Endpoint fixes (#30) (#53)

* Adds returning of sample resource types from the endpoint

* Adds sample schema types support

* fix: Make schema discovery response SCIM compliant

    - Fix type property's value in atttributes schema to be camelCase
    - Add subAttributes to complex types
    - Add schemas attribute to Schema resource
    - Remove all unused imports
    - Put all using statements inside namespace
    - Fix typos in the code
    - Use expression body where necessary
    - Add Authentication

Co-authored-by: RyanE <[email protected]>
Co-authored-by: Charity Marani <[email protected]>

Co-authored-by: Ryanmeakins <[email protected]>
Co-authored-by: RyanE <[email protected]>
Co-authored-by: Charity Marani <[email protected]>

Author: 4 people

Microsoft.SCIM.WebHostSample/Controllers/TokenController.cs

@@ -27,21 +27,18 @@ public TokenController(IConfiguration Configuration)
 
         private string GenerateJSONWebToken()
         {
-            // Create token key
             SymmetricSecurityKey securityKey =
                 new SymmetricSecurityKey(Encoding.UTF8.GetBytes(this.configuration["Token:IssuerSigningKey"]));
             SigningCredentials credentials =
                 new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
 
-            // Set token expiration
             DateTime startTime = DateTime.UtcNow;
             DateTime expiryTime;
             if (double.TryParse(this.configuration["Token:TokenLifetimeInMins"], out double tokenExpiration))
                 expiryTime = startTime.AddMinutes(tokenExpiration);
             else
                 expiryTime = startTime.AddMinutes(defaultTokenExpirationTimeInMins);
 
-            // Generate the token
             JwtSecurityToken token =
                 new JwtSecurityToken(
                     this.configuration["Token:TokenIssuer"],

Microsoft.SCIM.WebHostSample/Provider/InMemoryStorage.cs

@@ -23,6 +23,5 @@ private InMemoryStorage()
                                             new InMemoryStorage());
 
         public static InMemoryStorage Instance => InMemoryStorage.InstanceValue.Value;
-        
     }
 }

Microsoft.SCIM.WebHostSample/Startup.cs

@@ -6,9 +6,11 @@ namespace Microsoft.SCIM.WebHostSample
 {
     using System.Text;
     using System.Threading.Tasks;
+    using Microsoft.AspNetCore.Authentication;
     using Microsoft.AspNetCore.Authentication.JwtBearer;
     using Microsoft.AspNetCore.Builder;
     using Microsoft.AspNetCore.Hosting;
+    using Microsoft.AspNetCore.Mvc;
     using Microsoft.AspNetCore.Routing;
     using Microsoft.Extensions.Configuration;
     using Microsoft.Extensions.DependencyInjection;
@@ -38,67 +40,49 @@ public Startup(IWebHostEnvironment env, IConfiguration configuration)
         // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
         public void ConfigureServices(IServiceCollection services)
         {
-            if (this.environment.IsDevelopment())
+            void ConfigureMvcNewtonsoftJsonOptions(MvcNewtonsoftJsonOptions options) => options.SerializerSettings.NullValueHandling = NullValueHandling.Ignore;
+
+            void ConfigureAuthenticationOptions(AuthenticationOptions options)
             {
-                // Development environment code
-                // Validation for bearer token for authorization used during testing.
-                // NOTE: It's not recommended to use this code in production, it is not meant to replace proper OAuth authentication.
-                //       This option is primarily available for testing purposes.
-                services.AddAuthentication(options =>
-                {
-                    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
-                    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
-                    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
-                })
-                .AddJwtBearer(options =>
-                {
-                    options.TokenValidationParameters =
-                        new TokenValidationParameters
-                        {
-                            ValidateIssuer = false,
-                            ValidateAudience = false,
-                            ValidateLifetime = false,
-                            ValidateIssuerSigningKey = false,
-                            ValidIssuer = this.configuration["Token:TokenIssuer"],
-                            ValidAudience = this.configuration["Token:TokenAudience"],
-                            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(this.configuration["Token:IssuerSigningKey"]))
-                        };
-                });
+                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
             }
-            else
+
+            void ConfigureJwtBearerOptons( JwtBearerOptions options)
             {
-                // Leave the optional Secret Token field blank
-                // Azure AD includes an OAuth bearer token issued from Azure AD with each request
-                // The following code validates the Azure AD-issued token
-                // NOTE: It's not recommended to leave this field blank and rely on a token generated by Azure AD. 
-                //       This option is primarily available for testing purposes.
-                services.AddAuthentication(options =>
+                if (this.environment.IsDevelopment())
                 {
-                    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
-                    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
-                    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
-                })
-                .AddJwtBearer(options =>
+                    options.TokenValidationParameters =
+                       new TokenValidationParameters
+                       {
+                           ValidateIssuer = false,
+                           ValidateAudience = false,
+                           ValidateLifetime = false,
+                           ValidateIssuerSigningKey = false,
+                           ValidIssuer = this.configuration["Token:TokenIssuer"],
+                           ValidAudience = this.configuration["Token:TokenAudience"],
+                           IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(this.configuration["Token:IssuerSigningKey"]))
+                       };
+                }
+                else
                 {
                     options.Authority = this.configuration["Token:TokenIssuer"];
                     options.Audience = this.configuration["Token:TokenAudience"];
                     options.Events = new JwtBearerEvents
                     {
                         OnTokenValidated = context =>
                         {
-                            // NOTE: You can optionally take action when the OAuth 2.0 bearer token was validated.
-
                             return Task.CompletedTask;
                         },
                         OnAuthenticationFailed = AuthenticationFailed
                     };
-                });
+                }
+
             }
 
-            services.AddControllers().AddNewtonsoftJson(options =>
-            {
-                options.SerializerSettings.NullValueHandling = NullValueHandling.Ignore;
-            });
+            services.AddAuthentication(ConfigureAuthenticationOptions).AddJwtBearer(ConfigureJwtBearerOptons);
+            services.AddControllers().AddNewtonsoftJson(ConfigureMvcNewtonsoftJsonOptions);
+
             services.AddSingleton(typeof(IProvider), this.ProviderBehavior);
             services.AddSingleton(typeof(IMonitor), this.MonitoringBehavior);
         }
@@ -112,7 +96,6 @@ public void Configure(IApplicationBuilder app)
             }
 
             app.UseHsts();
-
             app.UseRouting();
             app.UseHttpsRedirection();
             app.UseAuthentication();

Microsoft.SystemForCrossDomainIdentityManagement/Protocol/BulkOperation.cs

@@ -0,0 +1,62 @@
+//------------------------------------------------------------
+// Copyright (c) Microsoft Corporation.  All rights reserved.
+//------------------------------------------------------------
+
+namespace Microsoft.SCIM
+{
+    using System;
+    using System.Net.Http;
+    using System.Runtime.Serialization;
+
+    [DataContract]
+    public abstract class BulkOperation
+    {
+        private HttpMethod method;
+        private string methodName;
+
+        protected BulkOperation()
+        {
+            this.Identifier = Guid.NewGuid().ToString();
+        }
+
+        protected BulkOperation(string identifier)
+        {
+            this.Identifier = identifier;
+        }
+
+        [DataMember(Name = ProtocolAttributeNames.BulkOperationIdentifier, Order = 1)]
+        public string Identifier
+        {
+            get;
+            private set;
+        }
+
+        public HttpMethod Method
+        {
+            get => this.method;
+
+            set
+            {
+                this.method = value;
+                if (value != null)
+                {
+                    this.methodName = value.ToString();
+                }
+            }
+        }
+
+        [DataMember(Name = ProtocolAttributeNames.Method, Order = 0)]
+#pragma warning disable IDE0051 // Remove unused private members
+        private string MethodName
+#pragma warning restore IDE0051 // Remove unused private members
+        {
+            get => this.methodName;
+
+            set
+            {
+                this.method = new HttpMethod(value);
+                this.methodName = value;
+            }
+        }
+    }
+}

Microsoft.SystemForCrossDomainIdentityManagement/Protocol/BulkOperations.cs

@@ -0,0 +1,77 @@
+//------------------------------------------------------------
+// Copyright (c) Microsoft Corporation.  All rights reserved.
+//------------------------------------------------------------
+
+namespace Microsoft.SCIM
+{
+    using System;
+    using System.Collections.Generic;
+    using System.Linq;
+    using System.Runtime.Serialization;
+
+    [DataContract]
+    public abstract class BulkOperations<TOperation> : Schematized where TOperation : BulkOperation
+    {
+        [DataMember(Name = ProtocolAttributeNames.Operations, Order = 2)]
+        private List<TOperation> operations;
+        private IReadOnlyCollection<TOperation> operationsWrapper;
+
+        private object thisLock;
+
+        protected BulkOperations(string schemaIdentifier)
+        {
+            if (string.IsNullOrWhiteSpace(schemaIdentifier))
+            {
+                throw new ArgumentNullException(nameof(schemaIdentifier));
+            }
+
+            this.AddSchema(schemaIdentifier);
+            this.OnInitialization();
+            this.OnInitialized();
+        }
+
+        public IReadOnlyCollection<TOperation> Operations => this.operationsWrapper;
+
+        public void AddOperation(TOperation operation)
+        {
+            if (null == operation)
+            {
+                throw new ArgumentNullException(nameof(operation));
+            }
+
+            if (string.IsNullOrWhiteSpace(operation.Identifier))
+            {
+                throw new ArgumentException(
+                    SystemForCrossDomainIdentityManagementProtocolResources.ExceptionUnidentifiableOperation);
+            }
+
+            bool Contains() => this.operations.Any((BulkOperation item) => string.Equals(item.Identifier, operation.Identifier,
+                StringComparison.OrdinalIgnoreCase));
+
+            if (!Contains())
+            {
+                lock (this.thisLock)
+                {
+                    if (!Contains())
+                    {
+                        this.operations.Add(operation);
+                    }
+                }
+            }
+        }
+
+        [OnDeserialized]
+        private void OnDeserialized(StreamingContext _) => this.OnInitialized();
+
+        [OnDeserializing]
+        private void OnDeserializing(StreamingContext _) => this.OnInitialization();
+       
+        private void OnInitialization()
+        {
+            this.thisLock = new object();
+            this.operations = new List<TOperation>();
+        }
+
+        private void OnInitialized() => this.operationsWrapper = this.operations.AsReadOnly();
+    }
+}

Microsoft.SystemForCrossDomainIdentityManagement/Protocol/BulkRequest2.cs

@@ -0,0 +1,24 @@
+//------------------------------------------------------------
+// Copyright (c) Microsoft Corporation.  All rights reserved.
+//------------------------------------------------------------
+
+namespace Microsoft.SCIM
+{
+    using System.Runtime.Serialization;
+
+    [DataContract]
+    public sealed class BulkRequest2 : BulkOperations<BulkRequestOperation>
+    {
+        public BulkRequest2()
+            : base(ProtocolSchemaIdentifiers.Version2BulkRequest)
+        {
+        }
+
+        [DataMember(Name = ProtocolAttributeNames.FailOnErrors, Order = 1)]
+        public int? FailOnErrors
+        {
+            get;
+            set;
+        }
+    }
+}