Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[gateway] SCIM update and delete may report a false negative in AuditLogs #6970

Closed
leleueri opened this issue Jan 19, 2022 · 0 comments
Closed

[gateway] SCIM update and delete may report a false negative in AuditLogs #6970

leleueri opened this issue Jan 19, 2022 · 0 comments
Assignees
@leleueri
Labels
project: AM type: bug
Milestone
AM - 3.10.14

Comments

@leleueri
Copy link
Contributor

💥 Describe the bug

When SCIM is used to provision users belonging to an external ID (like an OIDC) then the SCIM action succeed but an audit entry with the status FAILURE is display.

🌄 To Reproduce

Steps to reproduce the behaviour:

  1. On a domain with OIDC IDP
  2. Enable SCIM with IDP Selection enable with this EL : {#context.attributes['client'].metadata['appidp']}
  3. create a srevice app with SCIM scope enabled
  4. create the appidp metadata for this app (value must contain the OIDC internal ID)
  5. create a user using SCIM
  6. patch the user using SCIM
  7. look at the domain audits, the user update is marked as FAILURE
  8. Delete the user with SCIM
  9. the call return an error

🌈 Expected behaviour

Update should be marked as SUCCESS
Delete should work

Version

AM 3.10.13
@leleueri leleueri added this to the AM - 3.10.x milestone Jan 19, 2022
@leleueri leleueri self-assigned this Jan 19, 2022
@leleueri leleueri mentioned this issue Jan 19, 2022
Merged
@leleueri leleueri modified the milestones: AM - 3.10.x, AM - 3.10.14 Jan 19, 2022
tcompiegne pushed a commit to gravitee-io/gravitee-access-management that referenced this issue Jan 24, 2022
@leleueri @tcompiegne
fix: do not log missing UserProviderNotFoundException when user is up…
fc6a556 
…dated or deleted using SCIM

fixes gravitee-io/issues#6970
tcompiegne pushed a commit to gravitee-io/gravitee-access-management that referenced this issue Jan 24, 2022
@leleueri @tcompiegne
fix: do not log missing UserProviderNotFoundException when user is up…
87b906b 
…dated or deleted using SCIM

fixes gravitee-io/issues#6970
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@leleueri leleueri

Labels
project: AM type: bug
Projects
None yet
Milestone
AM - 3.10.14
Development

No branches or pull requests
3 participants
@tcompiegne @leleueri @apoddany