feat: create user scim v2 endpoint (#9132)

# Which Problems Are Solved - Adds infrastructure code (basic implementation, error handling, middlewares, ...) to implement the SCIM v2 interface - Adds support for the user create SCIM v2 endpoint # How the Problems Are Solved - Adds support for the user create SCIM v2 endpoint under `POST /scim/v2/{orgID}/Users` # Additional Context Part of #8140
2025-08-12 07:57:32 +00:00 · 2025-01-09 12:46:36 +01:00
parent 829f4543da
commit e621224ab2
44 changed files with 2412 additions and 48 deletions
--- a/internal/api/scim/metadata/metadata.go
+++ b/internal/api/scim/metadata/metadata.go
@@ -0,0 +1,60 @@
+package metadata
+
+import (
+	"context"
+	"strings"
+)
+
+type Key string
+type ScopedKey string
+
+const (
+	externalIdProvisioningDomainPlaceholder = "{provisioningDomain}"
+
+	KeyPrefix                 = "urn:zitadel:scim:"
+	KeyProvisioningDomain Key = KeyPrefix + "provisioning_domain"
+
+	KeyExternalId               Key = KeyPrefix + "externalId"
+	keyScopedExternalIdTemplate     = KeyPrefix + externalIdProvisioningDomainPlaceholder + ":externalId"
+	KeyMiddleName               Key = KeyPrefix + "name.middleName"
+	KeyHonorificPrefix          Key = KeyPrefix + "name.honorificPrefix"
+	KeyHonorificSuffix          Key = KeyPrefix + "name.honorificSuffix"
+	KeyProfileUrl               Key = KeyPrefix + "profileURL"
+	KeyTitle                    Key = KeyPrefix + "title"
+	KeyLocale                   Key = KeyPrefix + "locale"
+	KeyTimezone                 Key = KeyPrefix + "timezone"
+	KeyIms                      Key = KeyPrefix + "ims"
+	KeyPhotos                   Key = KeyPrefix + "photos"
+	KeyAddresses                Key = KeyPrefix + "addresses"
+	KeyEntitlements             Key = KeyPrefix + "entitlements"
+	KeyRoles                    Key = KeyPrefix + "roles"
+)
+
+var ScimUserRelevantMetadataKeys = []Key{
+	KeyExternalId,
+	KeyMiddleName,
+	KeyHonorificPrefix,
+	KeyHonorificSuffix,
+	KeyProfileUrl,
+	KeyTitle,
+	KeyLocale,
+	KeyTimezone,
+	KeyIms,
+	KeyPhotos,
+	KeyAddresses,
+	KeyEntitlements,
+	KeyRoles,
+}
+
+func ScopeExternalIdKey(provisioningDomain string) ScopedKey {
+	return ScopedKey(strings.Replace(keyScopedExternalIdTemplate, externalIdProvisioningDomainPlaceholder, provisioningDomain, 1))
+}
+
+func ScopeKey(ctx context.Context, key Key) ScopedKey {
+	// only the externalID is scoped
+	if key == KeyExternalId {
+		return GetScimContextData(ctx).ExternalIDScopedMetadataKey
+	}
+
+	return ScopedKey(key)
+}