[midPoint] Configuring SCIM / Slack connector
Matus Macik
matus.macik at evolveum.com
Fri Sep 29 15:58:00 CEST 2017
No that’s (the setting up tests part) just for development purposes.
Matus Macik | Developer and Identity Management Engineer
matus.macik at evolveum.com | www.evolveum.com
Evolveum
From: Keith Hazelton
Sent: Friday, September 29, 2017 3:55 PM
To: midPoint General Discussion
Subject: Re: [midPoint] Configuring SCIM / Slack connector
Thank you for your quick reply, Matus. I did try to follow the instructions at https://wiki.evolveum.com/display/midPoint/SCIM+v1+Slack+connector but I will review carefully. I think I missed the certificate setup step.
Do I need to complete the steps under “Setting up tests” in the wiki before trying “Test Connection”?
--Keith
___________________________________
email & jabber: keith.hazelton at wisc.edu
calendar: http://go.wisc.edu/i6zxx0
From: midPoint <midpoint-bounces at lists.evolveum.com> on behalf of Matus Macik <matus.macik at evolveum.com>
Reply-To: midPoint General Discussion <midpoint at lists.evolveum.com>
Date: Friday, September 29, 2017 at 08:43
To: midPoint General Discussion <midpoint at lists.evolveum.com>
Subject: Re: [midPoint] Configuring SCIM / Slack connector
Hello Keith,
Did you follow the configuration section of the connectors wiki page? https://wiki.evolveum.com/display/midPoint/SCIM+v1+Slack+connector
There are multiple fields which are dedicated for using the SCIM connector to connect to some other types of resource (which speaks SCIM) (i.e. SalesForce). You just need to use the ones required by slack. Yet it looks like you found a place where some better error handling would come to use. I will fix it in the next iteration.
Best regards,
Matus Macik | Developer and Identity Management Engineer
matus.macik at evolveum.com | www.evolveum.com
Evolveum
From: Keith Hazelton
Sent: Friday, September 29, 2017 1:08 PM
To: midPoint General Discussion
Subject: [midPoint] Configuring SCIM / Slack connector
I get an error on ‘Test Connection’ after configuring the midPoint SCIM connector (v 1.4.4) for Slack.com
Using Postman I can successfully access the SCIM endpoint at Slack with my assigned bearer token:
GET https://api.slack.com/scim/v1/Schemas/Groups
Authorization header: xoxp-…… {the token value for my Slack account}
Accept header: application/json
The response code from Postman is 200
The top of the response body is
{
"name": "Group",
"description": "Core Group",
"schema": "urn:scim:schemas:core:1.0",
"endpoint": "/Groups",
"attributes": [
{
"name": "id",
"type": "string",
"multiValued": false,
…
On ‘Test connection’ in the Resource section of the midPoint (3.6) UI, I get the ‘UnknownHostException’ error messages shown belo:
Here are the sanitized contents of the current configuration file for this midPoint connector:
<resource xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"
xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
oid="86437f3a-661a-4135-876a-233b67256bf0"
version="5">
<name>Slack</name>
<description>Slack Accounts</description>
<metadata>
<modifyTimestamp>2017-09-29T10:27:59.189Z</modifyTimestamp>
<modifierRef xmlns:tns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
oid="4f46545a-b0e6-4ddd-a3a2-bf0322389577"
relation="org:default"
type="tns:UserType"/>
<modifyChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</modifyChannel>
</metadata>
<operationExecution id="1">
<timestamp>2017-09-28T22:46:26.359Z</timestamp>
<operation>
<objectDelta>
<t:changeType>modify</t:changeType>
<t:objectType>c:ResourceType</t:objectType>
</objectDelta>
<executionResult>
<operation>com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeDelta</operation>
<status>success</status>
<token>1000000000000027617</token>
</executionResult>
<objectName>Slack</objectName>
</operation>
<status>success</status>
<initiatorRef oid="4f46545a-b0e6-4ddd-a3a2-bf0322389577"
relation="org:default"
type="c:UserType"/>
<channel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</channel>
</operationExecution>
<operationExecution id="2">
<timestamp>2017-09-29T10:27:59.227Z</timestamp>
<operation>
<objectDelta>
<t:changeType>modify</t:changeType>
<t:objectType>c:ResourceType</t:objectType>
</objectDelta>
<executionResult>
<operation>com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeDelta</operation>
<status>success</status>
<token>1000000000000029482</token>
</executionResult>
<objectName>Slack</objectName>
</operation>
<status>success</status>
<initiatorRef oid="4f46545a-b0e6-4ddd-a3a2-bf0322389577"
relation="org:default"
type="c:UserType"/>
<channel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</channel>
</operationExecution>
<operationalState>
<lastAvailabilityStatus>broken</lastAvailabilityStatus>
</operationalState>
<connectorRef oid="0a71bfb2-a5ad-424f-b45b-cce972d82cbe"
relation="org:default"
type="c:ConnectorType"/>
<connectorConfiguration xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3">
<icfc:configurationProperties xmlns:gen935="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.scim.connector-scim/com.evolveum.polygon.scim.ScimConnector">
<gen935:authentication>Token</gen935:authentication>
<gen935:token>
<t:encryptedData>
<t:encryptionMethod>
<t:algorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:algorithm>
</t:encryptionMethod>
<t:keyInfo>
<t:keyName>kI2lzKlkkV52NVziiHvxPlzAL6s=</t:keyName>
</t:keyInfo>
<t:cipherData>
<t:cipherValue>VGQr…mKPC</t:cipherValue>
</t:cipherData>
</t:encryptedData>
</gen935:token>
<gen935:userName>khazelton</gen935:userName>
<gen935:password>
<t:encryptedData>
<t:encryptionMethod>
<t:algorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:algorithm>
</t:encryptionMethod>
<t:keyInfo>
<t:keyName>kI2lzKlkkV52NVziiHvxPlzAL6s=</t:keyName>
</t:keyInfo>
<t:cipherData>
<t:cipherValue>iJt9p…MZA=</t:cipherValue>
</t:cipherData>
</t:encryptedData>
</gen935:password>
<gen935:endpoint>https://api.slack.com/scim</gen935:endpoint>
<gen935:version>/v1</gen935:version>
<gen935:loginURL>https://slack.com/signin</gen935:loginURL>
<gen935:service>Code</gen935:service>
<gen935:baseUrl>https://api.slack.com</gen935:baseUrl>
</icfc:configurationProperties>
</connectorConfiguration>
</resource>
I’m not sure why the username and password are needed for this connector since the Slack API uses a bearer token security scheme.
Appreciate any hints on where I’m wrong, --Keith Hazelton
___________________________________
email & jabber: keith.hazelton at wisc.edu
calendar: http://go.wisc.edu/i6zxx0
Virus-free. www.avast.com
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170929/54af7f5e/attachment.htm>
More information about the midPoint
mailing list