simpleidserver · simpleidserver · Jul 1, 2025 · Jun 12, 2025 · Jul 1, 2025 · Jul 1, 2025
diff --git a/src/Scim/SimpleIdServer.Scim.Client/SCIMClient.cs b/src/Scim/SimpleIdServer.Scim.Client/SCIMClient.cs
@@ -16,11 +16,15 @@ namespace SimpleIdServer.Scim.Client
 {
     public class SCIMClient : IDisposable
     {
+        private const string DefaultAuthenticationScheme = "Bearer";
+
         private readonly HttpClientHandler _handler = null;
         private readonly string _baseUrl;
         private HttpClient _httpClient;
         private SearchResult<ResourceTypeResult> _resourceTypes;
 
+        public string AuthenticationScheme { get; set; } = DefaultAuthenticationScheme;
+
         public SCIMClient(string baseUrl)
         {
             _baseUrl = baseUrl;
@@ -76,7 +80,26 @@ public async Task<SearchResult<ResourceTypeResult>> GetResourceTypes(Cancellatio
                 Method = HttpMethod.Get,
                 RequestUri = new Uri($"{GetPath(userEdp)}?{queryString}")
             };
-            if(!string.IsNullOrWhiteSpace(accessToken)) request.Headers.Add("Authorization", $"Bearer {accessToken}");
+            if (!string.IsNullOrWhiteSpace(accessToken)) SetAuthorizationHeader(request, accessToken);
+            var httpClient = GetHttpClient();
+            var httpResult = await httpClient.SendAsync(request, cancellationToken);
+            httpResult.EnsureSuccessStatusCode();
+            var json = await httpResult.Content.ReadAsStringAsync(cancellationToken);
+            var jsonObj = JsonObject.Parse(json).AsObject();
+            return (RepresentationSerializer.DeserializeSearchRepresentations(jsonObj), json);
+        }
+
+        public async Task<(SearchResult<RepresentationResult>, string)> SearchGroups(SearchRequest searchRequest, string accessToken, CancellationToken cancellationToken)
+        {
+            if (_resourceTypes == null) await GetResourceTypes(cancellationToken);
+            var groupEdp = _resourceTypes.Resources.Single(r => r.Name == "Group").Endpoint;
+            var queryString = SerializeQueryString(searchRequest);
+            var request = new HttpRequestMessage
+            {
+                Method = HttpMethod.Get,
+                RequestUri = new Uri($"{GetPath(groupEdp)}?{queryString}")
+            };
+            if (!string.IsNullOrWhiteSpace(accessToken)) SetAuthorizationHeader(request, accessToken);
             var httpClient = GetHttpClient();
             var httpResult = await httpClient.SendAsync(request, cancellationToken);
             httpResult.EnsureSuccessStatusCode();
@@ -94,7 +117,7 @@ public async Task<RepresentationResult> GetGroup(string id, string accessToken,
                 Method = HttpMethod.Get,
                 RequestUri = new Uri($"{GetPath(groupEdp)}/{id}")
             };
-            if (!string.IsNullOrWhiteSpace(accessToken)) request.Headers.Add("Authorization", $"Bearer {accessToken}");
+            if (!string.IsNullOrWhiteSpace(accessToken)) SetAuthorizationHeader(request, accessToken);
             var httpClient = GetHttpClient();
             var httpResult = await httpClient.SendAsync(request, cancellationToken);
             httpResult.EnsureSuccessStatusCode();
@@ -112,7 +135,7 @@ public async Task<JsonObject> GetUser(string id, string accessToken, Cancellatio
                 Method = HttpMethod.Get,
                 RequestUri = new Uri($"{GetPath(groupEdp)}/{id}")
             };
-            if (!string.IsNullOrWhiteSpace(accessToken)) request.Headers.Add("Authorization", $"Bearer {accessToken}");
+            if (!string.IsNullOrWhiteSpace(accessToken)) SetAuthorizationHeader(request, accessToken);
             var httpClient = GetHttpClient();
             var httpResult = await httpClient.SendAsync(request, cancellationToken);
             httpResult.EnsureSuccessStatusCode();
@@ -131,14 +154,23 @@ public async Task<SCIMErrorRepresentation> AddUser(JsonObject jsonObject, string
                 RequestUri = new Uri(GetPath(userEdp)),
                 Content = new StringContent(jsonObject.ToJsonString(), Encoding.UTF8, "application/json")
             };
-            if (!string.IsNullOrWhiteSpace(accessToken)) request.Headers.Add("Authorization", $"Bearer {accessToken}");
+            if (!string.IsNullOrWhiteSpace(accessToken)) SetAuthorizationHeader(request, accessToken);
             var httpClient = GetHttpClient();
             var httpResult = await httpClient.SendAsync(request, cancellationToken);
             if (httpResult.IsSuccessStatusCode) return null;
             var content = await httpResult.Content.ReadAsStringAsync();
             return JsonSerializer.Deserialize<SCIMErrorRepresentation>(content);
         }
 
+        private void SetAuthorizationHeader(HttpRequestMessage request, string accessToken)
+        {
+            var headerValue = string.IsNullOrEmpty(AuthenticationScheme) 
+                ? accessToken 
+                : string.Join(" ", AuthenticationScheme, accessToken);
+
+            request.Headers.Add("Authorization", headerValue);
+        }
+
         private HttpClient GetHttpClient()
         {
             if (_httpClient != null) return _httpClient;

diff --git a/src/Scim/SimpleIdServer.Scim.Client/SearchRequest.cs b/src/Scim/SimpleIdServer.Scim.Client/SearchRequest.cs
@@ -11,5 +11,7 @@ public class SearchRequest
         public int Count { get; set; } = 100;
         [JsonPropertyName("startIndex")]
         public int StartIndex { get; set; }
+        [JsonPropertyName("filter")]
+        public string Filter { get; set; }
     }
 }