Skip to content

Google Workspace support #161

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
pond merged 2 commits into from
Sep 12, 2025
Merged

Google Workspace support #161

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
33413dc
Experimental equivalent of #142
pond Mar 5, 2025
1ddbf6e
Fix up & improve
pond Mar 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions app/controllers/scimitar/application_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,9 @@ def require_scim
request.format = :scim
elsif request.format == :scim
request.headers['CONTENT_TYPE'] = scim_mime_type
elsif request.media_type.downcase == 'application/json' && request.user_agent.start_with?('Google') # https://github.com/pond/scimitar/issues/142
Copy link
Copy Markdown
Contributor

@aerodynamik aerodynamik Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have the same problem, but some of our customers send something else alongside application/json content type, so this update doesn't cover our use case and we still have to workaround on our side.

I think there could be a config option instead to allow setting supported content types explicitly. Additionally, I guess user agent could be left unset, so this will produce an exception like this:

undefined method 'start_with?' for nil
["[...]/3.4.2/lib/ruby/gems/3.4.0/gems/scimitar-2.13.0/app/controllers/scimitar/application_controller.rb:104:in 'Scimitar::ApplicationController#require_scim'"

Copy link
Copy Markdown
Owner Author

@pond pond Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aerodynamik Noted - I hope to have some time to look into this on Friday.

Copy link
Copy Markdown
Owner Author

@pond pond Nov 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aerodynamik via #166, Scimitar 2.14.0 has been released which lets you provide your own sanitizer for inbound requests.

Hopefully, this meets your requirements.

request.format = :scim
request.headers["CONTENT_TYPE"] = scim_mime_type
else
handle_scim_error(ErrorResponse.new(status: 406, detail: "Only #{scim_mime_type} type is accepted."))
end
Expand Down
19 changes: 19 additions & 0 deletions spec/controllers/scimitar/application_controller_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -291,6 +291,25 @@ def index; end
expect(@exception.message).to eql('Only application/scim+json type is accepted.')
end
end

context 'and with Google SCIM calls' do
it 'reaches the controller action if the expected agent is making the request' do
request.headers['Content-Type'] = 'application/json'
request.headers['User-Agent' ] = 'Google-Auto-Provisioning'
get :index

expect(@exception).to be_a(RuntimeError)
expect(@exception.message).to eql('Bang')
end

it 'is invoked early for unrecognised agents' do
request.headers['Content-Type'] = 'application/json'
get :index

expect(@exception).to be_a(Scimitar::ErrorResponse)
expect(@exception.message).to eql('Only application/scim+json type is accepted.')
end
end # "context 'and with Google SCIM calls' do"
end # "context 'exception reporter' do"
end # "context 'error handling' do"
end