1.19.0

Features server

• Added support for MsAzures special filter-expressions like filter=emails[primary eq true].value eq "[email protected]". The part behind the brackets is not defined in SCIM like this but this type of expression is used by MsAzure. This expression is now resolved to a logical and-operation in the FilterNodes.
• Add a new configuration-attribute that allows to toggle another workaround for MsAzure. see #541
• Add a new configuration-attribute that allows to toggle the error-behaviour for invalid-path patch-requests. If an attribute referenced in a patch-request does not exist an error is thrown as defined by RFC7644. The configuration option will prevent the error so that the attribute is simply ignored and not handled. see #539
• It is now possible to implement custom-validators for the response. The abstract ResourceHandler-class does now have a predefined method getResponseValidator(...) that can be overridden.

Bug Fixes server

• Fixed a Bug with binary nodes that occured in schema-validation and when reading the binary node.
• Fixed a Bug that did not throw an error on resource-filtering if an ambigious filter-attribute was used without its fully qualified attribute-name

Features client

• Extended the ScimRequestBuilder by a method to load the complete ServiceProvider configuration. This includes [ServiceProviderConfig, ResourceTypes, Schemas]. use scimRequestBuilder.loadMetaConfiguration()
• Added a new method to the ListRequestBuilder that allows to load all resources from the server with a single method-call scimRequestBuilder().list(...).get().getAll() or scimRequestBuilder().list(...).post().getAll()

Bug Fixes client

• Fixed a Bug that prevented to get the data of a schema-extension from the ServiceProvider if a resource-type-configuration was loaded.

1.18.1

Bug Fixes common

Fixed a Bug that prevented the boolean for the MsAzure sub-value-attribute patch feature from being set if the builder-method was called. see #516

1.18.0

Features server

• A new workaround for MsAzure was added that fixes illegal Patch requests with nested value-sub-nodes. see: #516. This feature must be enabled explicitly in the PatchConfig object of the ServiceProvider object

Bug Fixes server

• A bug was fixed that caused the update-method of a ResourceHandler to be executed at the end of a patch request eventhough no changes were made. This problem occured only on MultivaluedComplexTypes if no effective change was made to the resource.

Features client

• The TLS algorithm for the http-client is now set to TLS1.2 by default and is configurable. see: #517

Bug Fixes client

• Http StatusCode 204 is now accepted as valid status code. see: #519

1.17.0 / 1.17.1

Features server

• Added a post-construct method to class ResourceHandler that can be used to customize the initialization of the resource handlers.
• Added a new method to class ResourceHandler that allows to identify the ResourceType based on the ref-attribute of a resource
• resource IDs in URLs will now be URL-encoded/decoded
• Added a new method to class ScimResponse to generate a jakarta.ws.rs.core.Response object
• Added a new configuration attribute on class ResourceType. It is now possible to change the behaviour of the roles-attribute.
  • Default behaviour: all roles for an endpoint must be present for a user in order to access the endpoint. So lets say you configured the roles user and create on a resource-type to access the create-endpoint. The user must possess both roles to be able to access this endpoint
  • Adjusted behaviour: If the useOrOnRoles-attribute is set on the ResourceType the user must only possess one of the configured roles.
• Added a new convenience method to access the original request-body from the Context object within ResourceHandlers. This was done with the thought in mind that a delete request might have a request-body.

Breaking Changes

• The get and list endpoints have been separated for role-adjustments. So if you have set roles for a get-endpoint on a specific resource-type the list-endpoint will not be affected by it anymore. It must be set explicitly.
• Custom attributes not defined by the SCIM specification on the Schemas resource will not be returned anymore by default from the /Schemas endpoint. This includes attributes like minItems, pattern, minValue etc. Only the attributes from the SCIM spec will be returned by default.

Bug Fixes server

• A bug was fixed that caused modification of the location-attribute within the meta-attribute. This will now only happen if you did not set this attribute manually.
• Fixed a bug that caused multivalued-complex attributes to be removed from the response on create/update requests if the mutability was set to request

Difference between 1.17.0 and 1.17.1

I simply forgot to update third party dependencies. So the release 1.17.1 is with the latest updates of third party libraries.

1.16.0

Features server

• Change some logging messages in the JsonHelper-class from debug to trace
• the SchemaAttributes-methods are now public. This allows dynamic configuration changes during runtime
• The binary type is now supported
• Support ms-azure patch-notation for replace and add-operations
• Support for ms-azure patch-requests with filter-expressions. This feature must be explicitly activated.

Features client

• Make getResource-method in RequestBuilder public. This can be used to easily find the corresponding request-objects of bulk-response-objects
• Add several convenience methods to the BulkBuilder class
• Allow parallel handling of BulkRequests. The client has in inbuilt feature to split a BulkRequest into tiny pieces by honoring the maxOperations-value of the ServiceProvider. These tiny pieces can now be sent multithreaded.
• The expected response-headers of the client can be changed. Normally the client expects to receive the response-header Content-Type: application/scim+json but some providers do not send this header. To prevent the response from being rejected simply override the expectedHeaders in the configuration.
• Add a convenience method to add a list of values in PatchBuilder
• Updated bouncycastle from bcprov-jdk15on to bcprov-jdk18on and bcpkix-jdk15on to bcpkix-jdk18on

Bug Fixes server

• Fix missing operations in bulk-response. If the precondition of a bulk-request failed the following response-objects were not added to the response
• Changed log-message in ResourceTypeFactory. Due to a bug in the equals-method of jackson-JsonNode the comparison of the objects fails and the log-message is erroneously displayed. The message was changed to debug in hope that the comparison bug will be fixed in a later version.
• A Bug was fixed that caused the response to fail with HTTP 500 if the attributes or excludedAttributes parameter was used. The parameters could cause a required-attribute to be missing in the response. Required-attributes will no longer be handled as required in the response if the attributes or excludedAttributes parameter was used.
• Fixed a serious bug in bulk-requests that were introduced with version 1.15.0. If some operations did not have a bulkId it might have happened that some operations were executed twice or more often and other operations were never be processed. This was fixed by implicitly adding bulkIds to all operations that had no assigned by the client.

Bug Fixes client

• Fixed a bug that was caused if a returned bulk-response operation did not have an id. This might happen on singleton-endpoints.

1.15.3

Bug fixes

• Fixed erroenous http status code: #385
• Add a better error message in case of missing bulkIds if the bulk-request-auto-splitting-feature is used in the client implementation
• Fix permanent reloading of service provider details within the client if the bulk-request-auto-splitting-feature is used.

Maintenance

• Update dependencies

1.15.2

Bug Fixes

• #355 : new configuration property to the client-module to set the comparators in lowercase if necessary
• #354 : handling '$' in filter expressions

Maintenance

• Update of dependencies

1.15.1

Bug Fixes

• see #346 (CAUTION: this is a breaking change for applications that are using the method Context#getCrossResourceReferenceUrl(String id, String resourceName))

1.15.0

API Changes

• Removed a method from ResourceEndpoint in order to force developers to use the Context object.
• Remove NoArgsConstructor from Context in order to force developers to use the Authorization-interface
• Add convenience-methods to 'BulkResponse' object
• Add documentation links to log-warning for bypassed authentication when using the DefaultAuthentication-object that always returns true within the authenticate-method.
• Reimplemented BulkId reference resolving to be usable with the new custom feature (simple resource references)
• Rename blockReturnResourcesOnBulk for service provider to returnResourcesOnBulk

New Features

• Bulk-Get feature. See: https://github.com/Captain-P-Goldfish/SCIM-SDK/wiki/Bulk-Get-(Custom-Feature)-(@since-1.15.0)
• Simple resource references feature. See: https://github.com/Captain-P-Goldfish/SCIM-SDK/wiki/Simple-Resource-References-(Custom-Feature)-(@since-1.15.0)
• A workaround feature for SailsPoint can now be activated within the PatchConfig. see #327

Bug Fixes

• Delete-requests within the client module will no longer fail if the content-type header is missing within response: see #313
• Add missing custom-attribute returnResource to BulkRequestBuilder in order to request resources on response see https://github.com/Captain-P-Goldfish/SCIM-SDK/wiki/Return-resources-on-Bulk-Responses
• A bug was resolved that prevented to remove or replace extensions in patch requests

1.14.1

Bug Fixes

• See issue #309