This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/blueprints/system/providers-scim.yaml
Jens L f4b0d6e85c
providers/scim: default to None for fields instead of empty list (#5642)
* providers/scim: default to None for fields instead of empty list

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make name of delete_none_keys clearer

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-17 00:25:28 +02:00

61 lines
2 KiB
YAML

version: 1
metadata:
labels:
blueprints.goauthentik.io/system: "true"
name: System - SCIM Provider - Mappings
entries:
- identifiers:
managed: goauthentik.io/providers/scim/user
model: authentik_providers_scim.scimmapping
attrs:
name: "authentik default SCIM Mapping: User"
expression: |
# Some implementations require givenName and familyName to be set
givenName, familyName = request.user.name, ""
# This default sets givenName to the name before the first space
# and the remainder as family name
# if the user's name has no space the givenName is the entire name
# (this might cause issues with some SCIM implementations)
if " " in request.user.name:
givenName, _, familyName = request.user.name.partition(" ")
# photos supports URLs to images, however authentik might return data URIs
avatar = request.user.avatar
photos = None
if "://" in avatar:
photos = [{"value": avatar, "type": "photo"}]
locale = request.user.locale()
if locale == "":
locale = None
emails = []
if request.user.email != "":
emails = [{
"value": request.user.email,
"type": "other",
"primary": True,
}]
return {
"userName": request.user.username,
"name": {
"formatted": request.user.name,
"givenName": givenName,
"familyName": familyName,
},
"displayName": request.user.name,
"photos": photos,
"locale": locale,
"active": request.user.is_active,
"emails": emails,
}
- identifiers:
managed: goauthentik.io/providers/scim/group
model: authentik_providers_scim.scimmapping
attrs:
name: "authentik default SCIM Mapping: Group"
expression: |
return {
"displayName": group.name,
}