WSO2is SCIM 2 使用自定义字段创建新用户
WSO2is SCIM 2 create new user with custom fields
我可以按照此处找到的示例创建新用户:
curl -v -k --user admin@tenant1.com@tenant1.com:admin --data '{"schemas":[],"name":{"familyName":"jackson","givenName":"kim"},"phoneNumbers":[{"type":"mobile","value":"9999"}],"addresses":[{"type":"work","streetAddress":"100 Universal City Plaza","locality":"Hollywood","region":"CA","postalCode":"90068","country":"USA","formatted":"100 Universal City Plaza\nHollywood, CA 90068 USA","primary":true},{"type":"home","streetAddress":"456 Hollywood Blvd","locality":"Hollywood","region":"CA","postalCode":"91608","country":"USA","formatted":"456 Hollywood Blvd\nHollywood, CA 91608 USA"}],"userName":"kim@mail.com","password":"kimwso2","nickName":"abc","title":"Operations Chief","urn:ietf:params:scim:schemas:core:2.0:User:streetAddress":"Miami, florida","emails":[{"primary":true,"value":"kim.jackson@gmail.com","type":"home"},{"value":"kim_j@wso2.com","type":"work"}]}' --header "Content-Type:application/json" https://localhost:9443/t/tenant1.com/scim2/Users
我想为新用户添加对 departments 字段的支持。
在 urn:ietf:params:scim:schemas:extension:enterprise:2.0:User 的索赔中,我已确保索赔部门存在并映射到 http://wso2.org/claims
添加了部门的脚本
curl -v -k --user admin@tenant1.com@tenant1.com:admin --data '{"schemas":[],"name":{"familyName":"jackson","givenName":"kim"},"phoneNumbers":[{"type":"mobile","value":"9999"}],"addresses":[{"type":"work","streetAddress":"100 Universal City Plaza","locality":"Hollywood","region":"CA","postalCode":"90068","country":"USA","formatted":"100 Universal City Plaza\nHollywood, CA 90068 USA","primary":true},{"type":"home","streetAddress":"456 Hollywood Blvd","locality":"Hollywood","region":"CA","postalCode":"91608","country":"USA","formatted":"456 Hollywood Blvd\nHollywood, CA 91608 USA"}],"department":["Accounting","Marketing and Advertising"],"userName":"kim@mail.com","password":"kimwso2","nickName":"abc","title":"bhhhxxs","urn:ietf:params:scim:schemas:core:2.0:User:streetAddress":"bhhhxxs","emails":[{"primary":true,"value":"kim.jackson@gmail.com","type":"home"},{"value":"kim_j@wso2.com","type":"work"}]}' --header "Content-Type:application/json" https://localhost:9443/t/tenant1.com/scim2/Users
如果我将 department 字段添加到脚本,这会创建但不会 return 当对此用户 ID 发出请求时:
curl -v -k --user admin@tenant1.com@tenant1.com:admin https://localhost:9443/t/tenant1.com/scim2/Users/44c7b532-09fe-4530-a199-cf81bff95b3a | jq .
的结果
{
"emails": [{
"type": "work",
"value": "kim_j@wso2.com"
},
{
"type": "home",
"value": "kim.jackson@gmail.com"
}
],
"addresses": [{
"type": "work",
"value": "100 Universal City Plaza\nHollywood, CA 90068 USA"
},
{
"type": "home",
"value": "456 Hollywood Blvd\nHollywood, CA 91608 USA"
}
],
"meta": {
"created": "2020-04-08T12:46:30.549Z",
"location": "https://localhost:9443/t/tenant1.com/scim2/Users/44c7b532-09fe-4530-a199-cf81bff95b3a",
"lastModified": "2020-04-08T12:46:30.549Z",
"resourceType": "User"
},
"nickName": "abc",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
],
"roles": [{
"type": "default",
"value": "Internal/everyone"
}],
"name": {
"givenName": "kim",
"familyName": "jackson"
},
"id": "44c7b532-09fe-4530-a199-cf81bff95b3a",
"userName": "kim@mail.com",
"title": "bhhhxxs",
"phoneNumbers": [{
"type": "mobile",
"value": "9999"
}]
}
我已经阅读了这个文档但没有成功:
https://is.docs.wso2.com/en/latest/develop/extensible-scim-user-schemas-with-wso2-identity-server/#extensible-scim-user-schemas-with-wso2-identity-server
https://is.docs.wso2.com/en/latest/develop/extending-scim2-user-schemas/#extending-the-scim-20-api
我的设置:wso2is 5.10
您可以在 https://github.com/wso2/docs-is/issues/1556
中找到创建具有扩展架构属性的用户的示例请求
诀窍是在创建请求中如下表示扩展属性
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"department": [
"Accounting",
"Marketing and Advertising"
]
}
更新:默认情况下,urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department 不是服务器中定义的 scim2 模式中的多值属性。您可以通过编辑 IS_HOME/repository/conf/scim2-schema-extension.config 文件使其成为多值属性
使其成为多值的
{
"attributeURI":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department",
"attributeName":"department",
"dataType":"string",
"multiValued":"true",
"description":"Identifies the name of a department",
"required":"false",
"caseExact":"false",
"mutability":"readWrite",
"returned":"default",
"uniqueness":"none",
"subAttributes":"null",
"canonicalValues":[],
"referenceTypes":[]
}
请注意 "multiValue" 属性是如何更新的。
我可以按照此处找到的示例创建新用户:
curl -v -k --user admin@tenant1.com@tenant1.com:admin --data '{"schemas":[],"name":{"familyName":"jackson","givenName":"kim"},"phoneNumbers":[{"type":"mobile","value":"9999"}],"addresses":[{"type":"work","streetAddress":"100 Universal City Plaza","locality":"Hollywood","region":"CA","postalCode":"90068","country":"USA","formatted":"100 Universal City Plaza\nHollywood, CA 90068 USA","primary":true},{"type":"home","streetAddress":"456 Hollywood Blvd","locality":"Hollywood","region":"CA","postalCode":"91608","country":"USA","formatted":"456 Hollywood Blvd\nHollywood, CA 91608 USA"}],"userName":"kim@mail.com","password":"kimwso2","nickName":"abc","title":"Operations Chief","urn:ietf:params:scim:schemas:core:2.0:User:streetAddress":"Miami, florida","emails":[{"primary":true,"value":"kim.jackson@gmail.com","type":"home"},{"value":"kim_j@wso2.com","type":"work"}]}' --header "Content-Type:application/json" https://localhost:9443/t/tenant1.com/scim2/Users
我想为新用户添加对 departments 字段的支持。
在 urn:ietf:params:scim:schemas:extension:enterprise:2.0:User 的索赔中,我已确保索赔部门存在并映射到 http://wso2.org/claims
添加了部门的脚本
curl -v -k --user admin@tenant1.com@tenant1.com:admin --data '{"schemas":[],"name":{"familyName":"jackson","givenName":"kim"},"phoneNumbers":[{"type":"mobile","value":"9999"}],"addresses":[{"type":"work","streetAddress":"100 Universal City Plaza","locality":"Hollywood","region":"CA","postalCode":"90068","country":"USA","formatted":"100 Universal City Plaza\nHollywood, CA 90068 USA","primary":true},{"type":"home","streetAddress":"456 Hollywood Blvd","locality":"Hollywood","region":"CA","postalCode":"91608","country":"USA","formatted":"456 Hollywood Blvd\nHollywood, CA 91608 USA"}],"department":["Accounting","Marketing and Advertising"],"userName":"kim@mail.com","password":"kimwso2","nickName":"abc","title":"bhhhxxs","urn:ietf:params:scim:schemas:core:2.0:User:streetAddress":"bhhhxxs","emails":[{"primary":true,"value":"kim.jackson@gmail.com","type":"home"},{"value":"kim_j@wso2.com","type":"work"}]}' --header "Content-Type:application/json" https://localhost:9443/t/tenant1.com/scim2/Users
如果我将 department 字段添加到脚本,这会创建但不会 return 当对此用户 ID 发出请求时:
curl -v -k --user admin@tenant1.com@tenant1.com:admin https://localhost:9443/t/tenant1.com/scim2/Users/44c7b532-09fe-4530-a199-cf81bff95b3a | jq .
{
"emails": [{
"type": "work",
"value": "kim_j@wso2.com"
},
{
"type": "home",
"value": "kim.jackson@gmail.com"
}
],
"addresses": [{
"type": "work",
"value": "100 Universal City Plaza\nHollywood, CA 90068 USA"
},
{
"type": "home",
"value": "456 Hollywood Blvd\nHollywood, CA 91608 USA"
}
],
"meta": {
"created": "2020-04-08T12:46:30.549Z",
"location": "https://localhost:9443/t/tenant1.com/scim2/Users/44c7b532-09fe-4530-a199-cf81bff95b3a",
"lastModified": "2020-04-08T12:46:30.549Z",
"resourceType": "User"
},
"nickName": "abc",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
],
"roles": [{
"type": "default",
"value": "Internal/everyone"
}],
"name": {
"givenName": "kim",
"familyName": "jackson"
},
"id": "44c7b532-09fe-4530-a199-cf81bff95b3a",
"userName": "kim@mail.com",
"title": "bhhhxxs",
"phoneNumbers": [{
"type": "mobile",
"value": "9999"
}]
}
我已经阅读了这个文档但没有成功:
https://is.docs.wso2.com/en/latest/develop/extensible-scim-user-schemas-with-wso2-identity-server/#extensible-scim-user-schemas-with-wso2-identity-server
https://is.docs.wso2.com/en/latest/develop/extending-scim2-user-schemas/#extending-the-scim-20-api
我的设置:wso2is 5.10
您可以在 https://github.com/wso2/docs-is/issues/1556
中找到创建具有扩展架构属性的用户的示例请求诀窍是在创建请求中如下表示扩展属性
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"department": [
"Accounting",
"Marketing and Advertising"
]
}
更新:默认情况下,urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department 不是服务器中定义的 scim2 模式中的多值属性。您可以通过编辑 IS_HOME/repository/conf/scim2-schema-extension.config 文件使其成为多值属性
使其成为多值的{
"attributeURI":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department",
"attributeName":"department",
"dataType":"string",
"multiValued":"true",
"description":"Identifies the name of a department",
"required":"false",
"caseExact":"false",
"mutability":"readWrite",
"returned":"default",
"uniqueness":"none",
"subAttributes":"null",
"canonicalValues":[],
"referenceTypes":[]
}
请注意 "multiValue" 属性是如何更新的。