[midPoint] Bug ? inbound mapping

Sylvaire kevin TIPA sylvaire-kevin.tipa at mythalesgroup.io
Sun Mar 28 11:56:17 CEST 2021 

Hello,

It's maybe a bug (or a normal case but strange) about inbound mapping in resource.

In my case, I have an inbound mapping in resource than target a user schema extension field. When I doing modification from MP IHM in my user, the field result with my modification and not the inbound connector value. If I reconcile, I got the right value from connector ...

My use case is little strange. This field represent an account token expiration date, so the connector give me then expiration date (this is ok). When a user want to renew this token, he set some old date on this field, the connector create a new token and reply the new expiration date. In MP, I got the expiration date set by user (see by MP as evaluationNew in expression), not the expiration set by connector. I got some other case with the same 'bug'. If I reconcile, the field is change correctly by the connector return value.

So, in resume, inbound mapping are not respected when user set value in MP GUI. I test with ~all options like 'strong' and other. Value from MP are always prior than inbound value.

My code for sample :
When I reconcile user, I got the correct value (from connector) in user GUI `artifactoryTokenExpiry` field. But If I change it from GUI, the value of `'artifactoryTokenExpiry' keep the value input by user. I expected than this value will be replace by inbound value instead of user input.
(And if I reconcile, the value of artifactoryTokenExpiry change for inbound value, so user is not in 'correct' state).

<attribute id="195">
    <c:ref xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3">ri:tokenExpiry</c:ref>
    <tolerant>true</tolerant>
    <exclusiveStrong>false</exclusiveStrong>
    <outbound>
        <authoritative>true</authoritative>
        <exclusive>false</exclusive>
        <strength>normal</strength>
        <source>
            <c:path>$user/extension/artifactoryTokenExpiry</c:path>
        </source>
        <expression>
            <script xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="c:ScriptExpressionEvaluatorType">
                <code>
                    import javax.xml.datatype.XMLGregorianCalendar

                    return new Long((artifactoryTokenExpiry as XMLGregorianCalendar).toGregorianCalendar().getTimeInMillis());
                </code>
            </script>
        </expression>
        <condition>
            <script xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="c:ScriptExpressionEvaluatorType">
                <code>artifactoryTokenExpiry != null</code>
            </script>
        </condition>
    </outbound>
    <inbound id="198">
        <authoritative>false</authoritative>
        <exclusive>false</exclusive>
        <strength>strong</strength>
        <expression>
            <script xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="c:ScriptExpressionEvaluatorType">
                <code>
                    import java.util.Date;
                    import javax.xml.datatype.XMLGregorianCalendar;
                    import javax.xml.datatype.DatatypeFactory;
                    import java.util.GregorianCalendar;
                    log.debug("New ? : " + midpoint.isEvaluateNew() + " Input for inbound on artifactory artifactoryTokenExpiry " + input )

                    long time = new Long(input);
                    Date date = new Date((long)time);
                    GregorianCalendar c = new GregorianCalendar();
                    c.setTime(date);
                    XMLGregorianCalendar date2 = DatatypeFactory.newInstance().newXMLGregorianCalendar(c);

                    return date2
                </code>
            </script>
        </expression>
        <target>
            <c:path>$user/extension/artifactoryTokenExpiry</c:path>
        </target>
        <condition>
            <script xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="c:ScriptExpressionEvaluatorType">
                <code>!basic.isEmpty(input) </code>
            </script>
        </condition>
    </inbound>
</attribute>




Cordialement,


[cid:8e2f30c3-f5eb-4f4e-aefb-9d083f8a3b45]

Sylvaire-Kevin TIPA
Thales Services / DIO / DevOps Automatisation
......................................................................................................
THALES SERVICES SAS
44 Quai Charles de Gaulle
CS 20100
69463 Lyon Cedex 06
......................................................................................................
www.thalesgroup.com<http://www.thalesgroup.com/>




This message contains confidential information and is intended only for the individual(s) addressed in the message. If you are not the named addressee, you should not disseminate, distribute, or copy this e-mail. If you are not the intended recipient, you are notified that disclosing, distributing, or copying this e-mail is strictly prohibited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20210328/1c721e21/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 6112 bytes
Desc: image001.png
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20210328/1c721e21/attachment-0001.png>

More information about the midPoint mailing list