scimgateway 5.1.0 → 5.1.2

package/.github/workflows/test-master.yml

@@ -0,0 +1,33 @@
+name: Test Master Branch
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    env:
+      FORCE_COLOR: "1"
+      TERM: "xterm-256color"
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # - name: Install Bun
+      #   run: |
+      #     curl -fsSL https://bun.sh/install | bash
+      #     echo "$HOME/.bun/bin" >> $GITHUB_PATH
+
+      - name: Set up Bun
+        uses: oven-sh/setup-bun@v2
+
+      - name: Install dependencies
+        run: bun install
+
+      - name: Run master tests
+        run: bun run test

package/.github/workflows/test-release.yml

@@ -0,0 +1,30 @@
+name: Test Release Workflow
+
+on:
+  release:
+    types:
+      - published
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    env:
+      FORCE_COLOR: "1"
+      TERM: "xterm-256color"
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # - name: Install Bun
+      #   run: |
+      #     curl -fsSL https://bun.sh/install | bash
+      #     echo "$HOME/.bun/bin" >> $GITHUB_PATH
+
+      - name: Set up Bun
+        uses: oven-sh/setup-bun@v2
+
+      - name: Install dependencies
+        run: bun install
+
+      - name: Run release tests
+        run: bun run test

package/.travis.yml

@@ -13,4 +13,4 @@ install:
 
 # Run the Bun test runner
 script:
-  - bun test
+  - bun run test

package/README.md

@@ -59,10 +59,8 @@ Shows how to implement a highly configurable multi tenant or multi endpoint solu
 
 * **SCIM** (REST Webservice)  
 Demonstrates user provisioning towards REST-Based endpoint (type SCIM)  
-Using plugin Loki as SCIM endpoint  
+Using plugin Loki as SCIM endpoint through HelperRest  
 Can be used as SCIM version-gateway e.g. 1.1=>2.0 or 2.0=>1.1  
-Can be used to chain several gateways  
-
 
 * **Soap** (SOAP Webservice)  
 Demonstrates user provisioning towards SOAP-Based endpoint  
@@ -78,7 +76,7 @@ Demonstrates SAP HANA specific user provisioning
 
 * **Entra ID** (REST Webservices)  
 Entra ID user provisioning including license management (App Service plans) e.g. Office 365  
-Using Microsoft Graph API  
+Using Microsoft Graph API through HelperRest  
 Using customized SCIM attributes according to Microsoft Graph API  
 Includes Symantec/Broadcom/CA ConnectorXpress metafile for creating provisioning "Azure - ScimGateway" endpoint type  
 
@@ -88,7 +86,7 @@ Pre-configured for Microsoft Active Directory
 Using endpointMapper (like plugin-entra-id) for attribute mapping flexibility  
 
 * **API** (REST Webservices)  
-Demonstrates API Gateway/plugin functionality using post/put/patch/get/delete  
+Demonstrates API Gateway/plugin functionality using post/put/patch/get/delete combined with HelperRest  
 None SCIM plugin, becomes what you want it to become.  
 Methods included can also be used in standard SCIM plugins  
 Endpoint complexity could be put in this plugin, and client could instead communicate through Gateway using your own simplified REST specification.  
@@ -210,6 +208,7 @@ Below shows an example of config\plugin-saphana.json
 	  "scimgateway": {
 	    "port": 8884,
 	    "localhostonly": false,
+	    "chainingBaseUrl": null,
         "scim": {
           "version": "2.0",
           "skipTypeConvert" : false,
@@ -1183,6 +1182,18 @@ MIT © [Jarle Elshaug](https://www.elshaug.xyz)
 
 ## Change log  
 
+### v5.1.2
+
+[Improved]
+
+- Simplified some initialization logic
+
+### v5.1.1
+
+[Fixed]
+
+- SCIM Gateway failed to start on linux using Bun >= v1.1.43
+
 ### v5.1.0
 
 [Improved]

package/lib/helper-rest.ts

@@ -11,7 +11,7 @@ import { HttpsProxyAgent } from 'https-proxy-agent'
 import { URL } from 'url'
 import { Buffer } from 'node:buffer'
 import { samlAssertion } from './samlAssertion.ts'
-import { sign as jwtSign } from 'jsonwebtoken'
+import * as jsonwebtoken from 'jsonwebtoken'
 import fs from 'node:fs'
 import querystring from 'querystring'
 import * as utils from './utils.ts'
@@ -173,7 +173,7 @@ export class HelperRest {
 
         form = {
           grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
-          assertion: jwtSign(jwtAttr, privateKey, { algorithm: 'RS256' }),
+          assertion: jsonwebtoken.sign(jwtAttr, privateKey, { algorithm: 'RS256' }),
         }
         break
 
@@ -525,7 +525,6 @@ export class HelperRest {
       const timeout = setTimeout(() => controller.abort(), options.abortTimeout ? options.abortTimeout * 1000 : this.idleTimeout * 1000) // 120 seconds default abort timeout
       options.signal = signal
       const url = `${options.protocol}//${options.host}${options.port ? ':' + options.port : ''}${options.path}`
-      if (path.includes(')?$') && !options.headers['Accept-Encoding']) options.headers['Accept-Encoding'] = 'identity' // workaround for bun fetch error: "Decompression error: ShortRead" - have seen this error using OData with "<some-path>('xxx')?$expand=" or "<some-path>('xxx')?$select=" ref: https://github.com/oven-sh/bun/issues/8017
       // execute request
       const f = await fetch(url, options)
       clearTimeout(timeout)

package/lib/scimgateway.ts

@@ -13,7 +13,7 @@ import { createServer as httpsCreateServer } from 'node:https'
 import { type IncomingMessage, type ServerResponse } from 'node:http'
 import { createChecker } from 'is-in-subnet'
 import { BearerStrategy, type IBearerStrategyOptionWithRequest } from 'passport-azure-ad'
-import { fileURLToPath } from 'url'
+import { fileURLToPath } from 'node:url'
 import { Log } from './logger.ts'
 import passport from 'passport'
 import dot from 'dot-object'
@@ -307,31 +307,21 @@ export class ScimGateway {
   constructor() {
     const funcHandler: any = {}
     const startTime = utils.timestamp()
-
-    // need requester/plugin full path for setting pluginName and configDir
-    const originalStackTrace = new Error().stack
-    const stackLines = originalStackTrace ? originalStackTrace.split('\n') : ''
     let requester: string = ''
-    let callerLine = ''
-    for (let i = 0; i < stackLines.length; i++) {
-      if (stackLines[i].includes('new ScimGateway') && i < stackLines.length - 1) {
-        callerLine = stackLines[i + 1]
-        break
-      }
-    }
-    if (callerLine) {
-      let match = callerLine.match(/(?:\()([^)]+):\d+:\d+(?:\))/)
-      if (match && match[1]) {
-        requester = match[1]
-      }
-      if (!requester) {
-        match = callerLine.match(/.*(file:\/\/\/)?([A-Za-z]:[/\\].*?):\d+:\d+(?:\))?/) // nodejs
-        if (match && match[2]) {
-          requester = match[2]
-        }
+    {
+      let _prepareStackTrace = Error.prepareStackTrace
+      Error.prepareStackTrace = (_, stack) => {
+        return stack.map((callSite) => {
+          return callSite.getFileName()
+        })
       }
+      const e = new Error()
+      requester = e.stack?.[1] || ''
+      try { // node.js using url-path win: file:///path - linux: file://path
+        requester = fileURLToPath(requester)
+      } catch (err) { void 0 }
+      Error.prepareStackTrace = _prepareStackTrace
     }
-
     let pluginName = path.basename(requester)
     pluginName = pluginName.substring(0, pluginName.lastIndexOf('.')) || pluginName
     let pluginDir = path.dirname(requester)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "scimgateway",
-  "version": "5.1.0",
+  "version": "5.1.2",
   "type": "module",
   "description": "Using SCIM protocol as a gateway for user provisioning to other endpoints",
   "author": "Jarle Elshaug <jarle.elshaug@gmail.com> (https://elshaug.xyz)",