How does the Custom provider has to respond when RETRIEVE is calling a resource which is NOT Found? #29
Description
I have a question about how to response from the Provider (in our case custom build LDAPProvider) in RETRIEVE scenario. BTW we use the latest nuget package of Microsoft.SystemForCrossDomainIdentityManagement
Query User based on identifier which cannot be found in the target identity store, example: scim/Groups/a6dda7e1-51c0-4153-9f15-870b256f8be8. It comes in the RetrieveAsync function and when not found return null. Like the example fo FileProvider.
public override async Task<Resource> RetrieveAsync(IResourceRetrievalParameters parameters, string correlationIdentifier)
{
....
var userCheckExistInOu = _accountMgt.GetUser(parameters.ResourceIdentifier.Identifier, IdentityType.Guid);
if (userCheckExistInOu == null)
{
LogWrapper.LogWarning(new InformationNotification($"User: {parameters.ResourceIdentifier.Identifier} not found.", correlationIdentifier), methodName, parameters.Path);
return null;
}
...
}This result in the log is an ERROR:
System.Web.Http.HttpResponseException: Processing of the HTTP request resulted in an exception. Please see the HTTP response returned by the 'Response' property of this exception for details.
at Microsoft.SystemForCrossDomainIdentityManagement.ControllerTemplate`1.d__4.MoveNext()StatusCodeNotFound
Reason: Not Found
The response it self is only 404 response code without content.
I would expect a response with content like this:
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:Error"
],
"status": "404",
"detail": "Resource 23B51B0E5D7AE9110A49411D@7cca31655d49f3640a494224 not found"
}And I also don't see in the log a line with the text "Data has been written".
- Is return null the correct response from the Provider which implemented IProvider?
- Is it correct that "SystemForCrossDomainIdentityManagement" builds the response message? Or do I have to do that in the Provider? If so how do I integrate?
- Can I override it some how and what does AAD expect for response?