[midPoint] Configuring SCIM / Slack connector
Keith Hazelton
keith.hazelton at wisc.edu
Tue Oct 10 17:42:20 CEST 2017
Excellent! I will give this a try.
Many thanks, --Keith
From: midPoint [mailto:midpoint-bounces at lists.evolveum.com] On Behalf Of Matus Macik
Sent: Tuesday, October 10, 2017 10:31 AM
To: midPoint General Discussion <midpoint at lists.evolveum.com>; gustav.palos at evolveum.com
Subject: Re: [midPoint] Configuring SCIM / Slack connector
Hello Keith,
It seems that there were a couple of changes to the Users schema provided by the Slack scim endpoint. I made some modifications to the Scim connector which should fix these issues. You can clone the project from our git repository at: https://github.com/Evolveum/connector-scim1
Regards,
Matus Macik | Developer and Identity Management Engineer
matus.macik at evolveum.com<mailto:matus.macik at evolveum.com> | www.evolveum.com<http://www.evolveum.com>
Evolveum
From: Keith Hazelton<mailto:keith.hazelton at wisc.edu>
Sent: Friday, October 6, 2017 3:58 PM
To: midPoint General Discussion<mailto:midpoint at lists.evolveum.com>; gustav.palos at evolveum.com<mailto:gustav.palos at evolveum.com>
Subject: Re: [midPoint] Configuring SCIM / Slack connector
Here’s the relevant section of the SCIM Protocol RFC 7644. I think it shows that Slack is not completely SCIM compliant.
4<https://tools.ietf.org/html/rfc7644#section-4>. Service Provider Configuration Endpoints
SCIM defines three endpoints to facilitate discovery of SCIM service
provider features and schema that MAY be retrieved using HTTP GET:
/ServiceProviderConfig
An HTTP GET to this endpoint will return a JSON structure that
describes the SCIM specification features available on a service
provider. This endpoint SHALL return responses with a JSON object
using a "schemas" attribute of
"urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig".
The attributes returned in the JSON object are defined in
Section 5 of [RFC7643]<https://tools.ietf.org/html/rfc7643#section-5>. An example representation of SCIM service
provider configuration may be found in Section 8.5 of [RFC7643]<https://tools.ietf.org/html/rfc7643#section-8.5>.
Hunt, et al. Standards Track [Page 73]
RFC 7644<https://tools.ietf.org/html/rfc7644> SCIM Protocol Specification September 2015
/Schemas
An HTTP GET to this endpoint is used to retrieve information about
resource schemas supported by a SCIM service provider. An HTTP
GET to the endpoint "/Schemas" SHALL return all supported schemas
in ListResponse format (see Figure 3). Individual schema
definitions can be returned by appending the schema URI to the
/Schemas endpoint. For example:
/Schemas/urn:ietf:params:scim:schemas:core:2.0:User
___________________________________
email & jabber: keith.hazelton at wisc.edu<mailto:keith.hazelton at wisc.edu>
calendar: http://go.wisc.edu/i6zxx0
From: midPoint <midpoint-bounces at lists.evolveum.com<mailto:midpoint-bounces at lists.evolveum.com>> on behalf of Keith Hazelton <keith.hazelton at wisc.edu<mailto:keith.hazelton at wisc.edu>>
Reply-To: midPoint General Discussion <midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>>
Date: Friday, October 6, 2017 at 08:46
To: midPoint General Discussion <midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>>, "gustav.palos at evolveum.com<mailto:gustav.palos at evolveum.com>" <gustav.palos at evolveum.com<mailto:gustav.palos at evolveum.com>>
Subject: Re: [midPoint] Configuring SCIM / Slack connector
I note that Slack DOES return responses for ../scim/v1/Schemas/Users and ../Schemas/Groups. Is midPoint’s SCIM Slack connector looking for the bare ../Schemas endpoint? That may be an issue.
--Keith
___________________________________
email & jabber: keith.hazelton at wisc.edu<mailto:keith.hazelton at wisc.edu>
calendar: http://go.wisc.edu/i6zxx0
From: midPoint <midpoint-bounces at lists.evolveum.com<mailto:midpoint-bounces at lists.evolveum.com>> on behalf of Keith Hazelton <keith.hazelton at wisc.edu<mailto:keith.hazelton at wisc.edu>>
Reply-To: midPoint General Discussion <midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>>
Date: Friday, October 6, 2017 at 08:06
To: "gustav.palos at evolveum.com<mailto:gustav.palos at evolveum.com>" <gustav.palos at evolveum.com<mailto:gustav.palos at evolveum.com>>, midPoint General Discussion <midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>>
Subject: Re: [midPoint] Configuring SCIM / Slack connector
Gustáv,
Thanks for the new connector config. I believe the logs show that with the new config, midPoint Test Connection errors out after getting a null result back when GETting api.slack.com/scim/v1/Schemas (see log snippet below)
Using Postman, I confirmed that this is true—Querying for …/Schemas gives an empty response body.
Is there a way to skip that request to the Schemas endpoint?
--Keith
2017-10-06 12:31:04,281 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): Configuring connector connector:0a71bfb2-a5ad-424f-b45b-cce972d82cbe(ConnId com.evolveum.polygon.scim.ScimConnector v1.4.4), provided configuration:
configurationProperties:
authentication: [ token (raw) ]
token: [ <class MapXNode> (raw) ]
endpoint: [ /scim (raw) ]
version: [ /v1 (raw) ]
baseUrl: [ https://api.slack.com<https://api.slack.com/> (raw) ]
resultsHandlerConfiguration:
enableNormalizingResultsHandler: false
enableFilteredResultsHandler: false
filteredResultsHandlerInValidationMode: true
enableAttributesToGetSearchResultsHandler: false
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): Configuring connector connector:0a71bfb2-a5ad-424f-b45b-cce972d82cbe(ConnId com.evolveum.polygon.scim.ScimConnector v1.4.4), transformed configuration:
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): P: authentication = token
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): P: token = org.identityconnectors.common.security.GuardedString at f26fa483<mailto:org.identityconnectors.common.security.GuardedString at f26fa483>
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): P: userName = null
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): P: password = null
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): P: clientSecret = null
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): P: clientID = null
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): P: endpoint = /scim
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): P: version = /v1
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): P: loginURL = null
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): P: service = null
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): P: baseUrl = https://api.slack.com<https://api.slack.com/>
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): P: proxyUrl = null
2017-10-06 12:31:04,321 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): P: proxyPortNumber = null
2017-10-06 12:31:04,352 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): Legacy schema (config): null
2017-10-06 12:31:04,353 [] [http-nio-8080-exec-6] TRACE (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl): Connector supported operations: [interface org.identityconnectors.framework.api.operations.SearchApiOp, interface org.identityconnectors.framework.api.operations.UpdateApiOp, interface org.identityconnectors.framework.api.operations.ScriptOnConnectorApiOp, interface org.identityconnectors.framework.api.operations.CreateApiOp, interface org.identityconnectors.framework.api.operations.SchemaApiOp, interface org.identityconnectors.framework.api.operations.ValidateApiOp, interface org.identityconnectors.framework.api.operations.TestApiOp, interface org.identityconnectors.framework.api.operations.DeleteApiOp, interface org.identityconnectors.framework.api.operations.GetApiOp]
2017-10-06 12:31:04,807 [] [http-nio-8080-exec-6] WARN (com.evolveum.polygon.scim.StandardScimHandlingStrategy): method: null msg:Response string for the "schemas/" endpoint returned empty
2017-10-06 12:31:05,010 [] [http-nio-8080-exec-6] ERROR (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnIdUtil): ConnId Exception org.json.JSONException in connector:0a71bfb2-a5ad-424f-b45b-cce972d82cbe(ConnId com.evolveum.polygon.scim.ScimConnector v1.4.4): ConnectorSpec(resource:86437f3a-661a-4135-876a-233b67256bf0(Slack), name=null, oid=0a71bfb2-a5ad-424f-b45b-cce972d82cbe): JSONArray[0] is not a JSONObject.
org.json.JSONException: JSONArray[0] is not a JSONObject.
at org.json.JSONArray.getJSONObject(JSONArray.java:366) ~[na:na]
at com.evolveum.polygon.scim.ParserSchemaScim.parseSchema(ParserSchemaScim.java:69) ~[na:na]
at…
___________________________________
email & jabber: keith.hazelton at wisc.edu<mailto:keith.hazelton at wisc.edu>
calendar: http://go.wisc.edu/i6zxx0
From: midPoint <midpoint-bounces at lists.evolveum.com<mailto:midpoint-bounces at lists.evolveum.com>> on behalf of Pálos Gustáv <gustav.palos at evolveum.com<mailto:gustav.palos at evolveum.com>>
Reply-To: "gustav.palos at evolveum.com<mailto:gustav.palos at evolveum.com>" <gustav.palos at evolveum.com<mailto:gustav.palos at evolveum.com>>, midPoint General Discussion <midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>>
Date: Friday, October 6, 2017 at 02:05
To: midPoint General Discussion <midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>>
Subject: Re: [midPoint] Configuring SCIM / Slack connector
Hi,
please try to replace yours connectorConfiguration section to this one & try test connection:
<connectorConfiguration
xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3">
<icfc:configurationProperties
xmlns:icfcp="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.scim.connector-scim/com.evolveum.polygon.scim.ScimConnector">
<icfcp:authentication>token</icfcp:authentication>
<icfcp:token>
<t:clearValue>your token</t:clearValue>
</icfcp:token>
<icfcp:endpoint>/scim</icfcp:endpoint>
<icfcp:version>/v1</icfcp:version>
<icfcp:baseUrl>https://api.slack.com</icfcp:baseUrl>
</icfc:configurationProperties>
<icfc:resultsHandlerConfiguration>
<icfc:enableNormalizingResultsHandler>false</icfc:enableNormalizingResultsHandler>
<icfc:enableFilteredResultsHandler>false</icfc:enableFilteredResultsHandler>
<icfc:filteredResultsHandlerInValidationMode>true</icfc:filteredResultsHandlerInValidationMode>
<icfc:enableAttributesToGetSearchResultsHandler>false</icfc:enableAttributesToGetSearchResultsHandler>
</icfc:resultsHandlerConfiguration>
</connectorConfiguration>
Best regards,
Gustav
[https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif]<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=icon>
Virus-free. www.avast.com<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=link>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20171010/22d438f7/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 153 bytes
Desc: image001.png
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20171010/22d438f7/attachment.png>
More information about the midPoint
mailing list