EMPTY_STRING);
         aliasUser.setSalt(null);
 
+        /* The following fields will be overwritten later and are therefore not set here:
+         * - id and identityZoneId
+         * - aliasId and aliasZid
+         * - timestamp fields (password last modified, last logon, previous logon):
+         *      - creation: with current timestamp during persistence (JdbcScimUserProvisioning)
+         *      - update: with values from existing alias entity
+         */
+
         return aliasUser;
     }