From ba174d810bf7fc09b802a968a8b837f0a951462f Mon Sep 17 00:00:00 2001 From: Jens L Date: Mon, 18 Dec 2023 16:52:34 +0100 Subject: [PATCH] providers/scim: change familyName default (#7904) * Update providers-scim.yaml Signed-off-by: Antoine * fix: add formatted to match the givenName & familyName Signed-off-by: Antoine * fix, update tests Signed-off-by: Jens Langhammer --------- Signed-off-by: Antoine Signed-off-by: Jens Langhammer Co-authored-by: Antoine --- .../providers/scim/tests/test_membership.py | 4 +-- authentik/providers/scim/tests/test_user.py | 32 +++++++++---------- blueprints/system/providers-scim.yaml | 6 ++-- 3 files changed, 22 insertions(+), 20 deletions(-) diff --git a/authentik/providers/scim/tests/test_membership.py b/authentik/providers/scim/tests/test_membership.py index f2bbc74c5..8c792d0cc 100644 --- a/authentik/providers/scim/tests/test_membership.py +++ b/authentik/providers/scim/tests/test_membership.py @@ -93,7 +93,7 @@ class SCIMMembershipTests(TestCase): "emails": [], "active": True, "externalId": user.uid, - "name": {"familyName": "", "formatted": "", "givenName": ""}, + "name": {"familyName": " ", "formatted": " ", "givenName": ""}, "displayName": "", "userName": user.username, }, @@ -184,7 +184,7 @@ class SCIMMembershipTests(TestCase): "displayName": "", "emails": [], "externalId": user.uid, - "name": {"familyName": "", "formatted": "", "givenName": ""}, + "name": {"familyName": " ", "formatted": " ", "givenName": ""}, "userName": user.username, }, ) diff --git a/authentik/providers/scim/tests/test_user.py b/authentik/providers/scim/tests/test_user.py index 36377b925..b9eb46f37 100644 --- a/authentik/providers/scim/tests/test_user.py +++ b/authentik/providers/scim/tests/test_user.py @@ -57,7 +57,7 @@ class SCIMUserTests(TestCase): uid = generate_id() user = User.objects.create( username=uid, - name=uid, + name=f"{uid} {uid}", email=f"{uid}@goauthentik.io", ) self.assertEqual(mock.call_count, 2) @@ -77,11 +77,11 @@ class SCIMUserTests(TestCase): ], "externalId": user.uid, "name": { - "familyName": "", - "formatted": uid, + "familyName": uid, + "formatted": f"{uid} {uid}", "givenName": uid, }, - "displayName": uid, + "displayName": f"{uid} {uid}", "userName": uid, }, ) @@ -110,7 +110,7 @@ class SCIMUserTests(TestCase): uid = generate_id() user = User.objects.create( username=uid, - name=uid, + name=f"{uid} {uid}", email=f"{uid}@goauthentik.io", ) self.assertEqual(mock.call_count, 2) @@ -131,11 +131,11 @@ class SCIMUserTests(TestCase): "value": f"{uid}@goauthentik.io", } ], - "displayName": uid, + "displayName": f"{uid} {uid}", "externalId": user.uid, "name": { - "familyName": "", - "formatted": uid, + "familyName": uid, + "formatted": f"{uid} {uid}", "givenName": uid, }, "userName": uid, @@ -166,7 +166,7 @@ class SCIMUserTests(TestCase): uid = generate_id() user = User.objects.create( username=uid, - name=uid, + name=f"{uid} {uid}", email=f"{uid}@goauthentik.io", ) self.assertEqual(mock.call_count, 2) @@ -186,11 +186,11 @@ class SCIMUserTests(TestCase): ], "externalId": user.uid, "name": { - "familyName": "", - "formatted": uid, + "familyName": uid, + "formatted": f"{uid} {uid}", "givenName": uid, }, - "displayName": uid, + "displayName": f"{uid} {uid}", "userName": uid, }, ) @@ -230,7 +230,7 @@ class SCIMUserTests(TestCase): ) user = User.objects.create( username=uid, - name=uid, + name=f"{uid} {uid}", email=f"{uid}@goauthentik.io", ) @@ -254,11 +254,11 @@ class SCIMUserTests(TestCase): ], "externalId": user.uid, "name": { - "familyName": "", - "formatted": uid, + "familyName": uid, + "formatted": f"{uid} {uid}", "givenName": uid, }, - "displayName": uid, + "displayName": f"{uid} {uid}", "userName": uid, }, ) diff --git a/blueprints/system/providers-scim.yaml b/blueprints/system/providers-scim.yaml index 9fdac0376..527992c43 100644 --- a/blueprints/system/providers-scim.yaml +++ b/blueprints/system/providers-scim.yaml @@ -11,13 +11,15 @@ entries: name: "authentik default SCIM Mapping: User" expression: | # Some implementations require givenName and familyName to be set - givenName, familyName = request.user.name, "" + givenName, familyName = request.user.name, " " + formatted = request.user.name + " " # This default sets givenName to the name before the first space # and the remainder as family name # if the user's name has no space the givenName is the entire name # (this might cause issues with some SCIM implementations) if " " in request.user.name: givenName, _, familyName = request.user.name.partition(" ") + formatted = request.user.name # photos supports URLs to images, however authentik might return data URIs avatar = request.user.avatar @@ -39,7 +41,7 @@ entries: return { "userName": request.user.username, "name": { - "formatted": request.user.name, + "formatted": formatted, "givenName": givenName, "familyName": familyName, },