scimitar 1.5.2 → 1.5.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/models/scimitar/engine_configuration.rb +9 -5
- data/app/models/scimitar/service_provider_configuration.rb +14 -3
- data/config/initializers/scimitar.rb +90 -86
- data/lib/scimitar/version.rb +2 -2
- data/lib/scimitar.rb +18 -2
- data/spec/apps/dummy/config/initializers/scimitar.rb +8 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6d57cfdaba9d48c6c193fb74baafc7c6e26c004a5a634460bc2f9ec94ad0440e
|
|
4
|
+
data.tar.gz: 8ff5ffbabe01c86822bd2c1dc85c535bf95b197cbc41920a995aa1801d239f32
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 91f6cba011c909de21f7c391dbfc5b18a30b7ef9cf81d9f43842452fa021484f55623034be386af6242e9a1a82efa9ef9436d8b5c17248bf0b9384587fecb50b
|
|
7
|
+
data.tar.gz: e72e91fa8c3dd85df64b806dd3e6cb2b4d2460b33cb7d3c241bc64e8557adbccff9e3071fd18fab676ffdcd2a8c7f375512f85919e6ba10601021d127097bef0
|
|
@@ -7,13 +7,17 @@ module Scimitar
|
|
|
7
7
|
class EngineConfiguration
|
|
8
8
|
include ActiveModel::Model
|
|
9
9
|
|
|
10
|
-
attr_accessor
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
10
|
+
attr_accessor(
|
|
11
|
+
:uses_defaults,
|
|
12
|
+
:basic_authenticator,
|
|
13
|
+
:token_authenticator,
|
|
14
|
+
:application_controller_mixin,
|
|
15
|
+
:exception_reporter,
|
|
16
|
+
:optional_value_fields_required,
|
|
17
|
+
)
|
|
15
18
|
|
|
16
19
|
def initialize(attributes = {})
|
|
20
|
+
@uses_defaults = attributes.empty?
|
|
17
21
|
|
|
18
22
|
# Set defaults that may be overridden by the initializer.
|
|
19
23
|
#
|
|
@@ -9,11 +9,22 @@ module Scimitar
|
|
|
9
9
|
class ServiceProviderConfiguration
|
|
10
10
|
include ActiveModel::Model
|
|
11
11
|
|
|
12
|
-
attr_accessor
|
|
13
|
-
:
|
|
14
|
-
:
|
|
12
|
+
attr_accessor(
|
|
13
|
+
:uses_defaults,
|
|
14
|
+
:patch,
|
|
15
|
+
:bulk,
|
|
16
|
+
:filter,
|
|
17
|
+
:changePassword,
|
|
18
|
+
:sort,
|
|
19
|
+
:etag,
|
|
20
|
+
:authenticationSchemes,
|
|
21
|
+
:schemas,
|
|
22
|
+
:meta,
|
|
23
|
+
)
|
|
15
24
|
|
|
16
25
|
def initialize(attributes = {})
|
|
26
|
+
@uses_defaults = attributes.empty?
|
|
27
|
+
|
|
17
28
|
defaults = {
|
|
18
29
|
bulk: Supportable.unsupported,
|
|
19
30
|
changePassword: Supportable.unsupported,
|
|
@@ -2,101 +2,105 @@
|
|
|
2
2
|
#
|
|
3
3
|
# For supporting information and rationale, please see README.md.
|
|
4
4
|
|
|
5
|
-
#
|
|
6
|
-
# SERVICE PROVIDER CONFIGURATION
|
|
7
|
-
# =============================================================================
|
|
8
|
-
#
|
|
9
|
-
# This is a Ruby abstraction over a SCIM entity that declares the capabilities
|
|
10
|
-
# supported by a particular implementation.
|
|
11
|
-
#
|
|
12
|
-
# Typically this is used to declare parts of the standard unsupported, if you
|
|
13
|
-
# don't need them and don't want to provide subclass support.
|
|
14
|
-
#
|
|
15
|
-
Scimitar.service_provider_configuration = Scimitar::ServiceProviderConfiguration.new({
|
|
5
|
+
Rails.application.config.to_prepare do # (required for >= Rails 7 / Zeitwerk)
|
|
16
6
|
|
|
17
|
-
#
|
|
7
|
+
# ===========================================================================
|
|
8
|
+
# SERVICE PROVIDER CONFIGURATION
|
|
9
|
+
# ===========================================================================
|
|
18
10
|
#
|
|
19
|
-
#
|
|
20
|
-
#
|
|
21
|
-
# that filters are not supported so that calling clients shouldn't use them:
|
|
11
|
+
# This is a Ruby abstraction over a SCIM entity that declares the
|
|
12
|
+
# capabilities supported by a particular implementation.
|
|
22
13
|
#
|
|
23
|
-
#
|
|
14
|
+
# Typically this is used to declare parts of the standard unsupported, if you
|
|
15
|
+
# don't need them and don't want to provide subclass support.
|
|
16
|
+
#
|
|
17
|
+
Scimitar.service_provider_configuration = Scimitar::ServiceProviderConfiguration.new({
|
|
24
18
|
|
|
25
|
-
|
|
19
|
+
# See https://tools.ietf.org/html/rfc7643#section-8.5 for properties.
|
|
20
|
+
#
|
|
21
|
+
# See Gem file 'app/models/scimitar/service_provider_configuration.rb'
|
|
22
|
+
# for defaults. Define Hash keys here that override defaults; e.g. to
|
|
23
|
+
# declare that filters are not supported so that calling clients shouldn't
|
|
24
|
+
# use them:
|
|
25
|
+
#
|
|
26
|
+
# filter: Scimitar::Supported.unsupported
|
|
26
27
|
|
|
27
|
-
|
|
28
|
-
# ENGINE CONFIGURATION
|
|
29
|
-
# =============================================================================
|
|
30
|
-
#
|
|
31
|
-
# This is where you provide callbacks for things like authorisation or mixins
|
|
32
|
-
# that get included into all Scimitar-derived controllers (for things like
|
|
33
|
-
# before-actions that apply to all Scimitar controller-based routes).
|
|
34
|
-
#
|
|
35
|
-
Scimitar.engine_configuration = Scimitar::EngineConfiguration.new({
|
|
28
|
+
})
|
|
36
29
|
|
|
37
|
-
#
|
|
38
|
-
#
|
|
39
|
-
#
|
|
40
|
-
#
|
|
41
|
-
# For example:
|
|
42
|
-
#
|
|
43
|
-
# application_controller_mixin: Module.new do
|
|
44
|
-
# def self.included(base)
|
|
45
|
-
# base.class_eval do
|
|
30
|
+
# ===========================================================================
|
|
31
|
+
# ENGINE CONFIGURATION
|
|
32
|
+
# ===========================================================================
|
|
46
33
|
#
|
|
47
|
-
#
|
|
48
|
-
#
|
|
49
|
-
#
|
|
34
|
+
# This is where you provide callbacks for things like authorisation or mixins
|
|
35
|
+
# that get included into all Scimitar-derived controllers (for things like
|
|
36
|
+
# before-actions that apply to all Scimitar controller-based routes).
|
|
50
37
|
#
|
|
51
|
-
|
|
52
|
-
# prepend_before_action :setup_some_kind_of_multi_tenancy_data
|
|
53
|
-
# end
|
|
54
|
-
# end
|
|
55
|
-
# end, # ...other configuration entries might follow...
|
|
38
|
+
Scimitar.engine_configuration = Scimitar::EngineConfiguration.new({
|
|
56
39
|
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
40
|
+
# If you have filters you want to run for any Scimitar action/route, you
|
|
41
|
+
# can define them here. For example, you might use a before-action to set
|
|
42
|
+
# up some multi-tenancy related state, or skip Rails CSRF token
|
|
43
|
+
# verification. For example:
|
|
44
|
+
#
|
|
45
|
+
# application_controller_mixin: Module.new do
|
|
46
|
+
# def self.included(base)
|
|
47
|
+
# base.class_eval do
|
|
48
|
+
#
|
|
49
|
+
# # Anything here is written just as you'd write it at the top of
|
|
50
|
+
# # one of your controller classes, but it gets included in all
|
|
51
|
+
# # Scimitar classes too.
|
|
52
|
+
#
|
|
53
|
+
# skip_before_action :verify_authenticity_token
|
|
54
|
+
# prepend_before_action :setup_some_kind_of_multi_tenancy_data
|
|
55
|
+
# end
|
|
56
|
+
# end
|
|
57
|
+
# end, # ...other configuration entries might follow...
|
|
67
58
|
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
#
|
|
79
|
-
# Note that both basic and token authentication can be declared, with the
|
|
80
|
-
# parameters in the inbound HTTP request determining which is invoked.
|
|
59
|
+
# If you want to support username/password authentication:
|
|
60
|
+
#
|
|
61
|
+
# basic_authenticator: Proc.new do | username, password |
|
|
62
|
+
# # Check username/password and return 'true' if valid, else 'false'.
|
|
63
|
+
# end, # ...other configuration entries might follow...
|
|
64
|
+
#
|
|
65
|
+
# The 'username' and 'password' parameters come from Rails:
|
|
66
|
+
#
|
|
67
|
+
# https://api.rubyonrails.org/classes/ActionController/HttpAuthentication/Basic.html
|
|
68
|
+
# https://api.rubyonrails.org/classes/ActionController/HttpAuthentication/Basic/ControllerMethods.html#method-i-authenticate_with_http_basic
|
|
81
69
|
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
70
|
+
# If you want to support HTTP bearer token (OAuth-style) authentication:
|
|
71
|
+
#
|
|
72
|
+
# token_authenticator: Proc.new do | token, options |
|
|
73
|
+
# # Check token and return 'true' if valid, else 'false'.
|
|
74
|
+
# end, # ...other configuration entries might follow...
|
|
75
|
+
#
|
|
76
|
+
# The 'token' and 'options' parameters come from Rails:
|
|
77
|
+
#
|
|
78
|
+
# https://api.rubyonrails.org/classes/ActionController/HttpAuthentication/Token.html
|
|
79
|
+
# https://api.rubyonrails.org/classes/ActionController/HttpAuthentication/Token/ControllerMethods.html#method-i-authenticate_with_http_token
|
|
80
|
+
#
|
|
81
|
+
# Note that both basic and token authentication can be declared, with the
|
|
82
|
+
# parameters in the inbound HTTP request determining which is invoked.
|
|
94
83
|
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
84
|
+
# Scimitar rescues certain error cases and exceptions, in order to return a
|
|
85
|
+
# JSON response to the API caller. If you want exceptions to also be
|
|
86
|
+
# reported to a third party system such as sentry.io or raygun.com, you can
|
|
87
|
+
# configure a Proc to do so. It is passed a Ruby exception subclass object.
|
|
88
|
+
# For example, a minimal sentry.io reporter might do this:
|
|
89
|
+
#
|
|
90
|
+
# exception_reporter: Proc.new do | exception |
|
|
91
|
+
# Sentry.capture_exception(exception)
|
|
92
|
+
# end
|
|
93
|
+
#
|
|
94
|
+
# You will still need to configure your reporting system according to its
|
|
95
|
+
# documentation (e.g. via a Rails "config/initializers/<foo>.rb" file).
|
|
96
|
+
|
|
97
|
+
# Scimilar treats "VDTP" (Value, Display, Type, Primary) attribute values,
|
|
98
|
+
# used for e.g. e-mail addresses or phone numbers, as required by default.
|
|
99
|
+
# If you encounter a service which calls these with e.g. "null" value data,
|
|
100
|
+
# you can configure all values to be optional. You'll need to deal with
|
|
101
|
+
# whatever that means for you receiving system in your model code.
|
|
102
|
+
#
|
|
103
|
+
# optional_value_fields_required: false
|
|
104
|
+
})
|
|
105
|
+
|
|
106
|
+
end
|
data/lib/scimitar/version.rb
CHANGED
|
@@ -3,11 +3,11 @@ module Scimitar
|
|
|
3
3
|
# Gem version. If this changes, be sure to re-run "bundle install" or
|
|
4
4
|
# "bundle update".
|
|
5
5
|
#
|
|
6
|
-
VERSION = '1.5.
|
|
6
|
+
VERSION = '1.5.3'
|
|
7
7
|
|
|
8
8
|
# Date for VERSION. If this changes, be sure to re-run "bundle install"
|
|
9
9
|
# or "bundle update".
|
|
10
10
|
#
|
|
11
|
-
DATE = '2023-
|
|
11
|
+
DATE = '2023-09-16'
|
|
12
12
|
|
|
13
13
|
end
|
data/lib/scimitar.rb
CHANGED
|
@@ -4,7 +4,9 @@ require 'scimitar/engine'
|
|
|
4
4
|
|
|
5
5
|
module Scimitar
|
|
6
6
|
def self.service_provider_configuration=(custom_configuration)
|
|
7
|
-
@service_provider_configuration
|
|
7
|
+
if @service_provider_configuration.nil? || ! custom_configuration.uses_defaults
|
|
8
|
+
@service_provider_configuration = custom_configuration
|
|
9
|
+
end
|
|
8
10
|
end
|
|
9
11
|
|
|
10
12
|
def self.service_provider_configuration(location:)
|
|
@@ -14,11 +16,25 @@ module Scimitar
|
|
|
14
16
|
end
|
|
15
17
|
|
|
16
18
|
def self.engine_configuration=(custom_configuration)
|
|
17
|
-
@engine_configuration
|
|
19
|
+
if @engine_configuration.nil? || ! custom_configuration.uses_defaults
|
|
20
|
+
@engine_configuration = custom_configuration
|
|
21
|
+
end
|
|
18
22
|
end
|
|
19
23
|
|
|
20
24
|
def self.engine_configuration
|
|
21
25
|
@engine_configuration ||= EngineConfiguration.new
|
|
22
26
|
@engine_configuration
|
|
23
27
|
end
|
|
28
|
+
|
|
29
|
+
# Set in a "Rails.application.config.to_prepare" block by Scimitar itself to
|
|
30
|
+
# establish default values. Older Scimitar client applications might not use
|
|
31
|
+
# that wrapper; we don't want to overwrite settings they configured, but we
|
|
32
|
+
# *do* want to let them overwrite the defaults. Thus, '||=" is used here but
|
|
33
|
+
# not in ::service_provider_configuration=.
|
|
34
|
+
#
|
|
35
|
+
# Client applications should not call this method themselves.
|
|
36
|
+
#
|
|
37
|
+
def self.default_service_provider_configuration(default_configuration)
|
|
38
|
+
@service_provider_configuration ||= custom_configuration
|
|
39
|
+
end
|
|
24
40
|
end
|
|
@@ -9,6 +9,14 @@
|
|
|
9
9
|
#
|
|
10
10
|
# All related schema tests are written with this in mind.
|
|
11
11
|
#
|
|
12
|
+
# Further, https://github.com/RIPAGlobal/scimitar/pull/54 fixed warning
|
|
13
|
+
# messages in a way that worked on Rails 6+ but, for V1 Scimitar, it would
|
|
14
|
+
# break existing working setups that didn't use the +to_prepare+ wrapper. Their
|
|
15
|
+
# application configuration would be written *first* but then *overwritten* by
|
|
16
|
+
# the default +to_prepare+ block in Scimitar itself, since that runs later. The
|
|
17
|
+
# file below does *not* use +to_prepare+ in order to test the workaround that
|
|
18
|
+
# was produced; it should work on all Ruby versions as-is.
|
|
19
|
+
#
|
|
12
20
|
Scimitar.engine_configuration = Scimitar::EngineConfiguration.new({
|
|
13
21
|
|
|
14
22
|
application_controller_mixin: Module.new do
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: scimitar
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.5.
|
|
4
|
+
version: 1.5.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- RIPA Global
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2023-
|
|
12
|
+
date: 2023-09-16 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rails
|