Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Supporting SCIM feature | Workaround on node-auth0@v3 #921

Merged
merged 10 commits into from
Jul 16, 2024
Merged

Supporting SCIM feature | Workaround on node-auth0@v3 #921

merged 10 commits into from
Jul 16, 2024

Conversation

nandan-bhat
Copy link
Contributor

🔧 Changes

In this PR, I'm adding a workaround to enable SCIM support on auth0-deploy-cli with the current node-auth0@v3 version using the Auth0 Management API. This lets us use SCIM features with the current SDK until we complete the migration to node-auth0@v4.

  • New property scim_configuration is added to connections
  • Modifiable properties inside scim_configuration: user_id_attribute, mapping

📚 References

🔬 Testing

  1. Create a config.json file and keep it in the root of your project.
    Example:
{
    "AUTH0_DOMAIN": "<YOUR_DOMAIN>",
    "AUTH0_CLIENT_ID": "<CLIENT_ID>",
    "AUTH0_CLIENT_SECRET": "<CLIENT_SECRET>",
    "AUTH0_INCLUDED_ONLY": ["themes"],
    "AUTH0_ALLOW_DELETE": false
}

  1. Make sure you have SCIM supported enterprise connections configured on your tenant. The currently the SCIM supported strategies are samlp, oidc, okta and waad

  2. Use the following commands to import or export configs:
    Export YAML:
    node lib/index.js export -c config.json -o ./local -f yaml
    Import YAML:
    node lib/index.js import -c config.json --input_file ./local/tenant.yaml
    Refer documentation

  3. Make changes to scim_configuration inside connections and run import or deploy command. And observe the changes on your tenant.

  4. Navigate to Authentication > Enterprise > [YOUR_SCIM_CONNECTION] > Provisioning and make changes to SCIM configuration. Run any export or dump command. Observe the changes on your local.

📝 Checklist

  • All new/changed/fixed functionality is covered by tests (or N/A)
  • I have added documentation for all new/changed functionality (or N/A)

@nandan-bhat nandan-bhat requested a review from a team as a code owner July 9, 2024 15:26
@nandan-bhat nandan-bhat marked this pull request as draft July 9, 2024 15:34
gyaneshgouraw-okta
gyaneshgouraw-okta reviewed Jul 16, 2024
View reviewed changes
src/tools/auth0/handlers/scimHandler.ts

async updateOverride(requestParams: scimRequestParams, bodyParams: Asset) {
// Extract `scim_configuration` from `bodyParams`.
// Remove `scim_configuration` from `bodyParams`, because `connections.update` doesn't accept it.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can add debug logs to this and few other newly added methods.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updateScimConfiguration, createScimConfiguration, and deleteScimConfiguration are called within updateOverride, which already has a debug logger in place.

gyaneshgouraw-okta
gyaneshgouraw-okta reviewed Jul 16, 2024
View reviewed changes
src/tools/auth0/handlers/scimHandler.ts
// Return response from connections.update(...).
return updated;
}

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can add a comment, explaining the general intention of this override function

Copy link
Contributor Author

@nandan-bhat nandan-bhat Jul 16, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This code block contains more details about updateOverride

gyaneshgouraw-okta
gyaneshgouraw-okta previously approved these changes Jul 16, 2024
View reviewed changes
Copy link

@gyaneshgouraw-okta gyaneshgouraw-okta left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

@codecov-commenter
Copy link

codecov-commenter commented Jul 16, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 85.36585% with 12 lines in your changes missing coverage. Please review.

Project coverage is 84.24%. Comparing base (846c02c) to head (1c70019).

Files Patch % Lines
src/tools/auth0/handlers/scimHandler.ts 84.21% 5 Missing and 7 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #921      +/-   ##
==========================================
+ Coverage   84.16%   84.24%   +0.08%     
==========================================
  Files         115      116       +1     
  Lines        3612     3694      +82     
  Branches      700      715      +15     
==========================================
+ Hits         3040     3112      +72     
- Misses        326      329       +3     
- Partials      246      253       +7

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@nandan-bhat nandan-bhat marked this pull request as ready for review July 16, 2024 11:10
developerkunal
developerkunal approved these changes Jul 16, 2024
View reviewed changes
Copy link
Contributor

@developerkunal developerkunal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@developerkunal developerkunal merged commit 0a0567e into master Jul 16, 2024
7 checks passed
@developerkunal developerkunal deleted the feature/DXCDT-643 branch July 16, 2024 14:54
@bweisberger bweisberger mentioned this pull request Jul 17, 2024
Open
6 tasks
kushalshit27 pushed a commit that referenced this pull request Sep 26, 2024
@nandan-bhat @developerkunal @kushalshit27
Supporting SCIM feature | Workaround on node-auth0@v3 (#921)
d394490 
* Supporting SCIM feature

* Handling rate limit on getScimConfiguration | Added unit test coverage

* Removing un-used variables

* Fixing lint issues | Adding dependency axios

* Using built-in "sleep" method. | Using 2 space indentation

* Removing axios from the dependency list

* Adding AUTH0_ALLOW_DELETE condition before deleting the scim_configuration

* Updating the debug logs

* Updating the debug logs

---------

Co-authored-by: KunalOfficial <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@developerkunal developerkunal developerkunal approved these changes

@gyaneshgouraw-okta gyaneshgouraw-okta gyaneshgouraw-okta left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nandan-bhat @codecov-commenter @developerkunal @gyaneshgouraw-okta