scimgateway 6.2.1 → 6.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/README.md +1116 -3445
  2. package/config/plugin-entra-id.json +3 -3
  3. package/lib/helper-rest.ts +4 -4
  4. package/lib/plugin-entra-id.ts +587 -187
  5. package/lib/plugin-generic.ts +11 -0
  6. package/lib/plugin-ldap.ts +15 -2
  7. package/lib/plugin-loki.ts +11 -0
  8. package/lib/plugin-mongodb.ts +11 -0
  9. package/lib/plugin-mssql.ts +11 -0
  10. package/lib/plugin-saphana.ts +11 -0
  11. package/lib/plugin-soap.ts +11 -0
  12. package/lib/scimgateway.ts +55 -37
  13. package/package.json +1 -1
package/config/plugin-entra-id.json CHANGED
@@ -6,7 +6,7 @@
6
6
  "scim": {
7
7
  "version": "2.0",
8
8
  "customSchema": null,
9
- "skipTypeConvert": false,
9
+ "skipTypeConvert": true,
10
10
  "groupMemberOfUser": false,
11
11
  "usePutSoftSync": false
12
12
  },
@@ -198,14 +198,14 @@
198
198
  "mapTo": "roles",
199
199
  "type": "complexArray",
200
200
  "x-agent-schema": {
201
- "description": "Attribute representing Entra ID roles. 'roles.type' spesifies the role category, 'Permanent' or 'Eligible'. 'roles.value' = The unique identifier of the role and 'roles.display' = Entra ID user-friendly rolename. When adding or modifying user roles, if 'roles.type' is not specified, it defaults to 'Eligible' if the tenant uses PIM; otherwise, it defaults to 'Permanent'. The agent should omit 'roles.type' unless explicitly specified by the user. When deleting a role, 'roles.type' must be included."
201
+ "description": "Attribute representing Entra ID roles. 'roles.type' specifies the role category, 'Permanent' or 'Eligible'. 'roles.value' = The unique identifier of the role and 'roles.display' = Entra ID user-friendly rolename. When adding or modifying user roles, if 'roles.type' is not specified, it defaults to 'Eligible' if the tenant uses PIM; otherwise, it defaults to 'Permanent'. The agent should omit 'roles.type' unless explicitly specified by the user. When deleting a role, 'roles.type' must be included."
202
202
  }
203
203
  },
204
204
  "entitlements": {
205
205
  "mapTo": "entitlements",
206
206
  "type": "complexArray",
207
207
  "x-agent-schema": {
208
- "description": "Read-only attribute representing entitlements. 'entitlements.type' spesifies the entitlement category. For Entra ID licenses we have 'entitlements.type' = 'License' and corresponding 'entitlements.value' = License SKU ID (unique identifier) and 'entitlements.display' = User-friendly license name."
208
+ "description": "Attribute representing entitlements. 'entitlements.type' specifies the entitlement category: 'License' (read-only) or 'AccessPackage' (read-write). 'entitlements.value' = License SKU ID or AccessPackage ID (unique identifier). 'entitlements.display' = User-friendly name."
209
209
  }
210
210
  },
211
211
  "userType": {
package/lib/helper-rest.ts CHANGED
@@ -26,7 +26,7 @@ export class HelperRest {
26
26
  private config_entity: any
27
27
  private scimgateway: any
28
28
  private idleTimeout: number
29
- private graphUrl = 'https://graph.microsoft.com/beta' // beta instead of 'v1.0' gives all user attributes when no $select
29
+ private graphUrl = 'https://graph.microsoft.com/beta' // using 'beta' which returns all user attributes when no $select and supports IGA Access Packages assignments
30
30
  private googleUrl = 'https://www.googleapis.com'
31
31
 
32
32
  constructor(scimgateway: any, optionalEntities?: Record<string, any>) {
@@ -718,7 +718,7 @@ export class HelperRest {
718
718
  // if (!ctx) ctx = { paging }
719
719
  // else ctx.paging = paging
720
720
  if (result.body && typeof result.body === 'object') {
721
- if (result.body['@odata.nextLink']) { // {"@odata.nextLink": "https://graph.microsoft.com/beta/users?$top=100&$skiptoken=xxx"}
721
+ if (result.body['@odata.nextLink']) { // {"@odata.nextLink": "https://graph.microsoft.com/v1.0/users?$top=100&$skiptoken=xxx"}
722
722
  if (!ctx) ctx = {}
723
723
  if (!ctx.paging) ctx.paging = {}
724
724
  const nextLinkBase = decodeURIComponent(result.body['@odata.nextLink'].substring(0, result.body['@odata.nextLink'].indexOf('$skiptoken') - 1))
@@ -865,7 +865,7 @@ export class HelperRest {
865
865
  * {
866
866
  * "type": "oauth",
867
867
  * "options": {
868
- * "azureTenantId": "<Entra ID azureTenantId", // Entra ID authentication - if baseUrls not defined, baseUrls automatically set to [https://graph.microsoft.com/beta]
868
+ * "azureTenantId": "<Entra ID azureTenantId", // Entra ID authentication - if baseUrls not defined, baseUrls automatically set to [https://graph.microsoft.com/v1.0]
869
869
  * "tokenUrl": "<tokenUrl>", // must be set if not using azureTenantId
870
870
  * "clientId": "<clientId>",
871
871
  * "clientSecret": "<clientSecret>"
@@ -924,7 +924,7 @@ export class HelperRest {
924
924
  * {
925
925
  * "type": "oauthJwtBearer",
926
926
  * "options": {
927
- * "azureTenantId": "<Entra ID azureTenantId", // Entra ID authentication, if baseUrls not defined, baseUrls automatically set to [https://graph.microsoft.com/beta]
927
+ * "azureTenantId": "<Entra ID azureTenantId", // Entra ID authentication, if baseUrls not defined, baseUrls automatically set to [https://graph.microsoft.com/v1.0]
928
928
  * "clientId": "<clientId>",
929
929
  * "tls": { // files located in ./config/certs
930
930
  * "key": "key.pem",