arietimmerman / laravel-scim-server
Laravel Package for creating a SCIM server
Installs: 120 035
Dependents: 1
Suggesters: 0
Security: 0
Stars: 52
Watchers: 10
Forks: 29
Open Issues: 2
Requires
- php: ^8.0
- illuminate/console: ^8.0|^9.0|^10.0|^11.0
- illuminate/database: ^8.0|^9.0|^10.0|^11.0
- illuminate/support: ^8.0|^9.0|^10.0|^11.0
- tmilos/scim-filter-parser: ^1.3
- tmilos/scim-schema: ^0.1.0
Requires (Dev)
- laravel/legacy-factories: *
- orchestra/testbench: ^6.0|^7.0|^8.0|^9.0
- dev-master
- v1.1.9
- v1.1.8
- v1.1.7
- v1.1.6
- v1.1.5
- v1.1.4
- v1.1.3
- v1.1.2
- v1.1.1
- v1.1
- v1.0.9
- v1.0.8
- v1.0.7
- v1.0.6
- v1.0.5
- v1.0.4
- v1.0.3
- v1.0.2
- v1.0.1
- v1.0.0
- v0.7.1
- v0.7.0
- v0.6.9
- v0.6.8
- v0.6.7
- v0.6.6
- v0.6.5
- v0.6.4
- v0.6.3
- v0.6.2
- v0.6.1
- v0.6.0
- v0.5.9
- v0.5.8
- v0.5.7
- v0.5.6
- v0.5.5
- v0.5.4
- v0.5.3
- v0.5.2
- v0.5.1
- v0.5.0
- dev-fix-type-of-name-attribute
- dev-feature/new-version-for-schema
- dev-feature/better-error-code
- dev-feature/support-for-search
- dev-feature/handling-of-attributes
- dev-feature/allow-not-returning-passwords
- dev-feature/listresponse-resourcetypes
- dev-feature/roles-attribute
- dev-feature/allow-add-for-multiple
- dev-hotfix/null-filter-fix
- dev-feature/allow-defaults
- dev-hotfix/better-null-check
- dev-hotfix/fix-no-schema-attributes-in-return
- dev-feature/improved-get-default-schema
- dev-feature/omit-null-values
- dev-feature/cursor-pagination
- dev-feature/displayName-for-groups
- dev-feature/etag-by-default
- dev-feature/new-schema
- dev-feature/use-escaped-dots-for-validation
- dev-feature/improved-events
- dev-hotfix/fixes-bulkid-support
- dev-feature/bulk-operation-support
- dev-feature/custom-schema-test
- dev-feature/definition-of-schema-in-mapping-optional
- dev-feature/option-to-omit-main-schema
- dev-feature/support-for-php-9
- dev-bugfix/fix-for-php8
- dev-feature/publish-routes-optionally
- dev-feature/fixing-pipeline
- dev-feature/updated-packages
- dev-feature/updated-testbench
- dev-feature/enable-schema-routes-by-defaults
- dev-feature/dep-updates
- dev-feature/ci-fixes
This package is auto-updated.
Last update: 2024-12-16 19:47:44 UTC
README
SCIM 2.0 Server implementation for Laravel
Add SCIM 2.0 Server capabilities with ease. Usually, no configuration is needed in order to benefit from the basic functionalities.
composer require arietimmerman/laravel-scim-server
And optionally
php artisan vendor:publish --tag=laravel-scim
The module is used by idaas.nl and by The SCIM Playground.
Routes
+----------+-----------------------------------------+
| GET|HEAD | scim/v1 |
| GET|HEAD | scim/v1/{fallbackPlaceholder} |
| POST | scim/v2/.search |
| | |
| GET|HEAD | scim/v2/ResourceTypes |
| GET|HEAD | scim/v2/ResourceTypes/{id} |
| GET|HEAD | scim/v2/Schemas |
| GET|HEAD | scim/v2/Schemas/{id} |
| GET|HEAD | scim/v2/ServiceProviderConfig |
| GET|HEAD | scim/v2/{fallbackPlaceholder} |
| | |
| GET|HEAD | scim/v2/{resourceType} |
| | |
| POST | scim/v2/{resourceType} |
| | |
| GET|HEAD | scim/v2/{resourceType}/{resourceObject} |
| | |
| PUT | scim/v2/{resourceType}/{resourceObject} |
| | |
| PATCH | scim/v2/{resourceType}/{resourceObject} |
| | |
| DELETE | scim/v2/{resourceType}/{resourceObject} |
| | |
+----------+-----------------------------------------+
Configuration
The configuration is retrieved from SCIMConfig::class
.
Extend this class and register your extension in app/Providers/AppServiceProvider.php
like this.
$this->app->singleton('ArieTimmerman\Laravel\SCIMServer\SCIMConfig', YourCustomSCIMConfig::class);
An example override
Here's one way to override the default configuration without copying too much of the SCIMConfig file into your app.
<?php class YourCustomSCIMConfig extends \ArieTimmerman\Laravel\SCIMServer\SCIMConfig { public function getUserConfig() { $config = parent::getUserConfig(); // Modify the $config variable however you need... return $config; } }
Security & App Integration
By default, this package does no security checks on its own. This can be dangerous, in that a functioning SCIM Server can view, add, update, delete, or list users. You are welcome to implement your own security checks at the middleware layer, or somehow/somewhere else that makes sense for your application. But make sure to do something.
If you want to integrate into already existing middleware, you'll want to take the following steps -
Turn off automatic publishing of routes
Modify config/scim.php
like this:
<?php return [ "publish_routes" => false ];
Next, explicitly publish your routes with your choice of middleware
In either your RouteServiceProvider, or in a particular route file, add the following:
use ArieTimmerman\Laravel\SCIMServer\RouteProvider as SCIMServerRouteProvider; SCIMServerRouteProvider::publicRoutes(); // Make sure to add public routes *first* Route::middleware('auth:api')->group(function () { // or any other middleware you choose SCIMServerRouteProvider::routes( [ 'public_routes' => false // but do not hide public routes (metadata) behind authentication ] ); SCIMServerRouteProvider::meRoutes(); });
Test server
docker-compose up
Now visit http://localhost:18123/scim/v2/Users
.