RubyGems - scimitar - Versions diffs - 2.13.0 → 2.14.0 - Mend

scimitar 2.13.0 → 2.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/README.md +31 -2
data/app/controllers/scimitar/application_controller.rb +30 -12
data/app/models/scimitar/engine_configuration.rb +1 -0
data/lib/scimitar/version.rb +2 -2
data/spec/controllers/scimitar/application_controller_spec.rb +55 -0
metadata +6 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 172c9b71a2da57bcc0b0ebc02c551a5ed8e70c7efda9fcbb01a6cea7b99f6c6b
-  data.tar.gz: 0d6fc7e2dcbe4fabcef481c197b96c6f757af8cc5f1ad8b5990a13c346d39517
+  metadata.gz: c5f63ca5b1572be0cb53a95a47280099713fd32be8f5650396a0db6a0c92550e
+  data.tar.gz: 2f1f2a7ec7a6877607875f6b86e7b9859ae9124f71d295541847940dd31c8b1f
 SHA512:
-  metadata.gz: 060e4aff1aa65516fef31e8c0403dfda82d2b015e990bcfed7b45e78830b8f545db30c8abe915126e4a760e62c4f5f34660b19b0d30f1815cc6575406961f9c4
-  data.tar.gz: 85659a28c38997bbb937fe153b48f77c4fe75f98d6c6dbad82006d8cd30d029db5f5e7e33e7fd614ee2630aba2ec558338d9de4e888be884fa11eb1159c261a4
+  metadata.gz: '08626642f4b3e9dd29a6141c72bea784ab094ec197d9f3b9278957a59bfe230f4ef7ec84d52b1584127af647809351607bc01ef408d7269cc39dcf1f17180d49'
+  data.tar.gz: 53845ba684f54f8e2e90e696b769aadfe803809fa3004fa35f779794d6e04bfa034ee231847382591cdc5600cc7544bbad4c959e2031c0271e67e5632d431f6c

data/README.md CHANGED Viewed

@@ -64,7 +64,7 @@ Some aspects of configuration are handled via a `config/initializers/scimitar.rb
 Rails.application.config.to_prepare do
   Scimitar.engine_configuration = Scimitar::EngineConfiguration.new({
     # ...see subsections below for configuration options...
-  end
+  })
 end
 ```
@@ -184,7 +184,36 @@ Note that Okta has some [curious documentation on its use of `POST` vs `PATCH` f
 ### Google Workspace note
-Using SCIM with Google Workspace might only work for a subset of applications. Since web UIs for major service providers change very often, it doesn't make sense to provide extensive documentation here as it would get out of date quickly; you may have to figure out the setup as best you can using whatever current Google documentation exists for their system. There are [some notes which were relevant around mid-2025](https://github.com/pond/scimitar/issues/142#issuecomment-2699050541) (from when a workarond/fix was incorporated into Scimitar to allow it to work with Google Workspace) which may help you get started.
+Using SCIM with Google Workspace might only work for a subset of applications. Since web UIs for major service providers change very often, it doesn't make sense to provide extensive documentation here as it would get out of date quickly; you may have to figure out the setup as best you can using whatever current Google documentation exists for their system. There are [some notes which were relevant around mid-2025](https://github.com/pond/scimitar/issues/142#issuecomment-2699050541) (from when a workaround/fix was incorporated into Scimitar to allow it to work with Google Workspace) which may help you get started.
+### Request content type handling
+The correct content type for SCIM is `application/scim+json`. Scimitar tolerates some variants of this, rewriting things internally so that the request continues to be processed by the rest of the gem (including ending up in subclass code you write) under this media type, with a Rails request format of `:scim`. Sometimes, callers into SCIM endpoints might use a content type that Scimitar rejects. If so, you can configure a custom request sanitizer Proc (with a "z", in keeping with Rails spelling of "sanitize"):
+```ruby
+Rails.application.config.to_prepare do
+  Scimitar.engine_configuration = Scimitar::EngineConfiguration.new({
+    custom_request_sanitizer: Proc.new do | request |
+      #
+      # Examine e.g. 'request.media_type' and evaluate to a Symbol:
+      #
+      #   :success  - set the standard content type and ensure the Rails request
+      #               format is :scim; continue processing normally
+      #
+      #   :preserve - retain the existing content type and Rails request format;
+      #               continue processing normally
+      #
+      #   :fail     - the request format appears to be invalid; generate a 406
+      #               ("Not Acceptable") response
+      #
+    end
+  })
+end
+```
+The Proc is passed the [`ActionDispatch::Request`](https://api.rubyonrails.org/classes/ActionDispatch/Request.html) instance for the current request. It **must** evaluable to a Symbol as shown above. Typically, `:preserve` is only for very special use cases where you understand that the request headers and/or format might not match what other parts of Scimitar expect, but have written appropriate custom code elsewhere to deal with that.
 ### Data models

data/app/controllers/scimitar/application_controller.rb CHANGED Viewed

@@ -93,19 +93,37 @@ module Scimitar
       #
       def require_scim
         scim_mime_type = Mime::Type.lookup_by_extension(:scim).to_s
+        failure_detail = "Only #{scim_mime_type} type is accepted."
+        if Scimitar.engine_configuration.custom_request_sanitizer.is_a?(Proc)
+          result = Scimitar.engine_configuration.custom_request_sanitizer.call(request)
+          case result
+            when :fail
+              handle_scim_error(ErrorResponse.new(status: 406, detail: failure_detail))
+            when :preserve
+              # Do nothing
+            else
+              request.format = :scim
+              request.headers['CONTENT_TYPE'] = scim_mime_type
+          end
+        else # "if Scimitar.engine_configuration.custom_request_sanitizer.present?"
+          if request.media_type.nil? || request.media_type.empty?
+            request.format = :scim
+            request.headers['CONTENT_TYPE'] = scim_mime_type
+          elsif request.media_type.downcase == scim_mime_type
+            request.format = :scim
+          elsif request.format == :scim
+            request.headers['CONTENT_TYPE'] = scim_mime_type
+          elsif request.media_type.downcase == 'application/json' && request.user_agent&.start_with?('Google') # https://github.com/pond/scimitar/issues/142
+            request.format = :scim
+            request.headers["CONTENT_TYPE"] = scim_mime_type
+          else
+            handle_scim_error(ErrorResponse.new(status: 406, detail: failure_detail))
+          end
-        if request.media_type.nil? || request.media_type.empty?
-          request.format = :scim
-          request.headers['CONTENT_TYPE'] = scim_mime_type
-        elsif request.media_type.downcase == scim_mime_type
-          request.format = :scim
-        elsif request.format == :scim
-          request.headers['CONTENT_TYPE'] = scim_mime_type
-        elsif request.media_type.downcase == 'application/json' && request.user_agent.start_with?('Google') # https://github.com/pond/scimitar/issues/142
-          request.format = :scim
-          request.headers["CONTENT_TYPE"] = scim_mime_type
-        else
-          handle_scim_error(ErrorResponse.new(status: 406, detail: "Only #{scim_mime_type} type is accepted."))
         end
       end

data/app/models/scimitar/engine_configuration.rb CHANGED Viewed

@@ -12,6 +12,7 @@ module Scimitar
       :basic_authenticator,
       :token_authenticator,
       :custom_authenticator,
+      :custom_request_sanitizer,
       :application_controller_mixin,
       :exception_reporter,
       :optional_value_fields_required,

data/lib/scimitar/version.rb CHANGED Viewed

@@ -3,11 +3,11 @@ module Scimitar
   # Gem version. If this changes, be sure to re-run "bundle install" or
   # "bundle update".
   #
-  VERSION = '2.13.0'
+  VERSION = '2.14.0'
   # Date for VERSION. If this changes, be sure to re-run "bundle install"
   # or "bundle update".
   #
-  DATE = '2025-09-12'
+  DATE = '2025-11-14'
 end

data/spec/controllers/scimitar/application_controller_spec.rb CHANGED Viewed

@@ -435,6 +435,61 @@ RSpec.describe Scimitar::ApplicationController do
           expect(@exception.message).to eql('Only application/scim+json type is accepted.')
         end
       end # "context 'and with Google SCIM calls' do"
+      context 'and with a custom request sanitizer' do
+        around :each do | example |
+          original_configuration = Scimitar.engine_configuration.custom_request_sanitizer
+          Scimitar.engine_configuration.custom_request_sanitizer = Proc.new do | request |
+            case request.media_type
+              when 'application/json+success'
+                :success
+              when 'application/json+preserve'
+                :preserve
+              else
+                :fail
+            end
+          end
+          example.run()
+        ensure
+          Scimitar.engine_configuration.custom_request_sanitizer = original_configuration
+        end
+        context 'returning "success"' do
+          it 'reaches the controller action with cleaned up request data' do
+            request.headers['Content-Type'] = 'application/json+success'
+            get :index
+            expect(@exception).to be_a(RuntimeError)
+            expect(@exception.message).to eql('Bang')
+            expect(request.format == :scim).to eql(true)
+            expect(request.headers['CONTENT_TYPE']).to eql('application/scim+json')
+          end
+        end # "context 'returning "success"' do"
+        context 'returning "preserve"' do
+          it 'reaches the controller action with unmodified request data' do
+            request.headers['Content-Type'] = 'application/json+preserve'
+            get :index
+            expect(@exception).to be_a(RuntimeError)
+            expect(@exception.message).to eql('Bang')
+            expect(request.format == :html).to eql(true)
+            expect(request.headers['CONTENT_TYPE']).to eql('application/json+preserve')
+          end
+        end # "context 'returning "keep"' do"
+        context 'returning "fail"' do
+          it 'is invoked' do
+            request.headers['Content-Type'] = 'application/json+fail'
+            get :index
+            expect(@exception).to be_a(Scimitar::ErrorResponse)
+            expect(@exception.message).to eql('Only application/scim+json type is accepted.')
+          end
+        end # "context 'returning "fail"' do"
+      end # "context 'and with a custom request sanitizer' do"
     end # "context 'exception reporter' do"
   end # "context 'error handling' do"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: scimitar
 version: !ruby/object:Gem::Version
-  version: 2.13.0
+  version: 2.14.0
 platform: ruby
 authors:
 - RIPA Global
 - Andrew David Hodgkinson
 bindir: bin
 cert_chain: []
-date: 2025-09-12 00:00:00.000000000 Z
+date: 2025-11-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -44,14 +44,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '13.2'
+        version: '13.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '13.2'
+        version: '13.3'
 - !ruby/object:Gem::Dependency
   name: pg
   requirement: !ruby/object:Gem::Requirement
@@ -86,14 +86,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '6.14'
+        version: '6.15'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '6.14'
+        version: '6.15'
 - !ruby/object:Gem::Dependency
   name: warden
   requirement: !ruby/object:Gem::Requirement